[webkit-changes] [WebKit/WebKit] 3429f3: [JSC] Store `usedRegisters` only on `RepatchingPro...

Sun, 14 Jun 2026 17:22:28 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 3429f34cbda218ea107c11726e9832214790245d
      
https://github.com/WebKit/WebKit/commit/3429f34cbda218ea107c11726e9832214790245d
  Author: Sosuke Suzuki <[email protected]>
  Date:   2026-06-14 (Sun, 14 Jun 2026)

  Changed paths:
    M Source/JavaScriptCore/bytecode/InlineAccess.cpp
    M Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp
    M Source/JavaScriptCore/bytecode/PropertyInlineCache.cpp
    M Source/JavaScriptCore/bytecode/PropertyInlineCache.h
    M Source/JavaScriptCore/dfg/DFGJITCode.h
    M Source/JavaScriptCore/jit/JITInlineCacheGenerator.h

  Log Message:
  -----------
  [JSC] Store `usedRegisters` only on `RepatchingPropertyInlineCache`
https://bugs.webkit.org/show_bug.cgi?id=317087

Reviewed by Keith Miller.

The scratch-register set (usedRegisters) lived on the base PropertyInlineCache,
so every HandlerPropertyInlineCache carried it even though handler ICs never 
need
it: Baseline and DFG data ICs run with the fixed data-IC register convention, so
their unavailable-register set is always the constant 
stubUnavailableRegisters().
Only repatching ICs need a per-instance set, because their registers are chosen 
by
the register allocator at the call site.

Move the field to RepatchingPropertyInlineCache::m_usedRegisters and expose it
through a base usedRegisters() accessor that returns the constant for handler 
ICs
and the stored set for repatching ICs. This shrinks the dominant
HandlerPropertyInlineCache from 136 to 128 bytes on arm64; since Baseline 
handler
ICs are stored in a packed array (stride sizeof(...)), this is a linear per-IC 
saving.
RepatchingPropertyInlineCache is unchanged in size.

* Source/JavaScriptCore/bytecode/InlineAccess.cpp:
(JSC::getScratchRegister):
* Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp:
(JSC::InlineCacheCompiler::makeDefaultScratchAllocator):
* Source/JavaScriptCore/bytecode/PropertyInlineCache.cpp:
(JSC::HandlerPropertyInlineCache::initializeFromUnlinkedPropertyInlineCache):
(JSC::HandlerPropertyInlineCache::initializeFromDFGUnlinkedPropertyInlineCache):
* Source/JavaScriptCore/bytecode/PropertyInlineCache.h:
(JSC::PropertyInlineCache::usedRegisters const):
(JSC::PropertyInlineCache::setUsedRegisters):
(JSC::PropertyInlineCache::removeUsedRegister):
* Source/JavaScriptCore/dfg/DFGJITCode.h:
(JSC::DFG::UnlinkedPropertyInlineCache::setUsedRegisters):
(JSC::DFG::UnlinkedPropertyInlineCache::removeUsedRegister):
* Source/JavaScriptCore/jit/JITInlineCacheGenerator.h:
(JSC::JITInlineCacheGenerator::setUpPropertyInlineCacheImpl):

Canonical link: https://commits.webkit.org/315196@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications

Reply via email to