REGRESSION(r167591): ARM64 and ARM traditional builds broken
authormsaboff@apple.com <msaboff@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 21 Apr 2014 18:10:41 +0000 (18:10 +0000)
committermsaboff@apple.com <msaboff@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 21 Apr 2014 18:10:41 +0000 (18:10 +0000)
https://bugs.webkit.org/show_bug.cgi?id=131935

Reviewed by Mark Hahnenberg.

Added store8(TrustedImm32, MacroAssembler::Address) to the ARM traditional and ARM64
macro assemblers.  Added a new test for the original patch.

* assembler/MacroAssemblerARM.h:
(JSC::MacroAssemblerARM::store8):
* assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::store8):
* tests/stress/dfg-create-arguments-inline-alloc.js: New test.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@167599 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/assembler/MacroAssemblerARM.h
Source/JavaScriptCore/assembler/MacroAssemblerARM64.h
Source/JavaScriptCore/tests/stress/dfg-create-arguments-inline-alloc.js [new file with mode: 0644]

index 5fec943..3f651db 100644 (file)
@@ -1,3 +1,19 @@
+2014-04-21  Michael Saboff  <msaboff@apple.com>
+
+        REGRESSION(r167591): ARM64 and ARM traditional builds broken
+        https://bugs.webkit.org/show_bug.cgi?id=131935
+
+        Reviewed by Mark Hahnenberg.
+
+        Added store8(TrustedImm32, MacroAssembler::Address) to the ARM traditional and ARM64
+        macro assemblers.  Added a new test for the original patch.
+
+        * assembler/MacroAssemblerARM.h:
+        (JSC::MacroAssemblerARM::store8):
+        * assembler/MacroAssemblerARM64.h:
+        (JSC::MacroAssemblerARM64::store8):
+        * tests/stress/dfg-create-arguments-inline-alloc.js: New test.
+
 2014-04-21  Mark Hahnenberg  <mhahnenberg@apple.com>
 
         Inline allocate Arguments objects in the DFG
index 228b867..776d7b6 100644 (file)
@@ -459,12 +459,23 @@ public:
         m_assembler.baseIndexTransfer32(ARMAssembler::StoreUint8, src, address.base, address.index, static_cast<int>(address.scale), address.offset);
     }
 
+    void store8(RegisterID src, ImplicitAddress address)
+    {
+        m_assembler.dtrUp(ARMAssembler::StoreUint8, src, address.base, address.offset);
+    }
+
     void store8(RegisterID src, const void* address)
     {
         move(TrustedImmPtr(address), ARMRegisters::S0);
         m_assembler.dtrUp(ARMAssembler::StoreUint8, src, ARMRegisters::S0, 0);
     }
 
+    void store8(TrustedImm32 imm, ImplicitAddress address)
+    {
+        move(imm, ARMRegisters::S1);
+        store8(ARMRegisters::S1, address);
+    }
+
     void store8(TrustedImm32 imm, const void* address)
     {
         move(TrustedImm32(reinterpret_cast<ARMWord>(address)), ARMRegisters::S0);
index 0689bc6..6600f8b 100644 (file)
@@ -1093,6 +1093,15 @@ public:
         m_assembler.strb(src, memoryTempRegister, 0);
     }
 
+    void store8(RegisterID src, ImplicitAddress address)
+    {
+        if (tryStoreWithOffset<8>(src, address.base, address.offset))
+            return;
+
+        signExtend32ToPtr(TrustedImm32(address.offset), getCachedMemoryTempRegisterIDAndInvalidate());
+        m_assembler.str<8>(src, address.base, memoryTempRegister);
+    }
+
     void store8(TrustedImm32 imm, void* address)
     {
         if (!imm.m_value) {
@@ -1104,6 +1113,16 @@ public:
         store8(dataTempRegister, address);
     }
 
+    void store8(TrustedImm32 imm, ImplicitAddress address)
+    {
+        if (!imm.m_value) {
+            store8(ARM64Registers::zr, address);
+            return;
+        }
+
+        move(imm, getCachedDataTempRegisterIDAndInvalidate());
+        store8(dataTempRegister, address);
+    }
 
     // Floating-point operations:
 
diff --git a/Source/JavaScriptCore/tests/stress/dfg-create-arguments-inline-alloc.js b/Source/JavaScriptCore/tests/stress/dfg-create-arguments-inline-alloc.js
new file mode 100644 (file)
index 0000000..175a2f2
--- /dev/null
@@ -0,0 +1,19 @@
+var foo = function(o) {
+    var a = Array.prototype.slice.call(arguments);
+    var sum = 0;
+    for (var i = 0; i < a.length; ++i)
+        sum += a[i].x;
+    return sum;
+};
+
+noInline(foo);
+
+var niters = 10000;
+var total = 0;
+var o = {x: 42};
+for (var i = 0; i < niters; ++i) {
+    total += foo(o, o, o);
+}
+
+if (total != 42 * 3 * niters)
+    throw new Error("Incorrect result!");