Bug 1118344 - Baseline ICCall_Native records templateObject for js::simd_int32x4_add. r=jandem,bbouvier
--- a/js/src/jit/BaselineIC.cpp
+++ b/js/src/jit/BaselineIC.cpp
@@ -9,16 +9,17 @@
#include "mozilla/Casting.h"
#include "mozilla/DebugOnly.h"
#include "mozilla/TemplateLib.h"
#include "jslibmath.h"
#include "jstypes.h"
#include "builtin/Eval.h"
+#include "builtin/SIMD.h"
#include "jit/BaselineDebugModeOSR.h"
#include "jit/BaselineHelpers.h"
#include "jit/BaselineJIT.h"
#include "jit/JitSpewer.h"
#include "jit/Linker.h"
#include "jit/Lowering.h"
#ifdef JS_ION_PERF
# include "jit/PerfSpewer.h"
@@ -8912,16 +8913,24 @@ GetTemplateObjectForNative(JSContext *cx
if (native == obj_create && args.length() == 1 && args[0].isObjectOrNull()) {
RootedObject proto(cx, args[0].toObjectOrNull());
res.set(ObjectCreateImpl(cx, proto, TenuredObject));
if (!res)
return false;
return true;
}
+ if (native == js::simd_int32x4_add) {
+ Rooted<TypeDescr *> descr(cx, &Int32x4::GetTypeDescr(*cx->global()));
+ res.set(TypedObject::createZeroed(cx, descr, 0, gc::TenuredHeap));
+ if (!res)
+ return false;
+ return true;
+ }
+
return true;
}
static bool
GetTemplateObjectForClassHook(JSContext *cx, JSNative hook, CallArgs &args,
MutableHandleObject templateObject)
{
if (hook == TypedObject::construct) {