Bug 1499644 - Move IC data out of BaselineScript. r=tcampbell

ICEntries and the fallback stub space are now stored in ICScript. The ICScript* is stored in TypeScript to not increase sizeof(JSScript). We need this for bug 1499324 but it also lets us greatly simplify the BaselineDebugModeOSR code as this patch shows. Note: some ICScript method definitions are still in BaselineJIT.cpp instead of BaselineIC.cpp to make this patch easier to review. We could move them to BaselineIC.cpp as a follow-up change. Differential Revision: https://phabricator.services.mozilla.com/D11746 --HG-- extra : moz-landing-system : lando
mozilla · Nov 29, 2018 · b38ee74 · b38ee74
1 parent 61d903a
commit b38ee74
Show file tree

Hide file tree

Showing 30 changed files with 735 additions and 969 deletions.
diff --git a/js/src/gc/Zone.cpp b/js/src/gc/Zone.cpp
@@ -9,6 +9,7 @@
 #include "gc/FreeOp.h"
 #include "gc/Policy.h"
 #include "gc/PublicIterators.h"
+#include "jit/BaselineIC.h"
 #include "jit/BaselineJIT.h"
 #include "jit/Ion.h"
 #include "jit/JitRealm.h"
@@ -18,6 +19,7 @@
 
 #include "gc/GC-inl.h"
 #include "gc/Marking-inl.h"
+#include "vm/JSScript-inl.h"
 #include "vm/Realm-inl.h"
 
 using namespace js;
@@ -260,11 +262,20 @@ Zone::discardJitCode(FreeOp* fop, bool discardBaselineCode, bool releaseTypes)
             script->baselineScript()->setControlFlowGraph(nullptr);
         }
 
-        // Try to release the script's TypeScript. This should happen last
-        // because we can't do this when the script still has JIT code.
+        // Try to release the script's TypeScript. This should happen after
+        // releasing JIT code because we can't do this when the script still has
+        // JIT code.
         if (releaseTypes) {
             script->maybeReleaseTypes();
         }
+
+        // The optimizedStubSpace will be purged below so make sure ICScript
+        // doesn't point into it. We do this after (potentially) releasing types
+        // because TypeScript contains the ICScript* and there's no need to
+        // purge stubs if we just destroyed the Typescript.
+        if (discardBaselineCode && script->hasICScript()) {
+            script->icScript()->purgeOptimizedStubs(script->zone());
+        }
     }
 
     /*

diff --git a/js/src/jit/BaselineBailouts.cpp b/js/src/jit/BaselineBailouts.cpp
@@ -1063,6 +1063,7 @@ InitFromBailout(JSContext* cx, size_t frameNo,
 
     const uint32_t pcOff = script->pcToOffset(pc);
     BaselineScript* baselineScript = script->baselineScript();
+    ICScript* icScript = script->icScript();
 
 #ifdef DEBUG
     uint32_t expectedDepth;
@@ -1120,7 +1121,7 @@ InitFromBailout(JSContext* cx, size_t frameNo,
             // Not every monitored op has a monitored fallback stub, e.g.
             // JSOP_NEWOBJECT, which always returns the same type for a
             // particular script/pc location.
-            ICEntry& icEntry = baselineScript->icEntryFromPCOffset(pcOff);
+            ICEntry& icEntry = icScript->icEntryFromPCOffset(pcOff);
             ICFallbackStub* fallbackStub = icEntry.firstStub()->getChainFallback();
             if (fallbackStub->isMonitoredFallback()) {
                 enterMonitorChain = true;
@@ -1137,7 +1138,7 @@ InitFromBailout(JSContext* cx, size_t frameNo,
         builder.setResumeFramePtr(prevFramePtr);
 
         if (enterMonitorChain) {
-            ICEntry& icEntry = baselineScript->icEntryFromPCOffset(pcOff);
+            ICEntry& icEntry = icScript->icEntryFromPCOffset(pcOff);
             ICFallbackStub* fallbackStub = icEntry.firstStub()->getChainFallback();
             MOZ_ASSERT(fallbackStub->isMonitoredFallback());
             JitSpew(JitSpew_BaselineBailouts, "      [TYPE-MONITOR CHAIN]");
@@ -1317,7 +1318,7 @@ InitFromBailout(JSContext* cx, size_t frameNo,
 
     // Calculate and write out return address.
     // The icEntry in question MUST have an inlinable fallback stub.
-    ICEntry& icEntry = baselineScript->icEntryFromPCOffset(pcOff);
+    ICEntry& icEntry = icScript->icEntryFromPCOffset(pcOff);
     MOZ_ASSERT(IsInlinableFallback(icEntry.firstStub()->getChainFallback()));
 
     RetAddrEntry& retAddrEntry =

diff --git a/js/src/jit/BaselineCacheIRCompiler.cpp b/js/src/jit/BaselineCacheIRCompiler.cpp
@@ -2414,65 +2414,6 @@ ICCacheIR_Updated::stubDataStart()
     return reinterpret_cast<uint8_t*>(this) + stubInfo_->stubDataOffset();
 }
 
-/* static */ ICCacheIR_Regular*
-ICCacheIR_Regular::Clone(JSContext* cx, ICStubSpace* space, ICStub* firstMonitorStub,
-                         ICCacheIR_Regular& other)
-{
-    const CacheIRStubInfo* stubInfo = other.stubInfo();
-    MOZ_ASSERT(stubInfo->makesGCCalls());
-
-    size_t bytesNeeded = stubInfo->stubDataOffset() + stubInfo->stubDataSize();
-    void* newStub = space->alloc(bytesNeeded);
-    if (!newStub) {
-        return nullptr;
-    }
-
-    ICCacheIR_Regular* res = new(newStub) ICCacheIR_Regular(other.jitCode(), stubInfo);
-    stubInfo->copyStubData(&other, res);
-    return res;
-}
-
-
-/* static */ ICCacheIR_Monitored*
-ICCacheIR_Monitored::Clone(JSContext* cx, ICStubSpace* space, ICStub* firstMonitorStub,
-                           ICCacheIR_Monitored& other)
-{
-    const CacheIRStubInfo* stubInfo = other.stubInfo();
-    MOZ_ASSERT(stubInfo->makesGCCalls());
-
-    size_t bytesNeeded = stubInfo->stubDataOffset() + stubInfo->stubDataSize();
-    void* newStub = space->alloc(bytesNeeded);
-    if (!newStub) {
-        return nullptr;
-    }
-
-    ICCacheIR_Monitored* res = new(newStub) ICCacheIR_Monitored(other.jitCode(), firstMonitorStub,
-                                                                stubInfo);
-    stubInfo->copyStubData(&other, res);
-    return res;
-}
-
-/* static */ ICCacheIR_Updated*
-ICCacheIR_Updated::Clone(JSContext* cx, ICStubSpace* space, ICStub* firstMonitorStub,
-                         ICCacheIR_Updated& other)
-{
-    const CacheIRStubInfo* stubInfo = other.stubInfo();
-    MOZ_ASSERT(stubInfo->makesGCCalls());
-
-    size_t bytesNeeded = stubInfo->stubDataOffset() + stubInfo->stubDataSize();
-    void* newStub = space->alloc(bytesNeeded);
-    if (!newStub) {
-        return nullptr;
-    }
-
-    ICCacheIR_Updated* res = new(newStub) ICCacheIR_Updated(other.jitCode(), stubInfo);
-    res->updateStubGroup() = other.updateStubGroup();
-    res->updateStubId() = other.updateStubId();
-
-    stubInfo->copyStubData(&other, res);
-    return res;
-}
-
 bool
 BaselineCacheIRCompiler::emitCallStringConcatResult()
 {