Changeset 207475 in webkit for trunk/Source/JavaScriptCore/bytecode/CallLinkInfo.h

Timestamp:

Oct 18, 2016, 11:30:05 AM (9 years ago)

Author:

[email protected]

Message:

DFG and FTL should be able to use DirectCall ICs when they proved the callee or its executable
​https://bugs.webkit.org/show_bug.cgi?id=163371

Reviewed by Geoffrey Garen and Saam Barati.

JSTests:

Add microbenchmarks for all of the cases that this patch optimizes.

• microbenchmarks/direct-call-arity-mismatch.js: Added.

(foo):
(bar):

• microbenchmarks/direct-call.js: Added.

(foo):
(bar):

• microbenchmarks/direct-construct-arity-mismatch.js: Added.

(Foo):
(bar):

• microbenchmarks/direct-construct.js: Added.

(Foo):
(bar):

• microbenchmarks/direct-tail-call-arity-mismatch.js: Added.

(foo):
(bar):

• microbenchmarks/direct-tail-call-inlined-caller-arity-mismatch.js: Added.

(foo):
(bar):
(baz):

• microbenchmarks/direct-tail-call-inlined-caller.js: Added.

(foo):
(bar):
(baz):

• microbenchmarks/direct-tail-call.js: Added.

(foo):
(bar):

Source/JavaScriptCore:

This adds a new kind of call inline cache for when the DFG can prove what the callee
executable is. In those cases, we can skip some of the things that the traditional call IC
would do:

• No need to check who the callee is.
• No need to do arity checks.

This case isn't as simple as just emitting a call instruction since the callee may not be
compiled at the time that the caller is compiled. So, we need lazy resolution. Also, the
callee may be jettisoned independently of the caller, so we need to be able to revert the
call to an unlinked state. This means that we need almost all of the things that
CallLinkInfo has. CallLinkInfo already knows about different kinds of calls. This patch
teaches it about new "Direct" call types.

The direct non-tail call IC looks like this:

set up arguments

FastPath:

call _SlowPath
lea -FrameSize(%rbp), %rsp

SlowPath:

pop
call operationLinkDirectCall
check exception
jmp FastPath

The job of operationLinkDirectCall is to link the fast path's call entrypoint of the callee.
This means that in steady state, a call is just that: a call. There are no extra branches or
checks.

The direct tail call IC is a bit more complicated because the act of setting up arguments
destroys our frame, which would prevent us from being able to throw an exception if we
failed to compile the callee. So, direct tail call ICs look like this:

jmp _SlowPath

FastPath:

set up arguments
jmp 0 patch to jump to callee

SlowPath:

silent spill
call operationLinkDirectCall
silent fill
check exception
jmp FastPath

The jmp to the slow path is patched to be a fall-through jmp when we link the call.

Direct calls mean less code at call sites, fewer checks on the steady state call fast path,
and no need for arity fixup. This looks like a slight speed-up (~0.8%) on both Octane and
AsmBench.

• assembler/ARM64Assembler.h:

(JSC::ARM64Assembler::relinkJumpToNop):

• assembler/ARMv7Assembler.h:

(JSC::ARMv7Assembler::relinkJumpToNop):
(JSC::ARMv7Assembler::relinkJump): Deleted.

• assembler/AbstractMacroAssembler.h:

(JSC::AbstractMacroAssembler::repatchJumpToNop):
(JSC::AbstractMacroAssembler::repatchJump): Deleted.

• assembler/X86Assembler.h:

(JSC::X86Assembler::relinkJumpToNop):

• bytecode/CallLinkInfo.cpp:

(JSC::CallLinkInfo::CallLinkInfo):
(JSC::CallLinkInfo::callReturnLocation):
(JSC::CallLinkInfo::patchableJump):
(JSC::CallLinkInfo::hotPathBegin):
(JSC::CallLinkInfo::slowPathStart):
(JSC::CallLinkInfo::setCallee):
(JSC::CallLinkInfo::clearCallee):
(JSC::CallLinkInfo::callee):
(JSC::CallLinkInfo::setCodeBlock):
(JSC::CallLinkInfo::clearCodeBlock):
(JSC::CallLinkInfo::codeBlock):
(JSC::CallLinkInfo::setLastSeenCallee):
(JSC::CallLinkInfo::clearLastSeenCallee):
(JSC::CallLinkInfo::lastSeenCallee):
(JSC::CallLinkInfo::haveLastSeenCallee):
(JSC::CallLinkInfo::setExecutableDuringCompilation):
(JSC::CallLinkInfo::executable):
(JSC::CallLinkInfo::setMaxNumArguments):
(JSC::CallLinkInfo::visitWeak):

• bytecode/CallLinkInfo.h:

(JSC::CallLinkInfo::specializationKindFor):
(JSC::CallLinkInfo::callModeFor):
(JSC::CallLinkInfo::isDirect):
(JSC::CallLinkInfo::nearCallMode):
(JSC::CallLinkInfo::isLinked):
(JSC::CallLinkInfo::setCallLocations):
(JSC::CallLinkInfo::addressOfMaxNumArguments):
(JSC::CallLinkInfo::maxNumArguments):
(JSC::CallLinkInfo::isTailCall): Deleted.
(JSC::CallLinkInfo::setUpCallFromFTL): Deleted.
(JSC::CallLinkInfo::callReturnLocation): Deleted.
(JSC::CallLinkInfo::hotPathBegin): Deleted.
(JSC::CallLinkInfo::callee): Deleted.
(JSC::CallLinkInfo::setLastSeenCallee): Deleted.
(JSC::CallLinkInfo::clearLastSeenCallee): Deleted.
(JSC::CallLinkInfo::lastSeenCallee): Deleted.
(JSC::CallLinkInfo::haveLastSeenCallee): Deleted.

• bytecode/CallLinkStatus.cpp:

(JSC::CallLinkStatus::computeDFGStatuses):

• bytecode/PolymorphicAccess.cpp:

(JSC::AccessCase::generateImpl):

• bytecode/UnlinkedFunctionExecutable.h:
• bytecode/ValueRecovery.h:

(JSC::ValueRecovery::forEachReg):

• dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

• dfg/DFGBasicBlock.h:

(JSC::DFG::BasicBlock::findTerminal):

• dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::addCallWithoutSettingResult):
(JSC::DFG::ByteCodeParser::handleCall):

• dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

• dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

• dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

• dfg/DFGGraph.cpp:

(JSC::DFG::Graph::parameterSlotsForArgCount):

• dfg/DFGGraph.h:
• dfg/DFGInPlaceAbstractState.cpp:

(JSC::DFG::InPlaceAbstractState::mergeToSuccessors):

• dfg/DFGJITCompiler.cpp:

(JSC::DFG::JITCompiler::link):

• dfg/DFGJITCompiler.h:

(JSC::DFG::JITCompiler::addJSDirectCall):
(JSC::DFG::JITCompiler::addJSDirectTailCall):
(JSC::DFG::JITCompiler::JSCallRecord::JSCallRecord):
(JSC::DFG::JITCompiler::JSDirectCallRecord::JSDirectCallRecord):
(JSC::DFG::JITCompiler::JSDirectTailCallRecord::JSDirectTailCallRecord):
(JSC::DFG::JITCompiler::currentJSCallIndex): Deleted.

• dfg/DFGNode.cpp:

(JSC::DFG::Node::convertToDirectCall):

• dfg/DFGNode.h:

(JSC::DFG::Node::isTerminal):
(JSC::DFG::Node::hasHeapPrediction):
(JSC::DFG::Node::hasCellOperand):

• dfg/DFGNodeType.h:
• dfg/DFGPredictionPropagationPhase.cpp:
• dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

• dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::callOperation):

• dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::compile):

• dfg/DFGStrengthReductionPhase.cpp:

(JSC::DFG::StrengthReductionPhase::handleNode):

• ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

• ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstruct):
(JSC::FTL::DFG::LowerDFGToB3::compileDirectCallOrConstruct):
(JSC::FTL::DFG::LowerDFGToB3::compileTailCall):
(JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargs):

• interpreter/Interpreter.cpp:

(JSC::Interpreter::execute):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):
(JSC::Interpreter::prepareForRepeatCall):

• jit/JIT.cpp:

(JSC::JIT::link):

• jit/JITCall.cpp:

(JSC::JIT::compileSetupVarargsFrame):

• jit/JITCall32_64.cpp:

(JSC::JIT::compileSetupVarargsFrame):

• jit/JITOperations.cpp:
• jit/JITOperations.h:
• jit/Repatch.cpp:

(JSC::linkDirectFor):
(JSC::revertCall):

• jit/Repatch.h:
• llint/LLIntSlowPaths.cpp:

(JSC::LLInt::setUpCall):

• runtime/Executable.cpp:

(JSC::ScriptExecutable::prepareForExecutionImpl):

• runtime/Executable.h:

(JSC::ScriptExecutable::prepareForExecution):

• runtime/Options.h:

File:

• trunk/Source/JavaScriptCore/bytecode/CallLinkInfo.h (modified) (15 diffs)

trunk/Source/JavaScriptCore/bytecode/CallLinkInfo.h

@@ -29 +29 @@
 #include "CodeLocation.h"
 #include "CodeSpecializationKind.h"
-#include "JSFunction.h"
 #include "PolymorphicCallStubRoutine.h"
 #include "WriteBarrier.h"
@@ -38 +37 @@
 #if ENABLE(JIT)
 
+class FunctionCodeBlock;
+class JSFunction;
 enum OpcodeID : unsigned;
 struct CallFrameShuffleData;
@@ -43 +44 @@
 class CallLinkInfo : public BasicRawSentinelNode<CallLinkInfo> {
 public:
-    enum CallType { None, Call, CallVarargs, Construct, ConstructVarargs, TailCall, TailCallVarargs };
+    enum CallType {
+        None,
+        Call,
+        CallVarargs,
+        Construct,
+        ConstructVarargs,
+        TailCall,
+        TailCallVarargs,
+        DirectCall,
+        DirectConstruct,
+        DirectTailCall
+    };
+    
     static CallType callTypeFor(OpcodeID opcodeID);
 
@@ -65 +78 @@
     static CodeSpecializationKind specializationKindFor(CallType callType)
     {
-        return specializationFromIsConstruct(callType == Construct || callType == ConstructVarargs);
+        return specializationFromIsConstruct(callType == Construct || callType == ConstructVarargs || callType == DirectConstruct);
     }
     CodeSpecializationKind specializationKind() const
@@ -71 +84 @@
         return specializationKindFor(static_cast<CallType>(m_callType));
     }
-
+    
     static CallMode callModeFor(CallType callType)
     {
@@ -77 +90 @@
         case Call:
         case CallVarargs:
+        case DirectCall:
             return CallMode::Regular;
         case TailCall:
         case TailCallVarargs:
+        case DirectTailCall:
             return CallMode::Tail;
         case Construct:
         case ConstructVarargs:
+        case DirectConstruct:
             return CallMode::Construct;
         case None:
@@ -90 +106 @@
         RELEASE_ASSERT_NOT_REACHED();
     }
-
+    
+    static bool isDirect(CallType callType)
+    {
+        switch (callType) {
+        case DirectCall:
+        case DirectTailCall:
+        case DirectConstruct:
+            return true;
+        case Call:
+        case CallVarargs:
+        case TailCall:
+        case TailCallVarargs:
+        case Construct:
+        case ConstructVarargs:
+            return false;
+        case None:
+            RELEASE_ASSERT_NOT_REACHED();
+            return false;
+        }
+
+        RELEASE_ASSERT_NOT_REACHED();
+        return false;
+    }
+    
     CallMode callMode() const
     {
@@ -96 +135 @@
     }
 
+    bool isDirect()
+    {
+        return isDirect(static_cast<CallType>(m_callType));
+    }
+
     bool isTailCall() const
     {
         return callMode() == CallMode::Tail;
     }
+    
+    NearCallMode nearCallMode() const
+    {
+        return isTailCall() ? Tail : Regular;
+    }
 
     bool isVarargs() const
@@ -106 +155 @@
     }
 
-    bool isLinked() { return m_stub || m_callee; }
+    bool isLinked() { return m_stub || m_calleeOrCodeBlock; }
     void unlink(VM&);
 
@@ -116 +165 @@
     }
 
-    void setCallLocations(CodeLocationNearCall callReturnLocation, CodeLocationDataLabelPtr hotPathBegin,
+    void setCallLocations(
+        CodeLocationLabel callReturnLocationOrPatchableJump,
+        CodeLocationLabel hotPathBeginOrSlowPathStart,
         CodeLocationNearCall hotPathOther)
     {
-        m_callReturnLocation = callReturnLocation;
-        m_hotPathBegin = hotPathBegin;
+        m_callReturnLocationOrPatchableJump = callReturnLocationOrPatchableJump;
+        m_hotPathBeginOrSlowPathStart = hotPathBeginOrSlowPathStart;
         m_hotPathOther = hotPathOther;
     }
@@ -131 +182 @@
     }
 
-    void setUpCallFromFTL(CallType callType, CodeOrigin codeOrigin,
-        CodeLocationNearCall callReturnLocation, CodeLocationDataLabelPtr hotPathBegin,
-        CodeLocationNearCall hotPathOther, unsigned calleeGPR)
-    {
-        m_callType = callType;
-        m_codeOrigin = codeOrigin;
-        m_callReturnLocation = callReturnLocation;
-        m_hotPathBegin = hotPathBegin;
-        m_hotPathOther = hotPathOther;
-        m_calleeGPR = calleeGPR;
-    }
-
-    CodeLocationNearCall callReturnLocation()
-    {
-        return m_callReturnLocation;
-    }
-
-    CodeLocationDataLabelPtr hotPathBegin()
-    {
-        return m_hotPathBegin;
-    }
+    CodeLocationNearCall callReturnLocation();
+    CodeLocationJump patchableJump();
+    CodeLocationDataLabelPtr hotPathBegin();
+    CodeLocationLabel slowPathStart();
 
     CodeLocationNearCall hotPathOther()
@@ -159 +193 @@
 
     void setCallee(VM&, JSCell*, JSFunction* callee);
-
     void clearCallee();
-
-    JSFunction* callee()
-    {
-        return m_callee.get();
-    }
-
-    void setLastSeenCallee(VM& vm, const JSCell* owner, JSFunction* callee)
-    {
-        m_lastSeenCallee.set(vm, owner, callee);
-    }
-
-    void clearLastSeenCallee()
-    {
-        m_lastSeenCallee.clear();
-    }
-
-    JSFunction* lastSeenCallee()
-    {
-        return m_lastSeenCallee.get();
-    }
-
-    bool haveLastSeenCallee()
-    {
-        return !!m_lastSeenCallee;
-    }
-
+    JSFunction* callee();
+
+    void setCodeBlock(VM&, JSCell*, FunctionCodeBlock*);
+    void clearCodeBlock();
+    FunctionCodeBlock* codeBlock();
+
+    void setLastSeenCallee(VM& vm, const JSCell* owner, JSFunction* callee);
+    void clearLastSeenCallee();
+    JSFunction* lastSeenCallee();
+    bool haveLastSeenCallee();
+    
+    void setExecutableDuringCompilation(ExecutableBase*);
+    ExecutableBase* executable();
+    
     void setStub(PassRefPtr<PolymorphicCallStubRoutine> newStub)
     {
@@ -255 +276 @@
     }
 
-    uint8_t* addressOfMaxNumArguments()
+    uint32_t* addressOfMaxNumArguments()
     {
         return &m_maxNumArguments;
     }
 
-    uint8_t maxNumArguments()
+    uint32_t maxNumArguments()
     {
         return m_maxNumArguments;
     }
+    
+    void setMaxNumArguments(unsigned);
 
     static ptrdiff_t offsetOfSlowPathCount()
@@ -305 +328 @@
 
 private:
-    CodeLocationNearCall m_callReturnLocation;
-    CodeLocationDataLabelPtr m_hotPathBegin;
+    CodeLocationLabel m_callReturnLocationOrPatchableJump;
+    CodeLocationLabel m_hotPathBeginOrSlowPathStart;
     CodeLocationNearCall m_hotPathOther;
-    WriteBarrier<JSFunction> m_callee;
-    WriteBarrier<JSFunction> m_lastSeenCallee;
+    WriteBarrier<JSCell> m_calleeOrCodeBlock;
+    WriteBarrier<JSCell> m_lastSeenCalleeOrExecutable;
     RefPtr<PolymorphicCallStubRoutine> m_stub;
     RefPtr<JITStubRoutine> m_slowStub;
@@ -317 +340 @@
     bool m_clearedByGC : 1;
     bool m_allowStubs : 1;
+    bool m_isLinked : 1;
     unsigned m_callType : 4; // CallType
     unsigned m_calleeGPR : 8;
-    uint8_t m_maxNumArguments; // Only used for varargs calls.
+    uint32_t m_maxNumArguments; // For varargs: the profiled maximum number of arguments. For direct: the number of stack slots allocated for arguments.
     uint32_t m_slowPathCount;
     CodeOrigin m_codeOrigin;