<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[164630] trunk</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/164630">164630</a></dd>
<dt>Author</dt> <dd>oliver@apple.com</dd>
<dt>Date</dt> <dd>2014-02-24 22:59:38 -0800 (Mon, 24 Feb 2014)</dd>
</dl>
<h3>Log Message</h3>
<pre>Spread operator has a bad time when applied to call function
https://bugs.webkit.org/show_bug.cgi?id=128853
Reviewed by Geoffrey Garen.
Source/JavaScriptCore:
Follow on from the previous patch the added an extra slot to
op_call_varargs (and _call, _call_eval, _construct). We now
use the slot as an offset to in effect act as a 'slice' on
the spread subject. This allows us to automatically retain
all our existing argument and array optimisatons. Most of
this patch is simply threading the offset around.
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpBytecode):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitCall):
(JSC::BytecodeGenerator::emitCallVarargs):
* bytecompiler/BytecodeGenerator.h:
* bytecompiler/NodesCodegen.cpp:
(JSC::getArgumentByVal):
(JSC::CallFunctionCallDotNode::emitBytecode):
(JSC::ApplyFunctionCallDotNode::emitBytecode):
* interpreter/Interpreter.cpp:
(JSC::sizeFrameForVarargs):
(JSC::loadVarargs):
* interpreter/Interpreter.h:
* jit/CCallHelpers.h:
(JSC::CCallHelpers::setupArgumentsWithExecState):
* jit/JIT.h:
* jit/JITCall.cpp:
(JSC::JIT::compileLoadVarargs):
* jit/JITInlines.h:
(JSC::JIT::callOperation):
* jit/JITOperations.cpp:
* jit/JITOperations.h:
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
* runtime/Arguments.cpp:
(JSC::Arguments::copyToArguments):
* runtime/Arguments.h:
* runtime/JSArray.cpp:
(JSC::JSArray::copyToArguments):
* runtime/JSArray.h:
LayoutTests:
Test case all the things!
* js/regress/call-spread-call-expected.txt: Added.
* js/regress/call-spread-call.html: Added.
* js/regress/script-tests/call-spread-call.js: Added.
(testFunction):
(test2):
(test3):</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkLayoutTestsChangeLog">trunk/LayoutTests/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCoreChangeLog">trunk/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecodeCodeBlockcpp">trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecompilerBytecodeGeneratorcpp">trunk/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecompilerBytecodeGeneratorh">trunk/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h</a></li>
<li><a href="#trunkSourceJavaScriptCorebytecompilerNodesCodegencpp">trunk/Source/JavaScriptCore/bytecompiler/NodesCodegen.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreinterpreterInterpretercpp">trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreinterpreterInterpreterh">trunk/Source/JavaScriptCore/interpreter/Interpreter.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitCCallHelpersh">trunk/Source/JavaScriptCore/jit/CCallHelpers.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITh">trunk/Source/JavaScriptCore/jit/JIT.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITCallcpp">trunk/Source/JavaScriptCore/jit/JITCall.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITCall32_64cpp">trunk/Source/JavaScriptCore/jit/JITCall32_64.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITInlinesh">trunk/Source/JavaScriptCore/jit/JITInlines.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITOperationscpp">trunk/Source/JavaScriptCore/jit/JITOperations.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITOperationsh">trunk/Source/JavaScriptCore/jit/JITOperations.h</a></li>
<li><a href="#trunkSourceJavaScriptCorellintLLIntSlowPathscpp">trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeArgumentscpp">trunk/Source/JavaScriptCore/runtime/Arguments.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeArgumentsh">trunk/Source/JavaScriptCore/runtime/Arguments.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSArraycpp">trunk/Source/JavaScriptCore/runtime/JSArray.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSArrayh">trunk/Source/JavaScriptCore/runtime/JSArray.h</a></li>
</ul>
<h3>Added Paths</h3>
<ul>
<li><a href="#trunkLayoutTestsjsregresscallspreadcallexpectedtxt">trunk/LayoutTests/js/regress/call-spread-call-expected.txt</a></li>
<li><a href="#trunkLayoutTestsjsregresscallspreadcallhtml">trunk/LayoutTests/js/regress/call-spread-call.html</a></li>
<li><a href="#trunkLayoutTestsjsregressscripttestscallspreadcalljs">trunk/LayoutTests/js/regress/script-tests/call-spread-call.js</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkLayoutTestsChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/LayoutTests/ChangeLog (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/ChangeLog 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/LayoutTests/ChangeLog 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -1,3 +1,19 @@
</span><ins>+2014-02-24 Oliver Hunt <oliver@apple.com>
+
+ Spread operator has a bad time when applied to call function
+ https://bugs.webkit.org/show_bug.cgi?id=128853
+
+ Reviewed by Geoffrey Garen.
+
+ Test case all the things!
+
+ * js/regress/call-spread-call-expected.txt: Added.
+ * js/regress/call-spread-call.html: Added.
+ * js/regress/script-tests/call-spread-call.js: Added.
+ (testFunction):
+ (test2):
+ (test3):
+
</ins><span class="cx"> 2014-02-24 Filip Pizlo <fpizlo@apple.com>
</span><span class="cx">
</span><span class="cx"> FTL should do polymorphic PutById inlining
</span></span></pre></div>
<a id="trunkLayoutTestsjsregresscallspreadcallexpectedtxt"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/js/regress/call-spread-call-expected.txt (0 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/js/regress/call-spread-call-expected.txt (rev 0)
+++ trunk/LayoutTests/js/regress/call-spread-call-expected.txt 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -0,0 +1,10 @@
</span><ins>+JSRegress/call-spread-call
+
+On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
+
+
+PASS no exception thrown
+PASS successfullyParsed is true
+
+TEST COMPLETE
+
</ins></span></pre></div>
<a id="trunkLayoutTestsjsregresscallspreadcallhtml"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/js/regress/call-spread-call.html (0 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/js/regress/call-spread-call.html (rev 0)
+++ trunk/LayoutTests/js/regress/call-spread-call.html 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -0,0 +1,12 @@
</span><ins>+<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
+<html>
+<head>
+<script src="../../resources/js-test-pre.js"></script>
+</head>
+<body>
+<script src="resources/regress-pre.js"></script>
+<script src="script-tests/call-spread-call.js"></script>
+<script src="resources/regress-post.js"></script>
+<script src="../../resources/js-test-post.js"></script>
+</body>
+</html>
</ins></span></pre></div>
<a id="trunkLayoutTestsjsregressscripttestscallspreadcalljs"></a>
<div class="addfile"><h4>Added: trunk/LayoutTests/js/regress/script-tests/call-spread-call.js (0 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/LayoutTests/js/regress/script-tests/call-spread-call.js (rev 0)
+++ trunk/LayoutTests/js/regress/script-tests/call-spread-call.js 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -0,0 +1,41 @@
</span><ins>+
+Function.prototype.c = Function.prototype.call;
+
+function testFunction(a, b)
+{
+ "use strict"
+ return this * 10000 + a * 1000 + b * 100 + arguments[2] * 10 + arguments.length;
+}
+
+var arrayArguments = [1, 2, 3, 4]
+
+for (var i = 0; i < 15000; i++) {
+ var result1 = testFunction.call(...arrayArguments);
+ var result2 = testFunction.c(...arrayArguments);
+ if (result1 != result2)
+ throw "Call with spread array failed at iteration " + i + ": " + result1 + " vs " + result2;
+}
+
+function test2() {
+ for (var i = 0; i < 15000; i++) {
+ var result1 = testFunction.call(...arguments);
+ var result2 = testFunction.c(...arguments);
+ if (result1 != result2)
+ throw "Call with spread arguments failed at iteration " + i + ": " + result1 + " vs " + result2;
+ }
+}
+
+test2(1,2,3,4)
+
+
+function test3() {
+ aliasedArguments = arguments;
+ for (var i = 0; i < 15000; i++) {
+ var result1 = testFunction.call(...aliasedArguments);
+ var result2 = testFunction.c(...aliasedArguments);
+ if (result1 != result2)
+ throw "Call with spread arguments failed at iteration " + i + ": " + result1 + " vs " + result2;
+ }
+}
+
+test3(1,2,3,4)
</ins><span class="cx">\ No newline at end of file
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ChangeLog (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ChangeLog 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/ChangeLog 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -1,3 +1,49 @@
</span><ins>+2014-02-24 Oliver Hunt <oliver@apple.com>
+
+ Spread operator has a bad time when applied to call function
+ https://bugs.webkit.org/show_bug.cgi?id=128853
+
+ Reviewed by Geoffrey Garen.
+
+ Follow on from the previous patch the added an extra slot to
+ op_call_varargs (and _call, _call_eval, _construct). We now
+ use the slot as an offset to in effect act as a 'slice' on
+ the spread subject. This allows us to automatically retain
+ all our existing argument and array optimisatons. Most of
+ this patch is simply threading the offset around.
+
+ * bytecode/CodeBlock.cpp:
+ (JSC::CodeBlock::dumpBytecode):
+ * bytecompiler/BytecodeGenerator.cpp:
+ (JSC::BytecodeGenerator::emitCall):
+ (JSC::BytecodeGenerator::emitCallVarargs):
+ * bytecompiler/BytecodeGenerator.h:
+ * bytecompiler/NodesCodegen.cpp:
+ (JSC::getArgumentByVal):
+ (JSC::CallFunctionCallDotNode::emitBytecode):
+ (JSC::ApplyFunctionCallDotNode::emitBytecode):
+ * interpreter/Interpreter.cpp:
+ (JSC::sizeFrameForVarargs):
+ (JSC::loadVarargs):
+ * interpreter/Interpreter.h:
+ * jit/CCallHelpers.h:
+ (JSC::CCallHelpers::setupArgumentsWithExecState):
+ * jit/JIT.h:
+ * jit/JITCall.cpp:
+ (JSC::JIT::compileLoadVarargs):
+ * jit/JITInlines.h:
+ (JSC::JIT::callOperation):
+ * jit/JITOperations.cpp:
+ * jit/JITOperations.h:
+ * llint/LLIntSlowPaths.cpp:
+ (JSC::LLInt::LLINT_SLOW_PATH_DECL):
+ * runtime/Arguments.cpp:
+ (JSC::Arguments::copyToArguments):
+ * runtime/Arguments.h:
+ * runtime/JSArray.cpp:
+ (JSC::JSArray::copyToArguments):
+ * runtime/JSArray.h:
+
</ins><span class="cx"> 2014-02-24 Mark Lam <mark.lam@apple.com>
</span><span class="cx">
</span><span class="cx"> Need to initialize VM stack data even when the VM is on an exclusive thread.
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecodeCodeBlockcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -1194,9 +1194,10 @@
</span><span class="cx"> int thisValue = (++it)->u.operand;
</span><span class="cx"> int arguments = (++it)->u.operand;
</span><span class="cx"> int firstFreeRegister = (++it)->u.operand;
</span><ins>+ int varArgOffset = (++it)->u.operand;
</ins><span class="cx"> ++it;
</span><span class="cx"> printLocationAndOp(out, exec, location, it, "call_varargs");
</span><del>- out.printf("%s, %s, %s, %s, %d", registerName(result).data(), registerName(callee).data(), registerName(thisValue).data(), registerName(arguments).data(), firstFreeRegister);
</del><ins>+ out.printf("%s, %s, %s, %s, %d, %d", registerName(result).data(), registerName(callee).data(), registerName(thisValue).data(), registerName(arguments).data(), firstFreeRegister, varArgOffset);
</ins><span class="cx"> dumpValueProfiling(out, it, hasPrintedProfiling);
</span><span class="cx"> break;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecompilerBytecodeGeneratorcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -1730,8 +1730,13 @@
</span><span class="cx"> if (n && n->m_expr->isSpreadExpression()) {
</span><span class="cx"> RELEASE_ASSERT(!n->m_next);
</span><span class="cx"> auto expression = static_cast<SpreadExpressionNode*>(n->m_expr)->expression();
</span><del>- expression->emitBytecode(*this, callArguments.argumentRegister(0));
- return emitCallVarargs(dst, func, callArguments.thisRegister(), callArguments.argumentRegister(0), newTemporary(), callArguments.profileHookRegister(), divot, divotStart, divotEnd);
</del><ins>+ RefPtr<RegisterID> argumentRegister;
+ if (expression->isResolveNode() && willResolveToArguments(static_cast<ResolveNode*>(expression)->identifier()) && !symbolTable().slowArguments())
+ argumentRegister = uncheckedRegisterForArguments();
+ else
+ argumentRegister = expression->emitBytecode(*this, callArguments.argumentRegister(0));
+ RefPtr<RegisterID> thisRegister = emitMove(newTemporary(), callArguments.thisRegister());
+ return emitCallVarargs(dst, func, callArguments.thisRegister(), argumentRegister.get(), newTemporary(), 0, callArguments.profileHookRegister(), divot, divotStart, divotEnd);
</ins><span class="cx"> }
</span><span class="cx"> for (; n; n = n->m_next)
</span><span class="cx"> emitNode(callArguments.argumentRegister(argument++), n);
</span><span class="lines">@@ -1781,7 +1786,7 @@
</span><span class="cx"> return dst;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-RegisterID* BytecodeGenerator::emitCallVarargs(RegisterID* dst, RegisterID* func, RegisterID* thisRegister, RegisterID* arguments, RegisterID* firstFreeRegister, RegisterID* profileHookRegister, const JSTextPosition& divot, const JSTextPosition& divotStart, const JSTextPosition& divotEnd)
</del><ins>+RegisterID* BytecodeGenerator::emitCallVarargs(RegisterID* dst, RegisterID* func, RegisterID* thisRegister, RegisterID* arguments, RegisterID* firstFreeRegister, int32_t firstVarArgOffset, RegisterID* profileHookRegister, const JSTextPosition& divot, const JSTextPosition& divotStart, const JSTextPosition& divotEnd)
</ins><span class="cx"> {
</span><span class="cx"> if (m_shouldEmitProfileHooks) {
</span><span class="cx"> emitMove(profileHookRegister, func);
</span><span class="lines">@@ -1800,7 +1805,7 @@
</span><span class="cx"> instructions().append(thisRegister->index());
</span><span class="cx"> instructions().append(arguments->index());
</span><span class="cx"> instructions().append(firstFreeRegister->index());
</span><del>- instructions().append(0);
</del><ins>+ instructions().append(firstVarArgOffset);
</ins><span class="cx"> instructions().append(arrayProfile);
</span><span class="cx"> instructions().append(profile);
</span><span class="cx"> if (m_shouldEmitProfileHooks) {
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecompilerBytecodeGeneratorh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -383,7 +383,7 @@
</span><span class="cx"> ExpectedFunction expectedFunctionForIdentifier(const Identifier&);
</span><span class="cx"> RegisterID* emitCall(RegisterID* dst, RegisterID* func, ExpectedFunction, CallArguments&, const JSTextPosition& divot, const JSTextPosition& divotStart, const JSTextPosition& divotEnd);
</span><span class="cx"> RegisterID* emitCallEval(RegisterID* dst, RegisterID* func, CallArguments&, const JSTextPosition& divot, const JSTextPosition& divotStart, const JSTextPosition& divotEnd);
</span><del>- RegisterID* emitCallVarargs(RegisterID* dst, RegisterID* func, RegisterID* thisRegister, RegisterID* arguments, RegisterID* firstFreeRegister, RegisterID* profileHookRegister, const JSTextPosition& divot, const JSTextPosition& divotStart, const JSTextPosition& divotEnd);
</del><ins>+ RegisterID* emitCallVarargs(RegisterID* dst, RegisterID* func, RegisterID* thisRegister, RegisterID* arguments, RegisterID* firstFreeRegister, int32_t firstVarArgOffset, RegisterID* profileHookRegister, const JSTextPosition& divot, const JSTextPosition& divotStart, const JSTextPosition& divotEnd);
</ins><span class="cx">
</span><span class="cx"> void emitEnumeration(ThrowableExpressionData* enumerationNode, ExpressionNode* subjectNode, const std::function<void(BytecodeGenerator&, RegisterID*)>& callBack);
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorebytecompilerNodesCodegencpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/bytecompiler/NodesCodegen.cpp (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/bytecompiler/NodesCodegen.cpp 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/bytecompiler/NodesCodegen.cpp 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -529,20 +529,48 @@
</span><span class="cx"> return generator.emitCall(returnValue.get(), function.get(), NoExpectedFunction, callArguments, divot(), divotStart(), divotEnd());
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+static RegisterID* getArgumentByVal(BytecodeGenerator& generator, ExpressionNode* base, RegisterID* property, RegisterID* dst, JSTextPosition divot, JSTextPosition divotStart, JSTextPosition divotEnd)
+{
+ if (base->isResolveNode()
+ && generator.willResolveToArguments(static_cast<ResolveNode*>(base)->identifier())
+ && !generator.symbolTable().slowArguments()) {
+ generator.emitExpressionInfo(divot, divotStart, divotEnd);
+ return generator.emitGetArgumentByVal(generator.finalDestination(dst), generator.uncheckedRegisterForArguments(), property);
+ }
+ return nullptr;
+}
+
</ins><span class="cx"> RegisterID* CallFunctionCallDotNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
</span><span class="cx"> {
</span><span class="cx"> RefPtr<Label> realCall = generator.newLabel();
</span><span class="cx"> RefPtr<Label> end = generator.newLabel();
</span><span class="cx"> RefPtr<RegisterID> base = generator.emitNode(m_base);
</span><span class="cx"> generator.emitExpressionInfo(subexpressionDivot(), subexpressionStart(), subexpressionEnd());
</span><del>- RefPtr<RegisterID> function = generator.emitGetById(generator.tempDestination(dst), base.get(), generator.propertyNames().call);
- RefPtr<RegisterID> returnValue = generator.finalDestination(dst, function.get());
</del><ins>+ RefPtr<RegisterID> function;
</ins><span class="cx"> bool emitCallCheck = !generator.isBuiltinFunction();
</span><del>- if (emitCallCheck)
</del><ins>+ if (emitCallCheck) {
+ function = generator.emitGetById(generator.tempDestination(dst), base.get(), generator.propertyNames().call);
</ins><span class="cx"> generator.emitJumpIfNotFunctionCall(function.get(), realCall.get());
</span><del>-
</del><ins>+ }
+ RefPtr<RegisterID> returnValue = generator.finalDestination(dst);
</ins><span class="cx"> {
</span><del>- if (m_args->m_listNode && m_args->m_listNode->m_expr) {
</del><ins>+ if (m_args->m_listNode && m_args->m_listNode->m_expr && m_args->m_listNode->m_expr->isSpreadExpression()) {
+ RefPtr<RegisterID> profileHookRegister;
+ if (generator.shouldEmitProfileHooks())
+ profileHookRegister = generator.newTemporary();
+ SpreadExpressionNode* spread = static_cast<SpreadExpressionNode*>(m_args->m_listNode->m_expr);
+ ExpressionNode* subject = spread->expression();
+ RefPtr<RegisterID> thisRegister = getArgumentByVal(generator, subject, generator.emitLoad(0, jsNumber(0)), 0, spread->divot(), spread->divotStart(), spread->divotEnd());
+ RefPtr<RegisterID> argumentsRegister;
+ if (thisRegister)
+ argumentsRegister = generator.uncheckedRegisterForArguments();
+ else {
+ argumentsRegister = generator.emitNode(subject);
+ generator.emitExpressionInfo(spread->divot(), spread->divotStart(), spread->divotEnd());
+ thisRegister = generator.emitGetByVal(generator.newTemporary(), argumentsRegister.get(), generator.emitLoad(0, jsNumber(0)));
+ }
+ generator.emitCallVarargs(returnValue.get(), base.get(), thisRegister.get(), argumentsRegister.get(), generator.newTemporary(), 1, profileHookRegister.get(), divot(), divotStart(), divotEnd());
+ } else if (m_args->m_listNode && m_args->m_listNode->m_expr) {
</ins><span class="cx"> ArgumentListNode* oldList = m_args->m_listNode;
</span><span class="cx"> m_args->m_listNode = m_args->m_listNode->m_next;
</span><span class="cx">
</span><span class="lines">@@ -629,7 +657,7 @@
</span><span class="cx"> RefPtr<RegisterID> thisRegister = generator.emitNode(m_args->m_listNode->m_expr);
</span><span class="cx"> RefPtr<RegisterID> argsRegister;
</span><span class="cx"> ArgumentListNode* args = m_args->m_listNode->m_next;
</span><del>- if (args->m_expr->isResolveNode() && generator.willResolveToArguments(static_cast<ResolveNode*>(args->m_expr)->identifier()))
</del><ins>+ if (args->m_expr->isResolveNode() && generator.willResolveToArguments(static_cast<ResolveNode*>(args->m_expr)->identifier()) && !generator.symbolTable().slowArguments())
</ins><span class="cx"> argsRegister = generator.uncheckedRegisterForArguments();
</span><span class="cx"> else
</span><span class="cx"> argsRegister = generator.emitNode(args->m_expr);
</span><span class="lines">@@ -639,7 +667,7 @@
</span><span class="cx"> while ((args = args->m_next))
</span><span class="cx"> generator.emitNode(args->m_expr);
</span><span class="cx">
</span><del>- generator.emitCallVarargs(returnValue.get(), realFunction.get(), thisRegister.get(), argsRegister.get(), generator.newTemporary(), profileHookRegister.get(), divot(), divotStart(), divotEnd());
</del><ins>+ generator.emitCallVarargs(returnValue.get(), realFunction.get(), thisRegister.get(), argsRegister.get(), generator.newTemporary(), 0, profileHookRegister.get(), divot(), divotStart(), divotEnd());
</ins><span class="cx"> }
</span><span class="cx"> if (emitCallCheck) {
</span><span class="cx"> generator.emitJump(end.get());
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreinterpreterInterpretercpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -137,10 +137,10 @@
</span><span class="cx"> return interpreter->execute(eval, callFrame, thisValue, callerScopeChain);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-CallFrame* sizeFrameForVarargs(CallFrame* callFrame, JSStack* stack, JSValue arguments, int firstFreeRegister)
</del><ins>+CallFrame* sizeFrameForVarargs(CallFrame* callFrame, JSStack* stack, JSValue arguments, int firstFreeRegister, int32_t firstVarArgOffset)
</ins><span class="cx"> {
</span><span class="cx"> if (!arguments) { // f.apply(x, arguments), with arguments unmodified.
</span><del>- unsigned argumentCountIncludingThis = callFrame->argumentCountIncludingThis();
</del><ins>+ unsigned argumentCountIncludingThis = callFrame->argumentCountIncludingThis() - firstVarArgOffset;
</ins><span class="cx"> unsigned paddedCalleeFrameOffset = WTF::roundUpToMultipleOf(stackAlignmentRegisters(), -firstFreeRegister + argumentCountIncludingThis + JSStack::CallFrameHeaderSize + 1);
</span><span class="cx"> CallFrame* newCallFrame = CallFrame::create(callFrame->registers() - paddedCalleeFrameOffset);
</span><span class="cx"> if (argumentCountIncludingThis > Arguments::MaxArguments + 1 || !stack->ensureCapacityFor(newCallFrame->registers())) {
</span><span class="lines">@@ -168,7 +168,7 @@
</span><span class="cx">
</span><span class="cx"> if (asObject(arguments)->classInfo() == Arguments::info()) {
</span><span class="cx"> Arguments* argsObject = asArguments(arguments);
</span><del>- unsigned argCount = argsObject->length(callFrame);
</del><ins>+ unsigned argCount = argsObject->length(callFrame) - firstVarArgOffset;
</ins><span class="cx"> unsigned paddedCalleeFrameOffset = WTF::roundUpToMultipleOf(stackAlignmentRegisters(), -firstFreeRegister + CallFrame::offsetFor(argCount + 1));
</span><span class="cx"> CallFrame* newCallFrame = CallFrame::create(callFrame->registers() - paddedCalleeFrameOffset);
</span><span class="cx"> if (argCount > Arguments::MaxArguments || !stack->ensureCapacityFor(newCallFrame->registers())) {
</span><span class="lines">@@ -180,7 +180,7 @@
</span><span class="cx">
</span><span class="cx"> if (isJSArray(arguments)) {
</span><span class="cx"> JSArray* array = asArray(arguments);
</span><del>- unsigned argCount = array->length();
</del><ins>+ unsigned argCount = array->length() - firstVarArgOffset;
</ins><span class="cx"> unsigned paddedCalleeFrameOffset = WTF::roundUpToMultipleOf(stackAlignmentRegisters(), -firstFreeRegister + CallFrame::offsetFor(argCount + 1));
</span><span class="cx"> CallFrame* newCallFrame = CallFrame::create(callFrame->registers() - paddedCalleeFrameOffset);
</span><span class="cx"> if (argCount > Arguments::MaxArguments || !stack->ensureCapacityFor(newCallFrame->registers())) {
</span><span class="lines">@@ -191,7 +191,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> JSObject* argObject = asObject(arguments);
</span><del>- unsigned argCount = argObject->get(callFrame, callFrame->propertyNames().length).toUInt32(callFrame);
</del><ins>+ unsigned argCount = argObject->get(callFrame, callFrame->propertyNames().length).toUInt32(callFrame) - firstVarArgOffset;
</ins><span class="cx"> unsigned paddedCalleeFrameOffset = WTF::roundUpToMultipleOf(stackAlignmentRegisters(), -firstFreeRegister + CallFrame::offsetFor(argCount + 1));
</span><span class="cx"> CallFrame* newCallFrame = CallFrame::create(callFrame->registers() - paddedCalleeFrameOffset);
</span><span class="cx"> if (argCount > Arguments::MaxArguments || !stack->ensureCapacityFor(newCallFrame->registers())) {
</span><span class="lines">@@ -201,15 +201,15 @@
</span><span class="cx"> return newCallFrame;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void loadVarargs(CallFrame* callFrame, CallFrame* newCallFrame, JSValue thisValue, JSValue arguments)
</del><ins>+void loadVarargs(CallFrame* callFrame, CallFrame* newCallFrame, JSValue thisValue, JSValue arguments, int32_t firstVarArgOffset)
</ins><span class="cx"> {
</span><span class="cx"> if (!arguments) { // f.apply(x, arguments), with arguments unmodified.
</span><del>- unsigned argumentCountIncludingThis = callFrame->argumentCountIncludingThis();
</del><ins>+ unsigned argumentCountIncludingThis = callFrame->argumentCountIncludingThis() - firstVarArgOffset;
</ins><span class="cx">
</span><span class="cx"> newCallFrame->setArgumentCountIncludingThis(argumentCountIncludingThis);
</span><span class="cx"> newCallFrame->setThisValue(thisValue);
</span><del>- for (size_t i = 0; i < callFrame->argumentCount(); ++i)
- newCallFrame->setArgument(i, callFrame->argumentAfterCapture(i));
</del><ins>+ for (size_t i = firstVarArgOffset; i < callFrame->argumentCount(); ++i)
+ newCallFrame->setArgument(i - firstVarArgOffset, callFrame->argumentAfterCapture(i));
</ins><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -221,28 +221,28 @@
</span><span class="cx">
</span><span class="cx"> if (asObject(arguments)->classInfo() == Arguments::info()) {
</span><span class="cx"> Arguments* argsObject = asArguments(arguments);
</span><del>- unsigned argCount = argsObject->length(callFrame);
</del><ins>+ unsigned argCount = argsObject->length(callFrame) - firstVarArgOffset;
</ins><span class="cx"> newCallFrame->setArgumentCountIncludingThis(argCount + 1);
</span><span class="cx"> newCallFrame->setThisValue(thisValue);
</span><del>- argsObject->copyToArguments(callFrame, newCallFrame, argCount);
</del><ins>+ argsObject->copyToArguments(callFrame, newCallFrame, argCount, firstVarArgOffset);
</ins><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if (isJSArray(arguments)) {
</span><span class="cx"> JSArray* array = asArray(arguments);
</span><del>- unsigned argCount = array->length();
</del><ins>+ unsigned argCount = array->length() - firstVarArgOffset;
</ins><span class="cx"> newCallFrame->setArgumentCountIncludingThis(argCount + 1);
</span><span class="cx"> newCallFrame->setThisValue(thisValue);
</span><del>- array->copyToArguments(callFrame, newCallFrame, argCount);
</del><ins>+ array->copyToArguments(callFrame, newCallFrame, argCount, firstVarArgOffset);
</ins><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> JSObject* argObject = asObject(arguments);
</span><del>- unsigned argCount = argObject->get(callFrame, callFrame->propertyNames().length).toUInt32(callFrame);
</del><ins>+ unsigned argCount = argObject->get(callFrame, callFrame->propertyNames().length).toUInt32(callFrame) - firstVarArgOffset;
</ins><span class="cx"> newCallFrame->setArgumentCountIncludingThis(argCount + 1);
</span><span class="cx"> newCallFrame->setThisValue(thisValue);
</span><span class="cx"> for (size_t i = 0; i < argCount; ++i) {
</span><del>- newCallFrame->setArgument(i, asObject(arguments)->get(callFrame, i));
</del><ins>+ newCallFrame->setArgument(i, asObject(arguments)->get(callFrame, i + firstVarArgOffset));
</ins><span class="cx"> if (UNLIKELY(callFrame->vm().exception()))
</span><span class="cx"> return;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreinterpreterInterpreterh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/interpreter/Interpreter.h (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/interpreter/Interpreter.h 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/interpreter/Interpreter.h 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -285,8 +285,8 @@
</span><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> JSValue eval(CallFrame*);
</span><del>- CallFrame* sizeFrameForVarargs(CallFrame*, JSStack*, JSValue, int);
- void loadVarargs(CallFrame*, CallFrame*, JSValue, JSValue);
</del><ins>+ CallFrame* sizeFrameForVarargs(CallFrame*, JSStack*, JSValue, int, int32_t firstVarArgOffset);
+ void loadVarargs(CallFrame*, CallFrame*, JSValue, JSValue, int32_t firstVarArgOffset);
</ins><span class="cx"> } // namespace JSC
</span><span class="cx">
</span><span class="cx"> #endif // Interpreter_h
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitCCallHelpersh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/CCallHelpers.h (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/CCallHelpers.h 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/jit/CCallHelpers.h 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -582,7 +582,7 @@
</span><span class="cx"> addCallArgument(arg4);
</span><span class="cx"> addCallArgument(arg5);
</span><span class="cx"> }
</span><del>-
</del><ins>+
</ins><span class="cx"> ALWAYS_INLINE void setupArgumentsWithExecState(GPRReg arg1, GPRReg arg2, GPRReg arg3, GPRReg arg4, GPRReg arg5, GPRReg arg6)
</span><span class="cx"> {
</span><span class="cx"> resetCallArguments();
</span><span class="lines">@@ -594,6 +594,19 @@
</span><span class="cx"> addCallArgument(arg5);
</span><span class="cx"> addCallArgument(arg6);
</span><span class="cx"> }
</span><ins>+
+
+ ALWAYS_INLINE void setupArgumentsWithExecState(GPRReg arg1, GPRReg arg2, GPRReg arg3, GPRReg arg4, GPRReg arg5, TrustedImm32 arg6)
+ {
+ resetCallArguments();
+ addCallArgument(GPRInfo::callFrameRegister);
+ addCallArgument(arg1);
+ addCallArgument(arg2);
+ addCallArgument(arg3);
+ addCallArgument(arg4);
+ addCallArgument(arg5);
+ addCallArgument(arg6);
+ }
</ins><span class="cx">
</span><span class="cx"> ALWAYS_INLINE void setupArgumentsWithExecState(FPRReg arg1, GPRReg arg2)
</span><span class="cx"> {
</span><span class="lines">@@ -1170,6 +1183,14 @@
</span><span class="cx"> move(arg3, GPRInfo::argumentGPR3);
</span><span class="cx"> move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
</span><span class="cx"> }
</span><ins>+
+ ALWAYS_INLINE void setupArgumentsWithExecState(GPRReg arg1, TrustedImm32 arg2, TrustedImm32 arg3)
+ {
+ move(arg1, GPRInfo::argumentGPR1);
+ move(arg2, GPRInfo::argumentGPR2);
+ move(arg3, GPRInfo::argumentGPR3);
+ move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
+ }
</ins><span class="cx">
</span><span class="cx"> ALWAYS_INLINE void setupArgumentsWithExecState(GPRReg arg1, TrustedImmPtr arg2, TrustedImmPtr arg3)
</span><span class="cx"> {
</span><span class="lines">@@ -1576,6 +1597,13 @@
</span><span class="cx"> move(arg4, GPRInfo::argumentGPR4);
</span><span class="cx"> move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
</span><span class="cx"> }
</span><ins>+
+ ALWAYS_INLINE void setupArgumentsWithExecState(GPRReg arg1, GPRReg arg2, GPRReg arg3, TrustedImm32 arg4)
+ {
+ setupThreeStubArgsGPR<GPRInfo::argumentGPR1, GPRInfo::argumentGPR2, GPRInfo::argumentGPR3>(arg1, arg2, arg3);
+ move(arg4, GPRInfo::argumentGPR4);
+ move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
+ }
</ins><span class="cx">
</span><span class="cx"> ALWAYS_INLINE void setupArguments(GPRReg arg1, TrustedImmPtr arg2, GPRReg arg3, GPRReg arg4, TrustedImmPtr arg5)
</span><span class="cx"> {
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JIT.h (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JIT.h 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/jit/JIT.h 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -665,7 +665,7 @@
</span><span class="cx"> MacroAssembler::Call callOperation(C_JITOperation_EO, GPRReg);
</span><span class="cx"> MacroAssembler::Call callOperation(C_JITOperation_ESt, Structure*);
</span><span class="cx"> MacroAssembler::Call callOperation(C_JITOperation_EZ, int32_t);
</span><del>- MacroAssembler::Call callOperation(F_JITOperation_EJZ, GPRReg, int32_t);
</del><ins>+ MacroAssembler::Call callOperation(F_JITOperation_EJZZ, GPRReg, int32_t, int32_t);
</ins><span class="cx"> MacroAssembler::Call callOperation(J_JITOperation_E, int);
</span><span class="cx"> MacroAssembler::Call callOperation(J_JITOperation_EAapJ, int, ArrayAllocationProfile*, GPRReg);
</span><span class="cx"> MacroAssembler::Call callOperation(J_JITOperation_EAapJcpZ, int, ArrayAllocationProfile*, GPRReg, int32_t);
</span><span class="lines">@@ -707,7 +707,7 @@
</span><span class="cx"> #endif
</span><span class="cx"> MacroAssembler::Call callOperation(V_JITOperation_EJIdJJ, RegisterID, const Identifier*, RegisterID, RegisterID);
</span><span class="cx"> #if USE(JSVALUE64)
</span><del>- MacroAssembler::Call callOperation(F_JITOperation_EFJJ, RegisterID, RegisterID, RegisterID);
</del><ins>+ MacroAssembler::Call callOperation(F_JITOperation_EFJJZ, RegisterID, RegisterID, RegisterID, int32_t);
</ins><span class="cx"> MacroAssembler::Call callOperation(V_JITOperation_ESsiJJI, StructureStubInfo*, RegisterID, RegisterID, StringImpl*);
</span><span class="cx"> #else
</span><span class="cx"> MacroAssembler::Call callOperation(V_JITOperation_ESsiJJI, StructureStubInfo*, RegisterID, RegisterID, RegisterID, RegisterID, StringImpl*);
</span><span class="lines">@@ -722,8 +722,8 @@
</span><span class="cx"> MacroAssembler::Call callOperationWithCallFrameRollbackOnException(V_JITOperation_ECb, CodeBlock*);
</span><span class="cx"> MacroAssembler::Call callOperationWithCallFrameRollbackOnException(Z_JITOperation_E);
</span><span class="cx"> #if USE(JSVALUE32_64)
</span><del>- MacroAssembler::Call callOperation(F_JITOperation_EFJJ, RegisterID, RegisterID, RegisterID, RegisterID, RegisterID);
- MacroAssembler::Call callOperation(F_JITOperation_EJZ, GPRReg, GPRReg, int32_t);
</del><ins>+ MacroAssembler::Call callOperation(F_JITOperation_EFJJZ, RegisterID, RegisterID, RegisterID, RegisterID, RegisterID, int32_t);
+ MacroAssembler::Call callOperation(F_JITOperation_EJZZ, GPRReg, GPRReg, int32_t, int32_t);
</ins><span class="cx"> MacroAssembler::Call callOperation(J_JITOperation_EAapJ, int, ArrayAllocationProfile*, GPRReg, GPRReg);
</span><span class="cx"> MacroAssembler::Call callOperation(J_JITOperation_EJ, int, GPRReg, GPRReg);
</span><span class="cx"> MacroAssembler::Call callOperation(J_JITOperation_EJIdc, int, GPRReg, GPRReg, const Identifier*);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITCallcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITCall.cpp (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITCall.cpp 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/jit/JITCall.cpp 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -58,6 +58,7 @@
</span><span class="cx"> int thisValue = instruction[3].u.operand;
</span><span class="cx"> int arguments = instruction[4].u.operand;
</span><span class="cx"> int firstFreeRegister = instruction[5].u.operand;
</span><ins>+ int firstVarArgOffset = instruction[6].u.operand;
</ins><span class="cx">
</span><span class="cx"> JumpList slowCase;
</span><span class="cx"> JumpList end;
</span><span class="lines">@@ -70,6 +71,8 @@
</span><span class="cx"> slowCase.append(branch64(NotEqual, regT0, TrustedImm64(JSValue::encode(JSValue()))));
</span><span class="cx">
</span><span class="cx"> emitGetFromCallFrameHeader32(JSStack::ArgumentCount, regT0);
</span><ins>+ if (firstVarArgOffset)
+ sub32(TrustedImm32(firstVarArgOffset), regT0);
</ins><span class="cx"> slowCase.append(branch32(Above, regT0, TrustedImm32(Arguments::MaxArguments + 1)));
</span><span class="cx"> // regT0: argumentCountIncludingThis
</span><span class="cx"> move(regT0, regT1);
</span><span class="lines">@@ -99,7 +102,7 @@
</span><span class="cx"> // regT0: argumentCount
</span><span class="cx">
</span><span class="cx"> Label copyLoop = label();
</span><del>- load64(BaseIndex(callFrameRegister, regT0, TimesEight, CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register))), regT2);
</del><ins>+ load64(BaseIndex(callFrameRegister, regT0, TimesEight, (CallFrame::thisArgumentOffset() + firstVarArgOffset) * static_cast<int>(sizeof(Register))), regT2);
</ins><span class="cx"> store64(regT2, BaseIndex(regT1, regT0, TimesEight, CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register))));
</span><span class="cx"> branchSub64(NonZero, TrustedImm32(1), regT0).linkTo(copyLoop, this);
</span><span class="cx">
</span><span class="lines">@@ -110,11 +113,11 @@
</span><span class="cx"> slowCase.link(this);
</span><span class="cx">
</span><span class="cx"> emitGetVirtualRegister(arguments, regT1);
</span><del>- callOperation(operationSizeFrameForVarargs, regT1, firstFreeRegister);
</del><ins>+ callOperation(operationSizeFrameForVarargs, regT1, firstFreeRegister, firstVarArgOffset);
</ins><span class="cx"> move(returnValueGPR, stackPointerRegister);
</span><span class="cx"> emitGetVirtualRegister(thisValue, regT1);
</span><span class="cx"> emitGetVirtualRegister(arguments, regT2);
</span><del>- callOperation(operationLoadVarargs, returnValueGPR, regT1, regT2);
</del><ins>+ callOperation(operationLoadVarargs, returnValueGPR, regT1, regT2, firstVarArgOffset);
</ins><span class="cx"> move(returnValueGPR, regT1);
</span><span class="cx">
</span><span class="cx"> if (canOptimize)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITCall32_64cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITCall32_64.cpp (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITCall32_64.cpp 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/jit/JITCall32_64.cpp 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -131,6 +131,7 @@
</span><span class="cx"> int thisValue = instruction[3].u.operand;
</span><span class="cx"> int arguments = instruction[4].u.operand;
</span><span class="cx"> int firstFreeRegister = instruction[5].u.operand;
</span><ins>+ int firstVarArgOffset = instruction[6].u.operand;
</ins><span class="cx">
</span><span class="cx"> JumpList slowCase;
</span><span class="cx"> JumpList end;
</span><span class="lines">@@ -143,6 +144,8 @@
</span><span class="cx"> slowCase.append(branch32(NotEqual, regT1, TrustedImm32(JSValue::EmptyValueTag)));
</span><span class="cx">
</span><span class="cx"> load32(payloadFor(JSStack::ArgumentCount), regT2);
</span><ins>+ if (firstVarArgOffset)
+ sub32(TrustedImm32(firstVarArgOffset), regT2);
</ins><span class="cx"> slowCase.append(branch32(Above, regT2, TrustedImm32(Arguments::MaxArguments + 1)));
</span><span class="cx"> // regT2: argumentCountIncludingThis
</span><span class="cx">
</span><span class="lines">@@ -172,8 +175,8 @@
</span><span class="cx"> // regT2: argumentCount;
</span><span class="cx">
</span><span class="cx"> Label copyLoop = label();
</span><del>- load32(BaseIndex(callFrameRegister, regT2, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.payload) +(CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register)))), regT0);
- load32(BaseIndex(callFrameRegister, regT2, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.tag) +(CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register)))), regT1);
</del><ins>+ load32(BaseIndex(callFrameRegister, regT2, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.payload) +((CallFrame::thisArgumentOffset() + firstVarArgOffset) * static_cast<int>(sizeof(Register)))), regT0);
+ load32(BaseIndex(callFrameRegister, regT2, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.tag) +((CallFrame::thisArgumentOffset() + firstVarArgOffset) * static_cast<int>(sizeof(Register)))), regT1);
</ins><span class="cx"> store32(regT0, BaseIndex(regT3, regT2, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.payload) +(CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register)))));
</span><span class="cx"> store32(regT1, BaseIndex(regT3, regT2, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.tag) +(CallFrame::thisArgumentOffset() * static_cast<int>(sizeof(Register)))));
</span><span class="cx"> branchSub32(NonZero, TrustedImm32(1), regT2).linkTo(copyLoop, this);
</span><span class="lines">@@ -185,11 +188,11 @@
</span><span class="cx"> slowCase.link(this);
</span><span class="cx">
</span><span class="cx"> emitLoad(arguments, regT1, regT0);
</span><del>- callOperation(operationSizeFrameForVarargs, regT1, regT0, firstFreeRegister);
</del><ins>+ callOperation(operationSizeFrameForVarargs, regT1, regT0, firstFreeRegister, firstVarArgOffset);
</ins><span class="cx"> addPtr(TrustedImm32(-sizeof(CallerFrameAndPC)), returnValueGPR, stackPointerRegister);
</span><span class="cx"> emitLoad(thisValue, regT1, regT4);
</span><span class="cx"> emitLoad(arguments, regT3, regT2);
</span><del>- callOperation(operationLoadVarargs, returnValueGPR, regT1, regT4, regT3, regT2);
</del><ins>+ callOperation(operationLoadVarargs, returnValueGPR, regT1, regT4, regT3, regT2, firstVarArgOffset);
</ins><span class="cx"> move(returnValueGPR, regT3);
</span><span class="cx">
</span><span class="cx"> if (canOptimize)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITInlinesh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITInlines.h (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITInlines.h 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/jit/JITInlines.h 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -296,15 +296,15 @@
</span><span class="cx">
</span><span class="cx">
</span><span class="cx"> #if USE(JSVALUE64)
</span><del>-ALWAYS_INLINE MacroAssembler::Call JIT::callOperation(F_JITOperation_EJZ operation, GPRReg arg1, int32_t arg3)
</del><ins>+ALWAYS_INLINE MacroAssembler::Call JIT::callOperation(F_JITOperation_EJZZ operation, GPRReg arg1, int32_t arg2, int32_t arg3)
</ins><span class="cx"> {
</span><del>- setupArgumentsWithExecState(arg1, TrustedImm32(arg3));
</del><ins>+ setupArgumentsWithExecState(arg1, TrustedImm32(arg2), TrustedImm32(arg3));
</ins><span class="cx"> return appendCallWithExceptionCheck(operation);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-ALWAYS_INLINE MacroAssembler::Call JIT::callOperation(F_JITOperation_EFJJ operation, GPRReg arg1, GPRReg arg2, GPRReg arg3)
</del><ins>+ALWAYS_INLINE MacroAssembler::Call JIT::callOperation(F_JITOperation_EFJJZ operation, GPRReg arg1, GPRReg arg2, GPRReg arg3, int32_t arg4)
</ins><span class="cx"> {
</span><del>- setupArgumentsWithExecState(arg1, arg2, arg3);
</del><ins>+ setupArgumentsWithExecState(arg1, arg2, arg3, TrustedImm32(arg4));
</ins><span class="cx"> return appendCallWithExceptionCheck(operation);
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -437,20 +437,20 @@
</span><span class="cx"> return appendCall(operation);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-ALWAYS_INLINE MacroAssembler::Call JIT::callOperation(F_JITOperation_EJZ operation, GPRReg arg1Tag, GPRReg arg1Payload, int32_t arg2)
</del><ins>+ALWAYS_INLINE MacroAssembler::Call JIT::callOperation(F_JITOperation_EJZZ operation, GPRReg arg1Tag, GPRReg arg1Payload, int32_t arg2, int32_t arg3)
</ins><span class="cx"> {
</span><span class="cx"> #if CPU(SH4)
</span><span class="cx"> // We have to put arg3 in the 4th argument register (r7) as 64-bit value arg2 will be put on stack for sh4 architecure.
</span><del>- setupArgumentsWithExecState(arg1Payload, arg1Tag, TrustedImm32(arg2));
</del><ins>+ setupArgumentsWithExecState(arg1Payload, arg1Tag, TrustedImm32(arg2), TrustedImm32(arg3));
</ins><span class="cx"> #else
</span><del>- setupArgumentsWithExecState(EABI_32BIT_DUMMY_ARG arg1Payload, arg1Tag, TrustedImm32(arg2));
</del><ins>+ setupArgumentsWithExecState(EABI_32BIT_DUMMY_ARG arg1Payload, arg1Tag, TrustedImm32(arg2), TrustedImm32(arg3));
</ins><span class="cx"> #endif
</span><span class="cx"> return appendCallWithExceptionCheck(operation);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-ALWAYS_INLINE MacroAssembler::Call JIT::callOperation(F_JITOperation_EFJJ operation, GPRReg arg1, GPRReg arg2Tag, GPRReg arg2Payload, GPRReg arg3Tag, GPRReg arg3Payload)
</del><ins>+ALWAYS_INLINE MacroAssembler::Call JIT::callOperation(F_JITOperation_EFJJZ operation, GPRReg arg1, GPRReg arg2Tag, GPRReg arg2Payload, GPRReg arg3Tag, GPRReg arg3Payload, int32_t arg4)
</ins><span class="cx"> {
</span><del>- setupArgumentsWithExecState(arg1, arg2Payload, arg2Tag, arg3Payload, arg3Tag);
</del><ins>+ setupArgumentsWithExecState(arg1, arg2Payload, arg2Tag, arg3Payload, arg3Tag, TrustedImm32(arg4));
</ins><span class="cx"> return appendCallWithExceptionCheck(operation);
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITOperationscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITOperations.cpp (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITOperations.cpp 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/jit/JITOperations.cpp 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -1562,23 +1562,23 @@
</span><span class="cx"> return JSValue::encode(jsBoolean(result));
</span><span class="cx"> }
</span><span class="cx">
</span><del>-CallFrame* JIT_OPERATION operationSizeFrameForVarargs(ExecState* exec, EncodedJSValue encodedArguments, int32_t firstFreeRegister)
</del><ins>+CallFrame* JIT_OPERATION operationSizeFrameForVarargs(ExecState* exec, EncodedJSValue encodedArguments, int32_t firstFreeRegister, int32_t firstVarArgOffset)
</ins><span class="cx"> {
</span><span class="cx"> VM& vm = exec->vm();
</span><span class="cx"> NativeCallFrameTracer tracer(&vm, exec);
</span><span class="cx"> JSStack* stack = &exec->interpreter()->stack();
</span><span class="cx"> JSValue arguments = JSValue::decode(encodedArguments);
</span><del>- CallFrame* newCallFrame = sizeFrameForVarargs(exec, stack, arguments, firstFreeRegister);
</del><ins>+ CallFrame* newCallFrame = sizeFrameForVarargs(exec, stack, arguments, firstFreeRegister, firstVarArgOffset);
</ins><span class="cx"> return newCallFrame;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-CallFrame* JIT_OPERATION operationLoadVarargs(ExecState* exec, CallFrame* newCallFrame, EncodedJSValue encodedThis, EncodedJSValue encodedArguments)
</del><ins>+CallFrame* JIT_OPERATION operationLoadVarargs(ExecState* exec, CallFrame* newCallFrame, EncodedJSValue encodedThis, EncodedJSValue encodedArguments, int32_t firstVarArgOffset)
</ins><span class="cx"> {
</span><span class="cx"> VM& vm = exec->vm();
</span><span class="cx"> NativeCallFrameTracer tracer(&vm, exec);
</span><span class="cx"> JSValue thisValue = JSValue::decode(encodedThis);
</span><span class="cx"> JSValue arguments = JSValue::decode(encodedArguments);
</span><del>- loadVarargs(exec, newCallFrame, thisValue, arguments);
</del><ins>+ loadVarargs(exec, newCallFrame, thisValue, arguments, firstVarArgOffset);
</ins><span class="cx"> return newCallFrame;
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITOperationsh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITOperations.h (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITOperations.h 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/jit/JITOperations.h 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -82,8 +82,8 @@
</span><span class="cx"> Z: int32_t
</span><span class="cx"> */
</span><span class="cx">
</span><del>-typedef CallFrame* JIT_OPERATION (*F_JITOperation_EFJJ)(ExecState*, CallFrame*, EncodedJSValue, EncodedJSValue);
-typedef CallFrame* JIT_OPERATION (*F_JITOperation_EJZ)(ExecState*, EncodedJSValue, int32_t);
</del><ins>+typedef CallFrame* JIT_OPERATION (*F_JITOperation_EFJJZ)(ExecState*, CallFrame*, EncodedJSValue, EncodedJSValue, int32_t);
+typedef CallFrame* JIT_OPERATION (*F_JITOperation_EJZZ)(ExecState*, EncodedJSValue, int32_t, int32_t);
</ins><span class="cx"> typedef EncodedJSValue JIT_OPERATION (*J_JITOperation_E)(ExecState*);
</span><span class="cx"> typedef EncodedJSValue JIT_OPERATION (*J_JITOperation_EA)(ExecState*, JSArray*);
</span><span class="cx"> typedef EncodedJSValue JIT_OPERATION (*J_JITOperation_EAZ)(ExecState*, JSArray*, int32_t);
</span><span class="lines">@@ -275,8 +275,8 @@
</span><span class="cx"> EncodedJSValue JIT_OPERATION operationDeleteById(ExecState*, EncodedJSValue base, const Identifier*) WTF_INTERNAL;
</span><span class="cx"> JSCell* JIT_OPERATION operationGetPNames(ExecState*, JSObject*) WTF_INTERNAL;
</span><span class="cx"> EncodedJSValue JIT_OPERATION operationInstanceOf(ExecState*, EncodedJSValue, EncodedJSValue proto) WTF_INTERNAL;
</span><del>-CallFrame* JIT_OPERATION operationSizeFrameForVarargs(ExecState*, EncodedJSValue arguments, int32_t firstFreeRegister) WTF_INTERNAL;
-CallFrame* JIT_OPERATION operationLoadVarargs(ExecState*, CallFrame*, EncodedJSValue thisValue, EncodedJSValue arguments) WTF_INTERNAL;
</del><ins>+CallFrame* JIT_OPERATION operationSizeFrameForVarargs(ExecState*, EncodedJSValue arguments, int32_t firstFreeRegister, int32_t firstVarArgOffset) WTF_INTERNAL;
+CallFrame* JIT_OPERATION operationLoadVarargs(ExecState*, CallFrame*, EncodedJSValue thisValue, EncodedJSValue arguments, int32_t firstVarArgOffset) WTF_INTERNAL;
</ins><span class="cx"> EncodedJSValue JIT_OPERATION operationToObject(ExecState*, EncodedJSValue) WTF_INTERNAL;
</span><span class="cx">
</span><span class="cx"> char* JIT_OPERATION operationSwitchCharWithUnknownKeyType(ExecState*, EncodedJSValue key, size_t tableIndex) WTF_INTERNAL;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorellintLLIntSlowPathscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -1156,7 +1156,7 @@
</span><span class="cx"> // - Set up a call frame while respecting the variable arguments.
</span><span class="cx">
</span><span class="cx"> ExecState* execCallee = sizeFrameForVarargs(exec, &vm.interpreter->stack(),
</span><del>- LLINT_OP_C(4).jsValue(), pc[5].u.operand);
</del><ins>+ LLINT_OP_C(4).jsValue(), pc[5].u.operand, pc[6].u.operand);
</ins><span class="cx"> LLINT_CALL_CHECK_EXCEPTION(exec);
</span><span class="cx">
</span><span class="cx"> vm.newCallFrameReturnValue = execCallee;
</span><span class="lines">@@ -1175,7 +1175,7 @@
</span><span class="cx">
</span><span class="cx"> ExecState* execCallee = vm.newCallFrameReturnValue;
</span><span class="cx">
</span><del>- loadVarargs(exec, execCallee, LLINT_OP_C(3).jsValue(), LLINT_OP_C(4).jsValue());
</del><ins>+ loadVarargs(exec, execCallee, LLINT_OP_C(3).jsValue(), LLINT_OP_C(4).jsValue(), pc[6].u.operand);
</ins><span class="cx"> LLINT_CALL_CHECK_EXCEPTION(exec);
</span><span class="cx">
</span><span class="cx"> execCallee->uncheckedR(JSStack::Callee) = calleeAsValue;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeArgumentscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/Arguments.cpp (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/Arguments.cpp 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/runtime/Arguments.cpp 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -58,20 +58,22 @@
</span><span class="cx"> static_cast<Arguments*>(cell)->Arguments::~Arguments();
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void Arguments::copyToArguments(ExecState* exec, CallFrame* callFrame, uint32_t length)
</del><ins>+void Arguments::copyToArguments(ExecState* exec, CallFrame* callFrame, uint32_t copyLength, int32_t firstVarArgOffset)
</ins><span class="cx"> {
</span><ins>+ uint32_t length = copyLength + firstVarArgOffset;
+
</ins><span class="cx"> if (UNLIKELY(m_overrodeLength)) {
</span><span class="cx"> length = min(get(exec, exec->propertyNames().length).toUInt32(exec), length);
</span><del>- for (unsigned i = 0; i < length; i++)
</del><ins>+ for (unsigned i = firstVarArgOffset; i < length; i++)
</ins><span class="cx"> callFrame->setArgument(i, get(exec, i));
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="cx"> ASSERT(length == this->length(exec));
</span><del>- for (size_t i = 0; i < length; ++i) {
</del><ins>+ for (size_t i = firstVarArgOffset; i < length; ++i) {
</ins><span class="cx"> if (JSValue value = tryGetArgument(i))
</span><del>- callFrame->setArgument(i, value);
</del><ins>+ callFrame->setArgument(i - firstVarArgOffset, value);
</ins><span class="cx"> else
</span><del>- callFrame->setArgument(i, get(exec, i));
</del><ins>+ callFrame->setArgument(i - firstVarArgOffset, get(exec, i));
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeArgumentsh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/Arguments.h (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/Arguments.h 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/runtime/Arguments.h 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -78,7 +78,7 @@
</span><span class="cx"> return m_numArguments;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- void copyToArguments(ExecState*, CallFrame*, uint32_t length);
</del><ins>+ void copyToArguments(ExecState*, CallFrame*, uint32_t copyLength, int32_t firstArgumentOffset);
</ins><span class="cx"> void tearOff(CallFrame*);
</span><span class="cx"> void tearOff(CallFrame*, InlineCallFrame*);
</span><span class="cx"> bool isTornOff() const { return m_registerArray.get(); }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSArraycpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSArray.cpp (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSArray.cpp 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/runtime/JSArray.cpp 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -1540,12 +1540,12 @@
</span><span class="cx"> args.append(get(exec, i));
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void JSArray::copyToArguments(ExecState* exec, CallFrame* callFrame, uint32_t length)
</del><ins>+void JSArray::copyToArguments(ExecState* exec, CallFrame* callFrame, uint32_t copyLength, int32_t firstVarArgOffset)
</ins><span class="cx"> {
</span><del>- unsigned i = 0;
</del><ins>+ unsigned i = firstVarArgOffset;
</ins><span class="cx"> WriteBarrier<Unknown>* vector;
</span><span class="cx"> unsigned vectorEnd;
</span><del>-
</del><ins>+ unsigned length = copyLength + firstVarArgOffset;
</ins><span class="cx"> ASSERT(length == this->length());
</span><span class="cx"> switch (structure()->indexingType()) {
</span><span class="cx"> case ArrayClass:
</span><span class="lines">@@ -1572,7 +1572,7 @@
</span><span class="cx"> double v = m_butterfly->contiguousDouble()[i];
</span><span class="cx"> if (v != v)
</span><span class="cx"> break;
</span><del>- callFrame->setArgument(i, JSValue(JSValue::EncodeAsDouble, v));
</del><ins>+ callFrame->setArgument(i - firstVarArgOffset, JSValue(JSValue::EncodeAsDouble, v));
</ins><span class="cx"> }
</span><span class="cx"> break;
</span><span class="cx"> }
</span><span class="lines">@@ -1595,11 +1595,11 @@
</span><span class="cx"> WriteBarrier<Unknown>& v = vector[i];
</span><span class="cx"> if (!v)
</span><span class="cx"> break;
</span><del>- callFrame->setArgument(i, v.get());
</del><ins>+ callFrame->setArgument(i - firstVarArgOffset, v.get());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> for (; i < length; ++i)
</span><del>- callFrame->setArgument(i, get(exec, i));
</del><ins>+ callFrame->setArgument(i - firstVarArgOffset, get(exec, i));
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> template<IndexingType indexingType>
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSArrayh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSArray.h (164629 => 164630)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSArray.h 2014-02-25 06:46:12 UTC (rev 164629)
+++ trunk/Source/JavaScriptCore/runtime/JSArray.h 2014-02-25 06:59:38 UTC (rev 164630)
</span><span class="lines">@@ -132,7 +132,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void fillArgList(ExecState*, MarkedArgumentBuffer&);
</span><del>- void copyToArguments(ExecState*, CallFrame*, uint32_t length);
</del><ins>+ void copyToArguments(ExecState*, CallFrame*, uint32_t length, int32_t firstVarArgOffset);
</ins><span class="cx">
</span><span class="cx"> static Structure* createStructure(VM& vm, JSGlobalObject* globalObject, JSValue prototype, IndexingType indexingType)
</span><span class="cx"> {
</span></span></pre>
</div>
</div>
</body>
</html>