Title: [201170] trunk/Source/_javascript_Core
- Revision
- 201170
- Author
- [email protected]
- Date
- 2016-05-19 10:27:11 -0700 (Thu, 19 May 2016)
Log Message
JSC: DFG::SpeculativeJIT::compile special case for MIPS for PutByValWithThis
https://bugs.webkit.org/show_bug.cgi?id=157741
Patch by Guillaume Emont <[email protected]> on 2016-05-19
Reviewed by Saam Barati.
The PutByValWithThis case needs a special case for MIPS because we
don't have enough registers. The special case needs to be different
from the x86 one because we have a different ABI.
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
Modified Paths
Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (201169 => 201170)
--- trunk/Source/_javascript_Core/ChangeLog 2016-05-19 17:11:12 UTC (rev 201169)
+++ trunk/Source/_javascript_Core/ChangeLog 2016-05-19 17:27:11 UTC (rev 201170)
@@ -1,3 +1,17 @@
+2016-05-19 Guillaume Emont <[email protected]>
+
+ JSC: DFG::SpeculativeJIT::compile special case for MIPS for PutByValWithThis
+ https://bugs.webkit.org/show_bug.cgi?id=157741
+
+ Reviewed by Saam Barati.
+
+ The PutByValWithThis case needs a special case for MIPS because we
+ don't have enough registers. The special case needs to be different
+ from the x86 one because we have a different ABI.
+
+ * dfg/DFGSpeculativeJIT32_64.cpp:
+ (JSC::DFG::SpeculativeJIT::compile):
+
2016-05-19 Brian Burg <[email protected]>
Web Inspector: use a consistent prefix for injected scripts
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp (201169 => 201170)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp 2016-05-19 17:11:12 UTC (rev 201169)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp 2016-05-19 17:27:11 UTC (rev 201170)
@@ -2924,6 +2924,48 @@
flushRegisters();
appendCall(m_jit.isStrictModeFor(node->origin.semantic) ? operationPutByValWithThisStrict : operationPutByValWithThis);
m_jit.exceptionCheck();
+#elif CPU(MIPS)
+ // We don't have enough registers on MIPS either but the ABI is a little different.
+ unsigned index = 4;
+ m_jit.move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
+ {
+ JSValueOperand base(this, m_jit.graph().varArgChild(node, 0));
+ GPRReg baseTag = base.tagGPR();
+ GPRReg basePayload = base.payloadGPR();
+
+ JSValueOperand thisValue(this, m_jit.graph().varArgChild(node, 1));
+ GPRReg thisValueTag = thisValue.tagGPR();
+ GPRReg thisValuePayload = thisValue.payloadGPR();
+
+ JSValueOperand property(this, m_jit.graph().varArgChild(node, 2));
+ GPRReg propertyTag = property.tagGPR();
+ GPRReg propertyPayload = property.payloadGPR();
+
+ // for operationPutByValWithThis[Strict](), base is a 64 bits
+ // argument, so it should be double word aligned on the stack.
+ // This requirement still applies when it's in argument registers
+ // instead of on the stack.
+ m_jit.move(basePayload, GPRInfo::argumentGPR2);
+ m_jit.move(baseTag, GPRInfo::argumentGPR3);
+
+ m_jit.poke(thisValuePayload, index++);
+ m_jit.poke(thisValueTag, index++);
+
+ m_jit.poke(propertyPayload, index++);
+ m_jit.poke(propertyTag, index++);
+
+ flushRegisters();
+ }
+
+ JSValueOperand value(this, m_jit.graph().varArgChild(node, 3));
+ GPRReg valueTag = value.tagGPR();
+ GPRReg valuePayload = value.payloadGPR();
+ m_jit.poke(valuePayload, index++);
+ m_jit.poke(valueTag, index++);
+
+ flushRegisters();
+ appendCall(m_jit.isStrictModeFor(node->origin.semantic) ? operationPutByValWithThisStrict : operationPutByValWithThis);
+ m_jit.exceptionCheck();
#else
static_assert(GPRInfo::numberOfRegisters >= 8, "We are assuming we have enough registers to make this call without incrementally setting up the arguments.");
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
