Changeset 290647 in webkit for trunk/Source/JavaScriptCore/jit/SlowPathCall.cpp

Timestamp:

Mar 1, 2022, 7:42:50 AM (3 years ago)

Author:

[email protected]

Message:

[JSC] Port EXTRA_CTI_THUNKS to all platforms
​https://bugs.webkit.org/show_bug.cgi?id=233822

Patch by Geza Lore <Geza Lore> on 2022-03-01
Reviewed by Saam Barati.

Source/JavaScriptCore:

Port and enable all code paths under #ifdef ENABLE(EXTRA_CTI_THUNKS)
on all platforms, and remove the now unused code paths.

To port the extra thunks to all platforms, it was necessary to enable
them to do function calls to C++ slow path operations, which on some
platforms require passing arguments on the stack. To enable this,
CCallHelpers::emitCTIThunkPrologue and
CCallHelpers::emitCTIThunkEpilogue are introduced that allocate some
additional stack space on platforms where this is necessary.

Additionally, the thunks that require subsequent exception checking
now tail call directly to the exception check thunk, rather than
returning to the baseline code and do a separate call to the exception
check thunk. This saves an extra call site in the generated baseline
ops and reduces code size on all platforms (~1.5% reduction on x86_64).

Also factored out the statically allocated register definitions for
baseline ops into BaselineJITRegisters.h, as there are now quite a lot
of them and some are somewhat elaborate. This necessitates moving the
noOverlap and preferredArgumentGPR/preferredArgumentJSR constexpr
functions out from their previous place, so these now live in
GPRInfo.h

Enabling the extra CTI thunks on ARMv7/Thumb-2 saves about 25%
baseline code size, according to --dumpLinkBufferStats.

• assembler/MacroAssembler.h:

(JSC::MacroAssembler::subPtr):

• assembler/MacroAssemblerARMv7.h:

(JSC::MacroAssemblerARMv7::scratchRegister):

• assembler/MacroAssemblerX86_64.h:

(JSC::MacroAssemblerX86_64::sub64):

• bytecode/PolymorphicAccess.cpp:

(JSC::AccessGenerationState::emitExplicitExceptionHandler):

• bytecode/StructureStubInfo.cpp:

(JSC::StructureStubInfo::initializeFromUnlinkedStructureStubInfo):

• dfg/DFGJITCompiler.cpp:

(JSC::DFG::JITCompiler::link):
(JSC::DFG::JITCompiler::compile):
(JSC::DFG::JITCompiler::compileFunction):

• dfg/DFGJITCompiler.h:
• ftl/FTLCompile.cpp:

(JSC::FTL::compile):

• ftl/FTLLink.cpp:

(JSC::FTL::link):

• jit/CCallHelpers.h:

(JSC::CCallHelpers::emitCTIThunkPrologue):
(JSC::CCallHelpers::emitCTIThunkEpilogue):

• jit/JIT.cpp:

(JSC::JIT::emitSlowCaseCall):
(JSC::JIT::privateCompileSlowCases):
(JSC::JIT::compileAndLinkWithoutFinalizing):
(JSC::JIT::link):

• jit/JIT.h:
• jit/JITArithmetic.cpp:

(JSC::JIT::emitSlow_op_mod):
(JSC::JIT::emit_op_mod):
(JSC::JIT::emit_op_div):

• jit/JITCall.cpp:

(JSC::JIT::emit_op_iterator_open):
(JSC::JIT::emit_op_iterator_next):
(JSC::JIT::emitSlow_op_iterator_next):

• jit/JITInlineCacheGenerator.cpp:

(JSC::JITGetByIdGenerator::generateBaselineDataICFastPath):
(JSC::JITGetByIdWithThisGenerator::generateBaselineDataICFastPath):
(JSC::JITPutByIdGenerator::generateBaselineDataICFastPath):

• jit/JITInlineCacheGenerator.h:
• jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_jfalse):
(JSC::JIT::valueIsFalseyGenerator):
(JSC::JIT::emit_op_jtrue):
(JSC::JIT::valueIsTruthyGenerator):
(JSC::JIT::emit_op_throw):
(JSC::JIT::op_throw_handlerGenerator):
(JSC::JIT::emit_op_enter):
(JSC::JIT::op_enter_handlerGenerator):
(JSC::JIT::emitSlow_op_check_traps):
(JSC::JIT::op_check_traps_handlerGenerator):

• jit/JITPropertyAccess.cpp:

(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::generateGetByValSlowCase):
(JSC::JIT::slow_op_get_by_val_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emit_op_get_private_name):
(JSC::JIT::emitSlow_op_get_private_name):
(JSC::JIT::slow_op_get_private_name_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emit_op_set_private_brand):
(JSC::JIT::emitSlow_op_set_private_brand):
(JSC::JIT::emit_op_check_private_brand):
(JSC::JIT::emitSlow_op_check_private_brand):
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emitSlow_op_put_by_val):
(JSC::JIT::slow_op_put_by_val_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emit_op_put_private_name):
(JSC::JIT::emitSlow_op_put_private_name):
(JSC::JIT::slow_op_put_private_name_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emit_op_del_by_id):
(JSC::JIT::emitSlow_op_del_by_id):
(JSC::JIT::slow_op_del_by_id_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emit_op_del_by_val):
(JSC::JIT::emitSlow_op_del_by_val):
(JSC::JIT::slow_op_del_by_val_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emit_op_try_get_by_id):
(JSC::JIT::emitSlow_op_try_get_by_id):
(JSC::JIT::emit_op_get_by_id_direct):
(JSC::JIT::emitSlow_op_get_by_id_direct):
(JSC::JIT::emit_op_get_by_id):
(JSC::JIT::emitSlow_op_get_by_id):
(JSC::JIT::slow_op_get_by_id_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emit_op_get_by_id_with_this):
(JSC::JIT::emitSlow_op_get_by_id_with_this):
(JSC::JIT::slow_op_get_by_id_with_this_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emit_op_put_by_id):
(JSC::JIT::emitSlow_op_put_by_id):
(JSC::JIT::slow_op_put_by_id_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emitSlow_op_in_by_id):
(JSC::JIT::emitSlow_op_in_by_val):
(JSC::JIT::emitHasPrivateSlow):
(JSC::JIT::emitSlow_op_has_private_name):
(JSC::JIT::emitSlow_op_has_private_brand):
(JSC::JIT::emitSlow_op_put_to_scope):
(JSC::JIT::slow_op_put_to_scopeGenerator):
(JSC::JIT::emit_op_get_property_enumerator):
(JSC::JIT::emit_op_enumerator_next):
(JSC::JIT::emit_enumerator_has_propertyImpl):
(JSC::JIT::emit_op_enumerator_get_by_val):
(JSC::JIT::emit_op_enumerator_in_by_val):
(JSC::JIT::emit_op_enumerator_has_own_property):

• jit/JITThunks.cpp:
• jit/JITThunks.h:
• jit/SlowPathCall.cpp:

(JSC::JITSlowPathCall::call):
(JSC::JITSlowPathCall::generateThunk):

• jit/SlowPathCall.h:

(JSC::JITSlowPathCall::JITSlowPathCall):

• jit/ThunkGenerators.cpp:

(JSC::handleExceptionGenerator):
(JSC::checkExceptionGenerator):

• jit/ThunkGenerators.h:

Source/WTF:

• wtf/PlatformEnable.h:

Remove EXTRA_CTI_THUNKS define (now always on on all platforms)

File:

• trunk/Source/JavaScriptCore/jit/SlowPathCall.cpp (modified) (3 diffs)

trunk/Source/JavaScriptCore/jit/SlowPathCall.cpp

@@ -37 +37 @@
 namespace JSC {
 
-#if ENABLE(EXTRA_CTI_THUNKS)
+namespace {
+    constexpr GPRReg bytecodeOffsetGPR = JIT::argumentGPR3;
+}
 
 void JITSlowPathCall::call()
@@ -45 +47 @@
     ASSERT(BytecodeIndex(bytecodeOffset) == m_jit->m_bytecodeIndex);
 
-    UNUSED_VARIABLE(m_pc);
-    constexpr GPRReg bytecodeOffsetReg = GPRInfo::argumentGPR1;
-    m_jit->move(JIT::TrustedImm32(bytecodeOffset), bytecodeOffsetReg);
+    m_jit->move(JIT::TrustedImm32(bytecodeOffset), bytecodeOffsetGPR);
     m_jit->emitNakedNearCall(vm.jitStubs->ctiSlowPathFunctionStub(vm, m_slowPathFunction).retaggedCode<NoPtrTag>());
 }
@@ -55 +55 @@
     CCallHelpers jit;
 
-    constexpr GPRReg bytecodeOffsetReg = JIT::argumentGPR1;
+    jit.emitCTIThunkPrologue();
 
-#if CPU(X86_64)
-    jit.push(X86Registers::ebp);
-#elif CPU(ARM64)
-    jit.tagReturnAddress();
-    jit.pushPair(CCallHelpers::framePointerRegister, CCallHelpers::linkRegister);
+    // Call slow operation
+    jit.store32(bytecodeOffsetGPR, CCallHelpers::tagFor(CallFrameSlot::argumentCountIncludingThis));
+    jit.prepareCallOperation(vm);
+
+#if OS(WINDOWS) && CPU(X86_64)
+    // On Windows, return values larger than 8 bytes are retuened via an implicit pointer passed as
+    // the first argument, and remaining arguments are shifted to the right. Make space for this.
+    static_assert(sizeof(SlowPathReturnType) == 16, "Assumed by generated call site below");
+    jit.subPtr(MacroAssembler::TrustedImm32(16), MacroAssembler::stackPointerRegister);
+    jit.move(MacroAssembler::stackPointerRegister, GPRInfo::argumentGPR0);
+    constexpr GPRReg callFrameArgGPR = GPRInfo::argumentGPR1;
+    constexpr GPRReg pcArgGPR = GPRInfo::argumentGPR2;
+    static_assert(noOverlap(GPRInfo::argumentGPR0, callFrameArgGPR, pcArgGPR, bytecodeOffsetGPR));
+#else
+    constexpr GPRReg callFrameArgGPR = GPRInfo::argumentGPR0;
+    constexpr GPRReg pcArgGPR = GPRInfo::argumentGPR1;
+    static_assert(noOverlap(callFrameArgGPR, pcArgGPR, bytecodeOffsetGPR));
+#endif
+    jit.move(GPRInfo::callFrameRegister, callFrameArgGPR);
+    jit.loadPtr(CCallHelpers::addressFor(CallFrameSlot::codeBlock), pcArgGPR);
+    jit.loadPtr(CCallHelpers::Address(pcArgGPR, CodeBlock::offsetOfInstructionsRawPointer()), pcArgGPR);
+    jit.addPtr(bytecodeOffsetGPR, pcArgGPR);
+
+    CCallHelpers::Call call = jit.call(OperationPtrTag);
+
+#if OS(WINDOWS) && CPU(X86_64)
+    jit.pop(GPRInfo::returnValueGPR); // pc
+    jit.pop(GPRInfo::returnValueGPR2); // callFrame
 #endif
 
-    jit.store32(bytecodeOffsetReg, CCallHelpers::tagFor(CallFrameSlot::argumentCountIncludingThis));
+    jit.emitCTIThunkEpilogue();
 
-    jit.loadPtr(CCallHelpers::addressFor(CallFrameSlot::codeBlock), GPRInfo::argumentGPR0);
-
-    jit.prepareCallOperation(vm);
-
-    jit.loadPtr(CCallHelpers::Address(GPRInfo::argumentGPR0, CodeBlock::offsetOfInstructionsRawPointer()), GPRInfo::argumentGPR0);
-    static_assert(JIT::argumentGPR1 == bytecodeOffsetReg);
-    jit.addPtr(GPRInfo::argumentGPR0, GPRInfo::argumentGPR1);
-    jit.move(GPRInfo::callFrameRegister, GPRInfo::argumentGPR0);
-
-    CCallHelpers::Call call = jit.call(OperationPtrTag);
-    CCallHelpers::Jump exceptionCheck = jit.emitNonPatchableExceptionCheck(vm);
-
-#if CPU(X86_64)
-    jit.pop(X86Registers::ebp);
-#elif CPU(ARM64)
-    jit.popPair(CCallHelpers::framePointerRegister, CCallHelpers::linkRegister);
-#endif
-    jit.ret();
-
-    auto handler = vm.getCTIStub(popThunkStackPreservesAndHandleExceptionGenerator);
+    // Tail call to exception check thunk
+    CCallHelpers::Jump exceptionCheck = jit.jump();
 
     LinkBuffer patchBuffer(jit, GLOBAL_THUNK_ID, LinkBuffer::Profile::ExtraCTIThunk);
     patchBuffer.link(call, FunctionPtr<OperationPtrTag>(slowPathFunction));
-    patchBuffer.link(exceptionCheck, CodeLocationLabel(handler.retaggedCode<NoPtrTag>()));
+    patchBuffer.link(exceptionCheck, CodeLocationLabel(vm.getCTIStub(checkExceptionGenerator).retaggedCode<NoPtrTag>()));
     return FINALIZE_CODE(patchBuffer, JITThunkPtrTag, "SlowPathCall");
 }
-
-#endif // ENABLE(EXTRA_CTI_THUNKS)
 
 } // namespace JSC