Changeset 47597 in webkit

Timestamp:

Aug 20, 2009, 2:49:07 PM (16 years ago)

Author:

[email protected]

Message:

Remove FunctionCodeBlock.
​https://bugs.webkit.org/show_bug.cgi?id=28502

Reviewed by Oliver Hunt.

These only exist to allow JIT code to dereference properties off the
CodeBlock for any callee, regardless of whether it is a host function.

Instead just use the FunctionExecutable. Copy the m_parameters field
from the CodeBlock into the Executable, and use this to distinguish
between host functions, functions that have been bytecompiled, and
functions that have not.

m_parameters is moved to ExecutableBase rather than FunctionExecutable
so that (as a separate change) we can move make a separate class of
executable for host code, which is not devived from FunctionExecutable
(host code does not feature any of the properties that normal executable
do and will provide, such as source, attributes, and a parsed name).

1% win on v8 tests, 0.5% on sunspider.

• bytecode/CodeBlock.cpp:

(JSC::CodeBlock::derefStructures):
(JSC::CodeBlock::refStructures):
(JSC::CodeBlock::reparseForExceptionInfoIfNecessary):
(JSC::CodeBlock::handlerForBytecodeOffset):
(JSC::CodeBlock::lineNumberForBytecodeOffset):
(JSC::CodeBlock::expressionRangeForBytecodeOffset):
(JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
(JSC::CodeBlock::functionRegisterForBytecodeOffset):
(JSC::CodeBlock::hasGlobalResolveInstructionAtBytecodeOffset):
(JSC::CodeBlock::hasGlobalResolveInfoAtBytecodeOffset):

• bytecode/CodeBlock.h:

(JSC::):
(JSC::CodeBlock::source):
(JSC::CodeBlock::sourceOffset):
(JSC::CodeBlock::evalCodeCache):
(JSC::CodeBlock::createRareDataIfNecessary):

remove NativeCodeBlocks and the NativeCode code type.

• jit/JIT.cpp:

(JSC::JIT::linkCall):

Revert to previous behaviour (as currently still commented!) that Hhost functions have a null codeblock.

• jit/JITCall.cpp:

(JSC::JIT::compileOpCallInitializeCallFrame):
(JSC::JIT::compileOpCallSetupArgs):
(JSC::JIT::compileOpCallVarargsSetupArgs):
(JSC::JIT::compileOpConstructSetupArgs):
(JSC::JIT::compileOpCallVarargs):
(JSC::JIT::compileOpCall):
(JSC::JIT::compileOpCallSlowCase):

Bring the 32_64 & non-32_64 JITs into line with each other, callee in regT0.

• jit/JITOpcodes.cpp:

(JSC::JIT::privateCompileCTIMachineTrampolines):

Rewrite call trampolines to not use the CodeBlock.

• jit/JITStubs.cpp:

(JSC::DEFINE_STUB_FUNCTION):

Make call_JSFunction & call_arityCheck return the callee, don't expect to be passed the CodeBlock.

• runtime/Executable.cpp:

(JSC::FunctionExecutable::generateBytecode):
(JSC::FunctionExecutable::recompile):
(JSC::FunctionExecutable::FunctionExecutable):

• runtime/Executable.h:

(JSC::ExecutableBase::):
(JSC::ExecutableBase::ExecutableBase):
(JSC::FunctionExecutable::isHostFunction):

Add m_numParameters.

• runtime/JSFunction.cpp:

(JSC::JSFunction::~JSFunction):

Only call generatedBytecode() on JSFunctions non-host FunctionExecutables.

Location:

trunk/JavaScriptCore

Files:

• ChangeLog (modified) (1 diff)
• bytecode/CodeBlock.cpp (modified) (11 diffs)
• bytecode/CodeBlock.h (modified) (6 diffs)
• jit/JIT.cpp (modified) (1 diff)
• jit/JITCall.cpp (modified) (14 diffs)
• jit/JITOpcodes.cpp (modified) (4 diffs)
• jit/JITStubs.cpp (modified) (4 diffs)
• runtime/Executable.cpp (modified) (4 diffs)
• runtime/Executable.h (modified) (3 diffs)
• runtime/JSFunction.cpp (modified) (1 diff)

trunk/JavaScriptCore/ChangeLog

@@ +1 @@
+2009-08-20  Gavin Barraclough  <[email protected]>
+
+        Reviewed by Oliver Hunt.
+
+        Remove FunctionCodeBlock.
+        https://bugs.webkit.org/show_bug.cgi?id=28502
+
+        These only exist to allow JIT code to dereference properties off the
+        CodeBlock for any callee, regardless of whether it is a host function.
+
+        Instead just use the FunctionExecutable.  Copy the m_parameters field
+        from the CodeBlock into the Executable, and use this to distinguish
+        between host functions, functions that have been bytecompiled, and
+        functions that have not.
+
+        m_parameters is moved to ExecutableBase rather than FunctionExecutable
+        so that (as a separate change) we can move make a separate class of
+        executable for host code, which is not devived from FunctionExecutable
+        (host code does not feature any of the properties that normal executable
+        do and will provide, such as source, attributes, and a parsed name).
+
+        1% win on v8 tests, 0.5% on sunspider.
+
+        * bytecode/CodeBlock.cpp:
+        (JSC::CodeBlock::derefStructures):
+        (JSC::CodeBlock::refStructures):
+        (JSC::CodeBlock::reparseForExceptionInfoIfNecessary):
+        (JSC::CodeBlock::handlerForBytecodeOffset):
+        (JSC::CodeBlock::lineNumberForBytecodeOffset):
+        (JSC::CodeBlock::expressionRangeForBytecodeOffset):
+        (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
+        (JSC::CodeBlock::functionRegisterForBytecodeOffset):
+        (JSC::CodeBlock::hasGlobalResolveInstructionAtBytecodeOffset):
+        (JSC::CodeBlock::hasGlobalResolveInfoAtBytecodeOffset):
+        * bytecode/CodeBlock.h:
+        (JSC::):
+        (JSC::CodeBlock::source):
+        (JSC::CodeBlock::sourceOffset):
+        (JSC::CodeBlock::evalCodeCache):
+        (JSC::CodeBlock::createRareDataIfNecessary):
+        
+            remove NativeCodeBlocks and the NativeCode code type.
+        
+        * jit/JIT.cpp:
+        (JSC::JIT::linkCall):
+
+            Revert to previous behaviour (as currently still commented!) that Hhost functions have a null codeblock.
+
+        * jit/JITCall.cpp:
+        (JSC::JIT::compileOpCallInitializeCallFrame):
+        (JSC::JIT::compileOpCallSetupArgs):
+        (JSC::JIT::compileOpCallVarargsSetupArgs):
+        (JSC::JIT::compileOpConstructSetupArgs):
+        (JSC::JIT::compileOpCallVarargs):
+        (JSC::JIT::compileOpCall):
+        (JSC::JIT::compileOpCallSlowCase):
+
+            Bring the 32_64 & non-32_64 JITs into line with each other, callee in regT0.
+
+        * jit/JITOpcodes.cpp:
+        (JSC::JIT::privateCompileCTIMachineTrampolines):
+
+            Rewrite call trampolines to not use the CodeBlock.
+
+        * jit/JITStubs.cpp:
+        (JSC::DEFINE_STUB_FUNCTION):
+
+            Make call_JSFunction & call_arityCheck return the callee, don't expect to be passed the CodeBlock.
+
+        * runtime/Executable.cpp:
+        (JSC::FunctionExecutable::generateBytecode):
+        (JSC::FunctionExecutable::recompile):
+        (JSC::FunctionExecutable::FunctionExecutable):
+        * runtime/Executable.h:
+        (JSC::ExecutableBase::):
+        (JSC::ExecutableBase::ExecutableBase):
+        (JSC::FunctionExecutable::isHostFunction):
+
+            Add m_numParameters.
+
+        * runtime/JSFunction.cpp:
+        (JSC::JSFunction::~JSFunction):
+
+            Only call generatedBytecode() on JSFunctions non-host FunctionExecutables.
+
 2009-08-20  Yongjun Zhang  <[email protected]>
 

trunk/JavaScriptCore/bytecode/CodeBlock.cpp

@@ -1249 +1249 @@
 }
 
-CodeBlock::CodeBlock(ExecutableBase* ownerExecutable)
-    : m_numCalleeRegisters(0)
-    , m_numVars(0)
-    , m_numParameters(0)
-    , m_ownerExecutable(ownerExecutable)
-    , m_globalData(0)
-#ifndef NDEBUG
-    , m_instructionCount(0)
-#endif
-    , m_needsFullScopeChain(false)
-    , m_usesEval(false)
-    , m_isNumericCompareFunction(false)
-    , m_codeType(NativeCode)
-    , m_source(0)
-    , m_sourceOffset(0)
-    , m_exceptionInfo(0)
-{
-#if DUMP_CODE_BLOCK_STATISTICS
-    liveCodeBlockSet.add(this);
-#endif
-}
-
 CodeBlock::CodeBlock(ExecutableBase* ownerExecutable, CodeType codeType, PassRefPtr<SourceProvider> sourceProvider, unsigned sourceOffset)
     : m_numCalleeRegisters(0)
@@ -1353 +1331 @@
 void CodeBlock::derefStructures(Instruction* vPC) const
 {
-    ASSERT(m_codeType != NativeCode);
     Interpreter* interpreter = m_globalData->interpreter;
 
@@ -1399 +1376 @@
 void CodeBlock::refStructures(Instruction* vPC) const
 {
-    ASSERT(m_codeType != NativeCode);
     Interpreter* interpreter = m_globalData->interpreter;
 
@@ -1446 +1422 @@
 void CodeBlock::reparseForExceptionInfoIfNecessary(CallFrame* callFrame)
 {
-    ASSERT(m_codeType != NativeCode);
     if (m_exceptionInfo)
         return;
@@ -1468 +1443 @@
 HandlerInfo* CodeBlock::handlerForBytecodeOffset(unsigned bytecodeOffset)
 {
-    ASSERT(m_codeType != NativeCode);
     ASSERT(bytecodeOffset < m_instructionCount);
 
@@ -1487 +1461 @@
 int CodeBlock::lineNumberForBytecodeOffset(CallFrame* callFrame, unsigned bytecodeOffset)
 {
-    ASSERT(m_codeType != NativeCode);
     ASSERT(bytecodeOffset < m_instructionCount);
 
@@ -1513 +1486 @@
 int CodeBlock::expressionRangeForBytecodeOffset(CallFrame* callFrame, unsigned bytecodeOffset, int& divot, int& startOffset, int& endOffset)
 {
-    ASSERT(m_codeType != NativeCode);
     ASSERT(bytecodeOffset < m_instructionCount);
 
@@ -1553 +1525 @@
 bool CodeBlock::getByIdExceptionInfoForBytecodeOffset(CallFrame* callFrame, unsigned bytecodeOffset, OpcodeID& opcodeID)
 {
-    ASSERT(m_codeType != NativeCode);
     ASSERT(bytecodeOffset < m_instructionCount);
 
@@ -1582 +1553 @@
 bool CodeBlock::functionRegisterForBytecodeOffset(unsigned bytecodeOffset, int& functionRegisterIndex)
 {
-    ASSERT(m_codeType != NativeCode);
     ASSERT(bytecodeOffset < m_instructionCount);
 
@@ -1609 +1579 @@
 bool CodeBlock::hasGlobalResolveInstructionAtBytecodeOffset(unsigned bytecodeOffset)
 {
-    ASSERT(m_codeType != NativeCode);
     if (m_globalResolveInstructions.isEmpty())
         return false;
@@ -1630 +1599 @@
 bool CodeBlock::hasGlobalResolveInfoAtBytecodeOffset(unsigned bytecodeOffset)
 {
-    ASSERT(m_codeType != NativeCode);
     if (m_globalResolveInfos.isEmpty())
         return false;

trunk/JavaScriptCore/bytecode/CodeBlock.h

@@ -62 +62 @@
     class ExecState;
 
-    enum CodeType { GlobalCode, EvalCode, FunctionCode, NativeCode };
+    enum CodeType { GlobalCode, EvalCode, FunctionCode };
 
     static ALWAYS_INLINE int missingThisObjectMarker() { return std::numeric_limits<int>::max(); }
@@ -262 +262 @@
         friend class JIT;
     protected:
-        CodeBlock(ExecutableBase* ownerExecutable);
         CodeBlock(ExecutableBase* ownerExecutable, CodeType, PassRefPtr<SourceProvider>, unsigned sourceOffset);
     public:
@@ -379 +378 @@
         CodeType codeType() const { return m_codeType; }
 
-        SourceProvider* source() const { ASSERT(m_codeType != NativeCode); return m_source.get(); }
-        unsigned sourceOffset() const { ASSERT(m_codeType != NativeCode); return m_sourceOffset; }
+        SourceProvider* source() const { return m_source.get(); }
+        unsigned sourceOffset() const { return m_sourceOffset; }
 
         size_t numberOfJumpTargets() const { return m_jumpTargets.size(); }
@@ -470 +469 @@
         SymbolTable& symbolTable() { return m_symbolTable; }
 
-        EvalCodeCache& evalCodeCache() { ASSERT(m_codeType != NativeCode); createRareDataIfNecessary(); return m_rareData->m_evalCodeCache; }
+        EvalCodeCache& evalCodeCache() { createRareDataIfNecessary(); return m_rareData->m_evalCodeCache; }
 
         void shrinkToFit();
@@ -489 +488 @@
         void createRareDataIfNecessary()
         {
-            ASSERT(m_codeType != NativeCode); 
             if (!m_rareData)
                 m_rareData.set(new RareData);
@@ -620 +618 @@
     };
 
-    class NativeCodeBlock : public CodeBlock {
-    public:
-        NativeCodeBlock(FunctionExecutable* ownerExecutable)
-            : CodeBlock(ownerExecutable)
-        {
-        }
-    };
-
     inline Register& ExecState::r(int index)
     {

trunk/JavaScriptCore/jit/JIT.cpp

@@ -588 +588 @@
 void JIT::linkCall(JSFunction* callee, CodeBlock* callerCodeBlock, CodeBlock* calleeCodeBlock, JITCode& code, CallLinkInfo* callLinkInfo, int callerArgCount, JSGlobalData* globalData)
 {
-    ASSERT(calleeCodeBlock);
     RepatchBuffer repatchBuffer(callerCodeBlock);
 
     // Currently we only link calls with the exact number of arguments.
     // If this is a native call calleeCodeBlock is null so the number of parameters is unimportant
-    if (callerArgCount == calleeCodeBlock->m_numParameters || calleeCodeBlock->codeType() == NativeCode) {
+    if (!calleeCodeBlock || (callerArgCount == calleeCodeBlock->m_numParameters)) {
         ASSERT(!callLinkInfo->isLinked());
     

trunk/JavaScriptCore/jit/JITCall.cpp

@@ -440 +440 @@
     store32(regT1, Address(callFrameRegister, RegisterFile::ArgumentCount * static_cast<int>(sizeof(Register))));
 
-    loadPtr(Address(regT2, OBJECT_OFFSETOF(JSFunction, m_data) + OBJECT_OFFSETOF(ScopeChain, m_node)), regT1); // newScopeChain
+    loadPtr(Address(regT0, OBJECT_OFFSETOF(JSFunction, m_data) + OBJECT_OFFSETOF(ScopeChain, m_node)), regT1); // newScopeChain
 
     storePtr(ImmPtr(JSValue::encode(JSValue())), Address(callFrameRegister, RegisterFile::OptionalCalleeArguments * static_cast<int>(sizeof(Register))));
-    storePtr(regT2, Address(callFrameRegister, RegisterFile::Callee * static_cast<int>(sizeof(Register))));
+    storePtr(regT0, Address(callFrameRegister, RegisterFile::Callee * static_cast<int>(sizeof(Register))));
     storePtr(regT1, Address(callFrameRegister, RegisterFile::ScopeChain * static_cast<int>(sizeof(Register))));
 }
@@ -453 +453 @@
 
     // ecx holds func
-    emitPutJITStubArg(regT2, 1);
+    emitPutJITStubArg(regT0, 1);
     emitPutJITStubArgConstant(argCount, 3);
     emitPutJITStubArgConstant(registerOffset, 2);
@@ -463 +463 @@
     
     // ecx holds func
-    emitPutJITStubArg(regT2, 1);
+    emitPutJITStubArg(regT0, 1);
     emitPutJITStubArg(regT1, 3);
-    addPtr(Imm32(registerOffset), regT1, regT0);
-    emitPutJITStubArg(regT0, 2);
+    addPtr(Imm32(registerOffset), regT1, regT2);
+    emitPutJITStubArg(regT2, 2);
 }
 
@@ -477 +477 @@
 
     // ecx holds func
-    emitPutJITStubArg(regT2, 1);
+    emitPutJITStubArg(regT0, 1);
     emitPutJITStubArgConstant(registerOffset, 2);
     emitPutJITStubArgConstant(argCount, 3);
-    emitPutJITStubArgFromVirtualRegister(proto, 4, regT0);
+    emitPutJITStubArgFromVirtualRegister(proto, 4, regT2);
     emitPutJITStubArgConstant(thisRegister, 5);
 }
@@ -491 +491 @@
 
     emitGetVirtualRegister(argCountRegister, regT1);
-    emitGetVirtualRegister(callee, regT2);
+    emitGetVirtualRegister(callee, regT0);
     compileOpCallVarargsSetupArgs(instruction);
 
     // Check for JSFunctions.
-    emitJumpSlowCaseIfNotJSCell(regT2);
-    addSlowCase(branchPtr(NotEqual, Address(regT2), ImmPtr(m_globalData->jsFunctionVPtr)));
-    
+    emitJumpSlowCaseIfNotJSCell(regT0);
+    addSlowCase(branchPtr(NotEqual, Address(regT0), ImmPtr(m_globalData->jsFunctionVPtr)));
+
     // Speculatively roll the callframe, assuming argCount will match the arity.
-    mul32(Imm32(sizeof(Register)), regT0, regT0);
+    mul32(Imm32(sizeof(Register)), regT2, regT2);
     intptr_t offset = (intptr_t)sizeof(Register) * (intptr_t)RegisterFile::CallerFrame;
-    addPtr(Imm32((int32_t)offset), regT0, regT3);
+    addPtr(Imm32((int32_t)offset), regT2, regT3);
     addPtr(callFrameRegister, regT3);
     storePtr(callFrameRegister, regT3);
-    addPtr(regT0, callFrameRegister);
+    addPtr(regT2, callFrameRegister);
     emitNakedCall(m_globalData->jitStubs.ctiVirtualCall());
 
@@ -540 +540 @@
     if (opcodeID == op_call_eval) {
         JITStubCall stubCall(this, cti_op_call_eval);
-        stubCall.addArgument(callee, regT2);
+        stubCall.addArgument(callee, regT0);
         stubCall.addArgument(JIT::Imm32(registerOffset));
         stubCall.addArgument(JIT::Imm32(argCount));
@@ -547 +547 @@
     }
 
-    emitGetVirtualRegister(callee, regT2);
+    emitGetVirtualRegister(callee, regT0);
     // The arguments have been set up on the hot path for op_call_eval
     if (opcodeID == op_call)
@@ -555 +555 @@
 
     // Check for JSFunctions.
-    emitJumpSlowCaseIfNotJSCell(regT2);
-    addSlowCase(branchPtr(NotEqual, Address(regT2), ImmPtr(m_globalData->jsFunctionVPtr)));
+    emitJumpSlowCaseIfNotJSCell(regT0);
+    addSlowCase(branchPtr(NotEqual, Address(regT0), ImmPtr(m_globalData->jsFunctionVPtr)));
 
     // First, in the case of a construct, allocate the new object.
     if (opcodeID == op_construct) {
         JITStubCall(this, cti_op_construct_JSConstruct).call(registerOffset - RegisterFile::CallFrameHeaderSize - argCount);
-        emitGetVirtualRegister(callee, regT2);
+        emitGetVirtualRegister(callee, regT0);
     }
 
@@ -607 +607 @@
     if (opcodeID == op_call_eval) {
         JITStubCall stubCall(this, cti_op_call_eval);
-        stubCall.addArgument(callee, regT2);
+        stubCall.addArgument(callee, regT0);
         stubCall.addArgument(JIT::Imm32(registerOffset));
         stubCall.addArgument(JIT::Imm32(argCount));
@@ -616 +616 @@
     // This plants a check for a cached JSFunction value, so we can plant a fast link to the callee.
     // This deliberately leaves the callee in ecx, used when setting up the stack frame below
-    emitGetVirtualRegister(callee, regT2);
+    emitGetVirtualRegister(callee, regT0);
     DataLabelPtr addressOfLinkedFunctionCheck;
 
     BEGIN_UNINTERRUPTED_SEQUENCE(sequenceOpCall);
 
-    Jump jumpToSlow = branchPtrWithPatch(NotEqual, regT2, addressOfLinkedFunctionCheck, ImmPtr(JSValue::encode(JSValue())));
+    Jump jumpToSlow = branchPtrWithPatch(NotEqual, regT0, addressOfLinkedFunctionCheck, ImmPtr(JSValue::encode(JSValue())));
 
     END_UNINTERRUPTED_SEQUENCE(sequenceOpCall);
@@ -636 +636 @@
         int thisRegister = instruction[6].u.operand;
 
-        emitPutJITStubArg(regT2, 1);
-        emitPutJITStubArgFromVirtualRegister(proto, 4, regT0);
+        emitPutJITStubArg(regT0, 1);
+        emitPutJITStubArgFromVirtualRegister(proto, 4, regT2);
         JITStubCall stubCall(this, cti_op_construct_JSConstruct);
         stubCall.call(thisRegister);
-        emitGetVirtualRegister(callee, regT2);
+        emitGetVirtualRegister(callee, regT0);
     }
 
@@ -646 +646 @@
     // Note that this omits to set up RegisterFile::CodeBlock, which is set in the callee
     storePtr(ImmPtr(JSValue::encode(JSValue())), Address(callFrameRegister, (registerOffset + RegisterFile::OptionalCalleeArguments) * static_cast<int>(sizeof(Register))));
-    storePtr(regT2, Address(callFrameRegister, (registerOffset + RegisterFile::Callee) * static_cast<int>(sizeof(Register))));
-    loadPtr(Address(regT2, OBJECT_OFFSETOF(JSFunction, m_data) + OBJECT_OFFSETOF(ScopeChain, m_node)), regT1); // newScopeChain
+    storePtr(regT0, Address(callFrameRegister, (registerOffset + RegisterFile::Callee) * static_cast<int>(sizeof(Register))));
+    loadPtr(Address(regT0, OBJECT_OFFSETOF(JSFunction, m_data) + OBJECT_OFFSETOF(ScopeChain, m_node)), regT1); // newScopeChain
     store32(Imm32(argCount), Address(callFrameRegister, (registerOffset + RegisterFile::ArgumentCount) * static_cast<int>(sizeof(Register))));
     storePtr(callFrameRegister, Address(callFrameRegister, (registerOffset + RegisterFile::CallerFrame) * static_cast<int>(sizeof(Register))));
@@ -681 +681 @@
 
     // Fast check for JS function.
-    Jump callLinkFailNotObject = emitJumpIfNotJSCell(regT2);
-    Jump callLinkFailNotJSFunction = branchPtr(NotEqual, Address(regT2), ImmPtr(m_globalData->jsFunctionVPtr));
+    Jump callLinkFailNotObject = emitJumpIfNotJSCell(regT0);
+    Jump callLinkFailNotJSFunction = branchPtr(NotEqual, Address(regT0), ImmPtr(m_globalData->jsFunctionVPtr));
 
     // First, in the case of a construct, allocate the new object.
     if (opcodeID == op_construct) {
         JITStubCall(this, cti_op_construct_JSConstruct).call(registerOffset - RegisterFile::CallFrameHeaderSize - argCount);
-        emitGetVirtualRegister(callee, regT2);
+        emitGetVirtualRegister(callee, regT0);
     }
 
@@ -694 +694 @@
     addPtr(Imm32(registerOffset * static_cast<int>(sizeof(Register))), callFrameRegister);
     move(Imm32(argCount), regT1);
+
+    move(regT0, regT2);
 
     m_callStructureStubCompilationInfo[callLinkInfoIndex].callReturnLocation = emitNakedCall(m_globalData->jitStubs.ctiVirtualCallLink());

trunk/JavaScriptCore/jit/JITOpcodes.cpp

@@ -65 +65 @@
 
 #if ENABLE(JIT_OPTIMIZE_CALL)
-    /* VirtualCallLink Trampoline */
+    // VirtualCallLink Trampoline
+    // regT0 holds callee, regT1 holds argCount.  regT2 will hold the FunctionExecutable.
     Label virtualCallLinkBegin = align();
-
-    // regT0 holds callee, regT1 holds argCount.
     loadPtr(Address(regT0, OBJECT_OFFSETOF(JSFunction, m_executable)), regT2);
-    loadPtr(Address(regT2, OBJECT_OFFSETOF(FunctionExecutable, m_codeBlock)), regT2);
-    Jump hasCodeBlock2 = branchTestPtr(NonZero, regT2);
-
-    // Lazily generate a CodeBlock.
-    preserveReturnAddressAfterCall(regT3); // return address
+
+    Jump isNativeFunc2 = branch32(Equal, Address(regT2, OBJECT_OFFSETOF(FunctionExecutable, m_numParameters)), Imm32(0));
+
+    Jump hasCodeBlock2 = branch32(GreaterThan, Address(regT2, OBJECT_OFFSETOF(FunctionExecutable, m_numParameters)), Imm32(0));
+    preserveReturnAddressAfterCall(regT3);
     restoreArgumentReference();
     Call callJSFunction2 = call();
-    move(regT0, regT2);
-    emitGetJITStubArg(1, regT0); // callee
+    loadPtr(Address(regT0, OBJECT_OFFSETOF(JSFunction, m_executable)), regT2);
     emitGetJITStubArg(5, regT1); // argCount
-    restoreReturnAddressBeforeReturn(regT3); // return address
+    restoreReturnAddressBeforeReturn(regT3);
     hasCodeBlock2.link(this);
 
-    // regT2 holds codeBlock.
-    Jump isNativeFunc2 = branch32(Equal, Address(regT2, OBJECT_OFFSETOF(CodeBlock, m_codeType)), Imm32(NativeCode));
-
     // Check argCount matches callee arity.
-    Jump arityCheckOkay2 = branch32(Equal, Address(regT2, OBJECT_OFFSETOF(CodeBlock, m_numParameters)), regT1);
+    Jump arityCheckOkay2 = branch32(Equal, Address(regT2, OBJECT_OFFSETOF(FunctionExecutable, m_numParameters)), regT1);
     preserveReturnAddressAfterCall(regT3);
     emitPutJITStubArg(regT3, 3); // return address
-    emitPutJITStubArg(regT2, 7); // codeBlock
     restoreArgumentReference();
     Call callArityCheck2 = call();
     move(regT1, callFrameRegister);
-    emitGetJITStubArg(1, regT0); // callee
     emitGetJITStubArg(5, regT1); // argCount
-    restoreReturnAddressBeforeReturn(regT3); // return address
-
+    restoreReturnAddressBeforeReturn(regT3);
     arityCheckOkay2.link(this);
+
     isNativeFunc2.link(this);
 
@@ -104 +97 @@
 
     preserveReturnAddressAfterCall(regT3);
-    emitPutJITStubArg(regT3, 3);
+    emitPutJITStubArg(regT3, 3); // return address
     restoreArgumentReference();
     Call callLazyLinkCall = call();
@@ -111 +104 @@
 #endif // ENABLE(JIT_OPTIMIZE_CALL)
 
-    /* VirtualCall Trampoline */
+    // VirtualCall Trampoline
+    // regT0 holds callee, regT1 holds argCount.  regT2 will hold the FunctionExecutable.
     Label virtualCallBegin = align();
-
-    // regT0 holds callee, regT1 holds argCount.
     loadPtr(Address(regT0, OBJECT_OFFSETOF(JSFunction, m_executable)), regT2);
-    loadPtr(Address(regT2, OBJECT_OFFSETOF(FunctionExecutable, m_codeBlock)), regT2);
-    Jump hasCodeBlock3 = branchTestPtr(NonZero, regT2);
-
-    // Lazily generate a CodeBlock.
-    preserveReturnAddressAfterCall(regT3); // return address
+
+    Jump isNativeFunc3 = branch32(Equal, Address(regT2, OBJECT_OFFSETOF(FunctionExecutable, m_numParameters)), Imm32(0));
+
+    Jump hasCodeBlock3 = branch32(GreaterThan, Address(regT2, OBJECT_OFFSETOF(FunctionExecutable, m_numParameters)), Imm32(0));
+    preserveReturnAddressAfterCall(regT3);
     restoreArgumentReference();
     Call callJSFunction1 = call();
-    move(regT0, regT2);
-    emitGetJITStubArg(1, regT0); // callee
     emitGetJITStubArg(5, regT1); // argCount
-    restoreReturnAddressBeforeReturn(regT3); // return address
+    restoreReturnAddressBeforeReturn(regT3);
+    loadPtr(Address(regT0, OBJECT_OFFSETOF(JSFunction, m_executable)), regT2);
     hasCodeBlock3.link(this);
     
-    // regT2 holds codeBlock.
-    Jump isNativeFunc3 = branch32(Equal, Address(regT2, OBJECT_OFFSETOF(CodeBlock, m_codeType)), Imm32(NativeCode));
-    
-    // Check argCount matches callee.
-    Jump arityCheckOkay3 = branch32(Equal, Address(regT2, OBJECT_OFFSETOF(CodeBlock, m_numParameters)), regT1);
+    // Check argCount matches callee arity.
+    Jump arityCheckOkay3 = branch32(Equal, Address(regT2, OBJECT_OFFSETOF(FunctionExecutable, m_numParameters)), regT1);
     preserveReturnAddressAfterCall(regT3);
     emitPutJITStubArg(regT3, 3); // return address
-    emitPutJITStubArg(regT2, 7); // codeBlock
     restoreArgumentReference();
     Call callArityCheck1 = call();
     move(regT1, callFrameRegister);
-    emitGetJITStubArg(1, regT0); // callee
     emitGetJITStubArg(5, regT1); // argCount
-    restoreReturnAddressBeforeReturn(regT3); // return address
-
+    restoreReturnAddressBeforeReturn(regT3);
+    loadPtr(Address(regT0, OBJECT_OFFSETOF(JSFunction, m_executable)), regT2);
     arityCheckOkay3.link(this);
+
     isNativeFunc3.link(this);
+
     compileOpCallInitializeCallFrame();
-    loadPtr(Address(regT0, OBJECT_OFFSETOF(JSFunction, m_executable)), regT0);
-    loadPtr(Address(regT0, OBJECT_OFFSETOF(FunctionExecutable, m_jitCode)), regT0);
+    loadPtr(Address(regT2, OBJECT_OFFSETOF(FunctionExecutable, m_jitCode)), regT0);
     jump(regT0);
 
@@ -1485 +1472 @@
     COMPILE_ASSERT(sizeof(CodeType) == 4, CodeTypeEnumMustBe32Bit);
 
+    // VirtualCallLink Trampoline
+    // regT0 holds callee, regT1 holds argCount.  regT2 will hold the FunctionExecutable.
     Label virtualCallLinkBegin = align();
-
-    // Load the callee CodeBlock* into eax
-    loadPtr(Address(regT2, OBJECT_OFFSETOF(JSFunction, m_executable)), regT3);
-    loadPtr(Address(regT3, OBJECT_OFFSETOF(FunctionExecutable, m_codeBlock)), regT0);
-    Jump hasCodeBlock2 = branchTestPtr(NonZero, regT0);
+    loadPtr(Address(regT0, OBJECT_OFFSETOF(JSFunction, m_executable)), regT2);
+
+    Jump isNativeFunc2 = branch32(Equal, Address(regT2, OBJECT_OFFSETOF(FunctionExecutable, m_numParameters)), Imm32(0));
+
+    Jump hasCodeBlock2 = branch32(GreaterThan, Address(regT2, OBJECT_OFFSETOF(FunctionExecutable, m_numParameters)), Imm32(0));
     preserveReturnAddressAfterCall(regT3);
     restoreArgumentReference();
     Call callJSFunction2 = call();
-    emitGetJITStubArg(1, regT2);
-    emitGetJITStubArg(3, regT1);
+    loadPtr(Address(regT0, OBJECT_OFFSETOF(JSFunction, m_executable)), regT2);
+    emitGetJITStubArg(3, regT1); // argCount
     restoreReturnAddressBeforeReturn(regT3);
     hasCodeBlock2.link(this);
 
-    Jump isNativeFunc2 = branch32(Equal, Address(regT0, OBJECT_OFFSETOF(CodeBlock, m_codeType)), Imm32(NativeCode));
-
     // Check argCount matches callee arity.
-    Jump arityCheckOkay2 = branch32(Equal, Address(regT0, OBJECT_OFFSETOF(CodeBlock, m_numParameters)), regT1);
+    Jump arityCheckOkay2 = branch32(Equal, Address(regT2, OBJECT_OFFSETOF(FunctionExecutable, m_numParameters)), regT1);
     preserveReturnAddressAfterCall(regT3);
-    emitPutJITStubArg(regT3, 2);
-    emitPutJITStubArg(regT0, 4);
+    emitPutJITStubArg(regT3, 2); // return address
     restoreArgumentReference();
     Call callArityCheck2 = call();
     move(regT1, callFrameRegister);
-    emitGetJITStubArg(1, regT2);
-    emitGetJITStubArg(3, regT1);
+    emitGetJITStubArg(3, regT1); // argCount
     restoreReturnAddressBeforeReturn(regT3);
     arityCheckOkay2.link(this);
+
     isNativeFunc2.link(this);
 
     compileOpCallInitializeCallFrame();
-
     preserveReturnAddressAfterCall(regT3);
-    emitPutJITStubArg(regT3, 2);
+    emitPutJITStubArg(regT3, 2); // return address
     restoreArgumentReference();
     Call callLazyLinkCall = call();
     restoreReturnAddressBeforeReturn(regT3);
-
     jump(regT0);
 
+    // VirtualCall Trampoline
+    // regT0 holds callee, regT1 holds argCount.  regT2 will hold the FunctionExecutable.
     Label virtualCallBegin = align();
-
-    // Load the callee CodeBlock* into eax
-    loadPtr(Address(regT2, OBJECT_OFFSETOF(JSFunction, m_executable)), regT3);
-    loadPtr(Address(regT3, OBJECT_OFFSETOF(FunctionExecutable, m_codeBlock)), regT0);
-    Jump hasCodeBlock3 = branchTestPtr(NonZero, regT0);
+    loadPtr(Address(regT0, OBJECT_OFFSETOF(JSFunction, m_executable)), regT2);
+
+    Jump isNativeFunc3 = branch32(Equal, Address(regT2, OBJECT_OFFSETOF(FunctionExecutable, m_numParameters)), Imm32(0));
+
+    Jump hasCodeBlock3 = branch32(GreaterThan, Address(regT2, OBJECT_OFFSETOF(FunctionExecutable, m_numParameters)), Imm32(0));
     preserveReturnAddressAfterCall(regT3);
     restoreArgumentReference();
     Call callJSFunction1 = call();
-    emitGetJITStubArg(1, regT2);
-    emitGetJITStubArg(3, regT1);
+    emitGetJITStubArg(3, regT1); // argCount
     restoreReturnAddressBeforeReturn(regT3);
-    loadPtr(Address(regT2, OBJECT_OFFSETOF(JSFunction, m_executable)), regT3); // reload the function body nody, so we can reload the code pointer.
+    loadPtr(Address(regT0, OBJECT_OFFSETOF(JSFunction, m_executable)), regT2);
     hasCodeBlock3.link(this);
     
-    Jump isNativeFunc3 = branch32(Equal, Address(regT0, OBJECT_OFFSETOF(CodeBlock, m_codeType)), Imm32(NativeCode));
-
     // Check argCount matches callee arity.
-    Jump arityCheckOkay3 = branch32(Equal, Address(regT0, OBJECT_OFFSETOF(CodeBlock, m_numParameters)), regT1);
+    Jump arityCheckOkay3 = branch32(Equal, Address(regT2, OBJECT_OFFSETOF(FunctionExecutable, m_numParameters)), regT1);
     preserveReturnAddressAfterCall(regT3);
-    emitPutJITStubArg(regT3, 2);
-    emitPutJITStubArg(regT0, 4);
+    emitPutJITStubArg(regT3, 2); // return address
     restoreArgumentReference();
     Call callArityCheck1 = call();
     move(regT1, callFrameRegister);
-    emitGetJITStubArg(1, regT2);
-    emitGetJITStubArg(3, regT1);
+    emitGetJITStubArg(3, regT1); // argCount
     restoreReturnAddressBeforeReturn(regT3);
-    loadPtr(Address(regT2, OBJECT_OFFSETOF(JSFunction, m_executable)), regT3); // reload the function body nody, so we can reload the code pointer.
+    loadPtr(Address(regT0, OBJECT_OFFSETOF(JSFunction, m_executable)), regT2);
     arityCheckOkay3.link(this);
+
     isNativeFunc3.link(this);
 
-    // load ctiCode from the new codeBlock.
-    loadPtr(Address(regT3, OBJECT_OFFSETOF(FunctionExecutable, m_jitCode)), regT0);
-    
     compileOpCallInitializeCallFrame();
+    loadPtr(Address(regT2, OBJECT_OFFSETOF(FunctionExecutable, m_jitCode)), regT0);
     jump(regT0);
 
-    
     Label nativeCallThunk = align();
     preserveReturnAddressAfterCall(regT0);

trunk/JavaScriptCore/jit/JITStubs.cpp

@@ -1486 +1486 @@
     executable->jitCode(callDataScopeChain);
 
-    return &executable->generatedBytecode();
+    return function;
 }
 
@@ -1494 +1494 @@
 
     CallFrame* callFrame = stackFrame.callFrame;
-    CodeBlock* newCodeBlock = stackFrame.args[3].codeBlock();
-    ASSERT(newCodeBlock->codeType() != NativeCode);
+    JSFunction* callee = asFunction(stackFrame.args[0].jsValue());
+    CodeBlock* newCodeBlock = &callee->executable()->generatedBytecode();
     int argCount = stackFrame.args[2].int32();
 
@@ -1532 +1532 @@
     }
 
-    RETURN_POINTER_PAIR(newCodeBlock, callFrame);
+    RETURN_POINTER_PAIR(callee, callFrame);
 }
 
@@ -1546 +1546 @@
     if (!executable->isHostFunction())
         codeBlock = &executable->bytecode(callee->scope().node());
-    else
-        codeBlock = &executable->generatedBytecode();
     CallLinkInfo* callLinkInfo = &stackFrame.callFrame->callerFrame()->codeBlock()->getCallLinkInfo(stackFrame.args[1].returnAddress());
 

trunk/JavaScriptCore/runtime/Executable.cpp

@@ -86 +86 @@
     OwnPtr<BytecodeGenerator> generator(new BytecodeGenerator(body(), globalObject->debugger(), scopeChain, &m_codeBlock->symbolTable(), m_codeBlock));
     generator->generate();
+    m_numParameters = m_codeBlock->m_numParameters;
+    ASSERT(m_numParameters);
 
     body()->destroyData();
@@ -126 +128 @@
 
 #endif
-
-bool FunctionExecutable::isHostFunction() const
-{
-    return m_codeBlock && m_codeBlock->codeType() == NativeCode;
-}
 
 void FunctionExecutable::markAggregate(MarkStack& markStack)
@@ -198 +195 @@
     delete m_codeBlock;
     m_codeBlock = 0;
+    m_numParameters = NUM_PARAMETERS_NOT_COMPILED;
 #if ENABLE(JIT)
     m_jitCode = JITCode();
@@ -205 +203 @@
 #if ENABLE(JIT)
 FunctionExecutable::FunctionExecutable(ExecState* exec)
-    : m_codeBlock(new NativeCodeBlock(this))
+    : m_codeBlock(0)
     , m_name(Identifier(exec, "<native thunk>"))
 {
     m_jitCode = JITCode(JITCode::HostFunction(exec->globalData().jitStubs.ctiNativeCallThunk()));
+    m_numParameters = NUM_PARAMETERS_IS_HOST;
 }
 #endif

trunk/JavaScriptCore/runtime/Executable.h

@@ -41 +41 @@
         friend class JIT;
     public:
+        enum Mode {
+            NoJITCode,
+            HasJITCode,
+            IsHost
+        };
+        static const int NUM_PARAMETERS_IS_HOST = 0;
+        static const int NUM_PARAMETERS_NOT_COMPILED = -1;
+    
         virtual ~ExecutableBase() {}
 
         ExecutableBase(const SourceCode& source)
             : m_source(source)
+            , m_numParameters(NUM_PARAMETERS_NOT_COMPILED)
         {
         }
@@ -63 +72 @@
         RefPtr<ScopeNode> m_node;
         SourceCode m_source;
+        int m_numParameters;
 
     private:
@@ -220 +230 @@
         UString paramString() const { return body()->paramString(); }
 
-        bool isHostFunction() const;
+        bool isHostFunction() const { return m_numParameters == NUM_PARAMETERS_IS_HOST; }
         bool isGenerated() const
         {

trunk/JavaScriptCore/runtime/JSFunction.cpp

@@ -90 +90 @@
     // are based on a check for the this pointer value for this JSFunction - which will no longer be valid once
     // this memory is freed and may be reused (potentially for another, different JSFunction).
+    if (!isHostFunction()) {
 #if ENABLE(JIT_OPTIMIZE_CALL)
-    if (m_executable && m_executable->isGenerated())
-        m_executable->generatedBytecode().unlinkCallers();
+        if (m_executable && m_executable->isGenerated())
+            m_executable->generatedBytecode().unlinkCallers();
 #endif
-    if (!isHostFunction())
         scopeChain().~ScopeChain(); // FIXME: Don't we need to do this in the interpreter too?
+    }
 }