[webkit-changes] [WebKit/WebKit] 634eb5: [JSC] Use precompiled handlers for simple cases fo...

[Yusuke Suzuki]

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 634eb56589dc475e6b4e1cdf0ccfc91e870b9439
      https://github.com/WebKit/WebKit/commit/634eb56589dc475e6b4e1cdf0ccfc91e870b9439
  Author: Yusuke Suzuki <ysuzuki at apple.com>
  Date:   2024-05-30 (Thu, 30 May 2024)

  Changed paths:
    M Source/JavaScriptCore/assembler/MacroAssemblerARMv7.h
    M Source/JavaScriptCore/bytecode/AccessCase.cpp
    M Source/JavaScriptCore/bytecode/AccessCase.h
    M Source/JavaScriptCore/bytecode/InlineAccess.cpp
    M Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp
    M Source/JavaScriptCore/bytecode/InlineCacheCompiler.h
    M Source/JavaScriptCore/bytecode/InstanceOfStatus.cpp
    M Source/JavaScriptCore/bytecode/Repatch.cpp
    M Source/JavaScriptCore/bytecode/StructureStubInfo.cpp
    M Source/JavaScriptCore/bytecode/StructureStubInfo.h
    M Source/JavaScriptCore/dfg/DFGJITCode.h
    M Source/JavaScriptCore/jit/BaselineJITRegisters.h
    M Source/JavaScriptCore/jit/GCAwareJITStubRoutine.cpp
    M Source/JavaScriptCore/jit/GCAwareJITStubRoutine.h
    M Source/JavaScriptCore/jit/JITInlineCacheGenerator.h

  Log Message:
  -----------
  [JSC] Use precompiled handlers for simple cases for IC
https://bugs.webkit.org/show_bug.cgi?id=274912
rdar://129016313

Reviewed by Keith Miller.

This patch starts applying precompiled code for common ICs via Handler IC when it is only one AccessCase.
Eventually we will make all Handler IC as chain of AccessCases so this one-AccessCase-compilation will cover
all Handler IC compilation.

We add InlineCacheCompiler::compileOneAccessCaseHandler, which will handle all Handler IC cases eventually.
And based on Handler IC's assumption, compileOneAccessCaseHandler code gets much simplified (since there is only one AccessCase),
which allows us to extract necessary information for precompiled IC cleanly.

And then, we apply precompiled ICs for Load, Miss, Transition, and Replace cases. We do this only when we meet several conditions: checkingConditions
are empty, no-poly-proto, no viaGlobalProxy. But this effectively covers most of cases in fact since these conditions are exceptional cases.

In precompiled IC, we use GPRInfo::handlerGPR to extract per-handler information like StructureID, offset etc.

* Source/JavaScriptCore/assembler/MacroAssemblerARMv7.h:
(JSC::MacroAssemblerARMv7::add8):
* Source/JavaScriptCore/bytecode/AccessCase.cpp:
(JSC::AccessCase::create):
(JSC::AccessCase::fromStructureStubInfo):
(JSC::AccessCase::guardedByStructureCheckSkippingConstantIdentifierCheck const):
(JSC::AccessCase::requiresIdentifierNameMatch const):
(JSC::AccessCase::requiresInt32PropertyCheck const):
(JSC::AccessCase::forEachDependentCell const):
(JSC::AccessCase::doesCalls const):
(JSC::AccessCase::canReplace const):
(JSC::AccessCase::runWithDowncast):
(JSC::AccessCase::checkConsistency):
(JSC::AccessCase::canBeShared):
* Source/JavaScriptCore/bytecode/AccessCase.h:
(JSC::AccessCase::structureID const):
(JSC::AccessCase::newStructureID const):
(JSC::AccessCase::conditionSet const):
* Source/JavaScriptCore/bytecode/InlineAccess.cpp:
(JSC::InlineAccess::generateSelfPropertyAccess):
(JSC::InlineAccess::canGenerateSelfPropertyReplace):
(JSC::InlineAccess::generateSelfPropertyReplace):
(JSC::InlineAccess::isCacheableArrayLength):
(JSC::InlineAccess::generateArrayLength):
(JSC::InlineAccess::isCacheableStringLength):
(JSC::InlineAccess::generateStringLength):
(JSC::InlineAccess::generateSelfInAccess):
* Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp:
(JSC::needsScratchFPR):
(JSC::forInBy):
(JSC::isStateless):
(JSC::doesJSCalls):
(JSC::isMegamorphic):
(JSC::InlineCacheHandler::InlineCacheHandler):
(JSC::InlineCacheHandler::create):
(JSC::InlineCacheHandler::createPreCompiled):
(JSC::InlineCacheCompiler::generateWithGuard):
(JSC::InlineCacheCompiler::generateWithoutGuard):
(JSC::collectConditions):
(JSC::InlineCacheCompiler::generateWithConditionChecks):
(JSC::InlineCacheCompiler::generateAccessCase):
(JSC::InlineCacheCompiler::emitProxyObjectAccess):
(JSC::InlineCacheCompiler::compile):
(JSC::getByIdLoadHandlerCodeGenerator):
(JSC::getByIdMissHandlerCodeGenerator):
(JSC::putByIdReplaceHandlerCodeGenerator):
(JSC::putByIdTransitionHandlerCodeGenerator):
(JSC::InlineCacheCompiler::compileOneAccessCaseHandler):
(JSC::InlineCacheCompiler::generate): Deleted.
(JSC::InlineCacheCompiler::generateImpl): Deleted.
(JSC::InlineCacheCompiler::regenerate): Deleted.
* Source/JavaScriptCore/bytecode/InlineCacheCompiler.h:
* Source/JavaScriptCore/bytecode/InstanceOfStatus.cpp:
(JSC::InstanceOfStatus::computeForStubInfo):
* Source/JavaScriptCore/bytecode/Repatch.cpp:
(JSC::tryCacheArrayGetByVal):
(JSC::repatchArrayGetByVal):
(JSC::tryCachePutBy):
(JSC::tryCacheArrayPutByVal):
(JSC::repatchArrayPutByVal):
(JSC::tryCacheDeleteBy):
(JSC::tryCacheInBy):
(JSC::tryCacheHasPrivateBrand):
(JSC::tryCacheCheckPrivateBrand):
(JSC::tryCacheSetPrivateBrand):
(JSC::tryCacheInstanceOf):
(JSC::tryCacheArrayInByVal):
(JSC::repatchArrayInByVal):
* Source/JavaScriptCore/bytecode/StructureStubInfo.cpp:
(JSC::StructureStubInfo::initGetByIdSelf):
(JSC::StructureStubInfo::initPutByIdReplace):
(JSC::StructureStubInfo::initInByIdSelf):
(JSC::StructureStubInfo::addAccessCase):
(JSC::StructureStubInfo::initializeFromUnlinkedStructureStubInfo):
(JSC::StructureStubInfo::initializeFromDFGUnlinkedStructureStubInfo):
(JSC::StructureStubInfo::checkConsistency):
* Source/JavaScriptCore/bytecode/StructureStubInfo.h:
(JSC::hasConstantIdentifier):
* Source/JavaScriptCore/dfg/DFGJITCode.h:
* Source/JavaScriptCore/jit/BaselineJITRegisters.h:
* Source/JavaScriptCore/jit/GCAwareJITStubRoutine.cpp:
(JSC::createPreCompiledICJITStubRoutine):
* Source/JavaScriptCore/jit/GCAwareJITStubRoutine.h:
* Source/JavaScriptCore/jit/JITInlineCacheGenerator.h:
(JSC::JITInlineCacheGenerator::setUpStubInfoImpl):
(JSC::JITInByValGenerator::setUpStubInfo):

Canonical link: https://commits.webkit.org/279556@main



To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications