Changeset 254464 in webkit
- Timestamp:
- Jan 13, 2020, 3:55:57 PM (6 years ago)
- Location:
- trunk
- Files:
-
- 4 added
- 45 edited
-
JSTests/ChangeLog (modified) (1 diff)
-
JSTests/stress/racy-gc-cleanup-of-identifier-after-mutator-stops-running.js (added)
-
Source/JavaScriptCore/CMakeLists.txt (modified) (1 diff)
-
Source/JavaScriptCore/ChangeLog (modified) (1 diff)
-
Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj (modified) (5 diffs)
-
Source/JavaScriptCore/Sources.txt (modified) (1 diff)
-
Source/JavaScriptCore/bytecode/AccessCase.cpp (modified) (13 diffs)
-
Source/JavaScriptCore/bytecode/AccessCase.h (modified) (7 diffs)
-
Source/JavaScriptCore/bytecode/CodeBlock.cpp (modified) (3 diffs)
-
Source/JavaScriptCore/bytecode/GetByIdVariant.cpp (modified) (6 diffs)
-
Source/JavaScriptCore/bytecode/GetByIdVariant.h (modified) (7 diffs)
-
Source/JavaScriptCore/bytecode/GetByStatus.cpp (modified) (17 diffs)
-
Source/JavaScriptCore/bytecode/GetByStatus.h (modified) (8 diffs)
-
Source/JavaScriptCore/bytecode/GetterSetterAccessCase.cpp (modified) (4 diffs)
-
Source/JavaScriptCore/bytecode/GetterSetterAccessCase.h (modified) (3 diffs)
-
Source/JavaScriptCore/bytecode/InstanceOfAccessCase.cpp (modified) (2 diffs)
-
Source/JavaScriptCore/bytecode/IntrinsicGetterAccessCase.cpp (modified) (3 diffs)
-
Source/JavaScriptCore/bytecode/IntrinsicGetterAccessCase.h (modified) (3 diffs)
-
Source/JavaScriptCore/bytecode/ModuleNamespaceAccessCase.cpp (modified) (3 diffs)
-
Source/JavaScriptCore/bytecode/ModuleNamespaceAccessCase.h (modified) (3 diffs)
-
Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp (modified) (5 diffs)
-
Source/JavaScriptCore/bytecode/PolymorphicAccess.h (modified) (2 diffs)
-
Source/JavaScriptCore/bytecode/ProxyableAccessCase.cpp (modified) (3 diffs)
-
Source/JavaScriptCore/bytecode/ProxyableAccessCase.h (modified) (3 diffs)
-
Source/JavaScriptCore/bytecode/RecordedStatuses.cpp (modified) (2 diffs)
-
Source/JavaScriptCore/bytecode/RecordedStatuses.h (modified) (2 diffs)
-
Source/JavaScriptCore/bytecode/StructureStubInfo.cpp (modified) (6 diffs)
-
Source/JavaScriptCore/bytecode/StructureStubInfo.h (modified) (7 diffs)
-
Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp (modified) (5 diffs)
-
Source/JavaScriptCore/dfg/DFGDesiredIdentifiers.cpp (modified) (6 diffs)
-
Source/JavaScriptCore/dfg/DFGDesiredIdentifiers.h (modified) (4 diffs)
-
Source/JavaScriptCore/dfg/DFGJITFinalizer.cpp (modified) (2 diffs)
-
Source/JavaScriptCore/dfg/DFGPlan.cpp (modified) (5 diffs)
-
Source/JavaScriptCore/dfg/DFGPlan.h (modified) (4 diffs)
-
Source/JavaScriptCore/dfg/DFGWorklist.cpp (modified) (7 diffs)
-
Source/JavaScriptCore/dfg/DFGWorklist.h (modified) (3 diffs)
-
Source/JavaScriptCore/ftl/FTLJITFinalizer.cpp (modified) (3 diffs)
-
Source/JavaScriptCore/jit/JITOperations.cpp (modified) (4 diffs)
-
Source/JavaScriptCore/jit/Repatch.cpp (modified) (10 diffs)
-
Source/JavaScriptCore/jit/Repatch.h (modified) (3 diffs)
-
Source/JavaScriptCore/runtime/CacheableIdentifier.cpp (added)
-
Source/JavaScriptCore/runtime/CacheableIdentifier.h (added)
-
Source/JavaScriptCore/runtime/CacheableIdentifierInlines.h (added)
-
Source/JavaScriptCore/runtime/ExceptionHelpers.cpp (modified) (2 diffs)
-
Source/JavaScriptCore/runtime/JSString.h (modified) (3 diffs)
-
Source/JavaScriptCore/runtime/VM.cpp (modified) (3 diffs)
-
Source/JavaScriptCore/runtime/VM.h (modified) (3 diffs)
-
Source/WebCore/ChangeLog (modified) (1 diff)
-
Source/WebCore/bindings/js/CommonVM.cpp (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/JSTests/ChangeLog
r254434 r254464 1 2020-01-13 Mark Lam <mark.lam@apple.com> 2 3 Replace uses of Box<Identifier> with a new CacheableIdentifier class. 4 https://bugs.webkit.org/show_bug.cgi?id=205544 5 <rdar://problem/58041800> 6 7 Reviewed by Saam Barati. 8 9 * stress/racy-gc-cleanup-of-identifier-after-mutator-stops-running.js: Added. 10 1 11 2020-01-11 Keith Miller <keith_miller@apple.com> 2 12 -
trunk/Source/JavaScriptCore/CMakeLists.txt
r254447 r254464 786 786 runtime/CachePayload.h 787 787 runtime/CacheUpdate.h 788 runtime/CacheableIdentifier.h 789 runtime/CacheableIdentifierInlines.h 788 790 runtime/CachedBytecode.h 789 791 runtime/CachedTypes.h -
trunk/Source/JavaScriptCore/ChangeLog
r254447 r254464 1 2020-01-13 Mark Lam <mark.lam@apple.com> 2 3 Replace uses of Box<Identifier> with a new CacheableIdentifier class. 4 https://bugs.webkit.org/show_bug.cgi?id=205544 5 <rdar://problem/58041800> 6 7 Reviewed by Saam Barati. 8 9 The introduction of the use of Box<Identifier> was to get around having to 10 ref/deref the underlying UniqedStringImpl in Identifiers from the compiler 11 and GC threads. However, it proves to be difficult to control when these 12 Box<Identifier>s get destructed, and requires that we find all the places in 13 the compier and GC threads where this can happen, and apply keep alive tactics 14 there to defer destruction of the Box<Identifier> to the mutator thread. 15 16 This patch fixes this by replacing uses of Box<Identifier> with 17 CacheableIdentifier, which is effectively a tagged union of a JSCell* or a 18 UniquedStringImpl*. The JSCell*, in this case, can be either a Symbol* or a 19 JSString* that is backed by an atom string. The VM runtime ensures that we'll 20 never try to cache an identifier from a JSCell that is not one of these. This 21 CacheableIdentifier can be destructed from the compiler or GC thread. Since it 22 doesn't hold a ref of the underlying UniquedStringImpl, it won't try to deref 23 it on destruction. 24 25 Instead, we'll need to visit CacheableIdentifiers during GC scans to keep the 26 JSCell in it alive, and that JSCell will, in turn, keep the underlying 27 UniquedStringImpl alive. 28 29 This patch also does the following: 30 31 1. Add a visitAggregate() method to StructureStubInfo, PolymorphicAccess, and 32 AccessCase to visit the CacheableIdentifier's JSCell identifier. This 33 visitAggregate() is called from CodeBlock::stronglyVisitStrongReferences(). 34 35 When we write barrier a CodeBlock, it guarantees that its visitAggregate() 36 methods is called. However, it does not guarantee that its propagateTransitions() 37 method will be called. Since the CacheableIdentifier's reference to a cell 38 should be a strong reference, visiting it via a StructureStubInfo::visitAggregate() 39 method is the right thing to do. 40 See https://bugs.webkit.org/show_bug.cgi?id=205544#c7 for an example of why 41 propagateTransitions() doesn't always do the job. 42 43 StructureStubInfo::visitWeakReferences() is also inappropriate for this 44 because it is only called after all marking is done. It is also not meant 45 to keep cells alive but merely for clearing weak references to dead cells. 46 47 2. Also add to visitAggregate() for ModuleNamespaceData's m_identifier in 48 GetByStatus::markIfCheap(). 49 50 3. Remove previously applied keep alive tactics to work around Box<Identifier> 51 destruction. This also retores the allowance to destruct DFG::Plans on a 52 compiler thread. 53 54 4. Added a JSString:getValueImpl() helper. 55 56 5. Added a write barrier in DFG and FTL JITFinalizer's finalizeCommon() to ensure 57 that frozen values are scanned by the GC. 58 59 During compilation, the frozen values were previously protected by the Plan. 60 After finalization, they should be protected by the CodeBlock. Hence, we 61 should barrier the CodeBlock since the last GC scan of the CodeBlock may have 62 happened before the frozen values were registered with the CodeBlock. 63 64 GC considerations: 65 ================== 66 The following also addresses Yusuke's concerns in https://bugs.webkit.org/show_bug.cgi?id=205544#c10. 67 68 CacheableIdentifier is only stored as fields in 4 classes/structs: 69 70 1. AccessCase::m_identifier 71 2. GetByIdVariant::m_identifier 72 3. ModuleNamespaceData::m_identifier 73 4. StructureStubInfo::m_getByIdSelfIdentifier 74 75 AccessCase::m_identifier 76 ======================== 77 While the access case is being created and added in tryCacheGetBy(), the 78 CacheableIdentifier is still on the stack and protected from the GC. At the 79 bottom of tryCacheGetBy(), StructureStubInfo::addAccessCase() is called to add 80 the access case. 81 82 StructureStubInfo::addAccessCase() will barrier the owner CodeBlock at its end, 83 and CodeBlock::stronglyVisitStrongReferences() will visit the StructureStubInfo, 84 which in turn visits the AccessCase. StructureStubInfo::visitAggregate() has 85 been added for this purpose. 86 87 GetByIdVariant::m_identifier 88 ============================ 89 GetByIdVariant is only stored in GetByStatus. Both GetByIdVariant and GetByStatus 90 are only created and handled in the DFG/FTL compiler threads. While the compiler 91 thread is working with them, they are safe from the GC because the GC won't collect 92 objects until the compiler thread is at a SafePoint. 93 94 At compiler SafePoints, any GetByStatus that needs to be persisted is stored in 95 DFG::Plan::m_recordedStatuses. The Plan will visit the m_recordedStatuses in 96 Plan::checkLivenessAndVisitChildren(). 97 98 At the end of compilation, Plan::m_recordedStatuses is transferred over to the owner 99 CodeBlock's DFG::CommonData in Plan::finalizeWithoutNotifyingCallback(). 100 Plan::finalizeWithoutNotifyingCallback() will also barrier the owner CodeBlock at 101 its end. 102 103 Thereafter, CodeBlock::stronglyVisitStrongReferences() will visit the recordedStatuses. 104 105 ModuleNamespaceData::m_identifier 106 ================================= 107 ModuleNamespaceData is only stored in a GetByStatus, and is therefore protected 108 similarly as the GetByIdVariant::m_identifier case above. 109 110 StructureStubInfo::m_getByIdSelfIdentifier 111 ========================================== 112 StructureStubInfo::initGetByIdSelf() is called from inside tryCacheGetBy(). 113 StructureStubInfo::initGetByIdSelf() will barrier the owner CodeBlock. The 114 CacheableIdentifier here is protected in the same way as the AccessCase::m_identifier 115 case above. 116 117 DesiredIdentifiers 118 ================== 119 The compiler thread may also stash a CacheableIdentifier's uid in its 120 DesiredIdentifiers. Normally, the identifiers stashed in DesiredIdentifiers are 121 from identifiers that the CodeBlock already knows abut and manages (e.g. from 122 GetByIds). For uids from a cell-based CacheableIdentifier variable is passed to 123 a GetByVal, we need kep the cell alive in order to keep the uid alive. This is 124 achieved by freezing the cell with freezeStrong() in the op_get_by_val case in 125 the DFG BytecodeParser. 126 127 Reseting a StructureStubInfo while its IC code is still executing on the stack 128 ============================================================================== 129 The concern is that IC code may call slow path / getter functions that may in turn: 130 131 1. reset the IC, and 132 2. run the GC. 133 134 This can be a problem if: 135 136 1. there is a scenario where we return from the slow path / getter function 137 and run IC code that uses the cell / uid from the CacheableIdentifier. 138 139 This is because the StructureStubInfo is what visits the that cell, which 140 in turn its uid alive. Once the StructureStubInfo is reset, it will no 141 longer be associated with any AccessCase or the m_getByIdSelfIdentifier. 142 As such they will not be visited, and the CacheableIdentifier may be collected 143 by the GC. 144 145 In practice, the generated IC code never uses the cell / uid after it calls 146 any slow path / getter function. I've verified this by auditing the code 147 generation in InlineAccess::generateSelfInAccess() and PolymorphicAccess::regenerate(). 148 Hence, there's no issue with using a collected cell / uid. 149 150 2. there is a scenario where a slow path / getter function makes use of the cell / uid 151 from the CacheableIdentifier but does not protect it. 152 153 The only 2 slow path functions: 154 operationGetByValGeneric() 155 operationGetByValOptimize() 156 157 operationGetByValGeneric() does not use any CacheableIdentifier from the StructureStubInfo. 158 159 operationGetByValOptimize() modifies the StructureStubInfo in tryCacheGetBy() 160 under the protection of a GCSafeConcurrentJSLocker, and can reset the 161 StructureStubInfo. However, it does not use any CacheableIdentifier after 162 that. 163 164 Hence, there's also no GC issue here. 165 166 * CMakeLists.txt: 167 * JavaScriptCore.xcodeproj/project.pbxproj: 168 * Sources.txt: 169 * bytecode/AccessCase.cpp: 170 (JSC::AccessCase::AccessCase): 171 (JSC::AccessCase::create): 172 (JSC::AccessCase::fromStructureStubInfo): 173 (JSC::AccessCase::commit): 174 (JSC::AccessCase::canReplace const): 175 (JSC::AccessCase::dump const): 176 (JSC::AccessCase::visitAggregate const): 177 (JSC::AccessCase::generateWithGuard): 178 (JSC::AccessCase::generateImpl): 179 * bytecode/AccessCase.h: 180 (JSC::AccessCase::uid const): 181 (JSC::AccessCase::identifier const): 182 * bytecode/CodeBlock.cpp: 183 (JSC::CodeBlock::propagateTransitions): 184 (JSC::CodeBlock::stronglyVisitStrongReferences): 185 * bytecode/GetByIdVariant.cpp: 186 (JSC::GetByIdVariant::GetByIdVariant): 187 (JSC::GetByIdVariant::attemptToMerge): 188 (JSC::GetByIdVariant::visitAggregate): 189 (JSC::GetByIdVariant::dumpInContext const): 190 * bytecode/GetByIdVariant.h: 191 (JSC::GetByIdVariant::identifier const): 192 (JSC::GetByIdVariant::overlaps): 193 * bytecode/GetByStatus.cpp: 194 (JSC::GetByStatus::computeFromLLInt): 195 (JSC::GetByStatus::computeFor): 196 (JSC::GetByStatus::computeForStubInfoWithoutExitSiteFeedback): 197 (JSC::GetByStatus::visitAggregate): 198 (JSC::GetByStatus::singleIdentifier const): 199 * bytecode/GetByStatus.h: 200 * bytecode/GetterSetterAccessCase.cpp: 201 (JSC::GetterSetterAccessCase::GetterSetterAccessCase): 202 (JSC::GetterSetterAccessCase::create): 203 * bytecode/GetterSetterAccessCase.h: 204 * bytecode/InstanceOfAccessCase.cpp: 205 (JSC::InstanceOfAccessCase::InstanceOfAccessCase): 206 * bytecode/IntrinsicGetterAccessCase.cpp: 207 (JSC::IntrinsicGetterAccessCase::IntrinsicGetterAccessCase): 208 (JSC::IntrinsicGetterAccessCase::create): 209 * bytecode/IntrinsicGetterAccessCase.h: 210 * bytecode/ModuleNamespaceAccessCase.cpp: 211 (JSC::ModuleNamespaceAccessCase::ModuleNamespaceAccessCase): 212 (JSC::ModuleNamespaceAccessCase::create): 213 * bytecode/ModuleNamespaceAccessCase.h: 214 * bytecode/PolymorphicAccess.cpp: 215 (JSC::PolymorphicAccess::visitAggregate): 216 (JSC::PolymorphicAccess::regenerate): 217 * bytecode/PolymorphicAccess.h: 218 * bytecode/ProxyableAccessCase.cpp: 219 (JSC::ProxyableAccessCase::ProxyableAccessCase): 220 (JSC::ProxyableAccessCase::create): 221 * bytecode/ProxyableAccessCase.h: 222 * bytecode/RecordedStatuses.cpp: 223 (JSC::RecordedStatuses::visitAggregate): 224 * bytecode/RecordedStatuses.h: 225 * bytecode/StructureStubInfo.cpp: 226 (JSC::StructureStubInfo::initGetByIdSelf): 227 (JSC::StructureStubInfo::addAccessCase): 228 (JSC::StructureStubInfo::visitAggregate): 229 * bytecode/StructureStubInfo.h: 230 (JSC::StructureStubInfo::getByIdSelfIdentifier): 231 * dfg/DFGByteCodeParser.cpp: 232 (JSC::DFG::ByteCodeParser::parseGetById): 233 (JSC::DFG::ByteCodeParser::parseBlock): 234 * dfg/DFGDesiredIdentifiers.cpp: 235 (JSC::DFG::DesiredIdentifiers::ensure): 236 (JSC::DFG::DesiredIdentifiers::at const): 237 (JSC::DFG::DesiredIdentifiers::reallyAdd): 238 (JSC::DFG::DesiredIdentifiers::processCodeBlockIdentifiersIfNeeded): Deleted. 239 * dfg/DFGDesiredIdentifiers.h: 240 * dfg/DFGJITFinalizer.cpp: 241 (JSC::DFG::JITFinalizer::finalizeCommon): 242 * dfg/DFGPlan.cpp: 243 (JSC::DFG::Plan::~Plan): 244 (JSC::DFG::Plan::checkLivenessAndVisitChildren): 245 (JSC::DFG::Plan::cancel): 246 * dfg/DFGPlan.h: 247 (JSC::DFG::Plan::keepAliveIdentifier): Deleted. 248 * dfg/DFGWorklist.cpp: 249 (JSC::DFG::Worklist::removeAllReadyPlansForVM): 250 (JSC::DFG::Worklist::removeDeadPlans): 251 (JSC::DFG::Worklist::removeNonCompilingPlansForVM): 252 (JSC::DFG::Worklist::deleteCancelledPlansForVM): Deleted. 253 * dfg/DFGWorklist.h: 254 * ftl/FTLJITFinalizer.cpp: 255 (JSC::FTL::JITFinalizer::finalizeCommon): 256 * jit/JITOperations.cpp: 257 * jit/Repatch.cpp: 258 (JSC::tryCacheGetBy): 259 (JSC::repatchGetBy): 260 (JSC::tryCacheArrayGetByVal): 261 (JSC::tryCacheInstanceOf): 262 * jit/Repatch.h: 263 * runtime/CacheableIdentifier.cpp: Added. 264 (JSC::CacheableIdentifier::dump const): 265 * runtime/CacheableIdentifier.h: Added. 266 (JSC::CacheableIdentifier::CacheableIdentifier): 267 (JSC::CacheableIdentifier::isUid const): 268 (JSC::CacheableIdentifier::isCell const): 269 (JSC::CacheableIdentifier::isSymbol const): 270 (JSC::CacheableIdentifier::operator bool const): 271 * runtime/CacheableIdentifierInlines.h: Added. 272 (JSC::CacheableIdentifier::CacheableIdentifier): 273 (JSC::CacheableIdentifier::cell const): 274 (JSC::CacheableIdentifier::uid const): 275 (JSC::CacheableIdentifier::isCacheableIdentifierCell): 276 (JSC::CacheableIdentifier::isSymbolCell const): 277 (JSC::CacheableIdentifier::isStringCell const): 278 (JSC::CacheableIdentifier::setCellBits): 279 (JSC::CacheableIdentifier::setUidBits): 280 (JSC::CacheableIdentifier::visitAggregate const): 281 (JSC::CacheableIdentifier::operator== const): 282 (JSC::CacheableIdentifier::operator!= const): 283 * runtime/ExceptionHelpers.cpp: 284 (JSC::functionCallBase): 285 * runtime/JSString.h: 286 (JSC::JSString::getValueImpl const): 287 * runtime/VM.cpp: 288 (JSC::VM::ensureWatchpointSetForImpureProperty): 289 (JSC::VM::addImpureProperty): 290 (JSC::VM::registerWatchpointForImpureProperty): Deleted. 291 * runtime/VM.h: 292 1 293 2020-01-13 Yusuke Suzuki <ysuzuki@apple.com> 2 294 -
trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
r254447 r254464 1915 1915 FE7C41961B97FC4B00F4D598 /* PingPongStackOverflowTest.cpp in Sources */ = {isa = PBXBuildFile; fileRef = FEDA50D41B97F442009A3B4F /* PingPongStackOverflowTest.cpp */; }; 1916 1916 FE80C1971D775CDD008510C0 /* CatchScope.h in Headers */ = {isa = PBXBuildFile; fileRef = FE80C1961D775B27008510C0 /* CatchScope.h */; settings = {ATTRIBUTES = (Private, ); }; }; 1917 FE8DE54B23AC1DAD005C9142 /* CacheableIdentifier.h in Headers */ = {isa = PBXBuildFile; fileRef = FE8DE54A23AC1DAD005C9142 /* CacheableIdentifier.h */; }; 1918 FE8DE54D23AC1E86005C9142 /* CacheableIdentifierInlines.h in Headers */ = {isa = PBXBuildFile; fileRef = FE8DE54C23AC1E86005C9142 /* CacheableIdentifierInlines.h */; }; 1917 1919 FE99B2491C24C3D300C82159 /* JITNegGenerator.h in Headers */ = {isa = PBXBuildFile; fileRef = FE99B2481C24B6D300C82159 /* JITNegGenerator.h */; }; 1918 1920 FEA08620182B7A0400F6D851 /* Breakpoint.h in Headers */ = {isa = PBXBuildFile; fileRef = FEA0861E182B7A0400F6D851 /* Breakpoint.h */; settings = {ATTRIBUTES = (Private, ); }; }; … … 5170 5172 FE80C1981D775FB4008510C0 /* CatchScope.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CatchScope.cpp; sourceTree = "<group>"; }; 5171 5173 FE80C19A1D7768FD008510C0 /* ExceptionEventLocation.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ExceptionEventLocation.cpp; sourceTree = "<group>"; }; 5174 FE8DE54A23AC1DAD005C9142 /* CacheableIdentifier.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CacheableIdentifier.h; sourceTree = "<group>"; }; 5175 FE8DE54C23AC1E86005C9142 /* CacheableIdentifierInlines.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CacheableIdentifierInlines.h; sourceTree = "<group>"; }; 5176 FE8DE54E23AC3A8E005C9142 /* CacheableIdentifier.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = CacheableIdentifier.cpp; sourceTree = "<group>"; }; 5172 5177 FE90BB3A1B7CF64E006B3F03 /* VMInlines.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = VMInlines.h; sourceTree = "<group>"; }; 5173 5178 FE98B5B61BB9AE110073E7A6 /* JITSubGenerator.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JITSubGenerator.h; sourceTree = "<group>"; }; … … 7009 7014 1435952022A521CA00E8086D /* BytecodeCacheError.cpp */, 7010 7015 1435951F22A521CA00E8086D /* BytecodeCacheError.h */, 7016 FE8DE54E23AC3A8E005C9142 /* CacheableIdentifier.cpp */, 7017 FE8DE54A23AC1DAD005C9142 /* CacheableIdentifier.h */, 7018 FE8DE54C23AC1E86005C9142 /* CacheableIdentifierInlines.h */, 7011 7019 148B1419225DD1E900D6E998 /* CachedBytecode.cpp */, 7012 7020 144CA34F221F037900817789 /* CachedBytecode.h */, … … 8865 8873 0F40E4A71C497F7400A577FA /* AirOpcode.h in Headers */, 8866 8874 0F40E4A81C497F7400A577FA /* AirOpcodeGenerated.h in Headers */, 8875 FE8DE54B23AC1DAD005C9142 /* CacheableIdentifier.h in Headers */, 8867 8876 0F40E4A91C497F7400A577FA /* AirOpcodeUtils.h in Headers */, 8868 8877 0FB387901BFBC44D00E3AB1E /* AirOptimizeBlockOrder.h in Headers */, … … 10258 10267 FE5932A8183C5A2600A1ECCC /* VMEntryScope.h in Headers */, 10259 10268 0F5AE2C41DF4F2800066EFE1 /* VMInlines.h in Headers */, 10269 FE8DE54D23AC1E86005C9142 /* CacheableIdentifierInlines.h in Headers */, 10260 10270 FE3022D71E42857300BAC493 /* VMInspector.h in Headers */, 10261 10271 FEC5797323105B5100BCA83F /* VMInspectorInlines.h in Headers */, -
trunk/Source/JavaScriptCore/Sources.txt
r254447 r254464 730 730 runtime/CachePayload.cpp 731 731 runtime/CacheUpdate.cpp 732 runtime/CacheableIdentifier.cpp 732 733 runtime/CachedBytecode.cpp 733 734 runtime/CachedTypes.cpp -
trunk/Source/JavaScriptCore/bytecode/AccessCase.cpp
r254087 r254464 1 1 /* 2 * Copyright (C) 2017-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2017-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 30 30 31 31 #include "CCallHelpers.h" 32 #include "CacheableIdentifierInlines.h" 32 33 #include "CallLinkInfo.h" 33 34 #include "DOMJITGetterSetter.h" … … 57 58 DEFINE_ALLOCATOR_WITH_HEAP_IDENTIFIER(AccessCase); 58 59 59 AccessCase::AccessCase(VM& vm, JSCell* owner, AccessType type, const Identifier&identifier, PropertyOffset offset, Structure* structure, const ObjectPropertyConditionSet& conditionSet, std::unique_ptr<PolyProtoAccessChain> prototypeAccessChain)60 AccessCase::AccessCase(VM& vm, JSCell* owner, AccessType type, CacheableIdentifier identifier, PropertyOffset offset, Structure* structure, const ObjectPropertyConditionSet& conditionSet, std::unique_ptr<PolyProtoAccessChain> prototypeAccessChain) 60 61 : m_type(type) 61 62 , m_offset(offset) 62 63 , m_polyProtoAccessChain(WTFMove(prototypeAccessChain)) 63 , m_identifier( Box<Identifier>::create(identifier))64 , m_identifier(identifier) 64 65 { 65 66 m_structure.setMayBeNull(vm, owner, structure); … … 68 69 } 69 70 70 std::unique_ptr<AccessCase> AccessCase::create(VM& vm, JSCell* owner, AccessType type, const Identifier&identifier, PropertyOffset offset, Structure* structure, const ObjectPropertyConditionSet& conditionSet, std::unique_ptr<PolyProtoAccessChain> prototypeAccessChain)71 std::unique_ptr<AccessCase> AccessCase::create(VM& vm, JSCell* owner, AccessType type, CacheableIdentifier identifier, PropertyOffset offset, Structure* structure, const ObjectPropertyConditionSet& conditionSet, std::unique_ptr<PolyProtoAccessChain> prototypeAccessChain) 71 72 { 72 73 switch (type) { … … 107 108 108 109 std::unique_ptr<AccessCase> AccessCase::create( 109 VM& vm, JSCell* owner, const Identifier&identifier, PropertyOffset offset, Structure* oldStructure, Structure* newStructure,110 VM& vm, JSCell* owner, CacheableIdentifier identifier, PropertyOffset offset, Structure* oldStructure, Structure* newStructure, 110 111 const ObjectPropertyConditionSet& conditionSet, std::unique_ptr<PolyProtoAccessChain> prototypeAccessChain) 111 112 { … … 128 129 129 130 std::unique_ptr<AccessCase> AccessCase::fromStructureStubInfo( 130 VM& vm, JSCell* owner, const Identifier&identifier, StructureStubInfo& stubInfo)131 VM& vm, JSCell* owner, CacheableIdentifier identifier, StructureStubInfo& stubInfo) 131 132 { 132 133 switch (stubInfo.cacheType()) { … … 137 138 case CacheType::PutByIdReplace: 138 139 RELEASE_ASSERT(stubInfo.hasConstantIdentifier); 140 ASSERT(!identifier.isCell()); 139 141 return AccessCase::create(vm, owner, Replace, identifier, stubInfo.u.byIdSelf.offset, stubInfo.u.byIdSelf.baseObjectStructure.get()); 140 142 141 143 case CacheType::InByIdSelf: 142 144 RELEASE_ASSERT(stubInfo.hasConstantIdentifier); 145 ASSERT(!identifier.isCell()); 143 146 return AccessCase::create(vm, owner, InHit, identifier, stubInfo.u.byIdSelf.offset, stubInfo.u.byIdSelf.baseObjectStructure.get()); 144 147 145 148 case CacheType::ArrayLength: 146 149 RELEASE_ASSERT(stubInfo.hasConstantIdentifier); 150 ASSERT(!identifier.isCell()); 147 151 return AccessCase::create(vm, owner, AccessCase::ArrayLength, identifier); 148 152 149 153 case CacheType::StringLength: 150 154 RELEASE_ASSERT(stubInfo.hasConstantIdentifier); 155 ASSERT(!identifier.isCell()); 151 156 return AccessCase::create(vm, owner, AccessCase::StringLength, identifier); 152 157 … … 183 188 Structure* structure = this->structure(); 184 189 185 if ( !m_identifier->isNull()) {190 if (m_identifier) { 186 191 if ((structure && structure->needImpurePropertyWatchpoint()) 187 192 || m_conditionSet.needImpurePropertyWatchpoint() 188 193 || (m_polyProtoAccessChain && m_polyProtoAccessChain->needImpurePropertyWatchpoint())) 189 result.append(vm.ensureWatchpointSetForImpureProperty( *m_identifier));194 result.append(vm.ensureWatchpointSetForImpureProperty(m_identifier.uid())); 190 195 } 191 196 … … 553 558 // A->canReplace(B) == B->canReplace(A). 554 559 555 if ( *m_identifier != *other.m_identifier)560 if (m_identifier != other.m_identifier) 556 561 return false; 557 562 … … 651 656 out.print(comma, m_state); 652 657 653 out.print(comma, "ident = '", *m_identifier, "'");658 out.print(comma, "ident = '", m_identifier, "'"); 654 659 if (isValidOffset(m_offset)) 655 660 out.print(comma, "offset = ", m_offset); … … 713 718 } 714 719 720 void AccessCase::visitAggregate(SlotVisitor& visitor) const 721 { 722 m_identifier.visitAggregate(visitor); 723 } 724 715 725 void AccessCase::generateWithGuard( 716 726 AccessGenerationState& state, CCallHelpers::JumpList& fallThrough) … … 731 741 732 742 if (requiresIdentifierNameMatch() && !stubInfo.hasConstantIdentifier) { 733 RELEASE_ASSERT( !m_identifier->isNull());743 RELEASE_ASSERT(m_identifier); 734 744 GPRReg propertyGPR = state.u.propertyGPR; 735 745 // non-rope string check done inside polymorphic access. … … 1669 1679 // https://bugs.webkit.org/show_bug.cgi?id=203204 1670 1680 if (m_type == CustomValueGetter || m_type == CustomAccessorGetter) { 1671 RELEASE_ASSERT( !m_identifier->isNull());1681 RELEASE_ASSERT(m_identifier); 1672 1682 jit.setupArguments<PropertySlot::GetValueFunc>( 1673 1683 CCallHelpers::TrustedImmPtr(codeBlock->globalObject()), -
trunk/Source/JavaScriptCore/bytecode/AccessCase.h
r254087 r254464 1 1 /* 2 * Copyright (C) 2017-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2017-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 28 28 #if ENABLE(JIT) 29 29 30 #include "CacheableIdentifier.h" 30 31 #include "JSFunctionInlines.h" 31 32 #include "ObjectPropertyConditionSet.h" 32 33 #include "PolyProtoAccessChain.h" 33 #include <wtf/Box.h>34 34 #include <wtf/CommaPrinter.h> 35 35 … … 143 143 } 144 144 145 static std::unique_ptr<AccessCase> create(VM&, JSCell* owner, AccessType, const Identifier&, PropertyOffset = invalidOffset,145 static std::unique_ptr<AccessCase> create(VM&, JSCell* owner, AccessType, CacheableIdentifier, PropertyOffset = invalidOffset, 146 146 Structure* = nullptr, const ObjectPropertyConditionSet& = ObjectPropertyConditionSet(), std::unique_ptr<PolyProtoAccessChain> = nullptr); 147 147 148 148 // This create method should be used for transitions. 149 static std::unique_ptr<AccessCase> create(VM&, JSCell* owner, const Identifier&, PropertyOffset, Structure* oldStructure,149 static std::unique_ptr<AccessCase> create(VM&, JSCell* owner, CacheableIdentifier, PropertyOffset, Structure* oldStructure, 150 150 Structure* newStructure, const ObjectPropertyConditionSet&, std::unique_ptr<PolyProtoAccessChain>); 151 151 152 static std::unique_ptr<AccessCase> fromStructureStubInfo(VM&, JSCell* owner, const Identifier&, StructureStubInfo&);152 static std::unique_ptr<AccessCase> fromStructureStubInfo(VM&, JSCell* owner, CacheableIdentifier, StructureStubInfo&); 153 153 154 154 AccessType type() const { return m_type; } … … 236 236 static TypedArrayType toTypedArrayType(AccessType); 237 237 238 UniquedStringImpl* uid() const { return m_identifier->impl(); } 239 Box<Identifier> identifier() const { return m_identifier; } 240 238 UniquedStringImpl* uid() const { return m_identifier.uid(); } 239 CacheableIdentifier identifier() const { return m_identifier; } 241 240 242 241 #if ASSERT_ENABLED … … 247 246 248 247 protected: 249 AccessCase(VM&, JSCell* owner, AccessType, const Identifier&, PropertyOffset, Structure*, const ObjectPropertyConditionSet&, std::unique_ptr<PolyProtoAccessChain>);248 AccessCase(VM&, JSCell* owner, AccessType, CacheableIdentifier, PropertyOffset, Structure*, const ObjectPropertyConditionSet&, std::unique_ptr<PolyProtoAccessChain>); 250 249 AccessCase(AccessCase&&) = default; 251 250 AccessCase(const AccessCase& other) … … 272 271 void forEachDependentCell(const Functor&) const; 273 272 273 void visitAggregate(SlotVisitor&) const; 274 274 bool visitWeak(VM&) const; 275 275 bool propagateTransitions(SlotVisitor&) const; … … 314 314 std::unique_ptr<PolyProtoAccessChain> m_polyProtoAccessChain; 315 315 316 Box<Identifier> m_identifier; // We use this indirection so the concurrent compiler can concurrently ref this Box.316 CacheableIdentifier m_identifier; 317 317 }; 318 318 -
trunk/Source/JavaScriptCore/bytecode/CodeBlock.cpp
r254087 r254464 1 1 /* 2 * Copyright (C) 2008-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2008-2020 Apple Inc. All rights reserved. 3 3 * Copyright (C) 2008 Cameron Zwarich <cwzwarich@uwaterloo.ca> 4 4 * … … 1102 1102 void CodeBlock::propagateTransitions(const ConcurrentJSLocker&, SlotVisitor& visitor) 1103 1103 { 1104 UNUSED_PARAM(visitor);1105 1106 1104 VM& vm = *m_vm; 1107 1105 … … 1654 1652 for (ByValInfo* byValInfo : jitData->m_byValInfos) 1655 1653 visitor.append(byValInfo->cachedSymbol); 1654 for (StructureStubInfo* stubInfo : jitData->m_stubInfos) 1655 stubInfo->visitAggregate(visitor); 1656 1656 } 1657 1657 #endif 1658 1658 1659 1659 #if ENABLE(DFG_JIT) 1660 if (JITCode::isOptimizingJIT(jitType())) 1660 if (JITCode::isOptimizingJIT(jitType())) { 1661 DFG::CommonData* dfgCommon = m_jitCode->dfgCommon(); 1662 dfgCommon->recordedStatuses.visitAggregate(visitor); 1661 1663 visitOSRExitTargets(locker, visitor); 1664 } 1662 1665 #endif 1663 1666 } -
trunk/Source/JavaScriptCore/bytecode/GetByIdVariant.cpp
r253298 r254464 1 1 /* 2 * Copyright (C) 2014-20 18Apple Inc. All rights reserved.2 * Copyright (C) 2014-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 27 27 #include "GetByIdVariant.h" 28 28 29 #include "CacheableIdentifierInlines.h" 29 30 #include "CallLinkStatus.h" 30 31 #include "JSCInlines.h" … … 34 35 35 36 GetByIdVariant::GetByIdVariant( 36 Box<Identifier>identifier,37 CacheableIdentifier identifier, 37 38 const StructureSet& structureSet, PropertyOffset offset, 38 39 const ObjectPropertyConditionSet& conditionSet, … … 111 112 return false; 112 113 113 if (m_identifier && ( *m_identifier != *other.m_identifier))114 if (m_identifier && (m_identifier != other.m_identifier)) 114 115 return false; 115 116 … … 157 158 } 158 159 160 void GetByIdVariant::visitAggregate(SlotVisitor& visitor) 161 { 162 m_identifier.visitAggregate(visitor); 163 } 164 159 165 void GetByIdVariant::markIfCheap(SlotVisitor& visitor) 160 166 { … … 183 189 { 184 190 out.print("<"); 185 out.print("id='", m_identifier ? m_identifier->impl() : StringImpl::empty(), "', ");191 out.print("id='", m_identifier, "', "); 186 192 if (!isSet()) { 187 193 out.print("empty>"); -
trunk/Source/JavaScriptCore/bytecode/GetByIdVariant.h
r252763 r254464 1 1 /* 2 * Copyright (C) 2014-20 18Apple Inc. All rights reserved.2 * Copyright (C) 2014-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 26 26 #pragma once 27 27 28 #include "CacheableIdentifier.h" 28 29 #include "CallLinkStatus.h" 29 30 #include "ObjectPropertyConditionSet.h" … … 45 46 public: 46 47 GetByIdVariant( 47 Box<Identifier>,48 CacheableIdentifier, 48 49 const StructureSet& structureSet = StructureSet(), PropertyOffset offset = invalidOffset, 49 50 const ObjectPropertyConditionSet& = ObjectPropertyConditionSet(), … … 77 78 bool attemptToMerge(const GetByIdVariant& other); 78 79 80 void visitAggregate(SlotVisitor&); 79 81 void markIfCheap(SlotVisitor&); 80 82 bool finalize(VM&); … … 83 85 void dumpInContext(PrintStream&, DumpContext*) const; 84 86 85 Box<Identifier>identifier() const { return m_identifier; }87 CacheableIdentifier identifier() const { return m_identifier; } 86 88 87 89 bool overlaps(const GetByIdVariant& other) … … 90 92 return true; 91 93 if (m_identifier) { 92 if (m_identifier ->impl() != other.m_identifier->impl())94 if (m_identifier != other.m_identifier) 93 95 return false; 94 96 } … … 108 110 FunctionPtr<OperationPtrTag> m_customAccessorGetter; 109 111 std::unique_ptr<DOMAttributeAnnotation> m_domAttribute; 110 Box<Identifier> m_identifier; // We use this indirection to allow ref/deref in the concurrent compiler.112 CacheableIdentifier m_identifier; 111 113 }; 112 114 -
trunk/Source/JavaScriptCore/bytecode/GetByStatus.cpp
r253257 r254464 1 1 /* 2 * Copyright (C) 2012-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2012-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 28 28 29 29 #include "BytecodeStructs.h" 30 #include "CacheableIdentifierInlines.h" 30 31 #include "CodeBlock.h" 31 32 #include "ComplexGetStatus.h" … … 53 54 } 54 55 55 GetByStatus GetByStatus::computeFromLLInt(CodeBlock* profiledBlock, BytecodeIndex bytecodeIndex , TrackIdentifiers trackIdentifiers)56 GetByStatus GetByStatus::computeFromLLInt(CodeBlock* profiledBlock, BytecodeIndex bytecodeIndex) 56 57 { 57 58 VM& vm = profiledBlock->vm(); … … 92 93 } 93 94 94 ASSERT_UNUSED(trackIdentifiers, trackIdentifiers == TrackIdentifiers::No); // We could make this work in the future, but nobody needs it right now.95 96 95 if (!structureID) 97 96 return GetByStatus(NoInformation, false); … … 114 113 } 115 114 116 GetByStatus GetByStatus::computeFor(CodeBlock* profiledBlock, ICStatusMap& map, BytecodeIndex bytecodeIndex, ExitFlag didExit, CallLinkStatus::ExitSiteData callExitSiteData , TrackIdentifiers trackIdentifiers, IdentifierKeepAlive& keepAlive)115 GetByStatus GetByStatus::computeFor(CodeBlock* profiledBlock, ICStatusMap& map, BytecodeIndex bytecodeIndex, ExitFlag didExit, CallLinkStatus::ExitSiteData callExitSiteData) 117 116 { 118 117 ConcurrentJSLocker locker(profiledBlock->m_lock); … … 122 121 #if ENABLE(DFG_JIT) 123 122 result = computeForStubInfoWithoutExitSiteFeedback( 124 locker, profiledBlock, map.get(CodeOrigin(bytecodeIndex)).stubInfo, callExitSiteData , trackIdentifiers, keepAlive);123 locker, profiledBlock, map.get(CodeOrigin(bytecodeIndex)).stubInfo, callExitSiteData); 125 124 126 125 if (didExit) … … 130 129 UNUSED_PARAM(didExit); 131 130 UNUSED_PARAM(callExitSiteData); 132 UNUSED_PARAM(keepAlive);133 131 #endif 134 132 135 133 if (!result) 136 return computeFromLLInt(profiledBlock, bytecodeIndex , trackIdentifiers);134 return computeFromLLInt(profiledBlock, bytecodeIndex); 137 135 138 136 return result; … … 169 167 170 168 GetByStatus GetByStatus::computeForStubInfoWithoutExitSiteFeedback( 171 const ConcurrentJSLocker& locker, CodeBlock* profiledBlock, StructureStubInfo* stubInfo, CallLinkStatus::ExitSiteData callExitSiteData , TrackIdentifiers trackIdentifiers, IdentifierKeepAlive& keepAlive)169 const ConcurrentJSLocker& locker, CodeBlock* profiledBlock, StructureStubInfo* stubInfo, CallLinkStatus::ExitSiteData callExitSiteData) 172 170 { 173 171 StubInfoSummary summary = StructureStubInfo::summary(stubInfo); … … 187 185 if (structure->takesSlowPathInDFGForImpureProperty()) 188 186 return GetByStatus(JSC::slowVersion(summary), *stubInfo); 189 Box<Identifier> identifier = stubInfo->getByIdSelfIdentifier(); 190 keepAlive(identifier); 191 UniquedStringImpl* uid = identifier->impl(); 187 CacheableIdentifier identifier = stubInfo->getByIdSelfIdentifier(); 188 UniquedStringImpl* uid = identifier.uid(); 192 189 RELEASE_ASSERT(uid); 193 if (trackIdentifiers == TrackIdentifiers::No)194 identifier = nullptr;195 190 GetByIdVariant variant(WTFMove(identifier)); 196 191 unsigned attributes; … … 213 208 switch (access.type()) { 214 209 case AccessCase::ModuleNamespaceLoad: 215 keepAlive(access.identifier());216 210 return GetByStatus(access.as<ModuleNamespaceAccessCase>()); 217 211 default: … … 297 291 298 292 ASSERT((AccessCase::Miss == access.type() || access.isCustom()) == (access.offset() == invalidOffset)); 299 Box<Identifier> identifier; 300 if (trackIdentifiers == TrackIdentifiers::Yes) { 301 identifier = access.identifier(); 302 keepAlive(identifier); 303 } 304 GetByIdVariant variant(identifier, StructureSet(structure), complexGetStatus.offset(), 293 GetByIdVariant variant(access.identifier(), StructureSet(structure), complexGetStatus.offset(), 305 294 complexGetStatus.conditionSet(), WTFMove(callLinkStatus), 306 295 intrinsicFunction, … … 337 326 GetByStatus GetByStatus::computeFor( 338 327 CodeBlock* profiledBlock, ICStatusMap& baselineMap, 339 ICStatusContextStack& icContextStack, CodeOrigin codeOrigin , TrackIdentifiers trackIdentifiers, IdentifierKeepAlive& keepAlive)328 ICStatusContextStack& icContextStack, CodeOrigin codeOrigin) 340 329 { 341 330 BytecodeIndex bytecodeIndex = codeOrigin.bytecodeIndex(); … … 352 341 GetByStatus baselineResult = computeFor( 353 342 profiledBlock, baselineMap, bytecodeIndex, didExit, 354 callExitSiteData , trackIdentifiers, keepAlive);343 callExitSiteData); 355 344 baselineResult.merge(result); 356 345 return baselineResult; … … 366 355 ConcurrentJSLocker locker(context->optimizedCodeBlock->m_lock); 367 356 result = computeForStubInfoWithoutExitSiteFeedback( 368 locker, context->optimizedCodeBlock, status.stubInfo, callExitSiteData , trackIdentifiers, keepAlive);357 locker, context->optimizedCodeBlock, status.stubInfo, callExitSiteData); 369 358 } 370 359 if (result.isSet()) … … 376 365 } 377 366 378 return computeFor(profiledBlock, baselineMap, bytecodeIndex, didExit, callExitSiteData , trackIdentifiers, keepAlive);367 return computeFor(profiledBlock, baselineMap, bytecodeIndex, didExit, callExitSiteData); 379 368 } 380 369 … … 515 504 } 516 505 506 void GetByStatus::visitAggregate(SlotVisitor& visitor) 507 { 508 if (isModuleNamespace()) 509 m_moduleNamespaceData->m_identifier.visitAggregate(visitor); 510 for (GetByIdVariant& variant : m_variants) 511 variant.visitAggregate(visitor); 512 } 513 517 514 void GetByStatus::markIfCheap(SlotVisitor& visitor) 518 515 { … … 536 533 } 537 534 538 Box<Identifier> GetByStatus::singleIdentifier() const 539 { 540 if (isModuleNamespace()) { 541 Box<Identifier> result = m_moduleNamespaceData->m_identifier; 542 if (!result || result->isNull()) 543 return nullptr; 544 return result; 545 } 535 CacheableIdentifier GetByStatus::singleIdentifier() const 536 { 537 if (isModuleNamespace()) 538 return m_moduleNamespaceData->m_identifier; 546 539 547 540 if (m_variants.isEmpty()) 548 541 return nullptr; 549 542 550 Box<Identifier>result = m_variants.first().identifier();543 CacheableIdentifier result = m_variants.first().identifier(); 551 544 if (!result) 552 545 return nullptr; 553 if (result->isNull())554 return nullptr;555 546 for (size_t i = 1; i < m_variants.size(); ++i) { 556 Box<Identifier> uid= m_variants[i].identifier();557 if (! uid)547 CacheableIdentifier identifier = m_variants[i].identifier(); 548 if (!identifier) 558 549 return nullptr; 559 if ( *uid != *result)550 if (identifier != result) 560 551 return nullptr; 561 552 } -
trunk/Source/JavaScriptCore/bytecode/GetByStatus.h
r253969 r254464 1 1 /* 2 * Copyright (C) 2012-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2012-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 26 26 #pragma once 27 27 28 #include "CacheableIdentifier.h" 28 29 #include "CallLinkStatus.h" 29 30 #include "CodeOrigin.h" … … 67 68 }; 68 69 69 enum class TrackIdentifiers : uint8_t {70 No, // Used for get_by_id71 Yes, // Used for get_by_val72 };73 74 70 GetByStatus() 75 71 : m_state(NoInformation) … … 92 88 } 93 89 94 // If we use a Box<Identifier> in the compiler thread, we need to keep the 95 // Identifier alive and only deref it in the mutator thread later. This 96 // ensures that the compiler thread doesn't race against the mutator in 97 // adjusting the Identifier's refCount. 98 using IdentifierKeepAlive = std::function<void(Box<Identifier>)>; 99 100 static GetByStatus computeFor(CodeBlock* baselineBlock, ICStatusMap& baselineMap, ICStatusContextStack& dfgContextStack, CodeOrigin, TrackIdentifiers, IdentifierKeepAlive&); 90 static GetByStatus computeFor(CodeBlock* baselineBlock, ICStatusMap& baselineMap, ICStatusContextStack& dfgContextStack, CodeOrigin); 101 91 static GetByStatus computeFor(const StructureSet&, UniquedStringImpl*); 102 92 … … 129 119 ScopeOffset scopeOffset() const { return m_moduleNamespaceData->m_scopeOffset; } 130 120 121 void visitAggregate(SlotVisitor&); 131 122 void markIfCheap(SlotVisitor&); 132 123 bool finalize(VM&); // Return true if this gets to live. … … 136 127 void dump(PrintStream&) const; 137 128 138 Box<Identifier>singleIdentifier() const;129 CacheableIdentifier singleIdentifier() const; 139 130 140 131 private: … … 144 135 GetByStatus(const ModuleNamespaceAccessCase&); 145 136 static GetByStatus computeForStubInfoWithoutExitSiteFeedback( 146 const ConcurrentJSLocker&, CodeBlock* profiledBlock, StructureStubInfo*, CallLinkStatus::ExitSiteData , TrackIdentifiers, IdentifierKeepAlive&);137 const ConcurrentJSLocker&, CodeBlock* profiledBlock, StructureStubInfo*, CallLinkStatus::ExitSiteData); 147 138 #endif 148 static GetByStatus computeFromLLInt(CodeBlock*, BytecodeIndex , TrackIdentifiers);149 static GetByStatus computeFor(CodeBlock*, ICStatusMap&, BytecodeIndex, ExitFlag, CallLinkStatus::ExitSiteData , TrackIdentifiers, IdentifierKeepAlive&);139 static GetByStatus computeFromLLInt(CodeBlock*, BytecodeIndex); 140 static GetByStatus computeFor(CodeBlock*, ICStatusMap&, BytecodeIndex, ExitFlag, CallLinkStatus::ExitSiteData); 150 141 151 142 struct ModuleNamespaceData { … … 153 144 JSModuleEnvironment* m_moduleEnvironment { nullptr }; 154 145 ScopeOffset m_scopeOffset { }; 155 Box<Identifier>m_identifier;146 CacheableIdentifier m_identifier; 156 147 }; 157 148 -
trunk/Source/JavaScriptCore/bytecode/GetterSetterAccessCase.cpp
r253083 r254464 1 1 /* 2 * Copyright (C) 2017-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2017-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 43 43 } 44 44 45 GetterSetterAccessCase::GetterSetterAccessCase(VM& vm, JSCell* owner, AccessType accessType, const Identifier&identifier, PropertyOffset offset, Structure* structure, const ObjectPropertyConditionSet& conditionSet, bool viaProxy, WatchpointSet* additionalSet, JSObject* customSlotBase, std::unique_ptr<PolyProtoAccessChain> prototypeAccessChain)45 GetterSetterAccessCase::GetterSetterAccessCase(VM& vm, JSCell* owner, AccessType accessType, CacheableIdentifier identifier, PropertyOffset offset, Structure* structure, const ObjectPropertyConditionSet& conditionSet, bool viaProxy, WatchpointSet* additionalSet, JSObject* customSlotBase, std::unique_ptr<PolyProtoAccessChain> prototypeAccessChain) 46 46 : Base(vm, owner, accessType, identifier, offset, structure, conditionSet, viaProxy, additionalSet, WTFMove(prototypeAccessChain)) 47 47 { … … 49 49 } 50 50 51 52 51 std::unique_ptr<AccessCase> GetterSetterAccessCase::create( 53 VM& vm, JSCell* owner, AccessType type, const Identifier&identifier, PropertyOffset offset, Structure* structure, const ObjectPropertyConditionSet& conditionSet,52 VM& vm, JSCell* owner, AccessType type, CacheableIdentifier identifier, PropertyOffset offset, Structure* structure, const ObjectPropertyConditionSet& conditionSet, 54 53 bool viaProxy, WatchpointSet* additionalSet, FunctionPtr<OperationPtrTag> customGetter, JSObject* customSlotBase, 55 54 Optional<DOMAttributeAnnotation> domAttribute, std::unique_ptr<PolyProtoAccessChain> prototypeAccessChain) … … 70 69 } 71 70 72 std::unique_ptr<AccessCase> GetterSetterAccessCase::create(VM& vm, JSCell* owner, AccessType type, Structure* structure, const Identifier&identifier, PropertyOffset offset,71 std::unique_ptr<AccessCase> GetterSetterAccessCase::create(VM& vm, JSCell* owner, AccessType type, Structure* structure, CacheableIdentifier identifier, PropertyOffset offset, 73 72 const ObjectPropertyConditionSet& conditionSet, std::unique_ptr<PolyProtoAccessChain> prototypeAccessChain, FunctionPtr<OperationPtrTag> customSetter, 74 73 JSObject* customSlotBase) -
trunk/Source/JavaScriptCore/bytecode/GetterSetterAccessCase.h
r253361 r254464 1 1 /* 2 * Copyright (C) 2017-20 18Apple Inc. All rights reserved.2 * Copyright (C) 2017-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 55 55 56 56 static std::unique_ptr<AccessCase> create( 57 VM&, JSCell* owner, AccessType, const Identifier&, PropertyOffset, Structure*,57 VM&, JSCell* owner, AccessType, CacheableIdentifier, PropertyOffset, Structure*, 58 58 const ObjectPropertyConditionSet&, bool viaProxy, WatchpointSet* additionalSet, FunctionPtr<OperationPtrTag> customGetter, 59 59 JSObject* customSlotBase, Optional<DOMAttributeAnnotation>, std::unique_ptr<PolyProtoAccessChain>); 60 60 61 static std::unique_ptr<AccessCase> create(VM&, JSCell* owner, AccessType, Structure*, const Identifier&, PropertyOffset,61 static std::unique_ptr<AccessCase> create(VM&, JSCell* owner, AccessType, Structure*, CacheableIdentifier, PropertyOffset, 62 62 const ObjectPropertyConditionSet&, std::unique_ptr<PolyProtoAccessChain>, 63 63 FunctionPtr<OperationPtrTag> customSetter = nullptr, JSObject* customSlotBase = nullptr); … … 71 71 72 72 private: 73 GetterSetterAccessCase(VM&, JSCell*, AccessType, const Identifier&, PropertyOffset, Structure*, const ObjectPropertyConditionSet&, bool viaProxy, WatchpointSet* additionalSet, JSObject* customSlotBase, std::unique_ptr<PolyProtoAccessChain>);73 GetterSetterAccessCase(VM&, JSCell*, AccessType, CacheableIdentifier, PropertyOffset, Structure*, const ObjectPropertyConditionSet&, bool viaProxy, WatchpointSet* additionalSet, JSObject* customSlotBase, std::unique_ptr<PolyProtoAccessChain>); 74 74 75 75 GetterSetterAccessCase(const GetterSetterAccessCase&); -
trunk/Source/JavaScriptCore/bytecode/InstanceOfAccessCase.cpp
r252684 r254464 1 1 /* 2 * Copyright (C) 2018 Apple Inc. All rights reserved.2 * Copyright (C) 2018-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 60 60 VM& vm, JSCell* owner, AccessType accessType, Structure* structure, 61 61 const ObjectPropertyConditionSet& conditionSet, JSObject* prototype) 62 : Base(vm, owner, accessType, Identifier(), invalidOffset, structure, conditionSet, nullptr)62 : Base(vm, owner, accessType, nullptr, invalidOffset, structure, conditionSet, nullptr) 63 63 , m_prototype(vm, owner, prototype) 64 64 { -
trunk/Source/JavaScriptCore/bytecode/IntrinsicGetterAccessCase.cpp
r252684 r254464 1 1 /* 2 * Copyright (C) 2017 Apple Inc. All rights reserved.2 * Copyright (C) 2017-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 33 33 namespace JSC { 34 34 35 IntrinsicGetterAccessCase::IntrinsicGetterAccessCase(VM& vm, JSCell* owner, const Identifier&identifier, PropertyOffset offset, Structure* structure, const ObjectPropertyConditionSet& conditionSet, JSFunction* intrinsicFunction, std::unique_ptr<PolyProtoAccessChain> prototypeAccessChain)35 IntrinsicGetterAccessCase::IntrinsicGetterAccessCase(VM& vm, JSCell* owner, CacheableIdentifier identifier, PropertyOffset offset, Structure* structure, const ObjectPropertyConditionSet& conditionSet, JSFunction* intrinsicFunction, std::unique_ptr<PolyProtoAccessChain> prototypeAccessChain) 36 36 : Base(vm, owner, IntrinsicGetter, identifier, offset, structure, conditionSet, WTFMove(prototypeAccessChain)) 37 37 { … … 39 39 } 40 40 41 std::unique_ptr<AccessCase> IntrinsicGetterAccessCase::create(VM& vm, JSCell* owner, const Identifier&identifier, PropertyOffset offset, Structure* structure, const ObjectPropertyConditionSet& conditionSet, JSFunction* intrinsicFunction, std::unique_ptr<PolyProtoAccessChain> prototypeAccessChain)41 std::unique_ptr<AccessCase> IntrinsicGetterAccessCase::create(VM& vm, JSCell* owner, CacheableIdentifier identifier, PropertyOffset offset, Structure* structure, const ObjectPropertyConditionSet& conditionSet, JSFunction* intrinsicFunction, std::unique_ptr<PolyProtoAccessChain> prototypeAccessChain) 42 42 { 43 43 return std::unique_ptr<AccessCase>(new IntrinsicGetterAccessCase(vm, owner, identifier, offset, structure, conditionSet, intrinsicFunction, WTFMove(prototypeAccessChain))); -
trunk/Source/JavaScriptCore/bytecode/IntrinsicGetterAccessCase.h
r252684 r254464 1 1 /* 2 * Copyright (C) 2017 Apple Inc. All rights reserved.2 * Copyright (C) 2017-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 43 43 void emitIntrinsicGetter(AccessGenerationState&); 44 44 45 static std::unique_ptr<AccessCase> create(VM&, JSCell*, const Identifier&, PropertyOffset, Structure*, const ObjectPropertyConditionSet&, JSFunction* intrinsicFunction, std::unique_ptr<PolyProtoAccessChain>);45 static std::unique_ptr<AccessCase> create(VM&, JSCell*, CacheableIdentifier, PropertyOffset, Structure*, const ObjectPropertyConditionSet&, JSFunction* intrinsicFunction, std::unique_ptr<PolyProtoAccessChain>); 46 46 47 47 std::unique_ptr<AccessCase> clone() const override; … … 50 50 51 51 private: 52 IntrinsicGetterAccessCase(VM&, JSCell*, const Identifier&, PropertyOffset, Structure*, const ObjectPropertyConditionSet&, JSFunction* intrinsicFunction, std::unique_ptr<PolyProtoAccessChain>);52 IntrinsicGetterAccessCase(VM&, JSCell*, CacheableIdentifier, PropertyOffset, Structure*, const ObjectPropertyConditionSet&, JSFunction* intrinsicFunction, std::unique_ptr<PolyProtoAccessChain>); 53 53 54 54 WriteBarrier<JSFunction> m_intrinsicFunction; -
trunk/Source/JavaScriptCore/bytecode/ModuleNamespaceAccessCase.cpp
r252684 r254464 1 1 /* 2 2 * Copyright (C) 2017 Yusuke Suzuki <utatane.tea@gmail.com>. 3 * Copyright (C) 2020 Apple Inc. All rights reserved. 3 4 * 4 5 * Redistribution and use in source and binary forms, with or without … … 38 39 namespace JSC { 39 40 40 ModuleNamespaceAccessCase::ModuleNamespaceAccessCase(VM& vm, JSCell* owner, const Identifier&identifier, JSModuleNamespaceObject* moduleNamespaceObject, JSModuleEnvironment* moduleEnvironment, ScopeOffset scopeOffset)41 ModuleNamespaceAccessCase::ModuleNamespaceAccessCase(VM& vm, JSCell* owner, CacheableIdentifier identifier, JSModuleNamespaceObject* moduleNamespaceObject, JSModuleEnvironment* moduleEnvironment, ScopeOffset scopeOffset) 41 42 : Base(vm, owner, ModuleNamespaceLoad, identifier, invalidOffset, nullptr, ObjectPropertyConditionSet(), nullptr) 42 43 , m_scopeOffset(scopeOffset) … … 46 47 } 47 48 48 std::unique_ptr<AccessCase> ModuleNamespaceAccessCase::create(VM& vm, JSCell* owner, const Identifier&identifier, JSModuleNamespaceObject* moduleNamespaceObject, JSModuleEnvironment* moduleEnvironment, ScopeOffset scopeOffset)49 std::unique_ptr<AccessCase> ModuleNamespaceAccessCase::create(VM& vm, JSCell* owner, CacheableIdentifier identifier, JSModuleNamespaceObject* moduleNamespaceObject, JSModuleEnvironment* moduleEnvironment, ScopeOffset scopeOffset) 49 50 { 50 51 return std::unique_ptr<AccessCase>(new ModuleNamespaceAccessCase(vm, owner, identifier, moduleNamespaceObject, moduleEnvironment, scopeOffset)); -
trunk/Source/JavaScriptCore/bytecode/ModuleNamespaceAccessCase.h
r252684 r254464 1 1 /* 2 2 * Copyright (C) 2017 Yusuke Suzuki <utatane.tea@gmail.com>. 3 * Copyright (C) 2020 Apple Inc. All rights reserved. 3 4 * 4 5 * Redistribution and use in source and binary forms, with or without … … 44 45 ScopeOffset scopeOffset() const { return m_scopeOffset; } 45 46 46 static std::unique_ptr<AccessCase> create(VM&, JSCell* owner, const Identifier&, JSModuleNamespaceObject*, JSModuleEnvironment*, ScopeOffset);47 static std::unique_ptr<AccessCase> create(VM&, JSCell* owner, CacheableIdentifier, JSModuleNamespaceObject*, JSModuleEnvironment*, ScopeOffset); 47 48 48 49 std::unique_ptr<AccessCase> clone() const override; … … 53 54 54 55 private: 55 ModuleNamespaceAccessCase(VM&, JSCell* owner, const Identifier&, JSModuleNamespaceObject*, JSModuleEnvironment*, ScopeOffset);56 ModuleNamespaceAccessCase(VM&, JSCell* owner, CacheableIdentifier, JSModuleNamespaceObject*, JSModuleEnvironment*, ScopeOffset); 56 57 57 58 WriteBarrier<JSModuleNamespaceObject> m_moduleNamespaceObject; -
trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp
r253987 r254464 1 1 /* 2 * Copyright (C) 2014-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2014-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 31 31 #include "BinarySwitch.h" 32 32 #include "CCallHelpers.h" 33 #include "CacheableIdentifierInlines.h" 33 34 #include "CodeBlock.h" 34 35 #include "FullCodeOrigin.h" … … 351 352 result &= at(i).propagateTransitions(visitor); 352 353 return result; 354 } 355 356 void PolymorphicAccess::visitAggregate(SlotVisitor& visitor) 357 { 358 for (unsigned i = 0; i < size(); ++i) 359 at(i).visitAggregate(visitor); 353 360 } 354 361 … … 473 480 allocator.preserveReusedRegistersByPushing(jit, ScratchRegisterAllocator::ExtraStackSpace::NoExtraSpace); 474 481 475 476 482 bool generatedFinalCode = false; 477 483 … … 482 488 while (!cases.isEmpty()) 483 489 m_list.append(cases.takeLast()); 484 cases.append(AccessCase::create(vm, codeBlock, AccessCase::InstanceOfGeneric, Identifier()));490 cases.append(AccessCase::create(vm, codeBlock, AccessCase::InstanceOfGeneric, nullptr)); 485 491 generatedFinalCode = true; 486 492 } -
trunk/Source/JavaScriptCore/bytecode/PolymorphicAccess.h
r253987 r254464 1 1 /* 2 * Copyright (C) 2014-20 18Apple Inc. All rights reserved.2 * Copyright (C) 2014-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 152 152 const AccessCase& operator[](unsigned i) const { return *m_list[i]; } 153 153 154 void visitAggregate(SlotVisitor&); 155 154 156 // If this returns false then we are requesting a reset of the owning StructureStubInfo. 155 157 bool visitWeak(VM&) const; -
trunk/Source/JavaScriptCore/bytecode/ProxyableAccessCase.cpp
r252684 r254464 1 1 /* 2 * Copyright (C) 2017 Apple Inc. All rights reserved.2 * Copyright (C) 2017-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 31 31 namespace JSC { 32 32 33 ProxyableAccessCase::ProxyableAccessCase(VM& vm, JSCell* owner, AccessType accessType, const Identifier&identifier, PropertyOffset offset, Structure* structure,33 ProxyableAccessCase::ProxyableAccessCase(VM& vm, JSCell* owner, AccessType accessType, CacheableIdentifier identifier, PropertyOffset offset, Structure* structure, 34 34 const ObjectPropertyConditionSet& conditionSet, bool viaProxy, WatchpointSet* additionalSet, std::unique_ptr<PolyProtoAccessChain> prototypeAccessChain) 35 35 : Base(vm, owner, accessType, identifier, offset, structure, conditionSet, WTFMove(prototypeAccessChain)) … … 39 39 } 40 40 41 std::unique_ptr<AccessCase> ProxyableAccessCase::create(VM& vm, JSCell* owner, AccessType type, const Identifier&identifier, PropertyOffset offset, Structure* structure, const ObjectPropertyConditionSet& conditionSet, bool viaProxy, WatchpointSet* additionalSet, std::unique_ptr<PolyProtoAccessChain> prototypeAccessChain)41 std::unique_ptr<AccessCase> ProxyableAccessCase::create(VM& vm, JSCell* owner, AccessType type, CacheableIdentifier identifier, PropertyOffset offset, Structure* structure, const ObjectPropertyConditionSet& conditionSet, bool viaProxy, WatchpointSet* additionalSet, std::unique_ptr<PolyProtoAccessChain> prototypeAccessChain) 42 42 { 43 43 ASSERT(type == Load || type == Miss || type == GetGetter); -
trunk/Source/JavaScriptCore/bytecode/ProxyableAccessCase.h
r252684 r254464 1 1 /* 2 * Copyright (C) 2017 Apple Inc. All rights reserved.2 * Copyright (C) 2017-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 38 38 WatchpointSet* additionalSet() const override { return m_additionalSet.get(); } 39 39 40 static std::unique_ptr<AccessCase> create(VM&, JSCell*, AccessType, const Identifier&, PropertyOffset, Structure*, const ObjectPropertyConditionSet& = ObjectPropertyConditionSet(),40 static std::unique_ptr<AccessCase> create(VM&, JSCell*, AccessType, CacheableIdentifier, PropertyOffset, Structure*, const ObjectPropertyConditionSet& = ObjectPropertyConditionSet(), 41 41 bool viaProxy = false, WatchpointSet* additionalSet = nullptr, std::unique_ptr<PolyProtoAccessChain> = nullptr); 42 42 … … 47 47 48 48 protected: 49 ProxyableAccessCase(VM&, JSCell*, AccessType, const Identifier&, PropertyOffset, Structure*, const ObjectPropertyConditionSet&, bool viaProxy, WatchpointSet* additionalSet, std::unique_ptr<PolyProtoAccessChain>);49 ProxyableAccessCase(VM&, JSCell*, AccessType, CacheableIdentifier, PropertyOffset, Structure*, const ObjectPropertyConditionSet&, bool viaProxy, WatchpointSet* additionalSet, std::unique_ptr<PolyProtoAccessChain>); 50 50 51 51 private: -
trunk/Source/JavaScriptCore/bytecode/RecordedStatuses.cpp
r252684 r254464 1 1 /* 2 * Copyright (C) 2018 Apple Inc. All rights reserved.2 * Copyright (C) 2018-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 76 76 } 77 77 78 void RecordedStatuses::visitAggregate(SlotVisitor& slotVisitor) 79 { 80 for (auto& pair : gets) 81 pair.second->visitAggregate(slotVisitor); 82 } 83 78 84 void RecordedStatuses::markIfCheap(SlotVisitor& slotVisitor) 79 85 { -
trunk/Source/JavaScriptCore/bytecode/RecordedStatuses.h
r252684 r254464 1 1 /* 2 * Copyright (C) 2018 Apple Inc. All rights reserved.2 * Copyright (C) 2018-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 49 49 InByIdStatus* addInByIdStatus(const CodeOrigin&, const InByIdStatus&); 50 50 51 void markIfCheap(SlotVisitor& slotVisitor); 51 void visitAggregate(SlotVisitor&); 52 void markIfCheap(SlotVisitor&); 52 53 53 54 void finalizeWithoutDeleting(VM&); -
trunk/Source/JavaScriptCore/bytecode/StructureStubInfo.cpp
r254087 r254464 1 1 /* 2 * Copyright (C) 2008-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2008-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 27 27 #include "StructureStubInfo.h" 28 28 29 #include "CacheableIdentifierInlines.h" 29 30 #include "JSObject.h" 30 31 #include "JSCInlines.h" … … 63 64 } 64 65 65 void StructureStubInfo::initGetByIdSelf(CodeBlock* codeBlock, Structure* baseObjectStructure, PropertyOffset offset, const Identifier&identifier)66 void StructureStubInfo::initGetByIdSelf(CodeBlock* codeBlock, Structure* baseObjectStructure, PropertyOffset offset, CacheableIdentifier identifier) 66 67 { 67 68 ASSERT(hasConstantIdentifier); 68 69 setCacheType(CacheType::GetByIdSelf); 69 m_getByIdSelfIdentifier = Box<Identifier>::create(identifier); 70 m_getByIdSelfIdentifier = identifier; 71 codeBlock->vm().heap.writeBarrier(codeBlock); 70 72 71 73 u.byIdSelf.baseObjectStructure.set( … … 139 141 140 142 AccessGenerationResult StructureStubInfo::addAccessCase( 141 const GCSafeConcurrentJSLocker& locker, CodeBlock* codeBlock, const Identifier&ident, std::unique_ptr<AccessCase> accessCase)143 const GCSafeConcurrentJSLocker& locker, CodeBlock* codeBlock, CacheableIdentifier ident, std::unique_ptr<AccessCase> accessCase) 142 144 { 143 145 checkConsistency(); … … 195 197 } 196 198 199 ASSERT(m_cacheType == CacheType::Stub); 197 200 RELEASE_ASSERT(!result.generatedSomeCode()); 198 201 … … 278 281 deref(); 279 282 setCacheType(CacheType::Unset); 283 } 284 285 void StructureStubInfo::visitAggregate(SlotVisitor& visitor) 286 { 287 switch (m_cacheType) { 288 case CacheType::Unset: 289 case CacheType::ArrayLength: 290 case CacheType::StringLength: 291 case CacheType::PutByIdReplace: 292 case CacheType::InByIdSelf: 293 return; 294 case CacheType::GetByIdSelf: 295 m_getByIdSelfIdentifier.visitAggregate(visitor); 296 return; 297 case CacheType::Stub: 298 u.stub->visitAggregate(visitor); 299 return; 300 } 301 302 RELEASE_ASSERT_NOT_REACHED(); 303 return; 280 304 } 281 305 -
trunk/Source/JavaScriptCore/bytecode/StructureStubInfo.h
r254087 r254464 1 1 /* 2 * Copyright (C) 2008-20 18Apple Inc. All rights reserved.2 * Copyright (C) 2008-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 26 26 #pragma once 27 27 28 #include "CacheableIdentifier.h" 28 29 #include "CodeBlock.h" 29 30 #include "CodeOrigin.h" … … 75 76 ~StructureStubInfo(); 76 77 77 void initGetByIdSelf(CodeBlock*, Structure* baseObjectStructure, PropertyOffset, const Identifier&);78 void initGetByIdSelf(CodeBlock*, Structure* baseObjectStructure, PropertyOffset, CacheableIdentifier); 78 79 void initArrayLength(); 79 80 void initStringLength(); … … 81 82 void initInByIdSelf(CodeBlock*, Structure* baseObjectStructure, PropertyOffset); 82 83 83 AccessGenerationResult addAccessCase(const GCSafeConcurrentJSLocker&, CodeBlock*, const Identifier&, std::unique_ptr<AccessCase>);84 AccessGenerationResult addAccessCase(const GCSafeConcurrentJSLocker&, CodeBlock*, CacheableIdentifier, std::unique_ptr<AccessCase>); 84 85 85 86 void reset(CodeBlock*); … … 87 88 void deref(); 88 89 void aboutToDie(); 90 91 void visitAggregate(SlotVisitor&); 89 92 90 93 // Check if the stub has weak references that are dead. If it does, then it resets itself, … … 172 175 CodeOrigin codeOrigin; 173 176 private: 174 Box<Identifier>m_getByIdSelfIdentifier;177 CacheableIdentifier m_getByIdSelfIdentifier; 175 178 public: 176 179 … … 183 186 } u; 184 187 185 Box<Identifier>getByIdSelfIdentifier()188 CacheableIdentifier getByIdSelfIdentifier() 186 189 { 187 190 RELEASE_ASSERT(m_cacheType == CacheType::GetByIdSelf); -
trunk/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
r254252 r254464 1 1 /* 2 * Copyright (C) 2011-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2011-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 35 35 #include "BytecodeGenerator.h" 36 36 #include "BytecodeUseDef.h" 37 #include "CacheableIdentifierInlines.h" 37 38 #include "CallLinkStatus.h" 38 39 #include "CodeBlock.h" … … 4832 4833 type = AccessType::GetByIdDirect; 4833 4834 4834 GetByStatus::IdentifierKeepAlive keepAlive = [&] (Box<Identifier> identifier) {4835 m_graph.m_plan.keepAliveIdentifier(WTFMove(identifier));4836 };4837 4835 GetByStatus getByStatus = GetByStatus::computeFor( 4838 4836 m_inlineStackTop->m_profiledBlock, 4839 4837 m_inlineStackTop->m_baselineMap, m_icContextStack, 4840 currentCodeOrigin() , GetByStatus::TrackIdentifiers::No, keepAlive);4838 currentCodeOrigin()); 4841 4839 4842 4840 handleGetById( … … 5739 5737 Node* property = get(bytecode.m_property); 5740 5738 bool shouldCompileAsGetById = false; 5741 GetByStatus::IdentifierKeepAlive keepAlive = [&] (Box<Identifier> identifier) { 5742 m_graph.m_plan.keepAliveIdentifier(WTFMove(identifier)); 5743 }; 5744 GetByStatus getByStatus = GetByStatus::computeFor(m_inlineStackTop->m_profiledBlock, m_inlineStackTop->m_baselineMap, m_icContextStack, currentCodeOrigin(), GetByStatus::TrackIdentifiers::Yes, keepAlive); 5739 GetByStatus getByStatus = GetByStatus::computeFor(m_inlineStackTop->m_profiledBlock, m_inlineStackTop->m_baselineMap, m_icContextStack, currentCodeOrigin()); 5745 5740 5746 5741 unsigned identifierNumber = 0; … … 5753 5748 // That way, we could both switch on multiple structures and multiple identifiers (or int 32 properties). 5754 5749 // https://bugs.webkit.org/show_bug.cgi?id=204216 5755 if (Box<Identifier> impl = getByStatus.singleIdentifier()) { 5756 identifierNumber = m_graph.identifiers().ensure(impl); 5750 if (CacheableIdentifier identifier = getByStatus.singleIdentifier()) { 5751 UniquedStringImpl* uid = identifier.uid(); 5752 identifierNumber = m_graph.identifiers().ensure(identifier.uid()); 5753 if (identifier.isCell()) { 5754 FrozenValue* frozen = m_graph.freezeStrong(identifier.cell()); 5755 if (identifier.isSymbolCell()) 5756 addToGraph(CheckCell, OpInfo(frozen), property); 5757 else 5758 addToGraph(CheckIdent, OpInfo(uid), property); 5759 } else 5760 addToGraph(CheckIdent, OpInfo(uid), property); 5757 5761 shouldCompileAsGetById = true; 5758 addToGraph(CheckIdent, OpInfo(impl->impl()), property);5759 5762 } 5760 5763 } -
trunk/Source/JavaScriptCore/dfg/DFGDesiredIdentifiers.cpp
r252684 r254464 1 1 /* 2 * Copyright (C) 2013-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2013-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 56 56 } 57 57 58 void DesiredIdentifiers::processCodeBlockIdentifiersIfNeeded()58 unsigned DesiredIdentifiers::ensure(UniquedStringImpl* rep) 59 59 { 60 60 if (!m_didProcessIdentifiers) { … … 65 65 m_didProcessIdentifiers = true; 66 66 } 67 }68 69 unsigned DesiredIdentifiers::ensure(UniquedStringImpl* rep)70 {71 processCodeBlockIdentifiersIfNeeded();72 67 73 68 auto addResult = m_identifierNumberForName.add(rep, numberOfIdentifiers()); … … 80 75 } 81 76 82 unsigned DesiredIdentifiers::ensure(Box<Identifier> rep)83 {84 processCodeBlockIdentifiersIfNeeded();85 86 UniquedStringImpl* impl = rep->impl();87 auto addResult = m_identifierNumberForName.add(impl, numberOfIdentifiers());88 unsigned result = addResult.iterator->value;89 if (addResult.isNewEntry) {90 m_addedIdentifiers.append(WTFMove(rep));91 ASSERT(at(result) == impl);92 }93 return result;94 }95 96 77 UniquedStringImpl* DesiredIdentifiers::at(unsigned index) const 97 78 { … … 99 80 if (index < m_codeBlock->numberOfIdentifiers()) 100 81 result = m_codeBlock->identifier(index).impl(); 101 else { 102 const auto& variant = m_addedIdentifiers[index - m_codeBlock->numberOfIdentifiers()]; 103 if (WTF::holds_alternative<UniquedStringImpl*>(variant)) 104 result = WTF::get<UniquedStringImpl*>(variant); 105 else 106 result = WTF::get<Box<Identifier>>(variant)->impl(); 107 } 82 else 83 result = m_addedIdentifiers[index - m_codeBlock->numberOfIdentifiers()]; 108 84 ASSERT(result->hasAtLeastOneRef()); 109 85 return result; … … 112 88 void DesiredIdentifiers::reallyAdd(VM& vm, CommonData* commonData) 113 89 { 114 for (const auto& variant : m_addedIdentifiers) { 115 UniquedStringImpl* rep; 116 if (WTF::holds_alternative<UniquedStringImpl*>(variant)) 117 rep = WTF::get<UniquedStringImpl*>(variant); 118 else 119 rep = WTF::get<Box<Identifier>>(variant)->impl(); 120 90 for (auto rep : m_addedIdentifiers) { 121 91 ASSERT(rep->hasAtLeastOneRef()); 122 92 Identifier uid = Identifier::fromUid(vm, rep); -
trunk/Source/JavaScriptCore/dfg/DFGDesiredIdentifiers.h
r253538 r254464 1 1 /* 2 * Copyright (C) 2013-20 15Apple Inc. All rights reserved.2 * Copyright (C) 2013-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 30 30 #include "Identifier.h" 31 31 #include <wtf/HashMap.h> 32 #include <wtf/Variant.h>33 32 #include <wtf/text/UniquedStringImpl.h> 34 33 … … 50 49 unsigned numberOfIdentifiers(); 51 50 unsigned ensure(UniquedStringImpl*); 52 unsigned ensure(Box<Identifier>);53 51 54 52 UniquedStringImpl* at(unsigned index) const; … … 62 60 63 61 CodeBlock* m_codeBlock; 64 Vector< Variant<UniquedStringImpl*, Box<Identifier>>> m_addedIdentifiers;62 Vector<UniquedStringImpl*> m_addedIdentifiers; 65 63 HashMap<UniquedStringImpl*, unsigned> m_identifierNumberForName; 66 64 bool m_didProcessIdentifiers; -
trunk/Source/JavaScriptCore/dfg/DFGJITFinalizer.cpp
r249706 r254464 1 1 /* 2 * Copyright (C) 2013-20 18Apple Inc. All rights reserved.2 * Copyright (C) 2013-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 82 82 void JITFinalizer::finalizeCommon() 83 83 { 84 CodeBlock* codeBlock = m_plan.codeBlock(); 85 84 86 // Some JIT finalizers may have added more constants. Shrink-to-fit those things now. 85 87 { 86 ConcurrentJSLocker locker( m_plan.codeBlock()->m_lock);87 m_plan.codeBlock()->constants().shrinkToFit();88 m_plan.codeBlock()->constantsSourceCodeRepresentation().shrinkToFit();88 ConcurrentJSLocker locker(codeBlock->m_lock); 89 codeBlock->constants().shrinkToFit(); 90 codeBlock->constantsSourceCodeRepresentation().shrinkToFit(); 89 91 } 90 92 91 93 #if ENABLE(FTL_JIT) 92 m_jitCode->optimizeAfterWarmUp( m_plan.codeBlock());94 m_jitCode->optimizeAfterWarmUp(codeBlock); 93 95 #endif // ENABLE(FTL_JIT) 94 96 95 97 if (UNLIKELY(m_plan.compilation())) 96 m_plan.vm()->m_perBytecodeProfiler->addCompilation( m_plan.codeBlock(), *m_plan.compilation());98 m_plan.vm()->m_perBytecodeProfiler->addCompilation(codeBlock, *m_plan.compilation()); 97 99 98 100 if (!m_plan.willTryToTierUp()) 99 m_plan.codeBlock()->baselineVersion()->m_didFailFTLCompilation = true; 101 codeBlock->baselineVersion()->m_didFailFTLCompilation = true; 102 103 // The codeBlock is now responsible for keeping many things alive (e.g. frozen values) 104 // that were previously kept alive by the plan. 105 m_plan.vm()->heap.writeBarrier(codeBlock); 100 106 } 101 107 -
trunk/Source/JavaScriptCore/dfg/DFGPlan.cpp
r253243 r254464 1 1 /* 2 * Copyright (C) 2013-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2013-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 80 80 #include "TrackedReferences.h" 81 81 #include "VMInlines.h" 82 #include <wtf/Threading.h>83 82 84 83 #if ENABLE(FTL_JIT) … … 156 155 Plan::~Plan() 157 156 { 158 RELEASE_ASSERT(unnukedVM()->currentThreadIsHoldingAPILock());159 157 } 160 158 … … 658 656 } 659 657 658 m_recordedStatuses.visitAggregate(visitor); 660 659 m_recordedStatuses.markIfCheap(visitor); 661 660 … … 697 696 { 698 697 RELEASE_ASSERT(m_stage != Cancelled); 699 700 // When we cancel a plan, there's a chance that the compiler thread may have701 // already ref'ed it and is working on it. This results in a race where the702 // compiler thread may hold the last reference to the plan. We require that703 // the plan is only destructed on the mutator thread because we piggy back704 // on the plan to ensure certain other objects are only destructed on the705 // mutator thread. For example, see Plan::m_identifiersKeptAliveForCleanUp.706 //707 // To ensure that the plan is destructed on the mutator and not the compiler708 // thread, the compiler thread will enqueue any cancelled plan it sees in709 // the worklist's m_cancelledPlansPendingDestruction. The mutator will later710 // delete the cancelled plans in m_cancelledPlansPendingDestruction.711 // However, a mutator should only delete cancelled plans that belong to its712 // VM. Hence, a cancelled plan needs to keep its m_vm pointer to let the713 // mutator know which VM it belongs to.714 // Ref: See Worklist::deleteCancelledPlansForVM().715 698 ASSERT(m_vm); 716 699 -
trunk/Source/JavaScriptCore/dfg/DFGPlan.h
r253243 r254464 1 1 /* 2 * Copyright (C) 2013-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2013-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 39 39 #include "ProfilerCompilation.h" 40 40 #include "RecordedStatuses.h" 41 #include <wtf/Box.h>42 41 #include <wtf/HashMap.h> 43 42 #include <wtf/ThreadSafeRefCounted.h> … … 118 117 void setCallback(Ref<DeferredCompilationCallback>&& callback) { m_callback = WTFMove(callback); } 119 118 120 void keepAliveIdentifier(Box<Identifier> identifier)121 {122 if (identifier)123 m_identifiersKeptAliveForCleanUp.append(WTFMove(identifier));124 }125 126 119 private: 127 120 bool computeCompileTimes() const; … … 182 175 183 176 RefPtr<DeferredCompilationCallback> m_callback; 184 Vector<Box<Identifier>, 16> m_identifiersKeptAliveForCleanUp;185 177 186 178 MonotonicTime m_timeBeforeFTL; -
trunk/Source/JavaScriptCore/dfg/DFGWorklist.cpp
r253358 r254464 1 1 /* 2 * Copyright (C) 2013-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2013-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 101 101 { 102 102 LockHolder locker(*m_worklist.m_lock); 103 if (m_plan->stage() == Plan::Cancelled) { 104 m_worklist.m_cancelledPlansPendingDestruction.append(WTFMove(m_plan)); 103 if (m_plan->stage() == Plan::Cancelled) 105 104 return WorkResult::Continue; 106 }107 105 m_plan->notifyCompiling(); 108 106 } … … 126 124 { 127 125 LockHolder locker(*m_worklist.m_lock); 128 if (m_plan->stage() == Plan::Cancelled) { 129 m_worklist.m_cancelledPlansPendingDestruction.append(WTFMove(m_plan)); 126 if (m_plan->stage() == Plan::Cancelled) 130 127 return WorkResult::Continue; 131 }132 128 133 129 m_plan->notifyReady(); … … 305 301 } 306 302 307 void Worklist::deleteCancelledPlansForVM(LockHolder&, VM& vm)308 {309 RELEASE_ASSERT(vm.currentThreadIsHoldingAPILock());310 HashSet<RefPtr<Plan>> removedPlans;311 312 // The following scenario can occur:313 // 1. The DFG thread started compiling a plan.314 // 2. The GC thread cancels the plan, and adds it to m_cancelledPlansPendingDestruction.315 // 3. The DFG thread finishes compiling, and discovers that the thread is cancelled.316 // To avoid destructing the plan in the DFG thread, it adds it to317 // m_cancelledPlansPendingDestruction.318 // 4. The above occurs before the mutator runs deleteCancelledPlansForVM().319 //320 // Hence, the same cancelled plan can appear in m_cancelledPlansPendingDestruction321 // more than once. This is why we need to filter the cancelled plans through322 // the removedPlans HashSet before we do the refCount check below.323 324 for (size_t i = 0; i < m_cancelledPlansPendingDestruction.size(); ++i) {325 RefPtr<Plan> plan = m_cancelledPlansPendingDestruction[i];326 if (plan->unnukedVM() != &vm)327 continue;328 m_cancelledPlansPendingDestruction[i--] = m_cancelledPlansPendingDestruction.last();329 m_cancelledPlansPendingDestruction.removeLast();330 removedPlans.add(WTFMove(plan));331 }332 333 while (!removedPlans.isEmpty()) {334 RefPtr<Plan> plan = removedPlans.takeAny();335 ASSERT(plan->stage() == Plan::Cancelled);336 if (plan->refCount() > 1)337 m_cancelledPlansPendingDestruction.append(WTFMove(plan));338 }339 }340 341 303 void Worklist::removeAllReadyPlansForVM(VM& vm, Vector<RefPtr<Plan>, 8>& myReadyPlans) 342 304 { 343 305 DeferGC deferGC(vm.heap); 344 306 LockHolder locker(*m_lock); 345 ASSERT(vm.currentThreadIsHoldingAPILock());346 347 deleteCancelledPlansForVM(locker, vm);348 307 for (size_t i = 0; i < m_readyPlans.size(); ++i) { 349 308 RefPtr<Plan> plan = m_readyPlans[i]; … … 448 407 LockHolder locker(*m_lock); 449 408 HashSet<CompilationKey> deadPlanKeys; 450 bool isInMutator = vm.currentThreadIsHoldingAPILock();451 452 409 for (PlanMap::iterator iter = m_plans.begin(); iter != m_plans.end(); ++iter) { 453 410 Plan* plan = iter->value.get(); … … 463 420 } 464 421 if (!deadPlanKeys.isEmpty()) { 465 for (HashSet<CompilationKey>::iterator iter = deadPlanKeys.begin(); iter != deadPlanKeys.end(); ++iter) { 466 RefPtr<Plan> plan = m_plans.take(*iter); 467 plan->cancel(); 468 if (!isInMutator) 469 m_cancelledPlansPendingDestruction.append(WTFMove(plan)); 470 } 422 for (HashSet<CompilationKey>::iterator iter = deadPlanKeys.begin(); iter != deadPlanKeys.end(); ++iter) 423 m_plans.take(*iter)->cancel(); 471 424 Deque<RefPtr<Plan>> newQueue; 472 425 while (!m_queue.isEmpty()) { … … 504 457 HashSet<CompilationKey> deadPlanKeys; 505 458 Vector<RefPtr<Plan>> deadPlans; 506 ASSERT(vm.currentThreadIsHoldingAPILock());507 508 deleteCancelledPlansForVM(locker, vm);509 459 for (auto& entry : m_plans) { 510 460 Plan* plan = entry.value.get(); -
trunk/Source/JavaScriptCore/dfg/DFGWorklist.h
r253243 r254464 1 1 /* 2 * Copyright (C) 2013-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2013-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 94 94 95 95 void removeAllReadyPlansForVM(VM&, Vector<RefPtr<Plan>, 8>&); 96 void deleteCancelledPlansForVM(LockHolder&, VM&);97 96 98 97 void dump(const AbstractLocker&, PrintStream&) const; … … 115 114 // be completed. 116 115 Vector<RefPtr<Plan>, 16> m_readyPlans; 117 Vector<RefPtr<Plan>, 4> m_cancelledPlansPendingDestruction;118 116 Ref<AutomaticThreadCondition> m_planEnqueued; 119 117 Condition m_planCompiled; -
trunk/Source/JavaScriptCore/ftl/FTLJITFinalizer.cpp
r244764 r254464 1 1 /* 2 * Copyright (C) 2013-20 18Apple Inc. All rights reserved.2 * Copyright (C) 2013-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 72 72 bool JITFinalizer::finalizeCommon() 73 73 { 74 CodeBlock* codeBlock = m_plan.codeBlock(); 74 75 bool dumpDisassembly = shouldDumpDisassembly() || Options::asyncDisassembly(); 75 76 76 77 MacroAssemblerCodeRef<JSEntryPtrTag> b3CodeRef = 77 78 FINALIZE_CODE_IF(dumpDisassembly, *b3CodeLinkBuffer, JSEntryPtrTag, 78 "FTL B3 code for %s", toCString(CodeBlockWithJITType( m_plan.codeBlock(), JITType::FTLJIT)).data());79 "FTL B3 code for %s", toCString(CodeBlockWithJITType(codeBlock, JITType::FTLJIT)).data()); 79 80 80 81 MacroAssemblerCodeRef<JSEntryPtrTag> arityCheckCodeRef = entrypointLinkBuffer 81 82 ? FINALIZE_CODE_IF(dumpDisassembly, *entrypointLinkBuffer, JSEntryPtrTag, 82 "FTL entrypoint thunk for %s with B3 generated code at %p", toCString(CodeBlockWithJITType( m_plan.codeBlock(), JITType::FTLJIT)).data(), function)83 "FTL entrypoint thunk for %s with B3 generated code at %p", toCString(CodeBlockWithJITType(codeBlock, JITType::FTLJIT)).data(), function) 83 84 : MacroAssemblerCodeRef<JSEntryPtrTag>::createSelfManagedCodeRef(b3CodeRef.code()); 84 85 … … 86 87 jitCode->initializeArityCheckEntrypoint(arityCheckCodeRef); 87 88 88 m_plan.codeBlock()->setJITCode(*jitCode);89 codeBlock->setJITCode(*jitCode); 89 90 90 91 if (UNLIKELY(m_plan.compilation())) 91 m_plan.vm()->m_perBytecodeProfiler->addCompilation(m_plan.codeBlock(), *m_plan.compilation()); 92 m_plan.vm()->m_perBytecodeProfiler->addCompilation(codeBlock, *m_plan.compilation()); 93 94 // The codeBlock is now responsible for keeping many things alive (e.g. frozen values) 95 // that were previously kept alive by the plan. 96 m_plan.vm()->heap.writeBarrier(codeBlock); 92 97 93 98 return true; -
trunk/Source/JavaScriptCore/jit/JITOperations.cpp
r253896 r254464 1 1 /* 2 * Copyright (C) 2013-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2013-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 31 31 #include "ArithProfile.h" 32 32 #include "ArrayConstructor.h" 33 #include "CacheableIdentifierInlines.h" 33 34 #include "CommonSlowPaths.h" 34 35 #include "DFGCompilationMode.h" … … 2029 2030 } 2030 2031 2031 if (baseValue.isCell() && isStringOrSymbol(subscript)) {2032 if (baseValue.isCell() && CacheableIdentifier::isCacheableIdentifierCell(subscript)) { 2032 2033 const Identifier propertyName = subscript.toPropertyKey(globalObject); 2033 2034 RETURN_IF_EXCEPTION(scope, encodedJSValue()); … … 2038 2039 2039 2040 if (stubInfo->considerCaching(vm, codeBlock, baseValue.structureOrNull(), propertyName.impl())) 2040 repatchGetBy(globalObject, codeBlock, baseValue, propertyName, slot, *stubInfo, GetByKind::NormalByVal);2041 repatchGetBy(globalObject, codeBlock, baseValue, subscript.asCell(), slot, *stubInfo, GetByKind::NormalByVal); 2041 2042 return found ? slot.getValue(globalObject, propertyName) : jsUndefined(); 2042 2043 })); -
trunk/Source/JavaScriptCore/jit/Repatch.cpp
r254087 r254464 1 1 /* 2 * Copyright (C) 2011-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2011-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 31 31 #include "BinarySwitch.h" 32 32 #include "CCallHelpers.h" 33 #include "CacheableIdentifierInlines.h" 33 34 #include "CallFrameShuffler.h" 34 35 #include "DFGOperations.h" … … 179 180 } 180 181 181 static InlineCacheAction tryCacheGetBy(JSGlobalObject* globalObject, CodeBlock* codeBlock, JSValue baseValue, const Identifier&propertyName, const PropertySlot& slot, StructureStubInfo& stubInfo, GetByKind kind)182 static InlineCacheAction tryCacheGetBy(JSGlobalObject* globalObject, CodeBlock* codeBlock, JSValue baseValue, CacheableIdentifier propertyName, const PropertySlot& slot, StructureStubInfo& stubInfo, GetByKind kind) 182 183 { 183 184 VM& vm = globalObject->vm(); … … 269 270 bool generatedCodeInline = InlineAccess::generateSelfPropertyAccess(stubInfo, structure, slot.cachedOffset()); 270 271 if (generatedCodeInline) { 271 LOG_IC((ICEvent::GetBySelfPatch, structure->classInfo(), propertyName, slot.slotBase() == baseValue));272 LOG_IC((ICEvent::GetBySelfPatch, structure->classInfo(), Identifier::fromUid(vm, propertyName.uid()), slot.slotBase() == baseValue)); 272 273 structure->startWatchingPropertyForReplacements(vm, slot.cachedOffset()); 273 274 ftlThunkAwareRepatchCall(codeBlock, stubInfo.slowPathCallLocation, appropriateOptimizingGetByFunction(kind)); … … 320 321 if (!prototypeAccessChain) 321 322 return GiveUpOnCache; 322 RELEASE_ASSERT(slot.isCacheableCustom() || prototypeAccessChain->slotBaseStructure(structure)->get(vm, propertyName ) == offset);323 RELEASE_ASSERT(slot.isCacheableCustom() || prototypeAccessChain->slotBaseStructure(structure)->get(vm, propertyName.uid()) == offset); 323 324 } else { 324 325 // We use ObjectPropertyConditionSet instead for faster accesses. … … 329 330 if (slot.isUnset()) { 330 331 conditionSet = generateConditionsForPropertyMiss( 331 vm, codeBlock, globalObject, structure, propertyName. impl());332 vm, codeBlock, globalObject, structure, propertyName.uid()); 332 333 } else if (!slot.isCacheableCustom()) { 333 334 conditionSet = generateConditionsForPrototypePropertyHit( 334 335 vm, codeBlock, globalObject, structure, slot.slotBase(), 335 propertyName. impl());336 propertyName.uid()); 336 337 RELEASE_ASSERT(!conditionSet.isValid() || conditionSet.slotBaseCondition().offset() == offset); 337 338 } else { 338 339 conditionSet = generateConditionsForPrototypePropertyHitCustom( 339 340 vm, codeBlock, globalObject, structure, slot.slotBase(), 340 propertyName. impl(), slot.attributes());341 propertyName.uid(), slot.attributes()); 341 342 } 342 343 … … 394 395 } 395 396 396 LOG_IC((ICEvent::GetByAddAccessCase, baseValue.classInfoOrNull(vm), propertyName, slot.slotBase() == baseValue));397 LOG_IC((ICEvent::GetByAddAccessCase, baseValue.classInfoOrNull(vm), Identifier::fromUid(vm, propertyName.uid()), slot.slotBase() == baseValue)); 397 398 398 399 result = stubInfo.addAccessCase(locker, codeBlock, propertyName, WTFMove(newCase)); 399 400 400 401 if (result.generatedSomeCode()) { 401 LOG_IC((ICEvent::GetByReplaceWithJump, baseValue.classInfoOrNull(vm), propertyName, slot.slotBase() == baseValue));402 LOG_IC((ICEvent::GetByReplaceWithJump, baseValue.classInfoOrNull(vm), Identifier::fromUid(vm, propertyName.uid()), slot.slotBase() == baseValue)); 402 403 403 404 RELEASE_ASSERT(result.code()); … … 411 412 } 412 413 413 void repatchGetBy(JSGlobalObject* globalObject, CodeBlock* codeBlock, JSValue baseValue, const Identifier&propertyName, const PropertySlot& slot, StructureStubInfo& stubInfo, GetByKind kind)414 void repatchGetBy(JSGlobalObject* globalObject, CodeBlock* codeBlock, JSValue baseValue, CacheableIdentifier propertyName, const PropertySlot& slot, StructureStubInfo& stubInfo, GetByKind kind) 414 415 { 415 416 SuperSamplerScope superSamplerScope(false); … … 495 496 } 496 497 497 result = stubInfo.addAccessCase(locker, codeBlock, Identifier(), AccessCase::create(vm, codeBlock, accessType, Identifier()));498 result = stubInfo.addAccessCase(locker, codeBlock, nullptr, AccessCase::create(vm, codeBlock, accessType, nullptr)); 498 499 499 500 if (result.generatedSomeCode()) { … … 885 886 LOG_IC((ICEvent::InstanceOfAddAccessCase, structure->classInfo(), Identifier())); 886 887 887 result = stubInfo.addAccessCase(locker, codeBlock, Identifier(), WTFMove(newCase));888 result = stubInfo.addAccessCase(locker, codeBlock, nullptr, WTFMove(newCase)); 888 889 889 890 if (result.generatedSomeCode()) { -
trunk/Source/JavaScriptCore/jit/Repatch.h
r252684 r254464 1 1 /* 2 * Copyright (C) 2011-20 18Apple Inc. All rights reserved.2 * Copyright (C) 2011-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 28 28 #if ENABLE(JIT) 29 29 30 #include "CacheableIdentifier.h" 30 31 #include "CallVariant.h" 31 32 #include "PutKind.h" … … 42 43 43 44 void repatchArrayGetByVal(JSGlobalObject*, CodeBlock*, JSValue base, JSValue index, StructureStubInfo&); 44 void repatchGetBy(JSGlobalObject*, CodeBlock*, JSValue, const Identifier&, const PropertySlot&, StructureStubInfo&, GetByKind);45 void repatchGetBy(JSGlobalObject*, CodeBlock*, JSValue, CacheableIdentifier, const PropertySlot&, StructureStubInfo&, GetByKind); 45 46 void repatchPutByID(JSGlobalObject*, CodeBlock*, JSValue, Structure*, const Identifier&, const PutPropertySlot&, StructureStubInfo&, PutKind); 46 47 void repatchInByID(JSGlobalObject*, CodeBlock*, JSObject*, const Identifier&, bool wasFound, const PropertySlot&, StructureStubInfo&); -
trunk/Source/JavaScriptCore/runtime/ExceptionHelpers.cpp
r253515 r254464 1 1 /* 2 * Copyright (C) 2008-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2008-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 131 131 // For function calls that have many new lines in between their open parenthesis 132 132 // and their closing parenthesis, the text range passed into the message appender 133 // will not in lcude the text in between these parentheses, it will just be the desired133 // will not include the text in between these parentheses, it will just be the desired 134 134 // text that precedes the parentheses. 135 135 return String(); -
trunk/Source/JavaScriptCore/runtime/JSString.h
r253648 r254464 2 2 * Copyright (C) 1999-2001 Harri Porten (porten@kde.org) 3 3 * Copyright (C) 2001 Peter Kelly (pmk@post.com) 4 * Copyright (C) 2003-20 19Apple Inc. All rights reserved.4 * Copyright (C) 2003-2020 Apple Inc. All rights reserved. 5 5 * 6 6 * This library is free software; you can redistribute it and/or … … 190 190 const String& value(JSGlobalObject*) const; 191 191 inline const String& tryGetValue(bool allocationAllowed = true) const; 192 const StringImpl* getValueImpl() const; 192 193 const StringImpl* tryGetValueImpl() const; 193 194 ALWAYS_INLINE unsigned length() const; … … 704 705 } 705 706 707 inline const StringImpl* JSString::getValueImpl() const 708 { 709 ASSERT(!isRope()); 710 return bitwise_cast<StringImpl*>(m_fiber); 711 } 712 706 713 inline const StringImpl* JSString::tryGetValueImpl() const 707 714 { -
trunk/Source/JavaScriptCore/runtime/VM.cpp
r254447 r254464 1 1 /* 2 * Copyright (C) 2008-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2008-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 1153 1153 #endif 1154 1154 1155 WatchpointSet* VM::ensureWatchpointSetForImpureProperty( const Identifier&propertyName)1156 { 1157 auto result = m_impurePropertyWatchpointSets.add(propertyName .string(), nullptr);1155 WatchpointSet* VM::ensureWatchpointSetForImpureProperty(UniquedStringImpl* propertyName) 1156 { 1157 auto result = m_impurePropertyWatchpointSets.add(propertyName, nullptr); 1158 1158 if (result.isNewEntry) 1159 1159 result.iterator->value = adoptRef(new WatchpointSet(IsWatched)); … … 1161 1161 } 1162 1162 1163 void VM::registerWatchpointForImpureProperty(const Identifier& propertyName, Watchpoint* watchpoint) 1164 { 1165 ensureWatchpointSetForImpureProperty(propertyName)->add(watchpoint); 1166 } 1167 1168 void VM::addImpureProperty(const String& propertyName) 1163 void VM::addImpureProperty(UniquedStringImpl* propertyName) 1169 1164 { 1170 1165 if (RefPtr<WatchpointSet> watchpointSet = m_impurePropertyWatchpointSets.take(propertyName)) -
trunk/Source/JavaScriptCore/runtime/VM.h
r254447 r254464 1 1 /* 2 * Copyright (C) 2008-20 19Apple Inc. All rights reserved.2 * Copyright (C) 2008-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 1031 1031 void shrinkFootprintWhenIdle(); 1032 1032 1033 WatchpointSet* ensureWatchpointSetForImpureProperty(const Identifier&); 1034 void registerWatchpointForImpureProperty(const Identifier&, Watchpoint*); 1033 WatchpointSet* ensureWatchpointSetForImpureProperty(UniquedStringImpl*); 1035 1034 1036 1035 // FIXME: Use AtomString once it got merged with Identifier. 1037 JS_EXPORT_PRIVATE void addImpureProperty( const String&);1036 JS_EXPORT_PRIVATE void addImpureProperty(UniquedStringImpl*); 1038 1037 1039 1038 InlineWatchpointSet& primitiveGigacageEnabled() { return m_primitiveGigacageEnabled; } … … 1209 1208 std::unique_ptr<CodeCache> m_codeCache; 1210 1209 std::unique_ptr<BuiltinExecutables> m_builtinExecutables; 1211 HashMap< String, RefPtr<WatchpointSet>> m_impurePropertyWatchpointSets;1210 HashMap<RefPtr<UniquedStringImpl>, RefPtr<WatchpointSet>> m_impurePropertyWatchpointSets; 1212 1211 std::unique_ptr<TypeProfiler> m_typeProfiler; 1213 1212 std::unique_ptr<TypeProfilerLog> m_typeProfilerLog; -
trunk/Source/WebCore/ChangeLog
r254463 r254464 1 2020-01-13 Mark Lam <mark.lam@apple.com> 2 3 Replace uses of Box<Identifier> with a new CacheableIdentifier class. 4 https://bugs.webkit.org/show_bug.cgi?id=205544 5 <rdar://problem/58041800> 6 7 Reviewed by Saam Barati. 8 9 * bindings/js/CommonVM.cpp: 10 (WebCore::addImpureProperty): 11 1 12 2020-01-13 Ross Kirsling <ross.kirsling@sony.com> 2 13 -
trunk/Source/WebCore/bindings/js/CommonVM.cpp
r251529 r254464 1 1 /* 2 * Copyright (C) 2016-20 17Apple Inc. All rights reserved.2 * Copyright (C) 2016-2020 Apple Inc. All rights reserved. 3 3 * 4 4 * Redistribution and use in source and binary forms, with or without … … 89 89 void addImpureProperty(const AtomString& propertyName) 90 90 { 91 commonVM().addImpureProperty(propertyName );91 commonVM().addImpureProperty(propertyName.impl()); 92 92 } 93 93
Note:
See TracChangeset
for help on using the changeset viewer.
