126106 – Arity check stack restoration should preserve the ArgumentCount in case there is a register restoration thunk below it

RESOLVED FIXED 126106

Arity check stack restoration should preserve the ArgumentCount in case there is a register restoration thunk below it

https://bugs.webkit.org/show_bug.cgi?id=126106

Summary Arity check stack restoration should preserve the ArgumentCount in case there...

Filip Pizlo

Reported 2013-12-20 18:44:09 PST

Return thunks rely on the argument count to recover where the stack should have been. In the case of the arity check fail thunk, it should "pay it forward" and allow whatever it returns into to also use the argument count.

Attachments
the patch (3.33 KB, patch) 2013-12-20 18:44 PST, Filip Pizlo	ggaren: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Filip Pizlo

Comment 1 2013-12-20 18:44:48 PST

Created attachment 219826 [details] the patch

Filip Pizlo

Comment 2 2013-12-20 20:54:36 PST

Landed in http://trac.webkit.org/changeset/160956

Geoffrey Garen

Comment 3 2014-01-14 14:44:45 PST

Comment on attachment 219826 [details] the patch r=me

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware All

OS All

Product WebKit

Component JavaScriptCore

Assignee

Filip Pizlo

Reported

2013-12-20 18:44 PST

Modified

2014-01-30 13:27 PST History

CC List

8 users Show

URL

Keywords

Depends on

Blocks

113621

Dependencies

tree graph