Ignore:
Timestamp:
Oct 19, 2017, 3:23:58 PM (8 years ago)
Author:
[email protected]
Message:

We should hard code the poly proto offset
https://bugs.webkit.org/show_bug.cgi?id=178531

Reviewed by Filip Pizlo.

This patch embraces that the poly proto offset is always zero. It's already
the case that we would always get the inline offset zero for poly proto just
by construction. This just hardcodes this assumption throughout the codebase.
This appears to be a 1% speedometer progression in my testing.

The downside of this patch is that it may require changing how we do
things when we implement poly proto when inheriting from builtin
types. I think we can face this problem when we decide to implement
that.

  • bytecode/AccessCase.cpp:

(JSC::AccessCase::generateWithGuard):

  • dfg/DFGOperations.cpp:
  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileInstanceOfForObject):
(JSC::DFG::SpeculativeJIT::compileGetPrototypeOf):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileGetPrototypeOf):
(JSC::FTL::DFG::LowerDFGToB3::compileInstanceOf):

  • jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_instanceof):

  • jit/JITOpcodes32_64.cpp:

(JSC::JIT::emit_op_instanceof):

  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

  • runtime/JSObject.cpp:

(JSC::JSObject::setPrototypeDirect):

  • runtime/JSObject.h:

(JSC::JSObject::locationForOffset const):
(JSC::JSObject::locationForOffset):
(JSC::JSObject::getDirect const):

  • runtime/PropertyOffset.h:
  • runtime/Structure.cpp:

(JSC::Structure::create):
(JSC::Structure::dump const):

  • runtime/Structure.h:
  • runtime/StructureInlines.h:

(JSC::Structure::storedPrototype const):
(JSC::Structure::storedPrototypeObject const):

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp

    r223614 r223715  
    32503250#if USE(JSVALUE64)
    32513251    m_jit.load64(MacroAssembler::Address(scratch3Reg, Structure::prototypeOffset()), scratch3Reg);
    3252     auto isMonoProto = m_jit.branchIfNotInt32(JSValueRegs(scratch3Reg));
    3253     m_jit.zeroExtend32ToPtr(scratch3Reg, scratch3Reg);
    3254     m_jit.load64(JITCompiler::BaseIndex(scratchReg, scratch3Reg, JITCompiler::TimesEight, JSObject::offsetOfInlineStorage()), scratch3Reg);
    3255     isMonoProto.link(&m_jit);
     3252    auto hasMonoProto = m_jit.branchTest64(JITCompiler::NonZero, scratch3Reg);
     3253    m_jit.load64(JITCompiler::Address(scratchReg, offsetRelativeToBase(knownPolyProtoOffset)), scratch3Reg);
     3254    hasMonoProto.link(&m_jit);
    32563255    m_jit.move(scratch3Reg, scratchReg);
    32573256#else
    32583257    m_jit.load32(MacroAssembler::Address(scratch3Reg, Structure::prototypeOffset() + TagOffset), scratch2Reg);
    32593258    m_jit.load32(MacroAssembler::Address(scratch3Reg, Structure::prototypeOffset() + PayloadOffset), scratch3Reg);
    3260     auto isMonoProto = m_jit.branch32(CCallHelpers::NotEqual, scratch2Reg, TrustedImm32(JSValue::Int32Tag));
    3261     m_jit.load32(JITCompiler::BaseIndex(scratchReg, scratch3Reg, JITCompiler::TimesEight, JSObject::offsetOfInlineStorage() + PayloadOffset), scratch3Reg);
    3262     isMonoProto.link(&m_jit);
     3259    auto hasMonoProto = m_jit.branch32(CCallHelpers::NotEqual, scratch2Reg, TrustedImm32(JSValue::EmptyValueTag));
     3260    m_jit.load32(JITCompiler::Address(scratchReg, offsetRelativeToBase(knownPolyProtoOffset) + PayloadOffset), scratch3Reg);
     3261    hasMonoProto.link(&m_jit);
    32633262    m_jit.move(scratch3Reg, scratchReg);
    32643263#endif
     
    1083110830            if (hasPolyProto && !hasMonoProto) {
    1083210831#if USE(JSVALUE64)
    10833                 m_jit.load64(MacroAssembler::Address(tempGPR, Structure::prototypeOffset()), tempGPR);
    10834                 m_jit.zeroExtend32ToPtr(tempGPR, tempGPR);
    10835                 m_jit.load64(JITCompiler::BaseIndex(objectGPR, tempGPR, JITCompiler::TimesEight, JSObject::offsetOfInlineStorage()), tempGPR);
     10832                m_jit.load64(JITCompiler::Address(objectGPR, offsetRelativeToBase(knownPolyProtoOffset)), tempGPR);
    1083610833                jsValueResult(tempGPR, node);
    1083710834#else
    10838                 m_jit.load32(MacroAssembler::Address(tempGPR, Structure::prototypeOffset() + PayloadOffset), tempGPR);
    10839                 m_jit.load32(JITCompiler::BaseIndex(objectGPR, tempGPR, JITCompiler::TimesEight, JSObject::offsetOfInlineStorage() + TagOffset), temp2GPR);
    10840                 m_jit.load32(JITCompiler::BaseIndex(objectGPR, tempGPR, JITCompiler::TimesEight, JSObject::offsetOfInlineStorage() + PayloadOffset), tempGPR);
     10835                m_jit.load32(JITCompiler::Address(objectGPR, offsetRelativeToBase(knownPolyProtoOffset) + TagOffset), temp2GPR);
     10836                m_jit.load32(JITCompiler::Address(objectGPR, offsetRelativeToBase(knownPolyProtoOffset) + PayloadOffset), tempGPR);
    1084110837                jsValueResult(temp2GPR, tempGPR, node);
    1084210838#endif
     
    1084710843#if USE(JSVALUE64)
    1084810844        m_jit.load64(MacroAssembler::Address(tempGPR, Structure::prototypeOffset()), tempGPR);
    10849         auto isMonoProto = m_jit.branchIfNotInt32(JSValueRegs(tempGPR));
    10850         m_jit.zeroExtend32ToPtr(tempGPR, tempGPR);
    10851         m_jit.load64(JITCompiler::BaseIndex(objectGPR, tempGPR, JITCompiler::TimesEight, JSObject::offsetOfInlineStorage()), tempGPR);
    10852         isMonoProto.link(&m_jit);
     10845        auto hasMonoProto = m_jit.branchTest64(JITCompiler::NonZero, tempGPR);
     10846        m_jit.load64(JITCompiler::Address(objectGPR, offsetRelativeToBase(knownPolyProtoOffset)), tempGPR);
     10847        hasMonoProto.link(&m_jit);
    1085310848        jsValueResult(tempGPR, node);
    1085410849#else
    1085510850        m_jit.load32(MacroAssembler::Address(tempGPR, Structure::prototypeOffset() + TagOffset), temp2GPR);
    1085610851        m_jit.load32(MacroAssembler::Address(tempGPR, Structure::prototypeOffset() + PayloadOffset), tempGPR);
    10857         auto isMonoProto = m_jit.branch32(CCallHelpers::NotEqual, temp2GPR, TrustedImm32(JSValue::Int32Tag));
    10858         m_jit.load32(JITCompiler::BaseIndex(objectGPR, tempGPR, JITCompiler::TimesEight, JSObject::offsetOfInlineStorage() + TagOffset), temp2GPR);
    10859         m_jit.load32(JITCompiler::BaseIndex(objectGPR, tempGPR, JITCompiler::TimesEight, JSObject::offsetOfInlineStorage() + PayloadOffset), tempGPR);
    10860         isMonoProto.link(&m_jit);
     10852        auto hasMonoProto = m_jit.branch32(CCallHelpers::NotEqual, temp2GPR, TrustedImm32(JSValue::EmptyValueTag));
     10853        m_jit.load32(JITCompiler::Address(objectGPR, offsetRelativeToBase(knownPolyProtoOffset) + TagOffset), temp2GPR);
     10854        m_jit.load32(JITCompiler::Address(objectGPR, offsetRelativeToBase(knownPolyProtoOffset) + PayloadOffset), tempGPR);
     10855        hasMonoProto.link(&m_jit);
    1086110856        jsValueResult(temp2GPR, tempGPR, node);
    1086210857#endif
Note: See TracChangeset for help on using the changeset viewer.