From 086c044dc34dfc0f74fbe41f4ecb402b2cd34884 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 03:13:33 +0200 Subject: Merging upstream version 125.0.1. Signed-off-by: Daniel Baumann --- js/src/jit/MIR.cpp | 85 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 85 insertions(+) (limited to 'js/src/jit/MIR.cpp') diff --git a/js/src/jit/MIR.cpp b/js/src/jit/MIR.cpp index dbaa73c9dd..c6daecb166 100644 --- a/js/src/jit/MIR.cpp +++ b/js/src/jit/MIR.cpp @@ -6365,6 +6365,81 @@ AliasSet MGuardHasAttachedArrayBuffer::getAliasSet() const { return AliasSet::Load(AliasSet::ObjectFields | AliasSet::FixedSlot); } +AliasSet MResizableTypedArrayByteOffsetMaybeOutOfBounds::getAliasSet() const { + // Loads the byteOffset and additionally checks for detached buffers, so the + // alias set also has to include |ObjectFields| and |FixedSlot|. + return AliasSet::Load(AliasSet::ArrayBufferViewLengthOrOffset | + AliasSet::ObjectFields | AliasSet::FixedSlot); +} + +AliasSet MResizableTypedArrayLength::getAliasSet() const { + // Loads the length and byteOffset slots, the shared-elements flag, the + // auto-length fixed slot, and the shared raw-buffer length. + auto flags = AliasSet::ArrayBufferViewLengthOrOffset | + AliasSet::ObjectFields | AliasSet::FixedSlot | + AliasSet::SharedArrayRawBufferLength; + + // When a barrier is needed make the instruction effectful by giving it a + // "store" effect. Also prevent reordering LoadUnboxedScalar before this + // instruction by including |UnboxedElement| in the alias set. + if (requiresMemoryBarrier() == MemoryBarrierRequirement::Required) { + return AliasSet::Store(flags | AliasSet::UnboxedElement); + } + return AliasSet::Load(flags); +} + +bool MResizableTypedArrayLength::congruentTo(const MDefinition* ins) const { + if (requiresMemoryBarrier() == MemoryBarrierRequirement::Required) { + return false; + } + return congruentIfOperandsEqual(ins); +} + +AliasSet MResizableDataViewByteLength::getAliasSet() const { + // Loads the length and byteOffset slots, the shared-elements flag, the + // auto-length fixed slot, and the shared raw-buffer length. + auto flags = AliasSet::ArrayBufferViewLengthOrOffset | + AliasSet::ObjectFields | AliasSet::FixedSlot | + AliasSet::SharedArrayRawBufferLength; + + // When a barrier is needed make the instruction effectful by giving it a + // "store" effect. Also prevent reordering LoadUnboxedScalar before this + // instruction by including |UnboxedElement| in the alias set. + if (requiresMemoryBarrier() == MemoryBarrierRequirement::Required) { + return AliasSet::Store(flags | AliasSet::UnboxedElement); + } + return AliasSet::Load(flags); +} + +bool MResizableDataViewByteLength::congruentTo(const MDefinition* ins) const { + if (requiresMemoryBarrier() == MemoryBarrierRequirement::Required) { + return false; + } + return congruentIfOperandsEqual(ins); +} + +AliasSet MGrowableSharedArrayBufferByteLength::getAliasSet() const { + // Requires a barrier, so make the instruction effectful by giving it a + // "store" effect. Also prevent reordering LoadUnboxedScalar before this + // instruction by including |UnboxedElement| in the alias set. + return AliasSet::Store(AliasSet::FixedSlot | + AliasSet::SharedArrayRawBufferLength | + AliasSet::UnboxedElement); +} + +AliasSet MGuardResizableArrayBufferViewInBounds::getAliasSet() const { + // Additionally reads the |initialLength| and |initialByteOffset| slots, but + // since these can't change after construction, we don't need to track them. + return AliasSet::Load(AliasSet::ArrayBufferViewLengthOrOffset); +} + +AliasSet MGuardResizableArrayBufferViewInBoundsOrDetached::getAliasSet() const { + // Loads the byteOffset and additionally checks for detached buffers, so the + // alias set also has to include |ObjectFields| and |FixedSlot|. + return AliasSet::Load(AliasSet::ArrayBufferViewLengthOrOffset | + AliasSet::ObjectFields | AliasSet::FixedSlot); +} + AliasSet MArrayPush::getAliasSet() const { return AliasSet::Store(AliasSet::ObjectFields | AliasSet::Element); } @@ -6882,6 +6957,16 @@ MDefinition* MGuardToClass::foldsTo(TempAllocator& alloc) { return object(); } +MDefinition* MGuardToEitherClass::foldsTo(TempAllocator& alloc) { + const JSClass* clasp = GetObjectKnownJSClass(object()); + if (!clasp || (getClass1() != clasp && getClass2() != clasp)) { + return this; + } + + AssertKnownClass(alloc, this, object()); + return object(); +} + MDefinition* MGuardToFunction::foldsTo(TempAllocator& alloc) { if (GetObjectKnownClass(object()) != KnownClass::Function) { return this; -- cgit v1.2.3