Ignore:
Timestamp:
Jul 28, 2020, 12:28:16 PM (5 years ago)
Author:
[email protected]
Message:

[JSC] add IC support for op_get_private_name
https://bugs.webkit.org/show_bug.cgi?id=213545

Reviewed by Saam Barati.

JSTests:

Add a crashtest for a crash in an earlier edition of the GPN IC patch.

  • stress/get-private-name-cache-failure.js: Added.

Source/JavaScriptCore:

The baseline JIT now supports a fast path for op_private_name,
using a variant of GetByVal IC.

The generated AccessCase has the following qualities:

  • Always "direct", relying only on the current structure for cachebility
  • Never impure (DOM properties are not supported at this time, ProxyObjects are treated as JSObjects)

Based on the microbenchmark reviewed on https://bugs.webkit.org/show_bug.cgi?id=213544, this sees
an improvement of roughly 50% on average.

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::finishCreation):

  • bytecode/StructureStubInfo.cpp:

(JSC::StructureStubInfo::reset):

  • bytecode/StructureStubInfo.h:
  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileGetByVal):

  • jit/ICStats.h:
  • jit/JIT.cpp:

(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):

  • jit/JIT.h:
  • jit/JITInlineCacheGenerator.cpp:

(JSC::JITGetByValGenerator::JITGetByValGenerator):

  • jit/JITInlineCacheGenerator.h:
  • jit/JITOperations.cpp:

(JSC::getPrivateName):

  • jit/JITOperations.h:
  • jit/JITPropertyAccess.cpp:

(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emit_op_get_private_name):
(JSC::JIT::emitSlow_op_get_private_name):

  • jit/JITPropertyAccess32_64.cpp:

(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emit_op_get_private_name):
(JSC::JIT::emitSlow_op_get_private_name):

  • jit/Repatch.cpp:

(JSC::appropriateOptimizingGetByFunction):
(JSC::appropriateGetByFunction):
(JSC::tryCacheGetBy):

  • jit/Repatch.h:
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/jit/JIT.cpp

    r264504 r265000  
    293293        DEFINE_SLOW_OP(create_lexical_environment)
    294294        DEFINE_SLOW_OP(get_by_val_with_this)
    295         DEFINE_SLOW_OP(get_private_name)
    296295        DEFINE_SLOW_OP(put_by_id_with_this)
    297296        DEFINE_SLOW_OP(put_by_val_with_this)
     
    358357        DEFINE_OP(op_get_by_id_direct)
    359358        DEFINE_OP(op_get_by_val)
     359        DEFINE_OP(op_get_private_name)
    360360        DEFINE_OP(op_get_prototype_of)
    361361        DEFINE_OP(op_overrides_has_instance)
     
    562562        DEFINE_SLOWCASE_OP(op_get_by_id_direct)
    563563        DEFINE_SLOWCASE_OP(op_get_by_val)
     564        DEFINE_SLOWCASE_OP(op_get_private_name)
    564565        DEFINE_SLOWCASE_OP(op_instanceof)
    565566        DEFINE_SLOWCASE_OP(op_instanceof_custom)
Note: See TracChangeset for help on using the changeset viewer.