<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[207434] trunk/Source/JavaScriptCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/207434">207434</a></dd>
<dt>Author</dt> <dd>fpizlo@apple.com</dd>
<dt>Date</dt> <dd>2016-10-17 14:45:56 -0700 (Mon, 17 Oct 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>Air::IRC doesn't need to have a special-case for uncolored Tmps since they all get colored
https://bugs.webkit.org/show_bug.cgi?id=163548
<rdar://problem/28804381>
Reviewed by Geoffrey Garen.
Before <a href="http://trac.webkit.org/projects/webkit/changeset/207408">r207408</a>, IRC had a mode where it would silently assign the first assignable register (so
%rax, %xmm0, etc) to any tmp that was not colorable due to a pathological interference fencepost.
We reason about interference at instruction boundaries. This means that if you have, for example,
an instruction that clobbers all registers late followed by an instruction that has an early def
in the same register file, then the early def will not be colorable because it interferes with
all registers. This already happens in our tests, but IRC silently returns the first assignable
register to such tmps. For some reason the resulting code works OK - probably because this tends
to only be hit by fuzzing, which may not then stress that code enough to shake out the register
corruption. Also, this can only happen for floating point registers, so it's hard to get an
exciting crash. The worst case is that your numbers get all messed up.
This change fixes the issue:
- IRC will now crash if it can't color a tmp.
- IRC doesn't crash on our tests anymore because I added a padInterference() utility that works
around the interference problem by inserting Nops to pad between those instructions where
conflating their early and late actions into one interference fencepost could create an
uncolorable graph.
See https://bugs.webkit.org/show_bug.cgi?id=163548#c2 for a detailed discussion of how the
problem can arise.
This problem almost made me want to abandon our use of interference at instruction boundaries,
and introduce something more comprehensive, like interference at various stages of an
instruction's execution. The reason why I didn't do this is that this problem only arises in well
confined corner cases: you need an instruction that does a late use or def followed by an
instruction that does an early def. Register clobbers count as defs for this equation.
Fortunately, early defs are rare, and even when they do happen, you still need the previous
instruction to have a late something. Late uses are rare and many instructions don't have defs at
all, which means that it's actually pretty common for an instruction to not have anything late.
This means that the padInterference() strategy is ideal: our algorithms stay simple because they
only have to worry about interference at boundaries, and we rarely insert any Nops in
padInterference() so the IR stays nice and compact. Those Nops get removed by any phase that does
DCE, which includes eliminateDeadCode(), allocateStack(), and reportUsedRegisters(). In practice
allocateStack() kills them.
This also finally refactors our passing of RegisterSet to pass it by value, since it's small
enough that we're not gaining anything by using references. On x86, RegisterSet ought to be
smaller than a pointer.
* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* b3/B3StackmapSpecial.cpp:
(JSC::B3::StackmapSpecial::extraClobberedRegs):
(JSC::B3::StackmapSpecial::extraEarlyClobberedRegs):
* b3/B3StackmapSpecial.h:
* b3/air/AirCCallSpecial.cpp:
(JSC::B3::Air::CCallSpecial::extraEarlyClobberedRegs):
(JSC::B3::Air::CCallSpecial::extraClobberedRegs):
* b3/air/AirCCallSpecial.h:
* b3/air/AirInst.h:
* b3/air/AirInstInlines.h:
(JSC::B3::Air::Inst::extraClobberedRegs):
(JSC::B3::Air::Inst::extraEarlyClobberedRegs):
* b3/air/AirIteratedRegisterCoalescing.cpp:
(JSC::B3::Air::iteratedRegisterCoalescing):
* b3/air/AirPadInterference.cpp: Added.
(JSC::B3::Air::padInterference):
* b3/air/AirPadInterference.h: Added.
* b3/air/AirSpecial.h:
* b3/air/AirSpillEverything.cpp:
(JSC::B3::Air::spillEverything):
* jit/RegisterSet.h:
(JSC::RegisterSet::isEmpty):</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoreCMakeListstxt">trunk/Source/JavaScriptCore/CMakeLists.txt</a></li>
<li><a href="#trunkSourceJavaScriptCoreChangeLog">trunk/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCoreJavaScriptCorexcodeprojprojectpbxproj">trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj</a></li>
<li><a href="#trunkSourceJavaScriptCoreb3B3StackmapSpecialcpp">trunk/Source/JavaScriptCore/b3/B3StackmapSpecial.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreb3B3StackmapSpecialh">trunk/Source/JavaScriptCore/b3/B3StackmapSpecial.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreb3airAirCCallSpecialcpp">trunk/Source/JavaScriptCore/b3/air/AirCCallSpecial.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreb3airAirCCallSpecialh">trunk/Source/JavaScriptCore/b3/air/AirCCallSpecial.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreb3airAirInsth">trunk/Source/JavaScriptCore/b3/air/AirInst.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreb3airAirInstInlinesh">trunk/Source/JavaScriptCore/b3/air/AirInstInlines.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreb3airAirIteratedRegisterCoalescingcpp">trunk/Source/JavaScriptCore/b3/air/AirIteratedRegisterCoalescing.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreb3airAirSpecialh">trunk/Source/JavaScriptCore/b3/air/AirSpecial.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreb3airAirSpillEverythingcpp">trunk/Source/JavaScriptCore/b3/air/AirSpillEverything.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitRegisterSeth">trunk/Source/JavaScriptCore/jit/RegisterSet.h</a></li>
</ul>
<h3>Added Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoreb3airAirPadInterferencecpp">trunk/Source/JavaScriptCore/b3/air/AirPadInterference.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreb3airAirPadInterferenceh">trunk/Source/JavaScriptCore/b3/air/AirPadInterference.h</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceJavaScriptCoreCMakeListstxt"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/CMakeLists.txt (207433 => 207434)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/CMakeLists.txt 2016-10-17 21:44:43 UTC (rev 207433)
+++ trunk/Source/JavaScriptCore/CMakeLists.txt 2016-10-17 21:45:56 UTC (rev 207434)
</span><span class="lines">@@ -95,6 +95,7 @@
</span><span class="cx"> b3/air/AirLowerEntrySwitch.cpp
</span><span class="cx"> b3/air/AirLowerMacros.cpp
</span><span class="cx"> b3/air/AirOptimizeBlockOrder.cpp
</span><ins>+ b3/air/AirPadInterference.cpp
</ins><span class="cx"> b3/air/AirPhaseScope.cpp
</span><span class="cx"> b3/air/AirReportUsedRegisters.cpp
</span><span class="cx"> b3/air/AirSimplifyCFG.cpp
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ChangeLog (207433 => 207434)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ChangeLog 2016-10-17 21:44:43 UTC (rev 207433)
+++ trunk/Source/JavaScriptCore/ChangeLog 2016-10-17 21:45:56 UTC (rev 207434)
</span><span class="lines">@@ -1,3 +1,77 @@
</span><ins>+2016-10-17 Filip Pizlo <fpizlo@apple.com>
+
+ Air::IRC doesn't need to have a special-case for uncolored Tmps since they all get colored
+ https://bugs.webkit.org/show_bug.cgi?id=163548
+ <rdar://problem/28804381>
+
+ Reviewed by Geoffrey Garen.
+
+ Before r207408, IRC had a mode where it would silently assign the first assignable register (so
+ %rax, %xmm0, etc) to any tmp that was not colorable due to a pathological interference fencepost.
+ We reason about interference at instruction boundaries. This means that if you have, for example,
+ an instruction that clobbers all registers late followed by an instruction that has an early def
+ in the same register file, then the early def will not be colorable because it interferes with
+ all registers. This already happens in our tests, but IRC silently returns the first assignable
+ register to such tmps. For some reason the resulting code works OK - probably because this tends
+ to only be hit by fuzzing, which may not then stress that code enough to shake out the register
+ corruption. Also, this can only happen for floating point registers, so it's hard to get an
+ exciting crash. The worst case is that your numbers get all messed up.
+
+ This change fixes the issue:
+
+ - IRC will now crash if it can't color a tmp.
+
+ - IRC doesn't crash on our tests anymore because I added a padInterference() utility that works
+ around the interference problem by inserting Nops to pad between those instructions where
+ conflating their early and late actions into one interference fencepost could create an
+ uncolorable graph.
+
+ See https://bugs.webkit.org/show_bug.cgi?id=163548#c2 for a detailed discussion of how the
+ problem can arise.
+
+ This problem almost made me want to abandon our use of interference at instruction boundaries,
+ and introduce something more comprehensive, like interference at various stages of an
+ instruction's execution. The reason why I didn't do this is that this problem only arises in well
+ confined corner cases: you need an instruction that does a late use or def followed by an
+ instruction that does an early def. Register clobbers count as defs for this equation.
+ Fortunately, early defs are rare, and even when they do happen, you still need the previous
+ instruction to have a late something. Late uses are rare and many instructions don't have defs at
+ all, which means that it's actually pretty common for an instruction to not have anything late.
+ This means that the padInterference() strategy is ideal: our algorithms stay simple because they
+ only have to worry about interference at boundaries, and we rarely insert any Nops in
+ padInterference() so the IR stays nice and compact. Those Nops get removed by any phase that does
+ DCE, which includes eliminateDeadCode(), allocateStack(), and reportUsedRegisters(). In practice
+ allocateStack() kills them.
+
+ This also finally refactors our passing of RegisterSet to pass it by value, since it's small
+ enough that we're not gaining anything by using references. On x86, RegisterSet ought to be
+ smaller than a pointer.
+
+ * CMakeLists.txt:
+ * JavaScriptCore.xcodeproj/project.pbxproj:
+ * b3/B3StackmapSpecial.cpp:
+ (JSC::B3::StackmapSpecial::extraClobberedRegs):
+ (JSC::B3::StackmapSpecial::extraEarlyClobberedRegs):
+ * b3/B3StackmapSpecial.h:
+ * b3/air/AirCCallSpecial.cpp:
+ (JSC::B3::Air::CCallSpecial::extraEarlyClobberedRegs):
+ (JSC::B3::Air::CCallSpecial::extraClobberedRegs):
+ * b3/air/AirCCallSpecial.h:
+ * b3/air/AirInst.h:
+ * b3/air/AirInstInlines.h:
+ (JSC::B3::Air::Inst::extraClobberedRegs):
+ (JSC::B3::Air::Inst::extraEarlyClobberedRegs):
+ * b3/air/AirIteratedRegisterCoalescing.cpp:
+ (JSC::B3::Air::iteratedRegisterCoalescing):
+ * b3/air/AirPadInterference.cpp: Added.
+ (JSC::B3::Air::padInterference):
+ * b3/air/AirPadInterference.h: Added.
+ * b3/air/AirSpecial.h:
+ * b3/air/AirSpillEverything.cpp:
+ (JSC::B3::Air::spillEverything):
+ * jit/RegisterSet.h:
+ (JSC::RegisterSet::isEmpty):
+
</ins><span class="cx"> 2016-10-17 JF Bastien <jfbastien@apple.com>
</span><span class="cx">
</span><span class="cx"> WebAssembly JS API: implement basic stub
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreJavaScriptCorexcodeprojprojectpbxproj"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj (207433 => 207434)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj 2016-10-17 21:44:43 UTC (rev 207433)
+++ trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj 2016-10-17 21:45:56 UTC (rev 207434)
</span><span class="lines">@@ -570,6 +570,8 @@
</span><span class="cx"> 0F9B1DB41C0E42A500E5BFD2 /* FTLOutput.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F9B1DB31C0E42A500E5BFD2 /* FTLOutput.cpp */; };
</span><span class="cx"> 0F9B1DB71C0E42BD00E5BFD2 /* FTLOSRExitHandle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F9B1DB51C0E42BD00E5BFD2 /* FTLOSRExitHandle.cpp */; };
</span><span class="cx"> 0F9B1DB81C0E42BD00E5BFD2 /* FTLOSRExitHandle.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F9B1DB61C0E42BD00E5BFD2 /* FTLOSRExitHandle.h */; };
</span><ins>+ 0F9CABC81DB54A780008E83B /* AirPadInterference.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F9CABC61DB54A760008E83B /* AirPadInterference.cpp */; };
+ 0F9CABC91DB54A7A0008E83B /* AirPadInterference.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F9CABC71DB54A760008E83B /* AirPadInterference.h */; };
</ins><span class="cx"> 0F9D3370165DBB90005AD387 /* Disassembler.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F9D336E165DBB8D005AD387 /* Disassembler.cpp */; };
</span><span class="cx"> 0F9D339617FFC4E60073C2BC /* DFGFlushedAt.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F9D339417FFC4E60073C2BC /* DFGFlushedAt.cpp */; };
</span><span class="cx"> 0F9D339717FFC4E60073C2BC /* DFGFlushedAt.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F9D339517FFC4E60073C2BC /* DFGFlushedAt.h */; };
</span><span class="lines">@@ -2840,6 +2842,8 @@
</span><span class="cx"> 0F9B1DB31C0E42A500E5BFD2 /* FTLOutput.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = FTLOutput.cpp; path = ftl/FTLOutput.cpp; sourceTree = "<group>"; };
</span><span class="cx"> 0F9B1DB51C0E42BD00E5BFD2 /* FTLOSRExitHandle.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = FTLOSRExitHandle.cpp; path = ftl/FTLOSRExitHandle.cpp; sourceTree = "<group>"; };
</span><span class="cx"> 0F9B1DB61C0E42BD00E5BFD2 /* FTLOSRExitHandle.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = FTLOSRExitHandle.h; path = ftl/FTLOSRExitHandle.h; sourceTree = "<group>"; };
</span><ins>+ 0F9CABC61DB54A760008E83B /* AirPadInterference.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = AirPadInterference.cpp; path = b3/air/AirPadInterference.cpp; sourceTree = "<group>"; };
+ 0F9CABC71DB54A760008E83B /* AirPadInterference.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AirPadInterference.h; path = b3/air/AirPadInterference.h; sourceTree = "<group>"; };
</ins><span class="cx"> 0F9D336E165DBB8D005AD387 /* Disassembler.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = Disassembler.cpp; path = disassembler/Disassembler.cpp; sourceTree = "<group>"; };
</span><span class="cx"> 0F9D339417FFC4E60073C2BC /* DFGFlushedAt.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = DFGFlushedAt.cpp; path = dfg/DFGFlushedAt.cpp; sourceTree = "<group>"; };
</span><span class="cx"> 0F9D339517FFC4E60073C2BC /* DFGFlushedAt.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = DFGFlushedAt.h; path = dfg/DFGFlushedAt.h; sourceTree = "<group>"; };
</span><span class="lines">@@ -5081,6 +5085,8 @@
</span><span class="cx"> 264091FA1BE2FD4100684DB2 /* AirOpcode.opcodes */,
</span><span class="cx"> 0FB3878C1BFBC44D00E3AB1E /* AirOptimizeBlockOrder.cpp */,
</span><span class="cx"> 0FB3878D1BFBC44D00E3AB1E /* AirOptimizeBlockOrder.h */,
</span><ins>+ 0F9CABC61DB54A760008E83B /* AirPadInterference.cpp */,
+ 0F9CABC71DB54A760008E83B /* AirPadInterference.h */,
</ins><span class="cx"> 0FEC855E1BDACDC70080FF74 /* AirPhaseScope.cpp */,
</span><span class="cx"> 0FEC855F1BDACDC70080FF74 /* AirPhaseScope.h */,
</span><span class="cx"> 0F45703A1BE45F0A0062A629 /* AirReportUsedRegisters.cpp */,
</span><span class="lines">@@ -7629,6 +7635,7 @@
</span><span class="cx"> 0FF2CD5C1B61A4F8004955A8 /* DFGMultiGetByOffsetData.h in Headers */,
</span><span class="cx"> A737810E1799EA2E00817533 /* DFGNaturalLoops.h in Headers */,
</span><span class="cx"> 86ECA3EA132DEF1C002B2AD7 /* DFGNode.h in Headers */,
</span><ins>+ 0F9CABC91DB54A7A0008E83B /* AirPadInterference.h in Headers */,
</ins><span class="cx"> 0FFB921B16D02F010055A5DB /* DFGNodeAllocator.h in Headers */,
</span><span class="cx"> 0FA581BB150E953000B9A2D9 /* DFGNodeFlags.h in Headers */,
</span><span class="cx"> 0F300B7818AB051100A6D72E /* DFGNodeOrigin.h in Headers */,
</span><span class="lines">@@ -9546,6 +9553,7 @@
</span><span class="cx"> A74DEF95182D991400522C22 /* JSMapIterator.cpp in Sources */,
</span><span class="cx"> E3D239C81B829C1C00BBEF67 /* JSModuleEnvironment.cpp in Sources */,
</span><span class="cx"> E318CBC01B8AEF5100A2929D /* JSModuleNamespaceObject.cpp in Sources */,
</span><ins>+ 0F9CABC81DB54A780008E83B /* AirPadInterference.cpp in Sources */,
</ins><span class="cx"> E39DA4A61B7E8B7C0084F33A /* JSModuleRecord.cpp in Sources */,
</span><span class="cx"> 0FB387921BFD31A100E3AB1E /* FTLCompile.cpp in Sources */,
</span><span class="cx"> E33E8D1C1B9013C300346B52 /* JSNativeStdFunction.cpp in Sources */,
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreb3B3StackmapSpecialcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/b3/B3StackmapSpecial.cpp (207433 => 207434)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/b3/B3StackmapSpecial.cpp 2016-10-17 21:44:43 UTC (rev 207433)
+++ trunk/Source/JavaScriptCore/b3/B3StackmapSpecial.cpp 2016-10-17 21:45:56 UTC (rev 207434)
</span><span class="lines">@@ -55,7 +55,7 @@
</span><span class="cx"> value->m_usedRegisters.merge(usedRegisters);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-const RegisterSet& StackmapSpecial::extraClobberedRegs(Inst& inst)
</del><ins>+RegisterSet StackmapSpecial::extraClobberedRegs(Inst& inst)
</ins><span class="cx"> {
</span><span class="cx"> StackmapValue* value = inst.origin->as<StackmapValue>();
</span><span class="cx"> ASSERT(value);
</span><span class="lines">@@ -63,7 +63,7 @@
</span><span class="cx"> return value->lateClobbered();
</span><span class="cx"> }
</span><span class="cx">
</span><del>-const RegisterSet& StackmapSpecial::extraEarlyClobberedRegs(Inst& inst)
</del><ins>+RegisterSet StackmapSpecial::extraEarlyClobberedRegs(Inst& inst)
</ins><span class="cx"> {
</span><span class="cx"> StackmapValue* value = inst.origin->as<StackmapValue>();
</span><span class="cx"> ASSERT(value);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreb3B3StackmapSpecialh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/b3/B3StackmapSpecial.h (207433 => 207434)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/b3/B3StackmapSpecial.h 2016-10-17 21:44:43 UTC (rev 207433)
+++ trunk/Source/JavaScriptCore/b3/B3StackmapSpecial.h 2016-10-17 21:45:56 UTC (rev 207434)
</span><span class="lines">@@ -52,8 +52,8 @@
</span><span class="cx">
</span><span class="cx"> protected:
</span><span class="cx"> void reportUsedRegisters(Air::Inst&, const RegisterSet&) override;
</span><del>- const RegisterSet& extraEarlyClobberedRegs(Air::Inst&) override;
- const RegisterSet& extraClobberedRegs(Air::Inst&) override;
</del><ins>+ RegisterSet extraEarlyClobberedRegs(Air::Inst&) override;
+ RegisterSet extraClobberedRegs(Air::Inst&) override;
</ins><span class="cx">
</span><span class="cx"> // Note that this does not override generate() or dumpImpl()/deepDumpImpl(). We have many some
</span><span class="cx"> // subclasses that implement that.
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreb3airAirCCallSpecialcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/b3/air/AirCCallSpecial.cpp (207433 => 207434)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/b3/air/AirCCallSpecial.cpp 2016-10-17 21:44:43 UTC (rev 207433)
+++ trunk/Source/JavaScriptCore/b3/air/AirCCallSpecial.cpp 2016-10-17 21:45:56 UTC (rev 207434)
</span><span class="lines">@@ -142,12 +142,12 @@
</span><span class="cx"> return CCallHelpers::Jump();
</span><span class="cx"> }
</span><span class="cx">
</span><del>-const RegisterSet& CCallSpecial::extraEarlyClobberedRegs(Inst&)
</del><ins>+RegisterSet CCallSpecial::extraEarlyClobberedRegs(Inst&)
</ins><span class="cx"> {
</span><span class="cx"> return m_emptyRegs;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-const RegisterSet& CCallSpecial::extraClobberedRegs(Inst&)
</del><ins>+RegisterSet CCallSpecial::extraClobberedRegs(Inst&)
</ins><span class="cx"> {
</span><span class="cx"> return m_clobberedRegs;
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreb3airAirCCallSpecialh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/b3/air/AirCCallSpecial.h (207433 => 207434)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/b3/air/AirCCallSpecial.h 2016-10-17 21:44:43 UTC (rev 207433)
+++ trunk/Source/JavaScriptCore/b3/air/AirCCallSpecial.h 2016-10-17 21:45:56 UTC (rev 207434)
</span><span class="lines">@@ -57,8 +57,8 @@
</span><span class="cx"> bool admitsStack(Inst&, unsigned argIndex) override;
</span><span class="cx"> void reportUsedRegisters(Inst&, const RegisterSet&) override;
</span><span class="cx"> CCallHelpers::Jump generate(Inst&, CCallHelpers&, GenerationContext&) override;
</span><del>- const RegisterSet& extraEarlyClobberedRegs(Inst&) override;
- const RegisterSet& extraClobberedRegs(Inst&) override;
</del><ins>+ RegisterSet extraEarlyClobberedRegs(Inst&) override;
+ RegisterSet extraClobberedRegs(Inst&) override;
</ins><span class="cx">
</span><span class="cx"> void dumpImpl(PrintStream&) const override;
</span><span class="cx"> void deepDumpImpl(PrintStream&) const override;
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreb3airAirInsth"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/b3/air/AirInst.h (207433 => 207434)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/b3/air/AirInst.h 2016-10-17 21:44:43 UTC (rev 207433)
+++ trunk/Source/JavaScriptCore/b3/air/AirInst.h 2016-10-17 21:45:56 UTC (rev 207434)
</span><span class="lines">@@ -128,8 +128,8 @@
</span><span class="cx">
</span><span class="cx"> // Reports any additional registers clobbered by this operation. Note that for efficiency,
</span><span class="cx"> // extraClobberedRegs() only works for the Patch opcode.
</span><del>- const RegisterSet& extraClobberedRegs();
- const RegisterSet& extraEarlyClobberedRegs();
</del><ins>+ RegisterSet extraClobberedRegs();
+ RegisterSet extraEarlyClobberedRegs();
</ins><span class="cx">
</span><span class="cx"> // Iterate over all Def's that happen at the end of an instruction. You supply a pair
</span><span class="cx"> // instructions. The instructions must appear next to each other, in that order, in some basic
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreb3airAirInstInlinesh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/b3/air/AirInstInlines.h (207433 => 207434)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/b3/air/AirInstInlines.h 2016-10-17 21:44:43 UTC (rev 207433)
+++ trunk/Source/JavaScriptCore/b3/air/AirInstInlines.h 2016-10-17 21:45:56 UTC (rev 207434)
</span><span class="lines">@@ -44,13 +44,13 @@
</span><span class="cx"> });
</span><span class="cx"> }
</span><span class="cx">
</span><del>-inline const RegisterSet& Inst::extraClobberedRegs()
</del><ins>+inline RegisterSet Inst::extraClobberedRegs()
</ins><span class="cx"> {
</span><span class="cx"> ASSERT(kind.opcode == Patch);
</span><span class="cx"> return args[0].special()->extraClobberedRegs(*this);
</span><span class="cx"> }
</span><span class="cx">
</span><del>-inline const RegisterSet& Inst::extraEarlyClobberedRegs()
</del><ins>+inline RegisterSet Inst::extraEarlyClobberedRegs()
</ins><span class="cx"> {
</span><span class="cx"> ASSERT(kind.opcode == Patch);
</span><span class="cx"> return args[0].special()->extraEarlyClobberedRegs(*this);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreb3airAirIteratedRegisterCoalescingcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/b3/air/AirIteratedRegisterCoalescing.cpp (207433 => 207434)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/b3/air/AirIteratedRegisterCoalescing.cpp 2016-10-17 21:44:43 UTC (rev 207433)
+++ trunk/Source/JavaScriptCore/b3/air/AirIteratedRegisterCoalescing.cpp 2016-10-17 21:45:56 UTC (rev 207434)
</span><span class="lines">@@ -32,6 +32,7 @@
</span><span class="cx"> #include "AirInsertionSet.h"
</span><span class="cx"> #include "AirInstInlines.h"
</span><span class="cx"> #include "AirLiveness.h"
</span><ins>+#include "AirPadInterference.h"
</ins><span class="cx"> #include "AirPhaseScope.h"
</span><span class="cx"> #include "AirTmpInlines.h"
</span><span class="cx"> #include "AirTmpWidth.h"
</span><span class="lines">@@ -844,9 +845,10 @@
</span><span class="cx">
</span><span class="cx"> Reg reg = m_coloredTmp[AbsoluteTmpMapper<type>::absoluteIndex(tmp)];
</span><span class="cx"> if (!reg) {
</span><del>- // We only care about Tmps that interfere. A Tmp that never interfere with anything
- // can take any register.
- reg = m_code.regsInPriorityOrder(type).first();
</del><ins>+ dataLog("FATAL: No color for ", tmp, "\n");
+ dataLog("Code:\n");
+ dataLog(m_code);
+ RELEASE_ASSERT_NOT_REACHED();
</ins><span class="cx"> }
</span><span class="cx"> return reg;
</span><span class="cx"> }
</span><span class="lines">@@ -928,6 +930,8 @@
</span><span class="cx">
</span><span class="cx"> void build(Inst* prevInst, Inst* nextInst, const typename TmpLiveness<type>::LocalCalc& localCalc)
</span><span class="cx"> {
</span><ins>+ if (traceDebug)
+ dataLog("Building between ", pointerDump(prevInst), " and ", pointerDump(nextInst), ":\n");
</ins><span class="cx"> Inst::forEachDefWithExtraClobberedRegs<Tmp>(
</span><span class="cx"> prevInst, nextInst,
</span><span class="cx"> [&] (const Tmp& arg, Arg::Role, Arg::Type argType, Arg::Width) {
</span><span class="lines">@@ -943,6 +947,8 @@
</span><span class="cx"> if (argType != type)
</span><span class="cx"> return;
</span><span class="cx">
</span><ins>+ if (traceDebug)
+ dataLog(" Adding def-def edge: ", arg, ", ", otherArg, "\n");
</ins><span class="cx"> this->addEdge(arg, otherArg);
</span><span class="cx"> });
</span><span class="cx"> });
</span><span class="lines">@@ -979,8 +985,11 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> for (const Tmp& liveTmp : localCalc.live()) {
</span><del>- if (liveTmp != useTmp)
</del><ins>+ if (liveTmp != useTmp) {
+ if (traceDebug)
+ dataLog(" Adding def-live for coalescable: ", defTmp, ", ", liveTmp, "\n");
</ins><span class="cx"> addEdge(defTmp, liveTmp);
</span><ins>+ }
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> // The next instruction could have early clobbers or early def's. We need to consider
</span><span class="lines">@@ -1026,6 +1035,10 @@
</span><span class="cx">
</span><span class="cx"> for (const Tmp& liveTmp : liveTmps) {
</span><span class="cx"> ASSERT(liveTmp.isGP() == (type == Arg::GP));
</span><ins>+
+ if (traceDebug)
+ dataLog(" Adding def-live edge: ", arg, ", ", liveTmp, "\n");
+
</ins><span class="cx"> addEdge(arg, liveTmp);
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -1256,6 +1269,8 @@
</span><span class="cx">
</span><span class="cx"> void run()
</span><span class="cx"> {
</span><ins>+ padInterference(m_code);
+
</ins><span class="cx"> iteratedRegisterCoalescingOnType<Arg::GP>();
</span><span class="cx"> iteratedRegisterCoalescingOnType<Arg::FP>();
</span><span class="cx">
</span><span class="lines">@@ -1569,7 +1584,7 @@
</span><span class="cx"> void iteratedRegisterCoalescing(Code& code)
</span><span class="cx"> {
</span><span class="cx"> PhaseScope phaseScope(code, "iteratedRegisterCoalescing");
</span><del>-
</del><ins>+
</ins><span class="cx"> IteratedRegisterCoalescing iteratedRegisterCoalescing(code);
</span><span class="cx"> iteratedRegisterCoalescing.run();
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreb3airAirPadInterferencecpp"></a>
<div class="addfile"><h4>Added: trunk/Source/JavaScriptCore/b3/air/AirPadInterference.cpp (0 => 207434)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/b3/air/AirPadInterference.cpp (rev 0)
+++ trunk/Source/JavaScriptCore/b3/air/AirPadInterference.cpp 2016-10-17 21:45:56 UTC (rev 207434)
</span><span class="lines">@@ -0,0 +1,88 @@
</span><ins>+/*
+ * Copyright (C) 2016 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "AirPadInterference.h"
+
+#if ENABLE(B3_JIT)
+
+#include "AirCode.h"
+#include "AirInsertionSet.h"
+#include "AirInstInlines.h"
+
+namespace JSC { namespace B3 { namespace Air {
+
+void padInterference(Code& code)
+{
+ InsertionSet insertionSet(code);
+ for (BasicBlock* block : code) {
+ bool prevHadLate = false;
+ for (unsigned instIndex = 0; instIndex < block->size(); ++instIndex) {
+ Inst& inst = block->at(instIndex);
+
+ bool hasEarlyDef = false;
+ bool hasLate = false;
+ inst.forEachArg(
+ [&] (Arg&, Arg::Role role, Arg::Type, Arg::Width) {
+ switch (role) {
+ case Arg::EarlyDef:
+ hasEarlyDef = true;
+ break;
+ case Arg::LateUse:
+ case Arg::Def:
+ case Arg::ZDef:
+ case Arg::LateColdUse:
+ case Arg::UseDef:
+ case Arg::UseZDef:
+ hasLate = true;
+ break;
+ case Arg::Scratch:
+ hasEarlyDef = true;
+ hasLate = true;
+ break;
+ case Arg::Use:
+ case Arg::ColdUse:
+ case Arg::UseAddr:
+ break;
+ }
+ });
+ if (inst.kind.opcode == Patch) {
+ hasEarlyDef |= !inst.extraEarlyClobberedRegs().isEmpty();
+ hasLate |= !inst.extraClobberedRegs().isEmpty();
+ }
+
+ if (hasEarlyDef && prevHadLate)
+ insertionSet.insert(instIndex, Nop, inst.origin);
+
+ prevHadLate = hasLate;
+ }
+ insertionSet.execute(block);
+ }
+}
+
+} } } // namespace JSC::B3::Air
+
+#endif // ENABLE(B3_JIT)
+
</ins></span></pre></div>
<a id="trunkSourceJavaScriptCoreb3airAirPadInterferenceh"></a>
<div class="addfile"><h4>Added: trunk/Source/JavaScriptCore/b3/air/AirPadInterference.h (0 => 207434)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/b3/air/AirPadInterference.h (rev 0)
+++ trunk/Source/JavaScriptCore/b3/air/AirPadInterference.h 2016-10-17 21:45:56 UTC (rev 207434)
</span><span class="lines">@@ -0,0 +1,48 @@
</span><ins>+/*
+ * Copyright (C) 2016 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#if ENABLE(B3_JIT)
+
+namespace JSC { namespace B3 { namespace Air {
+
+class Code;
+
+// This isn't a phase - it's meant to be a utility that other phases use. Air reasons about liveness by
+// reasoning about interference at boundaries between instructions. This can go wrong - for example, a
+// late use in one instruction doesn't actually interfere with an early def of the next instruction, but
+// Air thinks that it does. This is convenient because it works great in the most common case: early uses
+// and late defs. In practice, only the register allocators need to use this, since only they need to be
+// able to color the interference graph using a bounded number of colors.
+//
+// See https://bugs.webkit.org/show_bug.cgi?id=163548#c2 for more info.
+
+void padInterference(Code&);
+
+} } } // namespace JSC::B3::Air
+
+#endif // ENABLE(B3_JIT)
+
</ins></span></pre></div>
<a id="trunkSourceJavaScriptCoreb3airAirSpecialh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/b3/air/AirSpecial.h (207433 => 207434)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/b3/air/AirSpecial.h 2016-10-17 21:44:43 UTC (rev 207433)
+++ trunk/Source/JavaScriptCore/b3/air/AirSpecial.h 2016-10-17 21:45:56 UTC (rev 207434)
</span><span class="lines">@@ -84,8 +84,8 @@
</span><span class="cx">
</span><span class="cx"> virtual CCallHelpers::Jump generate(Inst&, CCallHelpers&, GenerationContext&) = 0;
</span><span class="cx">
</span><del>- virtual const RegisterSet& extraEarlyClobberedRegs(Inst&) = 0;
- virtual const RegisterSet& extraClobberedRegs(Inst&) = 0;
</del><ins>+ virtual RegisterSet extraEarlyClobberedRegs(Inst&) = 0;
+ virtual RegisterSet extraClobberedRegs(Inst&) = 0;
</ins><span class="cx">
</span><span class="cx"> // By default, this returns false.
</span><span class="cx"> virtual bool isTerminal(Inst&);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreb3airAirSpillEverythingcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/b3/air/AirSpillEverything.cpp (207433 => 207434)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/b3/air/AirSpillEverything.cpp 2016-10-17 21:44:43 UTC (rev 207433)
+++ trunk/Source/JavaScriptCore/b3/air/AirSpillEverything.cpp 2016-10-17 21:45:56 UTC (rev 207434)
</span><span class="lines">@@ -33,6 +33,7 @@
</span><span class="cx"> #include "AirInsertionSet.h"
</span><span class="cx"> #include "AirInstInlines.h"
</span><span class="cx"> #include "AirLiveness.h"
</span><ins>+#include "AirPadInterference.h"
</ins><span class="cx"> #include "AirPhaseScope.h"
</span><span class="cx"> #include <wtf/IndexMap.h>
</span><span class="cx">
</span><span class="lines">@@ -41,6 +42,8 @@
</span><span class="cx"> void spillEverything(Code& code)
</span><span class="cx"> {
</span><span class="cx"> PhaseScope phaseScope(code, "spillEverything");
</span><ins>+
+ padInterference(code);
</ins><span class="cx">
</span><span class="cx"> // We want to know the set of registers used at every point in every basic block.
</span><span class="cx"> IndexMap<BasicBlock, Vector<RegisterSet>> usedRegisters(code.size());
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitRegisterSeth"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/RegisterSet.h (207433 => 207434)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/RegisterSet.h 2016-10-17 21:44:43 UTC (rev 207433)
+++ trunk/Source/JavaScriptCore/jit/RegisterSet.h 2016-10-17 21:45:56 UTC (rev 207434)
</span><span class="lines">@@ -107,6 +107,8 @@
</span><span class="cx"> size_t numberOfSetFPRs() const;
</span><span class="cx"> size_t numberOfSetRegisters() const { return m_bits.count(); }
</span><span class="cx">
</span><ins>+ bool isEmpty() const { return m_bits.isEmpty(); }
+
</ins><span class="cx"> JS_EXPORT_PRIVATE void dump(PrintStream&) const;
</span><span class="cx">
</span><span class="cx"> enum EmptyValueTag { EmptyValue };
</span></span></pre>
</div>
</div>
</body>
</html>