Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (129286 => 129287)
--- trunk/Source/_javascript_Core/ChangeLog 2012-09-22 01:13:54 UTC (rev 129286)
+++ trunk/Source/_javascript_Core/ChangeLog 2012-09-22 01:18:54 UTC (rev 129287)
@@ -1,5 +1,46 @@
2012-09-21 Gavin Barraclough <[email protected]>
+ Remove redundant argument to op_instanceof
+ https://bugs.webkit.org/show_bug.cgi?id=97382
+
+ Reviewed by Geoff Garen.
+
+ No longer needed after my last change.
+
+ * bytecode/CodeBlock.cpp:
+ (JSC::CodeBlock::dump):
+ * bytecode/Opcode.h:
+ (JSC):
+ (JSC::padOpcodeName):
+ * bytecompiler/BytecodeGenerator.cpp:
+ (JSC::BytecodeGenerator::emitInstanceOf):
+ * bytecompiler/BytecodeGenerator.h:
+ (BytecodeGenerator):
+ * bytecompiler/NodesCodegen.cpp:
+ (JSC::InstanceOfNode::emitBytecode):
+ * dfg/DFGAbstractState.cpp:
+ (JSC::DFG::AbstractState::execute):
+ * dfg/DFGByteCodeParser.cpp:
+ (JSC::DFG::ByteCodeParser::parseBlock):
+ * dfg/DFGSpeculativeJIT.cpp:
+ (JSC::DFG::SpeculativeJIT::compileInstanceOf):
+ * interpreter/Interpreter.cpp:
+ (JSC::Interpreter::privateExecute):
+ * jit/JITOpcodes.cpp:
+ (JSC::JIT::emit_op_instanceof):
+ (JSC::JIT::emitSlow_op_instanceof):
+ * jit/JITOpcodes32_64.cpp:
+ (JSC::JIT::emit_op_instanceof):
+ (JSC::JIT::emitSlow_op_instanceof):
+ * jit/JITStubs.cpp:
+ (JSC::DEFINE_STUB_FUNCTION):
+ * llint/LLIntSlowPaths.cpp:
+ (JSC::LLInt::LLINT_SLOW_PATH_DECL):
+ * llint/LowLevelInterpreter32_64.asm:
+ * llint/LowLevelInterpreter64.asm:
+
+2012-09-21 Gavin Barraclough <[email protected]>
+
Unreviewed windows build fix.
* _javascript_Core.vcproj/_javascript_Core/_javascript_Core.def:
Modified: trunk/Source/_javascript_Core/bytecode/CodeBlock.cpp (129286 => 129287)
--- trunk/Source/_javascript_Core/bytecode/CodeBlock.cpp 2012-09-22 01:13:54 UTC (rev 129286)
+++ trunk/Source/_javascript_Core/bytecode/CodeBlock.cpp 2012-09-22 01:18:54 UTC (rev 129287)
@@ -885,8 +885,7 @@
int r0 = (++it)->u.operand;
int r1 = (++it)->u.operand;
int r2 = (++it)->u.operand;
- int r3 = (++it)->u.operand;
- dataLog("[%4d] instanceof\t\t %s, %s, %s, %s", location, registerName(exec, r0).data(), registerName(exec, r1).data(), registerName(exec, r2).data(), registerName(exec, r3).data());
+ dataLog("[%4d] instanceof\t\t %s, %s, %s", location, registerName(exec, r0).data(), registerName(exec, r1).data(), registerName(exec, r2).data());
dumpBytecodeCommentAndNewLine(location);
break;
}
Modified: trunk/Source/_javascript_Core/bytecode/Opcode.h (129286 => 129287)
--- trunk/Source/_javascript_Core/bytecode/Opcode.h 2012-09-22 01:13:54 UTC (rev 129286)
+++ trunk/Source/_javascript_Core/bytecode/Opcode.h 2012-09-22 01:18:54 UTC (rev 129287)
@@ -85,7 +85,7 @@
macro(op_bitor, 5) \
\
macro(op_check_has_instance, 5) \
- macro(op_instanceof, 5) \
+ macro(op_instanceof, 4) \
macro(op_typeof, 3) \
macro(op_is_undefined, 3) \
macro(op_is_boolean, 3) \
Modified: trunk/Source/_javascript_Core/bytecompiler/BytecodeGenerator.cpp (129286 => 129287)
--- trunk/Source/_javascript_Core/bytecompiler/BytecodeGenerator.cpp 2012-09-22 01:13:54 UTC (rev 129286)
+++ trunk/Source/_javascript_Core/bytecompiler/BytecodeGenerator.cpp 2012-09-22 01:18:54 UTC (rev 129287)
@@ -1467,12 +1467,11 @@
instructions().append(target->bind(begin, instructions().size()));
}
-RegisterID* BytecodeGenerator::emitInstanceOf(RegisterID* dst, RegisterID* value, RegisterID* base, RegisterID* basePrototype)
+RegisterID* BytecodeGenerator::emitInstanceOf(RegisterID* dst, RegisterID* value, RegisterID* basePrototype)
{
emitOpcode(op_instanceof);
instructions().append(dst->index());
instructions().append(value->index());
- instructions().append(base->index());
instructions().append(basePrototype->index());
return dst;
}
Modified: trunk/Source/_javascript_Core/bytecompiler/BytecodeGenerator.h (129286 => 129287)
--- trunk/Source/_javascript_Core/bytecompiler/BytecodeGenerator.h 2012-09-22 01:13:54 UTC (rev 129286)
+++ trunk/Source/_javascript_Core/bytecompiler/BytecodeGenerator.h 2012-09-22 01:18:54 UTC (rev 129287)
@@ -456,7 +456,7 @@
RegisterID* emitPostDec(RegisterID* dst, RegisterID* srcDst);
void emitCheckHasInstance(RegisterID* dst, RegisterID* value, RegisterID* base, Label* target);
- RegisterID* emitInstanceOf(RegisterID* dst, RegisterID* value, RegisterID* base, RegisterID* basePrototype);
+ RegisterID* emitInstanceOf(RegisterID* dst, RegisterID* value, RegisterID* basePrototype);
RegisterID* emitTypeOf(RegisterID* dst, RegisterID* src) { return emitUnaryOp(op_typeof, dst, src); }
RegisterID* emitIn(RegisterID* dst, RegisterID* property, RegisterID* base) { return emitBinaryOp(op_in, dst, property, base, OperandTypes()); }
Modified: trunk/Source/_javascript_Core/bytecompiler/NodesCodegen.cpp (129286 => 129287)
--- trunk/Source/_javascript_Core/bytecompiler/NodesCodegen.cpp 2012-09-22 01:13:54 UTC (rev 129286)
+++ trunk/Source/_javascript_Core/bytecompiler/NodesCodegen.cpp 2012-09-22 01:18:54 UTC (rev 129287)
@@ -1099,7 +1099,7 @@
generator.emitGetById(prototype.get(), src2.get(), generator.globalData()->propertyNames->prototype);
generator.emitExpressionInfo(divot(), startOffset(), endOffset());
- RegisterID* result = generator.emitInstanceOf(dstReg.get(), src1.get(), src2.get(), prototype.get());
+ RegisterID* result = generator.emitInstanceOf(dstReg.get(), src1.get(), prototype.get());
generator.emitLabel(target.get());
return result;
}
Modified: trunk/Source/_javascript_Core/dfg/DFGAbstractState.cpp (129286 => 129287)
--- trunk/Source/_javascript_Core/dfg/DFGAbstractState.cpp 2012-09-22 01:13:54 UTC (rev 129286)
+++ trunk/Source/_javascript_Core/dfg/DFGAbstractState.cpp 2012-09-22 01:18:54 UTC (rev 129287)
@@ -1477,7 +1477,7 @@
// Again, sadly, we don't propagate the fact that we've done InstanceOf
if (!(m_graph[node.child1()].prediction() & ~SpecCell) && !(forNode(node.child1()).m_type & ~SpecCell))
forNode(node.child1()).filter(SpecCell);
- forNode(node.child3()).filter(SpecCell);
+ forNode(node.child2()).filter(SpecCell);
forNode(nodeIndex).set(SpecBoolean);
break;
Modified: trunk/Source/_javascript_Core/dfg/DFGByteCodeParser.cpp (129286 => 129287)
--- trunk/Source/_javascript_Core/dfg/DFGByteCodeParser.cpp 2012-09-22 01:13:54 UTC (rev 129286)
+++ trunk/Source/_javascript_Core/dfg/DFGByteCodeParser.cpp 2012-09-22 01:18:54 UTC (rev 129287)
@@ -2054,9 +2054,8 @@
case op_instanceof: {
NodeIndex value = get(currentInstruction[2].u.operand);
- NodeIndex baseValue = get(currentInstruction[3].u.operand);
- NodeIndex prototype = get(currentInstruction[4].u.operand);
- set(currentInstruction[1].u.operand, addToGraph(InstanceOf, value, baseValue, prototype));
+ NodeIndex prototype = get(currentInstruction[3].u.operand);
+ set(currentInstruction[1].u.operand, addToGraph(InstanceOf, value, prototype));
NEXT_OPCODE(op_instanceof);
}
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp (129286 => 129287)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp 2012-09-22 01:13:54 UTC (rev 129286)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp 2012-09-22 01:18:54 UTC (rev 129287)
@@ -2416,8 +2416,7 @@
}
SpeculateCellOperand value(this, node.child1());
- // Base unused since we speculate default InstanceOf behaviour in CheckHasInstance.
- SpeculateCellOperand prototype(this, node.child3());
+ SpeculateCellOperand prototype(this, node.child2());
GPRTemporary scratch(this);
Modified: trunk/Source/_javascript_Core/interpreter/Interpreter.cpp (129286 => 129287)
--- trunk/Source/_javascript_Core/interpreter/Interpreter.cpp 2012-09-22 01:13:54 UTC (rev 129286)
+++ trunk/Source/_javascript_Core/interpreter/Interpreter.cpp 2012-09-22 01:18:54 UTC (rev 129287)
@@ -2435,10 +2435,8 @@
*/
int dst = vPC[1].u.operand;
int value = vPC[2].u.operand;
- int baseProto = vPC[4].u.operand;
+ int baseProto = vPC[3].u.operand;
- ASSERT(callFrame->r(vPC[3].u.operand).jsValue().isObject() && asObject(callFrame->r(vPC[3].u.operand).jsValue())->structure()->typeInfo().implementsDefaultHasInstance());
-
bool result = JSObject::defaultHasInstance(callFrame, callFrame->r(value).jsValue(), callFrame->r(baseProto).jsValue());
CHECK_FOR_EXCEPTION();
callFrame->uncheckedR(dst) = jsBoolean(result);
Modified: trunk/Source/_javascript_Core/jit/JITOpcodes.cpp (129286 => 129287)
--- trunk/Source/_javascript_Core/jit/JITOpcodes.cpp 2012-09-22 01:13:54 UTC (rev 129286)
+++ trunk/Source/_javascript_Core/jit/JITOpcodes.cpp 2012-09-22 01:18:54 UTC (rev 129287)
@@ -423,7 +423,7 @@
{
unsigned dst = currentInstruction[1].u.operand;
unsigned value = currentInstruction[2].u.operand;
- unsigned proto = currentInstruction[4].u.operand;
+ unsigned proto = currentInstruction[3].u.operand;
// Load the operands (baseVal, proto, and value respectively) into registers.
// We use regT0 for baseVal since we will be done with this first, and we can then use it for the result.
@@ -1463,15 +1463,13 @@
{
unsigned dst = currentInstruction[1].u.operand;
unsigned value = currentInstruction[2].u.operand;
- unsigned baseVal = currentInstruction[3].u.operand;
- unsigned proto = currentInstruction[4].u.operand;
+ unsigned proto = currentInstruction[3].u.operand;
linkSlowCaseIfNotJSCell(iter, value);
linkSlowCaseIfNotJSCell(iter, proto);
linkSlowCase(iter);
JITStubCall stubCall(this, cti_op_instanceof);
stubCall.addArgument(value, regT2);
- stubCall.addArgument(baseVal, regT2);
stubCall.addArgument(proto, regT2);
stubCall.call(dst);
}
Modified: trunk/Source/_javascript_Core/jit/JITOpcodes32_64.cpp (129286 => 129287)
--- trunk/Source/_javascript_Core/jit/JITOpcodes32_64.cpp 2012-09-22 01:13:54 UTC (rev 129286)
+++ trunk/Source/_javascript_Core/jit/JITOpcodes32_64.cpp 2012-09-22 01:18:54 UTC (rev 129287)
@@ -559,7 +559,7 @@
{
unsigned dst = currentInstruction[1].u.operand;
unsigned value = currentInstruction[2].u.operand;
- unsigned proto = currentInstruction[4].u.operand;
+ unsigned proto = currentInstruction[3].u.operand;
// Load the operands into registers.
// We use regT0 for baseVal since we will be done with this first, and we can then use it for the result.
@@ -616,8 +616,7 @@
{
unsigned dst = currentInstruction[1].u.operand;
unsigned value = currentInstruction[2].u.operand;
- unsigned baseVal = currentInstruction[3].u.operand;
- unsigned proto = currentInstruction[4].u.operand;
+ unsigned proto = currentInstruction[3].u.operand;
linkSlowCaseIfNotJSCell(iter, value);
linkSlowCaseIfNotJSCell(iter, proto);
@@ -625,7 +624,6 @@
JITStubCall stubCall(this, cti_op_instanceof);
stubCall.addArgument(value);
- stubCall.addArgument(baseVal);
stubCall.addArgument(proto);
stubCall.call(dst);
}
Modified: trunk/Source/_javascript_Core/jit/JITStubs.cpp (129286 => 129287)
--- trunk/Source/_javascript_Core/jit/JITStubs.cpp 2012-09-22 01:13:54 UTC (rev 129286)
+++ trunk/Source/_javascript_Core/jit/JITStubs.cpp 2012-09-22 01:18:54 UTC (rev 129287)
@@ -2088,9 +2088,8 @@
CallFrame* callFrame = stackFrame.callFrame;
JSValue value = stackFrame.args[0].jsValue();
- JSValue proto = stackFrame.args[2].jsValue();
+ JSValue proto = stackFrame.args[1].jsValue();
- ASSERT(stackFrame.args[1].jsValue().isObject() && asObject(stackFrame.args[1].jsValue())->structure()->typeInfo().implementsDefaultHasInstance());
ASSERT(!value.isObject() || !proto.isObject());
bool result = JSObject::defaultHasInstance(callFrame, value, proto);
Modified: trunk/Source/_javascript_Core/llint/LLIntSlowPaths.cpp (129286 => 129287)
--- trunk/Source/_javascript_Core/llint/LLIntSlowPaths.cpp 2012-09-22 01:13:54 UTC (rev 129286)
+++ trunk/Source/_javascript_Core/llint/LLIntSlowPaths.cpp 2012-09-22 01:18:54 UTC (rev 129287)
@@ -736,8 +736,7 @@
{
LLINT_BEGIN();
JSValue value = LLINT_OP_C(2).jsValue();
- JSValue proto = LLINT_OP_C(4).jsValue();
- ASSERT(LLINT_OP_C(3).jsValue().isObject() && asObject(LLINT_OP_C(3).jsValue())->structure()->typeInfo().implementsDefaultHasInstance());
+ JSValue proto = LLINT_OP_C(3).jsValue();
ASSERT(!value.isObject() || !proto.isObject());
LLINT_RETURN(jsBoolean(JSObject::defaultHasInstance(exec, value, proto)));
}
Modified: trunk/Source/_javascript_Core/llint/LowLevelInterpreter32_64.asm (129286 => 129287)
--- trunk/Source/_javascript_Core/llint/LowLevelInterpreter32_64.asm 2012-09-22 01:13:54 UTC (rev 129286)
+++ trunk/Source/_javascript_Core/llint/LowLevelInterpreter32_64.asm 2012-09-22 01:18:54 UTC (rev 129287)
@@ -847,7 +847,7 @@
_llint_op_instanceof:
traceExecution()
# Actually do the work.
- loadi 16[PC], t0
+ loadi 12[PC], t0
loadi 4[PC], t3
loadConstantOrVariablePayload(t0, CellTag, t1, .opInstanceofSlow)
loadp JSCell::m_structure[t1], t2
@@ -867,11 +867,11 @@
.opInstanceofDone:
storei BooleanTag, TagOffset[cfr, t3, 8]
storei t0, PayloadOffset[cfr, t3, 8]
- dispatch(5)
+ dispatch(4)
.opInstanceofSlow:
callSlowPath(_llint_slow_path_instanceof)
- dispatch(5)
+ dispatch(4)
_llint_op_is_undefined:
Modified: trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm (129286 => 129287)
--- trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm 2012-09-22 01:13:54 UTC (rev 129286)
+++ trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm 2012-09-22 01:18:54 UTC (rev 129287)
@@ -705,7 +705,7 @@
_llint_op_instanceof:
traceExecution()
# Actually do the work.
- loadis 32[PB, PC, 8], t0
+ loadis 24[PB, PC, 8], t0
loadis 8[PB, PC, 8], t3
loadConstantOrVariableCell(t0, t1, .opInstanceofSlow)
loadp JSCell::m_structure[t1], t2
@@ -725,11 +725,11 @@
.opInstanceofDone:
orp ValueFalse, t0
storep t0, [cfr, t3, 8]
- dispatch(5)
+ dispatch(4)
.opInstanceofSlow:
callSlowPath(_llint_slow_path_instanceof)
- dispatch(5)
+ dispatch(4)
_llint_op_is_undefined:
