[SCM] WebKit Debian packaging branch, webkit-1.1, updated. upstream/1.1.15.1-1414-gc69ee75

barraclough at apple.com barraclough at apple.com
Thu Oct 29 20:41:41 UTC 2009 

The following commit has been merged in the webkit-1.1 branch:
commit 597a1d3006745f287ae2aba32edd7d3e353ed0d7
Author: barraclough at apple.com <barraclough at apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date:   Thu Oct 8 09:18:21 2009 +0000

    Fix for JIT'ed op_call instructions (evals, constructs, etc.)
    when !ENABLE(JIT_OPTIMIZE_CALL) && USE(JSVALUE32_64)
    
    Patch by Zoltan Herczeg <zherczeg at inf.u-szeged.hu> on 2009-10-08
    Reviewed by Gavin Barraclough.
    
    https://bugs.webkit.org/show_bug.cgi?id=30201
    
    * jit/JITCall.cpp:
    (JSC::JIT::compileOpCall):
    
    
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@49293 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/JavaScriptCore/ChangeLog b/JavaScriptCore/ChangeLog
index cbda649..7cf56bd 100644
--- a/JavaScriptCore/ChangeLog
+++ b/JavaScriptCore/ChangeLog
@@ -1,3 +1,15 @@
+2009-10-08  Zoltan Herczeg  <zherczeg at inf.u-szeged.hu>
+
+        Reviewed by Gavin Barraclough.
+
+        Fix for JIT'ed op_call instructions (evals, constructs, etc.)
+        when !ENABLE(JIT_OPTIMIZE_CALL) && USE(JSVALUE32_64)
+
+        https://bugs.webkit.org/show_bug.cgi?id=30201
+
+        * jit/JITCall.cpp:
+        (JSC::JIT::compileOpCall):
+
 2009-10-07  Geoffrey Garen  <ggaren at apple.com>
 
         Windows build fix: removed no longer exported symbol.
diff --git a/JavaScriptCore/jit/JITCall.cpp b/JavaScriptCore/jit/JITCall.cpp
index 0523882..cfaa69f 100644
--- a/JavaScriptCore/jit/JITCall.cpp
+++ b/JavaScriptCore/jit/JITCall.cpp
@@ -243,10 +243,10 @@ void JIT::compileOpCall(OpcodeID opcodeID, Instruction* instruction, unsigned)
         stubCall.addArgument(JIT::Imm32(registerOffset));
         stubCall.addArgument(JIT::Imm32(argCount));
         stubCall.call();
-        wasEval = branch32(Equal, regT1, Imm32(JSValue::EmptyValueTag));
+        wasEval = branch32(NotEqual, regT1, Imm32(JSValue::EmptyValueTag));
     }
 
-    emitLoad(callee, regT1, regT2);
+    emitLoad(callee, regT1, regT0);
 
     if (opcodeID == op_call)
         compileOpCallSetupArgs(instruction);
@@ -254,12 +254,12 @@ void JIT::compileOpCall(OpcodeID opcodeID, Instruction* instruction, unsigned)
         compileOpConstructSetupArgs(instruction);
 
     emitJumpSlowCaseIfNotJSCell(callee, regT1);
-    addSlowCase(branchPtr(NotEqual, Address(regT2), ImmPtr(m_globalData->jsFunctionVPtr)));
+    addSlowCase(branchPtr(NotEqual, Address(regT0), ImmPtr(m_globalData->jsFunctionVPtr)));
 
     // First, in the case of a construct, allocate the new object.
     if (opcodeID == op_construct) {
         JITStubCall(this, cti_op_construct_JSConstruct).call(registerOffset - RegisterFile::CallFrameHeaderSize - argCount);
-        emitLoad(callee, regT1, regT2);
+        emitLoad(callee, regT1, regT0);
     }
 
     // Speculatively roll the callframe, assuming argCount will match the arity.
@@ -272,7 +272,7 @@ void JIT::compileOpCall(OpcodeID opcodeID, Instruction* instruction, unsigned)
     if (opcodeID == op_call_eval)
         wasEval.link(this);
 
-    emitStore(dst, regT1, regT0);;
+    emitStore(dst, regT1, regT0);
 
     sampleCodeBlock(m_codeBlock);
 }

-- 
WebKit Debian packaging

More information about the Pkg-webkit-commits mailing list