Attachment 362354 Details for Bug 194799 – Patch

[patch] Patch

bug-194799-20190218161430.patch (text/plain), 15.95 KB, created by Yusuke Suzuki on 2019-02-18 16:14:30 PST

(hide)

Description:

Filename:

MIME Type:

Creator: Yusuke Suzuki

Created: 2019-02-18 16:14:30 PST

Size: 15.95 KB

patch

obsolete

>Subversion Revision: 241743
>diff --git a/Source/JavaScriptCore/ChangeLog b/Source/JavaScriptCore/ChangeLog
>index 0f05acb1c82f572f5054a5b376d9677a7d66a84f..abcbf1b6ba681ce8d1c825ebedce69330866e547 100644
>--- a/Source/JavaScriptCore/ChangeLog
>+++ b/Source/JavaScriptCore/ChangeLog
>@@ -1,3 +1,32 @@
>+2019-02-18  Yusuke Suzuki  <ysuzuki@apple.com>
>+
>+        [JSC] Introduce JSNonDestructibleProxy for JavaScriptCore.framework's GlobalThis
>+        https://bugs.webkit.org/show_bug.cgi?id=194799
>+
>+        Reviewed by NOBODY (OOPS!).
>+
>+        JSProxy is destructible one because we have JSWindowProxy which has ref counted object.
>+        However, JavaScriptCore.framework's JSProxy for GlobalThis does not need to be destructible.
>+        This is important since we need to separate Heap subspaces between destructible and non-destructible objects.
>+        If we can put more and more objects in non-destructible status, we can get rid of low-usage MarkedBlock.
>+        This patch adds JSNonDestructibleProxy, which is not destructible JSProxy. While it inherits JSDestructibleObject,
>+        we can make the subclass still non-destructible thanks to Subspace mechanism. This drops one more low-usage MarkedBlock.
>+
>+        * CMakeLists.txt:
>+        * JavaScriptCore.xcodeproj/project.pbxproj:
>+        * Sources.txt:
>+        * runtime/JSGlobalObject.cpp:
>+        (JSC::JSGlobalObject::resetPrototype):
>+        (JSC::JSGlobalObject::finishCreation):
>+        * runtime/JSNonDestructibleProxy.cpp: Added.
>+        * runtime/JSNonDestructibleProxy.h: Added.
>+        (JSC::JSNonDestructibleProxy::subspaceFor):
>+        (JSC::JSNonDestructibleProxy::create):
>+        (JSC::JSNonDestructibleProxy::createStructure):
>+        (JSC::JSNonDestructibleProxy::JSNonDestructibleProxy):
>+        * runtime/JSProxy.h:
>+        (JSC::JSProxy::JSProxy):
>+
> 2019-02-18  Yusuke Suzuki  <ysuzuki@apple.com>
> 
>         [JSC] Add LazyClassStructure::getInitializedOnMainThread
>diff --git a/Source/JavaScriptCore/CMakeLists.txt b/Source/JavaScriptCore/CMakeLists.txt
>index e311ace426a723795afac172f83eace1be890ae1..6afab27736b1c154ac49979f8b164cfd2cd9b139 100644
>--- a/Source/JavaScriptCore/CMakeLists.txt
>+++ b/Source/JavaScriptCore/CMakeLists.txt
>@@ -859,6 +859,7 @@ set(JavaScriptCore_PRIVATE_FRAMEWORK_HEADERS
>     runtime/JSModuleLoader.h
>     runtime/JSModuleRecord.h
>     runtime/JSNativeStdFunction.h
>+    runtime/JSNonDestructibleProxy.h
>     runtime/JSONObject.h
>     runtime/JSObject.h
>     runtime/JSObjectInlines.h
>diff --git a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj b/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
>index 4613ea32dc8befeee0ab2c01f38fe5d7e2ec8126..18129305da5fe6b1c24b8ed746c5eae8e4dc7915 100644
>--- a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
>+++ b/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
>@@ -1767,6 +1767,7 @@
> 		E36CC9472086314F0051FFD6 /* WasmCreationMode.h in Headers */ = {isa = PBXBuildFile; fileRef = E36CC9462086314F0051FFD6 /* WasmCreationMode.h */; settings = {ATTRIBUTES = (Private, ); }; };
> 		E3794E761B77EB97005543AE /* ModuleAnalyzer.h in Headers */ = {isa = PBXBuildFile; fileRef = E3794E741B77EB97005543AE /* ModuleAnalyzer.h */; settings = {ATTRIBUTES = (Private, ); }; };
> 		E3893A1D2203A7C600E79A74 /* AsyncFromSyncIteratorPrototype.lut.h in Headers */ = {isa = PBXBuildFile; fileRef = E3893A1C2203A7C600E79A74 /* AsyncFromSyncIteratorPrototype.lut.h */; };
>+		E38D999C221B78BB00D50474 /* JSNonDestructibleProxy.h in Headers */ = {isa = PBXBuildFile; fileRef = E38D999A221B789F00D50474 /* JSNonDestructibleProxy.h */; settings = {ATTRIBUTES = (Private, ); }; };
> 		E39006212208BFC4001019CF /* SubspaceAccess.h in Headers */ = {isa = PBXBuildFile; fileRef = E39006202208BFC3001019CF /* SubspaceAccess.h */; settings = {ATTRIBUTES = (Private, ); }; };
> 		E393ADD81FE702D00022D681 /* WeakMapImplInlines.h in Headers */ = {isa = PBXBuildFile; fileRef = E393ADD71FE702CC0022D681 /* WeakMapImplInlines.h */; };
> 		E39D45F51D39005600B3B377 /* InterpreterInlines.h in Headers */ = {isa = PBXBuildFile; fileRef = E39D9D841D39000600667282 /* InterpreterInlines.h */; settings = {ATTRIBUTES = (Private, ); }; };
>@@ -4713,6 +4714,8 @@
> 		E38D060B1F8E814100649CF2 /* JSScriptFetchParameters.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSScriptFetchParameters.h; sourceTree = "<group>"; };
> 		E38D060C1F8E814100649CF2 /* ScriptFetchParameters.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ScriptFetchParameters.h; sourceTree = "<group>"; };
> 		E38D060D1F8E814100649CF2 /* JSScriptFetchParameters.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = JSScriptFetchParameters.cpp; sourceTree = "<group>"; };
>+		E38D999A221B789F00D50474 /* JSNonDestructibleProxy.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = JSNonDestructibleProxy.h; sourceTree = "<group>"; };
>+		E38D999B221B789F00D50474 /* JSNonDestructibleProxy.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = JSNonDestructibleProxy.cpp; sourceTree = "<group>"; };
> 		E39006202208BFC3001019CF /* SubspaceAccess.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SubspaceAccess.h; sourceTree = "<group>"; };
> 		E393ADD71FE702CC0022D681 /* WeakMapImplInlines.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WeakMapImplInlines.h; sourceTree = "<group>"; };
> 		E3963CEC1B73F75000EB4CE5 /* NodesAnalyzeModule.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = NodesAnalyzeModule.cpp; sourceTree = "<group>"; };
>@@ -6933,6 +6936,8 @@
> 				E39DA4A51B7E8B7C0084F33A /* JSModuleRecord.h */,
> 				E33E8D1A1B9013C300346B52 /* JSNativeStdFunction.cpp */,
> 				E33E8D1B1B9013C300346B52 /* JSNativeStdFunction.h */,
>+				E38D999B221B789F00D50474 /* JSNonDestructibleProxy.cpp */,
>+				E38D999A221B789F00D50474 /* JSNonDestructibleProxy.h */,
> 				BC22A3980E16E14800AF21C8 /* JSObject.cpp */,
> 				BC22A3990E16E14800AF21C8 /* JSObject.h */,
> 				0F93275E1C21EF7F00CF6564 /* JSObjectInlines.h */,
>@@ -8389,6 +8394,7 @@
> 				534E034E1E4D4B1600213F64 /* AccessCase.h in Headers */,
> 				E3BFD0BC1DAF808E0065DEA2 /* AccessCaseSnippetParams.h in Headers */,
> 				5370B4F61BF26205005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.h in Headers */,
>+				524E9D7322092B5200A6BEEE /* AirAllocateRegistersAndStackAndGenerateCode.h in Headers */,
> 				0F2AC56B1E8A0BD50001EE3F /* AirAllocateRegistersAndStackByLinearScan.h in Headers */,
> 				7965C2171E5D799600B7591D /* AirAllocateRegistersByGraphColoring.h in Headers */,
> 				0FEC856E1BDACDC70080FF74 /* AirAllocateStackByGraphColoring.h in Headers */,
>@@ -8857,7 +8863,6 @@
> 				A7D89CFE17A0B8CC00773AD8 /* DFGOSRAvailabilityAnalysisPhase.h in Headers */,
> 				0FD82E57141DAF1000179C94 /* DFGOSREntry.h in Headers */,
> 				0FD8A32617D51F5700CA2C40 /* DFGOSREntrypointCreationPhase.h in Headers */,
>-				524E9D7322092B5200A6BEEE /* AirAllocateRegistersAndStackAndGenerateCode.h in Headers */,
> 				0FC0976A1468A6F700CF2442 /* DFGOSRExit.h in Headers */,
> 				0F235BEC17178E7300690C7F /* DFGOSRExitBase.h in Headers */,
> 				0FFB921C16D02F110055A5DB /* DFGOSRExitCompilationInfo.h in Headers */,
>@@ -9336,6 +9341,7 @@
> 				E318CBC11B8AEF5100A2929D /* JSModuleNamespaceObject.h in Headers */,
> 				E39DA4A71B7E8B7C0084F33A /* JSModuleRecord.h in Headers */,
> 				E33E8D1D1B9013C300346B52 /* JSNativeStdFunction.h in Headers */,
>+				E38D999C221B78BB00D50474 /* JSNonDestructibleProxy.h in Headers */,
> 				BC18C4240E16F5CD00B34460 /* JSObject.h in Headers */,
> 				0F93275F1C21EF7F00CF6564 /* JSObjectInlines.h in Headers */,
> 				BC18C4250E16F5CD00B34460 /* JSObjectRef.h in Headers */,
>diff --git a/Source/JavaScriptCore/Sources.txt b/Source/JavaScriptCore/Sources.txt
>index c2fbd66d9b3c6e62e0cc39087e68f4b1d82f604e..ad719717cc22d90ce1443dc2259e4267aacb873a 100644
>--- a/Source/JavaScriptCore/Sources.txt
>+++ b/Source/JavaScriptCore/Sources.txt
>@@ -832,6 +832,7 @@ runtime/JSModuleLoader.cpp
> runtime/JSModuleNamespaceObject.cpp
> runtime/JSModuleRecord.cpp
> runtime/JSNativeStdFunction.cpp
>+runtime/JSNonDestructibleProxy.cpp
> runtime/JSONObject.cpp
> runtime/JSObject.cpp
> runtime/JSPromise.cpp
>diff --git a/Source/JavaScriptCore/runtime/JSGlobalObject.cpp b/Source/JavaScriptCore/runtime/JSGlobalObject.cpp
>index 493e481c73cb8cc0b5a504a74c9423131c5c7299..a91abd7bc36a6f3a894cb2f357d4d4a8c77bedbb 100644
>--- a/Source/JavaScriptCore/runtime/JSGlobalObject.cpp
>+++ b/Source/JavaScriptCore/runtime/JSGlobalObject.cpp
>@@ -109,6 +109,7 @@
> #include "JSModuleNamespaceObject.h"
> #include "JSModuleRecord.h"
> #include "JSNativeStdFunction.h"
>+#include "JSNonDestructibleProxy.h"
> #include "JSONObject.h"
> #include "JSPromise.h"
> #include "JSPromiseConstructor.h"
>@@ -1540,7 +1541,7 @@ void JSGlobalObject::resetPrototype(VM& vm, JSValue prototype)
>         oldLastInPrototypeChain->setPrototypeDirect(vm, objectPrototype);
> 
>     // Whenever we change the prototype of the global object, we need to create a new JSProxy with the correct prototype.
>-    setGlobalThis(vm, JSProxy::create(vm, JSProxy::createStructure(vm, this, prototype, PureForwardingProxyType), this));
>+    setGlobalThis(vm, JSNonDestructibleProxy::create(vm, JSNonDestructibleProxy::createStructure(vm, this, prototype, PureForwardingProxyType), this));
> }
> 
> void JSGlobalObject::visitChildren(JSCell* cell, SlotVisitor& visitor)
>@@ -1935,7 +1936,7 @@ void JSGlobalObject::finishCreation(VM& vm)
>     structure(vm)->setGlobalObject(vm, this);
>     m_runtimeFlags = m_globalObjectMethodTable->javaScriptRuntimeFlags(this);
>     init(vm);
>-    setGlobalThis(vm, JSProxy::create(vm, JSProxy::createStructure(vm, this, getPrototypeDirect(vm), PureForwardingProxyType), this));
>+    setGlobalThis(vm, JSNonDestructibleProxy::create(vm, JSNonDestructibleProxy::createStructure(vm, this, getPrototypeDirect(vm), PureForwardingProxyType), this));
>     ASSERT(type() == GlobalObjectType);
> }
> 
>diff --git a/Source/JavaScriptCore/runtime/JSNonDestructibleProxy.cpp b/Source/JavaScriptCore/runtime/JSNonDestructibleProxy.cpp
>new file mode 100644
>index 0000000000000000000000000000000000000000..24b80307d74b81b374847a51206cb456a5e22d7d
>--- /dev/null
>+++ b/Source/JavaScriptCore/runtime/JSNonDestructibleProxy.cpp
>@@ -0,0 +1,33 @@
>+/*
>+ * Copyright (C) 2011-2012, 2016-2017 Apple Inc. All rights reserved.
>+ *
>+ * Redistribution and use in source and binary forms, with or without
>+ * modification, are permitted provided that the following conditions
>+ * are met:
>+ * 1. Redistributions of source code must retain the above copyright
>+ *    notice, this list of conditions and the following disclaimer.
>+ * 2. Redistributions in binary form must reproduce the above copyright
>+ *    notice, this list of conditions and the following disclaimer in the
>+ *    documentation and/or other materials provided with the distribution.
>+ *
>+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
>+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
>+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
>+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
>+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
>+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
>+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
>+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
>+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
>+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
>+ * THE POSSIBILITY OF SUCH DAMAGE.
>+ */
>+
>+#include "config.h"
>+#include "JSNonDestructibleProxy.h"
>+
>+namespace JSC {
>+
>+const ClassInfo JSNonDestructibleProxy::s_info = { "JSNonDestructibleProxy", &Base::s_info, nullptr, nullptr, CREATE_METHOD_TABLE(JSNonDestructibleProxy) };
>+
>+} // namespace JSC
>diff --git a/Source/JavaScriptCore/runtime/JSNonDestructibleProxy.h b/Source/JavaScriptCore/runtime/JSNonDestructibleProxy.h
>new file mode 100644
>index 0000000000000000000000000000000000000000..ebf97dfeeccb3a4b17dfbc6c0b7c06fb956f3d46
>--- /dev/null
>+++ b/Source/JavaScriptCore/runtime/JSNonDestructibleProxy.h
>@@ -0,0 +1,73 @@
>+/*
>+ * Copyright (C) 2019 Apple Inc. All rights reserved.
>+ *
>+ * Redistribution and use in source and binary forms, with or without
>+ * modification, are permitted provided that the following conditions
>+ * are met:
>+ * 1. Redistributions of source code must retain the above copyright
>+ *    notice, this list of conditions and the following disclaimer.
>+ * 2. Redistributions in binary form must reproduce the above copyright
>+ *    notice, this list of conditions and the following disclaimer in the
>+ *    documentation and/or other materials provided with the distribution.
>+ *
>+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
>+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
>+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
>+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
>+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
>+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
>+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
>+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
>+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
>+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>+ */
>+
>+#pragma once
>+
>+#include "JSProxy.h"
>+
>+namespace JSC {
>+
>+class JSNonDestructibleProxy : public JSProxy {
>+public:
>+    using Base = JSProxy;
>+    static const unsigned StructureFlags = Base::StructureFlags;
>+    static const bool needsDestruction = false;
>+
>+    template<typename CellType, SubspaceAccess mode>
>+    static CompleteSubspace* subspaceFor(VM& vm)
>+    {
>+        return JSNonFinalObject::subspaceFor<CellType, mode>(vm);
>+    }
>+
>+    static JSNonDestructibleProxy* create(VM& vm, Structure* structure, JSObject* target)
>+    {
>+        JSNonDestructibleProxy* proxy = new (NotNull, allocateCell<JSNonDestructibleProxy>(vm.heap)) JSNonDestructibleProxy(vm, structure);
>+        proxy->finishCreation(vm, target);
>+        return proxy;
>+    }
>+
>+    static JSNonDestructibleProxy* create(VM& vm, Structure* structure)
>+    {
>+        JSNonDestructibleProxy* proxy = new (NotNull, allocateCell<JSNonDestructibleProxy>(vm.heap)) JSNonDestructibleProxy(vm, structure);
>+        proxy->finishCreation(vm);
>+        return proxy;
>+    }
>+
>+    static Structure* createStructure(VM& vm, JSGlobalObject* globalObject, JSValue prototype, JSType proxyType)
>+    {
>+        ASSERT(proxyType == ImpureProxyType || proxyType == PureForwardingProxyType);
>+        return Structure::create(vm, globalObject, prototype, TypeInfo(proxyType, StructureFlags), info());
>+    }
>+
>+    DECLARE_EXPORT_INFO;
>+
>+protected:
>+    JSNonDestructibleProxy(VM& vm, Structure* structure)
>+        : Base(vm, structure)
>+    {
>+    }
>+};
>+
>+} // namespace JSC
>diff --git a/Source/JavaScriptCore/runtime/JSProxy.h b/Source/JavaScriptCore/runtime/JSProxy.h
>index 0bd35c9d6fa67b892b5cca6169bed07b2f668531..ace1703ccf4d574bf1b4ca9f8392975c5aa8d936 100644
>--- a/Source/JavaScriptCore/runtime/JSProxy.h
>+++ b/Source/JavaScriptCore/runtime/JSProxy.h
>@@ -31,7 +31,7 @@ namespace JSC {
> 
> class JSProxy : public JSDestructibleObject {
> public:
>-    typedef JSDestructibleObject Base;
>+    using Base = JSDestructibleObject;
>     static const unsigned StructureFlags = Base::StructureFlags | OverridesGetOwnPropertySlot | OverridesGetPropertyNames | InterceptsGetOwnPropertySlotByIndexEvenWhenLengthIsNotZero;
> 
>     static JSProxy* create(VM& vm, Structure* structure, JSObject* target)
>@@ -63,7 +63,7 @@ class JSProxy : public JSDestructibleObject {
> 
> protected:
>     JSProxy(VM& vm, Structure* structure)
>-        : JSDestructibleObject(vm, structure)
>+        : Base(vm, structure)
>     {
>     }
>

Flags:

saam: review+

Actions: View | Formatted Diff | Diff

Attachments on bug 194799: 362354