[webkit-changes] [162718] trunk/Source/JavaScriptCore

Fri, 24 Jan 2014 13:19:57 -0800

Title: [162718] trunk/Source/_javascript_Core
Revision
162718
Author
mark....@apple.com
Date
2014-01-24 13:23:17 -0800 (Fri, 24 Jan 2014)

Log Message

Generic JSObject::put should handle static properties in the classinfo hierarchy
https://bugs.webkit.org/show_bug.cgi?id=127523

Patch by Oliver Hunt <oli...@apple.com> on 2014-01-24
Reviewed by Geoffrey Garen.

This patch makes JSObject::put correctly call static setters
defined by the ClassInfo.

To make this not clobber performance, the ClassInfo HashTable
now includes a flag to indicate that it contains setters. This
required updating the lut generator so that it tracked (and emitted)
this.

The rest of the change was making a number of the methods take
a VM rather than an ExecState*, so that Structure could set the
getter/setter flags during construction (if necessary).

This also means most objects do not need to perform a lookupPut
manually anymore, so most custom ::put's are no longer needed.
DOMWindow is the only exception as it has interesting security
related semantics.

* create_hash_table:
* interpreter/CallFrame.h:
(JSC::ExecState::arrayConstructorTable):
(JSC::ExecState::arrayPrototypeTable):
(JSC::ExecState::booleanPrototypeTable):
(JSC::ExecState::dataViewTable):
(JSC::ExecState::dateTable):
(JSC::ExecState::dateConstructorTable):
(JSC::ExecState::errorPrototypeTable):
(JSC::ExecState::globalObjectTable):
(JSC::ExecState::jsonTable):
(JSC::ExecState::numberConstructorTable):
(JSC::ExecState::numberPrototypeTable):
(JSC::ExecState::objectConstructorTable):
(JSC::ExecState::privateNamePrototypeTable):
(JSC::ExecState::regExpTable):
(JSC::ExecState::regExpConstructorTable):
(JSC::ExecState::regExpPrototypeTable):
(JSC::ExecState::stringConstructorTable):
(JSC::ExecState::promisePrototypeTable):
(JSC::ExecState::promiseConstructorTable):
* runtime/ArrayConstructor.cpp:
(JSC::ArrayConstructor::getOwnPropertySlot):
* runtime/ArrayPrototype.cpp:
(JSC::ArrayPrototype::getOwnPropertySlot):
* runtime/BooleanPrototype.cpp:
(JSC::BooleanPrototype::getOwnPropertySlot):
* runtime/ClassInfo.h:
(JSC::ClassInfo::propHashTable):
* runtime/DateConstructor.cpp:
(JSC::DateConstructor::getOwnPropertySlot):
* runtime/DatePrototype.cpp:
(JSC::DatePrototype::getOwnPropertySlot):
* runtime/ErrorPrototype.cpp:
(JSC::ErrorPrototype::getOwnPropertySlot):
* runtime/JSDataViewPrototype.cpp:
(JSC::JSDataViewPrototype::getOwnPropertySlot):
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::getOwnPropertySlot):
* runtime/JSONObject.cpp:
(JSC::JSONObject::getOwnPropertySlot):
* runtime/JSObject.cpp:
(JSC::JSObject::put):
(JSC::JSObject::deleteProperty):
* runtime/JSPromiseConstructor.cpp:
(JSC::JSPromiseConstructor::getOwnPropertySlot):
* runtime/JSPromisePrototype.cpp:
(JSC::JSPromisePrototype::getOwnPropertySlot):
* runtime/Lookup.h:
(JSC::HashTable::copy):
(JSC::putEntry):
(JSC::lookupPut):
* runtime/NamePrototype.cpp:
(JSC::NamePrototype::getOwnPropertySlot):
* runtime/NumberConstructor.cpp:
(JSC::NumberConstructor::getOwnPropertySlot):
* runtime/NumberConstructor.h:
* runtime/NumberPrototype.cpp:
(JSC::NumberPrototype::getOwnPropertySlot):
* runtime/ObjectConstructor.cpp:
(JSC::ObjectConstructor::getOwnPropertySlot):
* runtime/RegExpConstructor.cpp:
(JSC::RegExpConstructor::getOwnPropertySlot):
* runtime/RegExpConstructor.h:
* runtime/RegExpObject.cpp:
(JSC::RegExpObject::getOwnPropertySlot):
(JSC::RegExpObject::put):
* runtime/RegExpPrototype.cpp:
(JSC::RegExpPrototype::getOwnPropertySlot):
* runtime/StringConstructor.cpp:
(JSC::StringConstructor::getOwnPropertySlot):
* runtime/Structure.cpp:
(JSC::Structure::Structure):
(JSC::Structure::freezeTransition):
(JSC::ClassInfo::hasStaticSetterOrReadonlyProperties):

Modified Paths

Diff

Modified: trunk/Source/_javascript_Core/ChangeLog (162717 => 162718)


--- trunk/Source/_javascript_Core/ChangeLog	2014-01-24 21:19:37 UTC (rev 162717)
+++ trunk/Source/_javascript_Core/ChangeLog	2014-01-24 21:23:17 UTC (rev 162718)
@@ -100,6 +100,45 @@
 
 2014-01-24  Mark Lam  <mark....@apple.com>
 
+        Skip op_profiler callbacks if !VM::m_enabledProfiler.
+        https://bugs.webkit.org/show_bug.cgi?id=127567.
+
+        Reviewed by Geoffrey Garen.
+
+        The profiler may not be always active (recording). When it's not active
+        (as in VM::m_enabledProfiler is null), then we might as well skip the
+        op_profiler callbacks. The callbacks themselves were already previously
+        gated by a VM::enabledProfiler() check. So, this change does not change
+        any profiler behavior.
+
+        For the DFG, we'll turn the op_profiler handling into speculation checks
+        and OSR exit to the baseline JIT if the profiler becomes active.
+
+        This brings the Octane score up to ~3000 from ~2840.
+
+        * dfg/DFGAbstractInterpreterInlines.h:
+        (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
+        * dfg/DFGByteCodeParser.cpp:
+        (JSC::DFG::ByteCodeParser::parseBlock):
+        * dfg/DFGClobberize.h:
+        (JSC::DFG::clobberize):
+        * dfg/DFGNodeType.h:
+        * dfg/DFGSpeculativeJIT32_64.cpp:
+        (JSC::DFG::SpeculativeJIT::compile):
+        * dfg/DFGSpeculativeJIT64.cpp:
+        (JSC::DFG::SpeculativeJIT::compile):
+        * jit/JITOpcodes.cpp:
+        (JSC::JIT::emit_op_profile_will_call):
+        (JSC::JIT::emit_op_profile_did_call):
+        * jit/JITOpcodes32_64.cpp:
+        (JSC::JIT::emit_op_profile_will_call):
+        (JSC::JIT::emit_op_profile_did_call):
+        * llint/LowLevelInterpreter.asm:
+        * runtime/VM.h:
+        (JSC::VM::enabledProfilerAddress):
+
+2014-01-24  Mark Lam  <mark....@apple.com>
+
         Removing the need for Debugger* and m_shouldPause op_debug check.
         <https://webkit.org/b/127532>

Modified: trunk/Source/_javascript_Core/dfg/DFGAbstractInterpreterInlines.h (162717 => 162718)


--- trunk/Source/_javascript_Core/dfg/DFGAbstractInterpreterInlines.h	2014-01-24 21:19:37 UTC (rev 162717)
+++ trunk/Source/_javascript_Core/dfg/DFGAbstractInterpreterInlines.h	2014-01-24 21:23:17 UTC (rev 162718)
@@ -1755,12 +1755,12 @@
         break;
 
     case Breakpoint:
+    case ProfileWillCall:
+    case ProfileDidCall:
     case CheckWatchdogTimer:
         node->setCanExit(true);
         break;
 
-    case ProfileWillCall:
-    case ProfileDidCall:
     case Phantom:
     case Check:
     case CountExecution:

Modified: trunk/Source/_javascript_Core/dfg/DFGByteCodeParser.cpp (162717 => 162718)


--- trunk/Source/_javascript_Core/dfg/DFGByteCodeParser.cpp	2014-01-24 21:19:37 UTC (rev 162717)
+++ trunk/Source/_javascript_Core/dfg/DFGByteCodeParser.cpp	2014-01-24 21:23:17 UTC (rev 162718)
@@ -1,4 +1,4 @@
-/*
+ /*
  * Copyright (C) 2011, 2012, 2013, 2014 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -2151,14 +2151,12 @@
             NEXT_OPCODE(op_debug);
 
         case op_profile_will_call: {
-            Node* profile = ""
-            addToGraph(ProfileWillCall, profile);
+            addToGraph(ProfileWillCall);
             NEXT_OPCODE(op_profile_will_call);
         }
 
         case op_profile_did_call: {
-            Node* profile = ""
-            addToGraph(ProfileDidCall, profile);
+            addToGraph(ProfileDidCall);
             NEXT_OPCODE(op_profile_did_call);
         }

Modified: trunk/Source/_javascript_Core/dfg/DFGClobberize.h (162717 => 162718)


--- trunk/Source/_javascript_Core/dfg/DFGClobberize.h	2014-01-24 21:19:37 UTC (rev 162717)
+++ trunk/Source/_javascript_Core/dfg/DFGClobberize.h	2014-01-24 21:23:17 UTC (rev 162718)
@@ -1,4 +1,4 @@
-/*
+ /*
  * Copyright (C) 2013, 2014 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -139,8 +139,6 @@
     case Flush:
     case PhantomLocal:
     case SetArgument:
-    case ProfileWillCall:
-    case ProfileDidCall:
     case PhantomArguments:
     case Jump:
     case Branch:
@@ -621,6 +619,8 @@
         return;
         
     case Breakpoint:
+    case ProfileWillCall:
+    case ProfileDidCall:
     case CountExecution:
     case CheckWatchdogTimer:
         read(InternalState);

Modified: trunk/Source/_javascript_Core/dfg/DFGNodeType.h (162717 => 162718)


--- trunk/Source/_javascript_Core/dfg/DFGNodeType.h	2014-01-24 21:19:37 UTC (rev 162717)
+++ trunk/Source/_javascript_Core/dfg/DFGNodeType.h	2014-01-24 21:23:17 UTC (rev 162718)
@@ -231,8 +231,8 @@
     \
     /* Nodes for misc operations. */\
     macro(Breakpoint, NodeMustGenerate) \
-    macro(ProfileWillCall, NodeMustGenerate | NodeClobbersWorld) \
-    macro(ProfileDidCall, NodeMustGenerate | NodeClobbersWorld) \
+    macro(ProfileWillCall, NodeMustGenerate) \
+    macro(ProfileDidCall, NodeMustGenerate) \
     macro(CheckHasInstance, NodeMustGenerate) \
     macro(InstanceOf, NodeResultBoolean) \
     macro(IsUndefined, NodeResultBoolean) \

Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp (162717 => 162718)


--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp	2014-01-24 21:19:37 UTC (rev 162717)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp	2014-01-24 21:23:17 UTC (rev 162718)
@@ -4242,25 +4242,13 @@
         break;
     }
 
-    case ProfileWillCall: {
-        JSValueOperand profile(this, node->child1());
-        GPRReg profileTagGPR = profile.tagGPR();
-        GPRReg profilePayloadGPR = profile.payloadGPR();
-        silentSpillAllRegisters(InvalidGPRReg);
-        callOperation(operationProfileWillCall, profileTagGPR, profilePayloadGPR);
-        silentFillAllRegisters(InvalidGPRReg);
-        noResult(node);
-        break;
-    }
-
+    case ProfileWillCall:
     case ProfileDidCall: {
-        JSValueOperand profile(this, node->child1());
-        GPRReg profileTagGPR = profile.tagGPR();
-        GPRReg profilePayloadGPR = profile.payloadGPR();
-        silentSpillAllRegisters(InvalidGPRReg);
-        callOperation(operationProfileWillCall, profileTagGPR, profilePayloadGPR);
-        silentFillAllRegisters(InvalidGPRReg);
-        noResult(node);
+        GPRTemporary temp(this);
+        m_jit.loadPtr(m_jit.vm()->enabledProfilerAddress(), temp.gpr());
+        speculationCheck(
+            DebuggerEvent, JSValueRegs(), 0,
+            m_jit.branchTestPtr(JITCompiler::NonZero, temp.gpr()));
         break;
     }

Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp (162717 => 162718)


--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp	2014-01-24 21:19:37 UTC (rev 162717)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp	2014-01-24 21:23:17 UTC (rev 162718)
@@ -4519,26 +4519,15 @@
         break;
     }
 
-    case ProfileWillCall: {
-        JSValueOperand profile(this, node->child1());
-        GPRReg profileGPR = profile.gpr();
-        silentSpillAllRegisters(InvalidGPRReg);
-        callOperation(operationProfileWillCall, profileGPR);
-        silentFillAllRegisters(InvalidGPRReg);
-        noResult(node);
+    case ProfileWillCall:
+    case ProfileDidCall:
+        speculationCheck(
+            DebuggerEvent, JSValueRegs(), 0,
+            m_jit.branchTestPtr(
+                JITCompiler::NonZero,
+                JITCompiler::AbsoluteAddress(m_jit.vm()->enabledProfilerAddress())));
         break;
-    }
 
-    case ProfileDidCall: {
-        JSValueOperand profile(this, node->child1());
-        GPRReg profileGPR = profile.gpr();
-        silentSpillAllRegisters(InvalidGPRReg);
-        callOperation(operationProfileDidCall, profileGPR);
-        silentFillAllRegisters(InvalidGPRReg);
-        noResult(node);
-        break;
-    }
-
     case Call:
     case Construct:
         emitCall(node);

Modified: trunk/Source/_javascript_Core/jit/JITOpcodes.cpp (162717 => 162718)


--- trunk/Source/_javascript_Core/jit/JITOpcodes.cpp	2014-01-24 21:19:37 UTC (rev 162717)
+++ trunk/Source/_javascript_Core/jit/JITOpcodes.cpp	2014-01-24 21:23:17 UTC (rev 162718)
@@ -886,14 +886,18 @@
 
 void JIT::emit_op_profile_will_call(Instruction* currentInstruction)
 {
+    Jump profilerDone = branchTestPtr(Zero, AbsoluteAddress(m_vm->enabledProfilerAddress()));
     emitGetVirtualRegister(currentInstruction[1].u.operand, regT0);
     callOperation(operationProfileWillCall, regT0);
+    profilerDone.link(this);
 }
 
 void JIT::emit_op_profile_did_call(Instruction* currentInstruction)
 {
+    Jump profilerDone = branchTestPtr(Zero, AbsoluteAddress(m_vm->enabledProfilerAddress()));
     emitGetVirtualRegister(currentInstruction[1].u.operand, regT0);
     callOperation(operationProfileDidCall, regT0);
+    profilerDone.link(this);
 }

Modified: trunk/Source/_javascript_Core/jit/JITOpcodes32_64.cpp (162717 => 162718)


--- trunk/Source/_javascript_Core/jit/JITOpcodes32_64.cpp	2014-01-24 21:19:37 UTC (rev 162717)
+++ trunk/Source/_javascript_Core/jit/JITOpcodes32_64.cpp	2014-01-24 21:23:17 UTC (rev 162718)
@@ -1114,14 +1114,20 @@
 
 void JIT::emit_op_profile_will_call(Instruction* currentInstruction)
 {
+    load32(m_vm->enabledProfilerAddress(), regT0);
+    Jump profilerDone = branchTestPtr(Zero, regT0);
     emitLoad(currentInstruction[1].u.operand, regT1, regT0);
     callOperation(operationProfileWillCall, regT1, regT0);
+    profilerDone.link(this);
 }
 
 void JIT::emit_op_profile_did_call(Instruction* currentInstruction)
 {
+    load32(m_vm->enabledProfilerAddress(), regT0);
+    Jump profilerDone = branchTestPtr(Zero, regT0);
     emitLoad(currentInstruction[1].u.operand, regT1, regT0);
     callOperation(operationProfileDidCall, regT1, regT0);
+    profilerDone.link(this);
 }
 
 void JIT::emit_op_get_arguments_length(Instruction* currentInstruction)

Modified: trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm (162717 => 162718)


--- trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm	2014-01-24 21:19:37 UTC (rev 162717)
+++ trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm	2014-01-24 21:23:17 UTC (rev 162718)
@@ -823,13 +823,23 @@
 
 _llint_op_profile_will_call:
     traceExecution()
+    loadp CodeBlock[cfr], t0
+    loadp CodeBlock::m_vm[t0], t0
+    loadi VM::m_enabledProfiler[t0], t0
+    btpz t0, .opProfilerWillCallDone
     callSlowPath(_llint_slow_path_profile_will_call)
+.opProfilerWillCallDone:
     dispatch(2)
 
 
 _llint_op_profile_did_call:
     traceExecution()
+    loadp CodeBlock[cfr], t0
+    loadp CodeBlock::m_vm[t0], t0
+    loadi VM::m_enabledProfiler[t0], t0
+    btpz t0, .opProfilerDidCallDone
     callSlowPath(_llint_slow_path_profile_did_call)
+.opProfilerDidCallDone:
     dispatch(2)

Modified: trunk/Source/_javascript_Core/runtime/VM.h (162717 => 162718)


--- trunk/Source/_javascript_Core/runtime/VM.h	2014-01-24 21:19:37 UTC (rev 162717)
+++ trunk/Source/_javascript_Core/runtime/VM.h	2014-01-24 21:23:17 UTC (rev 162718)
@@ -308,6 +308,7 @@
         {
             return m_enabledProfiler;
         }
+        void* enabledProfilerAddress() { return &m_enabledProfiler; }
 
 #if ENABLE(JIT) && ENABLE(LLINT)
         bool canUseJIT() { return m_canUseJIT; }

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to