From daab071c1793b046a635d000a7b2a28e32fe70e8 Mon Sep 17 00:00:00 2001 From: Matthew Gaudet Date: Wed, 8 Aug 2018 00:01:52 +0000 Subject: [PATCH] Bug 1480493 - Remove initializer kind from JSOP_NEWINIT r=arai Differential Revision: https://phabricator.services.mozilla.com/D2675 --HG-- extra : moz-landing-system : lando --- js/src/frontend/BytecodeEmitter.cpp | 12 ++++++------ js/src/frontend/BytecodeEmitter.h | 2 +- js/src/jit/BaselineCompiler.cpp | 22 +++------------------- js/src/jit/CodeGenerator.cpp | 11 +---------- js/src/jit/IonBuilder.cpp | 6 +----- js/src/vm/Interpreter.cpp | 17 +++++++---------- js/src/vm/Opcodes.h | 7 ++----- 7 files changed, 21 insertions(+), 56 deletions(-) diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitter.cpp index b82951d46ced..cfaf8fb4aac9 100644 --- a/js/src/frontend/BytecodeEmitter.cpp +++ b/js/src/frontend/BytecodeEmitter.cpp @@ -1531,7 +1531,7 @@ BytecodeEmitter::reportExtraWarning(const Maybe& maybeOffset, } bool -BytecodeEmitter::emitNewInit(JSProtoKey key) +BytecodeEmitter::emitNewInit() { const size_t len = 1 + UINT32_INDEX_LEN; ptrdiff_t offset; @@ -1540,7 +1540,7 @@ BytecodeEmitter::emitNewInit(JSProtoKey key) jsbytecode* code = this->code(offset); code[0] = JSOP_NEWINIT; - code[1] = jsbytecode(key); + code[1] = 0; code[2] = 0; code[3] = 0; code[4] = 0; @@ -3547,7 +3547,7 @@ BytecodeEmitter::emitDestructuringOpsObject(ParseNode* pattern, DestructuringFla if (!updateSourceCoordNotes(member->pn_pos.begin)) return false; - if (!emitNewInit(JSProto_Object)) // ... *SET RHS *LREF RHS TARGET + if (!emitNewInit()) // ... *SET RHS *LREF RHS TARGET return false; if (!emit1(JSOP_DUP)) // ... *SET RHS *LREF RHS TARGET TARGET return false; @@ -3641,7 +3641,7 @@ BytecodeEmitter::emitDestructuringObjRestExclusionSet(ParseNode* pattern) MOZ_ASSERT(pattern->last()->isKind(ParseNodeKind::Spread)); ptrdiff_t offset = this->offset(); - if (!emitNewInit(JSProto_Object)) + if (!emitNewInit()) return false; // Try to construct the shape of the object as we go, so we can emit a @@ -7478,7 +7478,7 @@ BytecodeEmitter::emitObject(ParseNode* pn) * (or mutating the object's [[Prototype]], in the case of __proto__). */ ptrdiff_t offset = this->offset(); - if (!emitNewInit(JSProto_Object)) + if (!emitNewInit()) return false; // Try to construct the shape of the object as we go, so we can emit a @@ -8178,7 +8178,7 @@ BytecodeEmitter::emitClass(ParseNode* pn) if (!emit1(JSOP_SWAP)) // ... HOMEOBJ HERITAGE return false; } else { - if (!emitNewInit(JSProto_Object)) // ... HOMEOBJ + if (!emitNewInit()) // ... HOMEOBJ return false; } diff --git a/js/src/frontend/BytecodeEmitter.h b/js/src/frontend/BytecodeEmitter.h index e72167ccce79..4c61598f930d 100644 --- a/js/src/frontend/BytecodeEmitter.h +++ b/js/src/frontend/BytecodeEmitter.h @@ -638,7 +638,7 @@ struct MOZ_STACK_CLASS BytecodeEmitter MOZ_MUST_USE bool emitSingleDeclaration(ParseNode* decls, ParseNode* decl, ParseNode* initializer); - MOZ_MUST_USE bool emitNewInit(JSProtoKey key); + MOZ_MUST_USE bool emitNewInit(); MOZ_MUST_USE bool emitSingletonInitialiser(ParseNode* pn); MOZ_MUST_USE bool emitPrepareIteratorResult(); diff --git a/js/src/jit/BaselineCompiler.cpp b/js/src/jit/BaselineCompiler.cpp index a39000fff8ff..96d82a3f995d 100644 --- a/js/src/jit/BaselineCompiler.cpp +++ b/js/src/jit/BaselineCompiler.cpp @@ -2167,26 +2167,10 @@ bool BaselineCompiler::emit_JSOP_NEWINIT() { frame.syncStack(0); - JSProtoKey key = JSProtoKey(GET_UINT8(pc)); - if (key == JSProto_Array) { - // Pass length in R0. - masm.move32(Imm32(0), R0.scratchReg()); - - ObjectGroup* group = ObjectGroup::allocationSiteGroup(cx, script, pc, JSProto_Array); - if (!group) - return false; - - ICNewArray_Fallback::Compiler stubCompiler(cx, group, ICStubCompiler::Engine::Baseline); - if (!emitOpIC(stubCompiler.getStub(&stubSpace_))) - return false; - } else { - MOZ_ASSERT(key == JSProto_Object); - - ICNewObject_Fallback::Compiler stubCompiler(cx, ICStubCompiler::Engine::Baseline); - if (!emitOpIC(stubCompiler.getStub(&stubSpace_))) - return false; - } + ICNewObject_Fallback::Compiler stubCompiler(cx, ICStubCompiler::Engine::Baseline); + if (!emitOpIC(stubCompiler.getStub(&stubSpace_))) + return false; frame.push(R0); return true; diff --git a/js/src/jit/CodeGenerator.cpp b/js/src/jit/CodeGenerator.cpp index ca69f965d0e3..a42ede61b9e1 100644 --- a/js/src/jit/CodeGenerator.cpp +++ b/js/src/jit/CodeGenerator.cpp @@ -2880,19 +2880,10 @@ CodeGenerator::visitNullarySharedStub(LNullarySharedStub* lir) emitSharedStub(ICStub::Kind::NewArray_Fallback, lir); break; } + case JSOP_NEWINIT: case JSOP_NEWOBJECT: emitSharedStub(ICStub::Kind::NewObject_Fallback, lir); break; - case JSOP_NEWINIT: { - JSProtoKey key = JSProtoKey(GET_UINT8(pc)); - if (key == JSProto_Array) { - masm.move32(Imm32(0), R0.scratchReg()); - emitSharedStub(ICStub::Kind::NewArray_Fallback, lir); - } else { - emitSharedStub(ICStub::Kind::NewObject_Fallback, lir); - } - break; - } default: MOZ_CRASH("Unsupported jsop in shared stubs."); } diff --git a/js/src/jit/IonBuilder.cpp b/js/src/jit/IonBuilder.cpp index fec8c4395fc8..ec11233507d6 100644 --- a/js/src/jit/IonBuilder.cpp +++ b/js/src/jit/IonBuilder.cpp @@ -2012,17 +2012,13 @@ IonBuilder::inspectOpcode(JSOp op) current->pushSlot(current->stackDepth() - 1 - GET_UINT24(pc)); return Ok(); - case JSOP_NEWINIT: - if (GET_UINT8(pc) == JSProto_Array) - return jsop_newarray(0); - return jsop_newobject(); - case JSOP_NEWARRAY: return jsop_newarray(GET_UINT32(pc)); case JSOP_NEWARRAY_COPYONWRITE: return jsop_newarray_copyonwrite(); + case JSOP_NEWINIT: case JSOP_NEWOBJECT: return jsop_newobject(); diff --git a/js/src/vm/Interpreter.cpp b/js/src/vm/Interpreter.cpp index 876f748fe414..6833d11736d1 100644 --- a/js/src/vm/Interpreter.cpp +++ b/js/src/vm/Interpreter.cpp @@ -3906,14 +3906,7 @@ END_CASE(JSOP_HOLE) CASE(JSOP_NEWINIT) { - uint8_t i = GET_UINT8(REGS.pc); - MOZ_ASSERT(i == JSProto_Array || i == JSProto_Object); - - JSObject* obj; - if (i == JSProto_Array) - obj = NewArrayOperation(cx, script, REGS.pc, 0); - else - obj = NewObjectOperation(cx, script, REGS.pc); + JSObject* obj = NewObjectOperation(cx, script, REGS.pc); if (!obj) goto error; @@ -5161,8 +5154,13 @@ js::NewObjectOperation(JSContext* cx, HandleScript script, jsbytecode* pc, AutoSweepObjectGroup sweep(group); if (group->maybePreliminaryObjects(sweep)) { group->maybePreliminaryObjects(sweep)->maybeAnalyze(cx, group); - if (group->maybeUnboxedLayout(sweep)) + if (group->maybeUnboxedLayout(sweep)) { + // This sets the allocation site so that the template object + // can be read back but if op is NEWINIT, then the template + // is null. + MOZ_ASSERT(JSOp(*pc) != JSOP_NEWINIT); group->maybeUnboxedLayout(sweep)->setAllocationSite(script, pc); + } } if (group->shouldPreTenure(sweep) || group->maybePreliminaryObjects(sweep)) @@ -5180,7 +5178,6 @@ js::NewObjectOperation(JSContext* cx, HandleScript script, jsbytecode* pc, obj = CopyInitializerObject(cx, baseObject, newKind); } else { MOZ_ASSERT(*pc == JSOP_NEWINIT); - MOZ_ASSERT(GET_UINT8(pc) == JSProto_Object); obj = NewBuiltinClassInstance(cx, newKind); } diff --git a/js/src/vm/Opcodes.h b/js/src/vm/Opcodes.h index 0fa78e53a34e..cb3e1a00e787 100644 --- a/js/src/vm/Opcodes.h +++ b/js/src/vm/Opcodes.h @@ -840,14 +840,11 @@ /* * Pushes newly created object onto the stack. * - * This opcode takes the kind of initializer (JSProto_Array or - * JSProto_Object). - * - * This opcode has three extra bytes so it can be exchanged with + * This opcode has four extra bytes so it can be exchanged with * JSOP_NEWOBJECT during emit. * Category: Literals * Type: Object - * Operands: uint8_t kind (, uint24_t extra) + * Operands: (uint32_t extra) * Stack: => obj */ \ macro(JSOP_NEWINIT, 89, "newinit", NULL, 5, 0, 1, JOF_UINT8) \