<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[206899] trunk/Source/JavaScriptCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/206899">206899</a></dd>
<dt>Author</dt> <dd>utatane.tea@gmail.com</dd>
<dt>Date</dt> <dd>2016-10-06 22:07:13 -0700 (Thu, 06 Oct 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>[DOMJIT] Support slow path call
https://bugs.webkit.org/show_bug.cgi?id=162978
Reviewed by Saam Barati.
One of the most important features required in DOMJIT::Patchpoint is slow path calls.
DOM operation typically returns DOMWrapper object. At that time, if wrapper cache hits, we can go
to the fast path. However, if we cannot use the cache, we need to go to the slow path to call toJS function.
At that time, slow path call functionality is necessary.
This patch expose DOMJIT::PatchpointParams::addSlowPathCall. We can request slow path call code generation
through this interface. DOMJIT::PatchpointParams automatically leverages appropriate slow path call systems
in each tier. In DFG, we use slow path call system. In FTL, we implement slow path call by using addLatePath
to construct slow path call. But these details are completely hidden by DOMJIT::PatchpointParams. Users can
just use addSlowPathCall.
Since DFG and FTL slow path call systems are implemented in variadic templates, directly using this means
that we need to expose core part of DFG and FTL. For example, DFG::SpeculativeJIT need to be exposed in
such a design. That is too bad. Instead, we use magical macro in DOMJITSlowPathCalls.h. We can list up the
call signatures in DOMJIT_SLOW_PATH_CALLS. DOMJIT uses these signatures to generate an interface to request
slow path calls inside DFG and FTL instead of exposing everything.
* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* dfg/DFGCommon.h:
* dfg/DFGDOMJITPatchpointParams.cpp: Copied from Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h.
(JSC::DFG::dispatch):
* dfg/DFGDOMJITPatchpointParams.h: Copied from Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h.
(JSC::DFG::DOMJITPatchpointParams::DOMJITPatchpointParams):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileCallDOM):
(JSC::DFG::SpeculativeJIT::compileCheckDOM):
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::extractResult): Deleted.
* domjit/DOMJITPatchpointParams.h:
(JSC::DOMJIT::PatchpointParams::addSlowPathCall):
* domjit/DOMJITSlowPathCalls.h: Copied from Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h.
* ftl/FTLDOMJITPatchpointParams.cpp: Added.
(JSC::FTL::dispatch):
* ftl/FTLDOMJITPatchpointParams.h: Copied from Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h.
(JSC::FTL::DOMJITPatchpointParams::DOMJITPatchpointParams):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileCheckDOM):
(JSC::FTL::DFG::LowerDFGToB3::compileCallDOM):
* jit/GPRInfo.h:
(JSC::extractResult):
* jsc.cpp:</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoreCMakeListstxt">trunk/Source/JavaScriptCore/CMakeLists.txt</a></li>
<li><a href="#trunkSourceJavaScriptCoreChangeLog">trunk/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCoreJavaScriptCorexcodeprojprojectpbxproj">trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGCommonh">trunk/Source/JavaScriptCore/dfg/DFGCommon.h</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGSpeculativeJITcpp">trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGSpeculativeJITh">trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h</a></li>
<li><a href="#trunkSourceJavaScriptCoredomjitDOMJITPatchpointParamsh">trunk/Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLLowerDFGToB3cpp">trunk/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitGPRInfoh">trunk/Source/JavaScriptCore/jit/GPRInfo.h</a></li>
<li><a href="#trunkSourceJavaScriptCorejsccpp">trunk/Source/JavaScriptCore/jsc.cpp</a></li>
</ul>
<h3>Added Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoredfgDFGDOMJITPatchpointParamscpp">trunk/Source/JavaScriptCore/dfg/DFGDOMJITPatchpointParams.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGDOMJITPatchpointParamsh">trunk/Source/JavaScriptCore/dfg/DFGDOMJITPatchpointParams.h</a></li>
<li><a href="#trunkSourceJavaScriptCoredomjitDOMJITSlowPathCallsh">trunk/Source/JavaScriptCore/domjit/DOMJITSlowPathCalls.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLDOMJITPatchpointParamscpp">trunk/Source/JavaScriptCore/ftl/FTLDOMJITPatchpointParams.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreftlFTLDOMJITPatchpointParamsh">trunk/Source/JavaScriptCore/ftl/FTLDOMJITPatchpointParams.h</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceJavaScriptCoreCMakeListstxt"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/CMakeLists.txt (206898 => 206899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/CMakeLists.txt 2016-10-07 03:26:29 UTC (rev 206898)
+++ trunk/Source/JavaScriptCore/CMakeLists.txt 2016-10-07 05:07:13 UTC (rev 206899)
</span><span class="lines">@@ -286,6 +286,7 @@
</span><span class="cx"> dfg/DFGConstantHoistingPhase.cpp
</span><span class="cx"> dfg/DFGCriticalEdgeBreakingPhase.cpp
</span><span class="cx"> dfg/DFGDCEPhase.cpp
</span><ins>+ dfg/DFGDOMJITPatchpointParams.cpp
</ins><span class="cx"> dfg/DFGDesiredIdentifiers.cpp
</span><span class="cx"> dfg/DFGDesiredTransitions.cpp
</span><span class="cx"> dfg/DFGDesiredWatchpoints.cpp
</span><span class="lines">@@ -415,6 +416,7 @@
</span><span class="cx"> ftl/FTLCapabilities.cpp
</span><span class="cx"> ftl/FTLCommonValues.cpp
</span><span class="cx"> ftl/FTLCompile.cpp
</span><ins>+ ftl/FTLDOMJITPatchpointParams.cpp
</ins><span class="cx"> ftl/FTLExceptionTarget.cpp
</span><span class="cx"> ftl/FTLExitArgument.cpp
</span><span class="cx"> ftl/FTLExitArgumentForOperand.cpp
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ChangeLog (206898 => 206899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ChangeLog 2016-10-07 03:26:29 UTC (rev 206898)
+++ trunk/Source/JavaScriptCore/ChangeLog 2016-10-07 05:07:13 UTC (rev 206899)
</span><span class="lines">@@ -1,3 +1,53 @@
</span><ins>+2016-10-06 Yusuke Suzuki <utatane.tea@gmail.com>
+
+ [DOMJIT] Support slow path call
+ https://bugs.webkit.org/show_bug.cgi?id=162978
+
+ Reviewed by Saam Barati.
+
+ One of the most important features required in DOMJIT::Patchpoint is slow path calls.
+ DOM operation typically returns DOMWrapper object. At that time, if wrapper cache hits, we can go
+ to the fast path. However, if we cannot use the cache, we need to go to the slow path to call toJS function.
+ At that time, slow path call functionality is necessary.
+
+ This patch expose DOMJIT::PatchpointParams::addSlowPathCall. We can request slow path call code generation
+ through this interface. DOMJIT::PatchpointParams automatically leverages appropriate slow path call systems
+ in each tier. In DFG, we use slow path call system. In FTL, we implement slow path call by using addLatePath
+ to construct slow path call. But these details are completely hidden by DOMJIT::PatchpointParams. Users can
+ just use addSlowPathCall.
+
+ Since DFG and FTL slow path call systems are implemented in variadic templates, directly using this means
+ that we need to expose core part of DFG and FTL. For example, DFG::SpeculativeJIT need to be exposed in
+ such a design. That is too bad. Instead, we use magical macro in DOMJITSlowPathCalls.h. We can list up the
+ call signatures in DOMJIT_SLOW_PATH_CALLS. DOMJIT uses these signatures to generate an interface to request
+ slow path calls inside DFG and FTL instead of exposing everything.
+
+ * CMakeLists.txt:
+ * JavaScriptCore.xcodeproj/project.pbxproj:
+ * dfg/DFGCommon.h:
+ * dfg/DFGDOMJITPatchpointParams.cpp: Copied from Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h.
+ (JSC::DFG::dispatch):
+ * dfg/DFGDOMJITPatchpointParams.h: Copied from Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h.
+ (JSC::DFG::DOMJITPatchpointParams::DOMJITPatchpointParams):
+ * dfg/DFGSpeculativeJIT.cpp:
+ (JSC::DFG::SpeculativeJIT::compileCallDOM):
+ (JSC::DFG::SpeculativeJIT::compileCheckDOM):
+ * dfg/DFGSpeculativeJIT.h:
+ (JSC::DFG::extractResult): Deleted.
+ * domjit/DOMJITPatchpointParams.h:
+ (JSC::DOMJIT::PatchpointParams::addSlowPathCall):
+ * domjit/DOMJITSlowPathCalls.h: Copied from Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h.
+ * ftl/FTLDOMJITPatchpointParams.cpp: Added.
+ (JSC::FTL::dispatch):
+ * ftl/FTLDOMJITPatchpointParams.h: Copied from Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h.
+ (JSC::FTL::DOMJITPatchpointParams::DOMJITPatchpointParams):
+ * ftl/FTLLowerDFGToB3.cpp:
+ (JSC::FTL::DFG::LowerDFGToB3::compileCheckDOM):
+ (JSC::FTL::DFG::LowerDFGToB3::compileCallDOM):
+ * jit/GPRInfo.h:
+ (JSC::extractResult):
+ * jsc.cpp:
+
</ins><span class="cx"> 2016-10-06 Saam Barati <sbarati@apple.com>
</span><span class="cx">
</span><span class="cx"> HasOwnPropertyCache flattening dictionaries is causing insane memory usage with the uBlock Safari extension
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreJavaScriptCorexcodeprojprojectpbxproj"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj (206898 => 206899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj 2016-10-07 03:26:29 UTC (rev 206898)
+++ trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj 2016-10-07 05:07:13 UTC (rev 206899)
</span><span class="lines">@@ -1192,6 +1192,7 @@
</span><span class="cx"> 43C392AB1C3BEB0500241F53 /* AssemblerCommon.h in Headers */ = {isa = PBXBuildFile; fileRef = 43C392AA1C3BEB0000241F53 /* AssemblerCommon.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="cx"> 4443AE3316E188D90076F110 /* Foundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 51F0EB6105C86C6B00E6DF1B /* Foundation.framework */; };
</span><span class="cx"> 451539B912DC994500EF7AC4 /* Yarr.h in Headers */ = {isa = PBXBuildFile; fileRef = 451539B812DC994500EF7AC4 /* Yarr.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><ins>+ 473DA4A4764C45FE871B0485 /* DefinePropertyAttributes.h in Headers */ = {isa = PBXBuildFile; fileRef = 169948EDE68D4054B01EF797 /* DefinePropertyAttributes.h */; settings = {ATTRIBUTES = (Private, ); }; };
</ins><span class="cx"> 52678F8E1A031009006A306D /* BasicBlockLocation.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 52678F8C1A031009006A306D /* BasicBlockLocation.cpp */; };
</span><span class="cx"> 52678F8F1A031009006A306D /* BasicBlockLocation.h in Headers */ = {isa = PBXBuildFile; fileRef = 52678F8D1A031009006A306D /* BasicBlockLocation.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="cx"> 52678F911A04177C006A306D /* ControlFlowProfiler.h in Headers */ = {isa = PBXBuildFile; fileRef = 52678F901A04177C006A306D /* ControlFlowProfiler.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="lines">@@ -2067,6 +2068,10 @@
</span><span class="cx"> E18E3A590DF9278C00D90B34 /* VM.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E18E3A570DF9278C00D90B34 /* VM.cpp */; };
</span><span class="cx"> E318CBC01B8AEF5100A2929D /* JSModuleNamespaceObject.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E318CBBE1B8AEF5100A2929D /* JSModuleNamespaceObject.cpp */; };
</span><span class="cx"> E318CBC11B8AEF5100A2929D /* JSModuleNamespaceObject.h in Headers */ = {isa = PBXBuildFile; fileRef = E318CBBF1B8AEF5100A2929D /* JSModuleNamespaceObject.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><ins>+ E322E5A21DA64439006E7709 /* DFGDOMJITPatchpointParams.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E322E5A01DA64435006E7709 /* DFGDOMJITPatchpointParams.cpp */; };
+ E322E5A31DA64439006E7709 /* DFGDOMJITPatchpointParams.h in Headers */ = {isa = PBXBuildFile; fileRef = E322E5A11DA64435006E7709 /* DFGDOMJITPatchpointParams.h */; };
+ E322E5A61DA644A8006E7709 /* FTLDOMJITPatchpointParams.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E322E5A41DA644A4006E7709 /* FTLDOMJITPatchpointParams.cpp */; };
+ E322E5A71DA644A8006E7709 /* FTLDOMJITPatchpointParams.h in Headers */ = {isa = PBXBuildFile; fileRef = E322E5A51DA644A4006E7709 /* FTLDOMJITPatchpointParams.h */; };
</ins><span class="cx"> E328C6C71DA4304500D255FD /* MaxFrameExtentForSlowPathCall.h in Headers */ = {isa = PBXBuildFile; fileRef = 65860177185A8F5E00030EEE /* MaxFrameExtentForSlowPathCall.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="cx"> E328C6C81DA4306100D255FD /* RegisterAtOffsetList.h in Headers */ = {isa = PBXBuildFile; fileRef = 6540C79D1B82D99D000F6B79 /* RegisterAtOffsetList.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="cx"> E328C6C91DA432F900D255FD /* RegisterAtOffset.h in Headers */ = {isa = PBXBuildFile; fileRef = 6540C79F1B82D9CE000F6B79 /* RegisterAtOffset.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="lines">@@ -2075,6 +2080,7 @@
</span><span class="cx"> E328DAE91D38D005001A2529 /* BytecodeGraph.h in Headers */ = {isa = PBXBuildFile; fileRef = E3D264281D38C042000BE174 /* BytecodeGraph.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="cx"> E328DAEA1D38D005001A2529 /* BytecodeRewriter.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E3D264291D38C042000BE174 /* BytecodeRewriter.cpp */; };
</span><span class="cx"> E328DAEB1D38D005001A2529 /* BytecodeRewriter.h in Headers */ = {isa = PBXBuildFile; fileRef = E3D2642A1D38C042000BE174 /* BytecodeRewriter.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><ins>+ E32FF1EA1DA7571C00A8BF21 /* DOMJITSlowPathCalls.h in Headers */ = {isa = PBXBuildFile; fileRef = E3CB1E241DA7540A00FA1E56 /* DOMJITSlowPathCalls.h */; settings = {ATTRIBUTES = (Private, ); }; };
</ins><span class="cx"> E33637A51B63220200EE0840 /* ReflectObject.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E33637A31B63220200EE0840 /* ReflectObject.cpp */; };
</span><span class="cx"> E33637A61B63220200EE0840 /* ReflectObject.h in Headers */ = {isa = PBXBuildFile; fileRef = E33637A41B63220200EE0840 /* ReflectObject.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="cx"> E33B3E261B7ABD750048DB2E /* InspectorInstrumentationObject.lut.h in Headers */ = {isa = PBXBuildFile; fileRef = E33B3E251B7ABD750048DB2E /* InspectorInstrumentationObject.lut.h */; };
</span><span class="lines">@@ -2185,7 +2191,6 @@
</span><span class="cx"> FED94F2F171E3E2300BE77A4 /* Watchdog.h in Headers */ = {isa = PBXBuildFile; fileRef = FED94F2C171E3E2300BE77A4 /* Watchdog.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="cx"> FEF040511AAE662D00BD28B0 /* CompareAndSwapTest.cpp in Sources */ = {isa = PBXBuildFile; fileRef = FEF040501AAE662D00BD28B0 /* CompareAndSwapTest.cpp */; };
</span><span class="cx"> FEFD6FC61D5E7992008F2F0B /* JSStringInlines.h in Headers */ = {isa = PBXBuildFile; fileRef = FEFD6FC51D5E7970008F2F0B /* JSStringInlines.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><del>- 473DA4A4764C45FE871B0485 /* DefinePropertyAttributes.h in Headers */ = {isa = PBXBuildFile; fileRef = 169948EDE68D4054B01EF797 /* DefinePropertyAttributes.h */; settings = {ATTRIBUTES = (Private, ); }; };
</del><span class="cx"> /* End PBXBuildFile section */
</span><span class="cx">
</span><span class="cx"> /* Begin PBXContainerItemProxy section */
</span><span class="lines">@@ -3355,6 +3360,7 @@
</span><span class="cx"> 14F7256314EE265E00B1652B /* WeakHandleOwner.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = WeakHandleOwner.cpp; sourceTree = "<group>"; };
</span><span class="cx"> 14F7256414EE265E00B1652B /* WeakHandleOwner.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WeakHandleOwner.h; sourceTree = "<group>"; };
</span><span class="cx"> 14F97446138C853E00DA1C67 /* HeapRootVisitor.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = HeapRootVisitor.h; sourceTree = "<group>"; };
</span><ins>+ 169948EDE68D4054B01EF797 /* DefinePropertyAttributes.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DefinePropertyAttributes.h; sourceTree = "<group>"; };
</ins><span class="cx"> 1879510614C540FFB561C124 /* JSModuleLoader.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSModuleLoader.cpp; sourceTree = "<group>"; };
</span><span class="cx"> 1A28D4A7177B71C80007FA3C /* JSStringRefPrivate.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSStringRefPrivate.h; sourceTree = "<group>"; };
</span><span class="cx"> 1ACF7376171CA6FB00C9BB1E /* Weak.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = Weak.cpp; sourceTree = "<group>"; };
</span><span class="lines">@@ -4374,6 +4380,10 @@
</span><span class="cx"> E30677971B8BC6F5003F87F0 /* ModuleLoaderPrototype.js */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.javascript; path = ModuleLoaderPrototype.js; sourceTree = "<group>"; };
</span><span class="cx"> E318CBBE1B8AEF5100A2929D /* JSModuleNamespaceObject.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSModuleNamespaceObject.cpp; sourceTree = "<group>"; };
</span><span class="cx"> E318CBBF1B8AEF5100A2929D /* JSModuleNamespaceObject.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSModuleNamespaceObject.h; sourceTree = "<group>"; };
</span><ins>+ E322E5A01DA64435006E7709 /* DFGDOMJITPatchpointParams.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = DFGDOMJITPatchpointParams.cpp; path = dfg/DFGDOMJITPatchpointParams.cpp; sourceTree = "<group>"; };
+ E322E5A11DA64435006E7709 /* DFGDOMJITPatchpointParams.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = DFGDOMJITPatchpointParams.h; path = dfg/DFGDOMJITPatchpointParams.h; sourceTree = "<group>"; };
+ E322E5A41DA644A4006E7709 /* FTLDOMJITPatchpointParams.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = FTLDOMJITPatchpointParams.cpp; path = ftl/FTLDOMJITPatchpointParams.cpp; sourceTree = "<group>"; };
+ E322E5A51DA644A4006E7709 /* FTLDOMJITPatchpointParams.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = FTLDOMJITPatchpointParams.h; path = ftl/FTLDOMJITPatchpointParams.h; sourceTree = "<group>"; };
</ins><span class="cx"> E33637A31B63220200EE0840 /* ReflectObject.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ReflectObject.cpp; sourceTree = "<group>"; };
</span><span class="cx"> E33637A41B63220200EE0840 /* ReflectObject.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ReflectObject.h; sourceTree = "<group>"; };
</span><span class="cx"> E33B3E251B7ABD750048DB2E /* InspectorInstrumentationObject.lut.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = InspectorInstrumentationObject.lut.h; sourceTree = "<group>"; };
</span><span class="lines">@@ -4407,6 +4417,7 @@
</span><span class="cx"> E39DA4A51B7E8B7C0084F33A /* JSModuleRecord.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSModuleRecord.h; sourceTree = "<group>"; };
</span><span class="cx"> E3A421421D6F588F0007C617 /* PreciseJumpTargetsInlines.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PreciseJumpTargetsInlines.h; sourceTree = "<group>"; };
</span><span class="cx"> E3C08E3B1DA41B7B0039478F /* DOMJITPatchpoint.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DOMJITPatchpoint.h; sourceTree = "<group>"; };
</span><ins>+ E3CB1E241DA7540A00FA1E56 /* DOMJITSlowPathCalls.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DOMJITSlowPathCalls.h; sourceTree = "<group>"; };
</ins><span class="cx"> E3D239C61B829C1C00BBEF67 /* JSModuleEnvironment.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSModuleEnvironment.cpp; sourceTree = "<group>"; };
</span><span class="cx"> E3D239C71B829C1C00BBEF67 /* JSModuleEnvironment.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSModuleEnvironment.h; sourceTree = "<group>"; };
</span><span class="cx"> E3D264261D38C042000BE174 /* BytecodeGeneratorification.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = BytecodeGeneratorification.cpp; sourceTree = "<group>"; };
</span><span class="lines">@@ -4530,7 +4541,6 @@
</span><span class="cx"> FEF040501AAE662D00BD28B0 /* CompareAndSwapTest.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = CompareAndSwapTest.cpp; path = API/tests/CompareAndSwapTest.cpp; sourceTree = "<group>"; };
</span><span class="cx"> FEF040521AAEC4ED00BD28B0 /* CompareAndSwapTest.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = CompareAndSwapTest.h; path = API/tests/CompareAndSwapTest.h; sourceTree = "<group>"; };
</span><span class="cx"> FEFD6FC51D5E7970008F2F0B /* JSStringInlines.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSStringInlines.h; sourceTree = "<group>"; };
</span><del>- 169948EDE68D4054B01EF797 /* DefinePropertyAttributes.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = DefinePropertyAttributes.h; path = DefinePropertyAttributes.h; sourceTree = "<group>"; };
</del><span class="cx"> /* End PBXFileReference section */
</span><span class="cx">
</span><span class="cx"> /* Begin PBXFrameworksBuildPhase section */
</span><span class="lines">@@ -4761,6 +4771,8 @@
</span><span class="cx"> 0FEA0A211709606900BB722C /* FTLCommonValues.h */,
</span><span class="cx"> 0FB387911BFD31A100E3AB1E /* FTLCompile.cpp */,
</span><span class="cx"> 0FEA0A01170513DB00BB722C /* FTLCompile.h */,
</span><ins>+ E322E5A41DA644A4006E7709 /* FTLDOMJITPatchpointParams.cpp */,
+ E322E5A51DA644A4006E7709 /* FTLDOMJITPatchpointParams.h */,
</ins><span class="cx"> 0F9D4C0A1C3E1C11006CD984 /* FTLExceptionTarget.cpp */,
</span><span class="cx"> 0F9D4C0B1C3E1C11006CD984 /* FTLExceptionTarget.h */,
</span><span class="cx"> 0F235BBD17178E1C00690C7F /* FTLExitArgument.cpp */,
</span><span class="lines">@@ -6419,6 +6431,8 @@
</span><span class="cx"> 0FFFC94E14EF909500C72532 /* DFGCSEPhase.h */,
</span><span class="cx"> 0F2FC77016E12F6F0038D976 /* DFGDCEPhase.cpp */,
</span><span class="cx"> 0F2FC77116E12F6F0038D976 /* DFGDCEPhase.h */,
</span><ins>+ E322E5A01DA64435006E7709 /* DFGDOMJITPatchpointParams.cpp */,
+ E322E5A11DA64435006E7709 /* DFGDOMJITPatchpointParams.h */,
</ins><span class="cx"> 0F8F2B97172F04FD007DBDA5 /* DFGDesiredIdentifiers.cpp */,
</span><span class="cx"> 0F8F2B98172F04FD007DBDA5 /* DFGDesiredIdentifiers.h */,
</span><span class="cx"> 0FFC92131B94E83E0071DD66 /* DFGDesiredInferredType.h */,
</span><span class="lines">@@ -7189,6 +7203,7 @@
</span><span class="cx"> E3C08E3B1DA41B7B0039478F /* DOMJITPatchpoint.h */,
</span><span class="cx"> E37AD83A1DA4928000F3D412 /* DOMJITPatchpointParams.h */,
</span><span class="cx"> E37AD83B1DA4928000F3D412 /* DOMJITReg.h */,
</span><ins>+ E3CB1E241DA7540A00FA1E56 /* DOMJITSlowPathCalls.h */,
</ins><span class="cx"> );
</span><span class="cx"> path = domjit;
</span><span class="cx"> sourceTree = "<group>";
</span><span class="lines">@@ -8042,6 +8057,7 @@
</span><span class="cx"> 996B731F1BDA08EF00331B84 /* JSPromisePrototype.lut.h in Headers */,
</span><span class="cx"> 2A05ABD61961DF2400341750 /* JSPropertyNameEnumerator.h in Headers */,
</span><span class="cx"> 0F40E4A91C497F7400A577FA /* AirOpcodeUtils.h in Headers */,
</span><ins>+ E322E5A31DA64439006E7709 /* DFGDOMJITPatchpointParams.h in Headers */,
</ins><span class="cx"> E3EF88751B66DF23003F26CB /* JSPropertyNameIterator.h in Headers */,
</span><span class="cx"> 862553D216136E1A009F17D0 /* JSProxy.h in Headers */,
</span><span class="cx"> A552C3801ADDB8FE00139726 /* JSRemoteInspector.h in Headers */,
</span><span class="lines">@@ -8123,6 +8139,7 @@
</span><span class="cx"> 0F4680CB14BBB17200BFE272 /* LLIntOfflineAsmConfig.h in Headers */,
</span><span class="cx"> FED287B215EC9A5700DA8161 /* LLIntOpcode.h in Headers */,
</span><span class="cx"> 0F4680A514BA7F8D00BFE272 /* LLIntSlowPaths.h in Headers */,
</span><ins>+ E322E5A71DA644A8006E7709 /* FTLDOMJITPatchpointParams.h in Headers */,
</ins><span class="cx"> 0F0B839D14BCF46600885B4F /* LLIntThunks.h in Headers */,
</span><span class="cx"> 142E3139134FF0A600AFADB5 /* Local.h in Headers */,
</span><span class="cx"> 142E313A134FF0A600AFADB5 /* LocalScope.h in Headers */,
</span><span class="lines">@@ -8346,6 +8363,7 @@
</span><span class="cx"> 996B73271BDA08EF00331B84 /* SymbolConstructor.lut.h in Headers */,
</span><span class="cx"> 705B41B01A6E501E00716757 /* SymbolObject.h in Headers */,
</span><span class="cx"> 0F33FCFC1C1625BE00323F67 /* B3Dominators.h in Headers */,
</span><ins>+ E32FF1EA1DA7571C00A8BF21 /* DOMJITSlowPathCalls.h in Headers */,
</ins><span class="cx"> 53FD04D41D7AB291003287D3 /* WASMCallingConvention.h in Headers */,
</span><span class="cx"> 705B41B21A6E501E00716757 /* SymbolPrototype.h in Headers */,
</span><span class="cx"> 996B73281BDA08EF00331B84 /* SymbolPrototype.lut.h in Headers */,
</span><span class="lines">@@ -9401,6 +9419,7 @@
</span><span class="cx"> A1587D6F1B4DC14100D69849 /* IntlDateTimeFormatConstructor.cpp in Sources */,
</span><span class="cx"> FE3A06BF1C11041600390FDD /* JITRightShiftGenerator.cpp in Sources */,
</span><span class="cx"> 262D85B61C0D650F006ACB61 /* AirFixPartialRegisterStalls.cpp in Sources */,
</span><ins>+ E322E5A61DA644A8006E7709 /* FTLDOMJITPatchpointParams.cpp in Sources */,
</ins><span class="cx"> 70B7919B1C024A46002481E2 /* JSGeneratorFunction.cpp in Sources */,
</span><span class="cx"> A1587D711B4DC14100D69849 /* IntlDateTimeFormatPrototype.cpp in Sources */,
</span><span class="cx"> A1D792FC1B43864B004516F5 /* IntlNumberFormat.cpp in Sources */,
</span><span class="lines">@@ -9600,6 +9619,7 @@
</span><span class="cx"> E3963CEE1B73F75000EB4CE5 /* NodesAnalyzeModule.cpp in Sources */,
</span><span class="cx"> 655EB29B10CE2581001A990E /* NodesCodegen.cpp in Sources */,
</span><span class="cx"> 6546F5211A32B313006F07D5 /* NullGetterFunction.cpp in Sources */,
</span><ins>+ E322E5A21DA64439006E7709 /* DFGDOMJITPatchpointParams.cpp in Sources */,
</ins><span class="cx"> 65525FC51A6DD801007B5495 /* NullSetterFunction.cpp in Sources */,
</span><span class="cx"> 14469DE2107EC7E700650446 /* NumberConstructor.cpp in Sources */,
</span><span class="cx"> 14469DE3107EC7E700650446 /* NumberObject.cpp in Sources */,
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGCommonh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGCommon.h (206898 => 206899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGCommon.h 2016-10-07 03:26:29 UTC (rev 206898)
+++ trunk/Source/JavaScriptCore/dfg/DFGCommon.h 2016-10-07 05:07:13 UTC (rev 206899)
</span><span class="lines">@@ -98,8 +98,6 @@
</span><span class="cx"> #endif
</span><span class="cx"> }
</span><span class="cx">
</span><del>-enum NoResultTag { NoResult };
-
</del><span class="cx"> // The prediction propagator effectively does four passes, with the last pass
</span><span class="cx"> // being done by the separate FixuPhase.
</span><span class="cx"> enum PredictionPass {
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGDOMJITPatchpointParamscppfromrev206898trunkSourceJavaScriptCoredomjitDOMJITPatchpointParamsh"></a>
<div class="copfile"><h4>Copied: trunk/Source/JavaScriptCore/dfg/DFGDOMJITPatchpointParams.cpp (from rev 206898, trunk/Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h) (0 => 206899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGDOMJITPatchpointParams.cpp (rev 0)
+++ trunk/Source/JavaScriptCore/dfg/DFGDOMJITPatchpointParams.cpp 2016-10-07 05:07:13 UTC (rev 206899)
</span><span class="lines">@@ -0,0 +1,53 @@
</span><ins>+/*
+ * Copyright (C) 2016 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "DFGDOMJITPatchpointParams.h"
+
+#if ENABLE(DFG_JIT)
+
+#include "DFGSlowPathGenerator.h"
+#include "DFGSpeculativeJIT.h"
+
+namespace JSC { namespace DFG {
+
+template<typename OperationType, typename ResultType, typename Arguments, size_t... ArgumentsIndex>
+static void dispatch(SpeculativeJIT* jit, CCallHelpers::JumpList from, OperationType operation, ResultType result, Arguments arguments, std::index_sequence<ArgumentsIndex...>)
+{
+ jit->addSlowPathGenerator(slowPathCall(from, jit, operation, result, std::get<ArgumentsIndex>(arguments)...));
+}
+
+#define JSC_DEFINE_CALL_OPERATIONS(OperationType, ResultType, ...) \
+ void DOMJITPatchpointParams::addSlowPathCallImpl(CCallHelpers::JumpList from, CCallHelpers&, OperationType operation, ResultType result, std::tuple<__VA_ARGS__> args) const \
+ { \
+ dispatch(m_jit, from, operation, result, args, std::make_index_sequence<std::tuple_size<decltype(args)>::value>()); \
+ } \
+
+DOMJIT_SLOW_PATH_CALLS(JSC_DEFINE_CALL_OPERATIONS)
+#undef JSC_DEFINE_CALL_OPERATIONS
+
+} }
+
+#endif
</ins></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGDOMJITPatchpointParamshfromrev206898trunkSourceJavaScriptCoredomjitDOMJITPatchpointParamsh"></a>
<div class="copfile"><h4>Copied: trunk/Source/JavaScriptCore/dfg/DFGDOMJITPatchpointParams.h (from rev 206898, trunk/Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h) (0 => 206899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGDOMJITPatchpointParams.h (rev 0)
+++ trunk/Source/JavaScriptCore/dfg/DFGDOMJITPatchpointParams.h 2016-10-07 05:07:13 UTC (rev 206899)
</span><span class="lines">@@ -0,0 +1,54 @@
</span><ins>+/*
+ * Copyright (C) 2016 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#if ENABLE(DFG_JIT)
+
+#include "DOMJITPatchpointParams.h"
+
+namespace JSC { namespace DFG {
+
+class SpeculativeJIT;
+
+class DOMJITPatchpointParams : public DOMJIT::PatchpointParams {
+public:
+ DOMJITPatchpointParams(SpeculativeJIT* jit, Vector<DOMJIT::Reg>&& regs, Vector<GPRReg>&& gpScratch, Vector<FPRReg>&& fpScratch)
+ : DOMJIT::PatchpointParams(WTFMove(regs), WTFMove(gpScratch), WTFMove(fpScratch))
+ , m_jit(jit)
+ {
+ }
+
+private:
+#define JSC_DEFINE_CALL_OPERATIONS(OperationType, ResultType, ...) void addSlowPathCallImpl(CCallHelpers::JumpList, CCallHelpers&, OperationType, ResultType, std::tuple<__VA_ARGS__> args) const override;
+ DOMJIT_SLOW_PATH_CALLS(JSC_DEFINE_CALL_OPERATIONS)
+#undef JSC_DEFINE_CALL_OPERATIONS
+
+ SpeculativeJIT* m_jit;
+};
+
+} }
+
+#endif
</ins></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGSpeculativeJITcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp (206898 => 206899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp 2016-10-07 03:26:29 UTC (rev 206898)
+++ trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp 2016-10-07 05:07:13 UTC (rev 206899)
</span><span class="lines">@@ -34,12 +34,12 @@
</span><span class="cx"> #include "DFGCallArrayAllocatorSlowPathGenerator.h"
</span><span class="cx"> #include "DFGCallCreateDirectArgumentsSlowPathGenerator.h"
</span><span class="cx"> #include "DFGCapabilities.h"
</span><ins>+#include "DFGDOMJITPatchpointParams.h"
</ins><span class="cx"> #include "DFGMayExit.h"
</span><span class="cx"> #include "DFGOSRExitFuzz.h"
</span><span class="cx"> #include "DFGSaneStringGetByValSlowPathGenerator.h"
</span><span class="cx"> #include "DFGSlowPathGenerator.h"
</span><span class="cx"> #include "DOMJITPatchpoint.h"
</span><del>-#include "DOMJITPatchpointParams.h"
</del><span class="cx"> #include "DirectArguments.h"
</span><span class="cx"> #include "JITAddGenerator.h"
</span><span class="cx"> #include "JITBitAndGenerator.h"
</span><span class="lines">@@ -7153,7 +7153,7 @@
</span><span class="cx"> Vector<GPRTemporary> gpTempraries;
</span><span class="cx"> Vector<FPRTemporary> fpTempraries;
</span><span class="cx"> allocateTemporaryRegistersForPatchpoint(this, gpTempraries, fpTempraries, gpScratch, fpScratch, patchpoint.get());
</span><del>- DOMJIT::PatchpointParams params(WTFMove(regs), WTFMove(gpScratch), WTFMove(fpScratch));
</del><ins>+ DOMJITPatchpointParams params(this, WTFMove(regs), WTFMove(gpScratch), WTFMove(fpScratch));
</ins><span class="cx"> patchpoint->generator()->run(m_jit, params);
</span><span class="cx"> jsValueResult(result.regs(), node);
</span><span class="cx"> }
</span><span class="lines">@@ -7175,7 +7175,7 @@
</span><span class="cx"> Vector<FPRTemporary> fpTempraries;
</span><span class="cx"> allocateTemporaryRegistersForPatchpoint(this, gpTempraries, fpTempraries, gpScratch, fpScratch, patchpoint.get());
</span><span class="cx">
</span><del>- DOMJIT::PatchpointParams params(WTFMove(regs), WTFMove(gpScratch), WTFMove(fpScratch));
</del><ins>+ DOMJITPatchpointParams params(this, WTFMove(regs), WTFMove(gpScratch), WTFMove(fpScratch));
</ins><span class="cx"> CCallHelpers::JumpList failureCases = patchpoint->generator()->run(m_jit, params);
</span><span class="cx"> speculationCheck(BadType, JSValueSource::unboxedCell(baseGPR), node->child1(), failureCases);
</span><span class="cx"> noResult(node);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGSpeculativeJITh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h (206898 => 206899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h 2016-10-07 03:26:29 UTC (rev 206898)
+++ trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h 2016-10-07 05:07:13 UTC (rev 206899)
</span><span class="lines">@@ -58,14 +58,6 @@
</span><span class="cx">
</span><span class="cx"> enum GeneratedOperandType { GeneratedOperandTypeUnknown, GeneratedOperandInteger, GeneratedOperandJSValue};
</span><span class="cx">
</span><del>-inline GPRReg extractResult(GPRReg result) { return result; }
-#if USE(JSVALUE64)
-inline GPRReg extractResult(JSValueRegs result) { return result.gpr(); }
-#else
-inline JSValueRegs extractResult(JSValueRegs result) { return result; }
-#endif
-inline NoResultTag extractResult(NoResultTag) { return NoResult; }
-
</del><span class="cx"> // === SpeculativeJIT ===
</span><span class="cx"> //
</span><span class="cx"> // The SpeculativeJIT is used to generate a fast, but potentially
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredomjitDOMJITPatchpointParamsh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h (206898 => 206899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h 2016-10-07 03:26:29 UTC (rev 206898)
+++ trunk/Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h 2016-10-07 05:07:13 UTC (rev 206899)
</span><span class="lines">@@ -29,6 +29,8 @@
</span><span class="cx">
</span><span class="cx"> #include "CCallHelpers.h"
</span><span class="cx"> #include "DOMJITReg.h"
</span><ins>+#include "DOMJITSlowPathCalls.h"
+#include "JITOperations.h"
</ins><span class="cx"> #include "RegisterSet.h"
</span><span class="cx">
</span><span class="cx"> namespace JSC { namespace DOMJIT {
</span><span class="lines">@@ -52,7 +54,16 @@
</span><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+ template<typename FunctionType, typename ResultType, typename... Arguments>
+ void addSlowPathCall(CCallHelpers::JumpList from, CCallHelpers& jit, FunctionType function, ResultType result, Arguments... arguments) const
+ {
+ addSlowPathCallImpl(from, jit, function, result, std::make_tuple(arguments...));
+ }
+
</ins><span class="cx"> private:
</span><ins>+#define JSC_DEFINE_CALL_OPERATIONS(OperationType, ResultType, ...) JS_EXPORT_PRIVATE virtual void addSlowPathCallImpl(CCallHelpers::JumpList, CCallHelpers&, OperationType, ResultType, std::tuple<__VA_ARGS__> args) const = 0;
+ DOMJIT_SLOW_PATH_CALLS(JSC_DEFINE_CALL_OPERATIONS)
+#undef JSC_DEFINE_CALL_OPERATIONS
</ins><span class="cx">
</span><span class="cx"> Vector<Reg> m_regs;
</span><span class="cx"> Vector<GPRReg> m_gpScratch;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredomjitDOMJITSlowPathCallshfromrev206898trunkSourceJavaScriptCoredomjitDOMJITPatchpointParamsh"></a>
<div class="copfile"><h4>Copied: trunk/Source/JavaScriptCore/domjit/DOMJITSlowPathCalls.h (from rev 206898, trunk/Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h) (0 => 206899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/domjit/DOMJITSlowPathCalls.h (rev 0)
+++ trunk/Source/JavaScriptCore/domjit/DOMJITSlowPathCalls.h 2016-10-07 05:07:13 UTC (rev 206899)
</span><span class="lines">@@ -0,0 +1,34 @@
</span><ins>+/*
+ * Copyright (C) 2016 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#if ENABLE(JIT)
+
+// macro(OperationType, ArgType1, ArgType2, ...)
+#define DOMJIT_SLOW_PATH_CALLS(macro) \
+ macro(J_JITOperation_EP, JSValueRegs, GPRReg) \
+
+#endif
</ins></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLDOMJITPatchpointParamscpp"></a>
<div class="addfile"><h4>Added: trunk/Source/JavaScriptCore/ftl/FTLDOMJITPatchpointParams.cpp (0 => 206899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLDOMJITPatchpointParams.cpp (rev 0)
+++ trunk/Source/JavaScriptCore/ftl/FTLDOMJITPatchpointParams.cpp 2016-10-07 05:07:13 UTC (rev 206899)
</span><span class="lines">@@ -0,0 +1,63 @@
</span><ins>+/*
+ * Copyright (C) 2016 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "FTLDOMJITPatchpointParams.h"
+
+#if ENABLE(FTL_JIT)
+
+#include "AllowMacroScratchRegisterUsage.h"
+#include "FTLSlowPathCall.h"
+#include "FTLState.h"
+
+namespace JSC { namespace FTL {
+
+template<typename OperationType, typename ResultType, typename Arguments, size_t... ArgumentsIndex>
+static void dispatch(CCallHelpers& jit, FTL::State* state, const B3::StackmapGenerationParams& params, DFG::Node* node, Box<CCallHelpers::JumpList> exceptions, CCallHelpers::JumpList from, OperationType operation, ResultType result, Arguments arguments, std::index_sequence<ArgumentsIndex...>)
+{
+ CCallHelpers::Label done = jit.label();
+ params.addLatePath([=] (CCallHelpers& jit) {
+ AllowMacroScratchRegisterUsage allowScratch(jit);
+
+ from.link(&jit);
+ callOperation(
+ *state, params.unavailableRegisters(), jit, node->origin.semantic,
+ exceptions.get(), operation, extractResult(result), std::get<ArgumentsIndex>(arguments)...);
+ jit.jump().linkTo(done, &jit);
+ });
+}
+
+#define JSC_DEFINE_CALL_OPERATIONS(OperationType, ResultType, ...) \
+ void DOMJITPatchpointParams::addSlowPathCallImpl(CCallHelpers::JumpList from, CCallHelpers& jit, OperationType operation, ResultType result, std::tuple<__VA_ARGS__> args) const \
+ { \
+ dispatch(jit, &m_state, m_params, m_node, m_exceptions, from, operation, result, args, std::make_index_sequence<std::tuple_size<decltype(args)>::value>()); \
+ } \
+
+DOMJIT_SLOW_PATH_CALLS(JSC_DEFINE_CALL_OPERATIONS)
+#undef JSC_DEFINE_CALL_OPERATIONS
+
+} }
+
+#endif
</ins></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLDOMJITPatchpointParamshfromrev206898trunkSourceJavaScriptCoredomjitDOMJITPatchpointParamsh"></a>
<div class="copfile"><h4>Copied: trunk/Source/JavaScriptCore/ftl/FTLDOMJITPatchpointParams.h (from rev 206898, trunk/Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h) (0 => 206899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLDOMJITPatchpointParams.h (rev 0)
+++ trunk/Source/JavaScriptCore/ftl/FTLDOMJITPatchpointParams.h 2016-10-07 05:07:13 UTC (rev 206899)
</span><span class="lines">@@ -0,0 +1,61 @@
</span><ins>+/*
+ * Copyright (C) 2016 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#if ENABLE(FTL_JIT)
+
+#include "B3StackmapGenerationParams.h"
+#include "DOMJITPatchpointParams.h"
+
+namespace JSC { namespace FTL {
+
+class State;
+
+class DOMJITPatchpointParams : public DOMJIT::PatchpointParams {
+public:
+ DOMJITPatchpointParams(State& state, const B3::StackmapGenerationParams& params, DFG::Node* node, Box<CCallHelpers::JumpList> exceptions, Vector<DOMJIT::Reg>&& regs, Vector<GPRReg>&& gpScratch, Vector<FPRReg>&& fpScratch)
+ : DOMJIT::PatchpointParams(WTFMove(regs), WTFMove(gpScratch), WTFMove(fpScratch))
+ , m_state(state)
+ , m_params(params)
+ , m_node(node)
+ , m_exceptions(exceptions)
+ {
+ }
+
+private:
+#define JSC_DEFINE_CALL_OPERATIONS(OperationType, ResultType, ...) void addSlowPathCallImpl(CCallHelpers::JumpList, CCallHelpers&, OperationType, ResultType, std::tuple<__VA_ARGS__> args) const override;
+ DOMJIT_SLOW_PATH_CALLS(JSC_DEFINE_CALL_OPERATIONS)
+#undef JSC_DEFINE_CALL_OPERATIONS
+
+ State& m_state;
+ const B3::StackmapGenerationParams& m_params;
+ DFG::Node* m_node;
+ Box<CCallHelpers::JumpList> m_exceptions;
+};
+
+} }
+
+#endif
</ins></span></pre></div>
<a id="trunkSourceJavaScriptCoreftlFTLLowerDFGToB3cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp (206898 => 206899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp 2016-10-07 03:26:29 UTC (rev 206898)
+++ trunk/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp 2016-10-07 05:07:13 UTC (rev 206899)
</span><span class="lines">@@ -45,10 +45,10 @@
</span><span class="cx"> #include "DFGOSRAvailabilityAnalysisPhase.h"
</span><span class="cx"> #include "DFGOSRExitFuzz.h"
</span><span class="cx"> #include "DOMJITPatchpoint.h"
</span><del>-#include "DOMJITPatchpointParams.h"
</del><span class="cx"> #include "DirectArguments.h"
</span><span class="cx"> #include "FTLAbstractHeapRepository.h"
</span><span class="cx"> #include "FTLAvailableRecovery.h"
</span><ins>+#include "FTLDOMJITPatchpointParams.h"
</ins><span class="cx"> #include "FTLExceptionTarget.h"
</span><span class="cx"> #include "FTLForOSREntryJITCode.h"
</span><span class="cx"> #include "FTLFormattedValue.h"
</span><span class="lines">@@ -8733,6 +8733,7 @@
</span><span class="cx"> patchpoint->numFPScratchRegisters = domJIT->numFPScratchRegisters;
</span><span class="cx">
</span><span class="cx"> State* state = &m_ftlState;
</span><ins>+ Node* node = m_node;
</ins><span class="cx"> NodeOrigin origin = m_origin;
</span><span class="cx"> unsigned osrExitArgumentOffset = patchpoint->numChildren();
</span><span class="cx"> OSRExitDescriptor* exitDescriptor = appendOSRExitDescriptor(jsValueValue(cell), m_node->child1().node());
</span><span class="lines">@@ -8754,7 +8755,7 @@
</span><span class="cx">
</span><span class="cx"> RefPtr<OSRExitHandle> handle = exitDescriptor->emitOSRExitLater(*state, BadType, origin, params, osrExitArgumentOffset);
</span><span class="cx">
</span><del>- DOMJIT::PatchpointParams domJITParams(WTFMove(regs), WTFMove(gpScratch), WTFMove(fpScratch));
</del><ins>+ DOMJITPatchpointParams domJITParams(*state, params, node, nullptr, WTFMove(regs), WTFMove(gpScratch), WTFMove(fpScratch));
</ins><span class="cx"> CCallHelpers::JumpList failureCases = domJIT->generator()->run(jit, domJITParams);
</span><span class="cx">
</span><span class="cx"> jit.addLinkTask([=] (LinkBuffer& linkBuffer) {
</span><span class="lines">@@ -8780,6 +8781,8 @@
</span><span class="cx"> patchpoint->numGPScratchRegisters = domJIT->numGPScratchRegisters;
</span><span class="cx"> patchpoint->numFPScratchRegisters = domJIT->numFPScratchRegisters;
</span><span class="cx">
</span><ins>+ State* state = &m_ftlState;
+ Node* node = m_node;
</ins><span class="cx"> patchpoint->setGenerator(
</span><span class="cx"> [=] (CCallHelpers& jit, const StackmapGenerationParams& params) {
</span><span class="cx"> Vector<GPRReg> gpScratch;
</span><span class="lines">@@ -8802,7 +8805,7 @@
</span><span class="cx">
</span><span class="cx"> Box<CCallHelpers::JumpList> exceptions = exceptionHandle->scheduleExitCreation(params)->jumps(jit);
</span><span class="cx">
</span><del>- DOMJIT::PatchpointParams domJITParams(WTFMove(regs), WTFMove(gpScratch), WTFMove(fpScratch));
</del><ins>+ DOMJITPatchpointParams domJITParams(*state, params, node, exceptions, WTFMove(regs), WTFMove(gpScratch), WTFMove(fpScratch));
</ins><span class="cx"> domJIT->generator()->run(jit, domJITParams);
</span><span class="cx"> });
</span><span class="cx"> patchpoint->effects = Effects::forCall();
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitGPRInfoh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/GPRInfo.h (206898 => 206899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/GPRInfo.h 2016-10-07 03:26:29 UTC (rev 206898)
+++ trunk/Source/JavaScriptCore/jit/GPRInfo.h 2016-10-07 05:07:13 UTC (rev 206899)
</span><span class="lines">@@ -31,6 +31,8 @@
</span><span class="cx">
</span><span class="cx"> namespace JSC {
</span><span class="cx">
</span><ins>+enum NoResultTag { NoResult };
+
</ins><span class="cx"> // We use the same conventions in the basline JIT as in the LLint. If you
</span><span class="cx"> // change mappings in the GPRInfo, you should change them in the offlineasm
</span><span class="cx"> // compiler adequately. The register naming conventions are described at the
</span><span class="lines">@@ -897,6 +899,14 @@
</span><span class="cx"> COMPILE_ASSERT(GPRInfo::regT1 == GPRInfo::returnValueGPR2, regT1_must_equal_returnValueGPR2);
</span><span class="cx"> #endif
</span><span class="cx">
</span><ins>+inline GPRReg extractResult(GPRReg result) { return result; }
+#if USE(JSVALUE64)
+inline GPRReg extractResult(JSValueRegs result) { return result.gpr(); }
+#else
+inline JSValueRegs extractResult(JSValueRegs result) { return result; }
+#endif
+inline NoResultTag extractResult(NoResultTag) { return NoResult; }
+
</ins><span class="cx"> #endif // ENABLE(JIT)
</span><span class="cx">
</span><span class="cx"> } // namespace JSC
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejsccpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jsc.cpp (206898 => 206899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jsc.cpp 2016-10-07 03:26:29 UTC (rev 206898)
+++ trunk/Source/JavaScriptCore/jsc.cpp 2016-10-07 05:07:13 UTC (rev 206899)
</span><span class="lines">@@ -627,9 +627,11 @@
</span><span class="cx"> JSValueRegs results = params[0].jsValueRegs();
</span><span class="cx"> GPRReg dom = params[2].gpr();
</span><span class="cx">
</span><del>- jit.load32(CCallHelpers::Address(dom, DOMJITNode::offsetOfValue()), results.payloadGPR());
- jit.boxInt32(results.payloadGPR(), results);
</del><ins>+ params.addSlowPathCall(jit.jump(), jit, static_cast<EncodedJSValue(*)(ExecState*, void*)>([](ExecState*, void* pointer) {
+ return JSValue::encode(jsNumber(static_cast<DOMJITGetter*>(pointer)->value()));
+ }), results, dom);
</ins><span class="cx"> return CCallHelpers::JumpList();
</span><ins>+
</ins><span class="cx"> });
</span><span class="cx"> return patchpoint;
</span><span class="cx"> }
</span></span></pre>
</div>
</div>
</body>
</html>