From 6dbcd09121fe266c7704a524b5cbd7f2754659c0 Mon Sep 17 00:00:00 2001 From: Simon Hausmann Date: Thu, 20 Sep 2012 14:01:09 +0200 Subject: Imported WebKit commit 080af0beaa6f0ba8ff8f44cb8bd8b5dcf75ac0af (http://svn.webkit.org/repository/webkit/trunk@129119) New snapshot with prospective build fix for incorrect QtWebKit master module header file creation --- Source/JavaScriptCore/jit/JIT.h | 1 + Source/JavaScriptCore/jit/JITInlineMethods.h | 8 ++++++++ Source/JavaScriptCore/jit/JITPropertyAccess.cpp | 1 + Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp | 1 + 4 files changed, 11 insertions(+) (limited to 'Source/JavaScriptCore/jit') diff --git a/Source/JavaScriptCore/jit/JIT.h b/Source/JavaScriptCore/jit/JIT.h index ac7c8765b..150aae9ea 100644 --- a/Source/JavaScriptCore/jit/JIT.h +++ b/Source/JavaScriptCore/jit/JIT.h @@ -451,6 +451,7 @@ namespace JSC { #endif void emitArrayProfilingSite(RegisterID structureAndIndexingType, RegisterID scratch, ArrayProfile*); void emitArrayProfilingSiteForBytecodeIndex(RegisterID structureAndIndexingType, RegisterID scratch, unsigned bytecodeIndex); + void emitArrayProfileStoreToHoleSpecialCase(ArrayProfile*); enum FinalObjectMode { MayBeFinal, KnownNotFinal }; diff --git a/Source/JavaScriptCore/jit/JITInlineMethods.h b/Source/JavaScriptCore/jit/JITInlineMethods.h index 302e109ca..a4f9107df 100644 --- a/Source/JavaScriptCore/jit/JITInlineMethods.h +++ b/Source/JavaScriptCore/jit/JITInlineMethods.h @@ -556,6 +556,14 @@ inline void JIT::emitArrayProfilingSiteForBytecodeIndex(RegisterID structureAndI #endif } +inline void JIT::emitArrayProfileStoreToHoleSpecialCase(ArrayProfile* arrayProfile) +{ + if (!canBeOptimized()) + return; + + store8(TrustedImm32(1), arrayProfile->addressOfMayStoreToHole()); +} + #if USE(JSVALUE32_64) inline void JIT::emitLoadTag(int index, RegisterID tag) diff --git a/Source/JavaScriptCore/jit/JITPropertyAccess.cpp b/Source/JavaScriptCore/jit/JITPropertyAccess.cpp index bbc289838..b4d52e225 100644 --- a/Source/JavaScriptCore/jit/JITPropertyAccess.cpp +++ b/Source/JavaScriptCore/jit/JITPropertyAccess.cpp @@ -247,6 +247,7 @@ void JIT::emit_op_put_by_val(Instruction* currentInstruction) Jump end = jump(); empty.link(this); + emitArrayProfileStoreToHoleSpecialCase(currentInstruction[4].u.arrayProfile); add32(TrustedImm32(1), Address(regT2, OBJECT_OFFSETOF(ArrayStorage, m_numValuesInVector))); branch32(Below, regT1, Address(regT2, ArrayStorage::lengthOffset())).linkTo(storeResult, this); diff --git a/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp b/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp index 1692f33c3..ed561a28b 100644 --- a/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp +++ b/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp @@ -283,6 +283,7 @@ void JIT::emit_op_put_by_val(Instruction* currentInstruction) Jump end = jump(); empty.link(this); + emitArrayProfileStoreToHoleSpecialCase(currentInstruction[4].u.arrayProfile); add32(TrustedImm32(1), Address(regT3, OBJECT_OFFSETOF(ArrayStorage, m_numValuesInVector))); branch32(Below, regT2, Address(regT3, ArrayStorage::lengthOffset())).linkTo(storeResult, this); -- cgit v1.2.1