Modified: trunk/Source/_javascript_Core/ChangeLog (289036 => 289037)
--- trunk/Source/_javascript_Core/ChangeLog 2022-02-03 09:18:07 UTC (rev 289036)
+++ trunk/Source/_javascript_Core/ChangeLog 2022-02-03 10:07:16 UTC (rev 289037)
@@ -1,3 +1,29 @@
+2022-02-03 Yusuke Suzuki <[email protected]>
+
+ [JSC] Use MetadataTable instead of UnlinkedMetadataTable
+ https://bugs.webkit.org/show_bug.cgi?id=236063
+ rdar://88269480
+
+ Reviewed by Robin Morisset.
+
+ Use MetadataTable from profiled CodeBlock instead of UnlinkedMetadataTable in concurrent JIT compiler.
+
+ * bytecode/MetadataTable.h:
+ (JSC::MetadataTable::offsetInMetadataTable):
+ * bytecode/UnlinkedMetadataTable.h:
+ (JSC::UnlinkedMetadataTable::offsetInMetadataTable):
+ * jit/JITInlines.h:
+ (JSC::JIT::emitValueProfilingSite):
+ (JSC::JIT::loadPtrFromMetadata):
+ (JSC::JIT::load32FromMetadata):
+ (JSC::JIT::load8FromMetadata):
+ (JSC::JIT::store8ToMetadata):
+ (JSC::JIT::store32ToMetadata):
+ (JSC::JIT::materializePointerIntoMetadata):
+ * jit/JITPropertyAccess.cpp:
+ (JSC::JIT::emit_op_resolve_scope):
+ (JSC::JIT::emit_op_get_from_scope):
+
2022-02-02 Saam Barati <[email protected]>
SecureARM64EHashPins should check g_jscConfig.useFastJITPermissions
Modified: trunk/Source/_javascript_Core/bytecode/MetadataTable.h (289036 => 289037)
--- trunk/Source/_javascript_Core/bytecode/MetadataTable.h 2022-02-03 09:18:07 UTC (rev 289036)
+++ trunk/Source/_javascript_Core/bytecode/MetadataTable.h 2022-02-03 10:07:16 UTC (rev 289037)
@@ -92,6 +92,14 @@
return refCount() == 1;
}
+ template <typename Opcode>
+ uintptr_t offsetInMetadataTable(const Opcode& opcode)
+ {
+ uintptr_t baseTypeOffset = is32Bit() ? offsetTable32()[Opcode::opcodeID] : offsetTable16()[Opcode::opcodeID];
+ baseTypeOffset = roundUpToMultipleOf(alignof(typename Opcode::Metadata), baseTypeOffset);
+ return baseTypeOffset + sizeof(typename Opcode::Metadata) * opcode.m_metadataID;
+ }
+
private:
MetadataTable(UnlinkedMetadataTable&);
Modified: trunk/Source/_javascript_Core/bytecode/UnlinkedMetadataTable.h (289036 => 289037)
--- trunk/Source/_javascript_Core/bytecode/UnlinkedMetadataTable.h 2022-02-03 09:18:07 UTC (rev 289036)
+++ trunk/Source/_javascript_Core/bytecode/UnlinkedMetadataTable.h 2022-02-03 10:07:16 UTC (rev 289037)
@@ -68,6 +68,8 @@
uintptr_t offsetInMetadataTable(const Opcode& opcode)
{
ASSERT(m_isFinalized);
+ // UnlinkedMetadataTable can be realloc-ed from the mutator thread, thus, it is not OK to touch this table from non mutator thread if the mutator thread is running.
+ ASSERT(!isCompilationThread() && !Thread::mayBeGCThread());
uintptr_t baseTypeOffset = m_is32Bit ? offsetTable32()[Opcode::opcodeID] : offsetTable16()[Opcode::opcodeID];
baseTypeOffset = roundUpToMultipleOf(alignof(typename Opcode::Metadata), baseTypeOffset);
return baseTypeOffset + sizeof(typename Opcode::Metadata) * opcode.m_metadataID;
Modified: trunk/Source/_javascript_Core/jit/JITInlines.h (289036 => 289037)
--- trunk/Source/_javascript_Core/jit/JITInlines.h 2022-02-03 09:18:07 UTC (rev 289036)
+++ trunk/Source/_javascript_Core/jit/JITInlines.h 2022-02-03 10:07:16 UTC (rev 289037)
@@ -318,7 +318,7 @@
if (!shouldEmitProfiling())
return;
- ptrdiff_t offset = m_unlinkedCodeBlock->metadata().offsetInMetadataTable(bytecode) + valueProfileOffsetFor<Bytecode>(m_bytecodeIndex.checkpoint()) + ValueProfile::offsetOfFirstBucket();
+ ptrdiff_t offset = m_profiledCodeBlock->metadataTable()->offsetInMetadataTable(bytecode) + valueProfileOffsetFor<Bytecode>(m_bytecodeIndex.checkpoint()) + ValueProfile::offsetOfFirstBucket();
storeValue(value, Address(s_metadataGPR, offset));
}
@@ -470,37 +470,37 @@
template <typename Bytecode>
ALWAYS_INLINE void JIT::loadPtrFromMetadata(const Bytecode& bytecode, size_t offset, GPRReg result)
{
- loadPtr(Address(s_metadataGPR, m_unlinkedCodeBlock->metadata().offsetInMetadataTable(bytecode) + offset), result);
+ loadPtr(Address(s_metadataGPR, m_profiledCodeBlock->metadataTable()->offsetInMetadataTable(bytecode) + offset), result);
}
template <typename Bytecode>
ALWAYS_INLINE void JIT::load32FromMetadata(const Bytecode& bytecode, size_t offset, GPRReg result)
{
- load32(Address(s_metadataGPR, m_unlinkedCodeBlock->metadata().offsetInMetadataTable(bytecode) + offset), result);
+ load32(Address(s_metadataGPR, m_profiledCodeBlock->metadataTable()->offsetInMetadataTable(bytecode) + offset), result);
}
template <typename Bytecode>
ALWAYS_INLINE void JIT::load8FromMetadata(const Bytecode& bytecode, size_t offset, GPRReg result)
{
- load8(Address(s_metadataGPR, m_unlinkedCodeBlock->metadata().offsetInMetadataTable(bytecode) + offset), result);
+ load8(Address(s_metadataGPR, m_profiledCodeBlock->metadataTable()->offsetInMetadataTable(bytecode) + offset), result);
}
template <typename ValueType, typename Bytecode>
ALWAYS_INLINE void JIT::store8ToMetadata(ValueType value, const Bytecode& bytecode, size_t offset)
{
- store8(value, Address(s_metadataGPR, m_unlinkedCodeBlock->metadata().offsetInMetadataTable(bytecode) + offset));
+ store8(value, Address(s_metadataGPR, m_profiledCodeBlock->metadataTable()->offsetInMetadataTable(bytecode) + offset));
}
template <typename Bytecode>
ALWAYS_INLINE void JIT::store32ToMetadata(GPRReg value, const Bytecode& bytecode, size_t offset)
{
- store32(value, Address(s_metadataGPR, m_unlinkedCodeBlock->metadata().offsetInMetadataTable(bytecode) + offset));
+ store32(value, Address(s_metadataGPR, m_profiledCodeBlock->metadataTable()->offsetInMetadataTable(bytecode) + offset));
}
template <typename Bytecode>
ALWAYS_INLINE void JIT::materializePointerIntoMetadata(const Bytecode& bytecode, size_t offset, GPRReg result)
{
- addPtr(TrustedImm32(m_unlinkedCodeBlock->metadata().offsetInMetadataTable(bytecode) + offset), s_metadataGPR, result);
+ addPtr(TrustedImm32(m_profiledCodeBlock->metadataTable()->offsetInMetadataTable(bytecode) + offset), s_metadataGPR, result);
}
ALWAYS_INLINE void JIT::loadConstant(JITConstantPool::Constant constantIndex, GPRReg result)
Modified: trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp (289036 => 289037)
--- trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp 2022-02-03 09:18:07 UTC (rev 289036)
+++ trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp 2022-02-03 10:07:16 UTC (rev 289037)
@@ -1952,7 +1952,7 @@
if (profiledResolveType == ModuleVar)
loadPtrFromMetadata(bytecode, OpResolveScope::Metadata::offsetOfLexicalEnvironment(), returnValueGPR);
else {
- uint32_t metadataOffset = m_unlinkedCodeBlock->metadata().offsetInMetadataTable(bytecode);
+ uint32_t metadataOffset = m_profiledCodeBlock->metadataTable()->offsetInMetadataTable(bytecode);
constexpr GPRReg metadataGPR = regT2;
constexpr GPRReg scopeGPR = regT0;
@@ -2199,7 +2199,7 @@
constexpr GPRReg scopeGPR = regT2;
constexpr GPRReg bytecodeOffsetGPR = regT3;
- uint32_t metadataOffset = m_unlinkedCodeBlock->metadata().offsetInMetadataTable(bytecode);
+ uint32_t metadataOffset = m_profiledCodeBlock->metadataTable()->offsetInMetadataTable(bytecode);
emitGetVirtualRegisterPayload(scope, scopeGPR);
addPtr(TrustedImm32(metadataOffset), s_metadataGPR, metadataGPR);
