diff options
Diffstat (limited to 'Source/JavaScriptCore/jit')
| -rw-r--r-- | Source/JavaScriptCore/jit/HostCallReturnValue.cpp | 2 | ||||
| -rw-r--r-- | Source/JavaScriptCore/jit/JIT.cpp | 2 | ||||
| -rw-r--r-- | Source/JavaScriptCore/jit/JIT.h | 19 | ||||
| -rw-r--r-- | Source/JavaScriptCore/jit/JITArithmetic.cpp | 12 | ||||
| -rw-r--r-- | Source/JavaScriptCore/jit/JITArithmetic32_64.cpp | 2 | ||||
| -rw-r--r-- | Source/JavaScriptCore/jit/JITCall.cpp | 2 | ||||
| -rw-r--r-- | Source/JavaScriptCore/jit/JITCall32_64.cpp | 2 | ||||
| -rw-r--r-- | Source/JavaScriptCore/jit/JITExceptions.cpp | 2 | ||||
| -rw-r--r-- | Source/JavaScriptCore/jit/JITInlineMethods.h (renamed from Source/JavaScriptCore/jit/JITInlines.h) | 26 | ||||
| -rw-r--r-- | Source/JavaScriptCore/jit/JITOpcodes.cpp | 7 | ||||
| -rw-r--r-- | Source/JavaScriptCore/jit/JITOpcodes32_64.cpp | 2 | ||||
| -rw-r--r-- | Source/JavaScriptCore/jit/JITPropertyAccess.cpp | 91 | ||||
| -rw-r--r-- | Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp | 74 | ||||
| -rw-r--r-- | Source/JavaScriptCore/jit/JITStubs.cpp | 13 | ||||
| -rw-r--r-- | Source/JavaScriptCore/jit/JITStubs.h | 2 |
15 files changed, 41 insertions, 217 deletions
diff --git a/Source/JavaScriptCore/jit/HostCallReturnValue.cpp b/Source/JavaScriptCore/jit/HostCallReturnValue.cpp index 967c499b9..c4d2e6ad9 100644 --- a/Source/JavaScriptCore/jit/HostCallReturnValue.cpp +++ b/Source/JavaScriptCore/jit/HostCallReturnValue.cpp @@ -29,7 +29,7 @@ #include "CallFrame.h" #include <wtf/InlineASM.h> #include "JSObject.h" -#include "JSValueInlines.h" +#include "JSValueInlineMethods.h" namespace JSC { diff --git a/Source/JavaScriptCore/jit/JIT.cpp b/Source/JavaScriptCore/jit/JIT.cpp index ffd18b571..3102c7693 100644 --- a/Source/JavaScriptCore/jit/JIT.cpp +++ b/Source/JavaScriptCore/jit/JIT.cpp @@ -38,7 +38,7 @@ JSC::MacroAssemblerX86Common::SSE2CheckState JSC::MacroAssemblerX86Common::s_sse #include <wtf/CryptographicallyRandomNumber.h> #include "DFGNode.h" // for DFG_SUCCESS_STATS #include "Interpreter.h" -#include "JITInlines.h" +#include "JITInlineMethods.h" #include "JITStubCall.h" #include "JSArray.h" #include "JSFunction.h" diff --git a/Source/JavaScriptCore/jit/JIT.h b/Source/JavaScriptCore/jit/JIT.h index 9b0879fe2..dcf87d352 100644 --- a/Source/JavaScriptCore/jit/JIT.h +++ b/Source/JavaScriptCore/jit/JIT.h @@ -474,9 +474,7 @@ namespace JSC { // Property is int-checked and zero extended. Base is cell checked. // Structure is already profiled. Returns the slow cases. Fall-through // case contains result in regT0, and it is not yet profiled. - JumpList emitInt32GetByVal(Instruction* instruction, PatchableJump& badType) { return emitContiguousGetByVal(instruction, badType, Int32Shape); } - JumpList emitDoubleGetByVal(Instruction*, PatchableJump& badType); - JumpList emitContiguousGetByVal(Instruction*, PatchableJump& badType, IndexingType expectedShape = ContiguousShape); + JumpList emitContiguousGetByVal(Instruction*, PatchableJump& badType); JumpList emitArrayStorageGetByVal(Instruction*, PatchableJump& badType); JumpList emitIntTypedArrayGetByVal(Instruction*, PatchableJump& badType, const TypedArrayDescriptor&, size_t elementSize, TypedArraySignedness); JumpList emitFloatTypedArrayGetByVal(Instruction*, PatchableJump& badType, const TypedArrayDescriptor&, size_t elementSize); @@ -485,20 +483,7 @@ namespace JSC { // The value to store is not yet loaded. Property is int-checked and // zero-extended. Base is cell checked. Structure is already profiled. // returns the slow cases. - JumpList emitInt32PutByVal(Instruction* currentInstruction, PatchableJump& badType) - { - return emitGenericContiguousPutByVal<Int32Shape>(currentInstruction, badType); - } - JumpList emitDoublePutByVal(Instruction* currentInstruction, PatchableJump& badType) - { - return emitGenericContiguousPutByVal<DoubleShape>(currentInstruction, badType); - } - JumpList emitContiguousPutByVal(Instruction* currentInstruction, PatchableJump& badType) - { - return emitGenericContiguousPutByVal<ContiguousShape>(currentInstruction, badType); - } - template<IndexingType indexingShape> - JumpList emitGenericContiguousPutByVal(Instruction*, PatchableJump& badType); + JumpList emitContiguousPutByVal(Instruction*, PatchableJump& badType); JumpList emitArrayStoragePutByVal(Instruction*, PatchableJump& badType); JumpList emitIntTypedArrayPutByVal(Instruction*, PatchableJump& badType, const TypedArrayDescriptor&, size_t elementSize, TypedArraySignedness, TypedArrayRounding); JumpList emitFloatTypedArrayPutByVal(Instruction*, PatchableJump& badType, const TypedArrayDescriptor&, size_t elementSize); diff --git a/Source/JavaScriptCore/jit/JITArithmetic.cpp b/Source/JavaScriptCore/jit/JITArithmetic.cpp index bcb3dd74a..21d59bc33 100644 --- a/Source/JavaScriptCore/jit/JITArithmetic.cpp +++ b/Source/JavaScriptCore/jit/JITArithmetic.cpp @@ -29,7 +29,7 @@ #include "JIT.h" #include "CodeBlock.h" -#include "JITInlines.h" +#include "JITInlineMethods.h" #include "JITStubCall.h" #include "JITStubs.h" #include "JSArray.h" @@ -1090,20 +1090,18 @@ void JIT::emit_op_div(Instruction* currentInstruction) // access). So if we are DFG compiling anything in the program, we want this code to // ensure that it produces integers whenever possible. + // FIXME: This will fail to convert to integer if the result is zero. We should + // distinguish between positive zero and negative zero here. + JumpList notInteger; branchConvertDoubleToInt32(fpRegT0, regT0, notInteger, fpRegT1); // If we've got an integer, we might as well make that the result of the division. emitFastArithReTagImmediate(regT0, regT0); Jump isInteger = jump(); notInteger.link(this); - moveDoubleTo64(fpRegT0, regT0); - Jump doubleZero = branchTest64(Zero, regT0); add32(TrustedImm32(1), AbsoluteAddress(&m_codeBlock->addSpecialFastCaseProfile(m_bytecodeOffset)->m_counter)); + moveDoubleTo64(fpRegT0, regT0); sub64(tagTypeNumberRegister, regT0); - Jump trueDouble = jump(); - doubleZero.link(this); - move(tagTypeNumberRegister, regT0); - trueDouble.link(this); isInteger.link(this); #else // Double result. diff --git a/Source/JavaScriptCore/jit/JITArithmetic32_64.cpp b/Source/JavaScriptCore/jit/JITArithmetic32_64.cpp index 960d06091..62a359eeb 100644 --- a/Source/JavaScriptCore/jit/JITArithmetic32_64.cpp +++ b/Source/JavaScriptCore/jit/JITArithmetic32_64.cpp @@ -30,7 +30,7 @@ #include "JIT.h" #include "CodeBlock.h" -#include "JITInlines.h" +#include "JITInlineMethods.h" #include "JITStubCall.h" #include "JITStubs.h" #include "JSArray.h" diff --git a/Source/JavaScriptCore/jit/JITCall.cpp b/Source/JavaScriptCore/jit/JITCall.cpp index 006c5b741..074bf7f97 100644 --- a/Source/JavaScriptCore/jit/JITCall.cpp +++ b/Source/JavaScriptCore/jit/JITCall.cpp @@ -31,7 +31,7 @@ #include "Arguments.h" #include "CodeBlock.h" -#include "JITInlines.h" +#include "JITInlineMethods.h" #include "JITStubCall.h" #include "JSArray.h" #include "JSFunction.h" diff --git a/Source/JavaScriptCore/jit/JITCall32_64.cpp b/Source/JavaScriptCore/jit/JITCall32_64.cpp index ecd5cf126..ad827cdf9 100644 --- a/Source/JavaScriptCore/jit/JITCall32_64.cpp +++ b/Source/JavaScriptCore/jit/JITCall32_64.cpp @@ -32,7 +32,7 @@ #include "Arguments.h" #include "CodeBlock.h" #include "Interpreter.h" -#include "JITInlines.h" +#include "JITInlineMethods.h" #include "JITStubCall.h" #include "JSArray.h" #include "JSFunction.h" diff --git a/Source/JavaScriptCore/jit/JITExceptions.cpp b/Source/JavaScriptCore/jit/JITExceptions.cpp index aeb869474..f6cec24bd 100644 --- a/Source/JavaScriptCore/jit/JITExceptions.cpp +++ b/Source/JavaScriptCore/jit/JITExceptions.cpp @@ -39,7 +39,7 @@ namespace JSC { ExceptionHandler genericThrow(JSGlobalData* globalData, ExecState* callFrame, JSValue exceptionValue, unsigned vPCIndex) { ASSERT(exceptionValue); - + globalData->exception = JSValue(); HandlerInfo* handler = globalData->interpreter->throwException(callFrame, exceptionValue, vPCIndex); // This may update callFrame & exceptionValue! globalData->exception = exceptionValue; diff --git a/Source/JavaScriptCore/jit/JITInlines.h b/Source/JavaScriptCore/jit/JITInlineMethods.h index e6f95b94c..410bdf710 100644 --- a/Source/JavaScriptCore/jit/JITInlines.h +++ b/Source/JavaScriptCore/jit/JITInlineMethods.h @@ -23,8 +23,8 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#ifndef JITInlines_h -#define JITInlines_h +#ifndef JITInlineMethods_h +#define JITInlineMethods_h #if ENABLE(JIT) @@ -528,12 +528,12 @@ inline void JIT::emitArrayProfileStoreToHoleSpecialCase(ArrayProfile* arrayProfi #endif } -static inline bool arrayProfileSaw(ArrayModes arrayModes, IndexingType capability) +static inline bool arrayProfileSaw(ArrayProfile* profile, IndexingType capability) { #if ENABLE(VALUE_PROFILER) - return arrayModesInclude(arrayModes, capability); + return !!(profile->observedArrayModes() & (asArrayModes(NonArray | capability) | asArrayModes(ArrayClass | capability))); #else - UNUSED_PARAM(arrayModes); + UNUSED_PARAM(profile); UNUSED_PARAM(capability); return false; #endif @@ -541,20 +541,9 @@ static inline bool arrayProfileSaw(ArrayModes arrayModes, IndexingType capabilit inline JITArrayMode JIT::chooseArrayMode(ArrayProfile* profile) { -#if ENABLE(VALUE_PROFILER) - profile->computeUpdatedPrediction(m_codeBlock); - ArrayModes arrayModes = profile->observedArrayModes(); - if (arrayProfileSaw(arrayModes, DoubleShape)) - return JITDouble; - if (arrayProfileSaw(arrayModes, Int32Shape)) - return JITInt32; - if (arrayProfileSaw(arrayModes, ArrayStorageShape)) + if (arrayProfileSaw(profile, ArrayStorageShape)) return JITArrayStorage; return JITContiguous; -#else - UNUSED_PARAM(profile); - return JITContiguous; -#endif } #if USE(JSVALUE32_64) @@ -1009,5 +998,4 @@ ALWAYS_INLINE void JIT::emitTagAsBoolImmediate(RegisterID reg) #endif // ENABLE(JIT) -#endif // JITInlines_h - +#endif diff --git a/Source/JavaScriptCore/jit/JITOpcodes.cpp b/Source/JavaScriptCore/jit/JITOpcodes.cpp index 3053918b8..4fb9d8cd5 100644 --- a/Source/JavaScriptCore/jit/JITOpcodes.cpp +++ b/Source/JavaScriptCore/jit/JITOpcodes.cpp @@ -29,9 +29,9 @@ #include "JIT.h" #include "Arguments.h" -#include "CopiedSpaceInlines.h" +#include "CopiedSpaceInlineMethods.h" #include "Heap.h" -#include "JITInlines.h" +#include "JITInlineMethods.h" #include "JITStubCall.h" #include "JSArray.h" #include "JSCell.h" @@ -1952,7 +1952,6 @@ void JIT::emit_op_new_array(Instruction* currentInstruction) JITStubCall stubCall(this, cti_op_new_array); stubCall.addArgument(TrustedImm32(currentInstruction[2].u.operand)); stubCall.addArgument(TrustedImm32(currentInstruction[3].u.operand)); - stubCall.addArgument(TrustedImmPtr(currentInstruction[4].u.arrayAllocationProfile)); stubCall.call(currentInstruction[1].u.operand); } @@ -1964,7 +1963,6 @@ void JIT::emit_op_new_array_with_size(Instruction* currentInstruction) #else stubCall.addArgument(currentInstruction[2].u.operand); #endif - stubCall.addArgument(TrustedImmPtr(currentInstruction[3].u.arrayAllocationProfile)); stubCall.call(currentInstruction[1].u.operand); } @@ -1973,7 +1971,6 @@ void JIT::emit_op_new_array_buffer(Instruction* currentInstruction) JITStubCall stubCall(this, cti_op_new_array_buffer); stubCall.addArgument(TrustedImm32(currentInstruction[2].u.operand)); stubCall.addArgument(TrustedImm32(currentInstruction[3].u.operand)); - stubCall.addArgument(TrustedImmPtr(currentInstruction[4].u.arrayAllocationProfile)); stubCall.call(currentInstruction[1].u.operand); } diff --git a/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp b/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp index 23361c099..9c5d260ab 100644 --- a/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp +++ b/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp @@ -30,7 +30,7 @@ #if USE(JSVALUE32_64) #include "JIT.h" -#include "JITInlines.h" +#include "JITInlineMethods.h" #include "JITStubCall.h" #include "JSArray.h" #include "JSCell.h" diff --git a/Source/JavaScriptCore/jit/JITPropertyAccess.cpp b/Source/JavaScriptCore/jit/JITPropertyAccess.cpp index 3110be38c..6362598f4 100644 --- a/Source/JavaScriptCore/jit/JITPropertyAccess.cpp +++ b/Source/JavaScriptCore/jit/JITPropertyAccess.cpp @@ -32,7 +32,7 @@ #include "GCAwareJITStubRoutine.h" #include "GetterSetter.h" #include "Interpreter.h" -#include "JITInlines.h" +#include "JITInlineMethods.h" #include "JITStubCall.h" #include "JSArray.h" #include "JSFunction.h" @@ -98,7 +98,7 @@ void JIT::emit_op_get_by_val(Instruction* currentInstruction) unsigned base = currentInstruction[2].u.operand; unsigned property = currentInstruction[3].u.operand; ArrayProfile* profile = currentInstruction[4].u.arrayProfile; - + emitGetVirtualRegisters(base, regT0, property, regT1); emitJumpSlowCaseIfNotImmediateInteger(regT1); @@ -120,12 +120,6 @@ void JIT::emit_op_get_by_val(Instruction* currentInstruction) JITArrayMode mode = chooseArrayMode(profile); switch (mode) { - case JITInt32: - slowCases = emitInt32GetByVal(currentInstruction, badType); - break; - case JITDouble: - slowCases = emitDoubleGetByVal(currentInstruction, badType); - break; case JITContiguous: slowCases = emitContiguousGetByVal(currentInstruction, badType); break; @@ -154,26 +148,11 @@ void JIT::emit_op_get_by_val(Instruction* currentInstruction) m_byValCompilationInfo.append(ByValCompilationInfo(m_bytecodeOffset, badType, mode, done)); } -JIT::JumpList JIT::emitDoubleGetByVal(Instruction*, PatchableJump& badType) +JIT::JumpList JIT::emitContiguousGetByVal(Instruction*, PatchableJump& badType) { JumpList slowCases; - badType = patchableBranch32(NotEqual, regT2, TrustedImm32(DoubleShape)); - loadPtr(Address(regT0, JSObject::butterflyOffset()), regT2); - slowCases.append(branch32(AboveOrEqual, regT1, Address(regT2, Butterfly::offsetOfPublicLength()))); - loadDouble(BaseIndex(regT2, regT1, TimesEight), fpRegT0); - slowCases.append(branchDouble(DoubleNotEqualOrUnordered, fpRegT0, fpRegT0)); - moveDoubleTo64(fpRegT0, regT0); - sub64(tagTypeNumberRegister, regT0); - - return slowCases; -} - -JIT::JumpList JIT::emitContiguousGetByVal(Instruction*, PatchableJump& badType, IndexingType expectedShape) -{ - JumpList slowCases; - - badType = patchableBranch32(NotEqual, regT2, TrustedImm32(expectedShape)); + badType = patchableBranch32(NotEqual, regT2, TrustedImm32(ContiguousShape)); loadPtr(Address(regT0, JSObject::butterflyOffset()), regT2); slowCases.append(branch32(AboveOrEqual, regT1, Address(regT2, Butterfly::offsetOfPublicLength()))); load64(BaseIndex(regT2, regT1, TimesEight), regT0); @@ -325,12 +304,6 @@ void JIT::emit_op_put_by_val(Instruction* currentInstruction) JITArrayMode mode = chooseArrayMode(profile); switch (mode) { - case JITInt32: - slowCases = emitInt32PutByVal(currentInstruction, badType); - break; - case JITDouble: - slowCases = emitDoublePutByVal(currentInstruction, badType); - break; case JITContiguous: slowCases = emitContiguousPutByVal(currentInstruction, badType); break; @@ -352,49 +325,24 @@ void JIT::emit_op_put_by_val(Instruction* currentInstruction) emitWriteBarrier(regT0, regT3, regT1, regT3, ShouldFilterImmediates, WriteBarrierForPropertyAccess); } -template<IndexingType indexingShape> -JIT::JumpList JIT::emitGenericContiguousPutByVal(Instruction* currentInstruction, PatchableJump& badType) +JIT::JumpList JIT::emitContiguousPutByVal(Instruction* currentInstruction, PatchableJump& badType) { unsigned value = currentInstruction[3].u.operand; ArrayProfile* profile = currentInstruction[4].u.arrayProfile; - JumpList slowCases; - - badType = patchableBranch32(NotEqual, regT2, TrustedImm32(indexingShape)); + badType = patchableBranch32(NotEqual, regT2, TrustedImm32(ContiguousShape)); loadPtr(Address(regT0, JSObject::butterflyOffset()), regT2); Jump outOfBounds = branch32(AboveOrEqual, regT1, Address(regT2, Butterfly::offsetOfPublicLength())); Label storeResult = label(); emitGetVirtualRegister(value, regT3); - switch (indexingShape) { - case Int32Shape: - slowCases.append(emitJumpIfNotImmediateInteger(regT3)); - store64(regT3, BaseIndex(regT2, regT1, TimesEight)); - break; - case DoubleShape: { - Jump notInt = emitJumpIfNotImmediateInteger(regT3); - convertInt32ToDouble(regT3, fpRegT0); - Jump ready = jump(); - notInt.link(this); - add64(tagTypeNumberRegister, regT3); - move64ToDouble(regT3, fpRegT0); - slowCases.append(branchDouble(DoubleNotEqualOrUnordered, fpRegT0, fpRegT0)); - ready.link(this); - storeDouble(fpRegT0, BaseIndex(regT2, regT1, TimesEight)); - break; - } - case ContiguousShape: - store64(regT3, BaseIndex(regT2, regT1, TimesEight)); - break; - default: - CRASH(); - break; - } + store64(regT3, BaseIndex(regT2, regT1, TimesEight)); Jump done = jump(); outOfBounds.link(this); + JumpList slowCases; slowCases.append(branch32(AboveOrEqual, regT1, Address(regT2, Butterfly::offsetOfVectorLength()))); emitArrayProfileStoreToHoleSpecialCase(profile); @@ -446,23 +394,12 @@ void JIT::emitSlow_op_put_by_val(Instruction* currentInstruction, Vector<SlowCas unsigned base = currentInstruction[1].u.operand; unsigned property = currentInstruction[2].u.operand; unsigned value = currentInstruction[3].u.operand; - ArrayProfile* profile = currentInstruction[4].u.arrayProfile; linkSlowCase(iter); // property int32 check linkSlowCaseIfNotJSCell(iter, base); // base cell check linkSlowCase(iter); // base not array check linkSlowCase(iter); // out of bounds - JITArrayMode mode = chooseArrayMode(profile); - switch (mode) { - case JITInt32: - case JITDouble: - linkSlowCase(iter); // value type check - break; - default: - break; - } - Label slowPath = label(); JITStubCall stubPutByValCall(this, cti_op_put_by_val); @@ -1375,12 +1312,6 @@ void JIT::privateCompileGetByVal(ByValInfo* byValInfo, ReturnAddressPtr returnAd JumpList slowCases; switch (arrayMode) { - case JITInt32: - slowCases = emitInt32GetByVal(currentInstruction, badType); - break; - case JITDouble: - slowCases = emitDoubleGetByVal(currentInstruction, badType); - break; case JITContiguous: slowCases = emitContiguousGetByVal(currentInstruction, badType); break; @@ -1444,12 +1375,6 @@ void JIT::privateCompilePutByVal(ByValInfo* byValInfo, ReturnAddressPtr returnAd JumpList slowCases; switch (arrayMode) { - case JITInt32: - slowCases = emitInt32PutByVal(currentInstruction, badType); - break; - case JITDouble: - slowCases = emitDoublePutByVal(currentInstruction, badType); - break; case JITContiguous: slowCases = emitContiguousPutByVal(currentInstruction, badType); break; diff --git a/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp b/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp index 414827420..939766f04 100644 --- a/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp +++ b/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp @@ -32,7 +32,7 @@ #include "CodeBlock.h" #include "GCAwareJITStubRoutine.h" #include "Interpreter.h" -#include "JITInlines.h" +#include "JITInlineMethods.h" #include "JITStubCall.h" #include "JSArray.h" #include "JSFunction.h" @@ -153,12 +153,6 @@ void JIT::emit_op_get_by_val(Instruction* currentInstruction) JITArrayMode mode = chooseArrayMode(profile); switch (mode) { - case JITInt32: - slowCases = emitInt32GetByVal(currentInstruction, badType); - break; - case JITDouble: - slowCases = emitDoubleGetByVal(currentInstruction, badType); - break; case JITContiguous: slowCases = emitContiguousGetByVal(currentInstruction, badType); break; @@ -187,11 +181,11 @@ void JIT::emit_op_get_by_val(Instruction* currentInstruction) m_byValCompilationInfo.append(ByValCompilationInfo(m_bytecodeOffset, badType, mode, done)); } -JIT::JumpList JIT::emitContiguousGetByVal(Instruction*, PatchableJump& badType, IndexingType expectedShape) +JIT::JumpList JIT::emitContiguousGetByVal(Instruction*, PatchableJump& badType) { JumpList slowCases; - badType = patchableBranch32(NotEqual, regT1, TrustedImm32(expectedShape)); + badType = patchableBranch32(NotEqual, regT1, TrustedImm32(ContiguousShape)); loadPtr(Address(regT0, JSObject::butterflyOffset()), regT3); slowCases.append(branch32(AboveOrEqual, regT2, Address(regT3, Butterfly::offsetOfPublicLength()))); @@ -203,22 +197,6 @@ JIT::JumpList JIT::emitContiguousGetByVal(Instruction*, PatchableJump& badType, return slowCases; } -JIT::JumpList JIT::emitDoubleGetByVal(Instruction*, PatchableJump& badType) -{ - JumpList slowCases; - - badType = patchableBranch32(NotEqual, regT1, TrustedImm32(DoubleShape)); - - loadPtr(Address(regT0, JSObject::butterflyOffset()), regT3); - slowCases.append(branch32(AboveOrEqual, regT2, Address(regT3, Butterfly::offsetOfPublicLength()))); - - loadDouble(BaseIndex(regT3, regT2, TimesEight), fpRegT0); - slowCases.append(branchDouble(DoubleNotEqualOrUnordered, fpRegT0, fpRegT0)); - moveDoubleToInts(fpRegT0, regT0, regT1); - - return slowCases; -} - JIT::JumpList JIT::emitArrayStorageGetByVal(Instruction*, PatchableJump& badType) { JumpList slowCases; @@ -292,12 +270,6 @@ void JIT::emit_op_put_by_val(Instruction* currentInstruction) JITArrayMode mode = chooseArrayMode(profile); switch (mode) { - case JITInt32: - slowCases = emitInt32PutByVal(currentInstruction, badType); - break; - case JITDouble: - slowCases = emitDoublePutByVal(currentInstruction, badType); - break; case JITContiguous: slowCases = emitContiguousPutByVal(currentInstruction, badType); break; @@ -317,8 +289,7 @@ void JIT::emit_op_put_by_val(Instruction* currentInstruction) m_byValCompilationInfo.append(ByValCompilationInfo(m_bytecodeOffset, badType, mode, done)); } -template<IndexingType indexingShape> -JIT::JumpList JIT::emitGenericContiguousPutByVal(Instruction* currentInstruction, PatchableJump& badType) +JIT::JumpList JIT::emitContiguousPutByVal(Instruction* currentInstruction, PatchableJump& badType) { unsigned value = currentInstruction[3].u.operand; ArrayProfile* profile = currentInstruction[4].u.arrayProfile; @@ -332,30 +303,8 @@ JIT::JumpList JIT::emitGenericContiguousPutByVal(Instruction* currentInstruction Label storeResult = label(); emitLoad(value, regT1, regT0); - switch (indexingShape) { - case Int32Shape: - slowCases.append(branch32(NotEqual, regT1, TrustedImm32(JSValue::Int32Tag))); - // Fall through. - case ContiguousShape: - store32(regT0, BaseIndex(regT3, regT2, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.payload))); - store32(regT1, BaseIndex(regT3, regT2, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.tag))); - break; - case DoubleShape: { - Jump notInt = branch32(NotEqual, regT1, TrustedImm32(JSValue::Int32Tag)); - convertInt32ToDouble(regT0, fpRegT0); - Jump ready = jump(); - notInt.link(this); - moveIntsToDouble(regT0, regT1, fpRegT0, fpRegT1); - slowCases.append(branchDouble(DoubleNotEqualOrUnordered, fpRegT0, fpRegT0)); - ready.link(this); - storeDouble(fpRegT0, BaseIndex(regT3, regT2, TimesEight)); - break; - } - default: - CRASH(); - break; - } - + store32(regT0, BaseIndex(regT3, regT2, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.payload))); + store32(regT1, BaseIndex(regT3, regT2, TimesEight, OBJECT_OFFSETOF(JSValue, u.asBits.tag))); Jump done = jump(); outOfBounds.link(this); @@ -415,23 +364,12 @@ void JIT::emitSlow_op_put_by_val(Instruction* currentInstruction, Vector<SlowCas unsigned base = currentInstruction[1].u.operand; unsigned property = currentInstruction[2].u.operand; unsigned value = currentInstruction[3].u.operand; - ArrayProfile* profile = currentInstruction[4].u.arrayProfile; linkSlowCase(iter); // property int32 check linkSlowCaseIfNotJSCell(iter, base); // base cell check linkSlowCase(iter); // base not array check linkSlowCase(iter); // out of bounds - JITArrayMode mode = chooseArrayMode(profile); - switch (mode) { - case JITInt32: - case JITDouble: - linkSlowCase(iter); // value type check - break; - default: - break; - } - Label slowPath = label(); JITStubCall stubPutByValCall(this, cti_op_put_by_val); diff --git a/Source/JavaScriptCore/jit/JITStubs.cpp b/Source/JavaScriptCore/jit/JITStubs.cpp index 521dfacfd..5ddb98dee 100644 --- a/Source/JavaScriptCore/jit/JITStubs.cpp +++ b/Source/JavaScriptCore/jit/JITStubs.cpp @@ -1877,11 +1877,6 @@ DEFINE_STUB_FUNCTION(void, optimize) ASSERT(optimizedCodeBlock->getJITType() == JITCode::DFGJIT); if (void* address = DFG::prepareOSREntry(callFrame, optimizedCodeBlock, bytecodeIndex)) { - if (Options::showDFGDisassembly()) { - dataLog( - "Performing OSR from code block %p to code block %p, address %p to %p.\n", - codeBlock, optimizedCodeBlock, (STUB_RETURN_ADDRESS).value(), address); - } #if ENABLE(JIT_VERBOSE_OSR) dataLog("Optimizing %p succeeded, performing OSR after a delay of %u.\n", codeBlock, codeBlock->optimizationDelayCounter()); #endif @@ -2233,21 +2228,21 @@ DEFINE_STUB_FUNCTION(JSObject*, op_new_array) { STUB_INIT_STACK_FRAME(stackFrame); - return constructArray(stackFrame.callFrame, stackFrame.args[2].arrayAllocationProfile(), reinterpret_cast<JSValue*>(&stackFrame.callFrame->registers()[stackFrame.args[0].int32()]), stackFrame.args[1].int32()); + return constructArray(stackFrame.callFrame, reinterpret_cast<JSValue*>(&stackFrame.callFrame->registers()[stackFrame.args[0].int32()]), stackFrame.args[1].int32()); } DEFINE_STUB_FUNCTION(JSObject*, op_new_array_with_size) { STUB_INIT_STACK_FRAME(stackFrame); - return constructArrayWithSizeQuirk(stackFrame.callFrame, stackFrame.args[1].arrayAllocationProfile(), stackFrame.callFrame->lexicalGlobalObject(), stackFrame.args[0].jsValue()); + return constructArrayWithSizeQuirk(stackFrame.callFrame, stackFrame.callFrame->lexicalGlobalObject(), stackFrame.args[0].jsValue()); } DEFINE_STUB_FUNCTION(JSObject*, op_new_array_buffer) { STUB_INIT_STACK_FRAME(stackFrame); - return constructArray(stackFrame.callFrame, stackFrame.args[2].arrayAllocationProfile(), stackFrame.callFrame->codeBlock()->constantBuffer(stackFrame.args[0].int32()), stackFrame.args[1].int32()); + return constructArray(stackFrame.callFrame, stackFrame.callFrame->codeBlock()->constantBuffer(stackFrame.args[0].int32()), stackFrame.args[1].int32()); } DEFINE_STUB_FUNCTION(void, op_init_global_const_check) @@ -2475,7 +2470,7 @@ DEFINE_STUB_FUNCTION(void, op_put_by_val) JSValue baseValue = stackFrame.args[0].jsValue(); JSValue subscript = stackFrame.args[1].jsValue(); JSValue value = stackFrame.args[2].jsValue(); - + if (baseValue.isObject() && subscript.isInt32()) { // See if it's worth optimizing at all. JSObject* object = asObject(baseValue); diff --git a/Source/JavaScriptCore/jit/JITStubs.h b/Source/JavaScriptCore/jit/JITStubs.h index 3bf13bbdf..5761236b1 100644 --- a/Source/JavaScriptCore/jit/JITStubs.h +++ b/Source/JavaScriptCore/jit/JITStubs.h @@ -45,7 +45,6 @@ namespace JSC { struct StructureStubInfo; - class ArrayAllocationProfile; class CodeBlock; class ExecutablePool; class FunctionExecutable; @@ -86,7 +85,6 @@ namespace JSC { ReturnAddressPtr returnAddress() { return ReturnAddressPtr(asPointer); } ResolveOperations* resolveOperations() { return static_cast<ResolveOperations*>(asPointer); } PutToBaseOperation* putToBaseOperation() { return static_cast<PutToBaseOperation*>(asPointer); } - ArrayAllocationProfile* arrayAllocationProfile() { return static_cast<ArrayAllocationProfile*>(asPointer); } }; struct TrampolineStructure { |