Title: [161407] branches/jsCStack/Source/_javascript_Core
- Revision
- 161407
- Author
- [email protected]
- Date
- 2014-01-06 22:09:59 -0800 (Mon, 06 Jan 2014)
Log Message
CStack Branch: ARM64 Crash in llint_function_for_call_arity_check running 3d-raytrace.js
https://bugs.webkit.org/show_bug.cgi?id=126557
Reviewed by Geoffrey Garen.
We were crashing due the to definition of t5 in the offline assembler not
matching the definition of regT5 in GPRInfo.h. The crash was due to passing
the stub return address to the fixup thunk in regT5, but it contained garbage.
I changed the definitions of t4, t5 and t6 in the ARM64 back end of the offline
assembler to match GPRInfo.h.
* offlineasm/arm64.rb:
Modified Paths
Diff
Modified: branches/jsCStack/Source/_javascript_Core/ChangeLog (161406 => 161407)
--- branches/jsCStack/Source/_javascript_Core/ChangeLog 2014-01-07 06:09:35 UTC (rev 161406)
+++ branches/jsCStack/Source/_javascript_Core/ChangeLog 2014-01-07 06:09:59 UTC (rev 161407)
@@ -1,5 +1,20 @@
2014-01-06 Michael Saboff <[email protected]>
+ CStack Branch: ARM64 Crash in llint_function_for_call_arity_check running 3d-raytrace.js
+ https://bugs.webkit.org/show_bug.cgi?id=126557
+
+ Reviewed by Geoffrey Garen.
+
+ We were crashing due the to definition of t5 in the offline assembler not
+ matching the definition of regT5 in GPRInfo.h. The crash was due to passing
+ the stub return address to the fixup thunk in regT5, but it contained garbage.
+ I changed the definitions of t4, t5 and t6 in the ARM64 back end of the offline
+ assembler to match GPRInfo.h.
+
+ * offlineasm/arm64.rb:
+
+2014-01-06 Michael Saboff <[email protected]>
+
CStack Branch: Fix nativeForGenerator() for non-X86 platforms
https://bugs.webkit.org/show_bug.cgi?id=126551
Modified: branches/jsCStack/Source/_javascript_Core/offlineasm/arm64.rb (161406 => 161407)
--- branches/jsCStack/Source/_javascript_Core/offlineasm/arm64.rb 2014-01-07 06:09:35 UTC (rev 161406)
+++ branches/jsCStack/Source/_javascript_Core/offlineasm/arm64.rb 2014-01-07 06:09:59 UTC (rev 161407)
@@ -40,14 +40,14 @@
# x1 => t1, a1, r1
# x2 => t2, a2
# x3 => a3
+# x5 => t5
+# x6 => t6
# x9 => (nonArgGPR1 in baseline)
-# x10 => t4 (unused in baseline)
-# x11 => t5 (unused in baseline)
-# x12 => t6 (unused in baseline)
# x13 => scratch (unused in baseline)
# x16 => scratch
# x17 => scratch
# x23 => t3
+# x24 => t4
# x27 => csr1 (tagTypeNumber)
# x28 => csr2 (tagMask)
# x29 => cfr
@@ -113,11 +113,11 @@
when 't3'
arm64GPRName('x23', kind)
when 't4'
- arm64GPRName('x10', kind)
+ arm64GPRName('x24', kind)
when 't5'
- arm64GPRName('x11', kind)
+ arm64GPRName('x5', kind)
when 't6'
- arm64GPRName('x12', kind)
+ arm64GPRName('x6', kind)
when 'cfr'
arm64GPRName('x29', kind)
when 'csr1'
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
