Unreviewed, fix 32-bit profile offset for change in bytecode
authorkeith_miller@apple.com <keith_miller@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 3 May 2018 23:21:37 +0000 (23:21 +0000)
committerkeith_miller@apple.com <keith_miller@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 3 May 2018 23:21:37 +0000 (23:21 +0000)
length of the get_by_id and get_array_length opcodes.

* llint/LowLevelInterpreter32_64.asm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@231332 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm

index f088206..1a4e189 100644 (file)
@@ -1,3 +1,10 @@
+2018-05-03  Keith Miller  <keith_miller@apple.com>
+
+        Unreviewed, fix 32-bit profile offset for change in bytecode
+        length of the get_by_id and get_array_length opcodes.
+
+        * llint/LowLevelInterpreter32_64.asm:
+
 2018-05-03  Michael Saboff  <msaboff@apple.com>
 
         WebContent crash loading page on seas.upenn.edu @ JavaScriptCore: vmEntryToJavaScript
index 51bf7a9..16d5ab8 100644 (file)
@@ -1420,7 +1420,7 @@ _llint_op_get_by_id:
     loadi 4[PC], t2
     storei t0, TagOffset[cfr, t2, 8]
     storei t1, PayloadOffset[cfr, t2, 8]
-    valueProfile(t0, t1, 32, t2)
+    valueProfile(t0, t1, 28, t2)
     dispatch(constexpr op_get_by_id_length)
 
 .opGetByIdSlow:
@@ -1441,7 +1441,7 @@ _llint_op_get_array_length:
     loadp JSObject::m_butterfly[t3], t0
     loadi -sizeof IndexingHeader + IndexingHeader::u.lengths.publicLength[t0], t0
     bilt t0, 0, .opGetArrayLengthSlow
-    valueProfile(Int32Tag, t0, 32, t2)
+    valueProfile(Int32Tag, t0, 28, t2)
     storep t0, PayloadOffset[cfr, t1, 8]
     storep Int32Tag, TagOffset[cfr, t1, 8]
     dispatch(constexpr op_get_array_length_length)