Changeset 208320 in webkit


Ignore:
Timestamp:
Nov 2, 2016 8:20:53 PM (7 years ago)
Author:
Yusuke Suzuki
Message:

[DOMJIT] Add DOMJIT::Signature
https://bugs.webkit.org/show_bug.cgi?id=162980

Reviewed by Saam Barati and Sam Weinig.

Source/JavaScriptCore:

This patch introduces a new mechanism called DOMJIT::Signature. We can annotate the function with DOMJIT::Signature.
DOMJIT::Signature has type information of that function. And it also maintains the effect of the function and the
pointer to the unsafe function. The unsafe function means the function without type and argument count checks.
By using these information, we can separate type and argument count checks from the function. And we can emit
these things as DFG checks and convert the function call itself to CallDOM node. CallDOM node can call the unsafe
function directly without any checks. Furthermore, this CallDOM node can represent its own clobberizing rules based
on DOMJIT::Effect maintained by DOMJIT::Signature. It allows us to make opaque Call node to a CallDOM node that
merely reads some part of heap. These changes (1) can drop duplicate type checks in DFG, (2) offer ability to move
CallDOM node to somewhere, and (3) track more detailed heap reads and writes of CallDOM nodes.

We first emit Call node with DOMJIT::Signature in DFGByteCodeParser. And in the fixup phase, we attempt to lower
Call node to CallDOM node with checks & edge filters. This is because we do not know the type predictions in
DFGByteCodeParser phase. If we always emit CallDOM node in DFGByteCodeParser, if we evaluate div.getAttribute(true)
thingy, the Uncountable OSR exits repeatedly happen because AI figures out the abstract value is cleared.

Currently, DOMJIT signature only allows the types that can reside in GPR. This is because the types of the unsafe
function arguments are represented as the sequence of void*. In the future, we will extend to accept other types like
float, double etc.

We annotate several functions in Element. In particular, we annotate Element::getAttribute. This allows us to perform
LICM in Dromaeo dom-attr test. In the Dromaeo dom-attr getAttribute test, we can see 32x improvement. (134974.8 v.s. 4203.4)

(JSC::CallVariant::functionExecutable):
(JSC::CallVariant::nativeExecutable):
(JSC::CallVariant::signatureFor):

  • bytecode/SpeculatedType.h:

(JSC::isNotStringSpeculation):
(JSC::isNotInt32Speculation):
(JSC::isNotBooleanSpeculation):

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::addCall):
(JSC::DFG::ByteCodeParser::handleCall):
(JSC::DFG::ByteCodeParser::attemptToInlineCall):
(JSC::DFG::ByteCodeParser::handleInlining):
(JSC::DFG::ByteCodeParser::handleDOMJITCall):
(JSC::DFG::ByteCodeParser::parseBlock):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):
(JSC::DFG::FixupPhase::attemptToMakeCallDOM):
(JSC::DFG::FixupPhase::fixupCheckDOM):
(JSC::DFG::FixupPhase::fixupCallDOM):

  • dfg/DFGNode.cpp:

(JSC::DFG::Node::convertToCallDOM):

  • dfg/DFGNode.h:

(JSC::DFG::Node::hasHeapPrediction):
(JSC::DFG::Node::shouldSpeculateNotInt32):
(JSC::DFG::Node::shouldSpeculateNotBoolean):
(JSC::DFG::Node::shouldSpeculateNotString):
(JSC::DFG::Node::hasSignature):
(JSC::DFG::Node::signature):

  • dfg/DFGNodeType.h:
  • dfg/DFGPredictionPropagationPhase.cpp:
  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileCallDOM):

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::callOperation):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • domjit/DOMJITEffect.h:

(JSC::DOMJIT::Effect::Effect):
(JSC::DOMJIT::Effect::forWrite):
(JSC::DOMJIT::Effect::forRead):
(JSC::DOMJIT::Effect::forReadWrite):
(JSC::DOMJIT::Effect::forPure):
(JSC::DOMJIT::Effect::forDef):
(JSC::DOMJIT::Effect::mustGenerate):
In clang, we cannot make this Effect constructor constexpr if we use Optional<HeapRange>.
So we use HeapRange::top() for Nullopt def now.

  • domjit/DOMJITHeapRange.h:

(JSC::DOMJIT::HeapRange::fromRaw):
(JSC::DOMJIT::HeapRange::operator bool):
(JSC::DOMJIT::HeapRange::operator==):
(JSC::DOMJIT::HeapRange::operator!=):
(JSC::DOMJIT::HeapRange::fromConstant):

  • domjit/DOMJITSignature.h: Copied from Source/JavaScriptCore/domjit/DOMJITEffect.h.

(JSC::DOMJIT::Signature::Signature):
(JSC::DOMJIT::Signature::argumentCount):
(JSC::DOMJIT::Signature::checkDOM):

  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileCallDOM):

  • jit/JITOperations.h:
  • jit/JITThunks.cpp:

(JSC::JITThunks::hostFunctionStub):

  • jit/JITThunks.h:
  • runtime/JSBoundFunction.cpp:

(JSC::JSBoundFunction::create):

  • runtime/JSCell.h:
  • runtime/JSFunction.cpp:

(JSC::JSFunction::create):

  • runtime/JSFunction.h:
  • runtime/JSNativeStdFunction.cpp:

(JSC::JSNativeStdFunction::create):

  • runtime/JSObject.cpp:

(JSC::JSObject::putDirectNativeFunction):

  • runtime/JSObject.h:
  • runtime/Lookup.h:

(JSC::HashTableValue::functionLength):
(JSC::HashTableValue::signature):
(JSC::reifyStaticProperty):

  • runtime/NativeExecutable.cpp:

(JSC::NativeExecutable::create):
(JSC::NativeExecutable::NativeExecutable):

  • runtime/NativeExecutable.h:
  • runtime/PropertySlot.h:
  • runtime/VM.cpp:

(JSC::VM::getHostFunction):

  • runtime/VM.h:

Source/WebCore:

We introduce DOMJIT::Signature. This signature object is automatically generated by IDL code generator.
It holds (1) types, (2) pointer to the unsafe function (the function without checks), and (3) the effect
of the function. We use constexpr to initialize DOMJIT::Signature without invoking global constructors.
Thus the content is embedded into the binary as the constant values.

We also clean up the IDL code generator related to DOMJIT part. Instead of switching things inside IDL
code generator, we use C++ template to dispatch things at compile time. This template meta programming
is highly utilized in IDL these days.

To make DOMJIT::Signature constexpr, we also need to define DOMJIT abstract heap things in the build time.
To do so, we introduce a tiny Ruby script to calculate the range of abstract heaps. We can offer the abstract
heap tree as YAML format and the script will produce a C++ header holding the calculated abstract heap ranges

  • CMakeLists.txt:
  • DerivedSources.make:
  • ForwardingHeaders/bytecode/SpeculatedType.h: Renamed from Source/WebCore/domjit/DOMJITAbstractHeapRepository.h.
  • ForwardingHeaders/domjit/DOMJITSignature.h: Renamed from Source/WebCore/domjit/DOMJITAbstractHeapRepository.cpp.
  • WebCore.xcodeproj/project.pbxproj:
  • bindings/js/JSDOMGlobalObject.h:
  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateHeader):
(GeneratePropertiesHashTable):
(GetUnsafeArgumentType):
(GetArgumentTypeFilter):
(GetResultTypeFilter):
(GenerateImplementation):
(UnsafeToNative):
(GenerateHashTableValueArray):
(ComputeFunctionSpecial):

  • bindings/scripts/IDLAttributes.txt:
  • bindings/scripts/test/JS/JSTestDOMJIT.cpp:

(WebCore::BindingCaller<JSTestDOMJIT>::castForOperation):
(WebCore::TestDOMJITAnyAttrDOMJIT::TestDOMJITAnyAttrDOMJIT):
(WebCore::TestDOMJITBooleanAttrDOMJIT::TestDOMJITBooleanAttrDOMJIT):
(WebCore::TestDOMJITByteAttrDOMJIT::TestDOMJITByteAttrDOMJIT):
(WebCore::TestDOMJITOctetAttrDOMJIT::TestDOMJITOctetAttrDOMJIT):
(WebCore::TestDOMJITShortAttrDOMJIT::TestDOMJITShortAttrDOMJIT):
(WebCore::TestDOMJITUnsignedShortAttrDOMJIT::TestDOMJITUnsignedShortAttrDOMJIT):
(WebCore::TestDOMJITLongAttrDOMJIT::TestDOMJITLongAttrDOMJIT):
(WebCore::TestDOMJITUnsignedLongAttrDOMJIT::TestDOMJITUnsignedLongAttrDOMJIT):
(WebCore::TestDOMJITLongLongAttrDOMJIT::TestDOMJITLongLongAttrDOMJIT):
(WebCore::TestDOMJITUnsignedLongLongAttrDOMJIT::TestDOMJITUnsignedLongLongAttrDOMJIT):
(WebCore::TestDOMJITFloatAttrDOMJIT::TestDOMJITFloatAttrDOMJIT):
(WebCore::TestDOMJITUnrestrictedFloatAttrDOMJIT::TestDOMJITUnrestrictedFloatAttrDOMJIT):
(WebCore::TestDOMJITDoubleAttrDOMJIT::TestDOMJITDoubleAttrDOMJIT):
(WebCore::TestDOMJITUnrestrictedDoubleAttrDOMJIT::TestDOMJITUnrestrictedDoubleAttrDOMJIT):
(WebCore::TestDOMJITDomStringAttrDOMJIT::TestDOMJITDomStringAttrDOMJIT):
(WebCore::TestDOMJITByteStringAttrDOMJIT::TestDOMJITByteStringAttrDOMJIT):
(WebCore::TestDOMJITUsvStringAttrDOMJIT::TestDOMJITUsvStringAttrDOMJIT):
(WebCore::TestDOMJITNodeAttrDOMJIT::TestDOMJITNodeAttrDOMJIT):
(WebCore::TestDOMJITBooleanNullableAttrDOMJIT::TestDOMJITBooleanNullableAttrDOMJIT):
(WebCore::TestDOMJITByteNullableAttrDOMJIT::TestDOMJITByteNullableAttrDOMJIT):
(WebCore::TestDOMJITOctetNullableAttrDOMJIT::TestDOMJITOctetNullableAttrDOMJIT):
(WebCore::TestDOMJITShortNullableAttrDOMJIT::TestDOMJITShortNullableAttrDOMJIT):
(WebCore::TestDOMJITUnsignedShortNullableAttrDOMJIT::TestDOMJITUnsignedShortNullableAttrDOMJIT):
(WebCore::TestDOMJITLongNullableAttrDOMJIT::TestDOMJITLongNullableAttrDOMJIT):
(WebCore::TestDOMJITUnsignedLongNullableAttrDOMJIT::TestDOMJITUnsignedLongNullableAttrDOMJIT):
(WebCore::TestDOMJITLongLongNullableAttrDOMJIT::TestDOMJITLongLongNullableAttrDOMJIT):
(WebCore::TestDOMJITUnsignedLongLongNullableAttrDOMJIT::TestDOMJITUnsignedLongLongNullableAttrDOMJIT):
(WebCore::TestDOMJITFloatNullableAttrDOMJIT::TestDOMJITFloatNullableAttrDOMJIT):
(WebCore::TestDOMJITUnrestrictedFloatNullableAttrDOMJIT::TestDOMJITUnrestrictedFloatNullableAttrDOMJIT):
(WebCore::TestDOMJITDoubleNullableAttrDOMJIT::TestDOMJITDoubleNullableAttrDOMJIT):
(WebCore::TestDOMJITUnrestrictedDoubleNullableAttrDOMJIT::TestDOMJITUnrestrictedDoubleNullableAttrDOMJIT):
(WebCore::TestDOMJITDomStringNullableAttrDOMJIT::TestDOMJITDomStringNullableAttrDOMJIT):
(WebCore::TestDOMJITByteStringNullableAttrDOMJIT::TestDOMJITByteStringNullableAttrDOMJIT):
(WebCore::TestDOMJITUsvStringNullableAttrDOMJIT::TestDOMJITUsvStringNullableAttrDOMJIT):
(WebCore::TestDOMJITNodeNullableAttrDOMJIT::TestDOMJITNodeNullableAttrDOMJIT):
(WebCore::jsTestDOMJITPrototypeFunctionGetAttribute):
(WebCore::jsTestDOMJITPrototypeFunctionGetAttributeCaller):
(WebCore::unsafeJsTestDOMJITPrototypeFunctionGetAttribute):
(WebCore::jsTestDOMJITPrototypeFunctionItem):
(WebCore::jsTestDOMJITPrototypeFunctionItemCaller):
(WebCore::unsafeJsTestDOMJITPrototypeFunctionItem):
(WebCore::jsTestDOMJITPrototypeFunctionHasAttribute):
(WebCore::jsTestDOMJITPrototypeFunctionHasAttributeCaller):
(WebCore::unsafeJsTestDOMJITPrototypeFunctionHasAttribute):
(WebCore::jsTestDOMJITPrototypeFunctionGetElementById):
(WebCore::jsTestDOMJITPrototypeFunctionGetElementByIdCaller):
(WebCore::unsafeJsTestDOMJITPrototypeFunctionGetElementById):
(WebCore::jsTestDOMJITPrototypeFunctionGetElementsByName):
(WebCore::jsTestDOMJITPrototypeFunctionGetElementsByNameCaller):
(WebCore::unsafeJsTestDOMJITPrototypeFunctionGetElementsByName):

  • bindings/scripts/test/TestDOMJIT.idl:
  • dom/Element.idl:
  • domjit/DOMJITAbstractHeapRepository.yaml: Added.
  • domjit/DOMJITIDLConvert.h: Added.

(WebCore::DOMJIT::DirectConverter<IDLDOMString>::directConvert<StringConversionConfiguration::Normal>):

  • domjit/DOMJITIDLType.h: Added.
  • domjit/DOMJITIDLTypeFilter.h: Added.
  • domjit/JSDocumentDOMJIT.cpp:

(WebCore::DocumentDocumentElementDOMJIT::callDOMGetter):

  • domjit/JSNodeDOMJIT.cpp:

(WebCore::NodeFirstChildDOMJIT::callDOMGetter):
(WebCore::NodeLastChildDOMJIT::callDOMGetter):
(WebCore::NodeNextSiblingDOMJIT::callDOMGetter):
(WebCore::NodePreviousSiblingDOMJIT::callDOMGetter):
(WebCore::NodeParentNodeDOMJIT::callDOMGetter):
(WebCore::NodeOwnerDocumentDOMJIT::callDOMGetter):

  • domjit/generate-abstract-heap.rb: Added.

LayoutTests:

  • js/dom/domjit-accessor-licm.html:
  • js/dom/domjit-function-effect-should-overlap-with-call-expected.txt: Added.
  • js/dom/domjit-function-effect-should-overlap-with-call.html: Added.
  • js/dom/domjit-function-expected.txt: Added.
  • js/dom/domjit-function-licm-expected.txt: Added.
  • js/dom/domjit-function-licm.html: Copied from LayoutTests/js/dom/domjit-accessor-licm.html.
  • js/dom/domjit-function-type-contradiction-expected.txt: Added.
  • js/dom/domjit-function-type-contradiction.html: Copied from LayoutTests/js/dom/domjit-accessor-licm.html.
  • js/dom/domjit-function-type-failure-expected.txt: Added.
  • js/dom/domjit-function-type-failure.html: Copied from LayoutTests/js/dom/domjit-accessor-licm.html.
  • js/dom/domjit-function.html: Added.
Location:
trunk
Files:
13 added
52 edited
3 copied
2 moved

Legend:

Unmodified
Added
Removed
  • trunk/LayoutTests/ChangeLog

    r208318 r208320  
     12016-11-02  Yusuke Suzuki  <utatane.tea@gmail.com>
     2
     3        [DOMJIT] Add DOMJIT::Signature
     4        https://bugs.webkit.org/show_bug.cgi?id=162980
     5
     6        Reviewed by Saam Barati and Sam Weinig.
     7
     8        * js/dom/domjit-accessor-licm.html:
     9        * js/dom/domjit-function-effect-should-overlap-with-call-expected.txt: Added.
     10        * js/dom/domjit-function-effect-should-overlap-with-call.html: Added.
     11        * js/dom/domjit-function-expected.txt: Added.
     12        * js/dom/domjit-function-licm-expected.txt: Added.
     13        * js/dom/domjit-function-licm.html: Copied from LayoutTests/js/dom/domjit-accessor-licm.html.
     14        * js/dom/domjit-function-type-contradiction-expected.txt: Added.
     15        * js/dom/domjit-function-type-contradiction.html: Copied from LayoutTests/js/dom/domjit-accessor-licm.html.
     16        * js/dom/domjit-function-type-failure-expected.txt: Added.
     17        * js/dom/domjit-function-type-failure.html: Copied from LayoutTests/js/dom/domjit-accessor-licm.html.
     18        * js/dom/domjit-function.html: Added.
     19
    1202016-11-02  Ryan Haddad  <ryanhaddad@apple.com>
    221
  • trunk/LayoutTests/js/dom/domjit-accessor-licm.html

    r207787 r208320  
    1 <!DOCTYPE HTML>
    2 <html lang="en">
    3 <head>
    4 <meta charset="UTF-8">
    5 </head>
    6 <body>
    7 <script>
    8 
    9 </script>
    10 </body>
    11 </html>
    121<!DOCTYPE html>
    132<html>
  • trunk/LayoutTests/js/dom/domjit-function-licm.html

    r208319 r208320  
    1 <!DOCTYPE HTML>
    2 <html lang="en">
    3 <head>
    4 <meta charset="UTF-8">
    5 </head>
    6 <body>
    7 <script>
    8 
    9 </script>
    10 </body>
    11 </html>
    121<!DOCTYPE html>
    132<html>
     
    2413
    2514<script>
    26 description('Test DOMJIT accessor will be LICM-ed.');
     15description('Test DOMJIT function will be LICM-ed.');
    2716
    2817function test() {
    2918    var div = document.createElement('div');
    30     var ret = 0;
     19    var ret = "invalid";
     20    div.setAttribute("cocoa", "Cocoa");
    3121    for (var i = 0; i < 1e4; ++i)
    32         ret = div.nodeType;
     22        ret = div.getAttribute("cocoa");
    3323    return ret;
    3424}
     
    3727    for (var i = 0; i < 100; ++i) {
    3828        result = test();
    39         shouldBe(`result`, `Node.ELEMENT_NODE`, true);
     29        shouldBe(`result`, `"Cocoa"`, true);
    4030    }
    4131}());
  • trunk/LayoutTests/js/dom/domjit-function-type-contradiction.html

    r208319 r208320  
    1 <!DOCTYPE HTML>
    2 <html lang="en">
    3 <head>
    4 <meta charset="UTF-8">
    5 </head>
    6 <body>
    7 <script>
    8 
    9 </script>
    10 </body>
    11 </html>
    121<!DOCTYPE html>
    132<html>
     
    2413
    2514<script>
    26 description('Test DOMJIT accessor will be LICM-ed.');
     15description('Test DOMJIT function will cause type contradiction giving up.');
    2716
    28 function test() {
    29     var div = document.createElement('div');
    30     var ret = 0;
     17var div = document.createElement('div');
     18div.setAttribute("cocoa", "Cocoa");
     19function test(div) {
     20    var ret = "invalid";
    3121    for (var i = 0; i < 1e4; ++i)
    32         ret = div.nodeType;
     22        ret = div.getAttribute(200);
    3323    return ret;
    3424}
     
    3626(function () {
    3727    for (var i = 0; i < 100; ++i) {
    38         result = test();
    39         shouldBe(`result`, `Node.ELEMENT_NODE`, true);
     28        result = test(div);
     29        shouldBe(`result`, `null`, true);
    4030    }
    4131}());
  • trunk/LayoutTests/js/dom/domjit-function-type-failure.html

    r208319 r208320  
    1 <!DOCTYPE HTML>
    2 <html lang="en">
    3 <head>
    4 <meta charset="UTF-8">
    5 </head>
    6 <body>
    7 <script>
    8 
    9 </script>
    10 </body>
    11 </html>
    121<!DOCTYPE html>
    132<html>
     
    2413
    2514<script>
    26 description('Test DOMJIT accessor will be LICM-ed.');
     15description('Test DOMJIT function will cause BadType OSR exits.');
    2716
    28 function test() {
    29     var div = document.createElement('div');
    30     var ret = 0;
     17var div = document.createElement('div');
     18div.setAttribute("cocoa", "Cocoa");
     19function test(div, name) {
     20    var ret = "invalid";
    3121    for (var i = 0; i < 1e4; ++i)
    32         ret = div.nodeType;
     22        ret = div.getAttribute(name);
    3323    return ret;
    3424}
     
    3626(function () {
    3727    for (var i = 0; i < 100; ++i) {
    38         result = test();
    39         shouldBe(`result`, `Node.ELEMENT_NODE`, true);
     28        result = test(div, 'cocoa');
     29        shouldBe(`result`, `"Cocoa"`, true);
     30    }
     31    for (var i = 0; i < 100; ++i) {
     32        result = test(div, 400);
     33        shouldBe(`result`, `null`, true);
    4034    }
    4135}());
  • trunk/Source/JavaScriptCore/ChangeLog

    r208317 r208320  
     12016-11-02  Yusuke Suzuki  <utatane.tea@gmail.com>
     2
     3        [DOMJIT] Add DOMJIT::Signature
     4        https://bugs.webkit.org/show_bug.cgi?id=162980
     5
     6        Reviewed by Saam Barati and Sam Weinig.
     7
     8        This patch introduces a new mechanism called DOMJIT::Signature. We can annotate the function with DOMJIT::Signature.
     9        DOMJIT::Signature has type information of that function. And it also maintains the effect of the function and the
     10        pointer to the unsafe function. The unsafe function means the function without type and argument count checks.
     11        By using these information, we can separate type and argument count checks from the function. And we can emit
     12        these things as DFG checks and convert the function call itself to CallDOM node. CallDOM node can call the unsafe
     13        function directly without any checks. Furthermore, this CallDOM node can represent its own clobberizing rules based
     14        on DOMJIT::Effect maintained by DOMJIT::Signature. It allows us to make opaque Call node to a CallDOM node that
     15        merely reads some part of heap. These changes (1) can drop duplicate type checks in DFG, (2) offer ability to move
     16        CallDOM node to somewhere, and (3) track more detailed heap reads and writes of CallDOM nodes.
     17
     18        We first emit Call node with DOMJIT::Signature in DFGByteCodeParser. And in the fixup phase, we attempt to lower
     19        Call node to CallDOM node with checks & edge filters. This is because we do not know the type predictions in
     20        DFGByteCodeParser phase. If we always emit CallDOM node in DFGByteCodeParser, if we evaluate `div.getAttribute(true)`
     21        thingy, the Uncountable OSR exits repeatedly happen because AI figures out the abstract value is cleared.
     22
     23        Currently, DOMJIT signature only allows the types that can reside in GPR. This is because the types of the unsafe
     24        function arguments are represented as the sequence of void*. In the future, we will extend to accept other types like
     25        float, double etc.
     26
     27        We annotate several functions in Element. In particular, we annotate Element::getAttribute. This allows us to perform
     28        LICM in Dromaeo dom-attr test. In the Dromaeo dom-attr getAttribute test, we can see 32x improvement. (134974.8 v.s. 4203.4)
     29
     30        * JavaScriptCore.xcodeproj/project.pbxproj:
     31        * bytecode/CallVariant.h:
     32        (JSC::CallVariant::functionExecutable):
     33        (JSC::CallVariant::nativeExecutable):
     34        (JSC::CallVariant::signatureFor):
     35        * bytecode/SpeculatedType.h:
     36        (JSC::isNotStringSpeculation):
     37        (JSC::isNotInt32Speculation):
     38        (JSC::isNotBooleanSpeculation):
     39        * dfg/DFGAbstractInterpreterInlines.h:
     40        (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
     41        * dfg/DFGByteCodeParser.cpp:
     42        (JSC::DFG::ByteCodeParser::addCall):
     43        (JSC::DFG::ByteCodeParser::handleCall):
     44        (JSC::DFG::ByteCodeParser::attemptToInlineCall):
     45        (JSC::DFG::ByteCodeParser::handleInlining):
     46        (JSC::DFG::ByteCodeParser::handleDOMJITCall):
     47        (JSC::DFG::ByteCodeParser::parseBlock):
     48        * dfg/DFGClobberize.h:
     49        (JSC::DFG::clobberize):
     50        * dfg/DFGDoesGC.cpp:
     51        (JSC::DFG::doesGC):
     52        * dfg/DFGFixupPhase.cpp:
     53        (JSC::DFG::FixupPhase::fixupNode):
     54        (JSC::DFG::FixupPhase::attemptToMakeCallDOM):
     55        (JSC::DFG::FixupPhase::fixupCheckDOM):
     56        (JSC::DFG::FixupPhase::fixupCallDOM):
     57        * dfg/DFGNode.cpp:
     58        (JSC::DFG::Node::convertToCallDOM):
     59        * dfg/DFGNode.h:
     60        (JSC::DFG::Node::hasHeapPrediction):
     61        (JSC::DFG::Node::shouldSpeculateNotInt32):
     62        (JSC::DFG::Node::shouldSpeculateNotBoolean):
     63        (JSC::DFG::Node::shouldSpeculateNotString):
     64        (JSC::DFG::Node::hasSignature):
     65        (JSC::DFG::Node::signature):
     66        * dfg/DFGNodeType.h:
     67        * dfg/DFGPredictionPropagationPhase.cpp:
     68        * dfg/DFGSafeToExecute.h:
     69        (JSC::DFG::safeToExecute):
     70        * dfg/DFGSpeculativeJIT.cpp:
     71        (JSC::DFG::SpeculativeJIT::compileCallDOM):
     72        * dfg/DFGSpeculativeJIT.h:
     73        (JSC::DFG::SpeculativeJIT::callOperation):
     74        * dfg/DFGSpeculativeJIT32_64.cpp:
     75        (JSC::DFG::SpeculativeJIT::compile):
     76        * dfg/DFGSpeculativeJIT64.cpp:
     77        (JSC::DFG::SpeculativeJIT::compile):
     78        * domjit/DOMJITEffect.h:
     79        (JSC::DOMJIT::Effect::Effect):
     80        (JSC::DOMJIT::Effect::forWrite):
     81        (JSC::DOMJIT::Effect::forRead):
     82        (JSC::DOMJIT::Effect::forReadWrite):
     83        (JSC::DOMJIT::Effect::forPure):
     84        (JSC::DOMJIT::Effect::forDef):
     85        (JSC::DOMJIT::Effect::mustGenerate):
     86        In clang, we cannot make this Effect constructor constexpr if we use Optional<HeapRange>.
     87        So we use HeapRange::top() for Nullopt def now.
     88
     89        * domjit/DOMJITHeapRange.h:
     90        (JSC::DOMJIT::HeapRange::fromRaw):
     91        (JSC::DOMJIT::HeapRange::operator bool):
     92        (JSC::DOMJIT::HeapRange::operator==):
     93        (JSC::DOMJIT::HeapRange::operator!=):
     94        (JSC::DOMJIT::HeapRange::fromConstant):
     95        * domjit/DOMJITSignature.h: Copied from Source/JavaScriptCore/domjit/DOMJITEffect.h.
     96        (JSC::DOMJIT::Signature::Signature):
     97        (JSC::DOMJIT::Signature::argumentCount):
     98        (JSC::DOMJIT::Signature::checkDOM):
     99        * ftl/FTLCapabilities.cpp:
     100        (JSC::FTL::canCompile):
     101        * ftl/FTLLowerDFGToB3.cpp:
     102        (JSC::FTL::DFG::LowerDFGToB3::compileNode):
     103        (JSC::FTL::DFG::LowerDFGToB3::compileCallDOM):
     104        * jit/JITOperations.h:
     105        * jit/JITThunks.cpp:
     106        (JSC::JITThunks::hostFunctionStub):
     107        * jit/JITThunks.h:
     108        * runtime/JSBoundFunction.cpp:
     109        (JSC::JSBoundFunction::create):
     110        * runtime/JSCell.h:
     111        * runtime/JSFunction.cpp:
     112        (JSC::JSFunction::create):
     113        * runtime/JSFunction.h:
     114        * runtime/JSNativeStdFunction.cpp:
     115        (JSC::JSNativeStdFunction::create):
     116        * runtime/JSObject.cpp:
     117        (JSC::JSObject::putDirectNativeFunction):
     118        * runtime/JSObject.h:
     119        * runtime/Lookup.h:
     120        (JSC::HashTableValue::functionLength):
     121        (JSC::HashTableValue::signature):
     122        (JSC::reifyStaticProperty):
     123        * runtime/NativeExecutable.cpp:
     124        (JSC::NativeExecutable::create):
     125        (JSC::NativeExecutable::NativeExecutable):
     126        * runtime/NativeExecutable.h:
     127        * runtime/PropertySlot.h:
     128        * runtime/VM.cpp:
     129        (JSC::VM::getHostFunction):
     130        * runtime/VM.h:
     131
    11322016-11-02  Andreas Kling  <akling@apple.com>
    2133
  • trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj

    r208312 r208320  
    22092209                E33F50871B8449EF00413856 /* JSInternalPromiseConstructor.lut.h in Headers */ = {isa = PBXBuildFile; fileRef = E33F50861B8449EF00413856 /* JSInternalPromiseConstructor.lut.h */; };
    22102210                E34EDBF71DB5FFC900DC87A5 /* FrameTracers.h in Headers */ = {isa = PBXBuildFile; fileRef = E34EDBF61DB5FFC100DC87A5 /* FrameTracers.h */; settings = {ATTRIBUTES = (Private, ); }; };
     2211                E350708A1DC49BBF0089BCD6 /* DOMJITSignature.h in Headers */ = {isa = PBXBuildFile; fileRef = E35070891DC49BB60089BCD6 /* DOMJITSignature.h */; settings = {ATTRIBUTES = (Private, ); }; };
    22112212                E354622B1B6065D100545386 /* ConstructAbility.h in Headers */ = {isa = PBXBuildFile; fileRef = E354622A1B6065D100545386 /* ConstructAbility.h */; settings = {ATTRIBUTES = (Private, ); }; };
    22122213                E3555B8A1DAE03A500F36921 /* DOMJITCallDOMGetterPatchpoint.h in Headers */ = {isa = PBXBuildFile; fileRef = E3555B891DAE03A200F36921 /* DOMJITCallDOMGetterPatchpoint.h */; settings = {ATTRIBUTES = (Private, ); }; };
     
    46354636                E33F50881B844A1A00413856 /* InternalPromiseConstructor.js */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.javascript; path = InternalPromiseConstructor.js; sourceTree = "<group>"; };
    46364637                E34EDBF61DB5FFC100DC87A5 /* FrameTracers.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = FrameTracers.h; sourceTree = "<group>"; };
     4638                E35070891DC49BB60089BCD6 /* DOMJITSignature.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DOMJITSignature.h; sourceTree = "<group>"; };
    46374639                E354622A1B6065D100545386 /* ConstructAbility.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ConstructAbility.h; sourceTree = "<group>"; };
    46384640                E3555B891DAE03A200F36921 /* DOMJITCallDOMGetterPatchpoint.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DOMJITCallDOMGetterPatchpoint.h; sourceTree = "<group>"; };
     
    75767578                                E37AD83B1DA4928000F3D412 /* DOMJITReg.h */,
    75777579                                E3CB1E241DA7540A00FA1E56 /* DOMJITSlowPathCalls.h */,
     7580                                E35070891DC49BB60089BCD6 /* DOMJITSignature.h */,
    75787581                                E3FFC8521DAD7D1000DEA53E /* DOMJITValue.h */,
    75797582                        );
     
    85048507                                AD2FCBF31DB58DAD00B3E736 /* WebAssemblyInstancePrototype.h in Headers */,
    85058508                                BC18C4290E16F5CD00B34460 /* JSStringRefCF.h in Headers */,
     8509                                E350708A1DC49BBF0089BCD6 /* DOMJITSignature.h in Headers */,
    85068510                                1A28D4A8177B71C80007FA3C /* JSStringRefPrivate.h in Headers */,
    85078511                                0F919D0D157EE0A2004A4E7D /* JSSymbolTableObject.h in Headers */,
  • trunk/Source/JavaScriptCore/bytecode/CallVariant.h

    r208063 r208320  
    2929#include "JSCell.h"
    3030#include "JSFunction.h"
     31#include "NativeExecutable.h"
    3132
    3233namespace JSC {
     
    119120        if (ExecutableBase* executable = this->executable())
    120121            return jsDynamicCast<FunctionExecutable*>(executable);
     122        return nullptr;
     123    }
     124
     125    NativeExecutable* nativeExecutable() const
     126    {
     127        if (ExecutableBase* executable = this->executable())
     128            return jsDynamicCast<NativeExecutable*>(executable);
     129        return nullptr;
     130    }
     131
     132    const DOMJIT::Signature* signatureFor(CodeSpecializationKind kind) const
     133    {
     134        if (NativeExecutable* nativeExecutable = this->nativeExecutable())
     135            return nativeExecutable->signatureFor(kind);
    121136        return nullptr;
    122137    }
  • trunk/Source/JavaScriptCore/bytecode/SpeculatedType.h

    r206525 r208320  
    152152}
    153153
     154inline bool isNotStringSpeculation(SpeculatedType value)
     155{
     156    return value && !(value & SpecString);
     157}
     158
    154159inline bool isStringOrOtherSpeculation(SpeculatedType value)
    155160{
     
    304309}
    305310
     311inline bool isNotInt32Speculation(SpeculatedType value)
     312{
     313    return value && !(value & SpecInt32Only);
     314}
     315
    306316inline bool isInt32OrBooleanSpeculation(SpeculatedType value)
    307317{
     
    387397{
    388398    return value == SpecBoolean;
     399}
     400
     401inline bool isNotBooleanSpeculation(SpeculatedType value)
     402{
     403    return value && !(value & SpecBoolean);
    389404}
    390405
  • trunk/Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h

    r208235 r208320  
    3131#include "DFGAbstractInterpreter.h"
    3232#include "DOMJITGetterSetter.h"
     33#include "DOMJITSignature.h"
    3334#include "GetByIdStatus.h"
    3435#include "GetterSetter.h"
     
    23022303            clobberWorld(node->origin.semantic, clobberLimit);
    23032304        forNode(node).setType(m_graph, callDOMGetterData->domJIT->resultType());
     2305        break;
     2306    }
     2307    case CallDOM: {
     2308        const DOMJIT::Signature* signature = node->signature();
     2309        if (signature->effect.writes)
     2310            clobberWorld(node->origin.semantic, clobberLimit);
     2311        forNode(node).setType(m_graph, signature->result);
    23042312        break;
    23052313    }
  • trunk/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp

    r208309 r208320  
    214214    bool handleIntrinsicCall(Node* callee, int resultOperand, Intrinsic, int registerOffset, int argumentCountIncludingThis, SpeculatedType prediction, const ChecksFunctor& insertChecks);
    215215    template<typename ChecksFunctor>
     216    bool handleDOMJITCall(Node* callee, int resultOperand, const DOMJIT::Signature*, int registerOffset, int argumentCountIncludingThis, SpeculatedType prediction, const ChecksFunctor& insertChecks);
     217    template<typename ChecksFunctor>
    216218    bool handleIntrinsicGetter(int resultOperand, const GetByIdVariant& intrinsicVariant, Node* thisNode, const ChecksFunctor& insertChecks);
    217219    template<typename ChecksFunctor>
     
    819821   
    820822    Node* addCall(
    821         int result, NodeType op, OpInfo opInfo, Node* callee, int argCount, int registerOffset,
     823        int result, NodeType op, const DOMJIT::Signature* signature, Node* callee, int argCount, int registerOffset,
    822824        SpeculatedType prediction)
    823825    {
    824826        if (op == TailCall) {
    825827            if (allInlineFramesAreTailCalls())
    826                 return addCallWithoutSettingResult(op, OpInfo(), callee, argCount, registerOffset, OpInfo());
     828                return addCallWithoutSettingResult(op, OpInfo(signature), callee, argCount, registerOffset, OpInfo());
    827829            op = TailCallInlinedCaller;
    828830        }
     
    830832
    831833        Node* call = addCallWithoutSettingResult(
    832             op, opInfo, callee, argCount, registerOffset, OpInfo(prediction));
     834            op, OpInfo(signature), callee, argCount, registerOffset, OpInfo(prediction));
    833835        VirtualRegister resultReg(result);
    834836        if (resultReg.isValid())
     
    12851287        // that we cannot optimize them.
    12861288
    1287         Node* callNode = addCall(result, op, OpInfo(), callTarget, argumentCountIncludingThis, registerOffset, prediction);
     1289        Node* callNode = addCall(result, op, nullptr, callTarget, argumentCountIncludingThis, registerOffset, prediction);
    12881290        if (callNode->op() == TailCall)
    12891291            return Terminal;
     
    13001302    }
    13011303   
    1302     Node* callNode = addCall(result, op, OpInfo(), callTarget, argumentCountIncludingThis, registerOffset, prediction);
     1304    Node* callNode = addCall(result, op, nullptr, callTarget, argumentCountIncludingThis, registerOffset, prediction);
    13031305    if (callNode->op() == TailCall)
    13041306        return Terminal;
     
    17261728            RELEASE_ASSERT(!didInsertChecks);
    17271729            // We might still try to inline the Intrinsic because it might be a builtin JS function.
     1730        }
     1731
     1732        if (Options::useDOMJIT()) {
     1733            if (const DOMJIT::Signature* signature = callee.signatureFor(specializationKind)) {
     1734                if (handleDOMJITCall(callTargetNode, resultOperand, signature, registerOffset, argumentCountIncludingThis, prediction, insertChecksWithAccounting)) {
     1735                    RELEASE_ASSERT(didInsertChecks);
     1736                    addToGraph(Phantom, callTargetNode);
     1737                    emitArgumentPhantoms(registerOffset, argumentCountIncludingThis);
     1738                    inliningBalance--;
     1739                    return true;
     1740                }
     1741                RELEASE_ASSERT(!didInsertChecks);
     1742            }
    17281743        }
    17291744    }
     
    20522067    if (couldTakeSlowPath) {
    20532068        addCall(
    2054             resultOperand, callOp, OpInfo(), myCallTargetNode, argumentCountIncludingThis,
     2069            resultOperand, callOp, nullptr, myCallTargetNode, argumentCountIncludingThis,
    20552070            registerOffset, prediction);
    20562071    } else {
     
    26002615    }
    26012616}
     2617
     2618template<typename ChecksFunctor>
     2619bool ByteCodeParser::handleDOMJITCall(Node* callTarget, int resultOperand, const DOMJIT::Signature* signature, int registerOffset, int argumentCountIncludingThis, SpeculatedType prediction, const ChecksFunctor& insertChecks)
     2620{
     2621    if (argumentCountIncludingThis != static_cast<int>(1 + signature->argumentCount))
     2622        return false;
     2623    if (m_inlineStackTop->m_exitProfile.hasExitSite(m_currentIndex, BadType))
     2624        return false;
     2625
     2626    // FIXME: Currently, we only support functions which arguments are up to 2.
     2627    // Eventually, we should extend this. But possibly, 2 or 3 can cover typical use cases.
     2628    // https://bugs.webkit.org/show_bug.cgi?id=164346
     2629    ASSERT_WITH_MESSAGE(argumentCountIncludingThis <= JSC_DOMJIT_SIGNATURE_MAX_ARGUMENTS_INCLUDING_THIS, "Currently CallDOM does not support an arbitrary length arguments.");
     2630
     2631    insertChecks();
     2632    addCall(resultOperand, Call, signature, callTarget, argumentCountIncludingThis, registerOffset, prediction);
     2633    return true;
     2634}
     2635
    26022636
    26032637template<typename ChecksFunctor>
     
    47934827            int argumentCountIncludingThis = currentInstruction[3].u.operand;
    47944828            int registerOffset = -currentInstruction[4].u.operand;
    4795             addCall(result, CallEval, OpInfo(), get(VirtualRegister(callee)), argumentCountIncludingThis, registerOffset, getPrediction());
     4829            addCall(result, CallEval, nullptr, get(VirtualRegister(callee)), argumentCountIncludingThis, registerOffset, getPrediction());
    47964830            NEXT_OPCODE(op_call_eval);
    47974831        }
  • trunk/Source/JavaScriptCore/dfg/DFGClobberize.h

    r208235 r208320  
    3535#include "DFGPureValue.h"
    3636#include "DOMJITCallDOMGetterPatchpoint.h"
     37#include "DOMJITSignature.h"
    3738
    3839namespace JSC { namespace DFG {
     
    959960                write(AbstractHeap(DOMState, effect.writes.rawRepresentation()));
    960961        }
    961         if (effect.def) {
    962             DOMJIT::HeapRange range = effect.def.value();
     962        if (effect.def != DOMJIT::HeapRange::top()) {
     963            DOMJIT::HeapRange range = effect.def;
    963964            if (range == DOMJIT::HeapRange::none())
    964965                def(PureValue(node, node->callDOMGetterData()->domJIT));
    965966            else {
    966967                // Def with heap location. We do not include "GlobalObject" for that since this information is included in the base node.
    967                 // FIXME: When supporting the other nodes like getElementById("string"), we should include the base and the id string.
    968                 // Currently, we only see the DOMJIT getter here. So just including "base" is ok.
     968                // We only see the DOMJIT getter here. So just including "base" is ok.
    969969                def(HeapLocation(DOMStateLoc, AbstractHeap(DOMState, range.rawRepresentation()), node->child1()), LazyNode(node));
    970970            }
    971971        }
     972        return;
     973    }
     974
     975    case CallDOM: {
     976        const DOMJIT::Signature* signature = node->signature();
     977        DOMJIT::Effect effect = signature->effect;
     978        if (effect.reads) {
     979            if (effect.reads == DOMJIT::HeapRange::top())
     980                read(World);
     981            else
     982                read(AbstractHeap(DOMState, effect.reads.rawRepresentation()));
     983        }
     984        if (effect.writes) {
     985            if (effect.writes == DOMJIT::HeapRange::top())
     986                write(Heap);
     987            else
     988                write(AbstractHeap(DOMState, effect.writes.rawRepresentation()));
     989        }
     990        ASSERT_WITH_MESSAGE(effect.def == DOMJIT::HeapRange::top(), "Currently, we do not accept any def for CallDOM.");
    972991        return;
    973992    }
  • trunk/Source/JavaScriptCore/dfg/DFGDoesGC.cpp

    r208235 r208320  
    302302    case ToLowerCase:
    303303    case CallDOMGetter:
     304    case CallDOM:
    304305        return true;
    305306       
  • trunk/Source/JavaScriptCore/dfg/DFGFixupPhase.cpp

    r208235 r208320  
    17091709        }
    17101710
    1711         case CheckDOM:
    1712             fixEdge<CellUse>(node->child1());
    1713             break;
     1711        case CheckDOM: {
     1712            fixupCheckDOM(node);
     1713            break;
     1714        }
    17141715
    17151716        case CallDOMGetter: {
     
    17181719            if (patchpoint->requireGlobalObject)
    17191720                fixEdge<KnownCellUse>(node->child2()); // GlobalObject.
     1721            break;
     1722        }
     1723
     1724        case CallDOM: {
     1725            fixupCallDOM(node);
     1726            break;
     1727        }
     1728
     1729        case Call: {
     1730            attemptToMakeCallDOM(node);
    17201731            break;
    17211732        }
     
    17371748        case GetGlobalLexicalVariable:
    17381749        case NotifyWrite:
    1739         case Call:
    17401750        case DirectCall:
    17411751        case CheckTypeInfoFlags:
     
    26602670    }
    26612671   
     2672    bool attemptToMakeCallDOM(Node* node)
     2673    {
     2674        if (m_graph.hasExitSite(node->origin.semantic, BadType))
     2675            return false;
     2676
     2677        const DOMJIT::Signature* signature = node->signature();
     2678        if (!signature)
     2679            return false;
     2680
     2681        {
     2682            unsigned index = 0;
     2683            bool shouldConvertToCallDOM = true;
     2684            m_graph.doToChildren(node, [&](Edge& edge) {
     2685                // Callee. Ignore this. DFGByteCodeParser already emit appropriate checks.
     2686                if (!index)
     2687                    return;
     2688
     2689                if (index == 1) {
     2690                    // DOM node case.
     2691                    if (edge->shouldSpeculateNotCell())
     2692                        shouldConvertToCallDOM = false;
     2693                } else {
     2694                    switch (signature->arguments[index - 2]) {
     2695                    case SpecString:
     2696                        if (edge->shouldSpeculateNotString())
     2697                            shouldConvertToCallDOM = false;
     2698                        break;
     2699                    case SpecInt32Only:
     2700                        if (edge->shouldSpeculateNotInt32())
     2701                            shouldConvertToCallDOM = false;
     2702                        break;
     2703                    case SpecBoolean:
     2704                        if (edge->shouldSpeculateNotBoolean())
     2705                            shouldConvertToCallDOM = false;
     2706                        break;
     2707                    default:
     2708                        RELEASE_ASSERT_NOT_REACHED();
     2709                        break;
     2710                    }
     2711                }
     2712                ++index;
     2713            });
     2714            if (!shouldConvertToCallDOM)
     2715                return false;
     2716        }
     2717
     2718        Node* thisNode = m_graph.varArgChild(node, 1).node();
     2719        Ref<DOMJIT::Patchpoint> checkDOMPatchpoint = signature->checkDOM();
     2720        m_graph.m_domJITPatchpoints.append(checkDOMPatchpoint.ptr());
     2721        Node* checkDOM = m_insertionSet.insertNode(m_indexInBlock, SpecNone, CheckDOM, node->origin, OpInfo(checkDOMPatchpoint.ptr()), OpInfo(signature->classInfo), Edge(thisNode));
     2722        node->convertToCallDOM(m_graph);
     2723        fixupCheckDOM(checkDOM);
     2724        fixupCallDOM(node);
     2725        return true;
     2726    }
     2727
     2728    void fixupCheckDOM(Node* node)
     2729    {
     2730        fixEdge<CellUse>(node->child1());
     2731    }
     2732
     2733    void fixupCallDOM(Node* node)
     2734    {
     2735        const DOMJIT::Signature* signature = node->signature();
     2736        auto fixup = [&](Edge& edge, unsigned argumentIndex) {
     2737            if (!edge)
     2738                return;
     2739            switch (signature->arguments[argumentIndex]) {
     2740            case SpecString:
     2741                fixEdge<StringUse>(edge);
     2742                break;
     2743            case SpecInt32Only:
     2744                fixEdge<Int32Use>(edge);
     2745                break;
     2746            case SpecBoolean:
     2747                fixEdge<BooleanUse>(edge);
     2748                break;
     2749            default:
     2750                RELEASE_ASSERT_NOT_REACHED();
     2751                break;
     2752            }
     2753        };
     2754        fixEdge<CellUse>(node->child1()); // DOM.
     2755        fixup(node->child2(), 0);
     2756        fixup(node->child3(), 1);
     2757    }
     2758
    26622759    void fixupChecksInBlock(BasicBlock* block)
    26632760    {
  • trunk/Source/JavaScriptCore/dfg/DFGNode.cpp

    r207475 r208320  
    221221}
    222222
     223void Node::convertToCallDOM(Graph& graph)
     224{
     225    ASSERT(op() == Call);
     226    ASSERT(signature());
     227
     228    Edge edges[3];
     229    // Skip the first one. This is callee.
     230    RELEASE_ASSERT(numChildren() <= 4);
     231    for (unsigned i = 1; i < numChildren(); ++i)
     232        edges[i - 1] = graph.varArgChild(this, i);
     233
     234    setOpAndDefaultFlags(CallDOM);
     235    children.setChild1(edges[0]);
     236    children.setChild2(edges[1]);
     237    children.setChild3(edges[2]);
     238
     239    if (!signature()->effect.mustGenerate())
     240        clearFlags(NodeMustGenerate);
     241}
     242
    223243String Node::tryGetString(Graph& graph)
    224244{
  • trunk/Source/JavaScriptCore/dfg/DFGNode.h

    r208235 r208320  
    6363class Patchpoint;
    6464class CallDOMGetterPatchpoint;
     65class Signature;
    6566}
    6667
     
    653654   
    654655    void convertToDirectCall(FrozenValue*);
     656
     657    void convertToCallDOM(Graph&);
    655658   
    656659    JSValue asJSValue()
     
    14651468        case LoadFromJSMapBucket:
    14661469        case CallDOMGetter:
     1470        case CallDOM:
    14671471            return true;
    14681472        default:
     
    19821986        return isInt32Speculation(prediction());
    19831987    }
     1988
     1989    bool shouldSpeculateNotInt32()
     1990    {
     1991        return isNotInt32Speculation(prediction());
     1992    }
    19841993   
    19851994    bool sawBooleans()
     
    20412050    {
    20422051        return isBooleanSpeculation(prediction());
     2052    }
     2053
     2054    bool shouldSpeculateNotBoolean()
     2055    {
     2056        return isNotBooleanSpeculation(prediction());
    20432057    }
    20442058   
     
    20662080    {
    20672081        return isStringSpeculation(prediction());
     2082    }
     2083
     2084    bool shouldSpeculateNotString()
     2085    {
     2086        return isNotStringSpeculation(prediction());
    20682087    }
    20692088 
     
    23672386    {
    23682387        return m_opInfo2.as<const ClassInfo*>();
     2388    }
     2389
     2390    bool hasSignature() const
     2391    {
     2392        // Note that this does not include TailCall node types intentionally.
     2393        // CallDOM node types are always converted from Call.
     2394        return op() == Call || op() == CallDOM;
     2395    }
     2396
     2397    const DOMJIT::Signature* signature()
     2398    {
     2399        return m_opInfo.as<const DOMJIT::Signature*>();
    23692400    }
    23702401
  • trunk/Source/JavaScriptCore/dfg/DFGNodeType.h

    r208235 r208320  
    408408    macro(CheckDOM, NodeMustGenerate) \
    409409    macro(CallDOMGetter, NodeResultJS | NodeMustGenerate) \
     410    macro(CallDOM, NodeResultJS | NodeMustGenerate) \
    410411
    411412// This enum generates a monotonically increasing id for all Node types,
  • trunk/Source/JavaScriptCore/dfg/DFGPredictionPropagationPhase.cpp

    r208235 r208320  
    10211021        case SetRegExpObjectLastIndex:
    10221022        case RecordRegExpCachedResult:
    1023         case LazyJSConstant: {
     1023        case LazyJSConstant:
     1024        case CallDOM: {
    10241025            // This node should never be visible at this stage of compilation. It is
    10251026            // inserted by fixup(), which follows this phase.
  • trunk/Source/JavaScriptCore/dfg/DFGSafeToExecute.h

    r208235 r208320  
    221221    case GetButterfly:
    222222    case CallDOMGetter:
     223    case CallDOM:
    223224    case CheckDOM:
    224225    case CheckArray:
  • trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp

    r208235 r208320  
    72617261}
    72627262
     7263void SpeculativeJIT::compileCallDOM(Node* node)
     7264{
     7265    const DOMJIT::Signature* signature = node->signature();
     7266
     7267    // FIXME: We should have a way to call functions with the vector of registers.
     7268    // https://bugs.webkit.org/show_bug.cgi?id=163099
     7269    Vector<Variant<SpeculateCellOperand, SpeculateInt32Operand, SpeculateBooleanOperand>, JSC_DOMJIT_SIGNATURE_MAX_ARGUMENTS_INCLUDING_THIS> operands;
     7270    Vector<GPRReg, JSC_DOMJIT_SIGNATURE_MAX_ARGUMENTS_INCLUDING_THIS> regs;
     7271
     7272    auto appendCell = [&](Edge& edge) {
     7273        SpeculateCellOperand operand(this, edge);
     7274        regs.append(operand.gpr());
     7275        operands.append(WTFMove(operand));
     7276    };
     7277
     7278    auto appendString = [&](Edge& edge) {
     7279        SpeculateCellOperand operand(this, edge);
     7280        GPRReg gpr = operand.gpr();
     7281        regs.append(gpr);
     7282        speculateString(edge, gpr);
     7283        operands.append(WTFMove(operand));
     7284    };
     7285
     7286    auto appendInt32 = [&](Edge& edge) {
     7287        SpeculateInt32Operand operand(this, edge);
     7288        regs.append(operand.gpr());
     7289        operands.append(WTFMove(operand));
     7290    };
     7291
     7292    auto appendBoolean = [&](Edge& edge) {
     7293        SpeculateBooleanOperand operand(this, edge);
     7294        regs.append(operand.gpr());
     7295        operands.append(WTFMove(operand));
     7296    };
     7297
     7298    unsigned index = 0;
     7299    m_jit.graph().doToChildren(node, [&](Edge edge) {
     7300        if (!index)
     7301            appendCell(edge);
     7302        else {
     7303            switch (signature->arguments[index - 1]) {
     7304            case SpecString:
     7305                appendString(edge);
     7306                break;
     7307            case SpecInt32Only:
     7308                appendInt32(edge);
     7309                break;
     7310            case SpecBoolean:
     7311                appendBoolean(edge);
     7312                break;
     7313            default:
     7314                RELEASE_ASSERT_NOT_REACHED();
     7315                break;
     7316            }
     7317        }
     7318        ++index;
     7319    });
     7320
     7321    JSValueRegsTemporary result(this);
     7322    JSValueRegs resultRegs = result.regs();
     7323
     7324    flushRegisters();
     7325    unsigned argumentCountIncludingThis = signature->argumentCount + 1;
     7326    switch (argumentCountIncludingThis) {
     7327    case 1:
     7328        callOperation(reinterpret_cast<J_JITOperation_EP>(signature->unsafeFunction), extractResult(resultRegs), regs[0]);
     7329        break;
     7330    case 2:
     7331        callOperation(reinterpret_cast<J_JITOperation_EPP>(signature->unsafeFunction), extractResult(resultRegs), regs[0], regs[1]);
     7332        break;
     7333    case 3:
     7334        callOperation(reinterpret_cast<J_JITOperation_EPPP>(signature->unsafeFunction), extractResult(resultRegs), regs[0], regs[1], regs[2]);
     7335        break;
     7336    default:
     7337        RELEASE_ASSERT_NOT_REACHED();
     7338        break;
     7339    }
     7340
     7341    m_jit.exceptionCheck();
     7342    jsValueResult(resultRegs, node);
     7343}
     7344
    72637345void SpeculativeJIT::compileCallDOMGetter(Node* node)
    72647346{
  • trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h

    r208117 r208320  
    16521652        return appendCallSetResult(operation, result);
    16531653    }
     1654    JITCompiler::Call callOperation(J_JITOperation_EPPP operation, GPRReg result, GPRReg arg1, GPRReg arg2, GPRReg arg3)
     1655    {
     1656        m_jit.setupArgumentsWithExecState(arg1, arg2, arg3);
     1657        return appendCallSetResult(operation, result);
     1658    }
    16541659    JITCompiler::Call callOperation(J_JITOperation_EGP operation, GPRReg result, GPRReg arg1, GPRReg arg2)
    16551660    {
     
    19141919    {
    19151920        m_jit.setupArgumentsWithExecState(arg1, TrustedImmPtr(pointer));
     1921        return appendCallSetResult(operation, result.payloadGPR(), result.tagGPR());
     1922    }
     1923    JITCompiler::Call callOperation(J_JITOperation_EPP operation, JSValueRegs result, GPRReg arg1, GPRReg arg2)
     1924    {
     1925        m_jit.setupArgumentsWithExecState(arg1, arg2);
     1926        return appendCallSetResult(operation, result.payloadGPR(), result.tagGPR());
     1927    }
     1928    JITCompiler::Call callOperation(J_JITOperation_EPPP operation, JSValueRegs result, GPRReg arg1, GPRReg arg2, GPRReg arg3)
     1929    {
     1930        m_jit.setupArgumentsWithExecState(arg1, arg2, arg3);
    19161931        return appendCallSetResult(operation, result.payloadGPR(), result.tagGPR());
    19171932    }
     
    25632578    void compileGetButterfly(Node*);
    25642579    void compileCallDOMGetter(Node*);
     2580    void compileCallDOM(Node*);
    25652581    void compileCheckDOM(Node*);
    25662582   
  • trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp

    r208235 r208320  
    55625562    }
    55635563
     5564    case CallDOM:
     5565        compileCallDOM(node);
     5566        break;
     5567
    55645568    case CallDOMGetter:
    55655569        compileCallDOMGetter(node);
  • trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp

    r208235 r208320  
    56945694        break;
    56955695
     5696    case CallDOM:
     5697        compileCallDOM(node);
     5698        break;
     5699
    56965700    case CallDOMGetter:
    56975701        compileCallDOMGetter(node);
  • trunk/Source/JavaScriptCore/domjit/DOMJITEffect.h

    r207787 r208320  
    2929#include <wtf/Optional.h>
    3030
    31 #if ENABLE(JIT)
    32 
    3331namespace JSC { namespace DOMJIT {
    3432
    35 struct Effect {
     33class Effect {
     34public:
    3635    HeapRange reads { HeapRange::top() };
    3736    HeapRange writes { HeapRange::top() };
    38     Optional<HeapRange> def;
     37    HeapRange def { HeapRange::top() };
    3938
    40     static Effect forReadWrite(HeapRange readRange, HeapRange writeRange)
     39    constexpr Effect() = default;
     40    constexpr Effect(HeapRange reads, HeapRange writes)
     41        : reads(reads)
     42        , writes(writes)
    4143    {
    42         Effect effect;
    43         effect.reads = readRange;
    44         effect.writes = writeRange;
    45         return effect;
    4644    }
    4745
    48     static Effect forPure()
     46    constexpr Effect(HeapRange reads, HeapRange writes, HeapRange def)
     47        : reads(reads)
     48        , writes(writes)
     49        , def(def)
    4950    {
    50         Effect effect;
    51         effect.reads = HeapRange::none();
    52         effect.writes = HeapRange::none();
    53         effect.def = HeapRange::none();
    54         return effect;
    5551    }
    5652
    57     static Effect forDef(HeapRange def)
     53    constexpr static Effect forWrite(HeapRange writeRange)
    5854    {
    59         Effect effect;
    60         effect.reads = def;
    61         effect.writes = HeapRange::none();
    62         effect.def = def;
    63         return effect;
     55        return Effect(HeapRange::none(), writeRange);
    6456    }
    6557
    66     static Effect forDef(HeapRange def, HeapRange readRange, HeapRange writeRange)
     58    constexpr static Effect forRead(HeapRange readRange)
    6759    {
    68         Effect effect;
    69         effect.reads = readRange;
    70         effect.writes = writeRange;
    71         effect.def = def;
    72         return effect;
     60        return Effect(readRange, HeapRange::none());
    7361    }
    7462
    75     bool mustGenerate() const
     63    constexpr static Effect forReadWrite(HeapRange readRange, HeapRange writeRange)
     64    {
     65        return Effect(readRange, writeRange);
     66    }
     67
     68    constexpr static Effect forPure()
     69    {
     70        return Effect(HeapRange::none(), HeapRange::none(), HeapRange::none());
     71    }
     72
     73    constexpr static Effect forDef(HeapRange def)
     74    {
     75        return Effect(def, HeapRange::none(), def);
     76    }
     77
     78    constexpr static Effect forDef(HeapRange def, HeapRange readRange, HeapRange writeRange)
     79    {
     80        return Effect(readRange, writeRange, def);
     81    }
     82
     83    constexpr bool mustGenerate() const
    7684    {
    7785        return !!writes;
     
    8088
    8189} }
    82 
    83 #endif
  • trunk/Source/JavaScriptCore/domjit/DOMJITHeapRange.h

    r207787 r208320  
    2929#include <wtf/PrintStream.h>
    3030
    31 #if ENABLE(JIT)
    32 
    3331namespace JSC { namespace DOMJIT {
    3432
     
    4846    }
    4947
    50 private:
    5148    enum ConstExprTag { ConstExpr };
    5249    constexpr HeapRange(ConstExprTag, uint16_t begin, uint16_t end)
     
    5653    }
    5754
    58     template<uint16_t begin, uint16_t end>
    59     static constexpr HeapRange fromConstant()
    60     {
    61         static_assert(begin <= end, "begin <= end is the invariant of this HeapRange.");
    62         return HeapRange(ConstExpr, begin, end);
    63     }
    64 
    65 public:
    6655    enum RawRepresentationTag { RawRepresentation };
    6756    explicit constexpr HeapRange(RawRepresentationTag, uint32_t value)
     
    7059    }
    7160
    72     static HeapRange fromRaw(uint32_t value)
     61    constexpr static HeapRange fromRaw(uint32_t value)
    7362    {
    7463        return HeapRange(RawRepresentation, value);
     
    7968    uint32_t rawRepresentation() { return m_raw; }
    8069
    81     explicit operator bool() const
     70    constexpr explicit operator bool() const
    8271    {
    8372        return m_begin != m_end;
    8473    }
    8574
    86     bool operator==(const HeapRange& other) const
     75    constexpr bool operator==(const HeapRange& other) const
    8776    {
    8877        return m_begin == other.m_begin && m_end == other.m_end;
     78    }
     79
     80    constexpr bool operator!=(const HeapRange& other) const
     81    {
     82        return !operator==(other);
     83    }
     84
     85    template<uint16_t begin, uint16_t end>
     86    static constexpr HeapRange fromConstant()
     87    {
     88        static_assert(begin < end || (begin == UINT16_MAX && end == UINT16_MAX), "begin < end or the both are UINT16_MAX is the invariant of this HeapRange.");
     89        return HeapRange(ConstExpr, begin, end);
    8990    }
    9091
     
    128129
    129130} }
    130 
    131 #endif
  • trunk/Source/JavaScriptCore/ftl/FTLCapabilities.cpp

    r208235 r208320  
    274274    case ToLowerCase:
    275275    case CheckDOM:
     276    case CallDOM:
    276277    case CallDOMGetter:
    277278        // These are OK.
  • trunk/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp

    r208235 r208320  
    10601060        case CheckDOM:
    10611061            compileCheckDOM();
     1062            break;
     1063        case CallDOM:
     1064            compileCallDOM();
    10621065            break;
    10631066        case CallDOMGetter:
     
    90999102            });
    91009103        patchpoint->effects = Effects::forCheck();
     9104    }
     9105
     9106    void compileCallDOM()
     9107    {
     9108        const DOMJIT::Signature* signature = m_node->signature();
     9109
     9110        // FIXME: We should have a way to call functions with the vector of registers.
     9111        // https://bugs.webkit.org/show_bug.cgi?id=163099
     9112        Vector<LValue, JSC_DOMJIT_SIGNATURE_MAX_ARGUMENTS_INCLUDING_THIS> operands;
     9113
     9114        unsigned index = 0;
     9115        DFG_NODE_DO_TO_CHILDREN(m_graph, m_node, [&](Node*, Edge edge) {
     9116            if (!index)
     9117                operands.append(lowCell(edge));
     9118            else {
     9119                switch (signature->arguments[index - 1]) {
     9120                case SpecString:
     9121                    operands.append(lowString(edge));
     9122                    break;
     9123                case SpecInt32Only:
     9124                    operands.append(lowInt32(edge));
     9125                    break;
     9126                case SpecBoolean:
     9127                    operands.append(lowBoolean(edge));
     9128                    break;
     9129                default:
     9130                    RELEASE_ASSERT_NOT_REACHED();
     9131                    break;
     9132                }
     9133            }
     9134            ++index;
     9135        });
     9136
     9137        unsigned argumentCountIncludingThis = signature->argumentCount + 1;
     9138        LValue result;
     9139        switch (argumentCountIncludingThis) {
     9140        case 1:
     9141            result = vmCall(Int64, m_out.operation(reinterpret_cast<J_JITOperation_EP>(signature->unsafeFunction)), m_callFrame, operands[0]);
     9142            break;
     9143        case 2:
     9144            result = vmCall(Int64, m_out.operation(reinterpret_cast<J_JITOperation_EPP>(signature->unsafeFunction)), m_callFrame, operands[0], operands[1]);
     9145            break;
     9146        case 3:
     9147            result = vmCall(Int64, m_out.operation(reinterpret_cast<J_JITOperation_EPPP>(signature->unsafeFunction)), m_callFrame, operands[0], operands[1], operands[2]);
     9148            break;
     9149        default:
     9150            RELEASE_ASSERT_NOT_REACHED();
     9151            break;
     9152        }
     9153
     9154        setJSValue(result);
    91019155    }
    91029156
  • trunk/Source/JavaScriptCore/jit/JITOperations.h

    r208117 r208320  
    159159typedef EncodedJSValue (JIT_OPERATION *J_JITOperation_EP)(ExecState*, void*);
    160160typedef EncodedJSValue (JIT_OPERATION *J_JITOperation_EPP)(ExecState*, void*, void*);
     161typedef EncodedJSValue (JIT_OPERATION *J_JITOperation_EPPP)(ExecState*, void*, void*, void*);
    161162typedef EncodedJSValue (JIT_OPERATION *J_JITOperation_EPS)(ExecState*, void*, size_t);
    162163typedef EncodedJSValue (JIT_OPERATION *J_JITOperation_EPc)(ExecState*, Instruction*);
  • trunk/Source/JavaScriptCore/jit/JITThunks.cpp

    r208063 r208320  
    9191NativeExecutable* JITThunks::hostFunctionStub(VM* vm, NativeFunction function, NativeFunction constructor, const String& name)
    9292{
    93     return hostFunctionStub(vm, function, constructor, nullptr, NoIntrinsic, name);
     93    return hostFunctionStub(vm, function, constructor, nullptr, NoIntrinsic, nullptr, name);
    9494}
    9595
    96 NativeExecutable* JITThunks::hostFunctionStub(VM* vm, NativeFunction function, NativeFunction constructor, ThunkGenerator generator, Intrinsic intrinsic, const String& name)
     96NativeExecutable* JITThunks::hostFunctionStub(VM* vm, NativeFunction function, NativeFunction constructor, ThunkGenerator generator, Intrinsic intrinsic, const DOMJIT::Signature* signature, const String& name)
    9797{
    9898    ASSERT(!isCompilationThread());   
     
    111111    RefPtr<JITCode> forConstruct = adoptRef(new NativeJITCode(MacroAssemblerCodeRef::createSelfManagedCodeRef(ctiNativeConstruct(vm)), JITCode::HostCallThunk));
    112112   
    113     NativeExecutable* nativeExecutable = NativeExecutable::create(*vm, forCall, function, forConstruct, constructor, intrinsic, name);
     113    NativeExecutable* nativeExecutable = NativeExecutable::create(*vm, forCall, function, forConstruct, constructor, intrinsic, signature, name);
    114114    weakAdd(*m_hostFunctionStubMap, std::make_tuple(function, constructor, name), Weak<NativeExecutable>(nativeExecutable, this));
    115115    return nativeExecutable;
     
    118118NativeExecutable* JITThunks::hostFunctionStub(VM* vm, NativeFunction function, ThunkGenerator generator, Intrinsic intrinsic, const String& name)
    119119{
    120     return hostFunctionStub(vm, function, callHostFunctionAsConstructor, generator, intrinsic, name);
     120    return hostFunctionStub(vm, function, callHostFunctionAsConstructor, generator, intrinsic, nullptr, name);
    121121}
    122122
  • trunk/Source/JavaScriptCore/jit/JITThunks.h

    r206525 r208320  
    4040
    4141namespace JSC {
     42namespace DOMJIT {
     43class Signature;
     44}
    4245
    4346class VM;
     
    5861
    5962    NativeExecutable* hostFunctionStub(VM*, NativeFunction, NativeFunction constructor, const String& name);
    60     NativeExecutable* hostFunctionStub(VM*, NativeFunction, NativeFunction constructor, ThunkGenerator, Intrinsic, const String& name);
     63    NativeExecutable* hostFunctionStub(VM*, NativeFunction, NativeFunction constructor, ThunkGenerator, Intrinsic, const DOMJIT::Signature*, const String& name);
    6164    NativeExecutable* hostFunctionStub(VM*, NativeFunction, ThunkGenerator, Intrinsic, const String& name);
    6265
  • trunk/Source/JavaScriptCore/runtime/JSBoundFunction.cpp

    r206386 r208320  
    169169        slowCase ? boundFunctionCall : boundThisNoArgsFunctionCall,
    170170        slowCase ? NoIntrinsic : BoundThisNoArgsFunctionCallIntrinsic,
    171         canConstruct ? (slowCase ? boundFunctionConstruct : boundThisNoArgsFunctionConstruct) : callHostFunctionAsConstructor,
     171        canConstruct ? (slowCase ? boundFunctionConstruct : boundThisNoArgsFunctionConstruct) : callHostFunctionAsConstructor, nullptr,
    172172        name);
    173173    Structure* structure = getBoundFunctionStructure(vm, exec, globalObject, targetFunction);
  • trunk/Source/JavaScriptCore/runtime/JSCell.h

    r206555 r208320  
    5757template<typename T> void* allocateCell(Heap&, GCDeferralContext*, size_t);
    5858
    59 #define DECLARE_EXPORT_INFO                                             \
    60     protected:                                                          \
    61         static JS_EXPORTDATA const ::JSC::ClassInfo s_info;             \
    62     public:                                                             \
    63         static const ::JSC::ClassInfo* info() { return &s_info; }
    64 
    65 #define DECLARE_INFO                                                    \
    66     protected:                                                          \
    67         static const ::JSC::ClassInfo s_info;                           \
    68     public:                                                             \
    69         static const ::JSC::ClassInfo* info() { return &s_info; }
     59#define DECLARE_EXPORT_INFO                                                  \
     60    protected:                                                               \
     61        static JS_EXPORTDATA const ::JSC::ClassInfo s_info;                  \
     62    public:                                                                  \
     63        static constexpr const ::JSC::ClassInfo* info() { return &s_info; }
     64
     65#define DECLARE_INFO                                                         \
     66    protected:                                                               \
     67        static const ::JSC::ClassInfo s_info;                                \
     68    public:                                                                  \
     69        static constexpr const ::JSC::ClassInfo* info() { return &s_info; }
    7070
    7171class JSCell : public HeapCell {
  • trunk/Source/JavaScriptCore/runtime/JSFunction.cpp

    r208018 r208320  
    8585#endif
    8686
    87 JSFunction* JSFunction::create(VM& vm, JSGlobalObject* globalObject, int length, const String& name, NativeFunction nativeFunction, Intrinsic intrinsic, NativeFunction nativeConstructor)
    88 {
    89     NativeExecutable* executable = vm.getHostFunction(nativeFunction, intrinsic, nativeConstructor, name);
     87JSFunction* JSFunction::create(VM& vm, JSGlobalObject* globalObject, int length, const String& name, NativeFunction nativeFunction, Intrinsic intrinsic, NativeFunction nativeConstructor, const DOMJIT::Signature* signature)
     88{
     89    NativeExecutable* executable = vm.getHostFunction(nativeFunction, intrinsic, nativeConstructor, signature, name);
    9090    JSFunction* function = new (NotNull, allocateCell<JSFunction>(vm.heap)) JSFunction(vm, globalObject, globalObject->functionStructure());
    9191    // Can't do this during initialization because getHostFunction might do a GC allocation.
  • trunk/Source/JavaScriptCore/runtime/JSFunction.h

    r208018 r208320  
    4747}
    4848
     49namespace DOMJIT {
     50class Signature;
     51}
     52
     53
    4954JS_EXPORT_PRIVATE EncodedJSValue JSC_HOST_CALL callHostFunctionAsConstructor(ExecState*);
    5055
     
    6873    }
    6974
    70     JS_EXPORT_PRIVATE static JSFunction* create(VM&, JSGlobalObject*, int length, const String& name, NativeFunction, Intrinsic = NoIntrinsic, NativeFunction nativeConstructor = callHostFunctionAsConstructor);
     75    JS_EXPORT_PRIVATE static JSFunction* create(VM&, JSGlobalObject*, int length, const String& name, NativeFunction, Intrinsic = NoIntrinsic, NativeFunction nativeConstructor = callHostFunctionAsConstructor, const DOMJIT::Signature* = nullptr);
    7176   
    7277    static JSFunction* createWithInvalidatedReallocationWatchpoint(VM&, FunctionExecutable*, JSScope*);
  • trunk/Source/JavaScriptCore/runtime/JSNativeStdFunction.cpp

    r202027 r208320  
    6767JSNativeStdFunction* JSNativeStdFunction::create(VM& vm, JSGlobalObject* globalObject, int length, const String& name, NativeStdFunction&& nativeStdFunction, Intrinsic intrinsic, NativeFunction nativeConstructor)
    6868{
    69     NativeExecutable* executable = vm.getHostFunction(runStdFunction, intrinsic, nativeConstructor, name);
     69    NativeExecutable* executable = vm.getHostFunction(runStdFunction, intrinsic, nativeConstructor, nullptr, name);
    7070    NativeStdFunctionCell* functionCell = NativeStdFunctionCell::create(vm, WTFMove(nativeStdFunction));
    7171    Structure* structure = globalObject->nativeStdFunctionStructure();
  • trunk/Source/JavaScriptCore/runtime/JSObject.cpp

    r208063 r208320  
    25502550}
    25512551
     2552bool JSObject::putDirectNativeFunction(VM& vm, JSGlobalObject* globalObject, const PropertyName& propertyName, unsigned functionLength, NativeFunction nativeFunction, Intrinsic intrinsic, const DOMJIT::Signature* signature, unsigned attributes)
     2553{
     2554    StringImpl* name = propertyName.publicName();
     2555    if (!name)
     2556        name = vm.propertyNames->anonymous.impl();
     2557    ASSERT(name);
     2558
     2559    JSFunction* function = JSFunction::create(vm, globalObject, functionLength, name, nativeFunction, intrinsic, callHostFunctionAsConstructor, signature);
     2560    return putDirect(vm, propertyName, function, attributes);
     2561}
     2562
    25522563JSFunction* JSObject::putDirectBuiltinFunction(VM& vm, JSGlobalObject* globalObject, const PropertyName& propertyName, FunctionExecutable* functionExecutable, unsigned attributes)
    25532564{
  • trunk/Source/JavaScriptCore/runtime/JSObject.h

    r207652 r208320  
    4848
    4949namespace JSC {
     50namespace DOMJIT {
     51class Signature;
     52}
    5053
    5154inline JSCell* getJSFunction(JSValue value)
     
    701704    JS_EXPORT_PRIVATE bool putDirectNativeIntrinsicGetter(VM&, JSGlobalObject*, Identifier, NativeFunction, Intrinsic, unsigned attributes);
    702705    JS_EXPORT_PRIVATE bool putDirectNativeFunction(VM&, JSGlobalObject*, const PropertyName&, unsigned functionLength, NativeFunction, Intrinsic, unsigned attributes);
     706    JS_EXPORT_PRIVATE bool putDirectNativeFunction(VM&, JSGlobalObject*, const PropertyName&, unsigned functionLength, NativeFunction, Intrinsic, const DOMJIT::Signature*, unsigned attributes);
    703707    JS_EXPORT_PRIVATE JSFunction* putDirectBuiltinFunction(VM&, JSGlobalObject*, const PropertyName&, FunctionExecutable*, unsigned attributes);
    704708    JSFunction* putDirectBuiltinFunctionWithoutTransition(VM&, JSGlobalObject*, const PropertyName&, FunctionExecutable*, unsigned attributes);
  • trunk/Source/JavaScriptCore/runtime/Lookup.h

    r207859 r208320  
    2525#include "CustomGetterSetter.h"
    2626#include "DOMJITGetterSetter.h"
     27#include "DOMJITSignature.h"
    2728#include "Identifier.h"
    2829#include "IdentifierInlines.h"
     
    7677    BuiltinGenerator builtinGenerator() const { ASSERT(m_attributes & Builtin); return reinterpret_cast<BuiltinGenerator>(m_values.value1); }
    7778    NativeFunction function() const { ASSERT(m_attributes & Function); return reinterpret_cast<NativeFunction>(m_values.value1); }
    78     unsigned char functionLength() const { ASSERT(m_attributes & Function); return static_cast<unsigned char>(m_values.value2); }
     79    unsigned char functionLength() const
     80    {
     81        ASSERT(m_attributes & Function);
     82        if (m_attributes & DOMJITFunction)
     83            return signature()->argumentCount;
     84        return static_cast<unsigned char>(m_values.value2);
     85    }
    7986
    8087    GetFunction propertyGetter() const { ASSERT(!(m_attributes & BuiltinOrFunctionOrAccessorOrLazyPropertyOrConstant)); return reinterpret_cast<GetFunction>(m_values.value1); }
     
    8289
    8390    DOMJIT::GetterSetter* domJIT() const { ASSERT(m_attributes & DOMJITAttribute); return reinterpret_cast<DOMJITGetterSetterGenerator>(m_values.value1)(); }
     91    const DOMJIT::Signature* signature() const { ASSERT(m_attributes & DOMJITFunction); return reinterpret_cast<const DOMJIT::Signature*>(m_values.value2); }
    8492
    8593    NativeFunction accessorGetter() const { ASSERT(m_attributes & Accessor); return reinterpret_cast<NativeFunction>(m_values.value1); }
     
    314322
    315323    if (value.attributes() & Function) {
     324        if (value.attributes() & DOMJITFunction) {
     325            thisObj.putDirectNativeFunction(
     326                vm, thisObj.globalObject(), propertyName, value.functionLength(),
     327                value.function(), value.intrinsic(), value.signature(), attributesForStructure(value.attributes()));
     328            return;
     329        }
    316330        thisObj.putDirectNativeFunction(
    317331            vm, thisObj.globalObject(), propertyName, value.functionLength(),
  • trunk/Source/JavaScriptCore/runtime/NativeExecutable.cpp

    r208063 r208320  
    4141const ClassInfo NativeExecutable::s_info = { "NativeExecutable", &ExecutableBase::s_info, 0, CREATE_METHOD_TABLE(NativeExecutable) };
    4242
    43 NativeExecutable* NativeExecutable::create(VM& vm, PassRefPtr<JITCode> callThunk, NativeFunction function, PassRefPtr<JITCode> constructThunk, NativeFunction constructor, Intrinsic intrinsic, const String& name)
     43NativeExecutable* NativeExecutable::create(VM& vm, PassRefPtr<JITCode> callThunk, NativeFunction function, PassRefPtr<JITCode> constructThunk, NativeFunction constructor, Intrinsic intrinsic, const DOMJIT::Signature* signature, const String& name)
    4444{
    4545    NativeExecutable* executable;
    46     executable = new (NotNull, allocateCell<NativeExecutable>(vm.heap)) NativeExecutable(vm, function, constructor, intrinsic);
     46    executable = new (NotNull, allocateCell<NativeExecutable>(vm.heap)) NativeExecutable(vm, function, constructor, intrinsic, signature);
    4747    executable->finishCreation(vm, callThunk, constructThunk, name);
    4848    return executable;
     
    6969}
    7070
    71 NativeExecutable::NativeExecutable(VM& vm, NativeFunction function, NativeFunction constructor, Intrinsic intrinsic)
     71NativeExecutable::NativeExecutable(VM& vm, NativeFunction function, NativeFunction constructor, Intrinsic intrinsic, const DOMJIT::Signature* signature)
    7272    : ExecutableBase(vm, vm.nativeExecutableStructure.get(), NUM_PARAMETERS_IS_HOST, intrinsic)
    7373    , m_function(function)
    7474    , m_constructor(constructor)
     75    , m_signature(signature)
    7576{
    7677}
  • trunk/Source/JavaScriptCore/runtime/NativeExecutable.h

    r208063 r208320  
    2929
    3030namespace JSC {
     31namespace DOMJIT {
     32class Signature;
     33}
    3134
    3235class NativeExecutable final : public ExecutableBase {
     
    3740    static const unsigned StructureFlags = Base::StructureFlags | StructureIsImmortal;
    3841
    39     static NativeExecutable* create(VM& vm, PassRefPtr<JITCode> callThunk, NativeFunction function, PassRefPtr<JITCode> constructThunk, NativeFunction constructor, Intrinsic intrinsic, const String& name);
     42    static NativeExecutable* create(VM&, PassRefPtr<JITCode> callThunk, NativeFunction function, PassRefPtr<JITCode> constructThunk, NativeFunction constructor, Intrinsic, const DOMJIT::Signature*, const String& name);
    4043
    4144    static void destroy(JSCell*);
     
    6770
    6871    const String& name() const { return m_name; }
     72    const DOMJIT::Signature* signature() const { return m_signature; }
     73
     74    const DOMJIT::Signature* signatureFor(CodeSpecializationKind kind) const
     75    {
     76        if (isCall(kind))
     77            return signature();
     78        return nullptr;
     79    }
    6980
    7081protected:
     
    7485    friend class ExecutableBase;
    7586
    76     NativeExecutable(VM&, NativeFunction function, NativeFunction constructor, Intrinsic);
     87    NativeExecutable(VM&, NativeFunction function, NativeFunction constructor, Intrinsic, const DOMJIT::Signature*);
    7788
    7889    NativeFunction m_function;
    7990    NativeFunction m_constructor;
     91    const DOMJIT::Signature* m_signature;
    8092
    8193    String m_name;
  • trunk/Source/JavaScriptCore/runtime/PropertySlot.h

    r206779 r208320  
    5252    PropertyCallback  = 1 << 13, // property that is a lazy property callback - only used by static hashtables
    5353    DOMJITAttribute   = 1 << 14, // property is a DOM JIT attribute - only used by static hashtables
     54    DOMJITFunction    = 1 << 15, // property is a DOM JIT function - only used by static hashtables
    5455    BuiltinOrFunction = Builtin | Function, // helper only used by static hashtables
    5556    BuiltinOrFunctionOrLazyProperty = Builtin | Function | CellProperty | ClassStructure | PropertyCallback, // helper only used by static hashtables
  • trunk/Source/JavaScriptCore/runtime/VM.cpp

    r208309 r208320  
    517517NativeExecutable* VM::getHostFunction(NativeFunction function, NativeFunction constructor, const String& name)
    518518{
    519     return getHostFunction(function, NoIntrinsic, constructor, name);
    520 }
    521 
    522 NativeExecutable* VM::getHostFunction(NativeFunction function, Intrinsic intrinsic, NativeFunction constructor, const String& name)
     519    return getHostFunction(function, NoIntrinsic, constructor, nullptr, name);
     520}
     521
     522NativeExecutable* VM::getHostFunction(NativeFunction function, Intrinsic intrinsic, NativeFunction constructor, const DOMJIT::Signature* signature, const String& name)
    523523{
    524524#if ENABLE(JIT)
     
    527527            this, function, constructor,
    528528            intrinsic != NoIntrinsic ? thunkGeneratorForIntrinsic(intrinsic) : 0,
    529             intrinsic, name);
     529            intrinsic, signature, name);
    530530    }
    531531#else // ENABLE(JIT)
     
    535535        adoptRef(new NativeJITCode(MacroAssemblerCodeRef::createLLIntCodeRef(llint_native_call_trampoline), JITCode::HostCallThunk)), function,
    536536        adoptRef(new NativeJITCode(MacroAssemblerCodeRef::createLLIntCodeRef(llint_native_construct_trampoline), JITCode::HostCallThunk)), constructor,
    537         NoIntrinsic, name);
     537        NoIntrinsic, signature, name);
    538538}
    539539
  • trunk/Source/JavaScriptCore/runtime/VM.h

    r208209 r208320  
    430430#endif
    431431    NativeExecutable* getHostFunction(NativeFunction, NativeFunction constructor, const String& name);
    432     NativeExecutable* getHostFunction(NativeFunction, Intrinsic intrinsic, NativeFunction constructor, const String& name);
     432    NativeExecutable* getHostFunction(NativeFunction, Intrinsic, NativeFunction constructor, const DOMJIT::Signature*, const String& name);
    433433
    434434    static ptrdiff_t exceptionOffset()
  • trunk/Source/WebCore/CMakeLists.txt

    r208304 r208320  
    15381538    dom/default/PlatformMessagePortChannel.cpp
    15391539
    1540     domjit/DOMJITAbstractHeapRepository.cpp
    15411540    domjit/DOMJITHelpers.cpp
    15421541    domjit/JSDocumentDOMJIT.cpp
     
    35123511
    35133512
     3513# Generate DOMJITAbstractHeapRepository.h
     3514add_custom_command(
     3515    OUTPUT ${DERIVED_SOURCES_WEBCORE_DIR}/DOMJITAbstractHeapRepository.h
     3516    MAIN_DEPENDENCY domjit/DOMJITAbstractHeapRepository.yaml
     3517    DEPENDS ${WEBCORE_DIR}/domjit/generate-abstract-heap.rb
     3518    COMMAND ${RUBY_EXECUTABLE} ${WEBCORE_DIR}/domjit/generate-abstract-heap.rb ${WEBCORE_DIR}/domjit/DOMJITAbstractHeapRepository.yaml ${DERIVED_SOURCES_WEBCORE_DIR}/DOMJITAbstractHeapRepository.h
     3519    VERBATIM)
     3520list(APPEND WebCore_DERIVED_SOURCES ${DERIVED_SOURCES_WEBCORE_DIR}/DOMJITAbstractHeapRepository.h)
     3521
    35143522# Generate XMLViewerCSS.h
    35153523add_custom_command(
  • trunk/Source/WebCore/ChangeLog

    r208319 r208320  
     12016-11-02  Yusuke Suzuki  <utatane.tea@gmail.com>
     2
     3        [DOMJIT] Add DOMJIT::Signature
     4        https://bugs.webkit.org/show_bug.cgi?id=162980
     5
     6        Reviewed by Saam Barati and Sam Weinig.
     7
     8        We introduce DOMJIT::Signature. This signature object is automatically generated by IDL code generator.
     9        It holds (1) types, (2) pointer to the unsafe function (the function without checks), and (3) the effect
     10        of the function. We use constexpr to initialize DOMJIT::Signature without invoking global constructors.
     11        Thus the content is embedded into the binary as the constant values.
     12
     13        We also clean up the IDL code generator related to DOMJIT part. Instead of switching things inside IDL
     14        code generator, we use C++ template to dispatch things at compile time. This template meta programming
     15        is highly utilized in IDL these days.
     16
     17        To make DOMJIT::Signature constexpr, we also need to define DOMJIT abstract heap things in the build time.
     18        To do so, we introduce a tiny Ruby script to calculate the range of abstract heaps. We can offer the abstract
     19        heap tree as YAML format and the script will produce a C++ header holding the calculated abstract heap ranges
     20
     21        * CMakeLists.txt:
     22        * DerivedSources.make:
     23        * ForwardingHeaders/bytecode/SpeculatedType.h: Renamed from Source/WebCore/domjit/DOMJITAbstractHeapRepository.h.
     24        * ForwardingHeaders/domjit/DOMJITSignature.h: Renamed from Source/WebCore/domjit/DOMJITAbstractHeapRepository.cpp.
     25        * WebCore.xcodeproj/project.pbxproj:
     26        * bindings/js/JSDOMGlobalObject.h:
     27        * bindings/scripts/CodeGeneratorJS.pm:
     28        (GenerateHeader):
     29        (GeneratePropertiesHashTable):
     30        (GetUnsafeArgumentType):
     31        (GetArgumentTypeFilter):
     32        (GetResultTypeFilter):
     33        (GenerateImplementation):
     34        (UnsafeToNative):
     35        (GenerateHashTableValueArray):
     36        (ComputeFunctionSpecial):
     37        * bindings/scripts/IDLAttributes.txt:
     38        * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
     39        (WebCore::BindingCaller<JSTestDOMJIT>::castForOperation):
     40        (WebCore::TestDOMJITAnyAttrDOMJIT::TestDOMJITAnyAttrDOMJIT):
     41        (WebCore::TestDOMJITBooleanAttrDOMJIT::TestDOMJITBooleanAttrDOMJIT):
     42        (WebCore::TestDOMJITByteAttrDOMJIT::TestDOMJITByteAttrDOMJIT):
     43        (WebCore::TestDOMJITOctetAttrDOMJIT::TestDOMJITOctetAttrDOMJIT):
     44        (WebCore::TestDOMJITShortAttrDOMJIT::TestDOMJITShortAttrDOMJIT):
     45        (WebCore::TestDOMJITUnsignedShortAttrDOMJIT::TestDOMJITUnsignedShortAttrDOMJIT):
     46        (WebCore::TestDOMJITLongAttrDOMJIT::TestDOMJITLongAttrDOMJIT):
     47        (WebCore::TestDOMJITUnsignedLongAttrDOMJIT::TestDOMJITUnsignedLongAttrDOMJIT):
     48        (WebCore::TestDOMJITLongLongAttrDOMJIT::TestDOMJITLongLongAttrDOMJIT):
     49        (WebCore::TestDOMJITUnsignedLongLongAttrDOMJIT::TestDOMJITUnsignedLongLongAttrDOMJIT):
     50        (WebCore::TestDOMJITFloatAttrDOMJIT::TestDOMJITFloatAttrDOMJIT):
     51        (WebCore::TestDOMJITUnrestrictedFloatAttrDOMJIT::TestDOMJITUnrestrictedFloatAttrDOMJIT):
     52        (WebCore::TestDOMJITDoubleAttrDOMJIT::TestDOMJITDoubleAttrDOMJIT):
     53        (WebCore::TestDOMJITUnrestrictedDoubleAttrDOMJIT::TestDOMJITUnrestrictedDoubleAttrDOMJIT):
     54        (WebCore::TestDOMJITDomStringAttrDOMJIT::TestDOMJITDomStringAttrDOMJIT):
     55        (WebCore::TestDOMJITByteStringAttrDOMJIT::TestDOMJITByteStringAttrDOMJIT):
     56        (WebCore::TestDOMJITUsvStringAttrDOMJIT::TestDOMJITUsvStringAttrDOMJIT):
     57        (WebCore::TestDOMJITNodeAttrDOMJIT::TestDOMJITNodeAttrDOMJIT):
     58        (WebCore::TestDOMJITBooleanNullableAttrDOMJIT::TestDOMJITBooleanNullableAttrDOMJIT):
     59        (WebCore::TestDOMJITByteNullableAttrDOMJIT::TestDOMJITByteNullableAttrDOMJIT):
     60        (WebCore::TestDOMJITOctetNullableAttrDOMJIT::TestDOMJITOctetNullableAttrDOMJIT):
     61        (WebCore::TestDOMJITShortNullableAttrDOMJIT::TestDOMJITShortNullableAttrDOMJIT):
     62        (WebCore::TestDOMJITUnsignedShortNullableAttrDOMJIT::TestDOMJITUnsignedShortNullableAttrDOMJIT):
     63        (WebCore::TestDOMJITLongNullableAttrDOMJIT::TestDOMJITLongNullableAttrDOMJIT):
     64        (WebCore::TestDOMJITUnsignedLongNullableAttrDOMJIT::TestDOMJITUnsignedLongNullableAttrDOMJIT):
     65        (WebCore::TestDOMJITLongLongNullableAttrDOMJIT::TestDOMJITLongLongNullableAttrDOMJIT):
     66        (WebCore::TestDOMJITUnsignedLongLongNullableAttrDOMJIT::TestDOMJITUnsignedLongLongNullableAttrDOMJIT):
     67        (WebCore::TestDOMJITFloatNullableAttrDOMJIT::TestDOMJITFloatNullableAttrDOMJIT):
     68        (WebCore::TestDOMJITUnrestrictedFloatNullableAttrDOMJIT::TestDOMJITUnrestrictedFloatNullableAttrDOMJIT):
     69        (WebCore::TestDOMJITDoubleNullableAttrDOMJIT::TestDOMJITDoubleNullableAttrDOMJIT):
     70        (WebCore::TestDOMJITUnrestrictedDoubleNullableAttrDOMJIT::TestDOMJITUnrestrictedDoubleNullableAttrDOMJIT):
     71        (WebCore::TestDOMJITDomStringNullableAttrDOMJIT::TestDOMJITDomStringNullableAttrDOMJIT):
     72        (WebCore::TestDOMJITByteStringNullableAttrDOMJIT::TestDOMJITByteStringNullableAttrDOMJIT):
     73        (WebCore::TestDOMJITUsvStringNullableAttrDOMJIT::TestDOMJITUsvStringNullableAttrDOMJIT):
     74        (WebCore::TestDOMJITNodeNullableAttrDOMJIT::TestDOMJITNodeNullableAttrDOMJIT):
     75        (WebCore::jsTestDOMJITPrototypeFunctionGetAttribute):
     76        (WebCore::jsTestDOMJITPrototypeFunctionGetAttributeCaller):
     77        (WebCore::unsafeJsTestDOMJITPrototypeFunctionGetAttribute):
     78        (WebCore::jsTestDOMJITPrototypeFunctionItem):
     79        (WebCore::jsTestDOMJITPrototypeFunctionItemCaller):
     80        (WebCore::unsafeJsTestDOMJITPrototypeFunctionItem):
     81        (WebCore::jsTestDOMJITPrototypeFunctionHasAttribute):
     82        (WebCore::jsTestDOMJITPrototypeFunctionHasAttributeCaller):
     83        (WebCore::unsafeJsTestDOMJITPrototypeFunctionHasAttribute):
     84        (WebCore::jsTestDOMJITPrototypeFunctionGetElementById):
     85        (WebCore::jsTestDOMJITPrototypeFunctionGetElementByIdCaller):
     86        (WebCore::unsafeJsTestDOMJITPrototypeFunctionGetElementById):
     87        (WebCore::jsTestDOMJITPrototypeFunctionGetElementsByName):
     88        (WebCore::jsTestDOMJITPrototypeFunctionGetElementsByNameCaller):
     89        (WebCore::unsafeJsTestDOMJITPrototypeFunctionGetElementsByName):
     90        * bindings/scripts/test/TestDOMJIT.idl:
     91        * dom/Element.idl:
     92        * domjit/DOMJITAbstractHeapRepository.yaml: Added.
     93        * domjit/DOMJITIDLConvert.h: Added.
     94        (WebCore::DOMJIT::DirectConverter<IDLDOMString>::directConvert<StringConversionConfiguration::Normal>):
     95        * domjit/DOMJITIDLType.h: Added.
     96        * domjit/DOMJITIDLTypeFilter.h: Added.
     97        * domjit/JSDocumentDOMJIT.cpp:
     98        (WebCore::DocumentDocumentElementDOMJIT::callDOMGetter):
     99        * domjit/JSNodeDOMJIT.cpp:
     100        (WebCore::NodeFirstChildDOMJIT::callDOMGetter):
     101        (WebCore::NodeLastChildDOMJIT::callDOMGetter):
     102        (WebCore::NodeNextSiblingDOMJIT::callDOMGetter):
     103        (WebCore::NodePreviousSiblingDOMJIT::callDOMGetter):
     104        (WebCore::NodeParentNodeDOMJIT::callDOMGetter):
     105        (WebCore::NodeOwnerDocumentDOMJIT::callDOMGetter):
     106        * domjit/generate-abstract-heap.rb: Added.
     107
    11082016-11-02  Simon Fraser  <simon.fraser@apple.com>
    2109
  • trunk/Source/WebCore/DerivedSources.make

    r208276 r208320  
    748748PYTHON = python
    749749PERL = perl
     750RUBY = ruby
    750751
    751752ifeq ($(OS),Windows_NT)
     
    854855    CSSValueKeywords.h \
    855856    ColorData.cpp \
     857    DOMJITAbstractHeapRepository.h \
    856858    EventInterfaces.h \
    857859    EventTargetInterfaces.h \
     
    943945# --------
    944946
     947# DOMJIT Abstract Heap
     948
     949all : DOMJITAbstractHeapRepository.h
     950
     951DOMJITAbstractHeapRepository.h : $(WebCore)/domjit/generate-abstract-heap.rb $(WebCore)/domjit/DOMJITAbstractHeapRepository.yaml
     952        $(RUBY) "$(WebCore)/domjit/generate-abstract-heap.rb" $(WebCore)/domjit/DOMJITAbstractHeapRepository.yaml ./DOMJITAbstractHeapRepository.h
     953
     954# --------
     955
    945956# XMLViewer CSS
    946957
  • trunk/Source/WebCore/ForwardingHeaders/bytecode/SpeculatedType.h

    r208319 r208320  
    2424 */
    2525
    26 #pragma once
    27 
    28 #include <domjit/DOMJITHeapRange.h>
    29 #include <wtf/NeverDestroyed.h>
    30 #include <wtf/Noncopyable.h>
    31 
    32 #if ENABLE(JIT)
    33 
    34 namespace WebCore { namespace DOMJIT {
    35 
    36 // Describe your abstract heap hierarchy here.
    37 // V(AbstractHeapName, Parent)
    38 #define DOMJIT_ABSTRACT_HEAP_LIST(V) \
    39     V(Node, DOM) \
    40     V(Node_firstChild, Node) \
    41     V(Node_lastChild, Node) \
    42     V(Node_parentNode, Node) \
    43     V(Node_nextSibling, Node) \
    44     V(Node_previousSibling, Node) \
    45     V(Node_ownerDocument, Node) \
    46     V(Document, DOM) \
    47     V(Document_documentElement, Document) \
    48 
    49 
    50 class AbstractHeapRepository {
    51     WTF_MAKE_NONCOPYABLE(AbstractHeapRepository);
    52 public:
    53     static const AbstractHeapRepository& shared();
    54 
    55     JSC::DOMJIT::HeapRange DOM;
    56 
    57 #define DOMJIT_DEFINE_MEMBER(name, parent) JSC::DOMJIT::HeapRange name;
    58     DOMJIT_ABSTRACT_HEAP_LIST(DOMJIT_DEFINE_MEMBER)
    59 #undef DOMJIT_DEFINE_MEMBER
    60 
    61     AbstractHeapRepository();
    62 };
    63 
    64 } }
    65 
     26#ifndef WebCore_FWD_SpeculatedType_h
     27#define WebCore_FWD_SpeculatedType_h
     28#include <JavaScriptCore/SpeculatedType.h>
    6629#endif
  • trunk/Source/WebCore/ForwardingHeaders/domjit/DOMJITSignature.h

    r208319 r208320  
    2424 */
    2525
    26 #include "config.h"
    27 #include "DOMJITAbstractHeapRepository.h"
    28 
    29 #include <domjit/DOMJITAbstractHeap.h>
    30 #include <wtf/DataLog.h>
    31 #include <wtf/NeverDestroyed.h>
    32 
    33 #if ENABLE(JIT)
    34 
    35 namespace WebCore { namespace DOMJIT {
    36 
    37 static const bool verbose = false;
    38 
    39 AbstractHeapRepository::AbstractHeapRepository()
    40 {
    41     JSC::DOMJIT::AbstractHeap DOMHeap("DOM");
    42 #define DOMJIT_DEFINE_HEAP(name, parent) JSC::DOMJIT::AbstractHeap name##Heap(#name);
    43     DOMJIT_ABSTRACT_HEAP_LIST(DOMJIT_DEFINE_HEAP)
    44 #undef DOMJIT_DEFINE_HEAP
    45 
    46 #define DOMJIT_INITIALIZE_HEAP(name, parent) name##Heap.setParent(&parent##Heap);
    47     DOMJIT_ABSTRACT_HEAP_LIST(DOMJIT_INITIALIZE_HEAP)
    48 #undef DOMJIT_INITIALIZE_HEAP
    49 
    50     DOMHeap.compute(0);
    51 
    52 #define DOMJIT_INITIALIZE_MEMBER(name, parent) name = name##Heap.range();
    53     DOMJIT_ABSTRACT_HEAP_LIST(DOMJIT_INITIALIZE_MEMBER)
    54 #undef DOMJIT_INITIALIZE_MEMBER
    55 
    56     if (verbose) {
    57         dataLog("DOMJIT Heap Repository:\n");
    58         DOMHeap.deepDump(WTF::dataFile());
    59     }
    60 }
    61 
    62 const AbstractHeapRepository& AbstractHeapRepository::shared()
    63 {
    64     static NeverDestroyed<AbstractHeapRepository> repository;
    65     return repository.get();
    66 }
    67 
    68 } }
    69 
     26#ifndef WebCore_FWD_DOMJITSignature_h
     27#define WebCore_FWD_DOMJITSignature_h
     28#include <JavaScriptCore/DOMJITSignature.h>
    7029#endif
  • trunk/Source/WebCore/WebCore.xcodeproj/project.pbxproj

    r208306 r208320  
    62176217                E318039D1DC40099009932C2 /* JSDynamicDowncast.h in Headers */ = {isa = PBXBuildFile; fileRef = E3A5872E1DC3F52600F607A6 /* JSDynamicDowncast.h */; settings = {ATTRIBUTES = (Private, ); }; };
    62186218                E3565B7B1DC2D6C900217DBD /* JSEventCustom.h in Headers */ = {isa = PBXBuildFile; fileRef = E34EE49F1DC2D57500EAA9D3 /* JSEventCustom.h */; settings = {ATTRIBUTES = (Private, ); }; };
    6219                 E35CA14D1DBC3A3F00F83516 /* DOMJITAbstractHeapRepository.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E35CA14B1DBC3A3C00F83516 /* DOMJITAbstractHeapRepository.cpp */; };
    6220                 E35CA14E1DBC3A4200F83516 /* DOMJITAbstractHeapRepository.h in Headers */ = {isa = PBXBuildFile; fileRef = E35CA14C1DBC3A3C00F83516 /* DOMJITAbstractHeapRepository.h */; };
     6219                E35802B61DC8435D00A9773C /* DOMJITIDLTypeFilter.h in Headers */ = {isa = PBXBuildFile; fileRef = E35802B51DC8435800A9773C /* DOMJITIDLTypeFilter.h */; settings = {ATTRIBUTES = (Private, ); }; };
    62216220                E377FE4D1DADE16500CDD025 /* NodeConstants.h in Headers */ = {isa = PBXBuildFile; fileRef = E3D049931DADC04500718F3C /* NodeConstants.h */; settings = {ATTRIBUTES = (Private, ); }; };
    62226221                E38838981BAD145F00D62EE3 /* ScriptModuleLoader.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E38838941BAD145F00D62EE3 /* ScriptModuleLoader.cpp */; };
    62236222                E38838991BAD145F00D62EE3 /* ScriptModuleLoader.h in Headers */ = {isa = PBXBuildFile; fileRef = E38838951BAD145F00D62EE3 /* ScriptModuleLoader.h */; };
    62246223                E398FC241DC32A20003C4684 /* DOMJITHelpers.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E398FC231DC32A1B003C4684 /* DOMJITHelpers.cpp */; };
     6224                E3A776671DC85D2800B690D8 /* DOMJITIDLConvert.h in Headers */ = {isa = PBXBuildFile; fileRef = E3A776651DC85D2200B690D8 /* DOMJITIDLConvert.h */; settings = {ATTRIBUTES = (Private, ); }; };
     6225                E3A776681DC85D2800B690D8 /* DOMJITIDLType.h in Headers */ = {isa = PBXBuildFile; fileRef = E3A776661DC85D2200B690D8 /* DOMJITIDLType.h */; settings = {ATTRIBUTES = (Private, ); }; };
    62256226                E3B2F0EB1D7F4C9D00B0C9D1 /* LoadableClassicScript.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E3B2F0E31D7F35EC00B0C9D1 /* LoadableClassicScript.cpp */; };
    62266227                E3B2F0EC1D7F4CA100B0C9D1 /* LoadableScript.cpp in Sources */ = {isa = PBXBuildFile; fileRef = E3B2F0E91D7F3D3C00B0C9D1 /* LoadableScript.cpp */; };
     
    1407714078                E1FF8F6B180DB5BE00132674 /* CryptoAlgorithmRegistry.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CryptoAlgorithmRegistry.h; sourceTree = "<group>"; };
    1407814079                E3150EA51DA7218D00194012 /* DOMJITHelpers.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DOMJITHelpers.h; sourceTree = "<group>"; };
     14080                E334825E1DC93AA0009C9544 /* DOMJITAbstractHeapRepository.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DOMJITAbstractHeapRepository.h; sourceTree = "<group>"; };
    1407914081                E34EE49F1DC2D57500EAA9D3 /* JSEventCustom.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSEventCustom.h; sourceTree = "<group>"; };
    14080                 E35CA14B1DBC3A3C00F83516 /* DOMJITAbstractHeapRepository.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = DOMJITAbstractHeapRepository.cpp; sourceTree = "<group>"; };
    14081                 E35CA14C1DBC3A3C00F83516 /* DOMJITAbstractHeapRepository.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DOMJITAbstractHeapRepository.h; sourceTree = "<group>"; };
     14082                E35802B51DC8435800A9773C /* DOMJITIDLTypeFilter.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DOMJITIDLTypeFilter.h; sourceTree = "<group>"; };
    1408214083                E38838941BAD145F00D62EE3 /* ScriptModuleLoader.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ScriptModuleLoader.cpp; sourceTree = "<group>"; };
    1408314084                E38838951BAD145F00D62EE3 /* ScriptModuleLoader.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ScriptModuleLoader.h; sourceTree = "<group>"; };
    1408414085                E398FC231DC32A1B003C4684 /* DOMJITHelpers.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = DOMJITHelpers.cpp; sourceTree = "<group>"; };
    1408514086                E3A5872E1DC3F52600F607A6 /* JSDynamicDowncast.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSDynamicDowncast.h; sourceTree = "<group>"; };
     14087                E3A776651DC85D2200B690D8 /* DOMJITIDLConvert.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DOMJITIDLConvert.h; sourceTree = "<group>"; };
     14088                E3A776661DC85D2200B690D8 /* DOMJITIDLType.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = DOMJITIDLType.h; sourceTree = "<group>"; };
    1408614089                E3AFA9641DA6E908002861BD /* JSNodeDOMJIT.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSNodeDOMJIT.cpp; sourceTree = "<group>"; };
    1408714090                E3B2F0E31D7F35EC00B0C9D1 /* LoadableClassicScript.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = LoadableClassicScript.cpp; sourceTree = "<group>"; };
     
    1728117284                                6565814809D13043000E61D7 /* CSSValueKeywords.h */,
    1728217285                                9B3A8871145632F9003AE8F5 /* DOMDOMSettableTokenList.h */,
     17286                                E334825E1DC93AA0009C9544 /* DOMJITAbstractHeapRepository.h */,
    1728317287                                E1C6CFC21746D293007B87A1 /* DOMWindowConstructors.idl */,
    1728417288                                970B72A5145008EB00F00A37 /* EventHeaders.h */,
     
    2289822902                        isa = PBXGroup;
    2289922903                        children = (
    22900                                 E35CA14B1DBC3A3C00F83516 /* DOMJITAbstractHeapRepository.cpp */,
    22901                                 E35CA14C1DBC3A3C00F83516 /* DOMJITAbstractHeapRepository.h */,
    2290222904                                E3C99A081DC3D41700794AD3 /* DOMJITCheckDOM.h */,
    2290322905                                E398FC231DC32A1B003C4684 /* DOMJITHelpers.cpp */,
    2290422906                                E3150EA51DA7218D00194012 /* DOMJITHelpers.h */,
     22907                                E3A776651DC85D2200B690D8 /* DOMJITIDLConvert.h */,
     22908                                E3A776661DC85D2200B690D8 /* DOMJITIDLType.h */,
     22909                                E35802B51DC8435800A9773C /* DOMJITIDLTypeFilter.h */,
    2290522910                                E3B7C0621DC3415A001FB0B8 /* JSDocumentDOMJIT.cpp */,
    2290622911                                E3AFA9641DA6E908002861BD /* JSNodeDOMJIT.cpp */,
     
    2576925774                                BCBFB53D0DCD29CF0019B3E5 /* JSDOMWindowShell.h in Headers */,
    2577025775                                65E0E9441133C89F00B4CB10 /* JSDOMWrapper.h in Headers */,
     25776                                E3A776671DC85D2800B690D8 /* DOMJITIDLConvert.h in Headers */,
    2577125777                                FD7868BA136B999200D403DF /* JSDynamicsCompressorNode.h in Headers */,
    2577225778                                65DF31FA09D1CC60000BE325 /* JSElement.h in Headers */,
     
    2733427340                                084DB59B128008CC002A6D64 /* SVGAnimatedString.h in Headers */,
    2733527341                                08250939128BD4D800E2ED8E /* SVGAnimatedTransformList.h in Headers */,
     27342                                E3A776681DC85D2800B690D8 /* DOMJITIDLType.h in Headers */,
    2733627343                                085A15931289A8DD002710E3 /* SVGAnimatedTransformListPropertyTearOff.h in Headers */,
    2733727344                                439D334313A6911C00C20F4F /* SVGAnimatedType.h in Headers */,
     
    2787127878                                4A5A2ADC161E7E00005889DD /* WebSocketExtensionParser.h in Headers */,
    2787227879                                97AABD2414FA09D5007457AE /* WebSocketExtensionProcessor.h in Headers */,
     27880                                E35802B61DC8435D00A9773C /* DOMJITIDLTypeFilter.h in Headers */,
    2787327881                                97AABD2514FA09D5007457AE /* WebSocketFrame.h in Headers */,
    2787427882                                97AABD2714FA09D5007457AE /* WebSocketHandshake.h in Headers */,
  • trunk/Source/WebCore/bindings/js/JSDOMGlobalObject.h

    r208179 r208320  
    8282        ~JSDOMGlobalObject();
    8383
    84         static const JSC::ClassInfo* info() { return &s_info; }
     84        static constexpr const JSC::ClassInfo* info() { return &s_info; }
    8585
    8686        static JSC::Structure* createStructure(JSC::VM& vm, JSC::JSValue prototype)
  • trunk/Source/WebCore/bindings/scripts/CodeGeneratorJS.pm

    r208308 r208320  
    14721472        push(@headerContent, "    static const JSC::ClassInfo s_info;\n");
    14731473        push(@headerContent, "public:\n");
    1474         push(@headerContent, "    static const JSC::ClassInfo* info() { return &s_info; }\n\n");
     1474        push(@headerContent, "    static constexpr const JSC::ClassInfo* info() { return &s_info; }\n\n");
    14751475    } else {
    14761476        push(@headerContent, "\n");
     
    19261926        $functionLength = 3 if $interfaceName eq "Event" and $function->name eq "initEvent";
    19271927
    1928         push(@$hashValue2, $functionLength);
     1928        if ($function->extendedAttributes->{DOMJIT}) {
     1929            push(@$hashValue2, "&DOMJITSignatureFor" . $interface->type->name . $codeGenerator->WK_ucfirst($function->name));
     1930        } else {
     1931            push(@$hashValue2, $functionLength);
     1932        }
    19291933
    19301934        push(@$hashSpecials, ComputeFunctionSpecial($interface, $function));
     
    25422546}
    25432547
     2548sub GetUnsafeArgumentType
     2549{
     2550    my ($interface, $type) = @_;
     2551
     2552    my $IDLType = GetIDLType($interface, $type);
     2553    return "DOMJIT::IDLJSArgumentType<${IDLType}>";
     2554}
     2555
     2556sub GetArgumentTypeFilter
     2557{
     2558    my ($interface, $type) = @_;
     2559
     2560    my $IDLType = GetIDLType($interface, $type);
     2561    return "DOMJIT::IDLArgumentTypeFilter<${IDLType}>::value";
     2562}
     2563
    25442564sub GetResultTypeFilter
    25452565{
    2546     my ($type) = @_;
    2547 
    2548     my %TypeFilters = (
    2549         "any" => "SpecHeapTop",
    2550         "boolean" => "SpecBoolean",
    2551         "byte" => "SpecInt32Only",
    2552         "octet" => "SpecInt32Only",
    2553         "short" => "SpecInt32Only",
    2554         "unsigned short" => "SpecInt32Only",
    2555         "long" => "SpecInt32Only",
    2556         "unsigned long" => "SpecBytecodeNumber",
    2557         "long long" => "SpecBytecodeNumber",
    2558         "unsigned long long" => "SpecBytecodeNumber",
    2559         "float" => "SpecBytecodeNumber",
    2560         "unrestricted float" => "SpecBytecodeNumber",
    2561         "double" => "SpecBytecodeNumber",
    2562         "unrestricted double" => "SpecBytecodeNumber",
    2563         "DOMString" => "SpecString",
    2564         "ByteString" => "SpecString",
    2565         "USVString" => "SpecString",
    2566     );
    2567 
    2568     if (exists $TypeFilters{$type->name}) {
    2569         my $resultType = "JSC::$TypeFilters{$type->name}";
    2570         if ($type->isNullable) {
    2571             die "\"any\" type must not become nullable." if $type->name eq "any";
    2572             $resultType = "($resultType | JSC::SpecOther)";
    2573         }
    2574         return $resultType;
    2575     }
    2576     return "SpecHeapTop";
     2566    my ($interface, $type) = @_;
     2567
     2568    my $IDLType = GetIDLType($interface, $type);
     2569    return "DOMJIT::IDLResultTypeFilter<${IDLType}>::value";
    25772570}
    25782571
     
    26452638            my $functionName = GetFunctionName($interface, $className, $function);
    26462639            push(@implContent, "JSC::EncodedJSValue JSC_HOST_CALL ${functionName}(JSC::ExecState*);\n");
     2640            if ($function->extendedAttributes->{DOMJIT}) {
     2641                $implIncludes{"DOMJITIDLType.h"} = 1;
     2642                my $unsafeFunctionName = "unsafe" . $codeGenerator->WK_ucfirst($functionName);
     2643                my $functionSignature = "JSC::EncodedJSValue JSC_HOST_CALL ${unsafeFunctionName}(JSC::ExecState*, $className*";
     2644                foreach my $argument (@{$function->arguments}) {
     2645                    my $type = $argument->type;
     2646                    my $argumentType = GetUnsafeArgumentType($interface, $type);
     2647                    $functionSignature .= ", ${argumentType}";
     2648                }
     2649                push(@implContent, $functionSignature . ");\n");
     2650            }
    26472651            push(@implContent, "#endif\n") if $conditionalString;
    26482652        }
     
    26792683
    26802684        push(@implContent, "\n");
     2685    }
     2686
     2687    if ($numFunctions > 0) {
     2688        foreach my $function (@functions) {
     2689            next unless $function->extendedAttributes->{DOMJIT};
     2690            $implIncludes{"DOMJITIDLTypeFilter.h"} = 1;
     2691            $implIncludes{"DOMJITCheckDOM.h"} = 1;
     2692            $implIncludes{"DOMJITAbstractHeapRepository.h"} = 1;
     2693
     2694            my $isOverloaded = $function->{overloads} && @{$function->{overloads}} > 1;
     2695            die "Overloads is not supported in DOMJIT" if $isOverloaded;
     2696            die "Currently ReadDOM value is only allowed" unless $codeGenerator->ExtendedAttributeContains($function->extendedAttributes->{DOMJIT}, "ReadDOM");
     2697
     2698            my $interfaceName = $interface->type->name;
     2699            my $functionName = GetFunctionName($interface, $className, $function);
     2700            my $unsafeFunctionName = "unsafe" . $codeGenerator->WK_ucfirst($functionName);
     2701            my $domJITSignatureName = "DOMJITSignatureFor" . $interface->type->name . $codeGenerator->WK_ucfirst($function->name);
     2702            my $classInfo = "JS" . $interface->type->name . "::info()";
     2703            my $resultType = GetResultTypeFilter($interface, $function->type);
     2704            my $domJITSignature = "static const JSC::DOMJIT::Signature ${domJITSignatureName}((uintptr_t)${unsafeFunctionName}, DOMJIT::checkDOM<$interfaceName>, $classInfo, JSC::DOMJIT::Effect::forRead(DOMJIT::AbstractHeapRepository::DOM), ${resultType}";
     2705            foreach my $argument (@{$function->arguments}) {
     2706                my $type = $argument->type;
     2707                my $argumentType = GetArgumentTypeFilter($interface, $type);
     2708                $domJITSignature .= ", ${argumentType}";
     2709            }
     2710            my $conditionalString = $codeGenerator->GenerateConditionalString($function);
     2711            push(@implContent, "#if ${conditionalString}\n") if $conditionalString;
     2712            push(@implContent, $domJITSignature . ");\n");
     2713            push(@implContent, "#endif\n") if $conditionalString;
     2714            push(@implContent, "\n");
     2715        }
    26812716    }
    26822717
     
    27772812
    27782813            my $functionLength = GetFunctionLength($function);
    2779             push(@hashValue2, $functionLength);
     2814            if ($function->extendedAttributes->{DOMJIT}) {
     2815                push(@hashValue2, "DOMJITFunctionFor" . $interface->type->name . $codeGenerator->WK_ucfirst($function->name));
     2816            } else {
     2817                push(@hashValue2, $functionLength);
     2818            }
    27802819
    27812820            push(@hashSpecials, ComputeFunctionSpecial($interface, $function));
     
    33393378            if ($attribute->extendedAttributes->{"DOMJIT"}) {
    33403379                $implIncludes{"<wtf/NeverDestroyed.h>"} = 1;
     3380                $implIncludes{"DOMJITIDLTypeFilter.h"} = 1;
    33413381                my $interfaceName = $interface->type->name;
    33423382                my $attributeName = $attribute->name;
     
    33453385                my $getter = GetAttributeGetterName($interface, $generatorName, $attribute);
    33463386                my $setter = IsReadonly($attribute) ? "nullptr" : GetAttributeSetterName($interface, $generatorName, $attribute);
    3347                 my $resultType = GetResultTypeFilter($attribute->type);
     3387                my $resultType = GetResultTypeFilter($interface, $attribute->type);
    33483388                push(@implContent, "$domJITClassName::$domJITClassName()\n");
    33493389                push(@implContent, "    : JSC::DOMJIT::GetterSetter($getter, $setter, ${className}::info(), $resultType)\n");
     
    38393879
    38403880            push(@implContent, "}\n\n");
     3881
     3882            if ($function->extendedAttributes->{DOMJIT}) {
     3883                $implIncludes{"<interpreter/FrameTracers.h>"} = 1;
     3884                my $unsafeFunctionName = "unsafe" . $codeGenerator->WK_ucfirst($functionName);
     3885                push(@implContent, "JSC::EncodedJSValue JSC_HOST_CALL ${unsafeFunctionName}(JSC::ExecState* state, $className* castedThis");
     3886                foreach my $argument (@{$function->arguments}) {
     3887                    my $type = $argument->type;
     3888                    my $argumentType = GetUnsafeArgumentType($interface, $type);
     3889                    my $name = $argument->name;
     3890                    my $encodedName = "encoded" . $codeGenerator->WK_ucfirst($name);
     3891                    push(@implContent, ", ${argumentType} ${encodedName}");
     3892                }
     3893                push(@implContent, ")\n");
     3894                push(@implContent, "{\n");
     3895                push(@implContent, "    UNUSED_PARAM(state);\n");
     3896                push(@implContent, "    VM& vm = state->vm();\n");
     3897                push(@implContent, "    JSC::NativeCallFrameTracer tracer(&vm, state);\n");
     3898                push(@implContent, "    auto throwScope = DECLARE_THROW_SCOPE(vm);\n");
     3899                push(@implContent, "    UNUSED_PARAM(throwScope);\n");
     3900                push(@implContent, "    auto& impl = castedThis->wrapped();\n");
     3901                my @arguments;
     3902                my $implFunctionName;
     3903                my $implementedBy = $function->extendedAttributes->{ImplementedBy};
     3904
     3905                if ($implementedBy) {
     3906                    AddToImplIncludes("${implementedBy}.h", $function->extendedAttributes->{Conditional});
     3907                    unshift(@arguments, "impl") if !$function->isStatic;
     3908                    $implFunctionName = "WebCore::${implementedBy}::${functionImplementationName}";
     3909                } elsif ($function->isStatic) {
     3910                    $implFunctionName = "${interfaceName}::${functionImplementationName}";
     3911                } elsif ($svgPropertyOrListPropertyType and !$svgListPropertyType) {
     3912                    $implFunctionName = "podImpl.${functionImplementationName}";
     3913                } else {
     3914                    $implFunctionName = "impl.${functionImplementationName}";
     3915                }
     3916
     3917                foreach my $argument (@{$function->arguments}) {
     3918                    my $value = "";
     3919                    my $type = $argument->type;
     3920                    my $name = $argument->name;
     3921                    my $encodedName = "encoded" . $codeGenerator->WK_ucfirst($name);
     3922                    my $nativeType = GetNativeType($interface, $argument->type);
     3923                    my $isTearOff = $codeGenerator->IsSVGTypeNeedingTearOff($type) && $interfaceName !~ /List$/;
     3924                    die "TearOff type is not allowed" if $isTearOff;
     3925                    my $shouldPassByReference = ShouldPassWrapperByReference($argument, $interface);
     3926
     3927                    if (!$shouldPassByReference && ($codeGenerator->IsWrapperType($type) || $codeGenerator->IsTypedArrayType($type))) {
     3928                        $implIncludes{"<runtime/Error.h>"} = 1;
     3929                        my ($nativeValue, $mayThrowException) = UnsafeToNative($interface, $argument, $encodedName, $function->extendedAttributes->{Conditional});
     3930                        push(@implContent, "    $nativeType $name = nullptr;\n");
     3931                        push(@implContent, "    $name = $nativeValue;\n");
     3932                        push(@implContent, "    RETURN_IF_EXCEPTION(throwScope, encodedJSValue());\n") if $mayThrowException;
     3933                        $value = "WTFMove($name)";
     3934                    } else {
     3935                        my ($nativeValue, $mayThrowException) = UnsafeToNative($interface, $argument, $encodedName, $function->extendedAttributes->{Conditional});
     3936                        push(@implContent, "    auto $name = ${nativeValue};\n");
     3937                        $value = "WTFMove($name)";
     3938                        push(@implContent, "    RETURN_IF_EXCEPTION(throwScope, encodedJSValue());\n") if $mayThrowException;
     3939                    }
     3940
     3941                    if ($shouldPassByReference) {
     3942                        $value = "*$name";
     3943                    }
     3944                    push(@arguments, $value);
     3945                }
     3946                my $functionString = "$implFunctionName(" . join(", ", @arguments) . ")";
     3947                $functionString = "propagateException(*state, throwScope, $functionString)" if NeedsExplicitPropagateExceptionCall($function);
     3948                push(@implContent, "    JSValue result = " . NativeToJSValueUsingPointers($function, 1, $interface, $functionString, "castedThis") . ";\n");
     3949                push(@implContent, "    return JSValue::encode(result);\n");
     3950                push(@implContent, "}\n\n");
     3951            }
     3952
    38413953            push(@implContent, "#endif\n\n") if $conditional;
    38423954
     
    53255437}
    53265438
     5439sub UnsafeToNative
     5440{
     5441    my ($interface, $context, $value, $conditional, $statePointer, $stateReference, $thisObjectReference) = @_;
     5442
     5443    assert("Invalid context type") if !IsValidContextForJSValueToNative($context);
     5444
     5445    my $type = $context->type;
     5446
     5447    # FIXME: Remove these 3 variables when all JSValueToNative use references.
     5448    $statePointer = "state" unless $statePointer;
     5449    $stateReference = "*state" unless $stateReference;
     5450    $thisObjectReference = "*castedThis" unless $thisObjectReference;
     5451
     5452    AddToImplIncludesForIDLType($type, $conditional);
     5453
     5454    # FIXME: Support more types.
     5455
     5456    if ($type->name eq "DOMString") {
     5457        return ("AtomicString($value->toExistingAtomicString($statePointer))", 1) if $context->extendedAttributes->{RequiresExistingAtomicString};
     5458        return ("$value->toAtomicString($statePointer)", 1) if $context->extendedAttributes->{AtomicString};
     5459    }
     5460
     5461    AddToImplIncludes("DOMJITIDLConvert.h");
     5462
     5463    my $IDLType = GetIDLType($interface, $type);
     5464
     5465    my @conversionArguments = ();
     5466    push(@conversionArguments, "$stateReference");
     5467    push(@conversionArguments, "$value");
     5468
     5469    my @conversionStaticArguments = ();
     5470    push(@conversionStaticArguments, GetIntegerConversionConfiguration($context)) if $codeGenerator->IsIntegerType($type);
     5471    push(@conversionStaticArguments, GetStringConversionConfiguration($context)) if $codeGenerator->IsStringType($type);
     5472
     5473    if (scalar(@conversionStaticArguments) > 0) {
     5474        return ("DOMJIT::DirectConverter<$IDLType>::directConvert<" . join(", ", @conversionStaticArguments) . ">(" . join(", ", @conversionArguments) . ")", 1);
     5475    }
     5476    return ("DOMJIT::DirectConverter<$IDLType>::directConvert(" . join(", ", @conversionArguments) . ")", 1);
     5477}
     5478
    53275479sub NativeToJSValueDOMConvertNeedsState
    53285480{
     
    55095661        }
    55105662
    5511         if ("@$specials[$i]" =~ m/Function/) {
     5663        if ("@$specials[$i]" =~ m/DOMJITFunction/) {
     5664            $firstTargetType = "static_cast<NativeFunction>";
     5665            $secondTargetType = "static_cast<const JSC::DOMJIT::Signature*>";
     5666        } elsif ("@$specials[$i]" =~ m/Function/) {
    55125667            $firstTargetType = "static_cast<NativeFunction>";
    55135668        } elsif ("@$specials[$i]" =~ m/Builtin/) {
     
    61076262        push(@specials, "JSC::Function");
    61086263    }
     6264    if ($function->extendedAttributes->{"DOMJIT"}) {
     6265        push(@specials, "DOMJITFunction") if $function->extendedAttributes->{DOMJIT};
     6266    }
    61096267    return (@specials > 0) ? join(" | ", @specials) : "0";
    61106268}
  • trunk/Source/WebCore/bindings/scripts/IDLAttributes.txt

    r207525 r208320  
    5353CustomSetter
    5454CustomToJSObject
    55 DOMJIT
     55DOMJIT=|ReadDOM
    5656DoNotCheckConstants
    5757DoNotCheckSecurity
  • trunk/Source/WebCore/bindings/scripts/test/JS/JSTestDOMJIT.cpp

    r208308 r208320  
    2222#include "JSTestDOMJIT.h"
    2323
     24#include "DOMJITAbstractHeapRepository.h"
     25#include "DOMJITCheckDOM.h"
     26#include "DOMJITIDLConvert.h"
     27#include "DOMJITIDLType.h"
     28#include "DOMJITIDLTypeFilter.h"
     29#include "ExceptionCode.h"
    2430#include "JSByteString.h"
    2531#include "JSDOMBinding.h"
    2632#include "JSDOMConstructor.h"
    2733#include "JSDOMConvert.h"
     34#include "JSElement.h"
     35#include "JSNodeList.h"
     36#include <interpreter/FrameTracers.h>
     37#include <runtime/Error.h>
    2838#include <wtf/GetPtr.h>
    2939#include <wtf/NeverDestroyed.h>
     
    3242
    3343namespace WebCore {
     44
     45// Functions
     46
     47JSC::EncodedJSValue JSC_HOST_CALL jsTestDOMJITPrototypeFunctionGetAttribute(JSC::ExecState*);
     48JSC::EncodedJSValue JSC_HOST_CALL unsafeJsTestDOMJITPrototypeFunctionGetAttribute(JSC::ExecState*, JSTestDOMJIT*, DOMJIT::IDLJSArgumentType<IDLDOMString>);
     49JSC::EncodedJSValue JSC_HOST_CALL jsTestDOMJITPrototypeFunctionItem(JSC::ExecState*);
     50JSC::EncodedJSValue JSC_HOST_CALL unsafeJsTestDOMJITPrototypeFunctionItem(JSC::ExecState*, JSTestDOMJIT*, DOMJIT::IDLJSArgumentType<IDLUnsignedShort>, DOMJIT::IDLJSArgumentType<IDLUnsignedShort>);
     51JSC::EncodedJSValue JSC_HOST_CALL jsTestDOMJITPrototypeFunctionHasAttribute(JSC::ExecState*);
     52JSC::EncodedJSValue JSC_HOST_CALL unsafeJsTestDOMJITPrototypeFunctionHasAttribute(JSC::ExecState*, JSTestDOMJIT*);
     53JSC::EncodedJSValue JSC_HOST_CALL jsTestDOMJITPrototypeFunctionGetElementById(JSC::ExecState*);
     54JSC::EncodedJSValue JSC_HOST_CALL unsafeJsTestDOMJITPrototypeFunctionGetElementById(JSC::ExecState*, JSTestDOMJIT*, DOMJIT::IDLJSArgumentType<IDLDOMString>);
     55JSC::EncodedJSValue JSC_HOST_CALL jsTestDOMJITPrototypeFunctionGetElementsByName(JSC::ExecState*);
     56JSC::EncodedJSValue JSC_HOST_CALL unsafeJsTestDOMJITPrototypeFunctionGetElementsByName(JSC::ExecState*, JSTestDOMJIT*, DOMJIT::IDLJSArgumentType<IDLDOMString>);
    3457
    3558// Attributes
     
    7396bool setJSTestDOMJITConstructor(JSC::ExecState*, JSC::EncodedJSValue, JSC::EncodedJSValue);
    7497
     98static const JSC::DOMJIT::Signature DOMJITSignatureForTestDOMJITGetAttribute((uintptr_t)unsafeJsTestDOMJITPrototypeFunctionGetAttribute, DOMJIT::checkDOM<TestDOMJIT>, JSTestDOMJIT::info(), JSC::DOMJIT::Effect::forRead(DOMJIT::AbstractHeapRepository::DOM), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLDOMString>>::value, DOMJIT::IDLArgumentTypeFilter<IDLDOMString>::value);
     99
     100static const JSC::DOMJIT::Signature DOMJITSignatureForTestDOMJITItem((uintptr_t)unsafeJsTestDOMJITPrototypeFunctionItem, DOMJIT::checkDOM<TestDOMJIT>, JSTestDOMJIT::info(), JSC::DOMJIT::Effect::forRead(DOMJIT::AbstractHeapRepository::DOM), DOMJIT::IDLResultTypeFilter<IDLDOMString>::value, DOMJIT::IDLArgumentTypeFilter<IDLUnsignedShort>::value, DOMJIT::IDLArgumentTypeFilter<IDLUnsignedShort>::value);
     101
     102static const JSC::DOMJIT::Signature DOMJITSignatureForTestDOMJITHasAttribute((uintptr_t)unsafeJsTestDOMJITPrototypeFunctionHasAttribute, DOMJIT::checkDOM<TestDOMJIT>, JSTestDOMJIT::info(), JSC::DOMJIT::Effect::forRead(DOMJIT::AbstractHeapRepository::DOM), DOMJIT::IDLResultTypeFilter<IDLBoolean>::value);
     103
     104static const JSC::DOMJIT::Signature DOMJITSignatureForTestDOMJITGetElementById((uintptr_t)unsafeJsTestDOMJITPrototypeFunctionGetElementById, DOMJIT::checkDOM<TestDOMJIT>, JSTestDOMJIT::info(), JSC::DOMJIT::Effect::forRead(DOMJIT::AbstractHeapRepository::DOM), DOMJIT::IDLResultTypeFilter<IDLInterface<Element>>::value, DOMJIT::IDLArgumentTypeFilter<IDLDOMString>::value);
     105
     106static const JSC::DOMJIT::Signature DOMJITSignatureForTestDOMJITGetElementsByName((uintptr_t)unsafeJsTestDOMJITPrototypeFunctionGetElementsByName, DOMJIT::checkDOM<TestDOMJIT>, JSTestDOMJIT::info(), JSC::DOMJIT::Effect::forRead(DOMJIT::AbstractHeapRepository::DOM), DOMJIT::IDLResultTypeFilter<IDLInterface<NodeList>>::value, DOMJIT::IDLArgumentTypeFilter<IDLDOMString>::value);
     107
    75108class JSTestDOMJITPrototype : public JSC::JSNonFinalObject {
    76109public:
     
    154187    { "usvStringNullableAttr", ReadOnly | CustomAccessor | DOMJITAttribute, NoIntrinsic, { (intptr_t)static_cast<DOMJITGetterSetterGenerator>(domJITGetterSetterForTestDOMJITUsvStringNullableAttr), (intptr_t) (0) } },
    155188    { "nodeNullableAttr", ReadOnly | CustomAccessor | DOMJITAttribute, NoIntrinsic, { (intptr_t)static_cast<DOMJITGetterSetterGenerator>(domJITGetterSetterForTestDOMJITNodeNullableAttr), (intptr_t) (0) } },
     189    { "getAttribute", JSC::Function | DOMJITFunction, NoIntrinsic, { (intptr_t)static_cast<NativeFunction>(jsTestDOMJITPrototypeFunctionGetAttribute), (intptr_t) static_cast<const JSC::DOMJIT::Signature*>(&DOMJITSignatureForTestDOMJITGetAttribute) } },
     190    { "item", JSC::Function | DOMJITFunction, NoIntrinsic, { (intptr_t)static_cast<NativeFunction>(jsTestDOMJITPrototypeFunctionItem), (intptr_t) static_cast<const JSC::DOMJIT::Signature*>(&DOMJITSignatureForTestDOMJITItem) } },
     191    { "hasAttribute", JSC::Function | DOMJITFunction, NoIntrinsic, { (intptr_t)static_cast<NativeFunction>(jsTestDOMJITPrototypeFunctionHasAttribute), (intptr_t) static_cast<const JSC::DOMJIT::Signature*>(&DOMJITSignatureForTestDOMJITHasAttribute) } },
     192    { "getElementById", JSC::Function | DOMJITFunction, NoIntrinsic, { (intptr_t)static_cast<NativeFunction>(jsTestDOMJITPrototypeFunctionGetElementById), (intptr_t) static_cast<const JSC::DOMJIT::Signature*>(&DOMJITSignatureForTestDOMJITGetElementById) } },
     193    { "getElementsByName", JSC::Function | DOMJITFunction, NoIntrinsic, { (intptr_t)static_cast<NativeFunction>(jsTestDOMJITPrototypeFunctionGetElementsByName), (intptr_t) static_cast<const JSC::DOMJIT::Signature*>(&DOMJITSignatureForTestDOMJITGetElementsByName) } },
    156194};
    157195
     
    186224}
    187225
     226template<> inline JSTestDOMJIT* BindingCaller<JSTestDOMJIT>::castForOperation(ExecState& state)
     227{
     228    return jsDynamicDowncast<JSTestDOMJIT*>(state.thisValue());
     229}
     230
    188231static inline JSValue jsTestDOMJITAnyAttrGetter(ExecState&, JSTestDOMJIT&, ThrowScope& throwScope);
    189232
     
    203246
    204247TestDOMJITAnyAttrDOMJIT::TestDOMJITAnyAttrDOMJIT()
    205     : JSC::DOMJIT::GetterSetter(jsTestDOMJITAnyAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecHeapTop)
     248    : JSC::DOMJIT::GetterSetter(jsTestDOMJITAnyAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLAny>::value)
    206249{
    207250}
     
    230273
    231274TestDOMJITBooleanAttrDOMJIT::TestDOMJITBooleanAttrDOMJIT()
    232     : JSC::DOMJIT::GetterSetter(jsTestDOMJITBooleanAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecBoolean)
     275    : JSC::DOMJIT::GetterSetter(jsTestDOMJITBooleanAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLBoolean>::value)
    233276{
    234277}
     
    257300
    258301TestDOMJITByteAttrDOMJIT::TestDOMJITByteAttrDOMJIT()
    259     : JSC::DOMJIT::GetterSetter(jsTestDOMJITByteAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecInt32Only)
     302    : JSC::DOMJIT::GetterSetter(jsTestDOMJITByteAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLByte>::value)
    260303{
    261304}
     
    284327
    285328TestDOMJITOctetAttrDOMJIT::TestDOMJITOctetAttrDOMJIT()
    286     : JSC::DOMJIT::GetterSetter(jsTestDOMJITOctetAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecInt32Only)
     329    : JSC::DOMJIT::GetterSetter(jsTestDOMJITOctetAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLOctet>::value)
    287330{
    288331}
     
    311354
    312355TestDOMJITShortAttrDOMJIT::TestDOMJITShortAttrDOMJIT()
    313     : JSC::DOMJIT::GetterSetter(jsTestDOMJITShortAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecInt32Only)
     356    : JSC::DOMJIT::GetterSetter(jsTestDOMJITShortAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLShort>::value)
    314357{
    315358}
     
    338381
    339382TestDOMJITUnsignedShortAttrDOMJIT::TestDOMJITUnsignedShortAttrDOMJIT()
    340     : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnsignedShortAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecInt32Only)
     383    : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnsignedShortAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLUnsignedShort>::value)
    341384{
    342385}
     
    365408
    366409TestDOMJITLongAttrDOMJIT::TestDOMJITLongAttrDOMJIT()
    367     : JSC::DOMJIT::GetterSetter(jsTestDOMJITLongAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecInt32Only)
     410    : JSC::DOMJIT::GetterSetter(jsTestDOMJITLongAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLLong>::value)
    368411{
    369412}
     
    392435
    393436TestDOMJITUnsignedLongAttrDOMJIT::TestDOMJITUnsignedLongAttrDOMJIT()
    394     : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnsignedLongAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecBytecodeNumber)
     437    : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnsignedLongAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLUnsignedLong>::value)
    395438{
    396439}
     
    419462
    420463TestDOMJITLongLongAttrDOMJIT::TestDOMJITLongLongAttrDOMJIT()
    421     : JSC::DOMJIT::GetterSetter(jsTestDOMJITLongLongAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecBytecodeNumber)
     464    : JSC::DOMJIT::GetterSetter(jsTestDOMJITLongLongAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLLongLong>::value)
    422465{
    423466}
     
    446489
    447490TestDOMJITUnsignedLongLongAttrDOMJIT::TestDOMJITUnsignedLongLongAttrDOMJIT()
    448     : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnsignedLongLongAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecBytecodeNumber)
     491    : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnsignedLongLongAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLUnsignedLongLong>::value)
    449492{
    450493}
     
    473516
    474517TestDOMJITFloatAttrDOMJIT::TestDOMJITFloatAttrDOMJIT()
    475     : JSC::DOMJIT::GetterSetter(jsTestDOMJITFloatAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecBytecodeNumber)
     518    : JSC::DOMJIT::GetterSetter(jsTestDOMJITFloatAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLFloat>::value)
    476519{
    477520}
     
    500543
    501544TestDOMJITUnrestrictedFloatAttrDOMJIT::TestDOMJITUnrestrictedFloatAttrDOMJIT()
    502     : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnrestrictedFloatAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecBytecodeNumber)
     545    : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnrestrictedFloatAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLUnrestrictedFloat>::value)
    503546{
    504547}
     
    527570
    528571TestDOMJITDoubleAttrDOMJIT::TestDOMJITDoubleAttrDOMJIT()
    529     : JSC::DOMJIT::GetterSetter(jsTestDOMJITDoubleAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecBytecodeNumber)
     572    : JSC::DOMJIT::GetterSetter(jsTestDOMJITDoubleAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLDouble>::value)
    530573{
    531574}
     
    554597
    555598TestDOMJITUnrestrictedDoubleAttrDOMJIT::TestDOMJITUnrestrictedDoubleAttrDOMJIT()
    556     : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnrestrictedDoubleAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecBytecodeNumber)
     599    : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnrestrictedDoubleAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLUnrestrictedDouble>::value)
    557600{
    558601}
     
    581624
    582625TestDOMJITDomStringAttrDOMJIT::TestDOMJITDomStringAttrDOMJIT()
    583     : JSC::DOMJIT::GetterSetter(jsTestDOMJITDomStringAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecString)
     626    : JSC::DOMJIT::GetterSetter(jsTestDOMJITDomStringAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLDOMString>::value)
    584627{
    585628}
     
    608651
    609652TestDOMJITByteStringAttrDOMJIT::TestDOMJITByteStringAttrDOMJIT()
    610     : JSC::DOMJIT::GetterSetter(jsTestDOMJITByteStringAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecString)
     653    : JSC::DOMJIT::GetterSetter(jsTestDOMJITByteStringAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLByteString>::value)
    611654{
    612655}
     
    635678
    636679TestDOMJITUsvStringAttrDOMJIT::TestDOMJITUsvStringAttrDOMJIT()
    637     : JSC::DOMJIT::GetterSetter(jsTestDOMJITUsvStringAttr, nullptr, JSTestDOMJIT::info(), JSC::SpecString)
     680    : JSC::DOMJIT::GetterSetter(jsTestDOMJITUsvStringAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLUSVString>::value)
    638681{
    639682}
     
    662705
    663706TestDOMJITNodeAttrDOMJIT::TestDOMJITNodeAttrDOMJIT()
    664     : JSC::DOMJIT::GetterSetter(jsTestDOMJITNodeAttr, nullptr, JSTestDOMJIT::info(), SpecHeapTop)
     707    : JSC::DOMJIT::GetterSetter(jsTestDOMJITNodeAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLInterface<Node>>::value)
    665708{
    666709}
     
    689732
    690733TestDOMJITBooleanNullableAttrDOMJIT::TestDOMJITBooleanNullableAttrDOMJIT()
    691     : JSC::DOMJIT::GetterSetter(jsTestDOMJITBooleanNullableAttr, nullptr, JSTestDOMJIT::info(), (JSC::SpecBoolean | JSC::SpecOther))
     734    : JSC::DOMJIT::GetterSetter(jsTestDOMJITBooleanNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLBoolean>>::value)
    692735{
    693736}
     
    716759
    717760TestDOMJITByteNullableAttrDOMJIT::TestDOMJITByteNullableAttrDOMJIT()
    718     : JSC::DOMJIT::GetterSetter(jsTestDOMJITByteNullableAttr, nullptr, JSTestDOMJIT::info(), (JSC::SpecInt32Only | JSC::SpecOther))
     761    : JSC::DOMJIT::GetterSetter(jsTestDOMJITByteNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLByte>>::value)
    719762{
    720763}
     
    743786
    744787TestDOMJITOctetNullableAttrDOMJIT::TestDOMJITOctetNullableAttrDOMJIT()
    745     : JSC::DOMJIT::GetterSetter(jsTestDOMJITOctetNullableAttr, nullptr, JSTestDOMJIT::info(), (JSC::SpecInt32Only | JSC::SpecOther))
     788    : JSC::DOMJIT::GetterSetter(jsTestDOMJITOctetNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLOctet>>::value)
    746789{
    747790}
     
    770813
    771814TestDOMJITShortNullableAttrDOMJIT::TestDOMJITShortNullableAttrDOMJIT()
    772     : JSC::DOMJIT::GetterSetter(jsTestDOMJITShortNullableAttr, nullptr, JSTestDOMJIT::info(), (JSC::SpecInt32Only | JSC::SpecOther))
     815    : JSC::DOMJIT::GetterSetter(jsTestDOMJITShortNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLShort>>::value)
    773816{
    774817}
     
    797840
    798841TestDOMJITUnsignedShortNullableAttrDOMJIT::TestDOMJITUnsignedShortNullableAttrDOMJIT()
    799     : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnsignedShortNullableAttr, nullptr, JSTestDOMJIT::info(), (JSC::SpecInt32Only | JSC::SpecOther))
     842    : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnsignedShortNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLUnsignedShort>>::value)
    800843{
    801844}
     
    824867
    825868TestDOMJITLongNullableAttrDOMJIT::TestDOMJITLongNullableAttrDOMJIT()
    826     : JSC::DOMJIT::GetterSetter(jsTestDOMJITLongNullableAttr, nullptr, JSTestDOMJIT::info(), (JSC::SpecInt32Only | JSC::SpecOther))
     869    : JSC::DOMJIT::GetterSetter(jsTestDOMJITLongNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLLong>>::value)
    827870{
    828871}
     
    851894
    852895TestDOMJITUnsignedLongNullableAttrDOMJIT::TestDOMJITUnsignedLongNullableAttrDOMJIT()
    853     : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnsignedLongNullableAttr, nullptr, JSTestDOMJIT::info(), (JSC::SpecBytecodeNumber | JSC::SpecOther))
     896    : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnsignedLongNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLUnsignedLong>>::value)
    854897{
    855898}
     
    878921
    879922TestDOMJITLongLongNullableAttrDOMJIT::TestDOMJITLongLongNullableAttrDOMJIT()
    880     : JSC::DOMJIT::GetterSetter(jsTestDOMJITLongLongNullableAttr, nullptr, JSTestDOMJIT::info(), (JSC::SpecBytecodeNumber | JSC::SpecOther))
     923    : JSC::DOMJIT::GetterSetter(jsTestDOMJITLongLongNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLLongLong>>::value)
    881924{
    882925}
     
    905948
    906949TestDOMJITUnsignedLongLongNullableAttrDOMJIT::TestDOMJITUnsignedLongLongNullableAttrDOMJIT()
    907     : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnsignedLongLongNullableAttr, nullptr, JSTestDOMJIT::info(), (JSC::SpecBytecodeNumber | JSC::SpecOther))
     950    : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnsignedLongLongNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLUnsignedLongLong>>::value)
    908951{
    909952}
     
    932975
    933976TestDOMJITFloatNullableAttrDOMJIT::TestDOMJITFloatNullableAttrDOMJIT()
    934     : JSC::DOMJIT::GetterSetter(jsTestDOMJITFloatNullableAttr, nullptr, JSTestDOMJIT::info(), (JSC::SpecBytecodeNumber | JSC::SpecOther))
     977    : JSC::DOMJIT::GetterSetter(jsTestDOMJITFloatNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLFloat>>::value)
    935978{
    936979}
     
    9591002
    9601003TestDOMJITUnrestrictedFloatNullableAttrDOMJIT::TestDOMJITUnrestrictedFloatNullableAttrDOMJIT()
    961     : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnrestrictedFloatNullableAttr, nullptr, JSTestDOMJIT::info(), (JSC::SpecBytecodeNumber | JSC::SpecOther))
     1004    : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnrestrictedFloatNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLUnrestrictedFloat>>::value)
    9621005{
    9631006}
     
    9861029
    9871030TestDOMJITDoubleNullableAttrDOMJIT::TestDOMJITDoubleNullableAttrDOMJIT()
    988     : JSC::DOMJIT::GetterSetter(jsTestDOMJITDoubleNullableAttr, nullptr, JSTestDOMJIT::info(), (JSC::SpecBytecodeNumber | JSC::SpecOther))
     1031    : JSC::DOMJIT::GetterSetter(jsTestDOMJITDoubleNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLDouble>>::value)
    9891032{
    9901033}
     
    10131056
    10141057TestDOMJITUnrestrictedDoubleNullableAttrDOMJIT::TestDOMJITUnrestrictedDoubleNullableAttrDOMJIT()
    1015     : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnrestrictedDoubleNullableAttr, nullptr, JSTestDOMJIT::info(), (JSC::SpecBytecodeNumber | JSC::SpecOther))
     1058    : JSC::DOMJIT::GetterSetter(jsTestDOMJITUnrestrictedDoubleNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLUnrestrictedDouble>>::value)
    10161059{
    10171060}
     
    10401083
    10411084TestDOMJITDomStringNullableAttrDOMJIT::TestDOMJITDomStringNullableAttrDOMJIT()
    1042     : JSC::DOMJIT::GetterSetter(jsTestDOMJITDomStringNullableAttr, nullptr, JSTestDOMJIT::info(), (JSC::SpecString | JSC::SpecOther))
     1085    : JSC::DOMJIT::GetterSetter(jsTestDOMJITDomStringNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLDOMString>>::value)
    10431086{
    10441087}
     
    10671110
    10681111TestDOMJITByteStringNullableAttrDOMJIT::TestDOMJITByteStringNullableAttrDOMJIT()
    1069     : JSC::DOMJIT::GetterSetter(jsTestDOMJITByteStringNullableAttr, nullptr, JSTestDOMJIT::info(), (JSC::SpecString | JSC::SpecOther))
     1112    : JSC::DOMJIT::GetterSetter(jsTestDOMJITByteStringNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLByteString>>::value)
    10701113{
    10711114}
     
    10941137
    10951138TestDOMJITUsvStringNullableAttrDOMJIT::TestDOMJITUsvStringNullableAttrDOMJIT()
    1096     : JSC::DOMJIT::GetterSetter(jsTestDOMJITUsvStringNullableAttr, nullptr, JSTestDOMJIT::info(), (JSC::SpecString | JSC::SpecOther))
     1139    : JSC::DOMJIT::GetterSetter(jsTestDOMJITUsvStringNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLUSVString>>::value)
    10971140{
    10981141}
     
    11211164
    11221165TestDOMJITNodeNullableAttrDOMJIT::TestDOMJITNodeNullableAttrDOMJIT()
    1123     : JSC::DOMJIT::GetterSetter(jsTestDOMJITNodeNullableAttr, nullptr, JSTestDOMJIT::info(), SpecHeapTop)
     1166    : JSC::DOMJIT::GetterSetter(jsTestDOMJITNodeNullableAttr, nullptr, JSTestDOMJIT::info(), DOMJIT::IDLResultTypeFilter<IDLNullable<IDLInterface<Node>>>::value)
    11241167{
    11251168}
     
    11601203}
    11611204
     1205static inline JSC::EncodedJSValue jsTestDOMJITPrototypeFunctionGetAttributeCaller(JSC::ExecState*, JSTestDOMJIT*, JSC::ThrowScope&);
     1206
     1207EncodedJSValue JSC_HOST_CALL jsTestDOMJITPrototypeFunctionGetAttribute(ExecState* state)
     1208{
     1209    return BindingCaller<JSTestDOMJIT>::callOperation<jsTestDOMJITPrototypeFunctionGetAttributeCaller>(state, "getAttribute");
     1210}
     1211
     1212static inline JSC::EncodedJSValue jsTestDOMJITPrototypeFunctionGetAttributeCaller(JSC::ExecState* state, JSTestDOMJIT* castedThis, JSC::ThrowScope& throwScope)
     1213{
     1214    UNUSED_PARAM(state);
     1215    UNUSED_PARAM(throwScope);
     1216    auto& impl = castedThis->wrapped();
     1217    if (UNLIKELY(state->argumentCount() < 1))
     1218        return throwVMError(state, throwScope, createNotEnoughArgumentsError(state));
     1219    auto name = convert<IDLDOMString>(*state, state->uncheckedArgument(0), StringConversionConfiguration::Normal);
     1220    RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
     1221    JSValue result = toJS<IDLNullable<IDLDOMString>>(*state, impl.getAttribute(WTFMove(name)));
     1222    return JSValue::encode(result);
     1223}
     1224
     1225JSC::EncodedJSValue JSC_HOST_CALL unsafeJsTestDOMJITPrototypeFunctionGetAttribute(JSC::ExecState* state, JSTestDOMJIT* castedThis, DOMJIT::IDLJSArgumentType<IDLDOMString> encodedName)
     1226{
     1227    UNUSED_PARAM(state);
     1228    VM& vm = state->vm();
     1229    JSC::NativeCallFrameTracer tracer(&vm, state);
     1230    auto throwScope = DECLARE_THROW_SCOPE(vm);
     1231    UNUSED_PARAM(throwScope);
     1232    auto& impl = castedThis->wrapped();
     1233    auto name = DOMJIT::DirectConverter<IDLDOMString>::directConvert<StringConversionConfiguration::Normal>(*state, encodedName);
     1234    RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
     1235    JSValue result = toJS<IDLNullable<IDLDOMString>>(*state, impl.getAttribute(WTFMove(name)));
     1236    return JSValue::encode(result);
     1237}
     1238
     1239static inline JSC::EncodedJSValue jsTestDOMJITPrototypeFunctionItemCaller(JSC::ExecState*, JSTestDOMJIT*, JSC::ThrowScope&);
     1240
     1241EncodedJSValue JSC_HOST_CALL jsTestDOMJITPrototypeFunctionItem(ExecState* state)
     1242{
     1243    return BindingCaller<JSTestDOMJIT>::callOperation<jsTestDOMJITPrototypeFunctionItemCaller>(state, "item");
     1244}
     1245
     1246static inline JSC::EncodedJSValue jsTestDOMJITPrototypeFunctionItemCaller(JSC::ExecState* state, JSTestDOMJIT* castedThis, JSC::ThrowScope& throwScope)
     1247{
     1248    UNUSED_PARAM(state);
     1249    UNUSED_PARAM(throwScope);
     1250    auto& impl = castedThis->wrapped();
     1251    if (UNLIKELY(state->argumentCount() < 2))
     1252        return throwVMError(state, throwScope, createNotEnoughArgumentsError(state));
     1253    auto x = convert<IDLUnsignedShort>(*state, state->uncheckedArgument(0), IntegerConversionConfiguration::Normal);
     1254    RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
     1255    auto y = convert<IDLUnsignedShort>(*state, state->uncheckedArgument(1), IntegerConversionConfiguration::Normal);
     1256    RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
     1257    JSValue result = toJS<IDLDOMString>(*state, impl.item(WTFMove(x), WTFMove(y)));
     1258    return JSValue::encode(result);
     1259}
     1260
     1261JSC::EncodedJSValue JSC_HOST_CALL unsafeJsTestDOMJITPrototypeFunctionItem(JSC::ExecState* state, JSTestDOMJIT* castedThis, DOMJIT::IDLJSArgumentType<IDLUnsignedShort> encodedX, DOMJIT::IDLJSArgumentType<IDLUnsignedShort> encodedY)
     1262{
     1263    UNUSED_PARAM(state);
     1264    VM& vm = state->vm();
     1265    JSC::NativeCallFrameTracer tracer(&vm, state);
     1266    auto throwScope = DECLARE_THROW_SCOPE(vm);
     1267    UNUSED_PARAM(throwScope);
     1268    auto& impl = castedThis->wrapped();
     1269    auto x = DOMJIT::DirectConverter<IDLUnsignedShort>::directConvert<IntegerConversionConfiguration::Normal>(*state, encodedX);
     1270    RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
     1271    auto y = DOMJIT::DirectConverter<IDLUnsignedShort>::directConvert<IntegerConversionConfiguration::Normal>(*state, encodedY);
     1272    RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
     1273    JSValue result = toJS<IDLDOMString>(*state, impl.item(WTFMove(x), WTFMove(y)));
     1274    return JSValue::encode(result);
     1275}
     1276
     1277static inline JSC::EncodedJSValue jsTestDOMJITPrototypeFunctionHasAttributeCaller(JSC::ExecState*, JSTestDOMJIT*, JSC::ThrowScope&);
     1278
     1279EncodedJSValue JSC_HOST_CALL jsTestDOMJITPrototypeFunctionHasAttribute(ExecState* state)
     1280{
     1281    return BindingCaller<JSTestDOMJIT>::callOperation<jsTestDOMJITPrototypeFunctionHasAttributeCaller>(state, "hasAttribute");
     1282}
     1283
     1284static inline JSC::EncodedJSValue jsTestDOMJITPrototypeFunctionHasAttributeCaller(JSC::ExecState* state, JSTestDOMJIT* castedThis, JSC::ThrowScope& throwScope)
     1285{
     1286    UNUSED_PARAM(state);
     1287    UNUSED_PARAM(throwScope);
     1288    auto& impl = castedThis->wrapped();
     1289    JSValue result = toJS<IDLBoolean>(impl.hasAttribute());
     1290    return JSValue::encode(result);
     1291}
     1292
     1293JSC::EncodedJSValue JSC_HOST_CALL unsafeJsTestDOMJITPrototypeFunctionHasAttribute(JSC::ExecState* state, JSTestDOMJIT* castedThis)
     1294{
     1295    UNUSED_PARAM(state);
     1296    VM& vm = state->vm();
     1297    JSC::NativeCallFrameTracer tracer(&vm, state);
     1298    auto throwScope = DECLARE_THROW_SCOPE(vm);
     1299    UNUSED_PARAM(throwScope);
     1300    auto& impl = castedThis->wrapped();
     1301    JSValue result = toJS<IDLBoolean>(impl.hasAttribute());
     1302    return JSValue::encode(result);
     1303}
     1304
     1305static inline JSC::EncodedJSValue jsTestDOMJITPrototypeFunctionGetElementByIdCaller(JSC::ExecState*, JSTestDOMJIT*, JSC::ThrowScope&);
     1306
     1307EncodedJSValue JSC_HOST_CALL jsTestDOMJITPrototypeFunctionGetElementById(ExecState* state)
     1308{
     1309    return BindingCaller<JSTestDOMJIT>::callOperation<jsTestDOMJITPrototypeFunctionGetElementByIdCaller>(state, "getElementById");
     1310}
     1311
     1312static inline JSC::EncodedJSValue jsTestDOMJITPrototypeFunctionGetElementByIdCaller(JSC::ExecState* state, JSTestDOMJIT* castedThis, JSC::ThrowScope& throwScope)
     1313{
     1314    UNUSED_PARAM(state);
     1315    UNUSED_PARAM(throwScope);
     1316    auto& impl = castedThis->wrapped();
     1317    if (UNLIKELY(state->argumentCount() < 1))
     1318        return throwVMError(state, throwScope, createNotEnoughArgumentsError(state));
     1319    auto elementId = AtomicString(state->uncheckedArgument(0).toString(state)->toExistingAtomicString(state));
     1320    RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
     1321    JSValue result = toJS<IDLInterface<Element>>(*state, *castedThis->globalObject(), impl.getElementById(WTFMove(elementId)));
     1322    return JSValue::encode(result);
     1323}
     1324
     1325JSC::EncodedJSValue JSC_HOST_CALL unsafeJsTestDOMJITPrototypeFunctionGetElementById(JSC::ExecState* state, JSTestDOMJIT* castedThis, DOMJIT::IDLJSArgumentType<IDLDOMString> encodedElementId)
     1326{
     1327    UNUSED_PARAM(state);
     1328    VM& vm = state->vm();
     1329    JSC::NativeCallFrameTracer tracer(&vm, state);
     1330    auto throwScope = DECLARE_THROW_SCOPE(vm);
     1331    UNUSED_PARAM(throwScope);
     1332    auto& impl = castedThis->wrapped();
     1333    auto elementId = AtomicString(encodedElementId->toExistingAtomicString(state));
     1334    RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
     1335    JSValue result = toJS<IDLInterface<Element>>(*state, *castedThis->globalObject(), impl.getElementById(WTFMove(elementId)));
     1336    return JSValue::encode(result);
     1337}
     1338
     1339static inline JSC::EncodedJSValue jsTestDOMJITPrototypeFunctionGetElementsByNameCaller(JSC::ExecState*, JSTestDOMJIT*, JSC::ThrowScope&);
     1340
     1341EncodedJSValue JSC_HOST_CALL jsTestDOMJITPrototypeFunctionGetElementsByName(ExecState* state)
     1342{
     1343    return BindingCaller<JSTestDOMJIT>::callOperation<jsTestDOMJITPrototypeFunctionGetElementsByNameCaller>(state, "getElementsByName");
     1344}
     1345
     1346static inline JSC::EncodedJSValue jsTestDOMJITPrototypeFunctionGetElementsByNameCaller(JSC::ExecState* state, JSTestDOMJIT* castedThis, JSC::ThrowScope& throwScope)
     1347{
     1348    UNUSED_PARAM(state);
     1349    UNUSED_PARAM(throwScope);
     1350    auto& impl = castedThis->wrapped();
     1351    if (UNLIKELY(state->argumentCount() < 1))
     1352        return throwVMError(state, throwScope, createNotEnoughArgumentsError(state));
     1353    auto elementName = state->uncheckedArgument(0).toString(state)->toAtomicString(state);
     1354    RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
     1355    JSValue result = toJS<IDLInterface<NodeList>>(*state, *castedThis->globalObject(), impl.getElementsByName(WTFMove(elementName)));
     1356    return JSValue::encode(result);
     1357}
     1358
     1359JSC::EncodedJSValue JSC_HOST_CALL unsafeJsTestDOMJITPrototypeFunctionGetElementsByName(JSC::ExecState* state, JSTestDOMJIT* castedThis, DOMJIT::IDLJSArgumentType<IDLDOMString> encodedElementName)
     1360{
     1361    UNUSED_PARAM(state);
     1362    VM& vm = state->vm();
     1363    JSC::NativeCallFrameTracer tracer(&vm, state);
     1364    auto throwScope = DECLARE_THROW_SCOPE(vm);
     1365    UNUSED_PARAM(throwScope);
     1366    auto& impl = castedThis->wrapped();
     1367    auto elementName = encodedElementName->toAtomicString(state);
     1368    RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
     1369    JSValue result = toJS<IDLInterface<NodeList>>(*state, *castedThis->globalObject(), impl.getElementsByName(WTFMove(elementName)));
     1370    return JSValue::encode(result);
     1371}
     1372
    11621373void JSTestDOMJIT::visitChildren(JSCell* cell, SlotVisitor& visitor)
    11631374{
  • trunk/Source/WebCore/bindings/scripts/test/TestDOMJIT.idl

    r207869 r208320  
    6464    [DOMJIT] readonly attribute USVString? usvStringNullableAttr;
    6565    [DOMJIT] readonly attribute Node? nodeNullableAttr;
     66
     67    [DOMJIT=ReadDOM] DOMString? getAttribute(DOMString name);
     68    [DOMJIT=ReadDOM] DOMString item(unsigned short x, unsigned short y);
     69    [DOMJIT=ReadDOM] boolean hasAttribute();
     70    [DOMJIT=ReadDOM] Element getElementById([RequiresExistingAtomicString] DOMString elementId);
     71    [DOMJIT=ReadDOM] NodeList getElementsByName([AtomicString] DOMString elementName);
    6672};
  • trunk/Source/WebCore/dom/Element.idl

    r208145 r208320  
    2727    readonly attribute DOMString? tagName;
    2828
    29     DOMString? getAttribute(DOMString name);
     29    [DOMJIT=ReadDOM] DOMString? getAttribute(DOMString name);
    3030
    3131    [CEReactions, MayThrowException] void setAttribute(DOMString name, DOMString value);
    3232
    3333    [CEReactions] void removeAttribute(DOMString name);
    34     Attr? getAttributeNode(DOMString name);
     34    [DOMJIT=ReadDOM] Attr? getAttributeNode(DOMString name);
    3535
    3636    [CEReactions, MayThrowException] Attr? setAttributeNode(Attr newAttr);
    3737    [CEReactions, MayThrowException] Attr removeAttributeNode(Attr oldAttr);
    3838
    39     HTMLCollection getElementsByTagName(DOMString name);
     39    [DOMJIT=ReadDOM] HTMLCollection getElementsByTagName(DOMString name);
    4040
    4141    readonly attribute NamedNodeMap attributes;
    42     boolean hasAttributes();
     42    [DOMJIT=ReadDOM] boolean hasAttributes();
    4343
    4444    DOMString? getAttributeNS(DOMString? namespaceURI, DOMString localName);
  • trunk/Source/WebCore/domjit/JSDocumentDOMJIT.cpp

    r208077 r208320  
    4949Ref<JSC::DOMJIT::CallDOMGetterPatchpoint> DocumentDocumentElementDOMJIT::callDOMGetter()
    5050{
    51     const auto& heap = DOMJIT::AbstractHeapRepository::shared();
    5251    Ref<JSC::DOMJIT::CallDOMGetterPatchpoint> patchpoint = JSC::DOMJIT::CallDOMGetterPatchpoint::create();
    5352    patchpoint->numGPScratchRegisters = 1;
     
    7170        return CCallHelpers::JumpList();
    7271    });
    73     patchpoint->effect = JSC::DOMJIT::Effect::forDef(heap.Document_documentElement);
     72    patchpoint->effect = JSC::DOMJIT::Effect::forDef(DOMJIT::AbstractHeapRepository::Document_documentElement);
    7473    return patchpoint;
    7574}
  • trunk/Source/WebCore/domjit/JSNodeDOMJIT.cpp

    r208077 r208320  
    8484Ref<JSC::DOMJIT::CallDOMGetterPatchpoint> NodeFirstChildDOMJIT::callDOMGetter()
    8585{
    86     const auto& heap = DOMJIT::AbstractHeapRepository::shared();
    8786    auto patchpoint = createCallDOMGetterForOffsetAccess<Node>(CAST_OFFSET(Node*, ContainerNode*) + ContainerNode::firstChildMemoryOffset(), IsContainerGuardRequirement::Required);
    88     patchpoint->effect = JSC::DOMJIT::Effect::forDef(heap.Node_firstChild);
     87    patchpoint->effect = JSC::DOMJIT::Effect::forDef(DOMJIT::AbstractHeapRepository::Node_firstChild);
    8988    return patchpoint;
    9089}
     
    9796Ref<JSC::DOMJIT::CallDOMGetterPatchpoint> NodeLastChildDOMJIT::callDOMGetter()
    9897{
    99     const auto& heap = DOMJIT::AbstractHeapRepository::shared();
    10098    auto patchpoint = createCallDOMGetterForOffsetAccess<Node>(CAST_OFFSET(Node*, ContainerNode*) + ContainerNode::lastChildMemoryOffset(), IsContainerGuardRequirement::Required);
    101     patchpoint->effect = JSC::DOMJIT::Effect::forDef(heap.Node_lastChild);
     99    patchpoint->effect = JSC::DOMJIT::Effect::forDef(DOMJIT::AbstractHeapRepository::Node_lastChild);
    102100    return patchpoint;
    103101}
     
    110108Ref<JSC::DOMJIT::CallDOMGetterPatchpoint> NodeNextSiblingDOMJIT::callDOMGetter()
    111109{
    112     const auto& heap = DOMJIT::AbstractHeapRepository::shared();
    113110    auto patchpoint = createCallDOMGetterForOffsetAccess<Node>(Node::nextSiblingMemoryOffset(), IsContainerGuardRequirement::NotRequired);
    114     patchpoint->effect = JSC::DOMJIT::Effect::forDef(heap.Node_nextSibling);
     111    patchpoint->effect = JSC::DOMJIT::Effect::forDef(DOMJIT::AbstractHeapRepository::Node_nextSibling);
    115112    return patchpoint;
    116113}
     
    123120Ref<JSC::DOMJIT::CallDOMGetterPatchpoint> NodePreviousSiblingDOMJIT::callDOMGetter()
    124121{
    125     const auto& heap = DOMJIT::AbstractHeapRepository::shared();
    126122    auto patchpoint = createCallDOMGetterForOffsetAccess<Node>(Node::previousSiblingMemoryOffset(), IsContainerGuardRequirement::NotRequired);
    127     patchpoint->effect = JSC::DOMJIT::Effect::forDef(heap.Node_previousSibling);
     123    patchpoint->effect = JSC::DOMJIT::Effect::forDef(DOMJIT::AbstractHeapRepository::Node_previousSibling);
    128124    return patchpoint;
    129125}
     
    136132Ref<JSC::DOMJIT::CallDOMGetterPatchpoint> NodeParentNodeDOMJIT::callDOMGetter()
    137133{
    138     const auto& heap = DOMJIT::AbstractHeapRepository::shared();
    139134    auto patchpoint = createCallDOMGetterForOffsetAccess<ContainerNode>(Node::parentNodeMemoryOffset(), IsContainerGuardRequirement::NotRequired);
    140     patchpoint->effect = JSC::DOMJIT::Effect::forDef(heap.Node_parentNode);
     135    patchpoint->effect = JSC::DOMJIT::Effect::forDef(DOMJIT::AbstractHeapRepository::Node_parentNode);
    141136    return patchpoint;
    142137}
     
    170165Ref<JSC::DOMJIT::CallDOMGetterPatchpoint> NodeOwnerDocumentDOMJIT::callDOMGetter()
    171166{
    172     const auto& heap = DOMJIT::AbstractHeapRepository::shared();
    173167    Ref<JSC::DOMJIT::CallDOMGetterPatchpoint> patchpoint = JSC::DOMJIT::CallDOMGetterPatchpoint::create();
    174168    patchpoint->numGPScratchRegisters = 1;
     
    192186        return CCallHelpers::JumpList();
    193187    });
    194     patchpoint->effect = JSC::DOMJIT::Effect::forDef(heap.Node_ownerDocument);
     188    patchpoint->effect = JSC::DOMJIT::Effect::forDef(DOMJIT::AbstractHeapRepository::Node_ownerDocument);
    195189    return patchpoint;
    196190}
Note: See TracChangeset for help on using the changeset viewer.