Ignore:
Timestamp:
Jul 27, 2017, 5:35:49 AM (8 years ago)
Author:
Yusuke Suzuki
Message:

Hoist DOM binding attribute getter prologue into JavaScriptCore taking advantage of DOMJIT / CheckSubClass
https://bugs.webkit.org/show_bug.cgi?id=171637

Reviewed by Darin Adler.

JSTests:

  • stress/domjit-getter-complex-with-incorrect-object.js:

(i.shouldThrow):

  • stress/domjit-getter-type-check.js: Copied from JSTests/stress/domjit-getter-complex-with-incorrect-object.js.

(shouldBe):
(i.shouldThrow):

Source/JavaScriptCore:

Each DOM attribute getter has the code to perform ClassInfo check. But it is largely duplicate and causes code bloating.
In this patch, we move ClassInfo check from WebCore to JSC and reduce code size.

We introduce DOMAnnotation which has ClassInfo* and DOMJIT::GetterSetter*. If the getter is not DOMJIT getter, this
DOMJIT::GetterSetter becomes nullptr. We support such a CustomAccessorGetter in all the JIT tiers.

In IC, we drop CheckSubClass completely since IC's Structure check subsumes it. We do not enable this optimization for
op_get_by_id_with_this case yet.
In DFG and FTL, we emit CheckSubClass node. Which is typically removed by CheckStructure leading to CheckSubClass.

And we add DOMAttributeGetterSetter, which is derived class of CustomGetterSetter. It holds DOMAnnotation and perform
ClassInfo check.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • bytecode/AccessCase.cpp:

(JSC::AccessCase::generateImpl):

  • bytecode/GetByIdStatus.cpp:

(JSC::GetByIdStatus::computeForStubInfoWithoutExitSiteFeedback):

  • bytecode/GetByIdVariant.cpp:

(JSC::GetByIdVariant::GetByIdVariant):
(JSC::GetByIdVariant::operator=):
(JSC::GetByIdVariant::attemptToMerge):
(JSC::GetByIdVariant::dumpInContext):

  • bytecode/GetByIdVariant.h:

(JSC::GetByIdVariant::customAccessorGetter):
(JSC::GetByIdVariant::domAttribute):
(JSC::GetByIdVariant::domJIT): Deleted.

  • bytecode/GetterSetterAccessCase.cpp:

(JSC::GetterSetterAccessCase::create):
(JSC::GetterSetterAccessCase::GetterSetterAccessCase):
(JSC::GetterSetterAccessCase::emitDOMJITGetter):

  • bytecode/GetterSetterAccessCase.h:

(JSC::GetterSetterAccessCase::domAttribute):
(JSC::GetterSetterAccessCase::customAccessor):
(JSC::GetterSetterAccessCase::domJIT): Deleted.

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::instantiateLexicalVariables):

  • create_hash_table:
  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::blessCallDOMGetter):
(JSC::DFG::ByteCodeParser::handleDOMJITGetter):
(JSC::DFG::ByteCodeParser::handleGetById):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGNode.h:
  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileCallDOMGetter):

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::callCustomGetter):

  • domjit/DOMJITGetterSetter.h:

(JSC::DOMJIT::GetterSetter::GetterSetter):
(JSC::DOMJIT::GetterSetter::getter):
(JSC::DOMJIT::GetterSetter::compiler):
(JSC::DOMJIT::GetterSetter::resultType):
(JSC::DOMJIT::GetterSetter::~GetterSetter): Deleted.
(JSC::DOMJIT::GetterSetter::setter): Deleted.
(JSC::DOMJIT::GetterSetter::thisClassInfo): Deleted.

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileCallDOMGetter):

  • jit/Repatch.cpp:

(JSC::tryCacheGetByID):

  • jsc.cpp:

(WTF::DOMJITGetter::DOMJITAttribute::DOMJITAttribute):
(WTF::DOMJITGetter::DOMJITAttribute::callDOMGetter):
(WTF::DOMJITGetter::customGetter):
(WTF::DOMJITGetter::finishCreation):
(WTF::DOMJITGetterComplex::DOMJITAttribute::DOMJITAttribute):
(WTF::DOMJITGetterComplex::DOMJITAttribute::callDOMGetter):
(WTF::DOMJITGetterComplex::customGetter):
(WTF::DOMJITGetterComplex::finishCreation):
(WTF::DOMJITGetter::DOMJITNodeDOMJIT::DOMJITNodeDOMJIT): Deleted.
(WTF::DOMJITGetter::DOMJITNodeDOMJIT::slowCall): Deleted.
(WTF::DOMJITGetter::domJITNodeGetterSetter): Deleted.
(WTF::DOMJITGetterComplex::DOMJITNodeDOMJIT::DOMJITNodeDOMJIT): Deleted.
(WTF::DOMJITGetterComplex::DOMJITNodeDOMJIT::slowCall): Deleted.
(WTF::DOMJITGetterComplex::domJITNodeGetterSetter): Deleted.

  • runtime/CustomGetterSetter.h:

(JSC::CustomGetterSetter::create):
(JSC::CustomGetterSetter::setter):
(JSC::CustomGetterSetter::CustomGetterSetter):
(): Deleted.

  • runtime/DOMAnnotation.h: Added.

(JSC::operator==):
(JSC::operator!=):

  • runtime/DOMAttributeGetterSetter.cpp: Added.
  • runtime/DOMAttributeGetterSetter.h: Copied from Source/JavaScriptCore/runtime/CustomGetterSetter.h.

(JSC::isDOMAttributeGetterSetter):

  • runtime/Error.cpp:

(JSC::throwDOMAttributeGetterTypeError):

  • runtime/Error.h:

(JSC::throwVMDOMAttributeGetterTypeError):

  • runtime/JSCustomGetterSetterFunction.cpp:

(JSC::JSCustomGetterSetterFunction::customGetterSetterFunctionCall):

  • runtime/JSObject.cpp:

(JSC::JSObject::putInlineSlow):
(JSC::JSObject::deleteProperty):
(JSC::JSObject::getOwnStaticPropertySlot):
(JSC::JSObject::reifyAllStaticProperties):
(JSC::JSObject::fillGetterPropertySlot):
(JSC::JSObject::findPropertyHashEntry): Deleted.

  • runtime/JSObject.h:

(JSC::JSObject::getOwnNonIndexPropertySlot):
(JSC::JSObject::fillCustomGetterPropertySlot):

  • runtime/Lookup.cpp:

(JSC::setUpStaticFunctionSlot):

  • runtime/Lookup.h:

(JSC::HashTableValue::domJIT):
(JSC::getStaticPropertySlotFromTable):
(JSC::putEntry):
(JSC::lookupPut):
(JSC::reifyStaticProperty):
(JSC::reifyStaticProperties):
Each static property table has a new field ClassInfo*. It indicates that which ClassInfo check DOMAttribute registered in
this static property table requires.

  • runtime/ProgramExecutable.cpp:

(JSC::ProgramExecutable::initializeGlobalProperties):

  • runtime/PropertyName.h:
  • runtime/PropertySlot.cpp:

(JSC::PropertySlot::customGetter):
(JSC::PropertySlot::customAccessorGetter):

  • runtime/PropertySlot.h:

(JSC::PropertySlot::domAttribute):
(JSC::PropertySlot::setCustom):
(JSC::PropertySlot::setCacheableCustom):
(JSC::PropertySlot::getValue):
(JSC::PropertySlot::domJIT): Deleted.

  • runtime/VM.cpp:

(JSC::VM::VM):

  • runtime/VM.h:

Source/WebCore:

We use DOMAttribute. When DOMAttribute is specified, ClassInfo check is performed by JSC side.
So, we can drop ClassInfo check from the actual function.

We also simplify DOMJIT::GetterSetter to make it smaller size.

WebCore size comparison

Before: 48443292
After: 48087800 (0.7% reduction)

Speedometer Scores show 0.8% improvement.

Before: 158.9 +- 0.46
After: 160.2 +- 0.36

Dromaeo DOM core Scores show 5.8% improvement.

Before After

Total Score: 8424.12runs/s ±1.38% 8911.60runs/s ±1.47%

DOM Attributes 12627.27runs/s ±1.87% 14023.17runs/s ±1.87%
DOM Modification 1207.82runs/s ±2.48% 1204.21runs/s ±3.05%
DOM Query 68068.82runs/s ±0.63% 74273.38runs/s ±0.69%
DOM Traversal 1240.07runs/s ±1.96% 1256.64runs/s ±1.77%

Performance improvement can be explained by the following optimizations.

  1. Type checks are typically eliminated in all the JIT tiers. IC / DFG / FTL can drop type checks since get_by_id operation already performs a structure check which subsumes this type check.
  2. Direct getter call by CallDOMGetter without creating IC in DFG and FTL.
  • bindings/js/JSDOMAttribute.h:

(WebCore::IDLAttribute::get):
Add CastedThisErrorBehavior::Assert case. When this is specified, we perform casting without using jsDynamicCast.

  • bindings/scripts/CodeGeneratorJS.pm:

(IsAcceleratedDOMAttribute):
(GetJSCAttributesForAttribute):
(GenerateHeader):
(GeneratePropertiesHashTable):
(GenerateImplementation):
(GenerateAttributeGetterTrampolineDefinition):
(GenerateAttributeGetterDefinition):
(GenerateCallbackImplementationContent):
(GenerateHashTableValueArray):
(GenerateHashTable):
(GenerateConstructorHelperMethods):
Update CodeGeneratorJS to emit DOMAttribute. And DOMJIT::GetterSetter becomes changed to be smaller size.

  • bindings/scripts/test/JS/JSInterfaceName.cpp:

(WebCore::JSInterfaceNamePrototype::finishCreation):

  • bindings/scripts/test/JS/JSMapLike.cpp:

(WebCore::JSMapLikePrototype::finishCreation):

  • bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:

(WebCore::JSReadOnlyMapLikePrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:

(WebCore::JSTestActiveDOMObjectPrototype::finishCreation):
(WebCore::jsTestActiveDOMObjectExcitingAttr):

  • bindings/scripts/test/JS/JSTestCEReactions.cpp:

(WebCore::JSTestCEReactionsPrototype::finishCreation):
(WebCore::jsTestCEReactionsAttributeWithCEReactions):
(WebCore::jsTestCEReactionsReflectAttributeWithCEReactions):
(WebCore::jsTestCEReactionsStringifierAttribute):

  • bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:

(WebCore::JSTestCEReactionsStringifierPrototype::finishCreation):
(WebCore::jsTestCEReactionsStringifierValue):

  • bindings/scripts/test/JS/JSTestCallTracer.cpp:

(WebCore::JSTestCallTracerPrototype::finishCreation):
(WebCore::jsTestCallTracerTestAttributeInterface):
(WebCore::jsTestCallTracerTestAttributeSpecified):

  • bindings/scripts/test/JS/JSTestCallbackInterface.cpp:

(WebCore::JSTestCallbackInterfaceConstructor::initializeProperties):

  • bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:

(WebCore::JSTestClassWithJSBuiltinConstructorPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:

(WebCore::JSTestCustomConstructorWithNoInterfaceObjectPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestDOMJIT.cpp:

(WebCore::JSTestDOMJITPrototype::finishCreation):
(WebCore::TestDOMJITAnyAttrDOMJIT::TestDOMJITAnyAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITAnyAttr): Deleted.
(WebCore::TestDOMJITBooleanAttrDOMJIT::TestDOMJITBooleanAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITBooleanAttr): Deleted.
(WebCore::TestDOMJITByteAttrDOMJIT::TestDOMJITByteAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITByteAttr): Deleted.
(WebCore::TestDOMJITOctetAttrDOMJIT::TestDOMJITOctetAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITOctetAttr): Deleted.
(WebCore::TestDOMJITShortAttrDOMJIT::TestDOMJITShortAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITShortAttr): Deleted.
(WebCore::TestDOMJITUnsignedShortAttrDOMJIT::TestDOMJITUnsignedShortAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITUnsignedShortAttr): Deleted.
(WebCore::TestDOMJITLongAttrDOMJIT::TestDOMJITLongAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITLongAttr): Deleted.
(WebCore::TestDOMJITUnsignedLongAttrDOMJIT::TestDOMJITUnsignedLongAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITUnsignedLongAttr): Deleted.
(WebCore::TestDOMJITLongLongAttrDOMJIT::TestDOMJITLongLongAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITLongLongAttr): Deleted.
(WebCore::TestDOMJITUnsignedLongLongAttrDOMJIT::TestDOMJITUnsignedLongLongAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITUnsignedLongLongAttr): Deleted.
(WebCore::TestDOMJITFloatAttrDOMJIT::TestDOMJITFloatAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITFloatAttr): Deleted.
(WebCore::TestDOMJITUnrestrictedFloatAttrDOMJIT::TestDOMJITUnrestrictedFloatAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITUnrestrictedFloatAttr): Deleted.
(WebCore::TestDOMJITDoubleAttrDOMJIT::TestDOMJITDoubleAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITDoubleAttr): Deleted.
(WebCore::TestDOMJITUnrestrictedDoubleAttrDOMJIT::TestDOMJITUnrestrictedDoubleAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITUnrestrictedDoubleAttr): Deleted.
(WebCore::TestDOMJITDomStringAttrDOMJIT::TestDOMJITDomStringAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITDomStringAttr): Deleted.
(WebCore::TestDOMJITByteStringAttrDOMJIT::TestDOMJITByteStringAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITByteStringAttr): Deleted.
(WebCore::TestDOMJITUsvStringAttrDOMJIT::TestDOMJITUsvStringAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITUsvStringAttr): Deleted.
(WebCore::TestDOMJITNodeAttrDOMJIT::TestDOMJITNodeAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITNodeAttr): Deleted.
(WebCore::TestDOMJITBooleanNullableAttrDOMJIT::TestDOMJITBooleanNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITBooleanNullableAttr): Deleted.
(WebCore::TestDOMJITByteNullableAttrDOMJIT::TestDOMJITByteNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITByteNullableAttr): Deleted.
(WebCore::TestDOMJITOctetNullableAttrDOMJIT::TestDOMJITOctetNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITOctetNullableAttr): Deleted.
(WebCore::TestDOMJITShortNullableAttrDOMJIT::TestDOMJITShortNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITShortNullableAttr): Deleted.
(WebCore::TestDOMJITUnsignedShortNullableAttrDOMJIT::TestDOMJITUnsignedShortNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITUnsignedShortNullableAttr): Deleted.
(WebCore::TestDOMJITLongNullableAttrDOMJIT::TestDOMJITLongNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITLongNullableAttr): Deleted.
(WebCore::TestDOMJITUnsignedLongNullableAttrDOMJIT::TestDOMJITUnsignedLongNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITUnsignedLongNullableAttr): Deleted.
(WebCore::TestDOMJITLongLongNullableAttrDOMJIT::TestDOMJITLongLongNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITLongLongNullableAttr): Deleted.
(WebCore::TestDOMJITUnsignedLongLongNullableAttrDOMJIT::TestDOMJITUnsignedLongLongNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITUnsignedLongLongNullableAttr): Deleted.
(WebCore::TestDOMJITFloatNullableAttrDOMJIT::TestDOMJITFloatNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITFloatNullableAttr): Deleted.
(WebCore::TestDOMJITUnrestrictedFloatNullableAttrDOMJIT::TestDOMJITUnrestrictedFloatNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITUnrestrictedFloatNullableAttr): Deleted.
(WebCore::TestDOMJITDoubleNullableAttrDOMJIT::TestDOMJITDoubleNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITDoubleNullableAttr): Deleted.
(WebCore::TestDOMJITUnrestrictedDoubleNullableAttrDOMJIT::TestDOMJITUnrestrictedDoubleNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITUnrestrictedDoubleNullableAttr): Deleted.
(WebCore::TestDOMJITDomStringNullableAttrDOMJIT::TestDOMJITDomStringNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITDomStringNullableAttr): Deleted.
(WebCore::TestDOMJITByteStringNullableAttrDOMJIT::TestDOMJITByteStringNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITByteStringNullableAttr): Deleted.
(WebCore::TestDOMJITUsvStringNullableAttrDOMJIT::TestDOMJITUsvStringNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITUsvStringNullableAttr): Deleted.
(WebCore::TestDOMJITNodeNullableAttrDOMJIT::TestDOMJITNodeNullableAttrDOMJIT): Deleted.
(WebCore::domJITGetterSetterForTestDOMJITNodeNullableAttr): Deleted.

  • bindings/scripts/test/JS/JSTestDOMJIT.h:
  • bindings/scripts/test/JS/JSTestEventConstructor.cpp:

(WebCore::JSTestEventConstructorPrototype::finishCreation):
(WebCore::jsTestEventConstructorAttr1):
(WebCore::jsTestEventConstructorAttr2):
(WebCore::jsTestEventConstructorAttr3):

  • bindings/scripts/test/JS/JSTestEventTarget.cpp:

(WebCore::JSTestEventTargetPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestException.cpp:

(WebCore::JSTestExceptionPrototype::finishCreation):
(WebCore::jsTestExceptionName):

  • bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:

(WebCore::JSTestGenerateIsReachablePrototype::finishCreation):
(WebCore::jsTestGenerateIsReachableASecretAttribute):

  • bindings/scripts/test/JS/JSTestGlobalObject.cpp:

(WebCore::jsTestGlobalObjectRegularAttribute):

  • bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:

(WebCore::JSTestIndexedSetterNoIdentifierPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:

(WebCore::JSTestIndexedSetterThrowingExceptionPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:

(WebCore::JSTestIndexedSetterWithIdentifierPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestInterface.cpp:

(WebCore::JSTestInterfaceConstructor::initializeProperties):
(WebCore::JSTestInterfacePrototype::finishCreation):
(WebCore::jsTestInterfaceImplementsStr1):
(WebCore::jsTestInterfaceImplementsStr2):
(WebCore::jsTestInterfaceImplementsStr3):
(WebCore::jsTestInterfaceImplementsNode):
(WebCore::jsTestInterfaceSupplementalStr1):
(WebCore::jsTestInterfaceSupplementalStr2):
(WebCore::jsTestInterfaceSupplementalStr3):
(WebCore::jsTestInterfaceSupplementalNode):

  • bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:

(WebCore::JSTestInterfaceLeadingUnderscorePrototype::finishCreation):
(WebCore::jsTestInterfaceLeadingUnderscoreReadonly):

  • bindings/scripts/test/JS/JSTestIterable.cpp:

(WebCore::JSTestIterablePrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:

(WebCore::JSTestJSBuiltinConstructorPrototype::finishCreation):
(WebCore::jsTestJSBuiltinConstructorTestAttributeCustom):
(WebCore::jsTestJSBuiltinConstructorTestAttributeRWCustom):

  • bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:

(WebCore::JSTestMediaQueryListListenerPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:

(WebCore::JSTestNamedAndIndexedSetterNoIdentifierPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:

(WebCore::JSTestNamedAndIndexedSetterThrowingExceptionPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:

(WebCore::JSTestNamedAndIndexedSetterWithIdentifierPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedConstructor.cpp:

(WebCore::JSTestNamedConstructorPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:

(WebCore::JSTestNamedDeleterNoIdentifierPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:

(WebCore::JSTestNamedDeleterThrowingExceptionPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:

(WebCore::JSTestNamedDeleterWithIdentifierPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:

(WebCore::JSTestNamedDeleterWithIndexedGetterPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:

(WebCore::JSTestNamedGetterCallWithPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:

(WebCore::JSTestNamedGetterNoIdentifierPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:

(WebCore::JSTestNamedGetterWithIdentifierPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:

(WebCore::JSTestNamedSetterNoIdentifierPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:

(WebCore::JSTestNamedSetterThrowingExceptionPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:

(WebCore::JSTestNamedSetterWithIdentifierPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:

(WebCore::JSTestNamedSetterWithIndexedGetterPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:

(WebCore::JSTestNamedSetterWithIndexedGetterAndSetterPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp:

(WebCore::JSTestNamedSetterWithOverrideBuiltinsPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp:

(WebCore::JSTestNamedSetterWithUnforgablePropertiesPrototype::finishCreation):
(WebCore::jsTestNamedSetterWithUnforgablePropertiesUnforgeableAttribute):

  • bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp:

(WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsPrototype::finishCreation):
(WebCore::jsTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsUnforgeableAttribute):

  • bindings/scripts/test/JS/JSTestNode.cpp:

(WebCore::JSTestNodePrototype::finishCreation):
(WebCore::jsTestNodeName):

  • bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::JSTestObjConstructor::initializeProperties):
(WebCore::JSTestObjPrototype::finishCreation):
(WebCore::jsTestObjReadOnlyLongAttr):
(WebCore::jsTestObjReadOnlyStringAttr):
(WebCore::jsTestObjReadOnlyTestObjAttr):
(WebCore::jsTestObjEnumAttr):
(WebCore::jsTestObjByteAttr):
(WebCore::jsTestObjOctetAttr):
(WebCore::jsTestObjShortAttr):
(WebCore::jsTestObjClampedShortAttr):
(WebCore::jsTestObjEnforceRangeShortAttr):
(WebCore::jsTestObjUnsignedShortAttr):
(WebCore::jsTestObjLongAttr):
(WebCore::jsTestObjLongLongAttr):
(WebCore::jsTestObjUnsignedLongLongAttr):
(WebCore::jsTestObjStringAttr):
(WebCore::jsTestObjUsvstringAttr):
(WebCore::jsTestObjTestObjAttr):
(WebCore::jsTestObjTestNullableObjAttr):
(WebCore::jsTestObjUnforgeableAttr):
(WebCore::jsTestObjStringAttrTreatingNullAsEmptyString):
(WebCore::jsTestObjUsvstringAttrTreatingNullAsEmptyString):
(WebCore::jsTestObjByteStringAttrTreatingNullAsEmptyString):
(WebCore::jsTestObjStringLongRecordAttr):
(WebCore::jsTestObjUsvstringLongRecordAttr):
(WebCore::jsTestObjStringObjRecordAttr):
(WebCore::jsTestObjStringNullableObjRecordAttr):
(WebCore::jsTestObjDictionaryAttr):
(WebCore::jsTestObjNullableDictionaryAttr):
(WebCore::jsTestObjAnnotatedTypeInUnionAttr):
(WebCore::jsTestObjAnnotatedTypeInSequenceAttr):
(WebCore::jsTestObjImplementationEnumAttr):
(WebCore::jsTestObjXMLObjAttr):
(WebCore::jsTestObjCreate):
(WebCore::jsTestObjReflectedStringAttr):
(WebCore::jsTestObjReflectedUSVStringAttr):
(WebCore::jsTestObjReflectedIntegralAttr):
(WebCore::jsTestObjReflectedUnsignedIntegralAttr):
(WebCore::jsTestObjReflectedBooleanAttr):
(WebCore::jsTestObjReflectedURLAttr):
(WebCore::jsTestObjReflectedUSVURLAttr):
(WebCore::jsTestObjReflectedCustomIntegralAttr):
(WebCore::jsTestObjReflectedCustomBooleanAttr):
(WebCore::jsTestObjReflectedCustomURLAttr):
(WebCore::jsTestObjEnabledAtRuntimeAttribute):
(WebCore::jsTestObjEnabledBySettingAttribute):
(WebCore::jsTestObjTypedArrayAttr):
(WebCore::jsTestObjAttributeWithGetterException):
(WebCore::jsTestObjAttributeWithSetterException):
(WebCore::jsTestObjStringAttrWithGetterException):
(WebCore::jsTestObjStringAttrWithSetterException):
(WebCore::jsTestObjCustomAttr):
(WebCore::jsTestObjOnfoo):
(WebCore::jsTestObjOnwebkitfoo):
(WebCore::jsTestObjWithScriptStateAttribute):
(WebCore::jsTestObjWithCallWithAndSetterCallWithAttribute):
(WebCore::jsTestObjWithScriptExecutionContextAttribute):
(WebCore::jsTestObjWithScriptStateAttributeRaises):
(WebCore::jsTestObjWithScriptExecutionContextAttributeRaises):
(WebCore::jsTestObjWithScriptExecutionContextAndScriptStateAttribute):
(WebCore::jsTestObjWithScriptExecutionContextAndScriptStateAttributeRaises):
(WebCore::jsTestObjWithScriptExecutionContextAndScriptStateWithSpacesAttribute):
(WebCore::jsTestObjConditionalAttr1):
(WebCore::jsTestObjConditionalAttr2):
(WebCore::jsTestObjConditionalAttr3):
(WebCore::jsTestObjCachedAttribute1):
(WebCore::jsTestObjCachedAttribute2):
(WebCore::jsTestObjAnyAttribute):
(WebCore::jsTestObjObjectAttribute):
(WebCore::jsTestObjContentDocument):
(WebCore::jsTestObjMutablePoint):
(WebCore::jsTestObjStrawberry):
(WebCore::jsTestObjDescription):
(WebCore::jsTestObjId):
(WebCore::jsTestObjHash):
(WebCore::jsTestObjReplaceableAttribute):
(WebCore::jsTestObjNullableDoubleAttribute):
(WebCore::jsTestObjNullableLongAttribute):
(WebCore::jsTestObjNullableBooleanAttribute):
(WebCore::jsTestObjNullableStringAttribute):
(WebCore::jsTestObjNullableLongSettableAttribute):
(WebCore::jsTestObjNullableStringSettableAttribute):
(WebCore::jsTestObjNullableUSVStringSettableAttribute):
(WebCore::jsTestObjNullableByteStringSettableAttribute):
(WebCore::jsTestObjNullableStringValue):
(WebCore::jsTestObjAttribute):
(WebCore::jsTestObjAttributeWithReservedEnumType):
(WebCore::jsTestObjPutForwardsAttribute):
(WebCore::jsTestObjPutForwardsNullableAttribute):
(WebCore::jsTestObjStringifierAttribute):
(WebCore::jsTestObjConditionallyReadWriteAttribute):
(WebCore::jsTestObjConditionalAndConditionallyReadWriteAttribute):

  • bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:

(WebCore::JSTestOverloadedConstructorsPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:

(WebCore::JSTestOverloadedConstructorsWithSequencePrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:

(WebCore::JSTestOverrideBuiltinsPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestPluginInterface.cpp:

(WebCore::JSTestPluginInterfacePrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:

(WebCore::JSTestPromiseRejectionEventPrototype::finishCreation):
(WebCore::jsTestPromiseRejectionEventReason):

  • bindings/scripts/test/JS/JSTestSerialization.cpp:

(WebCore::JSTestSerializationPrototype::finishCreation):
(WebCore::jsTestSerializationFirstStringAttribute):
(WebCore::jsTestSerializationSecondLongAttribute):
(WebCore::jsTestSerializationThirdUnserializableAttribute):
(WebCore::jsTestSerializationFourthUnrestrictedDoubleAttribute):
(WebCore::jsTestSerializationFifthLongAttribute):
(WebCore::jsTestSerializationSixthTypedefAttribute):
(WebCore::jsTestSerializationSeventhDirectlySerializableAttribute):
(WebCore::jsTestSerializationEighthIndirectlyAttribute):

  • bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp:

(WebCore::JSTestSerializationIndirectInheritancePrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestSerializationInherit.cpp:

(WebCore::JSTestSerializationInheritPrototype::finishCreation):
(WebCore::jsTestSerializationInheritInheritLongAttribute):

  • bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:

(WebCore::JSTestSerializationInheritFinalPrototype::finishCreation):
(WebCore::jsTestSerializationInheritFinalFinalLongAttributeFoo):
(WebCore::jsTestSerializationInheritFinalFinalLongAttributeBar):

  • bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:

(WebCore::JSTestSerializedScriptValueInterfacePrototype::finishCreation):
(WebCore::jsTestSerializedScriptValueInterfaceValue):
(WebCore::jsTestSerializedScriptValueInterfaceReadonlyValue):
(WebCore::jsTestSerializedScriptValueInterfaceCachedValue):
(WebCore::jsTestSerializedScriptValueInterfacePorts):
(WebCore::jsTestSerializedScriptValueInterfaceCachedReadonlyValue):

  • bindings/scripts/test/JS/JSTestStringifier.cpp:

(WebCore::JSTestStringifierPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:

(WebCore::JSTestStringifierAnonymousOperationPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:

(WebCore::JSTestStringifierNamedOperationPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:

(WebCore::JSTestStringifierOperationImplementedAsPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:

(WebCore::JSTestStringifierOperationNamedToStringPrototype::finishCreation):

  • bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:

(WebCore::JSTestStringifierReadOnlyAttributePrototype::finishCreation):
(WebCore::jsTestStringifierReadOnlyAttributeIdentifier):

  • bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:

(WebCore::JSTestStringifierReadWriteAttributePrototype::finishCreation):
(WebCore::jsTestStringifierReadWriteAttributeIdentifier):

  • bindings/scripts/test/JS/JSTestTypedefs.cpp:

(WebCore::JSTestTypedefsConstructor::initializeProperties):
(WebCore::JSTestTypedefsPrototype::finishCreation):
(WebCore::jsTestTypedefsUnsignedLongLongAttr):
(WebCore::jsTestTypedefsSerializedScriptValue):
(WebCore::jsTestTypedefsAttributeWithClamp):
(WebCore::jsTestTypedefsAttributeWithClampInTypedef):
(WebCore::jsTestTypedefsAttrWithGetterException):
(WebCore::jsTestTypedefsAttrWithSetterException):
(WebCore::jsTestTypedefsStringAttrWithGetterException):
(WebCore::jsTestTypedefsStringAttrWithSetterException):
(WebCore::jsTestTypedefsBufferSourceAttr):
(WebCore::jsTestTypedefsDomTimeStampAttr):
They are binding test rebaselines.

  • domjit/DOMJITIDLTypeFilter.h:
  • domjit/JSDocumentDOMJIT.cpp:

(WebCore::compileDocumentDocumentElementAttribute):
(WebCore::compileDocumentBodyAttribute):
(WebCore::DocumentDocumentElementDOMJIT::callDOMGetter): Deleted.
(WebCore::DocumentBodyDOMJIT::callDOMGetter): Deleted.

  • domjit/JSNodeDOMJIT.cpp:

(WebCore::compileNodeFirstChildAttribute):
(WebCore::compileNodeLastChildAttribute):
(WebCore::compileNodeNextSiblingAttribute):
(WebCore::compileNodePreviousSiblingAttribute):
(WebCore::compileNodeParentNodeAttribute):
(WebCore::compileNodeNodeTypeAttribute):
(WebCore::compileNodeOwnerDocumentAttribute):
(WebCore::NodeFirstChildDOMJIT::callDOMGetter): Deleted.
(WebCore::NodeLastChildDOMJIT::callDOMGetter): Deleted.
(WebCore::NodeNextSiblingDOMJIT::callDOMGetter): Deleted.
(WebCore::NodePreviousSiblingDOMJIT::callDOMGetter): Deleted.
(WebCore::NodeParentNodeDOMJIT::callDOMGetter): Deleted.
(WebCore::NodeNodeTypeDOMJIT::callDOMGetter): Deleted.
(WebCore::NodeOwnerDocumentDOMJIT::callDOMGetter): Deleted.
DOMJIT::GetterSetter becomes smaller constexpr data.

LayoutTests:

  • js/dom/dom-getters-type-check-expected.txt: Added.
  • js/dom/dom-getters-type-check.html: Added.
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/JavaScriptCore/jsc.cpp

    r218936 r219981  
    3232#include "Completion.h"
    3333#include "ConfigFile.h"
     34#include "DOMAttributeGetterSetter.h"
    3435#include "DOMJITGetterSetter.h"
    3536#include "Disassembler.h"
     
    647648    }
    648649
    649     class DOMJITNodeDOMJIT : public DOMJIT::GetterSetter {
     650    class DOMJITAttribute : public DOMJIT::GetterSetter {
    650651    public:
    651         DOMJITNodeDOMJIT()
    652             : DOMJIT::GetterSetter(DOMJITGetter::customGetter, nullptr, DOMJITNode::info(), SpecInt32Only)
     652        constexpr DOMJITAttribute()
     653            : DOMJIT::GetterSetter(
     654                DOMJITGetter::customGetter,
     655#if ENABLE(JIT)
     656                &callDOMGetter,
     657#else
     658                nullptr,
     659#endif
     660                SpecInt32Only)
    653661        {
    654662        }
     
    661669        }
    662670
    663         Ref<DOMJIT::CallDOMGetterSnippet> callDOMGetter() override
     671        static Ref<DOMJIT::CallDOMGetterSnippet> callDOMGetter()
    664672        {
    665673            Ref<DOMJIT::CallDOMGetterSnippet> snippet = DOMJIT::CallDOMGetterSnippet::create();
     
    677685    };
    678686
    679     static DOMJIT::GetterSetter* domJITNodeGetterSetter()
    680     {
    681         static NeverDestroyed<DOMJITNodeDOMJIT> graph;
    682         return &graph.get();
    683     }
    684 
    685687private:
    686     void finishCreation(VM& vm)
    687     {
    688         Base::finishCreation(vm);
    689         DOMJIT::GetterSetter* domJIT = domJITNodeGetterSetter();
    690         CustomGetterSetter* customGetterSetter = CustomGetterSetter::create(vm, domJIT->getter(), domJIT->setter(), domJIT);
    691         putDirectCustomAccessor(vm, Identifier::fromString(&vm, "customGetter"), customGetterSetter, ReadOnly | CustomAccessor);
    692     }
     688    void finishCreation(VM&);
    693689
    694690    static EncodedJSValue customGetter(ExecState* exec, EncodedJSValue thisValue, PropertyName)
    695691    {
    696692        VM& vm = exec->vm();
    697         auto scope = DECLARE_THROW_SCOPE(vm);
    698 
    699693        DOMJITNode* thisObject = jsDynamicCast<DOMJITNode*>(vm, JSValue::decode(thisValue));
    700         if (!thisObject)
    701             return throwVMTypeError(exec, scope);
     694        ASSERT(thisObject);
    702695        return JSValue::encode(jsNumber(thisObject->value()));
    703696    }
    704697};
     698
     699static const DOMJITGetter::DOMJITAttribute DOMJITGetterDOMJIT;
     700
     701void DOMJITGetter::finishCreation(VM& vm)
     702{
     703    Base::finishCreation(vm);
     704    const DOMJIT::GetterSetter* domJIT = &DOMJITGetterDOMJIT;
     705    auto* customGetterSetter = DOMAttributeGetterSetter::create(vm, domJIT->getter(), nullptr, DOMAttributeAnnotation { DOMJITNode::info(), domJIT });
     706    putDirectCustomAccessor(vm, Identifier::fromString(&vm, "customGetter"), customGetterSetter, ReadOnly | CustomAccessor);
     707}
    705708
    706709class DOMJITGetterComplex : public DOMJITNode {
     
    727730    }
    728731
    729     class DOMJITNodeDOMJIT : public DOMJIT::GetterSetter {
     732    class DOMJITAttribute : public DOMJIT::GetterSetter {
    730733    public:
    731         DOMJITNodeDOMJIT()
    732             : DOMJIT::GetterSetter(DOMJITGetterComplex::customGetter, nullptr, DOMJITNode::info(), SpecInt32Only)
     734        constexpr DOMJITAttribute()
     735            : DOMJIT::GetterSetter(
     736                DOMJITGetterComplex::customGetter,
     737#if ENABLE(JIT)
     738                &callDOMGetter,
     739#else
     740                nullptr,
     741#endif
     742                SpecInt32Only)
    733743        {
    734744        }
     
    749759        }
    750760
    751         Ref<DOMJIT::CallDOMGetterSnippet> callDOMGetter() override
     761        static Ref<DOMJIT::CallDOMGetterSnippet> callDOMGetter()
    752762        {
    753             RefPtr<DOMJIT::CallDOMGetterSnippet> snippet = DOMJIT::CallDOMGetterSnippet::create();
     763            Ref<DOMJIT::CallDOMGetterSnippet> snippet = DOMJIT::CallDOMGetterSnippet::create();
    754764            static_assert(GPRInfo::numberOfRegisters >= 4, "Number of registers should be larger or equal to 4.");
    755             snippet->numGPScratchRegisters = GPRInfo::numberOfRegisters - 4;
     765            unsigned numGPScratchRegisters = GPRInfo::numberOfRegisters - 4;
     766            snippet->numGPScratchRegisters = numGPScratchRegisters;
    756767            snippet->numFPScratchRegisters = 3;
    757768            snippet->setGenerator([=](CCallHelpers& jit, SnippetParams& params) {
    758769                JSValueRegs results = params[0].jsValueRegs();
    759770                GPRReg domGPR = params[1].gpr();
    760                 for (unsigned i = 0; i < snippet->numGPScratchRegisters; ++i)
     771                for (unsigned i = 0; i < numGPScratchRegisters; ++i)
    761772                    jit.move(CCallHelpers::TrustedImm32(42), params.gpScratch(i));
    762773
    763774                params.addSlowPathCall(jit.jump(), jit, slowCall, results, domGPR);
    764775                return CCallHelpers::JumpList();
    765 
    766776            });
    767             return *snippet.get();
     777            return snippet;
    768778        }
    769779#endif
    770780    };
    771781
    772     static DOMJIT::GetterSetter* domJITNodeGetterSetter()
    773     {
    774         static NeverDestroyed<DOMJITNodeDOMJIT> graph;
    775         return &graph.get();
    776     }
    777 
    778782private:
    779     void finishCreation(VM& vm, JSGlobalObject* globalObject)
    780     {
    781         Base::finishCreation(vm);
    782         DOMJIT::GetterSetter* domJIT = domJITNodeGetterSetter();
    783         CustomGetterSetter* customGetterSetter = CustomGetterSetter::create(vm, domJIT->getter(), domJIT->setter(), domJIT);
    784         putDirectCustomAccessor(vm, Identifier::fromString(&vm, "customGetter"), customGetterSetter, ReadOnly | CustomAccessor);
    785         putDirectNativeFunction(vm, globalObject, Identifier::fromString(&vm, "enableException"), 0, functionEnableException, NoIntrinsic, 0);
    786     }
     783    void finishCreation(VM&, JSGlobalObject*);
    787784
    788785    static EncodedJSValue JSC_HOST_CALL functionEnableException(ExecState* exec)
     
    800797        auto scope = DECLARE_THROW_SCOPE(vm);
    801798
    802         auto* thisObject = jsDynamicCast<DOMJITNode*>(vm, JSValue::decode(thisValue));
    803         if (!thisObject)
    804             return throwVMTypeError(exec, scope);
    805         if (auto* domjitGetterComplex = jsDynamicCast<DOMJITGetterComplex*>(vm, JSValue::decode(thisValue))) {
    806             if (domjitGetterComplex->m_enableException)
    807                 return JSValue::encode(throwException(exec, scope, createError(exec, ASCIILiteral("DOMJITGetterComplex slow call exception"))));
    808         }
     799        auto* thisObject = jsDynamicCast<DOMJITGetterComplex*>(vm, JSValue::decode(thisValue));
     800        ASSERT(thisObject);
     801        if (thisObject->m_enableException)
     802            return JSValue::encode(throwException(exec, scope, createError(exec, ASCIILiteral("DOMJITGetterComplex slow call exception"))));
    809803        return JSValue::encode(jsNumber(thisObject->value()));
    810804    }
     
    812806    bool m_enableException { false };
    813807};
     808
     809static const DOMJITGetterComplex::DOMJITAttribute DOMJITGetterComplexDOMJIT;
     810
     811void DOMJITGetterComplex::finishCreation(VM& vm, JSGlobalObject* globalObject)
     812{
     813    Base::finishCreation(vm);
     814    const DOMJIT::GetterSetter* domJIT = &DOMJITGetterComplexDOMJIT;
     815    auto* customGetterSetter = DOMAttributeGetterSetter::create(vm, domJIT->getter(), nullptr, DOMAttributeAnnotation { DOMJITGetterComplex::info(), domJIT });
     816    putDirectCustomAccessor(vm, Identifier::fromString(&vm, "customGetter"), customGetterSetter, ReadOnly | CustomAccessor);
     817    putDirectNativeFunction(vm, globalObject, Identifier::fromString(&vm, "enableException"), 0, functionEnableException, NoIntrinsic, 0);
     818}
    814819
    815820class DOMJITFunctionObject : public DOMJITNode {
Note: See TracChangeset for help on using the changeset viewer.