We should only expect a RareCaseProfile to exist if the rare case actually exists.
authormark.lam@apple.com <mark.lam@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 24 Sep 2015 18:38:35 +0000 (18:38 +0000)
committermark.lam@apple.com <mark.lam@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 24 Sep 2015 18:38:35 +0000 (18:38 +0000)
commit7e681bb9dded0e404924a626ed5658db1aea90b6
tree1f8903e4e24b9cf6bcb1281fdac7177a8493a2dd
parent5340584824a937019424b154a50ccb198a08a7ab
We should only expect a RareCaseProfile to exist if the rare case actually exists.
https://bugs.webkit.org/show_bug.cgi?id=149531

Reviewed by Saam Barati.

The current code that calls rareCaseProfileForBytecodeOffset() assumes that it
will always return a non-null RareCaseProfile.  As a result, op_add in the
baseline JIT is forced to add a dummy slow case that will never be taken, only to
ensure that the RareCaseProfile for that bytecode is created.  This profile will
always produce a counter value of 0 (since that path will never be taken).

Instead, we'll make the callers of rareCaseProfileForBytecodeOffset() check if
the profile actually exist before dereferencing it.

* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::rareCaseProfileForBytecodeOffset):
(JSC::CodeBlock::rareCaseProfileCountForBytecodeOffset):
(JSC::CodeBlock::capabilityLevel):
* bytecode/CodeBlock.h:
(JSC::CodeBlock::addRareCaseProfile):
(JSC::CodeBlock::numberOfRareCaseProfiles):
(JSC::CodeBlock::likelyToTakeSlowCase):
(JSC::CodeBlock::couldTakeSlowCase):
(JSC::CodeBlock::likelyToTakeDeepestSlowCase):
(JSC::CodeBlock::likelyToTakeAnySlowCase):
(JSC::CodeBlock::rareCaseProfile): Deleted.
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_add):
(JSC::JIT::emitSlow_op_add):
* jit/JITArithmetic32_64.cpp:
(JSC::JIT::emit_op_add):
(JSC::JIT::emitSlow_op_add):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@190213 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/bytecode/CodeBlock.cpp
Source/JavaScriptCore/bytecode/CodeBlock.h
Source/JavaScriptCore/jit/JITArithmetic.cpp
Source/JavaScriptCore/jit/JITArithmetic32_64.cpp