[webkit-changes] [WebKit/WebKit] d0345d: [JSC] Use Data CallIC in DFG
Yusuke Suzuki
noreply at github.com
Mon Jan 22 11:52:36 PST 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: d0345d69220e43945f9b9632378eab88cb50e1da
https://github.com/WebKit/WebKit/commit/d0345d69220e43945f9b9632378eab88cb50e1da
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2024-01-22 (Mon, 22 Jan 2024)
Changed paths:
M Source/JavaScriptCore/bytecode/CallLinkInfo.cpp
M Source/JavaScriptCore/bytecode/CallLinkInfo.h
M Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp
M Source/JavaScriptCore/bytecode/Repatch.cpp
M Source/JavaScriptCore/bytecode/Repatch.h
M Source/JavaScriptCore/bytecode/RepatchInlines.h
M Source/JavaScriptCore/dfg/DFGJITCompiler.cpp
M Source/JavaScriptCore/dfg/DFGJITCompiler.h
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
M Source/JavaScriptCore/jit/AssemblyHelpers.cpp
M Source/JavaScriptCore/jit/AssemblyHelpers.h
M Source/JavaScriptCore/jit/BaselineJITRegisters.h
M Source/JavaScriptCore/jit/JIT.cpp
M Source/JavaScriptCore/jit/JIT.h
M Source/JavaScriptCore/jit/JITCall.cpp
M Source/JavaScriptCore/jit/JITInlines.h
M Source/JavaScriptCore/jit/JITOperations.cpp
M Source/JavaScriptCore/jit/JITOperations.h
M Source/JavaScriptCore/jit/ThunkGenerators.cpp
M Source/JavaScriptCore/llint/LLIntSlowPaths.cpp
M Source/JavaScriptCore/llint/LLIntSlowPaths.h
M Source/JavaScriptCore/llint/LLIntThunks.cpp
M Source/JavaScriptCore/llint/LowLevelInterpreter.asm
M Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm
M Source/JavaScriptCore/llint/LowLevelInterpreter64.asm
M Source/JavaScriptCore/wasm/js/WasmToJS.cpp
Log Message:
-----------
[JSC] Use Data CallIC in DFG
https://bugs.webkit.org/show_bug.cgi?id=267802
rdar://121298538
Reviewed by Justin Michaud.
This patch enables Data CallIC only in DFG (and IC from DFG), not in FTL.
DataIC and RepatchingIC have a tradeoff in terms of performance and setup penalty.
And we think that DFG should use DataIC for faster setup and FTL should use RepatchingIC
for faster peak performance.
Previously we were passing JSGlobalObject* for Call. But this is not so important since
this JSGlobalObject* is used only when throwing an error (since the called function itself
will start running with its own JSGlobalObject*). So instead of eagerly passing it, CallLinkInfo
can now retrieve JSGlobalObject* when it needs to throw an error.
* Source/JavaScriptCore/bytecode/CallLinkInfo.cpp:
(JSC::BaselineCallLinkInfo::initialize):
(JSC::CallLinkInfo::revertCall):
(JSC::CallLinkInfo::setVirtualCall):
(JSC::CallLinkInfo::globalObjectForSlowPath):
(JSC::CallLinkInfo::emitFastPathImpl):
(JSC::CallLinkInfo::emitDataICFastPath):
(JSC::CallLinkInfo::emitTailCallDataICFastPath):
(JSC::CallLinkInfo::setStub):
(JSC::CallLinkInfo::emitSlowPathImpl):
(JSC::CallLinkInfo::emitFastPath):
(JSC::CallLinkInfo::emitTailCallFastPath):
(JSC::OptimizingCallLinkInfo::emitFastPath):
(JSC::OptimizingCallLinkInfo::emitTailCallFastPath):
* Source/JavaScriptCore/bytecode/CallLinkInfo.h:
(JSC::CallLinkInfo::ownerForSlowPath):
* Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp:
(JSC::InlineCacheCompiler::generateImpl):
(JSC::InlineCacheCompiler::emitProxyObjectAccess):
* Source/JavaScriptCore/bytecode/Repatch.cpp:
(JSC::linkPolymorphicCall):
* Source/JavaScriptCore/bytecode/Repatch.h:
* Source/JavaScriptCore/bytecode/RepatchInlines.h:
(JSC::handleHostCall):
(JSC::linkFor):
(JSC::virtualForWithFunction):
* Source/JavaScriptCore/dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::addCallLinkInfo):
* Source/JavaScriptCore/dfg/DFGJITCompiler.h:
* Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::emitCall):
* Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::emitCall):
* Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):
* Source/JavaScriptCore/jit/AssemblyHelpers.cpp:
(JSC::AssemblyHelpers::emitVirtualCall):
* Source/JavaScriptCore/jit/AssemblyHelpers.h:
* Source/JavaScriptCore/jit/BaselineJITRegisters.h:
* Source/JavaScriptCore/jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):
* Source/JavaScriptCore/jit/JIT.h:
* Source/JavaScriptCore/jit/JITCall.cpp:
(JSC::JIT::compileCallDirectEvalSlowCase):
(JSC::JIT::compileTailCall):
(JSC::JIT::compileOpCall):
(JSC::JIT::emit_op_call):
(JSC::JIT::emit_op_call_ignore_result):
(JSC::JIT::emit_op_tail_call):
(JSC::JIT::emit_op_call_direct_eval):
(JSC::JIT::emit_op_call_varargs):
(JSC::JIT::emit_op_tail_call_varargs):
(JSC::JIT::emit_op_tail_call_forward_arguments):
(JSC::JIT::emit_op_construct_varargs):
(JSC::JIT::emit_op_construct):
(JSC::JIT::emit_op_iterator_open):
(JSC::JIT::emitSlow_op_iterator_open):
(JSC::JIT::emit_op_iterator_next):
(JSC::JIT::emitSlow_op_iterator_next):
(JSC::JIT::compileOpCallSlowCase): Deleted.
(JSC::JIT::emitSlow_op_call): Deleted.
(JSC::JIT::emitSlow_op_call_ignore_result): Deleted.
(JSC::JIT::emitSlow_op_tail_call): Deleted.
(JSC::JIT::emitSlow_op_call_varargs): Deleted.
(JSC::JIT::emitSlow_op_tail_call_varargs): Deleted.
(JSC::JIT::emitSlow_op_tail_call_forward_arguments): Deleted.
(JSC::JIT::emitSlow_op_construct_varargs): Deleted.
(JSC::JIT::emitSlow_op_construct): Deleted.
* Source/JavaScriptCore/jit/JITInlines.h:
(JSC::JIT::emitJumpSlowToHotForCheckpoint):
* Source/JavaScriptCore/jit/JITOperations.cpp:
(JSC::JSC_DEFINE_JIT_OPERATION):
* Source/JavaScriptCore/jit/JITOperations.h:
* Source/JavaScriptCore/jit/ThunkGenerators.cpp:
(JSC::virtualThunkFor):
(JSC::polymorphicThunkFor):
(JSC::polymorphicRepatchThunk):
* Source/JavaScriptCore/llint/LLIntSlowPaths.cpp:
(JSC::LLInt::llint_default_call):
(JSC::LLInt::llint_virtual_call):
* Source/JavaScriptCore/llint/LLIntSlowPaths.h:
* Source/JavaScriptCore/llint/LLIntThunks.cpp:
(JSC::LLInt::defaultCallThunk):
* Source/JavaScriptCore/llint/LowLevelInterpreter.asm:
* Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm:
* Source/JavaScriptCore/llint/LowLevelInterpreter64.asm:
* Source/JavaScriptCore/wasm/js/WasmToJS.cpp:
(JSC::Wasm::wasmToJS):
Canonical link: https://commits.webkit.org/273309@main
More information about the webkit-changes
mailing list