Context Navigation

← Previous Change
Next Change →

DFGGraph.h

Timestamp:

Feb 11, 2014, 9:42:32 PM (12 years ago)

Author:

Message:

Inserting a node with a codeOrigin "like" another node should copy both the codeOrigin and codeOriginForExitTarget
https://bugs.webkit.org/show_bug.cgi?id=128635

Reviewed by Michael Saboff.

Originally nodes just had a codeOrigin. But then we started doing code motion, and we
needed to separate the codeOrigin that designated where to exit from the codeOrigin
that designated everything else. The "everything else" is actually pretty important:
it includes profiling, exception handling, and the actual semantics of the node. For
example some nodes use the origin's global object in some way.

This all sort of worked except for one quirk: the facilities for creating nodes all
assumed that there really was only one origin. LICM would work around this by setting
the codeOriginForExitTarget manually. But, that means that:

If we did hoist a node twice, then the second time around, we would forget the node's original exit target.

If we did an insertNode() to insert a node before a hoisted node, the inserted node would have the wrong exit target.

Most of the time, if we copy the code origin, we actually want to copy both origins.
So, this patch introduces the notion of a NodeOrigin which has two CodeOrigins: a
forExit code origin that says where to exit, and a semantic code origin for everything
else.

This also (annoyingly?) means that we are always more explicit about which code origin
we refer to. That means that a lot of "node->codeOrigin" expressions had to change to
"node->origin.semantic". This was partly a ploy on my part to ensure that this
refactoring was complete: to get the code to compile I really had to audit all uses of
CodeOrigin. If, in the future, we find that "node->origin.semantic" is too cumbersome
then we can reintroduce the Node::codeOrigin field. For now I kinda like it though.

GNUmakefile.list.am:
JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
JavaScriptCore.xcodeproj/project.pbxproj:
dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::booleanResult):
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

dfg/DFGArgumentsSimplificationPhase.cpp:

(JSC::DFG::ArgumentsSimplificationPhase::run):
(JSC::DFG::ArgumentsSimplificationPhase::observeBadArgumentsUse):
(JSC::DFG::ArgumentsSimplificationPhase::observeProperArgumentsUse):
(JSC::DFG::ArgumentsSimplificationPhase::isOKToOptimize):

dfg/DFGArrayMode.cpp:

(JSC::DFG::ArrayMode::originalArrayStructure):
(JSC::DFG::ArrayMode::alreadyChecked):

dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::addToGraph):

dfg/DFGCFGSimplificationPhase.cpp:

(JSC::DFG::CFGSimplificationPhase::run):
(JSC::DFG::CFGSimplificationPhase::convertToJump):
(JSC::DFG::CFGSimplificationPhase::keepOperandAlive):
(JSC::DFG::CFGSimplificationPhase::jettisonBlock):
(JSC::DFG::CFGSimplificationPhase::mergeBlocks):

dfg/DFGCPSRethreadingPhase.cpp:

(JSC::DFG::CPSRethreadingPhase::addPhiSilently):
(JSC::DFG::CPSRethreadingPhase::addPhi):
(JSC::DFG::CPSRethreadingPhase::canonicalizeGetLocalFor):
(JSC::DFG::CPSRethreadingPhase::canonicalizeFlushOrPhantomLocalFor):
(JSC::DFG::CPSRethreadingPhase::propagatePhis):

dfg/DFGCSEPhase.cpp:

(JSC::DFG::CSEPhase::setLocalStoreElimination):

dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

dfg/DFGCommonData.cpp:

(JSC::DFG::CommonData::notifyCompilingStructureTransition):

dfg/DFGConstantFoldingPhase.cpp:

(JSC::DFG::ConstantFoldingPhase::foldConstants):
(JSC::DFG::ConstantFoldingPhase::addStructureTransitionCheck):

dfg/DFGCriticalEdgeBreakingPhase.cpp:

(JSC::DFG::CriticalEdgeBreakingPhase::breakCriticalEdge):

dfg/DFGDCEPhase.cpp:

(JSC::DFG::DCEPhase::fixupBlock):

dfg/DFGDisassembler.cpp:

(JSC::DFG::Disassembler::createDumpList):

dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):
(JSC::DFG::FixupPhase::createToString):
(JSC::DFG::FixupPhase::attemptToForceStringArrayModeByToStringConversion):
(JSC::DFG::FixupPhase::convertStringAddUse):
(JSC::DFG::FixupPhase::fixupToPrimitive):
(JSC::DFG::FixupPhase::fixupToString):
(JSC::DFG::FixupPhase::attemptToMakeFastStringAdd):
(JSC::DFG::FixupPhase::checkArray):
(JSC::DFG::FixupPhase::blessArrayOperation):
(JSC::DFG::FixupPhase::fixEdge):
(JSC::DFG::FixupPhase::insertStoreBarrier):
(JSC::DFG::FixupPhase::fixIntEdge):
(JSC::DFG::FixupPhase::injectInt32ToDoubleNode):
(JSC::DFG::FixupPhase::truncateConstantToInt32):
(JSC::DFG::FixupPhase::attemptToMakeGetArrayLength):
(JSC::DFG::FixupPhase::attemptToMakeGetTypedArrayByteLength):
(JSC::DFG::FixupPhase::convertToGetArrayLength):
(JSC::DFG::FixupPhase::prependGetArrayLength):
(JSC::DFG::FixupPhase::attemptToMakeGetTypedArrayByteOffset):
(JSC::DFG::FixupPhase::addPhantomsIfNecessary):

dfg/DFGGraph.cpp:

(JSC::DFG::Graph::dumpCodeOrigin):
(JSC::DFG::Graph::amountOfNodeWhiteSpace):
(JSC::DFG::Graph::dump):
(JSC::DFG::Graph::dumpBlockHeader):

dfg/DFGGraph.h:

(JSC::DFG::Graph::hasExitSite):
(JSC::DFG::Graph::valueProfileFor):
(JSC::DFG::Graph::methodOfGettingAValueProfileFor):

dfg/DFGInvalidationPointInjectionPhase.cpp:

(JSC::DFG::InvalidationPointInjectionPhase::handle):
(JSC::DFG::InvalidationPointInjectionPhase::insertInvalidationCheck):

dfg/DFGLICMPhase.cpp:

(JSC::DFG::LICMPhase::attemptHoist):

dfg/DFGLoopPreHeaderCreationPhase.cpp:

(JSC::DFG::createPreHeader):

dfg/DFGNode.h:

(JSC::DFG::Node::Node):
(JSC::DFG::Node::isStronglyProvedConstantIn):

dfg/DFGNodeOrigin.h: Added.

(JSC::DFG::NodeOrigin::NodeOrigin):
(JSC::DFG::NodeOrigin::isSet):

dfg/DFGOSREntrypointCreationPhase.cpp:

(JSC::DFG::OSREntrypointCreationPhase::run):

dfg/DFGResurrectionForValidationPhase.cpp:

(JSC::DFG::ResurrectionForValidationPhase::run):

dfg/DFGSSAConversionPhase.cpp:

(JSC::DFG::SSAConversionPhase::run):

dfg/DFGSSALoweringPhase.cpp:

(JSC::DFG::SSALoweringPhase::handleNode):
(JSC::DFG::SSALoweringPhase::lowerBoundsCheck):

dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileIn):
(JSC::DFG::SpeculativeJIT::compileCurrentBlock):
(JSC::DFG::SpeculativeJIT::compileGetByValOnString):
(JSC::DFG::SpeculativeJIT::compileNewTypedArray):

dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::masqueradesAsUndefinedWatchpointIsStillValid):
(JSC::DFG::SpeculativeJIT::appendCallWithExceptionCheck):
(JSC::DFG::SpeculativeJIT::appendCallWithCallFrameRollbackOnException):
(JSC::DFG::SpeculativeJIT::appendCallSetResult):
(JSC::DFG::SpeculativeJIT::appendCall):
(JSC::DFG::SpeculativeJIT::speculateStringObjectForStructure):

dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNull):
(JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
(JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
(JSC::DFG::SpeculativeJIT::compile):

dfg/DFGSpeculativeJIT64.cpp:

dfg/DFGStrengthReductionPhase.cpp:

(JSC::DFG::StrengthReductionPhase::convertToIdentityOverChild):
(JSC::DFG::StrengthReductionPhase::prepareToFoldTypedArray):

dfg/DFGTierUpCheckInjectionPhase.cpp:

(JSC::DFG::TierUpCheckInjectionPhase::run):

dfg/DFGTypeCheckHoistingPhase.cpp:

(JSC::DFG::TypeCheckHoistingPhase::run):

dfg/DFGValidate.cpp:

(JSC::DFG::Validate::validateSSA):

dfg/DFGWatchpointCollectionPhase.cpp:

(JSC::DFG::WatchpointCollectionPhase::handle):
(JSC::DFG::WatchpointCollectionPhase::handleEdge):
(JSC::DFG::WatchpointCollectionPhase::handleMasqueradesAsUndefined):
(JSC::DFG::WatchpointCollectionPhase::globalObject):

ftl/FTLJSCall.cpp:

(JSC::FTL::JSCall::link):

ftl/FTLLink.cpp:

(JSC::FTL::link):

ftl/FTLLowerDFGToLLVM.cpp:

(JSC::FTL::LowerDFGToLLVM::compileNode):
(JSC::FTL::LowerDFGToLLVM::compileToThis):
(JSC::FTL::LowerDFGToLLVM::compilePutById):
(JSC::FTL::LowerDFGToLLVM::compilePutByVal):
(JSC::FTL::LowerDFGToLLVM::compileNewArray):
(JSC::FTL::LowerDFGToLLVM::compileNewArrayBuffer):
(JSC::FTL::LowerDFGToLLVM::compileNewArrayWithSize):
(JSC::FTL::LowerDFGToLLVM::compileStringCharAt):
(JSC::FTL::LowerDFGToLLVM::compileGetMyScope):
(JSC::FTL::LowerDFGToLLVM::compileCheckArgumentsNotCreated):
(JSC::FTL::LowerDFGToLLVM::getById):
(JSC::FTL::LowerDFGToLLVM::equalNullOrUndefined):
(JSC::FTL::LowerDFGToLLVM::speculateStringObjectForStructure):
(JSC::FTL::LowerDFGToLLVM::masqueradesAsUndefinedWatchpointIsStillValid):
(JSC::FTL::LowerDFGToLLVM::callPreflight):

File:

: 1 edited

trunk/Source/JavaScriptCore/dfg/DFGGraph.h (modified) (5 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/Source/JavaScriptCore/dfg/DFGGraph.h

-              r163802
+              r163946
     bool hasExitSite(Node* node, ExitKind exitKind)
+    {
         return hasExitSite(node->codeOrigin, exitKind);
+        return hasExitSite(node->origin.semantic, exitKind);
+    }
 …
             return 0;
         CodeBlock* profiledBlock = baselineCodeBlockFor(node->codeOrigin);
+        CodeBlock* profiledBlock = baselineCodeBlockFor(node->origin.semantic);
         if (node->op() == GetArgument)
 …
         if (node->hasHeapPrediction())
             return profiledBlock->valueProfileForBytecodeOffset(node->codeOrigin.bytecodeIndex);
+            return profiledBlock->valueProfileForBytecodeOffset(node->origin.semantic.bytecodeIndex);
         return 0;
 …
             return MethodOfGettingAValueProfile();
         CodeBlock* profiledBlock = baselineCodeBlockFor(node->codeOrigin);
+        CodeBlock* profiledBlock = baselineCodeBlockFor(node->origin.semantic);
         if (node->op() == GetLocal) {
 …
                 profiledBlock,
                 LazyOperandValueProfileKey(
                     node->codeOrigin.bytecodeIndex, node->local()));
+                    node->origin.semantic.bytecodeIndex, node->local()));
+        }

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 163946 in webkit for trunk/Source/JavaScriptCore/dfg/DFGGraph.h

Legend:

trunk/Source/JavaScriptCore/dfg/DFGGraph.h

Download in other formats: