Title: [163653] tags/Safari-538.16.3/Source/_javascript_Core
Diff
Modified: tags/Safari-538.16.3/Source/_javascript_Core/ChangeLog (163652 => 163653)
--- tags/Safari-538.16.3/Source/_javascript_Core/ChangeLog 2014-02-07 23:01:28 UTC (rev 163652)
+++ tags/Safari-538.16.3/Source/_javascript_Core/ChangeLog 2014-02-07 23:02:49 UTC (rev 163653)
@@ -1,3 +1,21 @@
+2014-02-07 Lucas Forschler <[email protected]>
+
+ Merge r163342
+
+ 2014-02-03 Michael Saboff <[email protected]>
+
+ REGRESSION (r163011-r163031): Web Inspector: Latest nightly crashes when showing the Web Inspector
+ https://bugs.webkit.org/show_bug.cgi?id=127901
+
+ Reviewed by Geoffrey Garen.
+
+ Set VM::topCallFrame before making calls to possible C++ code in
+ generateProtoChainAccessStub() and tryBuildGetByIDList().
+
+ * jit/Repatch.cpp:
+ (JSC::generateProtoChainAccessStub):
+ (JSC::tryBuildGetByIDList):
+
2014-02-06 Lucas Forschler <[email protected]>
Merge r163595
Modified: tags/Safari-538.16.3/Source/_javascript_Core/jit/Repatch.cpp (163652 => 163653)
--- tags/Safari-538.16.3/Source/_javascript_Core/jit/Repatch.cpp 2014-02-07 23:01:28 UTC (rev 163652)
+++ tags/Safari-538.16.3/Source/_javascript_Core/jit/Repatch.cpp 2014-02-07 23:02:49 UTC (rev 163653)
@@ -321,6 +321,7 @@
// right now!
stubJit.store32(MacroAssembler::TrustedImm32(exec->locationAsRawBits()),
CCallHelpers::tagFor(static_cast<VirtualRegister>(JSStack::ArgumentCount)));
+ stubJit.storePtr(GPRInfo::callFrameRegister, &vm->topCallFrame);
operationCall = stubJit.call();
#if USE(JSVALUE64)
@@ -634,6 +635,7 @@
stubJit.store32(
MacroAssembler::TrustedImm32(exec->locationAsRawBits()),
CCallHelpers::tagFor(static_cast<VirtualRegister>(JSStack::ArgumentCount)));
+ stubJit.storePtr(GPRInfo::callFrameRegister, &vm->topCallFrame);
operationCall = stubJit.call();
#if USE(JSVALUE64)
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
