Modified: trunk/Source/_javascript_Core/ChangeLog (158924 => 158925)
--- trunk/Source/_javascript_Core/ChangeLog 2013-11-08 18:03:49 UTC (rev 158924)
+++ trunk/Source/_javascript_Core/ChangeLog 2013-11-08 18:24:32 UTC (rev 158925)
@@ -1,3 +1,15 @@
+2013-11-08 Julien Brianceau <jbria...@cisco.com>
+
+ REGRESSION(r158883): Fix crashes for MIPS architecture.
+ https://bugs.webkit.org/show_bug.cgi?id=124044
+
+ Reviewed by Michael Saboff.
+
+ * jit/JITOperations.cpp: Frame pointer register is fp instead of s0 since r158883 for MIPS.
+ * jit/ThunkGenerators.cpp: Save and restore the new frame pointer register.
+ (JSC::returnFromJavaScript):
+ (JSC::callToJavaScript):
+
2013-11-08 pe...@outlook.com <pe...@outlook.com>
[Win] _javascript_ crash in getHostCallReturnValue.
Modified: trunk/Source/_javascript_Core/jit/JITOperations.cpp (158924 => 158925)
--- trunk/Source/_javascript_Core/jit/JITOperations.cpp 2013-11-08 18:03:49 UTC (rev 158924)
+++ trunk/Source/_javascript_Core/jit/JITOperations.cpp 2013-11-08 18:24:32 UTC (rev 158925)
@@ -1778,8 +1778,8 @@
HIDE_SYMBOL(getHostCallReturnValue) "\n"
SYMBOL_STRING(getHostCallReturnValue) ":" "\n"
LOAD_FUNCTION_TO_T9(getHostCallReturnValueWithExecState)
- "lw $s0, 0($s0)" "\n" // CallerFrameAndPC::callerFrame
- "move $a0, $s0" "\n"
+ "lw $fp, 0($fp)" "\n" // CallerFrameAndPC::callerFrame
+ "move $a0, $fp" "\n"
"b " LOCAL_REFERENCE(getHostCallReturnValueWithExecState) "\n"
);
Modified: trunk/Source/_javascript_Core/jit/ThunkGenerators.cpp (158924 => 158925)
--- trunk/Source/_javascript_Core/jit/ThunkGenerators.cpp 2013-11-08 18:03:49 UTC (rev 158924)
+++ trunk/Source/_javascript_Core/jit/ThunkGenerators.cpp 2013-11-08 18:24:32 UTC (rev 158925)
@@ -145,6 +145,7 @@
# define PRESERVED_S3_OFFSET 76
# define PRESERVED_S4_OFFSET 80
# define PRESERVED_RETURN_ADDRESS_OFFSET 84
+# define PRESERVED_FP_OFFSET 88
# define STACK_LENGTH 112
jit.loadPtr(CCallHelpers::Address(MIPSRegisters::sp, PRESERVED_S0_OFFSET), MIPSRegisters::s0);
@@ -153,6 +154,7 @@
jit.loadPtr(CCallHelpers::Address(MIPSRegisters::sp, PRESERVED_S3_OFFSET), MIPSRegisters::s3);
jit.loadPtr(CCallHelpers::Address(MIPSRegisters::sp, PRESERVED_S4_OFFSET), MIPSRegisters::s4);
jit.loadPtr(CCallHelpers::Address(MIPSRegisters::sp, PRESERVED_RETURN_ADDRESS_OFFSET), MIPSRegisters::ra);
+ jit.loadPtr(CCallHelpers::Address(MIPSRegisters::sp, PRESERVED_FP_OFFSET), MIPSRegisters::fp);
jit.addPtr(CCallHelpers::TrustedImm32(STACK_LENGTH), MIPSRegisters::sp);
#elif CPU(SH4)
# define EXTRA_STACK_SIZE 20
@@ -260,6 +262,7 @@
# define PREVIOUS_CALLFRAME_REG GPRInfo::nonArgGPR0
#elif CPU(MIPS)
jit.subPtr(CCallHelpers::TrustedImm32(STACK_LENGTH), MIPSRegisters::sp);
+ jit.storePtr(MIPSRegisters::fp, CCallHelpers::Address(MIPSRegisters::sp, PRESERVED_FP_OFFSET));
jit.storePtr(MIPSRegisters::ra, CCallHelpers::Address(MIPSRegisters::sp, PRESERVED_RETURN_ADDRESS_OFFSET));
jit.storePtr(MIPSRegisters::s4, CCallHelpers::Address(MIPSRegisters::sp, PRESERVED_S4_OFFSET));
jit.storePtr(MIPSRegisters::s3, CCallHelpers::Address(MIPSRegisters::sp, PRESERVED_S3_OFFSET));
