Commit 98aa253e authored by fpizlo@apple.com's avatar fpizlo@apple.com

DFG tracking of the value in cachedResultRegister does not handle

op_mov correctly
https://bugs.webkit.org/show_bug.cgi?id=68781

Reviewed by Oliver Hunt.
        
This takes the simplest approach: it makes the old JIT dumber rather
than making the DFG JIT smarter. This is performance-neutral.

* jit/JIT.h:
(JSC::JIT::canBeOptimized):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_mov):



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@95925 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent 33287f11
2011-09-25 Filip Pizlo <fpizlo@apple.com>
DFG tracking of the value in cachedResultRegister does not handle
op_mov correctly
https://bugs.webkit.org/show_bug.cgi?id=68781
Reviewed by Oliver Hunt.
This takes the simplest approach: it makes the old JIT dumber rather
than making the DFG JIT smarter. This is performance-neutral.
* jit/JIT.h:
(JSC::JIT::canBeOptimized):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_mov):
2011-09-25 Adam Barth <abarth@webkit.org>
Remove PLATFORM(HAIKU) and associated code
......@@ -1034,8 +1034,10 @@ namespace JSC {
#endif
#if ENABLE(DFG_JIT)
bool canBeOptimized() { return m_canBeOptimized; }
bool shouldEmitProfiling() { return m_canBeOptimized; }
#else
bool canBeOptimized() { return false; }
// Enables use of value profiler with tiered compilation turned off,
// in which case all code gets profiled.
bool shouldEmitProfiling() { return true; }
......
......@@ -303,19 +303,26 @@ void JIT::emit_op_mov(Instruction* currentInstruction)
int dst = currentInstruction[1].u.operand;
int src = currentInstruction[2].u.operand;
if (m_codeBlock->isConstantRegisterIndex(src)) {
storePtr(ImmPtr(JSValue::encode(getConstantOperand(src))), Address(callFrameRegister, dst * sizeof(Register)));
if (dst == m_lastResultBytecodeRegister)
killLastResultRegister();
} else if ((src == m_lastResultBytecodeRegister) || (dst == m_lastResultBytecodeRegister)) {
// If either the src or dst is the cached register go though
// get/put registers to make sure we track this correctly.
if (canBeOptimized()) {
// Use simpler approach, since the DFG thinks that the last result register
// is always set to the destination on every operation.
emitGetVirtualRegister(src, regT0);
emitPutVirtualRegister(dst);
} else {
// Perform the copy via regT1; do not disturb any mapping in regT0.
loadPtr(Address(callFrameRegister, src * sizeof(Register)), regT1);
storePtr(regT1, Address(callFrameRegister, dst * sizeof(Register)));
if (m_codeBlock->isConstantRegisterIndex(src)) {
storePtr(ImmPtr(JSValue::encode(getConstantOperand(src))), Address(callFrameRegister, dst * sizeof(Register)));
if (dst == m_lastResultBytecodeRegister)
killLastResultRegister();
} else if ((src == m_lastResultBytecodeRegister) || (dst == m_lastResultBytecodeRegister)) {
// If either the src or dst is the cached register go though
// get/put registers to make sure we track this correctly.
emitGetVirtualRegister(src, regT0);
emitPutVirtualRegister(dst);
} else {
// Perform the copy via regT1; do not disturb any mapping in regT0.
loadPtr(Address(callFrameRegister, src * sizeof(Register)), regT1);
storePtr(regT1, Address(callFrameRegister, dst * sizeof(Register)));
}
}
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment