diff options
| author | Julien Brianceau <jbriance@cisco.com> | 2014-10-22 18:25:24 +0200 |
|---|---|---|
| committer | Julien Brianceau <jbriance@cisco.com> | 2015-02-09 16:44:51 +0000 |
| commit | 3a3681158677f319bce88eee75d2696b8231eb1f (patch) | |
| tree | 98294cfea2127dd9649f8d901780f8807366179e /Source/JavaScriptCore/yarr/YarrJIT.cpp | |
| parent | ce4edc79a8cf0114e7306f0e577b34555d381221 (diff) | |
| download | qtwebkit-3a3681158677f319bce88eee75d2696b8231eb1f.tar.gz | |
Fix lots of crashes because of 4th argument register trampling.
https://bugs.webkit.org/show_bug.cgi?id=123421
Reviewed by Michael Saboff.
r3 register is the 4th argument register for ARM and also a scratch
register in the baseline JIT for this architecture. We can use r6
instead, as this used to be the timeoutCheckRegister and it is no
longer used since r148119.
* assembler/ARMAssembler.h: Temp register is now r6 instead of r3 for ARM.
* assembler/MacroAssemblerARMv7.h: Temp register is now r6 instead of r3 for ARMv7.
* dfg/DFGGPRInfo.h: Add r3 properly in GPRInfo for ARM.
* jit/JITStubs.cpp: Remove obsolete timeoutCheckRegister init.
* yarr/YarrJIT.cpp: Use r3 and not the new scratch register r6 and r8 register
doesn't need to be saved.
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@158208 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Change-Id: I5198a158e5e69d4e3a05b353abb60f28c0ab095e
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@theqtcompany.com>
Diffstat (limited to 'Source/JavaScriptCore/yarr/YarrJIT.cpp')
| -rw-r--r-- | Source/JavaScriptCore/yarr/YarrJIT.cpp | 14 |
1 files changed, 3 insertions, 11 deletions
diff --git a/Source/JavaScriptCore/yarr/YarrJIT.cpp b/Source/JavaScriptCore/yarr/YarrJIT.cpp index 1b2b03131..d337cf797 100644 --- a/Source/JavaScriptCore/yarr/YarrJIT.cpp +++ b/Source/JavaScriptCore/yarr/YarrJIT.cpp @@ -46,10 +46,10 @@ class YarrGenerator : private MacroAssembler { static const RegisterID input = ARMRegisters::r0; static const RegisterID index = ARMRegisters::r1; static const RegisterID length = ARMRegisters::r2; - static const RegisterID output = ARMRegisters::r4; + static const RegisterID output = ARMRegisters::r3; - static const RegisterID regT0 = ARMRegisters::r5; - static const RegisterID regT1 = ARMRegisters::r6; + static const RegisterID regT0 = ARMRegisters::r4; + static const RegisterID regT1 = ARMRegisters::r5; static const RegisterID returnRegister = ARMRegisters::r0; static const RegisterID returnRegister2 = ARMRegisters::r1; @@ -2553,11 +2553,6 @@ class YarrGenerator : private MacroAssembler { push(ARMRegisters::r4); push(ARMRegisters::r5); push(ARMRegisters::r6); -#if CPU(ARM_TRADITIONAL) - push(ARMRegisters::r8); // scratch register -#endif - if (compileMode == IncludeSubpatterns) - move(ARMRegisters::r3, output); #elif CPU(SH4) push(SH4Registers::r11); push(SH4Registers::r13); @@ -2583,9 +2578,6 @@ class YarrGenerator : private MacroAssembler { pop(X86Registers::ebx); pop(X86Registers::ebp); #elif CPU(ARM) -#if CPU(ARM_TRADITIONAL) - pop(ARMRegisters::r8); // scratch register -#endif pop(ARMRegisters::r6); pop(ARMRegisters::r5); pop(ARMRegisters::r4); |