projects / profile / ivi / webkit-efl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 68244f4) | patch
DFG::operationNewArray is unnecessarily slow, and may use the wrong array
authorfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 26 Jun 2012 19:42:05 +0000 (19:42 +0000)
committerfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Tue, 26 Jun 2012 19:42:05 +0000 (19:42 +0000)
commit6c89cd3fdecaf5709b8f7b9f4dd1afb6c6a5cab5
tree51b153270152ac10e5948645bf82afcd02bfb0b4tree | snapshot
parent68244f407eb69244c37c40001a200783c73da339commit | diff
DFG::operationNewArray is unnecessarily slow, and may use the wrong array
prototype when inlined
https://bugs.webkit.org/show_bug.cgi?id=89821

Source/JavaScriptCore:

Reviewed by Geoffrey Garen.

Fixes all array allocations to use the right structure, and hence the right prototype. Adds
inlining of new Array(...) with a non-zero number of arguments. Optimizes allocations of
empty arrays.

* dfg/DFGAbstractState.cpp:
(JSC::DFG::AbstractState::execute):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleConstantInternalFunction):
* dfg/DFGCCallHelpers.h:
(JSC::DFG::CCallHelpers::setupArgumentsWithExecState):
(CCallHelpers):
* dfg/DFGNodeType.h:
(DFG):
* dfg/DFGOperations.cpp:
* dfg/DFGOperations.h:
* dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate):
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation):
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* runtime/JSArray.h:
(JSC):
(JSC::constructArray):
* runtime/JSGlobalObject.h:
(JSC):
(JSC::constructArray):

LayoutTests:

Rubber stamped by Geoffrey Garen.

* fast/js/dfg-cross-global-object-inline-new-array-expected.txt: Added.
* fast/js/dfg-cross-global-object-inline-new-array-literal-expected.txt: Added.
* fast/js/dfg-cross-global-object-inline-new-array-literal-with-variables-expected.txt: Added.
* fast/js/dfg-cross-global-object-inline-new-array-literal-with-variables.html: Added.
* fast/js/dfg-cross-global-object-inline-new-array-literal.html: Added.
* fast/js/dfg-cross-global-object-inline-new-array-with-elements-expected.txt: Added.
* fast/js/dfg-cross-global-object-inline-new-array-with-elements.html: Added.
* fast/js/dfg-cross-global-object-inline-new-array-with-size-expected.txt: Added.
* fast/js/dfg-cross-global-object-inline-new-array-with-size.html: Added.
* fast/js/dfg-cross-global-object-inline-new-array.html: Added.
* fast/js/script-tests/cross-global-object-inline-global-var.js:
(done):
* fast/js/script-tests/dfg-cross-global-object-inline-new-array-literal-with-variables.js: Added.
(foo):
(done):
(doit):
* fast/js/script-tests/dfg-cross-global-object-inline-new-array-literal.js: Added.
(foo):
(done):
(doit):
* fast/js/script-tests/dfg-cross-global-object-inline-new-array-with-elements.js: Added.
(foo):
(done):
(doit):
* fast/js/script-tests/dfg-cross-global-object-inline-new-array-with-size.js: Added.
(foo):
(done):
(doit):
* fast/js/script-tests/dfg-cross-global-object-inline-new-array.js: Added.
(foo):
(done):
(doit):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121280 268f45cc-cd09-0410-ab3c-d52691b4dbfc
30 files changed:
LayoutTests/ChangeLog diff | blob | history
LayoutTests/fast/js/dfg-cross-global-object-inline-new-array-expected.txt [new file with mode: 0644] blob
LayoutTests/fast/js/dfg-cross-global-object-inline-new-array-literal-expected.txt [new file with mode: 0644] blob
LayoutTests/fast/js/dfg-cross-global-object-inline-new-array-literal-with-variables-expected.txt [new file with mode: 0644] blob
LayoutTests/fast/js/dfg-cross-global-object-inline-new-array-literal-with-variables.html [new file with mode: 0644] blob
LayoutTests/fast/js/dfg-cross-global-object-inline-new-array-literal.html [new file with mode: 0644] blob
LayoutTests/fast/js/dfg-cross-global-object-inline-new-array-with-elements-expected.txt [new file with mode: 0644] blob
LayoutTests/fast/js/dfg-cross-global-object-inline-new-array-with-elements.html [new file with mode: 0644] blob
LayoutTests/fast/js/dfg-cross-global-object-inline-new-array-with-size-expected.txt [new file with mode: 0644] blob
LayoutTests/fast/js/dfg-cross-global-object-inline-new-array-with-size.html [new file with mode: 0644] blob
LayoutTests/fast/js/dfg-cross-global-object-inline-new-array.html [new file with mode: 0644] blob
LayoutTests/fast/js/script-tests/cross-global-object-inline-global-var.js diff | blob | history
LayoutTests/fast/js/script-tests/dfg-cross-global-object-inline-new-array-literal-with-variables.js [new file with mode: 0644] blob
LayoutTests/fast/js/script-tests/dfg-cross-global-object-inline-new-array-literal.js [new file with mode: 0644] blob
LayoutTests/fast/js/script-tests/dfg-cross-global-object-inline-new-array-with-elements.js [new file with mode: 0644] blob
LayoutTests/fast/js/script-tests/dfg-cross-global-object-inline-new-array-with-size.js [new file with mode: 0644] blob
LayoutTests/fast/js/script-tests/dfg-cross-global-object-inline-new-array.js [new file with mode: 0644] blob
Source/JavaScriptCore/ChangeLog diff | blob | history
Source/JavaScriptCore/dfg/DFGAbstractState.cpp diff | blob | history
Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp diff | blob | history
Source/JavaScriptCore/dfg/DFGCCallHelpers.h diff | blob | history
Source/JavaScriptCore/dfg/DFGNodeType.h diff | blob | history
Source/JavaScriptCore/dfg/DFGOperations.cpp diff | blob | history
Source/JavaScriptCore/dfg/DFGOperations.h diff | blob | history
Source/JavaScriptCore/dfg/DFGPredictionPropagationPhase.cpp diff | blob | history
Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h diff | blob | history
Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp diff | blob | history
Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp diff | blob | history
Source/JavaScriptCore/runtime/JSArray.h diff | blob | history
Source/JavaScriptCore/runtime/JSGlobalObject.h diff | blob | history
Domain: Web Framework / Uncategorized;