Commit 58c86752 authored by oliver@apple.com's avatar oliver@apple.com

fourthTier: Re-worked non-local variable resolution

https://bugs.webkit.org/show_bug.cgi?id=117375

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

This patch has two goals:

(1) Simplicity.

    * Net removes 15 opcodes.
    * Net removes 2,000 lines of code.
    * Removes setPair() from the DFG: All DFG nodes have 1 result register now.

(2) Performance.

    * 2%-3% speedup on SunSpider (20% in LLInt and Baseline JIT)
    * 2% speedup on v8-spider
    * 10% speedup on js-regress-hashmap*
    * Amusing 2X speedup on js-regress-poly-stricteq

The bytecode now separates the scope chain resolution opcode from the
scope access opcode.

    OLD:
        get_scoped_var  r0, 1, 0
        inc             r0
        put_scoped_var  1, 0, r0

    NEW:
        resolve_scope   r0, x(@id0)
        get_from_scope  r1, r0, x(@id0)
        inc             r1
        put_to_scope    r0, x(@id0), r1

Also, we link non-local variable resolution opcodes at CodeBlock link
time instead of time of first opcode execution.

This means that we can represent all possible non-local variable
resolutions using just three opcodes, and any optimizations in these
opcodes naturally apply across-the-board.

* API/JSCTestRunnerUtils.cpp:
(JSC::numberOfDFGCompiles):
* GNUmakefile.list.am:
* JavaScriptCore.gypi:
* JavaScriptCore.order:
* JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Target.pri: Build!

* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpBytecode): Updated for removed things.

(JSC::CodeBlock::CodeBlock): Always provide the full scope chain when
creating a CodeBlock, so we can perform non-local variable resolution.

Added code to perform linking for these opcodes. This is where we figure
out which non-local variable resolutions are optimizable, and how.

(JSC::CodeBlock::finalizeUnconditionally):
(JSC::CodeBlock::noticeIncomingCall):
(JSC::CodeBlock::optimizeAfterWarmUp):
(JSC::CodeBlock::optimizeAfterLongWarmUp):
(JSC::CodeBlock::optimizeSoon): Updated for removed things.

* bytecode/CodeBlock.h:
(JSC::CodeBlock::needsActivation):
(JSC::GlobalCodeBlock::GlobalCodeBlock):
(JSC::ProgramCodeBlock::ProgramCodeBlock):
(JSC::EvalCodeBlock::EvalCodeBlock):
(JSC::FunctionCodeBlock::FunctionCodeBlock):
* bytecode/EvalCodeCache.h:
(JSC::EvalCodeCache::getSlow): Updated for interface changes.

* bytecode/GetByIdStatus.cpp:
(JSC::GetByIdStatus::computeFor): Treat global object access as
optimizable even though the global object has a custom property access
callback. This is what we've always done since, otherwise, we can't
optimize globals. (In future, we probably want to figure out a more
targeted policy than "any property access callback means no
optimization".)

* bytecode/GlobalResolveInfo.h: Removed.
* bytecode/Instruction.h:
* bytecode/Opcode.h:
(JSC::padOpcodeName):

* bytecode/PutByIdStatus.cpp:
(JSC::PutByIdStatus::computeFor): Like GetByIdStatus.

* bytecode/ResolveGlobalStatus.cpp: Removed.
* bytecode/ResolveGlobalStatus.h: Removed.
* bytecode/ResolveOperation.h: Removed.

* bytecode/UnlinkedCodeBlock.cpp:
(JSC::generateFunctionCodeBlock):
(JSC::UnlinkedFunctionExecutable::codeBlockFor):
(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
* bytecode/UnlinkedCodeBlock.h: Don't provide a scope chain to unlinked
code blocks. Giving a scope to an unscoped compilation unit invites
programming errors.

* bytecode/Watchpoint.h:
(JSC::WatchpointSet::addressOfIsInvalidated):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::resolveCallee):
(JSC::BytecodeGenerator::local):
(JSC::BytecodeGenerator::constLocal):
(JSC::BytecodeGenerator::resolveType):
(JSC::BytecodeGenerator::emitResolveScope):
(JSC::BytecodeGenerator::emitGetFromScope):
(JSC::BytecodeGenerator::emitPutToScope):
(JSC::BytecodeGenerator::emitInstanceOf):
(JSC::BytecodeGenerator::emitPushWithScope):
(JSC::BytecodeGenerator::emitPopScope):
(JSC::BytecodeGenerator::pushFinallyContext):
(JSC::BytecodeGenerator::emitComplexPopScopes):
(JSC::BytecodeGenerator::popTryAndEmitCatch):
(JSC::BytecodeGenerator::emitPushNameScope):
(JSC::BytecodeGenerator::isArgumentNumber):
* bytecompiler/BytecodeGenerator.h:
(JSC::Local::Local):
(JSC::Local::operator bool):
(JSC::Local::get):
(JSC::Local::isReadOnly):
(JSC::BytecodeGenerator::scopeDepth):
(JSC::BytecodeGenerator::shouldOptimizeLocals):
(JSC::BytecodeGenerator::canOptimizeNonLocals): Refactored the bytecode
generator to resolve all variables within local scope, as if there
were no non-local scope. This helps provide a separation of concerns:
unlinked bytecode is always scope-free, and the linking stage links
in the provided scope.

* bytecompiler/NodesCodegen.cpp:
(JSC::ResolveNode::isPure):
(JSC::ResolveNode::emitBytecode):
(JSC::EvalFunctionCallNode::emitBytecode):
(JSC::FunctionCallResolveNode::emitBytecode):
(JSC::PostfixNode::emitResolve):
(JSC::DeleteResolveNode::emitBytecode):
(JSC::TypeOfResolveNode::emitBytecode):
(JSC::PrefixNode::emitResolve):
(JSC::ReadModifyResolveNode::emitBytecode):
(JSC::AssignResolveNode::emitBytecode):
(JSC::ConstDeclNode::emitCodeSingle):
(JSC::ForInNode::emitBytecode): A bunch of this codegen is no longer
necessary, since it's redundant with the linking stage.

* dfg/DFGAbstractState.cpp:
(JSC::DFG::AbstractState::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::ByteCodeParser):
(JSC::DFG::ByteCodeParser::cellConstantWithStructureCheck):
(JSC::DFG::ByteCodeParser::handlePutByOffset):
(JSC::DFG::ByteCodeParser::handleGetById):
(JSC::DFG::ByteCodeParser::parseBlock): Updated for interface changes.
Notably, we can reuse existing DFG nodes -- but the mapping between
bytecode and DFG nodes has changed, and some nodes and corner cases have
been removed.

* dfg/DFGCSEPhase.cpp:
(JSC::DFG::CSEPhase::scopedVarLoadElimination):
(JSC::DFG::CSEPhase::varInjectionWatchpointElimination):
(JSC::DFG::CSEPhase::globalVarStoreElimination):
(JSC::DFG::CSEPhase::scopedVarStoreElimination):
(JSC::DFG::CSEPhase::getLocalLoadElimination):
(JSC::DFG::CSEPhase::setLocalStoreElimination):
(JSC::DFG::CSEPhase::performNodeCSE): Added CSE for var injection
watchpoints. Even though watchpoints are "free", they're quite common
inside code that's subject to var injection, so I figured we'd save a
little memory.

* dfg/DFGCapabilities.cpp:
(JSC::DFG::capabilityLevel):
* dfg/DFGCapabilities.h: Removed detection for old forms.

* dfg/DFGDriver.h:
(JSC::DFG::tryCompile):
(JSC::DFG::tryCompileFunction):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGGraph.h:
* dfg/DFGJITCode.cpp:
* dfg/DFGNode.h:
(JSC::DFG::Node::convertToStructureTransitionWatchpoint):
(JSC::DFG::Node::hasVarNumber):
(JSC::DFG::Node::hasIdentifierNumberForCheck):
(JSC::DFG::Node::hasRegisterPointer):
(JSC::DFG::Node::hasHeapPrediction):
* dfg/DFGNodeType.h:
* dfg/DFGOperations.cpp:
* dfg/DFGOperations.h:
* dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate):
* dfg/DFGRepatch.h:
(JSC::DFG::dfgResetGetByID):
(JSC::DFG::dfgResetPutByID):
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation): Removed some unneeded things,
and updated for renames.

* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile): The two primary changes here are:

(1) Use a watchpoint for var injection instead of looping over the scope
chain and checking. This is more efficient and much easier to model in
code generation.

(2) I've eliminated the notion of an optimized global assignment that
needs to check for whether it should fire a watchpiont. Instead, we
fire pre-emptively at the point of optimization. This removes a bunch
of edge cases, and it seems like a more honest representation of
the fact that our new optimization contradicts our old one.

* dfg/DFGTypeCheckHoistingPhase.cpp:
(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantStructureChecks):
(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantArrayChecks):
* heap/DFGCodeBlocks.cpp:
(JSC::DFGCodeBlocks::jettison):
* interpreter/CallFrame.h:
(JSC::ExecState::trueCallFrame): Removed stuff that's unused now, and
fixed the build.

* interpreter/Interpreter.cpp:
(JSC::eval):
(JSC::getBytecodeOffsetForCallFrame):
(JSC::getCallerInfo):
(JSC::Interpreter::throwException): Updated exception scope tracking
to match the rest of our linking strategy: The unlinked bytecode compiles
exception scope as if non-local scope did not exist, and we add in
non-local scope at link time. This means that we can restore the right
scope depth based on a simple number, without checking the contents of
the scope chain.

(JSC::Interpreter::execute): Make sure to establish the full scope chain
before linking eval code. We now require the full scope chain at link
time, in order to link non-local variable resolution opcodes.

* jit/JIT.cpp:
(JSC::JIT::JIT):
(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_add):
* jit/JITCode.cpp:
* jit/JITOpcodes.cpp:
(JSC::JIT::emitSlow_op_bitxor):
(JSC::JIT::emitSlow_op_bitor):
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emitSlow_op_to_primitive):
(JSC::JIT::emit_op_strcat):
(JSC::JIT::emitSlow_op_create_this):
(JSC::JIT::emitSlow_op_to_this):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emitVarInjectionCheck):
(JSC::JIT::emitResolveClosure):
(JSC::JIT::emit_op_resolve_scope):
(JSC::JIT::emitSlow_op_resolve_scope):
(JSC::JIT::emitLoadWithStructureCheck):
(JSC::JIT::emitGetGlobalProperty):
(JSC::JIT::emitGetGlobalVar):
(JSC::JIT::emitGetClosureVar):
(JSC::JIT::emit_op_get_from_scope):
(JSC::JIT::emitSlow_op_get_from_scope):
(JSC::JIT::emitPutGlobalProperty):
(JSC::JIT::emitPutGlobalVar):
(JSC::JIT::emitPutClosureVar):
(JSC::JIT::emit_op_put_to_scope):
(JSC::JIT::emitSlow_op_put_to_scope):
(JSC::JIT::emit_op_init_global_const):
* jit/JITPropertyAccess32_64.cpp:
(JSC::JIT::emitVarInjectionCheck):
(JSC::JIT::emitResolveClosure):
(JSC::JIT::emit_op_resolve_scope):
(JSC::JIT::emitSlow_op_resolve_scope):
(JSC::JIT::emitLoadWithStructureCheck):
(JSC::JIT::emitGetGlobalProperty):
(JSC::JIT::emitGetGlobalVar):
(JSC::JIT::emitGetClosureVar):
(JSC::JIT::emit_op_get_from_scope):
(JSC::JIT::emitSlow_op_get_from_scope):
(JSC::JIT::emitPutGlobalProperty):
(JSC::JIT::emitPutGlobalVar):
(JSC::JIT::emitPutClosureVar):
(JSC::JIT::emit_op_put_to_scope):
(JSC::JIT::emitSlow_op_put_to_scope):
(JSC::JIT::emit_op_init_global_const):
* jit/JITStubs.cpp:
(JSC::DEFINE_STUB_FUNCTION):
* jit/JITStubs.h: Re-wrote baseline JIT codegen for our new variable
resolution model.

* llint/LLIntData.cpp:
(JSC::LLInt::Data::performAssertions):
* llint/LLIntSlowPaths.cpp:
* llint/LLIntSlowPaths.h:
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter.cpp:
(JSC::CLoop::execute):
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm: Ditto for LLInt.

* offlineasm/x86.rb: Fixed a pre-existing encoding bug for a syntactic
form that we never used before.

* runtime/ArrayPrototype.cpp:
(JSC::arrayProtoFuncToString):
(JSC::arrayProtoFuncToLocaleString):
(JSC::arrayProtoFuncJoin):
(JSC::arrayProtoFuncConcat):
(JSC::arrayProtoFuncPop):
(JSC::arrayProtoFuncPush):
(JSC::arrayProtoFuncReverse):
(JSC::arrayProtoFuncShift):
(JSC::arrayProtoFuncSlice):
(JSC::arrayProtoFuncSort):
(JSC::arrayProtoFuncSplice):
(JSC::arrayProtoFuncUnShift):
(JSC::arrayProtoFuncFilter):
(JSC::arrayProtoFuncMap):
(JSC::arrayProtoFuncEvery):
(JSC::arrayProtoFuncForEach):
(JSC::arrayProtoFuncSome):
(JSC::arrayProtoFuncReduce):
(JSC::arrayProtoFuncReduceRight):
(JSC::arrayProtoFuncIndexOf):
(JSC::arrayProtoFuncLastIndexOf): Fixed some pre-existing bugs in
'this' value conversion, which I made much more common by removing
special cases in bytecode generation.

These functions need to invoke toThis() because they observe the 'this'
value. Also, toLocaleString() is specified to accept non-array 'this'
values.

(Most other host functions don't need this fix because they perform
strict 'this' checking, which never coerces unexpected types.)

* runtime/CodeCache.cpp:
(JSC::CodeCache::getCodeBlock):
(JSC::CodeCache::getProgramCodeBlock):
(JSC::CodeCache::getEvalCodeBlock):
* runtime/CodeCache.h: Don't supply a scope to the unlinked code cache.
Unlinked code is supposed to be scope-free, so let's have the compiler
help verify that.

* runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
* runtime/CommonSlowPaths.h:
* runtime/Executable.cpp:
(JSC::EvalExecutable::create):
(JSC::EvalExecutable::compileInternal):
(JSC::ProgramExecutable::compileInternal):
(JSC::FunctionExecutable::produceCodeBlockFor):
(JSC::FunctionExecutable::compileForCallInternal):
(JSC::FunctionExecutable::compileForConstructInternal):
* runtime/Executable.h:
(JSC::EvalExecutable::numVariables):
(JSC::EvalExecutable::numberOfFunctionDecls):
* runtime/ExecutionHarness.h:
(JSC::prepareForExecutionImpl):
(JSC::prepareFunctionForExecutionImpl):
(JSC::installOptimizedCode): Fiddled with executable initialization so
that we can always generate a full scope chain before we go to link a
code block. We need this because code block linking now depends on the
scope chain to link non-local variable resolution opcodes.

* runtime/JSActivation.h:
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::JSGlobalObject):
(JSC::JSGlobalObject::createEvalCodeBlock):
* runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::varInjectionWatchpoint):
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::globalFuncEval):
* runtime/JSNameScope.h:
* runtime/JSScope.cpp:
(JSC::abstractAccess):
(JSC::JSScope::objectAtScope):
(JSC::JSScope::depth):
(JSC::JSScope::resolve):
(JSC::JSScope::abstractResolve): Updated to match changes explained above.

* runtime/JSScope.h:
(JSC::makeType):
(JSC::needsVarInjectionChecks):
(JSC::ResolveOp::ResolveOp):
(JSC::ResolveModeAndType::ResolveModeAndType):
(JSC::ResolveModeAndType::mode):
(JSC::ResolveModeAndType::type):
(JSC::ResolveModeAndType::operand): Removed the old variable resolution
state machine, since it's unused now. Added logic for performing abstract
variable resolution at link time. This is used by codeblock linking.

* runtime/ObjectPrototype.cpp:
(JSC::objectProtoFuncValueOf):
(JSC::objectProtoFuncHasOwnProperty):
(JSC::objectProtoFuncIsPrototypeOf):
(JSC::objectProtoFuncDefineGetter):
(JSC::objectProtoFuncDefineSetter):
(JSC::objectProtoFuncLookupGetter):
(JSC::objectProtoFuncLookupSetter):
(JSC::objectProtoFuncPropertyIsEnumerable):
(JSC::objectProtoFuncToLocaleString):
(JSC::objectProtoFuncToString): Fixed some pre-existing bugs in
'this' value conversion, which I made much more common by removing
special cases in bytecode generation.

These functions need to invoke toThis() because they observe the 'this'
value.

* runtime/StringPrototype.cpp:
(JSC::checkObjectCoercible):
(JSC::stringProtoFuncReplace):
(JSC::stringProtoFuncCharAt):
(JSC::stringProtoFuncCharCodeAt):
(JSC::stringProtoFuncConcat):
(JSC::stringProtoFuncIndexOf):
(JSC::stringProtoFuncLastIndexOf):
(JSC::stringProtoFuncMatch):
(JSC::stringProtoFuncSearch):
(JSC::stringProtoFuncSlice):
(JSC::stringProtoFuncSplit):
(JSC::stringProtoFuncSubstr):
(JSC::stringProtoFuncSubstring):
(JSC::stringProtoFuncToLowerCase):
(JSC::stringProtoFuncToUpperCase):
(JSC::stringProtoFuncLocaleCompare):
(JSC::stringProtoFuncBig):
(JSC::stringProtoFuncSmall):
(JSC::stringProtoFuncBlink):
(JSC::stringProtoFuncBold):
(JSC::stringProtoFuncFixed):
(JSC::stringProtoFuncItalics):
(JSC::stringProtoFuncStrike):
(JSC::stringProtoFuncSub):
(JSC::stringProtoFuncSup):
(JSC::stringProtoFuncFontcolor):
(JSC::stringProtoFuncFontsize):
(JSC::stringProtoFuncAnchor):
(JSC::stringProtoFuncLink):
(JSC::trimString): Fixed some pre-existing bugs in
'this' value conversion, which I made much more common by removing
special cases in bytecode generation.

These functions need to invoke toThis() because they observe the 'this'
value.

* runtime/StructureRareData.cpp:
* runtime/VM.cpp:
(JSC::VM::~VM):

* runtime/WriteBarrier.h:
(JSC::WriteBarrierBase::slot): Modified to reduce casting in client code.

LayoutTests:

This patch removed special-case 'this' resolution from bytecode, making
some pre-existing edge cases in 'this' value treatment much more common.

I updated the test results below, and added some tests, to match bug
fixes for these cases.

* fast/js/script-tests/array-functions-non-arrays.js:
* fast/js/array-functions-non-arrays-expected.txt: As specified, it's
not an error to pass a non-array to toLocaleString. Our new result
matches Firefox and Chrome.

* fast/js/array-prototype-properties-expected.txt: Updated for slightly
clearer error message.

* fast/js/basic-strict-mode-expected.txt: Updated for slightly more
standard error message.

* fast/js/object-prototype-toString-expected.txt: Added.
* fast/js/object-prototype-toString.html: Added. This test demonstrates
why we now fail a Sputnik test below, while Firefox and Chrome pass it.
(The test doesn't test what it thinks it tests, and this test verifies
that we get right what it does think it tests.)

* fast/js/string-prototype-function-this-expected.txt: Added.
* fast/js/string-prototype-function-this.html: Added. This test shows
that we CheckObjectCoercible in string prototype functions. (We used
to get this wrong, but Sputnik tests made it seem like we got it right
because they didn't test the dynamic scope case.)

* sputnik/Conformance/11_Expressions/11.1_Primary_Expressions/11.1.1_The_this_Keyword/S11.1.1_A2-expected.txt:
* sputnik/Conformance/15_Native_Objects/15.4_Array/15.4.4/15.4.4.3_Array_prototype_toLocaleString/S15.4.4.3_A2_T1-expected.txt:
* sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.10_String.prototype.match/S15.5.4.10_A1_T3-expected.txt:
* sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.11_String.prototype.replace/S15.5.4.11_A1_T3-expected.txt:
* sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.12_String.prototype.search/S15.5.4.12_A1_T3-expected.txt:
* sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.13_String.prototype.slice/S15.5.4.13_A1_T3-expected.txt:
* sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.14_String.prototype.split/S15.5.4.14_A1_T3-expected.txt:
* sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.15_String.prototype.substring/S15.5.4.15_A1_T3-expected.txt:
* sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.6_String.prototype.concat/S15.5.4.6_A1_T3-expected.txt:
* sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.7_String.prototype.indexOf/S15.5.4.7_A1_T3-expected.txt:
* sputnik/Conformance/15_Native_Objects/15.5_String/15.5.4/15.5.4.8_String.prototype.lastIndexOf/S15.5.4.8_A1_T3-expected.txt:

Updated to show failing results. Firefox and Chrome also fail these
tests, and the ES5 spec seems to mandate failure. Because these tests
resolve a String.prototype function at global scope, the 'this' value
for the call is an environment record. Logically, an environment record
converts to 'undefined' at the call site, and should then fail the
CheckObjectCoercible test.

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153221 268f45cc-cd09-0410-ab3c-d52691b4dbfc
parent d05719a4
2013-06-11 Geoffrey Garen <ggaren@apple.com>
Rolled back in <http://trac.webkit.org/changeset/151363>.
Rubber stamped by Phil Pizlo.
2013-06-09 Filip Pizlo <fpizlo@apple.com>
Merge trunk r146653.
......@@ -17,7 +17,7 @@ PASS Array.prototype.toString.call({__proto__: Array.prototype, 0: 'a', 1: 'b',
PASS ({__proto__: Array.prototype, 0: 'a', 1: 'b', 2: 'c', length: 3, join: function() { return 'join' }}).toString() is "join"
PASS Array.prototype.toString.call(42) is "Number.prototype.join:42"
PASS [0, 1, 2].toString() is "array-join"
PASS Array.prototype.toLocaleString.call({}) threw exception TypeError: Type error.
PASS Array.prototype.toLocaleString.call({}) is ""
PASS Array.prototype.concat.call(x = { length:2, 0:'b', 1:'a' }) is [x]
PASS Array.prototype.join.call({}) is ''
PASS Array.prototype.join.call(['b', 'a']) is 'b,a'
......
......@@ -4,7 +4,7 @@ On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE
PASS Array.prototype.toString.call(undefined) threw exception TypeError: undefined is not an object (evaluating 'Array.prototype.toString.call(undefined)').
PASS Array.prototype.toLocaleString.call(undefined) threw exception TypeError: Type error.
PASS Array.prototype.toLocaleString.call(undefined) threw exception TypeError: undefined is not an object (evaluating 'Array.prototype.toLocaleString.call(undefined)').
PASS Array.prototype.concat.call(undefined, []) threw exception TypeError: undefined is not an object (evaluating 'Array.prototype.concat.call(undefined, [])').
PASS Array.prototype.join.call(undefined, []) threw exception TypeError: undefined is not an object (evaluating 'Array.prototype.join.call(undefined, [])').
PASS Array.prototype.pop.call(undefined) threw exception TypeError: undefined is not an object (evaluating 'Array.prototype.pop.call(undefined)').
......
......@@ -105,7 +105,7 @@ PASS (function(){'use strict'; (function (){ delete someDeclaredGlobal;})}) thre
PASS (function (){ 'use strict'; delete someDeclaredGlobal;}) threw exception SyntaxError: Cannot delete unqualified property 'someDeclaredGlobal' in strict mode.
PASS (function(){(function (){ 'use strict'; delete someDeclaredGlobal;})}) threw exception SyntaxError: Cannot delete unqualified property 'someDeclaredGlobal' in strict mode.
PASS 'use strict'; if (0) { someGlobal = 'Shouldn\'t be able to assign this.'; }; true; is true
PASS 'use strict'; someGlobal = 'Shouldn\'t be able to assign this.'; threw exception ReferenceError: Strict mode forbids implicit creation of global property 'someGlobal'.
PASS 'use strict'; someGlobal = 'Shouldn\'t be able to assign this.'; threw exception ReferenceError: Can't find variable: someGlobal.
PASS 'use strict'; (function f(){ f = 'shouldn\'t be able to assign to function expression name'; })() threw exception TypeError: Attempted to assign to readonly property..
PASS 'use strict'; eval('var introducedVariable = "FAIL: variable introduced into containing scope";'); introducedVariable threw exception ReferenceError: Can't find variable: introducedVariable.
PASS 'use strict'; objectWithReadonlyProperty.prop = 'fail' threw exception TypeError: Attempted to assign to readonly property..
......
......@@ -91,7 +91,7 @@ Array.prototype.join = function() { return 'array-join' };
shouldBe("[0, 1, 2].toString()", '"array-join"');
Array.prototype.join = arrayJoin;
shouldThrow("Array.prototype.toLocaleString.call({})");
shouldBe("Array.prototype.toLocaleString.call({})", '"' + '"');
shouldBe("Array.prototype.concat.call(x = { length:2, 0:'b', 1:'a' })", "[x]");
......
S11.1.1_A2
PASS
FAIL SputnikError: #1: this.toString() === toString(). Actual: [object Window]
TEST COMPLETE
S15.4.4.3_A2_T1
PASS
FAIL SputnikError: #1.2: var obj = {}; obj.toLocaleString = Array.prototype.toLocaleString; obj.toLocaleString() throw TypeError. Actual: SputnikError: #1.1: var obj = {}; obj.toLocaleString = Array.prototype.toLocaleString; obj.toLocaleString() throw TypeError. Actual:
TEST COMPLETE
2013-06-11 Geoffrey Garen <ggaren@apple.com>
Rolled back in <http://trac.webkit.org/changeset/151363>.
Rubber stamped by Phil Pizlo.
The ASSERTs were due to the bytecode parser performing a
StructureTransitionWatchpoint optimization in a case where the CFA
wouldn't because the CFA could prove that the watchpoint would contradict
a preceding CheckStructure.
I fixed this by removing the bytecode parser optimization: now, we fully
rely on CFA and constant folding to optimize structure checks when
possible.
I verified that there's no performance change vs doing the optimization
in the bytecode parser. (The optimization is very simple, so this is not
surprising.)
2013-06-10 Mark Hahnenberg <mhahnenberg@apple.com>
isContravenedByStructure is backwards
https://bugs.webkit.org/show_bug.cgi?id=117366
We should be checking if arrayModeForStructure(structure) is a
subset of arrayModesThatPassFiltering(), not the other way around.
Also renamed isContravenedByStructure to better reflect what the
function is trying to determine.
Rubber stamped by Filip Pizlo.
* dfg/DFGArrayMode.h:
(JSC::DFG::ArrayMode::structureWouldPassArrayModeFiltering):
* dfg/DFGTypeCheckHoistingPhase.cpp:
(JSC::DFG::TypeCheckHoistingPhase::noticeStructureCheckAccountingForArrayMode):
(JSC::DFG::ArrayTypeCheck::isContravenedByValue):
2013-06-10 Mark Hahnenberg <mhahnenberg@apple.com>
isContravenedByStructure is backwards
......
......@@ -143,9 +143,6 @@ javascriptcore_sources += \
Source/JavaScriptCore/bytecode/PutKind.h \
Source/JavaScriptCore/bytecode/ReduceWhitespace.cpp \
Source/JavaScriptCore/bytecode/ReduceWhitespace.h \
Source/JavaScriptCore/bytecode/ResolveGlobalStatus.cpp \
Source/JavaScriptCore/bytecode/ResolveGlobalStatus.h \
Source/JavaScriptCore/bytecode/ResolveOperation.h \
Source/JavaScriptCore/bytecode/SamplingTool.cpp \
Source/JavaScriptCore/bytecode/SamplingTool.h \
Source/JavaScriptCore/bytecode/SpecialPointer.cpp \
......
......@@ -532,25 +532,21 @@ __ZN3JSC11ResolveNode12emitBytecodeERNS_17BytecodeGeneratorEPNS_10RegisterIDE
__ZN3JSC17BytecodeGenerator11registerForERKNS_10IdentifierE
__ZN3JSC17BytecodeGenerator11emitResolveEPNS_10RegisterIDERKNS_10IdentifierE
__ZN3JSC17BytecodeGenerator18findScopedPropertyERKNS_10IdentifierERiRmbRbRPNS_8JSObjectE
__ZN3WTF6VectorIN3JSC17GlobalResolveInfoELm0EE14expandCapacityEm
__ZN3JSC17BytecodeGenerator11addConstantERKNS_10IdentifierE
__ZN3WTF6VectorIN3JSC10IdentifierELm0EE14expandCapacityEmPKS2_
__ZN3WTF6VectorIN3JSC10IdentifierELm0EE15reserveCapacityEm
__ZN3JSC17BytecodeGenerator11emitGetByIdEPNS_10RegisterIDES2_RKNS_10IdentifierE
__ZN3WTF6VectorIN3JSC17StructureStubInfoELm0EE14expandCapacityEm
__ZN3JSC3JIT22emit_op_resolve_globalEPNS_11InstructionEb
__ZN3WTF6VectorIN3JSC13SlowCaseEntryELm0EE14expandCapacityEmPKS2_
__ZN3WTF6VectorIN3JSC13SlowCaseEntryELm0EE14expandCapacityEm
__ZN3JSC3JIT17emit_op_get_by_idEPNS_11InstructionE
__ZN3JSC3JIT21compileGetByIdHotPathEiiPNS_10IdentifierEj
__ZN3JSC3JIT26emitSlow_op_resolve_globalEPNS_11InstructionERPNS_13SlowCaseEntryE
__ZN3JSC20MacroAssemblerX86_648storePtrENS_22AbstractMacroAssemblerINS_12X86AssemblerEE13TrustedImmPtrENS3_15ImplicitAddressE
__ZN3JSC11JITStubCall4callEj
__ZN3WTF6VectorIN3JSC10CallRecordELm0EE15reserveCapacityEm
__ZN3JSC3JIT21emitSlow_op_get_by_idEPNS_11InstructionERPNS_13SlowCaseEntryE
__ZN3JSC3JIT22compileGetByIdSlowCaseEiiPNS_10IdentifierERPNS_13SlowCaseEntryEb
__ZN3JSC11JITStubCall4callEv
_cti_op_resolve_global
__ZN3JSC15ObjectPrototype18getOwnPropertySlotEPNS_9ExecStateERKNS_10IdentifierERNS_12PropertySlotE
__ZN3JSC10Identifier8toUInt32ERKNS_7UStringERb
__ZN3WTF12AtomicString4findEPKtjj
......@@ -796,7 +792,6 @@ __ZNK3JSC11ResolveNode13isResolveNodeEv
__ZN3JSC17BytecodeGenerator12addParameterERKNS_10IdentifierEi
__ZN3JSC23FunctionCallResolveNode12emitBytecodeERNS_17BytecodeGeneratorEPNS_10RegisterIDE
__ZNK3JSC16JSVariableObject16isVariableObjectEv
__ZN3JSC17BytecodeGenerator16emitGetScopedVarEPNS_10RegisterIDEmiNS_7JSValueE
__ZN3JSC3JIT22emit_op_get_global_varEPNS_11InstructionE
__ZN3JSC8JSParser19parseVarDeclarationINS_10ASTBuilderEEENT_9StatementERS3_
__ZN3WTF6VectorISt4pairIPKN3JSC10IdentifierEjELm0EE15reserveCapacityEm
......@@ -940,8 +935,6 @@ __ZN3JSC17BytecodeGenerator9emitCatchEPNS_10RegisterIDEPNS_5LabelES4_
__ZN3WTF6VectorIN3JSC11HandlerInfoELm0EE14expandCapacityEm
__ZN3JSC17BytecodeGenerator16emitPushNewScopeEPNS_10RegisterIDERKNS_10IdentifierES2_
__ZN3WTF6VectorIN3JSC18ControlFlowContextELm0EE14expandCapacityEm
__ZN3JSC17BytecodeGenerator21emitResolveBaseForPutEPNS_10RegisterIDERKNS_10IdentifierE
__ZN3JSC17BytecodeGenerator15emitResolveBaseEPNS_10RegisterIDERKNS_10IdentifierE
__ZN3JSC17BytecodeGenerator12emitPopScopeEv
__ZN3JSC9EqualNode12emitBytecodeERNS_17BytecodeGeneratorEPNS_10RegisterIDE
__ZN3JSC17BytecodeGenerator14emitEqualityOpENS_8OpcodeIDEPNS_10RegisterIDES3_S3_
......@@ -951,13 +944,10 @@ __ZN3JSC20MacroAssemblerX86_6413branchTestPtrENS_23MacroAssemblerX86Common15Resu
__ZN3JSC3JIT11emit_op_neqEPNS_11InstructionE
__ZN3JSC12X86Assembler6orl_irEiNS_12X86Registers10RegisterIDE
__ZN3JSC3JIT13emit_op_jtrueEPNS_11InstructionE
__ZN3JSC3JIT25emit_op_resolve_with_baseEPNS_11InstructionE
__ZN3JSC3JIT17emit_op_call_evalEPNS_11InstructionE
__ZN3JSC3JIT13emit_op_catchEPNS_11InstructionE
__ZN3JSC20MacroAssemblerX86_647loadPtrENS_22AbstractMacroAssemblerINS_12X86AssemblerEE15ImplicitAddressENS_12X86Registers10RegisterIDE
__ZN3JSC3JIT22emit_op_push_new_scopeEPNS_11InstructionE
__ZN3JSC3JIT20emit_op_resolve_baseEPNS_11InstructionE
__ZN3JSC3JIT15emit_op_resolveEPNS_11InstructionE
__ZN3JSC3JIT17emit_op_pop_scopeEPNS_11InstructionE
__ZN3JSC3JIT10emit_op_eqEPNS_11InstructionE
__ZN3JSC3JIT27emit_op_tear_off_activationEPNS_11InstructionE
......@@ -970,7 +960,6 @@ __ZN3JSC12JSActivationC1EPNS_9ExecStateEPNS_18FunctionExecutableE
_cti_op_typeof
__ZN3JSC20jsTypeStringForValueEPNS_9ExecStateENS_7JSValueE
_cti_op_eq
_cti_op_resolve_with_base
__ZN3JSC12JSActivation18getOwnPropertySlotEPNS_9ExecStateERKNS_10IdentifierERNS_12PropertySlotE
_cti_op_call_eval
__ZN3JSC11Interpreter8callEvalEPNS_9ExecStateEPNS_12JSStackEPNS_8RegisterEii
......@@ -987,7 +976,6 @@ __ZN3JSC8EvalNodeD0Ev
__ZN3WTF7HashMapINS_6RefPtrINS_10StringImplEEEN3JSC12WriteBarrierINS4_14EvalExecutableEEENS_10StringHashENS_10HashTraitsIS3_EENS9_IS7_EEE3setEPS2_RKS7_
__ZN3WTF9HashTableINS_6RefPtrINS_10StringImplEEESt4pairIS3_N3JSC12WriteBarrierINS5_14EvalExecutableEEEENS_18PairFirstExtractorIS9_EENS_10StringHashENS_14PairHashTraitsINS_10HashTraitsIS3_EENSE_IS8_EEEESF_E6expandEv
__ZN3JSC11Interpreter7executeEPNS_14EvalExecutableEPNS_9ExecStateEPNS_8JSObjectEiPNS_14ScopeChainNodeE
_cti_op_resolve
_JSValueMakeBoolean
__ZN3JSC8JSParser20parseReturnStatementINS_10ASTBuilderEEENT_9StatementERS3_
__ZN3JSC10ASTBuilder11makeDivNodeEPNS_14ExpressionNodeES2_b
......@@ -1126,7 +1114,6 @@ __ZN3WTFL7multaddERNS_6BigIntEii
__ZN3WTFL4multERNS_6BigIntERKS0_
__ZN3WTF6VectorIjLm16EEaSERKS1_
__ZN3WTF6String6numberEd
__ZN3JSC17BytecodeGenerator16emitPutScopedVarEmiPNS_10RegisterIDENS_7JSValueE
__ZN3JSC3JIT22emit_op_put_global_varEPNS_11InstructionE
__ZN3JSC3JIT11emit_op_subEPNS_11InstructionE
__ZN3JSC3JIT15emitSlow_op_subEPNS_11InstructionERPNS_13SlowCaseEntryE
......@@ -1190,7 +1177,6 @@ _cti_op_call_arityCheck
_cti_op_in
__ZN3JSC12JSActivation13visitChildrenERNS_9MarkStackE
__ZNK3JSC12JSActivation14isDynamicScopeERb
__ZN3JSC3JIT22emit_op_get_scoped_varEPNS_11InstructionE
__ZN3JSC8JSParser19parseBreakStatementINS_10ASTBuilderEEENT_9StatementERS3_
__ZN3JSC15ConditionalNode12emitBytecodeERNS_17BytecodeGeneratorEPNS_10RegisterIDE
__ZN3JSC9BreakNode12emitBytecodeERNS_17BytecodeGeneratorEPNS_10RegisterIDE
......@@ -1208,7 +1194,6 @@ __ZN3JSC7UString6numberEd
__ZN3JSC9CodeBlock14visitAggregateERNS_9MarkStackE
__ZN3JSC13EvalCodeCache14visitAggregateERNS_9MarkStackE
__ZN3JSC17StructureStubInfo14visitAggregateERNS_9MarkStackE
_cti_op_resolve_base
__ZN3JSC17ObjectLiteralNode12emitBytecodeERNS_17BytecodeGeneratorEPNS_10RegisterIDE
__ZN3JSC16PropertyListNode12emitBytecodeERNS_17BytecodeGeneratorEPNS_10RegisterIDE
__ZN3JSC17BytecodeGenerator13emitNewObjectEPNS_10RegisterIDE
......@@ -1404,8 +1389,6 @@ __ZN3JSC15RegExpPrototype18getOwnPropertySlotEPNS_9ExecStateERKNS_10IdentifierER
__ZN3JSCL19regExpProtoFuncTestEPNS_9ExecStateE
__ZN3JSC12RegExpObject4testEPNS_9ExecStateE
__ZN3JSC12RegExpObject5matchEPNS_9ExecStateE
__ZN3JSC3JIT20emit_op_resolve_skipEPNS_11InstructionE
_cti_op_resolve_skip
__ZN3WTFeqERKNS_12AtomicStringERKNS_6VectorItLm0EEE
__ZN3WTF11OSAllocator18releaseDecommittedEPvm
__ZN3WTF12AtomicString16fromUTF8InternalEPKcS2_
......@@ -1619,8 +1602,6 @@ __ZN3WTF6VectorIPN3JSC14ExpressionNodeELm16EE14expandCapacityEm
__ZN3WTF6VectorINS_6RefPtrIN3JSC10RegisterIDEEELm16EE14expandCapacityEm
__ZN3WTF14FastMallocZone9forceLockEP14_malloc_zone_t
__ZN3WTF14FastMallocZone11forceUnlockEP14_malloc_zone_t
__ZN3JSC3JIT30emit_op_resolve_global_dynamicEPNS_11InstructionE
__ZN3JSC3JIT34emitSlow_op_resolve_global_dynamicEPNS_11InstructionERPNS_13SlowCaseEntryE
__ZN3WTF6VectorIN3JSC11StringRangeELm16EE14expandCapacityEmPKS2_
__ZN3WTF6VectorIN3JSC11StringRangeELm16EE15reserveCapacityEm
__ZN3WTF6VectorIN3JSC7UStringELm16EE14expandCapacityEmPKS2_
......@@ -2270,7 +2251,6 @@ __ZN3JSC27StrictModeTypeErrorFunction11getCallDataERNS_8CallDataE
__ZN3JSC27StrictModeTypeErrorFunction18callThrowTypeErrorEPNS_9ExecStateE
__ZN3JSC14throwTypeErrorEPNS_9ExecStateERKNS_7UStringE
__ZN3JSC9Arguments33createStrictModeCallerIfNecessaryEPNS_9ExecStateE
_cti_op_resolve_base_strict_put
__ZN3JSC37createErrorForInvalidGlobalAssignmentEPNS_9ExecStateERKNS_7UStringE
__ZN3JSC19JSStaticScopeObject3putEPNS_9ExecStateERKNS_10IdentifierENS_7JSValueERNS_15PutPropertySlotE
__ZN3JSC20StrictEvalActivationC1EPNS_9ExecStateE
......
......@@ -592,7 +592,6 @@
<ClInclude Include="..\bytecode\ExitKind.h" />
<ClInclude Include="..\bytecode\ExpressionRangeInfo.h" />
<ClInclude Include="..\bytecode\GetByIdStatus.h" />
<ClInclude Include="..\bytecode\GlobalResolveInfo.h" />
<ClInclude Include="..\bytecode\HandlerInfo.h" />
<ClInclude Include="..\bytecode\Instruction.h" />
<ClInclude Include="..\bytecode\JumpTable.h" />
......
......@@ -935,9 +935,6 @@
<ClInclude Include="..\bytecode\GetByIdStatus.h">
<Filter>bytecode</Filter>
</ClInclude>
<ClInclude Include="..\bytecode\GlobalResolveInfo.h">
<Filter>bytecode</Filter>
</ClInclude>
<ClInclude Include="..\bytecode\HandlerInfo.h">
<Filter>bytecode</Filter>
</ClInclude>
......
......@@ -380,8 +380,6 @@
0FF4275715914A20004CB9FF /* LinkBuffer.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0FF4275615914A20004CB9FF /* LinkBuffer.cpp */; };
0FF427641591A1CC004CB9FF /* DFGDisassembler.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0FF427611591A1C9004CB9FF /* DFGDisassembler.cpp */; };
0FF427651591A1CE004CB9FF /* DFGDisassembler.h in Headers */ = {isa = PBXBuildFile; fileRef = 0FF427621591A1C9004CB9FF /* DFGDisassembler.h */; settings = {ATTRIBUTES = (Private, ); }; };
0FF42771159275D5004CB9FF /* ResolveGlobalStatus.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0FF4276E159275D2004CB9FF /* ResolveGlobalStatus.cpp */; };
0FF42772159275D8004CB9FF /* ResolveGlobalStatus.h in Headers */ = {isa = PBXBuildFile; fileRef = 0FF4276F159275D2004CB9FF /* ResolveGlobalStatus.h */; settings = {ATTRIBUTES = (Private, ); }; };
0FF60AC216740F8300029779 /* ReduceWhitespace.h in Headers */ = {isa = PBXBuildFile; fileRef = 0FF60AC016740F8100029779 /* ReduceWhitespace.h */; settings = {ATTRIBUTES = (Private, ); }; };
0FF60AC316740F8800029779 /* ReduceWhitespace.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0FF60ABF16740F8100029779 /* ReduceWhitespace.cpp */; };
0FF7168C15A3B235008F5DAA /* PropertyOffset.h in Headers */ = {isa = PBXBuildFile; fileRef = 0FF7168A15A3B231008F5DAA /* PropertyOffset.h */; settings = {ATTRIBUTES = (Private, ); }; };
......@@ -788,7 +786,6 @@
A7A4AE0D17973B4D005612B1 /* JITStubsMIPS.h in Headers */ = {isa = PBXBuildFile; fileRef = A7A4AE0917973B4D005612B1 /* JITStubsMIPS.h */; };
A7A4AE0F17973B4D005612B1 /* JITStubsSH4.h in Headers */ = {isa = PBXBuildFile; fileRef = A7A4AE0B17973B4D005612B1 /* JITStubsSH4.h */; };
A7A4AE1017973B4D005612B1 /* JITStubsX86Common.h in Headers */ = {isa = PBXBuildFile; fileRef = A7A4AE0C17973B4D005612B1 /* JITStubsX86Common.h */; };
A7AFC17915F7EFE30048F57B /* ResolveOperation.h in Headers */ = {isa = PBXBuildFile; fileRef = A7AFC17715F7EFE30048F57B /* ResolveOperation.h */; settings = {ATTRIBUTES = (Private, ); }; };
A7B48F490EE8936F00DCBDB6 /* ExecutableAllocator.cpp in Sources */ = {isa = PBXBuildFile; fileRef = A7B48DB60EE74CFC00DCBDB6 /* ExecutableAllocator.cpp */; };
A7B4ACAF1484C9CE00B38A36 /* JSExportMacros.h in Headers */ = {isa = PBXBuildFile; fileRef = A7B4ACAE1484C9CE00B38A36 /* JSExportMacros.h */; settings = {ATTRIBUTES = (Private, ); }; };
A7B601821639FD2A00372BA3 /* UnlinkedCodeBlock.h in Headers */ = {isa = PBXBuildFile; fileRef = A79E781F15EECBA80047C855 /* UnlinkedCodeBlock.h */; settings = {ATTRIBUTES = (Private, ); }; };
......@@ -1406,8 +1403,6 @@
0FF4275615914A20004CB9FF /* LinkBuffer.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = LinkBuffer.cpp; sourceTree = "<group>"; };
0FF427611591A1C9004CB9FF /* DFGDisassembler.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = DFGDisassembler.cpp; path = dfg/DFGDisassembler.cpp; sourceTree = "<group>"; };
0FF427621591A1C9004CB9FF /* DFGDisassembler.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = DFGDisassembler.h; path = dfg/DFGDisassembler.h; sourceTree = "<group>"; };
0FF4276E159275D2004CB9FF /* ResolveGlobalStatus.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ResolveGlobalStatus.cpp; sourceTree = "<group>"; };
0FF4276F159275D2004CB9FF /* ResolveGlobalStatus.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ResolveGlobalStatus.h; sourceTree = "<group>"; };
0FF60ABF16740F8100029779 /* ReduceWhitespace.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ReduceWhitespace.cpp; sourceTree = "<group>"; };
0FF60AC016740F8100029779 /* ReduceWhitespace.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ReduceWhitespace.h; sourceTree = "<group>"; };
0FF7168A15A3B231008F5DAA /* PropertyOffset.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PropertyOffset.h; sourceTree = "<group>"; };
......@@ -1823,7 +1818,6 @@
A7A4AE0C17973B4D005612B1 /* JITStubsX86Common.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JITStubsX86Common.h; sourceTree = "<group>"; };
A7A7EE7411B98B8D0065A14F /* ASTBuilder.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ASTBuilder.h; sourceTree = "<group>"; };
A7A7EE7711B98B8D0065A14F /* SyntaxChecker.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SyntaxChecker.h; sourceTree = "<group>"; };
A7AFC17715F7EFE30048F57B /* ResolveOperation.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ResolveOperation.h; sourceTree = "<group>"; };
A7B48DB50EE74CFC00DCBDB6 /* ExecutableAllocator.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ExecutableAllocator.h; sourceTree = "<group>"; };
A7B48DB60EE74CFC00DCBDB6 /* ExecutableAllocator.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ExecutableAllocator.cpp; sourceTree = "<group>"; };
A7B4ACAE1484C9CE00B38A36 /* JSExportMacros.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSExportMacros.h; sourceTree = "<group>"; };
......@@ -3266,9 +3260,6 @@
0F9FC8C114E1B5FB00D52AE0 /* PutKind.h */,
0FF60ABF16740F8100029779 /* ReduceWhitespace.cpp */,
0FF60AC016740F8100029779 /* ReduceWhitespace.h */,
0FF4276E159275D2004CB9FF /* ResolveGlobalStatus.cpp */,
0FF4276F159275D2004CB9FF /* ResolveGlobalStatus.h */,
A7AFC17715F7EFE30048F57B /* ResolveOperation.h */,
1429D8830ED21C3D00B89619 /* SamplingTool.cpp */,
1429D8840ED21C3D00B89619 /* SamplingTool.h */,
0F5541AF1613C1FB00CE3E25 /* SpecialPointer.cpp */,
......@@ -3769,8 +3760,6 @@
969A072B0ED1CE6900F1F681 /* RegisterID.h in Headers */,
0FB7F39D15ED8E4600F167B2 /* Reject.h in Headers */,
86D3B3C410159D7F002865E7 /* RepatchBuffer.h in Headers */,
0FF42772159275D8004CB9FF /* ResolveGlobalStatus.h in Headers */,
A7AFC17915F7EFE30048F57B /* ResolveOperation.h in Headers */,
869EBCB70E8C6D4A008722CC /* ResultType.h in Headers */,
C22B31B9140577D700DB475A /* SamplingCounter.h in Headers */,
1429D8860ED21C3D00B89619 /* SamplingTool.h in Headers */,
......@@ -4494,7 +4483,6 @@
8642C512151C083D0046D4EF /* RegExpMatchesArray.cpp in Sources */,
14280843107EC0930013E7B2 /* RegExpObject.cpp in Sources */,
14280844107EC0930013E7B2 /* RegExpPrototype.cpp in Sources */,
0FF42771159275D5004CB9FF /* ResolveGlobalStatus.cpp in Sources */,
0F7700921402FF3C0078EB39 /* SamplingCounter.cpp in Sources */,
1429D8850ED21C3D00B89619 /* SamplingTool.cpp in Sources */,
C225494315F7DBAA0065E898 /* SlotVisitor.cpp in Sources */,
......
......@@ -72,7 +72,6 @@ SOURCES += \
bytecode/PreciseJumpTargets.cpp \
bytecode/PutByIdStatus.cpp \
bytecode/ReduceWhitespace.cpp \
bytecode/ResolveGlobalStatus.cpp \
bytecode/SamplingTool.cpp \
bytecode/SpecialPointer.cpp \
bytecode/SpeculatedType.cpp \
......
......@@ -65,7 +65,6 @@
#include "LineInfo.h"
#include "ProfilerCompilation.h"
#include "RegExpObject.h"
#include "ResolveOperation.h"
#include "StructureStubInfo.h"
#include "UnconditionalFinalizer.h"
#include "ValueProfile.h"
......@@ -98,8 +97,8 @@ public:
enum CopyParsedBlockTag { CopyParsedBlock };
protected:
CodeBlock(CopyParsedBlockTag, CodeBlock& other);
CodeBlock(ScriptExecutable* ownerExecutable, UnlinkedCodeBlock*, JSGlobalObject*, unsigned baseScopeDepth, PassRefPtr<SourceProvider>, unsigned sourceOffset, unsigned firstLineColumnOffset);
CodeBlock(ScriptExecutable* ownerExecutable, UnlinkedCodeBlock*, JSScope*, PassRefPtr<SourceProvider>, unsigned sourceOffset, unsigned firstLineColumnOffset);
WriteBarrier<JSGlobalObject> m_globalObject;
Heap* m_heap;
......@@ -363,7 +362,7 @@ public:
bool needsActivation() const
{
return needsFullScopeChain() && codeType() != GlobalCode;
return m_needsActivation;
}
bool isCaptured(int operand, InlineCallFrame* inlineCallFrame = 0) const
......@@ -979,9 +978,7 @@ private:
#if ENABLE(VALUE_PROFILER)
void dumpRareCaseProfile(PrintStream&, const char* name, RareCaseProfile*, bool& hasPrintedProfiling);
#endif
void visitStructures(SlotVisitor&, Instruction* vPC);
#if ENABLE(DFG_JIT)
bool shouldImmediatelyAssumeLivenessDuringScan()
{
......@@ -1091,9 +1088,6 @@ private:
uint16_t m_optimizationDelayCounter;
uint16_t m_reoptimizationRetryCounter;
Vector<ResolveOperations> m_resolveOperations;
Vector<PutToBaseOperation, 1> m_putToBaseOperations;
struct RareData {
WTF_MAKE_FAST_ALLOCATED;
public:
......@@ -1135,9 +1129,9 @@ protected:
: CodeBlock(CopyParsedBlock, other)
{
}
GlobalCodeBlock(ScriptExecutable* ownerExecutable, UnlinkedCodeBlock* unlinkedCodeBlock, JSGlobalObject* globalObject, unsigned baseScopeDepth, PassRefPtr<SourceProvider> sourceProvider, unsigned sourceOffset, unsigned firstLineColumnOffset)
: CodeBlock(ownerExecutable, unlinkedCodeBlock, globalObject, baseScopeDepth, sourceProvider, sourceOffset, firstLineColumnOffset)
GlobalCodeBlock(ScriptExecutable* ownerExecutable, UnlinkedCodeBlock* unlinkedCodeBlock, JSScope* scope, PassRefPtr<SourceProvider> sourceProvider, unsigned sourceOffset, unsigned firstLineColumnOffset)
: CodeBlock(ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, sourceOffset, firstLineColumnOffset)
{
}
};
......@@ -1149,8 +1143,8 @@ public:
{
}
ProgramCodeBlock(ProgramExecutable* ownerExecutable, UnlinkedProgramCodeBlock* unlinkedCodeBlock, JSGlobalObject* globalObject, PassRefPtr<SourceProvider> sourceProvider, unsigned firstLineColumnOffset)
: GlobalCodeBlock(ownerExecutable, unlinkedCodeBlock, globalObject, 0, sourceProvider, 0, firstLineColumnOffset)
ProgramCodeBlock(ProgramExecutable* ownerExecutable, UnlinkedProgramCodeBlock* unlinkedCodeBlock, JSScope* scope, PassRefPtr<SourceProvider> sourceProvider, unsigned firstLineColumnOffset)
: GlobalCodeBlock(ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, 0, firstLineColumnOffset)
{
}
......@@ -1174,9 +1168,9 @@ public:
: GlobalCodeBlock(CopyParsedBlock, other)
{
}
EvalCodeBlock(EvalExecutable* ownerExecutable, UnlinkedEvalCodeBlock* unlinkedCodeBlock, JSGlobalObject* globalObject, PassRefPtr<SourceProvider> sourceProvider, int baseScopeDepth)
: GlobalCodeBlock(ownerExecutable, unlinkedCodeBlock, globalObject, baseScopeDepth, sourceProvider, 0, 1)
EvalCodeBlock(EvalExecutable* ownerExecutable, UnlinkedEvalCodeBlock* unlinkedCodeBlock, JSScope* scope, PassRefPtr<SourceProvider> sourceProvider)
: GlobalCodeBlock(ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, 0, 1)
{
}
......@@ -1206,9 +1200,9 @@ public:
: CodeBlock(CopyParsedBlock, other)
{
}
FunctionCodeBlock(FunctionExecutable* ownerExecutable, UnlinkedFunctionCodeBlock* unlinkedCodeBlock, JSGlobalObject* globalObject, PassRefPtr<SourceProvider> sourceProvider, unsigned sourceOffset, unsigned firstLineColumnOffset)
: CodeBlock(ownerExecutable, unlinkedCodeBlock, globalObject, 0, sourceProvider, sourceOffset, firstLineColumnOffset)
FunctionCodeBlock(FunctionExecutable* ownerExecutable, UnlinkedFunctionCodeBlock* unlinkedCodeBlock, JSScope* scope, PassRefPtr<SourceProvider> sourceProvider, unsigned sourceOffset, unsigned firstLineColumnOffset)
: CodeBlock(ownerExecutable, unlinkedCodeBlock, scope, sourceProvider, sourceOffset, firstLineColumnOffset)
{
}
......
......@@ -38,7 +38,6 @@
namespace JSC {
class CodeCache;
class SlotVisitor;
class EvalCodeCache {
......@@ -50,29 +49,18 @@ namespace JSC {
return 0;
}
EvalExecutable* getSlow(ExecState* exec, CodeCache* codeCache, ScriptExecutable* owner, bool inStrictContext, const String& evalSource, JSScope* scope, JSValue& exceptionValue)
EvalExecutable* getSlow(ExecState* exec, ScriptExecutable* owner, bool inStrictContext, const String& evalSource, JSScope* scope)
{
EvalExecutable* evalExecutable = EvalExecutable::create(exec, codeCache, makeSource(evalSource), inStrictContext);
exceptionValue = evalExecutable->compile(exec, scope);
if (exceptionValue)
EvalExecutable* evalExecutable = EvalExecutable::create(exec, makeSource(evalSource), inStrictContext);
if (!evalExecutable)
return 0;
if (!inStrictContext && evalSource.length() < maxCacheableSourceLength && scope->begin()->isVariableObject() && m_cacheMap.size() < maxCacheEntries)
m_cacheMap.set(evalSource.impl(), WriteBarrier<EvalExecutable>(exec->vm(), owner, evalExecutable));
return evalExecutable;
}
EvalExecutable* get(ExecState* exec, CodeCache* codeCache, ScriptExecutable* owner, bool inStrictContext, const String& evalSource, JSScope* scope, JSValue& exceptionValue)
{
EvalExecutable* evalExecutable = tryGet(inStrictContext, evalSource, scope);
if (!evalExecutable)
evalExecutable = getSlow(exec, codeCache, owner, inStrictContext, evalSource, scope, exceptionValue);
return evalExecutable;
}
bool isEmpty() const { return m_cacheMap.isEmpty(); }
void visitAggregate(SlotVisitor&);
......
......@@ -260,10 +260,13 @@ GetByIdStatus GetByIdStatus::computeFor(VM& vm, Structure* structure, StringImpl
// For now we only handle the super simple self access case. We could handle the
// prototype case in the future.
if (!structure)
return GetByIdStatus(TakesSlowPath);
if (toUInt32FromStringImpl(uid) != PropertyName::NotAnIndex)
return GetByIdStatus(TakesSlowPath);
if (structure->typeInfo().overridesGetOwnPropertySlot())
if (structure->typeInfo().overridesGetOwnPropertySlot() && structure->typeInfo().type() != GlobalObjectType)
return GetByIdStatus(TakesSlowPath);
if (!structure->propertyAccessesAreCacheable())
......
/*
* Copyright (C) 2012 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
* OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef GlobalResolveInfo_h
#define GlobalResolveInfo_h
#include "WriteBarrier.h"
namespace JSC {
struct GlobalResolveInfo {
GlobalResolveInfo() { }
GlobalResolveInfo(unsigned bytecodeOffset)