[webkit-changes] [271490] trunk/Source/JavaScriptCore

Thu, 14 Jan 2021 10:40:51 -0800

Title: [271490] trunk/Source/_javascript_Core
Revision
271490
Author
sbar...@apple.com
Date
2021-01-14 10:12:42 -0800 (Thu, 14 Jan 2021)

Log Message

SpeculativeJIT::compileGetEnumerableLength should not use GPRFlushedCallResult
https://bugs.webkit.org/show_bug.cgi?id=220557

Reviewed by Yusuke Suzuki.

It wasn't used as the result from a call, so we're overly restricting the
register we allocate for no good reason.

* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileGetEnumerableLength):

Modified Paths

Diff

Modified: trunk/Source/_javascript_Core/ChangeLog (271489 => 271490)


--- trunk/Source/_javascript_Core/ChangeLog	2021-01-14 18:10:38 UTC (rev 271489)
+++ trunk/Source/_javascript_Core/ChangeLog	2021-01-14 18:12:42 UTC (rev 271490)
@@ -1,5 +1,18 @@
 2021-01-14  Saam Barati  <sbar...@apple.com>
 
+        SpeculativeJIT::compileGetEnumerableLength should not use GPRFlushedCallResult
+        https://bugs.webkit.org/show_bug.cgi?id=220557
+
+        Reviewed by Yusuke Suzuki.
+
+        It wasn't used as the result from a call, so we're overly restricting the
+        register we allocate for no good reason. 
+
+        * dfg/DFGSpeculativeJIT.cpp:
+        (JSC::DFG::SpeculativeJIT::compileGetEnumerableLength):
+
+2021-01-14  Saam Barati  <sbar...@apple.com>
+
         Baseline JIT should emit mutatorFence after inline allocations
         https://bugs.webkit.org/show_bug.cgi?id=220572

Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp (271489 => 271490)


--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp	2021-01-14 18:10:38 UTC (rev 271489)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp	2021-01-14 18:12:42 UTC (rev 271490)
@@ -12833,10 +12833,11 @@
 void SpeculativeJIT::compileGetEnumerableLength(Node* node)
 {
     SpeculateCellOperand enumerator(this, node->child1());
-    GPRFlushedCallResult result(this);
+    GPRTemporary result(this, Reuse, enumerator);
+    GPRReg enumeratorGPR = enumerator.gpr();
     GPRReg resultGPR = result.gpr();
 
-    m_jit.load32(MacroAssembler::Address(enumerator.gpr(), JSPropertyNameEnumerator::indexedLengthOffset()), resultGPR);
+    m_jit.load32(MacroAssembler::Address(enumeratorGPR, JSPropertyNameEnumerator::indexedLengthOffset()), resultGPR);
     strictInt32Result(resultGPR, node);
 }
 

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to