Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (165202 => 165203)
--- trunk/Source/_javascript_Core/ChangeLog 2014-03-06 20:00:17 UTC (rev 165202)
+++ trunk/Source/_javascript_Core/ChangeLog 2014-03-06 20:00:52 UTC (rev 165203)
@@ -1,3 +1,27 @@
+2014-03-06 Mark Hahnenberg <[email protected]>
+
+ Fix write barriers in Repatch.cpp for !ENABLE(DFG_JIT) platforms after r165128
+ https://bugs.webkit.org/show_bug.cgi?id=129760
+
+ Reviewed by Geoffrey Garen.
+
+ r165128 disabled the write barrier fast path for inline caches on !ENABLE(DFG_JIT) platforms.
+ The fix is to refactor the write barrier code into AssemblyHelpers and use that everywhere.
+
+ * dfg/DFGSpeculativeJIT.cpp:
+ (JSC::DFG::SpeculativeJIT::writeBarrier):
+ * dfg/DFGSpeculativeJIT.h:
+ * dfg/DFGSpeculativeJIT32_64.cpp:
+ (JSC::DFG::SpeculativeJIT::writeBarrier):
+ * dfg/DFGSpeculativeJIT64.cpp:
+ (JSC::DFG::SpeculativeJIT::writeBarrier):
+ * jit/AssemblyHelpers.h:
+ (JSC::AssemblyHelpers::checkMarkByte):
+ * jit/JIT.h:
+ * jit/JITPropertyAccess.cpp:
+ * jit/Repatch.cpp:
+ (JSC::writeBarrier):
+
2014-03-06 Joseph Pecoraro <[email protected]>
Web Inspector: Expose the console object in JSContexts to interact with Web Inspector
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp (165202 => 165203)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp 2014-03-06 20:00:17 UTC (rev 165202)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp 2014-03-06 20:00:52 UTC (rev 165203)
@@ -5469,17 +5469,6 @@
noResult(node);
}
-JITCompiler::Jump SpeculativeJIT::checkMarkByte(CCallHelpers& jit, GPRReg owner)
-{
- return jit.branchTest8(MacroAssembler::NonZero, MacroAssembler::Address(owner, JSCell::gcDataOffset()));
-}
-
-JITCompiler::Jump SpeculativeJIT::checkMarkByte(CCallHelpers& jit, JSCell* owner)
-{
- uint8_t* address = reinterpret_cast<uint8_t*>(owner) + JSCell::gcDataOffset();
- return jit.branchTest8(MacroAssembler::NonZero, MacroAssembler::AbsoluteAddress(address));
-}
-
void SpeculativeJIT::storeToWriteBarrierBuffer(GPRReg cell, GPRReg scratch1, GPRReg scratch2)
{
ASSERT(scratch1 != scratch2);
@@ -5536,14 +5525,14 @@
if (Heap::isMarked(value))
return;
- JITCompiler::Jump ownerNotMarkedOrAlreadyRemembered = checkMarkByte(m_jit, ownerGPR);
+ JITCompiler::Jump ownerNotMarkedOrAlreadyRemembered = m_jit.checkMarkByte(ownerGPR);
storeToWriteBarrierBuffer(ownerGPR, scratch1, scratch2);
ownerNotMarkedOrAlreadyRemembered.link(&m_jit);
}
void SpeculativeJIT::writeBarrier(GPRReg ownerGPR, GPRReg scratch1, GPRReg scratch2)
{
- JITCompiler::Jump ownerNotMarkedOrAlreadyRemembered = checkMarkByte(m_jit, ownerGPR);
+ JITCompiler::Jump ownerNotMarkedOrAlreadyRemembered = m_jit.checkMarkByte(ownerGPR);
storeToWriteBarrierBuffer(ownerGPR, scratch1, scratch2);
ownerNotMarkedOrAlreadyRemembered.link(&m_jit);
}
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.h (165202 => 165203)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.h 2014-03-06 20:00:17 UTC (rev 165202)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.h 2014-03-06 20:00:52 UTC (rev 165203)
@@ -296,8 +296,6 @@
void storeToWriteBarrierBuffer(GPRReg cell, GPRReg scratch1, GPRReg scratch2);
void storeToWriteBarrierBuffer(JSCell*, GPRReg scratch1, GPRReg scratch2);
- static JITCompiler::Jump checkMarkByte(CCallHelpers& jit, GPRReg owner);
- static JITCompiler::Jump checkMarkByte(CCallHelpers& jit, JSCell* owner);
void writeBarrier(GPRReg owner, GPRReg scratch1, GPRReg scratch2);
void writeBarrier(GPRReg owner, JSCell* value, GPRReg scratch1, GPRReg scratch2);
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp (165202 => 165203)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp 2014-03-06 20:00:17 UTC (rev 165202)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp 2014-03-06 20:00:52 UTC (rev 165203)
@@ -4709,7 +4709,7 @@
if (!isKnownCell(valueUse.node()))
isNotCell = m_jit.branch32(JITCompiler::NotEqual, valueTagGPR, JITCompiler::TrustedImm32(JSValue::CellTag));
- JITCompiler::Jump ownerNotMarkedOrAlreadyRemembered = checkMarkByte(m_jit, ownerGPR);
+ JITCompiler::Jump ownerNotMarkedOrAlreadyRemembered = m_jit.checkMarkByte(ownerGPR);
storeToWriteBarrierBuffer(ownerGPR, scratch1, scratch2);
ownerNotMarkedOrAlreadyRemembered.link(&m_jit);
@@ -4723,7 +4723,7 @@
if (!isKnownCell(valueUse.node()))
isNotCell = m_jit.branch32(JITCompiler::NotEqual, valueTagGPR, JITCompiler::TrustedImm32(JSValue::CellTag));
- JITCompiler::Jump ownerNotMarkedOrAlreadyRemembered = checkMarkByte(m_jit, owner);
+ JITCompiler::Jump ownerNotMarkedOrAlreadyRemembered = m_jit.checkMarkByte(owner);
storeToWriteBarrierBuffer(owner, scratch1, scratch2);
ownerNotMarkedOrAlreadyRemembered.link(&m_jit);
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp (165202 => 165203)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp 2014-03-06 20:00:17 UTC (rev 165202)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp 2014-03-06 20:00:52 UTC (rev 165203)
@@ -5042,7 +5042,7 @@
if (!isKnownCell(valueUse.node()))
isNotCell = m_jit.branchTest64(JITCompiler::NonZero, valueGPR, GPRInfo::tagMaskRegister);
- JITCompiler::Jump ownerNotMarkedOrAlreadyRemembered = checkMarkByte(m_jit, ownerGPR);
+ JITCompiler::Jump ownerNotMarkedOrAlreadyRemembered = m_jit.checkMarkByte(ownerGPR);
storeToWriteBarrierBuffer(ownerGPR, scratch1, scratch2);
ownerNotMarkedOrAlreadyRemembered.link(&m_jit);
@@ -5056,7 +5056,7 @@
if (!isKnownCell(valueUse.node()))
isNotCell = m_jit.branchTest64(JITCompiler::NonZero, valueGPR, GPRInfo::tagMaskRegister);
- JITCompiler::Jump ownerNotMarkedOrAlreadyRemembered = checkMarkByte(m_jit, owner);
+ JITCompiler::Jump ownerNotMarkedOrAlreadyRemembered = m_jit.checkMarkByte(owner);
storeToWriteBarrierBuffer(owner, scratch1, scratch2);
ownerNotMarkedOrAlreadyRemembered.link(&m_jit);
Modified: trunk/Source/_javascript_Core/jit/AssemblyHelpers.h (165202 => 165203)
--- trunk/Source/_javascript_Core/jit/AssemblyHelpers.h 2014-03-06 20:00:17 UTC (rev 165202)
+++ trunk/Source/_javascript_Core/jit/AssemblyHelpers.h 2014-03-06 20:00:52 UTC (rev 165203)
@@ -387,11 +387,6 @@
void jitAssertArgumentCountSane() { }
#endif
- Jump checkMarkByte(GPRReg owner)
- {
- return branchTest8(NonZero, Address(owner, JSCell::gcDataOffset()));
- }
-
// These methods convert between doubles, and doubles boxed and JSValues.
#if USE(JSVALUE64)
GPRReg boxDouble(FPRReg fpr, GPRReg gpr)
@@ -620,21 +615,17 @@
#endif
}
- void writeBarrier(GPRReg owner, GPRReg scratch1, GPRReg scratch2, WriteBarrierUseKind useKind)
+ Jump checkMarkByte(GPRReg cell)
{
- UNUSED_PARAM(owner);
- UNUSED_PARAM(scratch1);
- UNUSED_PARAM(scratch2);
- UNUSED_PARAM(useKind);
- ASSERT(owner != scratch1);
- ASSERT(owner != scratch2);
- ASSERT(scratch1 != scratch2);
-
-#if ENABLE(WRITE_BARRIER_PROFILING)
- emitCount(WriteBarrierCounters::jitCounterFor(useKind));
-#endif
+ return branchTest8(MacroAssembler::NonZero, MacroAssembler::Address(cell, JSCell::gcDataOffset()));
}
+ Jump checkMarkByte(JSCell* cell)
+ {
+ uint8_t* address = reinterpret_cast<uint8_t*>(cell) + JSCell::gcDataOffset();
+ return branchTest8(MacroAssembler::NonZero, MacroAssembler::AbsoluteAddress(address));
+ }
+
Vector<BytecodeAndMachineOffset>& decodedCodeMapFor(CodeBlock*);
protected:
Modified: trunk/Source/_javascript_Core/jit/JIT.h (165202 => 165203)
--- trunk/Source/_javascript_Core/jit/JIT.h 2014-03-06 20:00:17 UTC (rev 165202)
+++ trunk/Source/_javascript_Core/jit/JIT.h 2014-03-06 20:00:52 UTC (rev 165203)
@@ -314,8 +314,6 @@
enum WriteBarrierMode { UnconditionalWriteBarrier, ShouldFilterValue, ShouldFilterBaseAndValue };
// value register in write barrier is used before any scratch registers
// so may safely be the same as either of the scratch registers.
- Jump checkMarkByte(RegisterID owner);
- Jump checkMarkByte(JSCell* owner);
void emitWriteBarrier(unsigned owner, unsigned value, WriteBarrierMode);
void emitWriteBarrier(JSCell* owner, unsigned value, WriteBarrierMode);
void emitWriteBarrier(JSCell* owner);
Modified: trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp (165202 => 165203)
--- trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp 2014-03-06 20:00:17 UTC (rev 165202)
+++ trunk/Source/_javascript_Core/jit/JITPropertyAccess.cpp 2014-03-06 20:00:52 UTC (rev 165203)
@@ -879,17 +879,6 @@
#endif // USE(JSVALUE64)
-JIT::Jump JIT::checkMarkByte(RegisterID owner)
-{
- return branchTest8(NonZero, Address(owner, JSCell::gcDataOffset()));
-}
-
-JIT::Jump JIT::checkMarkByte(JSCell* owner)
-{
- uint8_t* address = reinterpret_cast<uint8_t*>(owner) + JSCell::gcDataOffset();
- return branchTest8(NonZero, AbsoluteAddress(address));
-}
-
#if USE(JSVALUE64)
void JIT::emitWriteBarrier(unsigned owner, unsigned value, WriteBarrierMode mode)
{
Modified: trunk/Source/_javascript_Core/jit/Repatch.cpp (165202 => 165203)
--- trunk/Source/_javascript_Core/jit/Repatch.cpp 2014-03-06 20:00:17 UTC (rev 165202)
+++ trunk/Source/_javascript_Core/jit/Repatch.cpp 2014-03-06 20:00:52 UTC (rev 165203)
@@ -824,13 +824,10 @@
ASSERT(owner != scratch1);
ASSERT(owner != scratch2);
-#if ENABLE(DFG_JIT)
- MacroAssembler::Jump ownerNotMarkedOrAlreadyRemembered = DFG::SpeculativeJIT::checkMarkByte(jit, owner);
-#endif
+ MacroAssembler::Jump ownerNotMarkedOrAlreadyRemembered = jit.checkMarkByte(owner);
MacroAssembler::Call call = storeToWriteBarrierBuffer(jit, owner, scratch1, scratch2, allocator);
-#if ENABLE(DFG_JIT)
ownerNotMarkedOrAlreadyRemembered.link(&jit);
-#endif
+
return call;
}
#endif // ENABLE(GGC)
