src/ic.cc - Issue 6850015: Remove support for inlined property loads and stores.

Unified Diff: src/ic.cc

Issue 6850015: Remove support for inlined property loads and stores. (Closed) Base URL: http://v8.googlecode.com/svn/branches/bleeding_edge/

Patch Set: Created 9 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: src/ic.cc

===================================================================

--- src/ic.cc (revision 7619)

+++ src/ic.cc (working copy)

@@ -304,54 +304,23 @@

}

-void KeyedLoadIC::ClearInlinedVersion(Address address) {

- // Insert null as the map to check for to make sure the map check fails

- // sending control flow to the IC instead of the inlined version.

- PatchInlinedLoad(address, HEAP->null_value());

void KeyedLoadIC::Clear(Address address, Code* target) {

if (target->ic_state() == UNINITIALIZED) return;

// Make sure to also clear the map used in inline fast cases. If we

// do not clear these maps, cached code can keep objects alive

// through the embedded maps.

- ClearInlinedVersion(address);

SetTargetAtAddress(address, initialize_stub());

}

-void LoadIC::ClearInlinedVersion(Address address) {

- // Reset the map check of the inlined inobject property load (if

- // present) to guarantee failure by holding an invalid map (the null

- // value). The offset can be patched to anything.

- Heap* heap = HEAP;

- PatchInlinedLoad(address, heap->null_value(), 0);

- PatchInlinedContextualLoad(address,

- heap->null_value(),

- true);

void LoadIC::Clear(Address address, Code* target) {

if (target->ic_state() == UNINITIALIZED) return;

- ClearInlinedVersion(address);

SetTargetAtAddress(address, initialize_stub());

}

-void StoreIC::ClearInlinedVersion(Address address) {

- // Reset the map check of the inlined inobject property store (if

- // present) to guarantee failure by holding an invalid map (the null

- // value). The offset can be patched to anything.

- PatchInlinedStore(address, HEAP->null_value(), 0);

void StoreIC::Clear(Address address, Code* target) {

if (target->ic_state() == UNINITIALIZED) return;

- ClearInlinedVersion(address);

SetTargetAtAddress(address,

(target->extra_ic_state() == kStrictMode)

? initialize_stub_strict()

@@ -359,21 +328,6 @@

}

-void KeyedStoreIC::ClearInlinedVersion(Address address) {

- // Insert null as the elements map to check for. This will make

- // sure that the elements fast-case map check fails so that control

- // flows to the IC instead of the inlined version.

- PatchInlinedStore(address, HEAP->null_value());

-void KeyedStoreIC::RestoreInlinedVersion(Address address) {

- // Restore the fast-case elements map check so that the inlined

- // version can be used again.

- PatchInlinedStore(address, HEAP->fixed_array_map());

void KeyedStoreIC::Clear(Address address, Code* target) {

if (target->ic_state() == UNINITIALIZED) return;

SetTargetAtAddress(address,

@@ -873,9 +827,6 @@

#endif

if (state == PREMONOMORPHIC) {

if (object->IsString()) {

- Map* map = HeapObject::cast(*object)->map();

- const int offset = String::kLengthOffset;

- PatchInlinedLoad(address(), map, offset);

set_target(isolate()->builtins()->builtin(

Builtins::kLoadIC_StringLength));

} else {

@@ -903,9 +854,6 @@

if (FLAG_trace_ic) PrintF("[LoadIC : +#length /array]\n");

#endif

if (state == PREMONOMORPHIC) {

- Map* map = HeapObject::cast(*object)->map();

- const int offset = JSArray::kLengthOffset;

- PatchInlinedLoad(address(), map, offset);

set_target(isolate()->builtins()->builtin(

Builtins::kLoadIC_ArrayLength));

} else {

@@ -948,63 +896,6 @@

LOG(isolate(), SuspectReadEvent(*name, *object));

}

- bool can_be_inlined_precheck =

- FLAG_use_ic &&

- lookup.IsProperty() &&

- lookup.IsCacheable() &&

- lookup.holder() == *object &&

- !object->IsAccessCheckNeeded();

- bool can_be_inlined =

- can_be_inlined_precheck &&

- state == PREMONOMORPHIC &&

- lookup.type() == FIELD;

- bool can_be_inlined_contextual =

- can_be_inlined_precheck &&

- state == UNINITIALIZED &&

- lookup.holder()->IsGlobalObject() &&

- lookup.type() == NORMAL;

- if (can_be_inlined) {

- Map* map = lookup.holder()->map();

- // Property's index in the properties array. If negative we have

- // an inobject property.

- int index = lookup.GetFieldIndex() - map->inobject_properties();

- if (index < 0) {

- // Index is an offset from the end of the object.

- int offset = map->instance_size() + (index * kPointerSize);

- if (PatchInlinedLoad(address(), map, offset)) {

- set_target(megamorphic_stub());

- TRACE_IC_NAMED("[LoadIC : inline patch %s]\n", name);

- return lookup.holder()->FastPropertyAt(lookup.GetFieldIndex());

- } else {

- TRACE_IC_NAMED("[LoadIC : no inline patch %s (patching failed)]\n",

- name);

- }

- } else {

- TRACE_IC_NAMED("[LoadIC : no inline patch %s (not inobject)]\n", name);

- }

- } else if (can_be_inlined_contextual) {

- Map* map = lookup.holder()->map();

- JSGlobalPropertyCell* cell = JSGlobalPropertyCell::cast(

- lookup.holder()->property_dictionary()->ValueAt(

- lookup.GetDictionaryEntry()));

- if (PatchInlinedContextualLoad(address(),

- map,

- cell,

- lookup.IsDontDelete())) {

- set_target(megamorphic_stub());

- TRACE_IC_NAMED("[LoadIC : inline contextual patch %s]\n", name);

- ASSERT(cell->value() != isolate()->heap()->the_hole_value());

- return cell->value();

- }

- } else {

- if (FLAG_use_ic && state == PREMONOMORPHIC) {

- TRACE_IC_NAMED("[LoadIC : no inline patch %s (not inlinable)]\n", name);

- }

// Update inline cache and stub cache.

if (FLAG_use_ic) {

UpdateCaches(&lookup, state, object, name);

@@ -1294,18 +1185,6 @@

#ifdef DEBUG

TraceIC("KeyedLoadIC", key, state, target());

#endif // DEBUG

- // For JSObjects with fast elements that are not value wrappers

- // and that do not have indexed interceptors, we initialize the

- // inlined fast case (if present) by patching the inlined map

- // check.

- if (object->IsJSObject() &&

- !object->IsJSValue() &&

- !JSObject::cast(*object)->HasIndexedInterceptor() &&

- JSObject::cast(*object)->HasFastElements()) {

- Map* map = JSObject::cast(*object)->map();

- PatchInlinedLoad(address(), map);

- }

}

// Get the property.

@@ -1471,57 +1350,7 @@

LookupResult lookup;

if (LookupForWrite(*receiver, *name, &lookup)) {

- bool can_be_inlined =

- state == UNINITIALIZED &&

- lookup.IsProperty() &&

- lookup.holder() == *receiver &&

- lookup.type() == FIELD &&

- !receiver->IsAccessCheckNeeded();

- if (can_be_inlined) {

- Map* map = lookup.holder()->map();

- // Property's index in the properties array. If negative we have

- // an inobject property.

- int index = lookup.GetFieldIndex() - map->inobject_properties();

- if (index < 0) {

- // Index is an offset from the end of the object.

- int offset = map->instance_size() + (index * kPointerSize);

- if (PatchInlinedStore(address(), map, offset)) {

- set_target((strict_mode == kStrictMode)

- ? megamorphic_stub_strict()

- : megamorphic_stub());

-#ifdef DEBUG

- if (FLAG_trace_ic) {

- PrintF("[StoreIC : inline patch %s]\n", *name->ToCString());

- }

-#endif

- return receiver->SetProperty(*name, *value, NONE, strict_mode);

-#ifdef DEBUG

- } else {

- if (FLAG_trace_ic) {

- PrintF("[StoreIC : no inline patch %s (patching failed)]\n",

- *name->ToCString());

- }

- } else {

- if (FLAG_trace_ic) {

- PrintF("[StoreIC : no inline patch %s (not inobject)]\n",

- *name->ToCString());

- }

- } else {

- if (state == PREMONOMORPHIC) {

- if (FLAG_trace_ic) {

- PrintF("[StoreIC : no inline patch %s (not inlinable)]\n",

- *name->ToCString());

-#endif

- }

- // If no inlined store ic was patched, generate a stub for this

- // store.

+ // Generate a stub for this store.

UpdateCaches(&lookup, state, strict_mode, receiver, name, value);

} else {

// Strict mode doesn't allow setting non-existent global property

« no previous file with comments | « src/ic.h ('k') | src/x64/full-codegen-x64.cc » ('j') | no next file with comments »