JavaScriptCore does not have baseline->speculative OSR
https://bugs.webkit.org/show_bug.cgi?id=67920
Reviewed by Oliver Hunt.
This adds the ability to on-stack-replace (OSR) from code that is
running hot in the old JIT to code compiled by the new JIT. This
ensures that long-running loops benefit from DFG optimization.
It also ensures that if code experiences a speculation failure
in DFG code, it has an opportunity to reenter the DFG once every
1,000 loop iterations or so.
This results in a 2.88x speed-up on Kraken/imaging-desaturate,
and is a pure win on the main three benchmark suites (SunSpider,
V8, Kraken), when tiered compilation is enabled.
* JavaScriptCore.xcodeproj/project.pbxproj:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dump):
(JSC::CodeBlock::CodeBlock):
(JSC::ProgramCodeBlock::compileOptimized):
(JSC::EvalCodeBlock::compileOptimized):
(JSC::FunctionCodeBlock::compileOptimized):
* bytecode/CodeBlock.h:
* bytecode/Opcode.h:
* bytecode/PredictedType.h: Added.
(JSC::isCellPrediction):
(JSC::isArrayPrediction):
(JSC::isInt32Prediction):
(JSC::isDoublePrediction):
(JSC::isNumberPrediction):
(JSC::isBooleanPrediction):
(JSC::isStrongPrediction):
(JSC::predictionToString):
(JSC::mergePredictions):
(JSC::mergePrediction):
(JSC::makePrediction):
* bytecode/PredictionTracker.h: Added.
(JSC::operandIsArgument):
(JSC::PredictionSlot::PredictionSlot):
(JSC::PredictionTracker::PredictionTracker):
(JSC::PredictionTracker::initializeSimilarTo):
(JSC::PredictionTracker::copyLocalsFrom):
(JSC::PredictionTracker::numberOfArguments):
(JSC::PredictionTracker::numberOfVariables):
(JSC::PredictionTracker::argumentIndexForOperand):
(JSC::PredictionTracker::predictArgument):
(JSC::PredictionTracker::predict):
(JSC::PredictionTracker::predictGlobalVar):
(JSC::PredictionTracker::getArgumentPrediction):
(JSC::PredictionTracker::getPrediction):
(JSC::PredictionTracker::getGlobalVarPrediction):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitLoopHint):
* bytecompiler/BytecodeGenerator.h:
* bytecompiler/NodesCodegen.cpp:
(JSC::DoWhileNode::emitBytecode):
(JSC::WhileNode::emitBytecode):
(JSC::ForNode::emitBytecode):
(JSC::ForInNode::emitBytecode):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
* dfg/DFGCapabilities.h:
(JSC::DFG::canCompileOpcode):
* dfg/DFGDriver.cpp:
(JSC::DFG::compile):
* dfg/DFGGraph.cpp:
(JSC::DFG::Graph::dump):
* dfg/DFGGraph.h:
(JSC::DFG::BasicBlock::BasicBlock):
(JSC::DFG::Graph::predict):
(JSC::DFG::Graph::getPrediction):
* dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
(JSC::DFG::JITCompiler::compileEntry):
(JSC::DFG::JITCompiler::compileBody):
* dfg/DFGJITCompiler.h:
(JSC::DFG::JITCompiler::noticeOSREntry):
* dfg/DFGNode.h:
* dfg/DFGOSREntry.cpp: Added.
(JSC::DFG::predictionIsValid):
(JSC::DFG::prepareOSREntry):
* dfg/DFGOSREntry.h: Added.
(JSC::DFG::prepareOSREntry):
* dfg/DFGPredictionTracker.h: Removed.
* dfg/DFGPropagator.cpp:
(JSC::DFG::Propagator::mergeUse):
(JSC::DFG::Propagator::mergePrediction):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* jit/CompactJITCodeMap.h:
(JSC::CompactJITCodeMap::numberOfEntries):
(JSC::CompactJITCodeMap::decode):
(JSC::CompactJITCodeMap::Decoder::Decoder):
(JSC::CompactJITCodeMap::Decoder::numberOfEntriesRemaining):
(JSC::CompactJITCodeMap::Decoder::read):
* jit/JIT.cpp:
(JSC::JIT::emitOptimizationCheck):
(JSC::JIT::emitTimeoutCheck):
(JSC::JIT::privateCompileMainPass):
* jit/JIT.h:
(JSC::JIT::emit_op_loop_hint):
* jit/JITStubs.cpp:
(JSC::DEFINE_STUB_FUNCTION):
* runtime/Executable.cpp:
(JSC::EvalExecutable::compileInternal):
(JSC::ProgramExecutable::compileInternal):
(JSC::FunctionExecutable::compileForCallInternal):
(JSC::FunctionExecutable::compileForConstructInternal):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@95016 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/Source/JavaScriptCore/jit/JIT.h b/Source/JavaScriptCore/jit/JIT.h
index 0245661..a3101fb 100644
--- a/Source/JavaScriptCore/jit/JIT.h
+++ b/Source/JavaScriptCore/jit/JIT.h
@@ -28,6 +28,9 @@
#if ENABLE(JIT)
+// Verbose logging for OSR-related code.
+#define ENABLE_JIT_VERBOSE_OSR 0
+
// We've run into some problems where changing the size of the class JIT leads to
// performance fluctuations. Try forcing alignment in an attempt to stabalize this.
#if COMPILER(GCC)
@@ -793,6 +796,7 @@
void emit_op_jtrue(Instruction*);
void emit_op_load_varargs(Instruction*);
void emit_op_loop(Instruction*);
+ void emit_op_loop_hint(Instruction*);
void emit_op_loop_if_less(Instruction*);
void emit_op_loop_if_lesseq(Instruction*);
void emit_op_loop_if_greater(Instruction*);
@@ -1066,6 +1070,11 @@
emit_op_jmp(currentInstruction);
}
+ inline void JIT::emit_op_loop_hint(Instruction*)
+ {
+ emitOptimizationCheck(LoopOptimizationCheck);
+ }
+
inline void JIT::emit_op_loop_if_true(Instruction* currentInstruction)
{
emitTimeoutCheck();
