Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (199862 => 199863)
--- trunk/Source/_javascript_Core/ChangeLog 2016-04-22 01:48:41 UTC (rev 199862)
+++ trunk/Source/_javascript_Core/ChangeLog 2016-04-22 02:28:00 UTC (rev 199863)
@@ -1,3 +1,35 @@
+2016-04-21 Keith Miller <keith_mil...@apple.com>
+
+ FTL should handle exceptions in operationInOptimize
+ https://bugs.webkit.org/show_bug.cgi?id=156885
+
+ Reviewed by Michael Saboff.
+
+ For some reasone we didn't handle any exceptions in "in" when we called
+ operationInOptimize in the FTL.
+
+ * bytecode/CodeBlock.cpp:
+ (JSC::CodeBlock::dumpAssumingJITType):
+ * ftl/FTLCapabilities.cpp:
+ (JSC::FTL::canCompile):
+ * ftl/FTLLowerDFGToB3.cpp:
+ (JSC::FTL::DFG::LowerDFGToB3::compileIn):
+ * ftl/FTLPatchpointExceptionHandle.h: Add comments explaining which
+ function to use for different exception types.
+
+ * jsc.cpp:
+ (GlobalObject::finishCreation):
+ (functionNoFTL):
+ * runtime/Executable.cpp:
+ (JSC::ScriptExecutable::ScriptExecutable):
+ * runtime/Executable.h:
+ (JSC::ScriptExecutable::setNeverFTLOptimize):
+ (JSC::ScriptExecutable::neverFTLOptimize):
+ * tests/stress/in-ftl-exception-check.js: Added.
+ (foo):
+ (bar):
+ (catch):
+
2016-04-21 Filip Pizlo <fpi...@apple.com>
JSC virtual call thunk shouldn't do a structure->classInfo lookup
Modified: trunk/Source/_javascript_Core/_javascript_Core.xcodeproj/project.pbxproj (199862 => 199863)
--- trunk/Source/_javascript_Core/_javascript_Core.xcodeproj/project.pbxproj 2016-04-22 01:48:41 UTC (rev 199862)
+++ trunk/Source/_javascript_Core/_javascript_Core.xcodeproj/project.pbxproj 2016-04-22 02:28:00 UTC (rev 199863)
@@ -1996,13 +1996,13 @@
DC17E8181C9C91D9008A6AB3 /* ShadowChicken.h in Headers */ = {isa = PBXBuildFile; fileRef = DC17E8141C9C7FD4008A6AB3 /* ShadowChicken.h */; };
DC17E8191C9C91DB008A6AB3 /* ShadowChickenInlines.h in Headers */ = {isa = PBXBuildFile; fileRef = DC17E8151C9C7FD4008A6AB3 /* ShadowChickenInlines.h */; };
DC17E81A1C9C91E9008A6AB3 /* CCallHelpers.cpp in Sources */ = {isa = PBXBuildFile; fileRef = DC17E8161C9C802B008A6AB3 /* CCallHelpers.cpp */; };
+ DC2143071CA32E55000A8869 /* ICStats.h in Headers */ = {isa = PBXBuildFile; fileRef = DC2143061CA32E52000A8869 /* ICStats.h */; };
+ DC2143081CA32E58000A8869 /* ICStats.cpp in Sources */ = {isa = PBXBuildFile; fileRef = DC2143051CA32E52000A8869 /* ICStats.cpp */; };
DE26E9031CB5DD0500D2BE82 /* BuiltinExecutableCreator.h in Headers */ = {isa = PBXBuildFile; fileRef = DE26E9021CB5DD0500D2BE82 /* BuiltinExecutableCreator.h */; };
DE26E9071CB5DEFB00D2BE82 /* BuiltinExecutableCreator.cpp in Sources */ = {isa = PBXBuildFile; fileRef = DE26E9061CB5DD9600D2BE82 /* BuiltinExecutableCreator.cpp */; };
DE5A0A001BA3AC3E003D4424 /* IntrinsicEmitter.cpp in Sources */ = {isa = PBXBuildFile; fileRef = DE5A09FF1BA3AC3E003D4424 /* IntrinsicEmitter.cpp */; };
DEA7E2441BBC677200D78440 /* JSTypedArrayViewPrototype.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 53F256E11B87E28000B4B768 /* JSTypedArrayViewPrototype.cpp */; };
DEA7E2451BBC677F00D78440 /* JSTypedArrayViewPrototype.h in Headers */ = {isa = PBXBuildFile; fileRef = 53917E7C1B791106000EBD33 /* JSTypedArrayViewPrototype.h */; settings = {ATTRIBUTES = (Private, ); }; };
- DC2143071CA32E55000A8869 /* ICStats.h in Headers */ = {isa = PBXBuildFile; fileRef = DC2143061CA32E52000A8869 /* ICStats.h */; };
- DC2143081CA32E58000A8869 /* ICStats.cpp in Sources */ = {isa = PBXBuildFile; fileRef = DC2143051CA32E52000A8869 /* ICStats.cpp */; };
E124A8F70E555775003091F1 /* OpaqueJSString.h in Headers */ = {isa = PBXBuildFile; fileRef = E124A8F50E555775003091F1 /* OpaqueJSString.h */; settings = {ATTRIBUTES = (Private, ); }; };
E124A8F80E555775003091F1 /* OpaqueJSString.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E124A8F60E555775003091F1 /* OpaqueJSString.cpp */; };
E18E3A590DF9278C00D90B34 /* VM.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E18E3A570DF9278C00D90B34 /* VM.cpp */; };
@@ -4204,12 +4204,12 @@
D21202280AD4310C00ED79B6 /* DateConversion.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = DateConversion.cpp; sourceTree = "<group>"; };
D21202290AD4310C00ED79B6 /* DateConversion.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = DateConversion.h; sourceTree = "<group>"; };
DC00039019D8BE6F00023EB0 /* DFGPreciseLocalClobberize.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = DFGPreciseLocalClobberize.h; path = dfg/DFGPreciseLocalClobberize.h; sourceTree = "<group>"; };
- DC2143051CA32E52000A8869 /* ICStats.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ICStats.cpp; sourceTree = "<group>"; };
- DC2143061CA32E52000A8869 /* ICStats.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ICStats.h; sourceTree = "<group>"; };
DC17E8131C9C7FD4008A6AB3 /* ShadowChicken.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ShadowChicken.cpp; sourceTree = "<group>"; };
DC17E8141C9C7FD4008A6AB3 /* ShadowChicken.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ShadowChicken.h; sourceTree = "<group>"; };
DC17E8151C9C7FD4008A6AB3 /* ShadowChickenInlines.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ShadowChickenInlines.h; sourceTree = "<group>"; };
DC17E8161C9C802B008A6AB3 /* CCallHelpers.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CCallHelpers.cpp; sourceTree = "<group>"; };
+ DC2143051CA32E52000A8869 /* ICStats.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ICStats.cpp; sourceTree = "<group>"; };
+ DC2143061CA32E52000A8869 /* ICStats.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ICStats.h; sourceTree = "<group>"; };
DE26E9021CB5DD0500D2BE82 /* BuiltinExecutableCreator.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = BuiltinExecutableCreator.h; sourceTree = "<group>"; };
DE26E9061CB5DD9600D2BE82 /* BuiltinExecutableCreator.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = BuiltinExecutableCreator.cpp; sourceTree = "<group>"; };
DE5A09FF1BA3AC3E003D4424 /* IntrinsicEmitter.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = IntrinsicEmitter.cpp; sourceTree = "<group>"; };
Modified: trunk/Source/_javascript_Core/bytecode/CodeBlock.cpp (199862 => 199863)
--- trunk/Source/_javascript_Core/bytecode/CodeBlock.cpp 2016-04-22 01:48:41 UTC (rev 199862)
+++ trunk/Source/_javascript_Core/bytecode/CodeBlock.cpp 2016-04-22 02:28:00 UTC (rev 199863)
@@ -230,6 +230,8 @@
out.print(" (NeverInline)");
if (ownerScriptExecutable()->neverOptimize())
out.print(" (NeverOptimize)");
+ else if (ownerScriptExecutable()->neverFTLOptimize())
+ out.print(" (NeverFTLOptimize)");
if (ownerScriptExecutable()->didTryToEnterInLoop())
out.print(" (DidTryToEnterInLoop)");
if (ownerScriptExecutable()->isStrictMode())
Modified: trunk/Source/_javascript_Core/ftl/FTLCapabilities.cpp (199862 => 199863)
--- trunk/Source/_javascript_Core/ftl/FTLCapabilities.cpp 2016-04-22 01:48:41 UTC (rev 199862)
+++ trunk/Source/_javascript_Core/ftl/FTLCapabilities.cpp 2016-04-22 02:28:00 UTC (rev 199863)
@@ -439,6 +439,12 @@
dataLog("FTL rejecting ", *graph.m_codeBlock, " because it doesn't belong to a function.\n");
return CannotCompile;
}
+
+ if (UNLIKELY(graph.m_codeBlock->ownerScriptExecutable()->neverFTLOptimize())) {
+ if (verboseCapabilities())
+ dataLog("FTL rejecting ", *graph.m_codeBlock, " because it is marked as never FTL compile.\n");
+ return CannotCompile;
+ }
CapabilityLevel result = CanCompileAndOSREnter;
Modified: trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp (199862 => 199863)
--- trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp 2016-04-22 01:48:41 UTC (rev 199862)
+++ trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp 2016-04-22 02:28:00 UTC (rev 199863)
@@ -5983,11 +5983,17 @@
patchpoint->append(m_tagTypeNumber, ValueRep::reg(GPRInfo::tagTypeNumberRegister));
patchpoint->clobber(RegisterSet::macroScratchRegisters());
+ RefPtr<PatchpointExceptionHandle> exceptionHandle = preparePatchpointForExceptions(patchpoint);
+
State* state = &m_ftlState;
patchpoint->setGenerator(
[=] (CCallHelpers& jit, const StackmapGenerationParams& params) {
AllowMacroScratchRegisterUsage allowScratch(jit);
+ // This is the direct exit target for operation calls. We don't need a JS exceptionHandle because we don't
+ // cache Proxy objects.
+ Box<CCallHelpers::JumpList> exceptions = exceptionHandle->scheduleExitCreation(params)->jumps(jit);
+
GPRReg baseGPR = params[1].gpr();
GPRReg resultGPR = params[0].gpr();
@@ -6011,7 +6017,7 @@
CCallHelpers::Label slowPathBegin = jit.label();
CCallHelpers::Call slowPathCall = callOperation(
*state, params.unavailableRegisters(), jit,
- node->origin.semantic, nullptr, operationInOptimize,
+ node->origin.semantic, exceptions.get(), operationInOptimize,
resultGPR, CCallHelpers::TrustedImmPtr(stubInfo), baseGPR,
CCallHelpers::TrustedImmPtr(str)).call();
jit.jump().linkTo(done, &jit);
Modified: trunk/Source/_javascript_Core/ftl/FTLPatchpointExceptionHandle.h (199862 => 199863)
--- trunk/Source/_javascript_Core/ftl/FTLPatchpointExceptionHandle.h 2016-04-22 01:48:41 UTC (rev 199862)
+++ trunk/Source/_javascript_Core/ftl/FTLPatchpointExceptionHandle.h 2016-04-22 02:28:00 UTC (rev 199863)
@@ -78,11 +78,11 @@
// Schedules the creation of an OSR exit jump destination. You don't know when this will be
// created, but it will happen before linking. You can link jumps to it during link time. That's
// why this returns an ExceptionTarget. That will contain the jump destination (target->label())
- // at link time.
+ // at link time. This function should be used for exceptions from C calls.
RefPtr<ExceptionTarget> scheduleExitCreation(const B3::StackmapGenerationParams&);
// Schedules the creation of an OSR exit jump destination, and ensures that it gets associated
- // with the handler for some callsite index.
+ // with the handler for some callsite index. This function should be used for exceptions from JS.
void scheduleExitCreationForUnwind(const B3::StackmapGenerationParams&, CallSiteIndex);
private:
Modified: trunk/Source/_javascript_Core/jsc.cpp (199862 => 199863)
--- trunk/Source/_javascript_Core/jsc.cpp 2016-04-22 01:48:41 UTC (rev 199862)
+++ trunk/Source/_javascript_Core/jsc.cpp 2016-04-22 02:28:00 UTC (rev 199863)
@@ -590,6 +590,7 @@
static EncodedJSValue JSC_HOST_CALL functionPreciseTime(ExecState*);
static EncodedJSValue JSC_HOST_CALL functionNeverInlineFunction(ExecState*);
static EncodedJSValue JSC_HOST_CALL functionNoDFG(ExecState*);
+static EncodedJSValue JSC_HOST_CALL functionNoFTL(ExecState*);
static EncodedJSValue JSC_HOST_CALL functionOptimizeNextInvocation(ExecState*);
static EncodedJSValue JSC_HOST_CALL functionNumberOfDFGCompiles(ExecState*);
static EncodedJSValue JSC_HOST_CALL functionReoptimizationRetryCount(ExecState*);
@@ -766,6 +767,7 @@
addFunction(vm, "neverInlineFunction", functionNeverInlineFunction, 1);
addFunction(vm, "noInline", functionNeverInlineFunction, 1);
addFunction(vm, "noDFG", functionNoDFG, 1);
+ addFunction(vm, "noFTL", functionNoFTL, 1);
addFunction(vm, "numberOfDFGCompiles", functionNumberOfDFGCompiles, 1);
addFunction(vm, "optimizeNextInvocation", functionOptimizeNextInvocation, 1);
addFunction(vm, "reoptimizationRetryCount", functionReoptimizationRetryCount, 1);
@@ -1521,6 +1523,16 @@
return JSValue::encode(setNeverOptimize(exec));
}
+EncodedJSValue JSC_HOST_CALL functionNoFTL(ExecState* exec)
+{
+ if (JSFunction* function = jsDynamicCast<JSFunction*>(exec->argument(0))) {
+ FunctionExecutable* executable = function->jsExecutable();
+ executable->setNeverFTLOptimize(true);
+ }
+
+ return JSValue::encode(jsUndefined());
+}
+
EncodedJSValue JSC_HOST_CALL functionOptimizeNextInvocation(ExecState* exec)
{
return JSValue::encode(optimizeNextInvocation(exec));
Modified: trunk/Source/_javascript_Core/runtime/Executable.cpp (199862 => 199863)
--- trunk/Source/_javascript_Core/runtime/Executable.cpp 2016-04-22 01:48:41 UTC (rev 199862)
+++ trunk/Source/_javascript_Core/runtime/Executable.cpp 2016-04-22 02:28:00 UTC (rev 199863)
@@ -117,6 +117,7 @@
, m_hasCapturedVariables(false)
, m_neverInline(false)
, m_neverOptimize(false)
+ , m_neverFTLOptimize(false)
, m_isArrowFunctionContext(isInArrowFunctionContext)
, m_derivedContextType(static_cast<unsigned>(derivedContextType))
, m_evalContextType(static_cast<unsigned>(evalContextType))
Modified: trunk/Source/_javascript_Core/runtime/Executable.h (199862 => 199863)
--- trunk/Source/_javascript_Core/runtime/Executable.h 2016-04-22 01:48:41 UTC (rev 199862)
+++ trunk/Source/_javascript_Core/runtime/Executable.h 2016-04-22 02:28:00 UTC (rev 199863)
@@ -357,9 +357,11 @@
void setNeverInline(bool value) { m_neverInline = value; }
void setNeverOptimize(bool value) { m_neverOptimize = value; }
+ void setNeverFTLOptimize(bool value) { m_neverFTLOptimize = value; }
void setDidTryToEnterInLoop(bool value) { m_didTryToEnterInLoop = value; }
bool neverInline() const { return m_neverInline; }
bool neverOptimize() const { return m_neverOptimize; }
+ bool neverFTLOptimize() const { return m_neverFTLOptimize; }
bool didTryToEnterInLoop() const { return m_didTryToEnterInLoop; }
bool isInliningCandidate() const { return !neverInline(); }
bool isOkToOptimize() const { return !neverOptimize(); }
@@ -419,6 +421,7 @@
bool m_hasCapturedVariables : 1;
bool m_neverInline : 1;
bool m_neverOptimize : 1;
+ bool m_neverFTLOptimize : 1;
bool m_isArrowFunctionContext : 1;
unsigned m_derivedContextType : 2; // DerivedContextType
unsigned m_evalContextType : 2; // EvalContextType
Added: trunk/Source/_javascript_Core/tests/stress/in-ftl-exception-check.js (0 => 199863)
--- trunk/Source/_javascript_Core/tests/stress/in-ftl-exception-check.js (rev 0)
+++ trunk/Source/_javascript_Core/tests/stress/in-ftl-exception-check.js 2016-04-22 02:28:00 UTC (rev 199863)
@@ -0,0 +1,19 @@
+function foo(a) {
+ return bar(a);
+}
+noFTL(foo);
+noInline(foo);
+
+function bar(a) {
+ return "bar" in a;
+}
+noInline(bar);
+
+for (let i = 0; i < 1000000; i++) {
+ if (foo({}))
+ throw new Error("bad");
+}
+
+try {
+ foo("");
+} catch (e) { }