Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (253931 => 253932)
--- trunk/Source/_javascript_Core/ChangeLog 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/ChangeLog 2019-12-29 05:32:33 UTC (rev 253932)
@@ -1,5 +1,106 @@
2019-12-28 Yusuke Suzuki <[email protected]>
+ [JSC] JSFunction's m_executable / m_rareData should be merged
+ https://bugs.webkit.org/show_bug.cgi?id=205554
+
+ Reviewed by Mark Lam.
+
+ This patch merges JSFunction::m_executable and JSFunction::m_rareData fields into one JSFunction::m_executableOrRareData field.
+ JSFunction is one of the most frequently allocated objects (e.g. it is common that anonymous JSFunction _expression_ is used as a scope).
+ If we can save sizeof(JSFunction), we can get great savings in memory usage.
+
+ JSFunction::m_scope field is touched every time we execute this function. (op_get_scope, or obtaining JSGlobalObject for host functions).
+ On the other hand, m_executable field can be skipped if JSFunction call is cached by CallLinkInfo. So compared to JSFunction::m_scope,
+ this field is less frequently touched. So, we merge m_executable and m_rareData fields into one, m_executableOrRareData. When it holds
+ ExecutableBase*, we do nothing. But when we create FunctionRareData, we put ExecutableBase in FunctionRareData and store FunctionRareData
+ to JSFunction::m_executableOrRareData field with `0x1` flag.
+
+ This patch reduces sizeof(JSFunction) from 48 to 32.
+
+ * dfg/DFGSpeculativeJIT.cpp:
+ (JSC::DFG::SpeculativeJIT::compileNewFunctionCommon):
+ (JSC::DFG::SpeculativeJIT::compileGetExecutable):
+ (JSC::DFG::SpeculativeJIT::compileCreateThis):
+ (JSC::DFG::SpeculativeJIT::compileCreatePromise):
+ (JSC::DFG::SpeculativeJIT::compileCreateInternalFieldObject):
+ * ftl/FTLAbstractHeapRepository.h:
+ * ftl/FTLLowerDFGToB3.cpp:
+ (JSC::FTL::DFG::LowerDFGToB3::compileGetExecutable):
+ (JSC::FTL::DFG::LowerDFGToB3::compileNewFunction):
+ (JSC::FTL::DFG::LowerDFGToB3::compileCreateThis):
+ (JSC::FTL::DFG::LowerDFGToB3::compileCreatePromise):
+ (JSC::FTL::DFG::LowerDFGToB3::compileCreateInternalFieldObject):
+ * jit/JITOpcodes.cpp:
+ (JSC::JIT::emit_op_create_this):
+ * jit/JITOpcodes32_64.cpp:
+ (JSC::JIT::emit_op_create_this):
+ * jit/Repatch.cpp:
+ (JSC::linkPolymorphicCall):
+ * jit/ThunkGenerators.cpp:
+ (JSC::virtualThunkFor):
+ (JSC::nativeForGenerator):
+ (JSC::boundFunctionCallGenerator):
+ * llint/LowLevelInterpreter.asm:
+ * llint/LowLevelInterpreter32_64.asm:
+ * llint/LowLevelInterpreter64.asm:
+ * runtime/FunctionRareData.cpp:
+ (JSC::FunctionRareData::create):
+ (JSC::FunctionRareData::visitChildren):
+ (JSC::FunctionRareData::FunctionRareData):
+ * runtime/FunctionRareData.h:
+ * runtime/JSBoundFunction.cpp:
+ (JSC::JSBoundFunction::create):
+ (JSC::JSBoundFunction::JSBoundFunction):
+ * runtime/JSBoundFunction.h:
+ * runtime/JSCustomGetterSetterFunction.cpp:
+ (JSC::JSCustomGetterSetterFunction::JSCustomGetterSetterFunction):
+ (JSC::JSCustomGetterSetterFunction::create):
+ * runtime/JSCustomGetterSetterFunction.h:
+ * runtime/JSFunction.cpp:
+ (JSC::JSFunction::create):
+ (JSC::JSFunction::createFunctionThatMasqueradesAsUndefined):
+ (JSC::JSFunction::JSFunction):
+ (JSC::JSFunction::finishCreation):
+ (JSC::JSFunction::allocateRareData):
+ (JSC::JSFunction::allocateAndInitializeRareData):
+ (JSC::JSFunction::initializeRareData):
+ (JSC::JSFunction::visitChildren):
+ (JSC::JSFunction::put):
+ (JSC::JSFunction::defineOwnProperty):
+ * runtime/JSFunction.h:
+ (JSC::JSFunction::executable const):
+ (JSC::JSFunction::offsetOfExecutableOrRareData):
+ (JSC::JSFunction::rareData):
+ (JSC::JSFunction::offsetOfExecutable): Deleted.
+ (JSC::JSFunction::offsetOfRareData): Deleted.
+ * runtime/JSFunctionInlines.h:
+ (JSC::JSFunction::JSFunction):
+ (JSC::JSFunction::jsExecutable const):
+ (JSC::JSFunction::isHostFunction const):
+ (JSC::JSFunction::nativeFunction):
+ (JSC::JSFunction::nativeConstructor):
+ (JSC::JSFunction::hasReifiedLength const):
+ (JSC::JSFunction::hasReifiedName const):
+ (JSC::JSFunction::areNameAndLengthOriginal):
+ (JSC::JSFunction::ensureRareDataAndAllocationProfile):
+ * runtime/JSNativeStdFunction.cpp:
+ (JSC::JSNativeStdFunction::JSNativeStdFunction):
+ (JSC::JSNativeStdFunction::create):
+ * runtime/JSNativeStdFunction.h:
+ * wasm/js/WebAssemblyFunction.cpp:
+ (JSC::WebAssemblyFunction::create):
+ (JSC::WebAssemblyFunction::WebAssemblyFunction):
+ * wasm/js/WebAssemblyFunction.h:
+ * wasm/js/WebAssemblyFunctionBase.cpp:
+ (JSC::WebAssemblyFunctionBase::WebAssemblyFunctionBase):
+ * wasm/js/WebAssemblyFunctionBase.h:
+ * wasm/js/WebAssemblyWrapperFunction.cpp:
+ (JSC::WebAssemblyWrapperFunction::WebAssemblyWrapperFunction):
+ (JSC::WebAssemblyWrapperFunction::create):
+ * wasm/js/WebAssemblyWrapperFunction.h:
+
+2019-12-28 Yusuke Suzuki <[email protected]>
+
[JSC] StructureChain should hold vector of StructureID
https://bugs.webkit.org/show_bug.cgi?id=205592
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp (253931 => 253932)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.cpp 2019-12-29 05:32:33 UTC (rev 253932)
@@ -7236,8 +7236,7 @@
emitAllocateJSObjectWithKnownSize<ClassType>(resultGPR, TrustedImmPtr(structure), butterfly, scratch1GPR, scratch2GPR, slowPath, size);
m_jit.storePtr(scopeGPR, JITCompiler::Address(resultGPR, JSFunction::offsetOfScopeChain()));
- m_jit.storePtr(TrustedImmPtr::weakPointer(m_jit.graph(), executable), JITCompiler::Address(resultGPR, JSFunction::offsetOfExecutable()));
- m_jit.storePtr(TrustedImmPtr(nullptr), JITCompiler::Address(resultGPR, JSFunction::offsetOfRareData()));
+ m_jit.storePtr(TrustedImmPtr::weakPointer(m_jit.graph(), executable), JITCompiler::Address(resultGPR, JSFunction::offsetOfExecutableOrRareData()));
m_jit.mutatorFence(vm());
}
@@ -12418,7 +12417,10 @@
GPRReg functionGPR = function.gpr();
GPRReg resultGPR = result.gpr();
speculateCellType(node->child1(), functionGPR, SpecFunction, JSFunctionType);
- m_jit.loadPtr(JITCompiler::Address(functionGPR, JSFunction::offsetOfExecutable()), resultGPR);
+ m_jit.loadPtr(JITCompiler::Address(functionGPR, JSFunction::offsetOfExecutableOrRareData()), resultGPR);
+ auto hasExecutable = m_jit.branchTestPtr(CCallHelpers::Zero, resultGPR, CCallHelpers::TrustedImm32(JSFunction::rareDataTag));
+ m_jit.loadPtr(CCallHelpers::Address(resultGPR, FunctionRareData::offsetOfExecutable() - JSFunction::rareDataTag), resultGPR);
+ hasExecutable.link(&m_jit);
cellResult(resultGPR, node);
}
@@ -12788,10 +12790,10 @@
MacroAssembler::JumpList slowPath;
slowPath.append(m_jit.branchIfNotFunction(calleeGPR));
- m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfRareData()), rareDataGPR);
- slowPath.append(m_jit.branchTestPtr(MacroAssembler::Zero, rareDataGPR));
- m_jit.loadPtr(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfObjectAllocationProfile() + ObjectAllocationProfileWithPrototype::offsetOfAllocator()), allocatorGPR);
- m_jit.loadPtr(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfObjectAllocationProfile() + ObjectAllocationProfileWithPrototype::offsetOfStructure()), structureGPR);
+ m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfExecutableOrRareData()), rareDataGPR);
+ slowPath.append(m_jit.branchTestPtr(MacroAssembler::Zero, rareDataGPR, CCallHelpers::TrustedImm32(JSFunction::rareDataTag)));
+ m_jit.loadPtr(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfObjectAllocationProfile() + ObjectAllocationProfileWithPrototype::offsetOfAllocator() - JSFunction::rareDataTag), allocatorGPR);
+ m_jit.loadPtr(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfObjectAllocationProfile() + ObjectAllocationProfileWithPrototype::offsetOfStructure() - JSFunction::rareDataTag), structureGPR);
auto butterfly = TrustedImmPtr(nullptr);
emitAllocateJSObject(resultGPR, JITAllocator::variable(), allocatorGPR, structureGPR, butterfly, scratchGPR, slowPath);
@@ -12830,9 +12832,9 @@
MacroAssembler::JumpList slowCases;
slowCases.append(m_jit.branchIfNotFunction(calleeGPR));
- m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfRareData()), rareDataGPR);
- slowCases.append(m_jit.branchTestPtr(MacroAssembler::Zero, rareDataGPR));
- m_jit.loadPtr(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfInternalFunctionAllocationProfile() + InternalFunctionAllocationProfile::offsetOfStructure()), structureGPR);
+ m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfExecutableOrRareData()), rareDataGPR);
+ slowCases.append(m_jit.branchTestPtr(MacroAssembler::Zero, rareDataGPR, CCallHelpers::TrustedImm32(JSFunction::rareDataTag)));
+ m_jit.loadPtr(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfInternalFunctionAllocationProfile() + InternalFunctionAllocationProfile::offsetOfStructure() - JSFunction::rareDataTag), structureGPR);
slowCases.append(m_jit.branchTestPtr(CCallHelpers::Zero, structureGPR));
m_jit.move(TrustedImmPtr(node->isInternalPromise() ? JSInternalPromise::info() : JSPromise::info()), scratch1GPR);
slowCases.append(m_jit.branchPtr(CCallHelpers::NotEqual, scratch1GPR, CCallHelpers::Address(structureGPR, Structure::classInfoOffset())));
@@ -12878,9 +12880,9 @@
MacroAssembler::JumpList slowCases;
slowCases.append(m_jit.branchIfNotFunction(calleeGPR));
- m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfRareData()), rareDataGPR);
- slowCases.append(m_jit.branchTestPtr(MacroAssembler::Zero, rareDataGPR));
- m_jit.loadPtr(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfInternalFunctionAllocationProfile() + InternalFunctionAllocationProfile::offsetOfStructure()), structureGPR);
+ m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfExecutableOrRareData()), rareDataGPR);
+ slowCases.append(m_jit.branchTestPtr(MacroAssembler::Zero, rareDataGPR, CCallHelpers::TrustedImm32(JSFunction::rareDataTag)));
+ m_jit.loadPtr(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfInternalFunctionAllocationProfile() + InternalFunctionAllocationProfile::offsetOfStructure() - JSFunction::rareDataTag), structureGPR);
slowCases.append(m_jit.branchTestPtr(CCallHelpers::Zero, structureGPR));
m_jit.move(TrustedImmPtr(JSClass::info()), scratch1GPR);
slowCases.append(m_jit.branchPtr(CCallHelpers::NotEqual, scratch1GPR, CCallHelpers::Address(structureGPR, Structure::classInfoOffset())));
Modified: trunk/Source/_javascript_Core/ftl/FTLAbstractHeapRepository.h (253931 => 253932)
--- trunk/Source/_javascript_Core/ftl/FTLAbstractHeapRepository.h 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/ftl/FTLAbstractHeapRepository.h 2019-12-29 05:32:33 UTC (rev 253932)
@@ -80,6 +80,7 @@
macro(FunctionRareData_structure, FunctionRareData::offsetOfObjectAllocationProfile() + ObjectAllocationProfileWithPrototype::offsetOfStructure()) \
macro(FunctionRareData_prototype, FunctionRareData::offsetOfObjectAllocationProfile() + ObjectAllocationProfileWithPrototype::offsetOfPrototype()) \
macro(FunctionRareData_allocationProfileWatchpointSet, FunctionRareData::offsetOfAllocationProfileWatchpointSet()) \
+ macro(FunctionRareData_executable, FunctionRareData::offsetOfExecutable()) \
macro(FunctionRareData_internalFunctionAllocationProfile_structure, FunctionRareData::offsetOfInternalFunctionAllocationProfile() + InternalFunctionAllocationProfile::offsetOfStructure()) \
macro(FunctionRareData_boundFunctionStructure, FunctionRareData::offsetOfBoundFunctionStructure()) \
macro(FunctionRareData_allocationProfileClearingWatchpoint, FunctionRareData::offsetOfAllocationProfileClearingWatchpoint()) \
@@ -97,9 +98,8 @@
macro(JSCell_typeInfoType, JSCell::typeInfoTypeOffset()) \
macro(JSCell_usefulBytes, JSCell::indexingTypeAndMiscOffset()) \
macro(JSDestructibleObject_classInfo, JSDestructibleObject::classInfoOffset()) \
- macro(JSFunction_executable, JSFunction::offsetOfExecutable()) \
+ macro(JSFunction_executableOrRareData, JSFunction::offsetOfExecutableOrRareData()) \
macro(JSFunction_scope, JSFunction::offsetOfScopeChain()) \
- macro(JSFunction_rareData, JSFunction::offsetOfRareData()) \
macro(JSGlobalObject_regExpGlobalData_cachedResult_lastRegExp, JSGlobalObject::regExpGlobalDataOffset() + RegExpGlobalData::offsetOfCachedResult() + RegExpCachedResult::offsetOfLastRegExp()) \
macro(JSGlobalObject_regExpGlobalData_cachedResult_lastInput, JSGlobalObject::regExpGlobalDataOffset() + RegExpGlobalData::offsetOfCachedResult() + RegExpCachedResult::offsetOfLastInput()) \
macro(JSGlobalObject_regExpGlobalData_cachedResult_result_start, JSGlobalObject::regExpGlobalDataOffset() + RegExpGlobalData::offsetOfCachedResult() + RegExpCachedResult::offsetOfResult() + OBJECT_OFFSETOF(MatchResult, start)) \
Modified: trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp (253931 => 253932)
--- trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/ftl/FTLLowerDFGToB3.cpp 2019-12-29 05:32:33 UTC (rev 253932)
@@ -3468,9 +3468,22 @@
void compileGetExecutable()
{
+ LBasicBlock continuation = m_out.newBlock();
+ LBasicBlock hasRareData = m_out.newBlock();
LValue cell = lowCell(m_node->child1());
speculateFunction(m_node->child1(), cell);
- setJSValue(m_out.loadPtr(cell, m_heaps.JSFunction_executable));
+
+ LValue rareDataTags = m_out.loadPtr(cell, m_heaps.JSFunction_executableOrRareData);
+ ValueFromBlock fastExecutable = m_out.anchor(rareDataTags);
+ m_out.branch(m_out.testIsZeroPtr(rareDataTags, m_out.constIntPtr(JSFunction::rareDataTag)), unsure(continuation), unsure(hasRareData));
+
+ LBasicBlock lastNext = m_out.appendTo(hasRareData, continuation);
+ LValue rareData = m_out.sub(rareDataTags, m_out.constIntPtr(JSFunction::rareDataTag));
+ ValueFromBlock slowExecutable = m_out.anchor(m_out.loadPtr(rareData, m_heaps.FunctionRareData_executable));
+ m_out.jump(continuation);
+
+ m_out.appendTo(continuation, lastNext);
+ setJSValue(m_out.phi(pointerType(), fastExecutable, slowExecutable));
}
void compileArrayify()
@@ -5774,8 +5787,7 @@
// We don't need memory barriers since we just fast-created the function, so it
// must be young.
m_out.storePtr(scope, fastObject, m_heaps.JSFunction_scope);
- m_out.storePtr(weakPointer(executable), fastObject, m_heaps.JSFunction_executable);
- m_out.storePtr(m_out.intPtrZero, fastObject, m_heaps.JSFunction_rareData);
+ m_out.storePtr(weakPointer(executable), fastObject, m_heaps.JSFunction_executableOrRareData);
mutatorFence();
ValueFromBlock fastResult = m_out.anchor(fastObject);
@@ -6546,10 +6558,11 @@
m_out.branch(isFunction(callee, provenType(m_node->child1())), usually(isFunctionBlock), rarely(slowPath));
LBasicBlock lastNext = m_out.appendTo(isFunctionBlock, hasRareData);
- LValue rareData = m_out.loadPtr(callee, m_heaps.JSFunction_rareData);
- m_out.branch(m_out.isZero64(rareData), rarely(slowPath), usually(hasRareData));
+ LValue rareDataTags = m_out.loadPtr(callee, m_heaps.JSFunction_executableOrRareData);
+ m_out.branch(m_out.testIsZeroPtr(rareDataTags, m_out.constIntPtr(JSFunction::rareDataTag)), rarely(slowPath), usually(hasRareData));
m_out.appendTo(hasRareData, slowPath);
+ LValue rareData = m_out.sub(rareDataTags, m_out.constIntPtr(JSFunction::rareDataTag));
LValue allocator = m_out.loadPtr(rareData, m_heaps.FunctionRareData_allocator);
LValue structure = m_out.loadPtr(rareData, m_heaps.FunctionRareData_structure);
LValue butterfly = m_out.constIntPtr(0);
@@ -6590,10 +6603,11 @@
m_out.branch(isFunction(callee, provenType(m_node->child1())), usually(isFunctionBlock), rarely(slowCase));
m_out.appendTo(isFunctionBlock, hasRareData);
- LValue rareData = m_out.loadPtr(callee, m_heaps.JSFunction_rareData);
- m_out.branch(m_out.isZero64(rareData), rarely(slowCase), usually(hasRareData));
+ LValue rareDataTags = m_out.loadPtr(callee, m_heaps.JSFunction_executableOrRareData);
+ m_out.branch(m_out.testIsZeroPtr(rareDataTags, m_out.constIntPtr(JSFunction::rareDataTag)), rarely(slowCase), usually(hasRareData));
m_out.appendTo(hasRareData, hasStructure);
+ LValue rareData = m_out.sub(rareDataTags, m_out.constIntPtr(JSFunction::rareDataTag));
LValue structure = m_out.loadPtr(rareData, m_heaps.FunctionRareData_internalFunctionAllocationProfile_structure);
m_out.branch(m_out.isZero64(structure), rarely(slowCase), usually(hasStructure));
@@ -6644,10 +6658,11 @@
m_out.branch(isFunction(callee, provenType(m_node->child1())), usually(isFunctionBlock), rarely(slowCase));
LBasicBlock lastNext = m_out.appendTo(isFunctionBlock, hasRareData);
- LValue rareData = m_out.loadPtr(callee, m_heaps.JSFunction_rareData);
- m_out.branch(m_out.isZero64(rareData), rarely(slowCase), usually(hasRareData));
+ LValue rareDataTags = m_out.loadPtr(callee, m_heaps.JSFunction_executableOrRareData);
+ m_out.branch(m_out.testIsZeroPtr(rareDataTags, m_out.constIntPtr(JSFunction::rareDataTag)), rarely(slowCase), usually(hasRareData));
m_out.appendTo(hasRareData, hasStructure);
+ LValue rareData = m_out.sub(rareDataTags, m_out.constIntPtr(JSFunction::rareDataTag));
LValue structure = m_out.loadPtr(rareData, m_heaps.FunctionRareData_internalFunctionAllocationProfile_structure);
m_out.branch(m_out.isZero64(structure), rarely(slowCase), usually(hasStructure));
Modified: trunk/Source/_javascript_Core/jit/JITOpcodes.cpp (253931 => 253932)
--- trunk/Source/_javascript_Core/jit/JITOpcodes.cpp 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/jit/JITOpcodes.cpp 2019-12-29 05:32:33 UTC (rev 253932)
@@ -949,10 +949,10 @@
emitGetVirtualRegister(callee, calleeReg);
addSlowCase(branchIfNotFunction(calleeReg));
- loadPtr(Address(calleeReg, JSFunction::offsetOfRareData()), rareDataReg);
- addSlowCase(branchTestPtr(Zero, rareDataReg));
- loadPtr(Address(rareDataReg, FunctionRareData::offsetOfObjectAllocationProfile() + ObjectAllocationProfileWithPrototype::offsetOfAllocator()), allocatorReg);
- loadPtr(Address(rareDataReg, FunctionRareData::offsetOfObjectAllocationProfile() + ObjectAllocationProfileWithPrototype::offsetOfStructure()), structureReg);
+ loadPtr(Address(calleeReg, JSFunction::offsetOfExecutableOrRareData()), rareDataReg);
+ addSlowCase(branchTestPtr(Zero, rareDataReg, TrustedImm32(JSFunction::rareDataTag)));
+ loadPtr(Address(rareDataReg, FunctionRareData::offsetOfObjectAllocationProfile() + ObjectAllocationProfileWithPrototype::offsetOfAllocator() - JSFunction::rareDataTag), allocatorReg);
+ loadPtr(Address(rareDataReg, FunctionRareData::offsetOfObjectAllocationProfile() + ObjectAllocationProfileWithPrototype::offsetOfStructure() - JSFunction::rareDataTag), structureReg);
loadPtr(cachedFunction, cachedFunctionReg);
Jump hasSeenMultipleCallees = branchPtr(Equal, cachedFunctionReg, TrustedImmPtr(JSCell::seenMultipleCalleeObjects()));
Modified: trunk/Source/_javascript_Core/jit/JITOpcodes32_64.cpp (253931 => 253932)
--- trunk/Source/_javascript_Core/jit/JITOpcodes32_64.cpp 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/jit/JITOpcodes32_64.cpp 2019-12-29 05:32:33 UTC (rev 253932)
@@ -1065,10 +1065,10 @@
emitLoadPayload(callee, calleeReg);
addSlowCase(branchIfNotFunction(calleeReg));
- loadPtr(Address(calleeReg, JSFunction::offsetOfRareData()), rareDataReg);
- addSlowCase(branchTestPtr(Zero, rareDataReg));
- load32(Address(rareDataReg, FunctionRareData::offsetOfObjectAllocationProfile() + ObjectAllocationProfileWithPrototype::offsetOfAllocator()), allocatorReg);
- loadPtr(Address(rareDataReg, FunctionRareData::offsetOfObjectAllocationProfile() + ObjectAllocationProfileWithPrototype::offsetOfStructure()), structureReg);
+ loadPtr(Address(calleeReg, JSFunction::offsetOfExecutableOrRareData()), rareDataReg);
+ addSlowCase(branchTestPtr(Zero, rareDataReg, TrustedImm32(JSFunction::rareDataTag)));
+ load32(Address(rareDataReg, FunctionRareData::offsetOfObjectAllocationProfile() + ObjectAllocationProfileWithPrototype::offsetOfAllocator() - JSFunction::rareDataTag), allocatorReg);
+ loadPtr(Address(rareDataReg, FunctionRareData::offsetOfObjectAllocationProfile() + ObjectAllocationProfileWithPrototype::offsetOfStructure() - JSFunction::rareDataTag), structureReg);
loadPtr(cachedFunction, cachedFunctionReg);
Jump hasSeenMultipleCallees = branchPtr(Equal, cachedFunctionReg, TrustedImmPtr(JSCell::seenMultipleCalleeObjects()));
Modified: trunk/Source/_javascript_Core/jit/Repatch.cpp (253931 => 253932)
--- trunk/Source/_javascript_Core/jit/Repatch.cpp 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/jit/Repatch.cpp 2019-12-29 05:32:33 UTC (rev 253932)
@@ -1241,9 +1241,10 @@
// FIXME: We could add a fast path for InternalFunction with closure call.
slowPath.append(stubJit.branchIfNotFunction(calleeGPR));
- stubJit.loadPtr(
- CCallHelpers::Address(calleeGPR, JSFunction::offsetOfExecutable()),
- comparisonValueGPR);
+ stubJit.loadPtr(CCallHelpers::Address(calleeGPR, JSFunction::offsetOfExecutableOrRareData()), comparisonValueGPR);
+ auto hasExecutable = stubJit.branchTestPtr(CCallHelpers::Zero, comparisonValueGPR, CCallHelpers::TrustedImm32(JSFunction::rareDataTag));
+ stubJit.loadPtr(CCallHelpers::Address(comparisonValueGPR, FunctionRareData::offsetOfExecutable() - JSFunction::rareDataTag), comparisonValueGPR);
+ hasExecutable.link(&stubJit);
}
BinarySwitch binarySwitch(comparisonValueGPR, caseValues, BinarySwitch::IntPtr);
Modified: trunk/Source/_javascript_Core/jit/ThunkGenerators.cpp (253931 => 253932)
--- trunk/Source/_javascript_Core/jit/ThunkGenerators.cpp 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/jit/ThunkGenerators.cpp 2019-12-29 05:32:33 UTC (rev 253932)
@@ -203,10 +203,11 @@
// Now we know we have a JSFunction.
+ jit.loadPtr(CCallHelpers::Address(GPRInfo::regT0, JSFunction::offsetOfExecutableOrRareData()), GPRInfo::regT4);
+ auto hasExecutable = jit.branchTestPtr(CCallHelpers::Zero, GPRInfo::regT4, CCallHelpers::TrustedImm32(JSFunction::rareDataTag));
+ jit.loadPtr(CCallHelpers::Address(GPRInfo::regT4, FunctionRareData::offsetOfExecutable() - JSFunction::rareDataTag), GPRInfo::regT4);
+ hasExecutable.link(&jit);
jit.loadPtr(
- CCallHelpers::Address(GPRInfo::regT0, JSFunction::offsetOfExecutable()),
- GPRInfo::regT4);
- jit.loadPtr(
CCallHelpers::Address(
GPRInfo::regT4, ExecutableBase::offsetOfJITCodeWithArityCheckFor(
callLinkInfo.specializationKind())),
@@ -289,7 +290,10 @@
if (thunkFunctionType == ThunkFunctionType::JSFunction) {
jit.loadPtr(CCallHelpers::Address(GPRInfo::argumentGPR2, JSFunction::offsetOfScopeChain()), GPRInfo::argumentGPR0);
- jit.loadPtr(CCallHelpers::Address(GPRInfo::argumentGPR2, JSFunction::offsetOfExecutable()), GPRInfo::argumentGPR2);
+ jit.loadPtr(CCallHelpers::Address(GPRInfo::argumentGPR2, JSFunction::offsetOfExecutableOrRareData()), GPRInfo::argumentGPR2);
+ auto hasExecutable = jit.branchTestPtr(CCallHelpers::Zero, GPRInfo::argumentGPR2, CCallHelpers::TrustedImm32(JSFunction::rareDataTag));
+ jit.loadPtr(CCallHelpers::Address(GPRInfo::argumentGPR2, FunctionRareData::offsetOfExecutable() - JSFunction::rareDataTag), GPRInfo::argumentGPR2);
+ hasExecutable.link(&jit);
jit.call(CCallHelpers::Address(GPRInfo::argumentGPR2, executableOffsetToFunction), JSEntryPtrTag);
} else {
ASSERT(thunkFunctionType == ThunkFunctionType::InternalFunction);
@@ -1233,10 +1237,12 @@
jit.loadPtr(CCallHelpers::Address(GPRInfo::regT0, JSBoundFunction::offsetOfTargetFunction()), GPRInfo::regT2);
jit.storeCell(GPRInfo::regT2, CCallHelpers::calleeFrameSlot(CallFrameSlot::callee));
+ jit.loadPtr(CCallHelpers::Address(GPRInfo::regT2, JSFunction::offsetOfExecutableOrRareData()), GPRInfo::regT0);
+ auto hasExecutable = jit.branchTestPtr(CCallHelpers::Zero, GPRInfo::regT0, CCallHelpers::TrustedImm32(JSFunction::rareDataTag));
+ jit.loadPtr(CCallHelpers::Address(GPRInfo::regT0, FunctionRareData::offsetOfExecutable() - JSFunction::rareDataTag), GPRInfo::regT0);
+ hasExecutable.link(&jit);
+
jit.loadPtr(
- CCallHelpers::Address(GPRInfo::regT2, JSFunction::offsetOfExecutable()),
- GPRInfo::regT0);
- jit.loadPtr(
CCallHelpers::Address(
GPRInfo::regT0, ExecutableBase::offsetOfJITCodeWithArityCheckFor(CodeForCall)),
GPRInfo::regT0);
Modified: trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm (253931 => 253932)
--- trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm 2019-12-29 05:32:33 UTC (rev 253932)
@@ -1144,7 +1144,10 @@
else
loadp Callee + PayloadOffset[cfr], targetRegister
end
- loadp JSFunction::m_executable[targetRegister], targetRegister
+ loadp JSFunction::m_executableOrRareData[targetRegister], targetRegister
+ btpz targetRegister, (constexpr JSFunction::rareDataTag), .executable
+ loadp (FunctionRareData::m_executable - (constexpr JSFunction::rareDataTag))[targetRegister], targetRegister
+.executable:
loadp FunctionExecutable::m_codeBlockForCall[targetRegister], targetRegister
loadp ExecutableToCodeBlockEdge::m_codeBlock[targetRegister], targetRegister
end
@@ -1155,7 +1158,10 @@
else
loadp Callee + PayloadOffset[cfr], targetRegister
end
- loadp JSFunction::m_executable[targetRegister], targetRegister
+ loadp JSFunction::m_executableOrRareData[targetRegister], targetRegister
+ btpz targetRegister, (constexpr JSFunction::rareDataTag), .executable
+ loadp (FunctionRareData::m_executable - (constexpr JSFunction::rareDataTag))[targetRegister], targetRegister
+.executable:
loadp FunctionExecutable::m_codeBlockForConstruct[targetRegister], targetRegister
loadp ExecutableToCodeBlockEdge::m_codeBlock[targetRegister], targetRegister
end
Modified: trunk/Source/_javascript_Core/llint/LowLevelInterpreter32_64.asm (253931 => 253932)
--- trunk/Source/_javascript_Core/llint/LowLevelInterpreter32_64.asm 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/llint/LowLevelInterpreter32_64.asm 2019-12-29 05:32:33 UTC (rev 253932)
@@ -2062,7 +2062,10 @@
end
loadp Callee + PayloadOffset[cfr], a0
- loadp JSFunction::m_executable[a0], a2
+ loadp JSFunction::m_executableOrRareData[a0], a2
+ btpz a2, (constexpr JSFunction::rareDataTag), .executable
+ loadp (FunctionRareData::m_executable - (constexpr JSFunction::rareDataTag))[a2], a2
+.executable:
loadp JSFunction::m_scope[a0], a0
loadp JSGlobalObject::m_vm[a0], a1
storep cfr, VM::topCallFrame[a1]
Modified: trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm (253931 => 253932)
--- trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm 2019-12-29 05:32:33 UTC (rev 253932)
@@ -2185,7 +2185,10 @@
functionPrologue()
storep 0, CodeBlock[cfr]
loadp Callee[cfr], a0
- loadp JSFunction::m_executable[a0], a2
+ loadp JSFunction::m_executableOrRareData[a0], a2
+ btpz a2, (constexpr JSFunction::rareDataTag), .executable
+ loadp (FunctionRareData::m_executable - (constexpr JSFunction::rareDataTag))[a2], a2
+.executable:
loadp JSFunction::m_scope[a0], a0
loadp JSGlobalObject::m_vm[a0], a1
storep cfr, VM::topCallFrame[a1]
Modified: trunk/Source/_javascript_Core/runtime/FunctionRareData.cpp (253931 => 253932)
--- trunk/Source/_javascript_Core/runtime/FunctionRareData.cpp 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/runtime/FunctionRareData.cpp 2019-12-29 05:32:33 UTC (rev 253932)
@@ -33,9 +33,9 @@
const ClassInfo FunctionRareData::s_info = { "FunctionRareData", nullptr, nullptr, nullptr, CREATE_METHOD_TABLE(FunctionRareData) };
-FunctionRareData* FunctionRareData::create(VM& vm)
+FunctionRareData* FunctionRareData::create(VM& vm, ExecutableBase* executable)
{
- FunctionRareData* rareData = new (NotNull, allocateCell<FunctionRareData>(vm.heap)) FunctionRareData(vm);
+ FunctionRareData* rareData = new (NotNull, allocateCell<FunctionRareData>(vm.heap)) FunctionRareData(vm, executable);
rareData->finishCreation(vm);
return rareData;
}
@@ -60,9 +60,10 @@
rareData->m_objectAllocationProfile.visitAggregate(visitor);
rareData->m_internalFunctionAllocationProfile.visitAggregate(visitor);
visitor.append(rareData->m_boundFunctionStructure);
+ visitor.append(rareData->m_executable);
}
-FunctionRareData::FunctionRareData(VM& vm)
+FunctionRareData::FunctionRareData(VM& vm, ExecutableBase* executable)
: Base(vm, vm.functionRareDataStructure.get())
, m_objectAllocationProfile()
// We initialize blind so that changes to the prototype after function creation but before
@@ -69,6 +70,7 @@
// the first allocation don't disable optimizations. This isn't super important, since the
// function is unlikely to allocate a rare data until the first allocation anyway.
, m_allocationProfileWatchpointSet(ClearWatchpoint)
+ , m_executable(vm, this, executable)
, m_hasReifiedLength(false)
, m_hasReifiedName(false)
, m_hasModifiedLength(false)
Modified: trunk/Source/_javascript_Core/runtime/FunctionRareData.h (253931 => 253932)
--- trunk/Source/_javascript_Core/runtime/FunctionRareData.h 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/runtime/FunctionRareData.h 2019-12-29 05:32:33 UTC (rev 253932)
@@ -33,6 +33,7 @@
namespace JSC {
+class ExecutableBase;
class JSGlobalObject;
class LLIntOffsetsExtractor;
namespace DFG {
@@ -50,7 +51,7 @@
typedef JSCell Base;
static constexpr unsigned StructureFlags = Base::StructureFlags | StructureIsImmortal;
- static FunctionRareData* create(VM&);
+ static FunctionRareData* create(VM&, ExecutableBase*);
static constexpr bool needsDestruction = true;
@@ -72,6 +73,7 @@
static inline ptrdiff_t offsetOfAllocationProfileWatchpointSet() { return OBJECT_OFFSETOF(FunctionRareData, m_allocationProfileWatchpointSet); }
static inline ptrdiff_t offsetOfInternalFunctionAllocationProfile() { return OBJECT_OFFSETOF(FunctionRareData, m_internalFunctionAllocationProfile); }
static inline ptrdiff_t offsetOfBoundFunctionStructure() { return OBJECT_OFFSETOF(FunctionRareData, m_boundFunctionStructure); }
+ static inline ptrdiff_t offsetOfExecutable() { return OBJECT_OFFSETOF(FunctionRareData, m_executable); }
static inline ptrdiff_t offsetOfAllocationProfileClearingWatchpoint() { return OBJECT_OFFSETOF(FunctionRareData, m_allocationProfileClearingWatchpoint); }
ObjectAllocationProfileWithPrototype* objectAllocationProfile()
@@ -114,6 +116,8 @@
Structure* getBoundFunctionStructure() { return m_boundFunctionStructure.get(); }
void setBoundFunctionStructure(VM& vm, Structure* structure) { m_boundFunctionStructure.set(vm, this, structure); }
+ ExecutableBase* executable() const { return m_executable.get(); }
+
bool hasReifiedLength() const { return m_hasReifiedLength; }
void setHasReifiedLength() { m_hasReifiedLength = true; }
bool hasReifiedName() const { return m_hasReifiedName; }
@@ -135,7 +139,7 @@
class AllocationProfileClearingWatchpoint;
protected:
- explicit FunctionRareData(VM&);
+ explicit FunctionRareData(VM&, ExecutableBase*);
~FunctionRareData();
private:
@@ -158,6 +162,7 @@
InlineWatchpointSet m_allocationProfileWatchpointSet;
InternalFunctionAllocationProfile m_internalFunctionAllocationProfile;
WriteBarrier<Structure> m_boundFunctionStructure;
+ WriteBarrier<ExecutableBase> m_executable;
std::unique_ptr<AllocationProfileClearingWatchpoint> m_allocationProfileClearingWatchpoint;
bool m_hasReifiedLength : 1;
bool m_hasReifiedName : 1;
Modified: trunk/Source/_javascript_Core/runtime/InternalFunction.cpp (253931 => 253932)
--- trunk/Source/_javascript_Core/runtime/InternalFunction.cpp 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/runtime/InternalFunction.cpp 2019-12-29 05:32:33 UTC (rev 253932)
@@ -124,7 +124,8 @@
JSGlobalObject* baseGlobalObject = baseClass->globalObject();
if (LIKELY(targetFunction)) {
- Structure* structure = targetFunction->rareData(vm)->internalFunctionAllocationStructure();
+ FunctionRareData* rareData = targetFunction->ensureRareData(vm);
+ Structure* structure = rareData->internalFunctionAllocationStructure();
if (LIKELY(structure && structure->classInfo() == baseClass->classInfo() && structure->globalObject() == baseGlobalObject))
return structure;
@@ -132,7 +133,7 @@
JSValue prototypeValue = targetFunction->get(globalObject, vm.propertyNames->prototype);
RETURN_IF_EXCEPTION(scope, nullptr);
if (JSObject* prototype = jsDynamicCast<JSObject*>(vm, prototypeValue))
- return targetFunction->rareData(vm)->createInternalFunctionAllocationStructureFromBase(vm, baseGlobalObject, prototype, baseClass);
+ return rareData->createInternalFunctionAllocationStructureFromBase(vm, baseGlobalObject, prototype, baseClass);
} else {
JSValue prototypeValue = newTarget.get(globalObject, vm.propertyNames->prototype);
RETURN_IF_EXCEPTION(scope, nullptr);
Modified: trunk/Source/_javascript_Core/runtime/JSBoundFunction.cpp (253931 => 253932)
--- trunk/Source/_javascript_Core/runtime/JSBoundFunction.cpp 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/runtime/JSBoundFunction.cpp 2019-12-29 05:32:33 UTC (rev 253932)
@@ -165,7 +165,7 @@
// We only cache the structure of the bound function if the bindee is a JSFunction since there
// isn't any good place to put the structure on Internal Functions.
if (targetJSFunction) {
- Structure* structure = targetJSFunction->rareData(vm)->getBoundFunctionStructure();
+ Structure* structure = targetJSFunction->ensureRareData(vm)->getBoundFunctionStructure();
if (structure && structure->storedPrototype() == prototype && structure->globalObject() == globalObject)
return structure;
}
@@ -182,7 +182,7 @@
result = Structure::create(vm, globalObject, prototype, result->typeInfo(), result->classInfo());
if (targetJSFunction)
- targetJSFunction->rareData(vm)->setBoundFunctionStructure(vm, result);
+ targetJSFunction->ensureRareData(vm)->setBoundFunctionStructure(vm, result);
return result;
}
@@ -202,7 +202,7 @@
NativeExecutable* executable = vm.getBoundFunction(isJSFunction, canConstruct);
Structure* structure = getBoundFunctionStructure(vm, globalObject, targetFunction);
RETURN_IF_EXCEPTION(scope, nullptr);
- JSBoundFunction* function = new (NotNull, allocateCell<JSBoundFunction>(vm.heap)) JSBoundFunction(vm, globalObject, structure, targetFunction, boundThis, boundArgs, name, length);
+ JSBoundFunction* function = new (NotNull, allocateCell<JSBoundFunction>(vm.heap)) JSBoundFunction(vm, executable, globalObject, structure, targetFunction, boundThis, boundArgs, name, length);
function->finishCreation(vm, executable, length);
return function;
@@ -213,8 +213,8 @@
return jsCast<JSBoundFunction*>(object)->m_targetFunction->hasInstance(globalObject, value);
}
-JSBoundFunction::JSBoundFunction(VM& vm, JSGlobalObject* globalObject, Structure* structure, JSObject* targetFunction, JSValue boundThis, JSImmutableButterfly* boundArgs, JSString* name, int length)
- : Base(vm, globalObject, structure)
+JSBoundFunction::JSBoundFunction(VM& vm, NativeExecutable* executable, JSGlobalObject* globalObject, Structure* structure, JSObject* targetFunction, JSValue boundThis, JSImmutableButterfly* boundArgs, JSString* name, int length)
+ : Base(vm, executable, globalObject, structure)
, m_targetFunction(vm, this, targetFunction)
, m_boundThis(vm, this, boundThis)
, m_boundArgs(vm, this, boundArgs, WriteBarrier<JSImmutableButterfly>::MayBeNull)
Modified: trunk/Source/_javascript_Core/runtime/JSBoundFunction.h (253931 => 253932)
--- trunk/Source/_javascript_Core/runtime/JSBoundFunction.h 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/runtime/JSBoundFunction.h 2019-12-29 05:32:33 UTC (rev 253932)
@@ -82,7 +82,7 @@
static void visitChildren(JSCell*, SlotVisitor&);
private:
- JSBoundFunction(VM&, JSGlobalObject*, Structure*, JSObject* targetFunction, JSValue boundThis, JSImmutableButterfly* boundArgs, JSString* name, int length);
+ JSBoundFunction(VM&, NativeExecutable*, JSGlobalObject*, Structure*, JSObject* targetFunction, JSValue boundThis, JSImmutableButterfly* boundArgs, JSString* name, int length);
void finishCreation(VM&, NativeExecutable*, int length);
Modified: trunk/Source/_javascript_Core/runtime/JSCustomGetterSetterFunction.cpp (253931 => 253932)
--- trunk/Source/_javascript_Core/runtime/JSCustomGetterSetterFunction.cpp 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/runtime/JSCustomGetterSetterFunction.cpp 2019-12-29 05:32:33 UTC (rev 253932)
@@ -60,8 +60,8 @@
return customGetterSetter->getter()(globalObject, JSValue::encode(thisValue), customGetterSetterFunction->propertyName());
}
-JSCustomGetterSetterFunction::JSCustomGetterSetterFunction(VM& vm, JSGlobalObject* globalObject, Structure* structure, const Type type, const PropertyName& propertyName)
- : Base(vm, globalObject, structure)
+JSCustomGetterSetterFunction::JSCustomGetterSetterFunction(VM& vm, NativeExecutable* executable, JSGlobalObject* globalObject, Structure* structure, const Type type, const PropertyName& propertyName)
+ : Base(vm, executable, globalObject, structure)
, m_type(type)
, m_propertyName(propertyName)
{
@@ -77,7 +77,7 @@
NativeExecutable* executable = vm.getHostFunction(customGetterSetterFunctionCall, callHostFunctionAsConstructor, String(propertyName.publicName()));
Structure* structure = globalObject->customGetterSetterFunctionStructure();
- JSCustomGetterSetterFunction* function = new (NotNull, allocateCell<JSCustomGetterSetterFunction>(vm.heap)) JSCustomGetterSetterFunction(vm, globalObject, structure, type, propertyName);
+ JSCustomGetterSetterFunction* function = new (NotNull, allocateCell<JSCustomGetterSetterFunction>(vm.heap)) JSCustomGetterSetterFunction(vm, executable, globalObject, structure, type, propertyName);
// Can't do this during initialization because getHostFunction might do a GC allocation.
function->finishCreation(vm, executable, getterSetter, name);
Modified: trunk/Source/_javascript_Core/runtime/JSCustomGetterSetterFunction.h (253931 => 253932)
--- trunk/Source/_javascript_Core/runtime/JSCustomGetterSetterFunction.h 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/runtime/JSCustomGetterSetterFunction.h 2019-12-29 05:32:33 UTC (rev 253932)
@@ -60,7 +60,7 @@
static void visitChildren(JSCell*, SlotVisitor&);
private:
- JSCustomGetterSetterFunction(VM&, JSGlobalObject*, Structure*, Type, const PropertyName&);
+ JSCustomGetterSetterFunction(VM&, NativeExecutable*, JSGlobalObject*, Structure*, Type, const PropertyName&);
void finishCreation(VM&, NativeExecutable*, CustomGetterSetter*, const String&);
static EncodedJSValue JSC_HOST_CALL customGetterSetterFunctionCall(JSGlobalObject*, CallFrame*);
Modified: trunk/Source/_javascript_Core/runtime/JSFunction.cpp (253931 => 253932)
--- trunk/Source/_javascript_Core/runtime/JSFunction.cpp 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/runtime/JSFunction.cpp 2019-12-29 05:32:33 UTC (rev 253932)
@@ -96,7 +96,7 @@
{
NativeExecutable* executable = vm.getHostFunction(nativeFunction, intrinsic, nativeConstructor, signature, name);
Structure* structure = globalObject->hostFunctionStructure();
- JSFunction* function = new (NotNull, allocateCell<JSFunction>(vm.heap)) JSFunction(vm, globalObject, structure);
+ JSFunction* function = new (NotNull, allocateCell<JSFunction>(vm.heap)) JSFunction(vm, executable, globalObject, structure);
// Can't do this during initialization because getHostFunction might do a GC allocation.
function->finishCreation(vm, executable, length, name);
return function;
@@ -107,14 +107,14 @@
NativeExecutable* executable = vm.getHostFunction(nativeFunction, intrinsic, nativeConstructor, signature, name);
Structure* structure = Structure::create(vm, globalObject, globalObject->objectPrototype(), TypeInfo(JSFunctionType, JSFunction::StructureFlags | MasqueradesAsUndefined), JSFunction::info());
globalObject->masqueradesAsUndefinedWatchpoint()->fireAll(globalObject->vm(), "Allocated masquerading object");
- JSFunction* function = new (NotNull, allocateCell<JSFunction>(vm.heap)) JSFunction(vm, globalObject, structure);
+ JSFunction* function = new (NotNull, allocateCell<JSFunction>(vm.heap)) JSFunction(vm, executable, globalObject, structure);
function->finishCreation(vm, executable, length, name);
return function;
}
-JSFunction::JSFunction(VM& vm, JSGlobalObject* globalObject, Structure* structure)
+JSFunction::JSFunction(VM& vm, NativeExecutable* executable, JSGlobalObject* globalObject, Structure* structure)
: Base(vm, globalObject, structure)
- , m_executable()
+ , m_executableOrRareData(bitwise_cast<uintptr_t>(executable))
{
assertTypeInfoFlagInvariants();
ASSERT(structure->globalObject() == globalObject);
@@ -130,7 +130,7 @@
ASSERT(methodTable(vm)->getCallData == &JSFunction::getCallData);
}
-void JSFunction::finishCreation(VM& vm, NativeExecutable* executable, int length, const String& name)
+void JSFunction::finishCreation(VM& vm, NativeExecutable*, int length, const String& name)
{
Base::finishCreation(vm);
ASSERT(inherits(vm, info()));
@@ -137,7 +137,6 @@
ASSERT(type() == JSFunctionType);
ASSERT(methodTable(vm)->getConstructData == &JSFunction::getConstructData);
ASSERT(methodTable(vm)->getCallData == &JSFunction::getCallData);
- m_executable.set(vm, this, executable);
// Some NativeExecutable functions, like JSBoundFunction, decide to lazily allocate their name string / length.
if (this->inherits<JSBoundFunction>(vm))
@@ -150,15 +149,19 @@
FunctionRareData* JSFunction::allocateRareData(VM& vm)
{
- ASSERT(!m_rareData);
- FunctionRareData* rareData = FunctionRareData::create(vm);
+ uintptr_t executableOrRareData = m_executableOrRareData;
+ ASSERT(!(executableOrRareData & rareDataTag));
+ FunctionRareData* rareData = FunctionRareData::create(vm, bitwise_cast<ExecutableBase*>(executableOrRareData));
+ executableOrRareData = bitwise_cast<uintptr_t>(rareData) | rareDataTag;
// A DFG compilation thread may be trying to read the rare data
// We want to ensure that it sees it properly allocated
WTF::storeStoreFence();
- m_rareData.set(vm, this, rareData);
- return m_rareData.get();
+ m_executableOrRareData = executableOrRareData;
+ vm.heap.writeBarrier(this, rareData);
+
+ return rareData;
}
JSObject* JSFunction::prototypeForConstruction(VM& vm, JSGlobalObject* globalObject)
@@ -187,29 +190,35 @@
FunctionRareData* JSFunction::allocateAndInitializeRareData(JSGlobalObject* globalObject, size_t inlineCapacity)
{
- ASSERT(!m_rareData);
+ uintptr_t executableOrRareData = m_executableOrRareData;
+ ASSERT(!(executableOrRareData & rareDataTag));
ASSERT(canUseAllocationProfile());
VM& vm = globalObject->vm();
JSObject* prototype = prototypeForConstruction(vm, globalObject);
- FunctionRareData* rareData = FunctionRareData::create(vm);
+ FunctionRareData* rareData = FunctionRareData::create(vm, bitwise_cast<ExecutableBase*>(executableOrRareData));
rareData->initializeObjectAllocationProfile(vm, this->globalObject(), prototype, inlineCapacity, this);
+ executableOrRareData = bitwise_cast<uintptr_t>(rareData) | rareDataTag;
// A DFG compilation thread may be trying to read the rare data
// We want to ensure that it sees it properly allocated
WTF::storeStoreFence();
- m_rareData.set(vm, this, rareData);
- return m_rareData.get();
+ m_executableOrRareData = executableOrRareData;
+ vm.heap.writeBarrier(this, rareData);
+
+ return rareData;
}
FunctionRareData* JSFunction::initializeRareData(JSGlobalObject* globalObject, size_t inlineCapacity)
{
- ASSERT(!!m_rareData);
+ uintptr_t executableOrRareData = m_executableOrRareData;
+ ASSERT(executableOrRareData & rareDataTag);
ASSERT(canUseAllocationProfile());
VM& vm = globalObject->vm();
JSObject* prototype = prototypeForConstruction(vm, globalObject);
- m_rareData->initializeObjectAllocationProfile(vm, this->globalObject(), prototype, inlineCapacity, this);
- return m_rareData.get();
+ FunctionRareData* rareData = bitwise_cast<FunctionRareData*>(executableOrRareData & ~rareDataTag);
+ rareData->initializeObjectAllocationProfile(vm, this->globalObject(), prototype, inlineCapacity, this);
+ return rareData;
}
String JSFunction::name(VM& vm)
@@ -263,8 +272,7 @@
ASSERT_GC_OBJECT_INHERITS(thisObject, info());
Base::visitChildren(thisObject, visitor);
- visitor.append(thisObject->m_executable);
- visitor.append(thisObject->m_rareData);
+ visitor.appendUnbarriered(bitwise_cast<JSCell*>(bitwise_cast<uintptr_t>(thisObject->m_executableOrRareData) & ~rareDataTag));
}
CallType JSFunction::getCallData(JSCell* cell, CallData& callData)
@@ -533,7 +541,7 @@
JSFunction* thisObject = jsCast<JSFunction*>(cell);
if (propertyName == vm.propertyNames->length || propertyName == vm.propertyNames->name) {
- FunctionRareData* rareData = thisObject->rareData(vm);
+ FunctionRareData* rareData = thisObject->ensureRareData(vm);
if (propertyName == vm.propertyNames->length)
rareData->setHasModifiedLength();
else
@@ -559,8 +567,8 @@
PropertySlot getSlot(thisObject, PropertySlot::InternalMethodType::VMInquiry);
thisObject->methodTable(vm)->getOwnPropertySlot(thisObject, globalObject, propertyName, getSlot);
RETURN_IF_EXCEPTION(scope, false);
- if (thisObject->m_rareData)
- thisObject->m_rareData->clear("Store to prototype property of a function");
+ if (FunctionRareData* rareData = thisObject->rareData())
+ rareData->clear("Store to prototype property of a function");
RELEASE_AND_RETURN(scope, Base::put(thisObject, globalObject, propertyName, value, slot));
}
@@ -584,7 +592,7 @@
JSFunction* thisObject = jsCast<JSFunction*>(cell);
if (propertyName == vm.propertyNames->length || propertyName == vm.propertyNames->name) {
- FunctionRareData* rareData = thisObject->rareData(vm);
+ FunctionRareData* rareData = thisObject->ensureRareData(vm);
if (propertyName == vm.propertyNames->length)
rareData->setHasModifiedLength();
else
@@ -619,7 +627,7 @@
JSFunction* thisObject = jsCast<JSFunction*>(object);
if (propertyName == vm.propertyNames->length || propertyName == vm.propertyNames->name) {
- FunctionRareData* rareData = thisObject->rareData(vm);
+ FunctionRareData* rareData = thisObject->ensureRareData(vm);
if (propertyName == vm.propertyNames->length)
rareData->setHasModifiedLength();
else
@@ -638,8 +646,8 @@
PropertySlot slot(thisObject, PropertySlot::InternalMethodType::VMInquiry);
thisObject->methodTable(vm)->getOwnPropertySlot(thisObject, globalObject, propertyName, slot);
RETURN_IF_EXCEPTION(scope, false);
- if (thisObject->m_rareData)
- thisObject->m_rareData->clear("Store to prototype property of a function");
+ if (FunctionRareData* rareData = thisObject->rareData())
+ rareData->clear("Store to prototype property of a function");
RELEASE_AND_RETURN(scope, Base::defineOwnProperty(object, globalObject, propertyName, descriptor, throwException));
}
@@ -767,7 +775,7 @@
void JSFunction::reifyLength(VM& vm)
{
- FunctionRareData* rareData = this->rareData(vm);
+ FunctionRareData* rareData = this->ensureRareData(vm);
ASSERT(!hasReifiedLength());
unsigned length = 0;
@@ -800,7 +808,7 @@
void JSFunction::reifyName(VM& vm, JSGlobalObject* globalObject, String name)
{
- FunctionRareData* rareData = this->rareData(vm);
+ FunctionRareData* rareData = this->ensureRareData(vm);
ASSERT(!hasReifiedName());
ASSERT(!isHostFunction());
@@ -886,7 +894,7 @@
if (isBuiltinFunction())
reifyName(vm, globalObject);
else if (this->inherits<JSBoundFunction>(vm)) {
- FunctionRareData* rareData = this->rareData(vm);
+ FunctionRareData* rareData = this->ensureRareData(vm);
JSString* name = jsCast<JSBoundFunction*>(this)->name();
JSString* string = nullptr;
if (name->length() != 0) {
Modified: trunk/Source/_javascript_Core/runtime/JSFunction.h (253931 => 253932)
--- trunk/Source/_javascript_Core/runtime/JSFunction.h 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/runtime/JSFunction.h 2019-12-29 05:32:33 UTC (rev 253932)
@@ -61,6 +61,7 @@
friend class InternalFunction;
public:
+ static constexpr uintptr_t rareDataTag = 0x1;
template<typename CellType, SubspaceAccess>
static IsoSubspace* subspaceFor(VM& vm)
@@ -91,7 +92,13 @@
JS_EXPORT_PRIVATE String displayName(VM&);
JS_EXPORT_PRIVATE const String calculatedDisplayName(VM&);
- ExecutableBase* executable() const { return m_executable.get(); }
+ ExecutableBase* executable() const
+ {
+ uintptr_t executableOrRareData = m_executableOrRareData;
+ if (executableOrRareData & rareDataTag)
+ return bitwise_cast<FunctionRareData*>(executableOrRareData & ~rareDataTag)->executable();
+ return bitwise_cast<ExecutableBase*>(executableOrRareData);
+ }
// To call any of these methods include JSFunctionInlines.h
bool isHostFunction() const;
@@ -114,21 +121,17 @@
JS_EXPORT_PRIVATE static ConstructType getConstructData(JSCell*, ConstructData&);
JS_EXPORT_PRIVATE static CallType getCallData(JSCell*, CallData&);
- static inline ptrdiff_t offsetOfExecutable()
+ static inline ptrdiff_t offsetOfExecutableOrRareData()
{
- return OBJECT_OFFSETOF(JSFunction, m_executable);
+ return OBJECT_OFFSETOF(JSFunction, m_executableOrRareData);
}
- static inline ptrdiff_t offsetOfRareData()
+ FunctionRareData* ensureRareData(VM& vm)
{
- return OBJECT_OFFSETOF(JSFunction, m_rareData);
- }
-
- FunctionRareData* rareData(VM& vm)
- {
- if (UNLIKELY(!m_rareData))
+ uintptr_t executableOrRareData = m_executableOrRareData;
+ if (UNLIKELY(!(executableOrRareData & rareDataTag)))
return allocateRareData(vm);
- return m_rareData.get();
+ return bitwise_cast<FunctionRareData*>(executableOrRareData & ~rareDataTag);
}
FunctionRareData* ensureRareDataAndAllocationProfile(JSGlobalObject*, unsigned inlineCapacity);
@@ -135,13 +138,14 @@
FunctionRareData* rareData()
{
- FunctionRareData* rareData = m_rareData.get();
-
+ uintptr_t executableOrRareData = m_executableOrRareData;
// The JS thread may be concurrently creating the rare data
// If we see it, we want to ensure it has been properly created
WTF::loadLoadFence();
- return rareData;
+ if (executableOrRareData & rareDataTag)
+ return bitwise_cast<FunctionRareData*>(executableOrRareData & ~rareDataTag);
+ return nullptr;
}
bool isHostOrBuiltinFunction() const;
@@ -167,7 +171,7 @@
bool areNameAndLengthOriginal(VM&);
protected:
- JS_EXPORT_PRIVATE JSFunction(VM&, JSGlobalObject*, Structure*);
+ JS_EXPORT_PRIVATE JSFunction(VM&, NativeExecutable*, JSGlobalObject*, Structure*);
JSFunction(VM&, FunctionExecutable*, JSScope*, Structure*);
void finishCreation(VM&, NativeExecutable*, int length, const String& name);
@@ -221,8 +225,7 @@
static EncodedJSValue argumentsGetter(JSGlobalObject*, EncodedJSValue, PropertyName);
static EncodedJSValue callerGetter(JSGlobalObject*, EncodedJSValue, PropertyName);
- WriteBarrier<ExecutableBase> m_executable;
- WriteBarrier<FunctionRareData> m_rareData;
+ uintptr_t m_executableOrRareData;
};
class JSStrictFunction final : public JSFunction {
Modified: trunk/Source/_javascript_Core/runtime/JSFunctionInlines.h (253931 => 253932)
--- trunk/Source/_javascript_Core/runtime/JSFunctionInlines.h 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/runtime/JSFunctionInlines.h 2019-12-29 05:32:33 UTC (rev 253932)
@@ -40,8 +40,7 @@
inline JSFunction::JSFunction(VM& vm, FunctionExecutable* executable, JSScope* scope, Structure* structure)
: Base(vm, scope, structure)
- , m_executable(vm, this, executable)
- , m_rareData()
+ , m_executableOrRareData(bitwise_cast<uintptr_t>(executable))
{
assertTypeInfoFlagInvariants();
}
@@ -49,13 +48,13 @@
inline FunctionExecutable* JSFunction::jsExecutable() const
{
ASSERT(!isHostFunctionNonInline());
- return static_cast<FunctionExecutable*>(m_executable.get());
+ return static_cast<FunctionExecutable*>(executable());
}
inline bool JSFunction::isHostFunction() const
{
- ASSERT(m_executable);
- return m_executable->isHostFunction();
+ ASSERT(executable());
+ return executable()->isHostFunction();
}
inline Intrinsic JSFunction::intrinsic() const
@@ -81,13 +80,13 @@
inline TaggedNativeFunction JSFunction::nativeFunction()
{
ASSERT(isHostFunctionNonInline());
- return static_cast<NativeExecutable*>(m_executable.get())->function();
+ return static_cast<NativeExecutable*>(executable())->function();
}
inline TaggedNativeFunction JSFunction::nativeConstructor()
{
ASSERT(isHostFunctionNonInline());
- return static_cast<NativeExecutable*>(m_executable.get())->constructor();
+ return static_cast<NativeExecutable*>(executable())->constructor();
}
inline bool isHostFunction(JSValue value, TaggedNativeFunction nativeFunction)
@@ -100,21 +99,35 @@
inline bool JSFunction::hasReifiedLength() const
{
- return m_rareData && m_rareData->hasReifiedLength();
+ // FIXME: Use JSFunction::rareData() once WTF::loadLoadFence is removed.
+ // https://bugs.webkit.org/show_bug.cgi?id=205625
+ uintptr_t executableOrRareData = m_executableOrRareData;
+ if (executableOrRareData & rareDataTag)
+ return bitwise_cast<FunctionRareData*>(executableOrRareData & ~rareDataTag)->hasReifiedLength();
+ return false;
}
inline bool JSFunction::hasReifiedName() const
{
- return m_rareData && m_rareData->hasReifiedName();
+ // FIXME: Use JSFunction::rareData() once WTF::loadLoadFence is removed.
+ // https://bugs.webkit.org/show_bug.cgi?id=205625
+ uintptr_t executableOrRareData = m_executableOrRareData;
+ if (executableOrRareData & rareDataTag)
+ return bitwise_cast<FunctionRareData*>(executableOrRareData & ~rareDataTag)->hasReifiedName();
+ return false;
}
inline bool JSFunction::areNameAndLengthOriginal(VM&)
{
- if (!m_rareData)
+ // FIXME: Use JSFunction::rareData() once WTF::loadLoadFence is removed.
+ // https://bugs.webkit.org/show_bug.cgi?id=205625
+ uintptr_t executableOrRareData = m_executableOrRareData;
+ if (!(executableOrRareData & rareDataTag))
return true;
- if (m_rareData->hasModifiedName())
+ FunctionRareData* rareData = bitwise_cast<FunctionRareData*>(executableOrRareData & ~rareDataTag);
+ if (rareData->hasModifiedName())
return false;
- if (m_rareData->hasModifiedLength())
+ if (rareData->hasModifiedLength())
return false;
return true;
}
@@ -141,12 +154,16 @@
inline FunctionRareData* JSFunction::ensureRareDataAndAllocationProfile(JSGlobalObject* globalObject, unsigned inlineCapacity)
{
+ // FIXME: Use JSFunction::rareData() once WTF::loadLoadFence is removed.
+ // https://bugs.webkit.org/show_bug.cgi?id=205625
ASSERT(canUseAllocationProfile());
- if (UNLIKELY(!m_rareData))
+ uintptr_t executableOrRareData = m_executableOrRareData;
+ if (!(executableOrRareData & rareDataTag))
return allocateAndInitializeRareData(globalObject, inlineCapacity);
- if (UNLIKELY(!m_rareData->isObjectAllocationProfileInitialized()))
+ FunctionRareData* rareData = bitwise_cast<FunctionRareData*>(executableOrRareData & ~rareDataTag);
+ if (UNLIKELY(!rareData->isObjectAllocationProfileInitialized()))
return initializeRareData(globalObject, inlineCapacity);
- return m_rareData.get();
+ return rareData;
}
} // namespace JSC
Modified: trunk/Source/_javascript_Core/runtime/JSNativeStdFunction.cpp (253931 => 253932)
--- trunk/Source/_javascript_Core/runtime/JSNativeStdFunction.cpp 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/runtime/JSNativeStdFunction.cpp 2019-12-29 05:32:33 UTC (rev 253932)
@@ -36,8 +36,8 @@
const ClassInfo JSNativeStdFunction::s_info = { "Function", &Base::s_info, nullptr, nullptr, CREATE_METHOD_TABLE(JSNativeStdFunction) };
-JSNativeStdFunction::JSNativeStdFunction(VM& vm, JSGlobalObject* globalObject, Structure* structure, NativeStdFunction&& function)
- : Base(vm, globalObject, structure)
+JSNativeStdFunction::JSNativeStdFunction(VM& vm, NativeExecutable* executable, JSGlobalObject* globalObject, Structure* structure, NativeStdFunction&& function)
+ : Base(vm, executable, globalObject, structure)
, m_function(WTFMove(function))
{
}
@@ -66,7 +66,7 @@
{
NativeExecutable* executable = vm.getHostFunction(runStdFunction, intrinsic, nativeConstructor, nullptr, name);
Structure* structure = globalObject->nativeStdFunctionStructure();
- JSNativeStdFunction* function = new (NotNull, allocateCell<JSNativeStdFunction>(vm.heap)) JSNativeStdFunction(vm, globalObject, structure, WTFMove(nativeStdFunction));
+ JSNativeStdFunction* function = new (NotNull, allocateCell<JSNativeStdFunction>(vm.heap)) JSNativeStdFunction(vm, executable, globalObject, structure, WTFMove(nativeStdFunction));
function->finishCreation(vm, executable, length, name);
return function;
}
Modified: trunk/Source/_javascript_Core/runtime/JSNativeStdFunction.h (253931 => 253932)
--- trunk/Source/_javascript_Core/runtime/JSNativeStdFunction.h 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/runtime/JSNativeStdFunction.h 2019-12-29 05:32:33 UTC (rev 253932)
@@ -68,7 +68,7 @@
void finishCreation(VM&, NativeExecutable*, int length, const String& name);
private:
- JSNativeStdFunction(VM&, JSGlobalObject*, Structure*, NativeStdFunction&&);
+ JSNativeStdFunction(VM&, NativeExecutable*, JSGlobalObject*, Structure*, NativeStdFunction&&);
NativeStdFunction m_function;
};
Modified: trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunction.cpp (253931 => 253932)
--- trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunction.cpp 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunction.cpp 2019-12-29 05:32:33 UTC (rev 253932)
@@ -431,7 +431,7 @@
WebAssemblyFunction* WebAssemblyFunction::create(VM& vm, JSGlobalObject* globalObject, Structure* structure, unsigned length, const String& name, JSWebAssemblyInstance* instance, Wasm::Callee& jsEntrypoint, Wasm::WasmToWasmImportableFunction::LoadLocation wasmToWasmEntrypointLoadLocation, Wasm::SignatureIndex signatureIndex)
{
NativeExecutable* executable = vm.getHostFunction(callWebAssemblyFunction, NoIntrinsic, callHostFunctionAsConstructor, nullptr, name);
- WebAssemblyFunction* function = new (NotNull, allocateCell<WebAssemblyFunction>(vm.heap)) WebAssemblyFunction(vm, globalObject, structure, jsEntrypoint, wasmToWasmEntrypointLoadLocation, signatureIndex);
+ WebAssemblyFunction* function = new (NotNull, allocateCell<WebAssemblyFunction>(vm.heap)) WebAssemblyFunction(vm, executable, globalObject, structure, jsEntrypoint, wasmToWasmEntrypointLoadLocation, signatureIndex);
function->finishCreation(vm, executable, length, name, instance);
return function;
}
@@ -442,8 +442,8 @@
return Structure::create(vm, globalObject, prototype, TypeInfo(JSFunctionType, StructureFlags), info());
}
-WebAssemblyFunction::WebAssemblyFunction(VM& vm, JSGlobalObject* globalObject, Structure* structure, Wasm::Callee& jsEntrypoint, Wasm::WasmToWasmImportableFunction::LoadLocation wasmToWasmEntrypointLoadLocation, Wasm::SignatureIndex signatureIndex)
- : Base { vm, globalObject, structure }
+WebAssemblyFunction::WebAssemblyFunction(VM& vm, NativeExecutable* executable, JSGlobalObject* globalObject, Structure* structure, Wasm::Callee& jsEntrypoint, Wasm::WasmToWasmImportableFunction::LoadLocation wasmToWasmEntrypointLoadLocation, Wasm::SignatureIndex signatureIndex)
+ : Base { vm, executable, globalObject, structure }
, m_jsEntrypoint { jsEntrypoint.entrypoint() }
, m_importableFunction { signatureIndex, wasmToWasmEntrypointLoadLocation }
{ }
Modified: trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunction.h (253931 => 253932)
--- trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunction.h 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunction.h 2019-12-29 05:32:33 UTC (rev 253932)
@@ -91,7 +91,7 @@
private:
static void visitChildren(JSCell*, SlotVisitor&);
- WebAssemblyFunction(VM&, JSGlobalObject*, Structure*, Wasm::Callee& jsEntrypoint, WasmToWasmImportableFunction::LoadLocation entrypointLoadLocation, Wasm::SignatureIndex);
+ WebAssemblyFunction(VM&, NativeExecutable*, JSGlobalObject*, Structure*, Wasm::Callee& jsEntrypoint, WasmToWasmImportableFunction::LoadLocation entrypointLoadLocation, Wasm::SignatureIndex);
MacroAssemblerCodePtr<JSEntryPtrTag> jsCallEntrypointSlow();
ptrdiff_t previousInstanceOffset() const;
Modified: trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunctionBase.cpp (253931 => 253932)
--- trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunctionBase.cpp 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunctionBase.cpp 2019-12-29 05:32:33 UTC (rev 253932)
@@ -35,8 +35,8 @@
const ClassInfo WebAssemblyFunctionBase::s_info = { "WebAssemblyFunctionBase", &Base::s_info, nullptr, nullptr, CREATE_METHOD_TABLE(WebAssemblyFunctionBase) };
-WebAssemblyFunctionBase::WebAssemblyFunctionBase(VM& vm, JSGlobalObject* globalObject, Structure* structure)
- : Base(vm, globalObject, structure)
+WebAssemblyFunctionBase::WebAssemblyFunctionBase(VM& vm, NativeExecutable* executable, JSGlobalObject* globalObject, Structure* structure)
+ : Base(vm, executable, globalObject, structure)
{ }
void WebAssemblyFunctionBase::visitChildren(JSCell* cell, SlotVisitor& visitor)
Modified: trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunctionBase.h (253931 => 253932)
--- trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunctionBase.h 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/wasm/js/WebAssemblyFunctionBase.h 2019-12-29 05:32:33 UTC (rev 253932)
@@ -48,7 +48,7 @@
protected:
static void visitChildren(JSCell*, SlotVisitor&);
void finishCreation(VM&, NativeExecutable*, unsigned length, const String& name, JSWebAssemblyInstance*);
- WebAssemblyFunctionBase(VM&, JSGlobalObject*, Structure*);
+ WebAssemblyFunctionBase(VM&, NativeExecutable*, JSGlobalObject*, Structure*);
WriteBarrier<JSWebAssemblyInstance> m_instance;
};
Modified: trunk/Source/_javascript_Core/wasm/js/WebAssemblyWrapperFunction.cpp (253931 => 253932)
--- trunk/Source/_javascript_Core/wasm/js/WebAssemblyWrapperFunction.cpp 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/wasm/js/WebAssemblyWrapperFunction.cpp 2019-12-29 05:32:33 UTC (rev 253932)
@@ -50,8 +50,8 @@
RELEASE_AND_RETURN(scope, JSValue::encode(call(globalObject, function, callType, callData, jsUndefined(), ArgList(callFrame))));
}
-WebAssemblyWrapperFunction::WebAssemblyWrapperFunction(VM& vm, JSGlobalObject* globalObject, Structure* structure, Wasm::WasmToWasmImportableFunction importableFunction)
- : Base(vm, globalObject, structure)
+WebAssemblyWrapperFunction::WebAssemblyWrapperFunction(VM& vm, NativeExecutable* executable, JSGlobalObject* globalObject, Structure* structure, Wasm::WasmToWasmImportableFunction importableFunction)
+ : Base(vm, executable, globalObject, structure)
, m_importableFunction(importableFunction)
{ }
@@ -60,7 +60,7 @@
ASSERT_WITH_MESSAGE(!function->inherits<WebAssemblyWrapperFunction>(vm), "We should never double wrap a wrapper function.");
String name = "";
NativeExecutable* executable = vm.getHostFunction(callWebAssemblyWrapperFunction, NoIntrinsic, callHostFunctionAsConstructor, nullptr, name);
- WebAssemblyWrapperFunction* result = new (NotNull, allocateCell<WebAssemblyWrapperFunction>(vm.heap)) WebAssemblyWrapperFunction(vm, globalObject, structure, Wasm::WasmToWasmImportableFunction { signatureIndex, &instance->instance().importFunctionInfo(importIndex)->wasmToEmbedderStub } );
+ WebAssemblyWrapperFunction* result = new (NotNull, allocateCell<WebAssemblyWrapperFunction>(vm.heap)) WebAssemblyWrapperFunction(vm, executable, globalObject, structure, Wasm::WasmToWasmImportableFunction { signatureIndex, &instance->instance().importFunctionInfo(importIndex)->wasmToEmbedderStub } );
const Wasm::Signature& signature = Wasm::SignatureInformation::get(signatureIndex);
result->finishCreation(vm, executable, signature.argumentCount(), name, function, instance);
return result;
Modified: trunk/Source/_javascript_Core/wasm/js/WebAssemblyWrapperFunction.h (253931 => 253932)
--- trunk/Source/_javascript_Core/wasm/js/WebAssemblyWrapperFunction.h 2019-12-29 04:47:44 UTC (rev 253931)
+++ trunk/Source/_javascript_Core/wasm/js/WebAssemblyWrapperFunction.h 2019-12-29 05:32:33 UTC (rev 253932)
@@ -62,7 +62,7 @@
void finishCreation(VM&, NativeExecutable*, unsigned length, const String& name, JSObject*, JSWebAssemblyInstance*);
private:
- WebAssemblyWrapperFunction(VM&, JSGlobalObject*, Structure*, WasmToWasmImportableFunction);
+ WebAssemblyWrapperFunction(VM&, NativeExecutable*, JSGlobalObject*, Structure*, WasmToWasmImportableFunction);
WriteBarrier<JSObject> m_function;
// It's safe to just hold the raw WasmToWasmImportableFunction because we have a reference
