1/*
2 * Copyright (C) 2016-2018 Apple Inc. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
14 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
17 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
18 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
19 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
20 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26#pragma once
27
28#if ENABLE(JIT)
29
30#include "ArithProfile.h"
31#include "CCallHelpers.h"
32#include "JITAddGenerator.h"
33#include "JITMathICInlineResult.h"
34#include "JITMulGenerator.h"
35#include "JITNegGenerator.h"
36#include "JITSubGenerator.h"
37#include "LinkBuffer.h"
38#include "Repatch.h"
39
40namespace JSC {
41
42class LinkBuffer;
43
44struct MathICGenerationState {
45 MacroAssembler::Label fastPathStart;
46 MacroAssembler::Label fastPathEnd;
47 MacroAssembler::Label slowPathStart;
48 MacroAssembler::Call slowPathCall;
49 MacroAssembler::JumpList slowPathJumps;
50 bool shouldSlowPathRepatch;
51};
52
53#define ENABLE_MATH_IC_STATS 0
54
55template <typename GeneratorType, bool(*isProfileEmpty)(ArithProfile&)>
56class JITMathIC {
57 WTF_MAKE_FAST_ALLOCATED;
58public:
59 JITMathIC(ArithProfile* arithProfile)
60 : m_arithProfile(arithProfile)
61 {
62 }
63
64 CodeLocationLabel<JSInternalPtrTag> doneLocation() { return m_inlineEnd; }
65 CodeLocationCall<JSInternalPtrTag> slowPathCallLocation() { return m_slowPathCallLocation; }
66 CodeLocationLabel<JSInternalPtrTag> slowPathStartLocation() { return m_slowPathStartLocation; }
67
68 bool generateInline(CCallHelpers& jit, MathICGenerationState& state, bool shouldEmitProfiling = true)
69 {
70 state.fastPathStart = jit.label();
71 size_t startSize = jit.m_assembler.buffer().codeSize();
72
73 if (m_arithProfile) {
74 if (isProfileEmpty(*m_arithProfile)) {
75 // It looks like the MathIC has yet to execute. We don't want to emit code in this
76 // case for a couple reasons. First, the operation may never execute, so if we don't emit
77 // code, it's a win. Second, if the operation does execute, we can emit better code
78 // once we have an idea about the types.
79 state.slowPathJumps.append(jit.patchableJump());
80 size_t inlineSize = jit.m_assembler.buffer().codeSize() - startSize;
81 ASSERT_UNUSED(inlineSize, static_cast<ptrdiff_t>(inlineSize) <= MacroAssembler::patchableJumpSize());
82 state.shouldSlowPathRepatch = true;
83 state.fastPathEnd = jit.label();
84 ASSERT(!m_generateFastPathOnRepatch); // We should have gathered some observed type info about the types before trying to regenerate again.
85 m_generateFastPathOnRepatch = true;
86 return true;
87 }
88 }
89
90 JITMathICInlineResult result = m_generator.generateInline(jit, state, m_arithProfile);
91
92 switch (result) {
93 case JITMathICInlineResult::GeneratedFastPath: {
94 size_t inlineSize = jit.m_assembler.buffer().codeSize() - startSize;
95 if (static_cast<ptrdiff_t>(inlineSize) < MacroAssembler::patchableJumpSize()) {
96 size_t nopsToEmitInBytes = MacroAssembler::patchableJumpSize() - inlineSize;
97 jit.emitNops(nopsToEmitInBytes);
98 }
99 state.shouldSlowPathRepatch = true;
100 state.fastPathEnd = jit.label();
101 return true;
102 }
103 case JITMathICInlineResult::GenerateFullSnippet: {
104 MacroAssembler::JumpList endJumpList;
105 bool result = m_generator.generateFastPath(jit, endJumpList, state.slowPathJumps, m_arithProfile, shouldEmitProfiling);
106 if (result) {
107 state.fastPathEnd = jit.label();
108 state.shouldSlowPathRepatch = false;
109 endJumpList.link(&jit);
110 return true;
111 }
112 return false;
113 }
114 case JITMathICInlineResult::DontGenerate: {
115 return false;
116 }
117 default:
118 ASSERT_NOT_REACHED();
119 }
120
121 return false;
122 }
123
124 void generateOutOfLine(CodeBlock* codeBlock, FunctionPtr<CFunctionPtrTag> callReplacement)
125 {
126 auto linkJumpToOutOfLineSnippet = [&] () {
127 CCallHelpers jit(codeBlock);
128 auto jump = jit.jump();
129 // We don't need a nop sled here because nobody should be jumping into the middle of an IC.
130 bool needsBranchCompaction = false;
131 RELEASE_ASSERT(jit.m_assembler.buffer().codeSize() <= static_cast<size_t>(MacroAssembler::differenceBetweenCodePtr(m_inlineStart, m_inlineEnd)));
132 LinkBuffer linkBuffer(jit, m_inlineStart, jit.m_assembler.buffer().codeSize(), JITCompilationMustSucceed, needsBranchCompaction);
133 RELEASE_ASSERT(linkBuffer.isValid());
134 linkBuffer.link(jump, CodeLocationLabel<JITStubRoutinePtrTag>(m_code.code()));
135 FINALIZE_CODE(linkBuffer, NoPtrTag, "JITMathIC: linking constant jump to out of line stub");
136 };
137
138 auto replaceCall = [&] () {
139#if COMPILER(MSVC) && !COMPILER(CLANG)
140 ftlThunkAwareRepatchCall(codeBlock, slowPathCallLocation().retagged<JSInternalPtrTag>(), callReplacement);
141#else
142 ftlThunkAwareRepatchCall(codeBlock, slowPathCallLocation().template retagged<JSInternalPtrTag>(), callReplacement);
143#endif
144 };
145
146 bool shouldEmitProfiling = !JITCode::isOptimizingJIT(codeBlock->jitType());
147
148 if (m_generateFastPathOnRepatch) {
149
150 CCallHelpers jit(codeBlock);
151 MathICGenerationState generationState;
152 bool generatedInline = generateInline(jit, generationState, shouldEmitProfiling);
153
154 // We no longer want to try to regenerate the fast path.
155 m_generateFastPathOnRepatch = false;
156
157 if (generatedInline) {
158 auto jumpToDone = jit.jump();
159
160 LinkBuffer linkBuffer(jit, codeBlock, JITCompilationCanFail);
161 if (!linkBuffer.didFailToAllocate()) {
162 linkBuffer.link(generationState.slowPathJumps, slowPathStartLocation());
163 linkBuffer.link(jumpToDone, doneLocation());
164
165 m_code = FINALIZE_CODE_FOR(
166 codeBlock, linkBuffer, JITStubRoutinePtrTag, "JITMathIC: generating out of line fast IC snippet");
167
168 if (!generationState.shouldSlowPathRepatch) {
169 // We won't need to regenerate, so we can wire the slow path call
170 // to a non repatching variant.
171 replaceCall();
172 }
173
174 linkJumpToOutOfLineSnippet();
175
176 return;
177 }
178 }
179
180 // We weren't able to generate an out of line fast path.
181 // We just generate the snippet in its full generality.
182 }
183
184 // We rewire to the alternate regardless of whether or not we can allocate the out of line path
185 // because if we fail allocating the out of line path, we don't want to waste time trying to
186 // allocate it in the future.
187 replaceCall();
188
189 {
190 CCallHelpers jit(codeBlock);
191
192 MacroAssembler::JumpList endJumpList;
193 MacroAssembler::JumpList slowPathJumpList;
194
195 bool emittedFastPath = m_generator.generateFastPath(jit, endJumpList, slowPathJumpList, m_arithProfile, shouldEmitProfiling);
196 if (!emittedFastPath)
197 return;
198 endJumpList.append(jit.jump());
199
200 LinkBuffer linkBuffer(jit, codeBlock, JITCompilationCanFail);
201 if (linkBuffer.didFailToAllocate())
202 return;
203
204 linkBuffer.link(endJumpList, doneLocation());
205 linkBuffer.link(slowPathJumpList, slowPathStartLocation());
206
207 m_code = FINALIZE_CODE_FOR(
208 codeBlock, linkBuffer, JITStubRoutinePtrTag, "JITMathIC: generating out of line IC snippet");
209 }
210
211 linkJumpToOutOfLineSnippet();
212 }
213
214 void finalizeInlineCode(const MathICGenerationState& state, LinkBuffer& linkBuffer)
215 {
216 CodeLocationLabel<JSInternalPtrTag> start = linkBuffer.locationOf<JSInternalPtrTag>(state.fastPathStart);
217 m_inlineStart = start;
218
219 m_inlineEnd = linkBuffer.locationOf<JSInternalPtrTag>(state.fastPathEnd);
220 ASSERT(m_inlineEnd.untaggedExecutableAddress() > m_inlineStart.untaggedExecutableAddress());
221
222 m_slowPathCallLocation = linkBuffer.locationOf<JSInternalPtrTag>(state.slowPathCall);
223 m_slowPathStartLocation = linkBuffer.locationOf<JSInternalPtrTag>(state.slowPathStart);
224 }
225
226 ArithProfile* arithProfile() const { return m_arithProfile; }
227
228#if ENABLE(MATH_IC_STATS)
229 size_t m_generatedCodeSize { 0 };
230 size_t codeSize() const
231 {
232 size_t result = m_generatedCodeSize;
233 if (m_code)
234 result += m_code.size();
235 return result;
236 }
237#endif
238
239 ArithProfile* m_arithProfile;
240 MacroAssemblerCodeRef<JITStubRoutinePtrTag> m_code;
241 CodeLocationLabel<JSInternalPtrTag> m_inlineStart;
242 CodeLocationLabel<JSInternalPtrTag> m_inlineEnd;
243 CodeLocationLabel<JSInternalPtrTag> m_slowPathCallLocation;
244 CodeLocationLabel<JSInternalPtrTag> m_slowPathStartLocation;
245 bool m_generateFastPathOnRepatch { false };
246 GeneratorType m_generator;
247};
248
249inline bool isBinaryProfileEmpty(ArithProfile& arithProfile)
250{
251 return arithProfile.lhsObservedType().isEmpty() || arithProfile.rhsObservedType().isEmpty();
252}
253template <typename GeneratorType>
254class JITBinaryMathIC : public JITMathIC<GeneratorType, isBinaryProfileEmpty> {
255public:
256 JITBinaryMathIC(ArithProfile* arithProfile)
257 : JITMathIC<GeneratorType, isBinaryProfileEmpty>(arithProfile)
258 {
259 }
260};
261
262typedef JITBinaryMathIC<JITAddGenerator> JITAddIC;
263typedef JITBinaryMathIC<JITMulGenerator> JITMulIC;
264typedef JITBinaryMathIC<JITSubGenerator> JITSubIC;
265
266
267inline bool isUnaryProfileEmpty(ArithProfile& arithProfile)
268{
269 return arithProfile.lhsObservedType().isEmpty();
270}
271template <typename GeneratorType>
272class JITUnaryMathIC : public JITMathIC<GeneratorType, isUnaryProfileEmpty> {
273public:
274 JITUnaryMathIC(ArithProfile* arithProfile)
275 : JITMathIC<GeneratorType, isUnaryProfileEmpty>(arithProfile)
276 {
277 }
278};
279
280typedef JITUnaryMathIC<JITNegGenerator> JITNegIC;
281
282} // namespace JSC
283
284#endif // ENABLE(JIT)
285