[webkit-changes] [WebKit/WebKit] e67257: [JSC] Start using limited variant of Handler IC

Thu, 02 May 2024 15:22:47 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: e67257693a4fbe3e00594b4bad6daaa83f29d2db
      
https://github.com/WebKit/WebKit/commit/e67257693a4fbe3e00594b4bad6daaa83f29d2db
  Author: Yusuke Suzuki <ysuz...@apple.com>
  Date:   2024-05-02 (Thu, 02 May 2024)

  Changed paths:
    M Source/JavaScriptCore/bytecode/AccessCase.cpp
    M Source/JavaScriptCore/bytecode/AccessCase.h
    M Source/JavaScriptCore/bytecode/GetByStatus.cpp
    M Source/JavaScriptCore/bytecode/GetterSetterAccessCase.cpp
    M Source/JavaScriptCore/bytecode/GetterSetterAccessCase.h
    M Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp
    M Source/JavaScriptCore/bytecode/PutByStatus.cpp
    M Source/JavaScriptCore/jit/GCAwareJITStubRoutine.h
    M Source/JavaScriptCore/runtime/StructureID.h

  Log Message:
  -----------
  [JSC] Start using limited variant of Handler IC
https://bugs.webkit.org/show_bug.cgi?id=273604
rdar://127402051

Reviewed by Keith Miller.

This patch enables limited variant of Handler IC. The limitation means,

1. Only enabled for Baseline JIT.
2. Getter and Setter are not supported yet.
3. We are caching entire code as an one handler. This is not the final form we 
would like to have.
   Next step is splitting them into one per AccessCase and chain them.
4. After (3) gets done, we would like to put more data into InlineCacheHandler 
itself so that code
   can be more and more sharable.

But even with this limited form, we are already observing good cache hit rate. 
So we take an approach starting with this,
and further extending Handler IC based on the above milestones.

We enable Handler IC, which is only enabled for Baseline JIT right now.
The IC is hash-consed via SharedJITStubSet. And InlineCacheCompiler first 
search for an already compiled stub, if it finds it,
we register watchpoint to this stub and use it without new compilation. If it 
is not found, we compile a new stub and register it to this table if possible.
When nobody uses this stub, then refCount becomes zero, and it automatically 
unregister itself from the table.
Each StructureStubInfo site's access cases is always subsumes stub's access 
cases. So GC will check validity via this StructureStubInfo's access cases, and
drop stub when it is no longer valid (as the same to the current IC).

* Source/JavaScriptCore/bytecode/AccessCase.cpp:
(JSC::AccessCase::canBeShared):
* Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp:
(JSC::InlineCacheCompiler::regenerate):
(JSC::InlineCacheHandler::visitWeak const):
(JSC::isMegamorphicById): Deleted.
* Source/JavaScriptCore/jit/GCAwareJITStubRoutine.cpp:
(JSC::PolymorphicAccessJITStubRoutine::addedToSharedJITStubSet):
* Source/JavaScriptCore/jit/GCAwareJITStubRoutine.h:
(JSC::PolymorphicAccessJITStubRoutine::isStillValid const):
* Source/JavaScriptCore/runtime/StructureID.h:

Canonical link: https://commits.webkit.org/278288@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to