Bug 1111300 - Fix stupid bug miscomputing the number of actual args in RematerializedFrames. (r=efaust)
authorShu-yu Guo <shu@rfrn.org>
Mon, 15 Dec 2014 18:21:09 -0800
changeset 219866 f9821f355c912a4f66b4988344981663b3c4fc65
parent 219865 1ba50d816a99aab42065be86d4b7e76b983e36d1
child 219867 fe70a6c9a374a5b9b6c38cbffad5726824155626
push id10419
push usercbook@mozilla.com
push dateTue, 16 Dec 2014 12:45:27 +0000
treeherderfx-team@ec87657146eb [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersefaust
bugs1111300
milestone37.0a1
Bug 1111300 - Fix stupid bug miscomputing the number of actual args in RematerializedFrames. (r=efaust)
js/src/jit/RematerializedFrame.cpp
--- a/js/src/jit/RematerializedFrame.cpp
+++ b/js/src/jit/RematerializedFrame.cpp
@@ -44,26 +44,26 @@ RematerializedFrame::RematerializedFrame
                                 &argsObj_, &thisValue_, ReadFrame_Actuals,
                                 fallback);
 }
 
 /* static */ RematerializedFrame *
 RematerializedFrame::New(JSContext *cx, uint8_t *top, InlineFrameIterator &iter)
 {
     unsigned numFormals = iter.isFunctionFrame() ? iter.callee()->nargs() : 0;
-    unsigned numActualArgs = Max(numFormals, iter.numActualArgs());
+    unsigned argSlots = Max(numFormals, iter.numActualArgs());
     size_t numBytes = sizeof(RematerializedFrame) +
-        (numActualArgs + iter.script()->nfixed()) * sizeof(Value) -
+        (argSlots + iter.script()->nfixed()) * sizeof(Value) -
         sizeof(Value); // 1 Value included in sizeof(RematerializedFrame)
 
     void *buf = cx->pod_calloc<uint8_t>(numBytes);
     if (!buf)
         return nullptr;
 
-    return new (buf) RematerializedFrame(cx, top, numActualArgs, iter);
+    return new (buf) RematerializedFrame(cx, top, iter.numActualArgs(), iter);
 }
 
 /* static */ bool
 RematerializedFrame::RematerializeInlineFrames(JSContext *cx, uint8_t *top,
                                                InlineFrameIterator &iter,
                                                Vector<RematerializedFrame *> &frames)
 {
     if (!frames.resize(iter.frameCount()))