Bug 789448 - Don't call GetPcScript under ToIdOperation. r=dvander

2024-09-13 09:24:08 -07:00 · 2012-09-10 10:16:24 +02:00 · 2012-09-10 10:16:24 +02:00 · 0522b0d60d
commit 0522b0d60d
parent 5d16f3abdd
4 changed files with 12 additions and 4 deletions
--- a/js/src/ion/CodeGenerator.cpp
+++ b/js/src/ion/CodeGenerator.cpp
@ -3527,11 +3527,14 @@ CodeGenerator::visitOutOfLineTypeOfV(OutOfLineTypeOfV *ool)
 bool
 CodeGenerator::visitToIdV(LToIdV *lir)
 {
-    typedef bool (*pf)(JSContext *, HandleValue, HandleValue, MutableHandleValue);
+    typedef bool (*pf)(JSContext *, HandleScript, jsbytecode *, HandleValue, HandleValue,
+                       MutableHandleValue);
    static const VMFunction Info = FunctionInfo<pf>(ToIdOperation);

    pushArg(ToValue(lir, LToIdV::Index));
    pushArg(ToValue(lir, LToIdV::Object));
+    pushArg(ImmWord(lir->mir()->resumePoint()->pc()));
+    pushArg(ImmGCPtr(current->mir()->info().script()));
    return callVM(Info, lir);
 }

--- a/js/src/ion/LIR-Common.h
+++ b/js/src/ion/LIR-Common.h
@ -372,6 +372,10 @@ class LToIdV : public LCallInstructionHelper<BOX_PIECES, 2 * BOX_PIECES, 0>

    static const size_t Object = 0;
    static const size_t Index = BOX_PIECES;
+
+    MToId *mir() const {
+        return mir_->toToId();
+    }
 };

 // Allocate an object for |new| on the caller-side.
--- a/js/src/jsinterp.cpp
+++ b/js/src/jsinterp.cpp
@ -2231,7 +2231,7 @@ BEGIN_CASE(JSOP_TOID)
    idval = regs.sp[-1];

    MutableHandleValue res = MutableHandleValue::fromMarkedLocation(&regs.sp[-1]);
-    if (!ToIdOperation(cx, objval, idval, res))
+    if (!ToIdOperation(cx, script, regs.pc, objval, idval, res))
        goto error;
 }
 END_CASE(JSOP_TOID)
--- a/js/src/jsinterpinlines.h
+++ b/js/src/jsinterpinlines.h
@ -652,7 +652,8 @@ FetchElementId(JSContext *cx, JSObject *obj, const Value &idval, jsid *idp, Muta
 }

 static JS_ALWAYS_INLINE bool
-ToIdOperation(JSContext *cx, HandleValue objval, HandleValue idval, MutableHandleValue res)
+ToIdOperation(JSContext *cx, HandleScript script, jsbytecode *pc, HandleValue objval,
+              HandleValue idval, MutableHandleValue res)
 {
    if (idval.isInt32()) {
        res.set(idval);
@ -668,7 +669,7 @@ ToIdOperation(JSContext *cx, HandleValue objval, HandleValue idval, MutableHandl
        return false;

    if (!res.isInt32())
-        types::TypeScript::MonitorUnknown(cx);
+        types::TypeScript::MonitorUnknown(cx, script, pc);
    return true;
 }