commit f30ca5d6dabe63618ee607282e1fa83708c840b4
parent e39b68fb2b2453ed0d962a7bffc8b273359c3618
Author: Jan de Mooij <jdemooij@mozilla.com>
Date: Wed, 8 Oct 2025 06:18:23 +0000
Bug 1992999 part 1 - Remove some code for nursery object MConstants. r=iain
We don't have nursery pointers in MIR anymore since Warp.
Differential Revision: https://phabricator.services.mozilla.com/D267848
Diffstat:
2 files changed, 21 insertions(+), 57 deletions(-)
diff --git a/js/src/jit/CodeGenerator.cpp b/js/src/jit/CodeGenerator.cpp
@@ -5741,8 +5741,8 @@ void CodeGenerator::visitPostWriteBarrierCommon(LPostBarrierType* lir,
Register temp = ToTempRegisterOrInvalid(lir->temp0());
if (lir->object()->isConstant()) {
- // Constant nursery objects cannot appear here, see
- // LIRGenerator::visitPostWriteElementBarrier.
+ // The object must be tenured because MIR and LIR can't contain nursery
+ // pointers.
MOZ_ASSERT(!IsInsideNursery(&lir->object()->toConstant()->toObject()));
} else {
masm.branchPtrInNurseryChunk(Assembler::Equal, ToRegister(lir->object()),
@@ -5773,8 +5773,8 @@ void CodeGenerator::visitPostWriteBarrierCommonV(LPostBarrierType* lir,
Register temp = ToTempRegisterOrInvalid(lir->temp0());
if (lir->object()->isConstant()) {
- // Constant nursery objects cannot appear here, see
- // LIRGenerator::visitPostWriteElementBarrier.
+ // The object must be tenured because MIR and LIR can't contain nursery
+ // pointers.
MOZ_ASSERT(!IsInsideNursery(&lir->object()->toConstant()->toObject()));
} else {
masm.branchPtrInNurseryChunk(Assembler::Equal, ToRegister(lir->object()),
diff --git a/js/src/jit/Lowering.cpp b/js/src/jit/Lowering.cpp
@@ -4234,33 +4234,15 @@ void LIRGenerator::visitStoreDynamicSlot(MStoreDynamicSlot* ins) {
}
}
-// Returns true iff |def| is a constant that's either not a GC thing or is not
-// allocated in the nursery.
-static bool IsNonNurseryConstant(MDefinition* def) {
- if (!def->isConstant()) {
- return false;
- }
- Value v = def->toConstant()->toJSValue();
- return !v.isGCThing() || !IsInsideNursery(v.toGCThing());
-}
-
void LIRGenerator::visitPostWriteBarrier(MPostWriteBarrier* ins) {
MOZ_ASSERT(ins->object()->type() == MIRType::Object);
- // LPostWriteBarrier assumes that if it has a constant object then that
- // object is tenured, and does not need to be tested for being in the
- // nursery. Ensure that assumption holds by lowering constant nursery
- // objects to a register.
- bool useConstantObject = IsNonNurseryConstant(ins->object());
-
switch (ins->value()->type()) {
case MIRType::Object: {
LDefinition tmp =
needTempForPostBarrier() ? temp() : LDefinition::BogusTemp();
- LPostWriteBarrierO* lir = new (alloc())
- LPostWriteBarrierO(useConstantObject ? useOrConstant(ins->object())
- : useRegister(ins->object()),
- useRegister(ins->value()), tmp);
+ LPostWriteBarrierO* lir = new (alloc()) LPostWriteBarrierO(
+ useRegisterOrConstant(ins->object()), useRegister(ins->value()), tmp);
add(lir, ins);
assignSafepoint(lir, ins);
break;
@@ -4268,10 +4250,8 @@ void LIRGenerator::visitPostWriteBarrier(MPostWriteBarrier* ins) {
case MIRType::String: {
LDefinition tmp =
needTempForPostBarrier() ? temp() : LDefinition::BogusTemp();
- LPostWriteBarrierS* lir = new (alloc())
- LPostWriteBarrierS(useConstantObject ? useOrConstant(ins->object())
- : useRegister(ins->object()),
- useRegister(ins->value()), tmp);
+ LPostWriteBarrierS* lir = new (alloc()) LPostWriteBarrierS(
+ useRegisterOrConstant(ins->object()), useRegister(ins->value()), tmp);
add(lir, ins);
assignSafepoint(lir, ins);
break;
@@ -4279,10 +4259,8 @@ void LIRGenerator::visitPostWriteBarrier(MPostWriteBarrier* ins) {
case MIRType::BigInt: {
LDefinition tmp =
needTempForPostBarrier() ? temp() : LDefinition::BogusTemp();
- auto* lir = new (alloc())
- LPostWriteBarrierBI(useConstantObject ? useOrConstant(ins->object())
- : useRegister(ins->object()),
- useRegister(ins->value()), tmp);
+ auto* lir = new (alloc()) LPostWriteBarrierBI(
+ useRegisterOrConstant(ins->object()), useRegister(ins->value()), tmp);
add(lir, ins);
assignSafepoint(lir, ins);
break;
@@ -4290,10 +4268,8 @@ void LIRGenerator::visitPostWriteBarrier(MPostWriteBarrier* ins) {
case MIRType::Value: {
LDefinition tmp =
needTempForPostBarrier() ? temp() : LDefinition::BogusTemp();
- LPostWriteBarrierV* lir = new (alloc())
- LPostWriteBarrierV(useConstantObject ? useOrConstant(ins->object())
- : useRegister(ins->object()),
- useBox(ins->value()), tmp);
+ LPostWriteBarrierV* lir = new (alloc()) LPostWriteBarrierV(
+ useRegisterOrConstant(ins->object()), useBox(ins->value()), tmp);
add(lir, ins);
assignSafepoint(lir, ins);
break;
@@ -4309,22 +4285,13 @@ void LIRGenerator::visitPostWriteElementBarrier(MPostWriteElementBarrier* ins) {
MOZ_ASSERT(ins->object()->type() == MIRType::Object);
MOZ_ASSERT(ins->index()->type() == MIRType::Int32);
- // LPostWriteElementBarrier assumes that if it has a constant object then that
- // object is tenured, and does not need to be tested for being in the
- // nursery. Ensure that assumption holds by lowering constant nursery
- // objects to a register.
- bool useConstantObject =
- ins->object()->isConstant() &&
- !IsInsideNursery(&ins->object()->toConstant()->toObject());
-
switch (ins->value()->type()) {
case MIRType::Object: {
LDefinition tmp =
needTempForPostBarrier() ? temp() : LDefinition::BogusTemp();
LPostWriteElementBarrierO* lir = new (alloc()) LPostWriteElementBarrierO(
- useConstantObject ? useOrConstant(ins->object())
- : useRegister(ins->object()),
- useRegister(ins->value()), useRegister(ins->index()), tmp);
+ useRegisterOrConstant(ins->object()), useRegister(ins->value()),
+ useRegister(ins->index()), tmp);
add(lir, ins);
assignSafepoint(lir, ins);
break;
@@ -4333,9 +4300,8 @@ void LIRGenerator::visitPostWriteElementBarrier(MPostWriteElementBarrier* ins) {
LDefinition tmp =
needTempForPostBarrier() ? temp() : LDefinition::BogusTemp();
LPostWriteElementBarrierS* lir = new (alloc()) LPostWriteElementBarrierS(
- useConstantObject ? useOrConstant(ins->object())
- : useRegister(ins->object()),
- useRegister(ins->value()), useRegister(ins->index()), tmp);
+ useRegisterOrConstant(ins->object()), useRegister(ins->value()),
+ useRegister(ins->index()), tmp);
add(lir, ins);
assignSafepoint(lir, ins);
break;
@@ -4344,9 +4310,8 @@ void LIRGenerator::visitPostWriteElementBarrier(MPostWriteElementBarrier* ins) {
LDefinition tmp =
needTempForPostBarrier() ? temp() : LDefinition::BogusTemp();
auto* lir = new (alloc()) LPostWriteElementBarrierBI(
- useConstantObject ? useOrConstant(ins->object())
- : useRegister(ins->object()),
- useRegister(ins->value()), useRegister(ins->index()), tmp);
+ useRegisterOrConstant(ins->object()), useRegister(ins->value()),
+ useRegister(ins->index()), tmp);
add(lir, ins);
assignSafepoint(lir, ins);
break;
@@ -4355,9 +4320,8 @@ void LIRGenerator::visitPostWriteElementBarrier(MPostWriteElementBarrier* ins) {
LDefinition tmp =
needTempForPostBarrier() ? temp() : LDefinition::BogusTemp();
LPostWriteElementBarrierV* lir = new (alloc()) LPostWriteElementBarrierV(
- useConstantObject ? useOrConstant(ins->object())
- : useRegister(ins->object()),
- useRegister(ins->index()), useBox(ins->value()), tmp);
+ useRegisterOrConstant(ins->object()), useRegister(ins->index()),
+ useBox(ins->value()), tmp);
add(lir, ins);
assignSafepoint(lir, ins);
break;
@@ -6241,7 +6205,7 @@ void LIRGenerator::visitSetPropertyCache(MSetPropertyCache* ins) {
// constant to reduce register allocation pressure.
bool useConstId =
id->type() == MIRType::String || id->type() == MIRType::Symbol;
- bool useConstValue = IsNonNurseryConstant(ins->value());
+ bool useConstValue = ins->value()->isConstant();
// Emit an overrecursed check: this is necessary because the cache can
// attach a scripted setter stub that calls this script recursively.
