Google Git
Sign in
webkit / WebKit / ad4eb05bbe40705369e1550f4ccce62b6c2beff9^! / . / Source / JavaScriptCore / ftl / FTLLowerDFGToB3.cpp
commitad4eb05bbe40705369e1550f4ccce62b6c2beff9[log] [tgz]
authorutatane.tea@gmail.com <utatane.tea@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Fri Oct 07 05:07:13 2016 +0000
committerutatane.tea@gmail.com <utatane.tea@gmail.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>Fri Oct 07 05:07:13 2016 +0000
tree6a8b8472f3e493b705a5300aef02929c57d22ecc
parent9a82131eb79e2fa5b098a8122c65f1106a6687a4 [diff] [blame]
[DOMJIT] Support slow path call
https://bugs.webkit.org/show_bug.cgi?id=162978

Reviewed by Saam Barati.

One of the most important features required in DOMJIT::Patchpoint is slow path calls.
DOM operation typically returns DOMWrapper object. At that time, if wrapper cache hits, we can go
to the fast path. However, if we cannot use the cache, we need to go to the slow path to call toJS function.
At that time, slow path call functionality is necessary.

This patch expose DOMJIT::PatchpointParams::addSlowPathCall. We can request slow path call code generation
through this interface. DOMJIT::PatchpointParams automatically leverages appropriate slow path call systems
in each tier. In DFG, we use slow path call system. In FTL, we implement slow path call by using addLatePath
to construct slow path call. But these details are completely hidden by DOMJIT::PatchpointParams. Users can
just use addSlowPathCall.

Since DFG and FTL slow path call systems are implemented in variadic templates, directly using this means
that we need to expose core part of DFG and FTL. For example, DFG::SpeculativeJIT need to be exposed in
such a design. That is too bad. Instead, we use magical macro in DOMJITSlowPathCalls.h. We can list up the
call signatures in DOMJIT_SLOW_PATH_CALLS. DOMJIT uses these signatures to generate an interface to request
slow path calls inside DFG and FTL instead of exposing everything.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* dfg/DFGCommon.h:
* dfg/DFGDOMJITPatchpointParams.cpp: Copied from Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h.
(JSC::DFG::dispatch):
* dfg/DFGDOMJITPatchpointParams.h: Copied from Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h.
(JSC::DFG::DOMJITPatchpointParams::DOMJITPatchpointParams):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileCallDOM):
(JSC::DFG::SpeculativeJIT::compileCheckDOM):
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::extractResult): Deleted.
* domjit/DOMJITPatchpointParams.h:
(JSC::DOMJIT::PatchpointParams::addSlowPathCall):
* domjit/DOMJITSlowPathCalls.h: Copied from Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h.
* ftl/FTLDOMJITPatchpointParams.cpp: Added.
(JSC::FTL::dispatch):
* ftl/FTLDOMJITPatchpointParams.h: Copied from Source/JavaScriptCore/domjit/DOMJITPatchpointParams.h.
(JSC::FTL::DOMJITPatchpointParams::DOMJITPatchpointParams):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileCheckDOM):
(JSC::FTL::DFG::LowerDFGToB3::compileCallDOM):
* jit/GPRInfo.h:
(JSC::extractResult):
* jsc.cpp:

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@206899 268f45cc-cd09-0410-ab3c-d52691b4dbfc

diff --git a/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp b/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
index 7cf76fb..1e5a9b2 100644
--- a/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
+++ b/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp

@@ -45,10 +45,10 @@
 #include "DFGOSRAvailabilityAnalysisPhase.h"
 #include "DFGOSRExitFuzz.h"
 #include "DOMJITPatchpoint.h"
-#include "DOMJITPatchpointParams.h"
 #include "DirectArguments.h"
 #include "FTLAbstractHeapRepository.h"
 #include "FTLAvailableRecovery.h"
+#include "FTLDOMJITPatchpointParams.h"
 #include "FTLExceptionTarget.h"
 #include "FTLForOSREntryJITCode.h"
 #include "FTLFormattedValue.h"
@@ -8733,6 +8733,7 @@
         patchpoint->numFPScratchRegisters = domJIT->numFPScratchRegisters;
 
         State* state = &m_ftlState;
+        Node* node = m_node;
         NodeOrigin origin = m_origin;
         unsigned osrExitArgumentOffset = patchpoint->numChildren();
         OSRExitDescriptor* exitDescriptor = appendOSRExitDescriptor(jsValueValue(cell), m_node->child1().node());
@@ -8754,7 +8755,7 @@
 
                 RefPtr<OSRExitHandle> handle = exitDescriptor->emitOSRExitLater(*state, BadType, origin, params, osrExitArgumentOffset);
 
-                DOMJIT::PatchpointParams domJITParams(WTFMove(regs), WTFMove(gpScratch), WTFMove(fpScratch));
+                DOMJITPatchpointParams domJITParams(*state, params, node, nullptr, WTFMove(regs), WTFMove(gpScratch), WTFMove(fpScratch));
                 CCallHelpers::JumpList failureCases = domJIT->generator()->run(jit, domJITParams);
 
                 jit.addLinkTask([=] (LinkBuffer& linkBuffer) {
@@ -8780,6 +8781,8 @@
         patchpoint->numGPScratchRegisters = domJIT->numGPScratchRegisters;
         patchpoint->numFPScratchRegisters = domJIT->numFPScratchRegisters;
 
+        State* state = &m_ftlState;
+        Node* node = m_node;
         patchpoint->setGenerator(
             [=] (CCallHelpers& jit, const StackmapGenerationParams& params) {
                 Vector<GPRReg> gpScratch;
@@ -8802,7 +8805,7 @@
 
                 Box<CCallHelpers::JumpList> exceptions = exceptionHandle->scheduleExitCreation(params)->jumps(jit);
 
-                DOMJIT::PatchpointParams domJITParams(WTFMove(regs), WTFMove(gpScratch), WTFMove(fpScratch));
+                DOMJITPatchpointParams domJITParams(*state, params, node, exceptions, WTFMove(regs), WTFMove(gpScratch), WTFMove(fpScratch));
                 domJIT->generator()->run(jit, domJITParams);
             });
         patchpoint->effects = Effects::forCall();