Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (225384 => 225385)
--- trunk/Source/_javascript_Core/ChangeLog 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/ChangeLog 2017-12-01 08:18:40 UTC (rev 225385)
@@ -1,3 +1,114 @@
+2017-11-30 Yusuke Suzuki <utatane....@gmail.com>
+
+ [JSC] Use JSFixedArray for op_new_array_buffer
+ https://bugs.webkit.org/show_bug.cgi?id=180084
+
+ Reviewed by Saam Barati.
+
+ For op_new_array_buffer, we have a special constant buffer in CodeBlock.
+ But using JSFixedArray is better because,
+
+ 1. In DFG, we have special hashing mechanism to avoid duplicating constant buffer from the same CodeBlock.
+ If we use JSFixedArray, this is unnecessary since JSFixedArray is handled just as JS constant.
+
+ 2. In a subsequent patch[1], we would like to support Spread(PhantomNewArrayBuffer). If NewArrayBuffer
+ has JSFixedArray, we can just emit a held JSFixedArray.
+
+ 3. We can reduce length of op_new_array_buffer since JSFixedArray holds this.
+
+ 4. We can fold NewArrayBufferData into uint64_t. No need to maintain a bag of NewArrayBufferData in DFG.
+
+ 5. We do not need to look up constant buffer from CodeBlock if buffer data is necessary. Our NewArrayBuffer
+ DFG node has JSFixedArray as its cellOperand. This makes materializing PhantomNewArrayBuffer easy, which
+ will be introduced in [1].
+
+ [1]: https://bugs.webkit.org/show_bug.cgi?id=179762
+
+ * bytecode/BytecodeDumper.cpp:
+ (JSC::BytecodeDumper<Block>::dumpBytecode):
+ * bytecode/BytecodeList.json:
+ * bytecode/BytecodeUseDef.h:
+ (JSC::computeUsesForBytecodeOffset):
+ * bytecode/CodeBlock.cpp:
+ (JSC::CodeBlock::finishCreation):
+ * bytecode/CodeBlock.h:
+ (JSC::CodeBlock::numberOfConstantBuffers const): Deleted.
+ (JSC::CodeBlock::addConstantBuffer): Deleted.
+ (JSC::CodeBlock::constantBufferAsVector): Deleted.
+ (JSC::CodeBlock::constantBuffer): Deleted.
+ * bytecode/UnlinkedCodeBlock.cpp:
+ (JSC::UnlinkedCodeBlock::shrinkToFit):
+ * bytecode/UnlinkedCodeBlock.h:
+ (JSC::UnlinkedCodeBlock::constantBufferCount): Deleted.
+ (JSC::UnlinkedCodeBlock::addConstantBuffer): Deleted.
+ (JSC::UnlinkedCodeBlock::constantBuffer const): Deleted.
+ (JSC::UnlinkedCodeBlock::constantBuffer): Deleted.
+ * bytecompiler/BytecodeGenerator.cpp:
+ (JSC::BytecodeGenerator::emitNewArray):
+ (JSC::BytecodeGenerator::addConstantBuffer): Deleted.
+ * bytecompiler/BytecodeGenerator.h:
+ * dfg/DFGByteCodeParser.cpp:
+ (JSC::DFG::ByteCodeParser::parseBlock):
+ (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
+ (JSC::DFG::ConstantBufferKey::ConstantBufferKey): Deleted.
+ (JSC::DFG::ConstantBufferKey::operator== const): Deleted.
+ (JSC::DFG::ConstantBufferKey::hash const): Deleted.
+ (JSC::DFG::ConstantBufferKey::isHashTableDeletedValue const): Deleted.
+ (JSC::DFG::ConstantBufferKey::codeBlock const): Deleted.
+ (JSC::DFG::ConstantBufferKey::index const): Deleted.
+ (JSC::DFG::ConstantBufferKeyHash::hash): Deleted.
+ (JSC::DFG::ConstantBufferKeyHash::equal): Deleted.
+ * dfg/DFGClobberize.h:
+ (JSC::DFG::clobberize):
+ * dfg/DFGGraph.cpp:
+ (JSC::DFG::Graph::dump):
+ * dfg/DFGGraph.h:
+ * dfg/DFGNode.h:
+ (JSC::DFG::Node::hasNewArrayBufferData):
+ (JSC::DFG::Node::newArrayBufferData):
+ (JSC::DFG::Node::hasVectorLengthHint):
+ (JSC::DFG::Node::vectorLengthHint):
+ (JSC::DFG::Node::indexingType):
+ (JSC::DFG::Node::hasCellOperand):
+ (JSC::DFG::Node::OpInfoWrapper::operator=):
+ (JSC::DFG::Node::OpInfoWrapper::asNewArrayBufferData const):
+ (JSC::DFG::Node::hasConstantBuffer): Deleted.
+ (JSC::DFG::Node::startConstant): Deleted.
+ (JSC::DFG::Node::numConstants): Deleted.
+ * dfg/DFGOperations.cpp:
+ * dfg/DFGOperations.h:
+ * dfg/DFGSpeculativeJIT.h:
+ (JSC::DFG::SpeculativeJIT::callOperation):
+ * dfg/DFGSpeculativeJIT32_64.cpp:
+ (JSC::DFG::SpeculativeJIT::compile):
+ * dfg/DFGSpeculativeJIT64.cpp:
+ (JSC::DFG::SpeculativeJIT::compile):
+ * ftl/FTLLowerDFGToB3.cpp:
+ (JSC::FTL::DFG::LowerDFGToB3::compileNewArrayBuffer):
+ * jit/JIT.cpp:
+ (JSC::JIT::privateCompileMainPass):
+ * jit/JIT.h:
+ * jit/JITOpcodes.cpp:
+ (JSC::JIT::emit_op_new_array_buffer): Deleted.
+ * jit/JITOperations.cpp:
+ * jit/JITOperations.h:
+ * llint/LLIntSlowPaths.cpp:
+ * llint/LLIntSlowPaths.h:
+ * llint/LowLevelInterpreter.asm:
+ * runtime/CommonSlowPaths.cpp:
+ (JSC::SLOW_PATH_DECL):
+ * runtime/CommonSlowPaths.h:
+ * runtime/JSFixedArray.cpp:
+ (JSC::JSFixedArray::dumpToStream):
+ * runtime/JSFixedArray.h:
+ (JSC::JSFixedArray::create):
+ (JSC::JSFixedArray::get const):
+ (JSC::JSFixedArray::set):
+ (JSC::JSFixedArray::buffer const):
+ (JSC::JSFixedArray::values const):
+ (JSC::JSFixedArray::length const):
+ (JSC::JSFixedArray::get): Deleted.
+
2017-11-30 JF Bastien <jfbast...@apple.com>
WebAssembly: improve stack trace
Modified: trunk/Source/_javascript_Core/bytecode/BytecodeDumper.cpp (225384 => 225385)
--- trunk/Source/_javascript_Core/bytecode/BytecodeDumper.cpp 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/bytecode/BytecodeDumper.cpp 2017-12-01 08:18:40 UTC (rev 225385)
@@ -763,10 +763,9 @@
}
case op_new_array_buffer: {
int dst = (++it)->u.operand;
- int argv = (++it)->u.operand;
- int argc = (++it)->u.operand;
+ int array = (++it)->u.operand;
printLocationAndOp(out, location, it, "new_array_buffer");
- out.printf("%s, %d, %d", registerName(dst).data(), argv, argc);
+ out.printf("%s, %s", registerName(dst).data(), registerName(array).data());
++it; // Skip array allocation profile.
break;
}
Modified: trunk/Source/_javascript_Core/bytecode/BytecodeList.json (225384 => 225385)
--- trunk/Source/_javascript_Core/bytecode/BytecodeList.json 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/bytecode/BytecodeList.json 2017-12-01 08:18:40 UTC (rev 225385)
@@ -22,7 +22,7 @@
{ "name" : "op_new_array_with_size", "length" : 4 },
{ "name" : "op_new_array_with_spread", "length" : 5 },
{ "name" : "op_spread", "length" : 3 },
- { "name" : "op_new_array_buffer", "length" : 5 },
+ { "name" : "op_new_array_buffer", "length" : 4 },
{ "name" : "op_new_regexp", "length" : 3 },
{ "name" : "op_mov", "length" : 3 },
{ "name" : "op_not", "length" : 3 },
Modified: trunk/Source/_javascript_Core/bytecode/BytecodeUseDef.h (225384 => 225385)
--- trunk/Source/_javascript_Core/bytecode/BytecodeUseDef.h 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/bytecode/BytecodeUseDef.h 2017-12-01 08:18:40 UTC (rev 225385)
@@ -38,7 +38,6 @@
switch (opcodeID) {
// No uses.
case op_new_regexp:
- case op_new_array_buffer:
case op_debug:
case op_jneq_ptr:
case op_loop_hint:
@@ -213,7 +212,8 @@
case op_get_parent_scope:
case op_create_scoped_arguments:
case op_create_rest:
- case op_get_from_arguments: {
+ case op_get_from_arguments:
+ case op_new_array_buffer: {
ASSERT(opcodeLengths[opcodeID] > 2);
functor(codeBlock, instruction, opcodeID, instruction[2].u.operand);
return;
Modified: trunk/Source/_javascript_Core/bytecode/CodeBlock.cpp (225384 => 225385)
--- trunk/Source/_javascript_Core/bytecode/CodeBlock.cpp 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/bytecode/CodeBlock.cpp 2017-12-01 08:18:40 UTC (rev 225385)
@@ -349,7 +349,6 @@
createRareDataIfNecessary();
m_rareData->m_exceptionHandlers = other.m_rareData->m_exceptionHandlers;
- m_rareData->m_constantBuffers = other.m_rareData->m_constantBuffers;
m_rareData->m_switchJumpTables = other.m_rareData->m_switchJumpTables;
m_rareData->m_stringSwitchJumpTables = other.m_rareData->m_stringSwitchJumpTables;
}
@@ -461,13 +460,6 @@
if (unlinkedCodeBlock->hasRareData()) {
createRareDataIfNecessary();
- if (size_t count = unlinkedCodeBlock->constantBufferCount()) {
- m_rareData->m_constantBuffers.grow(count);
- for (size_t i = 0; i < count; i++) {
- const UnlinkedCodeBlock::ConstantBuffer& buffer = unlinkedCodeBlock->constantBuffer(i);
- m_rareData->m_constantBuffers[i] = buffer;
- }
- }
if (size_t count = unlinkedCodeBlock->numberOfExceptionHandlers()) {
m_rareData->m_exceptionHandlers.resizeToFit(count);
for (size_t i = 0; i < count; i++) {
Modified: trunk/Source/_javascript_Core/bytecode/CodeBlock.h (225384 => 225385)
--- trunk/Source/_javascript_Core/bytecode/CodeBlock.h 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/bytecode/CodeBlock.h 2017-12-01 08:18:40 UTC (rev 225385)
@@ -568,30 +568,6 @@
const Vector<BitVector>& bitVectors() const { return m_unlinkedCode->bitVectors(); }
const BitVector& bitVector(size_t i) { return m_unlinkedCode->bitVector(i); }
- unsigned numberOfConstantBuffers() const
- {
- if (!m_rareData)
- return 0;
- return m_rareData->m_constantBuffers.size();
- }
- unsigned addConstantBuffer(const Vector<JSValue>& buffer)
- {
- createRareDataIfNecessary();
- unsigned size = m_rareData->m_constantBuffers.size();
- m_rareData->m_constantBuffers.append(buffer);
- return size;
- }
-
- Vector<JSValue>& constantBufferAsVector(unsigned index)
- {
- ASSERT(m_rareData);
- return m_rareData->m_constantBuffers[index];
- }
- JSValue* constantBuffer(unsigned index)
- {
- return constantBufferAsVector(index).data();
- }
-
Heap* heap() const { return &m_vm->heap; }
JSGlobalObject* globalObject() { return m_globalObject.get(); }
@@ -871,9 +847,6 @@
public:
Vector<HandlerInfo> m_exceptionHandlers;
- // Buffers used for large array literals
- Vector<Vector<JSValue>> m_constantBuffers;
-
// Jump Tables
Vector<SimpleJumpTable> m_switchJumpTables;
Vector<StringJumpTable> m_stringSwitchJumpTables;
Modified: trunk/Source/_javascript_Core/bytecode/UnlinkedCodeBlock.cpp (225384 => 225385)
--- trunk/Source/_javascript_Core/bytecode/UnlinkedCodeBlock.cpp 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/bytecode/UnlinkedCodeBlock.cpp 2017-12-01 08:18:40 UTC (rev 225385)
@@ -407,7 +407,6 @@
if (m_rareData) {
m_rareData->m_exceptionHandlers.shrinkToFit();
m_rareData->m_regexps.shrinkToFit();
- m_rareData->m_constantBuffers.shrinkToFit();
m_rareData->m_switchJumpTables.shrinkToFit();
m_rareData->m_stringSwitchJumpTables.shrinkToFit();
m_rareData->m_expressionInfoFatPositions.shrinkToFit();
Modified: trunk/Source/_javascript_Core/bytecode/UnlinkedCodeBlock.h (225384 => 225385)
--- trunk/Source/_javascript_Core/bytecode/UnlinkedCodeBlock.h 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/bytecode/UnlinkedCodeBlock.h 2017-12-01 08:18:40 UTC (rev 225385)
@@ -323,29 +323,6 @@
size_t numberOfPropertyAccessInstructions() const { return m_propertyAccessInstructions.size(); }
const Vector<unsigned>& propertyAccessInstructions() const { return m_propertyAccessInstructions; }
- typedef Vector<JSValue> ConstantBuffer;
-
- size_t constantBufferCount() { ASSERT(m_rareData); return m_rareData->m_constantBuffers.size(); }
- unsigned addConstantBuffer(unsigned length)
- {
- createRareDataIfNecessary();
- unsigned size = m_rareData->m_constantBuffers.size();
- m_rareData->m_constantBuffers.append(Vector<JSValue>(length));
- return size;
- }
-
- const ConstantBuffer& constantBuffer(unsigned index) const
- {
- ASSERT(m_rareData);
- return m_rareData->m_constantBuffers[index];
- }
-
- ConstantBuffer& constantBuffer(unsigned index)
- {
- ASSERT(m_rareData);
- return m_rareData->m_constantBuffers[index];
- }
-
bool hasRareData() const { return m_rareData.get(); }
int lineNumberForBytecodeOffset(unsigned bytecodeOffset);
@@ -495,9 +472,6 @@
// Rare Constants
Vector<WriteBarrier<RegExp>> m_regexps;
- // Buffers used for large array literals
- Vector<ConstantBuffer> m_constantBuffers;
-
// Jump Tables
Vector<UnlinkedSimpleJumpTable> m_switchJumpTables;
Vector<UnlinkedStringJumpTable> m_stringSwitchJumpTables;
Modified: trunk/Source/_javascript_Core/bytecompiler/BytecodeGenerator.cpp (225384 => 225385)
--- trunk/Source/_javascript_Core/bytecompiler/BytecodeGenerator.cpp 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/bytecompiler/BytecodeGenerator.cpp 2017-12-01 08:18:40 UTC (rev 225385)
@@ -40,6 +40,7 @@
#include "Interpreter.h"
#include "JSAsyncGeneratorFunction.h"
#include "JSCInlines.h"
+#include "JSFixedArray.h"
#include "JSFunction.h"
#include "JSGeneratorFunction.h"
#include "JSLexicalEnvironment.h"
@@ -3120,11 +3121,6 @@
return dst;
}
-unsigned BytecodeGenerator::addConstantBuffer(unsigned length)
-{
- return m_codeBlock->addConstantBuffer(length);
-}
-
JSString* BytecodeGenerator::addStringConstant(const Identifier& identifier)
{
JSString*& stringInMap = m_stringMap.add(identifier.impl(), nullptr).iterator->value;
@@ -3165,17 +3161,15 @@
}
if (!hadVariableExpression) {
ASSERT(length == checkLength);
- unsigned constantBufferIndex = addConstantBuffer(length);
- JSValue* constantBuffer = m_codeBlock->constantBuffer(constantBufferIndex).data();
+ auto* array = JSFixedArray::create(*m_vm, length);
unsigned index = 0;
for (ElementNode* n = elements; index < length; n = n->next()) {
ASSERT(n->value()->isConstant());
- constantBuffer[index++] = static_cast<ConstantNode*>(n->value())->jsValue(*this);
+ array->set(*m_vm, index++, static_cast<ConstantNode*>(n->value())->jsValue(*this));
}
emitOpcode(op_new_array_buffer);
instructions().append(dst->index());
- instructions().append(constantBufferIndex);
- instructions().append(length);
+ instructions().append(addConstantValue(array)->index());
instructions().append(newArrayAllocationProfile());
return dst;
}
Modified: trunk/Source/_javascript_Core/bytecompiler/BytecodeGenerator.h (225384 => 225385)
--- trunk/Source/_javascript_Core/bytecompiler/BytecodeGenerator.h 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/bytecompiler/BytecodeGenerator.h 2017-12-01 08:18:40 UTC (rev 225385)
@@ -1046,8 +1046,6 @@
RegisterID* addConstantEmptyValue();
unsigned addRegExp(RegExp*);
- unsigned addConstantBuffer(unsigned length);
-
UnlinkedFunctionExecutable* makeFunction(FunctionMetadataNode* metadata)
{
DerivedContextType newDerivedContextType = DerivedContextType::None;
Modified: trunk/Source/_javascript_Core/dfg/DFGByteCodeParser.cpp (225384 => 225385)
--- trunk/Source/_javascript_Core/dfg/DFGByteCodeParser.cpp 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/dfg/DFGByteCodeParser.cpp 2017-12-01 08:18:40 UTC (rev 225385)
@@ -48,6 +48,7 @@
#include "GetByIdStatus.h"
#include "Heap.h"
#include "JSCInlines.h"
+#include "JSFixedArray.h"
#include "JSModuleEnvironment.h"
#include "JSModuleNamespaceObject.h"
#include "NumberConstructor.h"
@@ -81,76 +82,6 @@
dataLog(__VA_ARGS__); \
} while (false)
-class ConstantBufferKey {
-public:
- ConstantBufferKey()
- : m_codeBlock(0)
- , m_index(0)
- {
- }
-
- ConstantBufferKey(WTF::HashTableDeletedValueType)
- : m_codeBlock(0)
- , m_index(1)
- {
- }
-
- ConstantBufferKey(CodeBlock* codeBlock, unsigned index)
- : m_codeBlock(codeBlock)
- , m_index(index)
- {
- }
-
- bool operator==(const ConstantBufferKey& other) const
- {
- return m_codeBlock == other.m_codeBlock
- && m_index == other.m_index;
- }
-
- unsigned hash() const
- {
- return WTF::PtrHash<CodeBlock*>::hash(m_codeBlock) ^ m_index;
- }
-
- bool isHashTableDeletedValue() const
- {
- return !m_codeBlock && m_index;
- }
-
- CodeBlock* codeBlock() const { return m_codeBlock; }
- unsigned index() const { return m_index; }
-
-private:
- CodeBlock* m_codeBlock;
- unsigned m_index;
-};
-
-struct ConstantBufferKeyHash {
- static unsigned hash(const ConstantBufferKey& key) { return key.hash(); }
- static bool equal(const ConstantBufferKey& a, const ConstantBufferKey& b)
- {
- return a == b;
- }
-
- static const bool safeToCompareToEmptyOrDeleted = true;
-};
-
-} } // namespace JSC::DFG
-
-namespace WTF {
-
-template<typename T> struct DefaultHash;
-template<> struct DefaultHash<JSC::DFG::ConstantBufferKey> {
- typedef JSC::DFG::ConstantBufferKeyHash Hash;
-};
-
-template<typename T> struct HashTraits;
-template<> struct HashTraits<JSC::DFG::ConstantBufferKey> : SimpleClassHashTraits<JSC::DFG::ConstantBufferKey> { };
-
-} // namespace WTF
-
-namespace JSC { namespace DFG {
-
// === ByteCodeParser ===
//
// This class is used to compile the dataflow graph from a CodeBlock.
@@ -1103,8 +1034,6 @@
// The number of var args passed to the next var arg node.
unsigned m_numPassedVarArgs;
- HashMap<ConstantBufferKey, unsigned> m_constantBufferCache;
-
struct InlineStackEntry {
ByteCodeParser* m_byteCodeParser;
@@ -1121,7 +1050,6 @@
// (the machine code block, which is the transitive, though not necessarily
// direct, caller).
Vector<unsigned> m_identifierRemap;
- Vector<unsigned> m_constantBufferRemap;
Vector<unsigned> m_switchRemap;
// These are blocks whose terminal is a Jump, Branch or Switch, and whose target has not yet been linked.
@@ -4482,25 +4410,18 @@
}
case op_new_array_buffer: {
- int startConstant = currentInstruction[2].u.operand;
- int numConstants = currentInstruction[3].u.operand;
- ArrayAllocationProfile* profile = ""
- NewArrayBufferData data;
- data.startConstant = m_inlineStackTop->m_constantBufferRemap[startConstant];
- data.numConstants = numConstants;
+ FrozenValue* frozen = get(VirtualRegister(currentInstruction[2].u.operand))->constant();
+ JSFixedArray* fixedArray = frozen->cast<JSFixedArray*>();
+ ArrayAllocationProfile* profile = ""
+ NewArrayBufferData data { };
data.indexingType = profile->selectIndexingType();
- data.vectorLengthHint = std::max<unsigned>(profile->vectorLengthHint(), numConstants);
+ data.vectorLengthHint = std::max<unsigned>(profile->vectorLengthHint(), fixedArray->length());
// If this statement has never executed, we'll have the wrong indexing type in the profile.
- for (int i = 0; i < numConstants; ++i) {
- data.indexingType =
- leastUpperBoundOfIndexingTypeAndValue(
- data.indexingType,
- m_codeBlock->constantBuffer(data.startConstant)[i]);
- }
+ for (unsigned index = 0; index < fixedArray->length(); ++index)
+ data.indexingType = leastUpperBoundOfIndexingTypeAndValue(data.indexingType, fixedArray->get(index));
- m_graph.m_newArrayBufferData.append(WTFMove(data));
- set(VirtualRegister(currentInstruction[1].u.operand), addToGraph(NewArrayBuffer, OpInfo(&m_graph.m_newArrayBufferData.last())));
+ set(VirtualRegister(currentInstruction[1].u.operand), addToGraph(NewArrayBuffer, OpInfo(frozen), OpInfo(data.asQuadWord)));
NEXT_OPCODE(op_new_array_buffer);
}
@@ -6440,7 +6361,6 @@
m_inlineCallFrame->kind = kind;
m_identifierRemap.resize(codeBlock->numberOfIdentifiers());
- m_constantBufferRemap.resize(codeBlock->numberOfConstantBuffers());
m_switchRemap.resize(codeBlock->numberOfSwitchJumpTables());
for (size_t i = 0; i < codeBlock->numberOfIdentifiers(); ++i) {
@@ -6448,20 +6368,6 @@
unsigned index = byteCodeParser->m_graph.identifiers().ensure(rep);
m_identifierRemap[i] = index;
}
- for (unsigned i = 0; i < codeBlock->numberOfConstantBuffers(); ++i) {
- // If we inline the same code block multiple times, we don't want to needlessly
- // duplicate its constant buffers.
- HashMap<ConstantBufferKey, unsigned>::iterator iter =
- byteCodeParser->m_constantBufferCache.find(ConstantBufferKey(codeBlock, i));
- if (iter != byteCodeParser->m_constantBufferCache.end()) {
- m_constantBufferRemap[i] = iter->value;
- continue;
- }
- Vector<JSValue>& buffer = codeBlock->constantBufferAsVector(i);
- unsigned newIndex = byteCodeParser->m_codeBlock->addConstantBuffer(buffer);
- m_constantBufferRemap[i] = newIndex;
- byteCodeParser->m_constantBufferCache.add(ConstantBufferKey(codeBlock, i), newIndex);
- }
for (unsigned i = 0; i < codeBlock->numberOfSwitchJumpTables(); ++i) {
m_switchRemap[i] = byteCodeParser->m_codeBlock->numberOfSwitchJumpTables();
byteCodeParser->m_codeBlock->addSwitchJumpTable() = codeBlock->switchJumpTable(i);
@@ -6476,12 +6382,9 @@
m_inlineCallFrame = 0;
m_identifierRemap.resize(codeBlock->numberOfIdentifiers());
- m_constantBufferRemap.resize(codeBlock->numberOfConstantBuffers());
m_switchRemap.resize(codeBlock->numberOfSwitchJumpTables());
for (size_t i = 0; i < codeBlock->numberOfIdentifiers(); ++i)
m_identifierRemap[i] = i;
- for (size_t i = 0; i < codeBlock->numberOfConstantBuffers(); ++i)
- m_constantBufferRemap[i] = i;
for (size_t i = 0; i < codeBlock->numberOfSwitchJumpTables(); ++i)
m_switchRemap[i] = i;
}
Modified: trunk/Source/_javascript_Core/dfg/DFGClobberize.h (225384 => 225385)
--- trunk/Source/_javascript_Core/dfg/DFGClobberize.h 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/dfg/DFGClobberize.h 2017-12-01 08:18:40 UTC (rev 225385)
@@ -35,6 +35,7 @@
#include "DFGPureValue.h"
#include "DOMJITCallDOMGetterSnippet.h"
#include "DOMJITSignature.h"
+#include "JSFixedArray.h"
namespace JSC { namespace DFG {
@@ -1389,7 +1390,8 @@
read(HeapObjectCount);
write(HeapObjectCount);
- unsigned numElements = node->numConstants();
+ JSFixedArray* array = node->castOperand<JSFixedArray*>();
+ unsigned numElements = array->length();
def(HeapLocation(ArrayLengthLoc, Butterfly_publicLength, node),
LazyNode(graph.freeze(jsNumber(numElements))));
@@ -1417,11 +1419,10 @@
return;
}
- JSValue* data = ""
if (numElements < graph.m_uint32ValuesInUse.size()) {
for (unsigned index = 0; index < numElements; ++index) {
def(HeapLocation(indexedPropertyLoc, heap, node, LazyNode(graph.freeze(jsNumber(index)))),
- LazyNode(graph.freeze(data[index]), op));
+ LazyNode(graph.freeze(array->get(index)), op));
}
} else {
Vector<uint32_t> possibleIndices;
@@ -1432,7 +1433,7 @@
}
for (uint32_t index : possibleIndices) {
def(HeapLocation(indexedPropertyLoc, heap, node, LazyNode(graph.freeze(jsNumber(index)))),
- LazyNode(graph.freeze(data[index]), op));
+ LazyNode(graph.freeze(array->get(index)), op));
}
}
return;
Modified: trunk/Source/_javascript_Core/dfg/DFGGraph.cpp (225384 => 225385)
--- trunk/Source/_javascript_Core/dfg/DFGGraph.cpp 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/dfg/DFGGraph.cpp 2017-12-01 08:18:40 UTC (rev 225385)
@@ -311,15 +311,8 @@
}
if (node->hasUnlinkedLocal())
out.print(comma, node->unlinkedLocal());
- if (node->hasConstantBuffer()) {
- out.print(comma);
- out.print(node->startConstant(), ":[");
- CommaPrinter anotherComma;
- for (unsigned i = 0; i < node->numConstants(); ++i)
- out.print(anotherComma, pointerDumpInContext(freeze(m_codeBlock->constantBuffer(node->startConstant())[i]), context));
- out.print("]");
+ if (node->hasVectorLengthHint())
out.print(comma, "vectorLengthHint = ", node->vectorLengthHint());
- }
if (node->hasLazyJSValue())
out.print(comma, node->lazyJSValue());
if (node->hasIndexingType())
Modified: trunk/Source/_javascript_Core/dfg/DFGGraph.h (225384 => 225385)
--- trunk/Source/_javascript_Core/dfg/DFGGraph.h 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/dfg/DFGGraph.h 2017-12-01 08:18:40 UTC (rev 225385)
@@ -1030,7 +1030,6 @@
SegmentedVector<VariableAccessData, 16> m_variableAccessData;
SegmentedVector<ArgumentPosition, 8> m_argumentPositions;
Bag<Transition> m_transitions;
- SegmentedVector<NewArrayBufferData, 4> m_newArrayBufferData;
Bag<BranchData> m_branchData;
Bag<SwitchData> m_switchData;
Bag<MultiGetByOffsetData> m_multiGetByOffsetData;
Modified: trunk/Source/_javascript_Core/dfg/DFGNode.h (225384 => 225385)
--- trunk/Source/_javascript_Core/dfg/DFGNode.h 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/dfg/DFGNode.h 2017-12-01 08:18:40 UTC (rev 225385)
@@ -97,11 +97,16 @@
};
struct NewArrayBufferData {
- unsigned startConstant;
- unsigned numConstants;
- unsigned vectorLengthHint;
- IndexingType indexingType;
+ union {
+ struct {
+ unsigned vectorLengthHint;
+ unsigned indexingType;
+ };
+ uint64_t asQuadWord;
+ };
};
+static_assert(sizeof(IndexingType) <= sizeof(unsigned), "");
+static_assert(sizeof(NewArrayBufferData) == sizeof(uint64_t), "");
struct BranchTarget {
BranchTarget()
@@ -1085,30 +1090,26 @@
return m_flags & NodeMayHaveNonNumberResult;
}
- bool hasConstantBuffer()
+ bool hasNewArrayBufferData()
{
return op() == NewArrayBuffer;
}
- NewArrayBufferData* newArrayBufferData()
+ NewArrayBufferData newArrayBufferData()
{
- ASSERT(hasConstantBuffer());
- return m_opInfo.as<NewArrayBufferData*>();
+ ASSERT(hasNewArrayBufferData());
+ return m_opInfo2.asNewArrayBufferData();
}
-
- unsigned startConstant()
+
+ unsigned hasVectorLengthHint()
{
- return newArrayBufferData()->startConstant;
+ return op() == NewArrayBuffer;
}
- unsigned numConstants()
- {
- return newArrayBufferData()->numConstants;
- }
-
unsigned vectorLengthHint()
{
- return newArrayBufferData()->vectorLengthHint;
+ ASSERT(hasVectorLengthHint());
+ return newArrayBufferData().vectorLengthHint;
}
bool hasIndexingType()
@@ -1141,7 +1142,7 @@
{
ASSERT(hasIndexingType());
if (op() == NewArrayBuffer)
- return newArrayBufferData()->indexingType;
+ return static_cast<IndexingType>(newArrayBufferData().indexingType);
return static_cast<IndexingType>(m_opInfo.as<uint32_t>());
}
@@ -1639,6 +1640,7 @@
case CreateActivation:
case MaterializeCreateActivation:
case NewRegexp:
+ case NewArrayBuffer:
case CompareEqPtr:
case CallObjectConstructor:
case DirectCall:
@@ -2756,6 +2758,11 @@
u.pointer = bitwise_cast<void*>(structure);
return *this;
}
+ OpInfoWrapper& operator=(NewArrayBufferData newArrayBufferData)
+ {
+ u.int64 = bitwise_cast<uint64_t>(newArrayBufferData);
+ return *this;
+ }
template <typename T>
ALWAYS_INLINE auto as() const -> typename std::enable_if<std::is_pointer<T>::value && !std::is_const<typename std::remove_pointer<T>::type>::value, T>::type
{
@@ -2780,6 +2787,10 @@
{
return bitwise_cast<RegisteredStructure>(u.pointer);
}
+ ALWAYS_INLINE NewArrayBufferData asNewArrayBufferData() const
+ {
+ return bitwise_cast<NewArrayBufferData>(u.int64);
+ }
union {
uint32_t int32;
Modified: trunk/Source/_javascript_Core/dfg/DFGOperations.cpp (225384 => 225385)
--- trunk/Source/_javascript_Core/dfg/DFGOperations.cpp 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/dfg/DFGOperations.cpp 2017-12-01 08:18:40 UTC (rev 225385)
@@ -1403,11 +1403,11 @@
return bitwise_cast<char*>(result);
}
-char* JIT_OPERATION operationNewArrayBuffer(ExecState* exec, Structure* arrayStructure, size_t start, size_t size)
+JSCell* JIT_OPERATION operationNewArrayBuffer(ExecState* exec, Structure* arrayStructure, JSCell* fixedArray, size_t size)
{
VM& vm = exec->vm();
NativeCallFrameTracer tracer(&vm, exec);
- return bitwise_cast<char*>(constructArray(exec, arrayStructure, exec->codeBlock()->constantBuffer(start), size));
+ return constructArray(exec, arrayStructure, jsCast<JSFixedArray*>(fixedArray)->values(), size);
}
char* JIT_OPERATION operationNewInt8ArrayWithSize(
Modified: trunk/Source/_javascript_Core/dfg/DFGOperations.h (225384 => 225385)
--- trunk/Source/_javascript_Core/dfg/DFGOperations.h 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/dfg/DFGOperations.h 2017-12-01 08:18:40 UTC (rev 225385)
@@ -82,7 +82,6 @@
EncodedJSValue JIT_OPERATION operationGetPrototypeOfObject(ExecState*, JSObject*) WTF_INTERNAL;
EncodedJSValue JIT_OPERATION operationHasIndexedPropertyByInt(ExecState*, JSCell*, int32_t, int32_t);
char* JIT_OPERATION operationNewArray(ExecState*, Structure*, void*, size_t) WTF_INTERNAL;
-char* JIT_OPERATION operationNewArrayBuffer(ExecState*, Structure*, size_t, size_t) WTF_INTERNAL;
char* JIT_OPERATION operationNewEmptyArray(ExecState*, Structure*) WTF_INTERNAL;
char* JIT_OPERATION operationNewArrayWithSize(ExecState*, Structure*, int32_t, Butterfly*) WTF_INTERNAL;
char* JIT_OPERATION operationNewArrayWithSizeAndHint(ExecState*, Structure*, int32_t, int32_t, Butterfly*) WTF_INTERNAL;
@@ -164,6 +163,7 @@
JSCell* JIT_OPERATION operationCreateClonedArgumentsDuringExit(ExecState*, InlineCallFrame*, JSFunction*, int32_t argumentCount);
JSCell* JIT_OPERATION operationCreateClonedArguments(ExecState*, Structure*, Register* argumentStart, int32_t length, JSFunction* callee);
JSCell* JIT_OPERATION operationCreateRest(ExecState*, Register* argumentStart, unsigned numberOfArgumentsToSkip, unsigned arraySize);
+JSCell* JIT_OPERATION operationNewArrayBuffer(ExecState*, Structure*, JSCell*, size_t) WTF_INTERNAL;
double JIT_OPERATION operationFModOnInts(int32_t, int32_t) WTF_INTERNAL;
size_t JIT_OPERATION operationObjectIsObject(ExecState*, JSGlobalObject*, JSCell*) WTF_INTERNAL;
size_t JIT_OPERATION operationObjectIsFunction(ExecState*, JSGlobalObject*, JSCell*) WTF_INTERNAL;
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.h (225384 => 225385)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.h 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.h 2017-12-01 08:18:40 UTC (rev 225385)
@@ -1112,7 +1112,13 @@
m_jit.setupArgumentsWithExecState(TrustedImmPtr(structure));
return appendCallSetResult(operation, result);
}
+ JITCompiler::Call callOperation(C_JITOperation_EStCS operation, GPRReg result, RegisteredStructure structure, TrustedImmPtr pointer, size_t size)
+ {
+ m_jit.setupArgumentsWithExecState(TrustedImmPtr(structure), pointer, TrustedImmPtr(size));
+ return appendCallSetResult(operation, result);
+ }
+
#if USE(JSVALUE64)
JITCompiler::Call callOperation(C_JITOperation_EStJscSymtabJ operation, GPRReg result, RegisteredStructure structure, GPRReg scope, SymbolTable* table, TrustedImm64 initialValue)
{
@@ -1574,11 +1580,6 @@
m_jit.setupArgumentsWithExecState(TrustedImmPtr(pointer), TrustedImmPtr(size));
return appendCallSetResult(operation, result);
}
- JITCompiler::Call callOperation(J_JITOperation_ESS operation, GPRReg result, int startConstant, int numConstants)
- {
- m_jit.setupArgumentsWithExecState(TrustedImm32(startConstant), TrustedImm32(numConstants));
- return appendCallSetResult(operation, result);
- }
JITCompiler::Call callOperation(J_JITOperation_EPP operation, GPRReg result, GPRReg arg1, void* pointer)
{
m_jit.setupArgumentsWithExecState(arg1, TrustedImmPtr(pointer));
@@ -2226,11 +2227,6 @@
m_jit.setupArgumentsWithExecState(TrustedImmPtr(pointer), TrustedImmPtr(size));
return appendCallSetResult(operation, result.payloadGPR(), result.tagGPR());
}
- JITCompiler::Call callOperation(J_JITOperation_ESS operation, JSValueRegs result, int startConstant, int numConstants)
- {
- m_jit.setupArgumentsWithExecState(TrustedImm32(startConstant), TrustedImm32(numConstants));
- return appendCallSetResult(operation, result.payloadGPR(), result.tagGPR());
- }
JITCompiler::Call callOperation(J_JITOperation_EJP operation, JSValueRegs result, JSValueRegs arg1, void* pointer)
{
m_jit.setupArgumentsWithExecState(EABI_32BIT_DUMMY_ARG arg1.payloadGPR(), arg1.tagGPR(), TrustedImmPtr(pointer));
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp (225384 => 225385)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp 2017-12-01 08:18:40 UTC (rev 225385)
@@ -3930,9 +3930,10 @@
case NewArrayBuffer: {
JSGlobalObject* globalObject = m_jit.graph().globalObjectFor(node->origin.semantic);
+ JSFixedArray* array = node->castOperand<JSFixedArray*>();
+ unsigned numElements = array->length();
IndexingType indexingType = node->indexingType();
if (!globalObject->isHavingABadTime() && !hasAnyArrayStorage(indexingType)) {
- unsigned numElements = node->numConstants();
GPRTemporary result(this);
GPRTemporary storage(this);
@@ -3941,26 +3942,21 @@
GPRReg storageGPR = storage.gpr();
emitAllocateRawObject(resultGPR, m_jit.graph().registerStructure(globalObject->arrayStructureForIndexingTypeDuringAllocation(indexingType)), storageGPR, numElements, numElements);
-
- if (node->indexingType() == ArrayWithDouble) {
- JSValue* data = ""
- for (unsigned index = 0; index < node->numConstants(); ++index) {
- union {
- int32_t halves[2];
- double value;
- } u;
- u.value = data[index].asNumber();
- m_jit.store32(Imm32(u.halves[0]), MacroAssembler::Address(storageGPR, sizeof(double) * index));
- m_jit.store32(Imm32(u.halves[1]), MacroAssembler::Address(storageGPR, sizeof(double) * index + sizeof(int32_t)));
- }
- } else {
- int32_t* data = ""
- for (unsigned index = 0; index < node->numConstants() * 2; ++index) {
- m_jit.store32(
- Imm32(data[index]), MacroAssembler::Address(storageGPR, sizeof(int32_t) * index));
- }
+
+ for (unsigned index = 0; index < numElements; ++index) {
+ union {
+ int32_t halves[2];
+ double doubleValue;
+ int64_t encodedValue;
+ } u;
+ if (node->indexingType() == ArrayWithDouble)
+ u.doubleValue = array->get(index).asNumber();
+ else
+ u.encodedValue = JSValue::encode(array->get(index));
+ static_assert(sizeof(double) == sizeof(JSValue), "");
+ m_jit.store32(Imm32(u.halves[0]), MacroAssembler::Address(storageGPR, sizeof(JSValue) * index));
+ m_jit.store32(Imm32(u.halves[1]), MacroAssembler::Address(storageGPR, sizeof(JSValue) * index + sizeof(int32_t)));
}
-
cellResult(resultGPR, node);
break;
}
@@ -3968,7 +3964,7 @@
flushRegisters();
GPRFlushedCallResult result(this);
- callOperation(operationNewArrayBuffer, result.gpr(), m_jit.graph().registerStructure(globalObject->arrayStructureForIndexingTypeDuringAllocation(node->indexingType())), node->startConstant(), node->numConstants());
+ callOperation(operationNewArrayBuffer, result.gpr(), m_jit.graph().registerStructure(globalObject->arrayStructureForIndexingTypeDuringAllocation(node->indexingType())), TrustedImmPtr(node->cellOperand()), numElements);
m_jit.exceptionCheck();
cellResult(result.gpr(), node);
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp (225384 => 225385)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp 2017-12-01 08:18:40 UTC (rev 225385)
@@ -4140,9 +4140,10 @@
case NewArrayBuffer: {
JSGlobalObject* globalObject = m_jit.graph().globalObjectFor(node->origin.semantic);
+ JSFixedArray* array = node->castOperand<JSFixedArray*>();
+ unsigned numElements = array->length();
IndexingType indexingType = node->indexingType();
if (!globalObject->isHavingABadTime() && !hasAnyArrayStorage(indexingType)) {
- unsigned numElements = node->numConstants();
unsigned vectorLengthHint = node->vectorLengthHint();
ASSERT(vectorLengthHint >= numElements);
@@ -4155,22 +4156,16 @@
emitAllocateRawObject(resultGPR, m_jit.graph().registerStructure(globalObject->arrayStructureForIndexingTypeDuringAllocation(indexingType)), storageGPR, numElements, vectorLengthHint);
DFG_ASSERT(m_jit.graph(), node, indexingType & IsArray);
- JSValue* data = ""
- if (indexingType == ArrayWithDouble) {
- for (unsigned index = 0; index < node->numConstants(); ++index) {
- double value = data[index].asNumber();
- m_jit.store64(
- Imm64(bitwise_cast<int64_t>(value)),
- MacroAssembler::Address(storageGPR, sizeof(double) * index));
- }
- } else {
- for (unsigned index = 0; index < node->numConstants(); ++index) {
- m_jit.store64(
- Imm64(JSValue::encode(data[index])),
- MacroAssembler::Address(storageGPR, sizeof(JSValue) * index));
- }
+
+ for (unsigned index = 0; index < numElements; ++index) {
+ int64_t value;
+ if (indexingType == ArrayWithDouble)
+ value = bitwise_cast<int64_t>(array->get(index).asNumber());
+ else
+ value = JSValue::encode(array->get(index));
+ static_assert(sizeof(double) == sizeof(JSValue), "");
+ m_jit.store64(Imm64(value), MacroAssembler::Address(storageGPR, sizeof(JSValue) * index));
}
-
cellResult(resultGPR, node);
break;
}
@@ -4178,7 +4173,7 @@
flushRegisters();
GPRFlushedCallResult result(this);
- callOperation(operationNewArrayBuffer, result.gpr(), m_jit.graph().registerStructure(globalObject->arrayStructureForIndexingTypeDuringAllocation(node->indexingType())), node->startConstant(), node->numConstants());
+ callOperation(operationNewArrayBuffer, result.gpr(), m_jit.graph().registerStructure(globalObject->arrayStructureForIndexingTypeDuringAllocation(node->indexingType())), TrustedImmPtr(node->cellOperand()), numElements);
m_jit.exceptionCheck();
cellResult(result.gpr(), node);
Modified: trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp (225384 => 225385)
--- trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp 2017-12-01 08:18:40 UTC (rev 225385)
@@ -5430,9 +5430,10 @@
JSGlobalObject* globalObject = m_graph.globalObjectFor(m_node->origin.semantic);
RegisteredStructure structure = m_graph.registerStructure(globalObject->arrayStructureForIndexingTypeDuringAllocation(
m_node->indexingType()));
+ JSFixedArray* array = m_node->castOperand<JSFixedArray*>();
+ unsigned numElements = array->length();
if (!globalObject->isHavingABadTime() && !hasAnyArrayStorage(m_node->indexingType())) {
- unsigned numElements = m_node->numConstants();
unsigned vectorLengthHint = m_node->vectorLengthHint();
ASSERT(vectorLengthHint >= numElements);
@@ -5439,13 +5440,12 @@
ArrayValues arrayValues =
allocateUninitializedContiguousJSArray(numElements, vectorLengthHint, structure);
- JSValue* data = ""
- for (unsigned index = 0; index < m_node->numConstants(); ++index) {
+ for (unsigned index = 0; index < numElements; ++index) {
int64_t value;
if (hasDouble(m_node->indexingType()))
- value = bitwise_cast<int64_t>(data[index].asNumber());
+ value = bitwise_cast<int64_t>(array->get(index).asNumber());
else
- value = JSValue::encode(data[index]);
+ value = JSValue::encode(array->get(index));
m_out.store64(
m_out.constInt64(value),
@@ -5460,8 +5460,8 @@
setJSValue(vmCall(
Int64, m_out.operation(operationNewArrayBuffer), m_callFrame,
- weakStructure(structure), m_out.constIntPtr(m_node->startConstant()),
- m_out.constIntPtr(m_node->numConstants())));
+ weakStructure(structure), m_out.weakPointer(m_node->cellOperand()),
+ m_out.constIntPtr(numElements)));
}
void compileNewArrayWithSize()
Modified: trunk/Source/_javascript_Core/jit/JIT.cpp (225384 => 225385)
--- trunk/Source/_javascript_Core/jit/JIT.cpp 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/jit/JIT.cpp 2017-12-01 08:18:40 UTC (rev 225385)
@@ -284,6 +284,7 @@
DEFINE_SLOW_OP(unreachable)
DEFINE_SLOW_OP(throw_static_error)
DEFINE_SLOW_OP(new_array_with_spread)
+ DEFINE_SLOW_OP(new_array_buffer)
DEFINE_SLOW_OP(spread)
DEFINE_SLOW_OP(get_enumerable_length)
DEFINE_SLOW_OP(has_generic_property)
@@ -372,7 +373,6 @@
DEFINE_OP(op_neq_null)
DEFINE_OP(op_new_array)
DEFINE_OP(op_new_array_with_size)
- DEFINE_OP(op_new_array_buffer)
DEFINE_OP(op_new_func)
DEFINE_OP(op_new_func_exp)
DEFINE_OP(op_new_generator_func)
Modified: trunk/Source/_javascript_Core/jit/JIT.h (225384 => 225385)
--- trunk/Source/_javascript_Core/jit/JIT.h 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/jit/JIT.h 2017-12-01 08:18:40 UTC (rev 225385)
@@ -540,7 +540,6 @@
void emit_op_neq_null(Instruction*);
void emit_op_new_array(Instruction*);
void emit_op_new_array_with_size(Instruction*);
- void emit_op_new_array_buffer(Instruction*);
void emit_op_new_func(Instruction*);
void emit_op_new_func_exp(Instruction*);
void emit_op_new_generator_func(Instruction*);
Modified: trunk/Source/_javascript_Core/jit/JITOpcodes.cpp (225384 => 225385)
--- trunk/Source/_javascript_Core/jit/JITOpcodes.cpp 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/jit/JITOpcodes.cpp 2017-12-01 08:18:40 UTC (rev 225385)
@@ -1034,15 +1034,6 @@
#endif
}
-void JIT::emit_op_new_array_buffer(Instruction* currentInstruction)
-{
- int dst = currentInstruction[1].u.operand;
- int valuesIndex = currentInstruction[2].u.operand;
- int size = currentInstruction[3].u.operand;
- const JSValue* values = codeBlock()->constantBuffer(valuesIndex);
- callOperation(operationNewArrayBufferWithProfile, dst, currentInstruction[4].u.arrayAllocationProfile, values, size);
-}
-
#if USE(JSVALUE64)
void JIT::emit_op_has_structure_property(Instruction* currentInstruction)
{
Modified: trunk/Source/_javascript_Core/jit/JITOperations.cpp (225384 => 225385)
--- trunk/Source/_javascript_Core/jit/JITOperations.cpp 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/jit/JITOperations.cpp 2017-12-01 08:18:40 UTC (rev 225385)
@@ -1178,13 +1178,6 @@
return JSValue::encode(constructArrayNegativeIndexed(exec, profile, values, size));
}
-EncodedJSValue JIT_OPERATION operationNewArrayBufferWithProfile(ExecState* exec, ArrayAllocationProfile* profile, const JSValue* values, int size)
-{
- VM* vm = &exec->vm();
- NativeCallFrameTracer tracer(vm, exec);
- return JSValue::encode(constructArray(exec, profile, values, size));
-}
-
EncodedJSValue JIT_OPERATION operationNewArrayWithSizeAndProfile(ExecState* exec, ArrayAllocationProfile* profile, EncodedJSValue size)
{
VM* vm = &exec->vm();
Modified: trunk/Source/_javascript_Core/jit/JITOperations.h (225384 => 225385)
--- trunk/Source/_javascript_Core/jit/JITOperations.h 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/jit/JITOperations.h 2017-12-01 08:18:40 UTC (rev 225385)
@@ -213,6 +213,7 @@
typedef JSCell* (JIT_OPERATION *C_JITOperation_EStRZJsf)(ExecState*, Structure*, Register*, int32_t, JSFunction*);
typedef JSCell* (JIT_OPERATION *C_JITOperation_EStZ)(ExecState*, Structure*, int32_t);
typedef JSCell* (JIT_OPERATION *C_JITOperation_EStZZ)(ExecState*, Structure*, int32_t, int32_t);
+typedef JSCell* (JIT_OPERATION *C_JITOperation_EStCS)(ExecState*, Structure*, JSCell*, size_t);
typedef JSCell* (JIT_OPERATION *C_JITOperation_ECZZ)(ExecState*, JSCell*, int32_t, int32_t);
typedef JSCell* (JIT_OPERATION *C_JITOperation_EZ)(ExecState*, int32_t);
typedef JSCell* (JIT_OPERATION *C_JITOperation_EJscI)(ExecState*, JSScope*, UniquedStringImpl*);
@@ -392,7 +393,6 @@
size_t JIT_OPERATION operationCompareStringEq(ExecState*, JSCell* left, JSCell* right) WTF_INTERNAL;
#endif
EncodedJSValue JIT_OPERATION operationNewArrayWithProfile(ExecState*, ArrayAllocationProfile*, const JSValue* values, int32_t size) WTF_INTERNAL;
-EncodedJSValue JIT_OPERATION operationNewArrayBufferWithProfile(ExecState*, ArrayAllocationProfile*, const JSValue* values, int32_t size) WTF_INTERNAL;
EncodedJSValue JIT_OPERATION operationNewArrayWithSizeAndProfile(ExecState*, ArrayAllocationProfile*, EncodedJSValue size) WTF_INTERNAL;
EncodedJSValue JIT_OPERATION operationNewFunction(ExecState*, JSScope*, JSCell*) WTF_INTERNAL;
EncodedJSValue JIT_OPERATION operationNewFunctionWithInvalidatedReallocationWatchpoint(ExecState*, JSScope*, JSCell*) WTF_INTERNAL;
Modified: trunk/Source/_javascript_Core/llint/LLIntSlowPaths.cpp (225384 => 225385)
--- trunk/Source/_javascript_Core/llint/LLIntSlowPaths.cpp 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/llint/LLIntSlowPaths.cpp 2017-12-01 08:18:40 UTC (rev 225385)
@@ -548,12 +548,6 @@
LLINT_RETURN(constructArrayWithSizeQuirk(exec, pc[3].u.arrayAllocationProfile, exec->lexicalGlobalObject(), LLINT_OP_C(2).jsValue()));
}
-LLINT_SLOW_PATH_DECL(slow_path_new_array_buffer)
-{
- LLINT_BEGIN();
- LLINT_RETURN(constructArray(exec, pc[4].u.arrayAllocationProfile, exec->codeBlock()->constantBuffer(pc[2].u.operand), pc[3].u.operand));
-}
-
LLINT_SLOW_PATH_DECL(slow_path_new_regexp)
{
LLINT_BEGIN();
Modified: trunk/Source/_javascript_Core/llint/LLIntSlowPaths.h (225384 => 225385)
--- trunk/Source/_javascript_Core/llint/LLIntSlowPaths.h 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/llint/LLIntSlowPaths.h 2017-12-01 08:18:40 UTC (rev 225385)
@@ -66,7 +66,6 @@
LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_new_object);
LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_new_array);
LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_new_array_with_size);
-LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_new_array_buffer);
LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_new_regexp);
LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_instanceof);
LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_instanceof_custom);
Modified: trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm (225384 => 225385)
--- trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm 2017-12-01 08:18:40 UTC (rev 225385)
@@ -1364,7 +1364,7 @@
_llint_op_new_array_buffer:
traceExecution()
- callOpcodeSlowPath(_llint_slow_path_new_array_buffer)
+ callOpcodeSlowPath(_slow_path_new_array_buffer)
dispatch(constexpr op_new_array_buffer_length)
Modified: trunk/Source/_javascript_Core/runtime/CommonSlowPaths.cpp (225384 => 225385)
--- trunk/Source/_javascript_Core/runtime/CommonSlowPaths.cpp 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/runtime/CommonSlowPaths.cpp 2017-12-01 08:18:40 UTC (rev 225385)
@@ -1074,6 +1074,13 @@
RETURN(result);
}
+SLOW_PATH_DECL(slow_path_new_array_buffer)
+{
+ BEGIN();
+ auto* fixedArray = jsCast<JSFixedArray*>(OP_C(2).jsValue());
+ RETURN(constructArray(exec, pc[3].u.arrayAllocationProfile, fixedArray->values(), fixedArray->length()));
+}
+
SLOW_PATH_DECL(slow_path_spread)
{
BEGIN();
Modified: trunk/Source/_javascript_Core/runtime/CommonSlowPaths.h (225384 => 225385)
--- trunk/Source/_javascript_Core/runtime/CommonSlowPaths.h 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/runtime/CommonSlowPaths.h 2017-12-01 08:18:40 UTC (rev 225385)
@@ -284,6 +284,7 @@
SLOW_PATH_HIDDEN_DECL(slow_path_define_accessor_property);
SLOW_PATH_HIDDEN_DECL(slow_path_throw_static_error);
SLOW_PATH_HIDDEN_DECL(slow_path_new_array_with_spread);
+SLOW_PATH_HIDDEN_DECL(slow_path_new_array_buffer);
SLOW_PATH_HIDDEN_DECL(slow_path_spread);
using SlowPathFunction = SlowPathReturnType(SLOW_PATH *)(ExecState*, Instruction*);
Modified: trunk/Source/_javascript_Core/runtime/JSFixedArray.cpp (225384 => 225385)
--- trunk/Source/_javascript_Core/runtime/JSFixedArray.cpp 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/runtime/JSFixedArray.cpp 2017-12-01 08:18:40 UTC (rev 225385)
@@ -28,6 +28,7 @@
#include "CodeBlock.h"
#include "JSCInlines.h"
+#include <wtf/CommaPrinter.h>
namespace JSC {
@@ -51,4 +52,15 @@
}
}
+void JSFixedArray::dumpToStream(const JSCell* cell, PrintStream& out)
+{
+ VM& vm = *cell->vm();
+ const auto* thisObject = jsCast<const JSFixedArray*>(cell);
+ out.printf("<%p, %s, [%u], [", thisObject, thisObject->className(vm), thisObject->length());
+ CommaPrinter comma;
+ for (unsigned index = 0; index < thisObject->length(); ++index)
+ out.print(comma, thisObject->get(index));
+ out.print("]>");
+}
+
} // namespace JSC
Modified: trunk/Source/_javascript_Core/runtime/JSFixedArray.h (225384 => 225385)
--- trunk/Source/_javascript_Core/runtime/JSFixedArray.h 2017-12-01 05:36:23 UTC (rev 225384)
+++ trunk/Source/_javascript_Core/runtime/JSFixedArray.h 2017-12-01 08:18:40 UTC (rev 225385)
@@ -57,6 +57,13 @@
return result;
}
+ static JSFixedArray* create(VM& vm, unsigned length)
+ {
+ auto* array = tryCreate(vm, vm.fixedArrayStructure.get(), length);
+ RELEASE_ASSERT(array);
+ return array;
+ }
+
ALWAYS_INLINE static JSFixedArray* createFromArray(ExecState* exec, VM& vm, JSArray* array)
{
auto throwScope = DECLARE_THROW_SCOPE(vm);
@@ -110,17 +117,26 @@
return result;
}
- ALWAYS_INLINE JSValue get(unsigned index)
+ ALWAYS_INLINE JSValue get(unsigned index) const
{
ASSERT(index < m_size);
return buffer()[index].get();
}
+ void set(VM& vm, unsigned index, JSValue value)
+ {
+ ASSERT(index < m_size);
+ return buffer()[index].set(vm, this, value);
+ }
+
ALWAYS_INLINE WriteBarrier<Unknown>* buffer() { return bitwise_cast<WriteBarrier<Unknown>*>(bitwise_cast<char*>(this) + offsetOfData()); }
+ ALWAYS_INLINE WriteBarrier<Unknown>* buffer() const { return const_cast<JSFixedArray*>(this)->buffer(); }
+ ALWAYS_INLINE const JSValue* values() const { return bitwise_cast<const JSValue*>(buffer()); }
static void visitChildren(JSCell*, SlotVisitor&);
unsigned size() const { return m_size; }
+ unsigned length() const { return m_size; }
static size_t offsetOfSize() { return OBJECT_OFFSETOF(JSFixedArray, m_size); }
@@ -131,6 +147,8 @@
void copyToArguments(ExecState*, VirtualRegister firstElementDest, unsigned offset, unsigned length);
+ static void dumpToStream(const JSCell*, PrintStream&);
+
private:
JSFixedArray(VM& vm, Structure* structure, unsigned size)
: Base(vm, structure)
