Changeset 235517 in webkit
- Timestamp:
- Aug 30, 2018 12:46:56 PM (6 years ago)
- Location:
- trunk/Source/JavaScriptCore
- Files:
-
- 11 edited
-
ChangeLog (modified) (1 diff)
-
assembler/MacroAssembler.h (modified) (1 diff)
-
assembler/MacroAssemblerARM64.h (modified) (1 diff)
-
bytecode/AccessCase.cpp (modified) (1 diff)
-
bytecode/BytecodeDumper.cpp (modified) (1 diff)
-
bytecode/InlineAccess.cpp (modified) (6 diffs)
-
bytecode/InlineAccess.h (modified) (2 diffs)
-
bytecode/PolymorphicAccess.cpp (modified) (1 diff)
-
bytecode/StructureStubInfo.cpp (modified) (4 diffs)
-
bytecode/StructureStubInfo.h (modified) (3 diffs)
-
jit/Repatch.cpp (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/JavaScriptCore/ChangeLog
r235515 r235517 1 2018-08-30 Saam barati <sbarati@apple.com> 2 3 InlineAccess should do StringLength 4 https://bugs.webkit.org/show_bug.cgi?id=158911 5 6 Reviewed by Yusuke Suzuki. 7 8 This patch extends InlineAccess to support StringLength. This patch also 9 fixes AccessCase::fromStructureStubInfo to support ArrayLength and StringLength. 10 I forgot to implement this for ArrayLength in the initial InlineAccess 11 implementation. Supporting StringLength is a natural extension of the 12 InlineAccess machinery. 13 14 * assembler/MacroAssembler.h: 15 (JSC::MacroAssembler::patchableBranch8): 16 * assembler/MacroAssemblerARM64.h: 17 (JSC::MacroAssemblerARM64::patchableBranch8): 18 * bytecode/AccessCase.cpp: 19 (JSC::AccessCase::fromStructureStubInfo): 20 * bytecode/BytecodeDumper.cpp: 21 (JSC::BytecodeDumper<Block>::printGetByIdCacheStatus): 22 * bytecode/InlineAccess.cpp: 23 (JSC::InlineAccess::dumpCacheSizesAndCrash): 24 (JSC::InlineAccess::generateSelfPropertyAccess): 25 (JSC::getScratchRegister): 26 (JSC::InlineAccess::generateSelfPropertyReplace): 27 (JSC::InlineAccess::generateArrayLength): 28 (JSC::InlineAccess::generateSelfInAccess): 29 (JSC::InlineAccess::generateStringLength): 30 * bytecode/InlineAccess.h: 31 * bytecode/PolymorphicAccess.cpp: 32 (JSC::PolymorphicAccess::regenerate): 33 * bytecode/StructureStubInfo.cpp: 34 (JSC::StructureStubInfo::initStringLength): 35 (JSC::StructureStubInfo::deref): 36 (JSC::StructureStubInfo::aboutToDie): 37 (JSC::StructureStubInfo::propagateTransitions): 38 * bytecode/StructureStubInfo.h: 39 (JSC::StructureStubInfo::baseGPR const): 40 * jit/Repatch.cpp: 41 (JSC::tryCacheGetByID): 42 1 43 2018-08-30 Saam barati <sbarati@apple.com> 2 44 -
trunk/Source/JavaScriptCore/assembler/MacroAssembler.h
r235160 r235517 449 449 { 450 450 return PatchableJump(branch32(cond, reg, imm)); 451 } 452 453 PatchableJump patchableBranch8(RelationalCondition cond, Address address, TrustedImm32 imm) 454 { 455 return PatchableJump(branch8(cond, address, imm)); 451 456 } 452 457 -
trunk/Source/JavaScriptCore/assembler/MacroAssemblerARM64.h
r235106 r235517 3389 3389 } 3390 3390 3391 PatchableJump patchableBranch8(RelationalCondition cond, Address left, TrustedImm32 imm) 3392 { 3393 m_makeJumpPatchable = true; 3394 Jump result = branch8(cond, left, imm); 3395 m_makeJumpPatchable = false; 3396 return PatchableJump(result); 3397 } 3398 3391 3399 PatchableJump patchableBranchTest32(ResultCondition cond, RegisterID reg, TrustedImm32 mask = TrustedImm32(-1)) 3392 3400 { -
trunk/Source/JavaScriptCore/bytecode/AccessCase.cpp
r232337 r235517 121 121 case CacheType::InByIdSelf: 122 122 return AccessCase::create(vm, owner, InHit, stubInfo.u.byIdSelf.offset, stubInfo.u.byIdSelf.baseObjectStructure.get()); 123 124 case CacheType::ArrayLength: 125 return AccessCase::create(vm, owner, AccessCase::ArrayLength); 126 127 case CacheType::StringLength: 128 return AccessCase::create(vm, owner, AccessCase::StringLength); 123 129 124 130 default: -
trunk/Source/JavaScriptCore/bytecode/BytecodeDumper.cpp
r235450 r235517 447 447 case CacheType::ArrayLength: 448 448 out.printf("ArrayLength"); 449 break; 450 case CacheType::StringLength: 451 out.printf("StringLength"); 449 452 break; 450 453 default: -
trunk/Source/JavaScriptCore/bytecode/InlineAccess.cpp
r232070 r235517 48 48 JSValueRegs regs(base); 49 49 #endif 50 { 51 CCallHelpers jit; 52 53 jit.patchableBranch8( 54 CCallHelpers::NotEqual, 55 CCallHelpers::Address(base, JSCell::typeInfoTypeOffset()), 56 CCallHelpers::TrustedImm32(StringType)); 57 jit.load32(CCallHelpers::Address(base, JSString::offsetOfLength()), regs.payloadGPR()); 58 jit.boxInt32(regs.payloadGPR(), regs); 59 60 dataLog("string length size: ", jit.m_assembler.buffer().codeSize(), "\n"); 61 } 50 62 51 63 { … … 159 171 CCallHelpers jit; 160 172 161 GPRReg base = st atic_cast<GPRReg>(stubInfo.patch.baseGPR);173 GPRReg base = stubInfo.baseGPR(); 162 174 JSValueRegs value = stubInfo.valueRegs(); 163 175 … … 186 198 { 187 199 ScratchRegisterAllocator allocator(stubInfo.patch.usedRegisters); 188 allocator.lock(st atic_cast<GPRReg>(stubInfo.patch.baseGPR));200 allocator.lock(stubInfo.baseGPR()); 189 201 allocator.lock(static_cast<GPRReg>(stubInfo.patch.valueGPR)); 190 202 #if USE(JSVALUE32_64) … … 217 229 CCallHelpers jit; 218 230 219 GPRReg base = st atic_cast<GPRReg>(stubInfo.patch.baseGPR);231 GPRReg base = stubInfo.baseGPR(); 220 232 JSValueRegs value = stubInfo.valueRegs(); 221 233 … … 259 271 CCallHelpers jit; 260 272 261 GPRReg base = st atic_cast<GPRReg>(stubInfo.patch.baseGPR);273 GPRReg base = stubInfo.baseGPR(); 262 274 JSValueRegs value = stubInfo.valueRegs(); 263 275 GPRReg scratch = getScratchRegister(stubInfo); … … 277 289 } 278 290 291 bool InlineAccess::generateStringLength(StructureStubInfo& stubInfo) 292 { 293 CCallHelpers jit; 294 295 GPRReg base = stubInfo.baseGPR(); 296 JSValueRegs value = stubInfo.valueRegs(); 297 298 auto branchToSlowPath = jit.patchableBranch8( 299 CCallHelpers::NotEqual, 300 CCallHelpers::Address(base, JSCell::typeInfoTypeOffset()), 301 CCallHelpers::TrustedImm32(StringType)); 302 jit.load32(CCallHelpers::Address(base, JSString::offsetOfLength()), value.payloadGPR()); 303 jit.boxInt32(value.payloadGPR(), value); 304 305 bool linkedCodeInline = linkCodeInline("string length", jit, stubInfo, [&] (LinkBuffer& linkBuffer) { 306 linkBuffer.link(branchToSlowPath, stubInfo.slowPathStartLocation()); 307 }); 308 return linkedCodeInline; 309 } 310 311 279 312 bool InlineAccess::generateSelfInAccess(StructureStubInfo& stubInfo, Structure* structure) 280 313 { 281 314 CCallHelpers jit; 282 315 283 GPRReg base = st atic_cast<GPRReg>(stubInfo.patch.baseGPR);316 GPRReg base = stubInfo.baseGPR(); 284 317 JSValueRegs value = stubInfo.valueRegs(); 285 318 -
trunk/Source/JavaScriptCore/bytecode/InlineAccess.h
r232047 r235517 88 88 // https://bugs.webkit.org/show_bug.cgi?id=159436 89 89 // 90 // This is the maximum between the size for array length access, and the size for regular self access.90 // This is the maximum between array length, string length, and regular self access sizes. 91 91 ALWAYS_INLINE static size_t sizeForLengthAccess() 92 92 { … … 118 118 static void rewireStubAsJump(StructureStubInfo&, CodeLocationLabel<JITStubRoutinePtrTag>); 119 119 static bool generateSelfInAccess(StructureStubInfo&, Structure*); 120 static bool generateStringLength(StructureStubInfo&); 120 121 121 122 // This is helpful when determining the size of an IC on -
trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp
r231961 r235517 382 382 state.ident = &ident; 383 383 384 state.baseGPR = st atic_cast<GPRReg>(stubInfo.patch.baseGPR);384 state.baseGPR = stubInfo.baseGPR(); 385 385 state.thisGPR = static_cast<GPRReg>(stubInfo.patch.thisGPR); 386 386 state.valueRegs = stubInfo.valueRegs(); -
trunk/Source/JavaScriptCore/bytecode/StructureStubInfo.cpp
r234086 r235517 74 74 } 75 75 76 void StructureStubInfo::initStringLength() 77 { 78 cacheType = CacheType::StringLength; 79 } 80 76 81 void StructureStubInfo::initPutByIdReplace(CodeBlock* codeBlock, Structure* baseObjectStructure, PropertyOffset offset) 77 82 { … … 103 108 case CacheType::InByIdSelf: 104 109 case CacheType::ArrayLength: 110 case CacheType::StringLength: 105 111 return; 106 112 } … … 120 126 case CacheType::InByIdSelf: 121 127 case CacheType::ArrayLength: 128 case CacheType::StringLength: 122 129 return; 123 130 } … … 293 300 case CacheType::Unset: 294 301 case CacheType::ArrayLength: 302 case CacheType::StringLength: 295 303 return true; 296 304 case CacheType::GetByIdSelf: -
trunk/Source/JavaScriptCore/bytecode/StructureStubInfo.h
r234086 r235517 62 62 InByIdSelf, 63 63 Stub, 64 ArrayLength 64 ArrayLength, 65 StringLength 65 66 }; 66 67 … … 74 75 void initGetByIdSelf(CodeBlock*, Structure* baseObjectStructure, PropertyOffset); 75 76 void initArrayLength(); 77 void initStringLength(); 76 78 void initPutByIdReplace(CodeBlock*, Structure* baseObjectStructure, PropertyOffset); 77 79 void initInByIdSelf(CodeBlock*, Structure* baseObjectStructure, PropertyOffset); … … 200 202 } patch; 201 203 204 GPRReg baseGPR() const 205 { 206 return static_cast<GPRReg>(patch.baseGPR); 207 } 208 202 209 CodeLocationCall<JSInternalPtrTag> slowPathCallLocation() { return patch.start.callAtOffset<JSInternalPtrTag>(patch.deltaFromStartToSlowPathCallLocation); } 203 210 CodeLocationLabel<JSInternalPtrTag> doneLocation() { return patch.start.labelAtOffset<JSInternalPtrTag>(patch.inlineSize); } -
trunk/Source/JavaScriptCore/jit/Repatch.cpp
r234086 r235517 216 216 217 217 newCase = AccessCase::create(vm, codeBlock, AccessCase::ArrayLength); 218 } else if (isJSString(baseCell)) 218 } else if (isJSString(baseCell)) { 219 if (stubInfo.cacheType == CacheType::Unset) { 220 bool generatedCodeInline = InlineAccess::generateStringLength(stubInfo); 221 if (generatedCodeInline) { 222 ftlThunkAwareRepatchCall(codeBlock, stubInfo.slowPathCallLocation(), appropriateOptimizingGetByIdFunction(kind)); 223 stubInfo.initStringLength(); 224 return RetryCacheLater; 225 } 226 } 227 219 228 newCase = AccessCase::create(vm, codeBlock, AccessCase::StringLength); 229 } 220 230 else if (DirectArguments* arguments = jsDynamicCast<DirectArguments*>(vm, baseCell)) { 221 231 // If there were overrides, then we can handle this as a normal property load! Guarding
Note: See TracChangeset
for help on using the changeset viewer.
