[webkit-changes] [106136] branches/safari-534.54-branch/Source/JavaScriptCore

Fri, 27 Jan 2012 11:20:16 -0800

Title: [106136] branches/safari-534.54-branch/Source/_javascript_Core

Diff

Modified: branches/safari-534.54-branch/Source/_javascript_Core/ChangeLog (106135 => 106136)


--- branches/safari-534.54-branch/Source/_javascript_Core/ChangeLog	2012-01-27 19:12:19 UTC (rev 106135)
+++ branches/safari-534.54-branch/Source/_javascript_Core/ChangeLog	2012-01-27 19:20:10 UTC (rev 106136)
@@ -10,6 +10,44 @@
 
 2011-01-27  Lucas Forschler  <[email protected]>
 
+    Merge 103674
+
+    2011-12-24  Filip Pizlo  <[email protected]>
+
+            The ArgumentCount field in the CallFrame should have its tag left blank for other uses
+            https://bugs.webkit.org/show_bug.cgi?id=75199
+            <rdar://problem/10625105>
+            <rdar://problem/10625106>
+
+            Reviewed by Oliver Hunt.
+
+            * dfg/DFGOSRExitCompiler32_64.cpp:
+            (JSC::DFG::OSRExitCompiler::compileExit):
+            * dfg/DFGOSRExitCompiler64.cpp:
+            (JSC::DFG::OSRExitCompiler::compileExit):
+            * dfg/DFGSpeculativeJIT.h:
+            (JSC::DFG::SpeculativeJIT::argumentPayloadSlot):
+            * dfg/DFGSpeculativeJIT32_64.cpp:
+            (JSC::DFG::SpeculativeJIT::emitCall):
+            * dfg/DFGSpeculativeJIT64.cpp:
+            (JSC::DFG::SpeculativeJIT::emitCall):
+            * interpreter/CallFrame.h:
+            (JSC::ExecState::argumentCountIncludingThis):
+            (JSC::ExecState::setArgumentCountIncludingThis):
+            * interpreter/Register.h:
+            (JSC::Register::unboxedInt32):
+            (JSC::Register::unboxedBoolean):
+            (JSC::Register::unboxedCell):
+            (JSC::Register::payload):
+            (JSC::Register::tag):
+            * jit/JITCall.cpp:
+            (JSC::JIT::compileOpCall):
+            * jit/JITCall32_64.cpp:
+            (JSC::JIT::compileLoadVarargs):
+            (JSC::JIT::compileOpCall):
+
+2011-01-27  Lucas Forschler  <[email protected]>
+
     Merge 106075
 
     2012-01-26  Oliver Hunt  <[email protected]>

Modified: branches/safari-534.54-branch/Source/_javascript_Core/dfg/DFGOSRExitCompiler32_64.cpp (106135 => 106136)


--- branches/safari-534.54-branch/Source/_javascript_Core/dfg/DFGOSRExitCompiler32_64.cpp	2012-01-27 19:12:19 UTC (rev 106135)
+++ branches/safari-534.54-branch/Source/_javascript_Core/dfg/DFGOSRExitCompiler32_64.cpp	2012-01-27 19:20:10 UTC (rev 106136)
@@ -572,7 +572,6 @@
         m_jit.store32(AssemblyHelpers::Imm32(JSValue::CellTag), AssemblyHelpers::tagFor((VirtualRegister)(inlineCallFrame->stackOffset + RegisterFile::CallerFrame)));
         m_jit.storePtr(callerFrameGPR, AssemblyHelpers::payloadFor((VirtualRegister)(inlineCallFrame->stackOffset + RegisterFile::CallerFrame)));
         m_jit.storePtr(AssemblyHelpers::TrustedImmPtr(jumpTarget), AssemblyHelpers::payloadFor((VirtualRegister)(inlineCallFrame->stackOffset + RegisterFile::ReturnPC)));
-        m_jit.store32(AssemblyHelpers::Imm32(JSValue::Int32Tag), AssemblyHelpers::tagFor((VirtualRegister)(inlineCallFrame->stackOffset + RegisterFile::ArgumentCount)));
         m_jit.store32(AssemblyHelpers::Imm32(inlineCallFrame->arguments.size()), AssemblyHelpers::payloadFor((VirtualRegister)(inlineCallFrame->stackOffset + RegisterFile::ArgumentCount)));
         m_jit.store32(AssemblyHelpers::Imm32(JSValue::CellTag), AssemblyHelpers::tagFor((VirtualRegister)(inlineCallFrame->stackOffset + RegisterFile::Callee)));
         m_jit.storePtr(AssemblyHelpers::TrustedImmPtr(inlineCallFrame->callee.get()), AssemblyHelpers::payloadFor((VirtualRegister)(inlineCallFrame->stackOffset + RegisterFile::Callee)));

Modified: branches/safari-534.54-branch/Source/_javascript_Core/dfg/DFGOSRExitCompiler64.cpp (106135 => 106136)


--- branches/safari-534.54-branch/Source/_javascript_Core/dfg/DFGOSRExitCompiler64.cpp	2012-01-27 19:12:19 UTC (rev 106135)
+++ branches/safari-534.54-branch/Source/_javascript_Core/dfg/DFGOSRExitCompiler64.cpp	2012-01-27 19:20:10 UTC (rev 106136)
@@ -577,7 +577,7 @@
         m_jit.storePtr(AssemblyHelpers::TrustedImmPtr(inlineCallFrame->callee->scope()), AssemblyHelpers::addressFor((VirtualRegister)(inlineCallFrame->stackOffset + RegisterFile::ScopeChain)));
         m_jit.storePtr(callerFrameGPR, AssemblyHelpers::addressFor((VirtualRegister)(inlineCallFrame->stackOffset + RegisterFile::CallerFrame)));
         m_jit.storePtr(AssemblyHelpers::TrustedImmPtr(jumpTarget), AssemblyHelpers::addressFor((VirtualRegister)(inlineCallFrame->stackOffset + RegisterFile::ReturnPC)));
-        m_jit.storePtr(AssemblyHelpers::TrustedImmPtr(JSValue::encode(jsNumber(inlineCallFrame->arguments.size()))), AssemblyHelpers::addressFor((VirtualRegister)(inlineCallFrame->stackOffset + RegisterFile::ArgumentCount)));
+        m_jit.store32(AssemblyHelpers::TrustedImm32(inlineCallFrame->arguments.size()), AssemblyHelpers::payloadFor((VirtualRegister)(inlineCallFrame->stackOffset + RegisterFile::ArgumentCount)));
         m_jit.storePtr(AssemblyHelpers::TrustedImmPtr(inlineCallFrame->callee.get()), AssemblyHelpers::addressFor((VirtualRegister)(inlineCallFrame->stackOffset + RegisterFile::Callee)));
     }

Modified: branches/safari-534.54-branch/Source/_javascript_Core/dfg/DFGSpeculativeJIT.h (106135 => 106136)


--- branches/safari-534.54-branch/Source/_javascript_Core/dfg/DFGSpeculativeJIT.h	2012-01-27 19:12:19 UTC (rev 106135)
+++ branches/safari-534.54-branch/Source/_javascript_Core/dfg/DFGSpeculativeJIT.h	2012-01-27 19:20:10 UTC (rev 106136)
@@ -904,7 +904,6 @@
         return MacroAssembler::Address(GPRInfo::callFrameRegister, (m_jit.codeBlock()->m_numCalleeRegisters + argumentToOperand(argument)) * static_cast<int>(sizeof(Register)));
     }
 
-#if USE(JSVALUE32_64)    
     MacroAssembler::Address callFrameTagSlot(int slot)
     {
         return MacroAssembler::Address(GPRInfo::callFrameRegister, (m_jit.codeBlock()->m_numCalleeRegisters + slot) * static_cast<int>(sizeof(Register)) + OBJECT_OFFSETOF(EncodedValueDescriptor, asBits.tag));
@@ -924,7 +923,6 @@
     {
         return MacroAssembler::Address(GPRInfo::callFrameRegister, (m_jit.codeBlock()->m_numCalleeRegisters + argumentToOperand(argument)) * static_cast<int>(sizeof(Register)) + OBJECT_OFFSETOF(EncodedValueDescriptor, asBits.payload));
     }
-#endif
 
     void emitCall(Node&);

Modified: branches/safari-534.54-branch/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp (106135 => 106136)


--- branches/safari-534.54-branch/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp	2012-01-27 19:12:19 UTC (rev 106135)
+++ branches/safari-534.54-branch/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp	2012-01-27 19:20:10 UTC (rev 106136)
@@ -1265,7 +1265,6 @@
     int numPassedArgs = node.numChildren() - 1;
 
     m_jit.store32(MacroAssembler::TrustedImm32(numPassedArgs + dummyThisArgument), callFramePayloadSlot(RegisterFile::ArgumentCount));
-    m_jit.store32(MacroAssembler::TrustedImm32(JSValue::Int32Tag), callFrameTagSlot(RegisterFile::ArgumentCount));
     m_jit.storePtr(GPRInfo::callFrameRegister, callFramePayloadSlot(RegisterFile::CallerFrame));
     m_jit.store32(calleePayloadGPR, callFramePayloadSlot(RegisterFile::Callee));
     m_jit.store32(calleeTagGPR, callFrameTagSlot(RegisterFile::Callee));

Modified: branches/safari-534.54-branch/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp (106135 => 106136)


--- branches/safari-534.54-branch/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp	2012-01-27 19:12:19 UTC (rev 106135)
+++ branches/safari-534.54-branch/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp	2012-01-27 19:20:10 UTC (rev 106136)
@@ -1223,7 +1223,7 @@
     // receiver (method call). subsequent children are the arguments.
     int numPassedArgs = node.numChildren() - 1;
     
-    m_jit.storePtr(MacroAssembler::TrustedImmPtr(JSValue::encode(jsNumber(numPassedArgs + dummyThisArgument))), callFrameSlot(RegisterFile::ArgumentCount));
+    m_jit.store32(MacroAssembler::TrustedImm32(numPassedArgs + dummyThisArgument), callFramePayloadSlot(RegisterFile::ArgumentCount));
     m_jit.storePtr(GPRInfo::callFrameRegister, callFrameSlot(RegisterFile::CallerFrame));
     m_jit.storePtr(calleeGPR, callFrameSlot(RegisterFile::Callee));

Modified: branches/safari-534.54-branch/Source/_javascript_Core/interpreter/CallFrame.h (106135 => 106136)


--- branches/safari-534.54-branch/Source/_javascript_Core/interpreter/CallFrame.h	2012-01-27 19:12:19 UTC (rev 106135)
+++ branches/safari-534.54-branch/Source/_javascript_Core/interpreter/CallFrame.h	2012-01-27 19:20:10 UTC (rev 106136)
@@ -144,7 +144,7 @@
 
         // Access to arguments.
         size_t argumentCount() const { return argumentCountIncludingThis() - 1; }
-        size_t argumentCountIncludingThis() const { return this[RegisterFile::ArgumentCount].i(); }
+        size_t argumentCountIncludingThis() const { return this[RegisterFile::ArgumentCount].payload(); }
         static int argumentOffset(size_t argument) { return s_firstArgumentOffset - argument; }
         static int argumentOffsetIncludingThis(size_t argument) { return s_thisArgumentOffset - argument; }
 
@@ -175,7 +175,7 @@
         CallFrame* addHostCallFrameFlag() const { return reinterpret_cast<CallFrame*>(reinterpret_cast<intptr_t>(this) | HostCallFrameFlag); }
         CallFrame* removeHostCallFrameFlag() { return reinterpret_cast<CallFrame*>(reinterpret_cast<intptr_t>(this) & ~HostCallFrameFlag); }
 
-        void setArgumentCountIncludingThis(int count) { static_cast<Register*>(this)[RegisterFile::ArgumentCount] = Register::withInt(count); }
+        void setArgumentCountIncludingThis(int count) { static_cast<Register*>(this)[RegisterFile::ArgumentCount].payload() = count; }
         void setCallee(JSObject* callee) { static_cast<Register*>(this)[RegisterFile::Callee] = Register::withCallee(callee); }
         void setCodeBlock(CodeBlock* codeBlock) { static_cast<Register*>(this)[RegisterFile::CodeBlock] = codeBlock; }
         void setReturnPC(void* value) { static_cast<Register*>(this)[RegisterFile::ReturnPC] = (Instruction*)value; }

Modified: branches/safari-534.54-branch/Source/_javascript_Core/interpreter/Register.h (106135 => 106136)


--- branches/safari-534.54-branch/Source/_javascript_Core/interpreter/Register.h	2012-01-27 19:12:19 UTC (rev 106135)
+++ branches/safari-534.54-branch/Source/_javascript_Core/interpreter/Register.h	2012-01-27 19:20:10 UTC (rev 106136)
@@ -75,6 +75,10 @@
         int32_t unboxedInt32() const;
         bool unboxedBoolean() const;
         JSCell* unboxedCell() const;
+        int32_t payload() const;
+        int32_t tag() const;
+        int32_t& payload();
+        int32_t& tag();
 
         static Register withInt(int32_t i)
         {
@@ -176,12 +180,12 @@
         
     ALWAYS_INLINE int32_t Register::unboxedInt32() const
     {
-        return u.encodedValue.asBits.payload;
+        return payload();
     }
 
     ALWAYS_INLINE bool Register::unboxedBoolean() const
     {
-        return !!u.encodedValue.asBits.payload;
+        return !!payload();
     }
 
     ALWAYS_INLINE JSCell* Register::unboxedCell() const
@@ -189,10 +193,30 @@
 #if USE(JSVALUE64)
         return u.encodedValue.ptr;
 #else
-        return bitwise_cast<JSCell*>(u.encodedValue.asBits.payload);
+        return bitwise_cast<JSCell*>(payload());
 #endif
     }
 
+    ALWAYS_INLINE int32_t Register::payload() const
+    {
+        return u.encodedValue.asBits.payload;
+    }
+
+    ALWAYS_INLINE int32_t Register::tag() const
+    {
+        return u.encodedValue.asBits.tag;
+    }
+
+    ALWAYS_INLINE int32_t& Register::payload()
+    {
+        return u.encodedValue.asBits.payload;
+    }
+
+    ALWAYS_INLINE int32_t& Register::tag()
+    {
+        return u.encodedValue.asBits.tag;
+    }
+
 } // namespace JSC
 
 namespace WTF {

Modified: branches/safari-534.54-branch/Source/_javascript_Core/jit/JITCall.cpp (106135 => 106136)


--- branches/safari-534.54-branch/Source/_javascript_Core/jit/JITCall.cpp	2012-01-27 19:12:19 UTC (rev 106135)
+++ branches/safari-534.54-branch/Source/_javascript_Core/jit/JITCall.cpp	2012-01-27 19:20:10 UTC (rev 106136)
@@ -160,7 +160,7 @@
         int registerOffset = instruction[3].u.operand;
 
         addPtr(TrustedImm32(registerOffset * sizeof(Register)), callFrameRegister, regT1);
-        storePtr(TrustedImmPtr(JSValue::encode(jsNumber(argCount))), Address(regT1, RegisterFile::ArgumentCount * static_cast<int>(sizeof(Register))));
+        store32(TrustedImm32(argCount), Address(regT1, RegisterFile::ArgumentCount * static_cast<int>(sizeof(Register))));
     } // regT1 holds newCallFrame with ArgumentCount initialized.
     emitGetVirtualRegister(callee, regT0); // regT0 holds callee.

Modified: branches/safari-534.54-branch/Source/_javascript_Core/jit/JITCall32_64.cpp (106135 => 106136)


--- branches/safari-534.54-branch/Source/_javascript_Core/jit/JITCall32_64.cpp	2012-01-27 19:12:19 UTC (rev 106135)
+++ branches/safari-534.54-branch/Source/_javascript_Core/jit/JITCall32_64.cpp	2012-01-27 19:20:10 UTC (rev 106136)
@@ -162,7 +162,6 @@
         slowCase.append(branchPtr(Below, AbsoluteAddress(m_globalData->interpreter->registerFile().addressOfEnd()), regT3));
 
         // Initialize ArgumentCount.
-        store32(TrustedImm32(JSValue::Int32Tag), tagFor(RegisterFile::ArgumentCount, regT3));
         store32(regT2, payloadFor(RegisterFile::ArgumentCount, regT3));
 
         // Initialize 'this'.
@@ -244,7 +243,6 @@
 
         addPtr(TrustedImm32(registerOffset * sizeof(Register)), callFrameRegister, regT3);
 
-        store32(TrustedImm32(JSValue::Int32Tag), tagFor(RegisterFile::ArgumentCount, regT3));
         store32(TrustedImm32(argCount), payloadFor(RegisterFile::ArgumentCount, regT3));
     } // regT3 holds newCallFrame with ArgumentCount initialized.
     emitLoad(callee, regT1, regT0); // regT1, regT0 holds callee.

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes

Reply via email to