On Jul 19, 2012, at 2:28 AM, wingoog moon <wingoo...@gmail.com> wrote:
> Hi all. > > I'm trying to understand how resolve_global instruction works for several > days. Let's look at the code > > void JIT::emit_op_resolve_global(Instruction* currentInstruction, bool) > { > > // Fast case > void* globalObject = m_codeBlock->globalObject(); > unsigned currentIndex = m_globalResolveInfoIndex++; > GlobalResolveInfo* resolveInfoAddress = > &(m_codeBlock->globalResolveInfo(currentIndex)); > > // Check Structure of global object > > move(TrustedImmPtr(globalObject), regT0); //loads address of globalObject > to eax(regT0) > move(TrustedImmPtr(resolveInfoAddress), regT2);// loads address of > resolveInfoAddress to ecx(regT2) > loadPtr(Address(regT2, OBJECT_OFFSETOF(GlobalResolveInfo, structure)), > regT1); > addSlowCase(branchPtr(NotEqual, regT1, Address(regT0, > JSCell::structureOffset()))); // Structures don't match // Do some checking > > > > // Load cached property > // Assume that the global object always uses external storage. > loadPtr(Address(regT0, OBJECT_OFFSETOF(JSGlobalObject, > m_propertyStorage)), regT0); // loads m_propertyStorage to eax > > // Here is interesting thing happens > // offset member of GlobalResolveInfo class is always 0; No, it isn't. It may be initially zero, but the offset changes. > load32(Address(regT2, OBJECT_OFFSETOF(GlobalResolveInfo, offset)), regT1); > //move value of GlobalResolveInfo offset member(it's always 0 ) to edx(regT1) > > //So here we always mov same value to eax(regT0), regardless of whether our > global Array , String or Object > loadPtr(BaseIndex(regT0, regT1, ScalePtr), regT0); > emitValueProfilingSite(); > emitPutVirtualRegister(currentInstruction[1].u.operand); > > } > > So > > 1. What is mystery of this instruction, how it's really works let's say for > this example??? > > var a=Array(5); > var s=String; > var o=Object; > > > 2. What is in m_propertyStorage, and when it's sets? In your version of the code (which is a bit old), m_propertyStorage points to an array that holds the values of all of the properties of the object. > > > Thanks for attention! > > > > > _______________________________________________ > webkit-dev mailing list > webkit-dev@lists.webkit.org > http://lists.webkit.org/mailman/listinfo/webkit-dev
_______________________________________________ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo/webkit-dev