Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 5e8bdf2420682e4bf447143eea69f64787c33683
https://github.com/WebKit/WebKit/commit/5e8bdf2420682e4bf447143eea69f64787c33683
Author: Yusuke Suzuki <[email protected]>
Date: 2024-01-10 (Wed, 10 Jan 2024)
Changed paths:
M Source/JavaScriptCore/bytecode/CallLinkInfo.cpp
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
M Source/JavaScriptCore/jit/AssemblyHelpers.h
M Source/JavaScriptCore/jit/CCallHelpers.h
M Source/JavaScriptCore/jit/JITCall.cpp
M Source/JavaScriptCore/jit/ThunkGenerators.cpp
Log Message:
-----------
[JSC] Fix op_tail_call_varargs / op_tail_call_forward_arguments for new
polymorphic DataIC
https://bugs.webkit.org/show_bug.cgi?id=267364
rdar://120803763
Reviewed by Michael Saboff.
We should preserve regT0 (and regT1 for 32bit environment) after tail calls
fast path since
polymorphic DataIC thunk will look into it. This happens only in baseline JIT's
op_tail_call_varargs / op_tail_call_forward_arguments.
* Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::emitCall):
* Source/JavaScriptCore/jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::selectScratchGPR):
* Source/JavaScriptCore/jit/CCallHelpers.h:
(JSC::CCallHelpers::prepareForTailCallSlow):
* Source/JavaScriptCore/jit/JITCall.cpp:
(JSC::JIT::compileOpCall):
* Source/JavaScriptCore/jit/ThunkGenerators.cpp:
(JSC::slowPathFor):
(JSC::virtualThunkFor):
Canonical link: https://commits.webkit.org/272886@main
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
