Google Git
Sign in
webkit / WebKit / 60de9f62eeac68e97aaa2f2093a323b32a05f1d8^! / . / Source / JavaScriptCore / dfg / DFGMayExit.cpp
commit60de9f62eeac68e97aaa2f2093a323b32a05f1d8[log] [tgz]
authorfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Tue Apr 21 20:16:18 2015 +0000
committerfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Tue Apr 21 20:16:18 2015 +0000
tree930c9168f823e7431f739ca963f43d1eca52d557
parent885047d74c901aa722f04574ee10e43a4bf66061 [diff] [blame]
MovHint should be a strong use
https://bugs.webkit.org/show_bug.cgi?id=143734

Reviewed by Geoffrey Garen.
        
This disables any DCE that assumes equivalence between DFG IR uses and bytecode uses. Doing
so is a major step towards allowing more fancy DFG transformations and also probably fixing
some bugs.
        
Just making MovHint a strong use would also completely disable DCE. So we mitigate this by
introducing a MovHint removal phase that runs in FTL.
        
This is a slight slowdown on Octane/gbemu, but it's basically neutral on suite averages.

* CMakeLists.txt:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.xcodeproj/project.pbxproj:
* bytecode/CodeOrigin.cpp:
(JSC::InlineCallFrame::dumpInContext):
* dfg/DFGDCEPhase.cpp:
(JSC::DFG::DCEPhase::fixupBlock):
* dfg/DFGDisassembler.cpp:
(JSC::DFG::Disassembler::createDumpList):
* dfg/DFGEpoch.cpp: Added.
(JSC::DFG::Epoch::dump):
* dfg/DFGEpoch.h: Added.
(JSC::DFG::Epoch::Epoch):
(JSC::DFG::Epoch::first):
(JSC::DFG::Epoch::operator!):
(JSC::DFG::Epoch::next):
(JSC::DFG::Epoch::bump):
(JSC::DFG::Epoch::operator==):
(JSC::DFG::Epoch::operator!=):
* dfg/DFGMayExit.cpp:
(JSC::DFG::mayExit):
* dfg/DFGMovHintRemovalPhase.cpp: Added.
(JSC::DFG::performMovHintRemoval):
* dfg/DFGMovHintRemovalPhase.h: Added.
* dfg/DFGNodeType.h:
* dfg/DFGPlan.cpp:
(JSC::DFG::Plan::compileInThreadImpl):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileCurrentBlock):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* runtime/Options.h:



git-svn-id: http://svn.webkit.org/repository/webkit/trunk@183072 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/Source/JavaScriptCore/dfg/DFGMayExit.cpp b/Source/JavaScriptCore/dfg/DFGMayExit.cpp
index 9670540..f2a1cc0 100644
--- a/Source/JavaScriptCore/dfg/DFGMayExit.cpp
+++ b/Source/JavaScriptCore/dfg/DFGMayExit.cpp

@@ -59,6 +59,9 @@
 bool mayExit(Graph& graph, Node* node)
 {
     switch (node->op()) {
+    // This is a carefully curated list of nodes that definitely do not exit. We try to be very
+    // conservative when maintaining this list, because adding new node types to it doesn't
+    // generally make things a lot better but it might introduce insanely subtle bugs.
     case SetArgument:
     case JSConstant:
     case DoubleConstant: