<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[194175] trunk/Source/JavaScriptCore</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/194175">194175</a></dd>
<dt>Author</dt> <dd>fpizlo@apple.com</dd>
<dt>Date</dt> <dd>2015-12-16 14:39:13 -0800 (Wed, 16 Dec 2015)</dd>
</dl>
<h3>Log Message</h3>
<pre>Improve JSObject::put performance
https://bugs.webkit.org/show_bug.cgi?id=152347
Reviewed by Geoffrey Garen.
This adds a new benchmark called dynbench, which just uses the C++ API to create, modify, and
query objects. This also adds some optimizations to make the JSObject::put code faster by making
it inlinable in places that really need the performance, like JITOperations and LLIntSlowPaths.
Inlining it is optional because the put() method is large. If you want it inlined, call
putInline(). There's a putInline() variant of both JSObject::put() and JSValue::put().
This is up to a 20% improvement for JSObject::put calls that get inlined all the way (like from
JITOperations and the new benchmark) and it's also a speed-up, albeit a smaller one, for
JSObject::put calls that don't get inlined (i.e. those from the DOM and the JSC C++ library code).
Specific speed-ups are as follows. Note that "dynamic context" means that we told PutPropertySlot
that we're not a static put_by_id, which turns off some type inference.
Get By Id: 2% faster
Put By Id Replace: 23% faster
Put By Id Transition + object allocation: 11% faster
Get By Id w/ dynamic context: 5% faster
Put By Id Replace w/ dynamic context: 25% faster
Put By Id Transition + object allocation w/ dynamic context: 10% faster
* JavaScriptCore.xcodeproj/project.pbxproj:
* dynbench.cpp: Added.
(JSC::benchmarkImpl):
(main):
* jit/CallFrameShuffler32_64.cpp:
* jit/CallFrameShuffler64.cpp:
* jit/JITOperations.cpp:
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
* runtime/ClassInfo.h:
(JSC::ClassInfo::hasStaticProperties):
* runtime/ConsoleClient.cpp:
* runtime/CustomGetterSetter.h:
* runtime/ErrorInstance.cpp:
(JSC::ErrorInstance::finishCreation):
(JSC::addErrorInfoAndGetBytecodeOffset): Deleted.
* runtime/GetterSetter.h:
(JSC::asGetterSetter):
* runtime/JSCInlines.h:
* runtime/JSCJSValue.h:
* runtime/JSCJSValueInlines.h:
(JSC::JSValue::put):
(JSC::JSValue::putInternal):
(JSC::JSValue::putByIndex):
* runtime/JSObject.cpp:
(JSC::JSObject::put):
(JSC::JSObject::putByIndex):
* runtime/JSObject.h:
(JSC::JSObject::getVectorLength):
(JSC::JSObject::inlineGetOwnPropertySlot):
(JSC::JSObject::get):
(JSC::JSObject::putDirectInternal):</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoreChangeLog">trunk/Source/JavaScriptCore/ChangeLog</a></li>
<li><a href="#trunkSourceJavaScriptCoreJavaScriptCorexcodeprojprojectpbxproj">trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj</a></li>
<li><a href="#trunkSourceJavaScriptCorejitCallFrameShuffler32_64cpp">trunk/Source/JavaScriptCore/jit/CallFrameShuffler32_64.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitCallFrameShuffler64cpp">trunk/Source/JavaScriptCore/jit/CallFrameShuffler64.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorejitJITOperationscpp">trunk/Source/JavaScriptCore/jit/JITOperations.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCorellintLLIntSlowPathscpp">trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeClassInfoh">trunk/Source/JavaScriptCore/runtime/ClassInfo.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeConsoleClientcpp">trunk/Source/JavaScriptCore/runtime/ConsoleClient.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeCustomGetterSetterh">trunk/Source/JavaScriptCore/runtime/CustomGetterSetter.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeErrorInstancecpp">trunk/Source/JavaScriptCore/runtime/ErrorInstance.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeGetterSetterh">trunk/Source/JavaScriptCore/runtime/GetterSetter.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSCInlinesh">trunk/Source/JavaScriptCore/runtime/JSCInlines.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSCJSValueh">trunk/Source/JavaScriptCore/runtime/JSCJSValue.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSCJSValueInlinesh">trunk/Source/JavaScriptCore/runtime/JSCJSValueInlines.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSObjectcpp">trunk/Source/JavaScriptCore/runtime/JSObject.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSObjecth">trunk/Source/JavaScriptCore/runtime/JSObject.h</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeStructureh">trunk/Source/JavaScriptCore/runtime/Structure.h</a></li>
</ul>
<h3>Added Paths</h3>
<ul>
<li><a href="#trunkSourceJavaScriptCoredynbenchcpp">trunk/Source/JavaScriptCore/dynbench.cpp</a></li>
<li><a href="#trunkSourceJavaScriptCoreruntimeJSObjectInlinesh">trunk/Source/JavaScriptCore/runtime/JSObjectInlines.h</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceJavaScriptCoreChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/ChangeLog (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/ChangeLog 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/ChangeLog 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -1,5 +1,64 @@
</span><span class="cx"> 2015-12-16 Filip Pizlo <fpizlo@apple.com>
</span><span class="cx">
</span><ins>+ Improve JSObject::put performance
+ https://bugs.webkit.org/show_bug.cgi?id=152347
+
+ Reviewed by Geoffrey Garen.
+
+ This adds a new benchmark called dynbench, which just uses the C++ API to create, modify, and
+ query objects. This also adds some optimizations to make the JSObject::put code faster by making
+ it inlinable in places that really need the performance, like JITOperations and LLIntSlowPaths.
+ Inlining it is optional because the put() method is large. If you want it inlined, call
+ putInline(). There's a putInline() variant of both JSObject::put() and JSValue::put().
+
+ This is up to a 20% improvement for JSObject::put calls that get inlined all the way (like from
+ JITOperations and the new benchmark) and it's also a speed-up, albeit a smaller one, for
+ JSObject::put calls that don't get inlined (i.e. those from the DOM and the JSC C++ library code).
+ Specific speed-ups are as follows. Note that "dynamic context" means that we told PutPropertySlot
+ that we're not a static put_by_id, which turns off some type inference.
+
+ Get By Id: 2% faster
+ Put By Id Replace: 23% faster
+ Put By Id Transition + object allocation: 11% faster
+ Get By Id w/ dynamic context: 5% faster
+ Put By Id Replace w/ dynamic context: 25% faster
+ Put By Id Transition + object allocation w/ dynamic context: 10% faster
+
+ * JavaScriptCore.xcodeproj/project.pbxproj:
+ * dynbench.cpp: Added.
+ (JSC::benchmarkImpl):
+ (main):
+ * jit/CallFrameShuffler32_64.cpp:
+ * jit/CallFrameShuffler64.cpp:
+ * jit/JITOperations.cpp:
+ * llint/LLIntSlowPaths.cpp:
+ (JSC::LLInt::LLINT_SLOW_PATH_DECL):
+ * runtime/ClassInfo.h:
+ (JSC::ClassInfo::hasStaticProperties):
+ * runtime/ConsoleClient.cpp:
+ * runtime/CustomGetterSetter.h:
+ * runtime/ErrorInstance.cpp:
+ (JSC::ErrorInstance::finishCreation):
+ (JSC::addErrorInfoAndGetBytecodeOffset): Deleted.
+ * runtime/GetterSetter.h:
+ (JSC::asGetterSetter):
+ * runtime/JSCInlines.h:
+ * runtime/JSCJSValue.h:
+ * runtime/JSCJSValueInlines.h:
+ (JSC::JSValue::put):
+ (JSC::JSValue::putInternal):
+ (JSC::JSValue::putByIndex):
+ * runtime/JSObject.cpp:
+ (JSC::JSObject::put):
+ (JSC::JSObject::putByIndex):
+ * runtime/JSObject.h:
+ (JSC::JSObject::getVectorLength):
+ (JSC::JSObject::inlineGetOwnPropertySlot):
+ (JSC::JSObject::get):
+ (JSC::JSObject::putDirectInternal):
+
+2015-12-16 Filip Pizlo <fpizlo@apple.com>
+
</ins><span class="cx"> Work around a bug in LLVM by flipping the unification order
</span><span class="cx"> https://bugs.webkit.org/show_bug.cgi?id=152341
</span><span class="cx"> rdar://problem/23920749
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreJavaScriptCorexcodeprojprojectpbxproj"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -25,6 +25,7 @@
</span><span class="cx"> buildPhases = (
</span><span class="cx"> );
</span><span class="cx"> dependencies = (
</span><ins>+ 0F93275D1C20BF3A00CF6564 /* PBXTargetDependency */,
</ins><span class="cx"> 0FEC85B11BDB5D8F0080FF74 /* PBXTargetDependency */,
</span><span class="cx"> 5D6B2A4F152B9E23005231DE /* PBXTargetDependency */,
</span><span class="cx"> 5D6B2A51152B9E23005231DE /* PBXTargetDependency */,
</span><span class="lines">@@ -482,6 +483,10 @@
</span><span class="cx"> 0F919D2615853CE3004A4E7D /* Watchpoint.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F919D2315853CDE004A4E7D /* Watchpoint.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="cx"> 0F919D2815856773004A4E7D /* SymbolTable.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F919D2715856770004A4E7D /* SymbolTable.cpp */; };
</span><span class="cx"> 0F93274D1C1F66AA00CF6564 /* GPRInfo.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F93274C1C1F66AA00CF6564 /* GPRInfo.cpp */; };
</span><ins>+ 0F9327521C20BCBA00CF6564 /* Foundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 51F0EB6105C86C6B00E6DF1B /* Foundation.framework */; };
+ 0F9327531C20BCBA00CF6564 /* JavaScriptCore.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 932F5BD90822A1C700736975 /* JavaScriptCore.framework */; };
+ 0F93275B1C20BCDF00CF6564 /* dynbench.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F93275A1C20BCDF00CF6564 /* dynbench.cpp */; };
+ 0F93275F1C21EF7F00CF6564 /* JSObjectInlines.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F93275E1C21EF7F00CF6564 /* JSObjectInlines.h */; settings = {ATTRIBUTES = (Private, ); }; };
</ins><span class="cx"> 0F93329D14CA7DC30085F3C6 /* CallLinkStatus.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F93329314CA7DC10085F3C6 /* CallLinkStatus.cpp */; };
</span><span class="cx"> 0F93329E14CA7DC50085F3C6 /* CallLinkStatus.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F93329414CA7DC10085F3C6 /* CallLinkStatus.h */; settings = {ATTRIBUTES = (Private, ); }; };
</span><span class="cx"> 0F93329F14CA7DCA0085F3C6 /* GetByIdStatus.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 0F93329514CA7DC10085F3C6 /* GetByIdStatus.cpp */; };
</span><span class="lines">@@ -2057,6 +2062,13 @@
</span><span class="cx"> /* End PBXBuildFile section */
</span><span class="cx">
</span><span class="cx"> /* Begin PBXContainerItemProxy section */
</span><ins>+ 0F93275C1C20BF3A00CF6564 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = 0867D690FE84028FC02AAC07 /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 0F93274E1C20BCBA00CF6564;
+ remoteInfo = dynbench;
+ };
</ins><span class="cx"> 0FCEFABC1805D66300472CE4 /* PBXContainerItemProxy */ = {
</span><span class="cx"> isa = PBXContainerItemProxy;
</span><span class="cx"> containerPortal = 0867D690FE84028FC02AAC07 /* Project object */;
</span><span class="lines">@@ -2594,6 +2606,9 @@
</span><span class="cx"> 0F919D2315853CDE004A4E7D /* Watchpoint.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = Watchpoint.h; sourceTree = "<group>"; };
</span><span class="cx"> 0F919D2715856770004A4E7D /* SymbolTable.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = SymbolTable.cpp; sourceTree = "<group>"; };
</span><span class="cx"> 0F93274C1C1F66AA00CF6564 /* GPRInfo.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = GPRInfo.cpp; sourceTree = "<group>"; };
</span><ins>+ 0F9327591C20BCBA00CF6564 /* dynbench */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = dynbench; sourceTree = BUILT_PRODUCTS_DIR; };
+ 0F93275A1C20BCDF00CF6564 /* dynbench.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = dynbench.cpp; sourceTree = "<group>"; };
+ 0F93275E1C21EF7F00CF6564 /* JSObjectInlines.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSObjectInlines.h; sourceTree = "<group>"; };
</ins><span class="cx"> 0F93329314CA7DC10085F3C6 /* CallLinkStatus.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CallLinkStatus.cpp; sourceTree = "<group>"; };
</span><span class="cx"> 0F93329414CA7DC10085F3C6 /* CallLinkStatus.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CallLinkStatus.h; sourceTree = "<group>"; };
</span><span class="cx"> 0F93329514CA7DC10085F3C6 /* GetByIdStatus.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = GetByIdStatus.cpp; sourceTree = "<group>"; };
</span><span class="lines">@@ -4252,6 +4267,15 @@
</span><span class="cx"> /* End PBXFileReference section */
</span><span class="cx">
</span><span class="cx"> /* Begin PBXFrameworksBuildPhase section */
</span><ins>+ 0F9327511C20BCBA00CF6564 /* Frameworks */ = {
+ isa = PBXFrameworksBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 0F9327521C20BCBA00CF6564 /* Foundation.framework in Frameworks */,
+ 0F9327531C20BCBA00CF6564 /* JavaScriptCore.framework in Frameworks */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
</ins><span class="cx"> 0FCEFAB31805D61600472CE4 /* Frameworks */ = {
</span><span class="cx"> isa = PBXFrameworksBuildPhase;
</span><span class="cx"> buildActionMask = 2147483647;
</span><span class="lines">@@ -4339,6 +4363,7 @@
</span><span class="cx"> 14BD59BF0A3E8F9000BAF59C /* testapi */,
</span><span class="cx"> 0FEC85AD1BDB5CF10080FF74 /* testb3 */,
</span><span class="cx"> 6511230514046A4C002B101D /* testRegExp */,
</span><ins>+ 0F9327591C20BCBA00CF6564 /* dynbench */,
</ins><span class="cx"> );
</span><span class="cx"> name = Products;
</span><span class="cx"> sourceTree = "<group>";
</span><span class="lines">@@ -4348,14 +4373,15 @@
</span><span class="cx"> 0867D691FE84028FC02AAC07 /* JavaScriptCore */ = {
</span><span class="cx"> isa = PBXGroup;
</span><span class="cx"> children = (
</span><del>- 6529FB3018B2D63900C61102 /* generate-bytecode-files */,
</del><span class="cx"> 8604F4F2143A6C4400B295F5 /* ChangeLog */,
</span><ins>+ F68EBB8C0255D4C601FF60F7 /* config.h */,
</ins><span class="cx"> F692A8540255597D01FF60F7 /* create_hash_table */,
</span><span class="cx"> A718F8211178EB4B002465A7 /* create_regex_tables */,
</span><ins>+ 937B63CC09E766D200A671DD /* DerivedSources.make */,
+ 0F93275A1C20BCDF00CF6564 /* dynbench.cpp */,
+ 6529FB3018B2D63900C61102 /* generate-bytecode-files */,
+ F5C290E60284F98E018635CA /* JavaScriptCorePrefix.h */,
</ins><span class="cx"> 45E12D8806A49B0F00E9DF84 /* jsc.cpp */,
</span><del>- F68EBB8C0255D4C601FF60F7 /* config.h */,
- F5C290E60284F98E018635CA /* JavaScriptCorePrefix.h */,
- 937B63CC09E766D200A671DD /* DerivedSources.make */,
</del><span class="cx"> A7C225CC139981F100FF1662 /* KeywordLookupGenerator.py */,
</span><span class="cx"> 1432EBD70A34CAD400717B9F /* API */,
</span><span class="cx"> 9688CB120ED12B4E001D649F /* assembler */,
</span><span class="lines">@@ -4364,9 +4390,12 @@
</span><span class="cx"> A7D8019F1880D66E0026C39B /* builtins */,
</span><span class="cx"> 969A078F0ED1D3AE00F1F681 /* bytecode */,
</span><span class="cx"> 7E39D81D0EC38EFA003AF11A /* bytecompiler */,
</span><ins>+ 1C90513E0BA9E8830081E9D0 /* Configurations */,
</ins><span class="cx"> 1480DB9A0DDC2231003CFDF2 /* debugger */,
</span><ins>+ 650FDF8D09D0FCA700769E54 /* Derived Sources */,
</ins><span class="cx"> 86EC9DB31328DF44002B2AD7 /* dfg */,
</span><span class="cx"> 0FF4272E158EBCCE004CB9FF /* disassembler */,
</span><ins>+ 0867D69AFE84028FC02AAC07 /* Frameworks */,
</ins><span class="cx"> 0FEA09FC1705137F00BB722C /* ftl */,
</span><span class="cx"> 142E312A134FF0A600AFADB5 /* heap */,
</span><span class="cx"> A5BA15DF1823409200A82E69 /* inspector */,
</span><span class="lines">@@ -4375,19 +4404,16 @@
</span><span class="cx"> 0F46809C14BA7F4D00BFE272 /* llint */,
</span><span class="cx"> 0FCEFAAD1805CA4400472CE4 /* llvm */,
</span><span class="cx"> 7E39D8370EC3A388003AF11A /* parser */,
</span><ins>+ 034768DFFF38A50411DB9C8B /* Products */,
</ins><span class="cx"> 95AB831A0DA42C6900BC83F3 /* profiler */,
</span><span class="cx"> 99E45A0C18A01E930026D88F /* replay */,
</span><ins>+ 932FC3C20824BB70005B3C75 /* Resources */,
</ins><span class="cx"> 7EF6E0BB0EB7A1EC0079AFAF /* runtime */,
</span><ins>+ 9959E9251BD17F1E001AA413 /* Scripts */,
</ins><span class="cx"> 141211000A48772600480255 /* tests */,
</span><span class="cx"> 8603CEF014C753EF00AE59E3 /* tools */,
</span><span class="cx"> 7B98D1331B60CD1E0023B1A4 /* wasm */,
</span><span class="cx"> 86EAC48C0F93E8B9008EC948 /* yarr */,
</span><del>- 650FDF8D09D0FCA700769E54 /* Derived Sources */,
- 932FC3C20824BB70005B3C75 /* Resources */,
- 9959E9251BD17F1E001AA413 /* Scripts */,
- 0867D69AFE84028FC02AAC07 /* Frameworks */,
- 034768DFFF38A50411DB9C8B /* Products */,
- 1C90513E0BA9E8830081E9D0 /* Configurations */,
</del><span class="cx"> );
</span><span class="cx"> name = JavaScriptCore;
</span><span class="cx"> sourceTree = "<group>";
</span><span class="lines">@@ -5523,9 +5549,9 @@
</span><span class="cx"> E178633F0D9BEC0000D74E75 /* InitializeThreading.h */,
</span><span class="cx"> E35E035D1B7AB43E0073AD2A /* InspectorInstrumentationObject.cpp */,
</span><span class="cx"> E35E035E1B7AB43E0073AD2A /* InspectorInstrumentationObject.h */,
</span><ins>+ A7A8AF2B17ADB5F3005AB174 /* Int8Array.h */,
</ins><span class="cx"> A7A8AF2C17ADB5F3005AB174 /* Int16Array.h */,
</span><span class="cx"> A7A8AF2D17ADB5F3005AB174 /* Int32Array.h */,
</span><del>- A7A8AF2B17ADB5F3005AB174 /* Int8Array.h */,
</del><span class="cx"> BC9BB95B0E19680600DF8855 /* InternalFunction.cpp */,
</span><span class="cx"> BC11667A0E199C05008066DD /* InternalFunction.h */,
</span><span class="cx"> A1B9E2331B4E0D6700BC7FED /* IntlCollator.cpp */,
</span><span class="lines">@@ -5614,9 +5640,9 @@
</span><span class="cx"> A59455911824744700CC3843 /* JSGlobalObjectDebuggable.h */,
</span><span class="cx"> BC756FC60E2031B200DE7D12 /* JSGlobalObjectFunctions.cpp */,
</span><span class="cx"> BC756FC70E2031B200DE7D12 /* JSGlobalObjectFunctions.h */,
</span><ins>+ 0F2B66C917B6B5AB00A7AE3F /* JSInt8Array.h */,
</ins><span class="cx"> 0F2B66CA17B6B5AB00A7AE3F /* JSInt16Array.h */,
</span><span class="cx"> 0F2B66CB17B6B5AB00A7AE3F /* JSInt32Array.h */,
</span><del>- 0F2B66C917B6B5AB00A7AE3F /* JSInt8Array.h */,
</del><span class="cx"> E33F507E1B8429A400413856 /* JSInternalPromise.cpp */,
</span><span class="cx"> E33F507F1B8429A400413856 /* JSInternalPromise.h */,
</span><span class="cx"> E33F50761B84225700413856 /* JSInternalPromiseConstructor.cpp */,
</span><span class="lines">@@ -5647,6 +5673,7 @@
</span><span class="cx"> A72700770DAC605600E548D7 /* JSNotAnObject.h */,
</span><span class="cx"> BC22A3980E16E14800AF21C8 /* JSObject.cpp */,
</span><span class="cx"> BC22A3990E16E14800AF21C8 /* JSObject.h */,
</span><ins>+ 0F93275E1C21EF7F00CF6564 /* JSObjectInlines.h */,
</ins><span class="cx"> A7F9935E0FD7325100A0B2D0 /* JSONObject.cpp */,
</span><span class="cx"> A7F9935D0FD7325100A0B2D0 /* JSONObject.h */,
</span><span class="cx"> 7C184E1817BEDBD3007CB63A /* JSPromise.cpp */,
</span><span class="lines">@@ -5694,10 +5721,10 @@
</span><span class="cx"> 53F256E11B87E28000B4B768 /* JSTypedArrayViewPrototype.cpp */,
</span><span class="cx"> 53917E7C1B791106000EBD33 /* JSTypedArrayViewPrototype.h */,
</span><span class="cx"> 6507D2970E871E4A00D7D896 /* JSTypeInfo.h */,
</span><ins>+ 0F2B66D217B6B5AB00A7AE3F /* JSUint8Array.h */,
+ 0F2B66D317B6B5AB00A7AE3F /* JSUint8ClampedArray.h */,
</ins><span class="cx"> 0F2B66D417B6B5AB00A7AE3F /* JSUint16Array.h */,
</span><span class="cx"> 0F2B66D517B6B5AB00A7AE3F /* JSUint32Array.h */,
</span><del>- 0F2B66D217B6B5AB00A7AE3F /* JSUint8Array.h */,
- 0F2B66D317B6B5AB00A7AE3F /* JSUint8ClampedArray.h */,
</del><span class="cx"> A7CA3AE117DA41AE006538AF /* JSWeakMap.cpp */,
</span><span class="cx"> A7CA3AE217DA41AE006538AF /* JSWeakMap.h */,
</span><span class="cx"> 709FB8611AE335C60039D069 /* JSWeakSet.cpp */,
</span><span class="lines">@@ -5871,11 +5898,11 @@
</span><span class="cx"> 0F2D4DE019832D91007D4B19 /* TypeProfilerLog.h */,
</span><span class="cx"> 0F2D4DE319832D91007D4B19 /* TypeSet.cpp */,
</span><span class="cx"> 0F2D4DE419832D91007D4B19 /* TypeSet.h */,
</span><ins>+ A7A8AF3017ADB5F3005AB174 /* Uint8Array.h */,
+ A7A8AF3117ADB5F3005AB174 /* Uint8ClampedArray.h */,
</ins><span class="cx"> A7A8AF3217ADB5F3005AB174 /* Uint16Array.h */,
</span><span class="cx"> 866739D113BFDE710023D87C /* Uint16WithFraction.h */,
</span><span class="cx"> A7A8AF3317ADB5F3005AB174 /* Uint32Array.h */,
</span><del>- A7A8AF3017ADB5F3005AB174 /* Uint8Array.h */,
- A7A8AF3117ADB5F3005AB174 /* Uint8ClampedArray.h */,
</del><span class="cx"> 0FE050231AA9095600D33B33 /* VarOffset.cpp */,
</span><span class="cx"> 0FE050241AA9095600D33B33 /* VarOffset.h */,
</span><span class="cx"> E18E3A570DF9278C00D90B34 /* VM.cpp */,
</span><span class="lines">@@ -7752,6 +7779,7 @@
</span><span class="cx"> 0F5780A218FE1E98001E72D9 /* PureNaN.h in Headers */,
</span><span class="cx"> 0F15CD231BA5F9860031FFD3 /* PutByIdFlags.h in Headers */,
</span><span class="cx"> 0F9332A414CA7DD90085F3C6 /* PutByIdStatus.h in Headers */,
</span><ins>+ 0F93275F1C21EF7F00CF6564 /* JSObjectInlines.h in Headers */,
</ins><span class="cx"> 0F93B4AA18B92C4D00178A3F /* PutByIdVariant.h in Headers */,
</span><span class="cx"> 0F0CD4C215F1A6070032F1C0 /* PutDirectIndexMode.h in Headers */,
</span><span class="cx"> 0F9FC8C514E1B60400D52AE0 /* PutKind.h in Headers */,
</span><span class="lines">@@ -7950,6 +7978,22 @@
</span><span class="cx"> /* End PBXHeadersBuildPhase section */
</span><span class="cx">
</span><span class="cx"> /* Begin PBXNativeTarget section */
</span><ins>+ 0F93274E1C20BCBA00CF6564 /* dynbench */ = {
+ isa = PBXNativeTarget;
+ buildConfigurationList = 0F9327541C20BCBA00CF6564 /* Build configuration list for PBXNativeTarget "dynbench" */;
+ buildPhases = (
+ 0F93274F1C20BCBA00CF6564 /* Sources */,
+ 0F9327511C20BCBA00CF6564 /* Frameworks */,
+ );
+ buildRules = (
+ );
+ dependencies = (
+ );
+ name = dynbench;
+ productName = testapi;
+ productReference = 0F9327591C20BCBA00CF6564 /* dynbench */;
+ productType = "com.apple.product-type.tool";
+ };
</ins><span class="cx"> 0FCEFAB51805D61600472CE4 /* llvmForJSC */ = {
</span><span class="cx"> isa = PBXNativeTarget;
</span><span class="cx"> buildConfigurationList = 0FCEFAB71805D61600472CE4 /* Build configuration list for PBXNativeTarget "llvmForJSC" */;
</span><span class="lines">@@ -8140,6 +8184,7 @@
</span><span class="cx"> 651122F714046A4C002B101D /* testRegExp */,
</span><span class="cx"> 0FEC85941BDB5CF10080FF74 /* testb3 */,
</span><span class="cx"> 5D6B2A47152B9E17005231DE /* Test Tools */,
</span><ins>+ 0F93274E1C20BCBA00CF6564 /* dynbench */,
</ins><span class="cx"> );
</span><span class="cx"> };
</span><span class="cx"> /* End PBXProject section */
</span><span class="lines">@@ -8376,6 +8421,14 @@
</span><span class="cx"> /* End PBXShellScriptBuildPhase section */
</span><span class="cx">
</span><span class="cx"> /* Begin PBXSourcesBuildPhase section */
</span><ins>+ 0F93274F1C20BCBA00CF6564 /* Sources */ = {
+ isa = PBXSourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 0F93275B1C20BCDF00CF6564 /* dynbench.cpp in Sources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
</ins><span class="cx"> 0FCEFAB21805D61600472CE4 /* Sources */ = {
</span><span class="cx"> isa = PBXSourcesBuildPhase;
</span><span class="cx"> buildActionMask = 2147483647;
</span><span class="lines">@@ -9235,6 +9288,11 @@
</span><span class="cx"> /* End PBXSourcesBuildPhase section */
</span><span class="cx">
</span><span class="cx"> /* Begin PBXTargetDependency section */
</span><ins>+ 0F93275D1C20BF3A00CF6564 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 0F93274E1C20BCBA00CF6564 /* dynbench */;
+ targetProxy = 0F93275C1C20BF3A00CF6564 /* PBXContainerItemProxy */;
+ };
</ins><span class="cx"> 0FCEFABD1805D66300472CE4 /* PBXTargetDependency */ = {
</span><span class="cx"> isa = PBXTargetDependency;
</span><span class="cx"> target = 0FCEFAB51805D61600472CE4 /* llvmForJSC */;
</span><span class="lines">@@ -9341,6 +9399,34 @@
</span><span class="cx"> };
</span><span class="cx"> name = Production;
</span><span class="cx"> };
</span><ins>+ 0F9327551C20BCBA00CF6564 /* Debug */ = {
+ isa = XCBuildConfiguration;
+ baseConfigurationReference = BC021BF2136900C300FC5467 /* ToolExecutable.xcconfig */;
+ buildSettings = {
+ };
+ name = Debug;
+ };
+ 0F9327561C20BCBA00CF6564 /* Release */ = {
+ isa = XCBuildConfiguration;
+ baseConfigurationReference = BC021BF2136900C300FC5467 /* ToolExecutable.xcconfig */;
+ buildSettings = {
+ };
+ name = Release;
+ };
+ 0F9327571C20BCBA00CF6564 /* Profiling */ = {
+ isa = XCBuildConfiguration;
+ baseConfigurationReference = BC021BF2136900C300FC5467 /* ToolExecutable.xcconfig */;
+ buildSettings = {
+ };
+ name = Profiling;
+ };
+ 0F9327581C20BCBA00CF6564 /* Production */ = {
+ isa = XCBuildConfiguration;
+ baseConfigurationReference = BC021BF2136900C300FC5467 /* ToolExecutable.xcconfig */;
+ buildSettings = {
+ };
+ name = Production;
+ };
</ins><span class="cx"> 0FCEFAB81805D61600472CE4 /* Debug */ = {
</span><span class="cx"> isa = XCBuildConfiguration;
</span><span class="cx"> baseConfigurationReference = 0FCEFABE1805D86900472CE4 /* LLVMForJSC.xcconfig */;
</span><span class="lines">@@ -9742,6 +9828,17 @@
</span><span class="cx"> defaultConfigurationIsVisible = 0;
</span><span class="cx"> defaultConfigurationName = Production;
</span><span class="cx"> };
</span><ins>+ 0F9327541C20BCBA00CF6564 /* Build configuration list for PBXNativeTarget "dynbench" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 0F9327551C20BCBA00CF6564 /* Debug */,
+ 0F9327561C20BCBA00CF6564 /* Release */,
+ 0F9327571C20BCBA00CF6564 /* Profiling */,
+ 0F9327581C20BCBA00CF6564 /* Production */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Production;
+ };
</ins><span class="cx"> 0FCEFAB71805D61600472CE4 /* Build configuration list for PBXNativeTarget "llvmForJSC" */ = {
</span><span class="cx"> isa = XCConfigurationList;
</span><span class="cx"> buildConfigurations = (
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoredynbenchcpp"></a>
<div class="addfile"><h4>Added: trunk/Source/JavaScriptCore/dynbench.cpp (0 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/dynbench.cpp (rev 0)
+++ trunk/Source/JavaScriptCore/dynbench.cpp 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -0,0 +1,241 @@
</span><ins>+/*
+ * Copyright (C) 2015 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+
+#include "Identifier.h"
+#include "InitializeThreading.h"
+#include "JSCInlines.h"
+#include "JSCJSValue.h"
+#include "JSGlobalObject.h"
+#include "JSLock.h"
+#include "JSObject.h"
+#include "VM.h"
+
+using namespace JSC;
+
+namespace {
+
+StaticLock crashLock;
+const char* nameFilter;
+unsigned requestedIterationCount;
+
+#define CHECK(x) do { \
+ if (!!(x)) \
+ break; \
+ crashLock.lock(); \
+ WTFReportAssertionFailure(__FILE__, __LINE__, WTF_PRETTY_FUNCTION, #x); \
+ CRASH(); \
+ } while (false)
+
+template<typename Callback>
+NEVER_INLINE void benchmarkImpl(const char* name, unsigned iterationCount, const Callback& callback)
+{
+ if (nameFilter && !strcasestr(name, nameFilter))
+ return;
+
+ if (requestedIterationCount)
+ iterationCount = requestedIterationCount;
+
+ double before = monotonicallyIncreasingTimeMS();
+ callback(iterationCount);
+ double after = monotonicallyIncreasingTimeMS();
+ dataLog(name, ": ", after - before, " ms.\n");
+}
+
+} // anonymous namespace
+
+int main(int argc, char** argv)
+{
+ if (argc >= 2) {
+ if (argv[1][0] == '-') {
+ dataLog("Usage: dynbench [<filter> [<iteration count>]]\n");
+ return 1;
+ }
+
+ nameFilter = argv[1];
+
+ if (argc >= 3) {
+ if (sscanf(argv[2], "%u", &requestedIterationCount) != 1) {
+ dataLog("Could not parse iteration count ", argv[2], "\n");
+ return 1;
+ }
+ }
+ }
+
+ WTF::initializeMainThread();
+ JSC::initializeThreading();
+
+ VM* vm = &VM::create(LargeHeap).leakRef();
+ {
+ JSLockHolder locker(vm);
+
+ JSGlobalObject* globalObject =
+ JSGlobalObject::create(*vm, JSGlobalObject::createStructure(*vm, jsNull()));
+ ExecState* exec = globalObject->globalExec();
+
+ Identifier identF = Identifier::fromString(exec, "f");
+ Identifier identG = Identifier::fromString(exec, "g");
+
+ Structure* objectStructure =
+ JSFinalObject::createStructure(*vm, globalObject, globalObject->objectPrototype(), 2);
+
+ // Non-strict dynamic get by id:
+ JSValue object = JSFinalObject::create(*vm, objectStructure);
+ {
+ PutPropertySlot slot(object, false, PutPropertySlot::PutById);
+ object.putInline(exec, identF, jsNumber(42), slot);
+ }
+ {
+ PutPropertySlot slot(object, false, PutPropertySlot::PutById);
+ object.putInline(exec, identG, jsNumber(43), slot);
+ }
+ benchmarkImpl(
+ "Non Strict Dynamic Get By Id",
+ 1000000,
+ [&] (unsigned iterationCount) {
+ for (unsigned i = iterationCount; i--;) {
+ JSValue result = object.get(exec, identF);
+ CHECK(result == jsNumber(42));
+ result = object.get(exec, identG);
+ CHECK(result == jsNumber(43));
+ }
+ });
+
+ // Non-strict dynamic put by id replace:
+ object = JSFinalObject::create(*vm, objectStructure);
+ {
+ PutPropertySlot slot(object, false, PutPropertySlot::PutById);
+ object.putInline(exec, identF, jsNumber(42), slot);
+ }
+ {
+ PutPropertySlot slot(object, false, PutPropertySlot::PutById);
+ object.putInline(exec, identG, jsNumber(43), slot);
+ }
+ benchmarkImpl(
+ "Non Strict Dynamic Put By Id Replace",
+ 1000000,
+ [&] (unsigned iterationCount) {
+ for (unsigned i = iterationCount; i--;) {
+ {
+ PutPropertySlot slot(object, false, PutPropertySlot::PutById);
+ object.putInline(exec, identF, jsNumber(i), slot);
+ }
+ {
+ PutPropertySlot slot(object, false, PutPropertySlot::PutById);
+ object.putInline(exec, identG, jsNumber(i), slot);
+ }
+ }
+ });
+
+ // Non-strict dynamic put by id transition with object allocation:
+ benchmarkImpl(
+ "Non Strict Dynamic Allocation and Put By Id Transition",
+ 1000000,
+ [&] (unsigned iterationCount) {
+ for (unsigned i = iterationCount; i--;) {
+ JSValue object = JSFinalObject::create(*vm, objectStructure);
+ {
+ PutPropertySlot slot(object, false, PutPropertySlot::PutById);
+ object.putInline(exec, identF, jsNumber(i), slot);
+ }
+ {
+ PutPropertySlot slot(object, false, PutPropertySlot::PutById);
+ object.putInline(exec, identG, jsNumber(i), slot);
+ }
+ }
+ });
+
+ // Non-strict dynamic get by id with dynamic store context:
+ object = JSFinalObject::create(*vm, objectStructure);
+ {
+ PutPropertySlot slot(object, false);
+ object.putInline(exec, identF, jsNumber(42), slot);
+ }
+ {
+ PutPropertySlot slot(object, false);
+ object.putInline(exec, identG, jsNumber(43), slot);
+ }
+ benchmarkImpl(
+ "Non Strict Dynamic Get By Id With Dynamic Store Context",
+ 1000000,
+ [&] (unsigned iterationCount) {
+ for (unsigned i = iterationCount; i--;) {
+ JSValue result = object.get(exec, identF);
+ CHECK(result == jsNumber(42));
+ result = object.get(exec, identG);
+ CHECK(result == jsNumber(43));
+ }
+ });
+
+ // Non-strict dynamic put by id replace with dynamic store context:
+ object = JSFinalObject::create(*vm, objectStructure);
+ {
+ PutPropertySlot slot(object, false);
+ object.putInline(exec, identF, jsNumber(42), slot);
+ }
+ {
+ PutPropertySlot slot(object, false);
+ object.putInline(exec, identG, jsNumber(43), slot);
+ }
+ benchmarkImpl(
+ "Non Strict Dynamic Put By Id Replace With Dynamic Store Context",
+ 1000000,
+ [&] (unsigned iterationCount) {
+ for (unsigned i = iterationCount; i--;) {
+ {
+ PutPropertySlot slot(object, false);
+ object.putInline(exec, identF, jsNumber(i), slot);
+ }
+ {
+ PutPropertySlot slot(object, false);
+ object.putInline(exec, identG, jsNumber(i), slot);
+ }
+ }
+ });
+
+ // Non-strict dynamic put by id transition with object allocation with dynamic store context:
+ benchmarkImpl(
+ "Non Strict Dynamic Allocation and Put By Id Transition With Dynamic Store Context",
+ 1000000,
+ [&] (unsigned iterationCount) {
+ for (unsigned i = iterationCount; i--;) {
+ JSValue object = JSFinalObject::create(*vm, objectStructure);
+ {
+ PutPropertySlot slot(object, false);
+ object.putInline(exec, identF, jsNumber(i), slot);
+ }
+ {
+ PutPropertySlot slot(object, false);
+ object.putInline(exec, identG, jsNumber(i), slot);
+ }
+ }
+ });
+ }
+
+ crashLock.lock();
+ return 0;
+}
+
</ins></span></pre></div>
<a id="trunkSourceJavaScriptCorejitCallFrameShuffler32_64cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/CallFrameShuffler32_64.cpp (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/CallFrameShuffler32_64.cpp 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/jit/CallFrameShuffler32_64.cpp 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -30,7 +30,7 @@
</span><span class="cx">
</span><span class="cx"> #include "CCallHelpers.h"
</span><span class="cx"> #include "DataFormat.h"
</span><del>-#include "JSCJSValueInlines.h"
</del><ins>+#include "JSCInlines.h"
</ins><span class="cx">
</span><span class="cx"> namespace JSC {
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitCallFrameShuffler64cpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/CallFrameShuffler64.cpp (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/CallFrameShuffler64.cpp 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/jit/CallFrameShuffler64.cpp 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -30,7 +30,7 @@
</span><span class="cx">
</span><span class="cx"> #include "CCallHelpers.h"
</span><span class="cx"> #include "DataFormat.h"
</span><del>-#include "JSCJSValueInlines.h"
</del><ins>+#include "JSCInlines.h"
</ins><span class="cx">
</span><span class="cx"> namespace JSC {
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorejitJITOperationscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/jit/JITOperations.cpp (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/jit/JITOperations.cpp 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/jit/JITOperations.cpp 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -248,7 +248,7 @@
</span><span class="cx">
</span><span class="cx"> Identifier ident = Identifier::fromUid(vm, uid);
</span><span class="cx"> PutPropertySlot slot(JSValue::decode(encodedBase), true, exec->codeBlock()->putByIdContext());
</span><del>- JSValue::decode(encodedBase).put(exec, ident, JSValue::decode(encodedValue), slot);
</del><ins>+ JSValue::decode(encodedBase).putInline(exec, ident, JSValue::decode(encodedValue), slot);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void JIT_OPERATION operationPutByIdNonStrict(ExecState* exec, StructureStubInfo* stubInfo, EncodedJSValue encodedValue, EncodedJSValue encodedBase, UniquedStringImpl* uid)
</span><span class="lines">@@ -260,7 +260,7 @@
</span><span class="cx">
</span><span class="cx"> Identifier ident = Identifier::fromUid(vm, uid);
</span><span class="cx"> PutPropertySlot slot(JSValue::decode(encodedBase), false, exec->codeBlock()->putByIdContext());
</span><del>- JSValue::decode(encodedBase).put(exec, ident, JSValue::decode(encodedValue), slot);
</del><ins>+ JSValue::decode(encodedBase).putInline(exec, ident, JSValue::decode(encodedValue), slot);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void JIT_OPERATION operationPutByIdDirectStrict(ExecState* exec, StructureStubInfo* stubInfo, EncodedJSValue encodedValue, EncodedJSValue encodedBase, UniquedStringImpl* uid)
</span><span class="lines">@@ -300,7 +300,7 @@
</span><span class="cx"> PutPropertySlot slot(baseValue, true, exec->codeBlock()->putByIdContext());
</span><span class="cx">
</span><span class="cx"> Structure* structure = baseValue.isCell() ? baseValue.asCell()->structure(*vm) : nullptr;
</span><del>- baseValue.put(exec, ident, value, slot);
</del><ins>+ baseValue.putInline(exec, ident, value, slot);
</ins><span class="cx">
</span><span class="cx"> if (accessType != static_cast<AccessType>(stubInfo->accessType))
</span><span class="cx"> return;
</span><span class="lines">@@ -322,7 +322,7 @@
</span><span class="cx"> PutPropertySlot slot(baseValue, false, exec->codeBlock()->putByIdContext());
</span><span class="cx">
</span><span class="cx"> Structure* structure = baseValue.isCell() ? baseValue.asCell()->structure(*vm) : nullptr;
</span><del>- baseValue.put(exec, ident, value, slot);
</del><ins>+ baseValue.putInline(exec, ident, value, slot);
</ins><span class="cx">
</span><span class="cx"> if (accessType != static_cast<AccessType>(stubInfo->accessType))
</span><span class="cx"> return;
</span><span class="lines">@@ -422,7 +422,7 @@
</span><span class="cx"> byValInfo->tookSlowPath = true;
</span><span class="cx">
</span><span class="cx"> PutPropertySlot slot(baseValue, callFrame->codeBlock()->isStrictMode());
</span><del>- baseValue.put(callFrame, property, value, slot);
</del><ins>+ baseValue.putInline(callFrame, property, value, slot);
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> static void directPutByVal(CallFrame* callFrame, JSObject* baseObject, JSValue subscript, JSValue value, ByValInfo* byValInfo)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCorellintLLIntSlowPathscpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -620,7 +620,7 @@
</span><span class="cx"> if (pc[8].u.putByIdFlags & PutByIdIsDirect)
</span><span class="cx"> asObject(baseValue)->putDirect(vm, ident, LLINT_OP_C(3).jsValue(), slot);
</span><span class="cx"> else
</span><del>- baseValue.put(exec, ident, LLINT_OP_C(3).jsValue(), slot);
</del><ins>+ baseValue.putInline(exec, ident, LLINT_OP_C(3).jsValue(), slot);
</ins><span class="cx"> LLINT_CHECK_EXCEPTION();
</span><span class="cx">
</span><span class="cx"> if (!LLINT_ALWAYS_ACCESS_SLOW
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeClassInfoh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/ClassInfo.h (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/ClassInfo.h 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/runtime/ClassInfo.h 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -181,7 +181,7 @@
</span><span class="cx"> return false;
</span><span class="cx"> }
</span><span class="cx">
</span><del>- bool hasStaticSetterOrReadonlyProperties() const;
</del><ins>+ JS_EXPORT_PRIVATE bool hasStaticSetterOrReadonlyProperties() const;
</ins><span class="cx">
</span><span class="cx"> const HashTable* staticPropHashTable;
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeConsoleClientcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/ConsoleClient.cpp (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/ConsoleClient.cpp 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/runtime/ConsoleClient.cpp 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -26,6 +26,7 @@
</span><span class="cx"> #include "config.h"
</span><span class="cx"> #include "ConsoleClient.h"
</span><span class="cx">
</span><ins>+#include "JSCInlines.h"
</ins><span class="cx"> #include "ScriptArguments.h"
</span><span class="cx"> #include "ScriptCallStack.h"
</span><span class="cx"> #include "ScriptCallStackFactory.h"
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeCustomGetterSetterh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/CustomGetterSetter.h (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/CustomGetterSetter.h 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/runtime/CustomGetterSetter.h 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -70,7 +70,7 @@
</span><span class="cx"> CustomSetter m_setter;
</span><span class="cx"> };
</span><span class="cx">
</span><del>-void callCustomSetter(ExecState*, JSValue customGetterSetter, JSObject* base, JSValue thisValue, JSValue value);
</del><ins>+JS_EXPORT_PRIVATE void callCustomSetter(ExecState*, JSValue customGetterSetter, JSObject* base, JSValue thisValue, JSValue value);
</ins><span class="cx">
</span><span class="cx"> } // namespace JSC
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeErrorInstancecpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/ErrorInstance.cpp (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/ErrorInstance.cpp 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/runtime/ErrorInstance.cpp 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -128,50 +128,6 @@
</span><span class="cx"> unsigned m_index;
</span><span class="cx"> };
</span><span class="cx">
</span><del>-static bool addErrorInfoAndGetBytecodeOffset(ExecState* exec, VM& vm, JSObject* obj, bool useCurrentFrame, CallFrame*& callFrame, unsigned &bytecodeOffset)
-{
- Vector<StackFrame> stackTrace = Vector<StackFrame>();
-
- if (exec && stackTrace.isEmpty())
- vm.interpreter->getStackTrace(stackTrace);
-
- if (!stackTrace.isEmpty()) {
-
- ASSERT(exec == vm.topCallFrame || exec == exec->lexicalGlobalObject()->globalExec() || exec == exec->vmEntryGlobalObject()->globalExec());
-
- StackFrame* stackFrame;
- for (unsigned i = 0 ; i < stackTrace.size(); ++i) {
- stackFrame = &stackTrace.at(i);
- if (stackFrame->bytecodeOffset)
- break;
- }
-
- if (bytecodeOffset) {
- FindFirstCallerFrameWithCodeblockFunctor functor(exec);
- vm.topCallFrame->iterate(functor);
- callFrame = functor.foundCallFrame();
- unsigned stackIndex = functor.index();
- bytecodeOffset = stackTrace.at(stackIndex).bytecodeOffset;
- }
-
- unsigned line;
- unsigned column;
- stackFrame->computeLineAndColumn(line, column);
- obj->putDirect(vm, vm.propertyNames->line, jsNumber(line), ReadOnly | DontDelete);
- obj->putDirect(vm, vm.propertyNames->column, jsNumber(column), ReadOnly | DontDelete);
-
- if (!stackFrame->sourceURL.isEmpty())
- obj->putDirect(vm, vm.propertyNames->sourceURL, jsString(&vm, stackFrame->sourceURL), ReadOnly | DontDelete);
-
- if (!useCurrentFrame)
- stackTrace.remove(0);
- obj->putDirect(vm, vm.propertyNames->stack, vm.interpreter->stackTraceAsString(vm.topCallFrame, stackTrace), DontEnum);
-
- return true;
- }
- return false;
-}
-
</del><span class="cx"> void ErrorInstance::finishCreation(ExecState* exec, VM& vm, const String& message, bool useCurrentFrame)
</span><span class="cx"> {
</span><span class="cx"> Base::finishCreation(vm);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeGetterSetterh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/GetterSetter.h (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/GetterSetter.h 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/runtime/GetterSetter.h 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -144,7 +144,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> JSValue callGetter(ExecState*, JSValue base, JSValue getterSetter);
</span><del>-void callSetter(ExecState*, JSValue base, JSValue getterSetter, JSValue, ECMAMode);
</del><ins>+JS_EXPORT_PRIVATE void callSetter(ExecState*, JSValue base, JSValue getterSetter, JSValue, ECMAMode);
</ins><span class="cx">
</span><span class="cx"> } // namespace JSC
</span><span class="cx">
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSCInlinesh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSCInlines.h (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSCInlines.h 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/runtime/JSCInlines.h 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -45,6 +45,7 @@
</span><span class="cx"> #include "JSArrayBufferViewInlines.h"
</span><span class="cx"> #include "JSCJSValueInlines.h"
</span><span class="cx"> #include "JSFunctionInlines.h"
</span><ins>+#include "JSObjectInlines.h"
</ins><span class="cx"> #include "JSProxy.h"
</span><span class="cx"> #include "JSString.h"
</span><span class="cx"> #include "Operations.h"
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSCJSValueh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSCJSValue.h (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSCJSValue.h 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/runtime/JSCJSValue.h 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -277,6 +277,7 @@
</span><span class="cx"> bool getPropertySlot(ExecState*, PropertyName, PropertySlot&) const;
</span><span class="cx">
</span><span class="cx"> void put(ExecState*, PropertyName, JSValue, PutPropertySlot&);
</span><ins>+ void putInline(ExecState*, PropertyName, JSValue, PutPropertySlot&);
</ins><span class="cx"> JS_EXPORT_PRIVATE void putToPrimitive(ExecState*, PropertyName, JSValue, PutPropertySlot&);
</span><span class="cx"> JS_EXPORT_PRIVATE void putToPrimitiveByIndex(ExecState*, unsigned propertyName, JSValue, bool shouldThrow);
</span><span class="cx"> void putByIndex(ExecState*, unsigned propertyName, JSValue, bool shouldThrow);
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSCJSValueInlinesh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSCJSValueInlines.h (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSCJSValueInlines.h 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/runtime/JSCJSValueInlines.h 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -31,6 +31,7 @@
</span><span class="cx"> #include "InternalFunction.h"
</span><span class="cx"> #include "JSCJSValue.h"
</span><span class="cx"> #include "JSCellInlines.h"
</span><ins>+#include "JSObject.h"
</ins><span class="cx"> #include "JSFunction.h"
</span><span class="cx"> #include <wtf/text/StringImpl.h>
</span><span class="cx">
</span><span class="lines">@@ -751,6 +752,24 @@
</span><span class="cx"> asCell()->methodTable(exec->vm())->put(asCell(), exec, propertyName, value, slot);
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+ALWAYS_INLINE void JSValue::putInline(ExecState* exec, PropertyName propertyName, JSValue value, PutPropertySlot& slot)
+{
+ if (UNLIKELY(!isCell())) {
+ putToPrimitive(exec, propertyName, value, slot);
+ return;
+ }
+ JSCell* cell = asCell();
+ auto putMethod = cell->methodTable(exec->vm())->put;
+ if (LIKELY(putMethod == JSObject::put)) {
+ JSObject::putInline(cell, exec, propertyName, value, slot);
+ return;
+ }
+
+ PutPropertySlot otherSlot = slot;
+ putMethod(cell, exec, propertyName, value, otherSlot);
+ slot = otherSlot;
+}
+
</ins><span class="cx"> inline void JSValue::putByIndex(ExecState* exec, unsigned propertyName, JSValue value, bool shouldThrow)
</span><span class="cx"> {
</span><span class="cx"> if (UNLIKELY(!isCell())) {
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSObjectcpp"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSObject.cpp (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSObject.cpp 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/runtime/JSObject.cpp 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -372,40 +372,20 @@
</span><span class="cx"> // ECMA 8.6.2.2
</span><span class="cx"> void JSObject::put(JSCell* cell, ExecState* exec, PropertyName propertyName, JSValue value, PutPropertySlot& slot)
</span><span class="cx"> {
</span><del>- JSObject* thisObject = jsCast<JSObject*>(cell);
- ASSERT(value);
- ASSERT(!Heap::heap(value) || Heap::heap(value) == Heap::heap(thisObject));
</del><ins>+ putInline(cell, exec, propertyName, value, slot);
+}
+
+void JSObject::putInlineSlow(ExecState* exec, PropertyName propertyName, JSValue value, PutPropertySlot& slot)
+{
</ins><span class="cx"> VM& vm = exec->vm();
</span><del>-
- // Try indexed put first. This is required for correctness, since loads on property names that appear like
- // valid indices will never look in the named property storage.
- if (Optional<uint32_t> index = parseIndex(propertyName)) {
- putByIndex(thisObject, exec, index.value(), value, slot.isStrictMode());
- return;
- }
-
- // Check if there are any setters or getters in the prototype chain
- JSValue prototype;
- if (propertyName != exec->propertyNames().underscoreProto) {
- for (JSObject* obj = thisObject; !obj->structure(vm)->hasReadOnlyOrGetterSetterPropertiesExcludingProto(); obj = asObject(prototype)) {
- prototype = obj->prototype();
- if (prototype.isNull()) {
- ASSERT(!thisObject->structure(vm)->prototypeChainMayInterceptStoreTo(exec->vm(), propertyName));
- if (!thisObject->putDirectInternal<PutModePut>(vm, propertyName, value, 0, slot)
- && slot.isStrictMode())
- throwTypeError(exec, ASCIILiteral(StrictModeReadonlyPropertyWriteError));
- return;
- }
- }
- }
</del><span class="cx">
</span><del>- JSObject* obj;
- for (obj = thisObject; ; obj = asObject(prototype)) {
</del><ins>+ JSObject* obj = this;
+ for (;;) {
</ins><span class="cx"> unsigned attributes;
</span><span class="cx"> PropertyOffset offset = obj->structure(vm)->get(vm, propertyName, attributes);
</span><span class="cx"> if (isValidOffset(offset)) {
</span><span class="cx"> if (attributes & ReadOnly) {
</span><del>- ASSERT(thisObject->structure(vm)->prototypeChainMayInterceptStoreTo(exec->vm(), propertyName) || obj == thisObject);
</del><ins>+ ASSERT(structure(vm)->prototypeChainMayInterceptStoreTo(exec->vm(), propertyName) || obj == this);
</ins><span class="cx"> if (slot.isStrictMode())
</span><span class="cx"> exec->vm().throwException(exec, createTypeError(exec, ASCIILiteral(StrictModeReadonlyPropertyWriteError)));
</span><span class="cx"> return;
</span><span class="lines">@@ -413,8 +393,8 @@
</span><span class="cx">
</span><span class="cx"> JSValue gs = obj->getDirect(offset);
</span><span class="cx"> if (gs.isGetterSetter()) {
</span><del>- callSetter(exec, cell, gs, value, slot.isStrictMode() ? StrictMode : NotStrictMode);
- if (!thisObject->structure()->isDictionary())
</del><ins>+ callSetter(exec, this, gs, value, slot.isStrictMode() ? StrictMode : NotStrictMode);
+ if (!structure()->isDictionary())
</ins><span class="cx"> slot.setCacheableSetter(obj, offset);
</span><span class="cx"> return;
</span><span class="cx"> }
</span><span class="lines">@@ -438,15 +418,15 @@
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx"> }
</span><del>- prototype = obj->prototype();
</del><ins>+ JSValue prototype = obj->prototype();
</ins><span class="cx"> if (prototype.isNull())
</span><span class="cx"> break;
</span><ins>+ obj = asObject(prototype);
</ins><span class="cx"> }
</span><span class="cx">
</span><del>- ASSERT(!thisObject->structure(vm)->prototypeChainMayInterceptStoreTo(exec->vm(), propertyName) || obj == thisObject);
- if (!thisObject->putDirectInternal<PutModePut>(vm, propertyName, value, 0, slot) && slot.isStrictMode())
</del><ins>+ ASSERT(!structure(vm)->prototypeChainMayInterceptStoreTo(exec->vm(), propertyName) || obj == this);
+ if (!putDirectInternal<PutModePut>(vm, propertyName, value, 0, slot) && slot.isStrictMode())
</ins><span class="cx"> throwTypeError(exec, ASCIILiteral(StrictModeReadonlyPropertyWriteError));
</span><del>- return;
</del><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> void JSObject::putByIndex(JSCell* cell, ExecState* exec, unsigned propertyName, JSValue value, bool shouldThrow)
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSObjecth"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/JSObject.h (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSObject.h 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/runtime/JSObject.h 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -140,7 +140,9 @@
</span><span class="cx"> return 0;
</span><span class="cx"> return m_butterfly.get(this)->vectorLength();
</span><span class="cx"> }
</span><del>-
</del><ins>+
+ static void putInline(JSCell*, ExecState*, PropertyName, JSValue, PutPropertySlot&);
+
</ins><span class="cx"> JS_EXPORT_PRIVATE static void put(JSCell*, ExecState*, PropertyName, JSValue, PutPropertySlot&);
</span><span class="cx"> JS_EXPORT_PRIVATE static void putByIndex(JSCell*, ExecState*, unsigned propertyName, JSValue, bool shouldThrow);
</span><span class="cx">
</span><span class="lines">@@ -852,11 +854,13 @@
</span><span class="cx"> template<PutMode>
</span><span class="cx"> bool putDirectInternal(VM&, PropertyName, JSValue, unsigned attr, PutPropertySlot&);
</span><span class="cx">
</span><ins>+ JS_EXPORT_PRIVATE NEVER_INLINE void putInlineSlow(ExecState*, PropertyName, JSValue, PutPropertySlot&);
+
</ins><span class="cx"> bool inlineGetOwnPropertySlot(VM&, Structure&, PropertyName, PropertySlot&);
</span><span class="cx"> JS_EXPORT_PRIVATE void fillGetterPropertySlot(PropertySlot&, JSValue, unsigned, PropertyOffset);
</span><span class="cx"> void fillCustomGetterPropertySlot(PropertySlot&, JSValue, unsigned, Structure&);
</span><span class="cx">
</span><del>- const HashTableValue* findPropertyHashEntry(PropertyName) const;
</del><ins>+ JS_EXPORT_PRIVATE const HashTableValue* findPropertyHashEntry(PropertyName) const;
</ins><span class="cx">
</span><span class="cx"> void putIndexedDescriptor(ExecState*, SparseArrayEntry*, const PropertyDescriptor&, PropertyDescriptor& old);
</span><span class="cx">
</span><span class="lines">@@ -1090,13 +1094,23 @@
</span><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> JSValue value = getDirect(offset);
</span><del>- if (structure.hasGetterSetterProperties() && value.isGetterSetter())
- fillGetterPropertySlot(slot, value, attributes, offset);
- else if (structure.hasCustomGetterSetterProperties() && value.isCustomGetterSetter())
- fillCustomGetterPropertySlot(slot, value, attributes, structure);
- else
- slot.setValue(this, attributes, value, offset);
-
</del><ins>+ if (value.isCell()) {
+ ASSERT(value);
+ JSCell* cell = value.asCell();
+ JSType type = cell->type();
+ switch (type) {
+ case GetterSetterType:
+ fillGetterPropertySlot(slot, value, attributes, offset);
+ return true;
+ case CustomGetterSetterType:
+ fillCustomGetterPropertySlot(slot, value, attributes, structure);
+ return true;
+ default:
+ break;
+ }
+ }
+
+ slot.setValue(this, attributes, value, offset);
</ins><span class="cx"> return true;
</span><span class="cx"> }
</span><span class="cx">
</span><span class="lines">@@ -1187,7 +1201,7 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> template<JSObject::PutMode mode>
</span><del>-inline bool JSObject::putDirectInternal(VM& vm, PropertyName propertyName, JSValue value, unsigned attributes, PutPropertySlot& slot)
</del><ins>+ALWAYS_INLINE bool JSObject::putDirectInternal(VM& vm, PropertyName propertyName, JSValue value, unsigned attributes, PutPropertySlot& slot)
</ins><span class="cx"> {
</span><span class="cx"> ASSERT(value);
</span><span class="cx"> ASSERT(value.isGetterSetter() == !!(attributes & Accessor));
</span></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeJSObjectInlinesh"></a>
<div class="addfile"><h4>Added: trunk/Source/JavaScriptCore/runtime/JSObjectInlines.h (0 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/JSObjectInlines.h (rev 0)
+++ trunk/Source/JavaScriptCore/runtime/JSObjectInlines.h 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -0,0 +1,69 @@
</span><ins>+/*
+ * Copyright (C) 1999-2001 Harri Porten (porten@kde.org)
+ * Copyright (C) 2001 Peter Kelly (pmk@post.com)
+ * Copyright (C) 2003-2006, 2008, 2009, 2012-2015 Apple Inc. All rights reserved.
+ * Copyright (C) 2007 Eric Seidel (eric@webkit.org)
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Library General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU Library General Public License
+ * along with this library; see the file COPYING.LIB. If not, write to
+ * the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ * Boston, MA 02110-1301, USA.
+ *
+ */
+
+#ifndef JSObjectInlines_h
+#define JSObjectInlines_h
+
+#include "Error.h"
+#include "JSObject.h"
+#include "Lookup.h"
+
+namespace JSC {
+
+// ECMA 8.6.2.2
+ALWAYS_INLINE void JSObject::putInline(JSCell* cell, ExecState* exec, PropertyName propertyName, JSValue value, PutPropertySlot& slot)
+{
+ JSObject* thisObject = jsCast<JSObject*>(cell);
+ ASSERT(value);
+ ASSERT(!Heap::heap(value) || Heap::heap(value) == Heap::heap(thisObject));
+ VM& vm = exec->vm();
+
+ // Try indexed put first. This is required for correctness, since loads on property names that appear like
+ // valid indices will never look in the named property storage.
+ if (Optional<uint32_t> index = parseIndex(propertyName)) {
+ putByIndex(thisObject, exec, index.value(), value, slot.isStrictMode());
+ return;
+ }
+
+ // Check if there are any setters or getters in the prototype chain
+ JSValue prototype;
+ if (propertyName != exec->propertyNames().underscoreProto) {
+ for (JSObject* obj = thisObject; !obj->structure(vm)->hasReadOnlyOrGetterSetterPropertiesExcludingProto(); obj = asObject(prototype)) {
+ prototype = obj->prototype();
+ if (prototype.isNull()) {
+ ASSERT(!thisObject->structure(vm)->prototypeChainMayInterceptStoreTo(exec->vm(), propertyName));
+ if (!thisObject->putDirectInternal<PutModePut>(vm, propertyName, value, 0, slot)
+ && slot.isStrictMode())
+ throwTypeError(exec, ASCIILiteral(StrictModeReadonlyPropertyWriteError));
+ return;
+ }
+ }
+ }
+
+ thisObject->putInlineSlow(exec, propertyName, value, slot);
+}
+
+} // namespace JSC
+
+#endif // JSObjectInlines_h
+
</ins></span></pre></div>
<a id="trunkSourceJavaScriptCoreruntimeStructureh"></a>
<div class="modfile"><h4>Modified: trunk/Source/JavaScriptCore/runtime/Structure.h (194174 => 194175)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/JavaScriptCore/runtime/Structure.h 2015-12-16 22:08:06 UTC (rev 194174)
+++ trunk/Source/JavaScriptCore/runtime/Structure.h 2015-12-16 22:39:13 UTC (rev 194175)
</span><span class="lines">@@ -258,7 +258,7 @@
</span><span class="cx"> static void visitChildren(JSCell*, SlotVisitor&);
</span><span class="cx">
</span><span class="cx"> // Will just the prototype chain intercept this property access?
</span><del>- bool prototypeChainMayInterceptStoreTo(VM&, PropertyName);
</del><ins>+ JS_EXPORT_PRIVATE bool prototypeChainMayInterceptStoreTo(VM&, PropertyName);
</ins><span class="cx">
</span><span class="cx"> Structure* previousID() const
</span><span class="cx"> {
</span></span></pre>
</div>
</div>
</body>
</html>