Ignore:
Timestamp:
Aug 9, 2015, 3:55:54 PM (10 years ago)
Author:
Chris Dumez
Message:

Regression(r188105): Seems to have caused crashes during PLT on some iPads
https://bugs.webkit.org/show_bug.cgi?id=147818

Unreviewed, roll out r188105.

Source/JavaScriptCore:

  • bytecode/ByValInfo.h:

(JSC::ByValInfo::ByValInfo):

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::getByValInfoMap): Deleted.
(JSC::CodeBlock::addByValInfo): Deleted.

  • bytecode/CodeBlock.h:

(JSC::CodeBlock::getByValInfo):
(JSC::CodeBlock::setNumberOfByValInfos):
(JSC::CodeBlock::numberOfByValInfos):
(JSC::CodeBlock::byValInfo):

  • bytecode/ExitKind.cpp:

(JSC::exitKindToString): Deleted.

  • bytecode/ExitKind.h:
  • bytecode/GetByIdStatus.cpp:

(JSC::GetByIdStatus::computeFor):
(JSC::GetByIdStatus::computeForStubInfo):
(JSC::GetByIdStatus::computeForStubInfoWithoutExitSiteFeedback): Deleted.

  • bytecode/GetByIdStatus.h:
  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): Deleted.

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseBlock):
(JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry): Deleted.

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize): Deleted.

  • dfg/DFGConstantFoldingPhase.cpp:

(JSC::DFG::ConstantFoldingPhase::foldConstants): Deleted.

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC): Deleted.

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode): Deleted.
(JSC::DFG::FixupPhase::observeUseKindOnNode): Deleted.

  • dfg/DFGNode.h:

(JSC::DFG::Node::hasUidOperand): Deleted.
(JSC::DFG::Node::uidOperand): Deleted.

  • dfg/DFGNodeType.h:
  • dfg/DFGPredictionPropagationPhase.cpp:

(JSC::DFG::PredictionPropagationPhase::propagate): Deleted.

  • dfg/DFGSafeToExecute.h:

(JSC::DFG::SafeToExecuteEdge::operator()): Deleted.
(JSC::DFG::safeToExecute): Deleted.

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileCheckIdent): Deleted.
(JSC::DFG::SpeculativeJIT::speculateSymbol): Deleted.
(JSC::DFG::SpeculativeJIT::speculate): Deleted.

  • dfg/DFGSpeculativeJIT.h:
  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile): Deleted.

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile): Deleted.

  • dfg/DFGUseKind.cpp:

(WTF::printInternal): Deleted.

  • dfg/DFGUseKind.h:

(JSC::DFG::typeFilterFor): Deleted.
(JSC::DFG::isCell): Deleted.

  • ftl/FTLAbstractHeapRepository.h:
  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile): Deleted.

  • ftl/FTLLowerDFGToLLVM.cpp:

(JSC::FTL::DFG::LowerDFGToLLVM::compileNode): Deleted.
(JSC::FTL::DFG::LowerDFGToLLVM::compileCheckIdent): Deleted.
(JSC::FTL::DFG::LowerDFGToLLVM::lowSymbol): Deleted.
(JSC::FTL::DFG::LowerDFGToLLVM::speculate): Deleted.
(JSC::FTL::DFG::LowerDFGToLLVM::isNotSymbol): Deleted.
(JSC::FTL::DFG::LowerDFGToLLVM::speculateSymbol): Deleted.

  • jit/JIT.cpp:

(JSC::JIT::privateCompile):

  • jit/JIT.h:

(JSC::ByValCompilationInfo::ByValCompilationInfo):
(JSC::JIT::compileGetByValWithCachedId): Deleted.

  • jit/JITInlines.h:

(JSC::JIT::callOperation): Deleted.

  • jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_has_indexed_property):
(JSC::JIT::emitSlow_op_has_indexed_property):

  • jit/JITOpcodes32_64.cpp:

(JSC::JIT::emit_op_has_indexed_property):
(JSC::JIT::emitSlow_op_has_indexed_property):

  • jit/JITOperations.cpp:

(JSC::getByVal):

  • jit/JITOperations.h:
  • jit/JITPropertyAccess.cpp:

(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emitSlow_op_put_by_val):
(JSC::JIT::emitGetByValWithCachedId): Deleted.
(JSC::JIT::privateCompileGetByVal): Deleted.
(JSC::JIT::privateCompileGetByValWithCachedId): Deleted.

  • jit/JITPropertyAccess32_64.cpp:

(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emitSlow_op_put_by_val):
(JSC::JIT::emitGetByValWithCachedId): Deleted.

  • runtime/Symbol.h:
  • tests/stress/get-by-val-with-string-constructor.js: Removed.
  • tests/stress/get-by-val-with-string-exit.js: Removed.
  • tests/stress/get-by-val-with-string-generated.js: Removed.
  • tests/stress/get-by-val-with-string-getter.js: Removed.
  • tests/stress/get-by-val-with-string.js: Removed.
  • tests/stress/get-by-val-with-symbol-constructor.js: Removed.
  • tests/stress/get-by-val-with-symbol-exit.js: Removed.
  • tests/stress/get-by-val-with-symbol-getter.js: Removed.
  • tests/stress/get-by-val-with-symbol.js: Removed.

LayoutTests:

  • js/regress/get-by-val-with-string-bimorphic-check-structure-elimination-expected.txt: Removed.
  • js/regress/get-by-val-with-string-bimorphic-check-structure-elimination-simple-expected.txt: Removed.
  • js/regress/get-by-val-with-string-bimorphic-check-structure-elimination-simple.html: Removed.
  • js/regress/get-by-val-with-string-bimorphic-check-structure-elimination.html: Removed.
  • js/regress/get-by-val-with-string-chain-from-try-block-expected.txt: Removed.
  • js/regress/get-by-val-with-string-chain-from-try-block.html: Removed.
  • js/regress/get-by-val-with-string-check-structure-elimination-expected.txt: Removed.
  • js/regress/get-by-val-with-string-check-structure-elimination.html: Removed.
  • js/regress/get-by-val-with-string-proto-or-self-expected.txt: Removed.
  • js/regress/get-by-val-with-string-proto-or-self.html: Removed.
  • js/regress/get-by-val-with-string-quadmorphic-check-structure-elimination-simple-expected.txt: Removed.
  • js/regress/get-by-val-with-string-quadmorphic-check-structure-elimination-simple.html: Removed.
  • js/regress/get-by-val-with-string-self-or-proto-expected.txt: Removed.
  • js/regress/get-by-val-with-string-self-or-proto.html: Removed.
  • js/regress/get-by-val-with-symbol-bimorphic-check-structure-elimination-expected.txt: Removed.
  • js/regress/get-by-val-with-symbol-bimorphic-check-structure-elimination-simple-expected.txt: Removed.
  • js/regress/get-by-val-with-symbol-bimorphic-check-structure-elimination-simple.html: Removed.
  • js/regress/get-by-val-with-symbol-bimorphic-check-structure-elimination.html: Removed.
  • js/regress/get-by-val-with-symbol-chain-from-try-block-expected.txt: Removed.
  • js/regress/get-by-val-with-symbol-chain-from-try-block.html: Removed.
  • js/regress/get-by-val-with-symbol-check-structure-elimination-expected.txt: Removed.
  • js/regress/get-by-val-with-symbol-check-structure-elimination.html: Removed.
  • js/regress/get-by-val-with-symbol-proto-or-self-expected.txt: Removed.
  • js/regress/get-by-val-with-symbol-proto-or-self.html: Removed.
  • js/regress/get-by-val-with-symbol-quadmorphic-check-structure-elimination-simple-expected.txt: Removed.
  • js/regress/get-by-val-with-symbol-quadmorphic-check-structure-elimination-simple.html: Removed.
  • js/regress/get-by-val-with-symbol-self-or-proto-expected.txt: Removed.
  • js/regress/get-by-val-with-symbol-self-or-proto.html: Removed.
  • js/regress/script-tests/get-by-val-with-string-bimorphic-check-structure-elimination-simple.js: Removed.
  • js/regress/script-tests/get-by-val-with-string-bimorphic-check-structure-elimination.js: Removed.
  • js/regress/script-tests/get-by-val-with-string-chain-from-try-block.js: Removed.
  • js/regress/script-tests/get-by-val-with-string-check-structure-elimination.js: Removed.
  • js/regress/script-tests/get-by-val-with-string-proto-or-self.js: Removed.
  • js/regress/script-tests/get-by-val-with-string-quadmorphic-check-structure-elimination-simple.js: Removed.
  • js/regress/script-tests/get-by-val-with-string-self-or-proto.js: Removed.
  • js/regress/script-tests/get-by-val-with-symbol-bimorphic-check-structure-elimination-simple.js: Removed.
  • js/regress/script-tests/get-by-val-with-symbol-bimorphic-check-structure-elimination.js: Removed.
  • js/regress/script-tests/get-by-val-with-symbol-chain-from-try-block.js: Removed.
  • js/regress/script-tests/get-by-val-with-symbol-check-structure-elimination.js: Removed.
  • js/regress/script-tests/get-by-val-with-symbol-proto-or-self.js: Removed.
  • js/regress/script-tests/get-by-val-with-symbol-quadmorphic-check-structure-elimination-simple.js: Removed.
  • js/regress/script-tests/get-by-val-with-symbol-self-or-proto.js: Removed.
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/jit/JIT.h

    r188135 r188201  
    150150        ByValCompilationInfo() { }
    151151       
    152         ByValCompilationInfo(ByValInfo* byValInfo, unsigned bytecodeIndex, MacroAssembler::PatchableJump notIndexJump, MacroAssembler::PatchableJump badTypeJump, JITArrayMode arrayMode, ArrayProfile* arrayProfile, MacroAssembler::Label doneTarget)
    153             : byValInfo(byValInfo)
    154             , bytecodeIndex(bytecodeIndex)
    155             , notIndexJump(notIndexJump)
     152        ByValCompilationInfo(unsigned bytecodeIndex, MacroAssembler::PatchableJump badTypeJump, JITArrayMode arrayMode, MacroAssembler::Label doneTarget)
     153            : bytecodeIndex(bytecodeIndex)
    156154            , badTypeJump(badTypeJump)
    157155            , arrayMode(arrayMode)
    158             , arrayProfile(arrayProfile)
    159156            , doneTarget(doneTarget)
    160157        {
    161158        }
    162 
    163         ByValInfo* byValInfo;
     159       
    164160        unsigned bytecodeIndex;
    165         MacroAssembler::PatchableJump notIndexJump;
    166161        MacroAssembler::PatchableJump badTypeJump;
    167162        JITArrayMode arrayMode;
    168         ArrayProfile* arrayProfile;
    169163        MacroAssembler::Label doneTarget;
    170164        MacroAssembler::Label slowPathTarget;
     
    211205        }
    212206
    213         static void compileGetByValWithCachedId(VM* vm, CodeBlock* codeBlock, ByValInfo* byValInfo, ReturnAddressPtr returnAddress, const Identifier& propertyName)
    214         {
    215             JIT jit(vm, codeBlock);
    216             jit.m_bytecodeOffset = byValInfo->bytecodeIndex;
    217             jit.privateCompileGetByValWithCachedId(byValInfo, returnAddress, propertyName);
    218         }
    219 
    220207        static void compilePutByVal(VM* vm, CodeBlock* codeBlock, ByValInfo* byValInfo, ReturnAddressPtr returnAddress, JITArrayMode arrayMode)
    221208        {
     
    260247       
    261248        void privateCompileGetByVal(ByValInfo*, ReturnAddressPtr, JITArrayMode);
    262         void privateCompileGetByValWithCachedId(ByValInfo*, ReturnAddressPtr, const Identifier&);
    263249        void privateCompilePutByVal(ByValInfo*, ReturnAddressPtr, JITArrayMode);
    264250
     
    386372        JumpList emitIntTypedArrayPutByVal(Instruction*, PatchableJump& badType, TypedArrayType);
    387373        JumpList emitFloatTypedArrayPutByVal(Instruction*, PatchableJump& badType, TypedArrayType);
    388 
    389         JITGetByIdGenerator emitGetByValWithCachedId(Instruction*, const Identifier&, JumpList& doneCases, JumpList& slowCases);
    390 
     374       
    391375        enum FinalObjectMode { MayBeFinal, KnownNotFinal };
    392376
     
    719703        MacroAssembler::Call callOperation(J_JITOperation_EJJ, int, GPRReg, GPRReg);
    720704        MacroAssembler::Call callOperation(J_JITOperation_EJJAp, int, GPRReg, GPRReg, ArrayProfile*);
    721         MacroAssembler::Call callOperation(J_JITOperation_EJJBy, int, GPRReg, GPRReg, ByValInfo*);
    722705        MacroAssembler::Call callOperation(C_JITOperation_EJsc, GPRReg);
    723706        MacroAssembler::Call callOperation(J_JITOperation_EJscC, int, GPRReg, JSCell*);
     
    764747        MacroAssembler::Call callOperation(V_JITOperation_EJJJ, RegisterID, RegisterID, RegisterID);
    765748        MacroAssembler::Call callOperation(V_JITOperation_EJJJAp, RegisterID, RegisterID, RegisterID, ArrayProfile*);
    766         MacroAssembler::Call callOperation(V_JITOperation_EJJJBy, RegisterID, RegisterID, RegisterID, ByValInfo*);
    767749        MacroAssembler::Call callOperation(V_JITOperation_EJZJ, RegisterID, int32_t, RegisterID);
    768750        MacroAssembler::Call callOperation(V_JITOperation_EJZ, RegisterID, int32_t);
     
    781763        MacroAssembler::Call callOperation(J_JITOperation_EJJ, int, GPRReg, GPRReg, GPRReg, GPRReg);
    782764        MacroAssembler::Call callOperation(J_JITOperation_EJJAp, int, GPRReg, GPRReg, GPRReg, GPRReg, ArrayProfile*);
    783         MacroAssembler::Call callOperation(J_JITOperation_EJJBy, int, GPRReg, GPRReg, GPRReg, GPRReg, ByValInfo*);
    784765        MacroAssembler::Call callOperation(P_JITOperation_EJS, GPRReg, GPRReg, size_t);
    785766        MacroAssembler::Call callOperation(S_JITOperation_EJ, RegisterID, RegisterID);
     
    789770        MacroAssembler::Call callOperation(V_JITOperation_EJJJ, RegisterID, RegisterID, RegisterID, RegisterID, RegisterID, RegisterID);
    790771        MacroAssembler::Call callOperation(V_JITOperation_EJJJAp, RegisterID, RegisterID, RegisterID, RegisterID, RegisterID, RegisterID, ArrayProfile*);
    791         MacroAssembler::Call callOperation(V_JITOperation_EJJJBy, RegisterID, RegisterID, RegisterID, RegisterID, RegisterID, RegisterID, ByValInfo*);
    792772        MacroAssembler::Call callOperation(V_JITOperation_EJZ, RegisterID, RegisterID, int32_t);
    793773        MacroAssembler::Call callOperation(V_JITOperation_EJZJ, RegisterID, RegisterID, int32_t, RegisterID, RegisterID);
Note: See TracChangeset for help on using the changeset viewer.