[INFER] Rejoin during CALLPROP if either compilation did a GETPROP for string accesses, bug 643669.
authorBrian Hackett <bhackett1024@gmail.com>
Tue, 22 Mar 2011 14:40:07 -0700
changeset 74837 06a0ec7e3debac4320a14c39d7eba747b3d8ad1a
parent 74836 0e7d59dc92b63ed9b5731f143bdb150f9e29f1f8
child 74838 75906fcd8426c8c88aedcf9c6156aa6d7062b6ff
push id2
push userbsmedberg@mozilla.com
push dateFri, 19 Aug 2011 14:38:13 +0000
bugs643669
milestone2.0b13pre
[INFER] Rejoin during CALLPROP if either compilation did a GETPROP for string accesses, bug 643669.
js/src/jit-test/tests/jaeger/recompile/bug643669.js
js/src/methodjit/Compiler.cpp
new file mode 100644
--- /dev/null
+++ b/js/src/jit-test/tests/jaeger/recompile/bug643669.js
@@ -0,0 +1,3 @@
+try {(function () {
+    eval("gc().l()")
+      })() } catch (e) {}
--- a/js/src/methodjit/Compiler.cpp
+++ b/js/src/methodjit/Compiler.cpp
@@ -3378,16 +3378,26 @@ bool
 mjit::Compiler::jsop_callprop_slow(JSAtom *atom)
 {
     prepareStubCall(Uses(1));
     masm.move(ImmPtr(atom), Registers::ArgReg1);
     INLINE_STUBCALL(stubs::CallProp);
     frame.pop();
     pushSyncedEntry(0);
     pushSyncedEntry(1);
+
+    if (recompiling) {
+        OOL_STUBCALL(stubs::GetProp);
+        stubcc.rejoin(Changes(2));
+        OOL_STUBCALL(ic::CallProp);
+        stubcc.rejoin(Changes(2));
+        OOL_STUBCALL(ic::GetProp);
+        stubcc.rejoin(Changes(2));
+    }
+
     return true;
 }
 
 bool
 mjit::Compiler::jsop_length()
 {
     FrameEntry *top = frame.peek(-1);
 
@@ -3664,16 +3674,20 @@ mjit::Compiler::jsop_callprop_generic(JS
 #endif
 
     stubcc.rejoin(Changes(2));
     pics.append(pic);
 
     if (recompiling) {
         OOL_STUBCALL(stubs::CallProp);
         stubcc.rejoin(Changes(2));
+        OOL_STUBCALL(stubs::GetProp);
+        stubcc.rejoin(Changes(2));
+        OOL_STUBCALL(ic::GetProp);
+        stubcc.rejoin(Changes(2));
     }
 
     return true;
 }
 
 bool
 mjit::Compiler::jsop_callprop_str(JSAtom *atom)
 {
@@ -3719,16 +3733,23 @@ mjit::Compiler::jsop_callprop_str(JSAtom
         masm.move(ImmPtr(strFe->getValue().toString()), strReg);
     } else {
         strReg = frame.ownRegForData(strFe);
     }
     frame.pop();
     frame.pushTypedPayload(JSVAL_TYPE_STRING, strReg);
     frame.forgetType(frame.peek(-1));
 
+    if (recompiling) {
+        OOL_STUBCALL(stubs::CallProp);
+        stubcc.rejoin(Changes(2));
+        OOL_STUBCALL(ic::CallProp);
+        stubcc.rejoin(Changes(2));
+    }
+
     return true;
 }
 
 bool
 mjit::Compiler::jsop_callprop_obj(JSAtom *atom)
 {
     FrameEntry *top = frame.peek(-1);
 
@@ -3813,16 +3834,25 @@ mjit::Compiler::jsop_callprop_obj(JSAtom
     labels.setInlineShapeJump(masm, inlineShapeLabel, inlineShapeJump);
 #else
     labels.setInlineShapeJump(masm, pic.shapeGuard, inlineShapeJump);
 #endif
 
     stubcc.rejoin(Changes(2));
     pics.append(pic);
 
+    if (recompiling) {
+        OOL_STUBCALL(stubs::CallProp);
+        stubcc.rejoin(Changes(2));
+        OOL_STUBCALL(stubs::GetProp);
+        stubcc.rejoin(Changes(2));
+        OOL_STUBCALL(ic::GetProp);
+        stubcc.rejoin(Changes(2));
+    }
+
     return true;
 }
 
 bool
 mjit::Compiler::testSingletonProperty(JSObject *obj, jsid id)
 {
     /*
      * We would like to completely no-op property/global accesses which can