Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (291331 => 291332)
--- trunk/Source/_javascript_Core/ChangeLog 2022-03-16 05:19:45 UTC (rev 291331)
+++ trunk/Source/_javascript_Core/ChangeLog 2022-03-16 05:35:12 UTC (rev 291332)
@@ -1,5 +1,46 @@
2022-03-15 Yusuke Suzuki <ysuz...@apple.com>
+ [JSC] Add UnlinkedDFG compilation mode enum
+ https://bugs.webkit.org/show_bug.cgi?id=237934
+
+ Reviewed by Mark Lam.
+
+ This patch adds UnlinkedDFG compilation mode to prepare new unlinked DFG.
+
+ * dfg/DFGByteCodeParser.cpp:
+ (JSC::DFG::ByteCodeParser::inliningCost):
+ * dfg/DFGGraph.cpp:
+ (JSC::DFG::Graph::watchCondition):
+ (JSC::DFG::Graph::watchConditions):
+ (JSC::DFG::Graph::watchGlobalProperty):
+ (JSC::DFG::Graph::tryGetConstantProperty):
+ (JSC::DFG::Graph::tryGetConstantClosureVar):
+ (JSC::DFG::Graph::tryGetFoldableView):
+ (JSC::DFG::Graph::getRegExpPrototypeProperty):
+ (JSC::DFG::Graph::canOptimizeStringObjectAccess):
+ (JSC::DFG::Graph::canDoFastSpread):
+ * dfg/DFGGraph.h:
+ * dfg/DFGPlan.cpp:
+ (JSC::DFG::Plan::compileInThreadImpl):
+ * dfg/DFGTierUpCheckInjectionPhase.cpp:
+ (JSC::DFG::TierUpCheckInjectionPhase::run):
+ * jit/JITCompilationMode.cpp:
+ (WTF::printInternal):
+ * jit/JITCompilationMode.h:
+ (JSC::isDFG):
+ (JSC::isUnlinked):
+ * jit/JITPlan.cpp:
+ (JSC::JITPlan::tier const):
+ (JSC::JITPlan::reportCompileTimes const):
+ * jit/JITPlan.h:
+ (JSC::JITPlan::isDFG const):
+ (JSC::JITPlan::isUnlinked const):
+ * profiler/ProfilerCompilationKind.cpp:
+ (WTF::printInternal):
+ * profiler/ProfilerCompilationKind.h:
+
+2022-03-15 Yusuke Suzuki <ysuz...@apple.com>
+
[JSC] Concurrent byteOffsetImpl should not assume non-detached array-buffer
https://bugs.webkit.org/show_bug.cgi?id=237935
Modified: trunk/Source/_javascript_Core/dfg/DFGByteCodeParser.cpp (291331 => 291332)
--- trunk/Source/_javascript_Core/dfg/DFGByteCodeParser.cpp 2022-03-16 05:19:45 UTC (rev 291331)
+++ trunk/Source/_javascript_Core/dfg/DFGByteCodeParser.cpp 2022-03-16 05:35:12 UTC (rev 291332)
@@ -1566,6 +1566,11 @@
return UINT_MAX;
}
+ if (m_graph.m_plan.isUnlinked()) {
+ VERBOSE_LOG(" Failing because the compilation mode is unlinked DFG.\n");
+ return UINT_MAX;
+ }
+
FunctionExecutable* executable = callee.functionExecutable();
if (!executable) {
VERBOSE_LOG(" Failing because there is no function executable.\n");
Modified: trunk/Source/_javascript_Core/dfg/DFGGraph.cpp (291331 => 291332)
--- trunk/Source/_javascript_Core/dfg/DFGGraph.cpp 2022-03-16 05:19:45 UTC (rev 291331)
+++ trunk/Source/_javascript_Core/dfg/DFGGraph.cpp 2022-03-16 05:35:12 UTC (rev 291332)
@@ -1061,6 +1061,9 @@
bool Graph::watchCondition(const ObjectPropertyCondition& key)
{
+ if (m_plan.isUnlinked())
+ return false;
+
if (!key.isWatchable())
return false;
@@ -1081,6 +1084,9 @@
bool Graph::watchConditions(const ObjectPropertyConditionSet& keys)
{
+ if (m_plan.isUnlinked())
+ return false;
+
if (!keys.isValid())
return false;
@@ -1098,6 +1104,9 @@
bool Graph::watchGlobalProperty(JSGlobalObject* globalObject, unsigned identifierNumber)
{
+ if (m_plan.isUnlinked())
+ return false;
+
UniquedStringImpl* uid = identifiers()[identifierNumber];
// If we already have a WatchpointSet, and it is already invalidated, it means that this scope operation must be changed from GlobalProperty to GlobalLexicalVar,
// but we still have stale metadata here since we have not yet executed this bytecode operation since the invalidation. Just emitting ForceOSRExit to update the
@@ -1267,6 +1276,9 @@
JSValue Graph::tryGetConstantProperty(
JSValue base, const RegisteredStructureSet& structureSet, PropertyOffset offset)
{
+ if (m_plan.isUnlinked())
+ return JSValue();
+
if (!base || !base.isObject())
return JSValue();
@@ -1352,6 +1364,9 @@
JSValue Graph::tryGetConstantClosureVar(JSValue base, ScopeOffset offset)
{
// This has an awesome concurrency story. See comment for GetGlobalVar in ByteCodeParser.
+
+ if (m_plan.isUnlinked())
+ return JSValue();
if (!base)
return JSValue();
@@ -1402,6 +1417,8 @@
JSArrayBufferView* Graph::tryGetFoldableView(JSValue value)
{
+ if (m_plan.isUnlinked())
+ return nullptr;
if (!value)
return nullptr;
JSArrayBufferView* view = jsDynamicCast<JSArrayBufferView*>(m_vm, value);
@@ -1730,6 +1747,9 @@
bool Graph::getRegExpPrototypeProperty(JSObject* regExpPrototype, Structure* regExpPrototypeStructure, UniquedStringImpl* uid, JSValue& returnJSValue)
{
+ if (m_plan.isUnlinked())
+ return false;
+
PropertyOffset offset = regExpPrototypeStructure->getConcurrently(uid);
if (!isValidOffset(offset))
return false;
@@ -1777,6 +1797,9 @@
bool Graph::canOptimizeStringObjectAccess(const CodeOrigin& codeOrigin)
{
+ if (m_plan.isUnlinked())
+ return false;
+
if (hasExitSite(codeOrigin, BadCache) || hasExitSite(codeOrigin, BadConstantCache))
return false;
@@ -1829,6 +1852,9 @@
// The parameter 'value' is the AbstractValue for child1 (the thing being spread).
ASSERT(node->op() == Spread);
+ if (m_plan.isUnlinked())
+ return false;
+
if (node->child1().useKind() != ArrayUse) {
// Note: we only speculate on ArrayUse when we've set up the necessary watchpoints
// to prove that the iteration protocol is non-observable starting from ArrayPrototype.
Modified: trunk/Source/_javascript_Core/dfg/DFGGraph.h (291331 => 291332)
--- trunk/Source/_javascript_Core/dfg/DFGGraph.h 2022-03-16 05:19:45 UTC (rev 291331)
+++ trunk/Source/_javascript_Core/dfg/DFGGraph.h 2022-03-16 05:35:12 UTC (rev 291332)
@@ -476,19 +476,6 @@
return jsCast<JSObject*>(object->methodTable(m_vm)->toThis(object, object, ECMAMode::sloppy()));
}
- ScriptExecutable* executableFor(InlineCallFrame* inlineCallFrame)
- {
- if (!inlineCallFrame)
- return m_codeBlock->ownerExecutable();
-
- return inlineCallFrame->baselineCodeBlock->ownerExecutable();
- }
-
- ScriptExecutable* executableFor(const CodeOrigin& codeOrigin)
- {
- return executableFor(codeOrigin.inlineCallFrame());
- }
-
CodeBlock* baselineCodeBlockFor(InlineCallFrame* inlineCallFrame)
{
if (!inlineCallFrame)
@@ -503,6 +490,8 @@
bool masqueradesAsUndefinedWatchpointIsStillValid(const CodeOrigin& codeOrigin)
{
+ if (m_plan.isUnlinked())
+ return false;
return globalObjectFor(codeOrigin)->masqueradesAsUndefinedWatchpoint()->isStillValid();
}
@@ -795,6 +784,8 @@
bool isWatchingHavingABadTimeWatchpoint(Node* node)
{
+ if (m_plan.isUnlinked())
+ return false;
JSGlobalObject* globalObject = globalObjectFor(node->origin.semantic);
return watchpoints().isWatched(globalObject->havingABadTimeWatchpoint());
}
@@ -801,6 +792,9 @@
bool isWatchingGlobalObjectWatchpoint(JSGlobalObject* globalObject, InlineWatchpointSet& set)
{
+ if (m_plan.isUnlinked())
+ return false;
+
if (watchpoints().isWatched(set))
return true;
@@ -819,6 +813,9 @@
bool isWatchingArrayIteratorProtocolWatchpoint(Node* node)
{
+ if (m_plan.isUnlinked())
+ return false;
+
JSGlobalObject* globalObject = globalObjectFor(node->origin.semantic);
InlineWatchpointSet& set = globalObject->arrayIteratorProtocolWatchpointSet();
return isWatchingGlobalObjectWatchpoint(globalObject, set);
@@ -826,6 +823,9 @@
bool isWatchingNumberToStringWatchpoint(Node* node)
{
+ if (m_plan.isUnlinked())
+ return false;
+
JSGlobalObject* globalObject = globalObjectFor(node->origin.semantic);
InlineWatchpointSet& set = globalObject->numberToStringWatchpointSet();
return isWatchingGlobalObjectWatchpoint(globalObject, set);
Modified: trunk/Source/_javascript_Core/dfg/DFGPlan.cpp (291331 => 291332)
--- trunk/Source/_javascript_Core/dfg/DFGPlan.cpp 2022-03-16 05:19:45 UTC (rev 291331)
+++ trunk/Source/_javascript_Core/dfg/DFGPlan.cpp 2022-03-16 05:35:12 UTC (rev 291332)
@@ -112,6 +112,8 @@
return Profiler::DFG;
case JITCompilationMode::DFG:
return Profiler::DFG;
+ case JITCompilationMode::UnlinkedDFG:
+ return Profiler::UnlinkedDFG;
case JITCompilationMode::FTL:
return Profiler::FTL;
case JITCompilationMode::FTLForOSREntry:
@@ -315,7 +317,8 @@
}
switch (m_mode) {
- case JITCompilationMode::DFG: {
+ case JITCompilationMode::DFG:
+ case JITCompilationMode::UnlinkedDFG: {
dfg.m_fixpointState = FixpointConverged;
RUN_PHASE(performTierUpCheckInjection);
Modified: trunk/Source/_javascript_Core/dfg/DFGTierUpCheckInjectionPhase.cpp (291331 => 291332)
--- trunk/Source/_javascript_Core/dfg/DFGTierUpCheckInjectionPhase.cpp 2022-03-16 05:19:45 UTC (rev 291331)
+++ trunk/Source/_javascript_Core/dfg/DFGTierUpCheckInjectionPhase.cpp 2022-03-16 05:35:12 UTC (rev 291332)
@@ -61,7 +61,7 @@
bool run()
{
- RELEASE_ASSERT(m_graph.m_plan.mode() == JITCompilationMode::DFG);
+ RELEASE_ASSERT(m_graph.m_plan.isDFG());
if (!Options::useFTLJIT())
return false;
Modified: trunk/Source/_javascript_Core/jit/JITCompilationMode.cpp (291331 => 291332)
--- trunk/Source/_javascript_Core/jit/JITCompilationMode.cpp 2022-03-16 05:19:45 UTC (rev 291331)
+++ trunk/Source/_javascript_Core/jit/JITCompilationMode.cpp 2022-03-16 05:35:12 UTC (rev 291332)
@@ -44,6 +44,9 @@
case JITCompilationMode::DFG:
out.print("DFGMode");
return;
+ case JITCompilationMode::UnlinkedDFG:
+ out.print("UnlinkedDFG");
+ return;
case JITCompilationMode::FTL:
out.print("FTLMode");
return;
Modified: trunk/Source/_javascript_Core/jit/JITCompilationMode.h (291331 => 291332)
--- trunk/Source/_javascript_Core/jit/JITCompilationMode.h 2022-03-16 05:19:45 UTC (rev 291331)
+++ trunk/Source/_javascript_Core/jit/JITCompilationMode.h 2022-03-16 05:35:12 UTC (rev 291332)
@@ -33,10 +33,22 @@
InvalidCompilation,
Baseline,
DFG,
+ UnlinkedDFG,
FTL,
- FTLForOSREntry
+ FTLForOSREntry,
};
+inline bool isDFG(JITCompilationMode mode)
+{
+ switch (mode) {
+ case JITCompilationMode::DFG:
+ case JITCompilationMode::UnlinkedDFG:
+ return true;
+ default:
+ return false;
+ }
+}
+
inline bool isFTL(JITCompilationMode mode)
{
switch (mode) {
@@ -48,6 +60,17 @@
}
}
+inline bool isUnlinked(JITCompilationMode mode)
+{
+ switch (mode) {
+ case JITCompilationMode::Baseline:
+ case JITCompilationMode::UnlinkedDFG:
+ return true;
+ default:
+ return false;
+ }
+}
+
} // namespace JSC
namespace WTF {
Modified: trunk/Source/_javascript_Core/jit/JITPlan.cpp (291331 => 291332)
--- trunk/Source/_javascript_Core/jit/JITPlan.cpp 2022-03-16 05:19:45 UTC (rev 291331)
+++ trunk/Source/_javascript_Core/jit/JITPlan.cpp 2022-03-16 05:35:12 UTC (rev 291332)
@@ -77,6 +77,7 @@
case JITCompilationMode::Baseline:
return Tier::Baseline;
case JITCompilationMode::DFG:
+ case JITCompilationMode::UnlinkedDFG:
return Tier::DFG;
case JITCompilationMode::FTL:
case JITCompilationMode::FTLForOSREntry:
@@ -145,7 +146,7 @@
{
return Options::reportCompileTimes()
|| (Options::reportBaselineCompileTimes() && m_mode == JITCompilationMode::Baseline)
- || (Options::reportDFGCompileTimes() && m_mode == JITCompilationMode::DFG)
+ || (Options::reportDFGCompileTimes() && isDFG())
|| (Options::reportFTLCompileTimes() && isFTL());
}
Modified: trunk/Source/_javascript_Core/jit/JITPlan.h (291331 => 291332)
--- trunk/Source/_javascript_Core/jit/JITPlan.h 2022-03-16 05:19:45 UTC (rev 291331)
+++ trunk/Source/_javascript_Core/jit/JITPlan.h 2022-03-16 05:35:12 UTC (rev 291332)
@@ -56,7 +56,9 @@
JITCompilationMode mode() const { return m_mode; }
JITPlanStage stage() const { return m_stage; }
+ bool isDFG() const { return ::JSC::isDFG(m_mode); }
bool isFTL() const { return ::JSC::isFTL(m_mode); }
+ bool isUnlinked() const { return ::JSC::isUnlinked(m_mode); }
enum class Tier { Baseline = 0, DFG = 1, FTL = 2, Count = 3 };
Tier tier() const;
Modified: trunk/Source/_javascript_Core/profiler/ProfilerCompilationKind.cpp (291331 => 291332)
--- trunk/Source/_javascript_Core/profiler/ProfilerCompilationKind.cpp 2022-03-16 05:19:45 UTC (rev 291331)
+++ trunk/Source/_javascript_Core/profiler/ProfilerCompilationKind.cpp 2022-03-16 05:35:12 UTC (rev 291332)
@@ -42,6 +42,9 @@
case JSC::Profiler::DFG:
out.print("DFG");
return;
+ case JSC::Profiler::UnlinkedDFG:
+ out.print("UnlinkedDFG");
+ return;
case JSC::Profiler::FTL:
out.print("FTL");
return;
Modified: trunk/Source/_javascript_Core/profiler/ProfilerCompilationKind.h (291331 => 291332)
--- trunk/Source/_javascript_Core/profiler/ProfilerCompilationKind.h 2022-03-16 05:19:45 UTC (rev 291331)
+++ trunk/Source/_javascript_Core/profiler/ProfilerCompilationKind.h 2022-03-16 05:35:12 UTC (rev 291332)
@@ -31,8 +31,9 @@
LLInt,
Baseline,
DFG,
+ UnlinkedDFG,
FTL,
- FTLForOSREntry
+ FTLForOSREntry,
};
} } // namespace JSC::Profiler
