Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (190672 => 190673)
--- trunk/Source/_javascript_Core/ChangeLog 2015-10-07 17:28:38 UTC (rev 190672)
+++ trunk/Source/_javascript_Core/ChangeLog 2015-10-07 18:04:54 UTC (rev 190673)
@@ -1,3 +1,30 @@
+2015-10-07 Filip Pizlo <[email protected]>
+
+ JIT::compileGetDirectOffset is useless
+ https://bugs.webkit.org/show_bug.cgi?id=149878
+
+ Reviewed by Mark Lam.
+
+ Two of the overloads of this method were never called. The other was called only from one
+ place, in a manner that rendered most of its code dead. This change removes the dead code and
+ folds the method into its one caller.
+
+ * jit/JIT.h:
+ * jit/JITPropertyAccess.cpp:
+ (JSC::JIT::emitSlow_op_get_by_val):
+ (JSC::JIT::emit_op_put_by_val):
+ (JSC::JIT::compilePutDirectOffset):
+ (JSC::JIT::emitVarInjectionCheck):
+ (JSC::JIT::emitGetGlobalProperty):
+ (JSC::JIT::emitGetVarFromPointer):
+ (JSC::JIT::compileGetDirectOffset): Deleted.
+ * jit/JITPropertyAccess32_64.cpp:
+ (JSC::JIT::compilePutDirectOffset):
+ (JSC::JIT::emitVarInjectionCheck):
+ (JSC::JIT::emitGetGlobalProperty):
+ (JSC::JIT::emitGetVarFromPointer):
+ (JSC::JIT::compileGetDirectOffset): Deleted.
+
2015-10-06 Filip Pizlo <[email protected]>
Inline caches should handle out-of-line offsets out-of-line
Modified: trunk/Source/_javascript_Core/jit/JIT.h (190672 => 190673)
--- trunk/Source/_javascript_Core/jit/JIT.h 2015-10-07 17:28:38 UTC (rev 190672)
+++ trunk/Source/_javascript_Core/jit/JIT.h 2015-10-07 18:04:54 UTC (rev 190673)
@@ -425,10 +425,6 @@
void emitJumpSlowCaseIfNotJSCell(int virtualRegisterIndex, RegisterID tag);
void compileGetByIdHotPath(const Identifier*);
- void compileGetDirectOffset(RegisterID base, RegisterID resultTag, RegisterID resultPayload, PropertyOffset cachedOffset);
- void compileGetDirectOffset(JSObject* base, RegisterID resultTag, RegisterID resultPayload, PropertyOffset cachedOffset);
- void compileGetDirectOffset(RegisterID base, RegisterID resultTag, RegisterID resultPayload, RegisterID offset, FinalObjectMode = MayBeFinal);
- void compilePutDirectOffset(RegisterID base, RegisterID valueTag, RegisterID valuePayload, PropertyOffset cachedOffset);
// Arithmetic opcode helpers
void emitAdd32Constant(int dst, int op, int32_t constant, ResultType opType);
Modified: trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp (190672 => 190673)
--- trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp 2015-10-07 17:28:38 UTC (rev 190672)
+++ trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp 2015-10-07 18:04:54 UTC (rev 190673)
@@ -267,31 +267,6 @@
emitValueProfilingSite();
}
-void JIT::compileGetDirectOffset(RegisterID base, RegisterID result, RegisterID offset, RegisterID scratch, FinalObjectMode finalObjectMode)
-{
- ASSERT(sizeof(JSValue) == 8);
-
- if (finalObjectMode == MayBeFinal) {
- Jump isInline = branch32(LessThan, offset, TrustedImm32(firstOutOfLineOffset));
- loadPtr(Address(base, JSObject::butterflyOffset()), scratch);
- neg32(offset);
- Jump done = jump();
- isInline.link(this);
- addPtr(TrustedImm32(JSObject::offsetOfInlineStorage() - (firstOutOfLineOffset - 2) * sizeof(EncodedJSValue)), base, scratch);
- done.link(this);
- } else {
- if (!ASSERT_DISABLED) {
- Jump isOutOfLine = branch32(GreaterThanOrEqual, offset, TrustedImm32(firstOutOfLineOffset));
- abortWithReason(JITOffsetIsNotOutOfLine);
- isOutOfLine.link(this);
- }
- loadPtr(Address(base, JSObject::butterflyOffset()), scratch);
- neg32(offset);
- }
- signExtend32ToPtr(offset, offset);
- load64(BaseIndex(scratch, offset, TimesEight, (firstOutOfLineOffset - 2) * sizeof(EncodedJSValue)), result);
-}
-
void JIT::emit_op_put_by_val(Instruction* currentInstruction)
{
int base = currentInstruction[1].u.operand;
@@ -661,29 +636,6 @@
store64(value, Address(base, sizeof(JSValue) * offsetInButterfly(cachedOffset)));
}
-// Compile a load from an object's property storage. May overwrite base.
-void JIT::compileGetDirectOffset(RegisterID base, RegisterID result, PropertyOffset cachedOffset)
-{
- if (isInlineOffset(cachedOffset)) {
- load64(Address(base, JSObject::offsetOfInlineStorage() + sizeof(JSValue) * offsetInInlineStorage(cachedOffset)), result);
- return;
- }
-
- loadPtr(Address(base, JSObject::butterflyOffset()), result);
- load64(Address(result, sizeof(JSValue) * offsetInButterfly(cachedOffset)), result);
-}
-
-void JIT::compileGetDirectOffset(JSObject* base, RegisterID result, PropertyOffset cachedOffset)
-{
- if (isInlineOffset(cachedOffset)) {
- load64(base->locationForOffset(cachedOffset), result);
- return;
- }
-
- loadPtr(base->butterflyAddress(), result);
- load64(Address(result, offsetInButterfly(cachedOffset) * sizeof(WriteBarrier<Unknown>)), result);
-}
-
void JIT::emitVarInjectionCheck(bool needsVarInjectionChecks)
{
if (!needsVarInjectionChecks)
@@ -804,8 +756,21 @@
void JIT::emitGetGlobalProperty(uintptr_t* operandSlot)
{
- load32(operandSlot, regT1);
- compileGetDirectOffset(regT0, regT0, regT1, regT2, KnownNotFinal);
+ GPRReg base = regT0;
+ GPRReg result = regT0;
+ GPRReg offset = regT1;
+ GPRReg scratch = regT2;
+
+ load32(operandSlot, offset);
+ if (!ASSERT_DISABLED) {
+ Jump isOutOfLine = branch32(GreaterThanOrEqual, offset, TrustedImm32(firstOutOfLineOffset));
+ abortWithReason(JITOffsetIsNotOutOfLine);
+ isOutOfLine.link(this);
+ }
+ loadPtr(Address(base, JSObject::butterflyOffset()), scratch);
+ neg32(offset);
+ signExtend32ToPtr(offset, offset);
+ load64(BaseIndex(scratch, offset, TimesEight, (firstOutOfLineOffset - 2) * sizeof(EncodedJSValue)), result);
}
void JIT::emitGetVarFromPointer(JSValue* operand, GPRReg reg)
Modified: trunk/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp (190672 => 190673)
--- trunk/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp 2015-10-07 17:28:38 UTC (rev 190672)
+++ trunk/Source/_javascript_Core/jit/JITPropertyAccess32_64.cpp 2015-10-07 18:04:54 UTC (rev 190673)
@@ -663,66 +663,6 @@
gen.reportSlowPathCall(coldPathBegin, call);
}
-// Compile a store into an object's property storage. May overwrite base.
-void JIT::compilePutDirectOffset(RegisterID base, RegisterID valueTag, RegisterID valuePayload, PropertyOffset cachedOffset)
-{
- if (isOutOfLineOffset(cachedOffset))
- loadPtr(Address(base, JSObject::butterflyOffset()), base);
- emitStore(indexRelativeToBase(cachedOffset), valueTag, valuePayload, base);
-}
-
-// Compile a load from an object's property storage. May overwrite base.
-void JIT::compileGetDirectOffset(RegisterID base, RegisterID resultTag, RegisterID resultPayload, PropertyOffset cachedOffset)
-{
- if (isInlineOffset(cachedOffset)) {
- emitLoad(indexRelativeToBase(cachedOffset), resultTag, resultPayload, base);
- return;
- }
-
- RegisterID temp = resultPayload;
- loadPtr(Address(base, JSObject::butterflyOffset()), temp);
- emitLoad(indexRelativeToBase(cachedOffset), resultTag, resultPayload, temp);
-}
-
-void JIT::compileGetDirectOffset(JSObject* base, RegisterID resultTag, RegisterID resultPayload, PropertyOffset cachedOffset)
-{
- if (isInlineOffset(cachedOffset)) {
- move(TrustedImmPtr(base->locationForOffset(cachedOffset)), resultTag);
- load32(Address(resultTag, OBJECT_OFFSETOF(JSValue, u.asBits.payload)), resultPayload);
- load32(Address(resultTag, OBJECT_OFFSETOF(JSValue, u.asBits.tag)), resultTag);
- return;
- }
-
- loadPtr(base->butterflyAddress(), resultTag);
- load32(Address(resultTag, offsetInButterfly(cachedOffset) * sizeof(WriteBarrier<Unknown>) + OBJECT_OFFSETOF(JSValue, u.asBits.payload)), resultPayload);
- load32(Address(resultTag, offsetInButterfly(cachedOffset) * sizeof(WriteBarrier<Unknown>) + OBJECT_OFFSETOF(JSValue, u.asBits.tag)), resultTag);
-}
-
-void JIT::compileGetDirectOffset(RegisterID base, RegisterID resultTag, RegisterID resultPayload, RegisterID offset, FinalObjectMode finalObjectMode)
-{
- ASSERT(sizeof(JSValue) == 8);
-
- if (finalObjectMode == MayBeFinal) {
- Jump isInline = branch32(LessThan, offset, TrustedImm32(firstOutOfLineOffset));
- loadPtr(Address(base, JSObject::butterflyOffset()), base);
- neg32(offset);
- Jump done = jump();
- isInline.link(this);
- addPtr(TrustedImmPtr(JSObject::offsetOfInlineStorage() - (firstOutOfLineOffset - 2) * sizeof(EncodedJSValue)), base);
- done.link(this);
- } else {
- if (!ASSERT_DISABLED) {
- Jump isOutOfLine = branch32(GreaterThanOrEqual, offset, TrustedImm32(firstOutOfLineOffset));
- abortWithReason(JITOffsetIsNotOutOfLine);
- isOutOfLine.link(this);
- }
- loadPtr(Address(base, JSObject::butterflyOffset()), base);
- neg32(offset);
- }
- load32(BaseIndex(base, offset, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.payload) + (firstOutOfLineOffset - 2) * sizeof(EncodedJSValue)), resultPayload);
- load32(BaseIndex(base, offset, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.tag) + (firstOutOfLineOffset - 2) * sizeof(EncodedJSValue)), resultTag);
-}
-
void JIT::emitVarInjectionCheck(bool needsVarInjectionChecks)
{
if (!needsVarInjectionChecks)
@@ -842,9 +782,22 @@
void JIT::emitGetGlobalProperty(uintptr_t* operandSlot)
{
- move(regT0, regT2);
- load32(operandSlot, regT3);
- compileGetDirectOffset(regT2, regT1, regT0, regT3, KnownNotFinal);
+ GPRReg base = regT2;
+ GPRReg resultTag = regT1;
+ GPRReg resultPayload = regT0;
+ GPRReg offset = regT3;
+
+ move(regT0, base);
+ load32(operandSlot, offset);
+ if (!ASSERT_DISABLED) {
+ Jump isOutOfLine = branch32(GreaterThanOrEqual, offset, TrustedImm32(firstOutOfLineOffset));
+ abortWithReason(JITOffsetIsNotOutOfLine);
+ isOutOfLine.link(this);
+ }
+ loadPtr(Address(base, JSObject::butterflyOffset()), base);
+ neg32(offset);
+ load32(BaseIndex(base, offset, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.payload) + (firstOutOfLineOffset - 2) * sizeof(EncodedJSValue)), resultPayload);
+ load32(BaseIndex(base, offset, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.tag) + (firstOutOfLineOffset - 2) * sizeof(EncodedJSValue)), resultTag);
}
void JIT::emitGetVarFromPointer(JSValue* operand, GPRReg tag, GPRReg payload)
