Bug 1639839 - Warp: Transpile JSOp::New. r=jandem
authorTom Schuster <evilpies@gmail.com>
Thu, 21 May 2020 16:50:22 +0000
changeset 531485 15c7977477482783098ffa5f9648c94534e53081
parent 531484 66087bb120a4c7a9119d48378414d8c41007a744
child 531486 b7aa40fd2d2a8bcea543524957f23ccd8783b016
push id37440
push userabutkovits@mozilla.com
push dateFri, 22 May 2020 09:43:16 +0000
treeherdermozilla-central@fbf71e4d2e21 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersjandem
bugs1639839
milestone78.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1639839 - Warp: Transpile JSOp::New. r=jandem We also need to ignore the template metadata for things like `new Array`. In the future of course we should actually use that for optimizations. Differential Revision: https://phabricator.services.mozilla.com/D76303
js/src/jit/CacheIROps.yaml
js/src/jit/WarpCacheIRTranspiler.cpp
js/src/jit/WarpOracle.cpp
js/src/vm/BytecodeLocation.h
--- a/js/src/jit/CacheIROps.yaml
+++ b/js/src/jit/CacheIROps.yaml
@@ -820,17 +820,17 @@
     callee: ObjId
     argc: Int32Id
     flags: CallFlagsImm
     target: RawPointerField
 
 # Meta ops generate no code, but contain data for BaselineInspector.
 - name: MetaTwoByte
   shared: true
-  transpile: false
+  transpile: true
   custom_writer: true
   args:
     kind: MetaTwoByteKindImm
     functionObject: ObjectField
     templateObject: ObjectField
 
 - name: LoadFixedSlotResult
   shared: false
--- a/js/src/jit/WarpCacheIRTranspiler.cpp
+++ b/js/src/jit/WarpCacheIRTranspiler.cpp
@@ -1041,17 +1041,17 @@ bool WarpCacheIRTranspiler::emitArrayPus
   pushResult(ins);
 
   return resumeAfter(ins);
 }
 
 bool WarpCacheIRTranspiler::emitLoadArgumentFixedSlot(ValOperandId resultId,
                                                       uint8_t slotIndex) {
   // Reverse of GetIndexOfArgument specialized to !hasArgumentArray.
-  MOZ_ASSERT(loc_.is(JSOp::Call) || loc_.is(JSOp::CallIgnoresRv));
+  MOZ_ASSERT(!loc_.isSpreadOp());
 
   // Layout:
   // <NewTarget> | Args.. | ThisValue | Callee
   // 0           | 0 (+1) | argc (+1) | argc + 1 (+ 1)
   // ^ (if constructing)
 
   // NewTarget (optional)
   if (callInfo_->constructing()) {
@@ -1097,16 +1097,19 @@ bool WarpCacheIRTranspiler::emitCallNati
                                                    bool ignoresReturnValue) {
   MDefinition* callee = getOperand(calleeId);
 #  ifdef DEBUG
   MDefinition* argc = getOperand(argcId);
   MOZ_ASSERT(argc->toConstant()->toInt32() ==
              static_cast<int32_t>(callInfo_->argc()));
 #  endif
 
+  // TODO: For non-normal calls the arguments need to be changed.
+  MOZ_ASSERT(flags.getArgFormat() == CallFlags::Standard);
+
   // CacheIR emits the following for specialized native calls:
   //     GuardSpecificObject <callee> <func>
   //     CallNativeFunction <callee> ..
   // We can use the <func> JSFunction object to specialize this call.
   // GuardSpecificObject is transpiled to MGuardObjectIdentity above.
   JSFunction* target = nullptr;
   if (callee->isGuardObjectIdentity()) {
     auto* guard = callee->toGuardObjectIdentity();
@@ -1136,16 +1139,22 @@ bool WarpCacheIRTranspiler::emitCallNati
 
   addEffectful(call);
   pushResult(call);
 
   return resumeAfter(call);
 }
 #endif
 
+bool WarpCacheIRTranspiler::emitMetaTwoByte(MetaTwoByteKind kind,
+                                            uint32_t functionObjectOffset,
+                                            uint32_t templateObjectOffset) {
+  return true;
+}
+
 bool WarpCacheIRTranspiler::emitTypeMonitorResult() {
   MOZ_ASSERT(pushedResult_, "Didn't push result MDefinition");
   return true;
 }
 
 bool WarpCacheIRTranspiler::emitReturnFromIC() { return true; }
 
 bool jit::TranspileCacheIRToMIR(MIRGenerator& mirGen, BytecodeLocation loc,
--- a/js/src/jit/WarpOracle.cpp
+++ b/js/src/jit/WarpOracle.cpp
@@ -426,16 +426,19 @@ AbortReasonOr<WarpScriptSnapshot*> WarpO
       case JSOp::CallProp:
       case JSOp::Length:
       case JSOp::GetElem:
       case JSOp::CallElem:
       case JSOp::SetProp:
       case JSOp::StrictSetProp:
       case JSOp::Call:
       case JSOp::CallIgnoresRv:
+      case JSOp::FunCall:
+      case JSOp::FunApply:
+      case JSOp::New:
       case JSOp::ToNumeric:
       case JSOp::Pos:
       case JSOp::Inc:
       case JSOp::Dec:
       case JSOp::Neg:
       case JSOp::BitNot:
       case JSOp::Iter:
       case JSOp::Eq:
@@ -554,19 +557,16 @@ AbortReasonOr<WarpScriptSnapshot*> WarpO
       case JSOp::SetAliasedVar:
       case JSOp::InitAliasedLexical:
       case JSOp::EnvCallee:
       case JSOp::IterNext:
       case JSOp::MoreIter:
       case JSOp::EndIter:
       case JSOp::IsNoIter:
       case JSOp::CallIter:
-      case JSOp::FunCall:
-      case JSOp::FunApply:
-      case JSOp::New:
       case JSOp::SuperCall:
       case JSOp::DelProp:
       case JSOp::StrictDelProp:
       case JSOp::DelElem:
       case JSOp::StrictDelElem:
       case JSOp::SetFunName:
       case JSOp::PushLexicalEnv:
       case JSOp::PopLexicalEnv:
--- a/js/src/vm/BytecodeLocation.h
+++ b/js/src/vm/BytecodeLocation.h
@@ -192,16 +192,18 @@ class BytecodeLocation {
   bool isEqualityOp() const { return IsEqualityOp(getOp()); }
 
   bool isStrictEqualityOp() const { return IsStrictEqualityOp(getOp()); }
 
   bool isStrictSetOp() const { return IsStrictSetPC(rawBytecode_); }
 
   bool isNameOp() const { return IsNameOp(getOp()); }
 
+  bool isSpreadOp() const { return IsSpreadOp(getOp()); }
+
   bool resultIsPopped() const {
     MOZ_ASSERT(StackDefs(rawBytecode_) == 1);
     return BytecodeIsPopped(rawBytecode_);
   }
 
   // Accessors:
   JSOp getOp() const { return JSOp(*rawBytecode_); }