RESOLVED FIXED 63173
DFG non-speculative JIT lacks basic optimizations for GetById and GetByVal 
https://bugs.webkit.org/show_bug.cgi?id=63173
Summary DFG non-speculative JIT lacks basic optimizations for GetById and GetByVal
Filip Pizlo
Reported 2011-06-22 13:04:32 PDT
The main JSC JIT has optimizations to speed up GetById and GetByVal for common cases. The DFG speculative JIT has some of these optimizations as well. But the non-speculative JIT always calls out to C, potentially resulting in performance regressions on code that fails speculation.
Attachments
the patch (9.78 KB, patch)
2011-06-22 13:12 PDT, Filip Pizlo 		no flags
DetailsFormatted DiffDiff
the patch (fixed style) (9.79 KB, patch)
2011-06-22 13:24 PDT, Filip Pizlo 		no flags
DetailsFormatted DiffDiff
the patch (more style fixes) (9.80 KB, patch)
2011-06-22 13:33 PDT, Filip Pizlo 		barraclough: review-
DetailsFormatted DiffDiff
the patch (fixed review comments) (9.09 KB, patch)
2011-06-22 18:10 PDT, Filip Pizlo 		no flags
DetailsFormatted DiffDiff
the patch (fixed review, fixed style) (9.08 KB, patch)
2011-06-22 20:02 PDT, Filip Pizlo 		barraclough: review-
DetailsFormatted DiffDiff
the patch (fix identifier name) (9.08 KB, patch)
2011-06-23 14:57 PDT, Filip Pizlo 		no flags
DetailsFormatted DiffDiff
Show Obsolete (5) View All Add attachment proposed patch, testcase, etc.
Filip Pizlo
Comment 1 2011-06-22 13:12:11 PDT
Created attachment 98226 [details] the patch
WebKit Review Bot
Comment 2 2011-06-22 13:14:48 PDT
Attachment 98226 [details] did not pass style-queue: Failed to run "['Tools/Scripts/check-webkit-style', '--diff-files', u'Source/JavaScriptCore/ChangeLog', u'Source..." exit_code: 1 Source/JavaScriptCore/ChangeLog:6: Line contains tab character. [whitespace/tab] [5] Source/JavaScriptCore/dfg/DFGJITCodeGenerator.cpp:328: Place brace on its own line for function definitions. [whitespace/braces] [4] Source/JavaScriptCore/dfg/DFGNonSpeculativeJIT.cpp:502: Missing spaces around = [whitespace/operators] [4] Source/JavaScriptCore/dfg/DFGNonSpeculativeJIT.cpp:503: Missing spaces around != [whitespace/operators] [3] Total errors found: 4 in 5 files If any of these errors are false positives, please file a bug against check-webkit-style.
Filip Pizlo
Comment 3 2011-06-22 13:24:48 PDT
Created attachment 98230 [details] the patch (fixed style)
WebKit Review Bot
Comment 4 2011-06-22 13:27:54 PDT
Attachment 98230 [details] did not pass style-queue: Failed to run "['Tools/Scripts/check-webkit-style', '--diff-files', u'Source/JavaScriptCore/ChangeLog', u'Source..." exit_code: 1 Source/JavaScriptCore/ChangeLog:6: Line contains tab character. [whitespace/tab] [5] Total errors found: 1 in 5 files If any of these errors are false positives, please file a bug against check-webkit-style.
Filip Pizlo
Comment 5 2011-06-22 13:33:16 PDT
Created attachment 98231 [details] the patch (more style fixes)
Gavin Barraclough
Comment 6 2011-06-22 15:02:24 PDT
Comment on attachment 98231 [details] the patch (more style fixes) View in context: https://bugs.webkit.org/attachment.cgi?id=98231&action=review Please fix comments above, as discussed! > Source/JavaScriptCore/dfg/DFGNonSpeculativeJIT.cpp:502 > + NodeIndex alias = node.child3; The alias optimization is unsafe on the non-speculative path. This assumes that between subsequent GetByVals to the same location, the value / array has not changed. We ensure this is true on the speculative path by restricting generation of operations that would trigger side-effects, but do not do so on the non-speculative path. > Source/JavaScriptCore/dfg/DFGNonSpeculativeJIT.cpp:586 > + cachedGetById(baseGPR, resultGPR, node.identifierNumber()); The code generation for this method is going to generate two calls, please refactor to make one call.
Filip Pizlo
Comment 7 2011-06-22 18:10:44 PDT
Created attachment 98280 [details] the patch (fixed review comments)
WebKit Review Bot
Comment 8 2011-06-22 18:14:02 PDT
Attachment 98280 [details] did not pass style-queue: Failed to run "['Tools/Scripts/check-webkit-style', '--diff-files', u'Source/JavaScriptCore/ChangeLog', u'Source..." exit_code: 1 Source/JavaScriptCore/dfg/DFGJITCodeGenerator.cpp:335: One line control clauses should not use braces. [whitespace/braces] [4] Total errors found: 1 in 5 files If any of these errors are false positives, please file a bug against check-webkit-style.
Filip Pizlo
Comment 9 2011-06-22 20:02:20 PDT
Created attachment 98300 [details] the patch (fixed review, fixed style)
Gavin Barraclough
Comment 10 2011-06-23 14:47:19 PDT
Comment on attachment 98300 [details] the patch (fixed review, fixed style) Hey Filip, sorry to be picky but Darin will be disappointed in me if I'm not. :-) WebKit coding style calls for full names, bar cases of very commonly idiomatic abbreviations. really 'slowPathTarg' has to be 'slowPathTarget'. Sorry to bounce your patch for two extra letter, but we should do this right.
Filip Pizlo
Comment 11 2011-06-23 14:57:16 PDT
Created attachment 98411 [details] the patch (fix identifier name)
Gavin Barraclough
Comment 12 2011-06-23 16:49:58 PDT
Comment on attachment 98411 [details] the patch (fix identifier name) Looks great Filip!
WebKit Review Bot
Comment 13 2011-06-23 17:40:30 PDT
Comment on attachment 98411 [details] the patch (fix identifier name) Clearing flags on attachment: 98411 Committed r89643: <http://trac.webkit.org/changeset/89643>
WebKit Review Bot
Comment 14 2011-06-23 17:40:34 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.