[webkit-changes] [WebKit/WebKit] 96445e: [JSC] Optimize load and store in WasmBBQJIT code g...

Yusuke Suzuki noreply at github.com
Mon Mar 13 17:02:17 PDT 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 96445e757c83d1b149d6153f34c298bc65325245
      https://github.com/WebKit/WebKit/commit/96445e757c83d1b149d6153f34c298bc65325245
  Author: Yusuke Suzuki <ysuzuki at apple.com>
  Date:   2023-03-13 (Mon, 13 Mar 2023)

  Changed paths:
    M Source/JavaScriptCore/wasm/WasmBBQJIT.cpp

  Log Message:
  -----------
  [JSC] Optimize load and store in WasmBBQJIT code generation
https://bugs.webkit.org/show_bug.cgi?id=253804
rdar://106624731

Reviewed by Justin Michaud.

This patch adds emitCheckAndPrepareAndMaterializePointerApply. This can take a lambda and materialize location for the memory access with appropriate checks.
The benefit of this function is that we may materialize a pointer in a different forms, Address or BaseIndex. And lambda takes this type `auto`.

In wasm, a pointer is 32bit. And we access memory with wasmBaseMemoryPointer. This means that the most efficient form of address would be
BaseIndex(wasmBaseMemoryPointer, index, TimesOne, ZExt). Previously, we are always generating Address(wasmScratchGPR), which generates materialization instructions
for the address like add64. But now, emitCheckAndPrepareAndMaterializePointerApply can select BaseIndex form too so that we can emit very compact load / store
for almost all wasm load / store.

We also fix a bug in wasm global load / store. Previously we were using emitLoadOp / emitStoreOp, but in this path, we accidentally consumes pointers twice.
We should not use these helpers: they are tailored for wasm load / store. Instead, we just implement appropriate instructions in wasm global load / store.

* Source/JavaScriptCore/wasm/WasmBBQJIT.cpp:
(JSC::Wasm::BBQJIT::getGlobal):
(JSC::Wasm::BBQJIT::setGlobal):
(JSC::Wasm::BBQJIT::emitCheckAndPrepareAndMaterializePointerApply):
(JSC::Wasm::BBQJIT::load):
(JSC::Wasm::BBQJIT::store):
(JSC::Wasm::BBQJIT::loadOpForTypeKind): Deleted.
(JSC::Wasm::BBQJIT::storeOpForTypeKind): Deleted.
(JSC::Wasm::BBQJIT::emitLoadOp): Deleted.
(JSC::Wasm::BBQJIT::emitStoreOp): Deleted.

Canonical link: https://commits.webkit.org/261603@main

More information about the webkit-changes mailing list