[INFER] Don't optimize slot accesses for non-global scope objects.
authorBrian Hackett <bhackett1024@gmail.com>
Fri, 15 Apr 2011 08:36:03 -0700
changeset 74949 50d7a9b2ecc5b373bf9bc25db6e8d3993b2d0302
parent 74948 cb06710a8eb7a21aba2453138c2497f4316bce24
child 74950 244446b156b75d135113161e0ec4d0b8bf2d447e
push id2
push userbsmedberg@mozilla.com
push dateFri, 19 Aug 2011 14:38:13 +0000
milestone6.0a1
[INFER] Don't optimize slot accesses for non-global scope objects.
js/src/methodjit/Compiler.cpp
--- a/js/src/methodjit/Compiler.cpp
+++ b/js/src/methodjit/Compiler.cpp
@@ -90,17 +90,17 @@ static const char *OpcodeNames[] = {
 static const size_t CALLS_BACKEDGES_BEFORE_INLINING = 10000;
 
 mjit::Compiler::Compiler(JSContext *cx, JSScript *outerScript, bool isConstructing,
                          const Vector<PatchableFrame> *patchFrames)
   : BaseCompiler(cx),
     outerScript(outerScript),
     isConstructing(isConstructing),
     globalObj(outerScript->global),
-    globalSlots(globalObj ? globalObj->getRawSlots() : NULL),
+    globalSlots((globalObj && globalObj->isGlobal()) ? globalObj->getRawSlots() : NULL),
     patchFrames(patchFrames),
     savedTraps(NULL),
     frame(cx, *thisFromCtor(), masm, stubcc),
     a(NULL), outer(NULL), script(NULL), PC(NULL), loop(NULL),
     inlineFrames(CompilerAllocPolicy(cx, *thisFromCtor())),
     branchPatches(CompilerAllocPolicy(cx, *thisFromCtor())),
 #if defined JS_MONOIC
     getGlobalNames(CompilerAllocPolicy(cx, *thisFromCtor())),
@@ -701,17 +701,17 @@ CompileStatus
 mjit::Compiler::finishThisUp(JITScript **jitp)
 {
     RETURN_IF_OOM(Compile_Error);
 
     /*
      * Watch for reallocation of the global slots while we were in the middle
      * of compiling due to, e.g. standard class initialization.
      */
-    if (globalObj && globalObj->getRawSlots() != globalSlots)
+    if (globalSlots && globalObj->getRawSlots() != globalSlots)
         return Compile_Retry;
 
     for (size_t i = 0; i < branchPatches.length(); i++) {
         Label label = labelOf(branchPatches[i].pc, branchPatches[i].inlineIndex);
         branchPatches[i].jump.linkTo(label, &masm);
     }
 
 #ifdef JS_CPU_ARM
@@ -2912,17 +2912,18 @@ mjit::Compiler::jsop_getglobal(uint32 in
     uint32 slot = script->getGlobalSlot(index);
 
     JSObject *singleton = pushedSingleton(0);
     if (singleton && !globalObj->getSlot(slot).isUndefined()) {
         frame.push(ObjectValue(*singleton));
         return;
     }
 
-    if (cx->typeInferenceEnabled() && !globalObj->getType()->unknownProperties()) {
+    if (cx->typeInferenceEnabled() && globalObj->isGlobal() &&
+        !globalObj->getType()->unknownProperties()) {
         Value *value = &globalObj->getSlotRef(slot);
         if (!value->isUndefined()) {
             watchGlobalReallocation();
             RegisterID reg = frame.allocReg();
             masm.move(ImmPtr(value), reg);
             frame.push(Address(reg), knownPushedType(0), true);
             return;
         }
@@ -6025,17 +6026,18 @@ mjit::Compiler::jsop_getgname(uint32 ind
         return;
     }
 
     /*
      * Get the type of the global. Don't look at the pushed type, as this may
      * be part of an INCGNAME op.
      */
     JSValueType type = JSVAL_TYPE_UNKNOWN;
-    if (cx->typeInferenceEnabled() && !globalObj->getType()->unknownProperties()) {
+    if (cx->typeInferenceEnabled() && globalObj->isGlobal() &&
+        !globalObj->getType()->unknownProperties()) {
         types::TypeSet *types = globalObj->getType()->getProperty(cx, ATOM_TO_JSID(atom), false);
         if (!types)
             return;
         type = types->getKnownTypeTag(cx);
 
         const js::Shape *shape = globalObj->nativeLookup(ATOM_TO_JSID(atom));
         if (shape && shape->hasDefaultGetterOrIsMethod() && shape->hasSlot()) {
             Value *value = &globalObj->getSlotRef(shape->slot);
@@ -6228,17 +6230,18 @@ mjit::Compiler::jsop_setgname(JSAtom *at
                   : STRICT_VARIANT(stubs::SetGlobalNameNoCache));
 
     if (monitored(PC)) {
         /* Global accesses are monitored only for a few names like __proto__. */
         jsop_setgname_slow(atom, usePropertyCache);
         return;
     }
 
-    if (cx->typeInferenceEnabled() && !globalObj->getType()->unknownProperties()) {
+    if (cx->typeInferenceEnabled() && globalObj->isGlobal() &&
+        !globalObj->getType()->unknownProperties()) {
         /*
          * Note: object branding is disabled when inference is enabled. With
          * branding there is no way to ensure that a non-function property
          * can't get a function later and cause the global object to become
          * branded, requiring a shape change if it changes again.
          */
         types::TypeSet *types = globalObj->getType()->getProperty(cx, ATOM_TO_JSID(atom), false);
         if (!types)