Branch: refs/heads/webkitglib/2.42
Home: https://github.com/WebKit/WebKit
Commit: e960cdca544708c5eb699635438bf5e73c977c51
https://github.com/WebKit/WebKit/commit/e960cdca544708c5eb699635438bf5e73c977c51
Author: Keith Miller <keith_mil...@apple.com>
Date: 2023-09-21 (Thu, 21 Sep 2023)
Changed paths:
A JSTests/stress/getbyoffset-cse-consistency.js
A JSTests/stress/multigetbyoffset-cse-consistency.js
M Source/JavaScriptCore/dfg/DFGCSEPhase.cpp
M Source/JavaScriptCore/dfg/DFGClobberize.h
M Source/JavaScriptCore/dfg/DFGHeapLocation.h
Log Message:
-----------
Cherry-pick 265870.333@safari-7616.1.27.10-branch (ab5c6119c469).
https://bugs.webkit.org/show_bug.cgi?id=261544
Cherry-pick 47e039ffd689. rdar://115399657
clobberize needs to be more precise with the *ByOffset nodes
https://bugs.webkit.org/show_bug.cgi?id=261544
rdar://115399657
Reviewed by Yusuke Suzuki and Mark Lam.
CSE phase uses clobberize to figure out if it's safe to merge two
operations that
def the same HeapLocation. Since HeapLocation does not currently have a
way to
track the offset used by the various *ByOffset nodes it can get
confused and
think that two ByOffset instructions produce the same value even if
they don't
use the same offset. This patch solves this by adding a new field to
HeapLocation,
which takes the metadata associated with the corresponding *ByOffset
node. If two
*ByOffset operations don't share the same metadata then they cannot be
CSEed.
* Source/JavaScriptCore/dfg/DFGCSEPhase.cpp:
* Source/JavaScriptCore/dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* Source/JavaScriptCore/dfg/DFGHeapLocation.h:
(JSC::DFG::HeapLocation::HeapLocation):
(JSC::DFG::HeapLocation::extraState const):
(JSC::DFG::HeapLocation::hash const):
Canonical link: https://commits.webkit.org/265870.558@safari-7616-branch
Identifier: 265423.780@safari-7616.1.27.10-branch
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
