Changeset 222009 in webkit for trunk/Source/JavaScriptCore/dfg/DFGThunks.cpp

Timestamp:

Sep 13, 2017, 9:21:05 PM (8 years ago)

Author:

[email protected]

Message:

Rolling out r221832: Regresses Speedometer by ~4% and Dromaeo CSS YUI by ~20%.
​https://bugs.webkit.org/show_bug.cgi?id=176888
<rdar://problem/34381832>

Not reviewed.

JSTests:

• stress/op_mod-ConstVar.js:
• stress/op_mod-VarConst.js:
• stress/op_mod-VarVar.js:

Source/JavaScriptCore:

• JavaScriptCore.xcodeproj/project.pbxproj:
• assembler/MacroAssembler.cpp:

(JSC::stdFunctionCallback):

• assembler/MacroAssemblerPrinter.cpp:

(JSC::Printer::printCallback):

• assembler/ProbeContext.h:

(JSC::Probe:: const):
(JSC::Probe::Context::Context):
(JSC::Probe::Context::gpr):
(JSC::Probe::Context::spr):
(JSC::Probe::Context::fpr):
(JSC::Probe::Context::gprName):
(JSC::Probe::Context::sprName):
(JSC::Probe::Context::fprName):
(JSC::Probe::Context::pc):
(JSC::Probe::Context::fp):
(JSC::Probe::Context::sp):
(JSC::Probe::CPUState::gpr const): Deleted.
(JSC::Probe::CPUState::spr const): Deleted.
(JSC::Probe::Context::arg): Deleted.
(JSC::Probe::Context::gpr const): Deleted.
(JSC::Probe::Context::spr const): Deleted.
(JSC::Probe::Context::fpr const): Deleted.

• assembler/ProbeFrame.h: Removed.
• assembler/ProbeStack.cpp:

(JSC::Probe::Page::Page):

• assembler/ProbeStack.h:

(JSC::Probe::Page::get):
(JSC::Probe::Page::set):
(JSC::Probe::Page::physicalAddressFor):
(JSC::Probe::Stack::lowWatermark):
(JSC::Probe::Stack::get):
(JSC::Probe::Stack::set):

• bytecode/ArithProfile.cpp:
• bytecode/ArithProfile.h:
• bytecode/ArrayProfile.h:

(JSC::ArrayProfile::observeArrayMode): Deleted.

• bytecode/CodeBlock.cpp:

(JSC::CodeBlock::updateOSRExitCounterAndCheckIfNeedToReoptimize): Deleted.

• bytecode/CodeBlock.h:

(JSC::CodeBlock::addressOfOSRExitCounter):

• bytecode/ExecutionCounter.h:

(JSC::ExecutionCounter::hasCrossedThreshold const): Deleted.
(JSC::ExecutionCounter::setNewThresholdForOSRExit): Deleted.

• bytecode/MethodOfGettingAValueProfile.cpp:

(JSC::MethodOfGettingAValueProfile::reportValue): Deleted.

• bytecode/MethodOfGettingAValueProfile.h:
• dfg/DFGDriver.cpp:

(JSC::DFG::compileImpl):

• dfg/DFGJITCode.cpp:

(JSC::DFG::JITCode::findPC):

• dfg/DFGJITCode.h:
• dfg/DFGJITCompiler.cpp:

(JSC::DFG::JITCompiler::linkOSRExits):
(JSC::DFG::JITCompiler::link):

• dfg/DFGOSRExit.cpp:

(JSC::DFG::OSRExit::setPatchableCodeOffset):
(JSC::DFG::OSRExit::getPatchableCodeOffsetAsJump const):
(JSC::DFG::OSRExit::codeLocationForRepatch const):
(JSC::DFG::OSRExit::correctJump):
(JSC::DFG::OSRExit::emitRestoreArguments):
(JSC::DFG::OSRExit::compileOSRExit):
(JSC::DFG::OSRExit::compileExit):
(JSC::DFG::OSRExit::debugOperationPrintSpeculationFailure):
(JSC::DFG::jsValueFor): Deleted.
(JSC::DFG::restoreCalleeSavesFor): Deleted.
(JSC::DFG::saveCalleeSavesFor): Deleted.
(JSC::DFG::restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer): Deleted.
(JSC::DFG::copyCalleeSavesToVMEntryFrameCalleeSavesBuffer): Deleted.
(JSC::DFG::saveOrCopyCalleeSavesFor): Deleted.
(JSC::DFG::createDirectArgumentsDuringExit): Deleted.
(JSC::DFG::createClonedArgumentsDuringExit): Deleted.
(JSC::DFG::emitRestoreArguments): Deleted.
(JSC::DFG::OSRExit::executeOSRExit): Deleted.
(JSC::DFG::reifyInlinedCallFrames): Deleted.
(JSC::DFG::adjustAndJumpToTarget): Deleted.
(JSC::DFG::printOSRExit): Deleted.

• dfg/DFGOSRExit.h:

(JSC::DFG::OSRExitState::OSRExitState): Deleted.

• dfg/DFGOSRExitCompilerCommon.cpp:
• dfg/DFGOSRExitCompilerCommon.h:
• dfg/DFGOperations.cpp:
• dfg/DFGOperations.h:
• dfg/DFGThunks.cpp:

(JSC::DFG::osrExitGenerationThunkGenerator):
(JSC::DFG::osrExitThunkGenerator): Deleted.

• dfg/DFGThunks.h:
• jit/AssemblyHelpers.cpp:

(JSC::AssemblyHelpers::debugCall):

• jit/AssemblyHelpers.h:
• jit/JITOperations.cpp:
• jit/JITOperations.h:
• profiler/ProfilerOSRExit.h:

(JSC::Profiler::OSRExit::incCount): Deleted.

• runtime/JSCJSValue.h:
• runtime/JSCJSValueInlines.h:
• runtime/VM.h:

File:

• trunk/Source/JavaScriptCore/dfg/DFGThunks.cpp (modified) (1 diff)

trunk/Source/JavaScriptCore/dfg/DFGThunks.cpp

@@ -41 +41 @@
 namespace JSC { namespace DFG {
 
-MacroAssemblerCodeRef osrExitThunkGenerator(VM* vm)
+MacroAssemblerCodeRef osrExitGenerationThunkGenerator(VM* vm)
 {
     MacroAssembler jit;
-    jit.probe(OSRExit::executeOSRExit, vm);
+
+    // This needs to happen before we use the scratch buffer because this function also uses the scratch buffer.
+    adjustFrameAndStackInOSRExitCompilerThunk<DFG::JITCode>(jit, vm, JITCode::DFGJIT);
+    
+    size_t scratchSize = sizeof(EncodedJSValue) * (GPRInfo::numberOfRegisters + FPRInfo::numberOfRegisters);
+    ScratchBuffer* scratchBuffer = vm->scratchBufferForSize(scratchSize);
+    EncodedJSValue* buffer = static_cast<EncodedJSValue*>(scratchBuffer->dataBuffer());
+    
+    for (unsigned i = 0; i < GPRInfo::numberOfRegisters; ++i) {
+#if USE(JSVALUE64)
+        jit.store64(GPRInfo::toRegister(i), buffer + i);
+#else
+        jit.store32(GPRInfo::toRegister(i), buffer + i);
+#endif
+    }
+    for (unsigned i = 0; i < FPRInfo::numberOfRegisters; ++i) {
+        jit.move(MacroAssembler::TrustedImmPtr(buffer + GPRInfo::numberOfRegisters + i), GPRInfo::regT0);
+        jit.storeDouble(FPRInfo::toRegister(i), MacroAssembler::Address(GPRInfo::regT0));
+    }
+    
+    // Tell GC mark phase how much of the scratch buffer is active during call.
+    jit.move(MacroAssembler::TrustedImmPtr(scratchBuffer->addressOfActiveLength()), GPRInfo::regT0);
+    jit.storePtr(MacroAssembler::TrustedImmPtr(scratchSize), MacroAssembler::Address(GPRInfo::regT0));
+
+    // Set up one argument.
+#if CPU(X86)
+    jit.poke(GPRInfo::callFrameRegister, 0);
+#else
+    jit.move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
+#endif
+
+    MacroAssembler::Call functionCall = jit.call();
+
+    jit.move(MacroAssembler::TrustedImmPtr(scratchBuffer->addressOfActiveLength()), GPRInfo::regT0);
+    jit.storePtr(MacroAssembler::TrustedImmPtr(0), MacroAssembler::Address(GPRInfo::regT0));
+
+    for (unsigned i = 0; i < FPRInfo::numberOfRegisters; ++i) {
+        jit.move(MacroAssembler::TrustedImmPtr(buffer + GPRInfo::numberOfRegisters + i), GPRInfo::regT0);
+        jit.loadDouble(MacroAssembler::Address(GPRInfo::regT0), FPRInfo::toRegister(i));
+    }
+    for (unsigned i = 0; i < GPRInfo::numberOfRegisters; ++i) {
+#if USE(JSVALUE64)
+        jit.load64(buffer + i, GPRInfo::toRegister(i));
+#else
+        jit.load32(buffer + i, GPRInfo::toRegister(i));
+#endif
+    }
+    
+    jit.jump(MacroAssembler::AbsoluteAddress(&vm->osrExitJumpDestination));
+    
     LinkBuffer patchBuffer(jit, GLOBAL_THUNK_ID);
-    return FINALIZE_CODE(patchBuffer, ("DFG OSR exit thunk"));
+    
+    patchBuffer.link(functionCall, OSRExit::compileOSRExit);
+    
+    return FINALIZE_CODE(patchBuffer, ("DFG OSR exit generation thunk"));
 }