[webkit-changes] [118239] trunk/Source/JavaScriptCore

Wed, 23 May 2012 13:50:34 -0700

Title: [118239] trunk/Source/_javascript_Core
Revision
118239
Author
[email protected]
Date
2012-05-23 13:51:21 -0700 (Wed, 23 May 2012)

Log Message

Every OSR exit on ARM results in a crash
https://bugs.webkit.org/show_bug.cgi?id=87307

Reviewed by Geoffrey Garen.

* dfg/DFGThunks.cpp:
(JSC::DFG::osrExitGenerationThunkGenerator):

Modified Paths

Diff

Modified: trunk/Source/_javascript_Core/ChangeLog (118238 => 118239)


--- trunk/Source/_javascript_Core/ChangeLog	2012-05-23 20:47:46 UTC (rev 118238)
+++ trunk/Source/_javascript_Core/ChangeLog	2012-05-23 20:51:21 UTC (rev 118239)
@@ -1,3 +1,13 @@
+2012-05-23  Filip Pizlo  <[email protected]>
+
+        Every OSR exit on ARM results in a crash
+        https://bugs.webkit.org/show_bug.cgi?id=87307
+
+        Reviewed by Geoffrey Garen.
+
+        * dfg/DFGThunks.cpp:
+        (JSC::DFG::osrExitGenerationThunkGenerator):
+
 2012-05-23  Geoffrey Garen  <[email protected]>
 
         Refactored heap tear-down to use normal value semantics (i.e., destructors)

Modified: trunk/Source/_javascript_Core/dfg/DFGThunks.cpp (118238 => 118239)


--- trunk/Source/_javascript_Core/dfg/DFGThunks.cpp	2012-05-23 20:47:46 UTC (rev 118238)
+++ trunk/Source/_javascript_Core/dfg/DFGThunks.cpp	2012-05-23 20:51:21 UTC (rev 118239)
@@ -50,6 +50,10 @@
         jit.storeDouble(FPRInfo::toRegister(i), GPRInfo::regT0);
     }
     
+    // Tell GC mark phase how much of the scratch buffer is active during call.
+    jit.move(MacroAssembler::TrustedImmPtr(scratchBuffer->activeLengthPtr()), GPRInfo::regT0);
+    jit.storePtr(MacroAssembler::TrustedImmPtr(scratchSize), GPRInfo::regT0);
+
     // Set up one argument.
 #if CPU(X86)
     jit.poke(GPRInfo::callFrameRegister, 0);
@@ -57,10 +61,6 @@
     jit.move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
 #endif
 
-    // Tell GC mark phase how much of the scratch buffer is active during call.
-    jit.move(MacroAssembler::TrustedImmPtr(scratchBuffer->activeLengthPtr()), GPRInfo::regT0);
-    jit.storePtr(MacroAssembler::TrustedImmPtr(scratchSize), GPRInfo::regT0);
-
     MacroAssembler::Call functionCall = jit.call();
 
     jit.move(MacroAssembler::TrustedImmPtr(scratchBuffer->activeLengthPtr()), GPRInfo::regT0);

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes

Reply via email to