summaryrefslogtreecommitdiffstats
path: root/js/src/jit/MacroAssembler.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'js/src/jit/MacroAssembler.cpp')
-rw-r--r--js/src/jit/MacroAssembler.cpp60
1 files changed, 45 insertions, 15 deletions
diff --git a/js/src/jit/MacroAssembler.cpp b/js/src/jit/MacroAssembler.cpp
index 9fc4b96830..a5d2073fb9 100644
--- a/js/src/jit/MacroAssembler.cpp
+++ b/js/src/jit/MacroAssembler.cpp
@@ -1310,7 +1310,7 @@ void MacroAssembler::loadStringChars(Register str, Register dest,
MOZ_ASSERT(encoding == CharEncoding::TwoByte);
static constexpr uint32_t Mask =
JSString::LINEAR_BIT | JSString::LATIN1_CHARS_BIT;
- static_assert(Mask < 1024,
+ static_assert(Mask < 2048,
"Mask should be a small, near-null value to ensure we "
"block speculative execution when it's used as string "
"pointer");
@@ -1344,7 +1344,7 @@ void MacroAssembler::loadNonInlineStringChars(Register str, Register dest,
static constexpr uint32_t Mask = JSString::LINEAR_BIT |
JSString::INLINE_CHARS_BIT |
JSString::LATIN1_CHARS_BIT;
- static_assert(Mask < 1024,
+ static_assert(Mask < 2048,
"Mask should be a small, near-null value to ensure we "
"block speculative execution when it's used as string "
"pointer");
@@ -2659,11 +2659,15 @@ void MacroAssembler::loadMegamorphicSetPropCache(Register dest) {
movePtr(ImmPtr(runtime()->addressOfMegamorphicSetPropCache()), dest);
}
-void MacroAssembler::lookupStringInAtomCacheLastLookups(Register str,
- Register scratch,
- Register output,
- Label* fail) {
- Label found;
+void MacroAssembler::tryFastAtomize(Register str, Register scratch,
+ Register output, Label* fail) {
+ Label found, done, notAtomRef;
+
+ branchTest32(Assembler::Zero, Address(str, JSString::offsetOfFlags()),
+ Imm32(JSString::ATOM_REF_BIT), &notAtomRef);
+ loadPtr(Address(str, JSAtomRefString::offsetOfAtom()), output);
+ jump(&done);
+ bind(&notAtomRef);
uintptr_t cachePtr = uintptr_t(runtime()->addressOfStringToAtomCache());
void* offset = (void*)(cachePtr + StringToAtomCache::offsetOfLastLookups());
@@ -2682,6 +2686,7 @@ void MacroAssembler::lookupStringInAtomCacheLastLookups(Register str,
bind(&found);
size_t atomOffset = StringToAtomCache::LastLookup::offsetOfAtom();
loadPtr(Address(scratch, atomOffset), output);
+ bind(&done);
}
void MacroAssembler::loadAtomHash(Register id, Register outHash, Label* done) {
@@ -2741,7 +2746,7 @@ void MacroAssembler::loadAtomOrSymbolAndHash(ValueOperand value, Register outId,
loadAtomHash(outId, outHash, &done);
bind(&nonAtom);
- lookupStringInAtomCacheLastLookups(outId, outHash, outId, cacheMiss);
+ tryFastAtomize(outId, outHash, outId, cacheMiss);
jump(&atom);
bind(&done);
@@ -3382,7 +3387,7 @@ void MacroAssembler::guardSpecificAtom(Register str, JSAtom* atom,
Register scratch,
const LiveRegisterSet& volatileRegs,
Label* fail) {
- Label done;
+ Label done, notCachedAtom;
branchPtr(Assembler::Equal, str, ImmGCPtr(atom), &done);
// The pointers are not equal, so if the input string is also an atom it
@@ -3390,6 +3395,12 @@ void MacroAssembler::guardSpecificAtom(Register str, JSAtom* atom,
branchTest32(Assembler::NonZero, Address(str, JSString::offsetOfFlags()),
Imm32(JSString::ATOM_BIT), fail);
+ // Try to do a cheap atomize on the string and repeat the above test
+ tryFastAtomize(str, scratch, scratch, &notCachedAtom);
+ branchPtr(Assembler::Equal, scratch, ImmGCPtr(atom), &done);
+ jump(fail);
+ bind(&notCachedAtom);
+
// Check the length.
branch32(Assembler::NotEqual, Address(str, JSString::offsetOfLength()),
Imm32(atom->length()), fail);
@@ -6551,6 +6562,14 @@ void MacroAssembler::branchWasmRefIsSubtypeExn(Register ref,
branchTestPtr(Assembler::Zero, ref, ref, nullLabel);
}
+ // The only value that can inhabit 'noexn' is null. So, early out if we got
+ // not-null.
+ if (destType.isNoExn()) {
+ jump(failLabel);
+ bind(&fallthrough);
+ return;
+ }
+
// There are no other possible types except exnref, so succeed!
jump(successLabel);
bind(&fallthrough);
@@ -7921,10 +7940,15 @@ void MacroAssembler::typedArrayElementSize(Register obj, Register output) {
branchPtr(Assembler::Below, output, ImmPtr(classForType(Scalar::BigInt64)),
&one);
+ static_assert(ValidateSizeRange(Scalar::BigInt64, Scalar::Float16),
+ "element size is eight in [BigInt64, Float16)");
+ branchPtr(Assembler::Below, output, ImmPtr(classForType(Scalar::Float16)),
+ &eight);
+
static_assert(
- ValidateSizeRange(Scalar::BigInt64, Scalar::MaxTypedArrayViewType),
- "element size is eight in [BigInt64, MaxTypedArrayViewType)");
- // Fall through for BigInt64 and BigUint64
+ ValidateSizeRange(Scalar::Float16, Scalar::MaxTypedArrayViewType),
+ "element size is two in [Float16, MaxTypedArrayViewType)");
+ jump(&two);
bind(&eight);
move32(Imm32(8), output);
@@ -7993,10 +8017,16 @@ void MacroAssembler::resizableTypedArrayElementShiftBy(Register obj,
branchPtr(Assembler::Below, scratch, ImmPtr(classForType(Scalar::BigInt64)),
&zero);
+ static_assert(ValidateSizeRange(Scalar::BigInt64, Scalar::Float16),
+ "element shift is three in [BigInt64, Float16)");
+ branchPtr(Assembler::Below, scratch, ImmPtr(classForType(Scalar::Float16)),
+ &three);
+
static_assert(
- ValidateSizeRange(Scalar::BigInt64, Scalar::MaxTypedArrayViewType),
- "element shift is three in [BigInt64, MaxTypedArrayViewType)");
- // Fall through for BigInt64 and BigUint64
+ ValidateSizeRange(Scalar::Float16, Scalar::MaxTypedArrayViewType),
+ "element shift is one in [Float16, MaxTypedArrayViewType)");
+ branchPtr(Assembler::Below, scratch, ImmPtr(classForType(Scalar::Float16)),
+ &one);
bind(&three);
rshiftPtr(Imm32(3), output);
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 08:58:55 +0000