• oliver@apple.com's avatar
    fourthTier: DFG should have its own notion of StructureChain, and it should be... · 98fb6bf1
    oliver@apple.com authored
    fourthTier: DFG should have its own notion of StructureChain, and it should be possible to validate it after compilation finishes
    https://bugs.webkit.org/show_bug.cgi?id=115841
    
    Reviewed by Oliver Hunt.
    
    This adds IntendedStructureChain, which is like StructureChain, except that it holds a bit
    more information and can be validated independantly of its owning Structure and lexical
    GlobalObject, since it remembers both of those things. It's also malloc'd and RefCounted
    rather than GC'd, so it can be allocated in a concurrent compilation thread.
    
    Gave this class a bunch of methods to allow the following idiom:
    
    - Snapshot a structure chain concurrently. This structure chain may end up being
      wrong in case of races, but in that case we will find out when we try to validate
      it.
    
    - Perform validation on the structure chain itself, without recomputing the chain.
      Previously, many chain validation methods (prototypeChainMayInterceptStoreTo() for
      example) recomputed the chain, and hence, were inherently racy: you could build one
      chain and then validate against a different chain, and hence not realize that the
      chain you did build was actually broken for your purposes, because the chain you
      checked was a different one.
    
    - Validate that the chain is still the right one at any time, allowing the cancellation
      of compilation if there was a race.
    
    Also added DFG::DesiredStructureChains, which tracks those intended structure chains that
    the compiler had already chosen to use. If any of those are invalid at link time, throw
    out the compilation.
    
    * JavaScriptCore.xcodeproj/project.pbxproj:
    * bytecode/GetByIdStatus.cpp:
    (JSC::GetByIdStatus::computeForChain):
    (JSC::GetByIdStatus::computeFor):
    * bytecode/GetByIdStatus.h:
    (JSC::GetByIdStatus::GetByIdStatus):
    (JSC::GetByIdStatus::chain):
    (GetByIdStatus):
    * bytecode/PutByIdStatus.cpp:
    (JSC::PutByIdStatus::computeFromLLInt):
    (JSC::PutByIdStatus::computeFor):
    * bytecode/PutByIdStatus.h:
    (JSC::PutByIdStatus::PutByIdStatus):
    (JSC::PutByIdStatus::structureChain):
    (PutByIdStatus):
    * dfg/DFGAbstractState.cpp:
    (JSC::DFG::AbstractState::executeEffects):
    * dfg/DFGByteCodeParser.cpp:
    (JSC::DFG::ByteCodeParser::handleGetById):
    (JSC::DFG::ByteCodeParser::parseBlock):
    * dfg/DFGConstantFoldingPhase.cpp:
    (JSC::DFG::ConstantFoldingPhase::foldConstants):
    * dfg/DFGDesiredStructureChains.cpp: Added.
    (DFG):
    (JSC::DFG::DesiredStructureChains::DesiredStructureChains):
    (JSC::DFG::DesiredStructureChains::~DesiredStructureChains):
    (JSC::DFG::DesiredStructureChains::areStillValid):
    * dfg/DFGDesiredStructureChains.h: Added.
    (DFG):
    (DesiredStructureChains):
    (JSC::DFG::DesiredStructureChains::addLazily):
    * dfg/DFGGraph.cpp:
    (JSC::DFG::Graph::isStillValid):
    (DFG):
    * dfg/DFGGraph.h:
    (Graph):
    * dfg/DFGJITCompiler.cpp:
    (JSC::DFG::JITCompiler::link):
    (JSC::DFG::JITCompiler::linkFunction):
    * ftl/FTLLink.cpp:
    (JSC::FTL::link):
    * runtime/IntendedStructureChain.cpp: Added.
    (JSC):
    (JSC::IntendedStructureChain::IntendedStructureChain):
    (JSC::IntendedStructureChain::~IntendedStructureChain):
    (JSC::IntendedStructureChain::isStillValid):
    (JSC::IntendedStructureChain::matches):
    (JSC::IntendedStructureChain::chain):
    (JSC::IntendedStructureChain::mayInterceptStoreTo):
    (JSC::IntendedStructureChain::isNormalized):
    (JSC::IntendedStructureChain::terminalPrototype):
    * runtime/IntendedStructureChain.h: Added.
    (JSC):
    (IntendedStructureChain):
    (JSC::IntendedStructureChain::head):
    (JSC::IntendedStructureChain::size):
    (JSC::IntendedStructureChain::at):
    (JSC::IntendedStructureChain::operator[]):
    (JSC::IntendedStructureChain::last):
    * runtime/Structure.cpp:
    (JSC::Structure::prototypeChainMayInterceptStoreTo):
    * runtime/Structure.h:
    (Structure):
    * runtime/StructureInlines.h:
    (JSC::Structure::storedPrototypeObject):
    (JSC):
    (JSC::Structure::storedPrototypeStructure):
    
    git-svn-id: http://svn.webkit.org/repository/webkit/trunk@153146 268f45cc-cd09-0410-ab3c-d52691b4dbfc
    98fb6bf1