searching for reviewer(jandem)
36a46f04eb6a21cd1beb71dbd11b5af87db4853c: Bug 1803539 - [loong64][mips64] Include the missing headers for simulator. r=jandem
Zhao Jiazhong <zhaojiazhong-hf@loongson.cn> - Wed, 07 Dec 2022 16:57:49 +0000 - rev 644995
Push 40462 by smolnar@mozilla.com at Thu, 08 Dec 2022 03:58:54 +0000
Bug 1803539 - [loong64][mips64] Include the missing headers for simulator. r=jandem Differential Revision: https://phabricator.services.mozilla.com/D163582
2eaa5f68489f5eb68249ca0099a5d2a257fc4409: Bug 1803278 - Add a document describing the why/how of bytecode addition r=jandem
Matthew Gaudet <mgaudet@mozilla.com> - Thu, 01 Dec 2022 23:50:59 +0000 - rev 644448
Push 40447 by ncsoregi@mozilla.com at Fri, 02 Dec 2022 09:34:01 +0000
Bug 1803278 - Add a document describing the why/how of bytecode addition r=jandem Differential Revision: https://phabricator.services.mozilla.com/D163414
0300ac357f25f204605fbeb122ad81dbe5b9abec: Bug 1801866: Inline String.fromCharCode when called with double inputs. r=jandem
André Bargull <andre.bargull@gmail.com> - Thu, 01 Dec 2022 14:33:25 +0000 - rev 644323
Push 40447 by ncsoregi@mozilla.com at Fri, 02 Dec 2022 09:34:01 +0000
Bug 1801866: Inline String.fromCharCode when called with double inputs. r=jandem SunSpider's base64 calls `String.fromCharCode` with double inputs: ```js String.fromCharCode( (25 * Math.random()) + 97 ) ``` Supporting this case saves 7'860'000 calls to `String.fromCharCode` in JetStream's version of base64. Differential Revision: https://phabricator.services.mozilla.com/D162728
7ce9396e4dadf3eeda874162e8aa89481151c19e: Bug 1801865: Supports out-of-bounds access for String.prototype.char{,Code}At. r=jandem
André Bargull <andre.bargull@gmail.com> - Thu, 01 Dec 2022 14:33:24 +0000 - rev 644322
Push 40447 by ncsoregi@mozilla.com at Fri, 02 Dec 2022 09:34:01 +0000
Bug 1801865: Supports out-of-bounds access for String.prototype.char{,Code}At. r=jandem After the patch for bug 1669942 there are still some non-inlined calls to `String.prototype.charAt` and `String.prototype.charCodeAt` in WBT benchmarks: acorn-wtb String.prototype.charCodeAt 1'150'000 jshint-wtb String.prototype.charAt 2'450'000 String.prototype.charCodeAt 200'000 uglify-js-wtb String.prototype.charAt 450'000 - "acorn-wtb" calls `String.prototype.charCodeAt` with an index above the string length. - "jshint-wtb" calls both `String.prototype.charCodeAt` and `String.prototype.charAt` with an index larger than the string length. - "uglify-js-wtb" calls `String.prototype.charAt` with a too large index and also negative values. CacheIR compilation can be easily modified to support out-of-bounds cases. But use separate MIR nodes for Warp transpilation: - `MCharCodeAt` is typed to return an Int32, whereas out-of-bounds accesses can return either an Int32 or NaN. - The `LoadStringCharResult` CacheIR op is transpiled using `MCharCodeAt` and `MFromCharCode`. But for out-of-bounds accesses we have to return the empty string. We can't easily modify the existing transpilation approach to return an empty string, so instead add a separate `MCharAtMaybeOutOfBounds` instruction. Differential Revision: https://phabricator.services.mozilla.com/D162727
6810bbf2119c18d7b43481b81c5d4968ee6fc8d7: Bug 1669942: Add CacheIR op to linearise strings for char-accesses. r=jandem
André Bargull <andre.bargull@gmail.com> - Thu, 01 Dec 2022 14:33:24 +0000 - rev 644321
Push 40447 by ncsoregi@mozilla.com at Fri, 02 Dec 2022 09:34:01 +0000
Bug 1669942: Add CacheIR op to linearise strings for char-accesses. r=jandem We can't inline `String.prototype.charAt` and `String.prototype.charCodeAt` in a couple of JetStream tests because the input is a nested rope. Before this change, we can observe the following number of non-inlined calls to these functions: crypto String.prototype.charCodeAt 360'000 pdfjs String.prototype.charCodeAt 21'910'000 typescript String.prototype.charCodeAt 17'840'000 base64-SP String.prototype.charCodeAt 39'300'000 crypto-md5-SP String.prototype.charCodeAt 41'750'000 crypto-sha1-SP String.prototype.charCodeAt 30'180'000 acorn-wtb String.prototype.charCodeAt 3'370'000 jshint-wtb String.prototype.charAt 2'450'000 String.prototype.charCodeAt 200'000 uglify-js-wtb String.prototype.charAt 450'000 After this change, only the WBT sub-benchmarks still have non-inlined calls: acorn-wtb String.prototype.charCodeAt 1'150'000 jshint-wtb String.prototype.charAt 2'450'000 String.prototype.charCodeAt 200'000 uglify-js-wtb String.prototype.charAt 450'000 Differential Revision: https://phabricator.services.mozilla.com/D162726
a73ec0084058e5bc5face3c5dc76ad9beaf09608: Bug 1801864: Avoid unnecessary failure paths in DoubleNegationResult and DoubleIncDecResult. r=jandem
André Bargull <andre.bargull@gmail.com> - Thu, 01 Dec 2022 14:33:23 +0000 - rev 644320
Push 40447 by ncsoregi@mozilla.com at Fri, 02 Dec 2022 09:34:01 +0000
Bug 1801864: Avoid unnecessary failure paths in DoubleNegationResult and DoubleIncDecResult. r=jandem Differential Revision: https://phabricator.services.mozilla.com/D162725
03fce75ab7a1d52831de5d8e02cce96b9e544cb4: Bug 1802100: Add FrameIter::inPrologue r=jandem
Iain Ireland <iireland@mozilla.com> - Wed, 30 Nov 2022 16:41:42 +0000 - rev 644172
Push 40446 by nfay@mozilla.com at Thu, 01 Dec 2022 16:18:29 +0000
Bug 1802100: Add FrameIter::inPrologue r=jandem Differential Revision: https://phabricator.services.mozilla.com/D163409
e07a198cd001f83b82e56cfdc352090c2325fd4a: Bug 1797486: Align visitOutOfLineStoreElementHole with CacheIR implementation r=jandem,nbp
Iain Ireland <iireland@mozilla.com> - Wed, 30 Nov 2022 07:26:17 +0000 - rev 644109
Push 40444 by smolnar@mozilla.com at Wed, 30 Nov 2022 16:11:53 +0000
Bug 1797486: Align visitOutOfLineStoreElementHole with CacheIR implementation r=jandem,nbp The existing implementation of StoreElementHole could handle indices > length, but we never actually used that path, because the corresponding code in `CacheIRCompiler::emitStoreDenseElementHole` only handles the index == initLength case (where we are adding one past the end). By aligning the Ion code more closely with the CacheIr implementation, we can remove some complexity. In particular, bailing out when index != length handles negative indices for free, which lets us remove the `needsNegativeIntCheck` code. Differential Revision: https://phabricator.services.mozilla.com/D163280
8ccf33e282b4632bcba7d9912e1db8ab1ac72ce7: Bug 1219128 - Initialize Object and Function constructors when creating globals. r=jandem
Nicolas B. Pierron <nicolas.b.pierron@nbp.name> - Tue, 29 Nov 2022 18:30:30 +0000 - rev 644034
Push 40442 by imoraru@mozilla.com at Wed, 30 Nov 2022 04:53:12 +0000
Bug 1219128 - Initialize Object and Function constructors when creating globals. r=jandem Object and Function prototype initialization is stateful, and mutate the global as it is initializing the content of the Global. Attempts at making this process transactional was not successful. Thus, `JSProto_Object` and `JSProto_Function` are now initialized as part of the Global creation. Failures to initialize the global might lead to have a Realm with a partially initialized global. Such realm appears to have a valid global using `hasLiveGlobal()`. When catching failures, such global might still be used despite being partially initialized. A new field `initializingGlobal_` is added to `Realm` to track whether the global is live or not. Failures to comply with this requirement would cause the garbage collector to reclaim the Realm and global in case of failure. This should be avoided during the initialization as the global is rooted by the `GlobalObject::new_` function. Differential Revision: https://phabricator.services.mozilla.com/D163016
1c95cd727056a9364a388b5e40d9a8f4ff6f958f: Bug 1802497 - Part 5: Inline Number.prototype.toString when an explicit "base" argument is present. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 13:52:54 +0000 - rev 644003
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 1802497 - Part 5: Inline Number.prototype.toString when an explicit "base" argument is present. r=jandem Supporting this case saves about 2'300'000 VM calls in JetStream2 and 950'000 VM calls in Speedometer2. The new `Int32ToStringWithBaseResult` CacheIR op is transpiled into the two MIR instructions `MGuardInt32Range` and `MInt32ToStringWithBase`. In most cases the `base` argument is a constant, which enables to fold `MGuardInt32Range` away and also allows to make `MInt32ToStringWithBase` a non-guard instruction. Differential Revision: https://phabricator.services.mozilla.com/D163098
b82f4d2c161d90683d9daa2502a66b66b7bce838: Bug 1802497 - Part 4: Add MacroAssembler method for int32 to string conversion with base. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 13:52:54 +0000 - rev 644002
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 1802497 - Part 4: Add MacroAssembler method for int32 to string conversion with base. r=jandem A constant base argument is the most common case, so optimise this case even further. Differential Revision: https://phabricator.services.mozilla.com/D163097
9d73d3ace1c954586456d20e7f6d96f24d869c84: Bug 1802497 - Part 3: Add MacroAssembler::mulhu32(). r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 13:52:53 +0000 - rev 644001
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 1802497 - Part 3: Add MacroAssembler::mulhu32(). r=jandem Add unsigned, high-word, 32-bit multiplication in preparation for the next part. Differential Revision: https://phabricator.services.mozilla.com/D163096
cb0c2d59320716f4f88d44243c84c8cba2f63592: Bug 1802497 - Part 2: Move ReciprocalMulConstants into a separate file. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 13:52:53 +0000 - rev 644000
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 1802497 - Part 2: Move ReciprocalMulConstants into a separate file. r=jandem This makes it easier to reuse this `struct` in part 4. Differential Revision: https://phabricator.services.mozilla.com/D163095
a03d2f77f487be8a36bf706c16f6a90fa728f04b: Bug 1802497 - Part 1: Add missing MOZ_EXPORT for ARM simulator functions. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 13:52:53 +0000 - rev 643999
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 1802497 - Part 1: Add missing MOZ_EXPORT for ARM simulator functions. r=jandem The next part adds a new cpp-file, which changes unified bundles. Without this change we'll then get a "visibility does not match previous declaratio" error. Differential Revision: https://phabricator.services.mozilla.com/D163094
0ec972fc8ce072dc686e6542839909fa4d9e90b0: Bug 1802496: Inline the Number constructor when called with a string. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 13:52:52 +0000 - rev 643998
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 1802496: Inline the Number constructor when called with a string. r=jandem JetStream's "FlightPlanner" sub-benchmark hits this case 80'000 times. Differential Revision: https://phabricator.services.mozilla.com/D163093
9058e1f4b7cf1e3e185698cb3c29ccdb441d1bd9: Bug 1802495: Support more types when calling the String built-in constructor. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 13:52:52 +0000 - rev 643997
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 1802495: Support more types when calling the String built-in constructor. r=jandem JetStream's "uglify-js-wtb" sub-benchmark has 130'000 calls to `String()` which weren't inlined because the input is `null`. Differential Revision: https://phabricator.services.mozilla.com/D163092
d8f671207dd0073a2c840472438970bf27067d9f: Bug 815255 - Part 5: Correct number bounds check in parseInt. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 13:52:51 +0000 - rev 643996
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 815255 - Part 5: Correct number bounds check in parseInt. r=jandem Only numbers whose absolute value is less than 1.0e-6 can't take the fast path, i.e. 1.0e-6 itself can still take the fast path. Differential Revision: https://phabricator.services.mozilla.com/D163091
0e3f6ac2569a02f9e81b6c023e572fb272e9c263: Bug 815255 - Part 4: Inline Number.parseInt with Double input. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 13:52:51 +0000 - rev 643995
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 815255 - Part 4: Inline Number.parseInt with Double input. r=jandem Supporting Double inputs allows to inline the 1'160'000 `parseInt` calls in JetStream's "string-unpack-code-SP" sub-benchmark. Differential Revision: https://phabricator.services.mozilla.com/D163090
d5900226f9132d74a845efcb761fd8d3e68c00c7: Bug 815255 - Part 3: Inline Number.parseInt with radix=10. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 13:52:51 +0000 - rev 643994
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 815255 - Part 3: Inline Number.parseInt with radix=10. r=jandem The following JetStream benchmarks call `Number.parseInt`: - OfflineAssembler: 110'000 - FlightPlanner: 190'000 - Box2D: 7'130'000 - pdfjs: 1'200'000 - typescript: 10'000 - string-unpack-code-SP: 1'160'000 - acorn-wtb: 50'000 - babylon-wtb: 50'000 - chai-wtb: 50'000 - coffeescript-wtb: 50'000 - espree-wtb: 50'000 - jshint-wtb: 50'000 - lebab-wtb: 50'000 - prepack-wtb: 50'000 - uglify-js-wtb: 50'000 Supporting string and int32 inputs with radix=10 handles all calls to `Number.parseInt` in those benchmarks, except for: - OfflineAssembler: Calls `parseInt` with object inputs. - string-unpack-code-SP: Calls `parseInt` with double inputs. Differential Revision: https://phabricator.services.mozilla.com/D163089
53a0cbf5dc9f0c6f8873d80544a4592f5e5eba67: Bug 815255 - Part 2: Add a VM-call entry point for Number.parseInt. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 13:52:50 +0000 - rev 643993
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 815255 - Part 2: Add a VM-call entry point for Number.parseInt. r=jandem Split from the next part for easier review. Adds `js::NumberParseInt` which is going to be used in part 3. Differential Revision: https://phabricator.services.mozilla.com/D163088
5c2787d90d7c14583b7dfb54aad33448965e2581: Bug 815255 - Part 1: Add GuardSpecificInt32 CacheIR op. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 13:52:50 +0000 - rev 643992
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 815255 - Part 1: Add GuardSpecificInt32 CacheIR op. r=jandem Guard operation similar to the existing `GuardSpecificAtom` or `GuardSpecificSymbol`. Will be used in part 3. Differential Revision: https://phabricator.services.mozilla.com/D163087
bd4251cc135f5408b9bbe1a77b1d5b0df9fee4ac: Bug 1778510: Add a ShouldResistFingerprinting flag to JS RealmOptions r=jandem
Tom Ritter <tom@mozilla.com> - Tue, 29 Nov 2022 13:34:13 +0000 - rev 643961
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 1778510: Add a ShouldResistFingerprinting flag to JS RealmOptions r=jandem This will allow us to invoke the Timer Precision callback with this boolean. Differential Revision: https://phabricator.services.mozilla.com/D151283
2383d2a30a60e87499a64f3e91e05d16f0802294: Bug 1801108 - Improve debug printing of MIR. r=jandem.
Julian Seward <jseward@acm.org> - Tue, 29 Nov 2022 12:50:17 +0000 - rev 643956
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 1801108 - Improve debug printing of MIR. r=jandem. Debug printing of MIR is poor, which makes it difficult to debug the more complex Wasm->MIR translations, mostly because so much information is missing. This patch improves the basic printed structure and adds a framework by which we can incrementally add printing of MIR-node-specific fields in future. The following changes are made: * Printing of MIR expressions in nested style is removed. This is confusing in that casual reading of the output suggests that expressions are sometimes evaluated twice. This is removed and replaced with standard non-nested printing of (SSA) operands. * The result type of each MIR node is now printed before its name. This helps in debugging wasm 32-vs-64 bit code, for example. * Block IDs are now printed, so they can be referred to by branch insns. * A generic mechanism for printing extra, node-specific, fields has been introduced: overrideable method `MDefinition::getExtras`. By default this does nothing, but individual MIR classes can override it to provide any extra info they want. * For a few classes, `MDefinition::getExtras` has been filled in: for constants, comparisons, branch instructions, and fixed offsets in some wasm memory access insns. Differential Revision: https://phabricator.services.mozilla.com/D162547
27a6631f4fa2c9c224d3a196e289f4b4c21efe55: Bug 1802497 - Part 5: Inline Number.prototype.toString when an explicit "base" argument is present. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 12:17:29 +0000 - rev 643954
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 1802497 - Part 5: Inline Number.prototype.toString when an explicit "base" argument is present. r=jandem Supporting this case saves about 2'300'000 VM calls in JetStream2 and 950'000 VM calls in Speedometer2. The new `Int32ToStringWithBaseResult` CacheIR op is transpiled into the two MIR instructions `MGuardInt32Range` and `MInt32ToStringWithBase`. In most cases the `base` argument is a constant, which enables to fold `MGuardInt32Range` away and also allows to make `MInt32ToStringWithBase` a non-guard instruction. Differential Revision: https://phabricator.services.mozilla.com/D163098
bc80bb7696b936386706ec7092342e79136562d0: Bug 1802497 - Part 4: Add MacroAssembler method for int32 to string conversion with base. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 12:17:29 +0000 - rev 643953
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 1802497 - Part 4: Add MacroAssembler method for int32 to string conversion with base. r=jandem A constant base argument is the most common case, so optimise this case even further. Differential Revision: https://phabricator.services.mozilla.com/D163097
0779bc41e5cbee3374a4a1023e5793dcc19facc9: Bug 1802497 - Part 3: Add MacroAssembler::mulhu32(). r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 12:17:29 +0000 - rev 643952
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 1802497 - Part 3: Add MacroAssembler::mulhu32(). r=jandem Add unsigned, high-word, 32-bit multiplication in preparation for the next part. Differential Revision: https://phabricator.services.mozilla.com/D163096
6127b176c1670130173bc772b55e0b06312b9d16: Bug 1802497 - Part 2: Move ReciprocalMulConstants into a separate file. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 12:17:28 +0000 - rev 643951
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 1802497 - Part 2: Move ReciprocalMulConstants into a separate file. r=jandem This makes it easier to reuse this `struct` in part 4. Differential Revision: https://phabricator.services.mozilla.com/D163095
e6ef9da4fc75073172b4cdd232696c82a6b45470: Bug 1802497 - Part 1: Add missing MOZ_EXPORT for ARM simulator functions. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 12:17:27 +0000 - rev 643950
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 1802497 - Part 1: Add missing MOZ_EXPORT for ARM simulator functions. r=jandem The next part adds a new cpp-file, which changes unified bundles. Without this change we'll then get a "visibility does not match previous declaratio" error. Differential Revision: https://phabricator.services.mozilla.com/D163094
04273bd511319d6bf2484b4e11e92c2ed77a9fbf: Bug 1802496: Inline the Number constructor when called with a string. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 12:17:27 +0000 - rev 643949
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 1802496: Inline the Number constructor when called with a string. r=jandem JetStream's "FlightPlanner" sub-benchmark hits this case 80'000 times. Differential Revision: https://phabricator.services.mozilla.com/D163093
80440c1173073900ee78793732a51b7bf474a3d3: Bug 1802495: Support more types when calling the String built-in constructor. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 12:17:27 +0000 - rev 643948
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 1802495: Support more types when calling the String built-in constructor. r=jandem JetStream's "uglify-js-wtb" sub-benchmark has 130'000 calls to `String()` which weren't inlined because the input is `null`. Differential Revision: https://phabricator.services.mozilla.com/D163092
3b280950d4d9af7fcf4167654b688747b699ee38: Bug 815255 - Part 5: Correct number bounds check in parseInt. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 12:17:26 +0000 - rev 643947
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 815255 - Part 5: Correct number bounds check in parseInt. r=jandem Only numbers whose absolute value is less than 1.0e-6 can't take the fast path, i.e. 1.0e-6 itself can still take the fast path. Differential Revision: https://phabricator.services.mozilla.com/D163091
9632e28d5be95a2717defe67f1a9e62aff903a73: Bug 815255 - Part 4: Inline Number.parseInt with Double input. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 12:17:26 +0000 - rev 643946
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 815255 - Part 4: Inline Number.parseInt with Double input. r=jandem Supporting Double inputs allows to inline the 1'160'000 `parseInt` calls in JetStream's "string-unpack-code-SP" sub-benchmark. Differential Revision: https://phabricator.services.mozilla.com/D163090
4d430cf570f3d0cd44d0661154097628c16413f5: Bug 815255 - Part 3: Inline Number.parseInt with radix=10. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 12:17:25 +0000 - rev 643945
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 815255 - Part 3: Inline Number.parseInt with radix=10. r=jandem The following JetStream benchmarks call `Number.parseInt`: - OfflineAssembler: 110'000 - FlightPlanner: 190'000 - Box2D: 7'130'000 - pdfjs: 1'200'000 - typescript: 10'000 - string-unpack-code-SP: 1'160'000 - acorn-wtb: 50'000 - babylon-wtb: 50'000 - chai-wtb: 50'000 - coffeescript-wtb: 50'000 - espree-wtb: 50'000 - jshint-wtb: 50'000 - lebab-wtb: 50'000 - prepack-wtb: 50'000 - uglify-js-wtb: 50'000 Supporting string and int32 inputs with radix=10 handles all calls to `Number.parseInt` in those benchmarks, except for: - OfflineAssembler: Calls `parseInt` with object inputs. - string-unpack-code-SP: Calls `parseInt` with double inputs. Differential Revision: https://phabricator.services.mozilla.com/D163089
24e86ad0d0bd374de0c2283db5cb1d35212e4911: Bug 815255 - Part 2: Add a VM-call entry point for Number.parseInt. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 12:17:25 +0000 - rev 643944
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 815255 - Part 2: Add a VM-call entry point for Number.parseInt. r=jandem Split from the next part for easier review. Adds `js::NumberParseInt` which is going to be used in part 3. Differential Revision: https://phabricator.services.mozilla.com/D163088
c30b0e521ffa04c33c602204f536c0f1ea908d13: Bug 815255 - Part 1: Add GuardSpecificInt32 CacheIR op. r=jandem
André Bargull <andre.bargull@gmail.com> - Tue, 29 Nov 2022 12:17:25 +0000 - rev 643943
Push 40441 by imoraru@mozilla.com at Tue, 29 Nov 2022 21:47:49 +0000
Bug 815255 - Part 1: Add GuardSpecificInt32 CacheIR op. r=jandem Guard operation similar to the existing `GuardSpecificAtom` or `GuardSpecificSymbol`. Will be used in part 3. Differential Revision: https://phabricator.services.mozilla.com/D163087
5d4bbe51337a6aca2cea875a9c4574d3f8a55339: Bug 1219128 - Initialize Object and Function constructors when creating globals. r=jandem
Nicolas B. Pierron <nicolas.b.pierron@nbp.name> - Mon, 28 Nov 2022 18:43:49 +0000 - rev 643882
Push 40440 by ctuns@mozilla.com at Tue, 29 Nov 2022 08:40:32 +0000
Bug 1219128 - Initialize Object and Function constructors when creating globals. r=jandem Object and Function prototype initialization is stateful, and mutate the global as it is initializing the content of the Global. Attempts at making this process transactional was not successful. Thus, `JSProto_Object` and `JSProto_Function` are now initialized as part of the Global creation. Failures to initialize the global might lead to have a Realm with a partially initialized global. Such realm appears to have a valid global using `hasLiveGlobal()`. When catching failures, such global might still be used despite being partially initialized. A new field `initializingGlobal_` is added to `Realm` to track whether the global is live or not. Failures to comply with this requirement would cause the garbage collector to reclaim the Realm and global in case of failure. This should be avoided during the initialization as the global is rooted by the `GlobalObject::new_` function. Differential Revision: https://phabricator.services.mozilla.com/D163016
3efc48a2f505ae422be4a1067b18227f26bca880: Bug 1800514: Don't unbox in GuardMultipleShapes r=jandem
Iain Ireland <iireland@mozilla.com> - Mon, 28 Nov 2022 18:33:43 +0000 - rev 643881
Push 40440 by ctuns@mozilla.com at Tue, 29 Nov 2022 08:40:32 +0000
Bug 1800514: Don't unbox in GuardMultipleShapes r=jandem I was already staring at register allocation in this function, so it seemed like a reasonable time to fix this. Depends on D163154 Differential Revision: https://phabricator.services.mozilla.com/D163155
07d25c3b1a514e87e2256730b2c61b6e813c02a2: Bug 1671228: Part 8: Reduce register pressure in CloseIter r=jandem
Iain Ireland <iireland@mozilla.com> - Mon, 28 Nov 2022 18:33:42 +0000 - rev 643880
Push 40440 by ctuns@mozilla.com at Tue, 29 Nov 2022 08:40:32 +0000
Bug 1671228: Part 8: Reduce register pressure in CloseIter r=jandem An xpcshell test on 32-bit windows ran out of registers because we folded a shapeguard in a CloseIter IC and the tag register of the input operand wasn't marked as available. Differential Revision: https://phabricator.services.mozilla.com/D163154
9c8f3a9eb46deb415d8e9b22e6a3dbb2cd9b7499: Bug 1671228: Part 7: Handle cross-compartment shapes r=jandem
Iain Ireland <iireland@mozilla.com> - Mon, 28 Nov 2022 18:33:42 +0000 - rev 643879
Push 40440 by ctuns@mozilla.com at Tue, 29 Nov 2022 08:40:32 +0000
Bug 1671228: Part 7: Handle cross-compartment shapes r=jandem In the cross-compartment wrapper case, we can end up with shapes from a different compartment. The easiest fix to do is just not fold. Differential Revision: https://phabricator.services.mozilla.com/D163027
18ba1b207c9cacf635f765281239b13deb86b956: Bug 1671228: Part 6: Add tests r=jandem
Iain Ireland <iireland@mozilla.com> - Mon, 28 Nov 2022 18:33:41 +0000 - rev 643878
Push 40440 by ctuns@mozilla.com at Tue, 29 Nov 2022 08:40:32 +0000
Bug 1671228: Part 6: Add tests r=jandem Differential Revision: https://phabricator.services.mozilla.com/D160933
ba8318539e16c952a6376bc9059a5842e13fc2b8: Bug 1671228: Part 5: Try folding stubs before transitioning IC state r=jandem
Iain Ireland <iireland@mozilla.com> - Mon, 28 Nov 2022 18:33:41 +0000 - rev 643877
Push 40440 by ctuns@mozilla.com at Tue, 29 Nov 2022 08:40:32 +0000
Bug 1671228: Part 5: Try folding stubs before transitioning IC state r=jandem Differential Revision: https://phabricator.services.mozilla.com/D160932
c3afe07897807cd2e22f452d8cbdbcb804e1ad9b: Bug 1671228: Part 4: Add shapes to existing GuardMultipleShapes r=jandem
Iain Ireland <iireland@mozilla.com> - Mon, 28 Nov 2022 18:33:41 +0000 - rev 643876
Push 40440 by ctuns@mozilla.com at Tue, 29 Nov 2022 08:40:32 +0000
Bug 1671228: Part 4: Add shapes to existing GuardMultipleShapes r=jandem Differential Revision: https://phabricator.services.mozilla.com/D160931
91e2af4f5f7fc46eadafd06eadcf5220e3c252f5: Bug 1671228: Part 3: Transpile GuardMultipleShapes r=jandem
Iain Ireland <iireland@mozilla.com> - Mon, 28 Nov 2022 18:33:40 +0000 - rev 643875
Push 40440 by ctuns@mozilla.com at Tue, 29 Nov 2022 08:40:32 +0000
Bug 1671228: Part 3: Transpile GuardMultipleShapes r=jandem Differential Revision: https://phabricator.services.mozilla.com/D160930
2c8c353f6a8c3b6e2ea85559fe393e6f454c86b4: Bug 1671228: Part 2: Implement TryFoldingStubs r=jandem
Iain Ireland <iireland@mozilla.com> - Mon, 28 Nov 2022 18:33:40 +0000 - rev 643874
Push 40440 by ctuns@mozilla.com at Tue, 29 Nov 2022 08:40:32 +0000
Bug 1671228: Part 2: Implement TryFoldingStubs r=jandem Differential Revision: https://phabricator.services.mozilla.com/D160929
197bb8ef40b35661cd9767b7477a06b2e38bb0eb: Bug 1671228: Part 1: Add GuardMultipleShapes r=jandem
Iain Ireland <iireland@mozilla.com> - Mon, 28 Nov 2022 18:33:39 +0000 - rev 643873
Push 40440 by ctuns@mozilla.com at Tue, 29 Nov 2022 08:40:32 +0000
Bug 1671228: Part 1: Add GuardMultipleShapes r=jandem Differential Revision: https://phabricator.services.mozilla.com/D160928
c575e824e291c080ce2f87ea15bec9b81ac2dacd: Bug 1778510: Add a ShouldResistFingerprinting flag to JS RealmOptions r=jandem
Tom Ritter <tom@mozilla.com> - Mon, 28 Nov 2022 18:04:05 +0000 - rev 643841
Push 40440 by ctuns@mozilla.com at Tue, 29 Nov 2022 08:40:32 +0000
Bug 1778510: Add a ShouldResistFingerprinting flag to JS RealmOptions r=jandem This will allow us to invoke the Timer Precision callback with this boolean. Differential Revision: https://phabricator.services.mozilla.com/D151283
e0da33accb10a25dc2a936142a991bf2290bd9f5: Bug 1802731 - Fix accidental rename of regress-531682.js. r=jandem
Ryan VanderMeulen <ryanvm@gmail.com> - Mon, 28 Nov 2022 16:13:36 +0000 - rev 643819
Push 40439 by abutkovits@mozilla.com at Mon, 28 Nov 2022 21:39:16 +0000
Bug 1802731 - Fix accidental rename of regress-531682.js. r=jandem Differential Revision: https://phabricator.services.mozilla.com/D163222
90d0da03ca4f5afd84c16274dfeac4d173f203ee: Bug 1802479 - Don't set rval if JSContext::getPendingException fails r=jandem
Jon Coppeard <jcoppeard@mozilla.com> - Mon, 28 Nov 2022 12:59:31 +0000 - rev 643807
Push 40439 by abutkovits@mozilla.com at Mon, 28 Nov 2022 21:39:16 +0000
Bug 1802479 - Don't set rval if JSContext::getPendingException fails r=jandem The problem here is that the ModuleEvaluate assumed that getPendingException would leave the output value as undefined if it failed, but that wasn't true. Differential Revision: https://phabricator.services.mozilla.com/D163205
1c4991ca87a6dbb6c16496153eb8560a4d4bdaef: Bug 1802308 - Make RegExpShared jitCode edges strong r=jandem
Jon Coppeard <jcoppeard@mozilla.com> - Mon, 28 Nov 2022 09:42:30 +0000 - rev 643789
Push 40438 by sstanca@mozilla.com at Mon, 28 Nov 2022 15:41:50 +0000
Bug 1802308 - Make RegExpShared jitCode edges strong r=jandem The pre-barrier verifier is complaining, presumably because discarding JIT code removing one of these edges without marking the target. That happens because it's a WeakHeapPtr<> which doesn't have a pre-barrier. These don't need pre-barriers though because they have a read barrier instead. The verifier doesn't know this because the edge is traced like it's a strong edge in RegExpShared::traceChildren. The solution is just to make this a normal strong edge. Discarding JIT code usually happens before write barriers are enabled so we won't keep these around longer than normal. Differential Revision: https://phabricator.services.mozilla.com/D163015
e93004f91f6f39f3bd126ff3b1159a12a7d995ac: Bug 1778510: Add a ShouldResistFingerprinting flag to JS RealmOptions r=jandem
Tom Ritter <tom@mozilla.com> - Mon, 28 Nov 2022 04:21:25 +0000 - rev 643754
Push 40438 by sstanca@mozilla.com at Mon, 28 Nov 2022 15:41:50 +0000
Bug 1778510: Add a ShouldResistFingerprinting flag to JS RealmOptions r=jandem This will allow us to invoke the Timer Precision callback with this boolean. Differential Revision: https://phabricator.services.mozilla.com/D151283