Title: [159290] trunk/Source/_javascript_Core
- Revision
- 159290
- Author
- [email protected]
- Date
- 2013-11-14 10:13:17 -0800 (Thu, 14 Nov 2013)
Log Message
REGRESSION (r159276): rbp register overwritten in Win 64 version of callToJavascript stub
https://bugs.webkit.org/show_bug.cgi?id=124361
Reviewed by Oliver Hunt.
Swapped operand ordering to: mov rax, rbp
* jit/JITStubsMSVC64.asm:
Modified Paths
Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (159289 => 159290)
--- trunk/Source/_javascript_Core/ChangeLog 2013-11-14 17:45:37 UTC (rev 159289)
+++ trunk/Source/_javascript_Core/ChangeLog 2013-11-14 18:13:17 UTC (rev 159290)
@@ -1,3 +1,14 @@
+2013-11-14 Michael Saboff <[email protected]>
+
+ REGRESSION (r159276): rbp register overwritten in Win 64 version of callToJavascript stub
+ https://bugs.webkit.org/show_bug.cgi?id=124361
+
+ Reviewed by Oliver Hunt.
+
+ Swapped operand ordering to: mov rax, rbp
+
+ * jit/JITStubsMSVC64.asm:
+
2013-11-14 Julien Brianceau <[email protected]>
REGRESSION (r159276): Fix lots of crashes for sh4 architecture.
Modified: trunk/Source/_javascript_Core/jit/JITStubsMSVC64.asm (159289 => 159290)
--- trunk/Source/_javascript_Core/jit/JITStubsMSVC64.asm 2013-11-14 17:45:37 UTC (rev 159289)
+++ trunk/Source/_javascript_Core/jit/JITStubsMSVC64.asm 2013-11-14 18:13:17 UTC (rev 159290)
@@ -33,7 +33,7 @@
callToJavaScript PROC
push rbp
- mov rbp, rax ; Save previous frame pointer
+ mov rax, rbp ; Save previous frame pointer
mov rbp, rsp
push r12
push r13
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
