Skip to site navigation (Press enter)

[webkit-changes] [180739] releases/WebKitGTK/webkit-2.8/Source/JavaScriptCore

carlosgc Fri, 27 Feb 2015 04:15:30 -0800

Title: [180739] releases/WebKitGTK/webkit-2.8/Source/_javascript_Core

Revision: 180739
Author: [email protected]
Date: 2015-02-27 04:09:34 -0800 (Fri, 27 Feb 2015)

Log Message

Merge r180248 - Unreviewed, rolling out r180184.
https://bugs.webkit.org/show_bug.cgi?id=141733


Caused infinite recursion on js/function-apply-aliased.html
(Requested by ap_ on #webkit).

Reverted changeset:

"REGRESSION(r180060): C Loop crashes"
https://bugs.webkit.org/show_bug.cgi?id=141671
http://trac.webkit.org/changeset/180184

Unreviewed, Restoring the C LOOP insta-crash fix in r180184.

Fixed a typo that only affected the C Loop in the prologue() macro in LowLevelInterpreter.asm.
After the stackHeightOKGetCodeBlock label, codeBlockSetter(t1) should be codeBlockGetter(t1).

* llint/LowLevelInterpreter.asm: Fixed a typo.

Modified Paths

releases/WebKitGTK/webkit-2.8/Source/_javascript_Core/ChangeLog
releases/WebKitGTK/webkit-2.8/Source/_javascript_Core/llint/LLIntSlowPaths.cpp

Diff

Modified: releases/WebKitGTK/webkit-2.8/Source/_javascript_Core/ChangeLog (180738 => 180739)


--- releases/WebKitGTK/webkit-2.8/Source/_javascript_Core/ChangeLog	2015-02-27 12:03:41 UTC (rev 180738)
+++ releases/WebKitGTK/webkit-2.8/Source/_javascript_Core/ChangeLog	2015-02-27 12:09:34 UTC (rev 180739)
@@ -1,3 +1,26 @@
+2015-02-17  Michael Saboff  <[email protected]>
+
+        Unreviewed, Restoring the C LOOP insta-crash fix in r180184.
+
+        Fixed a typo that only affected the C Loop in the prologue() macro in LowLevelInterpreter.asm.
+        After the stackHeightOKGetCodeBlock label, codeBlockSetter(t1) should be codeBlockGetter(t1).
+
+        * llint/LowLevelInterpreter.asm: Fixed a typo.
+
+2015-02-17  Commit Queue  <[email protected]>
+
+        Unreviewed, rolling out r180184.
+        https://bugs.webkit.org/show_bug.cgi?id=141733
+
+        Caused infinite recursion on js/function-apply-aliased.html
+        (Requested by ap_ on #webkit).
+
+        Reverted changeset:
+
+        "REGRESSION(r180060): C Loop crashes"
+        https://bugs.webkit.org/show_bug.cgi?id=141671
+        http://trac.webkit.org/changeset/180184
+
 2015-02-17  Filip Pizlo  <[email protected]>
 
         StackLayoutPhase should use CodeBlock::usesArguments rather than FunctionExecutable::usesArguments

Modified: releases/WebKitGTK/webkit-2.8/Source/_javascript_Core/llint/LLIntSlowPaths.cpp (180738 => 180739)


--- releases/WebKitGTK/webkit-2.8/Source/_javascript_Core/llint/LLIntSlowPaths.cpp	2015-02-27 12:03:41 UTC (rev 180738)
+++ releases/WebKitGTK/webkit-2.8/Source/_javascript_Core/llint/LLIntSlowPaths.cpp	2015-02-27 12:09:34 UTC (rev 180739)
@@ -490,6 +490,7 @@
         LLINT_RETURN_TWO(pc, 0);
 #endif
 
+    exec = exec->callerFrame(vm.topVMEntryFrame);
     vm.topCallFrame = exec;
     ErrorHandlingScope errorScope(vm);
     CommonSlowPaths::interpreterThrowInCaller(exec, createStackOverflowError(exec));

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes