[Webkit-unassigned] [Bug 55957] New: function arguments are shifted by one on platforms not using JIT

[bugzilla-daemon at webkit.org]

https://bugs.webkit.org/show_bug.cgi?id=55957

           Summary: function arguments are shifted by one on platforms not
                    using JIT
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Other
        OS/Version: Other
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: landry at openbsd.org


As found out by Todd Carson, function arguments are shifted by one on platforms not using JIT, here in our case OpenBSD/mips64el.

In changeset 60392 (http://trac.webkit.org/changeset/60392/trunk/JavaScriptCore/interpreter/Interpreter.cpp),
the following change was made around line 3050 :
-    argCount = (uint32_t)(callFrame->argumentCount()) - 1; 
+    argCount = (uint32_t)(callFrame->argumentCount());

reverting it fixes the issue. (see http://www.openbsd.org/cgi-bin/cvsweb/ports/www/webkit/patches/patch-JavaScriptCore_interpreter_Interpreter_cpp?rev=1.1;content-type=text%2Fplain)

However, in webkitgtk the following commit was made :
http://gitorious.org/webkitgtk/stable/commit/f236c158708a2116a799174bd2722fd721e663c4 referencing https://bugs.webkit.org/show_bug.cgi?id=41351 which i can't access.

So can someone confirm it's a webkit issue (mistakenly removing the -1 when commiting r60392 ?) or a webkitgtk only issue ?

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.