Title: [226081] trunk/Source/_javascript_Core
- Revision
- 226081
- Author
- sbar...@apple.com
- Date
- 2017-12-18 14:20:22 -0800 (Mon, 18 Dec 2017)
Log Message
Follow up to bug#179762. Fix PreciseLocalClobberize to handle Spread/PhantomSpread(PhantomNewArrayBuffer)
* dfg/DFGPreciseLocalClobberize.h:
(JSC::DFG::PreciseLocalClobberizeAdaptor::readTop):
Modified Paths
Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (226080 => 226081)
--- trunk/Source/_javascript_Core/ChangeLog 2017-12-18 22:05:23 UTC (rev 226080)
+++ trunk/Source/_javascript_Core/ChangeLog 2017-12-18 22:20:22 UTC (rev 226081)
@@ -1,3 +1,10 @@
+2017-12-18 Saam Barati <sbar...@apple.com>
+
+ Follow up to bug#179762. Fix PreciseLocalClobberize to handle Spread/PhantomSpread(PhantomNewArrayBuffer)
+
+ * dfg/DFGPreciseLocalClobberize.h:
+ (JSC::DFG::PreciseLocalClobberizeAdaptor::readTop):
+
2017-12-16 Filip Pizlo <fpi...@apple.com>
Vector index masking
Modified: trunk/Source/_javascript_Core/dfg/DFGPreciseLocalClobberize.h (226080 => 226081)
--- trunk/Source/_javascript_Core/dfg/DFGPreciseLocalClobberize.h 2017-12-18 22:05:23 UTC (rev 226080)
+++ trunk/Source/_javascript_Core/dfg/DFGPreciseLocalClobberize.h 2017-12-18 22:20:22 UTC (rev 226081)
@@ -120,9 +120,16 @@
m_read(VirtualRegister(inlineCallFrame->stackOffset + CallFrameSlot::argumentCount));
};
- auto readSpreadOfPhantomCreateRest = [&] (Node* spread) {
+ auto readSpread = [&] (Node* spread) {
ASSERT(spread->op() == Spread || spread->op() == PhantomSpread);
- ASSERT(spread->child1()->op() == PhantomCreateRest);
+ if (!spread->child1()->isPhantomAllocation())
+ return;
+
+ ASSERT(spread->child1()->op() == PhantomCreateRest || spread->child1()->op() == PhantomNewArrayBuffer);
+ if (spread->child1()->op() == PhantomNewArrayBuffer) {
+ // This reads from a constant buffer.
+ return;
+ }
InlineCallFrame* inlineCallFrame = spread->child1()->origin.semantic.inlineCallFrame;
unsigned numberOfArgumentsToSkip = spread->child1()->numberOfArgumentsToSkip();
readFrame(inlineCallFrame, numberOfArgumentsToSkip);
@@ -135,7 +142,7 @@
if (bitVector->get(i)) {
Node* child = m_graph.varArgChild(arrayWithSpread, i).node();
if (child->op() == PhantomSpread)
- readSpreadOfPhantomCreateRest(child);
+ readSpread(child);
}
}
};
@@ -181,7 +188,7 @@
if (m_node->argumentsChild()->op() == PhantomNewArrayWithSpread)
readNewArrayWithSpreadNode(m_node->argumentsChild().node());
else
- readSpreadOfPhantomCreateRest(m_node->argumentsChild().node());
+ readSpread(m_node->argumentsChild().node());
} else {
InlineCallFrame* inlineCallFrame;
if (m_node->hasArgumentsChild() && m_node->argumentsChild())
@@ -204,8 +211,7 @@
}
case Spread:
- if (m_node->child1()->op() == PhantomCreateRest)
- readSpreadOfPhantomCreateRest(m_node);
+ readSpread(m_node);
break;
case NewArrayWithSpread: {
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
