Changeset 212775 in webkit for trunk/Source/JavaScriptCore/ftl/FTLCompile.cpp

Timestamp:

Feb 21, 2017, 3:57:03 PM (8 years ago)

Author:

[email protected]

Message:

Air should have a disassembly mode that dumps IR and assembly intermixed
​https://bugs.webkit.org/show_bug.cgi?id=168629

Reviewed by Filip Pizlo.

This will make dumping FTL disassembly dump Air intermixed
with the assembly generated by each Air Inst. This is similar
to how dumpDFGDisassembly dumps the generated assembly for each
Node.

Here is what the output will look like:

Generated FTL JIT code for foo#CUaFiQ:[0x10b76c960->0x10b76c2d0->0x10b7b6da0, FTLFunctionCall, 40 (NeverInline)], instruction count = 40:
BB#0: ; frequency = 1.000000

0x469004e02e00: push %rbp
0x469004e02e01: mov %rsp, %rbp
0x469004e02e04: add $0xffffffffffffffd0, %rsp

Move $0x10b76c960, %rax, $4487301472(@16)

0x469004e02e08: mov $0x10b76c960, %rax

Move %rax, 16(%rbp), @19

0x469004e02e12: mov %rax, 0x10(%rbp)

Patch &Patchpoint2, %rbp, %rax, @20

0x469004e02e16: lea -0x50(%rbp), %rax
0x469004e02e1a: mov $0x1084081e0, %r11
0x469004e02e24: cmp %rax, (%r11)
0x469004e02e27: ja 0x469004e02e9a

Move 56(%rbp), %rdx, @23

0x469004e02e2d: mov 0x38(%rbp), %rdx

Move $0xffff000000000002, %rax, $-281474976710654(@15)

0x469004e02e31: mov $0xffff000000000002, %rax

Patch &BranchTest64(3,SameAsRep)1, NonZero, %rdx, %rax, %rdx, @26

0x469004e02e3b: test %rdx, %rax
0x469004e02e3e: jnz 0x469004e02f08

Move 48(%rbp), %rax, @29

0x469004e02e44: mov 0x30(%rbp), %rax

Move %rax, %rcx, @31

0x469004e02e48: mov %rax, %rcx

Xor64 $6, %rcx, @31

0x469004e02e4b: xor $0x6, %rcx

Patch &BranchTest64(3,SameAsRep)1, NonZero, %rcx, $-2, %rax, @35

0x469004e02e4f: test $0xfffffffffffffffe, %rcx
0x469004e02e56: jnz 0x469004e02f12

Patch &Branch32(3,SameAsRep)0, NotEqual, (%rdx), $266, %rdx, @45

0x469004e02e5c: cmp $0x10a, (%rdx)
0x469004e02e62: jnz 0x469004e02f1c

BranchTest32 NonZero, %rax, $1, @49

0x469004e02e68: test $0x1, %al
0x469004e02e6a: jnz 0x469004e02e91

Successors: #3, #1

BB#1: ; frequency = 1.000000

Predecessors: #0

Move $0, %rcx, @65

0x469004e02e70: xor %rcx, %rcx

Jump @66

Successors: #2

BB#2: ; frequency = 1.000000

Predecessors: #1, #3

Move 24(%rdx), %rax, @58

0x469004e02e73: mov 0x18(%rdx), %rax

Patch &BranchAdd32(4,ForceLateUseUnlessRecoverable)3, Overflow, %rcx, %rax, %rcx, %rcx, %rax, @60

0x469004e02e77: add %eax, %ecx
0x469004e02e79: jo 0x469004e02f26

Move $0xffff000000000000, %rax, $-281474976710656(@14)

0x469004e02e7f: mov $0xffff000000000000, %rax

Add64 %rcx, %rax, %rax, @62

0x469004e02e89: add %rcx, %rax

Ret64 %rax, @63

0x469004e02e8c: mov %rbp, %rsp
0x469004e02e8f: pop %rbp
0x469004e02e90: ret

BB#3: ; frequency = 1.000000

Predecessors: #0

Move 16(%rdx), %rcx, @52

0x469004e02e91: mov 0x10(%rdx), %rcx

Jump @55

0x469004e02e95: jmp 0x469004e02e73

Successors: #2

• CMakeLists.txt:
• JavaScriptCore.xcodeproj/project.pbxproj:
• b3/air/AirCode.h:

(JSC::B3::Air::Code::setDisassembler):
(JSC::B3::Air::Code::disassembler):

• b3/air/AirDisassembler.cpp: Added.

(JSC::B3::Air::Disassembler::startEntrypoint):
(JSC::B3::Air::Disassembler::endEntrypoint):
(JSC::B3::Air::Disassembler::startLatePath):
(JSC::B3::Air::Disassembler::endLatePath):
(JSC::B3::Air::Disassembler::startBlock):
(JSC::B3::Air::Disassembler::addInst):
(JSC::B3::Air::Disassembler::dump):

• b3/air/AirDisassembler.h: Added.
• b3/air/AirGenerate.cpp:

(JSC::B3::Air::generate):

• ftl/FTLCompile.cpp:

(JSC::FTL::compile):

File:

• trunk/Source/JavaScriptCore/ftl/FTLCompile.cpp (modified) (3 diffs)

trunk/Source/JavaScriptCore/ftl/FTLCompile.cpp

@@ -30 +30 @@
 
 #include "AirCode.h"
+#include "AirDisassembler.h"
 #include "B3Generate.h"
 #include "B3ProcedureInlines.h"
@@ -57 +58 @@
     CodeBlock* codeBlock = graph.m_codeBlock;
     VM& vm = graph.m_vm;
+
+    if (shouldDumpDisassembly())
+        state.proc->code().setDisassembler(std::make_unique<B3::Air::Disassembler>());
 
     {
@@ -152 +156 @@
         state.finalizer->b3CodeLinkBuffer->entrypoint().executableAddress());
     state.jitCode->initializeB3Byproducts(state.proc->releaseByproducts());
+
+    if (B3::Air::Disassembler* disassembler = state.proc->code().disassembler()) {
+        dataLogLn("\nGenerated FTL JIT code for ", CodeBlockWithJITType(state.graph.m_codeBlock, JITCode::FTLJIT), ", instruction count = ", state.graph.m_codeBlock->instructionCount(), ":");
+        LinkBuffer& linkBuffer = *state.finalizer->b3CodeLinkBuffer;
+        disassembler->dump(state.proc->code(), WTF::dataFile(), linkBuffer);
+        linkBuffer.didAlreadyDisassemble();
+    }
 }