Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (95396 => 95397)
--- trunk/Source/_javascript_Core/ChangeLog 2011-09-18 18:18:26 UTC (rev 95396)
+++ trunk/Source/_javascript_Core/ChangeLog 2011-09-18 18:38:43 UTC (rev 95397)
@@ -1,3 +1,29 @@
+2011-09-17 Oliver Hunt <[email protected]>
+
+ Remove special case handling of inline storage from the JIT
+ https://bugs.webkit.org/show_bug.cgi?id=68319
+
+ Reviewed by Gavin Barraclough.
+
+ Simplify logic used for reading and writing to property storage
+ by removing the special cases for inline storage. This has no
+ perf impact.
+
+ * dfg/DFGRepatch.cpp:
+ (JSC::DFG::generateProtoChainAccessStub):
+ (JSC::DFG::tryBuildGetByIDList):
+ * jit/JIT.h:
+ * jit/JITPropertyAccess.cpp:
+ (JSC::JIT::compilePutDirectOffset):
+ (JSC::JIT::compileGetDirectOffset):
+ (JSC::JIT::privateCompilePutByIdTransition):
+ (JSC::JIT::privateCompileGetByIdSelfList):
+ * jit/JITPropertyAccess32_64.cpp:
+ (JSC::JIT::compilePutDirectOffset):
+ (JSC::JIT::compileGetDirectOffset):
+ (JSC::JIT::privateCompilePutByIdTransition):
+ (JSC::JIT::privateCompileGetByIdSelfList):
+
2011-09-17 Filip Pizlo <[email protected]>
DFG JIT does not have full block-local CSE
Modified: trunk/Source/_javascript_Core/dfg/DFGRepatch.cpp (95396 => 95397)
--- trunk/Source/_javascript_Core/dfg/DFGRepatch.cpp 2011-09-18 18:18:26 UTC (rev 95396)
+++ trunk/Source/_javascript_Core/dfg/DFGRepatch.cpp 2011-09-18 18:38:43 UTC (rev 95397)
@@ -124,10 +124,7 @@
currStructure = it->get();
}
- if (protoObject->structure()->isUsingInlineStorage())
- stubJit.loadPtr(MacroAssembler::Address(scratchGPR, JSObject::offsetOfInlineStorage() + offset * sizeof(JSValue)), resultGPR);
- else
- stubJit.loadPtr(protoObject->addressOfPropertyAtOffset(offset), resultGPR);
+ stubJit.loadPtr(protoObject->addressOfPropertyAtOffset(offset), resultGPR);
MacroAssembler::Jump success, fail;
@@ -339,14 +336,10 @@
MacroAssembler stubJit;
MacroAssembler::Jump wrongStruct = stubJit.branchPtr(MacroAssembler::NotEqual, MacroAssembler::Address(baseGPR, JSCell::structureOffset()), MacroAssembler::TrustedImmPtr(structure));
-
- if (structure->isUsingInlineStorage())
- stubJit.loadPtr(MacroAssembler::Address(baseGPR, JSObject::offsetOfInlineStorage() + slot.cachedOffset() * sizeof(JSValue)), resultGPR);
- else {
- stubJit.loadPtr(MacroAssembler::Address(baseGPR, JSObject::offsetOfPropertyStorage()), resultGPR);
- stubJit.loadPtr(MacroAssembler::Address(resultGPR, slot.cachedOffset() * sizeof(JSValue)), resultGPR);
- }
-
+
+ stubJit.loadPtr(MacroAssembler::Address(baseGPR, JSObject::offsetOfPropertyStorage()), resultGPR);
+ stubJit.loadPtr(MacroAssembler::Address(resultGPR, slot.cachedOffset() * sizeof(JSValue)), resultGPR);
+
MacroAssembler::Jump success = stubJit.jump();
LinkBuffer patchBuffer(*globalData, &stubJit);
Modified: trunk/Source/_javascript_Core/jit/JIT.h (95396 => 95397)
--- trunk/Source/_javascript_Core/jit/JIT.h 2011-09-18 18:18:26 UTC (rev 95396)
+++ trunk/Source/_javascript_Core/jit/JIT.h 2011-09-18 18:38:43 UTC (rev 95397)
@@ -362,10 +362,10 @@
void compileGetByIdHotPath();
void compileGetByIdSlowCase(int resultVReg, int baseVReg, Identifier* ident, Vector<SlowCaseEntry>::iterator& iter, bool isMethodCheck = false);
- void compileGetDirectOffset(RegisterID base, RegisterID resultTag, RegisterID resultPayload, Structure* structure, size_t cachedOffset);
+ void compileGetDirectOffset(RegisterID base, RegisterID resultTag, RegisterID resultPayload, size_t cachedOffset);
void compileGetDirectOffset(JSObject* base, RegisterID resultTag, RegisterID resultPayload, size_t cachedOffset);
void compileGetDirectOffset(RegisterID base, RegisterID resultTag, RegisterID resultPayload, RegisterID offset);
- void compilePutDirectOffset(RegisterID base, RegisterID valueTag, RegisterID valuePayload, Structure* structure, size_t cachedOffset);
+ void compilePutDirectOffset(RegisterID base, RegisterID valueTag, RegisterID valuePayload, size_t cachedOffset);
// Arithmetic opcode helpers
void emitAdd32Constant(unsigned dst, unsigned op, int32_t constant, ResultType opType);
@@ -605,10 +605,10 @@
void compileGetByIdHotPath(int baseVReg, Identifier*);
void compileGetByIdSlowCase(int resultVReg, int baseVReg, Identifier* ident, Vector<SlowCaseEntry>::iterator& iter, bool isMethodCheck = false);
- void compileGetDirectOffset(RegisterID base, RegisterID result, Structure* structure, size_t cachedOffset);
+ void compileGetDirectOffset(RegisterID base, RegisterID result, size_t cachedOffset);
void compileGetDirectOffset(JSObject* base, RegisterID result, size_t cachedOffset);
void compileGetDirectOffset(RegisterID base, RegisterID result, RegisterID offset, RegisterID scratch);
- void compilePutDirectOffset(RegisterID base, RegisterID value, Structure* structure, size_t cachedOffset);
+ void compilePutDirectOffset(RegisterID base, RegisterID value, size_t cachedOffset);
#if CPU(X86_64)
// These architecture specific value are used to enable patching - see comment on op_put_by_id.
Modified: trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp (95396 => 95397)
--- trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp 2011-09-18 18:18:26 UTC (rev 95396)
+++ trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp 2011-09-18 18:38:43 UTC (rev 95397)
@@ -482,27 +482,19 @@
// Compile a store into an object's property storage. May overwrite the
// value in objectReg.
-void JIT::compilePutDirectOffset(RegisterID base, RegisterID value, Structure* structure, size_t cachedOffset)
+void JIT::compilePutDirectOffset(RegisterID base, RegisterID value, size_t cachedOffset)
{
int offset = cachedOffset * sizeof(JSValue);
- if (structure->isUsingInlineStorage())
- offset += JSObject::offsetOfInlineStorage();
- else
- loadPtr(Address(base, JSObject::offsetOfPropertyStorage()), base);
+ loadPtr(Address(base, JSObject::offsetOfPropertyStorage()), base);
storePtr(value, Address(base, offset));
}
// Compile a load from an object's property storage. May overwrite base.
-void JIT::compileGetDirectOffset(RegisterID base, RegisterID result, Structure* structure, size_t cachedOffset)
+void JIT::compileGetDirectOffset(RegisterID base, RegisterID result, size_t cachedOffset)
{
int offset = cachedOffset * sizeof(JSValue);
- if (structure->isUsingInlineStorage()) {
- offset += JSObject::offsetOfInlineStorage();
- loadPtr(Address(base, offset), result);
- } else {
- loadPtr(Address(base, JSObject::offsetOfPropertyStorage()), result);
- loadPtr(Address(result, offset), result);
- }
+ loadPtr(Address(base, JSObject::offsetOfPropertyStorage()), result);
+ loadPtr(Address(result, offset), result);
}
void JIT::compileGetDirectOffset(JSObject* base, RegisterID result, size_t cachedOffset)
@@ -548,7 +540,7 @@
emitWriteBarrier(regT0, regT2, WriteBarrierForPropertyAccess);
storePtr(TrustedImmPtr(newStructure), Address(regT0, JSCell::structureOffset()));
- compilePutDirectOffset(regT0, regT1, newStructure, cachedOffset);
+ compilePutDirectOffset(regT0, regT1, cachedOffset);
ret();
@@ -707,7 +699,7 @@
bool needsStubLink = false;
if (slot.cachedPropertyType() == PropertySlot::Getter) {
needsStubLink = true;
- compileGetDirectOffset(regT0, regT1, structure, cachedOffset);
+ compileGetDirectOffset(regT0, regT1, cachedOffset);
JITStubCall stubCall(this, cti_op_get_by_id_getter_stub);
stubCall.addArgument(regT1);
stubCall.addArgument(regT0);
@@ -722,7 +714,7 @@
stubCall.addArgument(TrustedImmPtr(stubInfo->callReturnLocation.executableAddress()));
stubCall.call();
} else
- compileGetDirectOffset(regT0, regT0, structure, cachedOffset);
+ compileGetDirectOffset(regT0, regT0, cachedOffset);
Jump success = jump();
LinkBuffer patchBuffer(*m_globalData, this);
Modified: trunk/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp (95396 => 95397)
--- trunk/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp 2011-09-18 18:18:26 UTC (rev 95396)
+++ trunk/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp 2011-09-18 18:38:43 UTC (rev 95397)
@@ -440,28 +440,20 @@
}
// Compile a store into an object's property storage. May overwrite base.
-void JIT::compilePutDirectOffset(RegisterID base, RegisterID valueTag, RegisterID valuePayload, Structure* structure, size_t cachedOffset)
+void JIT::compilePutDirectOffset(RegisterID base, RegisterID valueTag, RegisterID valuePayload, size_t cachedOffset)
{
int offset = cachedOffset;
- if (structure->isUsingInlineStorage())
- offset += JSObject::offsetOfInlineStorage() / sizeof(Register);
- else
- loadPtr(Address(base, JSObject::offsetOfPropertyStorage()), base);
+ loadPtr(Address(base, JSObject::offsetOfPropertyStorage()), base);
emitStore(offset, valueTag, valuePayload, base);
}
// Compile a load from an object's property storage. May overwrite base.
-void JIT::compileGetDirectOffset(RegisterID base, RegisterID resultTag, RegisterID resultPayload, Structure* structure, size_t cachedOffset)
+void JIT::compileGetDirectOffset(RegisterID base, RegisterID resultTag, RegisterID resultPayload, size_t cachedOffset)
{
int offset = cachedOffset;
- if (structure->isUsingInlineStorage()) {
- offset += JSObject::offsetOfInlineStorage() / sizeof(Register);
- emitLoad(offset, resultTag, resultPayload, base);
- } else {
- RegisterID temp = resultPayload;
- loadPtr(Address(base, JSObject::offsetOfPropertyStorage()), temp);
- emitLoad(offset, resultTag, resultPayload, temp);
- }
+ RegisterID temp = resultPayload;
+ loadPtr(Address(base, JSObject::offsetOfPropertyStorage()), temp);
+ emitLoad(offset, resultTag, resultPayload, temp);
}
void JIT::compileGetDirectOffset(JSObject* base, RegisterID resultTag, RegisterID resultPayload, size_t cachedOffset)
@@ -534,7 +526,7 @@
load32(Address(stackPointerRegister, OBJECT_OFFSETOF(JITStackFrame, args[2]) + sizeof(void*) + OBJECT_OFFSETOF(JSValue, u.asBits.payload)), regT3);
load32(Address(stackPointerRegister, OBJECT_OFFSETOF(JITStackFrame, args[2]) + sizeof(void*) + OBJECT_OFFSETOF(JSValue, u.asBits.tag)), regT2);
#endif
- compilePutDirectOffset(regT0, regT2, regT3, newStructure, cachedOffset);
+ compilePutDirectOffset(regT0, regT2, regT3, cachedOffset);
ret();
@@ -703,7 +695,7 @@
bool needsStubLink = false;
if (slot.cachedPropertyType() == PropertySlot::Getter) {
needsStubLink = true;
- compileGetDirectOffset(regT0, regT2, regT1, structure, cachedOffset);
+ compileGetDirectOffset(regT0, regT2, regT1, cachedOffset);
JITStubCall stubCall(this, cti_op_get_by_id_getter_stub);
stubCall.addArgument(regT1);
stubCall.addArgument(regT0);
@@ -718,7 +710,7 @@
stubCall.addArgument(TrustedImmPtr(stubInfo->callReturnLocation.executableAddress()));
stubCall.call();
} else
- compileGetDirectOffset(regT0, regT1, regT0, structure, cachedOffset);
+ compileGetDirectOffset(regT0, regT1, regT0, cachedOffset);
Jump success = jump();
