Google Git
Sign in
webkit / WebKit / 2f5c83b4bf2bf548b379326e68d1935753cfa757^! / . / Source / JavaScriptCore / bytecode / CodeBlock.cpp
commit2f5c83b4bf2bf548b379326e68d1935753cfa757[log] [tgz]
authoroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Tue Feb 25 06:59:38 2014 +0000
committeroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Tue Feb 25 06:59:38 2014 +0000
treeb7f0a3b43b64d3bf2b5b06b4c996554e4b1f14f3
parent80a59ffdbfad254835b5030d79c00ce6d28af948 [diff] [blame]
Spread operator has a bad time when applied to call function
https://bugs.webkit.org/show_bug.cgi?id=128853

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

Follow on from the previous patch the added an extra slot to
op_call_varargs (and _call, _call_eval, _construct).  We now
use the slot as an offset to in effect act as a 'slice' on
the spread subject.  This allows us to automatically retain
all our existing argument and array optimisatons.  Most of
this patch is simply threading the offset around.

* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpBytecode):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitCall):
(JSC::BytecodeGenerator::emitCallVarargs):
* bytecompiler/BytecodeGenerator.h:
* bytecompiler/NodesCodegen.cpp:
(JSC::getArgumentByVal):
(JSC::CallFunctionCallDotNode::emitBytecode):
(JSC::ApplyFunctionCallDotNode::emitBytecode):
* interpreter/Interpreter.cpp:
(JSC::sizeFrameForVarargs):
(JSC::loadVarargs):
* interpreter/Interpreter.h:
* jit/CCallHelpers.h:
(JSC::CCallHelpers::setupArgumentsWithExecState):
* jit/JIT.h:
* jit/JITCall.cpp:
(JSC::JIT::compileLoadVarargs):
* jit/JITInlines.h:
(JSC::JIT::callOperation):
* jit/JITOperations.cpp:
* jit/JITOperations.h:
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
* runtime/Arguments.cpp:
(JSC::Arguments::copyToArguments):
* runtime/Arguments.h:
* runtime/JSArray.cpp:
(JSC::JSArray::copyToArguments):
* runtime/JSArray.h:

LayoutTests:

Test case all the things!

* js/regress/call-spread-call-expected.txt: Added.
* js/regress/call-spread-call.html: Added.
* js/regress/script-tests/call-spread-call.js: Added.
(testFunction):
(test2):
(test3):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@164630 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/Source/JavaScriptCore/bytecode/CodeBlock.cpp b/Source/JavaScriptCore/bytecode/CodeBlock.cpp
index 2a56a3c..d3ff55b 100644
--- a/Source/JavaScriptCore/bytecode/CodeBlock.cpp
+++ b/Source/JavaScriptCore/bytecode/CodeBlock.cpp

@@ -1194,9 +1194,10 @@
             int thisValue = (++it)->u.operand;
             int arguments = (++it)->u.operand;
             int firstFreeRegister = (++it)->u.operand;
+            int varArgOffset = (++it)->u.operand;
             ++it;
             printLocationAndOp(out, exec, location, it, "call_varargs");
-            out.printf("%s, %s, %s, %s, %d", registerName(result).data(), registerName(callee).data(), registerName(thisValue).data(), registerName(arguments).data(), firstFreeRegister);
+            out.printf("%s, %s, %s, %s, %d, %d", registerName(result).data(), registerName(callee).data(), registerName(thisValue).data(), registerName(arguments).data(), firstFreeRegister, varArgOffset);
             dumpValueProfiling(out, it, hasPrintedProfiling);
             break;
         }