Changeset 163241 in webkit


Ignore:
Timestamp:
Feb 1, 2014 7:30:41 AM (10 years ago)
Author:
msaboff@apple.com
Message:

REGRESSION (r163027?): CrashTracer: [USER] com.apple.WebKit.WebContent.Development at com.apple.JavaScriptCore: JSC::ArrayProfile::computeUpdatedPrediction + 4
https://bugs.webkit.org/show_bug.cgi?id=128037

Reviewed by Mark Lam.

op_call_varargs ops now needs an ArrayProfile since DFG inlines these since
change set r162739.

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::CodeBlock):

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitCallVarargs):

Location:
trunk/Source/JavaScriptCore
Files:
3 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/ChangeLog

    r163228 r163241  
     12014-02-01  Michael Saboff  <msaboff@apple.com>
     2
     3        REGRESSION (r163027?): CrashTracer: [USER] com.apple.WebKit.WebContent.Development at com.apple.JavaScriptCore: JSC::ArrayProfile::computeUpdatedPrediction + 4
     4        https://bugs.webkit.org/show_bug.cgi?id=128037
     5
     6        Reviewed by Mark Lam.
     7
     8        op_call_varargs ops now needs an ArrayProfile since DFG inlines these since
     9        change set r162739.
     10
     11        * bytecode/CodeBlock.cpp:
     12        (JSC::CodeBlock::CodeBlock):
     13        * bytecompiler/BytecodeGenerator.cpp:
     14        (JSC::BytecodeGenerator::emitCallVarargs):
     15
    1162014-01-31  Mark Lam  <mark.lam@apple.com>
    217

  • trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp

    r163225 r163241  
    16901690        }
    16911691        switch (pc[0].u.opcode) {
     1692        case op_call_varargs:
    16921693        case op_get_by_val:
    16931694        case op_get_argument_by_val: {
     
    16981699            FALLTHROUGH;
    16991700        }
    1700         case op_get_by_id:
    1701         case op_call_varargs: {
     1701        case op_get_by_id: {
    17021702            ValueProfile* profile = &m_valueProfiles[pc[opLength - 1].u.operand];
    17031703            ASSERT(profile->m_bytecodeOffset == -1);

  • trunk/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp

    r163227 r163241  
    17781778
    17791779    // Emit call.
     1780    UnlinkedArrayProfile arrayProfile = newArrayProfile();
    17801781    UnlinkedValueProfile profile = emitProfiledOpcode(op_call_varargs);
    17811782    ASSERT(dst != ignoredResult());
     
    17851786    instructions().append(arguments->index());
    17861787    instructions().append(firstFreeRegister->index());
    1787     instructions().append(0); // Pad to make it as big as an op_call.
     1788    instructions().append(arrayProfile);
    17881789    instructions().append(profile);
    17891790    if (m_shouldEmitProfileHooks) {
Note: See TracChangeset for help on using the changeset viewer.