Diff
Modified: trunk/Source/_javascript_Core/ChangeLog (119864 => 119865)
--- trunk/Source/_javascript_Core/ChangeLog 2012-06-08 21:13:56 UTC (rev 119864)
+++ trunk/Source/_javascript_Core/ChangeLog 2012-06-08 21:30:35 UTC (rev 119865)
@@ -1,3 +1,28 @@
+2012-06-08 Gavin Barraclough <[email protected]>
+
+ Unreviewed roll out r119795.
+
+ This broke jquery/core.html
+
+ * dfg/DFGSpeculativeJIT.h:
+ (JSC::DFG::SpeculativeJIT::emitAllocateBasicJSObject):
+ * jit/JITInlineMethods.h:
+ (JSC::JIT::emitAllocateBasicJSObject):
+ * llint/LowLevelInterpreter.asm:
+ * runtime/JSGlobalData.h:
+ (JSGlobalData):
+ * runtime/JSGlobalThis.cpp:
+ (JSC::JSGlobalThis::setUnwrappedObject):
+ * runtime/JSObject.cpp:
+ (JSC::JSObject::visitChildren):
+ (JSC::JSObject::createInheritorID):
+ * runtime/JSObject.h:
+ (JSObject):
+ (JSC::JSObject::resetInheritorID):
+ (JSC):
+ (JSC::JSObject::offsetOfInheritorID):
+ (JSC::JSObject::inheritorID):
+
2012-06-08 Filip Pizlo <[email protected]>
PredictedType should be called SpeculatedType
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.h (119864 => 119865)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.h 2012-06-08 21:13:56 UTC (rev 119864)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT.h 2012-06-08 21:30:35 UTC (rev 119865)
@@ -2131,6 +2131,9 @@
// Initialize the object's classInfo pointer
m_jit.storePtr(MacroAssembler::TrustedImmPtr(&ClassType::s_info), MacroAssembler::Address(resultGPR, JSCell::classInfoOffset()));
+ // Initialize the object's inheritorID.
+ m_jit.storePtr(MacroAssembler::TrustedImmPtr(0), MacroAssembler::Address(resultGPR, JSObject::offsetOfInheritorID()));
+
// Initialize the object's property storage pointer.
m_jit.addPtr(MacroAssembler::TrustedImm32(sizeof(JSObject)), resultGPR, scratchGPR);
m_jit.storePtr(scratchGPR, MacroAssembler::Address(resultGPR, ClassType::offsetOfPropertyStorage()));
Modified: trunk/Source/_javascript_Core/jit/JITInlineMethods.h (119864 => 119865)
--- trunk/Source/_javascript_Core/jit/JITInlineMethods.h 2012-06-08 21:13:56 UTC (rev 119864)
+++ trunk/Source/_javascript_Core/jit/JITInlineMethods.h 2012-06-08 21:30:35 UTC (rev 119865)
@@ -425,6 +425,9 @@
// initialize the object's classInfo pointer
storePtr(TrustedImmPtr(&ClassType::s_info), Address(result, JSCell::classInfoOffset()));
+ // initialize the inheritor ID
+ storePtr(TrustedImmPtr(0), Address(result, JSObject::offsetOfInheritorID()));
+
// initialize the object's property storage pointer
addPtr(TrustedImm32(sizeof(JSObject)), result, storagePtr);
storePtr(storagePtr, Address(result, ClassType::offsetOfPropertyStorage()));
Modified: trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm (119864 => 119865)
--- trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm 2012-06-08 21:13:56 UTC (rev 119864)
+++ trunk/Source/_javascript_Core/llint/LowLevelInterpreter.asm 2012-06-08 21:30:35 UTC (rev 119865)
@@ -311,6 +311,7 @@
loadp classInfoOffset[scratch1], scratch2
storep scratch2, [result]
storep structure, JSCell::m_structure[result]
+ storep 0, JSObject::m_inheritorID[result]
addp sizeof JSObject, result, scratch1
storep scratch1, JSObject::m_propertyStorage[result]
end
Modified: trunk/Source/_javascript_Core/runtime/JSGlobalData.h (119864 => 119865)
--- trunk/Source/_javascript_Core/runtime/JSGlobalData.h 2012-06-08 21:13:56 UTC (rev 119864)
+++ trunk/Source/_javascript_Core/runtime/JSGlobalData.h 2012-06-08 21:30:35 UTC (rev 119865)
@@ -38,7 +38,6 @@
#include "JSValue.h"
#include "LLIntData.h"
#include "NumericStrings.h"
-#include "PrivateName.h"
#include "SmallStrings.h"
#include "Strong.h"
#include "Terminator.h"
@@ -282,8 +281,6 @@
bool canUseRegExpJIT() { return m_canUseAssembler; }
#endif
- PrivateName m_inheritorIDKey;
-
OwnPtr<ParserArena> parserArena;
OwnPtr<Keywords> keywords;
Interpreter* interpreter;
Modified: trunk/Source/_javascript_Core/runtime/JSGlobalThis.cpp (119864 => 119865)
--- trunk/Source/_javascript_Core/runtime/JSGlobalThis.cpp 2012-06-08 21:13:56 UTC (rev 119864)
+++ trunk/Source/_javascript_Core/runtime/JSGlobalThis.cpp 2012-06-08 21:30:35 UTC (rev 119865)
@@ -53,7 +53,7 @@
ASSERT_ARG(globalObject, globalObject);
m_unwrappedObject.set(globalData, this, globalObject);
setPrototype(globalData, globalObject->prototype());
- resetInheritorID(globalData);
+ resetInheritorID();
}
} // namespace JSC
Modified: trunk/Source/_javascript_Core/runtime/JSObject.cpp (119864 => 119865)
--- trunk/Source/_javascript_Core/runtime/JSObject.cpp 2012-06-08 21:13:56 UTC (rev 119864)
+++ trunk/Source/_javascript_Core/runtime/JSObject.cpp 2012-06-08 21:30:35 UTC (rev 119865)
@@ -98,6 +98,9 @@
thisObject->m_propertyStorage.set(storage, StorageBarrier::Unchecked);
}
+ if (thisObject->m_inheritorID)
+ visitor.append(&thisObject->m_inheritorID);
+
#if !ASSERT_DISABLED
visitor.m_isCheckingForDefaultMarkViolation = wasCheckingForDefaultMarkViolation;
#endif
@@ -533,21 +536,15 @@
Structure* JSObject::createInheritorID(JSGlobalData& globalData)
{
- ASSERT(!getDirectLocation(globalData, globalData.m_inheritorIDKey));
-
JSGlobalObject* globalObject;
if (isGlobalThis())
globalObject = static_cast<JSGlobalThis*>(this)->unwrappedObject();
else
globalObject = structure()->globalObject();
ASSERT(globalObject);
-
- Structure* inheritorID = createEmptyObjectStructure(globalData, globalObject, this);
- ASSERT(inheritorID->isEmpty());
-
- PutPropertySlot slot;
- putDirectInternal<PutModeDefineOwnProperty>(globalData, globalData.m_inheritorIDKey, inheritorID, 0, slot, 0);
- return inheritorID;
+ m_inheritorID.set(globalData, this, createEmptyObjectStructure(globalData, globalObject, this));
+ ASSERT(m_inheritorID->isEmpty());
+ return m_inheritorID.get();
}
PropertyStorage JSObject::growPropertyStorage(JSGlobalData& globalData, size_t oldSize, size_t newSize)
Modified: trunk/Source/_javascript_Core/runtime/JSObject.h (119864 => 119865)
--- trunk/Source/_javascript_Core/runtime/JSObject.h 2012-06-08 21:13:56 UTC (rev 119864)
+++ trunk/Source/_javascript_Core/runtime/JSObject.h 2012-06-08 21:30:35 UTC (rev 119865)
@@ -236,6 +236,7 @@
static size_t offsetOfInlineStorage();
static size_t offsetOfPropertyStorage();
+ static size_t offsetOfInheritorID();
static JS_EXPORTDATA const ClassInfo s_info;
@@ -263,9 +264,9 @@
// To create derived types you likely want JSNonFinalObject, below.
JSObject(JSGlobalData&, Structure*, PropertyStorage inlineStorage);
- void resetInheritorID(JSGlobalData& globalData)
+ void resetInheritorID()
{
- removeDirect(globalData, globalData.m_inheritorIDKey);
+ m_inheritorID.clear();
}
private:
@@ -302,13 +303,7 @@
Structure* createInheritorID(JSGlobalData&);
StorageBarrier m_propertyStorage;
-
-#if USE(JSVALUE32_64)
- // FIXME: keep the size of JSObject a multiple of 64-bits, so that the
- // internal storage is aligned. We can remove this when we remove JSCell's
- // direct ClassInfo pointer.
- void* sixtyFourBitAlign;
-#endif
+ WriteBarrier<Structure> m_inheritorID;
};
@@ -316,8 +311,8 @@
#define JSNonFinalObject_inlineStorageCapacity 4
#define JSFinalObject_inlineStorageCapacity 6
#else
-#define JSNonFinalObject_inlineStorageCapacity 3
-#define JSFinalObject_inlineStorageCapacity 5
+#define JSNonFinalObject_inlineStorageCapacity 2
+#define JSFinalObject_inlineStorageCapacity 4
#endif
COMPILE_ASSERT((JSFinalObject_inlineStorageCapacity >= JSNonFinalObject_inlineStorageCapacity), final_storage_is_at_least_as_large_as_non_final);
@@ -422,6 +417,11 @@
return OBJECT_OFFSETOF(JSObject, m_propertyStorage);
}
+inline size_t JSObject::offsetOfInheritorID()
+{
+ return OBJECT_OFFSETOF(JSObject, m_inheritorID);
+}
+
inline bool JSObject::isGlobalObject() const
{
return structure()->typeInfo().type() == GlobalObjectType;
@@ -514,10 +514,9 @@
inline Structure* JSObject::inheritorID(JSGlobalData& globalData)
{
- if (WriteBarrierBase<Unknown>* location = getDirectLocation(globalData, globalData.m_inheritorIDKey)) {
- Structure* inheritorID = jsCast<Structure*>(location->get());
- ASSERT(inheritorID->isEmpty());
- return inheritorID;
+ if (m_inheritorID) {
+ ASSERT(m_inheritorID->isEmpty());
+ return m_inheritorID.get();
}
return createInheritorID(globalData);
}
