Skip to content

Commit

Permalink
maybe fix domjit
Browse files Browse the repository at this point in the history
  • Loading branch information
@dylan-conway
dylan-conway committed Nov 25, 2024
1 parent ef367ff commit bcfcd06
Show file tree
Hide file tree
Showing 5 changed files with 137 additions and 13 deletions.
56 changes: 56 additions & 0 deletions Source/JavaScriptCore/bytecode/SpeculatedType.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -256,51 +256,102 @@ inline bool isInt8ArraySpeculation(SpeculatedType value)
return value == SpecInt8Array;
}

inline bool isNotInt8ArraySpeculation(SpeculatedType value)
{
return value && !(value & SpecInt8Array);
}

inline bool isInt16ArraySpeculation(SpeculatedType value)
{
return value == SpecInt16Array;
}

inline bool isNotInt16ArraySpeculation(SpeculatedType value)
{
return value && !(value & SpecInt16Array);
}

inline bool isInt32ArraySpeculation(SpeculatedType value)
{
return value == SpecInt32Array;
}

inline bool isNotInt32ArraySpeculation(SpeculatedType value)
{
return value && !(value & SpecInt32Array);
}

inline bool isUint8ArraySpeculation(SpeculatedType value)
{
return value == SpecUint8Array;
}

inline bool isNotUint8ArraySpeculation(SpeculatedType value)
{
return value && !(value & SpecUint8Array);
}

inline bool isUint8ClampedArraySpeculation(SpeculatedType value)
{
return value == SpecUint8ClampedArray;
}

inline bool isNotUint8ClampedArraySpeculation(SpeculatedType value)
{
return value && !(value & SpecUint8ClampedArray);
}

inline bool isUint16ArraySpeculation(SpeculatedType value)
{
return value == SpecUint16Array;
}

inline bool isNotUint16ArraySpeculation(SpeculatedType value)
{
return value && !(value & SpecUint16Array);
}


inline bool isUint32ArraySpeculation(SpeculatedType value)
{
return value == SpecUint32Array;
}

inline bool isNotUint32ArraySpeculation(SpeculatedType value)
{
return value && !(value & SpecUint32Array);
}

inline bool isFloat16ArraySpeculation(SpeculatedType value)
{
return value == SpecFloat16Array;
}

inline bool isNotFloat16ArraySpeculation(SpeculatedType value)
{
return value && !(value & SpecFloat16Array);
}

inline bool isFloat32ArraySpeculation(SpeculatedType value)
{
return value == SpecFloat32Array;
}

inline bool isNotFloat32ArraySpeculation(SpeculatedType value)
{
return value && !(value & SpecFloat32Array);
}

inline bool isFloat64ArraySpeculation(SpeculatedType value)
{
return value == SpecFloat64Array;
}

inline bool isNotFloat64ArraySpeculation(SpeculatedType value)
{
return value && !(value & SpecFloat64Array);
}

inline bool isBigInt64ArraySpeculation(SpeculatedType value)
{
return value == SpecBigInt64Array;
Expand Down Expand Up @@ -386,6 +437,11 @@ inline bool isInt32OrInt52Speculation(SpeculatedType value)
return !!value && (value & (SpecInt32Only | SpecInt52Any)) == value;
}

inline bool isNotInt32OrInt52Speculation(SpeculatedType value)
{
return value && !(value & (SpecInt32Only | SpecInt52Any));
}

inline bool isIntAnyFormat(SpeculatedType value)
{
return !!value && (value & SpecIntAnyFormat) == value;
Expand Down
31 changes: 18 additions & 13 deletions Source/JavaScriptCore/dfg/DFGFixupPhase.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4705,67 +4705,72 @@ class FixupPhase : public Phase {
} else {
switch (signature->arguments[index - 2]) {
case SpecString:
if (!edge->shouldSpeculateNotString())
if (edge->shouldSpeculateNotString())
shouldConvertToCallDOM = false;
break;
case SpecInt32Only:
if (!edge->shouldSpeculateNotInt32())
if (edge->shouldSpeculateNotInt32())
shouldConvertToCallDOM = false;
break;
case SpecBoolean:
if (!edge->shouldSpeculateNotBoolean())
if (edge->shouldSpeculateNotBoolean())
shouldConvertToCallDOM = false;
break;
case SpecInt8Array: {
if (edge->shouldSpeculateInt8Array())
if (edge->shouldSpeculateNotInt8Array())
shouldConvertToCallDOM = false;
break;
}
case SpecInt16Array: {
if (edge->shouldSpeculateInt16Array())
if (edge->shouldSpeculateNotInt16Array())
shouldConvertToCallDOM = false;
break;
}
case SpecInt32Array: {
if (edge->shouldSpeculateInt32Array())
if (edge->shouldSpeculateNotInt32Array())
shouldConvertToCallDOM = false;
break;
}
case SpecUint8Array: {
if (edge->shouldSpeculateUint8Array())
if (edge->shouldSpeculateNotUint8Array())
shouldConvertToCallDOM = false;
break;
}
case SpecUint8ClampedArray: {
if (edge->shouldSpeculateUint8ClampedArray())
if (edge->shouldSpeculateNotUint8ClampedArray())
shouldConvertToCallDOM = false;
break;
}
case SpecUint16Array: {
if (edge->shouldSpeculateUint16Array())
if (edge->shouldSpeculateNotUint16Array())
shouldConvertToCallDOM = false;
break;
}
case SpecUint32Array: {
if (edge->shouldSpeculateUint32Array())
if (edge->shouldSpeculateNotUint32Array())
shouldConvertToCallDOM = false;
break;
}
case SpecFloat16Array: {
if (edge->shouldSpeculateNotFloat16Array())
shouldConvertToCallDOM = false;
break;
}
case SpecFloat32Array: {
if (edge->shouldSpeculateFloat32Array())
if (edge->shouldSpeculateNotFloat32Array())
shouldConvertToCallDOM = false;
break;
}
case SpecFloat64Array: {
if (edge->shouldSpeculateFloat64Array())
if (edge->shouldSpeculateNotFloat64Array())
shouldConvertToCallDOM = false;
break;
}
case SpecInt52Any:
case SpecInt32AsInt52:
case SpecNonInt32AsInt52:
case SpecAnyIntAsDouble: {
if (edge->shouldSpeculateInt52())
if (edge->shouldSpeculateNotInt52())
shouldConvertToCallDOM = false;
break;
}
Expand Down
55 changes: 55 additions & 0 deletions Source/JavaScriptCore/dfg/DFGNode.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2940,6 +2940,11 @@ struct Node {
//
return enableInt52() && isInt32OrInt52Speculation(prediction());
}

bool shouldSpeculateNotInt52()
{
return isNotInt32OrInt52Speculation(prediction());
}

bool shouldSpeculateDouble()
{
Expand Down Expand Up @@ -3097,51 +3102,101 @@ struct Node {
{
return isInt8ArraySpeculation(prediction());
}

bool shouldSpeculateNotInt8Array()
{
return isNotInt8ArraySpeculation(prediction());
}

bool shouldSpeculateInt16Array()
{
return isInt16ArraySpeculation(prediction());
}

bool shouldSpeculateNotInt16Array()
{
return isNotInt16ArraySpeculation(prediction());
}

bool shouldSpeculateInt32Array()
{
return isInt32ArraySpeculation(prediction());
}

bool shouldSpeculateNotInt32Array()
{
return isNotInt32ArraySpeculation(prediction());
}

bool shouldSpeculateUint8Array()
{
return isUint8ArraySpeculation(prediction());
}

bool shouldSpeculateNotUint8Array()
{
return isNotUint8ArraySpeculation(prediction());
}

bool shouldSpeculateUint8ClampedArray()
{
return isUint8ClampedArraySpeculation(prediction());
}

bool shouldSpeculateNotUint8ClampedArray()
{
return isNotUint8ClampedArraySpeculation(prediction());
}

bool shouldSpeculateUint16Array()
{
return isUint16ArraySpeculation(prediction());
}

bool shouldSpeculateNotUint16Array()
{
return isNotUint16ArraySpeculation(prediction());
}

bool shouldSpeculateUint32Array()
{
return isUint32ArraySpeculation(prediction());
}

bool shouldSpeculateNotUint32Array()
{
return isNotUint32ArraySpeculation(prediction());
}

bool shouldSpeculateFloat16Array()
{
return isFloat16ArraySpeculation(prediction());
}

bool shouldSpeculateNotFloat16Array()
{
return isFloat16ArraySpeculation(prediction());
}

bool shouldSpeculateFloat32Array()
{
return isFloat32ArraySpeculation(prediction());
}

bool shouldSpeculateNotFloat32Array()
{
return isNotFloat32ArraySpeculation(prediction());
}

bool shouldSpeculateFloat64Array()
{
return isFloat64ArraySpeculation(prediction());
}

bool shouldSpeculateNotFloat64Array()
{
return isNotFloat64ArraySpeculation(prediction());
}

bool shouldSpeculateArrayOrOther()
{
Expand Down
4 changes: 4 additions & 0 deletions Source/JavaScriptCore/runtime/InternalFieldTuple.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@

#include "JSInternalFieldObjectImpl.h"

WTF_ALLOW_UNSAFE_BUFFER_USAGE_BEGIN

namespace JSC {

// InternalFieldTuple is a generic InternalFieldObject that currently has two internal fields
Expand Down Expand Up @@ -80,3 +82,5 @@ class InternalFieldTuple : public JSInternalFieldObjectImpl<2> {
};

} // namespace JSC

WTF_ALLOW_UNSAFE_BUFFER_USAGE_END
4 changes: 4 additions & 0 deletions Source/JavaScriptCore/runtime/JSDateMath-v8.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,8 @@
#include "config.h"
#include "JSDateMath-v8.h"

WTF_ALLOW_UNSAFE_BUFFER_USAGE_BEGIN

namespace v8 {

constexpr int kMaxInt = 0x7FFFFFFF;
Expand Down Expand Up @@ -1173,3 +1175,5 @@ double ParseDateTimeString(const unsigned char* str, size_t size, bool& local)
}

} // namespace v8

WTF_ALLOW_UNSAFE_BUFFER_USAGE_END

0 comments on commit bcfcd06

Please sign in to comment.