Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: f9f1ed183bf72d7d7e5f17a5d4929845a302def2
https://github.com/WebKit/WebKit/commit/f9f1ed183bf72d7d7e5f17a5d4929845a302def2
Author: Yusuke Suzuki <ysuz...@apple.com>
Date: 2025-09-17 (Wed, 17 Sep 2025)
Changed paths:
M Source/JavaScriptCore/CMakeLists.txt
M Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
M Source/JavaScriptCore/Sources.txt
M Source/JavaScriptCore/wasm/WasmBBQJIT.cpp
M Source/JavaScriptCore/wasm/WasmBBQJIT.h
M Source/JavaScriptCore/wasm/WasmBBQJIT32_64.cpp
M Source/JavaScriptCore/wasm/WasmBBQJIT64.cpp
M Source/JavaScriptCore/wasm/WasmBaselineData.h
A Source/JavaScriptCore/wasm/WasmCallProfile.h
R Source/JavaScriptCore/wasm/WasmCallSlot.h
M Source/JavaScriptCore/wasm/WasmCallee.cpp
M Source/JavaScriptCore/wasm/WasmCallee.h
M Source/JavaScriptCore/wasm/WasmFunctionIPIntMetadataGenerator.h
M Source/JavaScriptCore/wasm/WasmFunctionParser.h
M Source/JavaScriptCore/wasm/WasmIPIntGenerator.cpp
M Source/JavaScriptCore/wasm/WasmIPIntGenerator.h
M Source/JavaScriptCore/wasm/WasmIPIntSlowPaths.cpp
A Source/JavaScriptCore/wasm/WasmInstanceAnchor.cpp
A Source/JavaScriptCore/wasm/WasmInstanceAnchor.h
M Source/JavaScriptCore/wasm/WasmMergedProfile.cpp
M Source/JavaScriptCore/wasm/WasmMergedProfile.h
M Source/JavaScriptCore/wasm/WasmModule.cpp
M Source/JavaScriptCore/wasm/WasmModule.h
M Source/JavaScriptCore/wasm/WasmOMGIRGenerator.cpp
M Source/JavaScriptCore/wasm/WasmOMGIRGenerator32_64.cpp
R Source/JavaScriptCore/wasm/WasmProfileCollection.cpp
R Source/JavaScriptCore/wasm/WasmProfileCollection.h
M Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.cpp
M Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.h
Log Message:
-----------
[JSC] Introduce WasmInstanceAnchor
https://bugs.webkit.org/show_bug.cgi?id=299024
rdar://160786381
Reviewed by Yijia Huang.
We found that WasmProfileCollection's lock is taken frequently, and
sometimes it is blocking the main thread. So this patch is taking a
different approach. In this patch, we introduce Wasm::InstanceAnchor,
which is registered to Wasm::Module and offering a way to access to
JSWebAssemblyInstance. It is
ThreadSafeRefCountedAndCanMakeThreadSafeWeakPtr, and keeping a lock &
JSWebAssemblyInstance*. When JSWebAssemblyInstance is destroyed, it is
taking a lock and nullifying the pointer. So the concurrent compiler can
ensure that JSWebAssemblyInstance* is accessible while taking a lock of
this anchor.
We also rename Wasm::CallSlot to Wasm::CallProfile, which represents
what it is more reasonably.
* Source/JavaScriptCore/CMakeLists.txt:
* Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj:
* Source/JavaScriptCore/Sources.txt:
* Source/JavaScriptCore/wasm/WasmBBQJIT.cpp:
(JSC::Wasm::BBQJITImpl::BBQJIT::emitIncrementCallProfileCount):
(JSC::Wasm::BBQJITImpl::BBQJIT::addCall):
(JSC::Wasm::BBQJITImpl::BBQJIT::emitIndirectCall):
(JSC::Wasm::BBQJITImpl::BBQJIT::addCallIndirect):
(JSC::Wasm::BBQJITImpl::BBQJIT::emitIncrementCallSlotCount): Deleted.
* Source/JavaScriptCore/wasm/WasmBBQJIT.h:
* Source/JavaScriptCore/wasm/WasmBBQJIT32_64.cpp:
(JSC::Wasm::BBQJITImpl::BBQJIT::addCallRef):
* Source/JavaScriptCore/wasm/WasmBBQJIT64.cpp:
(JSC::Wasm::BBQJITImpl::BBQJIT::addCallRef):
* Source/JavaScriptCore/wasm/WasmBaselineData.h:
* Source/JavaScriptCore/wasm/WasmCallProfile.h: Renamed from
Source/JavaScriptCore/wasm/WasmCallSlot.h.
(JSC::Wasm::CallProfile::offsetOfCount):
(JSC::Wasm::CallProfile::offsetOfBoxedCallee):
* Source/JavaScriptCore/wasm/WasmCallee.cpp:
(JSC::Wasm::IPIntCallee::IPIntCallee):
(JSC::Wasm::IPIntCallee::needsProfiling const):
* Source/JavaScriptCore/wasm/WasmCallee.h:
* Source/JavaScriptCore/wasm/WasmFunctionIPIntMetadataGenerator.h:
* Source/JavaScriptCore/wasm/WasmFunctionParser.h:
(JSC::Wasm::FunctionParser::numCallProfiles const):
(JSC::Wasm::FunctionParser<Context>::parseExpression):
(JSC::Wasm::FunctionParser::numCallSlots const): Deleted.
* Source/JavaScriptCore/wasm/WasmIPIntGenerator.cpp:
(JSC::Wasm::IPIntGenerator::addCall):
(JSC::Wasm::IPIntGenerator::addCallIndirect):
(JSC::Wasm::IPIntGenerator::addCallRef):
(JSC::Wasm::IPIntGenerator::finalize):
* Source/JavaScriptCore/wasm/WasmIPIntGenerator.h:
* Source/JavaScriptCore/wasm/WasmIPIntSlowPaths.cpp:
(JSC::IPInt::WASM_IPINT_EXTERN_CPP_DECL):
* Source/JavaScriptCore/wasm/WasmInstanceAnchor.cpp: Renamed from
Source/JavaScriptCore/wasm/WasmProfileCollection.cpp.
(JSC::Wasm::InstanceAnchor::create):
* Source/JavaScriptCore/wasm/WasmInstanceAnchor.h: Renamed from
Source/JavaScriptCore/wasm/WasmProfileCollection.h.
* Source/JavaScriptCore/wasm/WasmMergedProfile.cpp:
(JSC::Wasm::MergedProfile::MergedProfile):
(JSC::Wasm::MergedProfile::CallSite::merge):
* Source/JavaScriptCore/wasm/WasmMergedProfile.h:
* Source/JavaScriptCore/wasm/WasmModule.cpp:
(JSC::Wasm::Module::registerAnchor):
(JSC::Wasm::Module::createMergedProfile):
(JSC::Wasm::Module::createProfiles): Deleted.
* Source/JavaScriptCore/wasm/WasmModule.h:
* Source/JavaScriptCore/wasm/WasmOMGIRGenerator.cpp:
(JSC::Wasm::OMGIRGenerator::canInline const):
(JSC::Wasm::OMGIRGenerator::addCall):
(JSC::Wasm::OMGIRGenerator::emitDirectCall):
(JSC::Wasm::OMGIRGenerator::addCallIndirect):
(JSC::Wasm::OMGIRGenerator::addCallRef):
* Source/JavaScriptCore/wasm/WasmOMGIRGenerator32_64.cpp:
(JSC::Wasm::OMGIRGenerator::addCall):
(JSC::Wasm::OMGIRGenerator::addCallIndirect):
* Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.cpp:
(JSC::JSWebAssemblyInstance::JSWebAssemblyInstance):
(JSC::JSWebAssemblyInstance::finishCreation):
(JSC::JSWebAssemblyInstance::~JSWebAssemblyInstance):
(JSC::JSWebAssemblyInstance::ensureBaselineData):
* Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.h:
Canonical link: https://commits.webkit.org/300108@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
