1. 04 Dec, 2013 1 commit
  2. 12 Nov, 2013 1 commit
    • mhahnenberg@apple.com's avatar
      CodeBlocks should be able to determine bytecode liveness · 3811e215
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=118546
      
      Reviewed by Filip Pizlo.
      
      This will simplify some things in the DFG related to OSR exits and determining 
      which bytecode variables are live at which points during execution. It will
      also be useful for making our conservative GC scan more precise. Currently it 
      doesn't properly account for liveness while the DFG is running, so it will be 
      off by default behing a runtime Options flag.
      
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * bytecode/BytecodeBasicBlock.cpp: Added.
      (JSC::isBranch): Used to determine the end of basic blocks.
      (JSC::isUnconditionalBranch): Used to determine when a branch at the end of a 
      basic block can't possibly fall through to the next basic block in program order.
      (JSC::isTerminal): Also used to detect the end of a block.
      (JSC::isThrow):
      (JSC::isJumpTarget): Used to correctly separate basic blocks. Any jump destination 
      must be the head of its own basic block.
      (JSC::linkBlocks): Links two blocks together in a bi-direcitonal fashion.
      (JSC::computeBytecodeBasicBlocks): Creates a set of basic blocks given a particular 
      CodeBlock and links them together.
      * bytecode/BytecodeBasicBlock.h: Added.
      (JSC::BytecodeBasicBlock::isEntryBlock): Entry blocks are a special basic blocks 
      that indicate the beginning of the function.
      (JSC::BytecodeBasicBlock::isExitBlock): Exit blocks are a special basic block that 
      all blocks that exit the function have as a successor. Entry and exit blocks allows 
      the various code paths to be more regular.
      (JSC::BytecodeBasicBlock::leaderBytecodeOffset): The leader bytecode offset is the 
      bytecode offset of the first instruction in the block.
      (JSC::BytecodeBasicBlock::totalBytecodeLength): The total length of all the bytecodes 
      in this block.
      (JSC::BytecodeBasicBlock::bytecodeOffsets): The bytecode offsets in this particular 
      basic block. This Vector allows us to iterate over the bytecodes in reverse order 
      which wouldn't be possible normally since they are of variable size.
      (JSC::BytecodeBasicBlock::addPredecessor): Links a block to a specified predecessor. 
      Only creates one direction of the link.
      (JSC::BytecodeBasicBlock::addSuccessor): Same as addPredecessor, but for successors.
      (JSC::BytecodeBasicBlock::predecessors): Getter for predecessors.
      (JSC::BytecodeBasicBlock::successors): Getter for successors.
      (JSC::BytecodeBasicBlock::in): Getter for the liveness info at the head of the block.
      (JSC::BytecodeBasicBlock::out): Getter for the liveness info at  the tail of the block.
      (JSC::BytecodeBasicBlock::BytecodeBasicBlock):
      (JSC::BytecodeBasicBlock::addBytecodeLength): When creating basic blocks we call 
      this function when we want to add the next bytecode in program order to this block.
      * bytecode/BytecodeLivenessAnalysis.cpp: Added.
      (JSC::BytecodeLivenessAnalysis::BytecodeLivenessAnalysis):
      (JSC::numberOfCapturedVariables): Convenience wrapper. Returns the
      number of captured variables for a particular CodeBlock, or 0 if 
      the CodeBlock has no SymbolTable.
      (JSC::captureStart): Ditto, but for captureStart().
      (JSC::captureEnd): Ditto, but for captureEnd().
      (JSC::isValidRegisterForLiveness): Returns true if the liveness analysis should 
      track the liveness of a particular operand. We ignore constants, arguments, and 
      captured variables. We ignore arguments because they're live for the duration of 
      a function call. We ignore captured variables because we also treat them as live 
      for the duration of the function. This could probably be improved to be more precise, 
      but it didn't seem worth it for now.
      (JSC::setForOperand): Convenience wrapper that sets the bit in the provided bit 
      vector for the provided operand. It handles skipping over captured variables.
      (JSC::computeUsesForBytecodeOffset): Computes which operands are used by a particular bytecode.
      (JSC::computeDefsForBytecodeOffset): Computes which operands are defined by a particular 
      bytecode. Typically this is just the left-most operand.
      (JSC::findBasicBlockWithLeaderOffset): 
      (JSC::findBasicBlockForBytecodeOffset): Scans over basic blocks to find the block 
      which contains a particular bytecode offset.
      (JSC::computeLocalLivenessForBytecodeOffset): Computes block-local liveness from the 
      bottom of the block until a specified bytecode offset is reached. 
      (JSC::computeLocalLivenessForBlock): Computes liveness for the entire block and 
      stores the resulting liveness at the head.
      (JSC::BytecodeLivenessAnalysis::runLivenessFixpoint): Runs backward flow liveness 
      analysis to fixpoint.
      (JSC::BytecodeLivenessAnalysis::getLivenessInfoForNonCapturedVarsAtBytecodeOffset): 
      Slow path to get liveness info for non-captured, non-argument variable.
      (JSC::BytecodeLivenessAnalysis::operandIsLiveAtBytecodeOffset): 
      (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset): Returns the liveness 
      info for both captured and non-captured vars at a particular bytecode offset.
      (JSC::BytecodeLivenessAnalysis::dumpResults): Dumps the output of the liveness analysis. 
      Controlled by new flag in Options.h/.cpp.
      (JSC::BytecodeLivenessAnalysis::compute): Creates bytecode basic blocks and runs 
      full liveness analysis.
      * bytecode/BytecodeLivenessAnalysis.h: Added.
      (JSC::BytecodeLivenessAnalysis::hasBeenComputed):
      (JSC::BytecodeLivenessAnalysis::computeIfNecessary):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::CodeBlock):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::livenessAnalysis):
      * bytecode/PreciseJumpTargets.cpp: Refactored to be able to get the jump targets for 
      a particular bytecode offset for use during bytecode basic block construction.
      (JSC::getJumpTargetsForBytecodeOffset):
      (JSC::computePreciseJumpTargets):
      (JSC::findJumpTargetsForBytecodeOffset):
      * bytecode/PreciseJumpTargets.h:
      * runtime/Options.cpp:
      (JSC::Options::initialize):
      * runtime/Options.h:
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@159136 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3811e215
  3. 24 Jul, 2013 1 commit
    • oliver@apple.com's avatar
      fourthTier: It should be possible to use more than one compiler thread · 2102d1a1
      oliver@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=116630
      
      Reviewed by Mark Hahnenberg.
      
      This gives us the ability to use more compiler threads, but doesn't actually
      enable the functionality because it isn't a speed-up on any benchmark. It can
      even be a slow-down. This also adds the ability to disable concurrent
      compilation if we're on a uniprocessor machine, and adds more logging to the
      worklist code to allow us to investigate how many threads are active. It
      appears that even on the most compiler-heavy benchmarks, we never have enough
      work for more than 4 threads, and even then the 4 threads are all active for
      a short time.
      
      Something that having more threads does accomplish is that it shakes out bugs.
      This patch fixes a bug with Watchpoint not being thread-safe ref-counted,
      which enabling 7 compilation threads did catch.
      
      As it stands, this patch is performance-neutral and just fixes bugs and adds
      some options.
      
      * bytecode/Watchpoint.h:
      * dfg/DFGCommon.h:
      (JSC::DFG::enableConcurrentJIT):
      * dfg/DFGWorklist.cpp:
      (JSC::DFG::Worklist::Worklist):
      (JSC::DFG::Worklist::~Worklist):
      (JSC::DFG::Worklist::finishCreation):
      (JSC::DFG::Worklist::create):
      (JSC::DFG::Worklist::enqueue):
      (JSC::DFG::Worklist::waitUntilAllPlansForVMAreReady):
      (JSC::DFG::Worklist::dump):
      (JSC::DFG::Worklist::runThread):
      (JSC::DFG::initializeGlobalWorklistOnce):
      * dfg/DFGWorklist.h:
      * runtime/Options.cpp:
      (JSC::computeNumberOfWorkerThreads):
      (JSC):
      (JSC::computeNumberOfGCMarkers):
      * runtime/Options.h:
      (JSC):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153175 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2102d1a1
  4. 12 May, 2013 1 commit
    • andersca@apple.com's avatar
      Stop including UnusedParam.h · ed9bde7b
      andersca@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=116003
      
      Reviewed by Sam Weinig.
      
      UnusedParam.h is empty now so there's no need to include it anymore.
      
      Source/JavaScriptCore:
      
      * API/APICast.h:
      * API/tests/JSNode.c:
      * API/tests/JSNodeList.c:
      * API/tests/minidom.c:
      * API/tests/testapi.c:
      * assembler/AbstractMacroAssembler.h:
      * assembler/MacroAssemblerCodeRef.h:
      * bytecode/CodeBlock.cpp:
      * heap/HandleStack.h:
      * interpreter/JSStackInlines.h:
      * jit/CompactJITCodeMap.h:
      * jit/ExecutableAllocator.h:
      * parser/SourceProvider.h:
      * runtime/DatePrototype.cpp:
      * runtime/JSNotAnObject.cpp:
      * runtime/JSSegmentedVariableObject.h:
      * runtime/JSVariableObject.h:
      * runtime/Options.cpp:
      * runtime/PropertyOffset.h:
      
      Source/WebCore:
      
      * Modules/encryptedmedia/CDMPrivateAVFoundation.mm:
      * Modules/indexeddb/IDBFactoryBackendImpl.cpp:
      * Modules/indexeddb/IDBObjectStore.cpp:
      * Modules/webdatabase/DatabaseServer.cpp:
      * Modules/webdatabase/DatabaseThread.cpp:
      * bindings/js/JSDOMWindowBase.cpp:
      * bindings/objc/DOMObject.mm:
      * css/CSSCursorImageValue.cpp:
      * css/DeprecatedStyleBuilder.cpp:
      * dom/EventDispatcher.cpp:
      * dom/Node.cpp:
      * editing/AlternativeTextController.h:
      * editing/Editor.cpp:
      * html/HTMLPlugInElement.cpp:
      * html/canvas/CanvasRenderingContext2D.cpp:
      * html/canvas/OESVertexArrayObject.h:
      * html/parser/HTMLConstructionSite.cpp:
      * html/parser/HTMLTokenizer.cpp:
      * html/track/InbandTextTrack.cpp:
      * inspector/InspectorCanvasInstrumentation.h:
      * inspector/InspectorConsoleInstrumentation.h:
      * inspector/InspectorController.cpp:
      * inspector/InspectorCounters.h:
      * inspector/InspectorDatabaseInstrumentation.h:
      * inspector/InspectorInstrumentation.h:
      * loader/DocumentThreadableLoader.cpp:
      * loader/PingLoader.cpp:
      * loader/appcache/ApplicationCacheGroup.cpp:
      * loader/cache/CachedResourceLoader.cpp:
      * loader/mac/DocumentLoaderMac.cpp:
      * page/ChromeClient.h:
      * page/Console.cpp:
      * page/FrameView.cpp:
      * page/PageConsole.cpp:
      * page/animation/AnimationController.cpp:
      * page/animation/ImplicitAnimation.cpp:
      * page/animation/KeyframeAnimation.cpp:
      * platform/LocalizedStrings.cpp:
      * platform/ScrollAnimator.h:
      * platform/ThreadGlobalData.cpp:
      * platform/blackberry/AsyncFileSystemBlackBerry.cpp:
      * platform/graphics/Font.cpp:
      * platform/graphics/GlyphBuffer.h:
      * platform/graphics/Gradient.cpp:
      * platform/graphics/ShadowBlur.cpp:
      * platform/graphics/SimpleFontData.cpp:
      * platform/graphics/SimpleFontData.h:
      * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
      * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:
      * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
      * platform/graphics/avfoundation/objc/InbandTextTrackPrivateAVFObjC.mm:
      * platform/graphics/avfoundation/objc/InbandTextTrackPrivateLegacyAVFObjC.mm:
      * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
      * platform/graphics/blackberry/GradientBlackBerry.cpp:
      * platform/graphics/blackberry/GraphicsContextBlackBerry.cpp:
      * platform/graphics/ca/mac/PlatformCAAnimationMac.mm:
      * platform/graphics/ca/mac/PlatformCALayerMac.mm:
      * platform/graphics/ca/mac/WebTileLayer.mm:
      * platform/graphics/ca/win/PlatformCAAnimationWin.cpp:
      * platform/graphics/cg/GraphicsContextCG.cpp:
      * platform/graphics/cg/ImageBufferCG.cpp:
      * platform/graphics/cg/ImageSourceCG.cpp:
      * platform/graphics/clutter/PlatformClutterAnimation.cpp:
      * platform/graphics/filters/ValidatedCustomFilterOperation.cpp:
      * platform/graphics/gstreamer/GStreamerVersioning.cpp:
      * platform/graphics/mac/GraphicsContext3DMac.mm:
      * platform/graphics/mac/MediaPlayerPrivateQTKit.mm:
      * platform/graphics/mac/SimpleFontDataMac.mm:
      * platform/graphics/mac/WebGLLayer.mm:
      * platform/graphics/mac/WebLayer.mm:
      * platform/graphics/mac/WebTiledLayer.mm:
      * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
      * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
      * platform/graphics/qt/GraphicsContext3DQt.cpp:
      * platform/graphics/texmap/TextureMapper.h:
      * platform/graphics/wince/ImageBufferWinCE.cpp:
      * platform/mac/PasteboardMac.mm:
      * platform/mac/ScrollAnimatorMac.mm:
      * platform/mac/ScrollViewMac.mm:
      * platform/mac/ScrollbarThemeMac.mm:
      * platform/mac/SharedTimerMac.mm:
      * platform/mac/WebCoreFullScreenPlaceholderView.mm:
      * platform/mac/WebCoreObjCExtras.mm:
      * platform/mac/WebFontCache.mm:
      * platform/mac/WebVideoFullscreenController.mm:
      * platform/mac/WebVideoFullscreenHUDWindowController.mm:
      * platform/mac/WebWindowAnimation.mm:
      * platform/network/blackberry/CredentialStorageBlackBerry.cpp:
      * platform/network/cf/ResourceErrorCF.cpp:
      * platform/network/mac/CookieStorageMac.mm:
      * platform/network/mac/ResourceHandleMac.mm:
      * platform/network/win/ResourceHandleWin.cpp:
      * platform/text/TextEncodingDetectorICU.cpp:
      * rendering/RenderFlowThread.h:
      * rendering/RenderImage.cpp:
      * rendering/RenderLayer.cpp:
      * rendering/RenderObject.cpp:
      * rendering/RenderTreeAsText.cpp:
      * rendering/svg/RenderSVGResourceClipper.cpp:
      * rendering/svg/RenderSVGResourceFilter.cpp:
      * rendering/svg/RenderSVGResourceGradient.cpp:
      * rendering/svg/RenderSVGResourceMasker.cpp:
      * rendering/svg/SVGRenderSupport.cpp:
      * rendering/svg/SVGTextLayoutEngineSpacing.cpp:
      * workers/WorkerContext.cpp:
      * workers/WorkerScriptLoader.cpp:
      * xml/XMLHttpRequest.cpp:
      * xml/parser/XMLDocumentParserLibxml2.cpp:
      
      Source/WebKit/efl:
      
      * WebCoreSupport/DumpRenderTreeSupportEfl.cpp:
      * ewk/ewk_js.cpp:
      * ewk/ewk_security_origin.cpp:
      * ewk/ewk_view.cpp:
      * ewk/ewk_web_database.cpp:
      
      Source/WebKit/gtk:
      
      * webkit/webkitapplicationcache.cpp:
      
      Source/WebKit/mac:
      
      * Plugins/WebNetscapePluginEventHandlerCocoa.mm:
      * WebView/WebDashboardRegion.mm:
      * WebView/WebFullScreenController.mm:
      
      Source/WebKit/win:
      
      * WebSecurityOrigin.cpp:
      
      Source/WebKit2:
      
      * UIProcess/API/C/WKContext.cpp:
      * UIProcess/API/C/WKInspector.cpp:
      * UIProcess/API/C/WKPage.cpp:
      * UIProcess/API/efl/ewk_text_checker.cpp:
      * UIProcess/API/efl/ewk_view.cpp:
      * UIProcess/API/efl/tests/UnitTestUtils/EWK2UnitTestBase.cpp:
      * UIProcess/API/efl/tests/test_ewk2_view.cpp:
      * UIProcess/mac/WKFullScreenWindowController.mm:
      * WebProcess/InjectedBundle/API/c/WKBundlePage.cpp:
      * WebProcess/ResourceCache/WebResourceCacheManager.cpp:
      
      Source/WTF:
      
      * wtf/Atomics.h:
      * wtf/BoundsCheckedPointer.h:
      * wtf/DateMath.h:
      * wtf/FastMalloc.cpp:
      * wtf/NumberOfCores.cpp:
      * wtf/OSAllocator.h:
      * wtf/OSAllocatorPosix.cpp:
      * wtf/PageAllocation.h:
      * wtf/RefCounted.h:
      * wtf/TCSystemAlloc.cpp:
      * wtf/ThreadingPthreads.cpp:
      * wtf/Vector.h:
      * wtf/dtoa/cached-powers.cc:
      * wtf/dtoa/fixed-dtoa.cc:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@149980 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      ed9bde7b
  5. 06 May, 2013 1 commit
  6. 04 May, 2013 1 commit
    • msaboff@apple.com's avatar
      There should be a runtime option to constrain what functions get DFG compiled · 7b4d2076
      msaboff@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=115576
      
      Reviewed by Mark Hahnenberg.
      
      Added OptionRange to Options to allow checking that something is within an option
      or not.  The new OptionClass supports range strings in the form of [!]<low>[:<high>].
      If only one value is given, then it will be used for both low and high.  A leading
      '!' inverts the check.  If no range is given, then checking for a value within a range
      will always return true.  Added the option "bytecodeRangeToDFGCompile" that takes an
      OptionRange string to select the bytecode range of code blocks to DFG compile.
      
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile): Added new check for bytecode count within bytecodeRangeToDFGCompile
      range.
      * runtime/Options.cpp:
      (JSC::parse): Added overloaded parse() for OptionRange.
      (JSC::OptionRange::init): Parse range string and then initialize the range.
      (JSC::OptionRange::isInRange): Function used by consumer to check if a value is within
      the specified range.
      (JSC::Options::dumpOption): Added code to dump OptionRange options.
      * runtime/Options.h:
      (OptionRange): New class.
      (JSC::OptionRange::operator= ): This is really used as a default ctor for use within
      the Option static array initialization.
      (JSC::OptionRange::rangeString): This is used for debug.  It assumes that the char*
      passed into OptionRange::init is valid when this function is called.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@149552 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7b4d2076
  7. 14 Oct, 2012 1 commit
  8. 11 Oct, 2012 1 commit
  9. 09 Oct, 2012 1 commit
    • fpizlo@apple.com's avatar
      JSC should infer when indexed storage is contiguous, and optimize for it · 0e9910a8
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97288
      
      Reviewed by Mark Hahnenberg.
      
      Source/JavaScriptCore: 
      
      This introduces a new kind of indexed property storage called Contiguous,
      which has the following properties:
              
      - No header bits beyond IndexedHeader. This results in a 16 byte reduction
        in memory usage per array versus an ArrayStorage array. It also means
        that the total memory usage for an empty array is now just 3 * 8 on both
        32-bit and 64-bit. Of that, only 8 bytes are array-specific; the rest is
        our standard object header overhead.
              
      - No need for hole checks on store. This results in a ~4% speed-up on
        Kraken and a ~1% speed-up on V8v7.
              
      - publicLength <= vectorLength. This means that doing new Array(blah)
        immediately allocates room for blah elements.
              
      - No sparse map or index bias.
              
      If you ever do things to an array that would require publicLength >
      vectorLength, a sparse map, or index bias, then we switch to ArrayStorage
      mode. This seems to never happen in any benchmark we track, and is unlikely
      to happen very frequently on any website.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/AbstractMacroAssembler.h:
      (JSC::AbstractMacroAssembler::JumpList::append):
      * assembler/MacroAssembler.h:
      (MacroAssembler):
      (JSC::MacroAssembler::patchableBranchTest32):
      * bytecode/ByValInfo.h: Added.
      (JSC):
      (JSC::isOptimizableIndexingType):
      (JSC::jitArrayModeForIndexingType):
      (JSC::ByValInfo::ByValInfo):
      (ByValInfo):
      (JSC::getByValInfoBytecodeIndex):
      * bytecode/CodeBlock.h:
      (CodeBlock):
      (JSC::CodeBlock::getByValInfo):
      (JSC::CodeBlock::setNumberOfByValInfos):
      (JSC::CodeBlock::numberOfByValInfos):
      (JSC::CodeBlock::byValInfo):
      * bytecode/SamplingTool.h:
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGArrayMode.cpp:
      (JSC::DFG::fromObserved):
      (JSC::DFG::modeAlreadyChecked):
      (JSC::DFG::modeToString):
      * dfg/DFGArrayMode.h:
      (DFG):
      (JSC::DFG::modeUsesButterfly):
      (JSC::DFG::modeIsJSArray):
      (JSC::DFG::isInBoundsAccess):
      (JSC::DFG::mayStoreToTail):
      (JSC::DFG::mayStoreToHole):
      (JSC::DFG::modeIsPolymorphic):
      (JSC::DFG::polymorphicIncludesContiguous):
      (JSC::DFG::polymorphicIncludesArrayStorage):
      (JSC::DFG::canCSEStorage):
      (JSC::DFG::modeSupportsLength):
      (JSC::DFG::benefitsFromStructureCheck):
      (JSC::DFG::isEffectful):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleIntrinsic):
      * dfg/DFGCSEPhase.cpp:
      (JSC::DFG::CSEPhase::getArrayLengthElimination):
      (JSC::DFG::CSEPhase::getByValLoadElimination):
      (JSC::DFG::CSEPhase::performNodeCSE):
      * dfg/DFGFixupPhase.cpp:
      (JSC::DFG::FixupPhase::fixupNode):
      (JSC::DFG::FixupPhase::checkArray):
      (JSC::DFG::FixupPhase::blessArrayOperation):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::byValIsPure):
      * dfg/DFGOperations.cpp:
      * dfg/DFGOperations.h:
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::tryCacheGetByID):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::checkArray):
      (JSC::DFG::SpeculativeJIT::arrayify):
      (JSC::DFG::SpeculativeJIT::compileGetArrayLength):
      (JSC::DFG::SpeculativeJIT::temporaryRegisterForPutByVal):
      (DFG):
      * dfg/DFGSpeculativeJIT.h:
      (DFG):
      (JSC::DFG::SpeculativeJIT::callOperation):
      (SpeculativeJIT):
      (JSC::DFG::SpeculativeJIT::putByValWillNeedExtraRegister):
      (JSC::DFG::SpeculativeJIT::temporaryRegisterForPutByVal):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compileContiguousGetByVal):
      (DFG):
      (JSC::DFG::SpeculativeJIT::compileArrayStorageGetByVal):
      (JSC::DFG::SpeculativeJIT::compileContiguousPutByVal):
      (JSC::DFG::SpeculativeJIT::compileArrayStoragePutByVal):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compileContiguousGetByVal):
      (DFG):
      (JSC::DFG::SpeculativeJIT::compileArrayStorageGetByVal):
      (JSC::DFG::SpeculativeJIT::compileContiguousPutByVal):
      (JSC::DFG::SpeculativeJIT::compileArrayStoragePutByVal):
      (JSC::DFG::SpeculativeJIT::compile):
      * interpreter/Interpreter.cpp:
      (SamplingScope):
      (JSC::SamplingScope::SamplingScope):
      (JSC::SamplingScope::~SamplingScope):
      (JSC):
      (JSC::Interpreter::execute):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileSlowCases):
      (JSC::JIT::privateCompile):
      * jit/JIT.h:
      (JSC::ByValCompilationInfo::ByValCompilationInfo):
      (ByValCompilationInfo):
      (JSC):
      (JIT):
      (JSC::JIT::compileGetByVal):
      (JSC::JIT::compilePutByVal):
      * jit/JITInlineMethods.h:
      (JSC::JIT::emitAllocateJSArray):
      (JSC::JIT::emitArrayProfileStoreToHoleSpecialCase):
      (JSC):
      (JSC::arrayProfileSaw):
      (JSC::JIT::chooseArrayMode):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emitSlow_op_get_argument_by_val):
      (JSC::JIT::emit_op_new_array):
      (JSC::JIT::emitSlow_op_new_array):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emitSlow_op_get_argument_by_val):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC):
      (JSC::JIT::emitContiguousGetByVal):
      (JSC::JIT::emitArrayStorageGetByVal):
      (JSC::JIT::emitSlow_op_get_by_val):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::emitContiguousPutByVal):
      (JSC::JIT::emitArrayStoragePutByVal):
      (JSC::JIT::emitSlow_op_put_by_val):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      (JSC::JIT::privateCompileGetByVal):
      (JSC::JIT::privateCompilePutByVal):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC):
      (JSC::JIT::emitContiguousGetByVal):
      (JSC::JIT::emitArrayStorageGetByVal):
      (JSC::JIT::emitSlow_op_get_by_val):
      (JSC::JIT::emit_op_put_by_val):
      (JSC::JIT::emitContiguousPutByVal):
      (JSC::JIT::emitArrayStoragePutByVal):
      (JSC::JIT::emitSlow_op_put_by_val):
      * jit/JITStubs.cpp:
      (JSC::getByVal):
      (JSC):
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC::putByVal):
      * jit/JITStubs.h:
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * runtime/ArrayConventions.h:
      (JSC::isDenseEnoughForVector):
      * runtime/ArrayPrototype.cpp:
      (JSC):
      (JSC::shift):
      (JSC::unshift):
      (JSC::arrayProtoFuncPush):
      (JSC::arrayProtoFuncShift):
      (JSC::arrayProtoFuncSplice):
      (JSC::arrayProtoFuncUnShift):
      * runtime/Butterfly.h:
      (Butterfly):
      (JSC::Butterfly::fromPointer):
      (JSC::Butterfly::pointer):
      (JSC::Butterfly::publicLength):
      (JSC::Butterfly::vectorLength):
      (JSC::Butterfly::setPublicLength):
      (JSC::Butterfly::setVectorLength):
      (JSC::Butterfly::contiguous):
      (JSC::Butterfly::fromContiguous):
      * runtime/ButterflyInlineMethods.h:
      (JSC::Butterfly::unshift):
      (JSC::Butterfly::shift):
      * runtime/IndexingHeaderInlineMethods.h:
      (JSC::IndexingHeader::indexingPayloadSizeInBytes):
      * runtime/IndexingType.cpp: Added.
      (JSC):
      (JSC::indexingTypeToString):
      * runtime/IndexingType.h:
      (JSC):
      (JSC::hasContiguous):
      * runtime/JSArray.cpp:
      (JSC::JSArray::setLengthWithArrayStorage):
      (JSC::JSArray::setLength):
      (JSC):
      (JSC::JSArray::pop):
      (JSC::JSArray::push):
      (JSC::JSArray::shiftCountWithArrayStorage):
      (JSC::JSArray::shiftCountWithAnyIndexingType):
      (JSC::JSArray::unshiftCountWithArrayStorage):
      (JSC::JSArray::unshiftCountWithAnyIndexingType):
      (JSC::JSArray::sortNumericVector):
      (JSC::JSArray::sortNumeric):
      (JSC::JSArray::sortCompactedVector):
      (JSC::JSArray::sort):
      (JSC::JSArray::sortVector):
      (JSC::JSArray::fillArgList):
      (JSC::JSArray::copyToArguments):
      (JSC::JSArray::compactForSorting):
      * runtime/JSArray.h:
      (JSC::JSArray::shiftCountForShift):
      (JSC::JSArray::shiftCountForSplice):
      (JSArray):
      (JSC::JSArray::shiftCount):
      (JSC::JSArray::unshiftCountForShift):
      (JSC::JSArray::unshiftCountForSplice):
      (JSC::JSArray::unshiftCount):
      (JSC::JSArray::isLengthWritable):
      (JSC::createContiguousArrayButterfly):
      (JSC):
      (JSC::JSArray::create):
      (JSC::JSArray::tryCreateUninitialized):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::reset):
      (JSC):
      (JSC::JSGlobalObject::haveABadTime):
      (JSC::JSGlobalObject::visitChildren):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::arrayStructureWithArrayStorage):
      (JSC::JSGlobalObject::addressOfArrayStructureWithArrayStorage):
      (JSC::constructEmptyArray):
      * runtime/JSObject.cpp:
      (JSC::JSObject::visitButterfly):
      (JSC::JSObject::getOwnPropertySlotByIndex):
      (JSC::JSObject::putByIndex):
      (JSC::JSObject::enterDictionaryIndexingMode):
      (JSC::JSObject::createInitialContiguous):
      (JSC):
      (JSC::JSObject::createArrayStorage):
      (JSC::JSObject::convertContiguousToArrayStorage):
      (JSC::JSObject::ensureContiguousSlow):
      (JSC::JSObject::ensureArrayStorageSlow):
      (JSC::JSObject::ensureIndexedStorageSlow):
      (JSC::JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode):
      (JSC::JSObject::switchToSlowPutArrayStorage):
      (JSC::JSObject::setPrototype):
      (JSC::JSObject::deletePropertyByIndex):
      (JSC::JSObject::getOwnPropertyNames):
      (JSC::JSObject::defineOwnIndexedProperty):
      (JSC::JSObject::putByIndexBeyondVectorLengthContiguousWithoutAttributes):
      (JSC::JSObject::putByIndexBeyondVectorLength):
      (JSC::JSObject::putDirectIndexBeyondVectorLengthWithArrayStorage):
      (JSC::JSObject::putDirectIndexBeyondVectorLength):
      (JSC::JSObject::getNewVectorLength):
      (JSC::JSObject::countElementsInContiguous):
      (JSC::JSObject::increaseVectorLength):
      (JSC::JSObject::ensureContiguousLengthSlow):
      (JSC::JSObject::getOwnPropertyDescriptor):
      * runtime/JSObject.h:
      (JSC::JSObject::getArrayLength):
      (JSC::JSObject::getVectorLength):
      (JSC::JSObject::canGetIndexQuickly):
      (JSC::JSObject::getIndexQuickly):
      (JSC::JSObject::tryGetIndexQuickly):
      (JSC::JSObject::canSetIndexQuickly):
      (JSC::JSObject::canSetIndexQuicklyForPutDirect):
      (JSC::JSObject::setIndexQuickly):
      (JSC::JSObject::initializeIndex):
      (JSC::JSObject::hasSparseMap):
      (JSC::JSObject::inSparseIndexingMode):
      (JSObject):
      (JSC::JSObject::ensureContiguous):
      (JSC::JSObject::ensureIndexedStorage):
      (JSC::JSObject::ensureContiguousLength):
      (JSC::JSObject::indexingData):
      (JSC::JSObject::relevantLength):
      * runtime/JSValue.cpp:
      (JSC::JSValue::description):
      * runtime/Options.cpp:
      (JSC::Options::initialize):
      * runtime/Structure.cpp:
      (JSC::Structure::needsSlowPutIndexing):
      (JSC):
      (JSC::Structure::suggestedArrayStorageTransition):
      * runtime/Structure.h:
      (Structure):
      * runtime/StructureTransitionTable.h:
      (JSC::newIndexingType):
      
      Source/WTF: 
      
      Moved out this helpful math utility to MathExtras, since we now use it in
      multiple places.
      
      * wtf/MathExtras.h:
      (timesThreePlusOneDividedByTwo):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@130826 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      0e9910a8
  10. 05 Oct, 2012 1 commit
    • mhahnenberg@apple.com's avatar
      JSC should have a way to gather and log Heap memory use and pause times · 3a2fb031
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=98431
      
      Reviewed by Geoffrey Garen.
      
      Source/JavaScriptCore:
      
      In order to improve our infrastructure for benchmark-driven development, we should
      have a centralized method of gathering and logging various statistics about the state
      of the JS heap. This would allow us to create and to use other tools to analyze the
      output of the VM after running various workloads.
      
      The first two statistics that might be interesting is memory use by JSC and GC pause
      times. We can control whether this recording happens through the use of the Options
      class, allowing us to either use environment variables or command line flags.
      
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * heap/Heap.cpp:
      (JSC::Heap::collect): If we finish a collection and are still over our set GC heap size,
      we end the program immediately and report an error. Also added recording of pause times.
      * heap/Heap.h:
      (Heap):
      (JSC::Heap::shouldCollect): When we set a specific GC heap size through Options, we
      ignore all other heuristics on when we should collect and instead only ask if we're
      greater than the amount specified in the Option value. This allows us to view time/memory
      tradeoffs more clearly.
      * heap/HeapStatistics.cpp: Added.
      (JSC):
      (JSC::HeapStatistics::initialize):
      (JSC::HeapStatistics::recordGCPauseTime):
      (JSC::HeapStatistics::logStatistics):
      (JSC::HeapStatistics::exitWithFailure):
      (JSC::HeapStatistics::reportSuccess):
      (JSC::HeapStatistics::parseMemoryAmount):
      (StorageStatistics):
      (JSC::StorageStatistics::StorageStatistics):
      (JSC::StorageStatistics::operator()):
      (JSC::StorageStatistics::objectWithOutOfLineStorageCount):
      (JSC::StorageStatistics::objectCount):
      (JSC::StorageStatistics::storageSize):
      (JSC::StorageStatistics::storageCapacity):
      (JSC::HeapStatistics::showObjectStatistics): Moved the old showHeapStatistics (renamed to showObjectStatistics)
      to try to start collecting our various memory statistics gathering/reporting mechanisms scattered throughout the
      codebase into one place.
      * heap/HeapStatistics.h: Added.
      (JSC):
      (HeapStatistics):
      * jsc.cpp:
      (main):
      * runtime/InitializeThreading.cpp:
      (JSC::initializeThreadingOnce): We need to initialize our data structures for recording
      statistics if necessary.
      * runtime/Options.cpp: Add new Options for the various types of statistics we'll be gathering.
      (JSC::parse):
      (JSC):
      (JSC::Options::initialize): Initialize the various new options using environment variables.
      (JSC::Options::dumpOption):
      * runtime/Options.h:
      (JSC):
      
      Tools:
      
      * DumpRenderTree/mac/DumpRenderTree.mm:
      (main): Added a check as to whether we should dump our JSC Heap statistics on exit.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@130520 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3a2fb031
  11. 25 Sep, 2012 1 commit
    • ggaren@apple.com's avatar
      JSC should dump object size inference statistics · def139e9
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=97618
      
      Reviewed by Filip Pizlo.
      
      Added an option to dump object size inference statistics.
      
      To see statistics on live objects:
      
          jsc --showHeapStatistics=1
      
      To see cumulative statistics on all objects ever allocated:
      
          jsc --showHeapStatistics=1 --objectsAreImmortal=1
      
          (This is useful for showing GC churn caused by over-allocation.)
      
      To support this second mode, I refactored Zombies to separate out their
      immortality feature so I could reuse it.
      
      * heap/Heap.cpp:
      (JSC::MarkObject): Helper for making things immortal. We have to checked
      for being zapped because blocks start out in this state.
      
      (JSC::StorageStatistics): Gather statistics by walking the heap. Ignore
      arrays and hash tables for now because they're not our focus. (We'll
      remove these exceptions in future.)
      
      (JSC::Heap::collect): Moved zombify to the end so it wouldn't interfere
      with statistics gathering.
      
      (JSC::Heap::showStatistics):
      (JSC::Heap::markAllObjects): Factored out helper, so statistics could
      take advantage of immortal objects.
      
      (Zombify): Don't mark immortal objects -- that's another class's job now.
      
      (JSC::Zombify::operator()):
      (JSC::Heap::zombifyDeadObjects): Take advantage of forEachDeadCell instead
      of rolling our own.
      
      * heap/Heap.h:
      (Heap):
      * heap/MarkedSpace.h:
      (MarkedSpace):
      (JSC::MarkedSpace::forEachDeadCell): Added, so clients don't have to do
      the iteration logic themselves.
      
      * runtime/Options.cpp:
      (JSC::Options::initialize):
      * runtime/Options.h: New options, listed above. Make sure to initialize
      based on environment variable first, so we can override with specific settings.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129586 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      def139e9
  12. 23 Sep, 2012 1 commit
    • commit-queue@webkit.org's avatar
      Fix build warnings : -Wunused-parameter, -Wparentheses, -Wuninitialized. · 378318b1
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=97306
      
      Patch by Byungwoo Lee <bw80.lee@gmail.com> on 2012-09-23
      Reviewed by Benjamin Poulain.
      
      Source/JavaScriptCore:
      
      Fix build warning about -Wunused-parameter on MachineStackMarker.cpp,
      LLIntSlowPaths.cpp, DatePrototype.cpp, Options.cpp by using
      UNUSED_PARAM() macro or remove parameter name.
      
      * heap/MachineStackMarker.cpp:
      (JSC::pthreadSignalHandlerSuspendResume):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::entryOSR):
      * runtime/DatePrototype.cpp:
      (JSC::formatLocaleDate):
      * runtime/Options.cpp:
      (JSC::computeNumberOfGCMarkers):
      
      Source/WebCore:
      
      Fix build warning about -Wunused-parameter on ImageBufferCairo.cpp,
      ImageDecoder.h by using ASSERT_UNUSED() macro.
      
      * platform/graphics/cairo/ImageBufferCairo.cpp:
      (WebCore::encodeImage):
      * platform/image-decoders/ImageDecoder.h:
      (WebCore::ImageDecoder::rgbColorProfile):
      (WebCore::ImageDecoder::inputDeviceColorProfile):
      
      Source/WebKit/efl:
      
      Fix build warning about -Wunused-parameter on FrameLoaderClientEfl.cpp
      by using ASSERT_UNUSED() macro.
      Fix build warning aboug -Wparentheses on ewk_frame.cpp by adding
      additional brace for the assign statement.
      
      * WebCoreSupport/FrameLoaderClientEfl.cpp:
      (WebCore::FrameLoaderClientEfl::dispatchDidChangeIcons):
      * ewk/ewk_frame.cpp:
      (ewk_frame_resources_location_get):
      
      Source/WebKit2:
      
      Fix build warning about -Wunused-parameter on Connection.cpp,
      WKEinaSharedString.cpp, ewk_view_loader_client.cpp, WebPage.cpp by
      using ASSERT_UNUSED() macro or removing parameter name.
      Fix build warning about -Wuninitialized on WebEventFactory.cpp by
      continueing the loop at the default switch case not to use the
      uninitialized variable.
      
      * Platform/CoreIPC/Connection.cpp:
      (CoreIPC::Connection::waitForSyncReply):
      * Shared/efl/WebEventFactory.cpp:
      (WebKit::WebEventFactory::createWebTouchEvent):
      * UIProcess/API/cpp/efl/WKEinaSharedString.cpp:
      (WKEinaSharedString::WKEinaSharedString):
      * UIProcess/API/efl/ewk_view_loader_client.cpp:
      (didSameDocumentNavigationForFrame):
      * WebProcess/WebPage/WebPage.cpp:
      (WebKit::WebPage::SandboxExtensionTracker::beginLoad):
      
      Source/WTF:
      
      Fix build warning about -Wunused-parameter on FastMalloc.cpp,
      OSAllocatorPosix.cpp by using UNUSED_PARAM() macro.
      Fix header including order of FastMalloc.cpp.
      
      * wtf/FastMalloc.cpp:
      (WTF::fastMallocSize):
      * wtf/OSAllocatorPosix.cpp:
      (WTF::OSAllocator::reserveAndCommit):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@129319 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      378318b1
  13. 06 Sep, 2012 2 commits
    • mhahnenberg@apple.com's avatar
      JSC should have a zombie mode · 66b96f28
      mhahnenberg@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=96047
      
      Reviewed by Geoffrey Garen.
      
      To aid clients of JSC while they are debugging memory issues, we should add a zombie
      mode that scribbles into objects in the MarkedSpace after they are found to be dead
      to prevent a sort of "use after free" situation. As a first cut we should support a
      mode that just scribbles on objects prior to their being reused (i.e. while they are
      "zombies") and a mode in which, in addition to scribbling on zombies, once an object
      has been marked its mark bit will never be cleared, thus giving us "immortal" zombies.
      
      These two modes will be enabled through the use of environment variables. For now these
      will be "JSZombieEnabled" and "JSImmortalZombieEnabled". Setting them to any value will
      result in the use of the appropriate mode.
      
      * heap/Heap.cpp:
      (JSC::Heap::collect): Zombifies dead objects at the end of collection if zombie mode is enabled.
      (ZombifyCellFunctor):
      (JSC::ZombifyCellFunctor::ZombifyCellFunctor): Sets marked bits for dead objects if in immortal mode and writes 0xbbadbeef into them.
      (JSC::ZombifyCellFunctor::operator()):
      (JSC):
      (ZombifyBlockFunctor):
      (JSC::ZombifyBlockFunctor::operator()):
      (JSC::Heap::zombifyDeadObjects): Eagerly sweeps so that we don't write garbage into an object before it
      is finalized/destroyed.
      * heap/Heap.h:
      (Heap):
      * heap/MarkedBlock.h:
      (MarkedBlock):
      (JSC::MarkedBlock::forEachDeadCell): Used to iterate over dead cells at the end of collection if zombie mode is enabled.
      (JSC):
      * runtime/Options.cpp:
      (JSC::Options::initialize):
      * runtime/Options.h:
      (JSC):
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127829 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      66b96f28
    • commit-queue@webkit.org's avatar
      Renamed useYarrJIT() option to useRegExpJIT(). Also fixed regression in · 8a89a852
      commit-queue@webkit.org authored
      which inadvertantly allows the ASM llint to use the baseline JIT when
      useRegExpJIT() is true.
      https://bugs.webkit.org/show_bug.cgi?id=95918.
      
      Patch by Mark Lam <mark.lam@apple.com> on 2012-09-06
      Reviewed by Geoffrey Garen.
      
      * runtime/JSGlobalData.cpp:
      (JSC::enableAssembler):
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSC::JSGlobalData::canUseJIT):
      (JSC::JSGlobalData::canUseRegExpJIT):
      (JSGlobalData):
      * runtime/Options.cpp:
      (JSC::Options::initialize):
      * runtime/Options.h:
      (JSC):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127719 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      8a89a852
  14. 04 Sep, 2012 1 commit
  15. 01 Sep, 2012 1 commit
    • commit-queue@webkit.org's avatar
      LLInt C loop backend. · e13567fb
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=91052.
      
      Patch by Mark Lam <mark.lam@apple.com> on 2012-09-01
      Reviewed by Filip Pizlo.
      
      Source/JavaScriptCore:
      
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::bytecodeOffset):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      (JSC):
      * interpreter/Interpreter.h:
      * jit/JITStubs.h:
      (JITStackFrame):
      (JSC):
      * llint/LLIntCLoop.cpp: Added.
      (JSC):
      (LLInt):
      (JSC::LLInt::CLoop::initialize):
      (JSC::LLInt::CLoop::catchRoutineFor):
      (JSC::LLInt::CLoop::hostCodeEntryFor):
      (JSC::LLInt::CLoop::jsCodeEntryWithArityCheckFor):
      (JSC::LLInt::CLoop::jsCodeEntryFor):
      * llint/LLIntCLoop.h: Added.
      (JSC):
      (LLInt):
      (CLoop):
      * llint/LLIntData.cpp:
      (JSC::LLInt::initialize):
      * llint/LLIntData.h:
      (JSC):
      * llint/LLIntOfflineAsmConfig.h:
      * llint/LLIntOpcode.h:
      * llint/LLIntThunks.cpp:
      (LLInt):
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter.cpp:
      (LLInt):
      (JSC::LLInt::Ints2Double):
      (JSC):
      (JSC::CLoop::execute):
      * llint/LowLevelInterpreter.h:
      (JSC):
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * offlineasm/asm.rb:
      * offlineasm/backends.rb:
      * offlineasm/cloop.rb: Added.
      * offlineasm/instructions.rb:
      * runtime/Executable.h:
      (ExecutableBase):
      (JSC::ExecutableBase::hostCodeEntryFor):
      (JSC::ExecutableBase::jsCodeEntryFor):
      (JSC::ExecutableBase::jsCodeWithArityCheckEntryFor):
      (JSC::ExecutableBase::catchRoutineFor):
      (NativeExecutable):
      * runtime/JSValue.h:
      (JSC):
      (LLInt):
      (JSValue):
      * runtime/JSValueInlineMethods.h:
      (JSC):
      (JSC::JSValue::JSValue):
      * runtime/Options.cpp:
      (JSC::Options::initialize):
      
      Source/WTF:
      
      Added configs for the llint C loop backend.
      
      * wtf/Platform.h:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@127374 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      e13567fb
  16. 05 Jul, 2012 1 commit
    • fpizlo@apple.com's avatar
      Inline property storage should not be wasted when it is exhausted · d68b1f84
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=90347
      
      Reviewed by Gavin Barraclough.
              
      Previously, if we switched an object from using inline storage to out-of-line
      storage, we would abandon the inline storage. This would have two main implications:
      (i) all accesses to the object, even for properties that were previously in inline
      storage, must now take an extra indirection; and (ii) we waste a non-trivial amount
      of space since we must allocate additional out-of-line storage to hold properties
      that would have fit in the inline storage. There's also the copying cost when
      switching to out-of-line storage - we must copy all inline properties into ouf-of-line
      storage.
              
      This patch changes the way that object property storage works so that we can use both
      inline and out-of-line storage concurrently. This is accomplished by introducing a
      new notion of property offset. This PropertyOffset is a 32-bit signed integer and it
      behaves as follows:
              
      offset == -1: invalid offset, indicating a property that does not exist.
              
      0 <= offset <= inlineStorageCapacity: offset into inline storage.
              
      inlineStorageCapacity < offset: offset into out-of-line storage.
              
      Because non-final objects don't have inline storage, the only valid PropertyOffsets
      for those objects' properties are -1 or > inlineStorageCapacity.
              
      This now means that the decision to use inline or out-of-line storage for an access is
      made based on the offset, rather than the structure. It also means that any access
      where the offset is a variable must have an extra branch, unless the type of the
      object is also known (if it's known to be a non-final object then we can just assert
      that the offset is >= inlineStorageCapacity).
              
      This looks like a big Kraken speed-up and a slight V8 speed-up.
      
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * assembler/ARMv7Assembler.h:
      (ARMv7Assembler):
      (JSC::ARMv7Assembler::ldrWide8BitImmediate):
      (JSC::ARMv7Assembler::replaceWithLoad):
      (JSC::ARMv7Assembler::replaceWithAddressComputation):
      * assembler/AbstractMacroAssembler.h:
      (AbstractMacroAssembler):
      (ConvertibleLoadLabel):
      (JSC::AbstractMacroAssembler::ConvertibleLoadLabel::ConvertibleLoadLabel):
      (JSC::AbstractMacroAssembler::ConvertibleLoadLabel::isSet):
      (JSC::AbstractMacroAssembler::labelIgnoringWatchpoints):
      (JSC::AbstractMacroAssembler::replaceWithLoad):
      (JSC::AbstractMacroAssembler::replaceWithAddressComputation):
      * assembler/CodeLocation.h:
      (JSC):
      (CodeLocationCommon):
      (CodeLocationConvertibleLoad):
      (JSC::CodeLocationConvertibleLoad::CodeLocationConvertibleLoad):
      (JSC::CodeLocationCommon::convertibleLoadAtOffset):
      * assembler/LinkBuffer.cpp:
      (JSC::LinkBuffer::finalizeCodeWithDisassembly):
      * assembler/LinkBuffer.h:
      (LinkBuffer):
      (JSC::LinkBuffer::locationOf):
      * assembler/MacroAssemblerARMv7.h:
      (MacroAssemblerARMv7):
      (JSC::MacroAssemblerARMv7::convertibleLoadPtr):
      * assembler/MacroAssemblerX86.h:
      (JSC::MacroAssemblerX86::convertibleLoadPtr):
      (MacroAssemblerX86):
      * assembler/MacroAssemblerX86_64.h:
      (JSC::MacroAssemblerX86_64::convertibleLoadPtr):
      (MacroAssemblerX86_64):
      * assembler/RepatchBuffer.h:
      (RepatchBuffer):
      (JSC::RepatchBuffer::replaceWithLoad):
      (JSC::RepatchBuffer::replaceWithAddressComputation):
      (JSC::RepatchBuffer::setLoadInstructionIsActive):
      * assembler/X86Assembler.h:
      (JSC::X86Assembler::replaceWithLoad):
      (X86Assembler):
      (JSC::X86Assembler::replaceWithAddressComputation):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::printGetByIdOp):
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::finalizeUnconditionally):
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeFromLLInt):
      (JSC::GetByIdStatus::computeForChain):
      (JSC::GetByIdStatus::computeFor):
      * bytecode/GetByIdStatus.h:
      (JSC::GetByIdStatus::GetByIdStatus):
      (JSC::GetByIdStatus::offset):
      (GetByIdStatus):
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName):
      * bytecode/PutByIdStatus.cpp:
      (JSC::PutByIdStatus::computeFromLLInt):
      (JSC::PutByIdStatus::computeFor):
      * bytecode/PutByIdStatus.h:
      (JSC::PutByIdStatus::PutByIdStatus):
      (JSC::PutByIdStatus::offset):
      (PutByIdStatus):
      * bytecode/ResolveGlobalStatus.cpp:
      (JSC):
      (JSC::computeForStructure):
      * bytecode/ResolveGlobalStatus.h:
      (JSC::ResolveGlobalStatus::ResolveGlobalStatus):
      (JSC::ResolveGlobalStatus::offset):
      (ResolveGlobalStatus):
      * bytecode/StructureSet.h:
      (StructureSet):
      * bytecode/StructureStubInfo.h:
      * dfg/DFGByteCodeParser.cpp:
      (ByteCodeParser):
      (JSC::DFG::ByteCodeParser::handleGetByOffset):
      (JSC::DFG::ByteCodeParser::handleGetById):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCapabilities.h:
      (JSC::DFG::canCompileOpcode):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::link):
      * dfg/DFGJITCompiler.h:
      (JSC::DFG::PropertyAccessRecord::PropertyAccessRecord):
      (PropertyAccessRecord):
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::dfgRepatchByIdSelfAccess):
      (JSC::DFG::generateProtoChainAccessStub):
      (JSC::DFG::tryCacheGetByID):
      (JSC::DFG::tryBuildGetByIDList):
      (JSC::DFG::tryBuildGetByIDProtoList):
      (JSC::DFG::emitPutReplaceStub):
      (JSC::DFG::emitPutTransitionStub):
      (JSC::DFG::tryCachePutByID):
      (JSC::DFG::tryBuildPutByIdList):
      * dfg/DFGSpeculativeJIT.h:
      (JSC::DFG::SpeculativeJIT::emitAllocateBasicJSObject):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::cachedGetById):
      (JSC::DFG::SpeculativeJIT::cachedPutById):
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::cachedGetById):
      (JSC::DFG::SpeculativeJIT::cachedPutById):
      (JSC::DFG::SpeculativeJIT::compile):
      * heap/MarkStack.cpp:
      (JSC::visitChildren):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::tryCacheGetByID):
      (JSC::Interpreter::privateExecute):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      (JSC::PropertyStubCompilationInfo::copyToStubInfo):
      * jit/JIT.h:
      (JSC::PropertyStubCompilationInfo::PropertyStubCompilationInfo):
      (JSC::JIT::compileGetByIdProto):
      (JSC::JIT::compileGetByIdSelfList):
      (JSC::JIT::compileGetByIdProtoList):
      (JSC::JIT::compileGetByIdChainList):
      (JSC::JIT::compileGetByIdChain):
      (JSC::JIT::compilePutByIdTransition):
      (JIT):
      * jit/JITInlineMethods.h:
      (JSC::JIT::emitAllocateBasicJSObject):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_resolve_global):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emit_op_resolve_global):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::compileGetDirectOffset):
      (JSC::JIT::emit_op_method_check):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::emit_op_put_by_id):
      (JSC::JIT::compilePutDirectOffset):
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::patchGetByIdSelf):
      (JSC::JIT::patchPutByIdReplace):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_method_check):
      (JSC::JIT::compileGetByIdHotPath):
      (JSC::JIT::emit_op_put_by_id):
      (JSC::JIT::compilePutDirectOffset):
      (JSC::JIT::compileGetDirectOffset):
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::patchGetByIdSelf):
      (JSC::JIT::patchPutByIdReplace):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      (JSC::JIT::emit_op_get_by_pname):
      * jit/JITStubs.cpp:
      (JSC::JITThunks::tryCacheGetByID):
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * llint/LowLevelInterpreter.asm:
      * llint/LowLevelInterpreter32_64.asm:
      * llint/LowLevelInterpreter64.asm:
      * offlineasm/x86.rb:
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::functionNameOffset):
      * runtime/JSObject.cpp:
      (JSC::JSObject::visitChildren):
      (JSC):
      (JSC::JSFinalObject::visitChildren):
      (JSC::JSObject::put):
      (JSC::JSObject::deleteProperty):
      (JSC::JSObject::getPropertySpecificValue):
      (JSC::JSObject::removeDirect):
      (JSC::JSObject::growOutOfLineStorage):
      (JSC::JSObject::getOwnPropertyDescriptor):
      * runtime/JSObject.h:
      (JSObject):
      (JSC::JSObject::getDirect):
      (JSC::JSObject::getDirectLocation):
      (JSC::JSObject::hasInlineStorage):
      (JSC::JSObject::inlineStorageUnsafe):
      (JSC::JSObject::inlineStorage):
      (JSC::JSObject::outOfLineStorage):
      (JSC::JSObject::locationForOffset):
      (JSC::JSObject::offsetForLocation):
      (JSC::JSObject::getDirectOffset):
      (JSC::JSObject::putDirectOffset):
      (JSC::JSObject::putUndefinedAtDirectOffset):
      (JSC::JSObject::addressOfOutOfLineStorage):
      (JSC::JSObject::finishCreation):
      (JSC::JSNonFinalObject::JSNonFinalObject):
      (JSC::JSNonFinalObject::finishCreation):
      (JSFinalObject):
      (JSC::JSFinalObject::finishCreation):
      (JSC::JSFinalObject::JSFinalObject):
      (JSC::JSObject::offsetOfOutOfLineStorage):
      (JSC::JSObject::setOutOfLineStorage):
      (JSC::JSObject::JSObject):
      (JSC):
      (JSC::JSCell::fastGetOwnProperty):
      (JSC::JSObject::putDirectInternal):
      (JSC::JSObject::setStructureAndReallocateStorageIfNecessary):
      (JSC::JSObject::putDirectWithoutTransition):
      (JSC::offsetRelativeToPatchedStorage):
      (JSC::indexRelativeToBase):
      (JSC::offsetRelativeToBase):
      * runtime/JSPropertyNameIterator.cpp:
      (JSC::JSPropertyNameIterator::create):
      * runtime/JSPropertyNameIterator.h:
      (JSPropertyNameIterator):
      (JSC::JSPropertyNameIterator::getOffset):
      (JSC::JSPropertyNameIterator::finishCreation):
      * runtime/JSValue.cpp:
      (JSC::JSValue::putToPrimitive):
      * runtime/Operations.h:
      (JSC::normalizePrototypeChain):
      * runtime/Options.cpp:
      (JSC):
      (JSC::Options::initialize):
      * runtime/PropertyMapHashTable.h:
      (PropertyMapEntry):
      (JSC::PropertyMapEntry::PropertyMapEntry):
      (PropertyTable):
      (JSC::PropertyTable::PropertyTable):
      (JSC::PropertyTable::getDeletedOffset):
      (JSC::PropertyTable::addDeletedOffset):
      (JSC::PropertyTable::nextOffset):
      (JSC):
      (JSC::PropertyTable::sizeInMemory):
      * runtime/PropertyOffset.h: Added.
      (JSC):
      (JSC::checkOffset):
      (JSC::validateOffset):
      (JSC::isValidOffset):
      (JSC::isInlineOffset):
      (JSC::isOutOfLineOffset):
      (JSC::offsetInInlineStorage):
      (JSC::offsetInOutOfLineStorage):
      (JSC::offsetInRespectiveStorage):
      (JSC::numberOfOutOfLineSlotsForLastOffset):
      (JSC::numberOfSlotsForLastOffset):
      (JSC::nextPropertyOffsetFor):
      (JSC::firstPropertyOffsetFor):
      * runtime/PropertySlot.h:
      (JSC::PropertySlot::cachedOffset):
      (JSC::PropertySlot::setValue):
      (JSC::PropertySlot::setCacheableGetterSlot):
      (JSC::PropertySlot::clearOffset):
      * runtime/PutPropertySlot.h:
      (JSC::PutPropertySlot::setExistingProperty):
      (JSC::PutPropertySlot::setNewProperty):
      (JSC::PutPropertySlot::cachedOffset):
      (PutPropertySlot):
      * runtime/Structure.cpp:
      (JSC::Structure::Structure):
      (JSC::Structure::materializePropertyMap):
      (JSC::nextOutOfLineStorageCapacity):
      (JSC::Structure::growOutOfLineCapacity):
      (JSC::Structure::suggestedNewOutOfLineStorageCapacity):
      (JSC::Structure::addPropertyTransitionToExistingStructure):
      (JSC::Structure::addPropertyTransition):
      (JSC::Structure::removePropertyTransition):
      (JSC::Structure::flattenDictionaryStructure):
      (JSC::Structure::addPropertyWithoutTransition):
      (JSC::Structure::removePropertyWithoutTransition):
      (JSC::Structure::copyPropertyTableForPinning):
      (JSC::Structure::get):
      (JSC::Structure::putSpecificValue):
      (JSC::Structure::remove):
      * runtime/Structure.h:
      (Structure):
      (JSC::Structure::putWillGrowOutOfLineStorage):
      (JSC::Structure::previousID):
      (JSC::Structure::outOfLineCapacity):
      (JSC::Structure::outOfLineSizeForKnownFinalObject):
      (JSC::Structure::outOfLineSizeForKnownNonFinalObject):
      (JSC::Structure::outOfLineSize):
      (JSC::Structure::hasInlineStorage):
      (JSC::Structure::inlineCapacity):
      (JSC::Structure::inlineSizeForKnownFinalObject):
      (JSC::Structure::inlineSize):
      (JSC::Structure::totalStorageSize):
      (JSC::Structure::totalStorageCapacity):
      (JSC::Structure::firstValidOffset):
      (JSC::Structure::lastValidOffset):
      (JSC::Structure::isValidOffset):
      (JSC::Structure::isEmpty):
      (JSC::Structure::transitionCount):
      (JSC::Structure::get):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121925 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      d68b1f84
  17. 04 Jul, 2012 1 commit
  18. 03 Jul, 2012 1 commit
    • commit-queue@webkit.org's avatar
      Add ability to symbolically set and dump JSC VM options. · fbda60c5
      commit-queue@webkit.org authored
      See comments in runtime/Options.h for details on how the options work.
      https://bugs.webkit.org/show_bug.cgi?id=90420
      
      Patch by Mark Lam <mark.lam@apple.com> on 2012-07-03
      Reviewed by Filip Pizlo.
      
      * assembler/LinkBuffer.cpp:
      (JSC::LinkBuffer::finalizeCodeWithDisassembly):
      * assembler/LinkBuffer.h:
      (JSC):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::shouldOptimizeNow):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::likelyToTakeSlowCase):
      (JSC::CodeBlock::couldTakeSlowCase):
      (JSC::CodeBlock::likelyToTakeSpecialFastCase):
      (JSC::CodeBlock::likelyToTakeDeepestSlowCase):
      (JSC::CodeBlock::likelyToTakeAnySlowCase):
      (JSC::CodeBlock::jitAfterWarmUp):
      (JSC::CodeBlock::jitSoon):
      (JSC::CodeBlock::reoptimizationRetryCounter):
      (JSC::CodeBlock::countReoptimization):
      (JSC::CodeBlock::counterValueForOptimizeAfterWarmUp):
      (JSC::CodeBlock::counterValueForOptimizeAfterLongWarmUp):
      (JSC::CodeBlock::optimizeSoon):
      (JSC::CodeBlock::exitCountThresholdForReoptimization):
      (JSC::CodeBlock::exitCountThresholdForReoptimizationFromLoop):
      * bytecode/ExecutionCounter.h:
      (JSC::ExecutionCounter::clippedThreshold):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleInlining):
      * dfg/DFGCapabilities.h:
      (JSC::DFG::mightCompileEval):
      (JSC::DFG::mightCompileProgram):
      (JSC::DFG::mightCompileFunctionForCall):
      (JSC::DFG::mightCompileFunctionForConstruct):
      (JSC::DFG::mightInlineFunctionForCall):
      (JSC::DFG::mightInlineFunctionForConstruct):
      * dfg/DFGCommon.h:
      (JSC::DFG::shouldShowDisassembly):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGOSRExit.cpp:
      (JSC::DFG::OSRExit::considerAddingAsFrequentExitSiteSlow):
      * dfg/DFGVariableAccessData.h:
      (JSC::DFG::VariableAccessData::shouldUseDoubleFormatAccordingToVote):
      * heap/MarkStack.cpp:
      (JSC::MarkStackSegmentAllocator::allocate):
      (JSC::MarkStackSegmentAllocator::shrinkReserve):
      (JSC::MarkStackArray::MarkStackArray):
      (JSC::MarkStackThreadSharedData::MarkStackThreadSharedData):
      (JSC::SlotVisitor::donateKnownParallel):
      (JSC::SlotVisitor::drain):
      (JSC::SlotVisitor::drainFromShared):
      * heap/MarkStack.h:
      (JSC::MarkStack::mergeOpaqueRootsIfProfitable):
      (JSC::MarkStack::addOpaqueRoot):
      * heap/SlotVisitor.h:
      (JSC::SlotVisitor::donate):
      * jit/JIT.cpp:
      (JSC::JIT::emitOptimizationCheck):
      * jsc.cpp:
      (printUsageStatement):
      (parseArguments):
      * runtime/InitializeThreading.cpp:
      (JSC::initializeThreadingOnce):
      * runtime/JSGlobalData.cpp:
      (JSC::enableAssembler):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::JSGlobalObject):
      * runtime/Options.cpp:
      (JSC):
      (JSC::overrideOptionWithHeuristic):
      (JSC::Options::initialize):
      (JSC::Options::setOption):
      (JSC::Options::dumpAllOptions):
      (JSC::Options::dumpOption):
      * runtime/Options.h:
      (JSC):
      (Options):
      (EntryInfo):
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121798 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      fbda60c5
  19. 28 Jun, 2012 1 commit
    • fpizlo@apple.com's avatar
      DFG recompilation heuristics should be based on count, not rate · 48a964b5
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=90146
      
      Reviewed by Oliver Hunt.
              
      This removes a bunch of code that was previously trying to prevent spurious
      reoptimizations if a large enough majority of executions of a code block did
      not result in OSR exit. It turns out that this code was purely harmful. This
      patch removes all of that logic and replaces it with a dead-simple
      heuristic: if you exit more than N times (where N is an exponential function
      of the number of times the code block has already been recompiled) then we
      will recompile.
              
      This appears to be a broad ~1% win on many benchmarks large and small.
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::CodeBlock):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::osrExitCounter):
      (JSC::CodeBlock::countOSRExit):
      (CodeBlock):
      (JSC::CodeBlock::addressOfOSRExitCounter):
      (JSC::CodeBlock::offsetOfOSRExitCounter):
      (JSC::CodeBlock::adjustedExitCountThreshold):
      (JSC::CodeBlock::exitCountThresholdForReoptimization):
      (JSC::CodeBlock::exitCountThresholdForReoptimizationFromLoop):
      (JSC::CodeBlock::shouldReoptimizeNow):
      (JSC::CodeBlock::shouldReoptimizeFromLoopNow):
      * bytecode/ExecutionCounter.cpp:
      (JSC::ExecutionCounter::setThreshold):
      * bytecode/ExecutionCounter.h:
      (ExecutionCounter):
      (JSC::ExecutionCounter::clippedThreshold):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::compileBody):
      * dfg/DFGOSRExit.cpp:
      (JSC::DFG::OSRExit::considerAddingAsFrequentExitSiteSlow):
      * dfg/DFGOSRExitCompiler.cpp:
      (JSC::DFG::OSRExitCompiler::handleExitCounts):
      * dfg/DFGOperations.cpp:
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121511 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      48a964b5
  20. 27 Jun, 2012 1 commit
  21. 25 Jun, 2012 2 commits
    • fpizlo@apple.com's avatar
      JSC should try to make profiling deterministic because otherwise reproducing failures is · 41a1f0ea
      fpizlo@apple.com authored
      nearly impossible
      https://bugs.webkit.org/show_bug.cgi?id=89940
      
      Rubber stamped by Gavin Barraclough.
              
      This rolls out the part of http://trac.webkit.org/changeset/121215 that introduced randomness
      into the system. Now, instead of randomizing the tier-up threshold, we always set it to an
      artificially low (and statically predetermined!) value. This gives most of the benefit of
      threshold randomization without actually making the system behave completely differently on
      each invocation.
      
      * bytecode/ExecutionCounter.cpp:
      (JSC::ExecutionCounter::setThreshold):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121218 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      41a1f0ea
    • fpizlo@apple.com's avatar
      Value profiling should use tier-up threshold randomization to get more coverage · 3745dbcf
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=89802
      
      Source/JavaScriptCore: 
      
      Reviewed by Gavin Barraclough.
              
      This patch causes both LLInt and Baseline JIT code to take the OSR slow path several
      times before actually doing OSR. If we take the OSR slow path before the execution
      count threshold is reached, then we just call CodeBlock::updateAllPredictions() to
      compute the current latest least-upper-bound SpecType of all values seen in each
      ValueProfile.
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::stronglyVisitStrongReferences):
      (JSC::CodeBlock::updateAllPredictionsAndCountLiveness):
      (JSC):
      (JSC::CodeBlock::updateAllPredictions):
      (JSC::CodeBlock::shouldOptimizeNow):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::llintExecuteCounter):
      (JSC::CodeBlock::jitExecuteCounter):
      (CodeBlock):
      (JSC::CodeBlock::updateAllPredictions):
      * bytecode/ExecutionCounter.cpp:
      (JSC::ExecutionCounter::setThreshold):
      (JSC::ExecutionCounter::status):
      (JSC):
      * bytecode/ExecutionCounter.h:
      (JSC::ExecutionCounter::count):
      (ExecutionCounter):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGOperations.cpp:
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::jitCompileAndSetHeuristics):
      (JSC::LLInt::entryOSR):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      * runtime/JSGlobalObject.cpp:
      (JSC::JSGlobalObject::JSGlobalObject):
      (JSC):
      * runtime/JSGlobalObject.h:
      (JSGlobalObject):
      (JSC::JSGlobalObject::weakRandomInteger):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      * runtime/WeakRandom.h:
      (WeakRandom):
      (JSC::WeakRandom::seedUnsafe):
      
      LayoutTests: 
      
      Reviewed by Gavin Barraclough.
              
      * fast/js/dfg-store-unexpected-value-into-argument-and-osr-exit-expected.txt: Added.
      * fast/js/dfg-store-unexpected-value-into-argument-and-osr-exit.html: Added.
      * fast/js/script-tests/dfg-store-unexpected-value-into-argument-and-osr-exit.js: Added.
      (foo):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@121215 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3745dbcf
  22. 20 Jun, 2012 1 commit
    • fpizlo@apple.com's avatar
      DFG should be able to print disassembly interleaved with the IR · 3d517670
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=89551
      
      Reviewed by Geoffrey Garen.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/ARMv7Assembler.h:
      (JSC::ARMv7Assembler::labelIgnoringWatchpoints):
      (ARMv7Assembler):
      * assembler/AbstractMacroAssembler.h:
      (AbstractMacroAssembler):
      (JSC::AbstractMacroAssembler::labelIgnoringWatchpoints):
      * assembler/X86Assembler.h:
      (X86Assembler):
      (JSC::X86Assembler::labelIgnoringWatchpoints):
      * dfg/DFGCommon.h:
      (JSC::DFG::shouldShowDisassembly):
      (DFG):
      * dfg/DFGDisassembler.cpp: Added.
      (DFG):
      (JSC::DFG::Disassembler::Disassembler):
      (JSC::DFG::Disassembler::dump):
      (JSC::DFG::Disassembler::dumpDisassembly):
      * dfg/DFGDisassembler.h: Added.
      (DFG):
      (Disassembler):
      (JSC::DFG::Disassembler::setStartOfCode):
      (JSC::DFG::Disassembler::setForBlock):
      (JSC::DFG::Disassembler::setForNode):
      (JSC::DFG::Disassembler::setEndOfMainPath):
      (JSC::DFG::Disassembler::setEndOfCode):
      * dfg/DFGDriver.cpp:
      (JSC::DFG::compile):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dumpCodeOrigin):
      (JSC::DFG::Graph::amountOfNodeWhiteSpace):
      (DFG):
      (JSC::DFG::Graph::printNodeWhiteSpace):
      (JSC::DFG::Graph::dump):
      (JSC::DFG::Graph::dumpBlockHeader):
      * dfg/DFGGraph.h:
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::JITCompiler):
      (DFG):
      (JSC::DFG::JITCompiler::compile):
      (JSC::DFG::JITCompiler::compileFunction):
      * dfg/DFGJITCompiler.h:
      (JITCompiler):
      (JSC::DFG::JITCompiler::setStartOfCode):
      (JSC::DFG::JITCompiler::setForBlock):
      (JSC::DFG::JITCompiler::setForNode):
      (JSC::DFG::JITCompiler::setEndOfMainPath):
      (JSC::DFG::JITCompiler::setEndOfCode):
      * dfg/DFGNode.h:
      (Node):
      (JSC::DFG::Node::willHaveCodeGen):
      * dfg/DFGNodeFlags.cpp:
      (JSC::DFG::nodeFlagsAsString):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT.h:
      (SpeculativeJIT):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@120834 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3d517670
  23. 19 Jun, 2012 1 commit
    • fpizlo@apple.com's avatar
      JSC should be able to show disassembly for all generated JIT code · 2adf527e
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=89536
      
      Reviewed by Gavin Barraclough.
              
      Now instead of doing linkBuffer.finalizeCode(), you do
      FINALIZE_CODE(linkBuffer, (... explanation ...)). FINALIZE_CODE() then
      prints your explanation and the disassembled code, if
      Options::showDisassembly is set to true.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/LinkBuffer.cpp: Added.
      (JSC):
      (JSC::LinkBuffer::finalizeCodeWithoutDisassembly):
      (JSC::LinkBuffer::finalizeCodeWithDisassembly):
      (JSC::LinkBuffer::linkCode):
      (JSC::LinkBuffer::performFinalization):
      (JSC::LinkBuffer::dumpLinkStatistics):
      (JSC::LinkBuffer::dumpCode):
      * assembler/LinkBuffer.h:
      (LinkBuffer):
      (JSC):
      * assembler/MacroAssemblerCodeRef.h:
      (JSC::MacroAssemblerCodeRef::tryToDisassemble):
      (MacroAssemblerCodeRef):
      * dfg/DFGJITCompiler.cpp:
      (JSC::DFG::JITCompiler::compile):
      (JSC::DFG::JITCompiler::compileFunction):
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGRepatch.cpp:
      (JSC::DFG::generateProtoChainAccessStub):
      (JSC::DFG::tryCacheGetByID):
      (JSC::DFG::tryBuildGetByIDList):
      (JSC::DFG::emitPutReplaceStub):
      (JSC::DFG::emitPutTransitionStub):
      * dfg/DFGThunks.cpp:
      (JSC::DFG::osrExitGenerationThunkGenerator):
      * disassembler/Disassembler.h:
      (JSC):
      (JSC::tryToDisassemble):
      * disassembler/UDis86Disassembler.cpp:
      (JSC::tryToDisassemble):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompile):
      * jit/JITCode.h:
      (JSC::JITCode::tryToDisassemble):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::privateCompileCTIMachineTrampolines):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::privateCompileCTIMachineTrampolines):
      (JSC::JIT::privateCompileCTINativeCall):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::stringGetByValStubGenerator):
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::stringGetByValStubGenerator):
      (JSC::JIT::privateCompilePutByIdTransition):
      (JSC::JIT::privateCompilePatchGetArrayLength):
      (JSC::JIT::privateCompileGetByIdProto):
      (JSC::JIT::privateCompileGetByIdSelfList):
      (JSC::JIT::privateCompileGetByIdProtoList):
      (JSC::JIT::privateCompileGetByIdChainList):
      (JSC::JIT::privateCompileGetByIdChain):
      * jit/SpecializedThunkJIT.h:
      (JSC::SpecializedThunkJIT::finalize):
      * jit/ThunkGenerators.cpp:
      (JSC::charCodeAtThunkGenerator):
      (JSC::charAtThunkGenerator):
      (JSC::fromCharCodeThunkGenerator):
      (JSC::sqrtThunkGenerator):
      (JSC::floorThunkGenerator):
      (JSC::ceilThunkGenerator):
      (JSC::roundThunkGenerator):
      (JSC::expThunkGenerator):
      (JSC::logThunkGenerator):
      (JSC::absThunkGenerator):
      (JSC::powThunkGenerator):
      * llint/LLIntThunks.cpp:
      (JSC::LLInt::generateThunkWithJumpTo):
      (JSC::LLInt::functionForCallEntryThunkGenerator):
      (JSC::LLInt::functionForConstructEntryThunkGenerator):
      (JSC::LLInt::functionForCallArityCheckThunkGenerator):
      (JSC::LLInt::functionForConstructArityCheckThunkGenerator):
      (JSC::LLInt::evalEntryThunkGenerator):
      (JSC::LLInt::programEntryThunkGenerator):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      * yarr/YarrJIT.cpp:
      (JSC::Yarr::YarrGenerator::compile):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@120786 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2adf527e
  24. 12 Jun, 2012 1 commit
    • ggaren@apple.com's avatar
      GC should be 1.7X faster · 639160c2
      ggaren@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=88840
      
      Reviewed by Oliver Hunt.
      
      I profiled, and removed anything that showed up as a concurrency
      bottleneck. Then, I added 3 threads to our max thread count, since we
      can scale up to more threads now.
      
      * heap/BlockAllocator.cpp:
      (JSC::BlockAllocator::BlockAllocator):
      (JSC::BlockAllocator::~BlockAllocator):
      (JSC::BlockAllocator::releaseFreeBlocks):
      (JSC::BlockAllocator::waitForRelativeTimeWhileHoldingLock):
      (JSC::BlockAllocator::waitForRelativeTime):
      (JSC::BlockAllocator::blockFreeingThreadMain):
      * heap/BlockAllocator.h:
      (BlockAllocator):
      (JSC::BlockAllocator::allocate):
      (JSC::BlockAllocator::deallocate): Use a spin lock for the common case
      where we're just popping a linked list. (A pthread mutex would sleep our
      thread even if the lock were only contended for a microsecond.) 
      
      Scope the lock to avoid holding it while allocating VM, since that's a
      slow activity and it doesn't modify any of our data structures.
      
      We still use a pthread mutex to handle our condition variable since we
      have to, and it's not a hot path.
      
      * heap/CopiedSpace.cpp:
      (JSC::CopiedSpace::CopiedSpace):
      (JSC::CopiedSpace::doneFillingBlock):
      * heap/CopiedSpace.h:
      (JSC::CopiedSpace::CopiedSpace): Use a spin lock for the to space lock,
      since it just guards linked list and hash table manipulation.
      
      * heap/MarkStack.cpp:
      (JSC::MarkStackSegmentAllocator::MarkStackSegmentAllocator):
      (JSC::MarkStackSegmentAllocator::allocate):
      (JSC::MarkStackSegmentAllocator::release):
      (JSC::MarkStackSegmentAllocator::shrinkReserve): Use a spin lock, since
      we're just managing a linked list.
      
      (JSC::MarkStackArray::donateSomeCellsTo): Changed donation to be proportional
      to our current stack size. This fixes cases where we used to donate too
      much. Interestingly, donating too much was starving the donor (when it
      ran out of work later) *and* the recipient (since it had to wait on a
      long donation operation to complete before it could acquire the lock).
      
      In the worst case, we're still guaranteed to donate N cells in roughly log N time.
      
      This change also fixes cases where we used to donate too little, since
      we would always keep a fixed minimum number of cells. In the worst case,
      with N marking threads, would could have N large object graph roots in
      our stack for the duration of GC, and scale to only 1 thread.
      
      It's an interesting observation that a single object in the mark stack
      might represent an arbitrarily large object graph -- and only the act
      of marking can find out.
      
      (JSC::MarkStackArray::stealSomeCellsFrom): Steal in proportion to idle
      threads. Once again, this fixes cases where constants could cause us
      to steal too much or too little.
      
      (JSC::SlotVisitor::donateKnownParallel): Always wake up other threads
      if they're idle. We can afford to do this because we're conservative
      about when we donate.
      
      (JSC::SlotVisitor::drainFromShared):
      * heap/MarkStack.h:
      (MarkStackSegmentAllocator):
      (MarkStackArray):
      (JSC):
      * heap/SlotVisitor.h: Merged the "should I donate?" decision into a
      single function, for simplicity.
      
      * runtime/Options.cpp:
      (minimumNumberOfScansBetweenRebalance): Reduced the delay before donation
      a lot. We can afford to do this because, in the common case, donation is
      a single branch that decides not to donate. 
      
      (cpusToUse): Use more CPUs now, since we scale better now.
      
      * runtime/Options.h:
      (Options): Removed now-unused variables.
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@120149 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      639160c2
  25. 08 Apr, 2012 1 commit
    • fpizlo@apple.com's avatar
      Forced OSR exits should lead to recompilation based on count, not rate · 3cb7e2c7
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=83247
      <rdar://problem/10720925>
      
      Reviewed by Geoff Garen.
              
      Track which OSR exits happen because of inadequate coverage. Count them
      separately. If the count reaches a threshold, immediately trigger
      reoptimization.
              
      This is in contrast to the recompilation trigger for all other OSR exits.
      Normally recomp is triggered when the exit rate exceeds a certain ratio.
              
      Looks like a slight V8 speedup (sub 1%).
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::CodeBlock):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::forcedOSRExitCounter):
      (JSC::CodeBlock::addressOfForcedOSRExitCounter):
      (JSC::CodeBlock::offsetOfForcedOSRExitCounter):
      (JSC::CodeBlock::shouldReoptimizeNow):
      (JSC::CodeBlock::shouldReoptimizeFromLoopNow):
      (CodeBlock):
      * bytecode/DFGExitProfile.h:
      (JSC::DFG::exitKindToString):
      * dfg/DFGOSRExitCompiler.cpp:
      (JSC::DFG::OSRExitCompiler::handleExitCounts):
      (DFG):
      * dfg/DFGOSRExitCompiler.h:
      (OSRExitCompiler):
      * dfg/DFGOSRExitCompiler32_64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOSRExitCompiler64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOperations.cpp:
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::SpeculativeJIT::compileGetIndexedPropertyStorage):
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@113552 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      3cb7e2c7
  26. 08 Mar, 2012 1 commit
  27. 05 Mar, 2012 1 commit
    • fpizlo@apple.com's avatar
      The LLInt should work even when the JIT is disabled · e6e29a6f
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=80340
      <rdar://problem/10922235>
      
      Reviewed by Gavin Barraclough.
      
      * assembler/MacroAssemblerCodeRef.h:
      (JSC::MacroAssemblerCodePtr::createLLIntCodePtr):
      (MacroAssemblerCodeRef):
      (JSC::MacroAssemblerCodeRef::createLLIntCodeRef):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::initialize):
      (JSC::Interpreter::execute):
      (JSC::Interpreter::executeCall):
      (JSC::Interpreter::executeConstruct):
      * jit/JIT.h:
      (JSC::JIT::compileCTINativeCall):
      * jit/JITStubs.h:
      (JSC::JITThunks::ctiNativeCall):
      (JSC::JITThunks::ctiNativeConstruct):
      * llint/LLIntEntrypoints.cpp:
      (JSC::LLInt::getFunctionEntrypoint):
      (JSC::LLInt::getEvalEntrypoint):
      (JSC::LLInt::getProgramEntrypoint):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      (LLInt):
      * llint/LLIntSlowPaths.h:
      (LLInt):
      * llint/LowLevelInterpreter.h:
      * llint/LowLevelInterpreter32_64.asm:
      * runtime/Executable.h:
      (NativeExecutable):
      (JSC::NativeExecutable::create):
      (JSC::NativeExecutable::finishCreation):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSGlobalData):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::parse):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      * wtf/Platform.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109863 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      e6e29a6f
  28. 04 Mar, 2012 1 commit
    • fpizlo@apple.com's avatar
      JIT heuristics should be hyperbolic · 254d43bc
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=80055
      <rdar://problem/10922260>
      
      Source/JavaScriptCore: 
      
      Reviewed by Oliver Hunt.
              
      Added tracking of the amount of executable memory typically used for a bytecode
      instruction. Modified the execution counter scheme to use this, and the amount
      of free memory, to determine how long to wait before invoking the JIT.
              
      The result is that even if we bomb the VM with more code than can fit in our
      executable memory pool, we still keep running and almost never run out of
      executable memory - which ensures that if we have to JIT something critical, then
      we'll likely have enough memory to do so. This also does not regress performance
      on the three main benchmarks.
              
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::predictedMachineCodeSize):
      (JSC):
      (JSC::CodeBlock::usesOpcode):
      * bytecode/CodeBlock.h:
      (CodeBlock):
      (JSC::CodeBlock::checkIfJITThresholdReached):
      (JSC::CodeBlock::dontJITAnytimeSoon):
      (JSC::CodeBlock::jitAfterWarmUp):
      (JSC::CodeBlock::jitSoon):
      (JSC::CodeBlock::llintExecuteCounter):
      (JSC::CodeBlock::counterValueForOptimizeAfterWarmUp):
      (JSC::CodeBlock::counterValueForOptimizeAfterLongWarmUp):
      (JSC::CodeBlock::addressOfJITExecuteCounter):
      (JSC::CodeBlock::offsetOfJITExecuteCounter):
      (JSC::CodeBlock::offsetOfJITExecutionActiveThreshold):
      (JSC::CodeBlock::offsetOfJITExecutionTotalCount):
      (JSC::CodeBlock::jitExecuteCounter):
      (JSC::CodeBlock::checkIfOptimizationThresholdReached):
      (JSC::CodeBlock::optimizeNextInvocation):
      (JSC::CodeBlock::dontOptimizeAnytimeSoon):
      (JSC::CodeBlock::optimizeAfterWarmUp):
      (JSC::CodeBlock::optimizeAfterLongWarmUp):
      (JSC::CodeBlock::optimizeSoon):
      * bytecode/ExecutionCounter.cpp: Added.
      (JSC):
      (JSC::ExecutionCounter::ExecutionCounter):
      (JSC::ExecutionCounter::checkIfThresholdCrossedAndSet):
      (JSC::ExecutionCounter::setNewThreshold):
      (JSC::ExecutionCounter::deferIndefinitely):
      (JSC::ExecutionCounter::applyMemoryUsageHeuristics):
      (JSC::ExecutionCounter::applyMemoryUsageHeuristicsAndConvertToInt):
      (JSC::ExecutionCounter::hasCrossedThreshold):
      (JSC::ExecutionCounter::setThreshold):
      (JSC::ExecutionCounter::reset):
      * bytecode/ExecutionCounter.h: Added.
      (JSC):
      (ExecutionCounter):
      (JSC::ExecutionCounter::formattedTotalCount):
      * dfg/DFGOSRExitCompiler32_64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOSRExitCompiler64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * jit/ExecutableAllocator.cpp:
      (JSC::DemandExecutableAllocator::allocateNewSpace):
      (JSC::ExecutableAllocator::underMemoryPressure):
      (JSC):
      (JSC::ExecutableAllocator::memoryPressureMultiplier):
      * jit/ExecutableAllocator.h:
      * jit/ExecutableAllocatorFixedVMPool.cpp:
      (JSC::ExecutableAllocator::memoryPressureMultiplier):
      (JSC):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompile):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      * llint/LLIntSlowPaths.cpp:
      (JSC::LLInt::jitCompileAndSetHeuristics):
      * llint/LowLevelInterpreter32_64.asm:
      * runtime/JSGlobalData.h:
      (JSGlobalData):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      * wtf/SimpleStats.h: Added.
      (WTF):
      (SimpleStats):
      (WTF::SimpleStats::SimpleStats):
      (WTF::SimpleStats::add):
      (WTF::SimpleStats::operator!):
      (WTF::SimpleStats::count):
      (WTF::SimpleStats::sum):
      (WTF::SimpleStats::sumOfSquares):
      (WTF::SimpleStats::mean):
      (WTF::SimpleStats::variance):
      (WTF::SimpleStats::standardDeviation):
      
      Source/WebCore: 
      
      Reviewed by Oliver Hunt.
      
      No new tests, since there's no new functionality.
      
      * ForwardingHeaders/wtf/SimpleStats.h: Added.
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@109705 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      254d43bc
  29. 28 Feb, 2012 1 commit
  30. 21 Feb, 2012 2 commits
    • fpizlo@apple.com's avatar
      JSC should be a triple-tier VM · 7bbcaab7
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=75812
      <rdar://problem/10079694>
      
      Source/JavaScriptCore: 
      
      Reviewed by Gavin Barraclough.
              
      Implemented an interpreter that uses the JIT's calling convention. This
      interpreter is called LLInt, or the Low Level Interpreter. JSC will now
      will start by executing code in LLInt and will only tier up to the old
      JIT after the code is proven hot.
              
      LLInt is written in a modified form of our macro assembly. This new macro
      assembly is compiled by an offline assembler (see offlineasm), which
      implements many modern conveniences such as a Turing-complete CPS-based
      macro language and direct access to relevant C++ type information
      (basically offsets of fields and sizes of structs/classes).
              
      Code executing in LLInt appears to the rest of the JSC world "as if" it
      were executing in the old JIT. Hence, things like exception handling and
      cross-execution-engine calls just work and require pretty much no
      additional overhead.
              
      This interpreter is 2-2.5x faster than our old interpreter on SunSpider,
      V8, and Kraken. With triple-tiering turned on, we're neutral on SunSpider,
      V8, and Kraken, but appear to get a double-digit improvement on real-world
      websites due to a huge reduction in the amount of JIT'ing.
              
      * CMakeLists.txt:
      * GNUmakefile.am:
      * GNUmakefile.list.am:
      * JavaScriptCore.pri:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
      * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/LinkBuffer.h:
      * assembler/MacroAssemblerCodeRef.h:
      (MacroAssemblerCodePtr):
      (JSC::MacroAssemblerCodePtr::createFromExecutableAddress):
      * bytecode/BytecodeConventions.h: Added.
      * bytecode/CallLinkStatus.cpp:
      (JSC::CallLinkStatus::computeFromLLInt):
      (JSC):
      (JSC::CallLinkStatus::computeFor):
      * bytecode/CallLinkStatus.h:
      (JSC::CallLinkStatus::isSet):
      (JSC::CallLinkStatus::operator!):
      (CallLinkStatus):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::CodeBlock):
      (JSC::CodeBlock::~CodeBlock):
      (JSC::CodeBlock::finalizeUnconditionally):
      (JSC::CodeBlock::stronglyVisitStrongReferences):
      (JSC):
      (JSC::CodeBlock::unlinkCalls):
      (JSC::CodeBlock::unlinkIncomingCalls):
      (JSC::CodeBlock::bytecodeOffset):
      (JSC::ProgramCodeBlock::jettison):
      (JSC::EvalCodeBlock::jettison):
      (JSC::FunctionCodeBlock::jettison):
      (JSC::ProgramCodeBlock::jitCompileImpl):
      (JSC::EvalCodeBlock::jitCompileImpl):
      (JSC::FunctionCodeBlock::jitCompileImpl):
      * bytecode/CodeBlock.h:
      (JSC):
      (CodeBlock):
      (JSC::CodeBlock::baselineVersion):
      (JSC::CodeBlock::linkIncomingCall):
      (JSC::CodeBlock::bytecodeOffset):
      (JSC::CodeBlock::jitCompile):
      (JSC::CodeBlock::hasOptimizedReplacement):
      (JSC::CodeBlock::addPropertyAccessInstruction):
      (JSC::CodeBlock::addGlobalResolveInstruction):
      (JSC::CodeBlock::addLLIntCallLinkInfo):
      (JSC::CodeBlock::addGlobalResolveInfo):
      (JSC::CodeBlock::numberOfMethodCallLinkInfos):
      (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset):
      (JSC::CodeBlock::likelyToTakeSlowCase):
      (JSC::CodeBlock::couldTakeSlowCase):
      (JSC::CodeBlock::likelyToTakeSpecialFastCase):
      (JSC::CodeBlock::likelyToTakeDeepestSlowCase):
      (JSC::CodeBlock::likelyToTakeAnySlowCase):
      (JSC::CodeBlock::addFrequentExitSite):
      (JSC::CodeBlock::dontJITAnytimeSoon):
      (JSC::CodeBlock::jitAfterWarmUp):
      (JSC::CodeBlock::jitSoon):
      (JSC::CodeBlock::llintExecuteCounter):
      (ProgramCodeBlock):
      (EvalCodeBlock):
      (FunctionCodeBlock):
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeFromLLInt):
      (JSC):
      (JSC::GetByIdStatus::computeFor):
      * bytecode/GetByIdStatus.h:
      (JSC::GetByIdStatus::GetByIdStatus):
      (JSC::GetByIdStatus::wasSeenInJIT):
      (GetByIdStatus):
      * bytecode/Instruction.h:
      (JSC):
      (JSC::Instruction::Instruction):
      (Instruction):
      * bytecode/LLIntCallLinkInfo.h: Added.
      (JSC):
      (JSC::LLIntCallLinkInfo::LLIntCallLinkInfo):
      (LLIntCallLinkInfo):
      (JSC::LLIntCallLinkInfo::~LLIntCallLinkInfo):
      (JSC::LLIntCallLinkInfo::isLinked):
      (JSC::LLIntCallLinkInfo::unlink):
      * bytecode/MethodCallLinkStatus.cpp:
      (JSC::MethodCallLinkStatus::computeFor):
      * bytecode/Opcode.cpp:
      (JSC):
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName):
      * bytecode/PutByIdStatus.cpp:
      (JSC::PutByIdStatus::computeFromLLInt):
      (JSC):
      (JSC::PutByIdStatus::computeFor):
      * bytecode/PutByIdStatus.h:
      (PutByIdStatus):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitResolve):
      (JSC::BytecodeGenerator::emitResolveWithBase):
      (JSC::BytecodeGenerator::emitGetById):
      (JSC::BytecodeGenerator::emitPutById):
      (JSC::BytecodeGenerator::emitDirectPutById):
      (JSC::BytecodeGenerator::emitCall):
      (JSC::BytecodeGenerator::emitConstruct):
      (JSC::BytecodeGenerator::emitCatch):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
      (JSC::DFG::ByteCodeParser::handleInlining):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCapabilities.h:
      (JSC::DFG::canCompileOpcode):
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGOperations.cpp:
      * heap/Heap.h:
      (JSC):
      (JSC::Heap::firstAllocatorWithoutDestructors):
      (Heap):
      * heap/MarkStack.cpp:
      (JSC::visitChildren):
      * heap/MarkedAllocator.h:
      (JSC):
      (MarkedAllocator):
      * heap/MarkedSpace.h:
      (JSC):
      (MarkedSpace):
      (JSC::MarkedSpace::firstAllocator):
      * interpreter/CallFrame.cpp:
      (JSC):
      (JSC::CallFrame::bytecodeOffsetForNonDFGCode):
      (JSC::CallFrame::setBytecodeOffsetForNonDFGCode):
      (JSC::CallFrame::currentVPC):
      (JSC::CallFrame::setCurrentVPC):
      (JSC::CallFrame::trueCallerFrame):
      * interpreter/CallFrame.h:
      (JSC::ExecState::hasReturnPC):
      (JSC::ExecState::clearReturnPC):
      (ExecState):
      (JSC::ExecState::bytecodeOffsetForNonDFGCode):
      (JSC::ExecState::currentVPC):
      (JSC::ExecState::setCurrentVPC):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::Interpreter):
      (JSC::Interpreter::~Interpreter):
      (JSC):
      (JSC::Interpreter::initialize):
      (JSC::Interpreter::isOpcode):
      (JSC::Interpreter::unwindCallFrame):
      (JSC::getCallerInfo):
      (JSC::Interpreter::privateExecute):
      (JSC::Interpreter::retrieveLastCaller):
      * interpreter/Interpreter.h:
      (JSC):
      (Interpreter):
      (JSC::Interpreter::getOpcode):
      (JSC::Interpreter::getOpcodeID):
      (JSC::Interpreter::classicEnabled):
      * interpreter/RegisterFile.h:
      (JSC):
      (RegisterFile):
      * jit/ExecutableAllocator.h:
      (JSC):
      * jit/HostCallReturnValue.cpp: Added.
      (JSC):
      (JSC::getHostCallReturnValueWithExecState):
      * jit/HostCallReturnValue.h: Added.
      (JSC):
      (JSC::initializeHostCallReturnValue):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      (JSC::JIT::privateCompile):
      * jit/JITCode.h:
      (JSC::JITCode::isOptimizingJIT):
      (JITCode):
      (JSC::JITCode::isBaselineCode):
      (JSC::JITCode::JITCode):
      * jit/JITDriver.h:
      (JSC::jitCompileIfAppropriate):
      (JSC::jitCompileFunctionIfAppropriate):
      * jit/JITExceptions.cpp:
      (JSC::jitThrow):
      * jit/JITInlineMethods.h:
      (JSC::JIT::updateTopCallFrame):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC):
      * jit/JITStubs.h:
      (JSC):
      * jit/JSInterfaceJIT.h:
      * llint: Added.
      * llint/LLIntCommon.h: Added.
      * llint/LLIntData.cpp: Added.
      (LLInt):
      (JSC::LLInt::Data::Data):
      (JSC::LLInt::Data::performAssertions):
      (JSC::LLInt::Data::~Data):
      * llint/LLIntData.h: Added.
      (JSC):
      (LLInt):
      (Data):
      (JSC::LLInt::Data::exceptionInstructions):
      (JSC::LLInt::Data::opcodeMap):
      (JSC::LLInt::Data::performAssertions):
      * llint/LLIntEntrypoints.cpp: Added.
      (LLInt):
      (JSC::LLInt::getFunctionEntrypoint):
      (JSC::LLInt::getEvalEntrypoint):
      (JSC::LLInt::getProgramEntrypoint):
      * llint/LLIntEntrypoints.h: Added.
      (JSC):
      (LLInt):
      (JSC::LLInt::getEntrypoint):
      * llint/LLIntExceptions.cpp: Added.
      (LLInt):
      (JSC::LLInt::interpreterThrowInCaller):
      (JSC::LLInt::returnToThrowForThrownException):
      (JSC::LLInt::returnToThrow):
      (JSC::LLInt::callToThrow):
      * llint/LLIntExceptions.h: Added.
      (JSC):
      (LLInt):
      * llint/LLIntOfflineAsmConfig.h: Added.
      * llint/LLIntOffsetsExtractor.cpp: Added.
      (JSC):
      (LLIntOffsetsExtractor):
      (JSC::LLIntOffsetsExtractor::dummy):
      (main):
      * llint/LLIntSlowPaths.cpp: Added.
      (LLInt):
      (JSC::LLInt::llint_trace_operand):
      (JSC::LLInt::llint_trace_value):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      (JSC::LLInt::traceFunctionPrologue):
      (JSC::LLInt::shouldJIT):
      (JSC::LLInt::entryOSR):
      (JSC::LLInt::resolveGlobal):
      (JSC::LLInt::getByVal):
      (JSC::LLInt::handleHostCall):
      (JSC::LLInt::setUpCall):
      (JSC::LLInt::genericCall):
      * llint/LLIntSlowPaths.h: Added.
      (JSC):
      (LLInt):
      * llint/LLIntThunks.cpp: Added.
      (LLInt):
      (JSC::LLInt::generateThunkWithJumpTo):
      (JSC::LLInt::functionForCallEntryThunkGenerator):
      (JSC::LLInt::functionForConstructEntryThunkGenerator):
      (JSC::LLInt::functionForCallArityCheckThunkGenerator):
      (JSC::LLInt::functionForConstructArityCheckThunkGenerator):
      (JSC::LLInt::evalEntryThunkGenerator):
      (JSC::LLInt::programEntryThunkGenerator):
      * llint/LLIntThunks.h: Added.
      (JSC):
      (LLInt):
      * llint/LowLevelInterpreter.asm: Added.
      * llint/LowLevelInterpreter.cpp: Added.
      * llint/LowLevelInterpreter.h: Added.
      * offlineasm: Added.
      * offlineasm/armv7.rb: Added.
      * offlineasm/asm.rb: Added.
      * offlineasm/ast.rb: Added.
      * offlineasm/backends.rb: Added.
      * offlineasm/generate_offset_extractor.rb: Added.
      * offlineasm/instructions.rb: Added.
      * offlineasm/offset_extractor_constants.rb: Added.
      * offlineasm/offsets.rb: Added.
      * offlineasm/opt.rb: Added.
      * offlineasm/parser.rb: Added.
      * offlineasm/registers.rb: Added.
      * offlineasm/self_hash.rb: Added.
      * offlineasm/settings.rb: Added.
      * offlineasm/transform.rb: Added.
      * offlineasm/x86.rb: Added.
      * runtime/CodeSpecializationKind.h: Added.
      (JSC):
      * runtime/CommonSlowPaths.h:
      (JSC::CommonSlowPaths::arityCheckFor):
      (CommonSlowPaths):
      * runtime/Executable.cpp:
      (JSC::jettisonCodeBlock):
      (JSC):
      (JSC::EvalExecutable::jitCompile):
      (JSC::samplingDescription):
      (JSC::EvalExecutable::compileInternal):
      (JSC::ProgramExecutable::jitCompile):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::FunctionExecutable::baselineCodeBlockFor):
      (JSC::FunctionExecutable::jitCompileForCall):
      (JSC::FunctionExecutable::jitCompileForConstruct):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::compileForConstructInternal):
      * runtime/Executable.h:
      (JSC):
      (EvalExecutable):
      (ProgramExecutable):
      (FunctionExecutable):
      (JSC::FunctionExecutable::jitCompileFor):
      * runtime/ExecutionHarness.h: Added.
      (JSC):
      (JSC::prepareForExecution):
      (JSC::prepareFunctionForExecution):
      * runtime/JSArray.h:
      (JSC):
      (JSArray):
      * runtime/JSCell.h:
      (JSC):
      (JSCell):
      * runtime/JSFunction.h:
      (JSC):
      (JSFunction):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSC):
      (JSGlobalData):
      * runtime/JSGlobalObject.h:
      (JSC):
      (JSGlobalObject):
      * runtime/JSObject.h:
      (JSC):
      (JSObject):
      (JSFinalObject):
      * runtime/JSPropertyNameIterator.h:
      (JSC):
      (JSPropertyNameIterator):
      * runtime/JSString.h:
      (JSC):
      (JSString):
      * runtime/JSTypeInfo.h:
      (JSC):
      (TypeInfo):
      * runtime/JSValue.cpp:
      (JSC::JSValue::description):
      * runtime/JSValue.h:
      (LLInt):
      (JSValue):
      * runtime/JSVariableObject.h:
      (JSC):
      (JSVariableObject):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      * runtime/ScopeChain.h:
      (JSC):
      (ScopeChainNode):
      * runtime/Structure.cpp:
      (JSC::Structure::addPropertyTransition):
      * runtime/Structure.h:
      (JSC):
      (Structure):
      * runtime/StructureChain.h:
      (JSC):
      (StructureChain):
      * wtf/InlineASM.h:
      * wtf/Platform.h:
      * wtf/SentinelLinkedList.h:
      (SentinelLinkedList):
      (WTF::SentinelLinkedList::isEmpty):
      * wtf/text/StringImpl.h:
      (JSC):
      (StringImpl):
      
      Source/WebCore: 
      
      Reviewed by Gavin Barraclough.
              
      No new tests, because there is no change in behavior.
      
      * CMakeLists.txt:
      
      Source/WebKit: 
      
      Reviewed by Gavin Barraclough.
      
      Changed EFL's build system to include a new directory in JavaScriptCore.
              
      * CMakeLists.txt:
      
      Tools: 
      
      Reviewed by Gavin Barraclough.
      
      Changed EFL's build system to include a new directory in JavaScriptCore.
      
      * DumpRenderTree/efl/CMakeLists.txt:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@108444 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      7bbcaab7
    • aroben@apple.com's avatar
      Roll out r108309, r108323, and r108326 · e089d623
      aroben@apple.com authored
      They broke the 32-bit Lion build.
      
      Original bugs is <http://webkit.org/b/75812> <rdar://problem/10079694>.
      
      Source/JavaScriptCore:
      
      * CMakeLists.txt:
      * GNUmakefile.am:
      * GNUmakefile.list.am:
      * JavaScriptCore.pri:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
      * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/LinkBuffer.h:
      * assembler/MacroAssemblerCodeRef.h:
      * bytecode/BytecodeConventions.h: Removed.
      * bytecode/CallLinkStatus.cpp:
      * bytecode/CallLinkStatus.h:
      * bytecode/CodeBlock.cpp:
      * bytecode/CodeBlock.h:
      * bytecode/GetByIdStatus.cpp:
      * bytecode/GetByIdStatus.h:
      * bytecode/Instruction.h:
      * bytecode/LLIntCallLinkInfo.h: Removed.
      * bytecode/MethodCallLinkStatus.cpp:
      * bytecode/Opcode.cpp:
      * bytecode/Opcode.h:
      * bytecode/PutByIdStatus.cpp:
      * bytecode/PutByIdStatus.h:
      * bytecompiler/BytecodeGenerator.cpp:
      * dfg/DFGByteCodeParser.cpp:
      * dfg/DFGCapabilities.h:
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGOperations.cpp:
      * heap/Heap.h:
      * heap/MarkStack.cpp:
      * heap/MarkedAllocator.h:
      * heap/MarkedSpace.h:
      * interpreter/CallFrame.cpp:
      * interpreter/CallFrame.h:
      * interpreter/Interpreter.cpp:
      * interpreter/Interpreter.h:
      * interpreter/RegisterFile.h:
      * jit/ExecutableAllocator.h:
      * jit/HostCallReturnValue.cpp: Removed.
      * jit/HostCallReturnValue.h: Removed.
      * jit/JIT.cpp:
      * jit/JITCode.h:
      * jit/JITDriver.h:
      * jit/JITExceptions.cpp:
      * jit/JITInlineMethods.h:
      * jit/JITStubs.cpp:
      * jit/JITStubs.h:
      * jit/JSInterfaceJIT.h:
      * llint/LLIntCommon.h: Removed.
      * llint/LLIntData.cpp: Removed.
      * llint/LLIntData.h: Removed.
      * llint/LLIntEntrypoints.cpp: Removed.
      * llint/LLIntEntrypoints.h: Removed.
      * llint/LLIntExceptions.cpp: Removed.
      * llint/LLIntExceptions.h: Removed.
      * llint/LLIntOfflineAsmConfig.h: Removed.
      * llint/LLIntOffsetsExtractor.cpp: Removed.
      * llint/LLIntSlowPaths.cpp: Removed.
      * llint/LLIntSlowPaths.h: Removed.
      * llint/LLIntThunks.cpp: Removed.
      * llint/LLIntThunks.h: Removed.
      * llint/LowLevelInterpreter.asm: Removed.
      * llint/LowLevelInterpreter.cpp: Removed.
      * llint/LowLevelInterpreter.h: Removed.
      * offlineasm/armv7.rb: Removed.
      * offlineasm/asm.rb: Removed.
      * offlineasm/ast.rb: Removed.
      * offlineasm/backends.rb: Removed.
      * offlineasm/generate_offset_extractor.rb: Removed.
      * offlineasm/instructions.rb: Removed.
      * offlineasm/offset_extractor_constants.rb: Removed.
      * offlineasm/offsets.rb: Removed.
      * offlineasm/opt.rb: Removed.
      * offlineasm/parser.rb: Removed.
      * offlineasm/registers.rb: Removed.
      * offlineasm/self_hash.rb: Removed.
      * offlineasm/settings.rb: Removed.
      * offlineasm/transform.rb: Removed.
      * offlineasm/x86.rb: Removed.
      * runtime/CodeSpecializationKind.h: Removed.
      * runtime/CommonSlowPaths.h:
      * runtime/Executable.cpp:
      * runtime/Executable.h:
      * runtime/ExecutionHarness.h: Removed.
      * runtime/JSArray.h:
      * runtime/JSCell.h:
      * runtime/JSFunction.h:
      * runtime/JSGlobalData.cpp:
      * runtime/JSGlobalData.h:
      * runtime/JSGlobalObject.h:
      * runtime/JSObject.h:
      * runtime/JSPropertyNameIterator.h:
      * runtime/JSString.h:
      * runtime/JSTypeInfo.h:
      * runtime/JSValue.cpp:
      * runtime/JSValue.h:
      * runtime/JSVariableObject.h:
      * runtime/Options.cpp:
      * runtime/Options.h:
      * runtime/ScopeChain.h:
      * runtime/Structure.cpp:
      * runtime/Structure.h:
      * runtime/StructureChain.h:
      * wtf/InlineASM.h:
      * wtf/Platform.h:
      * wtf/SentinelLinkedList.h:
      * wtf/text/StringImpl.h:
      
      Source/WebCore:
      
      * CMakeLists.txt:
      
      Source/WebKit:
      
      * CMakeLists.txt:
      
      Tools:
      
      * DumpRenderTree/efl/CMakeLists.txt:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@108358 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      e089d623
  31. 20 Feb, 2012 1 commit
    • fpizlo@apple.com's avatar
      JSC should be a triple-tier VM · 091129f4
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=75812
      <rdar://problem/10079694>
      
      Source/JavaScriptCore: 
      
      Reviewed by Gavin Barraclough.
              
      Implemented an interpreter that uses the JIT's calling convention. This
      interpreter is called LLInt, or the Low Level Interpreter. JSC will now
      will start by executing code in LLInt and will only tier up to the old
      JIT after the code is proven hot.
              
      LLInt is written in a modified form of our macro assembly. This new macro
      assembly is compiled by an offline assembler (see offlineasm), which
      implements many modern conveniences such as a Turing-complete CPS-based
      macro language and direct access to relevant C++ type information
      (basically offsets of fields and sizes of structs/classes).
              
      Code executing in LLInt appears to the rest of the JSC world "as if" it
      were executing in the old JIT. Hence, things like exception handling and
      cross-execution-engine calls just work and require pretty much no
      additional overhead.
              
      This interpreter is 2-2.5x faster than our old interpreter on SunSpider,
      V8, and Kraken. With triple-tiering turned on, we're neutral on SunSpider,
      V8, and Kraken, but appear to get a double-digit improvement on real-world
      websites due to a huge reduction in the amount of JIT'ing.
              
      * CMakeLists.txt:
      * GNUmakefile.am:
      * GNUmakefile.list.am:
      * JavaScriptCore.pri:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
      * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * assembler/LinkBuffer.h:
      * assembler/MacroAssemblerCodeRef.h:
      (MacroAssemblerCodePtr):
      (JSC::MacroAssemblerCodePtr::createFromExecutableAddress):
      * bytecode/BytecodeConventions.h: Added.
      * bytecode/CallLinkStatus.cpp:
      (JSC::CallLinkStatus::computeFromLLInt):
      (JSC):
      (JSC::CallLinkStatus::computeFor):
      * bytecode/CallLinkStatus.h:
      (JSC::CallLinkStatus::isSet):
      (JSC::CallLinkStatus::operator!):
      (CallLinkStatus):
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::dump):
      (JSC::CodeBlock::CodeBlock):
      (JSC::CodeBlock::~CodeBlock):
      (JSC::CodeBlock::finalizeUnconditionally):
      (JSC::CodeBlock::stronglyVisitStrongReferences):
      (JSC):
      (JSC::CodeBlock::unlinkCalls):
      (JSC::CodeBlock::unlinkIncomingCalls):
      (JSC::CodeBlock::bytecodeOffset):
      (JSC::ProgramCodeBlock::jettison):
      (JSC::EvalCodeBlock::jettison):
      (JSC::FunctionCodeBlock::jettison):
      (JSC::ProgramCodeBlock::jitCompileImpl):
      (JSC::EvalCodeBlock::jitCompileImpl):
      (JSC::FunctionCodeBlock::jitCompileImpl):
      * bytecode/CodeBlock.h:
      (JSC):
      (CodeBlock):
      (JSC::CodeBlock::baselineVersion):
      (JSC::CodeBlock::linkIncomingCall):
      (JSC::CodeBlock::bytecodeOffset):
      (JSC::CodeBlock::jitCompile):
      (JSC::CodeBlock::hasOptimizedReplacement):
      (JSC::CodeBlock::addPropertyAccessInstruction):
      (JSC::CodeBlock::addGlobalResolveInstruction):
      (JSC::CodeBlock::addLLIntCallLinkInfo):
      (JSC::CodeBlock::addGlobalResolveInfo):
      (JSC::CodeBlock::numberOfMethodCallLinkInfos):
      (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset):
      (JSC::CodeBlock::likelyToTakeSlowCase):
      (JSC::CodeBlock::couldTakeSlowCase):
      (JSC::CodeBlock::likelyToTakeSpecialFastCase):
      (JSC::CodeBlock::likelyToTakeDeepestSlowCase):
      (JSC::CodeBlock::likelyToTakeAnySlowCase):
      (JSC::CodeBlock::addFrequentExitSite):
      (JSC::CodeBlock::dontJITAnytimeSoon):
      (JSC::CodeBlock::jitAfterWarmUp):
      (JSC::CodeBlock::jitSoon):
      (JSC::CodeBlock::llintExecuteCounter):
      (ProgramCodeBlock):
      (EvalCodeBlock):
      (FunctionCodeBlock):
      * bytecode/GetByIdStatus.cpp:
      (JSC::GetByIdStatus::computeFromLLInt):
      (JSC):
      (JSC::GetByIdStatus::computeFor):
      * bytecode/GetByIdStatus.h:
      (JSC::GetByIdStatus::GetByIdStatus):
      (JSC::GetByIdStatus::wasSeenInJIT):
      (GetByIdStatus):
      * bytecode/Instruction.h:
      (JSC):
      (JSC::Instruction::Instruction):
      (Instruction):
      * bytecode/LLIntCallLinkInfo.h: Added.
      (JSC):
      (JSC::LLIntCallLinkInfo::LLIntCallLinkInfo):
      (LLIntCallLinkInfo):
      (JSC::LLIntCallLinkInfo::~LLIntCallLinkInfo):
      (JSC::LLIntCallLinkInfo::isLinked):
      (JSC::LLIntCallLinkInfo::unlink):
      * bytecode/MethodCallLinkStatus.cpp:
      (JSC::MethodCallLinkStatus::computeFor):
      * bytecode/Opcode.cpp:
      (JSC):
      * bytecode/Opcode.h:
      (JSC):
      (JSC::padOpcodeName):
      * bytecode/PutByIdStatus.cpp:
      (JSC::PutByIdStatus::computeFromLLInt):
      (JSC):
      (JSC::PutByIdStatus::computeFor):
      * bytecode/PutByIdStatus.h:
      (PutByIdStatus):
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitResolve):
      (JSC::BytecodeGenerator::emitResolveWithBase):
      (JSC::BytecodeGenerator::emitGetById):
      (JSC::BytecodeGenerator::emitPutById):
      (JSC::BytecodeGenerator::emitDirectPutById):
      (JSC::BytecodeGenerator::emitCall):
      (JSC::BytecodeGenerator::emitConstruct):
      (JSC::BytecodeGenerator::emitCatch):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
      (JSC::DFG::ByteCodeParser::handleInlining):
      (JSC::DFG::ByteCodeParser::parseBlock):
      * dfg/DFGCapabilities.h:
      (JSC::DFG::canCompileOpcode):
      * dfg/DFGOSRExitCompiler.cpp:
      * dfg/DFGOperations.cpp:
      * heap/Heap.h:
      (JSC):
      (JSC::Heap::firstAllocatorWithoutDestructors):
      (Heap):
      * heap/MarkStack.cpp:
      (JSC::visitChildren):
      * heap/MarkedAllocator.h:
      (JSC):
      (MarkedAllocator):
      * heap/MarkedSpace.h:
      (JSC):
      (MarkedSpace):
      (JSC::MarkedSpace::firstAllocator):
      * interpreter/CallFrame.cpp:
      (JSC):
      (JSC::CallFrame::bytecodeOffsetForNonDFGCode):
      (JSC::CallFrame::setBytecodeOffsetForNonDFGCode):
      (JSC::CallFrame::currentVPC):
      (JSC::CallFrame::setCurrentVPC):
      (JSC::CallFrame::trueCallerFrame):
      * interpreter/CallFrame.h:
      (JSC::ExecState::hasReturnPC):
      (JSC::ExecState::clearReturnPC):
      (ExecState):
      (JSC::ExecState::bytecodeOffsetForNonDFGCode):
      (JSC::ExecState::currentVPC):
      (JSC::ExecState::setCurrentVPC):
      * interpreter/Interpreter.cpp:
      (JSC::Interpreter::Interpreter):
      (JSC::Interpreter::~Interpreter):
      (JSC):
      (JSC::Interpreter::initialize):
      (JSC::Interpreter::isOpcode):
      (JSC::Interpreter::unwindCallFrame):
      (JSC::getCallerInfo):
      (JSC::Interpreter::privateExecute):
      (JSC::Interpreter::retrieveLastCaller):
      * interpreter/Interpreter.h:
      (JSC):
      (Interpreter):
      (JSC::Interpreter::getOpcode):
      (JSC::Interpreter::getOpcodeID):
      (JSC::Interpreter::classicEnabled):
      * interpreter/RegisterFile.h:
      (JSC):
      (RegisterFile):
      * jit/ExecutableAllocator.h:
      (JSC):
      * jit/HostCallReturnValue.cpp: Added.
      (JSC):
      (JSC::getHostCallReturnValueWithExecState):
      * jit/HostCallReturnValue.h: Added.
      (JSC):
      (JSC::initializeHostCallReturnValue):
      * jit/JIT.cpp:
      (JSC::JIT::privateCompileMainPass):
      (JSC::JIT::privateCompileSlowCases):
      (JSC::JIT::privateCompile):
      * jit/JITCode.h:
      (JSC::JITCode::isOptimizingJIT):
      (JITCode):
      (JSC::JITCode::isBaselineCode):
      (JSC::JITCode::JITCode):
      * jit/JITDriver.h:
      (JSC::jitCompileIfAppropriate):
      (JSC::jitCompileFunctionIfAppropriate):
      * jit/JITExceptions.cpp:
      (JSC::jitThrow):
      * jit/JITInlineMethods.h:
      (JSC::JIT::updateTopCallFrame):
      * jit/JITStubs.cpp:
      (JSC::DEFINE_STUB_FUNCTION):
      (JSC):
      * jit/JITStubs.h:
      (JSC):
      * jit/JSInterfaceJIT.h:
      * llint: Added.
      * llint/LLIntCommon.h: Added.
      * llint/LLIntData.cpp: Added.
      (LLInt):
      (JSC::LLInt::Data::Data):
      (JSC::LLInt::Data::performAssertions):
      (JSC::LLInt::Data::~Data):
      * llint/LLIntData.h: Added.
      (JSC):
      (LLInt):
      (Data):
      (JSC::LLInt::Data::exceptionInstructions):
      (JSC::LLInt::Data::opcodeMap):
      (JSC::LLInt::Data::performAssertions):
      * llint/LLIntEntrypoints.cpp: Added.
      (LLInt):
      (JSC::LLInt::getFunctionEntrypoint):
      (JSC::LLInt::getEvalEntrypoint):
      (JSC::LLInt::getProgramEntrypoint):
      * llint/LLIntEntrypoints.h: Added.
      (JSC):
      (LLInt):
      (JSC::LLInt::getEntrypoint):
      * llint/LLIntExceptions.cpp: Added.
      (LLInt):
      (JSC::LLInt::interpreterThrowInCaller):
      (JSC::LLInt::returnToThrowForThrownException):
      (JSC::LLInt::returnToThrow):
      (JSC::LLInt::callToThrow):
      * llint/LLIntExceptions.h: Added.
      (JSC):
      (LLInt):
      * llint/LLIntOfflineAsmConfig.h: Added.
      * llint/LLIntOffsetsExtractor.cpp: Added.
      (JSC):
      (LLIntOffsetsExtractor):
      (JSC::LLIntOffsetsExtractor::dummy):
      (main):
      * llint/LLIntSlowPaths.cpp: Added.
      (LLInt):
      (JSC::LLInt::llint_trace_operand):
      (JSC::LLInt::llint_trace_value):
      (JSC::LLInt::LLINT_SLOW_PATH_DECL):
      (JSC::LLInt::traceFunctionPrologue):
      (JSC::LLInt::shouldJIT):
      (JSC::LLInt::entryOSR):
      (JSC::LLInt::resolveGlobal):
      (JSC::LLInt::getByVal):
      (JSC::LLInt::handleHostCall):
      (JSC::LLInt::setUpCall):
      (JSC::LLInt::genericCall):
      * llint/LLIntSlowPaths.h: Added.
      (JSC):
      (LLInt):
      * llint/LLIntThunks.cpp: Added.
      (LLInt):
      (JSC::LLInt::generateThunkWithJumpTo):
      (JSC::LLInt::functionForCallEntryThunkGenerator):
      (JSC::LLInt::functionForConstructEntryThunkGenerator):
      (JSC::LLInt::functionForCallArityCheckThunkGenerator):
      (JSC::LLInt::functionForConstructArityCheckThunkGenerator):
      (JSC::LLInt::evalEntryThunkGenerator):
      (JSC::LLInt::programEntryThunkGenerator):
      * llint/LLIntThunks.h: Added.
      (JSC):
      (LLInt):
      * llint/LowLevelInterpreter.asm: Added.
      * llint/LowLevelInterpreter.cpp: Added.
      * llint/LowLevelInterpreter.h: Added.
      * offlineasm: Added.
      * offlineasm/armv7.rb: Added.
      * offlineasm/asm.rb: Added.
      * offlineasm/ast.rb: Added.
      * offlineasm/backends.rb: Added.
      * offlineasm/generate_offset_extractor.rb: Added.
      * offlineasm/instructions.rb: Added.
      * offlineasm/offset_extractor_constants.rb: Added.
      * offlineasm/offsets.rb: Added.
      * offlineasm/opt.rb: Added.
      * offlineasm/parser.rb: Added.
      * offlineasm/registers.rb: Added.
      * offlineasm/self_hash.rb: Added.
      * offlineasm/settings.rb: Added.
      * offlineasm/transform.rb: Added.
      * offlineasm/x86.rb: Added.
      * runtime/CodeSpecializationKind.h: Added.
      (JSC):
      * runtime/CommonSlowPaths.h:
      (JSC::CommonSlowPaths::arityCheckFor):
      (CommonSlowPaths):
      * runtime/Executable.cpp:
      (JSC::jettisonCodeBlock):
      (JSC):
      (JSC::EvalExecutable::jitCompile):
      (JSC::samplingDescription):
      (JSC::EvalExecutable::compileInternal):
      (JSC::ProgramExecutable::jitCompile):
      (JSC::ProgramExecutable::compileInternal):
      (JSC::FunctionExecutable::baselineCodeBlockFor):
      (JSC::FunctionExecutable::jitCompileForCall):
      (JSC::FunctionExecutable::jitCompileForConstruct):
      (JSC::FunctionExecutable::compileForCallInternal):
      (JSC::FunctionExecutable::compileForConstructInternal):
      * runtime/Executable.h:
      (JSC):
      (EvalExecutable):
      (ProgramExecutable):
      (FunctionExecutable):
      (JSC::FunctionExecutable::jitCompileFor):
      * runtime/ExecutionHarness.h: Added.
      (JSC):
      (JSC::prepareForExecution):
      (JSC::prepareFunctionForExecution):
      * runtime/JSArray.h:
      (JSC):
      (JSArray):
      * runtime/JSCell.h:
      (JSC):
      (JSCell):
      * runtime/JSFunction.h:
      (JSC):
      (JSFunction):
      * runtime/JSGlobalData.cpp:
      (JSC::JSGlobalData::JSGlobalData):
      * runtime/JSGlobalData.h:
      (JSC):
      (JSGlobalData):
      * runtime/JSGlobalObject.h:
      (JSC):
      (JSGlobalObject):
      * runtime/JSObject.h:
      (JSC):
      (JSObject):
      (JSFinalObject):
      * runtime/JSPropertyNameIterator.h:
      (JSC):
      (JSPropertyNameIterator):
      * runtime/JSString.h:
      (JSC):
      (JSString):
      * runtime/JSTypeInfo.h:
      (JSC):
      (TypeInfo):
      * runtime/JSValue.cpp:
      (JSC::JSValue::description):
      * runtime/JSValue.h:
      (LLInt):
      (JSValue):
      * runtime/JSVariableObject.h:
      (JSC):
      (JSVariableObject):
      * runtime/Options.cpp:
      (Options):
      (JSC::Options::initializeOptions):
      * runtime/Options.h:
      (Options):
      * runtime/ScopeChain.h:
      (JSC):
      (ScopeChainNode):
      * runtime/Structure.cpp:
      (JSC::Structure::addPropertyTransition):
      * runtime/Structure.h:
      (JSC):
      (Structure):
      * runtime/StructureChain.h:
      (JSC):
      (StructureChain):
      * wtf/InlineASM.h:
      * wtf/Platform.h:
      * wtf/SentinelLinkedList.h:
      (SentinelLinkedList):
      (WTF::SentinelLinkedList::isEmpty):
      * wtf/text/StringImpl.h:
      (JSC):
      (StringImpl):
      
      Source/WebCore: 
      
      Reviewed by Gavin Barraclough.
              
      No new tests, because there is no change in behavior.
      
      * CMakeLists.txt:
      
      Source/WebKit: 
      
      Reviewed by Gavin Barraclough.
      
      Changed EFL's build system to include a new directory in JavaScriptCore.
              
      * CMakeLists.txt:
      
      Tools: 
      
      Reviewed by Gavin Barraclough.
      
      Changed EFL's build system to include a new directory in JavaScriptCore.
      
      * DumpRenderTree/efl/CMakeLists.txt:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@108309 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      091129f4
  32. 20 Jan, 2012 1 commit
    • fpizlo@apple.com's avatar
      Bytecode instructions that may have value profiling should have a direct inline · afcf9040
      fpizlo@apple.com authored
      link to the ValueProfile instance
      https://bugs.webkit.org/show_bug.cgi?id=76682
      <rdar://problem/10727689>
      
      Reviewed by Sam Weinig.
              
      Each opcode that gets value profiled now has a link to its ValueProfile. This
      required rationalizing the emission of value profiles for opcode combos, like
      op_method_check/op_get_by_id and op_call/op_call_put_result. It only makes
      sense for one of them to have a value profile link, and it makes most sense
      for it to be the one that actually sets the result. The previous behavior was
      to have op_method_check profile for op_get_by_id when they were used together,
      but otherwise for op_get_by_id to have its own profiles. op_call already did
      the right thing; all profiling was done by op_call_put_result.
              
      But rationalizing this code required breaking some of the natural boundaries
      that the code had; for instance the code in DFG that emits a GetById in place
      of both op_method_check and op_get_by_id must now know that it's the latter of
      those that has the value profile, while the first of those constitutes the OSR
      target. Hence each CodeOrigin must now have two bytecode indices - one for
      OSR exit and one for profiling.
              
      Finally this change required some refiddling of our optimization heuristics,
      because now all code blocks have "more instructions" due to the value profile
      slots.
      
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::printGetByIdOp):
      (JSC::CodeBlock::dump):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::valueProfileForBytecodeOffset):
      * bytecode/CodeOrigin.h:
      (JSC::CodeOrigin::CodeOrigin):
      (JSC::CodeOrigin::bytecodeIndexForValueProfile):
      * bytecode/Instruction.h:
      (JSC::Instruction::Instruction):
      * bytecode/Opcode.h:
      * bytecompiler/BytecodeGenerator.cpp:
      (JSC::BytecodeGenerator::emitProfiledOpcode):
      (JSC::BytecodeGenerator::emitResolve):
      (JSC::BytecodeGenerator::emitGetScopedVar):
      (JSC::BytecodeGenerator::emitResolveBase):
      (JSC::BytecodeGenerator::emitResolveBaseForPut):
      (JSC::BytecodeGenerator::emitResolveWithBase):
      (JSC::BytecodeGenerator::emitResolveWithThis):
      (JSC::BytecodeGenerator::emitGetById):
      (JSC::BytecodeGenerator::emitGetByVal):
      (JSC::BytecodeGenerator::emitCall):
      (JSC::BytecodeGenerator::emitCallVarargs):
      (JSC::BytecodeGenerator::emitConstruct):
      * bytecompiler/BytecodeGenerator.h:
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::ByteCodeParser):
      (JSC::DFG::ByteCodeParser::currentCodeOrigin):
      (JSC::DFG::ByteCodeParser::addCall):
      (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
      (JSC::DFG::ByteCodeParser::getPrediction):
      (JSC::DFG::ByteCodeParser::handleCall):
      (JSC::DFG::ByteCodeParser::handleInlining):
      (JSC::DFG::ByteCodeParser::parseBlock):
      (JSC::DFG::ByteCodeParser::parse):
      * dfg/DFGGraph.h:
      (JSC::DFG::Graph::valueProfileFor):
      * jit/JIT.h:
      (JSC::JIT::emitValueProfilingSite):
      * jit/JITCall.cpp:
      (JSC::JIT::emit_op_call_put_result):
      * jit/JITCall32_64.cpp:
      (JSC::JIT::emit_op_call_put_result):
      * jit/JITInlineMethods.h:
      (JSC::JIT::emitValueProfilingSite):
      * jit/JITOpcodes.cpp:
      (JSC::JIT::emit_op_resolve):
      (JSC::JIT::emit_op_resolve_base):
      (JSC::JIT::emit_op_resolve_skip):
      (JSC::JIT::emit_op_resolve_global):
      (JSC::JIT::emitSlow_op_resolve_global):
      (JSC::JIT::emit_op_resolve_with_base):
      (JSC::JIT::emit_op_resolve_with_this):
      (JSC::JIT::emitSlow_op_resolve_global_dynamic):
      * jit/JITOpcodes32_64.cpp:
      (JSC::JIT::emit_op_resolve):
      (JSC::JIT::emit_op_resolve_base):
      (JSC::JIT::emit_op_resolve_skip):
      (JSC::JIT::emit_op_resolve_global):
      (JSC::JIT::emitSlow_op_resolve_global):
      (JSC::JIT::emit_op_resolve_with_base):
      (JSC::JIT::emit_op_resolve_with_this):
      * jit/JITPropertyAccess.cpp:
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emitSlow_op_get_by_val):
      (JSC::JIT::emit_op_method_check):
      (JSC::JIT::emitSlow_op_method_check):
      (JSC::JIT::emit_op_get_by_id):
      (JSC::JIT::emitSlow_op_get_by_id):
      (JSC::JIT::emit_op_get_scoped_var):
      (JSC::JIT::emit_op_get_global_var):
      * jit/JITPropertyAccess32_64.cpp:
      (JSC::JIT::emit_op_method_check):
      (JSC::JIT::emitSlow_op_method_check):
      (JSC::JIT::emit_op_get_by_val):
      (JSC::JIT::emitSlow_op_get_by_val):
      (JSC::JIT::emit_op_get_by_id):
      (JSC::JIT::emitSlow_op_get_by_id):
      (JSC::JIT::emit_op_get_scoped_var):
      (JSC::JIT::emit_op_get_global_var):
      * jit/JITStubCall.h:
      (JSC::JITStubCall::callWithValueProfiling):
      * runtime/Options.cpp:
      (JSC::Options::initializeOptions):
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@105533 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      afcf9040
  33. 18 Jan, 2012 1 commit
    • commit-queue@webkit.org's avatar
      Cross-platform processor core counter · 2d69c951
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=76530
      
      Patch by Roland Takacs <takacs.roland@stud.u-szeged.hu> on 2012-01-18
      Reviewed by Zoltan Herczeg.
      
      Source/JavaScriptCore:
      
      Two files have been created that include the processor core counter function.
      It used to be in ParallelJobsGeneric.h/cpp before.
      
      * GNUmakefile.list.am:
      * JavaScriptCore.gypi:
      * JavaScriptCore.vcproj/WTF/WTF.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * runtime/Options.cpp:
      (JSC::Options::initializeOptions):
      * wtf/CMakeLists.txt:
      * wtf/NumberOfCores.cpp: Added.
      (WTF::numberOfProcessorCores):
      * wtf/NumberOfCores.h: Added.
      * wtf/ParallelJobsGeneric.cpp:
      (WTF::ParallelEnvironment::ParallelEnvironment):
      * wtf/ParallelJobsGeneric.h:
      
      Source/WTF:
      
      Two files have been added to the project, namely NumberOfCores.h/cpp,
      that include a CPU core number determining function.
      
      * WTF.pro:
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@105270 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      2d69c951
  34. 19 Dec, 2011 1 commit
  35. 15 Dec, 2011 2 commits
    • commit-queue@webkit.org's avatar
      Use more macrology in JSC::Options · 76219ca3
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=72938
      
      Patch by Andy Wingo <wingo@igalia.com> on 2011-12-15
      Reviewed by Filip Pizlo.
      
      * runtime/Options.cpp:
      (JSC::Options::initializeOptions):
      * runtime/Options.h: Use macros to ensure that all heuristics are
      declared and have initializers.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@102978 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      76219ca3
    • commit-queue@webkit.org's avatar
      Rename JSC::Heuristics to JSC::Options · a2e15981
      commit-queue@webkit.org authored
      https://bugs.webkit.org/show_bug.cgi?id=72889
      
      Patch by Andy Wingo <wingo@igalia.com> on 2011-12-15
      Reviewed by Filip Pizlo.
      
      * runtime/Options.cpp: Renamed from Source/JavaScriptCore/runtime/Heuristics.cpp.
      * runtime/Options.h: Renamed from Source/JavaScriptCore/runtime/Heuristics.h.
      
      * CMakeLists.txt:
      * GNUmakefile.list.am:
      * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
      * JavaScriptCore.xcodeproj/project.pbxproj:
      * Target.pri:
      * bytecode/CodeBlock.cpp:
      (JSC::CodeBlock::shouldOptimizeNow):
      * bytecode/CodeBlock.h:
      (JSC::CodeBlock::likelyToTakeSlowCase):
      (JSC::CodeBlock::couldTakeSlowCase):
      (JSC::CodeBlock::likelyToTakeSpecialFastCase):
      (JSC::CodeBlock::likelyToTakeDeepestSlowCase):
      (JSC::CodeBlock::likelyToTakeAnySlowCase):
      (JSC::CodeBlock::reoptimizationRetryCounter):
      (JSC::CodeBlock::countReoptimization):
      (JSC::CodeBlock::counterValueForOptimizeAfterWarmUp):
      (JSC::CodeBlock::counterValueForOptimizeAfterLongWarmUp):
      (JSC::CodeBlock::optimizeNextInvocation):
      (JSC::CodeBlock::dontOptimizeAnytimeSoon):
      (JSC::CodeBlock::optimizeSoon):
      (JSC::CodeBlock::largeFailCountThreshold):
      (JSC::CodeBlock::largeFailCountThresholdForLoop):
      (JSC::CodeBlock::shouldReoptimizeNow):
      (JSC::CodeBlock::shouldReoptimizeFromLoopNow):
      * dfg/DFGByteCodeParser.cpp:
      (JSC::DFG::ByteCodeParser::handleInlining):
      * dfg/DFGCapabilities.h:
      (JSC::DFG::mightCompileEval):
      (JSC::DFG::mightCompileProgram):
      (JSC::DFG::mightCompileFunctionForCall):
      (JSC::DFG::mightCompileFunctionForConstruct):
      (JSC::DFG::mightInlineFunctionForCall):
      (JSC::DFG::mightInlineFunctionForConstruct):
      * dfg/DFGOSRExit.cpp:
      (JSC::DFG::OSRExit::considerAddingAsFrequentExitSiteSlow):
      * dfg/DFGOSRExitCompiler32_64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGOSRExitCompiler64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGVariableAccessData.h:
      (JSC::DFG::VariableAccessData::shouldUseDoubleFormatAccordingToVote):
      * heap/MarkStack.cpp:
      (JSC::MarkStackSegmentAllocator::allocate):
      (JSC::MarkStackSegmentAllocator::shrinkReserve):
      (JSC::MarkStackArray::MarkStackArray):
      (JSC::MarkStackArray::donateSomeCellsTo):
      (JSC::MarkStackArray::stealSomeCellsFrom):
      (JSC::MarkStackThreadSharedData::MarkStackThreadSharedData):
      (JSC::SlotVisitor::donateSlow):
      (JSC::SlotVisitor::drain):
      (JSC::SlotVisitor::drainFromShared):
      * heap/MarkStack.h:
      (JSC::MarkStack::mergeOpaqueRootsIfProfitable):
      (JSC::MarkStack::addOpaqueRoot):
      (JSC::MarkStackArray::canDonateSomeCells):
      * heap/SlotVisitor.h:
      (JSC::SlotVisitor::donate):
      * jit/JIT.cpp:
      (JSC::JIT::emitOptimizationCheck):
      * runtime/InitializeThreading.cpp:
      (JSC::initializeThreadingOnce): Adapt callers and build systems.
      
      * testRegExp.cpp:
      (CommandLine::CommandLine):
      * jsc.cpp:
      (CommandLine::CommandLine):
      Rename from Options, to avoid name conflict.
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@102917 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      a2e15981
  36. 14 Dec, 2011 1 commit
    • fpizlo@apple.com's avatar
      DFG should infer when local variables are doubles · 10f22fc0
      fpizlo@apple.com authored
      https://bugs.webkit.org/show_bug.cgi?id=74480
      
      Reviewed by Oliver Hunt.
              
      Introduced the notion that a local variable (though not an argument, yet!) can
      be stored as a double, and will be guaranteed to always contain a double. This
      requires more magic in the OSR (conversion in both entry and exit). The inference
      is quite unorthodox: all uses of a variable vote on whether they think it should
      be a double or a JSValue, based on how they use it. If they use it in an integer
      or boxed value context, they vote JSValue. If they use it in a double context,
      they vote double. This voting is interleaved in the propagator's fixpoint, so
      that variables voted double then have a double prediction propagated from them.
      This interleaving is needed because a variable that actually always contains an
      integer that always gets used in arithmetic that involves doubles may end up
      being voted double, which then means that all uses of the variable will see a
      double rather than an integer.
              
      This is worth 18% to SunSpider/3d-cube, 7% to Kraken/audio-beat-detection, 7%
      to Kraken/audio-fft, 6% to Kraken/imaging-darkroom, 20% to
      Kraken/imaging-gaussian-blur, and just over 1% to Kraken/json-parse-financial.
      It results in a 1% speed-up on SunSpider and a 4% speed-up in Kraken.  Similar
      results on JSVALUE32_64, though with a bigger win on Kraken (5%) and no overall
      win on SunSpider.
      
      * bytecode/ValueRecovery.h:
      (JSC::ValueRecovery::alreadyInRegisterFileAsUnboxedDouble):
      (JSC::ValueRecovery::dump):
      * dfg/DFGAbstractState.cpp:
      (JSC::DFG::AbstractState::execute):
      * dfg/DFGAssemblyHelpers.h:
      (JSC::DFG::AssemblyHelpers::boxDouble):
      * dfg/DFGGraph.cpp:
      (JSC::DFG::Graph::dump):
      * dfg/DFGJITCompiler.h:
      (JSC::DFG::JITCompiler::noticeOSREntry):
      * dfg/DFGOSREntry.cpp:
      (JSC::DFG::prepareOSREntry):
      * dfg/DFGOSREntry.h:
      * dfg/DFGOSRExitCompiler64.cpp:
      (JSC::DFG::OSRExitCompiler::compileExit):
      * dfg/DFGPropagator.cpp:
      (JSC::DFG::Propagator::vote):
      (JSC::DFG::Propagator::doRoundOfDoubleVoting):
      (JSC::DFG::Propagator::propagatePredictions):
      (JSC::DFG::Propagator::fixupNode):
      * dfg/DFGSpeculativeJIT.cpp:
      (JSC::DFG::ValueSource::dump):
      (JSC::DFG::SpeculativeJIT::compile):
      (JSC::DFG::SpeculativeJIT::computeValueRecoveryFor):
      * dfg/DFGSpeculativeJIT.h:
      * dfg/DFGSpeculativeJIT32_64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGSpeculativeJIT64.cpp:
      (JSC::DFG::SpeculativeJIT::compile):
      * dfg/DFGVariableAccessData.h:
      (JSC::DFG::VariableAccessData::VariableAccessData):
      (JSC::DFG::VariableAccessData::clearVotes):
      (JSC::DFG::VariableAccessData::vote):
      (JSC::DFG::VariableAccessData::doubleVoteRatio):
      (JSC::DFG::VariableAccessData::shouldUseDoubleFormatAccordingToVote):
      (JSC::DFG::VariableAccessData::shouldUseDoubleFormat):
      (JSC::DFG::VariableAccessData::tallyVotesForShouldUseDoubleFormat):
      * runtime/Arguments.cpp:
      (JSC::Arguments::tearOff):
      * runtime/Heuristics.cpp:
      (JSC::Heuristics::initializeHeuristics):
      * runtime/Heuristics.h:
      
      
      
      git-svn-id: http://svn.webkit.org/repository/webkit/trunk@102743 268f45cc-cd09-0410-ab3c-d52691b4dbfc
      10f22fc0