Title: [180463] branches/safari-600.5-branch/Source/_javascript_Core
- Revision
- 180463
- Author
- [email protected]
- Date
- 2015-02-20 15:13:08 -0800 (Fri, 20 Feb 2015)
Log Message
Merged r180325. <rdar://problem/19828591>
Modified Paths
Diff
Modified: branches/safari-600.5-branch/Source/_javascript_Core/ChangeLog (180462 => 180463)
--- branches/safari-600.5-branch/Source/_javascript_Core/ChangeLog 2015-02-20 23:09:34 UTC (rev 180462)
+++ branches/safari-600.5-branch/Source/_javascript_Core/ChangeLog 2015-02-20 23:13:08 UTC (rev 180463)
@@ -1,5 +1,23 @@
2015-02-20 Dana Burkart <[email protected]>
+ Merged r180325. <rdar://problem/19828591>
+
+ 2015-02-18 Filip Pizlo <[email protected]>
+
+ Effectful calls to length should only happen once on the varargs path.
+ rdar://problem/19828518
+
+ Reviewed by Michael Saboff.
+
+ * interpreter/Interpreter.cpp:
+ (JSC::sizeFrameForVarargs):
+ (JSC::loadVarargs):
+ * runtime/VM.cpp:
+ (JSC::VM::VM):
+ * runtime/VM.h:
+
+2015-02-20 Dana Burkart <[email protected]>
+
Merged r180237. <rdar://problem/19870991>
2015-02-17 Filip Pizlo <[email protected]>
Modified: branches/safari-600.5-branch/Source/_javascript_Core/interpreter/Interpreter.cpp (180462 => 180463)
--- branches/safari-600.5-branch/Source/_javascript_Core/interpreter/Interpreter.cpp 2015-02-20 23:09:34 UTC (rev 180462)
+++ branches/safari-600.5-branch/Source/_javascript_Core/interpreter/Interpreter.cpp 2015-02-20 23:13:08 UTC (rev 180463)
@@ -173,6 +173,7 @@
if (asObject(arguments)->classInfo() == Arguments::info()) {
Arguments* argsObject = asArguments(arguments);
unsigned argCount = argsObject->length(callFrame);
+ callFrame->vm().varargsLength = argCount;
if (argCount >= firstVarArgOffset)
argCount -= firstVarArgOffset;
else
@@ -204,6 +205,7 @@
JSObject* argObject = asObject(arguments);
unsigned argCount = argObject->get(callFrame, callFrame->propertyNames().length).toUInt32(callFrame);
+ callFrame->vm().varargsLength = argCount;
if (argCount >= firstVarArgOffset)
argCount -= firstVarArgOffset;
else
@@ -240,7 +242,8 @@
if (asObject(arguments)->classInfo() == Arguments::info()) {
Arguments* argsObject = asArguments(arguments);
- unsigned argCount = argsObject->length(callFrame);
+ unsigned argCount = callFrame->vm().varargsLength;
+ callFrame->vm().varargsLength = 0;
if (argCount >= firstVarArgOffset) {
argCount -= firstVarArgOffset;
newCallFrame->setArgumentCountIncludingThis(argCount + 1);
@@ -264,8 +267,7 @@
return;
}
- JSObject* argObject = asObject(arguments);
- unsigned argCount = argObject->get(callFrame, callFrame->propertyNames().length).toUInt32(callFrame);
+ unsigned argCount = callFrame->vm().varargsLength;
if (argCount >= firstVarArgOffset) {
argCount -= firstVarArgOffset;
newCallFrame->setArgumentCountIncludingThis(argCount + 1);
Modified: branches/safari-600.5-branch/Source/_javascript_Core/runtime/VM.cpp (180462 => 180463)
--- branches/safari-600.5-branch/Source/_javascript_Core/runtime/VM.cpp 2015-02-20 23:09:34 UTC (rev 180462)
+++ branches/safari-600.5-branch/Source/_javascript_Core/runtime/VM.cpp 2015-02-20 23:13:08 UTC (rev 180463)
@@ -198,6 +198,7 @@
, interpreter(0)
, jsArrayClassInfo(JSArray::info())
, jsFinalObjectClassInfo(JSFinalObject::info())
+ , varargsLength(0)
, sizeOfLastScratchBuffer(0)
, entryScope(0)
, m_regExpCache(new RegExpCache(this))
Modified: branches/safari-600.5-branch/Source/_javascript_Core/runtime/VM.h (180462 => 180463)
--- branches/safari-600.5-branch/Source/_javascript_Core/runtime/VM.h 2015-02-20 23:09:34 UTC (rev 180462)
+++ branches/safari-600.5-branch/Source/_javascript_Core/runtime/VM.h 2015-02-20 23:13:08 UTC (rev 180463)
@@ -414,6 +414,7 @@
JSValue hostCallReturnValue;
ExecState* newCallFrameReturnValue;
+ unsigned varargsLength;
ExecState* callFrameForThrow;
void* targetMachinePCForThrow;
Instruction* targetInterpreterPCForThrow;
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
