[Webkit-unassigned] [Bug 79554] DFG should support activations and nested functions

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Feb 24 23:00:53 PST 2012 

https://bugs.webkit.org/show_bug.cgi?id=79554


Oliver Hunt <oliver at apple.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #128844|review?                     |review+
               Flag|                            |




--- Comment #2 from Oliver Hunt <oliver at apple.com>  2012-02-24 23:00:53 PST ---
(From update of attachment 128844)
View in context: https://bugs.webkit.org/attachment.cgi?id=128844&action=review

Basically r=me, but it would be nice if you could try to remove the duplicated code :-(

Also we probably want a bug to track to do function instantiation inline like we do in the baseline JIT.

> Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp:3540
> +    case CreateActivation: {
> +        JSValueOperand value(this, node.child1());
> +        GPRTemporary result(this, value);
> +        
> +        GPRReg valueTagGPR = value.tagGPR();
> +        GPRReg valuePayloadGPR = value.payloadGPR();
> +        GPRReg resultGPR = result.gpr();
> +        
> +        m_jit.move(valuePayloadGPR, resultGPR);
> +        
> +        JITCompiler::Jump alreadyCreated = m_jit.branch32(JITCompiler::NotEqual, valueTagGPR, TrustedImm32(JSValue::EmptyValueTag));
> +        
> +        silentSpillAllRegisters(resultGPR);
> +        callOperation(operationCreateActivation, resultGPR);
> +        silentFillAllRegisters(resultGPR);
> +        
> +        alreadyCreated.link(&m_jit);
> +        
> +        cellResult(resultGPR, m_compileIndex);
> +        break;
> +    }
> +        
> +    case TearOffActivation: {
> +        JSValueOperand value(this, node.child1());
> +        GPRTemporary result(this, value);
> +        
> +        GPRReg valueTagGPR = value.tagGPR();
> +        GPRReg valuePayloadGPR = value.payloadGPR();
> +        
> +        JITCompiler::Jump notCreated = m_jit.branch32(JITCompiler::Equal, valueTagGPR, TrustedImm32(JSValue::EmptyValueTag));
> +        
> +        silentSpillAllRegisters(InvalidGPRReg);
> +        callOperation(operationTearOffActivation, valuePayloadGPR);
> +        silentFillAllRegisters(InvalidGPRReg);
> +        
> +        notCreated.link(&m_jit);
> +        
> +        noResult(m_compileIndex);
> +        break;
> +    }
> +        
> +    case NewFunctionNoCheck: {
> +        GPRResult result(this);
> +        GPRReg resultGPR = result.gpr();
> +        flushRegisters();
> +        callOperation(
> +            operationNewFunction, resultGPR, m_jit.codeBlock()->functionDecl(node.functionDeclIndex()));
> +        cellResult(resultGPR, m_compileIndex);
> +        break;
> +    }

It feels like these should be entirely sharable between  32bit and 64bit implementations

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list