Changeset 215292 in webkit for trunk/Source/JavaScriptCore

Timestamp:

Apr 12, 2017, 2:22:14 PM (8 years ago)

Author:

[email protected]

Message:

B3 -O1 should not allocateStackByGraphColoring
​https://bugs.webkit.org/show_bug.cgi?id=170742

Reviewed by Keith Miller.

One of B3 -O1's longest running phases is allocateStackByGraphColoring. One approach to
this would be to make that phase cheaper. But it's weird that this phase reruns
liveness after register allocation already ran liveness. If only it could reuse the
liveness computed by register allocation then it would run a lot faster. At -O2, we do
not want this, since we run phases between register allocation and stack allocation,
and those phases are free to change the liveness of spill slots (in fact,
fixObviousSpills will both shorten and lengthen live ranges because of load and store
elimination, respectively). But at -O1, we don't really need to run any phases between
register and stack allocation.

This changes Air's backend in the following ways:

• Linear scan does stack allocation. This means that we don't need to run allocateStackByGraphColoring at all. In reality, we reuse some of its innards, but we don't run the expensive part of it (liveness->interference->coalescing->coloring). This is a speed-up because we only run liveness once and reuse it for both register and stack allocation.

• Phases that previously ran between register and stack allocation are taken care of, each in its own special way:

-> handleCalleSaves: this is now a utility function called by both

allocateStackByGraphColoring and allocateRegistersAndStackByLinearScan.

-> fixObviousSpills: we didn't run this at -O1, so nothing needs to be done.

-> lowerAfterRegAlloc: this needed to be able to run before stack allocation because

it could change register usage (vis a vis callee saves) and it could introduce
spill slots. I changed this phase to have a secondary mode for when it runs after
stack allocation.

• The part of allocateStackByGraphColoring that lowered stack addresses and took care of the call arg area is now a separate phase called lowerStackArgs. We run this phase regardless of optimization level. It's a cheap and general lowering.

This also removes spillEverything, because we never use that phase, we never test it,
and it got in the way in this refactoring.

This is a 21% speed-up on wasm -O1 compile times. This does not significantly change
-O1 throughput. We had already disabled allocateStack's most important optimization
(spill coalescing). This probably regresses average stack frame size, but I didn't
measure by how much. Stack frame size is really not that important. The algorithm in
allocateStackByGraphColoring is about much more than optimal frame size; it also
tries to avoid having to zero-extend 32-bit spills, it kills dead code, and of course
it coalesces.

• CMakeLists.txt:
• JavaScriptCore.xcodeproj/project.pbxproj:
• b3/B3Procedure.cpp:

(JSC::B3::Procedure::calleeSaveRegisterAtOffsetList):
(JSC::B3::Procedure::calleeSaveRegisters): Deleted.

• b3/B3Procedure.h:
• b3/B3StackmapGenerationParams.cpp:

(JSC::B3::StackmapGenerationParams::unavailableRegisters):

• b3/air/AirAllocateRegistersAndStackByLinearScan.cpp: Copied from Source/JavaScriptCore/b3/air/AirAllocateRegistersByLinearScan.cpp.

(JSC::B3::Air::allocateRegistersAndStackByLinearScan):
(JSC::B3::Air::allocateRegistersByLinearScan): Deleted.

• b3/air/AirAllocateRegistersAndStackByLinearScan.h: Copied from Source/JavaScriptCore/b3/air/AirAllocateRegistersByLinearScan.h.
• b3/air/AirAllocateRegistersByLinearScan.cpp: Removed.
• b3/air/AirAllocateRegistersByLinearScan.h: Removed.
• b3/air/AirAllocateStackByGraphColoring.cpp:

(JSC::B3::Air::allocateEscapedStackSlots):
(JSC::B3::Air::updateFrameSizeBasedOnStackSlots):
(JSC::B3::Air::allocateStackByGraphColoring):

• b3/air/AirAllocateStackByGraphColoring.h:
• b3/air/AirArg.cpp:

(JSC::B3::Air::Arg::stackAddr):

• b3/air/AirArg.h:

(JSC::B3::Air::Arg::stackAddr): Deleted.

• b3/air/AirCode.cpp:

(JSC::B3::Air::Code::addStackSlot):
(JSC::B3::Air::Code::setCalleeSaveRegisterAtOffsetList):
(JSC::B3::Air::Code::calleeSaveRegisterAtOffsetList):
(JSC::B3::Air::Code::dump):

• b3/air/AirCode.h:

(JSC::B3::Air::Code::setStackIsAllocated):
(JSC::B3::Air::Code::stackIsAllocated):
(JSC::B3::Air::Code::calleeSaveRegisters):

• b3/air/AirGenerate.cpp:

(JSC::B3::Air::prepareForGeneration):
(JSC::B3::Air::generate):

• b3/air/AirHandleCalleeSaves.cpp:

(JSC::B3::Air::handleCalleeSaves):

• b3/air/AirHandleCalleeSaves.h:
• b3/air/AirLowerAfterRegAlloc.cpp:

(JSC::B3::Air::lowerAfterRegAlloc):

• b3/air/AirLowerStackArgs.cpp: Added.

(JSC::B3::Air::lowerStackArgs):

• b3/air/AirLowerStackArgs.h: Added.
• b3/testb3.cpp:

(JSC::B3::testPinRegisters):

• ftl/FTLCompile.cpp:

(JSC::FTL::compile):

• jit/RegisterAtOffsetList.h:
• wasm/WasmB3IRGenerator.cpp:

(JSC::Wasm::parseAndCompile):

Location:

trunk/Source/JavaScriptCore

Files:

• CMakeLists.txt (modified) (3 diffs)
• ChangeLog (modified) (1 diff)
• JavaScriptCore.xcodeproj/project.pbxproj (modified) (15 diffs)
• b3/B3Procedure.cpp (modified) (1 diff)
• b3/B3Procedure.h (modified) (1 diff)
• b3/B3StackmapGenerationParams.cpp (modified) (1 diff)
• b3/air/AirAllocateRegistersAndStackByLinearScan.cpp (moved) (moved from trunk/Source/JavaScriptCore/b3/air/AirAllocateRegistersByLinearScan.cpp ) (14 diffs)
• b3/air/AirAllocateRegistersAndStackByLinearScan.h (moved) (moved from trunk/Source/JavaScriptCore/b3/air/AirAllocateRegistersByLinearScan.h ) (1 diff)
• b3/air/AirAllocateStackByGraphColoring.cpp (modified) (5 diffs)
• b3/air/AirAllocateStackByGraphColoring.h (modified) (2 diffs)
• b3/air/AirArg.cpp (modified) (1 diff)
• b3/air/AirArg.h (modified) (1 diff)
• b3/air/AirCode.cpp (modified) (3 diffs)
• b3/air/AirCode.h (modified) (2 diffs)
• b3/air/AirGenerate.cpp (modified) (5 diffs)
• b3/air/AirHandleCalleeSaves.cpp (modified) (4 diffs)
• b3/air/AirHandleCalleeSaves.h (modified) (2 diffs)
• b3/air/AirLowerAfterRegAlloc.cpp (modified) (4 diffs)
• b3/air/AirLowerStackArgs.cpp (added)
• b3/air/AirLowerStackArgs.h (added)
• b3/air/AirSpillEverything.cpp (deleted)
• b3/air/AirSpillEverything.h (deleted)
• b3/testb3.cpp (modified) (1 diff)
• ftl/FTLCompile.cpp (modified) (1 diff)
• jit/RegisterAtOffsetList.h (modified) (1 diff)
• runtime/Options.h (modified) (1 diff)
• wasm/WasmB3IRGenerator.cpp (modified) (1 diff)

trunk/Source/JavaScriptCore/CMakeLists.txt

@@ -74 +74 @@
     assembler/MacroAssemblerX86Common.cpp
 
+    b3/air/AirAllocateRegistersAndStackByLinearScan.cpp
     b3/air/AirAllocateRegistersByGraphColoring.cpp
-    b3/air/AirAllocateRegistersByLinearScan.cpp
     b3/air/AirAllocateStackByGraphColoring.cpp
     b3/air/AirArg.cpp
@@ -101 +101 @@
     b3/air/AirLowerEntrySwitch.cpp
     b3/air/AirLowerMacros.cpp
+    b3/air/AirLowerStackArgs.cpp
     b3/air/AirOptimizeBlockOrder.cpp
     b3/air/AirPadInterference.cpp
@@ -109 +110 @@
     b3/air/AirSimplifyCFG.cpp
     b3/air/AirSpecial.cpp
-    b3/air/AirSpillEverything.cpp
     b3/air/AirStackSlot.cpp
     b3/air/AirStackSlotKind.cpp

trunk/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2017-04-12  Filip Pizlo  <[email protected]>
+
+        B3 -O1 should not allocateStackByGraphColoring
+        https://bugs.webkit.org/show_bug.cgi?id=170742
+
+        Reviewed by Keith Miller.
+        
+        One of B3 -O1's longest running phases is allocateStackByGraphColoring. One approach to
+        this would be to make that phase cheaper. But it's weird that this phase reruns
+        liveness after register allocation already ran liveness. If only it could reuse the
+        liveness computed by register allocation then it would run a lot faster. At -O2, we do
+        not want this, since we run phases between register allocation and stack allocation,
+        and those phases are free to change the liveness of spill slots (in fact,
+        fixObviousSpills will both shorten and lengthen live ranges because of load and store
+        elimination, respectively). But at -O1, we don't really need to run any phases between
+        register and stack allocation.
+        
+        This changes Air's backend in the following ways:
+        
+        - Linear scan does stack allocation. This means that we don't need to run
+          allocateStackByGraphColoring at all. In reality, we reuse some of its innards, but
+          we don't run the expensive part of it (liveness->interference->coalescing->coloring).
+          This is a speed-up because we only run liveness once and reuse it for both register
+          and stack allocation.
+        
+        - Phases that previously ran between register and stack allocation are taken care of,
+          each in its own special way:
+          
+          -> handleCalleSaves: this is now a utility function called by both
+             allocateStackByGraphColoring and allocateRegistersAndStackByLinearScan.
+          
+          -> fixObviousSpills: we didn't run this at -O1, so nothing needs to be done.
+          
+          -> lowerAfterRegAlloc: this needed to be able to run before stack allocation because
+             it could change register usage (vis a vis callee saves) and it could introduce
+             spill slots. I changed this phase to have a secondary mode for when it runs after
+             stack allocation.
+        
+        - The part of allocateStackByGraphColoring that lowered stack addresses and took care
+          of the call arg area is now a separate phase called lowerStackArgs. We run this phase
+          regardless of optimization level. It's a cheap and general lowering.
+        
+        This also removes spillEverything, because we never use that phase, we never test it,
+        and it got in the way in this refactoring.
+        
+        This is a 21% speed-up on wasm -O1 compile times. This does not significantly change
+        -O1 throughput. We had already disabled allocateStack's most important optimization
+        (spill coalescing). This probably regresses average stack frame size, but I didn't
+        measure by how much. Stack frame size is really not that important. The algorithm in
+        allocateStackByGraphColoring is about much more than optimal frame size; it also
+        tries to avoid having to zero-extend 32-bit spills, it kills dead code, and of course
+        it coalesces.
+
+        * CMakeLists.txt:
+        * JavaScriptCore.xcodeproj/project.pbxproj:
+        * b3/B3Procedure.cpp:
+        (JSC::B3::Procedure::calleeSaveRegisterAtOffsetList):
+        (JSC::B3::Procedure::calleeSaveRegisters): Deleted.
+        * b3/B3Procedure.h:
+        * b3/B3StackmapGenerationParams.cpp:
+        (JSC::B3::StackmapGenerationParams::unavailableRegisters):
+        * b3/air/AirAllocateRegistersAndStackByLinearScan.cpp: Copied from Source/JavaScriptCore/b3/air/AirAllocateRegistersByLinearScan.cpp.
+        (JSC::B3::Air::allocateRegistersAndStackByLinearScan):
+        (JSC::B3::Air::allocateRegistersByLinearScan): Deleted.
+        * b3/air/AirAllocateRegistersAndStackByLinearScan.h: Copied from Source/JavaScriptCore/b3/air/AirAllocateRegistersByLinearScan.h.
+        * b3/air/AirAllocateRegistersByLinearScan.cpp: Removed.
+        * b3/air/AirAllocateRegistersByLinearScan.h: Removed.
+        * b3/air/AirAllocateStackByGraphColoring.cpp:
+        (JSC::B3::Air::allocateEscapedStackSlots):
+        (JSC::B3::Air::updateFrameSizeBasedOnStackSlots):
+        (JSC::B3::Air::allocateStackByGraphColoring):
+        * b3/air/AirAllocateStackByGraphColoring.h:
+        * b3/air/AirArg.cpp:
+        (JSC::B3::Air::Arg::stackAddr):
+        * b3/air/AirArg.h:
+        (JSC::B3::Air::Arg::stackAddr): Deleted.
+        * b3/air/AirCode.cpp:
+        (JSC::B3::Air::Code::addStackSlot):
+        (JSC::B3::Air::Code::setCalleeSaveRegisterAtOffsetList):
+        (JSC::B3::Air::Code::calleeSaveRegisterAtOffsetList):
+        (JSC::B3::Air::Code::dump):
+        * b3/air/AirCode.h:
+        (JSC::B3::Air::Code::setStackIsAllocated):
+        (JSC::B3::Air::Code::stackIsAllocated):
+        (JSC::B3::Air::Code::calleeSaveRegisters):
+        * b3/air/AirGenerate.cpp:
+        (JSC::B3::Air::prepareForGeneration):
+        (JSC::B3::Air::generate):
+        * b3/air/AirHandleCalleeSaves.cpp:
+        (JSC::B3::Air::handleCalleeSaves):
+        * b3/air/AirHandleCalleeSaves.h:
+        * b3/air/AirLowerAfterRegAlloc.cpp:
+        (JSC::B3::Air::lowerAfterRegAlloc):
+        * b3/air/AirLowerStackArgs.cpp: Added.
+        (JSC::B3::Air::lowerStackArgs):
+        * b3/air/AirLowerStackArgs.h: Added.
+        * b3/testb3.cpp:
+        (JSC::B3::testPinRegisters):
+        * ftl/FTLCompile.cpp:
+        (JSC::FTL::compile):
+        * jit/RegisterAtOffsetList.h:
+        * wasm/WasmB3IRGenerator.cpp:
+        (JSC::Wasm::parseAndCompile):
+
 2017-04-12  Michael Saboff  <[email protected]>
 

trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj

@@ -187 +187 @@
                 0F2AC5661E8A0B770001EE3F /* AirFixSpillsAfterTerminals.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F2AC5641E8A0B760001EE3F /* AirFixSpillsAfterTerminals.cpp */; };
                 0F2AC5671E8A0B790001EE3F /* AirFixSpillsAfterTerminals.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F2AC5651E8A0B760001EE3F /* AirFixSpillsAfterTerminals.h */; };
-                0F2AC56A1E8A0BD30001EE3F /* AirAllocateRegistersByLinearScan.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F2AC5681E8A0BD10001EE3F /* AirAllocateRegistersByLinearScan.cpp */; };
-                0F2AC56B1E8A0BD50001EE3F /* AirAllocateRegistersByLinearScan.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F2AC5691E8A0BD10001EE3F /* AirAllocateRegistersByLinearScan.h */; };
+                0F2AC56A1E8A0BD30001EE3F /* AirAllocateRegistersAndStackByLinearScan.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F2AC5681E8A0BD10001EE3F /* AirAllocateRegistersAndStackByLinearScan.cpp */; };
+                0F2AC56B1E8A0BD50001EE3F /* AirAllocateRegistersAndStackByLinearScan.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F2AC5691E8A0BD10001EE3F /* AirAllocateRegistersAndStackByLinearScan.h */; };
                 0F2AC56E1E8D7B000001EE3F /* AirPhaseInsertionSet.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F2AC56C1E8D7AFF0001EE3F /* AirPhaseInsertionSet.cpp */; };
                 0F2AC56F1E8D7B030001EE3F /* AirPhaseInsertionSet.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F2AC56D1E8D7AFF0001EE3F /* AirPhaseInsertionSet.h */; };
@@ -456 +456 @@
                 0F5B4A331C84F0D600F1B17E /* SlowPathReturnType.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F5B4A321C84F0D600F1B17E /* SlowPathReturnType.h */; settings = {ATTRIBUTES = (Private, ); }; };
                 0F5CF9811E96F17F00C18692 /* AirTmpMap.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F5CF9801E96F17D00C18692 /* AirTmpMap.h */; };
+                0F5CF9841E9D537700C18692 /* AirLowerStackArgs.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F5CF9831E9D537500C18692 /* AirLowerStackArgs.h */; };
+                0F5CF9851E9D537A00C18692 /* AirLowerStackArgs.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F5CF9821E9D537500C18692 /* AirLowerStackArgs.cpp */; };
                 0F5D085D1B8CF99D001143B4 /* DFGNodeOrigin.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F5D085C1B8CF99D001143B4 /* DFGNodeOrigin.cpp */; };
                 0F5EF91E16878F7A003E5C25 /* JITThunks.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F5EF91B16878F78003E5C25 /* JITThunks.cpp */; };
@@ -960 +962 @@
                 0FEC85871BDACDC70080FF74 /* AirSpecial.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0FEC85621BDACDC70080FF74 /* AirSpecial.cpp */; };
                 0FEC85881BDACDC70080FF74 /* AirSpecial.h in Headers */ = {isa = PBXBuildFile; fileRef = 0FEC85631BDACDC70080FF74 /* AirSpecial.h */; };
-                0FEC85891BDACDC70080FF74 /* AirSpillEverything.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0FEC85641BDACDC70080FF74 /* AirSpillEverything.cpp */; };
-                0FEC858A1BDACDC70080FF74 /* AirSpillEverything.h in Headers */ = {isa = PBXBuildFile; fileRef = 0FEC85651BDACDC70080FF74 /* AirSpillEverything.h */; };
                 0FEC858B1BDACDC70080FF74 /* AirStackSlot.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0FEC85661BDACDC70080FF74 /* AirStackSlot.cpp */; };
                 0FEC858C1BDACDC70080FF74 /* AirStackSlot.h in Headers */ = {isa = PBXBuildFile; fileRef = 0FEC85671BDACDC70080FF74 /* AirStackSlot.h */; };
@@ -2731 +2731 @@
                 0F2AC5641E8A0B760001EE3F /* AirFixSpillsAfterTerminals.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = AirFixSpillsAfterTerminals.cpp; path = b3/air/AirFixSpillsAfterTerminals.cpp; sourceTree = "<group>"; };
                 0F2AC5651E8A0B760001EE3F /* AirFixSpillsAfterTerminals.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AirFixSpillsAfterTerminals.h; path = b3/air/AirFixSpillsAfterTerminals.h; sourceTree = "<group>"; };
-                0F2AC5681E8A0BD10001EE3F /* AirAllocateRegistersByLinearScan.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = AirAllocateRegistersByLinearScan.cpp; path = b3/air/AirAllocateRegistersByLinearScan.cpp; sourceTree = "<group>"; };
-                0F2AC5691E8A0BD10001EE3F /* AirAllocateRegistersByLinearScan.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AirAllocateRegistersByLinearScan.h; path = b3/air/AirAllocateRegistersByLinearScan.h; sourceTree = "<group>"; };
+                0F2AC5681E8A0BD10001EE3F /* AirAllocateRegistersAndStackByLinearScan.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = AirAllocateRegistersAndStackByLinearScan.cpp; path = b3/air/AirAllocateRegistersAndStackByLinearScan.cpp; sourceTree = "<group>"; };
+                0F2AC5691E8A0BD10001EE3F /* AirAllocateRegistersAndStackByLinearScan.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AirAllocateRegistersAndStackByLinearScan.h; path = b3/air/AirAllocateRegistersAndStackByLinearScan.h; sourceTree = "<group>"; };
                 0F2AC56C1E8D7AFF0001EE3F /* AirPhaseInsertionSet.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = AirPhaseInsertionSet.cpp; path = b3/air/AirPhaseInsertionSet.cpp; sourceTree = "<group>"; };
                 0F2AC56D1E8D7AFF0001EE3F /* AirPhaseInsertionSet.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AirPhaseInsertionSet.h; path = b3/air/AirPhaseInsertionSet.h; sourceTree = "<group>"; };
@@ -2995 +2995 @@
                 0F5B4A321C84F0D600F1B17E /* SlowPathReturnType.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SlowPathReturnType.h; sourceTree = "<group>"; };
                 0F5CF9801E96F17D00C18692 /* AirTmpMap.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AirTmpMap.h; path = b3/air/AirTmpMap.h; sourceTree = "<group>"; };
+                0F5CF9821E9D537500C18692 /* AirLowerStackArgs.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = AirLowerStackArgs.cpp; path = b3/air/AirLowerStackArgs.cpp; sourceTree = "<group>"; };
+                0F5CF9831E9D537500C18692 /* AirLowerStackArgs.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AirLowerStackArgs.h; path = b3/air/AirLowerStackArgs.h; sourceTree = "<group>"; };
                 0F5D085C1B8CF99D001143B4 /* DFGNodeOrigin.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = DFGNodeOrigin.cpp; path = dfg/DFGNodeOrigin.cpp; sourceTree = "<group>"; };
                 0F5EF91B16878F78003E5C25 /* JITThunks.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JITThunks.cpp; sourceTree = "<group>"; };
@@ -3512 +3514 @@
                 0FEC85621BDACDC70080FF74 /* AirSpecial.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = AirSpecial.cpp; path = b3/air/AirSpecial.cpp; sourceTree = "<group>"; };
                 0FEC85631BDACDC70080FF74 /* AirSpecial.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AirSpecial.h; path = b3/air/AirSpecial.h; sourceTree = "<group>"; };
-                0FEC85641BDACDC70080FF74 /* AirSpillEverything.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = AirSpillEverything.cpp; path = b3/air/AirSpillEverything.cpp; sourceTree = "<group>"; };
-                0FEC85651BDACDC70080FF74 /* AirSpillEverything.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AirSpillEverything.h; path = b3/air/AirSpillEverything.h; sourceTree = "<group>"; };
                 0FEC85661BDACDC70080FF74 /* AirStackSlot.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = AirStackSlot.cpp; path = b3/air/AirStackSlot.cpp; sourceTree = "<group>"; };
                 0FEC85671BDACDC70080FF74 /* AirStackSlot.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AirStackSlot.h; path = b3/air/AirStackSlot.h; sourceTree = "<group>"; };
@@ -5576 +5576 @@
                         isa = PBXGroup;
                         children = (
+                                0F2AC5681E8A0BD10001EE3F /* AirAllocateRegistersAndStackByLinearScan.cpp */,
+                                0F2AC5691E8A0BD10001EE3F /* AirAllocateRegistersAndStackByLinearScan.h */,
                                 7965C2141E5D799600B7591D /* AirAllocateRegistersByGraphColoring.cpp */,
                                 7965C2151E5D799600B7591D /* AirAllocateRegistersByGraphColoring.h */,
-                                0F2AC5681E8A0BD10001EE3F /* AirAllocateRegistersByLinearScan.cpp */,
-                                0F2AC5691E8A0BD10001EE3F /* AirAllocateRegistersByLinearScan.h */,
                                 0FEC85481BDACDC70080FF74 /* AirAllocateStackByGraphColoring.cpp */,
                                 0FEC85491BDACDC70080FF74 /* AirAllocateStackByGraphColoring.h */,
@@ -5638 +5638 @@
                                 0F6183271C45BF070072450B /* AirLowerMacros.cpp */,
                                 0F6183281C45BF070072450B /* AirLowerMacros.h */,
+                                0F5CF9821E9D537500C18692 /* AirLowerStackArgs.cpp */,
+                                0F5CF9831E9D537500C18692 /* AirLowerStackArgs.h */,
                                 264091FA1BE2FD4100684DB2 /* AirOpcode.opcodes */,
                                 0FB3878C1BFBC44D00E3AB1E /* AirOptimizeBlockOrder.cpp */,
@@ -5655 +5657 @@
                                 0FEC85621BDACDC70080FF74 /* AirSpecial.cpp */,
                                 0FEC85631BDACDC70080FF74 /* AirSpecial.h */,
-                                0FEC85641BDACDC70080FF74 /* AirSpillEverything.cpp */,
-                                0FEC85651BDACDC70080FF74 /* AirSpillEverything.h */,
                                 0FEC85661BDACDC70080FF74 /* AirStackSlot.cpp */,
                                 0FEC85671BDACDC70080FF74 /* AirStackSlot.h */,
@@ -8136 +8136 @@
                                 0F338DFE1BED51270013C88F /* AirSimplifyCFG.h in Headers */,
                                 0FEC85881BDACDC70080FF74 /* AirSpecial.h in Headers */,
-                                0FEC858A1BDACDC70080FF74 /* AirSpillEverything.h in Headers */,
                                 0FEC858C1BDACDC70080FF74 /* AirStackSlot.h in Headers */,
                                 0F2BBD9E1C5FF4050023EF23 /* AirStackSlotKind.h in Headers */,
@@ -8212 +8211 @@
                                 0FEC85121BDACDAC0080FF74 /* B3ConstDoubleValue.h in Headers */,
                                 43422A631C158E6D00E2EB98 /* B3ConstFloatValue.h in Headers */,
-                                0F2AC56B1E8A0BD50001EE3F /* AirAllocateRegistersByLinearScan.h in Headers */,
+                                0F2AC56B1E8A0BD50001EE3F /* AirAllocateRegistersAndStackByLinearScan.h in Headers */,
                                 0FEC85B31BDED9570080FF74 /* B3ConstPtrValue.h in Headers */,
                                 0F338DF61BE93D550013C88F /* B3ConstrainedValue.h in Headers */,
@@ -8975 +8974 @@
                                 A50E4B6418809DD50068A46D /* JSGlobalObjectRuntimeAgent.h in Headers */,
                                 0F2C63C41E69EF9400C13839 /* B3MemoryValueInlines.h in Headers */,
+                                0F5CF9841E9D537700C18692 /* AirLowerStackArgs.h in Headers */,
                                 A503FA2A188F105900110F14 /* JSGlobalObjectScriptDebugServer.h in Headers */,
                                 A513E5C0185BFACC007E95AD /* JSInjectedScriptHost.h in Headers */,
@@ -10022 +10022 @@
                                 0F338DFD1BED51270013C88F /* AirSimplifyCFG.cpp in Sources */,
                                 0FEC85871BDACDC70080FF74 /* AirSpecial.cpp in Sources */,
-                                0FEC85891BDACDC70080FF74 /* AirSpillEverything.cpp in Sources */,
                                 0FEC858B1BDACDC70080FF74 /* AirStackSlot.cpp in Sources */,
                                 0F2BBD9D1C5FF4050023EF23 /* AirStackSlotKind.cpp in Sources */,
@@ -10243 +10242 @@
                                 0F2BDC15151C5D4D00CD8910 /* DFGFixupPhase.cpp in Sources */,
                                 0F20177F1DCADC3300EA5950 /* DFGFlowIndexing.cpp in Sources */,
-                                0F2AC56A1E8A0BD30001EE3F /* AirAllocateRegistersByLinearScan.cpp in Sources */,
+                                0F2AC56A1E8A0BD30001EE3F /* AirAllocateRegistersAndStackByLinearScan.cpp in Sources */,
                                 0F9D339617FFC4E60073C2BC /* DFGFlushedAt.cpp in Sources */,
                                 A7D89CF717A0B8CC00773AD8 /* DFGFlushFormat.cpp in Sources */,
@@ -10758 +10757 @@
                                 8642C512151C083D0046D4EF /* RegExpMatchesArray.cpp in Sources */,
                                 14280843107EC0930013E7B2 /* RegExpObject.cpp in Sources */,
+                                0F5CF9851E9D537A00C18692 /* AirLowerStackArgs.cpp in Sources */,
                                 14280844107EC0930013E7B2 /* RegExpPrototype.cpp in Sources */,
                                 6540C7A01B82E1C3000F6B79 /* RegisterAtOffset.cpp in Sources */,

trunk/Source/JavaScriptCore/b3/B3Procedure.cpp

@@ -346 +346 @@
 }
 
-const RegisterAtOffsetList& Procedure::calleeSaveRegisters() const
-{
-    return code().calleeSaveRegisters();
+RegisterAtOffsetList Procedure::calleeSaveRegisterAtOffsetList() const
+{
+    return code().calleeSaveRegisterAtOffsetList();
 }
 

trunk/Source/JavaScriptCore/b3/B3Procedure.h

@@ -244 +244 @@
 
     JS_EXPORT_PRIVATE unsigned frameSize() const;
-    JS_EXPORT_PRIVATE const RegisterAtOffsetList& calleeSaveRegisters() const;
+    JS_EXPORT_PRIVATE RegisterAtOffsetList calleeSaveRegisterAtOffsetList() const;
 
     PCToOriginMap& pcToOriginMap() { return m_pcToOriginMap; }

trunk/Source/JavaScriptCore/b3/B3StackmapGenerationParams.cpp

@@ -49 +49 @@
     
     RegisterSet unsavedCalleeSaves = RegisterSet::vmCalleeSaveRegisters();
-    for (const RegisterAtOffset& regAtOffset : m_context.code->calleeSaveRegisters())
-        unsavedCalleeSaves.clear(regAtOffset.reg());
+    unsavedCalleeSaves.exclude(m_context.code->calleeSaveRegisters());
 
     result.merge(unsavedCalleeSaves);

trunk/Source/JavaScriptCore/b3/air/AirAllocateRegistersAndStackByLinearScan.cpp

@@ -25 +25 @@
 
 #include "config.h"
-#include "AirAllocateRegistersByLinearScan.h"
+#include "AirAllocateRegistersAndStackByLinearScan.h"
 
 #if ENABLE(B3_JIT)
 
+#include "AirAllocateStackByGraphColoring.h"
 #include "AirArgInlines.h"
 #include "AirCode.h"
 #include "AirFixSpillsAfterTerminals.h"
+#include "AirHandleCalleeSaves.h"
 #include "AirPhaseInsertionSet.h"
 #include "AirInstInlines.h"
@@ -85 +87 @@
     bool isUnspillable { false };
     bool didBuildPossibleRegs { false };
+    unsigned spillIndex { 0 };
 };
 
@@ -119 +122 @@
     void run()
     {
+        padInterference(m_code);
         buildRegisterSet();
         buildIndices();
@@ -127 +131 @@
         }
         for (;;) {
-            prepareIntervals();
+            prepareIntervalsForScanForRegisters();
             m_didSpill = false;
             forEachBank(
                 [&] (Bank bank) {
-                    attemptScan(bank);
+                    attemptScanForRegisters(bank);
                 });
             if (!m_didSpill)
@@ -139 +143 @@
         insertSpillCode();
         assignRegisters();
+        fixSpillsAfterTerminals(m_code);
+
+        handleCalleeSaves(m_code);
+        allocateEscapedStackSlots(m_code);
+        prepareIntervalsForScanForStack();
+        scanForStack();
+        updateFrameSizeBasedOnStackSlots(m_code);
+        m_code.setStackIsAllocated(true);
     }
     
@@ -187 +199 @@
     void buildIntervals()
     {
+        TimingScope timingScope("LinearScan::buildIntervals");
         UnifiedTmpLiveness liveness(m_code);
         
@@ -267 +280 @@
                     dataLog("    ", tmp, ": ", m_map[tmp], "\n");
                 });
+            dataLog("Clobbers: ", listDump(m_clobbers), "\n");
         }
     }
@@ -289 +303 @@
     }
     
-    void prepareIntervals()
+    void prepareIntervalsForScanForRegisters()
+    {
+        prepareIntervals(
+            [&] (TmpData& data) -> bool {
+                if (data.spilled)
+                    return false;
+                
+                data.assigned = Reg();
+                return true;
+            });
+    }
+    
+    void prepareIntervalsForScanForStack()
+    {
+        prepareIntervals(
+            [&] (TmpData& data) -> bool {
+                return data.spilled;
+            });
+    }
+    
+    template<typename SelectFunc>
+    void prepareIntervals(const SelectFunc& selectFunc)
     {
         m_tmps.resize(0);
@@ -296 +331 @@
             [&] (Tmp tmp) {
                 TmpData& data = m_map[tmp];
-                if (data.spilled)
+                if (!selectFunc(data))
                     return;
                 
-                data.assigned = Reg();
                 m_tmps.append(tmp);
             });
@@ -309 +343 @@
             });
         
-        if (verbose()) {
+        if (verbose())
             dataLog("Tmps: ", listDump(m_tmps), "\n");
-            dataLog("Clobbers: ", listDump(m_clobbers), "\n");
-        }
     }
     
@@ -326 +358 @@
     }
     
-    void attemptScan(Bank bank)
+    void attemptScanForRegisters(Bank bank)
     {
         // This is modeled after LinearScanRegisterAllocation in Fig. 1 in
@@ -521 +553 @@
     }
     
+    void scanForStack()
+    {
+        // This is loosely modeled after LinearScanRegisterAllocation in Fig. 1 in
+        // http://dl.acm.org/citation.cfm?id=330250.
+
+        m_active.clear();
+        m_usedSpillSlots.clearAll();
+        
+        for (Tmp& tmp : m_tmps) {
+            TmpData& entry = m_map[tmp];
+            if (!entry.spilled)
+                continue;
+            
+            size_t index = entry.interval.begin();
+            
+            // This is ExpireOldIntervals in Fig. 1.
+            while (!m_active.isEmpty()) {
+                Tmp tmp = m_active.first();
+                TmpData& entry = m_map[tmp];
+                
+                bool expired = entry.interval.end() <= index;
+                
+                if (!expired)
+                    break;
+                
+                m_active.removeFirst();
+                m_usedSpillSlots.clear(entry.spillIndex);
+            }
+            
+            entry.spillIndex = m_usedSpillSlots.findBit(0, false);
+            ptrdiff_t offset = -static_cast<ptrdiff_t>(m_code.frameSize()) - static_cast<ptrdiff_t>(entry.spillIndex) * 8 - 8;
+            if (verbose())
+                dataLog("  Assigning offset = ", offset, " to spill ", pointerDump(entry.spilled), " for ", tmp, "\n");
+            entry.spilled->setOffsetFromFP(offset);
+            m_usedSpillSlots.set(entry.spillIndex);
+            m_active.append(tmp);
+        }
+    }
+    
     void insertSpillCode()
     {
@@ -570 +641 @@
     Deque<Tmp> m_active;
     RegisterSet m_activeRegs;
+    BitVector m_usedSpillSlots;
     bool m_didSpill { false };
 };
 
-void runLinearScan(Code& code)
+} // anonymous namespace
+
+void allocateRegistersAndStackByLinearScan(Code& code)
 {
+    PhaseScope phaseScope(code, "allocateRegistersAndStackByLinearScan");
     if (verbose())
         dataLog("Air before linear scan:\n", code);
@@ -583 +658 @@
 }
 
-} // anonymous namespace
-
-void allocateRegistersByLinearScan(Code& code)
-{
-    PhaseScope phaseScope(code, "allocateRegistersByLinearScan");
-    padInterference(code);
-    runLinearScan(code);
-    fixSpillsAfterTerminals(code);
-}
-
 } } } // namespace JSC::B3::Air
 

trunk/Source/JavaScriptCore/b3/air/AirAllocateRegistersAndStackByLinearScan.h

@@ -38 +38 @@
 // http://dl.acm.org/citation.cfm?id=330250
 //
-// This is not Air's primary register allocator. We use it only when running at optLevel<2. That's not
-// the default level. This register allocator is optimized primarily for running quickly. It's expected
-// that improvements to this register allocator should focus on improving its execution time without much
-// regard for the quality of generated code. If you want good code, use graph coloring.
+// This is not Air's primary register allocator. We use it only when running at optLevel<2.
+// That's not the default level. This register allocator is optimized primarily for running
+// quickly. It's expected that improvements to this register allocator should focus on improving
+// its execution time without much regard for the quality of generated code. If you want good
+// code, use graph coloring.
 //
 // For Air's primary register allocator, see AirAllocateRegistersByGraphColoring.h|cpp.
-void allocateRegistersByLinearScan(Code&);
+//
+// This also does stack allocation as an afterthought. It does not do any spill coalescing.
+void allocateRegistersAndStackByLinearScan(Code&);
 
 } } } // namespace JSC::B3::Air

trunk/Source/JavaScriptCore/b3/air/AirAllocateStackByGraphColoring.cpp

@@ -31 +31 @@
 #include "AirArgInlines.h"
 #include "AirCode.h"
-#include "AirInsertionSet.h"
+#include "AirHandleCalleeSaves.h"
 #include "AirInstInlines.h"
 #include "AirLiveness.h"
@@ -130 +130 @@
 };
 
-} // anonymous namespace
-
-void allocateStackByGraphColoring(Code& code)
-{
-    PhaseScope phaseScope(code, "allocateStackByGraphColoring");
-
+Vector<StackSlot*> allocateEscapedStackSlotsImpl(Code& code)
+{
     // Allocate all of the escaped slots in order. This is kind of a crazy algorithm to allow for
     // the possibility of stack slots being assigned frame offsets before we even get here.
-    ASSERT(!code.frameSize());
+    RELEASE_ASSERT(!code.frameSize());
     Vector<StackSlot*> assignedEscapedStackSlots;
     Vector<StackSlot*> escapedStackSlotsWorklist;
@@ -159 +155 @@
         assignedEscapedStackSlots.append(slot);
     }
+    return assignedEscapedStackSlots;
+}
+
+template<typename Collection>
+void updateFrameSizeBasedOnStackSlotsImpl(Code& code, const Collection& collection)
+{
+    unsigned frameSize = 0;
+    for (StackSlot* slot : collection)
+        frameSize = std::max(frameSize, static_cast<unsigned>(-slot->offsetFromFP()));
+    code.setFrameSize(WTF::roundUpToMultipleOf(stackAlignmentBytes(), frameSize));
+}
+
+} // anonymous namespace
+
+void allocateEscapedStackSlots(Code& code)
+{
+    updateFrameSizeBasedOnStackSlotsImpl(code, allocateEscapedStackSlotsImpl(code));
+}
+
+void updateFrameSizeBasedOnStackSlots(Code& code)
+{
+    updateFrameSizeBasedOnStackSlotsImpl(code, code.stackSlots());
+}
+
+void allocateStackByGraphColoring(Code& code)
+{
+    PhaseScope phaseScope(code, "allocateStackByGraphColoring");
+    
+    handleCalleeSaves(code);
+    
+    Vector<StackSlot*> assignedEscapedStackSlots = allocateEscapedStackSlotsImpl(code);
 
     // Now we handle the spill slots.
@@ -378 +405 @@
     }
 
-    // Figure out how much stack we're using for stack slots.
-    unsigned frameSizeForStackSlots = 0;
-    for (StackSlot* slot : code.stackSlots()) {
-        frameSizeForStackSlots = std::max(
-            frameSizeForStackSlots,
-            static_cast<unsigned>(-slot->offsetFromFP()));
-    }
-
-    frameSizeForStackSlots = WTF::roundUpToMultipleOf(stackAlignmentBytes(), frameSizeForStackSlots);
-
-    // Now we need to deduce how much argument area we need.
-    for (BasicBlock* block : code) {
-        for (Inst& inst : *block) {
-            for (Arg& arg : inst.args) {
-                if (arg.isCallArg()) {
-                    // For now, we assume that we use 8 bytes of the call arg. But that's not
-                    // such an awesome assumption.
-                    // FIXME: https://bugs.webkit.org/show_bug.cgi?id=150454
-                    ASSERT(arg.offset() >= 0);
-                    code.requestCallArgAreaSizeInBytes(arg.offset() + 8);
-                }
-            }
-        }
-    }
-
-    code.setFrameSize(frameSizeForStackSlots + code.callArgAreaSizeInBytes());
-
-    // Finally, transform the code to use Addr's instead of StackSlot's. This is a lossless
-    // transformation since we can search the StackSlots array to figure out which StackSlot any
-    // offset-from-FP refers to.
-
-    // FIXME: This may produce addresses that aren't valid if we end up with a ginormous stack frame.
-    // We would have to scavenge for temporaries if this happened. Fortunately, this case will be
-    // extremely rare so we can do crazy things when it arises.
-    // https://bugs.webkit.org/show_bug.cgi?id=152530
-
-    InsertionSet insertionSet(code);
-    for (BasicBlock* block : code) {
-        for (unsigned instIndex = 0; instIndex < block->size(); ++instIndex) {
-            Inst& inst = block->at(instIndex);
-            inst.forEachArg(
-                [&] (Arg& arg, Arg::Role role, Bank, Width width) {
-                    auto stackAddr = [&] (int32_t offset) -> Arg {
-                        return Arg::stackAddr(offset, code.frameSize(), width);
-                    };
-                    
-                    switch (arg.kind()) {
-                    case Arg::Stack: {
-                        StackSlot* slot = arg.stackSlot();
-                        if (Arg::isZDef(role)
-                            && slot->kind() == StackSlotKind::Spill
-                            && slot->byteSize() > bytes(width)) {
-                            // Currently we only handle this simple case because it's the only one
-                            // that arises: ZDef's are only 32-bit right now. So, when we hit these
-                            // assertions it means that we need to implement those other kinds of
-                            // zero fills.
-                            RELEASE_ASSERT(slot->byteSize() == 8);
-                            RELEASE_ASSERT(width == Width32);
-
-                            RELEASE_ASSERT(isValidForm(StoreZero32, Arg::Stack));
-                            insertionSet.insert(
-                                instIndex + 1, StoreZero32, inst.origin,
-                                stackAddr(arg.offset() + 4 + slot->offsetFromFP()));
-                        }
-                        arg = stackAddr(arg.offset() + slot->offsetFromFP());
-                        break;
-                    }
-                    case Arg::CallArg:
-                        arg = stackAddr(arg.offset() - code.frameSize());
-                        break;
-                    default:
-                        break;
-                    }
-                }
-            );
-        }
-        insertionSet.execute(block);
-    }
+    updateFrameSizeBasedOnStackSlots(code);
+    code.setStackIsAllocated(true);
 }
 
@@ -462 +413 @@
 #endif // ENABLE(B3_JIT)
 
-

trunk/Source/JavaScriptCore/b3/air/AirAllocateStackByGraphColoring.h

@@ -34 +34 @@
 // This allocates StackSlots to places on the stack. It first allocates the pinned ones in index
 // order and then it allocates the rest using first fit. Takes the opportunity to kill dead
-// assignments to stack slots, since it knows which ones are live. Also fixes ZDefs to anonymous
-// stack slots. Also coalesces spill slots whenever possible.
+// assignments to stack slots, since it knows which ones are live. Also coalesces spill slots
+// whenever possible.
 //
 // This is meant to be an optimal stack allocator, focused on generating great code. It's not
@@ -42 +42 @@
 void allocateStackByGraphColoring(Code&);
 
+// These are utilities shared by this phase and allocateRegistersAndStackByLinearScan().
+void allocateEscapedStackSlots(Code&);
+void updateFrameSizeBasedOnStackSlots(Code&);
+
 } } } // namespace JSC::B3::Air
 

trunk/Source/JavaScriptCore/b3/air/AirArg.cpp

@@ -42 +42 @@
 namespace JSC { namespace B3 { namespace Air {
 
+Arg Arg::stackAddr(int32_t offsetFromFP, unsigned frameSize, Width width)
+{
+    Arg result = Arg::addr(Air::Tmp(GPRInfo::callFrameRegister), offsetFromFP);
+    if (!result.isValidForm(width)) {
+        result = Arg::addr(
+            Air::Tmp(MacroAssembler::stackPointerRegister),
+            offsetFromFP + frameSize);
+    }
+    return result;
+}
+
 bool Arg::isStackMemory() const
 {

trunk/Source/JavaScriptCore/b3/air/AirArg.h

@@ -561 +561 @@
         return result;
     }
-
-    static Arg stackAddr(int32_t offsetFromFP, unsigned frameSize, Width width)
-    {
-        Arg result = Arg::addr(Air::Tmp(GPRInfo::callFrameRegister), offsetFromFP);
-        if (!result.isValidForm(width)) {
-            result = Arg::addr(
-                Air::Tmp(MacroAssembler::stackPointerRegister),
-                offsetFromFP + frameSize);
-        }
-        return result;
-    }
+    
+    static Arg stackAddr(int32_t offsetFromFP, unsigned frameSize, Width);
 
     // If you don't pass a Width, this optimistically assumes that you're using the right width.

trunk/Source/JavaScriptCore/b3/air/AirCode.cpp

@@ -103 +103 @@
 StackSlot* Code::addStackSlot(unsigned byteSize, StackSlotKind kind, B3::StackSlot* b3Slot)
 {
-    return m_stackSlots.addNew(byteSize, kind, b3Slot);
+    StackSlot* result = m_stackSlots.addNew(byteSize, kind, b3Slot);
+    if (m_stackIsAllocated) {
+        // FIXME: This is unnecessarily awful. Fortunately, it doesn't run often.
+        unsigned extent = WTF::roundUpToMultipleOf(result->alignment(), frameSize() + byteSize);
+        result->setOffsetFromFP(-static_cast<ptrdiff_t>(extent));
+        setFrameSize(WTF::roundUpToMultipleOf(stackAlignmentBytes(), extent));
+    }
+    return result;
 }
 
@@ -137 +144 @@
     }
     return false;
+}
+
+void Code::setCalleeSaveRegisterAtOffsetList(RegisterAtOffsetList&& registerAtOffsetList, StackSlot* slot)
+{
+    m_uncorrectedCalleeSaveRegisterAtOffsetList = WTFMove(registerAtOffsetList);
+    for (const RegisterAtOffset& registerAtOffset : m_uncorrectedCalleeSaveRegisterAtOffsetList)
+        m_calleeSaveRegisters.set(registerAtOffset.reg());
+    m_calleeSaveStackSlot = slot;
+}
+
+RegisterAtOffsetList Code::calleeSaveRegisterAtOffsetList() const
+{
+    RegisterAtOffsetList result = m_uncorrectedCalleeSaveRegisterAtOffsetList;
+    if (StackSlot* slot = m_calleeSaveStackSlot) {
+        ptrdiff_t offset = slot->byteSize() + slot->offsetFromFP();
+        for (size_t i = result.size(); i--;) {
+            result.at(i) = RegisterAtOffset(
+                result.at(i).reg(),
+                result.at(i).offset() + offset);
+        }
+    }
+    return result;
 }
 
@@ -171 +200 @@
             out.print("    ", deepDump(special), "\n");
     }
-    if (m_frameSize)
-        out.print("Frame size: ", m_frameSize, "\n");
+    if (m_frameSize || m_stackIsAllocated)
+        out.print("Frame size: ", m_frameSize, m_stackIsAllocated ? " (Allocated)" : "", "\n");
     if (m_callArgAreaSize)
         out.print("Call arg area size: ", m_callArgAreaSize, "\n");
-    if (m_calleeSaveRegisters.size())
-        out.print("Callee saves: ", m_calleeSaveRegisters, "\n");
+    RegisterAtOffsetList calleeSaveRegisters = this->calleeSaveRegisterAtOffsetList();
+    if (calleeSaveRegisters.size())
+        out.print("Callee saves: ", calleeSaveRegisters, "\n");
 }
 

trunk/Source/JavaScriptCore/b3/air/AirCode.h

@@ -187 +187 @@
         m_entrypointLabels = std::forward<Vector>(vector);
     }
-
-    const RegisterAtOffsetList& calleeSaveRegisters() const { return m_calleeSaveRegisters; }
-    RegisterAtOffsetList& calleeSaveRegisters() { return m_calleeSaveRegisters; }
+    
+    void setStackIsAllocated(bool value)
+    {
+        m_stackIsAllocated = value;
+    }
+    
+    bool stackIsAllocated() const { return m_stackIsAllocated; }
+    
+    // This sets the callee save registers.
+    void setCalleeSaveRegisterAtOffsetList(RegisterAtOffsetList&&, StackSlot*);
+
+    // This returns the correctly offset list of callee save registers.
+    RegisterAtOffsetList calleeSaveRegisterAtOffsetList() const;
+    
+    // This just tells you what the callee saves are.
+    RegisterSet calleeSaveRegisters() const { return m_calleeSaveRegisters; }
 
     // Recomputes predecessors and deletes unreachable blocks.
@@ -330 +343 @@
     unsigned m_frameSize { 0 };
     unsigned m_callArgAreaSize { 0 };
-    RegisterAtOffsetList m_calleeSaveRegisters;
+    bool m_stackIsAllocated { false };
+    RegisterAtOffsetList m_uncorrectedCalleeSaveRegisterAtOffsetList;
+    RegisterSet m_calleeSaveRegisters;
+    StackSlot* m_calleeSaveStackSlot { nullptr };
     Vector<FrequentedBlock> m_entrypoints; // This is empty until after lowerEntrySwitch().
     Vector<CCallHelpers::Label> m_entrypointLabels; // This is empty until code generation.

trunk/Source/JavaScriptCore/b3/air/AirGenerate.cpp

@@ -29 +29 @@
 #if ENABLE(B3_JIT)
 
+#include "AirAllocateRegistersAndStackByLinearScan.h"
 #include "AirAllocateRegistersByGraphColoring.h"
-#include "AirAllocateRegistersByLinearScan.h"
 #include "AirAllocateStackByGraphColoring.h"
 #include "AirCode.h"
@@ -37 +37 @@
 #include "AirFixPartialRegisterStalls.h"
 #include "AirGenerationContext.h"
-#include "AirHandleCalleeSaves.h"
 #include "AirLogRegisterPressure.h"
 #include "AirLowerAfterRegAlloc.h"
 #include "AirLowerEntrySwitch.h"
 #include "AirLowerMacros.h"
+#include "AirLowerStackArgs.h"
 #include "AirOpcodeUtils.h"
 #include "AirOptimizeBlockOrder.h"
 #include "AirReportUsedRegisters.h"
 #include "AirSimplifyCFG.h"
-#include "AirSpillEverything.h"
 #include "AirValidate.h"
 #include "B3Common.h"
@@ -85 +84 @@
     eliminateDeadCode(code);
 
-    // Register allocation for all the Tmps that do not have a corresponding machine register.
-    // After this phase, every Tmp has a reg.
-    //
-    // For debugging, you can use spillEverything() to put everything to the stack between each Inst.
-    if (Options::airSpillsEverything())
-        spillEverything(code);
-    else if (code.optLevel() >= 2)
+    if (code.optLevel() <= 1) {
+        // When we're compiling quickly, we do register and stack allocation in one linear scan
+        // phase. It's fast because it computes liveness only once.
+        allocateRegistersAndStackByLinearScan(code);
+        
+        if (Options::logAirRegisterPressure()) {
+            dataLog("Register pressure after register allocation:\n");
+            logRegisterPressure(code);
+        }
+        
+        // We may still need to do post-allocation lowering. Doing it after both register and
+        // stack allocation is less optimal, but it works fine.
+        lowerAfterRegAlloc(code);
+    } else {
+        // NOTE: B3 -O2 generates code that runs 1.5x-2x faster than code generated by -O1.
+        // Most of this performance benefit is from -O2's graph coloring register allocation
+        // and stack allocation pipeline, which you see below.
+        
+        // Register allocation for all the Tmps that do not have a corresponding machine
+        // register. After this phase, every Tmp has a reg.
         allocateRegistersByGraphColoring(code);
-    else
-        allocateRegistersByLinearScan(code);
-
-    if (Options::logAirRegisterPressure()) {
-        dataLog("Register pressure after register allocation:\n");
-        logRegisterPressure(code);
-    }
-    
-    if (code.optLevel() >= 2) {
-        // This replaces uses of spill slots with registers or constants if possible. It does this by
-        // minimizing the amount that we perturb the already-chosen register allocation. It may extend
-        // the live ranges of registers though.
+        
+        if (Options::logAirRegisterPressure()) {
+            dataLog("Register pressure after register allocation:\n");
+            logRegisterPressure(code);
+        }
+        
+        // This replaces uses of spill slots with registers or constants if possible. It
+        // does this by minimizing the amount that we perturb the already-chosen register
+        // allocation. It may extend the live ranges of registers though.
         fixObviousSpills(code);
-    }
-
-    lowerAfterRegAlloc(code);
-
-    // Prior to this point the prologue and epilogue is implicit. This makes it explicit. It also
-    // does things like identify which callee-saves we're using and saves them.
-    handleCalleeSaves(code);
-    
-    // This turns all Stack and CallArg Args into Addr args that use the frame pointer. It does
-    // this by first-fit allocating stack slots. It should be pretty darn close to optimal, so we
-    // shouldn't have to worry about this very much.
-    allocateStackByGraphColoring(code);
+        
+        lowerAfterRegAlloc(code);
+        
+        // This does first-fit allocation of stack slots using an interference graph plus a
+        // bunch of other optimizations.
+        allocateStackByGraphColoring(code);
+    }
+    
+    // This turns all Stack and CallArg Args into Addr args that use the frame pointer.
+    lowerStackArgs(code);
     
     // If we coalesced moves then we can unbreak critical edges. This is the main reason for this
@@ -213 +220 @@
                 jit.addPtr(CCallHelpers::TrustedImm32(-code.frameSize()), MacroAssembler::stackPointerRegister);
             
-            for (const RegisterAtOffset& entry : code.calleeSaveRegisters()) {
+            for (const RegisterAtOffset& entry : code.calleeSaveRegisterAtOffsetList()) {
                 if (entry.reg().isGPR())
                     jit.storePtr(entry.reg().gpr(), argFor(entry));
@@ -250 +257 @@
             auto start = jit.labelIgnoringWatchpoints();
             if (code.frameSize()) {
-                for (const RegisterAtOffset& entry : code.calleeSaveRegisters()) {
+                for (const RegisterAtOffset& entry : code.calleeSaveRegisterAtOffsetList()) {
                     if (entry.reg().isGPR())
                         jit.loadPtr(argFor(entry), entry.reg().gpr());

trunk/Source/JavaScriptCore/b3/air/AirHandleCalleeSaves.cpp

@@ -1 +1 @@
 /*
- * Copyright (C) 2015-2016 Apple Inc. All rights reserved.
+ * Copyright (C) 2015-2017 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -31 +31 @@
 #include "AirCode.h"
 #include "AirInstInlines.h"
-#include "AirPhaseScope.h"
 
 namespace JSC { namespace B3 { namespace Air {
@@ -37 +36 @@
 void handleCalleeSaves(Code& code)
 {
-    PhaseScope phaseScope(code, "handleCalleeSaves");
-
     RegisterSet usedCalleeSaves;
 
@@ -62 +59 @@
         return;
 
-    code.calleeSaveRegisters() = RegisterAtOffsetList(usedCalleeSaves);
+    RegisterAtOffsetList calleeSaveRegisters = RegisterAtOffsetList(usedCalleeSaves);
 
     size_t byteSize = 0;
-    for (const RegisterAtOffset& entry : code.calleeSaveRegisters())
+    for (const RegisterAtOffset& entry : calleeSaveRegisters)
         byteSize = std::max(static_cast<size_t>(-entry.offset()), byteSize);
 
-    StackSlot* savesArea = code.addStackSlot(byteSize, StackSlotKind::Locked);
-    // This is a bit weird since we could have already pinned a different stack slot to this
-    // area. Also, our runtime does not require us to pin the saves area. Maybe we shouldn't pin it?
-    savesArea->setOffsetFromFP(-byteSize);
+    code.setCalleeSaveRegisterAtOffsetList(
+        WTFMove(calleeSaveRegisters),
+        code.addStackSlot(byteSize, StackSlotKind::Locked));
 }
 

trunk/Source/JavaScriptCore/b3/air/AirHandleCalleeSaves.h

@@ -1 +1 @@
 /*
- * Copyright (C) 2015 Apple Inc. All rights reserved.
+ * Copyright (C) 2015-2017 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -32 +32 @@
 class Code;
 
-// This phase identifies callee-save registers and adds code to save/restore them in the
-// prologue/epilogue to the code. It's a mandatory phase.
+// This utility identifies callee-save registers and tells Code. It's called from phases that
+// do stack allocation. We don't do it at the end of register allocation because the real end
+// of register allocation is just before stack allocation.
 
 // FIXME: It would be cool to make this more interactive with the Air client and also more

trunk/Source/JavaScriptCore/b3/air/AirLowerAfterRegAlloc.cpp

@@ -76 +76 @@
 
     HashMap<Inst*, RegisterSet> usedRegisters;
-
+    
     RegLiveness liveness(code);
     for (BasicBlock* block : code) {
@@ -97 +97 @@
         }
     }
-
+    
+    std::array<std::array<StackSlot*, 2>, numBanks> slots;
+    forEachBank(
+        [&] (Bank bank) {
+            for (unsigned i = 0; i < 2; ++i)
+                slots[bank][i] = nullptr;
+        });
+
+    // If we run after stack allocation then we cannot use those callee saves that aren't in
+    // the callee save list. Note that we are only run after stack allocation in -O1, so this
+    // kind of slop is OK.
+    RegisterSet blacklistedCalleeSaves;
+    if (code.stackIsAllocated()) {
+        blacklistedCalleeSaves = RegisterSet::calleeSaveRegisters();
+        blacklistedCalleeSaves.exclude(code.calleeSaveRegisters());
+    }
+    
     auto getScratches = [&] (RegisterSet set, Bank bank) -> std::array<Arg, 2> {
         std::array<Arg, 2> result;
@@ -103 +119 @@
             bool found = false;
             for (Reg reg : code.regsInPriorityOrder(bank)) {
-                if (!set.get(reg)) {
+                if (!set.get(reg) && !blacklistedCalleeSaves.get(reg)) {
                     result[i] = Tmp(reg);
                     set.set(reg);
@@ -111 +127 @@
             }
             if (!found) {
-                result[i] = Arg::stack(
-                    code.addStackSlot(
-                        bytes(conservativeWidth(bank)),
-                        StackSlotKind::Spill));
+                StackSlot*& slot = slots[bank][i];
+                if (!slot)
+                    slot = code.addStackSlot(bytes(conservativeWidth(bank)), StackSlotKind::Spill);
+                result[i] = Arg::stack(slots[bank][i]);
             }
         }

trunk/Source/JavaScriptCore/b3/testb3.cpp

@@ -14103 +14103 @@
             }
         }
-        for (const RegisterAtOffset& regAtOffset : proc.calleeSaveRegisters())
+        for (const RegisterAtOffset& regAtOffset : proc.calleeSaveRegisterAtOffsetList())
             usesCSRs |= csrs.get(regAtOffset.reg());
         CHECK_EQ(usesCSRs, !pin);

trunk/Source/JavaScriptCore/ftl/FTLCompile.cpp

@@ -78 +78 @@
     
     std::unique_ptr<RegisterAtOffsetList> registerOffsets =
-        std::make_unique<RegisterAtOffsetList>(state.proc->calleeSaveRegisters());
+        std::make_unique<RegisterAtOffsetList>(state.proc->calleeSaveRegisterAtOffsetList());
     if (shouldDumpDisassembly())
         dataLog("Unwind info for ", CodeBlockWithJITType(state.graph.m_codeBlock, JITCode::FTLJIT), ": ", *registerOffsets, "\n");

trunk/Source/JavaScriptCore/jit/RegisterAtOffsetList.h

@@ -39 +39 @@
 
     RegisterAtOffsetList();
-    RegisterAtOffsetList(RegisterSet, OffsetBaseType = FramePointerBased);
+    explicit RegisterAtOffsetList(RegisterSet, OffsetBaseType = FramePointerBased);
 
     void dump(PrintStream&) const;

trunk/Source/JavaScriptCore/runtime/Options.h

@@ -399 +399 @@
     v(bool, logB3PhaseTimes, false, Normal, nullptr) \
     v(double, rareBlockPenalty, 0.001, Normal, nullptr) \
-    v(bool, airSpillsEverything, false, Normal, nullptr) \
     v(bool, airLinearScanVerbose, false, Normal, nullptr) \
     v(bool, airLinearScanSpillsEverything, false, Normal, nullptr) \

trunk/Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp

@@ -1329 +1329 @@
         B3::generate(procedure, *compilationContext.wasmEntrypointJIT);
         compilationContext.wasmEntrypointByproducts = procedure.releaseByproducts();
-        result->wasmEntrypoint.calleeSaveRegisters = procedure.calleeSaveRegisters();
+        result->wasmEntrypoint.calleeSaveRegisters = procedure.calleeSaveRegisterAtOffsetList();
     }