diff options
| author | Simon Hausmann <simon.hausmann@nokia.com> | 2012-07-18 13:59:13 +0200 |
|---|---|---|
| committer | Simon Hausmann <simon.hausmann@nokia.com> | 2012-07-18 13:59:28 +0200 |
| commit | 4d6084feccab99c0a7b3ecef26bb49c41dd50201 (patch) | |
| tree | fd1195897f551eee6d5a15d07ff5733b15aa2a5c /Source/JavaScriptCore/jit/JITInlineMethods.h | |
| parent | ae901828d4689ab9e89113f6b6ea8042b37a9fda (diff) | |
| download | qtwebkit-4d6084feccab99c0a7b3ecef26bb49c41dd50201.tar.gz | |
Imported WebKit commit ff52235a78888e5cb8e286a828a8698042200e67 (http://svn.webkit.org/repository/webkit/trunk@122948)
New snapshot that should fix the rendering issues recently introduced
Diffstat (limited to 'Source/JavaScriptCore/jit/JITInlineMethods.h')
| -rw-r--r-- | Source/JavaScriptCore/jit/JITInlineMethods.h | 25 |
1 files changed, 8 insertions, 17 deletions
diff --git a/Source/JavaScriptCore/jit/JITInlineMethods.h b/Source/JavaScriptCore/jit/JITInlineMethods.h index d1cee7ef7..42a61ecdb 100644 --- a/Source/JavaScriptCore/jit/JITInlineMethods.h +++ b/Source/JavaScriptCore/jit/JITInlineMethods.h @@ -437,25 +437,16 @@ template <typename T> inline void JIT::emitAllocateJSFinalObject(T structure, Re emitAllocateBasicJSObject<JSFinalObject, false, T>(structure, result, scratch); } -inline void JIT::emitAllocateBasicStorage(size_t size, RegisterID result, RegisterID storagePtr) +inline void JIT::emitAllocateBasicStorage(size_t size, RegisterID result) { CopiedAllocator* allocator = &m_globalData->heap.storageAllocator(); - // FIXME: We need to check for wrap-around. - // Check to make sure that the allocation will fit in the current block. - loadPtr(&allocator->m_currentOffset, result); - addPtr(TrustedImm32(size), result); - loadPtr(&allocator->m_currentBlock, storagePtr); - addPtr(TrustedImm32(HeapBlock::s_blockSize), storagePtr); - addSlowCase(branchPtr(AboveOrEqual, result, storagePtr)); - - // Load the original offset. - loadPtr(&allocator->m_currentOffset, result); - - // Bump the pointer forward. - move(result, storagePtr); - addPtr(TrustedImm32(size), storagePtr); - storePtr(storagePtr, &allocator->m_currentOffset); + loadPtr(&allocator->m_currentRemaining, result); + addSlowCase(branchSubPtr(Signed, TrustedImm32(size), result)); + storePtr(result, &allocator->m_currentRemaining); + negPtr(result); + addPtr(AbsoluteAddress(&allocator->m_currentPayloadEnd), result); + subPtr(TrustedImm32(size), result); } inline void JIT::emitAllocateJSArray(unsigned valuesRegister, unsigned length, RegisterID cellResult, RegisterID storageResult, RegisterID storagePtr) @@ -465,7 +456,7 @@ inline void JIT::emitAllocateJSArray(unsigned valuesRegister, unsigned length, R // We allocate the backing store first to ensure that garbage collection // doesn't happen during JSArray initialization. - emitAllocateBasicStorage(initialStorage, storageResult, storagePtr); + emitAllocateBasicStorage(initialStorage, storageResult); // Allocate the cell for the array. emitAllocateBasicJSObject<JSArray, false>(TrustedImmPtr(m_codeBlock->globalObject()->arrayStructure()), cellResult, storagePtr); |