commit 6f9981e7e106dd3e0a8a2164306eee6c018ae034
parent 3242115cd4ed390910a7ed8009d6312ab61b237a
Author: Iain Ireland <iireland@mozilla.com>
Date: Mon, 6 Oct 2025 20:44:11 +0000
Bug 1989107: Remove dead rectifier code r=jandem
Differential Revision: https://phabricator.services.mozilla.com/D267105
Diffstat:
18 files changed, 14 insertions(+), 1198 deletions(-)
diff --git a/js/src/jit/Ion.cpp b/js/src/jit/Ion.cpp
@@ -177,24 +177,6 @@ bool JitRuntime::generateTrampolines(JSContext* cx) {
generateInvalidator(masm, &bailoutTail);
rangeRecorder.recordOffset("Trampoline: Invalidator");
- // The arguments rectifier has to use the same frame layout as the function
- // frames it rectifies.
- static_assert(std::is_base_of_v<JitFrameLayout, RectifierFrameLayout>,
- "a rectifier frame can be used with jit frame");
- static_assert(std::is_base_of_v<JitFrameLayout, WasmToJSJitFrameLayout>,
- "wasm frames simply are jit frames");
- static_assert(sizeof(JitFrameLayout) == sizeof(WasmToJSJitFrameLayout),
- "thus a rectifier frame can be used with a wasm frame");
-
- JitSpew(JitSpew_Codegen, "# Emitting arguments rectifier");
- generateArgumentsRectifier(masm, ArgumentsRectifierKind::Normal);
- rangeRecorder.recordOffset("Trampoline: Arguments Rectifier");
-
- JitSpew(JitSpew_Codegen, "# Emitting trial inlining arguments rectifier");
- generateArgumentsRectifier(masm, ArgumentsRectifierKind::TrialInlining);
- rangeRecorder.recordOffset(
- "Trampoline: Arguments Rectifier (Trial Inlining)");
-
JitSpew(JitSpew_Codegen, "# Emitting EnterJIT sequence");
generateEnterJIT(cx, masm);
rangeRecorder.recordOffset("Trampoline: EnterJIT");
@@ -2461,10 +2443,6 @@ static void InvalidateActivation(JS::GCContext* gcx,
"#%zu baseline interpreter entry frame @ %p", frameno,
frame.fp());
break;
- case FrameType::Rectifier:
- JitSpew(JitSpew_IonInvalidate, "#%zu rectifier frame @ %p", frameno,
- frame.fp());
- break;
case FrameType::TrampolineNative:
JitSpew(JitSpew_IonInvalidate, "#%zu TrampolineNative frame @ %p",
frameno, frame.fp());
diff --git a/js/src/jit/JSJitFrameIter.cpp b/js/src/jit/JSJitFrameIter.cpp
@@ -386,10 +386,6 @@ void JSJitFrameIter::dump() const {
fprintf(stderr, " Baseline Interpreter Entry frame\n");
fprintf(stderr, " Caller frame ptr: %p\n", current()->callerFramePtr());
break;
- case FrameType::Rectifier:
- fprintf(stderr, " Rectifier frame\n");
- fprintf(stderr, " Caller frame ptr: %p\n", current()->callerFramePtr());
- break;
case FrameType::TrampolineNative:
fprintf(stderr, " TrampolineNative frame\n");
fprintf(stderr, " Caller frame ptr: %p\n", current()->callerFramePtr());
@@ -643,8 +639,6 @@ void JSJitProfilingFrameIterator::moveToNextFrame(CommonFrameLayout* frame) {
* |
* ^--- Entry Frame (BaselineInterpreter) (unwrapped)
* |
- * ^--- Arguments Rectifier (unwrapped)
- * |
* ^--- Trampoline Native (unwrapped)
* |
* ^--- Entry Frame (CppToJSJit)
@@ -659,23 +653,11 @@ void JSJitProfilingFrameIterator::moveToNextFrame(CommonFrameLayout* frame) {
continue;
}
- // Unwrap rectifier frames.
- if (frame->prevType() == FrameType::Rectifier) {
- frame = GetPreviousRawFrame<RectifierFrameLayout*>(frame);
- MOZ_ASSERT(frame->prevType() == FrameType::IonJS ||
- frame->prevType() == FrameType::BaselineStub ||
- frame->prevType() == FrameType::TrampolineNative ||
- frame->prevType() == FrameType::WasmToJSJit ||
- frame->prevType() == FrameType::CppToJSJit);
- continue;
- }
-
// Unwrap TrampolineNative frames.
if (frame->prevType() == FrameType::TrampolineNative) {
frame = GetPreviousRawFrame<TrampolineNativeFrameLayout*>(frame);
MOZ_ASSERT(frame->prevType() == FrameType::IonJS ||
frame->prevType() == FrameType::BaselineStub ||
- frame->prevType() == FrameType::Rectifier ||
frame->prevType() == FrameType::WasmToJSJit ||
frame->prevType() == FrameType::CppToJSJit);
continue;
@@ -730,12 +712,11 @@ void JSJitProfilingFrameIterator::moveToNextFrame(CommonFrameLayout* frame) {
return;
case FrameType::BaselineInterpreterEntry:
- case FrameType::Rectifier:
case FrameType::TrampolineNative:
case FrameType::Exit:
case FrameType::Bailout:
- // Rectifier and Baseline Interpreter entry frames are handled before
- // this switch. The other frame types can't call JS functions directly.
+ // Baseline Interpreter entry frames are handled before this switch. The
+ // other frame types can't call JS functions directly.
break;
}
diff --git a/js/src/jit/JSJitFrameIter.h b/js/src/jit/JSJitFrameIter.h
@@ -46,10 +46,6 @@ enum class FrameType {
// interpreted. Only used under the --emit-interpreter-entry option.
BaselineInterpreterEntry,
- // A rectifier frame sits in between two JS frames, adapting argc != nargs
- // mismatches in calls.
- Rectifier,
-
// Ion IC calling a scripted getter/setter or a VMFunction.
IonICCall,
@@ -94,7 +90,6 @@ class OsiIndex;
// Iterate over the JIT stack to assert that all invariants are respected.
// - Check that all entry frames are aligned on JitStackAlignment.
-// - Check that all rectifier frames keep the JitStackAlignment.
void AssertJitStackInvariants(JSContext* cx);
@@ -170,7 +165,6 @@ class JSJitFrameIter {
bool isBaselineInterpreterEntry() const {
return type_ == FrameType::BaselineInterpreterEntry;
}
- bool isRectifier() const { return type_ == FrameType::Rectifier; }
bool isTrampolineNative() const {
return type_ == FrameType::TrampolineNative;
}
diff --git a/js/src/jit/JitFrames.cpp b/js/src/jit/JitFrames.cpp
@@ -1389,15 +1389,6 @@ static void TraceBaselineInterpreterEntryFrame(JSTracer* trc,
TraceThisAndArguments(trc, frame, layout);
}
-static void TraceRectifierFrame(JSTracer* trc, const JSJitFrameIter& frame) {
- // Trace thisv.
- //
- // Baseline JIT code generated as part of the ICCall_Fallback stub may use
- // it if we're calling a constructor that returns a primitive value.
- RectifierFrameLayout* layout = (RectifierFrameLayout*)frame.fp();
- TraceRoot(trc, &layout->thisv(), "rectifier-thisv");
-}
-
static void TraceTrampolineNativeFrame(JSTracer* trc,
const JSJitFrameIter& frame) {
auto* layout = (TrampolineNativeFrameLayout*)frame.fp();
@@ -1454,9 +1445,6 @@ static void TraceJitActivation(JSTracer* trc, JitActivation* activation) {
case FrameType::BaselineInterpreterEntry:
TraceBaselineInterpreterEntryFrame(trc, jitFrame);
break;
- case FrameType::Rectifier:
- TraceRectifierFrame(trc, jitFrame);
- break;
case FrameType::TrampolineNative:
TraceTrampolineNativeFrame(trc, jitFrame);
break;
@@ -2712,11 +2700,10 @@ void AssertJitStackInvariants(JSContext* cx) {
frameSize = callerFp - calleeFp;
if (frames.isScripted() &&
- (frames.prevType() == FrameType::Rectifier ||
- frames.prevType() == FrameType::BaselineInterpreterEntry)) {
+ frames.prevType() == FrameType::BaselineInterpreterEntry) {
MOZ_RELEASE_ASSERT(
frameSize % JitStackAlignment == 0,
- "The rectifier and bli entry frame should keep the alignment");
+ "The blinterp entry frame should keep the alignment");
size_t expectedFrameSize =
sizeof(Value) *
@@ -2759,8 +2746,7 @@ void AssertJitStackInvariants(JSContext* cx) {
"The baseline stub restores the stack alignment");
}
- isScriptedCallee =
- frames.isScripted() || frames.type() == FrameType::Rectifier;
+ isScriptedCallee = frames.isScripted();
}
MOZ_RELEASE_ASSERT(
diff --git a/js/src/jit/JitFrames.h b/js/src/jit/JitFrames.h
@@ -324,11 +324,6 @@ class BaselineInterpreterEntryFrameLayout : public JitFrameLayout {
}
};
-class RectifierFrameLayout : public JitFrameLayout {
- public:
- static inline size_t Size() { return sizeof(RectifierFrameLayout); }
-};
-
class TrampolineNativeFrameLayout : public JitFrameLayout {
public:
static inline size_t Size() { return sizeof(TrampolineNativeFrameLayout); }
diff --git a/js/src/jit/JitRuntime.h b/js/src/jit/JitRuntime.h
@@ -108,8 +108,6 @@ class BaselineICFallbackCode {
}
};
-enum class ArgumentsRectifierKind { Normal, TrialInlining };
-
enum class DebugTrapHandlerKind { Interpreter, Compiler, Count };
enum class IonGenericCallKind { Call, Construct, Count };
@@ -147,13 +145,6 @@ class JitRuntime {
// Generic bailout table; used if the bailout table overflows.
WriteOnceData<uint32_t> bailoutHandlerOffset_{0};
- // Argument-rectifying thunks, in the case of insufficient arguments passed
- // to a function call site. The return offset is used to rebuild stack frames
- // when bailing out.
- WriteOnceData<uint32_t> argumentsRectifierOffset_{0};
- WriteOnceData<uint32_t> trialInliningArgumentsRectifierOffset_{0};
- WriteOnceData<uint32_t> argumentsRectifierReturnOffset_{0};
-
// Thunk that invalides an (Ion compiled) caller on the Ion stack.
WriteOnceData<uint32_t> invalidatorOffset_{0};
@@ -263,8 +254,6 @@ class JitRuntime {
Register argvReg, Register calleeTokenReg,
Register scratch, Register scratch2,
Register scratch3);
- void generateArgumentsRectifier(MacroAssembler& masm,
- ArgumentsRectifierKind kind);
void generateBailoutHandler(MacroAssembler& masm, Label* bailoutTail);
void generateInvalidator(MacroAssembler& masm, Label* bailoutTail);
uint32_t generatePreBarrier(JSContext* cx, MacroAssembler& masm,
@@ -387,20 +376,8 @@ class JitRuntime {
return trampolineCode(profilerExitFrameTailOffset_);
}
- TrampolinePtr getArgumentsRectifier(
- ArgumentsRectifierKind kind = ArgumentsRectifierKind::Normal) const {
- if (kind == ArgumentsRectifierKind::TrialInlining) {
- return trampolineCode(trialInliningArgumentsRectifierOffset_);
- }
- return trampolineCode(argumentsRectifierOffset_);
- }
-
uint32_t vmInterpreterEntryOffset() { return vmInterpreterEntryOffset_; }
- TrampolinePtr getArgumentsRectifierReturnAddr() const {
- return trampolineCode(argumentsRectifierReturnOffset_);
- }
-
TrampolinePtr getInvalidationThunk() const {
return trampolineCode(invalidatorOffset_);
}
diff --git a/js/src/jit/Trampoline.cpp b/js/src/jit/Trampoline.cpp
@@ -102,8 +102,6 @@ void JitRuntime::generateProfilerExitFrameTailStub(MacroAssembler& masm,
// |
// ^--- Entry Frame (BaselineInterpreter) (unwrapped)
// |
- // ^--- Arguments Rectifier (unwrapped)
- // |
// ^--- Trampoline Native (unwrapped)
// |
// ^--- Entry Frame (CppToJSJit or WasmToJSJit)
@@ -135,7 +133,7 @@ void JitRuntime::generateProfilerExitFrameTailStub(MacroAssembler& masm,
#endif
// Move FP into a scratch register and use that scratch register below, to
- // allow unwrapping rectifier frames without clobbering FP.
+ // allow unwrapping frames without clobbering FP.
Register fpScratch = regs.takeAny();
masm.mov(FramePointer, fpScratch);
@@ -151,7 +149,6 @@ void JitRuntime::generateProfilerExitFrameTailStub(MacroAssembler& masm,
// Handling of each case is dependent on FrameDescriptor.type
Label handle_BaselineOrIonJS;
Label handle_BaselineStub;
- Label handle_Rectifier;
Label handle_TrampolineNative;
Label handle_BaselineInterpreterEntry;
Label handle_IonICCall;
@@ -163,8 +160,6 @@ void JitRuntime::generateProfilerExitFrameTailStub(MacroAssembler& masm,
&handle_BaselineOrIonJS);
masm.branch32(Assembler::Equal, scratch, Imm32(FrameType::BaselineStub),
&handle_BaselineStub);
- masm.branch32(Assembler::Equal, scratch, Imm32(FrameType::Rectifier),
- &handle_Rectifier);
if (JitOptions.emitInterpreterEntryTrampoline) {
masm.branch32(Assembler::Equal, scratch,
Imm32(FrameType::BaselineInterpreterEntry),
@@ -234,26 +229,15 @@ void JitRuntime::generateProfilerExitFrameTailStub(MacroAssembler& masm,
emitHandleStubFrame(FrameType::IonJS);
}
- masm.bind(&handle_Rectifier);
- {
- // There can be multiple previous frame types so just "unwrap" the arguments
- // rectifier frame and try again.
- masm.loadPtr(Address(fpScratch, CallerFPOffset), fpScratch);
- emitAssertPrevFrameType(
- fpScratch, scratch,
- {FrameType::IonJS, FrameType::BaselineStub, FrameType::TrampolineNative,
- FrameType::CppToJSJit, FrameType::WasmToJSJit});
- masm.jump(&again);
- }
-
masm.bind(&handle_TrampolineNative);
{
- // Unwrap this frame, similar to arguments rectifier frames.
+ // There can be multiple previous frame types so just "unwrap" this frame
+ // and try again.
masm.loadPtr(Address(fpScratch, CallerFPOffset), fpScratch);
emitAssertPrevFrameType(
fpScratch, scratch,
- {FrameType::IonJS, FrameType::BaselineStub, FrameType::Rectifier,
- FrameType::CppToJSJit, FrameType::WasmToJSJit});
+ {FrameType::IonJS, FrameType::BaselineStub, FrameType::CppToJSJit,
+ FrameType::WasmToJSJit});
masm.jump(&again);
}
@@ -265,8 +249,8 @@ void JitRuntime::generateProfilerExitFrameTailStub(MacroAssembler& masm,
emitAssertPrevFrameType(
fpScratch, scratch,
{FrameType::IonJS, FrameType::BaselineJS, FrameType::BaselineStub,
- FrameType::CppToJSJit, FrameType::WasmToJSJit, FrameType::IonICCall,
- FrameType::Rectifier});
+ FrameType::CppToJSJit, FrameType::WasmToJSJit,
+ FrameType::IonICCall});
masm.jump(&again);
}
}
diff --git a/js/src/jit/VMFunctions.cpp b/js/src/jit/VMFunctions.cpp
@@ -562,8 +562,8 @@ bool InvokeFromInterpreterStub(JSContext* cx,
bool constructing = CalleeTokenIsConstructing(token);
RootedFunction fun(cx, CalleeTokenToFunction(token));
- // Ensure new.target immediately follows the actual arguments (the arguments
- // rectifier added padding).
+ // Ensure new.target immediately follows the actual arguments (the JIT
+ // ABI passes `undefined` for missing formals).
if (constructing && numActualArgs < fun->nargs()) {
argv[1 + numActualArgs] = argv[1 + fun->nargs()];
}
diff --git a/js/src/jit/WarpBuilderShared.h b/js/src/jit/WarpBuilderShared.h
@@ -368,7 +368,6 @@ MCall* MakeCall(TempAllocator& alloc, Undef addUndefined, CallInfo& callInfo,
}
// Explicitly pad any missing arguments with |undefined|.
- // This permits skipping the argumentsRectifier.
MOZ_ASSERT_IF(target && targetArgs > callInfo.argc(), target->hasJitEntry());
MConstant* undef = nullptr;
diff --git a/js/src/jit/arm/Trampoline-arm.cpp b/js/src/jit/arm/Trampoline-arm.cpp
@@ -346,114 +346,6 @@ void JitRuntime::generateInvalidator(MacroAssembler& masm, Label* bailoutTail) {
masm.jump(bailoutTail);
}
-void JitRuntime::generateArgumentsRectifier(MacroAssembler& masm,
- ArgumentsRectifierKind kind) {
- AutoCreatedBy acb(masm, "JitRuntime::generateArgumentsRectifier");
-
- switch (kind) {
- case ArgumentsRectifierKind::Normal:
- argumentsRectifierOffset_ = startTrampolineCode(masm);
- break;
- case ArgumentsRectifierKind::TrialInlining:
- trialInliningArgumentsRectifierOffset_ = startTrampolineCode(masm);
- break;
- }
- masm.pushReturnAddress();
-
- // Frame prologue.
- //
- // NOTE: if this changes, fix the Baseline bailout code too!
- // See BaselineStackBuilder::calculatePrevFramePtr and
- // BaselineStackBuilder::buildRectifierFrame (in BaselineBailouts.cpp).
- masm.push(FramePointer);
- masm.mov(StackPointer, FramePointer);
-
- static_assert(JitStackAlignment == sizeof(Value));
-
- // Copy number of actual arguments into r0 and r8.
- masm.loadNumActualArgs(FramePointer, r0);
- masm.mov(r0, r8);
-
- // Load the number of |undefined|s to push into r6.
- masm.loadPtr(
- Address(FramePointer, RectifierFrameLayout::offsetOfCalleeToken()), r1);
- {
- ScratchRegisterScope scratch(masm);
- masm.ma_and(Imm32(CalleeTokenMask), r1, r6, scratch);
- }
- masm.loadFunctionArgCount(r6, r6);
-
- masm.ma_sub(r6, r8, r2);
-
- // Get the topmost argument.
- {
- ScratchRegisterScope scratch(masm);
- masm.ma_alu(sp, lsl(r8, 3), r3, OpAdd); // r3 <- sp + nargs * 8
- masm.ma_add(r3, Imm32(sizeof(RectifierFrameLayout)), r3, scratch);
- }
-
- {
- Label notConstructing;
-
- masm.branchTest32(Assembler::Zero, r1,
- Imm32(CalleeToken_FunctionConstructing),
- ¬Constructing);
-
- // Add sizeof(Value) to overcome |this|
- masm.as_extdtr(IsLoad, 64, true, Offset, r4, EDtrAddr(r3, EDtrOffImm(8)));
- masm.as_extdtr(IsStore, 64, true, PreIndex, r4,
- EDtrAddr(sp, EDtrOffImm(-8)));
-
- masm.bind(¬Constructing);
- }
-
- // Push undefined.
- masm.moveValue(UndefinedValue(), ValueOperand(r5, r4));
- {
- Label undefLoopTop;
- masm.bind(&undefLoopTop);
- masm.as_extdtr(IsStore, 64, true, PreIndex, r4,
- EDtrAddr(sp, EDtrOffImm(-8)));
- masm.as_sub(r2, r2, Imm8(1), SetCC);
-
- masm.ma_b(&undefLoopTop, Assembler::NonZero);
- }
-
- // Push arguments, |nargs| + 1 times (to include |this|).
- {
- Label copyLoopTop;
- masm.bind(©LoopTop);
- masm.as_extdtr(IsLoad, 64, true, PostIndex, r4,
- EDtrAddr(r3, EDtrOffImm(-8)));
- masm.as_extdtr(IsStore, 64, true, PreIndex, r4,
- EDtrAddr(sp, EDtrOffImm(-8)));
-
- masm.as_sub(r8, r8, Imm8(1), SetCC);
- masm.ma_b(©LoopTop, Assembler::NotSigned);
- }
-
- // Construct JitFrameLayout.
- masm.ma_push(r1); // callee token
- masm.pushFrameDescriptorForJitCall(FrameType::Rectifier, r0, r0);
-
- // Call the target function.
- masm.andPtr(Imm32(CalleeTokenMask), r1);
- switch (kind) {
- case ArgumentsRectifierKind::Normal:
- masm.loadJitCodeRaw(r1, r3);
- argumentsRectifierReturnOffset_ = masm.callJitNoProfiler(r3);
- break;
- case ArgumentsRectifierKind::TrialInlining:
- masm.loadJitCodeRawNoIon(r1, r3, r0);
- masm.callJitNoProfiler(r3);
- break;
- }
-
- masm.mov(FramePointer, StackPointer);
- masm.pop(FramePointer);
- masm.ret();
-}
-
static void PushBailoutFrame(MacroAssembler& masm, Register spArg) {
#ifdef ENABLE_WASM_SIMD
# error "Needs more careful logic if SIMD is enabled"
diff --git a/js/src/jit/arm64/Trampoline-arm64.cpp b/js/src/jit/arm64/Trampoline-arm64.cpp
@@ -406,119 +406,6 @@ void JitRuntime::generateInvalidator(MacroAssembler& masm, Label* bailoutTail) {
masm.jump(bailoutTail);
}
-void JitRuntime::generateArgumentsRectifier(MacroAssembler& masm,
- ArgumentsRectifierKind kind) {
- AutoCreatedBy acb(masm, "JitRuntime::generateArgumentsRectifier");
-
- switch (kind) {
- case ArgumentsRectifierKind::Normal:
- argumentsRectifierOffset_ = startTrampolineCode(masm);
- break;
- case ArgumentsRectifierKind::TrialInlining:
- trialInliningArgumentsRectifierOffset_ = startTrampolineCode(masm);
- break;
- }
-
- // Save the return address for later.
- masm.push(lr);
-
- // Frame prologue.
- //
- // NOTE: if this changes, fix the Baseline bailout code too!
- // See BaselineStackBuilder::calculatePrevFramePtr and
- // BaselineStackBuilder::buildRectifierFrame (in BaselineBailouts.cpp).
- masm.push(FramePointer);
- masm.moveStackPtrTo(FramePointer);
-
- // Load the information that the rectifier needs from the stack.
- masm.loadNumActualArgs(FramePointer, r0);
- masm.loadPtr(
- Address(FramePointer, RectifierFrameLayout::offsetOfCalleeToken()), r1);
-
- // Extract a JSFunction pointer from the callee token and keep the
- // intermediary to avoid later recalculation.
- masm.And(x5, x1, Operand(CalleeTokenMask));
-
- // Get the arguments from the function object.
- masm.loadFunctionArgCount(x5.asUnsized(), x6.asUnsized());
-
- static_assert(CalleeToken_FunctionConstructing == 0x1,
- "Constructing must be low-order bit");
- masm.And(x4, x1, Operand(CalleeToken_FunctionConstructing));
- masm.Add(x7, x6, x4);
-
- // Copy the number of actual arguments into r8.
- masm.mov(r0, r8);
-
- // Calculate the position that our arguments are at before sp gets modified.
- masm.Add(x3, masm.GetStackPointer64(), Operand(x8, vixl::LSL, 3));
- masm.Add(x3, x3, Operand(sizeof(RectifierFrameLayout)));
-
- // If the number of Values without |this| is even, push 8 padding bytes to
- // ensure the stack is 16-byte aligned.
- Label noPadding;
- masm.Tbnz(x7, 0, &noPadding);
- masm.asVIXL().Push(xzr);
- masm.bind(&noPadding);
-
- {
- Label notConstructing;
- masm.Cbz(x4, ¬Constructing);
-
- // new.target lives at the end of the pushed args
- // NB: The arg vector holder starts at the beginning of the last arg,
- // add a value to get to argv[argc]
- masm.loadPtr(Address(r3, sizeof(Value)), r4);
- masm.Push(r4);
-
- masm.bind(¬Constructing);
- }
-
- // Calculate the number of undefineds that need to be pushed.
- masm.Sub(w2, w6, w8);
-
- // Put an undefined in a register so it can be pushed.
- masm.moveValue(UndefinedValue(), ValueOperand(r4));
-
- // Push undefined N times.
- {
- Label undefLoopTop;
- masm.bind(&undefLoopTop);
- masm.Push(r4);
- masm.Subs(w2, w2, Operand(1));
- masm.B(&undefLoopTop, Assembler::NonZero);
- }
-
- // Arguments copy loop. Copy for x8 >= 0 to include |this|.
- {
- Label copyLoopTop;
- masm.bind(©LoopTop);
- masm.Ldr(x4, MemOperand(x3, -sizeof(Value), vixl::PostIndex));
- masm.Push(r4);
- masm.Subs(x8, x8, Operand(1));
- masm.B(©LoopTop, Assembler::NotSigned);
- }
-
- masm.push(r1); // Callee token.
- masm.pushFrameDescriptorForJitCall(FrameType::Rectifier, r0, r0);
-
- // Call the target function.
- switch (kind) {
- case ArgumentsRectifierKind::Normal:
- masm.loadJitCodeRaw(r5, r3);
- argumentsRectifierReturnOffset_ = masm.callJitNoProfiler(r3);
- break;
- case ArgumentsRectifierKind::TrialInlining:
- masm.loadJitCodeRawNoIon(r5, r3, r0);
- masm.callJitNoProfiler(r3);
- break;
- }
-
- masm.moveToStackPtr(FramePointer);
- masm.pop(FramePointer);
- masm.ret();
-}
-
static void PushBailoutFrame(MacroAssembler& masm, Register spArg) {
// This assumes no SIMD registers, as JS does not support SIMD.
diff --git a/js/src/jit/loong64/Trampoline-loong64.cpp b/js/src/jit/loong64/Trampoline-loong64.cpp
@@ -317,183 +317,6 @@ void JitRuntime::generateInvalidator(MacroAssembler& masm, Label* bailoutTail) {
masm.jump(bailoutTail);
}
-void JitRuntime::generateArgumentsRectifier(MacroAssembler& masm,
- ArgumentsRectifierKind kind) {
- // Do not erase the frame pointer in this function.
-
- AutoCreatedBy acb(masm, "JitRuntime::generateArgumentsRectifier");
-
- switch (kind) {
- case ArgumentsRectifierKind::Normal:
- argumentsRectifierOffset_ = startTrampolineCode(masm);
- break;
- case ArgumentsRectifierKind::TrialInlining:
- trialInliningArgumentsRectifierOffset_ = startTrampolineCode(masm);
- break;
- }
- masm.pushReturnAddress();
- // Caller:
- // [arg2] [arg1] [this] [[argc] [callee] [descr] [raddr]] <- sp
-
- // Frame prologue.
- //
- // NOTE: if this changes, fix the Baseline bailout code too!
- // See BaselineStackBuilder::calculatePrevFramePtr and
- // BaselineStackBuilder::buildRectifierFrame (in BaselineBailouts.cpp).
- masm.push(FramePointer);
- masm.mov(StackPointer, FramePointer);
-
- // Load argc.
- masm.loadNumActualArgs(FramePointer, s3);
-
- Register numActArgsReg = a6;
- Register calleeTokenReg = a7;
- Register numArgsReg = a5;
-
- // Load |nformals| into numArgsReg.
- masm.loadPtr(
- Address(FramePointer, RectifierFrameLayout::offsetOfCalleeToken()),
- calleeTokenReg);
- masm.mov(calleeTokenReg, numArgsReg);
- masm.andPtr(Imm32(uint32_t(CalleeTokenMask)), numArgsReg);
- masm.loadFunctionArgCount(numArgsReg, numArgsReg);
-
- // Stash another copy in t3, since we are going to do destructive operations
- // on numArgsReg
- masm.mov(numArgsReg, t3);
-
- static_assert(
- CalleeToken_FunctionConstructing == 1,
- "Ensure that we can use the constructing bit to count the value");
- masm.mov(calleeTokenReg, t2);
- masm.ma_and(t2, t2, Imm32(uint32_t(CalleeToken_FunctionConstructing)));
-
- // Including |this|, and |new.target|, there are (|nformals| + 1 +
- // isConstructing) arguments to push to the stack. Then we push a
- // JitFrameLayout. We compute the padding expressed in the number of extra
- // |undefined| values to push on the stack.
- static_assert(
- sizeof(JitFrameLayout) % JitStackAlignment == 0,
- "No need to consider the JitFrameLayout for aligning the stack");
- static_assert(
- JitStackAlignment % sizeof(Value) == 0,
- "Ensure that we can pad the stack by pushing extra UndefinedValue");
-
- MOZ_ASSERT(mozilla::IsPowerOfTwo(JitStackValueAlignment));
- masm.add32(
- Imm32(JitStackValueAlignment - 1 /* for padding */ + 1 /* for |this| */),
- numArgsReg);
- masm.add32(t2, numArgsReg);
- masm.and32(Imm32(~(JitStackValueAlignment - 1)), numArgsReg);
-
- // Load the number of |undefined|s to push into t1. Subtract 1 for |this|.
- masm.as_sub_d(t1, numArgsReg, s3);
- masm.sub32(Imm32(1), t1);
-
- // Caller:
- // [arg2] [arg1] [this] [ [argc] [callee] [descr] [raddr] ] <- sp
- // '--- s3 ----'
- //
- // Rectifier frame:
- // [fp'] [undef] [undef] [undef] [arg2] [arg1] [this] [ [argc] [callee]
- // [descr] [raddr] ]
- // '-------- t1 ---------' '--- s3 ----'
-
- // Copy number of actual arguments into numActArgsReg.
- masm.mov(s3, numActArgsReg);
-
- masm.moveValue(UndefinedValue(), ValueOperand(t0));
-
- // Push undefined. (including the padding)
- {
- Label undefLoopTop;
-
- masm.bind(&undefLoopTop);
- masm.sub32(Imm32(1), t1);
- masm.subPtr(Imm32(sizeof(Value)), StackPointer);
- masm.storeValue(ValueOperand(t0), Address(StackPointer, 0));
-
- masm.ma_b(t1, t1, &undefLoopTop, Assembler::NonZero, ShortJump);
- }
-
- // Get the topmost argument.
- static_assert(sizeof(Value) == 8, "TimesEight is used to skip arguments");
-
- // Get the topmost argument.
- masm.as_slli_d(t0, s3, 3); // t0 <- nargs * 8
- masm.as_add_d(t1, FramePointer, t0); // t1 <- fp(saved sp) + nargs * 8
- masm.addPtr(Imm32(sizeof(RectifierFrameLayout)), t1);
-
- // Push arguments, |nargs| + 1 times (to include |this|).
- masm.addPtr(Imm32(1), s3);
- {
- Label copyLoopTop;
-
- masm.bind(©LoopTop);
- masm.sub32(Imm32(1), s3);
- masm.subPtr(Imm32(sizeof(Value)), StackPointer);
- masm.loadValue(Address(t1, 0), ValueOperand(t0));
- masm.storeValue(ValueOperand(t0), Address(StackPointer, 0));
- masm.subPtr(Imm32(sizeof(Value)), t1);
-
- masm.ma_b(s3, s3, ©LoopTop, Assembler::NonZero, ShortJump);
- }
-
- // if constructing, copy newTarget
- {
- Label notConstructing;
-
- masm.branchTest32(Assembler::Zero, calleeTokenReg,
- Imm32(CalleeToken_FunctionConstructing),
- ¬Constructing);
-
- // thisFrame[numFormals] = prevFrame[argc]
- ValueOperand newTarget(t0);
-
- // Load vp[argc]. Add sizeof(Value) for |this|.
- BaseIndex newTargetSrc(FramePointer, numActArgsReg, TimesEight,
- sizeof(RectifierFrameLayout) + sizeof(Value));
- masm.loadValue(newTargetSrc, newTarget);
-
- // Again, 1 for |this|
- BaseIndex newTargetDest(StackPointer, t3, TimesEight, sizeof(Value));
- masm.storeValue(newTarget, newTargetDest);
-
- masm.bind(¬Constructing);
- }
-
- // Caller:
- // [arg2] [arg1] [this] [ [argc] [callee] [descr] [raddr] ]
- //
- //
- // Rectifier frame:
- // [fp'] <- fp [undef] [undef] [undef] [arg2] [arg1] [this] <- sp [ [argc]
- // [callee] [descr] [raddr] ]
- //
-
- // Construct JitFrameLayout.
- masm.push(calleeTokenReg);
- masm.pushFrameDescriptorForJitCall(FrameType::Rectifier, numActArgsReg,
- numActArgsReg);
-
- // Call the target function.
- masm.andPtr(Imm32(uint32_t(CalleeTokenMask)), calleeTokenReg);
- switch (kind) {
- case ArgumentsRectifierKind::Normal:
- masm.loadJitCodeRaw(calleeTokenReg, t1);
- argumentsRectifierReturnOffset_ = masm.callJitNoProfiler(t1);
- break;
- case ArgumentsRectifierKind::TrialInlining:
- masm.loadJitCodeRawNoIon(calleeTokenReg, t1, t2);
- masm.callJitNoProfiler(t1);
- break;
- }
-
- masm.mov(FramePointer, StackPointer);
- masm.pop(FramePointer);
- masm.ret();
-}
-
/* - When bailout is done via out of line code (lazy bailout).
* Frame size is stored in $ra (look at
* CodeGeneratorLOONG64::generateOutOfLineCode()) and thunk code should save it
diff --git a/js/src/jit/mips64/Trampoline-mips64.cpp b/js/src/jit/mips64/Trampoline-mips64.cpp
@@ -348,184 +348,6 @@ void JitRuntime::generateInvalidator(MacroAssembler& masm, Label* bailoutTail) {
masm.jump(bailoutTail);
}
-void JitRuntime::generateArgumentsRectifier(MacroAssembler& masm,
- ArgumentsRectifierKind kind) {
- // Do not erase the frame pointer in this function.
-
- AutoCreatedBy acb(masm, "JitRuntime::generateArgumentsRectifier");
-
- switch (kind) {
- case ArgumentsRectifierKind::Normal:
- argumentsRectifierOffset_ = startTrampolineCode(masm);
- break;
- case ArgumentsRectifierKind::TrialInlining:
- trialInliningArgumentsRectifierOffset_ = startTrampolineCode(masm);
- break;
- }
- masm.pushReturnAddress();
-
- // Caller:
- // [arg2] [arg1] [this] [[argc] [callee] [descr] [raddr]] <- sp
-
- // Frame prologue.
- //
- // NOTE: if this changes, fix the Baseline bailout code too!
- // See BaselineStackBuilder::calculatePrevFramePtr and
- // BaselineStackBuilder::buildRectifierFrame (in BaselineBailouts.cpp).
- masm.push(FramePointer);
- masm.mov(StackPointer, FramePointer);
-
- // Load argc.
- masm.loadNumActualArgs(FramePointer, s3);
-
- Register numActArgsReg = a6;
- Register calleeTokenReg = a7;
- Register numArgsReg = a5;
-
- // Load |nformals| into numArgsReg.
- masm.loadPtr(
- Address(FramePointer, RectifierFrameLayout::offsetOfCalleeToken()),
- calleeTokenReg);
- masm.mov(calleeTokenReg, numArgsReg);
- masm.andPtr(Imm32(uint32_t(CalleeTokenMask)), numArgsReg);
- masm.loadFunctionArgCount(numArgsReg, numArgsReg);
-
- // Stash another copy in t3, since we are going to do destructive operations
- // on numArgsReg
- masm.mov(numArgsReg, t3);
-
- static_assert(
- CalleeToken_FunctionConstructing == 1,
- "Ensure that we can use the constructing bit to count the value");
- masm.mov(calleeTokenReg, t2);
- masm.ma_and(t2, Imm32(uint32_t(CalleeToken_FunctionConstructing)));
-
- // Including |this|, and |new.target|, there are (|nformals| + 1 +
- // isConstructing) arguments to push to the stack. Then we push a
- // JitFrameLayout. We compute the padding expressed in the number of extra
- // |undefined| values to push on the stack.
- static_assert(
- sizeof(JitFrameLayout) % JitStackAlignment == 0,
- "No need to consider the JitFrameLayout for aligning the stack");
- static_assert(
- JitStackAlignment % sizeof(Value) == 0,
- "Ensure that we can pad the stack by pushing extra UndefinedValue");
-
- MOZ_ASSERT(mozilla::IsPowerOfTwo(JitStackValueAlignment));
- masm.add32(
- Imm32(JitStackValueAlignment - 1 /* for padding */ + 1 /* for |this| */),
- numArgsReg);
- masm.add32(t2, numArgsReg);
- masm.and32(Imm32(~(JitStackValueAlignment - 1)), numArgsReg);
-
- // Load the number of |undefined|s to push into t1. Subtract 1 for |this|.
- masm.as_dsubu(t1, numArgsReg, s3);
- masm.sub32(Imm32(1), t1);
-
- // Caller:
- // [arg2] [arg1] [this] [ [argc] [callee] [descr] [raddr] ] <- sp
- // '--- s3 ----'
- //
- // Rectifier frame:
- // [fp'][undef] [undef] [undef] [arg2] [arg1] [this] [ [argc] [callee]
- // [descr] [raddr] ]
- // '-------- t1 ---------' '--- s3 ----'
-
- // Copy number of actual arguments into numActArgsReg
- masm.mov(s3, numActArgsReg); // Save %sp.
-
- masm.moveValue(UndefinedValue(), ValueOperand(t0));
-
- // Push undefined. (including the padding)
- {
- Label undefLoopTop;
-
- masm.bind(&undefLoopTop);
- masm.sub32(Imm32(1), t1);
- masm.subPtr(Imm32(sizeof(Value)), StackPointer);
- masm.storeValue(ValueOperand(t0), Address(StackPointer, 0));
-
- masm.ma_b(t1, t1, &undefLoopTop, Assembler::NonZero, ShortJump);
- }
-
- // Get the topmost argument.
- static_assert(sizeof(Value) == 8, "TimesEight is used to skip arguments");
-
- // Get the topmost argument.
- masm.ma_dsll(t0, s3, Imm32(3)); // t0 <- nargs * 8
- masm.as_daddu(t1, FramePointer, t0); // t1 <- fp(saved sp) + nargs * 8
- masm.addPtr(Imm32(sizeof(RectifierFrameLayout)), t1);
-
- // Push arguments, |nargs| + 1 times (to include |this|).
-
- masm.addPtr(Imm32(1), s3);
- {
- Label copyLoopTop;
-
- masm.bind(©LoopTop);
- masm.sub32(Imm32(1), s3);
- masm.subPtr(Imm32(sizeof(Value)), StackPointer);
- masm.loadValue(Address(t1, 0), ValueOperand(t0));
- masm.storeValue(ValueOperand(t0), Address(StackPointer, 0));
- masm.subPtr(Imm32(sizeof(Value)), t1);
-
- masm.ma_b(s3, s3, ©LoopTop, Assembler::NonZero, ShortJump);
- }
-
- // if constructing, copy newTarget
- {
- Label notConstructing;
-
- masm.branchTest32(Assembler::Zero, calleeTokenReg,
- Imm32(CalleeToken_FunctionConstructing),
- ¬Constructing);
-
- // thisFrame[numFormals] = prevFrame[argc]
- ValueOperand newTarget(t0);
-
- // Load vp[argc]. Add sizeof(Value) for |this|.
- BaseIndex newTargetSrc(FramePointer, numActArgsReg, TimesEight,
- sizeof(RectifierFrameLayout) + sizeof(Value));
- masm.loadValue(newTargetSrc, newTarget);
-
- // Again, 1 for |this|
- BaseIndex newTargetDest(StackPointer, t3, TimesEight, sizeof(Value));
- masm.storeValue(newTarget, newTargetDest);
-
- masm.bind(¬Constructing);
- }
-
- // Caller:
- // [arg2] [arg1] [this] [ [argc] [callee] [descr] [raddr] ]
- //
- //
- // Rectifier frame:
- // [fp'] <- fp [undef] [undef] [undef] [arg2] [arg1] [this] <- sp [ [argc]
- // [callee] [descr] [raddr] ]
-
- // Construct JitFrameLayout.
- masm.push(calleeTokenReg);
- masm.pushFrameDescriptorForJitCall(FrameType::Rectifier, numActArgsReg,
- numActArgsReg);
-
- // Call the target function.
- masm.andPtr(Imm32(uint32_t(CalleeTokenMask)), calleeTokenReg);
- switch (kind) {
- case ArgumentsRectifierKind::Normal:
- masm.loadJitCodeRaw(calleeTokenReg, t1);
- argumentsRectifierReturnOffset_ = masm.callJitNoProfiler(t1);
- break;
- case ArgumentsRectifierKind::TrialInlining:
- masm.loadJitCodeRawNoIon(calleeTokenReg, t1, t2);
- masm.callJitNoProfiler(t1);
- break;
- }
-
- masm.mov(FramePointer, StackPointer);
- masm.pop(FramePointer);
- masm.ret();
-}
-
/* - When bailout is done via out of line code (lazy bailout).
* Frame size is stored in $ra (look at
* CodeGeneratorMIPS64::generateOutOfLineCode()) and thunk code should save it
diff --git a/js/src/jit/none/Trampoline-none.cpp b/js/src/jit/none/Trampoline-none.cpp
@@ -23,10 +23,6 @@ JitRuntime::getCppEntryRegisters(JitFrameLayout* frameStackAddress) {
return mozilla::Nothing{};
}
void JitRuntime::generateInvalidator(MacroAssembler&, Label*) { MOZ_CRASH(); }
-void JitRuntime::generateArgumentsRectifier(MacroAssembler&,
- ArgumentsRectifierKind kind) {
- MOZ_CRASH();
-}
void JitRuntime::generateBailoutHandler(MacroAssembler&, Label*) {
MOZ_CRASH();
}
diff --git a/js/src/jit/riscv64/Trampoline-riscv64.cpp b/js/src/jit/riscv64/Trampoline-riscv64.cpp
@@ -379,183 +379,6 @@ void JitRuntime::generateInvalidator(MacroAssembler& masm, Label* bailoutTail) {
masm.jump(bailoutTail);
}
-void JitRuntime::generateArgumentsRectifier(MacroAssembler& masm,
- ArgumentsRectifierKind kind) {
- // Do not erase the frame pointer in this function.
-
- AutoCreatedBy acb(masm, "JitRuntime::generateArgumentsRectifier");
-
- switch (kind) {
- case ArgumentsRectifierKind::Normal:
- argumentsRectifierOffset_ = startTrampolineCode(masm);
- break;
- case ArgumentsRectifierKind::TrialInlining:
- trialInliningArgumentsRectifierOffset_ = startTrampolineCode(masm);
- break;
- }
- masm.pushReturnAddress();
- // Caller:
- // [arg2] [arg1] [this] [[argc] [callee] [descr] [raddr]] <- sp
-
- // Frame prologue.
- //
- // NOTE: if this changes, fix the Baseline bailout code too!
- // See BaselineStackBuilder::calculatePrevFramePtr and
- // BaselineStackBuilder::buildRectifierFrame (in BaselineBailouts.cpp).
- masm.push(FramePointer);
- masm.mov(StackPointer, FramePointer);
-
- // Load argc.
- masm.loadNumActualArgs(FramePointer, s3);
-
- Register numActArgsReg = a6;
- Register calleeTokenReg = a7;
- Register numArgsReg = a5;
-
- // Load |nformals| into numArgsReg.
- masm.loadPtr(
- Address(FramePointer, RectifierFrameLayout::offsetOfCalleeToken()),
- calleeTokenReg);
- masm.mov(calleeTokenReg, numArgsReg);
- masm.andPtr(Imm32(uint32_t(CalleeTokenMask)), numArgsReg);
- masm.loadFunctionArgCount(numArgsReg, numArgsReg);
-
- // Stash another copy in t3, since we are going to do destructive operations
- // on numArgsReg
- masm.mov(numArgsReg, t3);
-
- static_assert(
- CalleeToken_FunctionConstructing == 1,
- "Ensure that we can use the constructing bit to count the value");
- masm.mov(calleeTokenReg, t2);
- masm.ma_and(t2, t2, Imm32(uint32_t(CalleeToken_FunctionConstructing)));
-
- // Including |this|, and |new.target|, there are (|nformals| + 1 +
- // isConstructing) arguments to push to the stack. Then we push a
- // JitFrameLayout. We compute the padding expressed in the number of extra
- // |undefined| values to push on the stack.
- static_assert(
- sizeof(JitFrameLayout) % JitStackAlignment == 0,
- "No need to consider the JitFrameLayout for aligning the stack");
- static_assert(
- JitStackAlignment % sizeof(Value) == 0,
- "Ensure that we can pad the stack by pushing extra UndefinedValue");
-
- MOZ_ASSERT(mozilla::IsPowerOfTwo(JitStackValueAlignment));
- masm.add32(
- Imm32(JitStackValueAlignment - 1 /* for padding */ + 1 /* for |this| */),
- numArgsReg);
- masm.add32(t2, numArgsReg);
- masm.and32(Imm32(~(JitStackValueAlignment - 1)), numArgsReg);
-
- // Load the number of |undefined|s to push into t1. Subtract 1 for |this|.
- masm.ma_sub64(t1, numArgsReg, s3);
- masm.sub32(Imm32(1), t1);
-
- // Caller:
- // [arg2] [arg1] [this] [ [argc] [callee] [descr] [raddr] ] <- sp
- // '--- s3 ----'
- //
- // Rectifier frame:
- // [fp'] [undef] [undef] [undef] [arg2] [arg1] [this] [ [argc] [callee]
- // [descr] [raddr] ]
- // '-------- t1 ---------' '--- s3 ----'
-
- // Copy number of actual arguments into numActArgsReg.
- masm.mov(s3, numActArgsReg);
-
- masm.moveValue(UndefinedValue(), ValueOperand(t0));
-
- // Push undefined. (including the padding)
- {
- Label undefLoopTop;
-
- masm.bind(&undefLoopTop);
- masm.sub32(Imm32(1), t1);
- masm.subPtr(Imm32(sizeof(Value)), StackPointer);
- masm.storeValue(ValueOperand(t0), Address(StackPointer, 0));
-
- masm.ma_b(t1, t1, &undefLoopTop, Assembler::NonZero, ShortJump);
- }
-
- // Get the topmost argument.
- static_assert(sizeof(Value) == 8, "TimesEight is used to skip arguments");
-
- // Get the topmost argument.
- masm.slli(t0, s3, 3); // t0 <- nargs * 8
- masm.ma_add64(t1, FramePointer, t0); // t1 <- fp(saved sp) + nargs * 8
- masm.addPtr(Imm32(sizeof(RectifierFrameLayout)), t1);
-
- // Push arguments, |nargs| + 1 times (to include |this|).
- masm.addPtr(Imm32(1), s3);
- {
- Label copyLoopTop;
-
- masm.bind(©LoopTop);
- masm.sub32(Imm32(1), s3);
- masm.subPtr(Imm32(sizeof(Value)), StackPointer);
- masm.loadValue(Address(t1, 0), ValueOperand(t0));
- masm.storeValue(ValueOperand(t0), Address(StackPointer, 0));
- masm.subPtr(Imm32(sizeof(Value)), t1);
-
- masm.ma_b(s3, s3, ©LoopTop, Assembler::NonZero, ShortJump);
- }
-
- // if constructing, copy newTarget
- {
- Label notConstructing;
-
- masm.branchTest32(Assembler::Zero, calleeTokenReg,
- Imm32(CalleeToken_FunctionConstructing),
- ¬Constructing);
-
- // thisFrame[numFormals] = prevFrame[argc]
- ValueOperand newTarget(t0);
-
- // Load vp[argc]. Add sizeof(Value) for |this|.
- BaseIndex newTargetSrc(FramePointer, numActArgsReg, TimesEight,
- sizeof(RectifierFrameLayout) + sizeof(Value));
- masm.loadValue(newTargetSrc, newTarget);
-
- // Again, 1 for |this|
- BaseIndex newTargetDest(StackPointer, t3, TimesEight, sizeof(Value));
- masm.storeValue(newTarget, newTargetDest);
-
- masm.bind(¬Constructing);
- }
-
- // Caller:
- // [arg2] [arg1] [this] [ [argc] [callee] [descr] [raddr] ]
- //
- //
- // Rectifier frame:
- // [fp'] <- fp [undef] [undef] [undef] [arg2] [arg1] [this] <- sp [ [argc]
- // [callee] [descr] [raddr] ]
- //
-
- // Construct JitFrameLayout.
- masm.push(calleeTokenReg);
- masm.pushFrameDescriptorForJitCall(FrameType::Rectifier, numActArgsReg,
- numActArgsReg);
-
- // Call the target function.
- masm.andPtr(Imm32(uint32_t(CalleeTokenMask)), calleeTokenReg);
- switch (kind) {
- case ArgumentsRectifierKind::Normal:
- masm.loadJitCodeRaw(calleeTokenReg, t1);
- argumentsRectifierReturnOffset_ = masm.callJitNoProfiler(t1);
- break;
- case ArgumentsRectifierKind::TrialInlining:
- masm.loadJitCodeRawNoIon(calleeTokenReg, t1, t2);
- masm.callJitNoProfiler(t1);
- break;
- }
-
- masm.mov(FramePointer, StackPointer);
- masm.pop(FramePointer);
- masm.ret();
-}
-
void JitRuntime::generateBailoutHandler(MacroAssembler& masm,
Label* bailoutTail) {
AutoCreatedBy acb(masm, "JitRuntime::generateBailoutHandler");
diff --git a/js/src/jit/wasm32/Trampoline-wasm32.cpp b/js/src/jit/wasm32/Trampoline-wasm32.cpp
@@ -22,11 +22,6 @@ JitRuntime::getCppEntryRegisters(JitFrameLayout* frameStackAddress) {
void JitRuntime::generateInvalidator(MacroAssembler&, Label*) { MOZ_CRASH(); }
-void JitRuntime::generateArgumentsRectifier(MacroAssembler&,
- ArgumentsRectifierKind kind) {
- MOZ_CRASH();
-}
-
void JitRuntime::generateBailoutHandler(MacroAssembler&, Label*) {
MOZ_CRASH();
}
diff --git a/js/src/jit/x64/Trampoline-x64.cpp b/js/src/jit/x64/Trampoline-x64.cpp
@@ -379,171 +379,6 @@ void JitRuntime::generateInvalidator(MacroAssembler& masm, Label* bailoutTail) {
masm.jmp(bailoutTail);
}
-void JitRuntime::generateArgumentsRectifier(MacroAssembler& masm,
- ArgumentsRectifierKind kind) {
- // Do not erase the frame pointer in this function.
-
- AutoCreatedBy acb(masm, "JitRuntime::generateArgumentsRectifier");
-
- switch (kind) {
- case ArgumentsRectifierKind::Normal:
- argumentsRectifierOffset_ = startTrampolineCode(masm);
- break;
- case ArgumentsRectifierKind::TrialInlining:
- trialInliningArgumentsRectifierOffset_ = startTrampolineCode(masm);
- break;
- }
-
- // Caller:
- // [arg2] [arg1] [this] [[argc] [callee] [descr] [raddr]] <- rsp
-
- // Frame prologue.
- //
- // NOTE: if this changes, fix the Baseline bailout code too!
- // See BaselineStackBuilder::calculatePrevFramePtr and
- // BaselineStackBuilder::buildRectifierFrame (in BaselineBailouts.cpp).
- masm.push(FramePointer);
- masm.movq(rsp, FramePointer);
-
- // Load argc.
- masm.loadNumActualArgs(FramePointer, r8);
-
- // Load |nformals| into %rcx.
- masm.loadPtr(Address(rbp, RectifierFrameLayout::offsetOfCalleeToken()), rax);
- masm.mov(rax, rcx);
- masm.andq(Imm32(uint32_t(CalleeTokenMask)), rcx);
- masm.loadFunctionArgCount(rcx, rcx);
-
- // Stash another copy in r11, since we are going to do destructive operations
- // on rcx
- masm.mov(rcx, r11);
-
- static_assert(
- CalleeToken_FunctionConstructing == 1,
- "Ensure that we can use the constructing bit to count the value");
- masm.mov(rax, rdx);
- masm.andq(Imm32(uint32_t(CalleeToken_FunctionConstructing)), rdx);
-
- // Including |this|, and |new.target|, there are (|nformals| + 1 +
- // isConstructing) arguments to push to the stack. Then we push a
- // JitFrameLayout. We compute the padding expressed in the number of extra
- // |undefined| values to push on the stack.
- static_assert(
- sizeof(JitFrameLayout) % JitStackAlignment == 0,
- "No need to consider the JitFrameLayout for aligning the stack");
- static_assert(
- JitStackAlignment % sizeof(Value) == 0,
- "Ensure that we can pad the stack by pushing extra UndefinedValue");
- static_assert(IsPowerOfTwo(JitStackValueAlignment),
- "must have power of two for masm.andl to do its job");
-
- masm.addl(
- Imm32(JitStackValueAlignment - 1 /* for padding */ + 1 /* for |this| */),
- rcx);
- masm.addl(rdx, rcx);
- masm.andl(Imm32(~(JitStackValueAlignment - 1)), rcx);
-
- // Load the number of |undefined|s to push into %rcx. Subtract 1 for |this|.
- masm.subl(r8, rcx);
- masm.subl(Imm32(1), rcx);
-
- // Caller:
- // [arg2] [arg1] [this] [ [argc] [callee] [descr] [raddr] ] <- rsp
- // '--- #r8 ---'
- //
- // Rectifier frame:
- // [rbp'] [undef] [undef] [undef] [arg2] [arg1] [this] [ [argc] [callee]
- // [descr] [raddr] ]
- // '------- #rcx --------' '--- #r8 ---'
-
- // Copy the number of actual arguments into rdx.
- masm.mov(r8, rdx);
-
- masm.moveValue(UndefinedValue(), ValueOperand(r10));
-
- // Push undefined. (including the padding)
- {
- Label undefLoopTop;
- masm.bind(&undefLoopTop);
-
- masm.push(r10);
- masm.subl(Imm32(1), rcx);
- masm.j(Assembler::NonZero, &undefLoopTop);
- }
-
- // Get the topmost argument.
- static_assert(sizeof(Value) == 8, "TimesEight is used to skip arguments");
-
- // Get the topmost argument.
- BaseIndex b(FramePointer, r8, TimesEight, sizeof(RectifierFrameLayout));
- masm.lea(Operand(b), rcx);
-
- // Push arguments, |nargs| + 1 times (to include |this|).
- masm.addl(Imm32(1), r8);
- {
- Label copyLoopTop;
-
- masm.bind(©LoopTop);
- masm.push(Operand(rcx, 0x0));
- masm.subq(Imm32(sizeof(Value)), rcx);
- masm.subl(Imm32(1), r8);
- masm.j(Assembler::NonZero, ©LoopTop);
- }
-
- // if constructing, copy newTarget
- {
- Label notConstructing;
-
- masm.branchTest32(Assembler::Zero, rax,
- Imm32(CalleeToken_FunctionConstructing),
- ¬Constructing);
-
- // thisFrame[numFormals] = prevFrame[argc]
- ValueOperand newTarget(r10);
-
- // Load vp[argc]. Add sizeof(Value) for |this|.
- BaseIndex newTargetSrc(FramePointer, rdx, TimesEight,
- sizeof(RectifierFrameLayout) + sizeof(Value));
- masm.loadValue(newTargetSrc, newTarget);
-
- // Again, 1 for |this|
- BaseIndex newTargetDest(rsp, r11, TimesEight, sizeof(Value));
- masm.storeValue(newTarget, newTargetDest);
-
- masm.bind(¬Constructing);
- }
-
- // Caller:
- // [arg2] [arg1] [this] [ [argc] [callee] [descr] [raddr] ]
- //
- //
- // Rectifier frame:
- // [rbp'] <- rbp [undef] [undef] [undef] [arg2] [arg1] [this] <- rsp [ [argc]
- // [callee] [descr] [raddr] ]
- //
-
- // Construct JitFrameLayout.
- masm.push(rax); // callee token
- masm.pushFrameDescriptorForJitCall(FrameType::Rectifier, rdx, rdx);
-
- // Call the target function.
- masm.andq(Imm32(uint32_t(CalleeTokenMask)), rax);
- switch (kind) {
- case ArgumentsRectifierKind::Normal:
- masm.loadJitCodeRaw(rax, rax);
- argumentsRectifierReturnOffset_ = masm.callJitNoProfiler(rax);
- break;
- case ArgumentsRectifierKind::TrialInlining:
- masm.loadJitCodeRawNoIon(rax, rbx, rdx);
- masm.callJitNoProfiler(rbx);
- break;
- }
-
- masm.mov(FramePointer, StackPointer);
- masm.pop(FramePointer);
- masm.ret();
-}
-
static void PushBailoutFrame(MacroAssembler& masm, Register spArg) {
// Push registers such that we can access them from [base + code].
DumpAllRegs(masm);
diff --git a/js/src/jit/x86/Trampoline-x86.cpp b/js/src/jit/x86/Trampoline-x86.cpp
@@ -301,157 +301,6 @@ void JitRuntime::generateInvalidator(MacroAssembler& masm, Label* bailoutTail) {
masm.jmp(bailoutTail);
}
-void JitRuntime::generateArgumentsRectifier(MacroAssembler& masm,
- ArgumentsRectifierKind kind) {
- AutoCreatedBy acb(masm, "JitRuntime::generateArgumentsRectifier");
-
- switch (kind) {
- case ArgumentsRectifierKind::Normal:
- argumentsRectifierOffset_ = startTrampolineCode(masm);
- break;
- case ArgumentsRectifierKind::TrialInlining:
- trialInliningArgumentsRectifierOffset_ = startTrampolineCode(masm);
- break;
- }
-
- // Caller:
- // [arg2] [arg1] [this] [ [argc] [callee] [descr] [raddr] ] <- esp
-
- // Frame prologue.
- //
- // NOTE: if this changes, fix the Baseline bailout code too!
- // See BaselineStackBuilder::calculatePrevFramePtr and
- // BaselineStackBuilder::buildRectifierFrame (in BaselineBailouts.cpp).
- masm.push(FramePointer);
- masm.movl(esp, FramePointer); // Save %esp.
-
- // Load argc.
- masm.loadNumActualArgs(FramePointer, esi);
-
- // Load the number of |undefined|s to push into %ecx.
- masm.loadPtr(Address(ebp, RectifierFrameLayout::offsetOfCalleeToken()), eax);
- masm.mov(eax, ecx);
- masm.andl(Imm32(CalleeTokenMask), ecx);
- masm.loadFunctionArgCount(ecx, ecx);
-
- // The frame pointer and its padding are pushed on the stack.
- // Including |this|, there are (|nformals| + 1) arguments to push to the
- // stack. Then we push a JitFrameLayout. We compute the padding expressed
- // in the number of extra |undefined| values to push on the stack.
- static_assert(
- sizeof(JitFrameLayout) % JitStackAlignment == 0,
- "No need to consider the JitFrameLayout for aligning the stack");
- static_assert(
- JitStackAlignment % sizeof(Value) == 0,
- "Ensure that we can pad the stack by pushing extra UndefinedValue");
- static_assert(IsPowerOfTwo(JitStackValueAlignment),
- "must have power of two for masm.andl to do its job");
-
- masm.addl(
- Imm32(JitStackValueAlignment - 1 /* for padding */ + 1 /* for |this| */),
- ecx);
-
- // Account for newTarget, if necessary.
- static_assert(
- CalleeToken_FunctionConstructing == 1,
- "Ensure that we can use the constructing bit to count an extra push");
- masm.mov(eax, edx);
- masm.andl(Imm32(CalleeToken_FunctionConstructing), edx);
- masm.addl(edx, ecx);
-
- masm.andl(Imm32(~(JitStackValueAlignment - 1)), ecx);
- masm.subl(esi, ecx);
- masm.subl(Imm32(1), ecx); // For |this|.
-
- // Copy the number of actual arguments into edx.
- masm.mov(esi, edx);
-
- masm.moveValue(UndefinedValue(), ValueOperand(ebx, edi));
-
- // Caller:
- // [arg2] [arg1] [this] [ [argc] [callee] [descr] [raddr] ]
- // '-- #esi ---'
- //
- // Rectifier frame:
- // [ebp'] <- ebp [padding] <- esp [undef] [undef] [arg2] [arg1] [this]
- // '--- #ecx ----' '-- #esi ---'
- //
- // [ [argc] [callee] [descr] [raddr] ]
-
- // Push undefined.
- {
- Label undefLoopTop;
- masm.bind(&undefLoopTop);
-
- masm.push(ebx); // type(undefined);
- masm.push(edi); // payload(undefined);
- masm.subl(Imm32(1), ecx);
- masm.j(Assembler::NonZero, &undefLoopTop);
- }
-
- // Get the topmost argument.
- BaseIndex b(FramePointer, esi, TimesEight, sizeof(RectifierFrameLayout));
- masm.lea(Operand(b), ecx);
-
- // Push arguments, |nargs| + 1 times (to include |this|).
- masm.addl(Imm32(1), esi);
- {
- Label copyLoopTop;
-
- masm.bind(©LoopTop);
- masm.push(Operand(ecx, sizeof(Value) / 2));
- masm.push(Operand(ecx, 0x0));
- masm.subl(Imm32(sizeof(Value)), ecx);
- masm.subl(Imm32(1), esi);
- masm.j(Assembler::NonZero, ©LoopTop);
- }
-
- {
- Label notConstructing;
-
- masm.mov(eax, ebx);
- masm.branchTest32(Assembler::Zero, ebx,
- Imm32(CalleeToken_FunctionConstructing),
- ¬Constructing);
-
- BaseValueIndex src(FramePointer, edx,
- sizeof(RectifierFrameLayout) + sizeof(Value));
-
- masm.andl(Imm32(CalleeTokenMask), ebx);
- masm.loadFunctionArgCount(ebx, ebx);
-
- BaseValueIndex dst(esp, ebx, sizeof(Value));
-
- ValueOperand newTarget(ecx, edi);
-
- masm.loadValue(src, newTarget);
- masm.storeValue(newTarget, dst);
-
- masm.bind(¬Constructing);
- }
-
- // Construct JitFrameLayout.
- masm.push(eax); // callee token
- masm.pushFrameDescriptorForJitCall(FrameType::Rectifier, edx, edx);
-
- // Call the target function.
- masm.andl(Imm32(CalleeTokenMask), eax);
- switch (kind) {
- case ArgumentsRectifierKind::Normal:
- masm.loadJitCodeRaw(eax, eax);
- argumentsRectifierReturnOffset_ = masm.callJitNoProfiler(eax);
- break;
- case ArgumentsRectifierKind::TrialInlining:
- masm.loadJitCodeRawNoIon(eax, eax, edx);
- masm.callJitNoProfiler(eax);
- break;
- }
-
- masm.mov(FramePointer, StackPointer);
- masm.pop(FramePointer);
- masm.ret();
-}
-
static void PushBailoutFrame(MacroAssembler& masm, Register spArg) {
// Push registers such that we can access them from [base + code].
DumpAllRegs(masm);
