<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[182899] trunk</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/182899">182899</a></dd>
<dt>Author</dt> <dd>commit-queue@webkit.org</dd>
<dt>Date</dt> <dd>2015-04-16 12:15:09 -0700 (Thu, 16 Apr 2015)</dd>
</dl>
<h3>Log Message</h3>
<pre>Extract the allocation profile from JSFunction into a rare object
https://bugs.webkit.org/show_bug.cgi?id=143807
.:
Patch by Basile Clement <basile_clement@apple.com> on 2015-04-16
Reviewed by Filip Pizlo.
* WebKit.xcworkspace/contents.xcworkspacedata:
Source/JavaScriptCore:
Patch by Basile Clement <basile_clement@apple.com> on 2015-04-16
Reviewed by Filip Pizlo.
The allocation profile is only needed for those functions that are used
to create objects with [new].
Extracting it into its own JSCell removes the need for JSFunction and
JSCallee to be JSDestructibleObjects, which should improve performances in most
cases at the cost of an extra pointer dereference when the allocation profile
is actually needed.
* CMakeLists.txt:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
* JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
* JavaScriptCore.xcodeproj/project.pbxproj:
* dfg/DFGOperations.cpp:
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_create_this):
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_create_this):
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
* runtime/FunctionRareData.cpp: Added.
(JSC::FunctionRareData::create):
(JSC::FunctionRareData::destroy):
(JSC::FunctionRareData::createStructure):
(JSC::FunctionRareData::visitChildren):
(JSC::FunctionRareData::FunctionRareData):
(JSC::FunctionRareData::~FunctionRareData):
(JSC::FunctionRareData::finishCreation):
* runtime/FunctionRareData.h: Added.
(JSC::FunctionRareData::offsetOfAllocationProfile):
(JSC::FunctionRareData::allocationProfile):
(JSC::FunctionRareData::allocationStructure):
(JSC::FunctionRareData::allocationProfileWatchpointSet):
* runtime/JSBoundFunction.cpp:
(JSC::JSBoundFunction::destroy): Deleted.
* runtime/JSBoundFunction.h:
* runtime/JSCallee.cpp:
(JSC::JSCallee::destroy): Deleted.
* runtime/JSCallee.h:
* runtime/JSFunction.cpp:
(JSC::JSFunction::JSFunction):
(JSC::JSFunction::createRareData):
(JSC::JSFunction::visitChildren):
(JSC::JSFunction::put):
(JSC::JSFunction::defineOwnProperty):
(JSC::JSFunction::destroy): Deleted.
(JSC::JSFunction::createAllocationProfile): Deleted.
* runtime/JSFunction.h:
(JSC::JSFunction::offsetOfRareData):
(JSC::JSFunction::rareData):
(JSC::JSFunction::allocationStructure):
(JSC::JSFunction::allocationProfileWatchpointSet):
(JSC::JSFunction::offsetOfAllocationProfile): Deleted.
(JSC::JSFunction::allocationProfile): Deleted.
* runtime/JSFunctionInlines.h:
(JSC::JSFunction::JSFunction):
* runtime/VM.cpp:
(JSC::VM::VM):
* runtime/VM.h:</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkChangeLog">trunk/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCoreCMakeListstxt">trunk/Source/JavaScriptCore/CMakeLists.txt</a></li>
<li><a href="#trunkSourceJavaScriptCoreChangeLog">trunk/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCoreJavaScriptCorevcxprojJavaScriptCorevcxproj">trunk/Source/JavaScriptCore/JavaScriptCore.vcxproj/JavaScriptCore.vcxproj</a></li>
<li><a href="#trunkSourceJavaScriptCoreJavaScriptCorevcxprojJavaScriptCorevcxprojfilters">trunk/Source/JavaScriptCore/JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters</a></li>
<li><a href="#trunkSourceJavaScriptCoreJavaScriptCorexcodeprojprojectpbxproj">trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGOperationscpp">trunk/Source/JavaScriptCore/dfg/DFGOperations.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGSpeculativeJIT32_64cpp">trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoredfgDFGSpeculativeJIT64cpp">trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITOpcodescpp">trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITOpcodes32_64cpp">trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorellintLowLevelInterpreter32_64asm">trunk/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm</a></li>
<li><a href="#trunkSourceJavaScriptCorellintLowLevelInterpreter64asm">trunk/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeCommonSlowPathscpp">trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSBoundFunctioncpp">trunk/Source/JavaScriptCore/runtime/JSBoundFunction.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSBoundFunctionh">trunk/Source/JavaScriptCore/runtime/JSBoundFunction.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSCalleecpp">trunk/Source/JavaScriptCore/runtime/JSCallee.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSCalleeh">trunk/Source/JavaScriptCore/runtime/JSCallee.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSFunctioncpp">trunk/Source/JavaScriptCore/runtime/JSFunction.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSFunctionh">trunk/Source/JavaScriptCore/runtime/JSFunction.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSFunctionInlinesh">trunk/Source/JavaScriptCore/runtime/JSFunctionInlines.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeVMcpp">trunk/Source/JavaScriptCore/runtime/VM.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeVMh">trunk/Source/JavaScriptCore/runtime/VM.h</a></li>
<li><a href="#trunkWebKitxcworkspacecontentsxcworkspacedata">trunk/WebKit.xcworkspace/contents.xcworkspacedata</a></li>
</ul>
<h3>Added Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoreruntimeFunctionRareDatacpp">trunk/Source/JavaScriptCore/runtime/FunctionRareData.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeFunctionRareDatah">trunk/Source/JavaScriptCore/runtime/FunctionRareData.h</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/ChangeLog (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/ChangeLog 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/ChangeLog 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -1,3 +1,12 @@
</span><ins>+2015-04-16 Basile Clement <basile_clement@apple.com>
+
+ Extract the allocation profile from JSFunction into a rare object
+ https://bugs.webkit.org/show_bug.cgi?id=143807
+
+ Reviewed by Filip Pizlo.
+
+ * WebKit.xcworkspace/contents.xcworkspacedata:
+
</ins><span class="cx"> 2015-04-16 Csaba Osztrogonác <ossy@webkit.org>
</span><span class="cx">
</span><span class="cx"> [EFL] Bump LLVM to version 3.6.0 on X86_64
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreCMakeListstxt"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/CMakeLists.txt (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/CMakeLists.txt 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/CMakeLists.txt 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -448,6 +448,7 @@
</span><span class="cx"> runtime/FunctionExecutableDump.cpp
</span><span class="cx"> runtime/FunctionHasExecutedCache.cpp
</span><span class="cx"> runtime/FunctionPrototype.cpp
</span><ins>+ runtime/FunctionRareData.cpp
</ins><span class="cx"> runtime/GetterSetter.cpp
</span><span class="cx"> runtime/Identifier.cpp
</span><span class="cx"> runtime/IndexingType.cpp
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ChangeLog (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ChangeLog 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/ChangeLog 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -1,3 +1,74 @@
</span><ins>+2015-04-16 Basile Clement <basile_clement@apple.com>
+
+ Extract the allocation profile from JSFunction into a rare object
+ https://bugs.webkit.org/show_bug.cgi?id=143807
+
+ Reviewed by Filip Pizlo.
+
+ The allocation profile is only needed for those functions that are used
+ to create objects with [new].
+ Extracting it into its own JSCell removes the need for JSFunction and
+ JSCallee to be JSDestructibleObjects, which should improve performances in most
+ cases at the cost of an extra pointer dereference when the allocation profile
+ is actually needed.
+
+ * CMakeLists.txt:
+ * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj:
+ * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters:
+ * JavaScriptCore.xcodeproj/project.pbxproj:
+ * dfg/DFGOperations.cpp:
+ * dfg/DFGSpeculativeJIT32_64.cpp:
+ (JSC::DFG::SpeculativeJIT::compile):
+ * dfg/DFGSpeculativeJIT64.cpp:
+ (JSC::DFG::SpeculativeJIT::compile):
+ * jit/JITOpcodes.cpp:
+ (JSC::JIT::emit_op_create_this):
+ * jit/JITOpcodes32_64.cpp:
+ (JSC::JIT::emit_op_create_this):
+ * llint/LowLevelInterpreter32_64.asm:
+ * llint/LowLevelInterpreter64.asm:
+ * runtime/CommonSlowPaths.cpp:
+ (JSC::SLOW_PATH_DECL):
+ * runtime/FunctionRareData.cpp: Added.
+ (JSC::FunctionRareData::create):
+ (JSC::FunctionRareData::destroy):
+ (JSC::FunctionRareData::createStructure):
+ (JSC::FunctionRareData::visitChildren):
+ (JSC::FunctionRareData::FunctionRareData):
+ (JSC::FunctionRareData::~FunctionRareData):
+ (JSC::FunctionRareData::finishCreation):
+ * runtime/FunctionRareData.h: Added.
+ (JSC::FunctionRareData::offsetOfAllocationProfile):
+ (JSC::FunctionRareData::allocationProfile):
+ (JSC::FunctionRareData::allocationStructure):
+ (JSC::FunctionRareData::allocationProfileWatchpointSet):
+ * runtime/JSBoundFunction.cpp:
+ (JSC::JSBoundFunction::destroy): Deleted.
+ * runtime/JSBoundFunction.h:
+ * runtime/JSCallee.cpp:
+ (JSC::JSCallee::destroy): Deleted.
+ * runtime/JSCallee.h:
+ * runtime/JSFunction.cpp:
+ (JSC::JSFunction::JSFunction):
+ (JSC::JSFunction::createRareData):
+ (JSC::JSFunction::visitChildren):
+ (JSC::JSFunction::put):
+ (JSC::JSFunction::defineOwnProperty):
+ (JSC::JSFunction::destroy): Deleted.
+ (JSC::JSFunction::createAllocationProfile): Deleted.
+ * runtime/JSFunction.h:
+ (JSC::JSFunction::offsetOfRareData):
+ (JSC::JSFunction::rareData):
+ (JSC::JSFunction::allocationStructure):
+ (JSC::JSFunction::allocationProfileWatchpointSet):
+ (JSC::JSFunction::offsetOfAllocationProfile): Deleted.
+ (JSC::JSFunction::allocationProfile): Deleted.
+ * runtime/JSFunctionInlines.h:
+ (JSC::JSFunction::JSFunction):
+ * runtime/VM.cpp:
+ (JSC::VM::VM):
+ * runtime/VM.h:
+
</ins><span class="cx"> 2015-04-16 Csaba Osztrogonác <ossy@webkit.org>
</span><span class="cx">
</span><span class="cx"> Remove the unnecessary WTF_CHANGES define
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreJavaScriptCorevcxprojJavaScriptCorevcxproj"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/JavaScriptCore.vcxproj/JavaScriptCore.vcxproj (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/JavaScriptCore.vcxproj/JavaScriptCore.vcxproj 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/JavaScriptCore.vcxproj/JavaScriptCore.vcxproj 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -716,6 +716,7 @@
</span><span class="cx"> <ClCompile Include="..\runtime\FunctionExecutableDump.cpp" />
</span><span class="cx"> <ClCompile Include="..\runtime\FunctionHasExecutedCache.cpp" />
</span><span class="cx"> <ClCompile Include="..\runtime\FunctionPrototype.cpp" />
</span><ins>+ <ClCompile Include="..\runtime\FunctionRareData.cpp" />
</ins><span class="cx"> <ClCompile Include="..\runtime\GetterSetter.cpp" />
</span><span class="cx"> <ClCompile Include="..\runtime\Identifier.cpp" />
</span><span class="cx"> <ClCompile Include="..\runtime\IndexingType.cpp" />
</span><span class="lines">@@ -1496,6 +1497,7 @@
</span><span class="cx"> <ClInclude Include="..\runtime\FunctionExecutableDump.h" />
</span><span class="cx"> <ClInclude Include="..\runtime\FunctionHasExecutedCache.h" />
</span><span class="cx"> <ClInclude Include="..\runtime\FunctionPrototype.h" />
</span><ins>+ <ClInclude Include="..\runtime\FunctionRareData.h" />
</ins><span class="cx"> <ClInclude Include="..\runtime\GenericArguments.h" />
</span><span class="cx"> <ClInclude Include="..\runtime\GenericArgumentsInlines.h" />
</span><span class="cx"> <ClInclude Include="..\runtime\GenericOffset.h" />
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreJavaScriptCorevcxprojJavaScriptCorevcxprojfilters"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -606,6 +606,9 @@
</span><span class="cx"> <ClCompile Include="..\runtime\FunctionPrototype.cpp">
</span><span class="cx"> <Filter>runtime</Filter>
</span><span class="cx"> </ClCompile>
</span><ins>+ <ClCompile Include="..\runtime\FunctionRareData.cpp">
+ <Filter>runtime</Filter>
+ </ClCompile>
</ins><span class="cx"> <ClCompile Include="..\runtime\GetterSetter.cpp">
</span><span class="cx"> <Filter>runtime</Filter>
</span><span class="cx"> </ClCompile>
</span><span class="lines">@@ -2633,6 +2636,9 @@
</span><span class="cx"> <ClInclude Include="..\runtime\FunctionPrototype.h">
</span><span class="cx"> <Filter>runtime</Filter>
</span><span class="cx"> </ClInclude>
</span><ins>+ <ClInclude Include="..\runtime\FunctionRareData.h">
+ <Filter>runtime</Filter>
+ </ClInclude>
</ins><span class="cx"> <ClInclude Include="..\runtime\GetterSetter.h">
</span><span class="cx"> <Filter>runtime</Filter>
</span><span class="cx"> </ClInclude>
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreJavaScriptCorexcodeprojprojectpbxproj"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -953,6 +953,8 @@
</span><span class="cx"> 5DBB151B131D0B310056AD36 /* testapi.js in Copy Support Script */ = {isa = PBXBuildFile; fileRef = 14D857740A4696C80032146C /* testapi.js */; };
</span><span class="cx"> 5DBB1525131D0BD70056AD36 /* minidom.js in Copy Support Script */ = {isa = PBXBuildFile; fileRef = 1412110D0A48788700480255 /* minidom.js */; };
</span><span class="cx"> 5DE6E5B30E1728EC00180407 /* create_hash_table in Headers */ = {isa = PBXBuildFile; fileRef = F692A8540255597D01FF60F7 /* create_hash_table */; settings = {ATTRIBUTES = (); }; };
</span><ins>+ 62D2D38F1ADF103F000206C1 /* FunctionRareData.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 62D2D38D1ADF103F000206C1 /* FunctionRareData.cpp */; };
+ 62D2D3901ADF103F000206C1 /* FunctionRareData.h in Headers */ = {isa = PBXBuildFile; fileRef = 62D2D38E1ADF103F000206C1 /* FunctionRareData.h */; settings = {ATTRIBUTES = (Private, ); }; };
</ins><span class="cx"> 6507D29E0E871E5E00D7D896 /* JSTypeInfo.h in Headers */ = {isa = PBXBuildFile; fileRef = 6507D2970E871E4A00D7D896 /* JSTypeInfo.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="cx"> 651122FD14046A4C002B101D /* JavaScriptCore.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 932F5BD90822A1C700736975 /* JavaScriptCore.framework */; };
</span><span class="cx"> 651122FE14046A4C002B101D /* libedit.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = 5D5D8AD00E0D0EBE00F9C692 /* libedit.dylib */; };
</span><span class="lines">@@ -2644,6 +2646,8 @@
</span><span class="cx"> 5DAFD6CB146B686300FBEFB4 /* JSC.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = JSC.xcconfig; sourceTree = "<group>"; };
</span><span class="cx"> 5DDDF44614FEE72200B4FB4D /* LLIntDesiredOffsets.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = LLIntDesiredOffsets.h; path = LLIntOffsets/LLIntDesiredOffsets.h; sourceTree = BUILT_PRODUCTS_DIR; };
</span><span class="cx"> 5DE3D0F40DD8DDFB00468714 /* WebKitAvailability.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WebKitAvailability.h; sourceTree = "<group>"; };
</span><ins>+ 62D2D38D1ADF103F000206C1 /* FunctionRareData.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = FunctionRareData.cpp; sourceTree = "<group>"; };
+ 62D2D38E1ADF103F000206C1 /* FunctionRareData.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = FunctionRareData.h; sourceTree = "<group>"; };
</ins><span class="cx"> 6507D2970E871E4A00D7D896 /* JSTypeInfo.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSTypeInfo.h; sourceTree = "<group>"; };
</span><span class="cx"> 651122E5140469BA002B101D /* testRegExp.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = testRegExp.cpp; sourceTree = "<group>"; };
</span><span class="cx"> 6511230514046A4C002B101D /* testRegExp */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = testRegExp; sourceTree = BUILT_PRODUCTS_DIR; };
</span><span class="lines">@@ -4397,6 +4401,8 @@
</span><span class="cx"> 52B310FA1974AE610080857C /* FunctionHasExecutedCache.h */,
</span><span class="cx"> F692A85C0255597D01FF60F7 /* FunctionPrototype.cpp */,
</span><span class="cx"> F692A85D0255597D01FF60F7 /* FunctionPrototype.h */,
</span><ins>+ 62D2D38D1ADF103F000206C1 /* FunctionRareData.cpp */,
+ 62D2D38E1ADF103F000206C1 /* FunctionRareData.h */,
</ins><span class="cx"> 0FE050111AA9091100D33B33 /* GenericArguments.h */,
</span><span class="cx"> 0FE050121AA9091100D33B33 /* GenericArgumentsInlines.h */,
</span><span class="cx"> 0FE050131AA9091100D33B33 /* GenericOffset.h */,
</span><span class="lines">@@ -5624,6 +5630,7 @@
</span><span class="cx"> 0F2B9CF719D0BAC100B1D1B5 /* FTLExitTimeObjectMaterialization.h in Headers */,
</span><span class="cx"> 0FB7F39715ED8E4600F167B2 /* Butterfly.h in Headers */,
</span><span class="cx"> 0FB7F39815ED8E4600F167B2 /* ButterflyInlines.h in Headers */,
</span><ins>+ 62D2D3901ADF103F000206C1 /* FunctionRareData.h in Headers */,
</ins><span class="cx"> C2FCAE1117A9C24E0034C735 /* BytecodeBasicBlock.h in Headers */,
</span><span class="cx"> 0F21C27F14BEAA8200ADC64B /* BytecodeConventions.h in Headers */,
</span><span class="cx"> 969A07230ED1CE3300F1F681 /* BytecodeGenerator.h in Headers */,
</span><span class="lines">@@ -7445,6 +7452,7 @@
</span><span class="cx"> A5BA15EC182340B400A82E69 /* RemoteInspectorDebuggableConnection.mm in Sources */,
</span><span class="cx"> A5BA15EE182340B400A82E69 /* RemoteInspectorXPCConnection.mm in Sources */,
</span><span class="cx"> 0F24E55017EE274900ABB217 /* Repatch.cpp in Sources */,
</span><ins>+ 62D2D38F1ADF103F000206C1 /* FunctionRareData.cpp in Sources */,
</ins><span class="cx"> 0F7700921402FF3C0078EB39 /* SamplingCounter.cpp in Sources */,
</span><span class="cx"> 1429D8850ED21C3D00B89619 /* SamplingTool.cpp in Sources */,
</span><span class="cx"> 70EC0EC61AA0D7DA00B6AAFA /* StringIteratorPrototype.cpp in Sources */,
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGOperationscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGOperations.cpp (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGOperations.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/dfg/DFGOperations.cpp 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -229,7 +229,7 @@
</span><span class="cx"> ASSERT(jsCast<JSFunction*>(constructor)->methodTable(vm)->getConstructData(jsCast<JSFunction*>(constructor), constructData) == ConstructTypeJS);
</span><span class="cx"> #endif
</span><span class="cx">
</span><del>- return constructEmptyObject(exec, jsCast<JSFunction*>(constructor)->allocationProfile(exec, inlineCapacity)->structure());
</del><ins>+ return constructEmptyObject(exec, jsCast<JSFunction*>(constructor)->rareData(exec, inlineCapacity)->allocationProfile()->structure());
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> EncodedJSValue JIT_OPERATION operationValueAdd(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGSpeculativeJIT32_64cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -3497,12 +3497,16 @@
</span><span class="cx"> GPRReg allocatorGPR = allocator.gpr();
</span><span class="cx"> GPRReg structureGPR = structure.gpr();
</span><span class="cx"> GPRReg scratchGPR = scratch.gpr();
</span><ins>+ // Rare data is only used to access the allocator & structure
+ // We can avoid using an additional GPR this way
+ GPRReg rareDataGPR = structureGPR;
</ins><span class="cx">
</span><span class="cx"> MacroAssembler::JumpList slowPath;
</span><span class="cx">
</span><del>- m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfAllocator()), allocatorGPR);
- m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfStructure()), structureGPR);
- slowPath.append(m_jit.branchTestPtr(MacroAssembler::Zero, allocatorGPR));
</del><ins>+ m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfRareData()), rareDataGPR);
+ slowPath.append(m_jit.branchTestPtr(MacroAssembler::Zero, rareDataGPR));
+ m_jit.loadPtr(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfAllocator()), allocatorGPR);
+ m_jit.loadPtr(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfStructure()), structureGPR);
</ins><span class="cx"> emitAllocateJSObject(resultGPR, allocatorGPR, structureGPR, TrustedImmPtr(0), scratchGPR, slowPath);
</span><span class="cx">
</span><span class="cx"> addSlowPathGenerator(slowPathCall(slowPath, this, operationCreateThis, resultGPR, calleeGPR, node->inlineCapacity()));
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredfgDFGSpeculativeJIT64cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -3568,12 +3568,16 @@
</span><span class="cx"> GPRReg allocatorGPR = allocator.gpr();
</span><span class="cx"> GPRReg structureGPR = structure.gpr();
</span><span class="cx"> GPRReg scratchGPR = scratch.gpr();
</span><ins>+ // Rare data is only used to access the allocator & structure
+ // We can avoid using an additional GPR this way
+ GPRReg rareDataGPR = structureGPR;
</ins><span class="cx">
</span><span class="cx"> MacroAssembler::JumpList slowPath;
</span><del>-
- m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfAllocator()), allocatorGPR);
- m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfStructure()), structureGPR);
- slowPath.append(m_jit.branchTestPtr(MacroAssembler::Zero, allocatorGPR));
</del><ins>+
+ m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfRareData()), rareDataGPR);
+ slowPath.append(m_jit.branchTestPtr(MacroAssembler::Zero, rareDataGPR));
+ m_jit.loadPtr(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfAllocator()), allocatorGPR);
+ m_jit.loadPtr(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfStructure()), structureGPR);
</ins><span class="cx"> emitAllocateJSObject(resultGPR, allocatorGPR, structureGPR, TrustedImmPtr(0), scratchGPR, slowPath);
</span><span class="cx">
</span><span class="cx"> addSlowPathGenerator(slowPathCall(slowPath, this, operationCreateThis, resultGPR, calleeGPR, node->inlineCapacity()));
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITOpcodescpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/jit/JITOpcodes.cpp 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -695,15 +695,17 @@
</span><span class="cx"> {
</span><span class="cx"> int callee = currentInstruction[2].u.operand;
</span><span class="cx"> RegisterID calleeReg = regT0;
</span><ins>+ RegisterID rareDataReg = regT0;
</ins><span class="cx"> RegisterID resultReg = regT0;
</span><span class="cx"> RegisterID allocatorReg = regT1;
</span><span class="cx"> RegisterID structureReg = regT2;
</span><span class="cx"> RegisterID scratchReg = regT3;
</span><span class="cx">
</span><span class="cx"> emitGetVirtualRegister(callee, calleeReg);
</span><del>- loadPtr(Address(calleeReg, JSFunction::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfAllocator()), allocatorReg);
- loadPtr(Address(calleeReg, JSFunction::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfStructure()), structureReg);
- addSlowCase(branchTestPtr(Zero, allocatorReg));
</del><ins>+ loadPtr(Address(calleeReg, JSFunction::offsetOfRareData()), rareDataReg);
+ addSlowCase(branchTestPtr(Zero, rareDataReg));
+ loadPtr(Address(rareDataReg, FunctionRareData::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfAllocator()), allocatorReg);
+ loadPtr(Address(rareDataReg, FunctionRareData::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfStructure()), structureReg);
</ins><span class="cx">
</span><span class="cx"> emitAllocateJSObject(allocatorReg, structureReg, resultReg, scratchReg);
</span><span class="cx"> emitPutVirtualRegister(currentInstruction[1].u.operand);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITOpcodes32_64cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/jit/JITOpcodes32_64.cpp 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -914,15 +914,17 @@
</span><span class="cx"> {
</span><span class="cx"> int callee = currentInstruction[2].u.operand;
</span><span class="cx"> RegisterID calleeReg = regT0;
</span><ins>+ RegisterID rareDataReg = regT0;
</ins><span class="cx"> RegisterID resultReg = regT0;
</span><span class="cx"> RegisterID allocatorReg = regT1;
</span><span class="cx"> RegisterID structureReg = regT2;
</span><span class="cx"> RegisterID scratchReg = regT3;
</span><span class="cx">
</span><span class="cx"> emitLoadPayload(callee, calleeReg);
</span><del>- loadPtr(Address(calleeReg, JSFunction::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfAllocator()), allocatorReg);
- loadPtr(Address(calleeReg, JSFunction::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfStructure()), structureReg);
- addSlowCase(branchTestPtr(Zero, allocatorReg));
</del><ins>+ loadPtr(Address(calleeReg, JSFunction::offsetOfRareData()), rareDataReg);
+ addSlowCase(branchTestPtr(Zero, rareDataReg));
+ loadPtr(Address(rareDataReg, FunctionRareData::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfAllocator()), allocatorReg);
+ loadPtr(Address(rareDataReg, FunctionRareData::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfStructure()), structureReg);
</ins><span class="cx">
</span><span class="cx"> emitAllocateJSObject(allocatorReg, structureReg, resultReg, scratchReg);
</span><span class="cx"> emitStoreCell(currentInstruction[1].u.operand, resultReg);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorellintLowLevelInterpreter32_64asm"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -740,9 +740,10 @@
</span><span class="cx"> traceExecution()
</span><span class="cx"> loadi 8[PC], t0
</span><span class="cx"> loadp PayloadOffset[cfr, t0, 8], t0
</span><del>- loadp JSFunction::m_allocationProfile + ObjectAllocationProfile::m_allocator[t0], t1
- loadp JSFunction::m_allocationProfile + ObjectAllocationProfile::m_structure[t0], t2
- btpz t1, .opCreateThisSlow
</del><ins>+ loadp JSFunction::m_rareData[t0], t4
+ btpz t4, .opCreateThisSlow
+ loadp FunctionRareData::m_allocationProfile + ObjectAllocationProfile::m_allocator[t4], t1
+ loadp FunctionRareData::m_allocationProfile + ObjectAllocationProfile::m_structure[t4], t2
</ins><span class="cx"> allocateJSObject(t1, t2, t0, t3, .opCreateThisSlow)
</span><span class="cx"> loadi 4[PC], t1
</span><span class="cx"> storei CellTag, TagOffset[cfr, t1, 8]
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorellintLowLevelInterpreter64asm"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -626,9 +626,10 @@
</span><span class="cx"> traceExecution()
</span><span class="cx"> loadisFromInstruction(2, t0)
</span><span class="cx"> loadp [cfr, t0, 8], t0
</span><del>- loadp JSFunction::m_allocationProfile + ObjectAllocationProfile::m_allocator[t0], t1
- loadp JSFunction::m_allocationProfile + ObjectAllocationProfile::m_structure[t0], t2
- btpz t1, .opCreateThisSlow
</del><ins>+ loadp JSFunction::m_rareData[t0], t4
+ btpz t4, .opCreateThisSlow
+ loadp FunctionRareData::m_allocationProfile + ObjectAllocationProfile::m_allocator[t4], t1
+ loadp FunctionRareData::m_allocationProfile + ObjectAllocationProfile::m_structure[t4], t2
</ins><span class="cx"> allocateJSObject(t1, t2, t0, t3, .opCreateThisSlow)
</span><span class="cx"> loadisFromInstruction(1, t1)
</span><span class="cx"> storeq t0, [cfr, t1, 8]
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeCommonSlowPathscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.cpp (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/runtime/CommonSlowPaths.cpp 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -236,7 +236,7 @@
</span><span class="cx"> #endif
</span><span class="cx">
</span><span class="cx"> size_t inlineCapacity = pc[3].u.operand;
</span><del>- Structure* structure = constructor->allocationProfile(exec, inlineCapacity)->structure();
</del><ins>+ Structure* structure = constructor->rareData(exec, inlineCapacity)->allocationProfile()->structure();
</ins><span class="cx"> RETURN(constructEmptyObject(exec, structure));
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeFunctionRareDatacpp"></a>
<div class="addfile"><h4>Added: trunk/Source/JavaScriptCore/runtime/FunctionRareData.cpp (0 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/FunctionRareData.cpp (rev 0)
+++ trunk/Source/JavaScriptCore/runtime/FunctionRareData.cpp 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -0,0 +1,86 @@
</span><ins>+/*
+ * Copyright (C) 2015 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "FunctionRareData.h"
+
+#include "JSCInlines.h"
+
+namespace JSC {
+
+const ClassInfo FunctionRareData::s_info = { "FunctionRareData", 0, 0, CREATE_METHOD_TABLE(FunctionRareData) };
+
+FunctionRareData* FunctionRareData::create(VM& vm, JSObject* prototype, size_t inlineCapacity)
+{
+ FunctionRareData* rareData = new (NotNull, allocateCell<FunctionRareData>(vm.heap)) FunctionRareData(vm);
+ rareData->finishCreation(vm, prototype, inlineCapacity);
+ return rareData;
+}
+
+void FunctionRareData::destroy(JSCell* cell)
+{
+ FunctionRareData* rareData = static_cast<FunctionRareData*>(cell);
+ rareData->FunctionRareData::~FunctionRareData();
+}
+
+Structure* FunctionRareData::createStructure(VM& vm, JSGlobalObject* globalObject, JSValue prototype)
+{
+ return Structure::create(vm, globalObject, prototype, TypeInfo(CellType, StructureFlags), info());
+}
+
+void FunctionRareData::visitChildren(JSCell* cell, SlotVisitor& visitor)
+{
+ FunctionRareData* rareData = jsCast<FunctionRareData*>(cell);
+
+ rareData->m_allocationProfile.visitAggregate(visitor);
+}
+
+FunctionRareData::FunctionRareData(VM& vm)
+ : Base(vm, vm.functionRareDataStructure.get())
+ , m_allocationProfile()
+ // We initialize blind so that changes to the prototype after function creation but before
+ // the optimizer kicks in don't disable optimizations. Once the optimizer kicks in, the
+ // watchpoint will start watching and any changes will both force deoptimization and disable
+ // future attempts to optimize. This is necessary because we are guaranteed that the
+ // allocation profile is changed exactly once prior to optimizations kicking in. We could be
+ // smarter and count the number of times the prototype is clobbered and only optimize if it
+ // was clobbered exactly once, but that seems like overkill. In almost all cases it will be
+ // clobbered once, and if it's clobbered more than once, that will probably only occur
+ // before we started optimizing, anyway.
+ , m_allocationProfileWatchpoint(ClearWatchpoint)
+{
+}
+
+FunctionRareData::~FunctionRareData()
+{
+}
+
+void FunctionRareData::finishCreation(VM& vm, JSObject* prototype, size_t inlineCapacity)
+{
+ Base::finishCreation(vm);
+ m_allocationProfile.initialize(vm, this, prototype, inlineCapacity);
+}
+
+}
</ins></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeFunctionRareDatah"></a>
<div class="addfile"><h4>Added: trunk/Source/JavaScriptCore/runtime/FunctionRareData.h (0 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/FunctionRareData.h (rev 0)
+++ trunk/Source/JavaScriptCore/runtime/FunctionRareData.h 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -0,0 +1,97 @@
</span><ins>+/*
+ * Copyright (C) 2015 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef FunctionRareData_h
+#define FunctionRareData_h
+
+#include "JSCell.h"
+#include "ObjectAllocationProfile.h"
+#include "Watchpoint.h"
+
+namespace JSC {
+
+class JSGlobalObject;
+class LLIntOffsetsExtractor;
+namespace DFG {
+class SpeculativeJIT;
+class JITCompiler;
+}
+
+class FunctionRareData : public JSCell {
+ friend class JIT;
+ friend class DFG::SpeculativeJIT;
+ friend class DFG::JITCompiler;
+ friend class VM;
+
+public:
+ typedef JSCell Base;
+ static const unsigned StructureFlags = StructureIsImmortal | Base::StructureFlags;
+
+ static FunctionRareData* create(VM&, JSObject* prototype, size_t inlineCapacity);
+
+ static const bool needsDestruction = true;
+ static void destroy(JSCell*);
+
+ static Structure* createStructure(VM&, JSGlobalObject*, JSValue prototype);
+
+ static void visitChildren(JSCell*, SlotVisitor&);
+
+ DECLARE_INFO;
+
+ static inline ptrdiff_t offsetOfAllocationProfile()
+ {
+ return OBJECT_OFFSETOF(FunctionRareData, m_allocationProfile);
+ }
+
+ ObjectAllocationProfile* allocationProfile()
+ {
+ return &m_allocationProfile;
+ }
+
+ Structure* allocationStructure() { return m_allocationProfile.structure(); }
+
+ InlineWatchpointSet& allocationProfileWatchpointSet()
+ {
+ return m_allocationProfileWatchpoint;
+ }
+
+protected:
+ FunctionRareData(VM&);
+ ~FunctionRareData();
+
+ void finishCreation(VM&, JSObject* prototype, size_t inlineCapacity);
+ using Base::finishCreation;
+
+private:
+
+ friend class LLIntOffsetsExtractor;
+
+ ObjectAllocationProfile m_allocationProfile;
+ InlineWatchpointSet m_allocationProfileWatchpoint;
+};
+
+} // namespace JSC
+
+#endif // FunctionRareData_h
</ins></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSBoundFunctioncpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSBoundFunction.cpp (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSBoundFunction.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/runtime/JSBoundFunction.cpp 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -86,11 +86,6 @@
</span><span class="cx"> return function;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void JSBoundFunction::destroy(JSCell* cell)
-{
- static_cast<JSBoundFunction*>(cell)->JSBoundFunction::~JSBoundFunction();
-}
-
</del><span class="cx"> bool JSBoundFunction::customHasInstance(JSObject* object, ExecState* exec, JSValue value)
</span><span class="cx"> {
</span><span class="cx"> return jsCast<JSBoundFunction*>(object)->m_targetFunction->hasInstance(exec, value);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSBoundFunctionh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSBoundFunction.h (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSBoundFunction.h 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/runtime/JSBoundFunction.h 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -40,8 +40,6 @@
</span><span class="cx">
</span><span class="cx"> static JSBoundFunction* create(VM&, JSGlobalObject*, JSObject* targetFunction, JSValue boundThis, JSValue boundArgs, int, const String&);
</span><span class="cx">
</span><del>- static void destroy(JSCell*);
-
</del><span class="cx"> static bool customHasInstance(JSObject*, ExecState*, JSValue);
</span><span class="cx">
</span><span class="cx"> JSObject* targetFunction() { return m_targetFunction.get(); }
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSCalleecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSCallee.cpp (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSCallee.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/runtime/JSCallee.cpp 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -39,11 +39,6 @@
</span><span class="cx">
</span><span class="cx"> const ClassInfo JSCallee::s_info = { "Callee", &Base::s_info, 0, CREATE_METHOD_TABLE(JSCallee) };
</span><span class="cx">
</span><del>-void JSCallee::destroy(JSCell* cell)
-{
- static_cast<JSCallee*>(cell)->JSCallee::~JSCallee();
-}
-
</del><span class="cx"> JSCallee::JSCallee(VM& vm, JSGlobalObject* globalObject, Structure* structure)
</span><span class="cx"> : Base(vm, structure)
</span><span class="cx"> , m_scope(vm, this, globalObject)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSCalleeh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSCallee.h (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSCallee.h 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/runtime/JSCallee.h 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -26,8 +26,8 @@
</span><span class="cx"> #ifndef JSCallee_h
</span><span class="cx"> #define JSCallee_h
</span><span class="cx">
</span><del>-#include "JSDestructibleObject.h"
</del><span class="cx"> #include "JSGlobalObject.h"
</span><ins>+#include "JSObject.h"
</ins><span class="cx"> #include "JSScope.h"
</span><span class="cx">
</span><span class="cx"> namespace JSC {
</span><span class="lines">@@ -36,7 +36,7 @@
</span><span class="cx"> class LLIntOffsetsExtractor;
</span><span class="cx">
</span><span class="cx">
</span><del>-class JSCallee : public JSDestructibleObject {
</del><ins>+class JSCallee : public JSNonFinalObject {
</ins><span class="cx"> friend class JIT;
</span><span class="cx"> #if ENABLE(DFG_JIT)
</span><span class="cx"> friend class DFG::SpeculativeJIT;
</span><span class="lines">@@ -45,7 +45,7 @@
</span><span class="cx"> friend class VM;
</span><span class="cx">
</span><span class="cx"> public:
</span><del>- typedef JSDestructibleObject Base;
</del><ins>+ typedef JSNonFinalObject Base;
</ins><span class="cx"> const static unsigned StructureFlags = Base::StructureFlags | ImplementsHasInstance;
</span><span class="cx">
</span><span class="cx"> static JSCallee* create(VM& vm, JSGlobalObject* globalObject, JSScope* scope)
</span><span class="lines">@@ -55,8 +55,6 @@
</span><span class="cx"> return callee;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- static void destroy(JSCell*);
-
</del><span class="cx"> JSScope* scope()
</span><span class="cx"> {
</span><span class="cx"> return m_scope.get();
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSFunctioncpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSFunction.cpp (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSFunction.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/runtime/JSFunction.cpp 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -85,24 +85,9 @@
</span><span class="cx"> return function;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-void JSFunction::destroy(JSCell* cell)
-{
- static_cast<JSFunction*>(cell)->JSFunction::~JSFunction();
-}
-
</del><span class="cx"> JSFunction::JSFunction(VM& vm, JSGlobalObject* globalObject, Structure* structure)
</span><span class="cx"> : Base(vm, globalObject, structure)
</span><span class="cx"> , m_executable()
</span><del>- // We initialize blind so that changes to the prototype after function creation but before
- // the optimizer kicks in don't disable optimizations. Once the optimizer kicks in, the
- // watchpoint will start watching and any changes will both force deoptimization and disable
- // future attempts to optimize. This is necessary because we are guaranteed that the
- // allocation profile is changed exactly once prior to optimizations kicking in. We could be
- // smarter and count the number of times the prototype is clobbered and only optimize if it
- // was clobbered exactly once, but that seems like overkill. In almost all cases it will be
- // clobbered once, and if it's clobbered more than once, that will probably only occur
- // before we started optimizing, anyway.
- , m_allocationProfileWatchpoint(ClearWatchpoint)
</del><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -123,14 +108,15 @@
</span><span class="cx"> return function;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-ObjectAllocationProfile* JSFunction::createAllocationProfile(ExecState* exec, size_t inlineCapacity)
</del><ins>+FunctionRareData* JSFunction::createRareData(ExecState* exec, size_t inlineCapacity)
</ins><span class="cx"> {
</span><span class="cx"> VM& vm = exec->vm();
</span><span class="cx"> JSObject* prototype = jsDynamicCast<JSObject*>(get(exec, vm.propertyNames->prototype));
</span><span class="cx"> if (!prototype)
</span><span class="cx"> prototype = globalObject()->objectPrototype();
</span><del>- m_allocationProfile.initialize(globalObject()->vm(), this, prototype, inlineCapacity);
- return &m_allocationProfile;
</del><ins>+ FunctionRareData* rareData = FunctionRareData::create(vm, prototype, inlineCapacity);
+ m_rareData.set(vm, this, rareData);
+ return m_rareData.get();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> String JSFunction::name(ExecState* exec)
</span><span class="lines">@@ -176,7 +162,8 @@
</span><span class="cx"> Base::visitChildren(thisObject, visitor);
</span><span class="cx">
</span><span class="cx"> visitor.append(&thisObject->m_executable);
</span><del>- thisObject->m_allocationProfile.visitAggregate(visitor);
</del><ins>+ if (thisObject->m_rareData)
+ visitor.append(&thisObject->m_rareData);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> CallType JSFunction::getCallData(JSCell* cell, CallData& callData)
</span><span class="lines">@@ -402,9 +389,11 @@
</span><span class="cx"> // following the rules set out in ECMA-262 8.12.9.
</span><span class="cx"> PropertySlot slot(thisObject);
</span><span class="cx"> thisObject->methodTable(exec->vm())->getOwnPropertySlot(thisObject, exec, propertyName, slot);
</span><del>- thisObject->m_allocationProfile.clear();
- thisObject->m_allocationProfileWatchpoint.fireAll("Store to prototype property of a function");
- // Don't allow this to be cached, since a [[Put]] must clear m_allocationProfile.
</del><ins>+ if (thisObject->m_rareData) {
+ thisObject->m_rareData->allocationProfileWatchpointSet().fireAll("Store to prototype property of a function");
+ thisObject->m_rareData.clear();
+ }
+ // Don't allow this to be cached, since a [[Put]] must clear m_rareData.
</ins><span class="cx"> PutPropertySlot dontCache(thisObject);
</span><span class="cx"> Base::put(thisObject, exec, propertyName, value, dontCache);
</span><span class="cx"> return;
</span><span class="lines">@@ -449,8 +438,10 @@
</span><span class="cx"> // following the rules set out in ECMA-262 8.12.9.
</span><span class="cx"> PropertySlot slot(thisObject);
</span><span class="cx"> thisObject->methodTable(exec->vm())->getOwnPropertySlot(thisObject, exec, propertyName, slot);
</span><del>- thisObject->m_allocationProfile.clear();
- thisObject->m_allocationProfileWatchpoint.fireAll("Store to prototype property of a function");
</del><ins>+ if (thisObject->m_rareData) {
+ thisObject->m_rareData->allocationProfileWatchpointSet().fireAll("Store to prototype property of a function");
+ thisObject->m_rareData.clear();
+ }
</ins><span class="cx"> return Base::defineOwnProperty(object, exec, propertyName, descriptor, throwException);
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSFunctionh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSFunction.h (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSFunction.h 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/runtime/JSFunction.h 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -24,10 +24,10 @@
</span><span class="cx"> #ifndef JSFunction_h
</span><span class="cx"> #define JSFunction_h
</span><span class="cx">
</span><ins>+#include "FunctionRareData.h"
</ins><span class="cx"> #include "InternalFunction.h"
</span><span class="cx"> #include "JSCallee.h"
</span><span class="cx"> #include "JSScope.h"
</span><del>-#include "ObjectAllocationProfile.h"
</del><span class="cx"> #include "Watchpoint.h"
</span><span class="cx">
</span><span class="cx"> namespace JSC {
</span><span class="lines">@@ -48,7 +48,7 @@
</span><span class="cx"> JS_EXPORT_PRIVATE EncodedJSValue JSC_HOST_CALL callHostFunctionAsConstructor(ExecState*);
</span><span class="cx">
</span><span class="cx"> JS_EXPORT_PRIVATE String getCalculatedDisplayName(CallFrame*, JSObject*);
</span><del>-
</del><ins>+
</ins><span class="cx"> class JSFunction : public JSCallee {
</span><span class="cx"> friend class JIT;
</span><span class="cx"> friend class DFG::SpeculativeJIT;
</span><span class="lines">@@ -67,8 +67,6 @@
</span><span class="cx">
</span><span class="cx"> static JSFunction* createBuiltinFunction(VM&, FunctionExecutable*, JSGlobalObject*);
</span><span class="cx">
</span><del>- static void destroy(JSCell*);
-
</del><span class="cx"> JS_EXPORT_PRIVATE String name(ExecState*);
</span><span class="cx"> JS_EXPORT_PRIVATE String displayName(ExecState*);
</span><span class="cx"> const String calculatedDisplayName(ExecState*);
</span><span class="lines">@@ -100,23 +98,28 @@
</span><span class="cx"> return OBJECT_OFFSETOF(JSFunction, m_executable);
</span><span class="cx"> }
</span><span class="cx">
</span><del>- static inline ptrdiff_t offsetOfAllocationProfile()
</del><ins>+ static inline ptrdiff_t offsetOfRareData()
</ins><span class="cx"> {
</span><del>- return OBJECT_OFFSETOF(JSFunction, m_allocationProfile);
</del><ins>+ return OBJECT_OFFSETOF(JSFunction, m_rareData);
</ins><span class="cx"> }
</span><span class="cx">
</span><del>- ObjectAllocationProfile* allocationProfile(ExecState* exec, unsigned inlineCapacity)
</del><ins>+ FunctionRareData* rareData(ExecState* exec, unsigned inlineCapacity)
</ins><span class="cx"> {
</span><del>- if (UNLIKELY(m_allocationProfile.isNull()))
- return createAllocationProfile(exec, inlineCapacity);
- return &m_allocationProfile;
</del><ins>+ if (UNLIKELY(!m_rareData))
+ return createRareData(exec, inlineCapacity);
+ return m_rareData.get();
</ins><span class="cx"> }
</span><span class="cx">
</span><del>- Structure* allocationStructure() { return m_allocationProfile.structure(); }
</del><ins>+ Structure* allocationStructure()
+ {
+ ASSERT(m_rareData);
+ return m_rareData.get()->allocationStructure();
+ }
</ins><span class="cx">
</span><span class="cx"> InlineWatchpointSet& allocationProfileWatchpointSet()
</span><span class="cx"> {
</span><del>- return m_allocationProfileWatchpoint;
</del><ins>+ ASSERT(m_rareData);
+ return m_rareData.get()->allocationProfileWatchpointSet();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> bool isHostOrBuiltinFunction() const;
</span><span class="lines">@@ -131,7 +134,7 @@
</span><span class="cx"> void finishCreation(VM&, NativeExecutable*, int length, const String& name);
</span><span class="cx"> using Base::finishCreation;
</span><span class="cx">
</span><del>- ObjectAllocationProfile* createAllocationProfile(ExecState*, size_t inlineCapacity);
</del><ins>+ FunctionRareData* createRareData(ExecState*, size_t inlineCapacity);
</ins><span class="cx">
</span><span class="cx"> static bool getOwnPropertySlot(JSObject*, ExecState*, PropertyName, PropertySlot&);
</span><span class="cx"> static void getOwnNonIndexPropertyNames(JSObject*, ExecState*, PropertyNameArray&, EnumerationMode = EnumerationMode());
</span><span class="lines">@@ -160,8 +163,7 @@
</span><span class="cx"> static EncodedJSValue nameGetter(ExecState*, JSObject*, EncodedJSValue, PropertyName);
</span><span class="cx">
</span><span class="cx"> WriteBarrier<ExecutableBase> m_executable;
</span><del>- ObjectAllocationProfile m_allocationProfile;
- InlineWatchpointSet m_allocationProfileWatchpoint;
</del><ins>+ WriteBarrier<FunctionRareData> m_rareData;
</ins><span class="cx"> };
</span><span class="cx">
</span><span class="cx"> } // namespace JSC
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSFunctionInlinesh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSFunctionInlines.h (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSFunctionInlines.h 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/runtime/JSFunctionInlines.h 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -41,7 +41,7 @@
</span><span class="cx"> inline JSFunction::JSFunction(VM& vm, FunctionExecutable* executable, JSScope* scope)
</span><span class="cx"> : Base(vm, scope, scope->globalObject()->functionStructure())
</span><span class="cx"> , m_executable(vm, this, executable)
</span><del>- , m_allocationProfileWatchpoint(ClearWatchpoint) // See comment in JSFunction.cpp concerning the reason for using ClearWatchpoint as opposed to IsWatched.
</del><ins>+ , m_rareData()
</ins><span class="cx"> {
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeVMcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/VM.cpp (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/VM.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/runtime/VM.cpp 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -231,6 +231,7 @@
</span><span class="cx"> propertyTableStructure.set(*this, PropertyTable::createStructure(*this, 0, jsNull()));
</span><span class="cx"> weakMapDataStructure.set(*this, WeakMapData::createStructure(*this, 0, jsNull()));
</span><span class="cx"> inferredValueStructure.set(*this, InferredValue::createStructure(*this, 0, jsNull()));
</span><ins>+ functionRareDataStructure.set(*this, FunctionRareData::createStructure(*this, 0, jsNull()));
</ins><span class="cx"> #if ENABLE(PROMISES)
</span><span class="cx"> promiseDeferredStructure.set(*this, JSPromiseDeferred::createStructure(*this, 0, jsNull()));
</span><span class="cx"> promiseReactionStructure.set(*this, JSPromiseReaction::createStructure(*this, 0, jsNull()));
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeVMh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/VM.h (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/VM.h 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/JavaScriptCore/runtime/VM.h 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -271,6 +271,7 @@
</span><span class="cx"> Strong<Structure> propertyTableStructure;
</span><span class="cx"> Strong<Structure> weakMapDataStructure;
</span><span class="cx"> Strong<Structure> inferredValueStructure;
</span><ins>+ Strong<Structure> functionRareDataStructure;
</ins><span class="cx"> #if ENABLE(PROMISES)
</span><span class="cx"> Strong<Structure> promiseDeferredStructure;
</span><span class="cx"> Strong<Structure> promiseReactionStructure;
</span></span></pre></div>
<a id="trunkWebKitxcworkspacecontentsxcworkspacedata"></a>
<div class="modfile"><h4>Modified: trunk/WebKit.xcworkspace/contents.xcworkspacedata (182898 => 182899)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/WebKit.xcworkspace/contents.xcworkspacedata 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/WebKit.xcworkspace/contents.xcworkspacedata 2015-04-16 19:15:09 UTC (rev 182899)
</span><span class="lines">@@ -2,6 +2,15 @@
</span><span class="cx"> <Workspace
</span><span class="cx"> version = "1.0">
</span><span class="cx"> <FileRef
</span><ins>+ location = "group:Source/JavaScriptCore/runtime/FunctionRareData.cpp">
+ </FileRef>
+ <FileRef
+ location = "group:Source/JavaScriptCore/runtime/FunctionRareData.h">
+ </FileRef>
+ <FileRef
+ location = "group:Source">
+ </FileRef>
+ <FileRef
</ins><span class="cx"> location = "group:Source/bmalloc/bmalloc.xcodeproj">
</span><span class="cx"> </FileRef>
</span><span class="cx"> <FileRef
</span></span></pre>
</div>
</div>
</body>
</html>