Reviewers: Mads Ager, Description: Experimental: for the inlined keyed load IC, change the base address used to compute the offset to the map compare instruction. Before it was the address of the call instruction, now it is the address of the test instruction immediately following the call.
Please review this at http://codereview.chromium.org/21448 SVN Base: http://v8.googlecode.com/svn/branches/experimental/toiger/ Affected files: M src/codegen-ia32.cc M src/ic-ia32.cc Index: src/ic-ia32.cc =================================================================== --- src/ic-ia32.cc (revision 1295) +++ src/ic-ia32.cc (working copy) @@ -739,15 +739,15 @@ // The keyed load has a fast inlined case if the IC call instruction // is immediately followed by a test instruction. if (*test_instruction_address == kTestEaxByte) { - // Fetch the offset from the call instruction to the map cmp + // Fetch the offset from the test instruction to the map cmp // instruction. This offset is stored in the last 4 bytes of the // 5 byte test instruction. Address offset_address = test_instruction_address + 1; int offset_value = *(reinterpret_cast<int*>(offset_address)); - // Compute the map address. The operand-immediate compare - // instruction is two bytes larger than a call instruction so we - // add 2 to get to the map address. - Address map_address = address + offset_value + 2; + // Compute the map address. The map address is in the last 4 + // bytes of the 7-byte operand-immediate compare instruction, so + // we add 3 to the offset to get the map address. + Address map_address = test_instruction_address + offset_value + 3; // patch the map check. (*(reinterpret_cast<Object**>(map_address))) = value; } Index: src/codegen-ia32.cc =================================================================== --- src/codegen-ia32.cc (revision 1295) +++ src/codegen-ia32.cc (working copy) @@ -4805,12 +4805,6 @@ // it in the IC initialization code and patch the cmp instruction. // This means that we cannot allow test instructions after calls to // KeyedLoadIC stubs in other places. - // - // The virtual frame should be spilled fully before the call so that - // the call itself does not generate extra code to spill values, - // which would invalidate the delta calculation. - cgen->frame()->SpillAll(); - int delta_to_patch_site = __ SizeOfCodeGeneratedSince(patch_site()); Result value(cgen); if (is_global_) { value = cgen->frame()->CallCodeObject(ic, @@ -4823,6 +4817,9 @@ // offset to the patch site will be expected in a test eax // instruction. ASSERT(value.is_register() && value.reg().is(eax)); + // The delta from the start of the map-compare instruction to the + // test eax instruction. + int delta_to_patch_site = __ SizeOfCodeGeneratedSince(patch_site()); __ test(value.reg(), Immediate(-delta_to_patch_site)); __ IncrementCounter(&Counters::keyed_load_inline_miss, 1); exit()->Jump(&value); --~--~---------~--~----~------------~-------~--~----~ v8-dev mailing list [email protected] http://groups.google.com/group/v8-dev -~----------~----~----~----~------~----~------~--~---
