[webkit-changes] [WebKit/WebKit] 57affb: [JSC] Handler IC Getter / Setter / Proxy accessors...
Yusuke Suzuki
noreply at github.com
Wed May 22 10:06:16 PDT 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 57affb62969db66ef07975567f4876d62d86da55
https://github.com/WebKit/WebKit/commit/57affb62969db66ef07975567f4876d62d86da55
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2024-05-22 (Wed, 22 May 2024)
Changed paths:
M LayoutTests/platform/mac/TestExpectations
M Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp
M Source/JavaScriptCore/dfg/DFGJITCode.cpp
M Source/JavaScriptCore/llint/LLIntData.cpp
M Source/JavaScriptCore/runtime/JSGlobalObject.cpp
M Source/JavaScriptCore/runtime/JSGlobalObject.h
M Source/JavaScriptCore/runtime/JSGlobalObjectInlines.h
M Source/JavaScriptCore/runtime/StructureInlines.h
Log Message:
-----------
[JSC] Handler IC Getter / Setter / Proxy accessors should not use m_globalObject
https://bugs.webkit.org/show_bug.cgi?id=274485
rdar://128494111
Reviewed by Mark Lam.
Since Handler IC can be shared across JSGlobalObjects, the generated code should not rely on that.
This patch fixes so that all access are done through JSGlobalObject offered at runtime.
We made all necessary fields of JSGlobalObject from JIT.
* Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp:
(JSC::InlineCacheCompiler::generateWithGuard):
(JSC::InlineCacheCompiler::generateImpl):
(JSC::InlineCacheCompiler::emitProxyObjectAccess):
* Source/JavaScriptCore/runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildrenImpl):
* Source/JavaScriptCore/runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::symbolPrototype const):
(JSC::JSGlobalObject::dateStructure const):
(JSC::JSGlobalObject::symbolObjectStructure const):
(JSC::JSGlobalObject::offsetOfPerformProxyObjectHasFunction):
(JSC::JSGlobalObject::offsetOfPerformProxyObjectGetFunction):
(JSC::JSGlobalObject::offsetOfPerformProxyObjectGetByValFunction):
(JSC::JSGlobalObject::offsetOfPerformProxyObjectSetStrictFunction):
(JSC::JSGlobalObject::offsetOfPerformProxyObjectSetSloppyFunction):
(JSC::JSGlobalObject::offsetOfNullSetterStrictFunction):
(JSC::JSGlobalObject::offsetOfStringPrototype):
(JSC::JSGlobalObject::offsetOfBigIntPrototype):
(JSC::JSGlobalObject::offsetOfSymbolPrototype):
* Source/JavaScriptCore/runtime/JSGlobalObjectInlines.h:
(JSC::JSGlobalObject::performProxyObjectHasFunction const):
(JSC::JSGlobalObject::performProxyObjectGetFunction const):
(JSC::JSGlobalObject::performProxyObjectGetFunctionConcurrently const):
(JSC::JSGlobalObject::performProxyObjectGetByValFunction const):
(JSC::JSGlobalObject::performProxyObjectGetByValFunctionConcurrently const):
(JSC::JSGlobalObject::performProxyObjectSetSloppyFunction const):
(JSC::JSGlobalObject::performProxyObjectSetSloppyFunctionConcurrently const):
(JSC::JSGlobalObject::performProxyObjectSetStrictFunction const):
(JSC::JSGlobalObject::performProxyObjectSetStrictFunctionConcurrently const):
* Source/JavaScriptCore/runtime/StructureInlines.h:
Canonical link: https://commits.webkit.org/279136@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list