Changeset 278445 in webkit
- Timestamp:
- Jun 3, 2021 8:10:54 PM (14 months ago)
- Location:
- trunk
- Files:
-
- 3 added
- 54 edited
- 2 moved
-
JSTests/ChangeLog (modified) (1 diff)
-
JSTests/microbenchmarks/in-by-val-int32.js (added)
-
JSTests/microbenchmarks/in-by-val-string-index.js (added)
-
JSTests/microbenchmarks/in-by-val-symbol.js (added)
-
Source/JavaScriptCore/ChangeLog (modified) (1 diff)
-
Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj (modified) (8 diffs)
-
Source/JavaScriptCore/Sources.txt (modified) (1 diff)
-
Source/JavaScriptCore/bytecode/CheckPrivateBrandStatus.cpp (modified) (1 diff)
-
Source/JavaScriptCore/bytecode/DeleteByStatus.cpp (modified) (1 diff)
-
Source/JavaScriptCore/bytecode/GetByStatus.cpp (modified) (1 diff)
-
Source/JavaScriptCore/bytecode/ICStatusMap.h (modified) (2 diffs)
-
Source/JavaScriptCore/bytecode/ICStatusUtils.h (modified) (2 diffs)
-
Source/JavaScriptCore/bytecode/InByIdVariant.cpp (modified) (3 diffs)
-
Source/JavaScriptCore/bytecode/InByIdVariant.h (modified) (4 diffs)
-
Source/JavaScriptCore/bytecode/InByStatus.cpp (moved) (moved from trunk/Source/JavaScriptCore/bytecode/InByIdStatus.cpp) (17 diffs)
-
Source/JavaScriptCore/bytecode/InByStatus.h (moved) (moved from trunk/Source/JavaScriptCore/bytecode/InByIdStatus.h) (5 diffs)
-
Source/JavaScriptCore/bytecode/RecordedStatuses.cpp (modified) (1 diff)
-
Source/JavaScriptCore/bytecode/RecordedStatuses.h (modified) (3 diffs)
-
Source/JavaScriptCore/bytecode/SetPrivateBrandStatus.cpp (modified) (1 diff)
-
Source/JavaScriptCore/bytecode/StructureStubInfo.cpp (modified) (1 diff)
-
Source/JavaScriptCore/bytecode/StructureStubInfo.h (modified) (1 diff)
-
Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h (modified) (2 diffs)
-
Source/JavaScriptCore/dfg/DFGArgumentsEliminationPhase.cpp (modified) (2 diffs)
-
Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp (modified) (5 diffs)
-
Source/JavaScriptCore/dfg/DFGClobberize.h (modified) (1 diff)
-
Source/JavaScriptCore/dfg/DFGClobbersExitState.cpp (modified) (1 diff)
-
Source/JavaScriptCore/dfg/DFGDoesGC.cpp (modified) (1 diff)
-
Source/JavaScriptCore/dfg/DFGFixupPhase.cpp (modified) (1 diff)
-
Source/JavaScriptCore/dfg/DFGGraph.cpp (modified) (1 diff)
-
Source/JavaScriptCore/dfg/DFGJITCompiler.cpp (modified) (1 diff)
-
Source/JavaScriptCore/dfg/DFGJITCompiler.h (modified) (2 diffs)
-
Source/JavaScriptCore/dfg/DFGMayExit.cpp (modified) (1 diff)
-
Source/JavaScriptCore/dfg/DFGNode.h (modified) (1 diff)
-
Source/JavaScriptCore/dfg/DFGNodeType.h (modified) (1 diff)
-
Source/JavaScriptCore/dfg/DFGObjectAllocationSinkingPhase.cpp (modified) (2 diffs)
-
Source/JavaScriptCore/dfg/DFGPredictionPropagationPhase.cpp (modified) (1 diff)
-
Source/JavaScriptCore/dfg/DFGSafeToExecute.h (modified) (1 diff)
-
Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp (modified) (1 diff)
-
Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp (modified) (1 diff)
-
Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp (modified) (1 diff)
-
Source/JavaScriptCore/dfg/DFGVarargsForwardingPhase.cpp (modified) (2 diffs)
-
Source/JavaScriptCore/ftl/FTLCapabilities.cpp (modified) (1 diff)
-
Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp (modified) (5 diffs)
-
Source/JavaScriptCore/jit/ICStats.h (modified) (2 diffs)
-
Source/JavaScriptCore/jit/JIT.cpp (modified) (5 diffs)
-
Source/JavaScriptCore/jit/JIT.h (modified) (4 diffs)
-
Source/JavaScriptCore/jit/JITInlineCacheGenerator.cpp (modified) (1 diff)
-
Source/JavaScriptCore/jit/JITInlineCacheGenerator.h (modified) (1 diff)
-
Source/JavaScriptCore/jit/JITOperations.cpp (modified) (3 diffs)
-
Source/JavaScriptCore/jit/JITOperations.h (modified) (1 diff)
-
Source/JavaScriptCore/jit/JITPropertyAccess.cpp (modified) (1 diff)
-
Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp (modified) (1 diff)
-
Source/JavaScriptCore/jit/Repatch.cpp (modified) (3 diffs)
-
Source/JavaScriptCore/jit/Repatch.h (modified) (2 diffs)
-
Source/JavaScriptCore/llint/LLIntSlowPaths.cpp (modified) (1 diff)
-
Source/JavaScriptCore/llint/LLIntSlowPaths.h (modified) (1 diff)
-
Source/JavaScriptCore/llint/LowLevelInterpreter.asm (modified) (2 diffs)
-
Source/JavaScriptCore/runtime/CommonSlowPaths.cpp (modified) (1 diff)
-
Source/JavaScriptCore/runtime/CommonSlowPaths.h (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/JSTests/ChangeLog
r278438 r278445 1 2021-06-03 Ross Kirsling <ross.kirsling@sony.com> 2 3 [JSC] Implement JIT ICs for InByVal 4 https://bugs.webkit.org/show_bug.cgi?id=226563 5 6 Reviewed by Saam Barati. 7 8 * microbenchmarks/in-by-val-int32.js: Added. 9 * microbenchmarks/in-by-val-string-index.js: Added. 10 * microbenchmarks/in-by-val-symbol.js: Added. 11 1 12 2021-06-03 Mark Lam <mark.lam@apple.com> 2 13 -
trunk/Source/JavaScriptCore/ChangeLog
r278438 r278445 1 2021-06-03 Ross Kirsling <ross.kirsling@sony.com> 2 3 [JSC] Implement JIT ICs for InByVal 4 https://bugs.webkit.org/show_bug.cgi?id=226563 5 6 Reviewed by Saam Barati. 7 8 Until now, InByVal has had few optimizations implemented: 9 DFG would attempt to convert string index lookups to InById and int32 lookups to HasIndexedProperty, 10 but there has been no inline caching nor any special handling for symbol lookups. 11 12 This has become a more urgent problem now, as `#x in obj` (i.e. HasPrivateName / HasPrivateBrand) 13 will need to mimic InByVal's inline caching strategy in order to be deemed performant enough to ship. 14 15 This patch thus implements inline caching for InByVal at all JIT tiers. 16 The result is a night-and-day difference for symbols, a nice boost for string indices, and no change for int32s: 17 18 in-by-val-symbol 203.5572+-2.7647 ^ 19.1035+-0.7498 ^ definitely 10.6555x faster 19 in-by-val-string-index 87.0368+-44.7766 45.9971+-32.0007 might be 1.8922x faster 20 in-by-val-int32 110.9904+-1.7109 ? 111.3431+-1.7558 ? 21 22 * JavaScriptCore.xcodeproj/project.pbxproj: 23 * Sources.txt: 24 * bytecode/CheckPrivateBrandStatus.cpp: 25 (JSC::CheckPrivateBrandStatus::singleIdentifier const): 26 * bytecode/DeleteByStatus.cpp: 27 (JSC::DeleteByStatus::singleIdentifier const): 28 * bytecode/GetByStatus.cpp: 29 (JSC::GetByStatus::singleIdentifier const): 30 * bytecode/ICStatusMap.h: 31 * bytecode/ICStatusUtils.h: 32 (JSC::singleIdentifierForICStatus): 33 * bytecode/InByIdVariant.cpp: 34 (JSC::InByIdVariant::InByIdVariant): 35 (JSC::InByIdVariant::attemptToMerge): 36 (JSC::InByIdVariant::dumpInContext const): 37 * bytecode/InByIdVariant.h: 38 (JSC::InByIdVariant::identifier const): 39 (JSC::InByIdVariant::overlaps): 40 * bytecode/InByStatus.cpp: Renamed from Source/JavaScriptCore/bytecode/InByIdStatus.cpp. 41 (JSC::InByStatus::appendVariant): 42 (JSC::InByStatus::shrinkToFit): 43 (JSC::InByStatus::computeFor): 44 (JSC::InByStatus::computeForStubInfo): 45 (JSC::InByStatus::computeForStubInfoWithoutExitSiteFeedback): 46 (JSC::InByStatus::merge): 47 (JSC::InByStatus::filter): 48 (JSC::InByStatus::markIfCheap): 49 (JSC::InByStatus::finalize): 50 (JSC::InByStatus::singleIdentifier const): 51 (JSC::InByStatus::dump const): 52 * bytecode/InByStatus.h: Renamed from Source/JavaScriptCore/bytecode/InByIdStatus.h. 53 * bytecode/RecordedStatuses.cpp: 54 (JSC::RecordedStatuses::addInByStatus): Renamed from addInByIdStatus. 55 * bytecode/RecordedStatuses.h: 56 * bytecode/SetPrivateBrandStatus.cpp: 57 (JSC::SetPrivateBrandStatus::singleIdentifier const): 58 * bytecode/StructureStubInfo.cpp: 59 (JSC::StructureStubInfo::reset): 60 * bytecode/StructureStubInfo.h: 61 * dfg/DFGAbstractInterpreterInlines.h: 62 (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): 63 (JSC::DFG::AbstractInterpreter<AbstractStateType>::filterICStatus): 64 * dfg/DFGArgumentsEliminationPhase.cpp: 65 * dfg/DFGByteCodeParser.cpp: 66 (JSC::DFG::ByteCodeParser::handleInById): 67 (JSC::DFG::ByteCodeParser::parseBlock): 68 * dfg/DFGClobberize.h: 69 (JSC::DFG::clobberize): 70 * dfg/DFGClobbersExitState.cpp: 71 (JSC::DFG::clobbersExitState): 72 * dfg/DFGDoesGC.cpp: 73 (JSC::DFG::doesGC): 74 * dfg/DFGFixupPhase.cpp: 75 (JSC::DFG::FixupPhase::fixupNode): 76 * dfg/DFGGraph.cpp: 77 (JSC::DFG::Graph::dump): 78 * dfg/DFGJITCompiler.cpp: 79 (JSC::DFG::JITCompiler::link): 80 * dfg/DFGJITCompiler.h: 81 (JSC::DFG::JITCompiler::addInByVal): 82 * dfg/DFGMayExit.cpp: 83 * dfg/DFGNode.h: 84 (JSC::DFG::Node::hasInByStatus): Renamed from hasInByIdStatus. 85 (JSC::DFG::Node::inByStatus): Renamed from inByIdStatus. 86 * dfg/DFGNodeType.h: 87 * dfg/DFGObjectAllocationSinkingPhase.cpp: 88 * dfg/DFGPredictionPropagationPhase.cpp: 89 * dfg/DFGSafeToExecute.h: 90 (JSC::DFG::safeToExecute): 91 * dfg/DFGSpeculativeJIT.cpp: 92 (JSC::DFG::SpeculativeJIT::compileInByVal): 93 * dfg/DFGSpeculativeJIT32_64.cpp: 94 (JSC::DFG::SpeculativeJIT::compile): 95 * dfg/DFGSpeculativeJIT64.cpp: 96 (JSC::DFG::SpeculativeJIT::compile): 97 * dfg/DFGVarargsForwardingPhase.cpp: 98 * ftl/FTLCapabilities.cpp: 99 (JSC::FTL::canCompile): 100 * ftl/FTLLowerDFGToB3.cpp: 101 (JSC::FTL::DFG::LowerDFGToB3::compileNode): 102 (JSC::FTL::DFG::LowerDFGToB3::compileInBy): 103 (JSC::FTL::DFG::LowerDFGToB3::compileInById): 104 (JSC::FTL::DFG::LowerDFGToB3::compileInByVal): 105 * jit/ICStats.h: 106 * jit/JIT.cpp: 107 (JSC::JIT::privateCompileMainPass): 108 (JSC::JIT::privateCompileSlowCases): 109 (JSC::JIT::link): 110 * jit/JIT.h: 111 * jit/JITInlineCacheGenerator.cpp: 112 (JSC::JITInByValGenerator::JITInByValGenerator): 113 (JSC::JITInByValGenerator::generateFastPath): 114 (JSC::JITInByValGenerator::finalize): 115 (JSC::JITInByIdGenerator::JITInByIdGenerator): 116 * jit/JITInlineCacheGenerator.h: 117 (JSC::JITDelByIdGenerator::slowPathJump const): 118 (JSC::JITInByValGenerator::JITInByValGenerator): 119 (JSC::JITInByValGenerator::slowPathJump const): 120 * jit/JITOperations.cpp: 121 (JSC::JSC_DEFINE_JIT_OPERATION): 122 * jit/JITOperations.h: 123 * jit/JITPropertyAccess.cpp: 124 (JSC::JIT::emit_op_in_by_val): 125 (JSC::JIT::emitSlow_op_in_by_val): 126 * jit/JITPropertyAccess32_64.cpp: 127 (JSC::JIT::emit_op_in_by_val): 128 (JSC::JIT::emitSlow_op_in_by_val): 129 * jit/Repatch.cpp: 130 (JSC::tryCacheInBy): Renamed from tryCacheInByID. 131 (JSC::repatchInBy): Renamed from repatchInByID. 132 (JSC::resetInBy): Renamed from resetInByID. 133 * jit/Repatch.h: 134 * llint/LLIntSlowPaths.cpp: 135 (JSC::LLInt::LLINT_SLOW_PATH_DECL): 136 * llint/LLIntSlowPaths.h: 137 * llint/LowLevelInterpreter.asm: 138 * runtime/CommonSlowPaths.cpp: 139 * runtime/CommonSlowPaths.h: 140 1 141 2021-06-03 Mark Lam <mark.lam@apple.com> 2 142 -
trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
r278381 r278445 1402 1402 A1D793011B43864B004516F5 /* IntlNumberFormatPrototype.h in Headers */ = {isa = PBXBuildFile; fileRef = A1D792FB1B43864B004516F5 /* IntlNumberFormatPrototype.h */; }; 1403 1403 A321AA6D2626359B0023ADA2 /* IntlWorkaround.h in Headers */ = {isa = PBXBuildFile; fileRef = A321AA6C2626359B0023ADA2 /* IntlWorkaround.h */; }; 1404 A382C5312667111D0042CD99 /* InByIdVariant.h in Headers */ = {isa = PBXBuildFile; fileRef = E3305FB120B0F78800CEB82B /* InByIdVariant.h */; settings = {ATTRIBUTES = (Private, ); }; }; 1404 1405 A38D250E25800D440042BFDD /* JSArrayBufferPrototypeInlines.h in Headers */ = {isa = PBXBuildFile; fileRef = A38D250D25800D430042BFDD /* JSArrayBufferPrototypeInlines.h */; }; 1406 A38D5BFC2666D3DA00A109A6 /* InByStatus.h in Headers */ = {isa = PBXBuildFile; fileRef = A38D5BFA2666D3DA00A109A6 /* InByStatus.h */; settings = {ATTRIBUTES = (Private, ); }; }; 1405 1407 A3EE8543262514B000FC9B8D /* IntlWorkaround.cpp in Sources */ = {isa = PBXBuildFile; fileRef = A37619402625127C00CBCBA9 /* IntlWorkaround.cpp */; }; 1406 1408 A3FF9BC72234749100B1A9AB /* YarrFlags.h in Headers */ = {isa = PBXBuildFile; fileRef = A3FF9BC52234746600B1A9AB /* YarrFlags.h */; settings = {ATTRIBUTES = (Private, ); }; }; … … 4431 4433 A37619402625127C00CBCBA9 /* IntlWorkaround.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = IntlWorkaround.cpp; sourceTree = "<group>"; }; 4432 4434 A38D250D25800D430042BFDD /* JSArrayBufferPrototypeInlines.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSArrayBufferPrototypeInlines.h; sourceTree = "<group>"; }; 4435 A38D5BF92666D3DA00A109A6 /* InByStatus.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = InByStatus.cpp; sourceTree = "<group>"; }; 4436 A38D5BFA2666D3DA00A109A6 /* InByStatus.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = InByStatus.h; sourceTree = "<group>"; }; 4433 4437 A3AFF92B245A3CF900C9BA3B /* IntlLocale.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = IntlLocale.h; sourceTree = "<group>"; }; 4434 4438 A3AFF92C245A3CFA00C9BA3B /* IntlLocaleConstructor.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = IntlLocaleConstructor.h; sourceTree = "<group>"; }; … … 5059 5063 E3282BBA1FE930A400EDAF71 /* YarrErrorCode.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = YarrErrorCode.h; path = yarr/YarrErrorCode.h; sourceTree = "<group>"; }; 5060 5064 E32C3C6823E94C1E00BC97C0 /* UnlinkedCodeBlockGenerator.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = UnlinkedCodeBlockGenerator.h; sourceTree = "<group>"; }; 5061 E3305FAF20B0F78700CEB82B /* InByIdStatus.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = InByIdStatus.h; sourceTree = "<group>"; };5062 5065 E3305FB020B0F78700CEB82B /* InByIdVariant.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = InByIdVariant.cpp; sourceTree = "<group>"; }; 5063 5066 E3305FB120B0F78800CEB82B /* InByIdVariant.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = InByIdVariant.h; sourceTree = "<group>"; }; 5064 E3305FB220B0F78800CEB82B /* InByIdStatus.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = InByIdStatus.cpp; sourceTree = "<group>"; };5065 5067 E33095DC23210A1400EB7856 /* JSInternalFieldObjectImpl.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = JSInternalFieldObjectImpl.h; sourceTree = "<group>"; }; 5066 5068 E334CBB221FD96A8000EB178 /* RegExpGlobalData.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = RegExpGlobalData.cpp; sourceTree = "<group>"; }; … … 6283 6285 72131BF326587EF2007114CF /* JITSafepoint.cpp */, 6284 6286 72131BF526587EF2007114CF /* JITSafepoint.h */, 6287 72131BF426587EF2007114CF /* JITScannable.h */, 6285 6288 52B5100C265EFCD4008970E7 /* JITSizeStatistics.cpp */, 6286 6289 52B5100B265EFCD4008970E7 /* JITSizeStatistics.h */, 6287 72131BF426587EF2007114CF /* JITScannable.h */,6288 6290 0F766D2615A8CC1B008F363E /* JITStubRoutine.cpp */, 6289 6291 0F766D1C15A5028D008F363E /* JITStubRoutine.h */, … … 8578 8580 0F44A7B520C0BE3F0022B171 /* ICStatusUtils.cpp */, 8579 8581 0FB399BD20AF6B380017E213 /* ICStatusUtils.h */, 8580 E3305FB220B0F78800CEB82B /* InByIdStatus.cpp */,8581 E3305FAF20B0F78700CEB82B /* InByIdStatus.h */,8582 8582 E3305FB020B0F78700CEB82B /* InByIdVariant.cpp */, 8583 8583 E3305FB120B0F78800CEB82B /* InByIdVariant.h */, 8584 A38D5BF92666D3DA00A109A6 /* InByStatus.cpp */, 8585 A38D5BFA2666D3DA00A109A6 /* InByStatus.h */, 8584 8586 7905BB661D12050E0019FE57 /* InlineAccess.cpp */, 8585 8587 7905BB671D12050E0019FE57 /* InlineAccess.h */, … … 9618 9620 0F300B7C18AB1B1400A6D72E /* DFGIntegerCheckCombiningPhase.h in Headers */, 9619 9621 0F898F321B27689F0083A33C /* DFGIntegerRangeOptimizationPhase.h in Headers */, 9620 52B5100D265EFCDB008970E7 /* JITSizeStatistics.h in Headers */,9621 9622 0FC97F3E18202119002C9B26 /* DFGInvalidationPointInjectionPhase.h in Headers */, 9622 9623 0FEA0A34170D40BF00BB722C /* DFGJITCode.h in Headers */, … … 9921 9922 8606DDEA18DA44AB00A383D0 /* IdentifierInlines.h in Headers */, 9922 9923 A5FD0076189B038C00633231 /* IdentifiersFactory.h in Headers */, 9924 A382C5312667111D0042CD99 /* InByIdVariant.h in Headers */, 9925 A38D5BFC2666D3DA00A109A6 /* InByStatus.h in Headers */, 9923 9926 C25F8BCE157544A900245B71 /* IncrementalSweeper.h in Headers */, 9924 9927 0FB7F39915ED8E4600F167B2 /* IndexingHeader.h in Headers */, … … 10072 10075 72131BF926587EF2007114CF /* JITSafepoint.h in Headers */, 10073 10076 72131BF826587EF2007114CF /* JITScannable.h in Headers */, 10077 52B5100D265EFCDB008970E7 /* JITSizeStatistics.h in Headers */, 10074 10078 0F766D3115AA8112008F363E /* JITStubRoutine.h in Headers */, 10075 10079 0F766D2C15A8CC3A008F363E /* JITStubRoutineSet.h in Headers */, -
trunk/Source/JavaScriptCore/Sources.txt
r278381 r278445 240 240 bytecode/ICStatusMap.cpp 241 241 bytecode/ICStatusUtils.cpp 242 bytecode/InBy IdStatus.cpp242 bytecode/InByStatus.cpp 243 243 bytecode/InByIdVariant.cpp 244 244 bytecode/InlineAccess.cpp -
trunk/Source/JavaScriptCore/bytecode/CheckPrivateBrandStatus.cpp
r275490 r278445 220 220 CacheableIdentifier CheckPrivateBrandStatus::singleIdentifier() const 221 221 { 222 if (m_variants.isEmpty()) 223 return nullptr; 224 225 CacheableIdentifier result = m_variants.first().identifier(); 226 if (!result) 227 return nullptr; 228 for (size_t i = 1; i < m_variants.size(); ++i) { 229 CacheableIdentifier identifier = m_variants[i].identifier(); 230 if (!identifier) 231 return nullptr; 232 if (identifier != result) 233 return nullptr; 234 } 235 return result; 222 return singleIdentifierForICStatus(m_variants); 236 223 } 237 224 -
trunk/Source/JavaScriptCore/bytecode/DeleteByStatus.cpp
r275490 r278445 246 246 CacheableIdentifier DeleteByStatus::singleIdentifier() const 247 247 { 248 if (m_variants.isEmpty()) 249 return nullptr; 250 251 CacheableIdentifier result = m_variants.first().identifier(); 252 if (!result) 253 return nullptr; 254 for (size_t i = 1; i < m_variants.size(); ++i) { 255 CacheableIdentifier identifier = m_variants[i].identifier(); 256 if (!identifier) 257 return nullptr; 258 if (identifier != result) 259 return nullptr; 260 } 261 return result; 248 return singleIdentifierForICStatus(m_variants); 262 249 } 263 250 -
trunk/Source/JavaScriptCore/bytecode/GetByStatus.cpp
r275490 r278445 580 580 return m_moduleNamespaceData->m_identifier; 581 581 582 if (m_variants.isEmpty()) 583 return nullptr; 584 585 CacheableIdentifier result = m_variants.first().identifier(); 586 if (!result) 587 return nullptr; 588 for (size_t i = 1; i < m_variants.size(); ++i) { 589 CacheableIdentifier identifier = m_variants[i].identifier(); 590 if (!identifier) 591 return nullptr; 592 if (identifier != result) 593 return nullptr; 594 } 595 return result; 582 return singleIdentifierForICStatus(m_variants); 596 583 } 597 584 -
trunk/Source/JavaScriptCore/bytecode/ICStatusMap.h
r259583 r278445 36 36 class CodeBlock; 37 37 class GetByStatus; 38 class InBy IdStatus;38 class InByStatus; 39 39 class PutByIdStatus; 40 40 class DeleteByStatus; … … 48 48 CallLinkStatus* callStatus { nullptr }; 49 49 GetByStatus* getStatus { nullptr }; 50 InBy IdStatus* inStatus { nullptr };50 InByStatus* inStatus { nullptr }; 51 51 PutByIdStatus* putStatus { nullptr }; 52 52 DeleteByStatus* deleteStatus { nullptr }; -
trunk/Source/JavaScriptCore/bytecode/ICStatusUtils.h
r252763 r278445 27 27 28 28 #include "BytecodeIndex.h" 29 #include "CacheableIdentifier.h" 29 30 #include "ExitFlag.h" 30 31 … … 73 74 } 74 75 76 template<typename VariantVectorType> 77 CacheableIdentifier singleIdentifierForICStatus(VariantVectorType& variants) 78 { 79 if (variants.isEmpty()) 80 return nullptr; 81 82 CacheableIdentifier result = variants.first().identifier(); 83 if (!result) 84 return nullptr; 85 86 for (size_t i = 1; i < variants.size(); ++i) { 87 CacheableIdentifier identifier = variants[i].identifier(); 88 if (!identifier || identifier != result) 89 return nullptr; 90 } 91 92 return result; 93 } 94 75 95 ExitFlag hasBadCacheExitSite(CodeBlock* profiledBlock, BytecodeIndex); 76 96 -
trunk/Source/JavaScriptCore/bytecode/InByIdVariant.cpp
r273138 r278445 28 28 #include "InByIdVariant.h" 29 29 30 #include "CacheableIdentifierInlines.h" 31 30 32 namespace JSC { 31 33 32 InByIdVariant::InByIdVariant( const StructureSet& structureSet, PropertyOffset offset, const ObjectPropertyConditionSet& conditionSet)34 InByIdVariant::InByIdVariant(CacheableIdentifier identifier, const StructureSet& structureSet, PropertyOffset offset, const ObjectPropertyConditionSet& conditionSet) 33 35 : m_structureSet(structureSet) 34 36 , m_conditionSet(conditionSet) 35 37 , m_offset(offset) 38 , m_identifier(WTFMove(identifier)) 36 39 { 37 40 if (!structureSet.size()) { … … 43 46 bool InByIdVariant::attemptToMerge(const InByIdVariant& other) 44 47 { 48 if (!!m_identifier != !!other.m_identifier) 49 return false; 50 51 if (m_identifier && (m_identifier != other.m_identifier)) 52 return false; 53 45 54 if (m_offset != other.m_offset) 46 55 return false; … … 90 99 void InByIdVariant::dumpInContext(PrintStream& out, DumpContext* context) const 91 100 { 101 out.print("<id='", m_identifier, "', "); 92 102 if (!isSet()) { 93 out.print(" <empty>");103 out.print("empty>"); 94 104 return; 95 105 } 96 106 97 out.print( 98 "<", inContext(structureSet(), context), ", ", inContext(m_conditionSet, context)); 107 out.print(inContext(structureSet(), context), ", ", inContext(m_conditionSet, context)); 99 108 out.print(", offset = ", offset()); 100 109 out.print(">"); -
trunk/Source/JavaScriptCore/bytecode/InByIdVariant.h
r273138 r278445 27 27 #pragma once 28 28 29 #include "CacheableIdentifier.h" 29 30 #include "ObjectPropertyConditionSet.h" 30 31 #include "PropertyOffset.h" … … 36 37 } 37 38 38 class InBy IdStatus;39 class InByStatus; 39 40 struct DumpContext; 40 41 … … 42 43 WTF_MAKE_FAST_ALLOCATED; 43 44 public: 44 InByIdVariant( const StructureSet& = StructureSet(), PropertyOffset = invalidOffset, const ObjectPropertyConditionSet& = ObjectPropertyConditionSet());45 InByIdVariant(CacheableIdentifier, const StructureSet& = StructureSet(), PropertyOffset = invalidOffset, const ObjectPropertyConditionSet& = ObjectPropertyConditionSet()); 45 46 46 47 bool isSet() const { return !!m_structureSet.size(); } … … 64 65 void dumpInContext(PrintStream&, DumpContext*) const; 65 66 67 CacheableIdentifier identifier() const { return m_identifier; } 68 66 69 bool overlaps(const InByIdVariant& other) 67 70 { 71 if (!!m_identifier != !!other.m_identifier) 72 return true; 73 if (m_identifier) { 74 if (m_identifier != other.m_identifier) 75 return false; 76 } 68 77 return structureSet().overlaps(other.structureSet()); 69 78 } 70 79 71 80 private: 72 friend class InBy IdStatus;81 friend class InByStatus; 73 82 74 83 StructureSet m_structureSet; 75 84 ObjectPropertyConditionSet m_conditionSet; 76 85 PropertyOffset m_offset; 86 CacheableIdentifier m_identifier; 77 87 }; 78 88 -
trunk/Source/JavaScriptCore/bytecode/InByStatus.cpp
r278444 r278445 26 26 27 27 #include "config.h" 28 #include "InByIdStatus.h" 29 28 #include "InByStatus.h" 29 30 #include "CacheableIdentifierInlines.h" 30 31 #include "CodeBlock.h" 31 32 #include "ComplexGetStatus.h" … … 37 38 namespace JSC { 38 39 39 bool InBy IdStatus::appendVariant(const InByIdVariant& variant)40 bool InByStatus::appendVariant(const InByIdVariant& variant) 40 41 { 41 42 return appendICStatusVariant(m_variants, variant); 42 43 } 43 44 44 void InBy IdStatus::shrinkToFit()45 void InByStatus::shrinkToFit() 45 46 { 46 47 m_variants.shrinkToFit(); … … 48 49 49 50 #if ENABLE(JIT) 50 InBy IdStatus InByIdStatus::computeFor(CodeBlock* profiledBlock, ICStatusMap& map, BytecodeIndex bytecodeIndex, UniquedStringImpl* uid, ExitFlag didExit)51 InByStatus InByStatus::computeFor(CodeBlock* profiledBlock, ICStatusMap& map, BytecodeIndex bytecodeIndex, ExitFlag didExit) 51 52 { 52 53 ConcurrentJSLocker locker(profiledBlock->m_lock); 53 54 54 InBy IdStatus result;55 InByStatus result; 55 56 56 57 #if ENABLE(DFG_JIT) 57 result = computeForStubInfoWithoutExitSiteFeedback(locker, profiledBlock->vm(), map.get(CodeOrigin(bytecodeIndex)).stubInfo , uid);58 result = computeForStubInfoWithoutExitSiteFeedback(locker, profiledBlock->vm(), map.get(CodeOrigin(bytecodeIndex)).stubInfo); 58 59 59 60 if (!result.takesSlowPath() && didExit) 60 return InBy IdStatus(TakesSlowPath);61 return InByStatus(TakesSlowPath); 61 62 #else 62 63 UNUSED_PARAM(map); 63 64 UNUSED_PARAM(bytecodeIndex); 64 UNUSED_PARAM(uid);65 65 UNUSED_PARAM(didExit); 66 66 #endif … … 69 69 } 70 70 71 InBy IdStatus InByIdStatus::computeFor(CodeBlock* profiledBlock, ICStatusMap& map, BytecodeIndex bytecodeIndex, UniquedStringImpl* uid)72 { 73 return computeFor(profiledBlock, map, bytecodeIndex, uid,hasBadCacheExitSite(profiledBlock, bytecodeIndex));74 } 75 76 InBy IdStatus InByIdStatus::computeFor(71 InByStatus InByStatus::computeFor(CodeBlock* profiledBlock, ICStatusMap& map, BytecodeIndex bytecodeIndex) 72 { 73 return computeFor(profiledBlock, map, bytecodeIndex, hasBadCacheExitSite(profiledBlock, bytecodeIndex)); 74 } 75 76 InByStatus InByStatus::computeFor( 77 77 CodeBlock* profiledBlock, ICStatusMap& baselineMap, 78 ICStatusContextStack& contextStack, CodeOrigin codeOrigin , UniquedStringImpl* uid)78 ICStatusContextStack& contextStack, CodeOrigin codeOrigin) 79 79 { 80 80 BytecodeIndex bytecodeIndex = codeOrigin.bytecodeIndex(); … … 84 84 ICStatus status = context->get(codeOrigin); 85 85 86 auto bless = [&] (const InBy IdStatus& result) -> InByIdStatus {86 auto bless = [&] (const InByStatus& result) -> InByStatus { 87 87 if (!context->isInlined(codeOrigin)) { 88 InBy IdStatus baselineResult = computeFor(89 profiledBlock, baselineMap, bytecodeIndex, uid,didExit);88 InByStatus baselineResult = computeFor( 89 profiledBlock, baselineMap, bytecodeIndex, didExit); 90 90 baselineResult.merge(result); 91 91 return baselineResult; 92 92 } 93 93 if (didExit.isSet(ExitFromInlined)) 94 return InBy IdStatus(TakesSlowPath);94 return InByStatus(TakesSlowPath); 95 95 return result; 96 96 }; … … 98 98 #if ENABLE(DFG_JIT) 99 99 if (status.stubInfo) { 100 InBy IdStatus result;100 InByStatus result; 101 101 { 102 102 ConcurrentJSLocker locker(context->optimizedCodeBlock->m_lock); 103 result = computeForStubInfoWithoutExitSiteFeedback(locker, profiledBlock->vm(), status.stubInfo , uid);103 result = computeForStubInfoWithoutExitSiteFeedback(locker, profiledBlock->vm(), status.stubInfo); 104 104 } 105 105 if (result.isSet()) … … 112 112 } 113 113 114 return computeFor(profiledBlock, baselineMap, bytecodeIndex, uid,didExit);114 return computeFor(profiledBlock, baselineMap, bytecodeIndex, didExit); 115 115 } 116 116 #endif // ENABLE(JIT) 117 117 118 118 #if ENABLE(DFG_JIT) 119 InBy IdStatus InByIdStatus::computeForStubInfo(const ConcurrentJSLocker& locker, CodeBlock* profiledBlock, StructureStubInfo* stubInfo, CodeOrigin codeOrigin, UniquedStringImpl* uid)120 { 121 InBy IdStatus result = InByIdStatus::computeForStubInfoWithoutExitSiteFeedback(locker, profiledBlock->vm(), stubInfo, uid);119 InByStatus InByStatus::computeForStubInfo(const ConcurrentJSLocker& locker, CodeBlock* profiledBlock, StructureStubInfo* stubInfo, CodeOrigin codeOrigin) 120 { 121 InByStatus result = InByStatus::computeForStubInfoWithoutExitSiteFeedback(locker, profiledBlock->vm(), stubInfo); 122 122 123 123 if (!result.takesSlowPath() && hasBadCacheExitSite(profiledBlock, codeOrigin.bytecodeIndex())) 124 return InBy IdStatus(TakesSlowPath);124 return InByStatus(TakesSlowPath); 125 125 return result; 126 126 } 127 127 128 InBy IdStatus InByIdStatus::computeForStubInfoWithoutExitSiteFeedback(const ConcurrentJSLocker&, VM& vm, StructureStubInfo* stubInfo, UniquedStringImpl* uid)128 InByStatus InByStatus::computeForStubInfoWithoutExitSiteFeedback(const ConcurrentJSLocker&, VM& vm, StructureStubInfo* stubInfo) 129 129 { 130 130 StubInfoSummary summary = StructureStubInfo::summary(vm, stubInfo); 131 131 if (!isInlineable(summary)) 132 return InBy IdStatus(summary);132 return InByStatus(summary); 133 133 134 134 // Finally figure out if we can derive an access strategy. 135 InBy IdStatus result;135 InByStatus result; 136 136 result.m_state = Simple; 137 137 switch (stubInfo->cacheType()) { 138 138 case CacheType::Unset: 139 return InBy IdStatus(NoInformation);139 return InByStatus(NoInformation); 140 140 141 141 case CacheType::InByIdSelf: { 142 142 Structure* structure = stubInfo->u.byIdSelf.baseObjectStructure.get(); 143 143 if (structure->takesSlowPathInDFGForImpureProperty()) 144 return InByIdStatus(TakesSlowPath); 144 return InByStatus(TakesSlowPath); 145 CacheableIdentifier identifier = stubInfo->identifier(); 146 UniquedStringImpl* uid = identifier.uid(); 147 RELEASE_ASSERT(uid); 148 InByIdVariant variant(WTFMove(identifier)); 145 149 unsigned attributes; 146 InByIdVariant variant;147 150 variant.m_offset = structure->getConcurrently(uid, attributes); 148 151 if (!isValidOffset(variant.m_offset)) 149 return InBy IdStatus(TakesSlowPath);152 return InByStatus(TakesSlowPath); 150 153 if (attributes & PropertyAttribute::CustomAccessorOrValue) 151 return InBy IdStatus(TakesSlowPath);154 return InByStatus(TakesSlowPath); 152 155 153 156 variant.m_structureSet.add(structure); … … 162 165 const AccessCase& access = list->at(listIndex); 163 166 if (access.viaProxy()) 164 return InBy IdStatus(TakesSlowPath);167 return InByStatus(TakesSlowPath); 165 168 166 169 if (access.usesPolyProto()) 167 return InBy IdStatus(TakesSlowPath);170 return InByStatus(TakesSlowPath); 168 171 169 172 Structure* structure = access.structure(); … … 175 178 // told us. But, it works well enough. So, our only concern here is to not 176 179 // crash on null structure. 177 return InBy IdStatus(TakesSlowPath);178 } 179 180 ComplexGetStatus complexGetStatus = ComplexGetStatus::computeFor(structure, access.conditionSet(), uid);180 return InByStatus(TakesSlowPath); 181 } 182 183 ComplexGetStatus complexGetStatus = ComplexGetStatus::computeFor(structure, access.conditionSet(), access.uid()); 181 184 switch (complexGetStatus.kind()) { 182 185 case ComplexGetStatus::ShouldSkip: … … 184 187 185 188 case ComplexGetStatus::TakesSlowPath: 186 return InBy IdStatus(TakesSlowPath);189 return InByStatus(TakesSlowPath); 187 190 188 191 case ComplexGetStatus::Inlineable: { … … 192 195 break; 193 196 default: 194 return InBy IdStatus(TakesSlowPath);197 return InByStatus(TakesSlowPath); 195 198 } 196 199 197 200 InByIdVariant variant( 198 StructureSet(structure), complexGetStatus.offset(),201 access.identifier(), StructureSet(structure), complexGetStatus.offset(), 199 202 complexGetStatus.conditionSet()); 200 203 201 204 if (!result.appendVariant(variant)) 202 return InBy IdStatus(TakesSlowPath);205 return InByStatus(TakesSlowPath); 203 206 break; 204 207 } … … 211 214 212 215 default: 213 return InBy IdStatus(TakesSlowPath);216 return InByStatus(TakesSlowPath); 214 217 } 215 218 216 219 RELEASE_ASSERT_NOT_REACHED(); 217 return InBy IdStatus();220 return InByStatus(); 218 221 } 219 222 #endif 220 223 221 void InBy IdStatus::merge(const InByIdStatus& other)224 void InByStatus::merge(const InByStatus& other) 222 225 { 223 226 if (other.m_state == NoInformation) … … 231 234 case Simple: 232 235 if (other.m_state != Simple) { 233 *this = InBy IdStatus(TakesSlowPath);236 *this = InByStatus(TakesSlowPath); 234 237 return; 235 238 } 236 239 for (const InByIdVariant& otherVariant : other.m_variants) { 237 240 if (!appendVariant(otherVariant)) { 238 *this = InBy IdStatus(TakesSlowPath);241 *this = InByStatus(TakesSlowPath); 239 242 return; 240 243 } … … 250 253 } 251 254 252 void InBy IdStatus::filter(const StructureSet& structureSet)255 void InByStatus::filter(const StructureSet& structureSet) 253 256 { 254 257 if (m_state != Simple) … … 260 263 261 264 template<typename Visitor> 262 void InBy IdStatus::markIfCheap(Visitor& visitor)265 void InByStatus::markIfCheap(Visitor& visitor) 263 266 { 264 267 for (InByIdVariant& variant : m_variants) … … 266 269 } 267 270 268 template void InBy IdStatus::markIfCheap(AbstractSlotVisitor&);269 template void InBy IdStatus::markIfCheap(SlotVisitor&);270 271 bool InBy IdStatus::finalize(VM& vm)271 template void InByStatus::markIfCheap(AbstractSlotVisitor&); 272 template void InByStatus::markIfCheap(SlotVisitor&); 273 274 bool InByStatus::finalize(VM& vm) 272 275 { 273 276 for (InByIdVariant& variant : m_variants) { … … 278 281 } 279 282 280 void InByIdStatus::dump(PrintStream& out) const 283 CacheableIdentifier InByStatus::singleIdentifier() const 284 { 285 return singleIdentifierForICStatus(m_variants); 286 } 287 288 void InByStatus::dump(PrintStream& out) const 281 289 { 282 290 out.print("("); -
trunk/Source/JavaScriptCore/bytecode/InByStatus.h
r278444 r278445 40 40 class StructureStubInfo; 41 41 42 class InBy IdStatus final {42 class InByStatus final { 43 43 WTF_MAKE_FAST_ALLOCATED; 44 44 public: … … 53 53 }; 54 54 55 InBy IdStatus() = default;55 InByStatus() = default; 56 56 57 InBy IdStatus(State state, const InByIdVariant& variant = InByIdVariant())57 InByStatus(State state) 58 58 : m_state(state) 59 59 { 60 ASSERT((state == Simple) == variant.isSet()); 61 if (variant.isSet()) 62 m_variants.append(variant); 60 ASSERT(state != Simple); 63 61 } 64 62 65 explicit InBy IdStatus(StubInfoSummary summary)63 explicit InByStatus(StubInfoSummary summary) 66 64 { 67 65 switch (summary) { … … 81 79 } 82 80 83 static InBy IdStatus computeFor(CodeBlock*, ICStatusMap&, BytecodeIndex, UniquedStringImpl* uid);84 static InBy IdStatus computeFor(CodeBlock*, ICStatusMap&, BytecodeIndex, UniquedStringImpl* uid, ExitFlag);85 static InBy IdStatus computeFor(CodeBlock* baselineBlock, ICStatusMap& baselineMap, ICStatusContextStack& contextStack, CodeOrigin, UniquedStringImpl* uid);81 static InByStatus computeFor(CodeBlock*, ICStatusMap&, BytecodeIndex); 82 static InByStatus computeFor(CodeBlock*, ICStatusMap&, BytecodeIndex, ExitFlag); 83 static InByStatus computeFor(CodeBlock* baselineBlock, ICStatusMap& baselineMap, ICStatusContextStack&, CodeOrigin); 86 84 87 85 #if ENABLE(DFG_JIT) 88 static InBy IdStatus computeForStubInfo(const ConcurrentJSLocker&, CodeBlock* baselineBlock, StructureStubInfo*, CodeOrigin, UniquedStringImpl* uid);86 static InByStatus computeForStubInfo(const ConcurrentJSLocker&, CodeBlock* baselineBlock, StructureStubInfo*, CodeOrigin); 89 87 #endif 90 88 … … 102 100 bool takesSlowPath() const { return m_state == TakesSlowPath; } 103 101 104 void merge(const InBy IdStatus&);102 void merge(const InByStatus&); 105 103 106 104 // Attempts to reduce the set of variants to fit the given structure set. This may be approximate. … … 112 110 void dump(PrintStream&) const; 113 111 112 CacheableIdentifier singleIdentifier() const; 113 114 114 private: 115 115 #if ENABLE(DFG_JIT) 116 static InBy IdStatus computeForStubInfoWithoutExitSiteFeedback(const ConcurrentJSLocker&, VM&, StructureStubInfo*, UniquedStringImpl* uid);116 static InByStatus computeForStubInfoWithoutExitSiteFeedback(const ConcurrentJSLocker&, VM&, StructureStubInfo*); 117 117 #endif 118 118 bool appendVariant(const InByIdVariant&); -
trunk/Source/JavaScriptCore/bytecode/RecordedStatuses.cpp
r273138 r278445 71 71 } 72 72 73 InBy IdStatus* RecordedStatuses::addInByIdStatus(const CodeOrigin& codeOrigin, const InByIdStatus& status)73 InByStatus* RecordedStatuses::addInByStatus(const CodeOrigin& codeOrigin, const InByStatus& status) 74 74 { 75 auto statusPtr = makeUnique<InBy IdStatus>(status);76 InBy IdStatus* result = statusPtr.get();75 auto statusPtr = makeUnique<InByStatus>(status); 76 InByStatus* result = statusPtr.get(); 77 77 ins.append(std::make_pair(codeOrigin, WTFMove(statusPtr))); 78 78 return result; -
trunk/Source/JavaScriptCore/bytecode/RecordedStatuses.h
r273138 r278445 30 30 #include "DeleteByStatus.h" 31 31 #include "GetByStatus.h" 32 #include "InBy IdStatus.h"32 #include "InByStatus.h" 33 33 #include "PutByIdStatus.h" 34 34 #include "SetPrivateBrandStatus.h" … … 50 50 GetByStatus* addGetByStatus(const CodeOrigin&, const GetByStatus&); 51 51 PutByIdStatus* addPutByIdStatus(const CodeOrigin&, const PutByIdStatus&); 52 InBy IdStatus* addInByIdStatus(const CodeOrigin&, const InByIdStatus&);52 InByStatus* addInByStatus(const CodeOrigin&, const InByStatus&); 53 53 DeleteByStatus* addDeleteByStatus(const CodeOrigin&, const DeleteByStatus&); 54 54 CheckPrivateBrandStatus* addCheckPrivateBrandStatus(const CodeOrigin&, const CheckPrivateBrandStatus&); … … 78 78 Vector<std::pair<CodeOrigin, std::unique_ptr<GetByStatus>>> gets; 79 79 Vector<std::pair<CodeOrigin, std::unique_ptr<PutByIdStatus>>> puts; 80 Vector<std::pair<CodeOrigin, std::unique_ptr<InBy IdStatus>>> ins;80 Vector<std::pair<CodeOrigin, std::unique_ptr<InByStatus>>> ins; 81 81 Vector<std::pair<CodeOrigin, std::unique_ptr<DeleteByStatus>>> deletes; 82 82 Vector<std::pair<CodeOrigin, std::unique_ptr<CheckPrivateBrandStatus>>> checkPrivateBrands; -
trunk/Source/JavaScriptCore/bytecode/SetPrivateBrandStatus.cpp
r275490 r278445 227 227 CacheableIdentifier SetPrivateBrandStatus::singleIdentifier() const 228 228 { 229 if (m_variants.isEmpty()) 230 return nullptr; 231 232 CacheableIdentifier result = m_variants.first().identifier(); 233 if (!result) 234 return nullptr; 235 for (size_t i = 1; i < m_variants.size(); ++i) { 236 CacheableIdentifier identifier = m_variants[i].identifier(); 237 if (!identifier) 238 return nullptr; 239 if (identifier != result) 240 return nullptr; 241 } 242 return result; 229 return singleIdentifierForICStatus(m_variants); 243 230 } 244 231 -
trunk/Source/JavaScriptCore/bytecode/StructureStubInfo.cpp
r277909 r278445 273 273 resetPutByID(codeBlock, *this); 274 274 break; 275 case AccessType::In: 276 resetInByID(codeBlock, *this); 275 case AccessType::InById: 276 resetInBy(codeBlock, *this, InByKind::Normal); 277 break; 278 case AccessType::InByVal: 279 resetInBy(codeBlock, *this, InByKind::NormalByVal); 277 280 break; 278 281 case AccessType::InstanceOf: -
trunk/Source/JavaScriptCore/bytecode/StructureStubInfo.h
r277958 r278445 56 56 GetByVal, 57 57 Put, 58 In, 58 InById, 59 InByVal, 59 60 InstanceOf, 60 61 DeleteByID, -
trunk/Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h
r278369 r278445 4440 4440 case FilterGetByStatus: 4441 4441 case FilterPutByIdStatus: 4442 case FilterInBy IdStatus:4442 case FilterInByStatus: 4443 4443 case FilterDeleteByStatus: 4444 4444 case FilterCheckPrivateBrandStatus: … … 4611 4611 } 4612 4612 4613 case FilterInBy IdStatus: {4613 case FilterInByStatus: { 4614 4614 AbstractValue& value = forNode(node->child1()); 4615 4615 if (value.m_structure.isFinite()) 4616 node->inBy IdStatus()->filter(value.m_structure.toStructureSet());4616 node->inByStatus()->filter(value.m_structure.toStructureSet()); 4617 4617 break; 4618 4618 } -
trunk/Source/JavaScriptCore/dfg/DFGArgumentsEliminationPhase.cpp
r272580 r278445 405 405 case FilterPutByIdStatus: 406 406 case FilterCallLinkStatus: 407 case FilterInBy IdStatus:407 case FilterInByStatus: 408 408 case FilterDeleteByStatus: 409 409 case FilterCheckPrivateBrandStatus: … … 1268 1268 case FilterPutByIdStatus: 1269 1269 case FilterCallLinkStatus: 1270 case FilterInBy IdStatus:1270 case FilterInByStatus: 1271 1271 case FilterDeleteByStatus: 1272 1272 case FilterCheckPrivateBrandStatus: -
trunk/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
r278253 r278445 56 56 #include "GetterSetter.h" 57 57 #include "Heap.h" 58 #include "InBy IdStatus.h"58 #include "InByStatus.h" 59 59 #include "InstanceOfStatus.h" 60 60 #include "JSArrayIterator.h" … … 264 264 void handleDeleteById( 265 265 VirtualRegister destination, Node* base, CacheableIdentifier, unsigned identifierNumber, DeleteByStatus, ECMAMode); 266 266 267 void handleInById(VirtualRegister destination, Node* base, CacheableIdentifier, InByStatus); 268 267 269 // Either register a watchpoint or emit a check for this condition. Returns false if the 268 270 // condition no longer holds, and therefore no reasonable check can be emitted. … … 4927 4929 set(destination, jsConstant(jsBoolean(variant.result()))); 4928 4930 return; 4931 } 4932 4933 void ByteCodeParser::handleInById(VirtualRegister destination, Node* base, CacheableIdentifier identifier, InByStatus status) 4934 { 4935 if (status.isSimple() && Options::useAccessInlining()) { 4936 bool allOK = true; 4937 MatchStructureData* data = m_graph.m_matchStructureData.add(); 4938 for (const InByIdVariant& variant : status.variants()) { 4939 if (!check(variant.conditionSet())) { 4940 allOK = false; 4941 break; 4942 } 4943 for (Structure* structure : variant.structureSet()) { 4944 MatchStructureVariant matchVariant; 4945 matchVariant.structure = m_graph.registerStructure(structure); 4946 matchVariant.result = variant.isHit(); 4947 4948 data->variants.append(WTFMove(matchVariant)); 4949 } 4950 } 4951 4952 if (allOK) { 4953 addToGraph(FilterInByStatus, OpInfo(m_graph.m_plan.recordedStatuses().addInByStatus(currentCodeOrigin(), status)), base); 4954 set(destination, addToGraph(MatchStructure, OpInfo(data), base)); 4955 return; 4956 } 4957 } 4958 4959 set(destination, addToGraph(InById, OpInfo(identifier), base)); 4929 4960 } 4930 4961 … … 8213 8244 case op_in_by_val: { 8214 8245 auto bytecode = currentInstruction->as<OpInByVal>(); 8215 ArrayMode arrayMode = getArrayMode(bytecode.metadata(codeBlock).m_arrayProfile, Array::Read); 8216 set(bytecode.m_dst, addToGraph(InByVal, OpInfo(arrayMode.asWord()), get(bytecode.m_base), get(bytecode.m_property))); 8246 Node* base = get(bytecode.m_base); 8247 Node* property = get(bytecode.m_property); 8248 bool compiledAsInById = false; 8249 8250 if (!m_inlineStackTop->m_exitProfile.hasExitSite(m_currentIndex, BadIdent) 8251 && !m_inlineStackTop->m_exitProfile.hasExitSite(m_currentIndex, BadType) 8252 && !m_inlineStackTop->m_exitProfile.hasExitSite(m_currentIndex, BadConstantValue)) { 8253 8254 InByStatus status = InByStatus::computeFor( 8255 m_inlineStackTop->m_profiledBlock, m_inlineStackTop->m_baselineMap, 8256 m_icContextStack, currentCodeOrigin()); 8257 8258 if (CacheableIdentifier identifier = status.singleIdentifier()) { 8259 UniquedStringImpl* uid = identifier.uid(); 8260 m_graph.identifiers().ensure(uid); 8261 if (identifier.isCell()) { 8262 FrozenValue* frozen = m_graph.freezeStrong(identifier.cell()); 8263 if (identifier.isSymbolCell()) 8264 addToGraph(CheckIsConstant, OpInfo(frozen), property); 8265 else 8266 addToGraph(CheckIdent, OpInfo(uid), property); 8267 } else 8268 addToGraph(CheckIdent, OpInfo(uid), property); 8269 8270 handleInById(bytecode.m_dst, base, identifier, status); 8271 compiledAsInById = true; 8272 } 8273 } 8274 8275 if (!compiledAsInById) { 8276 ArrayMode arrayMode = getArrayMode(bytecode.metadata(codeBlock).m_arrayProfile, Array::Read); 8277 set(bytecode.m_dst, addToGraph(InByVal, OpInfo(arrayMode.asWord()), base, property)); 8278 } 8217 8279 NEXT_OPCODE(op_in_by_val); 8218 8280 } … … 8223 8285 unsigned identifierNumber = m_inlineStackTop->m_identifierRemap[bytecode.m_property]; 8224 8286 UniquedStringImpl* uid = m_graph.identifiers()[identifierNumber]; 8225 8226 InByIdStatus status = InByIdStatus::computeFor( 8227 m_inlineStackTop->m_profiledBlock, 8228 m_inlineStackTop->m_baselineMap, m_icContextStack, 8229 currentCodeOrigin(), uid); 8230 8231 if (status.isSimple() && Options::useAccessInlining()) { 8232 bool allOK = true; 8233 MatchStructureData* data = m_graph.m_matchStructureData.add(); 8234 for (const InByIdVariant& variant : status.variants()) { 8235 if (!check(variant.conditionSet())) { 8236 allOK = false; 8237 break; 8238 } 8239 for (Structure* structure : variant.structureSet()) { 8240 MatchStructureVariant matchVariant; 8241 matchVariant.structure = m_graph.registerStructure(structure); 8242 matchVariant.result = variant.isHit(); 8243 8244 data->variants.append(WTFMove(matchVariant)); 8245 } 8246 } 8247 8248 if (allOK) { 8249 addToGraph(FilterInByIdStatus, OpInfo(m_graph.m_plan.recordedStatuses().addInByIdStatus(currentCodeOrigin(), status)), base); 8250 8251 Node* match = addToGraph(MatchStructure, OpInfo(data), base); 8252 set(bytecode.m_dst, match); 8253 NEXT_OPCODE(op_in_by_id); 8254 } 8255 } 8256 8257 set(bytecode.m_dst, addToGraph(InById, OpInfo(CacheableIdentifier::createFromIdentifierOwnedByCodeBlock(m_inlineStackTop->m_profiledBlock, uid)), base)); 8287 InByStatus status = InByStatus::computeFor( 8288 m_inlineStackTop->m_profiledBlock, m_inlineStackTop->m_baselineMap, 8289 m_icContextStack, currentCodeOrigin()); 8290 handleInById(bytecode.m_dst, base, CacheableIdentifier::createFromIdentifierOwnedByCodeBlock(m_inlineStackTop->m_profiledBlock, uid), status); 8258 8291 NEXT_OPCODE(op_in_by_id); 8259 8292 } -
trunk/Source/JavaScriptCore/dfg/DFGClobberize.h
r277926 r278445 505 505 case FilterGetByStatus: 506 506 case FilterPutByIdStatus: 507 case FilterInBy IdStatus:507 case FilterInByStatus: 508 508 case FilterDeleteByStatus: 509 509 case FilterCheckPrivateBrandStatus: -
trunk/Source/JavaScriptCore/dfg/DFGClobbersExitState.cpp
r272580 r278445 83 83 case FilterGetByStatus: 84 84 case FilterPutByIdStatus: 85 case FilterInBy IdStatus:85 case FilterInByStatus: 86 86 case FilterDeleteByStatus: 87 87 case FilterCheckPrivateBrandStatus: -
trunk/Source/JavaScriptCore/dfg/DFGDoesGC.cpp
r278424 r278445 250 250 case FilterGetByStatus: 251 251 case FilterPutByIdStatus: 252 case FilterInBy IdStatus:252 case FilterInByStatus: 253 253 case FilterDeleteByStatus: 254 254 case FilterCheckPrivateBrandStatus: -
trunk/Source/JavaScriptCore/dfg/DFGFixupPhase.cpp
r278253 r278445 2883 2883 case FilterGetByStatus: 2884 2884 case FilterPutByIdStatus: 2885 case FilterInBy IdStatus:2885 case FilterInByStatus: 2886 2886 case FilterDeleteByStatus: 2887 2887 case FilterCheckPrivateBrandStatus: -
trunk/Source/JavaScriptCore/dfg/DFGGraph.cpp
r276226 r278445 384 384 if (node->hasGetByStatus()) 385 385 out.print(comma, *node->getByStatus()); 386 if (node->hasInBy IdStatus())387 out.print(comma, *node->inBy IdStatus());386 if (node->hasInByStatus()) 387 out.print(comma, *node->inByStatus()); 388 388 if (node->hasPutByIdStatus()) 389 389 out.print(comma, *node->putByIdStatus()); -
trunk/Source/JavaScriptCore/dfg/DFGJITCompiler.cpp
r278030 r278445 256 256 finalizeInlineCaches(m_delByVals, linkBuffer); 257 257 finalizeInlineCaches(m_inByIds, linkBuffer); 258 finalizeInlineCaches(m_inByVals, linkBuffer); 258 259 finalizeInlineCaches(m_instanceOfs, linkBuffer); 259 260 finalizeInlineCaches(m_privateBrandAccesses, linkBuffer); -
trunk/Source/JavaScriptCore/dfg/DFGJITCompiler.h
r277680 r278445 215 215 } 216 216 217 void addInByVal(const JITInByValGenerator& gen, SlowPathGenerator* slowPath) 218 { 219 m_inByVals.append(InlineCacheWrapper<JITInByValGenerator>(gen, slowPath)); 220 } 221 217 222 void addPrivateBrandAccess(const JITPrivateBrandAccessGenerator& gen, SlowPathGenerator* slowPath) 218 223 { … … 354 359 Vector<InlineCacheWrapper<JITDelByValGenerator>, 4> m_delByVals; 355 360 Vector<InlineCacheWrapper<JITInByIdGenerator>, 4> m_inByIds; 361 Vector<InlineCacheWrapper<JITInByValGenerator>, 4> m_inByVals; 356 362 Vector<InlineCacheWrapper<JITInstanceOfGenerator>, 4> m_instanceOfs; 357 363 Vector<InlineCacheWrapper<JITPrivateBrandAccessGenerator>, 4> m_privateBrandAccesses; -
trunk/Source/JavaScriptCore/dfg/DFGMayExit.cpp
r274037 r278445 108 108 case FilterGetByStatus: 109 109 case FilterPutByIdStatus: 110 case FilterInBy IdStatus:110 case FilterInByStatus: 111 111 case FilterDeleteByStatus: 112 112 case FilterCheckPrivateBrandStatus: -
trunk/Source/JavaScriptCore/dfg/DFGNode.h
r278253 r278445 3110 3110 } 3111 3111 3112 bool hasInBy IdStatus()3113 { 3114 return op() == FilterInBy IdStatus;3115 } 3116 3117 InBy IdStatus* inByIdStatus()3118 { 3119 ASSERT(hasInBy IdStatus());3120 return m_opInfo.as<InBy IdStatus*>();3112 bool hasInByStatus() 3113 { 3114 return op() == FilterInByStatus; 3115 } 3116 3117 InByStatus* inByStatus() 3118 { 3119 ASSERT(hasInByStatus()); 3120 return m_opInfo.as<InByStatus*>(); 3121 3121 } 3122 3122 -
trunk/Source/JavaScriptCore/dfg/DFGNodeType.h
r277926 r278445 547 547 macro(FilterCallLinkStatus, NodeMustGenerate) \ 548 548 macro(FilterGetByStatus, NodeMustGenerate) \ 549 macro(FilterInBy IdStatus, NodeMustGenerate) \549 macro(FilterInByStatus, NodeMustGenerate) \ 550 550 macro(FilterPutByIdStatus, NodeMustGenerate) \ 551 551 macro(FilterDeleteByStatus, NodeMustGenerate) \ -
trunk/Source/JavaScriptCore/dfg/DFGObjectAllocationSinkingPhase.cpp
r274539 r278445 1260 1260 case FilterGetByStatus: 1261 1261 case FilterPutByIdStatus: 1262 case FilterInBy IdStatus:1262 case FilterInByStatus: 1263 1263 case FilterDeleteByStatus: 1264 1264 case FilterCheckPrivateBrandStatus: … … 2617 2617 case FilterGetByStatus: 2618 2618 case FilterPutByIdStatus: 2619 case FilterInBy IdStatus:2619 case FilterInByStatus: 2620 2620 case FilterDeleteByStatus: 2621 2621 case FilterCheckPrivateBrandStatus: -
trunk/Source/JavaScriptCore/dfg/DFGPredictionPropagationPhase.cpp
r277926 r278445 1452 1452 case FilterGetByStatus: 1453 1453 case FilterPutByIdStatus: 1454 case FilterInBy IdStatus:1454 case FilterInByStatus: 1455 1455 case FilterDeleteByStatus: 1456 1456 case FilterCheckPrivateBrandStatus: -
trunk/Source/JavaScriptCore/dfg/DFGSafeToExecute.h
r277926 r278445 362 362 case FilterGetByStatus: 363 363 case FilterPutByIdStatus: 364 case FilterInBy IdStatus:364 case FilterInByStatus: 365 365 case FilterDeleteByStatus: 366 366 case FilterCheckPrivateBrandStatus: -
trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
r278253 r278445 1287 1287 SpeculateCellOperand base(this, node->child1()); 1288 1288 JSValueOperand key(this, node->child2()); 1289 JSValueRegsTemporary result(this, Reuse, key); 1289 1290 1290 1291 GPRReg baseGPR = base.gpr(); 1291 JSValueRegs regs = key.jsValueRegs(); 1292 JSValueRegs keyRegs = key.jsValueRegs(); 1293 JSValueRegs resultRegs = result.regs(); 1292 1294 1293 1295 base.use(); 1294 1296 key.use(); 1295 1297 1296 flushRegisters(); 1297 JSValueRegsFlushedCallResult result(this); 1298 JSValueRegs resultRegs = result.regs(); 1299 callOperation(operationInByVal, resultRegs, TrustedImmPtr::weakPointer(m_graph, m_graph.globalObjectFor(node->origin.semantic)), baseGPR, regs); 1300 m_jit.exceptionCheck(); 1298 CodeOrigin codeOrigin = node->origin.semantic; 1299 CallSiteIndex callSite = m_jit.recordCallSiteAndGenerateExceptionHandlingOSRExitIfNeeded(codeOrigin, m_stream->size()); 1300 RegisterSet usedRegisters = this->usedRegisters(); 1301 JITInByValGenerator gen( 1302 m_jit.codeBlock(), codeOrigin, callSite, usedRegisters, 1303 JSValueRegs::payloadOnly(baseGPR), keyRegs, resultRegs); 1304 gen.generateFastPath(m_jit); 1305 1306 auto slowPath = slowPathCall( 1307 gen.slowPathJump(), this, operationInByValOptimize, 1308 NeedToSpill, ExceptionCheckRequirement::CheckNeeded, 1309 resultRegs, TrustedImmPtr::weakPointer(m_graph, m_graph.globalObjectFor(node->origin.semantic)), gen.stubInfo(), nullptr, CCallHelpers::CellValue(baseGPR), keyRegs); 1310 1311 m_jit.addInByVal(gen, slowPath.get()); 1312 addSlowPathGenerator(WTFMove(slowPath)); 1313 1301 1314 blessedBooleanResult(resultRegs.payloadGPR(), node, UseChildrenCalledExplicitly); 1302 1315 } -
trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp
r278253 r278445 4272 4272 case FilterGetByStatus: 4273 4273 case FilterPutByIdStatus: 4274 case FilterInBy IdStatus:4274 case FilterInByStatus: 4275 4275 case FilterDeleteByStatus: 4276 4276 case FilterCheckPrivateBrandStatus: -
trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
r278253 r278445 5706 5706 case FilterGetByStatus: 5707 5707 case FilterPutByIdStatus: 5708 case FilterInBy IdStatus:5708 case FilterInByStatus: 5709 5709 case FilterDeleteByStatus: 5710 5710 case FilterCheckPrivateBrandStatus: -
trunk/Source/JavaScriptCore/dfg/DFGVarargsForwardingPhase.cpp
r278211 r278445 199 199 case FilterPutByIdStatus: 200 200 case FilterCallLinkStatus: 201 case FilterInBy IdStatus:201 case FilterInByStatus: 202 202 case FilterDeleteByStatus: 203 203 case FilterCheckPrivateBrandStatus: … … 424 424 case FilterPutByIdStatus: 425 425 case FilterCallLinkStatus: 426 case FilterInBy IdStatus:426 case FilterInByStatus: 427 427 case FilterDeleteByStatus: 428 428 case FilterCheckPrivateBrandStatus: -
trunk/Source/JavaScriptCore/ftl/FTLCapabilities.cpp
r277926 r278445 410 410 case FilterGetByStatus: 411 411 case FilterPutByIdStatus: 412 case FilterInBy IdStatus:412 case FilterInByStatus: 413 413 case FilterDeleteByStatus: 414 414 case FilterCheckPrivateBrandStatus: -
trunk/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
r278338 r278445 1653 1653 case FilterGetByStatus: 1654 1654 case FilterPutByIdStatus: 1655 case FilterInBy IdStatus:1655 case FilterInByStatus: 1656 1656 case FilterDeleteByStatus: 1657 1657 case FilterCheckPrivateBrandStatus: … … 12214 12214 setJSValue(m_out.phi(Int64, results)); 12215 12215 } 12216 12217 void compileInByVal() 12218 { 12219 JSGlobalObject* globalObject = m_graph.globalObjectFor(m_origin.semantic); 12220 setJSValue(vmCall(Int64, operationInByVal, weakPointer(globalObject), lowCell(m_node->child1()), lowJSValue(m_node->child2()))); 12221 } 12222 12216 12223 12217 void compileHasPrivateName() 12224 12218 { … … 12233 12227 } 12234 12228 12235 void compileInById() 12236 { 12237 Node* node = m_node; 12238 CacheableIdentifier identifier = node->cacheableIdentifier(); 12239 LValue base = lowCell(m_node->child1()); 12240 12229 template<InByKind kind, typename SubscriptKind> 12230 void compileInBy(LValue base, SubscriptKind subscriptValue) 12231 { 12241 12232 PatchpointValue* patchpoint = m_out.patchpoint(Int64); 12242 12233 patchpoint->appendSomeRegister(base); 12234 if constexpr (kind != InByKind::Normal) 12235 patchpoint->appendSomeRegister(subscriptValue); 12243 12236 patchpoint->append(m_notCellMask, ValueRep::lateReg(GPRInfo::notCellMaskRegister)); 12244 12237 patchpoint->append(m_numberTag, ValueRep::lateReg(GPRInfo::numberTagRegister)); 12245 12246 12238 patchpoint->clobber(RegisterSet::macroScratchRegisters()); 12247 12239 12248 RefPtr<PatchpointExceptionHandle> exceptionHandle = 12249 preparePatchpointForExceptions(patchpoint); 12240 RefPtr<PatchpointExceptionHandle> exceptionHandle = preparePatchpointForExceptions(patchpoint); 12250 12241 12251 12242 State* state = &m_ftlState; 12243 Node* node = m_node; 12252 12244 patchpoint->setGenerator( 12253 12245 [=] (CCallHelpers& jit, const StackmapGenerationParams& params) { 12254 12246 AllowMacroScratchRegisterUsage allowScratch(jit); 12255 12247 12256 CallSiteIndex callSiteIndex = 12257 state->jitCode->common.codeOrigins->addUniqueCallSiteIndex(node->origin.semantic); 12248 CallSiteIndex callSiteIndex = state->jitCode->common.codeOrigins->addUniqueCallSiteIndex(node->origin.semantic); 12258 12249 12259 12250 // This is the direct exit target for operation calls. 12260 Box<CCallHelpers::JumpList> exceptions = 12261 exceptionHandle->scheduleExitCreation(params)->jumps(jit); 12262 12263 auto generator = Box<JITInByIdGenerator>::create( 12264 jit.codeBlock(), node->origin.semantic, callSiteIndex, 12265 params.unavailableRegisters(), identifier, JSValueRegs(params[1].gpr()), 12266 JSValueRegs(params[0].gpr())); 12251 Box<CCallHelpers::JumpList> exceptions = exceptionHandle->scheduleExitCreation(params)->jumps(jit); 12252 12253 auto returnGPR = params[0].gpr(); 12254 auto base = JSValueRegs(params[1].gpr()); 12255 12256 const auto subscript = [&] { 12257 if constexpr (kind == InByKind::Normal) 12258 return CCallHelpers::TrustedImmPtr(subscriptValue.rawBits()); 12259 else 12260 return JSValueRegs(params[2].gpr()); 12261 }(); 12262 12263 const auto generator = [&] { 12264 if constexpr (kind == InByKind::Normal) { 12265 return Box<JITInByIdGenerator>::create( 12266 jit.codeBlock(), node->origin.semantic, callSiteIndex, 12267 params.unavailableRegisters(), subscriptValue, base, 12268 JSValueRegs(returnGPR)); 12269 } else { 12270 return Box<JITInByValGenerator>::create( 12271 jit.codeBlock(), node->origin.semantic, callSiteIndex, 12272 params.unavailableRegisters(), base, subscript, 12273 JSValueRegs(returnGPR)); 12274 } 12275 }(); 12267 12276 12268 12277 generator->generateFastPath(jit); … … 12275 12284 generator->slowPathJump().link(&jit); 12276 12285 CCallHelpers::Label slowPathBegin = jit.label(); 12277 CCallHelpers::Call slowPathCall = callOperation( 12278 *state, params.unavailableRegisters(), jit, node->origin.semantic, 12279 exceptions.get(), operationInByIdOptimize, params[0].gpr(), 12280 jit.codeBlock()->globalObjectFor(node->origin.semantic), 12281 CCallHelpers::TrustedImmPtr(generator->stubInfo()), params[1].gpr(), 12282 identifier.rawBits()).call(); 12286 CCallHelpers::Call slowPathCall; 12287 if constexpr (kind == InByKind::Normal) { 12288 slowPathCall = callOperation( 12289 *state, params.unavailableRegisters(), jit, node->origin.semantic, 12290 exceptions.get(), operationInByIdOptimize, returnGPR, 12291 jit.codeBlock()->globalObjectFor(node->origin.semantic), 12292 CCallHelpers::TrustedImmPtr(generator->stubInfo()), 12293 base, subscript).call(); 12294 } else { 12295 slowPathCall = callOperation( 12296 *state, params.unavailableRegisters(), jit, node->origin.semantic, 12297 exceptions.get(), operationInByValOptimize, returnGPR, 12298 jit.codeBlock()->globalObjectFor(node->origin.semantic), 12299 CCallHelpers::TrustedImmPtr(generator->stubInfo()), 12300 CCallHelpers::TrustedImmPtr(nullptr), base, subscript).call(); 12301 } 12283 12302 jit.jump().linkTo(done, &jit); 12284 12303 … … 12293 12312 12294 12313 setJSValue(patchpoint); 12314 } 12315 12316 void compileInById() 12317 { 12318 compileInBy<InByKind::Normal>(lowCell(m_node->child1()), m_node->cacheableIdentifier()); 12319 } 12320 12321 void compileInByVal() 12322 { 12323 compileInBy<InByKind::NormalByVal>(lowCell(m_node->child1()), lowJSValue(m_node->child2())); 12295 12324 } 12296 12325 -
trunk/Source/JavaScriptCore/jit/ICStats.h
r272580 r278445 44 44 macro(InAddAccessCase) \ 45 45 macro(InReplaceWithJump) \ 46 macro(InReplaceWithGeneric) \ 46 47 macro(InstanceOfAddAccessCase) \ 47 48 macro(InstanceOfReplaceWithJump) \ … … 53 54 macro(OperationGetByIdWithThisOptimize) \ 54 55 macro(OperationGenericIn) \ 55 macro(OperationInById ) \56 macro(OperationInByIdGeneric) \ 56 57 macro(OperationInByIdOptimize) \ 57 58 macro(OperationPutByIdStrict) \ -
trunk/Source/JavaScriptCore/jit/JIT.cpp
r278253 r278445 286 286 287 287 switch (opcodeID) { 288 DEFINE_SLOW_OP(in_by_val)289 288 DEFINE_SLOW_OP(has_private_name) 290 289 DEFINE_SLOW_OP(has_private_brand) … … 362 361 DEFINE_OP(op_try_get_by_id) 363 362 DEFINE_OP(op_in_by_id) 363 DEFINE_OP(op_in_by_val) 364 364 DEFINE_OP(op_get_by_id) 365 365 DEFINE_OP(op_get_by_id_with_this) … … 519 519 m_putByIdIndex = 0; 520 520 m_inByIdIndex = 0; 521 m_inByValIndex = 0; 522 m_delByIdIndex = 0; 521 523 m_delByValIndex = 0; 522 m_delByIdIndex = 0;523 524 m_instanceOfIndex = 0; 524 525 m_privateBrandAccessIndex = 0; … … 571 572 DEFINE_SLOWCASE_OP(op_try_get_by_id) 572 573 DEFINE_SLOWCASE_OP(op_in_by_id) 574 DEFINE_SLOWCASE_OP(op_in_by_val) 573 575 DEFINE_SLOWCASE_OP(op_get_by_id) 574 576 DEFINE_SLOWCASE_OP(op_get_by_id_with_this) … … 920 922 finalizeInlineCaches(m_delByVals, patchBuffer); 921 923 finalizeInlineCaches(m_inByIds, patchBuffer); 924 finalizeInlineCaches(m_inByVals, patchBuffer); 922 925 finalizeInlineCaches(m_instanceOfs, patchBuffer); 923 926 finalizeInlineCaches(m_privateBrandAccesses, patchBuffer); -
trunk/Source/JavaScriptCore/jit/JIT.h
r278082 r278445 566 566 void emit_op_get_prototype_of(const Instruction*); 567 567 void emit_op_in_by_id(const Instruction*); 568 void emit_op_in_by_val(const Instruction*); 568 569 void emit_op_init_lazy_reg(const Instruction*); 569 570 void emit_op_overrides_has_instance(const Instruction*); … … 699 700 void emitSlow_op_get_argument_by_val(const Instruction*, Vector<SlowCaseEntry>::iterator&); 700 701 void emitSlow_op_in_by_id(const Instruction*, Vector<SlowCaseEntry>::iterator&); 702 void emitSlow_op_in_by_val(const Instruction*, Vector<SlowCaseEntry>::iterator&); 701 703 void emitSlow_op_instanceof(const Instruction*, Vector<SlowCaseEntry>::iterator&); 702 704 void emitSlow_op_instanceof_custom(const Instruction*, Vector<SlowCaseEntry>::iterator&); … … 1038 1040 Vector<JITPutByIdGenerator> m_putByIds; 1039 1041 Vector<JITInByIdGenerator> m_inByIds; 1042 Vector<JITInByValGenerator> m_inByVals; 1040 1043 Vector<JITDelByIdGenerator> m_delByIds; 1041 1044 Vector<JITDelByValGenerator> m_delByVals; … … 1064 1067 unsigned m_putByIdIndex { UINT_MAX }; 1065 1068 unsigned m_inByIdIndex { UINT_MAX }; 1069 unsigned m_inByValIndex { UINT_MAX }; 1066 1070 unsigned m_delByValIndex { UINT_MAX }; 1067 1071 unsigned m_delByIdIndex { UINT_MAX }; -
trunk/Source/JavaScriptCore/jit/JITInlineCacheGenerator.cpp
r272580 r278445 236 236 } 237 237 238 JITInByIdGenerator::JITInByIdGenerator( 239 CodeBlock* codeBlock, CodeOrigin codeOrigin, CallSiteIndex callSite, const RegisterSet& usedRegisters, 240 CacheableIdentifier propertyName, JSValueRegs base, JSValueRegs value) 241 : JITByIdGenerator(codeBlock, codeOrigin, callSite, AccessType::In, usedRegisters, base, value) 238 JITInByValGenerator::JITInByValGenerator(CodeBlock* codeBlock, CodeOrigin codeOrigin, CallSiteIndex callSiteIndex, const RegisterSet& usedRegisters, JSValueRegs base, JSValueRegs property, JSValueRegs result) 239 : Base(codeBlock, codeOrigin, callSiteIndex, AccessType::InByVal, usedRegisters) 240 { 241 m_stubInfo->hasConstantIdentifier = false; 242 243 m_stubInfo->baseGPR = base.payloadGPR(); 244 m_stubInfo->regs.propertyGPR = property.payloadGPR(); 245 m_stubInfo->valueGPR = result.payloadGPR(); 246 #if USE(JSVALUE32_64) 247 m_stubInfo->baseTagGPR = base.tagGPR(); 248 m_stubInfo->valueTagGPR = result.tagGPR(); 249 m_stubInfo->v.propertyTagGPR = property.tagGPR(); 250 #endif 251 } 252 253 void JITInByValGenerator::generateFastPath(MacroAssembler& jit) 254 { 255 m_start = jit.label(); 256 m_slowPathJump = jit.patchableJump(); 257 m_done = jit.label(); 258 } 259 260 void JITInByValGenerator::finalize( 261 LinkBuffer& fastPath, LinkBuffer& slowPath) 262 { 263 ASSERT(m_start.isSet()); 264 Base::finalize( 265 fastPath, slowPath, fastPath.locationOf<JITStubRoutinePtrTag>(m_start)); 266 } 267 268 JITInByIdGenerator::JITInByIdGenerator(CodeBlock* codeBlock, CodeOrigin codeOrigin, CallSiteIndex callSite, const RegisterSet& usedRegisters, CacheableIdentifier propertyName, JSValueRegs base, JSValueRegs value) 269 : JITByIdGenerator(codeBlock, codeOrigin, callSite, AccessType::InById, usedRegisters, base, value) 242 270 { 243 271 // FIXME: We are not supporting fast path for "length" property. -
trunk/Source/JavaScriptCore/jit/JITInlineCacheGenerator.h
r272580 r278445 196 196 }; 197 197 198 class JITInByValGenerator : public JITInlineCacheGenerator { 199 using Base = JITInlineCacheGenerator; 200 public: 201 JITInByValGenerator() { } 202 203 JITInByValGenerator( 204 CodeBlock*, CodeOrigin, CallSiteIndex, const RegisterSet& usedRegisters, 205 JSValueRegs base, JSValueRegs property, JSValueRegs result); 206 207 MacroAssembler::Jump slowPathJump() const 208 { 209 ASSERT(m_slowPathJump.m_jump.isSet()); 210 return m_slowPathJump.m_jump; 211 } 212 213 void finalize( 214 LinkBuffer& fastPathLinkBuffer, LinkBuffer& slowPathLinkBuffer); 215 216 void generateFastPath(MacroAssembler&); 217 218 private: 219 MacroAssembler::Label m_start; 220 MacroAssembler::PatchableJump m_slowPathJump; 221 }; 222 198 223 class JITInByIdGenerator : public JITByIdGenerator { 199 224 public: -
trunk/Source/JavaScriptCore/jit/JITOperations.cpp
r278253 r278445 395 395 } 396 396 397 JSC_DEFINE_JIT_OPERATION(operationInById , EncodedJSValue, (JSGlobalObject* globalObject, StructureStubInfo* stubInfo, EncodedJSValue base, uintptr_t rawCacheableIdentifier))397 JSC_DEFINE_JIT_OPERATION(operationInByIdGeneric, EncodedJSValue, (JSGlobalObject* globalObject, StructureStubInfo* stubInfo, EncodedJSValue base, uintptr_t rawCacheableIdentifier)) 398 398 { 399 399 SuperSamplerScope superSamplerScope(false); … … 416 416 JSObject* baseObject = asObject(baseValue); 417 417 418 LOG_IC((ICEvent::OperationInById , baseObject->classInfo(vm), ident));418 LOG_IC((ICEvent::OperationInByIdGeneric, baseObject->classInfo(vm), ident)); 419 419 420 420 scope.release(); … … 449 449 CodeBlock* codeBlock = callFrame->codeBlock(); 450 450 if (stubInfo->considerCachingBy(vm, codeBlock, baseObject->structure(vm), identifier)) 451 repatchInBy ID(globalObject, codeBlock, baseObject, identifier, found, slot, *stubInfo);451 repatchInBy(globalObject, codeBlock, baseObject, identifier, found, slot, *stubInfo, InByKind::Normal); 452 452 return JSValue::encode(jsBoolean(found)); 453 453 } 454 454 455 JSC_DEFINE_JIT_OPERATION(operationInByVal , EncodedJSValue, (JSGlobalObject* globalObject, JSCell* base, EncodedJSValue key))455 JSC_DEFINE_JIT_OPERATION(operationInByValOptimize, EncodedJSValue, (JSGlobalObject* globalObject, StructureStubInfo* stubInfo, ArrayProfile* arrayProfile, EncodedJSValue encodedBase, EncodedJSValue encodedKey)) 456 456 { 457 457 SuperSamplerScope superSamplerScope(false); 458 459 VM& vm = globalObject->vm(); 460 CallFrame* callFrame = DECLARE_CALL_FRAME(vm); 461 JITOperationPrologueCallFrameTracer tracer(vm, callFrame); 462 463 return JSValue::encode(jsBoolean(CommonSlowPaths::opInByVal(globalObject, base, JSValue::decode(key)))); 458 459 VM& vm = globalObject->vm(); 460 CallFrame* callFrame = DECLARE_CALL_FRAME(vm); 461 JITOperationPrologueCallFrameTracer tracer(vm, callFrame); 462 auto scope = DECLARE_THROW_SCOPE(vm); 463 464 JSValue baseValue = JSValue::decode(encodedBase); 465 if (!baseValue.isObject()) { 466 throwException(globalObject, scope, createInvalidInParameterError(globalObject, baseValue)); 467 return encodedJSValue(); 468 } 469 JSObject* baseObject = asObject(baseValue); 470 if (arrayProfile) 471 arrayProfile->observeStructure(baseObject->structure(vm)); 472 473 JSValue key = JSValue::decode(encodedKey); 474 uint32_t i; 475 if (key.getUInt32(i)) { 476 // FIXME: InByVal should have inline caching for integer indices too, as GetByVal does. 477 // https://bugs.webkit.org/show_bug.cgi?id=226619 478 if (arrayProfile) 479 arrayProfile->observeIndexedRead(vm, baseObject, i); 480 RELEASE_AND_RETURN(scope, JSValue::encode(jsBoolean(baseObject->hasProperty(globalObject, i)))); 481 } 482 483 const Identifier propertyName = key.toPropertyKey(globalObject); 484 RETURN_IF_EXCEPTION(scope, encodedJSValue()); 485 PropertySlot slot(baseObject, PropertySlot::InternalMethodType::HasProperty); 486 bool found = baseObject->getPropertySlot(globalObject, propertyName, slot); 487 RETURN_IF_EXCEPTION(scope, encodedJSValue()); 488 489 if (CacheableIdentifier::isCacheableIdentifierCell(key) && (key.isSymbol() || !parseIndex(propertyName))) { 490 CodeBlock* codeBlock = callFrame->codeBlock(); 491 CacheableIdentifier identifier = CacheableIdentifier::createFromCell(key.asCell()); 492 if (stubInfo->considerCachingBy(vm, codeBlock, baseObject->structure(vm), identifier)) 493 repatchInBy(globalObject, codeBlock, baseObject, identifier, found, slot, *stubInfo, InByKind::NormalByVal); 494 } 495 496 return JSValue::encode(jsBoolean(found)); 497 } 498 499 JSC_DEFINE_JIT_OPERATION(operationInByValGeneric, EncodedJSValue, (JSGlobalObject* globalObject, StructureStubInfo* stubInfo, ArrayProfile* arrayProfile, EncodedJSValue base, EncodedJSValue key)) 500 { 501 SuperSamplerScope superSamplerScope(false); 502 503 VM& vm = globalObject->vm(); 504 CallFrame* callFrame = DECLARE_CALL_FRAME(vm); 505 JITOperationPrologueCallFrameTracer tracer(vm, callFrame); 506 507 stubInfo->tookSlowPath = true; 508 return JSValue::encode(jsBoolean(CommonSlowPaths::opInByVal(globalObject, JSValue::decode(base), JSValue::decode(key), arrayProfile))); 464 509 } 465 510 -
trunk/Source/JavaScriptCore/jit/JITOperations.h
r278029 r278445 175 175 JSC_DECLARE_JIT_OPERATION(operationGetByIdDirectOptimize, EncodedJSValue, (JSGlobalObject*, StructureStubInfo*, EncodedJSValue, uintptr_t)); 176 176 177 JSC_DECLARE_JIT_OPERATION(operationInById , EncodedJSValue, (JSGlobalObject*, StructureStubInfo*, EncodedJSValue, uintptr_t));177 JSC_DECLARE_JIT_OPERATION(operationInByIdGeneric, EncodedJSValue, (JSGlobalObject*, StructureStubInfo*, EncodedJSValue, uintptr_t)); 178 178 JSC_DECLARE_JIT_OPERATION(operationInByIdOptimize, EncodedJSValue, (JSGlobalObject*, StructureStubInfo*, EncodedJSValue, uintptr_t)); 179 180 JSC_DECLARE_JIT_OPERATION(operationInByVal , EncodedJSValue, (JSGlobalObject*, JSCell*, EncodedJSValue));179 JSC_DECLARE_JIT_OPERATION(operationInByValGeneric, EncodedJSValue, (JSGlobalObject*, StructureStubInfo*, ArrayProfile*, EncodedJSValue, EncodedJSValue)); 180 JSC_DECLARE_JIT_OPERATION(operationInByValOptimize, EncodedJSValue, (JSGlobalObject*, StructureStubInfo*, ArrayProfile*, EncodedJSValue, EncodedJSValue)); 181 181 JSC_DECLARE_JIT_OPERATION(operationHasPrivateName, EncodedJSValue, (JSGlobalObject*, JSCell*, EncodedJSValue)); 182 182 JSC_DECLARE_JIT_OPERATION(operationHasPrivateBrand, EncodedJSValue, (JSGlobalObject*, JSCell*, EncodedJSValue)); -
trunk/Source/JavaScriptCore/jit/JITPropertyAccess.cpp
r278029 r278445 1569 1569 1570 1570 emitPutVirtualRegister(resultVReg, returnValueGPR); 1571 #endif // ENABLE(EXTRA_CTI_THUNKS) 1572 1573 gen.reportSlowPathCall(coldPathBegin, call); 1574 } 1575 1576 void JIT::emit_op_in_by_val(const Instruction* currentInstruction) 1577 { 1578 auto bytecode = currentInstruction->as<OpInByVal>(); 1579 VirtualRegister dst = bytecode.m_dst; 1580 VirtualRegister base = bytecode.m_base; 1581 VirtualRegister property = bytecode.m_property; 1582 auto& metadata = bytecode.metadata(m_codeBlock); 1583 ArrayProfile* profile = &metadata.m_arrayProfile; 1584 1585 emitGetVirtualRegister(base, regT0); 1586 emitJumpSlowCaseIfNotJSCell(regT0, base); 1587 emitGetVirtualRegister(property, regT1); 1588 emitArrayProfilingSiteWithCell(regT0, regT2, profile); 1589 1590 JITInByValGenerator gen( 1591 m_codeBlock, CodeOrigin(m_bytecodeIndex), CallSiteIndex(m_bytecodeIndex), RegisterSet::stubUnavailableRegisters(), 1592 JSValueRegs(regT0), JSValueRegs(regT1), JSValueRegs(regT0)); 1593 gen.generateFastPath(*this); 1594 addSlowCase(gen.slowPathJump()); 1595 m_inByVals.append(gen); 1596 1597 emitPutVirtualRegister(dst); 1598 } 1599 1600 void JIT::emitSlow_op_in_by_val(const Instruction* currentInstruction, Vector<SlowCaseEntry>::iterator& iter) 1601 { 1602 linkAllSlowCases(iter); 1603 1604 auto bytecode = currentInstruction->as<OpInByVal>(); 1605 VirtualRegister dst = bytecode.m_dst; 1606 auto& metadata = bytecode.metadata(m_codeBlock); 1607 ArrayProfile* profile = &metadata.m_arrayProfile; 1608 1609 JITInByValGenerator& gen = m_inByVals[m_inByValIndex++]; 1610 1611 Label coldPathBegin = label(); 1612 1613 #if !ENABLE(EXTRA_CTI_THUNKS) 1614 Call call = callOperation(operationInByValOptimize, dst, TrustedImmPtr(m_codeBlock->globalObject()), gen.stubInfo(), profile, regT0, regT1); 1615 #else 1616 VM& vm = this->vm(); 1617 uint32_t bytecodeOffset = m_bytecodeIndex.offset(); 1618 ASSERT(BytecodeIndex(bytecodeOffset) == m_bytecodeIndex); 1619 1620 constexpr GPRReg bytecodeOffsetGPR = argumentGPR4; 1621 move(TrustedImm32(bytecodeOffset), bytecodeOffsetGPR); 1622 1623 constexpr GPRReg stubInfoGPR = argumentGPR3; 1624 constexpr GPRReg profileGPR = argumentGPR2; 1625 constexpr GPRReg baseGPR = regT0; 1626 constexpr GPRReg propertyGPR = regT1; 1627 static_assert(baseGPR == argumentGPR0 || !isARM64()); 1628 static_assert(propertyGPR == argumentGPR1); 1629 1630 move(TrustedImmPtr(gen.stubInfo()), stubInfoGPR); 1631 move(TrustedImmPtr(profile), profileGPR); 1632 // slow_op_get_by_val_prepareCallGenerator will do exactly what we need. 1633 // So, there's no point in creating a duplicate thunk just to give it a different name. 1634 static_assert(std::is_same<decltype(operationInByValOptimize), decltype(operationGetByValOptimize)>::value); 1635 emitNakedNearCall(vm.getCTIStub(slow_op_get_by_val_prepareCallGenerator).retaggedCode<NoPtrTag>()); 1636 1637 Call call = appendCall(operationInByValOptimize); 1638 emitNakedNearCall(vm.getCTIStub(checkExceptionGenerator).retaggedCode<NoPtrTag>()); 1639 1640 emitPutVirtualRegister(dst, returnValueGPR); 1571 1641 #endif // ENABLE(EXTRA_CTI_THUNKS) 1572 1642 -
trunk/Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp
r274308 r278445 905 905 906 906 Call call = callOperation(operationInByIdOptimize, resultVReg, m_codeBlock->globalObject(), gen.stubInfo(), JSValueRegs(regT1, regT0), CacheableIdentifier::createFromIdentifierOwnedByCodeBlock(m_codeBlock, *ident).rawBits()); 907 908 gen.reportSlowPathCall(coldPathBegin, call); 909 } 910 911 void JIT::emit_op_in_by_val(const Instruction* currentInstruction) 912 { 913 auto bytecode = currentInstruction->as<OpInByVal>(); 914 VirtualRegister dst = bytecode.m_dst; 915 VirtualRegister base = bytecode.m_base; 916 VirtualRegister property = bytecode.m_property; 917 auto& metadata = bytecode.metadata(m_codeBlock); 918 ArrayProfile* profile = &metadata.m_arrayProfile; 919 920 emitLoad2(base, regT1, regT0, property, regT3, regT2); 921 emitJumpSlowCaseIfNotJSCell(base, regT1); 922 emitArrayProfilingSiteWithCell(regT0, regT4, profile); 923 924 JITInByValGenerator gen( 925 m_codeBlock, CodeOrigin(m_bytecodeIndex), CallSiteIndex(m_bytecodeIndex), RegisterSet::stubUnavailableRegisters(), 926 JSValueRegs::payloadOnly(regT0), JSValueRegs(regT3, regT2), JSValueRegs(regT1, regT0)); 927 gen.generateFastPath(*this); 928 addSlowCase(gen.slowPathJump()); 929 m_inByVals.append(gen); 930 931 emitStore(dst, regT1, regT0); 932 } 933 934 void JIT::emitSlow_op_in_by_val(const Instruction* currentInstruction, Vector<SlowCaseEntry>::iterator& iter) 935 { 936 linkAllSlowCases(iter); 937 938 auto bytecode = currentInstruction->as<OpInByVal>(); 939 VirtualRegister dst = bytecode.m_dst; 940 auto& metadata = bytecode.metadata(m_codeBlock); 941 ArrayProfile* profile = &metadata.m_arrayProfile; 942 943 JITInByValGenerator& gen = m_inByVals[m_inByValIndex++]; 944 945 Label coldPathBegin = label(); 946 947 Call call = callOperation(operationInByValOptimize, dst, TrustedImmPtr(m_codeBlock->globalObject()), gen.stubInfo(), profile, JSValueRegs(regT1, regT0), JSValueRegs(regT3, regT2)); 907 948 908 949 gen.reportSlowPathCall(coldPathBegin, call); -
trunk/Source/JavaScriptCore/jit/Repatch.cpp
r278253 r278445 898 898 } 899 899 900 static InlineCacheAction tryCacheInBy ID(900 static InlineCacheAction tryCacheInBy( 901 901 JSGlobalObject* globalObject, CodeBlock* codeBlock, JSObject* base, CacheableIdentifier propertyName, 902 902 bool wasFound, const PropertySlot& slot, StructureStubInfo& stubInfo) … … 1003 1003 } 1004 1004 1005 void repatchInBy ID(JSGlobalObject* globalObject, CodeBlock* codeBlock, JSObject* baseObject, CacheableIdentifier propertyName, bool wasFound, const PropertySlot& slot, StructureStubInfo& stubInfo)1005 void repatchInBy(JSGlobalObject* globalObject, CodeBlock* codeBlock, JSObject* baseObject, CacheableIdentifier propertyName, bool wasFound, const PropertySlot& slot, StructureStubInfo& stubInfo, InByKind kind) 1006 1006 { 1007 1007 SuperSamplerScope superSamplerScope(false); 1008 1009 if (tryCacheInByID(globalObject, codeBlock, baseObject, propertyName, wasFound, slot, stubInfo) == GiveUpOnCache) 1010 ftlThunkAwareRepatchCall(codeBlock, stubInfo.slowPathCallLocation, operationInById); 1008 VM& vm = globalObject->vm(); 1009 1010 if (tryCacheInBy(globalObject, codeBlock, baseObject, propertyName, wasFound, slot, stubInfo) == GiveUpOnCache) { 1011 LOG_IC((ICEvent::InReplaceWithGeneric, baseObject->classInfo(globalObject->vm()), Identifier::fromUid(vm, propertyName.uid()))); 1012 if (kind == InByKind::Normal) 1013 ftlThunkAwareRepatchCall(codeBlock, stubInfo.slowPathCallLocation, operationInByIdGeneric); 1014 else 1015 ftlThunkAwareRepatchCall(codeBlock, stubInfo.slowPathCallLocation, operationInByValGeneric); 1016 } 1011 1017 } 1012 1018 … … 1684 1690 } 1685 1691 1686 void resetInByID(CodeBlock* codeBlock, StructureStubInfo& stubInfo) 1687 { 1688 ftlThunkAwareRepatchCall(codeBlock, stubInfo.slowPathCallLocation, operationInByIdOptimize); 1692 void resetInBy(CodeBlock* codeBlock, StructureStubInfo& stubInfo, InByKind kind) 1693 { 1694 if (kind == InByKind::Normal) 1695 ftlThunkAwareRepatchCall(codeBlock, stubInfo.slowPathCallLocation, operationInByIdOptimize); 1696 else 1697 ftlThunkAwareRepatchCall(codeBlock, stubInfo.slowPathCallLocation, operationInByValOptimize); 1689 1698 InlineAccess::rewireStubAsJump(stubInfo, stubInfo.slowPathStartLocation); 1690 1699 } -
trunk/Source/JavaScriptCore/jit/Repatch.h
r277680 r278445 49 49 }; 50 50 51 enum class InByKind { 52 Normal, 53 NormalByVal 54 }; 55 51 56 void repatchArrayGetByVal(JSGlobalObject*, CodeBlock*, JSValue base, JSValue index, StructureStubInfo&); 52 57 void repatchGetBy(JSGlobalObject*, CodeBlock*, JSValue, CacheableIdentifier, const PropertySlot&, StructureStubInfo&, GetByKind); 53 58 void repatchPutByID(JSGlobalObject*, CodeBlock*, JSValue, Structure*, CacheableIdentifier, const PutPropertySlot&, StructureStubInfo&, PutKind); 54 59 void repatchDeleteBy(JSGlobalObject*, CodeBlock*, DeletePropertySlot&, JSValue, Structure*, CacheableIdentifier, StructureStubInfo&, DelByKind, ECMAMode); 55 void repatchInBy ID(JSGlobalObject*, CodeBlock*, JSObject*, CacheableIdentifier, bool wasFound, const PropertySlot&, StructureStubInfo&);60 void repatchInBy(JSGlobalObject*, CodeBlock*, JSObject*, CacheableIdentifier, bool wasFound, const PropertySlot&, StructureStubInfo&, InByKind); 56 61 void repatchCheckPrivateBrand(JSGlobalObject*, CodeBlock*, JSObject*, CacheableIdentifier, StructureStubInfo&); 57 62 void repatchSetPrivateBrand(JSGlobalObject*, CodeBlock*, JSObject*, Structure*, CacheableIdentifier, StructureStubInfo&); … … 65 70 void resetPutByID(CodeBlock*, StructureStubInfo&); 66 71 void resetDelBy(CodeBlock*, StructureStubInfo&, DelByKind); 67 void resetInBy ID(CodeBlock*, StructureStubInfo&);72 void resetInBy(CodeBlock*, StructureStubInfo&, InByKind); 68 73 void resetInstanceOf(StructureStubInfo&); 69 74 void resetCheckPrivateBrand(CodeBlock*, StructureStubInfo&); -
trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp
r278253 r278445 1425 1425 } 1426 1426 1427 LLINT_SLOW_PATH_DECL(slow_path_in_by_val) 1428 { 1429 LLINT_BEGIN(); 1430 auto bytecode = pc->as<OpInByVal>(); 1431 auto& metadata = bytecode.metadata(codeBlock); 1432 LLINT_RETURN(jsBoolean(CommonSlowPaths::opInByVal(globalObject, getOperand(callFrame, bytecode.m_base), getOperand(callFrame, bytecode.m_property), &metadata.m_arrayProfile))); 1433 } 1434 1427 1435 LLINT_SLOW_PATH_DECL(slow_path_put_getter_by_id) 1428 1436 { -
trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.h
r277716 r278445 73 73 LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_put_by_id); 74 74 LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_in_by_id); 75 LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_in_by_val); 75 76 LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_del_by_id); 76 77 LLINT_SLOW_PATH_HIDDEN_DECL(slow_path_get_by_val); -
trunk/Source/JavaScriptCore/llint/LowLevelInterpreter.asm
r277926 r278445 2011 2011 end 2012 2012 2013 slowPathOp(in_by_val)2014 2013 slowPathOp(has_private_name) 2015 2014 slowPathOp(has_private_brand) … … 2045 2044 2046 2045 llintSlowPathOp(in_by_id) 2046 llintSlowPathOp(in_by_val) 2047 2047 llintSlowPathOp(del_by_id) 2048 2048 llintSlowPathOp(del_by_val) -
trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.cpp
r278338 r278445 831 831 } 832 832 833 JSC_DEFINE_COMMON_SLOW_PATH(slow_path_in_by_val)834 {835 BEGIN();836 auto bytecode = pc->as<OpInByVal>();837 auto& metadata = bytecode.metadata(codeBlock);838 RETURN(jsBoolean(CommonSlowPaths::opInByVal(globalObject, GET_C(bytecode.m_base).jsValue(), GET_C(bytecode.m_property).jsValue(), &metadata.m_arrayProfile)));839 }840 841 833 JSC_DEFINE_COMMON_SLOW_PATH(slow_path_has_private_name) 842 834 { -
trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.h
r277926 r278445 252 252 JSC_DECLARE_COMMON_SLOW_PATH(slow_path_is_callable); 253 253 JSC_DECLARE_COMMON_SLOW_PATH(slow_path_is_constructor); 254 JSC_DECLARE_COMMON_SLOW_PATH(slow_path_in_by_val);255 254 JSC_DECLARE_COMMON_SLOW_PATH(slow_path_has_private_name); 256 255 JSC_DECLARE_COMMON_SLOW_PATH(slow_path_has_private_brand);
Note: See TracChangeset
for help on using the changeset viewer.
