JSC virtual call thunk shouldn't do a structure->classInfo lookup
authorfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 22 Apr 2016 01:25:50 +0000 (01:25 +0000)
committerfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 22 Apr 2016 01:25:50 +0000 (01:25 +0000)
https://bugs.webkit.org/show_bug.cgi?id=156874

Reviewed by Keith Miller.

This lookup was unnecessary because we can just test the inlined type field.

But also, this meant that we were exempting JSBoundFunction from the virtual call optimization.
That's pretty bad.

* jit/ThunkGenerators.cpp:
(JSC::virtualThunkFor):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@199861 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/jit/ThunkGenerators.cpp

index 985e078..00acead 100644 (file)
@@ -1,3 +1,18 @@
+2016-04-21  Filip Pizlo  <fpizlo@apple.com>
+
+        JSC virtual call thunk shouldn't do a structure->classInfo lookup
+        https://bugs.webkit.org/show_bug.cgi?id=156874
+
+        Reviewed by Keith Miller.
+        
+        This lookup was unnecessary because we can just test the inlined type field.
+
+        But also, this meant that we were exempting JSBoundFunction from the virtual call optimization.
+        That's pretty bad.
+
+        * jit/ThunkGenerators.cpp:
+        (JSC::virtualThunkFor):
+
 2016-04-21  Joseph Pecoraro  <pecoraro@apple.com>
 
         Web Inspector: sourceMappingURL not loaded in generated script
index 38439d6..dea3a7c 100644 (file)
@@ -189,12 +189,7 @@ MacroAssemblerCodeRef virtualThunkFor(VM* vm, CallLinkInfo& callLinkInfo)
             CCallHelpers::NotEqual, GPRInfo::regT1,
             CCallHelpers::TrustedImm32(JSValue::CellTag)));
 #endif
-    jit.emitLoadStructure(GPRInfo::regT0, GPRInfo::regT4, GPRInfo::regT1);
-    slowCase.append(
-        jit.branchPtr(
-            CCallHelpers::NotEqual,
-            CCallHelpers::Address(GPRInfo::regT4, Structure::classInfoOffset()),
-            CCallHelpers::TrustedImmPtr(JSFunction::info())));
+    slowCase.append(jit.branchIfNotType(GPRInfo::regT0, JSFunctionType));
     
     // Now we know we have a JSFunction.