Support caching of custom setters
https://bugs.webkit.org/show_bug.cgi?id=129519
Reviewed by Filip Pizlo.
Source/JavaScriptCore:
This patch adds caching of assignment to properties that
are backed by C functions. This provides most of the leg
work required to start supporting setters, and resolves
the remaining regressions from moving DOM properties up
the prototype chain.
* JavaScriptCore.xcodeproj/project.pbxproj:
* bytecode/PolymorphicPutByIdList.cpp:
(JSC::PutByIdAccess::visitWeak):
(JSC::PolymorphicPutByIdList::PolymorphicPutByIdList):
(JSC::PolymorphicPutByIdList::from):
* bytecode/PolymorphicPutByIdList.h:
(JSC::PutByIdAccess::transition):
(JSC::PutByIdAccess::replace):
(JSC::PutByIdAccess::customSetter):
(JSC::PutByIdAccess::isCustom):
(JSC::PutByIdAccess::oldStructure):
(JSC::PutByIdAccess::chain):
(JSC::PutByIdAccess::stubRoutine):
* bytecode/PutByIdStatus.cpp:
(JSC::PutByIdStatus::computeForStubInfo):
(JSC::PutByIdStatus::computeFor):
(JSC::PutByIdStatus::dump):
* bytecode/PutByIdStatus.h:
(JSC::PutByIdStatus::PutByIdStatus):
(JSC::PutByIdStatus::takesSlowPath):
(JSC::PutByIdStatus::makesCalls):
* bytecode/StructureStubInfo.h:
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::emitPutById):
(JSC::DFG::ByteCodeParser::handlePutById):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGCommon.h:
* dfg/DFGConstantFoldingPhase.cpp:
(JSC::DFG::ConstantFoldingPhase::foldConstants):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGNode.h:
(JSC::DFG::Node::hasIdentifier):
* dfg/DFGNodeType.h:
* dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate):
* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileIn):
* dfg/DFGSpeculativeJIT.h:
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::cachedGetById):
(JSC::DFG::SpeculativeJIT::cachedPutById):
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::cachedGetById):
(JSC::DFG::SpeculativeJIT::cachedPutById):
(JSC::DFG::SpeculativeJIT::compile):
* jit/CCallHelpers.h:
(JSC::CCallHelpers::setupArgumentsWithExecState):
* jit/JITInlineCacheGenerator.cpp:
(JSC::JITByIdGenerator::JITByIdGenerator):
(JSC::JITPutByIdGenerator::JITPutByIdGenerator):
* jit/JITInlineCacheGenerator.h:
(JSC::JITGetByIdGenerator::JITGetByIdGenerator):
* jit/JITOperations.cpp:
* jit/JITOperations.h:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_get_by_id):
(JSC::JIT::emit_op_put_by_id):
* jit/JITPropertyAccess32_64.cpp:
(JSC::JIT::emit_op_get_by_id):
(JSC::JIT::emit_op_put_by_id):
* jit/Repatch.cpp:
(JSC::tryCacheGetByID):
(JSC::tryBuildGetByIDList):
(JSC::emitCustomSetterStub):
(JSC::tryCachePutByID):
(JSC::tryBuildPutByIdList):
* jit/SpillRegistersMode.h: Added.
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
* runtime/Lookup.h:
(JSC::putEntry):
* runtime/PutPropertySlot.h:
(JSC::PutPropertySlot::setCacheableCustomProperty):
(JSC::PutPropertySlot::customSetter):
(JSC::PutPropertySlot::isCacheablePut):
(JSC::PutPropertySlot::isCacheableCustomProperty):
(JSC::PutPropertySlot::cachedOffset):
Source/WebCore:
Add forwarding header
Tests: js/regress/assign-custom-setter-polymorphic.html
js/regress/assign-custom-setter.html
* ForwardingHeaders/jit/SpillRegistersMode.h: Added.
LayoutTests:
Add test cases.
* js/regress/assign-custom-setter-expected.txt: Added.
* js/regress/assign-custom-setter-polymorphic-expected.txt: Added.
* js/regress/assign-custom-setter-polymorphic.html: Added.
* js/regress/assign-custom-setter.html: Added.
* js/regress/script-tests/assign-custom-setter-polymorphic.js: Added.
(test):
* js/regress/script-tests/assign-custom-setter.js: Added.
(test):
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@165208 268f45cc-cd09-0410-ab3c-d52691b4dbfc
43 files changed
