[webkit-changes] [WebKit/WebKit] 9fa6f1: [JSC] Make DataIC inline code adaptive

Tue, 13 Aug 2024 11:59:13 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 9fa6f1a7715e2237d8080660d3d891b3378f3995
      
https://github.com/WebKit/WebKit/commit/9fa6f1a7715e2237d8080660d3d891b3378f3995
  Author: Yusuke Suzuki <[email protected]>
  Date:   2024-08-13 (Tue, 13 Aug 2024)

  Changed paths:
    M Source/JavaScriptCore/bytecode/GetByStatus.cpp
    M Source/JavaScriptCore/bytecode/GetByStatus.h
    M Source/JavaScriptCore/bytecode/InlineAccess.cpp
    M Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp
    M Source/JavaScriptCore/bytecode/InlineCacheCompiler.h
    M Source/JavaScriptCore/bytecode/StructureStubInfo.cpp
    M Source/JavaScriptCore/bytecode/StructureStubInfo.h
    M Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
    M Source/JavaScriptCore/dfg/DFGFixupPhase.cpp
    M Source/JavaScriptCore/dfg/DFGGraph.cpp
    M Source/JavaScriptCore/dfg/DFGGraph.h
    M Source/JavaScriptCore/dfg/DFGNode.cpp
    M Source/JavaScriptCore/dfg/DFGNode.h
    M Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
    M Source/JavaScriptCore/jit/BaselineJITRegisters.h
    M Source/JavaScriptCore/jit/JITCall.cpp
    M Source/JavaScriptCore/jit/JITInlineCacheGenerator.cpp
    M Source/JavaScriptCore/jit/JITInlineCacheGenerator.h
    M Source/JavaScriptCore/jit/JITOpcodes.cpp
    M Source/JavaScriptCore/jit/JITPropertyAccess.cpp

  Log Message:
  -----------
  [JSC] Make DataIC inline code adaptive
https://bugs.webkit.org/show_bug.cgi?id=277992
rdar://133724890

Reviewed by Keith Miller.

This patch make inlined part of DataIC code adaptive by getting some 
information from lower tiers.
In Baseline, we use LLInt's GetByIdMode's metadata and use GetByIdSelf or 
GetByIdPrototype.
In DFG, we use GetByStatus' information and pick appropriate one for inline 
cache code.

Instead of having very special cache for inlined code in DataIC, we use 
InlineCacheHandler.
We hold this inlined case as m_inlinedHandler so that watchpoint etc. works 
well: when invariant
gets broken, StructureStubInfo gets cleared.

* Source/JavaScriptCore/bytecode/GetByStatus.cpp:
(JSC::GetByStatus::preferredCacheType const):
* Source/JavaScriptCore/bytecode/GetByStatus.h:
* Source/JavaScriptCore/bytecode/InlineAccess.cpp:
(JSC::InlineAccess::generateSelfPropertyAccess):
(JSC::InlineAccess::canGenerateSelfPropertyReplace):
(JSC::InlineAccess::generateSelfPropertyReplace):
(JSC::InlineAccess::generateStringLength):
(JSC::InlineAccess::generateSelfInAccess):
* Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp:
(JSC::InlineCacheHandler::InlineCacheHandler):
(JSC::m_watchpoint):
(JSC::InlineCacheHandler::create):
(JSC::InlineCacheHandler::createPreCompiled):
(JSC::InlineCacheCompiler::compileOneAccessCaseHandler):
(JSC::m_next): Deleted.
* Source/JavaScriptCore/bytecode/InlineCacheCompiler.h:
* Source/JavaScriptCore/bytecode/StructureStubInfo.cpp:
(JSC::StructureStubInfo::aboutToDie):
(JSC::StructureStubInfo::addAccessCase):
(JSC::StructureStubInfo::reset):
(JSC::StructureStubInfo::visitWeakReferences):
(JSC::StructureStubInfo::callLinkInfoAt):
(JSC::StructureStubInfo::containsPC const):
(JSC::StructureStubInfo::initializeFromUnlinkedStructureStubInfo):
(JSC::StructureStubInfo::initializeFromDFGUnlinkedStructureStubInfo):
(JSC::StructureStubInfo::setInlinedHandler):
(JSC::StructureStubInfo::clearInlinedHandler):
(JSC::StructureStubInfo::initializeWithUnitHandler):
(JSC::StructureStubInfo::prependHandler):
(JSC::StructureStubInfo::rewireStubAsJumpInAccess):
(JSC::StructureStubInfo::resetStubAsJumpInAccess):
(JSC::StructureStubInfo::replaceHandler): Deleted.
* Source/JavaScriptCore/bytecode/StructureStubInfo.h:
(JSC::StructureStubInfo::offsetOfInlineHolder):
* Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
(JSC::DFG::ByteCodeParser::handleGetById):
(JSC::DFG::ByteCodeParser::handleGetPrivateNameById):
(JSC::DFG::ByteCodeParser::handleDeleteById):
(JSC::DFG::ByteCodeParser::parseBlock):
* Source/JavaScriptCore/dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::addStringReplacePrimordialChecks):
* Source/JavaScriptCore/dfg/DFGGraph.h:
* Source/JavaScriptCore/dfg/DFGNode.cpp:
(JSC::DFG::Node::convertToGetByIdMaybeMegamorphic):
* Source/JavaScriptCore/dfg/DFGNode.h:
(JSC::DFG::Node::cacheableIdentifier):
(JSC::DFG::Node::hasGetByIdData const):
(JSC::DFG::Node::getByIdData):
(JSC::DFG::Node::hasCacheType const):
(JSC::DFG::Node::cacheType):
* Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::cachedGetById):
(JSC::DFG::SpeculativeJIT::cachedGetByIdWithThis):
(JSC::DFG::SpeculativeJIT::compileGetByVal):
(JSC::DFG::SpeculativeJIT::compile):
(JSC::DFG::SpeculativeJIT::compileGetByValWithThis):
(JSC::DFG::SpeculativeJIT::compileGetById):
(JSC::DFG::SpeculativeJIT::compileDeleteById):
(JSC::DFG::SpeculativeJIT::compileDeleteByVal):
(JSC::DFG::SpeculativeJIT::compileInById):
(JSC::DFG::SpeculativeJIT::compileInByVal):
(JSC::DFG::SpeculativeJIT::compileHasPrivate):
(JSC::DFG::SpeculativeJIT::compilePutByVal):
(JSC::DFG::SpeculativeJIT::compileGetPrivateNameByVal):
(JSC::DFG::SpeculativeJIT::compilePutPrivateName):
(JSC::DFG::SpeculativeJIT::compileCheckPrivateBrand):
(JSC::DFG::SpeculativeJIT::compileSetPrivateBrand):
(JSC::DFG::SpeculativeJIT::compileInstanceOf):
(JSC::DFG::SpeculativeJIT::cachedPutById):
(JSC::DFG::SpeculativeJIT::compileEnumeratorPutByVal):
* Source/JavaScriptCore/jit/BaselineJITRegisters.h:
* Source/JavaScriptCore/jit/JITCall.cpp:
(JSC::JIT::emit_op_iterator_open):
(JSC::JIT::emit_op_iterator_next):
* Source/JavaScriptCore/jit/JITInlineCacheGenerator.cpp:
(JSC::JITInlineCacheGenerator::generateDataICFastPath):
(JSC::generateGetByIdInlineAccessBaselineDataIC):
(JSC::JITGetByIdGenerator::generateDataICFastPath):
(JSC::JITGetByIdWithThisGenerator::generateDataICFastPath):
(JSC::JITPutByIdGenerator::generateDataICFastPath):
(JSC::JITDelByValGenerator::generateDataICFastPath):
(JSC::JITDelByIdGenerator::generateDataICFastPath):
(JSC::JITInByValGenerator::generateDataICFastPath):
(JSC::JITInByIdGenerator::generateDataICFastPath):
(JSC::JITInstanceOfGenerator::generateDataICFastPath):
(JSC::JITGetByValGenerator::generateDataICFastPath):
(JSC::JITGetByValWithThisGenerator::generateDataICFastPath):
(JSC::JITPutByValGenerator::generateDataICFastPath):
(JSC::JITPrivateBrandAccessGenerator::generateDataICFastPath):
(JSC::JITInlineCacheGenerator::generateDFGDataICFastPath): Deleted.
(JSC::JITInlineCacheGenerator::generateBaselineDataICFastPath): Deleted.
(JSC::JITGetByIdGenerator::generateBaselineDataICFastPath): Deleted.
(JSC::JITGetByIdGenerator::generateDFGDataICFastPath): Deleted.
(JSC::JITGetByIdWithThisGenerator::generateBaselineDataICFastPath): Deleted.
(JSC::JITGetByIdWithThisGenerator::generateDFGDataICFastPath): Deleted.
(JSC::JITPutByIdGenerator::generateBaselineDataICFastPath): Deleted.
(JSC::JITPutByIdGenerator::generateDFGDataICFastPath): Deleted.
(JSC::JITDelByValGenerator::generateBaselineDataICFastPath): Deleted.
(JSC::JITDelByIdGenerator::generateBaselineDataICFastPath): Deleted.
(JSC::JITInByValGenerator::generateBaselineDataICFastPath): Deleted.
(JSC::JITInByIdGenerator::generateBaselineDataICFastPath): Deleted.
(JSC::JITInByIdGenerator::generateDFGDataICFastPath): Deleted.
(JSC::JITInstanceOfGenerator::generateBaselineDataICFastPath): Deleted.
(JSC::JITGetByValGenerator::generateBaselineDataICFastPath): Deleted.
(JSC::JITGetByValWithThisGenerator::generateBaselineDataICFastPath): Deleted.
(JSC::JITPutByValGenerator::generateBaselineDataICFastPath): Deleted.
(JSC::JITPrivateBrandAccessGenerator::generateBaselineDataICFastPath): Deleted.
* Source/JavaScriptCore/jit/JITInlineCacheGenerator.h:
* Source/JavaScriptCore/jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_instanceof):
* Source/JavaScriptCore/jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emit_op_get_private_name):
(JSC::JIT::emit_op_set_private_brand):
(JSC::JIT::emit_op_check_private_brand):
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emit_op_put_private_name):
(JSC::JIT::emit_op_del_by_id):
(JSC::JIT::emit_op_del_by_val):
(JSC::JIT::emit_op_try_get_by_id):
(JSC::JIT::emit_op_get_by_id_direct):
(JSC::JIT::emit_op_get_by_id):
(JSC::JIT::emit_op_get_length):
(JSC::JIT::emit_op_get_by_id_with_this):
(JSC::JIT::emit_op_put_by_id):
(JSC::JIT::emit_op_in_by_id):
(JSC::JIT::emit_op_in_by_val):
(JSC::JIT::emitHasPrivate):
(JSC::JIT::emit_op_get_by_val_with_this):
(JSC::JIT::emit_op_enumerator_get_by_val):
(JSC::JIT::emit_op_enumerator_put_by_val):

Canonical link: https://commits.webkit.org/282181@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to