[Webkit-unassigned] [Bug 64582] JSC JIT does not inline GC allocation fast paths
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jul 14 21:58:35 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=64582
Oliver Hunt <oliver at apple.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #100926|review?, commit-queue? |review-, commit-queue-
Flag| |
--- Comment #8 from Oliver Hunt <oliver at apple.com> 2011-07-14 21:58:36 PST ---
(From update of attachment 100926)
View in context: https://bugs.webkit.org/attachment.cgi?id=100926&action=review
r- but basically just because of the code duplication. Would be good to get 32bit going as well.
> Source/JavaScriptCore/jit/JITOpcodes.cpp:352
> + // remove the object from the free list
> + loadPtr(Address(regT0), regT1);
> + storePtr(regT1, &sizeClass->firstFreeCell);
> +
> + // initialize the object's vtable
> + storePtr(ImmPtr(m_globalData->jsFinalObjectVPtr), Address(regT0));
> +
> + // initialize the object's structure
> + storePtr(ImmPtr(m_codeBlock->globalObject()->emptyObjectStructure()), Address(regT0, JSCell::structureOffset()));
> +
> + // initialize the inheritor ID
> + storePtr(ImmPtr(0), Address(regT0, JSObject::offsetOfInheritorID()));
> +
> + // initialize the object's property storage pointer
> + addPtr(Imm32(sizeof(JSObject)), regT0, regT1);
I think all of this could be hoisted into a separate helper function, rather than duplicating the code in op_create_this, well i guess with the exception of the initial structure
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list