<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[165414] trunk/Source/JavaScriptCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/165414">165414</a></dd>
<dt>Author</dt> <dd>fpizlo@apple.com</dd>
<dt>Date</dt> <dd>2014-03-10 16:31:18 -0700 (Mon, 10 Mar 2014)</dd>
</dl>
<h3>Log Message</h3>
<pre>Repatch should save and restore all used registers - not just temp ones - when making a call
https://bugs.webkit.org/show_bug.cgi?id=130041
Reviewed by Geoffrey Garen and Mark Hahnenberg.
The save/restore code was written back when the only client was the DFG, which only uses a
subset of hardware registers: the "temp" registers in our lingo. But the FTL may use many
other registers, especially on ARM64. The fact that Repatch doesn't know to save those can
lead to data corruption on ARM64.
* jit/RegisterSet.cpp:
(JSC::RegisterSet::calleeSaveRegisters):
(JSC::RegisterSet::numberOfSetGPRs):
(JSC::RegisterSet::numberOfSetFPRs):
* jit/RegisterSet.h:
* jit/Repatch.cpp:
(JSC::storeToWriteBarrierBuffer):
(JSC::emitPutTransitionStub):
* jit/ScratchRegisterAllocator.cpp:
(JSC::ScratchRegisterAllocator::ScratchRegisterAllocator):
(JSC::ScratchRegisterAllocator::preserveReusedRegistersByPushing):
(JSC::ScratchRegisterAllocator::restoreReusedRegistersByPopping):
(JSC::ScratchRegisterAllocator::usedRegistersForCall):
(JSC::ScratchRegisterAllocator::desiredScratchBufferSizeForCall):
(JSC::ScratchRegisterAllocator::preserveUsedRegistersToScratchBufferForCall):
(JSC::ScratchRegisterAllocator::restoreUsedRegistersFromScratchBufferForCall):
* jit/ScratchRegisterAllocator.h:</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoreChangeLog">trunk/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCorejitRegisterSetcpp">trunk/Source/JavaScriptCore/jit/RegisterSet.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitRegisterSeth">trunk/Source/JavaScriptCore/jit/RegisterSet.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejitRepatchcpp">trunk/Source/JavaScriptCore/jit/Repatch.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitScratchRegisterAllocatorcpp">trunk/Source/JavaScriptCore/jit/ScratchRegisterAllocator.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitScratchRegisterAllocatorh">trunk/Source/JavaScriptCore/jit/ScratchRegisterAllocator.h</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ChangeLog (165413 => 165414)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ChangeLog 2014-03-10 23:22:05 UTC (rev 165413)
+++ trunk/Source/JavaScriptCore/ChangeLog 2014-03-10 23:31:18 UTC (rev 165414)
</span><span class="lines">@@ -1,3 +1,33 @@
</span><ins>+2014-03-10 Filip Pizlo <fpizlo@apple.com>
+
+ Repatch should save and restore all used registers - not just temp ones - when making a call
+ https://bugs.webkit.org/show_bug.cgi?id=130041
+
+ Reviewed by Geoffrey Garen and Mark Hahnenberg.
+
+ The save/restore code was written back when the only client was the DFG, which only uses a
+ subset of hardware registers: the "temp" registers in our lingo. But the FTL may use many
+ other registers, especially on ARM64. The fact that Repatch doesn't know to save those can
+ lead to data corruption on ARM64.
+
+ * jit/RegisterSet.cpp:
+ (JSC::RegisterSet::calleeSaveRegisters):
+ (JSC::RegisterSet::numberOfSetGPRs):
+ (JSC::RegisterSet::numberOfSetFPRs):
+ * jit/RegisterSet.h:
+ * jit/Repatch.cpp:
+ (JSC::storeToWriteBarrierBuffer):
+ (JSC::emitPutTransitionStub):
+ * jit/ScratchRegisterAllocator.cpp:
+ (JSC::ScratchRegisterAllocator::ScratchRegisterAllocator):
+ (JSC::ScratchRegisterAllocator::preserveReusedRegistersByPushing):
+ (JSC::ScratchRegisterAllocator::restoreReusedRegistersByPopping):
+ (JSC::ScratchRegisterAllocator::usedRegistersForCall):
+ (JSC::ScratchRegisterAllocator::desiredScratchBufferSizeForCall):
+ (JSC::ScratchRegisterAllocator::preserveUsedRegistersToScratchBufferForCall):
+ (JSC::ScratchRegisterAllocator::restoreUsedRegistersFromScratchBufferForCall):
+ * jit/ScratchRegisterAllocator.h:
+
</ins><span class="cx"> 2014-03-10 Mark Hahnenberg <mhahnenberg@apple.com>
</span><span class="cx">
</span><span class="cx"> Remove ConditionalStore barrier
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitRegisterSetcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/RegisterSet.cpp (165413 => 165414)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/RegisterSet.cpp 2014-03-10 23:22:05 UTC (rev 165413)
+++ trunk/Source/JavaScriptCore/jit/RegisterSet.cpp 2014-03-10 23:31:18 UTC (rev 165414)
</span><span class="lines">@@ -73,13 +73,26 @@
</span><span class="cx"> RegisterSet RegisterSet::calleeSaveRegisters()
</span><span class="cx"> {
</span><span class="cx"> RegisterSet result;
</span><del>-#if CPU(X86_64)
</del><ins>+#if CPU(X86)
</ins><span class="cx"> result.set(X86Registers::ebx);
</span><span class="cx"> result.set(X86Registers::ebp);
</span><ins>+ result.set(X86Registers::edi);
+ result.set(X86Registers::esi);
+#elif CPU(X86_64)
+ result.set(X86Registers::ebx);
+ result.set(X86Registers::ebp);
</ins><span class="cx"> result.set(X86Registers::r12);
</span><span class="cx"> result.set(X86Registers::r13);
</span><span class="cx"> result.set(X86Registers::r14);
</span><span class="cx"> result.set(X86Registers::r15);
</span><ins>+#elif CPU(ARM_THUMB2)
+ result.set(ARMRegisters::r4);
+ result.set(ARMRegisters::r5);
+ result.set(ARMRegisters::r6);
+ result.set(ARMRegisters::r8);
+ result.set(ARMRegisters::r9);
+ result.set(ARMRegisters::r10);
+ result.set(ARMRegisters::r11);
</ins><span class="cx"> #elif CPU(ARM64)
</span><span class="cx"> // We don't include LR in the set of callee-save registers even though it technically belongs
</span><span class="cx"> // there. This is because we use this set to describe the set of registers that need to be saved
</span><span class="lines">@@ -126,6 +139,20 @@
</span><span class="cx"> return result;
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+size_t RegisterSet::numberOfSetGPRs() const
+{
+ RegisterSet temp = *this;
+ temp.filter(allGPRs());
+ return temp.numberOfSetRegisters();
+}
+
+size_t RegisterSet::numberOfSetFPRs() const
+{
+ RegisterSet temp = *this;
+ temp.filter(allFPRs());
+ return temp.numberOfSetRegisters();
+}
+
</ins><span class="cx"> void RegisterSet::dump(PrintStream& out) const
</span><span class="cx"> {
</span><span class="cx"> m_vector.dump(out);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitRegisterSeth"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/RegisterSet.h (165413 => 165414)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/RegisterSet.h 2014-03-10 23:22:05 UTC (rev 165413)
+++ trunk/Source/JavaScriptCore/jit/RegisterSet.h 2014-03-10 23:31:18 UTC (rev 165414)
</span><span class="lines">@@ -79,6 +79,8 @@
</span><span class="cx"> void filter(const RegisterSet& other) { m_vector.filter(other.m_vector); }
</span><span class="cx"> void exclude(const RegisterSet& other) { m_vector.exclude(other.m_vector); }
</span><span class="cx">
</span><ins>+ size_t numberOfSetGPRs() const;
+ size_t numberOfSetFPRs() const;
</ins><span class="cx"> size_t numberOfSetRegisters() const { return m_vector.bitCount(); }
</span><span class="cx">
</span><span class="cx"> void dump(PrintStream&) const;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitRepatchcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/Repatch.cpp (165413 => 165414)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/Repatch.cpp 2014-03-10 23:22:05 UTC (rev 165413)
+++ trunk/Source/JavaScriptCore/jit/Repatch.cpp 2014-03-10 23:31:18 UTC (rev 165414)
</span><span class="lines">@@ -1012,15 +1012,15 @@
</span><span class="cx"> slowPath.link(&stubJit);
</span><span class="cx">
</span><span class="cx"> allocator.restoreReusedRegistersByPopping(stubJit);
</span><del>- ScratchBuffer* scratchBuffer = vm->scratchBufferForSize(allocator.desiredScratchBufferSize());
- allocator.preserveUsedRegistersToScratchBuffer(stubJit, scratchBuffer, scratchGPR1);
</del><ins>+ ScratchBuffer* scratchBuffer = vm->scratchBufferForSize(allocator.desiredScratchBufferSizeForCall());
+ allocator.preserveUsedRegistersToScratchBufferForCall(stubJit, scratchBuffer, scratchGPR1);
</ins><span class="cx"> #if USE(JSVALUE64)
</span><span class="cx"> stubJit.setupArgumentsWithExecState(baseGPR, MacroAssembler::TrustedImmPtr(structure), MacroAssembler::TrustedImm32(slot.cachedOffset()), valueGPR);
</span><span class="cx"> #else
</span><span class="cx"> stubJit.setupArgumentsWithExecState(baseGPR, MacroAssembler::TrustedImmPtr(structure), MacroAssembler::TrustedImm32(slot.cachedOffset()), valueGPR, valueTagGPR);
</span><span class="cx"> #endif
</span><span class="cx"> operationCall = stubJit.call();
</span><del>- allocator.restoreUsedRegistersFromScratchBuffer(stubJit, scratchBuffer, scratchGPR1);
</del><ins>+ allocator.restoreUsedRegistersFromScratchBufferForCall(stubJit, scratchBuffer, scratchGPR1);
</ins><span class="cx"> successInSlowPath = stubJit.jump();
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitScratchRegisterAllocatorcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/ScratchRegisterAllocator.cpp (165413 => 165414)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/ScratchRegisterAllocator.cpp 2014-03-10 23:22:05 UTC (rev 165413)
+++ trunk/Source/JavaScriptCore/jit/ScratchRegisterAllocator.cpp 2014-03-10 23:31:18 UTC (rev 165414)
</span><span class="lines">@@ -33,7 +33,7 @@
</span><span class="cx">
</span><span class="cx"> namespace JSC {
</span><span class="cx">
</span><del>-ScratchRegisterAllocator::ScratchRegisterAllocator(const TempRegisterSet& usedRegisters)
</del><ins>+ScratchRegisterAllocator::ScratchRegisterAllocator(const RegisterSet& usedRegisters)
</ins><span class="cx"> : m_usedRegisters(usedRegisters)
</span><span class="cx"> , m_numberOfReusedRegisters(0)
</span><span class="cx"> {
</span><span class="lines">@@ -97,12 +97,14 @@
</span><span class="cx"> return;
</span><span class="cx">
</span><span class="cx"> for (unsigned i = 0; i < FPRInfo::numberOfRegisters; ++i) {
</span><del>- if (m_scratchRegisters.getFPRByIndex(i) && m_usedRegisters.getFPRByIndex(i))
- jit.pushToSave(FPRInfo::toRegister(i));
</del><ins>+ FPRReg reg = FPRInfo::toRegister(i);
+ if (m_scratchRegisters.getFPRByIndex(i) && m_usedRegisters.get(reg))
+ jit.pushToSave(reg);
</ins><span class="cx"> }
</span><span class="cx"> for (unsigned i = 0; i < GPRInfo::numberOfRegisters; ++i) {
</span><del>- if (m_scratchRegisters.getGPRByIndex(i) && m_usedRegisters.getGPRByIndex(i))
- jit.pushToSave(GPRInfo::toRegister(i));
</del><ins>+ GPRReg reg = GPRInfo::toRegister(i);
+ if (m_scratchRegisters.getGPRByIndex(i) && m_usedRegisters.get(reg))
+ jit.pushToSave(reg);
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -112,49 +114,61 @@
</span><span class="cx"> return;
</span><span class="cx">
</span><span class="cx"> for (unsigned i = GPRInfo::numberOfRegisters; i--;) {
</span><del>- if (m_scratchRegisters.getGPRByIndex(i) && m_usedRegisters.getGPRByIndex(i))
- jit.popToRestore(GPRInfo::toRegister(i));
</del><ins>+ GPRReg reg = GPRInfo::toRegister(i);
+ if (m_scratchRegisters.getGPRByIndex(i) && m_usedRegisters.get(reg))
+ jit.popToRestore(reg);
</ins><span class="cx"> }
</span><span class="cx"> for (unsigned i = FPRInfo::numberOfRegisters; i--;) {
</span><del>- if (m_scratchRegisters.getFPRByIndex(i) && m_usedRegisters.getFPRByIndex(i))
- jit.popToRestore(FPRInfo::toRegister(i));
</del><ins>+ FPRReg reg = FPRInfo::toRegister(i);
+ if (m_scratchRegisters.getFPRByIndex(i) && m_usedRegisters.get(reg))
+ jit.popToRestore(reg);
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><del>-unsigned ScratchRegisterAllocator::desiredScratchBufferSize() const
</del><ins>+RegisterSet ScratchRegisterAllocator::usedRegistersForCall() const
</ins><span class="cx"> {
</span><del>- return m_usedRegisters.numberOfSetRegisters() * sizeof(JSValue);
</del><ins>+ RegisterSet result = m_usedRegisters;
+ result.exclude(RegisterSet::calleeSaveRegisters());
+ result.exclude(RegisterSet::stackRegisters());
+ result.exclude(RegisterSet::reservedHardwareRegisters());
+ return result;
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-void ScratchRegisterAllocator::preserveUsedRegistersToScratchBuffer(MacroAssembler& jit, ScratchBuffer* scratchBuffer, GPRReg scratchGPR)
</del><ins>+unsigned ScratchRegisterAllocator::desiredScratchBufferSizeForCall() const
</ins><span class="cx"> {
</span><ins>+ return usedRegistersForCall().numberOfSetRegisters() * sizeof(JSValue);
+}
+
+void ScratchRegisterAllocator::preserveUsedRegistersToScratchBufferForCall(MacroAssembler& jit, ScratchBuffer* scratchBuffer, GPRReg scratchGPR)
+{
+ RegisterSet usedRegisters = usedRegistersForCall();
+
</ins><span class="cx"> unsigned count = 0;
</span><del>- for (unsigned i = GPRInfo::numberOfRegisters; i--;) {
- if (m_usedRegisters.getGPRByIndex(i)) {
-#if USE(JSVALUE64)
- jit.store64(GPRInfo::toRegister(i), static_cast<EncodedJSValue*>(scratchBuffer->dataBuffer()) + (count++));
-#else
- jit.store32(GPRInfo::toRegister(i), static_cast<EncodedJSValue*>(scratchBuffer->dataBuffer()) + (count++));
-#endif
- }
- if (scratchGPR == InvalidGPRReg && !m_lockedRegisters.getGPRByIndex(i) && !m_scratchRegisters.getGPRByIndex(i))
- scratchGPR = GPRInfo::toRegister(i);
</del><ins>+ for (GPRReg reg = MacroAssembler::firstRegister(); reg <= MacroAssembler::lastRegister(); reg = MacroAssembler::nextRegister(reg)) {
+ if (usedRegisters.get(reg))
+ jit.storePtr(reg, static_cast<EncodedJSValue*>(scratchBuffer->dataBuffer()) + (count++));
+ if (GPRInfo::toIndex(reg) != GPRInfo::InvalidIndex
+ && scratchGPR == InvalidGPRReg
+ && !m_lockedRegisters.get(reg) && !m_scratchRegisters.get(reg))
+ scratchGPR = reg;
</ins><span class="cx"> }
</span><span class="cx"> RELEASE_ASSERT(scratchGPR != InvalidGPRReg);
</span><del>- for (unsigned i = FPRInfo::numberOfRegisters; i--;) {
- if (m_usedRegisters.getFPRByIndex(i)) {
</del><ins>+ for (FPRReg reg = MacroAssembler::firstFPRegister(); reg <= MacroAssembler::lastFPRegister(); reg = MacroAssembler::nextFPRegister(reg)) {
+ if (usedRegisters.get(reg)) {
</ins><span class="cx"> jit.move(MacroAssembler::TrustedImmPtr(static_cast<EncodedJSValue*>(scratchBuffer->dataBuffer()) + (count++)), scratchGPR);
</span><del>- jit.storeDouble(FPRInfo::toRegister(i), scratchGPR);
</del><ins>+ jit.storeDouble(reg, scratchGPR);
</ins><span class="cx"> }
</span><span class="cx"> }
</span><del>- RELEASE_ASSERT(count * sizeof(JSValue) == desiredScratchBufferSize());
</del><ins>+ RELEASE_ASSERT(count * sizeof(JSValue) == desiredScratchBufferSizeForCall());
</ins><span class="cx">
</span><span class="cx"> jit.move(MacroAssembler::TrustedImmPtr(scratchBuffer->activeLengthPtr()), scratchGPR);
</span><span class="cx"> jit.storePtr(MacroAssembler::TrustedImmPtr(static_cast<size_t>(count * sizeof(JSValue))), scratchGPR);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void ScratchRegisterAllocator::restoreUsedRegistersFromScratchBuffer(MacroAssembler& jit, ScratchBuffer* scratchBuffer, GPRReg scratchGPR)
</del><ins>+void ScratchRegisterAllocator::restoreUsedRegistersFromScratchBufferForCall(MacroAssembler& jit, ScratchBuffer* scratchBuffer, GPRReg scratchGPR)
</ins><span class="cx"> {
</span><ins>+ RegisterSet usedRegisters = usedRegistersForCall();
+
</ins><span class="cx"> if (scratchGPR == InvalidGPRReg) {
</span><span class="cx"> // Find a scratch register.
</span><span class="cx"> for (unsigned i = GPRInfo::numberOfRegisters; i--;) {
</span><span class="lines">@@ -165,28 +179,23 @@
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx"> RELEASE_ASSERT(scratchGPR != InvalidGPRReg);
</span><del>-
</del><ins>+
</ins><span class="cx"> jit.move(MacroAssembler::TrustedImmPtr(scratchBuffer->activeLengthPtr()), scratchGPR);
</span><span class="cx"> jit.storePtr(MacroAssembler::TrustedImmPtr(0), scratchGPR);
</span><span class="cx">
</span><span class="cx"> // Restore double registers first.
</span><del>- unsigned count = m_usedRegisters.numberOfSetGPRs();
- for (unsigned i = FPRInfo::numberOfRegisters; i--;) {
- if (m_usedRegisters.getFPRByIndex(i)) {
</del><ins>+ unsigned count = usedRegisters.numberOfSetGPRs();
+ for (FPRReg reg = MacroAssembler::firstFPRegister(); reg <= MacroAssembler::lastFPRegister(); reg = MacroAssembler::nextFPRegister(reg)) {
+ if (usedRegisters.get(reg)) {
</ins><span class="cx"> jit.move(MacroAssembler::TrustedImmPtr(static_cast<EncodedJSValue*>(scratchBuffer->dataBuffer()) + (count++)), scratchGPR);
</span><del>- jit.loadDouble(scratchGPR, FPRInfo::toRegister(i));
</del><ins>+ jit.loadDouble(scratchGPR, reg);
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> count = 0;
</span><del>- for (unsigned i = GPRInfo::numberOfRegisters; i--;) {
- if (m_usedRegisters.getGPRByIndex(i)) {
-#if USE(JSVALUE64)
- jit.load64(static_cast<EncodedJSValue*>(scratchBuffer->dataBuffer()) + (count++), GPRInfo::toRegister(i));
-#else
- jit.load32(static_cast<EncodedJSValue*>(scratchBuffer->dataBuffer()) + (count++), GPRInfo::toRegister(i));
-#endif
- }
</del><ins>+ for (GPRReg reg = MacroAssembler::firstRegister(); reg <= MacroAssembler::lastRegister(); reg = MacroAssembler::nextRegister(reg)) {
+ if (usedRegisters.get(reg))
+ jit.loadPtr(static_cast<EncodedJSValue*>(scratchBuffer->dataBuffer()) + (count++), reg);
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitScratchRegisterAllocatorh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/ScratchRegisterAllocator.h (165413 => 165414)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/ScratchRegisterAllocator.h 2014-03-10 23:22:05 UTC (rev 165413)
+++ trunk/Source/JavaScriptCore/jit/ScratchRegisterAllocator.h 2014-03-10 23:31:18 UTC (rev 165414)
</span><span class="lines">@@ -29,6 +29,7 @@
</span><span class="cx"> #if ENABLE(JIT)
</span><span class="cx">
</span><span class="cx"> #include "MacroAssembler.h"
</span><ins>+#include "RegisterSet.h"
</ins><span class="cx"> #include "TempRegisterSet.h"
</span><span class="cx">
</span><span class="cx"> namespace JSC {
</span><span class="lines">@@ -39,7 +40,7 @@
</span><span class="cx">
</span><span class="cx"> class ScratchRegisterAllocator {
</span><span class="cx"> public:
</span><del>- ScratchRegisterAllocator(const TempRegisterSet& usedRegisters);
</del><ins>+ ScratchRegisterAllocator(const RegisterSet& usedRegisters);
</ins><span class="cx"> ~ScratchRegisterAllocator();
</span><span class="cx">
</span><span class="cx"> void lock(GPRReg reg);
</span><span class="lines">@@ -64,14 +65,16 @@
</span><span class="cx"> void preserveReusedRegistersByPushing(MacroAssembler& jit);
</span><span class="cx"> void restoreReusedRegistersByPopping(MacroAssembler& jit);
</span><span class="cx">
</span><del>- unsigned desiredScratchBufferSize() const;
</del><ins>+ RegisterSet usedRegistersForCall() const;
</ins><span class="cx">
</span><del>- void preserveUsedRegistersToScratchBuffer(MacroAssembler& jit, ScratchBuffer* scratchBuffer, GPRReg scratchGPR = InvalidGPRReg);
</del><ins>+ unsigned desiredScratchBufferSizeForCall() const;
</ins><span class="cx">
</span><del>- void restoreUsedRegistersFromScratchBuffer(MacroAssembler& jit, ScratchBuffer* scratchBuffer, GPRReg scratchGPR = InvalidGPRReg);
</del><ins>+ void preserveUsedRegistersToScratchBufferForCall(MacroAssembler& jit, ScratchBuffer* scratchBuffer, GPRReg scratchGPR = InvalidGPRReg);
</ins><span class="cx">
</span><ins>+ void restoreUsedRegistersFromScratchBufferForCall(MacroAssembler& jit, ScratchBuffer* scratchBuffer, GPRReg scratchGPR = InvalidGPRReg);
+
</ins><span class="cx"> private:
</span><del>- TempRegisterSet m_usedRegisters;
</del><ins>+ RegisterSet m_usedRegisters;
</ins><span class="cx"> TempRegisterSet m_lockedRegisters;
</span><span class="cx"> TempRegisterSet m_scratchRegisters;
</span><span class="cx"> unsigned m_numberOfReusedRegisters;
</span></span></pre>
</div>
</div>
</body>
</html>