From bb5c794c91298a3dfc0acf4a2299bf74b52f3eaa Mon Sep 17 00:00:00 2001
From: "commit-queue@webkit.org"
 <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Fri, 13 Sep 2013 07:34:14 +0000
Subject: Fixed crash in V8 benchmark suite in ARM,softp,EABI environment.

https://bugs.webkit.org/show_bug.cgi?id=117281

Patch by Youngho Yoo <youngho33.yoo@lge.com> on 2013-09-13
Reviewed by Michael Saboff.

Fix the missing EABI_32BIT_DUMMY_ARG in FPRReg using callOperation function.

Change-Id: I77e7e7a37ada9d33574949220d109e8b5f2392b2
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155675 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com>
---
 Source/JavaScriptCore/dfg/DFGCCallHelpers.h   | 44 +++++++++++++++++++++++----
 Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h | 20 +++++++-----
 2 files changed, 51 insertions(+), 13 deletions(-)

(limited to 'Source/JavaScriptCore/dfg')

diff --git a/Source/JavaScriptCore/dfg/DFGCCallHelpers.h b/Source/JavaScriptCore/dfg/DFGCCallHelpers.h
index ab33677ba..caf7a91d4 100644
--- a/Source/JavaScriptCore/dfg/DFGCCallHelpers.h
+++ b/Source/JavaScriptCore/dfg/DFGCCallHelpers.h
@@ -489,6 +489,12 @@ public:
             swap(GPRInfo::argumentGPR2, GPRInfo::argumentGPR3);
     }
 
+#if CPU(MIPS)
+#define POKE_ARGUMENT_OFFSET 4
+#else
+#define POKE_ARGUMENT_OFFSET 0
+#endif
+
 #if CPU(X86_64)
     ALWAYS_INLINE void setupArguments(FPRReg arg1)
     {
@@ -549,6 +555,20 @@ public:
         setupStubArguments(arg1, arg2);
         move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
     }
+
+    ALWAYS_INLINE void setupArgumentsWithExecState(TrustedImm32, FPRReg arg2, GPRReg arg3)
+    {
+        moveDouble(arg2, FPRInfo::argumentFPR0);
+        move(arg3, GPRInfo::argumentGPR1);
+        move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
+    }
+
+    ALWAYS_INLINE void setupArgumentsWithExecState(TrustedImm32, GPRReg arg2, GPRReg arg3, FPRReg arg4)
+    {
+        moveDouble(arg4, FPRInfo::argumentFPR0);
+        setupStubArguments(arg2, arg3);
+        move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
+    }
 #else
     ALWAYS_INLINE void setupArguments(FPRReg arg1)
     {
@@ -575,6 +595,24 @@ public:
         assembler().vmov(GPRInfo::argumentGPR3, GPRInfo::nonArgGPR0, arg3);
         poke(GPRInfo::nonArgGPR0);
     }
+
+    ALWAYS_INLINE void setupArgumentsWithExecState(TrustedImm32 arg1, FPRReg arg2, GPRReg arg3)
+    {
+        poke(arg3, POKE_ARGUMENT_OFFSET);
+        move(arg1, GPRInfo::argumentGPR1);
+        assembler().vmov(GPRInfo::argumentGPR2, GPRInfo::argumentGPR3, arg2);
+        move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
+    }
+
+    ALWAYS_INLINE void setupArgumentsWithExecState(GPRReg arg1, GPRReg arg2, TrustedImm32 arg3, FPRReg arg4)
+    {
+        setupStubArguments(arg1, arg2);
+        move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
+        move(arg3, GPRInfo::argumentGPR3);
+        assembler().vmov(GPRInfo::nonArgGPR0, GPRInfo::nonArgGPR1, arg4);
+        poke(GPRInfo::nonArgGPR0, POKE_ARGUMENT_OFFSET);
+        poke(GPRInfo::nonArgGPR1, POKE_ARGUMENT_OFFSET + 1);
+    }
 #endif // CPU(ARM_HARDFP)
 #elif CPU(MIPS)
     ALWAYS_INLINE void setupArguments(FPRReg arg1)
@@ -868,12 +906,6 @@ public:
     // exactly 4 argument registers, e.g. ARMv7.
 #if NUMBER_OF_ARGUMENT_REGISTERS == 4
 
-#if CPU(MIPS)
-#define POKE_ARGUMENT_OFFSET 4
-#else
-#define POKE_ARGUMENT_OFFSET 0
-#endif
-
     ALWAYS_INLINE void setupArgumentsWithExecState(GPRReg arg1, GPRReg arg2, GPRReg arg3, GPRReg arg4)
     {
         poke(arg4, POKE_ARGUMENT_OFFSET);
diff --git a/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h b/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h
index f4e80996e..648b6951f 100644
--- a/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h
+++ b/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h
@@ -1033,12 +1033,6 @@ public:
         return appendCallWithExceptionCheck(operation);
     }
 
-    JITCompiler::Call callOperation(V_DFGOperation_EOZD operation, GPRReg arg1, GPRReg arg2, FPRReg arg3)
-    {
-        m_jit.setupArgumentsWithExecState(arg1, arg2, arg3);
-        return appendCallWithExceptionCheck(operation);
-    }
-
     JITCompiler::Call callOperation(V_DFGOperation_W operation, WatchpointSet* watchpointSet)
     {
         m_jit.setupArguments(TrustedImmPtr(watchpointSet));
@@ -1264,6 +1258,12 @@ public:
         return appendCallWithExceptionCheckSetResult(operation, result);
     }
 
+    JITCompiler::Call callOperation(V_DFGOperation_EOZD operation, GPRReg arg1, GPRReg arg2, FPRReg arg3)
+    {
+        m_jit.setupArgumentsWithExecState(arg1, arg2, arg3);
+        return appendCallWithExceptionCheck(operation);
+    }
+
     JITCompiler::Call callOperation(V_DFGOperation_EJPP operation, GPRReg arg1, GPRReg arg2, void* pointer)
     {
         m_jit.setupArgumentsWithExecState(arg1, arg2, TrustedImmPtr(pointer));
@@ -1411,7 +1411,7 @@ public:
     }
     JITCompiler::Call callOperation(J_DFGOperation_EDA operation, GPRReg resultTag, GPRReg resultPayload, FPRReg arg1, GPRReg arg2)
     {
-        m_jit.setupArgumentsWithExecState(arg1, arg2);
+        m_jit.setupArgumentsWithExecState(EABI_32BIT_DUMMY_ARG arg1, arg2);
         return appendCallWithExceptionCheckSetResult(operation, resultPayload, resultTag);
     }
     JITCompiler::Call callOperation(J_DFGOperation_EJA operation, GPRReg resultTag, GPRReg resultPayload, GPRReg arg1Tag, GPRReg arg1Payload, GPRReg arg2)
@@ -1511,6 +1511,12 @@ public:
         return appendCallWithExceptionCheckSetResult(operation, resultPayload, resultTag);
     }
 
+    JITCompiler::Call callOperation(V_DFGOperation_EOZD operation, GPRReg arg1, GPRReg arg2, FPRReg arg3)
+    {
+        m_jit.setupArgumentsWithExecState(arg1, arg2, EABI_32BIT_DUMMY_ARG arg3);
+        return appendCallWithExceptionCheck(operation);
+    }
+
     JITCompiler::Call callOperation(V_DFGOperation_EJPP operation, GPRReg arg1Tag, GPRReg arg1Payload, GPRReg arg2, void* pointer)
     {
         m_jit.setupArgumentsWithExecState(EABI_32BIT_DUMMY_ARG arg1Payload, arg1Tag, arg2, TrustedImmPtr(pointer));
-- 
cgit v1.2.1


From 4f553958aca984c93dcfcf7d6c1c3e682ee7b4b4 Mon Sep 17 00:00:00 2001
From: "ossy@webkit.org" <ossy@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Fri, 13 Sep 2013 15:55:51 +0000
Subject: ARM EABI hardfp buildfix after r155675

https://bugs.webkit.org/show_bug.cgi?id=121287

Reviewed by Geoffrey Garen.

Change-Id: I03c086a652b501c5424a6de6763fed1c88466e3a
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155705 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com>
---
 Source/JavaScriptCore/dfg/DFGCCallHelpers.h | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'Source/JavaScriptCore/dfg')

diff --git a/Source/JavaScriptCore/dfg/DFGCCallHelpers.h b/Source/JavaScriptCore/dfg/DFGCCallHelpers.h
index caf7a91d4..1a0b723ee 100644
--- a/Source/JavaScriptCore/dfg/DFGCCallHelpers.h
+++ b/Source/JavaScriptCore/dfg/DFGCCallHelpers.h
@@ -563,12 +563,13 @@ public:
         move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
     }
 
-    ALWAYS_INLINE void setupArgumentsWithExecState(TrustedImm32, GPRReg arg2, GPRReg arg3, FPRReg arg4)
+    ALWAYS_INLINE void setupArgumentsWithExecState(GPRReg arg1, GPRReg arg2, TrustedImm32, FPRReg arg4)
     {
         moveDouble(arg4, FPRInfo::argumentFPR0);
-        setupStubArguments(arg2, arg3);
+        setupStubArguments(arg1, arg2);
         move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
     }
+
 #else
     ALWAYS_INLINE void setupArguments(FPRReg arg1)
     {
-- 
cgit v1.2.1


From 55f814fc556631b390f0c5764bb4ee3ceeea1d45 Mon Sep 17 00:00:00 2001
From: "commit-queue@webkit.org"
 <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Mon, 16 Sep 2013 17:56:17 +0000
Subject: Aligned argument signatures of setupArgumentsWithExecState are
 missing on MIPS.

https://bugs.webkit.org/show_bug.cgi?id=121439

Patch by Balazs Kilvady <kilvadyb@homejinni.com> on 2013-09-16
Reviewed by Geoffrey Garen.

Missing implementations of setupArgumentsWithExecState added.

Change-Id: Ief1b1505d6c20b091ae0fcc24d7c21f50fcc712a
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@155884 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com>
---
 Source/JavaScriptCore/dfg/DFGCCallHelpers.h | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'Source/JavaScriptCore/dfg')

diff --git a/Source/JavaScriptCore/dfg/DFGCCallHelpers.h b/Source/JavaScriptCore/dfg/DFGCCallHelpers.h
index 1a0b723ee..ebf0bfd89 100644
--- a/Source/JavaScriptCore/dfg/DFGCCallHelpers.h
+++ b/Source/JavaScriptCore/dfg/DFGCCallHelpers.h
@@ -648,6 +648,16 @@ public:
         move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
         poke(arg3, 4);
     }
+
+    ALWAYS_INLINE void setupArgumentsWithExecState(TrustedImm32 arg1, FPRReg arg2, GPRReg arg3)
+    {
+        setupArgumentsWithExecState(arg2, arg3);
+    }
+
+    ALWAYS_INLINE void setupArgumentsWithExecState(GPRReg arg1, GPRReg arg2, TrustedImm32 arg3, FPRReg arg4)
+    {
+        setupArgumentsWithExecState(arg1, arg2, arg4);
+    }
 #elif CPU(SH4)
     ALWAYS_INLINE void setupArguments(FPRReg arg1)
     {
-- 
cgit v1.2.1