Modified: branches/safari-607-branch/Source/_javascript_Core/ChangeLog (240410 => 240411)
--- branches/safari-607-branch/Source/_javascript_Core/ChangeLog 2019-01-24 06:41:48 UTC (rev 240410)
+++ branches/safari-607-branch/Source/_javascript_Core/ChangeLog 2019-01-24 06:41:51 UTC (rev 240411)
@@ -1,5 +1,40 @@
2019-01-23 Alan Coon <[email protected]>
+ Cherry-pick r239929. rdar://problem/47295348
+
+ Fix property access on ARM with the baseline JIT
+ https://bugs.webkit.org/show_bug.cgi?id=193393
+
+ Reviewed by Yusuke Suzuki.
+
+ Code was still using currentInstruction[4] to access the instruction's metadata.
+ Updated to use metadata.getPutInfo and metadata.resolveType.
+
+ * jit/JITPropertyAccess32_64.cpp:
+ (JSC::JIT::emit_op_resolve_scope):
+ (JSC::JIT::emit_op_get_from_scope):
+ (JSC::JIT::emit_op_put_to_scope):
+
+
+ git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239929 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+ 2019-01-14 Dominik Infuehr <[email protected]>
+
+ Fix property access on ARM with the baseline JIT
+ https://bugs.webkit.org/show_bug.cgi?id=193393
+
+ Reviewed by Yusuke Suzuki.
+
+ Code was still using currentInstruction[4] to access the instruction's metadata.
+ Updated to use metadata.getPutInfo and metadata.resolveType.
+
+ * jit/JITPropertyAccess32_64.cpp:
+ (JSC::JIT::emit_op_resolve_scope):
+ (JSC::JIT::emit_op_get_from_scope):
+ (JSC::JIT::emit_op_put_to_scope):
+
+2019-01-23 Alan Coon <[email protected]>
+
Cherry-pick r240254. rdar://problem/47458354
[JSC] Invalidate old scope operations using global lexical binding epoch
Modified: branches/safari-607-branch/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp (240410 => 240411)
--- branches/safari-607-branch/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp 2019-01-24 06:41:48 UTC (rev 240410)
+++ branches/safari-607-branch/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp 2019-01-24 06:41:51 UTC (rev 240411)
@@ -830,7 +830,7 @@
case UnresolvedProperty:
case UnresolvedPropertyWithVarInjectionChecks: {
JumpList skipToEnd;
- load32(¤tInstruction[4], regT0);
+ load32(&metadata.resolveType, regT0);
Jump notGlobalProperty = branch32(NotEqual, regT0, TrustedImm32(GlobalProperty));
emitCode(GlobalProperty);
@@ -955,7 +955,7 @@
case GlobalProperty:
case GlobalPropertyWithVarInjectionChecks: {
JumpList skipToEnd;
- load32(¤tInstruction[4], regT0);
+ load32(&metadata.getPutInfo, regT0);
and32(TrustedImm32(GetPutInfo::typeBits), regT0); // Load ResolveType into T0
Jump isNotGlobalProperty = branch32(NotEqual, regT0, TrustedImm32(resolveType));
@@ -970,7 +970,7 @@
case UnresolvedProperty:
case UnresolvedPropertyWithVarInjectionChecks: {
JumpList skipToEnd;
- load32(¤tInstruction[4], regT0);
+ load32(&metadata.getPutInfo, regT0);
and32(TrustedImm32(GetPutInfo::typeBits), regT0); // Load ResolveType into T0
Jump isGlobalProperty = branch32(Equal, regT0, TrustedImm32(GlobalProperty));
@@ -1110,7 +1110,7 @@
case GlobalProperty:
case GlobalPropertyWithVarInjectionChecks: {
JumpList skipToEnd;
- load32(¤tInstruction[4], regT0);
+ load32(&metadata.getPutInfo, regT0);
and32(TrustedImm32(GetPutInfo::typeBits), regT0); // Load ResolveType into T0
Jump isGlobalProperty = branch32(Equal, regT0, TrustedImm32(resolveType));
@@ -1129,7 +1129,7 @@
case UnresolvedProperty:
case UnresolvedPropertyWithVarInjectionChecks: {
JumpList skipToEnd;
- load32(¤tInstruction[4], regT0);
+ load32(&metadata.getPutInfo, regT0);
and32(TrustedImm32(GetPutInfo::typeBits), regT0); // Load ResolveType into T0
Jump isGlobalProperty = branch32(Equal, regT0, TrustedImm32(GlobalProperty));
