[Webkit-unassigned] [Bug 157741] JSC: DFG::SpeculativeJIT::compile special case for MIPS for PutByValWithThis
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon May 16 13:17:15 PDT 2016
https://bugs.webkit.org/show_bug.cgi?id=157741
--- Comment #6 from Saam Barati <sbarati at apple.com> ---
Comment on attachment 279023
--> https://bugs.webkit.org/attachment.cgi?id=279023
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=279023&action=review
>> Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp:2933
>> + {
>
> If we won't find a way to avoid excessive moves, I propose to merge this code with X86 code path. Only top 4 lines are different for MIPS, everything else looks like an exact copy of X86
IMO, this will make the code harder to read.
> Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp:2947
> + m_jit.move(basePayload, GPRInfo::argumentGPR2);
> + m_jit.move(baseTag, GPRInfo::argumentGPR3);
This is wrong if basePayload/baseTag are aliased to argument registers w/ each other.
i.e, if basePayload is argumentGPR3 and baseTag is argumentGPR2, this code will do the wrong thing.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160516/bfe4b352/attachment-0001.html>
More information about the webkit-unassigned
mailing list