Ignore:
Timestamp:
Oct 9, 2013, 9:24:57 PM (12 years ago)
Author:
[email protected]
Message:

FTL should be able to do simple OSR exits using llvm.webkit.stackmap
https://bugs.webkit.org/show_bug.cgi?id=122538

Reviewed by Oliver Hunt.

This gives the FTL the ability to OSR exit using the llvm.webkit.stackmap intrinsic.

  • The FTL compiles all OSR exit calls as calls to llvm.webkit.stackmap with a unique ID, passing a requested size that is big enough for own jump replacement.


  • After LLVM compilation, we parse the new LLVM stackmap section.


  • For all llvm.webkit.stackmaps that we used for OSR exits, we do a jumpReplacement, which targets exit thunks that we generate.


  • If an exit thunk fires, it causes JSC to compile an exit off-ramp that uses a combination of the JSC-internal OSR exit accounting (FTL::ExitValue and friends) and LLVM stackmap's accounting of where data actually ended up (register, indirect, constant) to reconstruct bytecode state.


This still has shortcomings; for example it cannot handle XMM or YMM registers. Handling
YMM registers will require adding some basic YMM support to our assemblers - really we
just need the ability to move a YMM's value into a GPR.

This patch preserves all of the old, intrinsic-less, FTL OSR exit support. Hence it
manages to pass all existing FTL tests even despite its incompleteness. I think that's
the right way to go since this is already a big patch, and anyway it would be great to
keep the intrinsic-less FTL OSR exit support so long as the LLVM side of this hasn't
landed.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • assembler/AbstractMacroAssembler.h:

(JSC::AbstractMacroAssembler::firstRegister):
(JSC::AbstractMacroAssembler::lastRegister):

  • assembler/MacroAssembler.h:

(JSC::MacroAssembler::isStackRelated):
(JSC::MacroAssembler::firstRealRegister):
(JSC::MacroAssembler::nextRegister):
(JSC::MacroAssembler::secondRealRegister):

  • assembler/MacroAssemblerX86Common.h:
  • assembler/X86Assembler.h:

(JSC::X86Assembler::firstRegister):
(JSC::X86Assembler::lastRegister):

  • dfg/DFGPlan.cpp:

(JSC::DFG::Plan::compileInThreadImpl):

  • ftl/FTLCArgumentGetter.cpp:

(JSC::FTL::CArgumentGetter::loadNextAndBox):

  • ftl/FTLCArgumentGetter.h:

(JSC::FTL::CArgumentGetter::loadNextDoubleIntoGPR):

  • ftl/FTLCompile.cpp:

(JSC::FTL::mmAllocateCodeSection):
(JSC::FTL::mmAllocateDataSection):
(JSC::FTL::dumpDataSection):
(JSC::FTL::fixFunctionBasedOnStackMaps):
(JSC::FTL::compile):

  • ftl/FTLExitThunkGenerator.cpp:

(JSC::FTL::ExitThunkGenerator::emitThunk):
(JSC::FTL::ExitThunkGenerator::emitThunks):

  • ftl/FTLExitThunkGenerator.h:
  • ftl/FTLExitValue.h:

(JSC::FTL::ExitValue::isInJSStackSomehow):
(JSC::FTL::ExitValue::valueFormat):

  • ftl/FTLFail.cpp:

(JSC::FTL::fail):

  • ftl/FTLIntrinsicRepository.h:
  • ftl/FTLJITCode.h:
  • ftl/FTLLowerDFGToLLVM.cpp:

(JSC::FTL::generateExitThunks):
(JSC::FTL::LowerDFGToLLVM::LowerDFGToLLVM):
(JSC::FTL::LowerDFGToLLVM::appendOSRExit):
(JSC::FTL::LowerDFGToLLVM::emitOSRExitCall):
(JSC::FTL::LowerDFGToLLVM::linkOSRExitsAndCompleteInitializationBlocks):

  • ftl/FTLOSRExit.h:
  • ftl/FTLOSRExitCompilationInfo.h:

(JSC::FTL::OSRExitCompilationInfo::OSRExitCompilationInfo):

  • ftl/FTLOSRExitCompiler.cpp:

(JSC::FTL::compileStubWithOSRExitStackmap):
(JSC::FTL::compileStubWithoutOSRExitStackmap):
(JSC::FTL::compileFTLOSRExit):

  • ftl/FTLSaveRestore.cpp: Added.

(JSC::FTL::bytesForGPRs):
(JSC::FTL::requiredScratchMemorySizeInBytes):
(JSC::FTL::offsetOfGPR):
(JSC::FTL::saveAllRegisters):
(JSC::FTL::restoreAllRegisters):

  • ftl/FTLSaveRestore.h: Added.
  • ftl/FTLStackMaps.cpp: Added.

(JSC::FTL::readObject):
(JSC::FTL::StackMaps::Constant::parse):
(JSC::FTL::StackMaps::Constant::dump):
(JSC::FTL::StackMaps::Location::parse):
(JSC::FTL::StackMaps::Location::dump):
(JSC::FTL::StackMaps::Location::involvesGPR):
(JSC::FTL::StackMaps::Location::isGPR):
(JSC::FTL::StackMaps::Location::gpr):
(JSC::FTL::StackMaps::Location::restoreInto):
(JSC::FTL::StackMaps::Record::parse):
(JSC::FTL::StackMaps::Record::dump):
(JSC::FTL::StackMaps::parse):
(JSC::FTL::StackMaps::dump):
(JSC::FTL::StackMaps::dumpMultiline):
(JSC::FTL::StackMaps::getRecordMap):
(WTF::printInternal):

  • ftl/FTLStackMaps.h: Added.
  • ftl/FTLState.h:
  • ftl/FTLThunks.cpp:

(JSC::FTL::osrExitGenerationThunkGenerator):

  • ftl/FTLValueFormat.cpp:

(JSC::FTL::reboxAccordingToFormat):

  • ftl/FTLValueFormat.h:
  • runtime/DataView.cpp:

(JSC::DataView::create):

  • runtime/DataView.h:

(JSC::DataView::read):

  • runtime/Options.h:
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/ftl/FTLCArgumentGetter.cpp

    r156047 r157209  
    5353   
    5454    switch (format) {
    55     case ValueFormatInt32: {
     55    case ValueFormatInt32:
     56    case ValueFormatUInt32:
    5657        loadNext32(destination);
    57         m_jit.or64(GPRInfo::tagTypeNumberRegister, destination);
    5858        break;
    59     }
    60            
    61     case ValueFormatUInt32: {
    62         loadNext32(destination);
    63         m_jit.moveDoubleTo64(FPRInfo::fpRegT0, scratch2);
    64         m_jit.boxInt52(destination, destination, scratch1, FPRInfo::fpRegT0);
    65         m_jit.move64ToDouble(scratch2, FPRInfo::fpRegT0);
    66         break;
    67     }
    6859       
    69     case ValueFormatInt52: {
    70         loadNext64(destination);
    71         m_jit.rshift64(AssemblyHelpers::TrustedImm32(JSValue::int52ShiftAmount), destination);
    72         m_jit.moveDoubleTo64(FPRInfo::fpRegT0, scratch2);
    73         m_jit.boxInt52(destination, destination, scratch1, FPRInfo::fpRegT0);
    74         m_jit.move64ToDouble(scratch2, FPRInfo::fpRegT0);
    75         break;
    76     }
    77            
    78     case ValueFormatStrictInt52: {
    79         loadNext64(destination);
    80         m_jit.moveDoubleTo64(FPRInfo::fpRegT0, scratch2);
    81         m_jit.boxInt52(destination, destination, scratch1, FPRInfo::fpRegT0);
    82         m_jit.move64ToDouble(scratch2, FPRInfo::fpRegT0);
    83         break;
    84     }
    85            
    86     case ValueFormatBoolean: {
    87         loadNext8(destination);
    88         m_jit.or32(MacroAssembler::TrustedImm32(ValueFalse), destination);
    89         break;
    90     }
    91            
    92     case ValueFormatJSValue: {
     60    case ValueFormatInt52:
     61    case ValueFormatStrictInt52:
     62    case ValueFormatJSValue:
    9363        loadNext64(destination);
    9464        break;
    95     }
    9665           
    97     case ValueFormatDouble: {
    98         m_jit.moveDoubleTo64(FPRInfo::fpRegT0, scratch1);
    99         loadNextDouble(FPRInfo::fpRegT0);
    100         m_jit.boxDouble(FPRInfo::fpRegT0, destination);
    101         m_jit.move64ToDouble(scratch1, FPRInfo::fpRegT0);
     66    case ValueFormatBoolean:
     67        loadNext8(destination);
    10268        break;
    103     }
     69           
     70    case ValueFormatDouble:
     71        loadNextDoubleIntoGPR(destination);
     72        break;
    10473           
    10574    default:
     
    10776        break;
    10877    }
     78   
     79    reboxAccordingToFormat(format, m_jit, destination, scratch1, scratch2);
    10980}
    11081
Note: See TracChangeset for help on using the changeset viewer.