Context Navigation

← Previous Changeset
Next Changeset →

Changeset 238543 in webkit

Timestamp:

Nov 26, 2018 6:26:59 PM (5 years ago)

Author:

Caio Lima

Message:

Re-introduce op_bitnot
https://bugs.webkit.org/show_bug.cgi?id=190923

Reviewed by Yusuke Suzuki.

JSTests:

stress/bit-not-must-generate.js: Added.
stress/bitwise-not-no-int32.js: Added.

Source/JavaScriptCore:

With the introduction of BigInt as a new type, we can't emit bitwise
not as x ^ -1 anymore, because this is incompatible with the new type.
Based on that, this Patch is adding op_bitnot as a new operation
into LLInt, as well as introducing ArithBitNot node into DFG to support
JIT compilation of such opcode. We will use the ValueProfile of this
intruction in the future to generate better code when its operand
is not Int32.

assembler/MacroAssemblerARM64.h:

(JSC::MacroAssemblerARM64::not32):

assembler/MacroAssemblerARMv7.h:

(JSC::MacroAssemblerARMv7::not32):

assembler/MacroAssemblerMIPS.h:

(JSC::MacroAssemblerMIPS::not32):

bytecode/BytecodeList.rb:
bytecode/BytecodeUseDef.h:

(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):

bytecode/CodeBlock.cpp:

(JSC::CodeBlock::finishCreation):

bytecode/Opcode.h:

(JSC::padOpcodeName):

bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitUnaryOp):

bytecompiler/NodesCodegen.cpp:

(JSC::UnaryPlusNode::emitBytecode):
(JSC::BitwiseNotNode::emitBytecode): Deleted.

dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

dfg/DFGBackwardsPropagationPhase.cpp:

(JSC::DFG::BackwardsPropagationPhase::propagate):

dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseBlock):

dfg/DFGCapabilities.cpp:

(JSC::DFG::capabilityLevel):

dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

dfg/DFGNodeType.h:
dfg/DFGOperations.cpp:
dfg/DFGOperations.h:
dfg/DFGPredictionPropagationPhase.cpp:
dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileBitwiseNot):

dfg/DFGSpeculativeJIT.h:
dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileArithBitNot):

jit/JIT.cpp:

(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):

jit/JIT.h:
jit/JITArithmetic.cpp:

(JSC::JIT::emit_op_bitnot):

llint/LowLevelInterpreter32_64.asm:
llint/LowLevelInterpreter64.asm:
offlineasm/cloop.rb:
parser/NodeConstructors.h:

(JSC::BitwiseNotNode::BitwiseNotNode):

parser/Nodes.h:
parser/ResultType.h:

(JSC::ResultType::bigIntOrInt32Type):
(JSC::ResultType::forBitOp):

runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

runtime/CommonSlowPaths.h:

Location:

trunk

Files:

: 2 added
: 40 edited

JSTests/ChangeLog (modified) (1 diff)
JSTests/stress/bit-not-must-generate.js (added)
JSTests/stress/bitwise-not-no-int32.js (added)
Source/JavaScriptCore/ChangeLog (modified) (1 diff)
Source/JavaScriptCore/assembler/MacroAssemblerARM64.h (modified) (1 diff)
Source/JavaScriptCore/assembler/MacroAssemblerARMv7.h (modified) (1 diff)
Source/JavaScriptCore/assembler/MacroAssemblerMIPS.h (modified) (1 diff)
Source/JavaScriptCore/bytecode/BytecodeList.rb (modified) (1 diff)
Source/JavaScriptCore/bytecode/BytecodeUseDef.h (modified) (2 diffs)
Source/JavaScriptCore/bytecode/CodeBlock.cpp (modified) (1 diff)
Source/JavaScriptCore/bytecode/Opcode.h (modified) (1 diff)
Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp (modified) (1 diff)
Source/JavaScriptCore/bytecompiler/NodesCodegen.cpp (modified) (1 diff)
Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h (modified) (1 diff)
Source/JavaScriptCore/dfg/DFGBackwardsPropagationPhase.cpp (modified) (1 diff)
Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp (modified) (1 diff)
Source/JavaScriptCore/dfg/DFGCapabilities.cpp (modified) (1 diff)
Source/JavaScriptCore/dfg/DFGClobberize.h (modified) (1 diff)
Source/JavaScriptCore/dfg/DFGDoesGC.cpp (modified) (1 diff)
Source/JavaScriptCore/dfg/DFGFixupPhase.cpp (modified) (1 diff)
Source/JavaScriptCore/dfg/DFGNodeType.h (modified) (1 diff)
Source/JavaScriptCore/dfg/DFGOperations.cpp (modified) (1 diff)
Source/JavaScriptCore/dfg/DFGOperations.h (modified) (1 diff)
Source/JavaScriptCore/dfg/DFGPredictionPropagationPhase.cpp (modified) (1 diff)
Source/JavaScriptCore/dfg/DFGSafeToExecute.h (modified) (1 diff)
Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp (modified) (1 diff)
Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h (modified) (1 diff)
Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp (modified) (1 diff)
Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp (modified) (1 diff)
Source/JavaScriptCore/ftl/FTLCapabilities.cpp (modified) (1 diff)
Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp (modified) (2 diffs)
Source/JavaScriptCore/jit/JIT.cpp (modified) (2 diffs)
Source/JavaScriptCore/jit/JIT.h (modified) (1 diff)
Source/JavaScriptCore/jit/JITArithmetic.cpp (modified) (1 diff)
Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm (modified) (1 diff)
Source/JavaScriptCore/llint/LowLevelInterpreter64.asm (modified) (1 diff)
Source/JavaScriptCore/offlineasm/cloop.rb (modified) (1 diff)
Source/JavaScriptCore/parser/NodeConstructors.h (modified) (1 diff)
Source/JavaScriptCore/parser/Nodes.h (modified) (1 diff)
Source/JavaScriptCore/parser/ResultType.h (modified) (2 diffs)
Source/JavaScriptCore/runtime/CommonSlowPaths.cpp (modified) (1 diff)
Source/JavaScriptCore/runtime/CommonSlowPaths.h (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/JSTests/ChangeLog

-                      r238511
+                      r238543
+-11-26  Caio Lima  <ticaiolima@gmail.com>
+        Re-introduce op_bitnot
+        https://bugs.webkit.org/show_bug.cgi?id=190923
+        Reviewed by Yusuke Suzuki.
+        * stress/bit-not-must-generate.js: Added.
+        * stress/bitwise-not-no-int32.js: Added.
 -11-26  Saam barati  <sbarati@apple.com>

trunk/Source/JavaScriptCore/ChangeLog

-                      r238511
+                      r238543
+-11-26  Caio Lima  <ticaiolima@gmail.com>
+        Re-introduce op_bitnot
+        https://bugs.webkit.org/show_bug.cgi?id=190923
+        Reviewed by Yusuke Suzuki.
+        With the introduction of BigInt as a new type, we can't emit bitwise
+        not as `x ^ -1` anymore, because this is incompatible with the new type.
+        Based on that, this Patch is adding `op_bitnot` as a new operation
+        into LLInt, as well as introducing ArithBitNot node into DFG to support
+        JIT compilation of such opcode. We will use the ValueProfile of this
+        intruction in the future to generate better code when its operand
+        is not Int32.
+        * assembler/MacroAssemblerARM64.h:
+        (JSC::MacroAssemblerARM64::not32):
+        * assembler/MacroAssemblerARMv7.h:
+        (JSC::MacroAssemblerARMv7::not32):
+        * assembler/MacroAssemblerMIPS.h:
+        (JSC::MacroAssemblerMIPS::not32):
+        * bytecode/BytecodeList.rb:
+        * bytecode/BytecodeUseDef.h:
+        (JSC::computeUsesForBytecodeOffset):
+        (JSC::computeDefsForBytecodeOffset):
+        * bytecode/CodeBlock.cpp:
+        (JSC::CodeBlock::finishCreation):
+        * bytecode/Opcode.h:
+        (JSC::padOpcodeName):
+        * bytecompiler/BytecodeGenerator.cpp:
+        (JSC::BytecodeGenerator::emitUnaryOp):
+        * bytecompiler/NodesCodegen.cpp:
+        (JSC::UnaryPlusNode::emitBytecode):
+        (JSC::BitwiseNotNode::emitBytecode): Deleted.
+        * dfg/DFGAbstractInterpreterInlines.h:
+        (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
+        * dfg/DFGBackwardsPropagationPhase.cpp:
+        (JSC::DFG::BackwardsPropagationPhase::propagate):
+        * dfg/DFGByteCodeParser.cpp:
+        (JSC::DFG::ByteCodeParser::parseBlock):
+        * dfg/DFGCapabilities.cpp:
+        (JSC::DFG::capabilityLevel):
+        * dfg/DFGClobberize.h:
+        (JSC::DFG::clobberize):
+        * dfg/DFGDoesGC.cpp:
+        (JSC::DFG::doesGC):
+        * dfg/DFGFixupPhase.cpp:
+        (JSC::DFG::FixupPhase::fixupNode):
+        * dfg/DFGNodeType.h:
+        * dfg/DFGOperations.cpp:
+        * dfg/DFGOperations.h:
+        * dfg/DFGPredictionPropagationPhase.cpp:
+        * dfg/DFGSafeToExecute.h:
+        (JSC::DFG::safeToExecute):
+        * dfg/DFGSpeculativeJIT.cpp:
+        (JSC::DFG::SpeculativeJIT::compileBitwiseNot):
+        * dfg/DFGSpeculativeJIT.h:
+        * dfg/DFGSpeculativeJIT32_64.cpp:
+        (JSC::DFG::SpeculativeJIT::compile):
+        * dfg/DFGSpeculativeJIT64.cpp:
+        (JSC::DFG::SpeculativeJIT::compile):
+        * ftl/FTLCapabilities.cpp:
+        (JSC::FTL::canCompile):
+        * ftl/FTLLowerDFGToB3.cpp:
+        (JSC::FTL::DFG::LowerDFGToB3::compileNode):
+        (JSC::FTL::DFG::LowerDFGToB3::compileArithBitNot):
+        * jit/JIT.cpp:
+        (JSC::JIT::privateCompileMainPass):
+        (JSC::JIT::privateCompileSlowCases):
+        * jit/JIT.h:
+        * jit/JITArithmetic.cpp:
+        (JSC::JIT::emit_op_bitnot):
+        * llint/LowLevelInterpreter32_64.asm:
+        * llint/LowLevelInterpreter64.asm:
+        * offlineasm/cloop.rb:
+        * parser/NodeConstructors.h:
+        (JSC::BitwiseNotNode::BitwiseNotNode):
+        * parser/Nodes.h:
+        * parser/ResultType.h:
+        (JSC::ResultType::bigIntOrInt32Type):
+        (JSC::ResultType::forBitOp):
+        * runtime/CommonSlowPaths.cpp:
+        (JSC::SLOW_PATH_DECL):
+        * runtime/CommonSlowPaths.h:
 -11-26  Saam barati  <sbarati@apple.com>

trunk/Source/JavaScriptCore/assembler/MacroAssemblerARM64.h

r237173	r238543
1046	1046	}
1047	1047
	1048	void not32(RegisterID srcDest)
	1049	{
	1050	m_assembler.mvn<32>(srcDest, srcDest);
	1051	}
	1052
1048	1053	void not32(RegisterID src, RegisterID dest)
1049	1054	{

trunk/Source/JavaScriptCore/assembler/MacroAssemblerARMv7.h

-                      r236604
+                      r238543
+    }
+    void not32(RegisterID srcDest)
+    {
+        m_assembler.mvn(srcDest, srcDest);
+    }
     // Memory access operations:

trunk/Source/JavaScriptCore/assembler/MacroAssemblerMIPS.h

-                      r231554
+                      r238543
         move(imm, immTempRegister);
         m_assembler.xorInsn(dest, src, immTempRegister);
+    }
+    void not32(RegisterID srcDest)
+    {
+        m_assembler.nor(srcDest, srcDest, MIPSRegisters::zero);
+    }

trunk/Source/JavaScriptCore/bytecode/BytecodeList.rb

-                      r237933
+                      r238543
+    }
+op :bitnot,
+    args: {
+        dst: VirtualRegister,
+        operand: VirtualRegister,
+    },
+    metadata: {
+        profile: ValueProfile
+    }
 op_group :UnaryOp,
+    [

trunk/Source/JavaScriptCore/bytecode/BytecodeUseDef.h

-                      r237547
+                      r238543
     USES(OpToObject, operand)
     USES(OpNegate, operand)
+    USES(OpBitnot, operand)
     USES(OpEqNull, operand)
     USES(OpNeqNull, operand)
 …
     DEFS(OpBitxor, dst)
     DEFS(OpBitor, dst)
+    DEFS(OpBitnot, dst)
     DEFS(OpInc, srcDst)
     DEFS(OpDec, srcDst)

trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp

r238367	r238543
567	567	LINK(OpBitand, profile)
568	568	LINK(OpBitor, profile)
	569	LINK(OpBitnot, profile)
569	570
570	571	LINK(OpGetById, profile, hitCountForLLIntCaching)

trunk/Source/JavaScriptCore/bytecode/Opcode.h

r238067	r238543
110	110	macro(OpBitand) \
111	111	macro(OpBitor) \
	112	macro(OpBitnot) \
112	113
113	114	#define FOR_EACH_OPCODE_WITH_ARRAY_PROFILE(macro) \

trunk/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp

-                      r238281
+                      r238543
     case op_negate:
         OpNegate::emit(this, dst, src, types);
+        break;
+    case op_bitnot:
+        emitUnaryOp<OpBitnot>(dst, src);
         break;
     case op_to_number:

trunk/Source/JavaScriptCore/bytecompiler/NodesCodegen.cpp

-                      r237547
+                      r238543
     return generator.emitToNumber(generator.finalDestination(dst), src.get());
+}
-// ------------------------------ BitwiseNotNode -----------------------------------
-RegisterID* BitwiseNotNode::emitBytecode(BytecodeGenerator& generator, RegisterID* dst)
+{
-    RefPtr<RegisterID> src2 = generator.emitLoad(nullptr, jsNumber(-1));
-    RefPtr<RegisterID> src1 = generator.emitNode(m_expr);
-    return generator.emitBinaryOp<OpBitxor>(generator.finalDestination(dst, src1.get()), src1.get(), src2.get(), OperandTypes(m_expr->resultDescriptor(), ResultType::numberTypeIsInt32()));
+}
 // ------------------------------ LogicalNotNode -----------------------------------

trunk/Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h

-                      r237285
+                      r238543
+    }
+    case ArithBitNot: {
+        if (node->child1().useKind() == UntypedUse) {
+            clobberWorld();
+            setNonCellTypeForNode(node, SpecInt32Only);
+            break;
+        }
+        JSValue operand = forNode(node->child1()).value();
+        if (operand && operand.isInt32()) {
+            int32_t a = operand.asInt32();
+            setConstant(node, JSValue(~a));
+            break;
+        }
+        setNonCellTypeForNode(node, SpecInt32Only);
+        break;
+    }
     case ValueBitOr:
     case ValueBitAnd:

trunk/Source/JavaScriptCore/dfg/DFGBackwardsPropagationPhase.cpp

-                      r236901
+                      r238543
             break;
+        case ArithBitNot: {
+            flags |= NodeBytecodeUsesAsInt;
+            flags &= ~(NodeBytecodeUsesAsNumber | NodeBytecodeNeedsNegZero | NodeBytecodeUsesAsOther);
+            flags &= ~NodeBytecodeUsesAsArrayIndex;
+            node->child1()->mergeFlags(flags);
+            break;
+        }
         case ArithBitAnd:
         case ArithBitOr:

trunk/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp

-                      r237972
+                      r238543
         // === Bitwise operations ===
+        case op_bitnot: {
+            auto bytecode = currentInstruction->as<OpBitnot>();
+            Node* op1 = get(bytecode.operand);
+            set(bytecode.dst, addToGraph(ArithBitNot, op1));
+            NEXT_OPCODE(op_bitnot);
+        }
         case op_bitand: {

trunk/Source/JavaScriptCore/dfg/DFGCapabilities.cpp

r237547	r238543
117	117	case op_check_tdz:
118	118	case op_create_this:
	119	case op_bitnot:
119	120	case op_bitand:
120	121	case op_bitor:

trunk/Source/JavaScriptCore/dfg/DFGClobberize.h

-                      r237285
+                      r238543
         return;
+    case ArithBitNot:
+        if (node->child1().useKind() == UntypedUse) {
+            read(World);
+            write(Heap);
+            return;
+        }
+        def(PureValue(node));
+        return;
     case ArithBitAnd:
     case ArithBitOr:

trunk/Source/JavaScriptCore/dfg/DFGDoesGC.cpp

r237285	r238543
68	68	case PhantomLocal:
69	69	case SetArgument:
	70	case ArithBitNot:
70	71	case ArithBitAnd:
71	72	case ArithBitOr:

trunk/Source/JavaScriptCore/dfg/DFGFixupPhase.cpp

-                      r237972
+                      r238543
+        }
+        case ArithBitNot: {
+            if (node->child1().node()->shouldSpeculateUntypedForBitOps()) {
+                fixEdge<UntypedUse>(node->child1());
+                break;
+            }
+            fixIntConvertingEdge(node->child1());
+            node->clearFlags(NodeMustGenerate);
+            break;
+        }
         case ArithBitOr:
         case ArithBitAnd: {

trunk/Source/JavaScriptCore/dfg/DFGNodeType.h

r237285	r238543
112	112	\
113	113	/* Nodes for bitwise operations. */\
	114	macro(ArithBitNot, NodeResultInt32 \| NodeMustGenerate) \
114	115	macro(ValueBitAnd, NodeResultJS \| NodeMustGenerate) \
115	116	macro(ArithBitAnd, NodeResultInt32) \

trunk/Source/JavaScriptCore/dfg/DFGOperations.cpp

-                      r238425
+                      r238543
+}
+EncodedJSValue JIT_OPERATION operationValueBitNot(ExecState* exec, EncodedJSValue encodedOp1)
+{
+    VM* vm = &exec->vm();
+    NativeCallFrameTracer tracer(vm, exec);
+    auto scope = DECLARE_THROW_SCOPE(*vm);
+    JSValue op1 = JSValue::decode(encodedOp1);
+    int32_t operandValue = op1.toInt32(exec);
+    RETURN_IF_EXCEPTION(scope, encodedJSValue());
+    return JSValue::encode(jsNumber(~operandValue));
+}
 EncodedJSValue JIT_OPERATION operationValueBitAnd(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
+{

trunk/Source/JavaScriptCore/dfg/DFGOperations.h

r237972	r238543
49	49	EncodedJSValue JIT_OPERATION operationToThis(ExecState*, EncodedJSValue encodedOp1) WTF_INTERNAL;
50	50	EncodedJSValue JIT_OPERATION operationToThisStrict(ExecState*, EncodedJSValue encodedOp1) WTF_INTERNAL;
	51	EncodedJSValue JIT_OPERATION operationValueBitNot(ExecState*, EncodedJSValue encodedOp1) WTF_INTERNAL;
51	52	EncodedJSValue JIT_OPERATION operationValueBitAnd(ExecState*, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2) WTF_INTERNAL;
52	53	EncodedJSValue JIT_OPERATION operationValueBitOr(ExecState*, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2) WTF_INTERNAL;

trunk/Source/JavaScriptCore/dfg/DFGPredictionPropagationPhase.cpp

r237972	r238543
738	738	}
739	739
	740	case ArithBitNot:
740	741	case ArithBitAnd:
741	742	case ArithBitOr:

trunk/Source/JavaScriptCore/dfg/DFGSafeToExecute.h

r237285	r238543
198	198	case PhantomLocal:
199	199	case SetArgument:
	200	case ArithBitNot:
200	201	case ArithBitAnd:
201	202	case ArithBitOr:

trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp

-                      r238437
+                      r238543
     blessedBooleanResult(resultGPR, node);
     return;
+}
+void SpeculativeJIT::compileBitwiseNot(Node* node)
+{
+    Edge& child1 = node->child1();
+    if (child1.useKind() == UntypedUse) {
+        JSValueOperand operand(this, child1);
+        JSValueRegs operandRegs = operand.jsValueRegs();
+        flushRegisters();
+        JSValueRegsFlushedCallResult result(this);
+        JSValueRegs resultRegs = result.regs();
+        callOperation(operationValueBitNot, resultRegs, operandRegs);
+        m_jit.exceptionCheck();
+        jsValueResult(resultRegs, node);
+        return;
+    }
+    SpeculateInt32Operand operand(this, child1);
+    GPRTemporary result(this);
+    GPRReg resultGPR = result.gpr();
+    m_jit.move(operand.gpr(), resultGPR);
+    m_jit.not32(resultGPR);
+    int32Result(resultGPR, node);
+}

trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h

r238439	r238543
1329	1329	void compileUInt32ToNumber(Node*);
1330	1330	void compileDoubleAsInt32(Node*);
	1331
	1332	void compileBitwiseNot(Node*);
1331	1333
1332	1334	template<typename SnippetGenerator, J_JITOperation_EJJ slowPathFunction>

trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp

-                      r237285
+                      r238543
     case BitXor:
         compileBitwiseOp(node);
+        break;
+    case ArithBitNot:
+        compileBitwiseNot(node);
         break;

trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp

-                      r237285
+                      r238543
         // the argument is not used.
         recordSetLocal(dataFormatFor(node->variableAccessData()->flushFormat()));
+        break;
+    case ArithBitNot:
+        compileBitwiseNot(node);
         break;

trunk/Source/JavaScriptCore/ftl/FTLCapabilities.cpp

r237285	r238543
59	59	case SetArgument:
60	60	case Return:
	61	case ArithBitNot:
61	62	case ArithBitAnd:
62	63	case ArithBitOr:

trunk/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp

-                      r238436
+                      r238543
             compileArithUnary();
             break;
+        case ArithBitNot:
+            compileArithBitNot();
+            break;
         case ValueBitAnd:
             compileValueBitAnd();
 …
+    }
+    void compileArithBitNot()
+    {
+        if (m_node->child1().useKind() == UntypedUse) {
+            LValue operand = lowJSValue(m_node->child1());
+            LValue result = vmCall(pointerType(), m_out.operation(operationValueBitNot), m_callFrame, operand);
+            setJSValue(result);
+            return;
+        }
+        setInt32(m_out.bitNot(lowInt32(m_node->child1())));
+    }
     void compileValueBitAnd()
+    {

trunk/Source/JavaScriptCore/jit/JIT.cpp

-                      r238162
+                      r238543
         DEFINE_OP(op_add)
+        DEFINE_OP(op_bitnot)
         DEFINE_OP(op_bitand)
         DEFINE_OP(op_bitor)
 …
         DEFINE_SLOWCASE_SLOW_OP(inc)
         DEFINE_SLOWCASE_SLOW_OP(dec)
+        DEFINE_SLOWCASE_SLOW_OP(bitnot)
         DEFINE_SLOWCASE_SLOW_OP(bitand)
         DEFINE_SLOWCASE_SLOW_OP(bitor)

trunk/Source/JavaScriptCore/jit/JIT.h

r238414	r238543
506	506	void emit_op_bitor(const Instruction*);
507	507	void emit_op_bitxor(const Instruction*);
	508	void emit_op_bitnot(const Instruction*);
508	509	void emit_op_call(const Instruction*);
509	510	void emit_op_tail_call(const Instruction*);

trunk/Source/JavaScriptCore/jit/JITArithmetic.cpp

-                      r237547
+                      r238543
+}
+void JIT::emit_op_bitnot(const Instruction* currentInstruction)
+{
+    auto bytecode = currentInstruction->as<OpBitnot>();
+    int result = bytecode.dst.offset();
+    int op1 = bytecode.operand.offset();
+#if USE(JSVALUE64)
+    JSValueRegs leftRegs = JSValueRegs(regT0);
+#else
+    JSValueRegs leftRegs = JSValueRegs(regT1, regT0);
+#endif
+    emitGetVirtualRegister(op1, leftRegs);
+    addSlowCase(branchIfNotInt32(leftRegs));
+    not32(leftRegs.payloadGPR());
+#if USE(JSVALUE64)
+    boxInt32(leftRegs.payloadGPR(), leftRegs);
+#endif
+    emitValueProfilingSiteIfProfiledOpcode(bytecode);
+    emitPutVirtualRegister(result, leftRegs);
+}
 void JIT::emit_op_bitand(const Instruction* currentInstruction)
+{

trunk/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm

-                      r238439
+                      r238543
 bitOpProfiled(bitor, OpBitor,
+        macro (left, right) ori left, right end)
+    macro (left, right) ori left, right end)
+llintOpWithProfile(op_bitnot, OpBitnot, macro (size, get, dispatch, return)
+    get(operand, t0)
+    loadConstantOrVariable(size, t0, t2, t3)
+    bineq t2, Int32Tag, .opBitNotSlow
+    noti t3
+    return (Int32Tag, t3)
+ .opBitNotSlow:
+    callSlowPath(_slow_path_bitnot)
+    dispatch()
+end)
 llintOp(op_overrides_has_instance, OpOverridesHasInstance, macro (size, get, dispatch)

trunk/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm

-                      r238435
+                      r238543
     macro (left, right) urshifti left, right end)
+bitOpProfiled(bitand, OpBitand,
+    macro (left, right) andi left, right end)
+bitOpProfiled(bitor, OpBitor,
+    macro (left, right) ori left, right end)
 bitOp(bitxor, OpBitxor,
     macro (left, right) xori left, right end)
+bitOpProfiled(bitand, OpBitand,
+    macro (left, right) andi left, right end)
+bitOpProfiled(bitor, OpBitor,
+    macro (left, right) ori left, right end)
+llintOpWithProfile(op_bitnot, OpBitnot, macro (size, get, dispatch, return)
+    get(operand, t0)
+    loadConstantOrVariableInt32(size, t0, t3, .opBitNotSlow)
+    noti t3
+    orq tagTypeNumber, t3
+    return(t3)
+.opBitNotSlow:
+    callSlowPath(_slow_path_bitnot)
+    dispatch()
+end)

trunk/Source/JavaScriptCore/offlineasm/cloop.rb

r237547	r238543
595	595
596	596	when "noti"
597		cloopEmitUnaryOperation(operands, :int32, "!")
	597	cloopEmitUnaryOperation(operands, :int32, "~")
598	598
599	599	when "loadi"

trunk/Source/JavaScriptCore/parser/NodeConstructors.h

r233937	r238543
514	514
515	515	inline BitwiseNotNode::BitwiseNotNode(const JSTokenLocation& location, ExpressionNode* expr)
516		: ExpressionNode(location, ResultType::forBitOp())
517		, m_expr(expr)
	516	: UnaryOpNode(location, ResultType::forBitOp(), expr, op_bitnot)
518	517	{
519	518	}

trunk/Source/JavaScriptCore/parser/Nodes.h

-                      r233937
+                      r238543
     };
     class BitwiseNotNode final : public ExpressionNode {
+    class BitwiseNotNode final : public UnaryOpNode {
     public:
         BitwiseNotNode(const JSTokenLocation&, ExpressionNode*);
-    protected:
-        ExpressionNode* expr() { return m_expr; }
-        const ExpressionNode* expr() const { return m_expr; }
-    private:
-        RegisterID* emitBytecode(BytecodeGenerator&, RegisterID* = 0) override;
-        ExpressionNode* m_expr;
     };

trunk/Source/JavaScriptCore/parser/ResultType.h

r237547	r238543
137	137	}
138	138
	139	static constexpr ResultType bigIntOrInt32Type()
	140	{
	141	return ResultType(TypeMaybeBigInt \| TypeInt32);
	142	}
	143
139	144	static constexpr ResultType unknownType()
140	145	{
…	…
170	175	static constexpr ResultType forBitOp()
171	176	{
172		return ~~numberTypeIsInt32~~();
	177	return bigIntOrInt32Type();
173	178	}
174	179

trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.cpp

-                      r238425
+                      r238543
+}
+SLOW_PATH_DECL(slow_path_bitnot)
+{
+    BEGIN();
+    auto bytecode = pc->as<OpBitnot>();
+    int32_t operand = GET_C(bytecode.operand).jsValue().toInt32(exec);
+    CHECK_EXCEPTION();
+    RETURN_PROFILED(jsNumber(~operand));
+}
 SLOW_PATH_DECL(slow_path_bitand)
+{

trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.h

r237547	r238543
325	325	SLOW_PATH_HIDDEN_DECL(slow_path_urshift);
326	326	SLOW_PATH_HIDDEN_DECL(slow_path_unsigned);
	327	SLOW_PATH_HIDDEN_DECL(slow_path_bitnot);
327	328	SLOW_PATH_HIDDEN_DECL(slow_path_bitand);
328	329	SLOW_PATH_HIDDEN_DECL(slow_path_bitor);

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 238543 in webkit

Legend:

Download in other formats: