[webkit-changes] [224918] trunk/Source/JavaScriptCore

[rmorisset]

Title: [224918] trunk/Source/_javascript_Core

Revision

224918

Author

rmoris...@apple.com

Date

2017-11-16 07:48:11 -0800 (Thu, 16 Nov 2017)

Log Message

Provide a runtime option for disabling the optimization of recursive tail calls
https://bugs.webkit.org/show_bug.cgi?id=179765

Reviewed by Mark Lam.

* bytecode/PreciseJumpTargets.cpp:
(JSC::getJumpTargetsForBytecodeOffset):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitEnter):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleRecursiveTailCall):
* runtime/Options.h:

Modified Paths

• trunk/Source/_javascript_Core/ChangeLog
• trunk/Source/_javascript_Core/bytecode/PreciseJumpTargets.cpp
• trunk/Source/_javascript_Core/bytecompiler/BytecodeGenerator.cpp
• trunk/Source/_javascript_Core/dfg/DFGByteCodeParser.cpp
• trunk/Source/_javascript_Core/runtime/Options.h

Diff

Modified: trunk/Source/_javascript_Core/ChangeLog (224917 => 224918)

--- trunk/Source/_javascript_Core/ChangeLog	2017-11-16 15:41:00 UTC (rev 224917)
+++ trunk/Source/_javascript_Core/ChangeLog	2017-11-16 15:48:11 UTC (rev 224918)
@@ -1,5 +1,20 @@
 2017-11-16  Robin Morisset  <rmoris...@apple.com>
 
+        Provide a runtime option for disabling the optimization of recursive tail calls
+        https://bugs.webkit.org/show_bug.cgi?id=179765
+
+        Reviewed by Mark Lam.
+
+        * bytecode/PreciseJumpTargets.cpp:
+        (JSC::getJumpTargetsForBytecodeOffset):
+        * bytecompiler/BytecodeGenerator.cpp:
+        (JSC::BytecodeGenerator::emitEnter):
+        * dfg/DFGByteCodeParser.cpp:
+        (JSC::DFG::ByteCodeParser::handleRecursiveTailCall):
+        * runtime/Options.h:
+
+2017-11-16  Robin Morisset  <rmoris...@apple.com>
+
         Fix null pointer dereference in bytecodeDumper
         https://bugs.webkit.org/show_bug.cgi?id=179764
 

Modified: trunk/Source/_javascript_Core/bytecode/PreciseJumpTargets.cpp (224917 => 224918)

--- trunk/Source/_javascript_Core/bytecode/PreciseJumpTargets.cpp	2017-11-16 15:41:00 UTC (rev 224917)
+++ trunk/Source/_javascript_Core/bytecode/PreciseJumpTargets.cpp	2017-11-16 15:48:11 UTC (rev 224918)
@@ -42,7 +42,7 @@
     // op_loop_hint does not have jump target stored in bytecode instructions.
     if (opcodeID == op_loop_hint)
         out.append(bytecodeOffset);
-    else if (opcodeID == op_enter && codeBlock->hasTailCalls()) {
+    else if (opcodeID == op_enter && codeBlock->hasTailCalls() && Options::optimizeRecursiveTailCalls()) {
         // We need to insert a jump after op_enter, so recursive tail calls have somewhere to jump to.
         // But we only want to pay that price for functions that have at least one tail call.
         out.append(bytecodeOffset + opcodeLengths[op_enter]);

Modified: trunk/Source/_javascript_Core/bytecompiler/BytecodeGenerator.cpp (224917 => 224918)

--- trunk/Source/_javascript_Core/bytecompiler/BytecodeGenerator.cpp	2017-11-16 15:41:00 UTC (rev 224917)
+++ trunk/Source/_javascript_Core/bytecompiler/BytecodeGenerator.cpp	2017-11-16 15:48:11 UTC (rev 224918)
@@ -1315,11 +1315,13 @@
 {
     emitOpcode(op_enter);
 
-    // We must add the end of op_enter as a potential jump target, because the bytecode parser may decide to split its basic block
-    // to have somewhere to jump to if there is a recursive tail-call that points to this function.
-    m_codeBlock->addJumpTarget(instructions().size());
-    // This disables peephole optimizations when an instruction is a jump target
-    m_lastOpcodeID = op_end;
+    if (LIKELY(Options::optimizeRecursiveTailCalls())) {
+        // We must add the end of op_enter as a potential jump target, because the bytecode parser may decide to split its basic block
+        // to have somewhere to jump to if there is a recursive tail-call that points to this function.
+        m_codeBlock->addJumpTarget(instructions().size());
+        // This disables peephole optimizations when an instruction is a jump target
+        m_lastOpcodeID = op_end;
+    }
 }
 
 void BytecodeGenerator::emitLoopHint()

Modified: trunk/Source/_javascript_Core/dfg/DFGByteCodeParser.cpp (224917 => 224918)

--- trunk/Source/_javascript_Core/dfg/DFGByteCodeParser.cpp	2017-11-16 15:41:00 UTC (rev 224917)
+++ trunk/Source/_javascript_Core/dfg/DFGByteCodeParser.cpp	2017-11-16 15:48:11 UTC (rev 224918)
@@ -1422,6 +1422,9 @@
 
 bool ByteCodeParser::handleRecursiveTailCall(Node* callTargetNode, const CallLinkStatus& callLinkStatus, int registerOffset, VirtualRegister thisArgument, int argumentCountIncludingThis)
 {
+    if (UNLIKELY(!Options::optimizeRecursiveTailCalls()))
+        return false;
+
     // FIXME: We currently only do this optimisation in the simple, non-polymorphic case.
     // https://bugs.webkit.org/show_bug.cgi?id=178390
     if (callLinkStatus.couldTakeSlowPath() || callLinkStatus.size() != 1)

Modified: trunk/Source/_javascript_Core/runtime/Options.h (224917 => 224918)

--- trunk/Source/_javascript_Core/runtime/Options.h	2017-11-16 15:41:00 UTC (rev 224917)
+++ trunk/Source/_javascript_Core/runtime/Options.h	2017-11-16 15:48:11 UTC (rev 224918)
@@ -149,6 +149,7 @@
     \
     v(bool, useFunctionDotArguments, true, Normal, nullptr) \
     v(bool, useTailCalls, true, Normal, nullptr) \
+    v(bool, optimizeRecursiveTailCalls, true, Normal, nullptr) \
     v(bool, alwaysUseShadowChicken, false, Normal, nullptr) \
     v(unsigned, shadowChickenLogSize, 1000, Normal, nullptr) \
     v(unsigned, shadowChickenMaxTailDeletedFramesSize, 128, Normal, nullptr) \

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes