[Webkit-unassigned] [Bug 68750] Value profiling in baseline JIT for JSVALUE32_64
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Sep 24 00:13:10 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=68750
--- Comment #2 from Filip Pizlo <fpizlo at apple.com> 2011-09-24 00:13:10 PST ---
(From update of attachment 108578)
View in context: https://bugs.webkit.org/attachment.cgi?id=108578&action=review
> Source/JavaScriptCore/jit/JITArithmetic32_64.cpp:1072
> unsigned op2 = currentInstruction[3].u.operand;
> OperandTypes types = OperandTypes::fromInt(currentInstruction[4].u.operand);
>
> +#if ENABLE(VALUE_PROFILER)
> + m_codeBlock->addSpecialFastCaseProfile(m_bytecodeOffset);
> +#endif
> +
> if (!supportsFloatingPoint()) {
> addSlowCase(jump());
> return;
Do you do the same thing for op_mul, to catch negative zero?
> Source/JavaScriptCore/jit/JITStubCall.h:214
> - JIT::Call callWithValueProfiling(unsigned dst, JIT::ValueProfilingSiteKind)
> + JIT::Call callWithValueProfiling(unsigned dst, JIT::ValueProfilingSiteKind kind)
> {
> - return call(dst);
> + ASSERT(m_returnType == Value || m_returnType == Cell);
> + JIT::Call call = this->call();
> + m_jit->emitValueProfilingSite(kind);
> + if (m_returnType == Value)
> + m_jit->emitStore(dst, JIT::regT1, JIT::regT0);
> + else
> + m_jit->emitStoreCell(dst, JIT::returnValueRegister);
> + return call;
> }
Do you call this from anywhere in the 32_64 case?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list