Title: [164397] trunk/Source/_javascript_Core
- Revision
- 164397
- Author
- [email protected]
- Date
- 2014-02-19 15:41:21 -0800 (Wed, 19 Feb 2014)
Log Message
Need to align sp before calling operationLoadVarargs on 32-bit platforms.
<https://webkit.org/b/129056>
Reviewed by Michael Saboff.
In JIT::compileLoadVarargs(), we'll call operationSizeFrameForVarargs()
to compute the amount of stack space we need for the varargs, adjust the
stack pointer to make room for those varargs, and then call
operationLoadVarargs() to fill in the varargs. Currently, the stack
pointer adjustment takes care of allocating space for the varargs, but
does not align the stack pointer for the call to operationLoadVarargs().
The fix is to align the stack pointer there.
Note: The stack pointer adjustment is based on the new CallFrame pointer
value returned by operationSizeFrameForVarargs(). On 64-bit platforms,
both the stack pointer and call frame pointer are similarly aligned
(i.e. low nibbles are 0). Hence, no additional adjustment is needed.
Only the 32-bit code needs the fix.
Note: The LLINT also works this way i.e. aligns the stack pointer before
calling llint_slow_path_call_varargs().
* jit/JITCall32_64.cpp:
(JSC::JIT::compileLoadVarargs):
Modified Paths
Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (164396 => 164397)
--- trunk/Source/_javascript_Core/ChangeLog 2014-02-19 23:31:26 UTC (rev 164396)
+++ trunk/Source/_javascript_Core/ChangeLog 2014-02-19 23:41:21 UTC (rev 164397)
@@ -1,3 +1,30 @@
+2014-02-19 Mark Lam <[email protected]>
+
+ Need to align sp before calling operationLoadVarargs on 32-bit platforms.
+ <https://webkit.org/b/129056>
+
+ Reviewed by Michael Saboff.
+
+ In JIT::compileLoadVarargs(), we'll call operationSizeFrameForVarargs()
+ to compute the amount of stack space we need for the varargs, adjust the
+ stack pointer to make room for those varargs, and then call
+ operationLoadVarargs() to fill in the varargs. Currently, the stack
+ pointer adjustment takes care of allocating space for the varargs, but
+ does not align the stack pointer for the call to operationLoadVarargs().
+ The fix is to align the stack pointer there.
+
+ Note: The stack pointer adjustment is based on the new CallFrame pointer
+ value returned by operationSizeFrameForVarargs(). On 64-bit platforms,
+ both the stack pointer and call frame pointer are similarly aligned
+ (i.e. low nibbles are 0). Hence, no additional adjustment is needed.
+ Only the 32-bit code needs the fix.
+
+ Note: The LLINT also works this way i.e. aligns the stack pointer before
+ calling llint_slow_path_call_varargs().
+
+ * jit/JITCall32_64.cpp:
+ (JSC::JIT::compileLoadVarargs):
+
2014-02-19 Sam Weinig <[email protected]>
[JS] Convert Promise.prototype.catch to be a built-in
Modified: trunk/Source/_javascript_Core/jit/JITCall32_64.cpp (164396 => 164397)
--- trunk/Source/_javascript_Core/jit/JITCall32_64.cpp 2014-02-19 23:31:26 UTC (rev 164396)
+++ trunk/Source/_javascript_Core/jit/JITCall32_64.cpp 2014-02-19 23:41:21 UTC (rev 164397)
@@ -186,7 +186,7 @@
emitLoad(arguments, regT1, regT0);
callOperation(operationSizeFrameForVarargs, regT1, regT0, firstFreeRegister);
- move(returnValueGPR, stackPointerRegister);
+ addPtr(TrustedImm32(-sizeof(CallerFrameAndPC)), returnValueGPR, stackPointerRegister);
emitLoad(thisValue, regT1, regT4);
emitLoad(arguments, regT3, regT2);
callOperation(operationLoadVarargs, returnValueGPR, regT1, regT4, regT3, regT2);
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
