Changeset 250932 in webkit


Ignore:
Timestamp:
Oct 9, 2019 2:23:56 PM (4 years ago)
Author:
ysuzuki@apple.com
Message:

Unreviewed, roll out r250878
https://bugs.webkit.org/show_bug.cgi?id=202656

Breaking vimeo page.

JSTests:

  • stress/getter-setter-should-be-cell.js: Removed.

Source/JavaScriptCore:

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGFixupPhase.cpp:
  • runtime/GetterSetter.cpp:
  • runtime/GetterSetter.h:
  • runtime/JSGlobalObject.cpp:

(JSC::getGetterById):
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildren):

  • runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::regExpProtoGlobalGetter const):
(JSC::JSGlobalObject::regExpProtoUnicodeGetter const):
(JSC::JSGlobalObject::getterSetterStructure const):

  • runtime/JSType.h:
  • runtime/VM.cpp:

(JSC::VM::VM):

  • runtime/VM.h:
Location:
trunk
Files:
1 deleted
11 edited

Legend:

Unmodified
Added
Removed
  • trunk/JSTests/ChangeLog

    r250878 r250932  
     12019-10-09  Yusuke Suzuki  <ysuzuki@apple.com>
     2
     3        Unreviewed, roll out r250878
     4        https://bugs.webkit.org/show_bug.cgi?id=202656
     5
     6        Breaking vimeo page.
     7
     8        * stress/getter-setter-should-be-cell.js: Removed.
     9
    1102019-10-08  Yusuke Suzuki  <ysuzuki@apple.com>
    211
  • trunk/Source/JavaScriptCore/ChangeLog

    r250909 r250932  
     12019-10-09  Yusuke Suzuki  <ysuzuki@apple.com>
     2
     3        Unreviewed, roll out r250878
     4        https://bugs.webkit.org/show_bug.cgi?id=202656
     5
     6        Breaking vimeo page.
     7
     8        * dfg/DFGAbstractInterpreterInlines.h:
     9        (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
     10        * dfg/DFGFixupPhase.cpp:
     11        * runtime/GetterSetter.cpp:
     12        * runtime/GetterSetter.h:
     13        * runtime/JSGlobalObject.cpp:
     14        (JSC::getGetterById):
     15        (JSC::JSGlobalObject::init):
     16        (JSC::JSGlobalObject::visitChildren):
     17        * runtime/JSGlobalObject.h:
     18        (JSC::JSGlobalObject::regExpProtoGlobalGetter const):
     19        (JSC::JSGlobalObject::regExpProtoUnicodeGetter const):
     20        (JSC::JSGlobalObject::getterSetterStructure const):
     21        * runtime/JSType.h:
     22        * runtime/VM.cpp:
     23        (JSC::VM::VM):
     24        * runtime/VM.h:
     25
    1262019-10-09  Adrian Perez de Castro  <aperez@igalia.com>
    227
  • trunk/Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h

    r250878 r250932  
    34673467        }
    34683468       
    3469         setForNode(node, m_vm.getterSetterStructure.get());
     3469        if (base.value() && base.value().isObject()) {
     3470            setForNode(node, asObject(base.value())->globalObject()->getterSetterStructure());
     3471            break;
     3472        }
     3473
     3474        setTypeForNode(node, SpecObjectOther);
    34703475        break;
    34713476    }
  • trunk/Source/JavaScriptCore/dfg/DFGFixupPhase.cpp

    r250878 r250932  
    3535#include "DFGPredictionPropagationPhase.h"
    3636#include "DFGVariableAccessDataDump.h"
    37 #include "GetterSetter.h"
    3837#include "JSCInlines.h"
    3938#include "TypeLocation.h"
  • trunk/Source/JavaScriptCore/runtime/GetterSetter.cpp

    r250878 r250932  
    3434STATIC_ASSERT_IS_TRIVIALLY_DESTRUCTIBLE(GetterSetter);
    3535
    36 const ClassInfo GetterSetter::s_info = { "GetterSetter", nullptr, nullptr, nullptr, CREATE_METHOD_TABLE(GetterSetter) };
     36const ClassInfo GetterSetter::s_info = { "GetterSetter", &Base::s_info, nullptr, nullptr, CREATE_METHOD_TABLE(GetterSetter) };
    3737
    3838void GetterSetter::visitChildren(JSCell* cell, SlotVisitor& visitor)
  • trunk/Source/JavaScriptCore/runtime/GetterSetter.h

    r250878 r250932  
    4141// that constant is observed to have a non-null setter (or getter) then we can
    4242// constant fold that setter (or getter).
    43 class GetterSetter final : public JSCell {
     43class GetterSetter final : public JSNonFinalObject {
    4444    friend class JIT;
    45     using Base = JSCell;
     45    typedef JSNonFinalObject Base;
    4646private:
    4747    GetterSetter(VM& vm, JSGlobalObject* globalObject, JSObject* getter, JSObject* setter)
    48         : Base(vm, vm.getterSetterStructure.get())
     48        : Base(vm, globalObject->getterSetterStructure())
    4949    {
    5050        WTF::storeStoreFence();
  • trunk/Source/JavaScriptCore/runtime/JSGlobalObject.cpp

    r250878 r250932  
    451451}
    452452
    453 static GetterSetter* getGetterById(ExecState* exec, JSObject* base, const Identifier& ident)
     453static JSObject* getGetterById(ExecState* exec, JSObject* base, const Identifier& ident)
    454454{
    455455    JSValue baseValue = JSValue(base);
    456456    PropertySlot slot(baseValue, PropertySlot::InternalMethodType::VMInquiry);
    457457    baseValue.getPropertySlot(exec, ident, slot);
    458     return jsCast<GetterSetter*>(slot.getPureResult());
     458    return slot.getPureResult().toObject(exec);
    459459}
    460460
     
    515515            init.set(JSBoundFunction::createStructure(init.vm, init.owner, init.owner->m_functionPrototype.get()));
    516516        });
     517    m_getterSetterStructure.set(vm, this, GetterSetter::createStructure(vm, this, jsNull()));
    517518    m_nativeStdFunctionStructure.initLater(
    518519        [] (const Initializer<Structure>& init) {
     
    939940    JSFunction* privateFuncSetBucketKey = JSFunction::create(vm, this, 0, String(), setPrivateFuncSetBucketKey, JSSetBucketKeyIntrinsic);
    940941
    941     GetterSetter* regExpProtoFlagsGetter = getGetterById(exec, m_regExpPrototype.get(), vm.propertyNames->flags);
     942    JSObject* regExpProtoFlagsGetterObject = getGetterById(exec, m_regExpPrototype.get(), vm.propertyNames->flags);
    942943    catchScope.assertNoException();
    943     GetterSetter* regExpProtoGlobalGetter = getGetterById(exec, m_regExpPrototype.get(), vm.propertyNames->global);
     944    JSObject* regExpProtoGlobalGetterObject = getGetterById(exec, m_regExpPrototype.get(), vm.propertyNames->global);
    944945    catchScope.assertNoException();
    945     m_regExpProtoGlobalGetter.set(vm, this, regExpProtoGlobalGetter);
    946     GetterSetter* regExpProtoIgnoreCaseGetter = getGetterById(exec, m_regExpPrototype.get(), vm.propertyNames->ignoreCase);
     946    m_regExpProtoGlobalGetter.set(vm, this, regExpProtoGlobalGetterObject);
     947    JSObject* regExpProtoIgnoreCaseGetterObject = getGetterById(exec, m_regExpPrototype.get(), vm.propertyNames->ignoreCase);
    947948    catchScope.assertNoException();
    948     GetterSetter* regExpProtoMultilineGetter = getGetterById(exec, m_regExpPrototype.get(), vm.propertyNames->multiline);
     949    JSObject* regExpProtoMultilineGetterObject = getGetterById(exec, m_regExpPrototype.get(), vm.propertyNames->multiline);
    949950    catchScope.assertNoException();
    950     GetterSetter* regExpProtoSourceGetter = getGetterById(exec, m_regExpPrototype.get(), vm.propertyNames->source);
     951    JSObject* regExpProtoSourceGetterObject = getGetterById(exec, m_regExpPrototype.get(), vm.propertyNames->source);
    951952    catchScope.assertNoException();
    952     GetterSetter* regExpProtoStickyGetter = getGetterById(exec, m_regExpPrototype.get(), vm.propertyNames->sticky);
     953    JSObject* regExpProtoStickyGetterObject = getGetterById(exec, m_regExpPrototype.get(), vm.propertyNames->sticky);
    953954    catchScope.assertNoException();
    954     GetterSetter* regExpProtoUnicodeGetter = getGetterById(exec, m_regExpPrototype.get(), vm.propertyNames->unicode);
     955    JSObject* regExpProtoUnicodeGetterObject = getGetterById(exec, m_regExpPrototype.get(), vm.propertyNames->unicode);
    955956    catchScope.assertNoException();
    956     m_regExpProtoUnicodeGetter.set(vm, this, regExpProtoUnicodeGetter);
     957    m_regExpProtoUnicodeGetter.set(vm, this, regExpProtoUnicodeGetterObject);
    957958    JSObject* builtinRegExpExec = asObject(m_regExpPrototype->getDirect(vm, vm.propertyNames->exec).asCell());
    958959    m_regExpProtoExec.set(vm, this, builtinRegExpExec);
     
    10241025        GlobalPropertyInfo(vm.propertyNames->builtinNames().isConstructorPrivateName(), JSFunction::create(vm, this, 1, String(), esSpecIsConstructor, NoIntrinsic), PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly),
    10251026
    1026         GlobalPropertyInfo(vm.propertyNames->builtinNames().regExpProtoFlagsGetterPrivateName(), regExpProtoFlagsGetter, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly),
    1027         GlobalPropertyInfo(vm.propertyNames->builtinNames().regExpProtoGlobalGetterPrivateName(), regExpProtoGlobalGetter, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly),
    1028         GlobalPropertyInfo(vm.propertyNames->builtinNames().regExpProtoIgnoreCaseGetterPrivateName(), regExpProtoIgnoreCaseGetter, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly),
    1029         GlobalPropertyInfo(vm.propertyNames->builtinNames().regExpProtoMultilineGetterPrivateName(), regExpProtoMultilineGetter, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly),
    1030         GlobalPropertyInfo(vm.propertyNames->builtinNames().regExpProtoSourceGetterPrivateName(), regExpProtoSourceGetter, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly),
    1031         GlobalPropertyInfo(vm.propertyNames->builtinNames().regExpProtoStickyGetterPrivateName(), regExpProtoStickyGetter, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly),
    1032         GlobalPropertyInfo(vm.propertyNames->builtinNames().regExpProtoUnicodeGetterPrivateName(), regExpProtoUnicodeGetter, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly),
     1027        GlobalPropertyInfo(vm.propertyNames->builtinNames().regExpProtoFlagsGetterPrivateName(), regExpProtoFlagsGetterObject, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly),
     1028        GlobalPropertyInfo(vm.propertyNames->builtinNames().regExpProtoGlobalGetterPrivateName(), regExpProtoGlobalGetterObject, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly),
     1029        GlobalPropertyInfo(vm.propertyNames->builtinNames().regExpProtoIgnoreCaseGetterPrivateName(), regExpProtoIgnoreCaseGetterObject, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly),
     1030        GlobalPropertyInfo(vm.propertyNames->builtinNames().regExpProtoMultilineGetterPrivateName(), regExpProtoMultilineGetterObject, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly),
     1031        GlobalPropertyInfo(vm.propertyNames->builtinNames().regExpProtoSourceGetterPrivateName(), regExpProtoSourceGetterObject, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly),
     1032        GlobalPropertyInfo(vm.propertyNames->builtinNames().regExpProtoStickyGetterPrivateName(), regExpProtoStickyGetterObject, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly),
     1033        GlobalPropertyInfo(vm.propertyNames->builtinNames().regExpProtoUnicodeGetterPrivateName(), regExpProtoUnicodeGetterObject, PropertyAttribute::DontEnum | PropertyAttribute::DontDelete | PropertyAttribute::ReadOnly),
    10331034
    10341035        // RegExp.prototype helpers.
     
    17601761    thisObject->m_customGetterSetterFunctionStructure.visit(visitor);
    17611762    thisObject->m_boundFunctionStructure.visit(visitor);
     1763    visitor.append(thisObject->m_getterSetterStructure);
    17621764    thisObject->m_nativeStdFunctionStructure.visit(visitor);
    17631765    visitor.append(thisObject->m_regExpStructure);
  • trunk/Source/JavaScriptCore/runtime/JSGlobalObject.h

    r250878 r250932  
    307307    WriteBarrier<JSObject> m_regExpProtoExec;
    308308    WriteBarrier<JSObject> m_regExpProtoSymbolReplace;
    309     WriteBarrier<GetterSetter> m_regExpProtoGlobalGetter;
    310     WriteBarrier<GetterSetter> m_regExpProtoUnicodeGetter;
     309    WriteBarrier<JSObject> m_regExpProtoGlobalGetter;
     310    WriteBarrier<JSObject> m_regExpProtoUnicodeGetter;
    311311    WriteBarrier<GetterSetter> m_throwTypeErrorArgumentsCalleeAndCallerGetterSetter;
    312312
     
    366366    LazyProperty<JSGlobalObject, Structure> m_boundFunctionStructure;
    367367    LazyProperty<JSGlobalObject, Structure> m_customGetterSetterFunctionStructure;
     368    WriteBarrier<Structure> m_getterSetterStructure;
    368369    LazyProperty<JSGlobalObject, Structure> m_nativeStdFunctionStructure;
    369370    PropertyOffset m_functionNameOffset;
     
    622623    JSObject* regExpProtoExecFunction() const { return m_regExpProtoExec.get(); }
    623624    JSObject* regExpProtoSymbolReplaceFunction() const { return m_regExpProtoSymbolReplace.get(); }
    624     GetterSetter* regExpProtoGlobalGetter() const { return m_regExpProtoGlobalGetter.get(); }
    625     GetterSetter* regExpProtoUnicodeGetter() const { return m_regExpProtoUnicodeGetter.get(); }
     625    JSObject* regExpProtoGlobalGetter() const { return m_regExpProtoGlobalGetter.get(); }
     626    JSObject* regExpProtoUnicodeGetter() const { return m_regExpProtoUnicodeGetter.get(); }
    626627    GetterSetter* throwTypeErrorArgumentsCalleeAndCallerGetterSetter()
    627628    {
     
    748749    Structure* boundFunctionStructure() const { return m_boundFunctionStructure.get(this); }
    749750    Structure* customGetterSetterFunctionStructure() const { return m_customGetterSetterFunctionStructure.get(this); }
     751    Structure* getterSetterStructure() const { return m_getterSetterStructure.get(); }
    750752    Structure* nativeStdFunctionStructure() const { return m_nativeStdFunctionStructure.get(this); }
    751753    PropertyOffset functionNameOffset() const { return m_functionNameOffset; }
  • trunk/Source/JavaScriptCore/runtime/JSType.h

    r250878 r250932  
    3030    BigIntType,
    3131
    32     GetterSetterType,
    3332    CustomGetterSetterType,
    3433    APIValueWrapperType,
     
    8988    DataViewType,
    9089    // End JSArrayBufferView types.
     90
     91    GetterSetterType,
    9192
    9293    // JSScope <- JSWithScope
  • trunk/Source/JavaScriptCore/runtime/VM.cpp

    r250878 r250932  
    343343    terminatedExecutionErrorStructure.set(*this, TerminatedExecutionError::createStructure(*this, 0, jsNull()));
    344344    propertyNameEnumeratorStructure.set(*this, JSPropertyNameEnumerator::createStructure(*this, 0, jsNull()));
    345     getterSetterStructure.set(*this, GetterSetter::createStructure(*this, 0, jsNull()));
    346345    customGetterSetterStructure.set(*this, CustomGetterSetter::createStructure(*this, 0, jsNull()));
    347346    domAttributeGetterSetterStructure.set(*this, DOMAttributeGetterSetter::createStructure(*this, 0, jsNull()));
  • trunk/Source/JavaScriptCore/runtime/VM.h

    r250878 r250932  
    505505    Strong<Structure> stringStructure;
    506506    Strong<Structure> propertyNameEnumeratorStructure;
    507     Strong<Structure> getterSetterStructure;
    508507    Strong<Structure> customGetterSetterStructure;
    509508    Strong<Structure> domAttributeGetterSetterStructure;
Note: See TracChangeset for help on using the changeset viewer.