JSVALUE32_64 should be able to perform division on ARM without crashing, and variables
authorfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 18 Apr 2012 22:31:54 +0000 (22:31 +0000)
committerfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 18 Apr 2012 22:31:54 +0000 (22:31 +0000)
forced double should not be scrambled when performing OSR entry
https://bugs.webkit.org/show_bug.cgi?id=84272

Reviewed by Geoff Garen.

* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGOSREntry.cpp:
(JSC::DFG::prepareOSREntry):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@114570 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/dfg/DFGFixupPhase.cpp
Source/JavaScriptCore/dfg/DFGOSREntry.cpp

index 15a1c99..13db2b9 100644 (file)
@@ -1,3 +1,16 @@
+2012-04-18  Filip Pizlo  <fpizlo@apple.com>
+
+        JSVALUE32_64 should be able to perform division on ARM without crashing, and variables
+        forced double should not be scrambled when performing OSR entry
+        https://bugs.webkit.org/show_bug.cgi?id=84272
+
+        Reviewed by Geoff Garen.
+
+        * dfg/DFGFixupPhase.cpp:
+        (JSC::DFG::FixupPhase::fixupNode):
+        * dfg/DFGOSREntry.cpp:
+        (JSC::DFG::prepareOSREntry):
+
 2012-04-18  Don Olmstead  <don.olmstead@am.sony.com> 
 
         JavaScriptCore.gypi not current
index c0ab117..9a08911 100644 (file)
@@ -250,7 +250,6 @@ private:
         case ArithMin:
         case ArithMax:
         case ArithMul:
-        case ArithDiv:
         case ArithMod: {
             if (Node::shouldSpeculateInteger(m_graph[node.child1()], m_graph[node.child2()])
                 && node.canSpeculateInteger())
@@ -260,6 +259,16 @@ private:
             break;
         }
             
+        case ArithDiv: {
+            if (isX86()
+                && Node::shouldSpeculateInteger(m_graph[node.child1()], m_graph[node.child2()])
+                && node.canSpeculateInteger())
+                break;
+            fixDoubleEdge(0);
+            fixDoubleEdge(1);
+            break;
+        }
+            
         case ArithAbs: {
             if (m_graph[node.child1()].shouldSpeculateInteger()
                 && node.canSpeculateInteger())
index 65f4cfc..21c76c6 100644 (file)
@@ -141,13 +141,11 @@ void* prepareOSREntry(ExecState* exec, CodeBlock* codeBlock, unsigned bytecodeIn
     dataLog("    OSR should succeed.\n");
 #endif
     
-#if USE(JSVALUE64)
     // 3) Perform data format conversions.
     for (size_t local = 0; local < entry->m_expectedValues.numberOfLocals(); ++local) {
         if (entry->m_localsForcedDouble.get(local))
             *bitwise_cast<double*>(exec->registers() + local) = exec->registers()[local].jsValue().asNumber();
     }
-#endif
     
     // 4) Fix the call frame.