Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (124475 => 124476)
--- trunk/Source/_javascript_Core/ChangeLog 2012-08-02 17:25:10 UTC (rev 124475)
+++ trunk/Source/_javascript_Core/ChangeLog 2012-08-02 17:32:35 UTC (rev 124476)
@@ -1,3 +1,51 @@
+2012-08-01 Mark Hahnenberg <[email protected]>
+
+ Remove all uses of ClassInfo for JSStrings in JIT code
+ https://bugs.webkit.org/show_bug.cgi?id=92935
+
+ Reviewed by Geoffrey Garen.
+
+ This is the first step in removing our dependence on in-object ClassInfo pointers
+ in JIT code. Most of the changes are to check the Structure, which is unique for
+ JSString primitives.
+
+ * bytecode/SpeculatedType.cpp:
+ (JSC::speculationFromClassInfo):
+ (JSC::speculationFromStructure): Changed to check the TypeInfo in the Structure
+ since there wasn't a JSGlobalData immediately available to grab the JSString
+ Structure out of.
+ * dfg/DFGSpeculativeJIT.cpp:
+ (JSC::DFG::SpeculativeJIT::compileGetIndexedPropertyStorage):
+ * dfg/DFGSpeculativeJIT32_64.cpp:
+ (JSC::DFG::SpeculativeJIT::compile):
+ * dfg/DFGSpeculativeJIT64.cpp:
+ (JSC::DFG::SpeculativeJIT::compile):
+ * jit/JITInlineMethods.h:
+ (JSC::JIT::emitLoadCharacterString):
+ * jit/JITOpcodes.cpp:
+ (JSC::JIT::privateCompileCTIMachineTrampolines):
+ (JSC::JIT::emit_op_to_primitive):
+ (JSC::JIT::emit_op_convert_this):
+ * jit/JITOpcodes32_64.cpp:
+ (JSC::JIT::privateCompileCTIMachineTrampolines):
+ (JSC::JIT::emit_op_to_primitive):
+ (JSC::JIT::emitSlow_op_eq):
+ (JSC::JIT::emitSlow_op_neq):
+ (JSC::JIT::compileOpStrictEq):
+ (JSC::JIT::emit_op_convert_this):
+ * jit/JITPropertyAccess.cpp:
+ (JSC::JIT::stringGetByValStubGenerator):
+ (JSC::JIT::emitSlow_op_get_by_val):
+ * jit/JITPropertyAccess32_64.cpp:
+ (JSC::JIT::stringGetByValStubGenerator):
+ (JSC::JIT::emitSlow_op_get_by_val):
+ * jit/SpecializedThunkJIT.h:
+ (JSC::SpecializedThunkJIT::loadJSStringArgument):
+ * jit/ThunkGenerators.cpp:
+ (JSC::stringCharLoad):
+ (JSC::charCodeAtThunkGenerator):
+ (JSC::charAtThunkGenerator):
+
2012-08-02 Filip Pizlo <[email protected]>
Unreviewed, missed a style goof in the previous patch: "NodeIndex nodeIndex"
Modified: trunk/Source/_javascript_Core/bytecode/SpeculatedType.cpp (124475 => 124476)
--- trunk/Source/_javascript_Core/bytecode/SpeculatedType.cpp 2012-08-02 17:25:10 UTC (rev 124475)
+++ trunk/Source/_javascript_Core/bytecode/SpeculatedType.cpp 2012-08-02 17:32:35 UTC (rev 124476)
@@ -226,9 +226,6 @@
if (classInfo == &JSArray::s_info)
return SpecArray;
- if (classInfo == &JSString::s_info)
- return SpecString;
-
if (classInfo == &Arguments::s_info)
return SpecArguments; // Cannot distinguish between MyArguments and ForeignArguments at this stage. That happens in the flow analysis.
@@ -269,6 +266,8 @@
SpeculatedType speculationFromStructure(Structure* structure)
{
+ if (structure->typeInfo().type() == StringType)
+ return SpecString;
return speculationFromClassInfo(structure->classInfo());
}
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp (124475 => 124476)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp 2012-08-02 17:25:10 UTC (rev 124475)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp 2012-08-02 17:32:35 UTC (rev 124476)
@@ -3059,7 +3059,7 @@
ASSERT_NOT_REACHED();
} else if (at(node.child1()).prediction() == SpecString) {
if (!isStringSpeculation(m_state.forNode(node.child1()).m_type))
- speculationCheck(BadType, JSValueSource::unboxedCell(baseReg), node.child1(), m_jit.branchPtr(MacroAssembler::NotEqual, MacroAssembler::Address(baseReg, JSCell::classInfoOffset()), MacroAssembler::TrustedImmPtr(&JSString::s_info)));
+ speculationCheck(BadType, JSValueSource::unboxedCell(baseReg), node.child1(), m_jit.branchPtr(MacroAssembler::NotEqual, MacroAssembler::Address(baseReg, JSCell::structureOffset()), MacroAssembler::TrustedImmPtr(m_jit.globalData()->stringStructure.get())));
m_jit.loadPtr(MacroAssembler::Address(baseReg, JSString::offsetOfValue()), storageReg);
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp (124475 => 124476)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp 2012-08-02 17:25:10 UTC (rev 124475)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp 2012-08-02 17:32:35 UTC (rev 124476)
@@ -2995,7 +2995,7 @@
m_jit.move(op1PayloadGPR, resultPayloadGPR);
} else {
MacroAssembler::Jump alreadyPrimitive = m_jit.branch32(MacroAssembler::NotEqual, op1TagGPR, TrustedImm32(JSValue::CellTag));
- MacroAssembler::Jump notPrimitive = m_jit.branchPtr(MacroAssembler::NotEqual, MacroAssembler::Address(op1PayloadGPR, JSCell::classInfoOffset()), MacroAssembler::TrustedImmPtr(&JSString::s_info));
+ MacroAssembler::Jump notPrimitive = m_jit.branchPtr(MacroAssembler::NotEqual, MacroAssembler::Address(op1PayloadGPR, JSCell::structureOffset()), MacroAssembler::TrustedImmPtr(m_jit.globalData()->stringStructure.get()));
alreadyPrimitive.link(&m_jit);
m_jit.move(op1TagGPR, resultTagGPR);
@@ -3179,7 +3179,7 @@
GPRReg thisValueGPR = thisValue.gpr();
if (!isObjectSpeculation(m_state.forNode(node.child1()).m_type))
- speculationCheck(BadType, JSValueSource::unboxedCell(thisValueGPR), node.child1(), m_jit.branchPtr(JITCompiler::Equal, JITCompiler::Address(thisValueGPR, JSCell::classInfoOffset()), JITCompiler::TrustedImmPtr(&JSString::s_info)));
+ speculationCheck(BadType, JSValueSource::unboxedCell(thisValueGPR), node.child1(), m_jit.branchPtr(JITCompiler::Equal, JITCompiler::Address(thisValueGPR, JSCell::structureOffset()), JITCompiler::TrustedImmPtr(m_jit.globalData()->stringStructure.get())));
GPRTemporary result(this, thisValue);
GPRReg resultGPR = result.gpr();
@@ -3423,7 +3423,7 @@
GPRReg resultGPR = result.gpr();
if (!isStringSpeculation(m_state.forNode(node.child1()).m_type))
- speculationCheck(BadType, JSValueSource::unboxedCell(baseGPR), node.child1(), m_jit.branchPtr(MacroAssembler::NotEqual, MacroAssembler::Address(baseGPR, JSCell::classInfoOffset()), MacroAssembler::TrustedImmPtr(&JSString::s_info)));
+ speculationCheck(BadType, JSValueSource::unboxedCell(baseGPR), node.child1(), m_jit.branchPtr(MacroAssembler::NotEqual, MacroAssembler::Address(baseGPR, JSCell::structureOffset()), MacroAssembler::TrustedImmPtr(m_jit.globalData()->stringStructure.get())));
m_jit.load32(MacroAssembler::Address(baseGPR, JSString::offsetOfLength()), resultGPR);
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp (124475 => 124476)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp 2012-08-02 17:25:10 UTC (rev 124475)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp 2012-08-02 17:32:35 UTC (rev 124476)
@@ -3048,7 +3048,7 @@
m_jit.move(op1GPR, resultGPR);
else {
MacroAssembler::Jump alreadyPrimitive = m_jit.branchTestPtr(MacroAssembler::NonZero, op1GPR, GPRInfo::tagMaskRegister);
- MacroAssembler::Jump notPrimitive = m_jit.branchPtr(MacroAssembler::NotEqual, MacroAssembler::Address(op1GPR, JSCell::classInfoOffset()), MacroAssembler::TrustedImmPtr(&JSString::s_info));
+ MacroAssembler::Jump notPrimitive = m_jit.branchPtr(MacroAssembler::NotEqual, MacroAssembler::Address(op1GPR, JSCell::structureOffset()), MacroAssembler::TrustedImmPtr(m_jit.globalData()->stringStructure.get()));
alreadyPrimitive.link(&m_jit);
m_jit.move(op1GPR, resultGPR);
@@ -3213,7 +3213,7 @@
GPRReg resultGPR = result.gpr();
if (!isObjectSpeculation(m_state.forNode(node.child1()).m_type))
- speculationCheck(BadType, JSValueRegs(thisValueGPR), node.child1(), m_jit.branchPtr(JITCompiler::Equal, JITCompiler::Address(thisValueGPR, JSCell::classInfoOffset()), JITCompiler::TrustedImmPtr(&JSString::s_info)));
+ speculationCheck(BadType, JSValueRegs(thisValueGPR), node.child1(), m_jit.branchPtr(JITCompiler::Equal, JITCompiler::Address(thisValueGPR, JSCell::structureOffset()), JITCompiler::TrustedImmPtr(m_jit.globalData()->stringStructure.get())));
m_jit.move(thisValueGPR, resultGPR);
@@ -3440,7 +3440,7 @@
GPRReg resultGPR = result.gpr();
if (!isStringSpeculation(m_state.forNode(node.child1()).m_type))
- speculationCheck(BadType, JSValueRegs(baseGPR), node.child1(), m_jit.branchPtr(MacroAssembler::NotEqual, MacroAssembler::Address(baseGPR, JSCell::classInfoOffset()), MacroAssembler::TrustedImmPtr(&JSString::s_info)));
+ speculationCheck(BadType, JSValueRegs(baseGPR), node.child1(), m_jit.branchPtr(MacroAssembler::NotEqual, MacroAssembler::Address(baseGPR, JSCell::structureOffset()), MacroAssembler::TrustedImmPtr(m_jit.globalData()->stringStructure.get())));
m_jit.load32(MacroAssembler::Address(baseGPR, JSString::offsetOfLength()), resultGPR);
Modified: trunk/Source/_javascript_Core/jit/JITInlineMethods.h (124475 => 124476)
--- trunk/Source/_javascript_Core/jit/JITInlineMethods.h 2012-08-02 17:25:10 UTC (rev 124475)
+++ trunk/Source/_javascript_Core/jit/JITInlineMethods.h 2012-08-02 17:32:35 UTC (rev 124476)
@@ -84,7 +84,7 @@
ALWAYS_INLINE void JIT::emitLoadCharacterString(RegisterID src, RegisterID dst, JumpList& failures)
{
- failures.append(branchPtr(NotEqual, Address(src, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info)));
+ failures.append(branchPtr(NotEqual, Address(src, JSCell::structureOffset()), TrustedImmPtr(m_globalData->stringStructure.get())));
failures.append(branch32(NotEqual, MacroAssembler::Address(src, ThunkHelpers::jsStringLengthOffset()), TrustedImm32(1)));
loadPtr(MacroAssembler::Address(src, ThunkHelpers::jsStringValueOffset()), dst);
failures.append(branchTest32(Zero, dst));
Modified: trunk/Source/_javascript_Core/jit/JITOpcodes.cpp (124475 => 124476)
--- trunk/Source/_javascript_Core/jit/JITOpcodes.cpp 2012-08-02 17:25:10 UTC (rev 124475)
+++ trunk/Source/_javascript_Core/jit/JITOpcodes.cpp 2012-08-02 17:32:35 UTC (rev 124476)
@@ -50,7 +50,7 @@
// Check eax is a string
Jump string_failureCases1 = emitJumpIfNotJSCell(regT0);
- Jump string_failureCases2 = branchPtr(NotEqual, Address(regT0, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info));
+ Jump string_failureCases2 = branchPtr(NotEqual, Address(regT0, JSCell::structureOffset()), TrustedImmPtr(globalData->stringStructure.get()));
// Checks out okay! - get the length from the Ustring.
load32(Address(regT0, OBJECT_OFFSETOF(JSString, m_length)), regT0);
@@ -647,7 +647,7 @@
emitGetVirtualRegister(src, regT0);
Jump isImm = emitJumpIfNotJSCell(regT0);
- addSlowCase(branchPtr(NotEqual, Address(regT0, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info)));
+ addSlowCase(branchPtr(NotEqual, Address(regT0, JSCell::structureOffset()), TrustedImmPtr(m_globalData->stringStructure.get())));
isImm.link(this);
if (dst != src)
@@ -1260,7 +1260,7 @@
loadPtr(Address(regT1, JSCell::structureOffset()), regT0);
emitValueProfilingSite();
}
- addSlowCase(branchPtr(Equal, Address(regT1, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info)));
+ addSlowCase(branchPtr(Equal, Address(regT1, JSCell::structureOffset()), TrustedImmPtr(m_globalData->stringStructure.get())));
}
void JIT::emit_op_create_this(Instruction* currentInstruction)
Modified: trunk/Source/_javascript_Core/jit/JITOpcodes32_64.cpp (124475 => 124476)
--- trunk/Source/_javascript_Core/jit/JITOpcodes32_64.cpp 2012-08-02 17:25:10 UTC (rev 124475)
+++ trunk/Source/_javascript_Core/jit/JITOpcodes32_64.cpp 2012-08-02 17:32:35 UTC (rev 124476)
@@ -48,7 +48,7 @@
// regT0 holds payload, regT1 holds tag
Jump string_failureCases1 = branch32(NotEqual, regT1, TrustedImm32(JSValue::CellTag));
- Jump string_failureCases2 = branchPtr(NotEqual, Address(regT0, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info));
+ Jump string_failureCases2 = branchPtr(NotEqual, Address(regT0, JSCell::structureOffset()), TrustedImmPtr(globalData->stringStructure.get()));
// Checks out okay! - get the length from the Ustring.
load32(Address(regT0, OBJECT_OFFSETOF(JSString, m_length)), regT2);
@@ -732,7 +732,7 @@
emitLoad(src, regT1, regT0);
Jump isImm = branch32(NotEqual, regT1, TrustedImm32(JSValue::CellTag));
- addSlowCase(branchPtr(NotEqual, Address(regT0, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info)));
+ addSlowCase(branchPtr(NotEqual, Address(regT0, JSCell::structureOffset()), TrustedImmPtr(m_globalData->stringStructure.get())));
isImm.link(this);
if (dst != src)
@@ -1008,8 +1008,8 @@
genericCase.append(getSlowCase(iter)); // tags not equal
linkSlowCase(iter); // tags equal and JSCell
- genericCase.append(branchPtr(NotEqual, Address(regT0, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info)));
- genericCase.append(branchPtr(NotEqual, Address(regT2, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info)));
+ genericCase.append(branchPtr(NotEqual, Address(regT0, JSCell::structureOffset()), TrustedImmPtr(m_globalData->stringStructure.get())));
+ genericCase.append(branchPtr(NotEqual, Address(regT2, JSCell::structureOffset()), TrustedImmPtr(m_globalData->stringStructure.get())));
// String case.
JITStubCall stubCallEqStrings(this, cti_op_eq_strings);
@@ -1056,8 +1056,8 @@
genericCase.append(getSlowCase(iter)); // tags not equal
linkSlowCase(iter); // tags equal and JSCell
- genericCase.append(branchPtr(NotEqual, Address(regT0, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info)));
- genericCase.append(branchPtr(NotEqual, Address(regT2, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info)));
+ genericCase.append(branchPtr(NotEqual, Address(regT0, JSCell::structureOffset()), TrustedImmPtr(m_globalData->stringStructure.get())));
+ genericCase.append(branchPtr(NotEqual, Address(regT2, JSCell::structureOffset()), TrustedImmPtr(m_globalData->stringStructure.get())));
// String case.
JITStubCall stubCallEqStrings(this, cti_op_eq_strings);
@@ -1093,8 +1093,8 @@
// Jump to a slow case if both are strings.
Jump notCell = branch32(NotEqual, regT1, TrustedImm32(JSValue::CellTag));
- Jump firstNotString = branchPtr(NotEqual, Address(regT0, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info));
- addSlowCase(branchPtr(Equal, Address(regT2, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info)));
+ Jump firstNotString = branchPtr(NotEqual, Address(regT0, JSCell::structureOffset()), TrustedImmPtr(m_globalData->stringStructure.get()));
+ addSlowCase(branchPtr(Equal, Address(regT2, JSCell::structureOffset()), TrustedImmPtr(m_globalData->stringStructure.get())));
notCell.link(this);
firstNotString.link(this);
@@ -1556,7 +1556,7 @@
move(regT3, regT1);
emitValueProfilingSite();
}
- addSlowCase(branchPtr(Equal, Address(regT2, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info)));
+ addSlowCase(branchPtr(Equal, Address(regT2, JSCell::structureOffset()), TrustedImmPtr(m_globalData->stringStructure.get())));
}
void JIT::emitSlow_op_convert_this(Instruction* currentInstruction, Vector<SlowCaseEntry>::iterator& iter)
Modified: trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp (124475 => 124476)
--- trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp 2012-08-02 17:25:10 UTC (rev 124475)
+++ trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp 2012-08-02 17:32:35 UTC (rev 124476)
@@ -56,7 +56,7 @@
{
JSInterfaceJIT jit;
JumpList failures;
- failures.append(jit.branchPtr(NotEqual, Address(regT0, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info)));
+ failures.append(jit.branchPtr(NotEqual, Address(regT0, JSCell::structureOffset()), TrustedImmPtr(globalData->stringStructure.get())));
// Load string length to regT2, and start the process of loading the data pointer into regT0
jit.load32(Address(regT0, ThunkHelpers::jsStringLengthOffset()), regT2);
@@ -132,7 +132,7 @@
linkSlowCaseIfNotJSCell(iter, base); // base cell check
Jump nonCell = jump();
linkSlowCase(iter); // base array check
- Jump notString = branchPtr(NotEqual, Address(regT0, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info));
+ Jump notString = branchPtr(NotEqual, Address(regT0, JSCell::structureOffset()), TrustedImmPtr(m_globalData->stringStructure.get()));
emitNakedCall(CodeLocationLabel(m_globalData->getCTIStub(stringGetByValStubGenerator).code()));
Jump failed = branchTestPtr(Zero, regT0);
emitPutVirtualRegister(dst, regT0);
Modified: trunk/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp (124475 => 124476)
--- trunk/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp 2012-08-02 17:25:10 UTC (rev 124475)
+++ trunk/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp 2012-08-02 17:32:35 UTC (rev 124476)
@@ -161,7 +161,7 @@
{
JSInterfaceJIT jit;
JumpList failures;
- failures.append(jit.branchPtr(NotEqual, Address(regT0, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info)));
+ failures.append(jit.branchPtr(NotEqual, Address(regT0, JSCell::structureOffset()), TrustedImmPtr(globalData->stringStructure.get())));
// Load string length to regT1, and start the process of loading the data pointer into regT0
jit.load32(Address(regT0, ThunkHelpers::jsStringLengthOffset()), regT1);
@@ -234,7 +234,7 @@
Jump nonCell = jump();
linkSlowCase(iter); // base array check
- Jump notString = branchPtr(NotEqual, Address(regT0, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info));
+ Jump notString = branchPtr(NotEqual, Address(regT0, JSCell::structureOffset()), TrustedImmPtr(m_globalData->stringStructure.get()));
emitNakedCall(m_globalData->getCTIStub(stringGetByValStubGenerator).code());
Jump failed = branchTestPtr(Zero, regT0);
emitStore(dst, regT1, regT0);
Modified: trunk/Source/_javascript_Core/jit/SpecializedThunkJIT.h (124475 => 124476)
--- trunk/Source/_javascript_Core/jit/SpecializedThunkJIT.h 2012-08-02 17:25:10 UTC (rev 124475)
+++ trunk/Source/_javascript_Core/jit/SpecializedThunkJIT.h 2012-08-02 17:32:35 UTC (rev 124476)
@@ -55,10 +55,10 @@
m_failures.append(emitLoadJSCell(src, dst));
}
- void loadJSStringArgument(int argument, RegisterID dst)
+ void loadJSStringArgument(JSGlobalData& globalData, int argument, RegisterID dst)
{
loadCellArgument(argument, dst);
- m_failures.append(branchPtr(NotEqual, Address(dst, JSCell::classInfoOffset()), TrustedImmPtr(&JSString::s_info)));
+ m_failures.append(branchPtr(NotEqual, Address(dst, JSCell::structureOffset()), TrustedImmPtr(globalData.stringStructure.get())));
}
void loadInt32Argument(int argument, RegisterID dst, Jump& failTarget)
Modified: trunk/Source/_javascript_Core/jit/ThunkGenerators.cpp (124475 => 124476)
--- trunk/Source/_javascript_Core/jit/ThunkGenerators.cpp 2012-08-02 17:25:10 UTC (rev 124475)
+++ trunk/Source/_javascript_Core/jit/ThunkGenerators.cpp 2012-08-02 17:32:35 UTC (rev 124476)
@@ -35,10 +35,10 @@
namespace JSC {
-static void stringCharLoad(SpecializedThunkJIT& jit)
+static void stringCharLoad(SpecializedThunkJIT& jit, JSGlobalData* globalData)
{
// load string
- jit.loadJSStringArgument(SpecializedThunkJIT::ThisArgument, SpecializedThunkJIT::regT0);
+ jit.loadJSStringArgument(*globalData, SpecializedThunkJIT::ThisArgument, SpecializedThunkJIT::regT0);
// Load string length to regT2, and start the process of loading the data pointer into regT0
jit.load32(MacroAssembler::Address(SpecializedThunkJIT::regT0, ThunkHelpers::jsStringLengthOffset()), SpecializedThunkJIT::regT2);
@@ -76,7 +76,7 @@
MacroAssemblerCodeRef charCodeAtThunkGenerator(JSGlobalData* globalData)
{
SpecializedThunkJIT jit(1);
- stringCharLoad(jit);
+ stringCharLoad(jit, globalData);
jit.returnInt32(SpecializedThunkJIT::regT0);
return jit.finalize(*globalData, globalData->jitStubs->ctiNativeCall(), "charCodeAt");
}
@@ -84,7 +84,7 @@
MacroAssemblerCodeRef charAtThunkGenerator(JSGlobalData* globalData)
{
SpecializedThunkJIT jit(1);
- stringCharLoad(jit);
+ stringCharLoad(jit, globalData);
charToString(jit, globalData, SpecializedThunkJIT::regT0, SpecializedThunkJIT::regT0, SpecializedThunkJIT::regT1);
jit.returnJSCell(SpecializedThunkJIT::regT0);
return jit.finalize(*globalData, globalData->jitStubs->ctiNativeCall(), "charAt");
