Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2025-03-03 23:30:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 771871 - Fix loading doubles into return regs in JM call IC when call/apply lowering speculation fails. r=bhackett

Browse Source
This commit is contained in:
Shu-yu Guo 2012-08-01 17:25:34 -07:00
parent c14fcaafc7
commit 40b8abb1ef
2 changed files with 20 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
js/src/jit-test/tests/jaeger/bug771871.js Normal file
View File

@ -0,0 +1,7 @@
function test() {
var box = { call: function () { return 42.1; } };
for (var i = 0; i < 50; i++) {
assertEq(box.call(undefined, 42.1), 42.1);
}
}
test();

25
js/src/methodjit/Compiler.cpp
View File

@ -4053,22 +4053,15 @@ mjit::Compiler::checkCallApplySpeculation(uint32_t argc, FrameEntry *origCallee,
stubcc.masm.move(Imm32(argc), Registers::ArgReg1);
JaegerSpew(JSpew_Insns, " ---- BEGIN SLOW CALL CODE ---- \n");
OOL_STUBCALL_LOCAL_SLOTS(JS_FUNC_TO_DATA_PTR(void *, stubs::SlowCall),
REJOIN_FALLTHROUGH, frame.totalDepth());
OOL_STUBCALL(stubs::SlowCall, REJOIN_FALLTHROUGH);
JaegerSpew(JSpew_Insns, " ---- END SLOW CALL CODE ---- \n");
/*
* inlineCallHelper will link uncachedCallSlowRejoin to the join point
* at the end of the ic. At that join point, the return value of the
* call is assumed to be in registers, so load them before jumping.
* at the end of the ic. At that join point, we'll load the rval into
* the return registers.
*/
JaegerSpew(JSpew_Insns, " ---- BEGIN SLOW RESTORE CODE ---- \n");
Address rval = frame.addressOf(origCallee); /* vp[0] == rval */
if (knownPushedType(0) == JSVAL_TYPE_DOUBLE)
stubcc.masm.ensureInMemoryDouble(rval);
stubcc.masm.loadValueAsComponents(rval, JSReturnReg_Type, JSReturnReg_Data);
*uncachedCallSlowRejoin = stubcc.masm.jump();
JaegerSpew(JSpew_Insns, " ---- END SLOW RESTORE CODE ---- \n");
}
}
@ -4391,8 +4384,16 @@ mjit::Compiler::inlineCallHelper(uint32_t argc, bool callingNew, FrameSize &call
CHECK_OOL_SPACE();
if (lowerFunCallOrApply)
stubcc.crossJump(uncachedCallSlowRejoin, masm.label());
if (lowerFunCallOrApply) {
uncachedCallSlowRejoin.linkTo(stubcc.masm.label(), &stubcc.masm);
JaegerSpew(JSpew_Insns, " ---- BEGIN SLOW RESTORE CODE ---- \n");
Address uncachedRvalAddr = frame.addressOf(origCallee);
if (knownPushedType(0) == JSVAL_TYPE_DOUBLE)
stubcc.masm.ensureInMemoryDouble(uncachedRvalAddr);
frame.reloadEntry(stubcc.masm, uncachedRvalAddr, frame.peek(-1));
stubcc.crossJump(stubcc.masm.jump(), masm.label());
JaegerSpew(JSpew_Insns, " ---- END SLOW RESTORE CODE ---- \n");
}
callICs.append(callIC);
callPatches.append(callPatch);