Changeset 190213 in webkit
- Timestamp:
- Sep 24, 2015 11:38:35 AM (9 years ago)
- Location:
- trunk/Source/JavaScriptCore
- Files:
-
- 5 edited
-
ChangeLog (modified) (1 diff)
-
bytecode/CodeBlock.cpp (modified) (1 diff)
-
bytecode/CodeBlock.h (modified) (5 diffs)
-
jit/JITArithmetic.cpp (modified) (2 diffs)
-
jit/JITArithmetic32_64.cpp (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/JavaScriptCore/ChangeLog
r190201 r190213 1 2015-09-24 Mark Lam <mark.lam@apple.com> 2 3 We should only expect a RareCaseProfile to exist if the rare case actually exists. 4 https://bugs.webkit.org/show_bug.cgi?id=149531 5 6 Reviewed by Saam Barati. 7 8 The current code that calls rareCaseProfileForBytecodeOffset() assumes that it 9 will always return a non-null RareCaseProfile. As a result, op_add in the 10 baseline JIT is forced to add a dummy slow case that will never be taken, only to 11 ensure that the RareCaseProfile for that bytecode is created. This profile will 12 always produce a counter value of 0 (since that path will never be taken). 13 14 Instead, we'll make the callers of rareCaseProfileForBytecodeOffset() check if 15 the profile actually exist before dereferencing it. 16 17 * bytecode/CodeBlock.cpp: 18 (JSC::CodeBlock::rareCaseProfileForBytecodeOffset): 19 (JSC::CodeBlock::rareCaseProfileCountForBytecodeOffset): 20 (JSC::CodeBlock::capabilityLevel): 21 * bytecode/CodeBlock.h: 22 (JSC::CodeBlock::addRareCaseProfile): 23 (JSC::CodeBlock::numberOfRareCaseProfiles): 24 (JSC::CodeBlock::likelyToTakeSlowCase): 25 (JSC::CodeBlock::couldTakeSlowCase): 26 (JSC::CodeBlock::likelyToTakeDeepestSlowCase): 27 (JSC::CodeBlock::likelyToTakeAnySlowCase): 28 (JSC::CodeBlock::rareCaseProfile): Deleted. 29 * jit/JITArithmetic.cpp: 30 (JSC::JIT::emit_op_add): 31 (JSC::JIT::emitSlow_op_add): 32 * jit/JITArithmetic32_64.cpp: 33 (JSC::JIT::emit_op_add): 34 (JSC::JIT::emitSlow_op_add): 35 1 36 2015-09-24 Ryosuke Niwa <rniwa@webkit.org> 2 37 -
trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp
r190073 r190213 3970 3970 } 3971 3971 3972 unsigned CodeBlock::rareCaseProfileCountForBytecodeOffset(int bytecodeOffset) 3973 { 3974 RareCaseProfile* profile = rareCaseProfileForBytecodeOffset(bytecodeOffset); 3975 if (profile) 3976 return profile->m_counter; 3977 return 0; 3978 } 3979 3972 3980 #if ENABLE(JIT) 3973 3981 DFG::CapabilityLevel CodeBlock::capabilityLevel() -
trunk/Source/JavaScriptCore/bytecode/CodeBlock.h
r190129 r190213 407 407 } 408 408 unsigned numberOfRareCaseProfiles() { return m_rareCaseProfiles.size(); } 409 RareCaseProfile* rareCaseProfile(int index) { return &m_rareCaseProfiles[index]; }410 409 RareCaseProfile* rareCaseProfileForBytecodeOffset(int bytecodeOffset); 410 unsigned rareCaseProfileCountForBytecodeOffset(int bytecodeOffset); 411 411 412 412 bool likelyToTakeSlowCase(int bytecodeOffset) … … 414 414 if (!hasBaselineJITProfiling()) 415 415 return false; 416 unsigned value = rareCaseProfile ForBytecodeOffset(bytecodeOffset)->m_counter;416 unsigned value = rareCaseProfileCountForBytecodeOffset(bytecodeOffset); 417 417 return value >= Options::likelyToTakeSlowCaseMinimumCount(); 418 418 } … … 422 422 if (!hasBaselineJITProfiling()) 423 423 return false; 424 unsigned value = rareCaseProfile ForBytecodeOffset(bytecodeOffset)->m_counter;424 unsigned value = rareCaseProfileCountForBytecodeOffset(bytecodeOffset); 425 425 return value >= Options::couldTakeSlowCaseMinimumCount(); 426 426 } … … 460 460 if (!hasBaselineJITProfiling()) 461 461 return false; 462 unsigned slowCaseCount = rareCaseProfile ForBytecodeOffset(bytecodeOffset)->m_counter;462 unsigned slowCaseCount = rareCaseProfileCountForBytecodeOffset(bytecodeOffset); 463 463 unsigned specialFastCaseCount = specialFastCaseProfileForBytecodeOffset(bytecodeOffset)->m_counter; 464 464 unsigned value = slowCaseCount - specialFastCaseCount; … … 470 470 if (!hasBaselineJITProfiling()) 471 471 return false; 472 unsigned slowCaseCount = rareCaseProfile ForBytecodeOffset(bytecodeOffset)->m_counter;472 unsigned slowCaseCount = rareCaseProfileCountForBytecodeOffset(bytecodeOffset); 473 473 unsigned specialFastCaseCount = specialFastCaseProfileForBytecodeOffset(bytecodeOffset)->m_counter; 474 474 unsigned value = slowCaseCount + specialFastCaseCount; -
trunk/Source/JavaScriptCore/jit/JITArithmetic.cpp
r189444 r190213 796 796 797 797 if (!types.first().mightBeNumber() || !types.second().mightBeNumber()) { 798 addSlowCase();799 798 JITSlowPathCall slowPathCall(this, currentInstruction, slow_path_add); 800 799 slowPathCall.call(); … … 825 824 OperandTypes types = OperandTypes::fromInt(currentInstruction[4].u.operand); 826 825 827 if (!types.first().mightBeNumber() || !types.second().mightBeNumber()) { 828 linkDummySlowCase(iter); 829 return; 830 } 826 RELEASE_ASSERT(types.first().mightBeNumber() && types.second().mightBeNumber()); 831 827 832 828 bool op1HasImmediateIntFastCase = isOperandConstantImmediateInt(op1); -
trunk/Source/JavaScriptCore/jit/JITArithmetic32_64.cpp
r189575 r190213 490 490 491 491 if (!types.first().mightBeNumber() || !types.second().mightBeNumber()) { 492 addSlowCase();493 492 JITSlowPathCall slowPathCall(this, currentInstruction, slow_path_add); 494 493 slowPathCall.call(); … … 559 558 OperandTypes types = OperandTypes::fromInt(currentInstruction[4].u.operand); 560 559 561 if (!types.first().mightBeNumber() || !types.second().mightBeNumber()) { 562 linkDummySlowCase(iter); 563 return; 564 } 560 RELEASE_ASSERT(types.first().mightBeNumber() && types.second().mightBeNumber()); 565 561 566 562 int op;
Note: See TracChangeset
for help on using the changeset viewer.
