fourthTier: DFG tries to ref/deref StringImpls in a ton of places
authoroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 25 Jul 2013 03:59:29 +0000 (03:59 +0000)
committeroliver@apple.com <oliver@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 25 Jul 2013 03:59:29 +0000 (03:59 +0000)
commitd9e52b5d7532b89b663a5fbcc595c88b33abede4
tree368fba9585ed2035c42e29ff6a55569cb9b2630b
parentfe8893082fb8d7e115da84bef3c1ef8e8506a9d8
fourthTier: DFG tries to ref/deref StringImpls in a ton of places
https://bugs.webkit.org/show_bug.cgi?id=115300

Source/JavaScriptCore:

Reviewed by Geoffrey Garen.

Change any code transitively called from DFG compilation to use StringImpl*
directly instead of String, Identifier, or PropertyName. I use the convention
of passing "StringImpl* uid" instead of an Identifier or PropertyName.

Switch over any code transitively called from DFG compilation to use CStrings
whenever possible for all of its debug dumping.

This makes it possible to compile things without hitting the ref/deref
assertion in StringImpl.

* JavaScriptCore.xcodeproj/project.pbxproj:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::inferredName):
(JSC::CodeBlock::sourceCodeForTools):
(JSC::CodeBlock::sourceCodeOnOneLine):
(JSC::constantName):
(JSC::idName):
(JSC::CodeBlock::registerName):
(JSC::regexpToSourceString):
(JSC::regexpName):
(JSC::pointerToSourceString):
(JSC::CodeBlock::printUnaryOp):
(JSC::CodeBlock::printBinaryOp):
(JSC::CodeBlock::printConditionalJump):
(JSC::CodeBlock::printGetByIdOp):
(JSC::dumpStructure):
(JSC::CodeBlock::printCallOp):
(JSC::CodeBlock::printPutByIdOp):
(JSC::CodeBlock::printStructure):
(JSC::CodeBlock::printStructures):
(JSC::CodeBlock::dumpBytecode):
* bytecode/CodeBlock.h:
(CodeBlock):
* bytecode/CodeBlockHash.cpp:
(JSC::CodeBlockHash::CodeBlockHash):
* bytecode/CodeOrigin.cpp:
(JSC::InlineCallFrame::inferredName):
* bytecode/CodeOrigin.h:
(InlineCallFrame):
* bytecode/GetByIdStatus.cpp:
(JSC::GetByIdStatus::computeFromLLInt):
(JSC::GetByIdStatus::computeForChain):
(JSC::GetByIdStatus::computeFor):
* bytecode/GetByIdStatus.h:
(JSC):
(GetByIdStatus):
* bytecode/PutByIdStatus.cpp:
(JSC::PutByIdStatus::computeFromLLInt):
(JSC::PutByIdStatus::computeFor):
* bytecode/PutByIdStatus.h:
(JSC):
(PutByIdStatus):
* bytecode/ReduceWhitespace.cpp:
(JSC::reduceWhitespace):
* bytecode/ReduceWhitespace.h:
(JSC):
* bytecode/ResolveGlobalStatus.cpp:
(JSC::computeForStructure):
(JSC::ResolveGlobalStatus::computeFor):
* bytecode/ResolveGlobalStatus.h:
(JSC):
(ResolveGlobalStatus):
* dfg/DFGAbstractState.cpp:
(JSC::DFG::AbstractState::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(ByteCodeParser):
(JSC::DFG::ByteCodeParser::parseResolveOperations):
(JSC::DFG::ByteCodeParser::parseBlock):
(JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
* dfg/DFGConstantFoldingPhase.cpp:
(JSC::DFG::ConstantFoldingPhase::foldConstants):
* dfg/DFGDesiredIdentifiers.cpp: Added.
(DFG):
(JSC::DFG::DesiredIdentifiers::DesiredIdentifiers):
(JSC::DFG::DesiredIdentifiers::~DesiredIdentifiers):
(JSC::DFG::DesiredIdentifiers::addLazily):
(JSC::DFG::DesiredIdentifiers::reallyAdd):
* dfg/DFGDesiredIdentifiers.h: Added.
(DFG):
(DesiredIdentifiers):
(JSC::DFG::DesiredIdentifiers::numberOfIdentifiers):
(JSC::DFG::DesiredIdentifiers::at):
(JSC::DFG::DesiredIdentifiers::operator[]):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
(JSC::DFG::FixupPhase::isStringPrototypeMethodSane):
(JSC::DFG::FixupPhase::canOptimizeStringObjectAccess):
* dfg/DFGGraph.cpp:
(JSC::DFG::Graph::Graph):
(JSC::DFG::Graph::dump):
* dfg/DFGGraph.h:
(Graph):
* dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::link):
* dfg/DFGOperations.cpp:
* dfg/DFGOperations.h:
* dfg/DFGRepatch.cpp:
(JSC::DFG::tryBuildGetByIDList):
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::identifierUID):
(JSC::DFG::SpeculativeJIT::callOperation):
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::cachedGetById):
(JSC::DFG::SpeculativeJIT::cachedPutById):
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::cachedGetById):
(JSC::DFG::SpeculativeJIT::cachedPutById):
(JSC::DFG::SpeculativeJIT::compile):
* parser/SourceCode.cpp: Added.
(JSC):
(JSC::SourceCode::toUTF8):
* parser/SourceCode.h:
(SourceCode):
* profiler/ProfilerBytecodes.cpp:
(JSC::Profiler::Bytecodes::toJS):
* profiler/ProfilerBytecodes.h:
(JSC::Profiler::Bytecodes::inferredName):
(JSC::Profiler::Bytecodes::sourceCode):
(Bytecodes):
* runtime/Identifier.h:
(JSC::Identifier::utf8):
(JSC):
* runtime/Structure.cpp:
(JSC::Structure::addPropertyTransitionToExistingStructureImpl):
(JSC::Structure::addPropertyTransitionToExistingStructure):
(JSC::Structure::addPropertyTransitionToExistingStructureConcurrently):
(JSC::Structure::getConcurrently):
(JSC::Structure::prototypeChainMayInterceptStoreTo):
(JSC):
* runtime/Structure.h:
(Structure):
* runtime/StructureInlines.h:
(JSC::Structure::getConcurrently):

Source/WTF:

Reviewed by Geoffrey Garen.

Make it possible to do more things directly to StringImpl*'s, including being
able to directly do utf8 conversion on a substring without creating the
substring first.

Add assertions to StringImpl that it isn't being ref/deref'd from the
compilation thread.

* wtf/PrintStream.cpp:
(WTF::printInternal):
(WTF):
* wtf/PrintStream.h:
(WTF):
(WTF::printInternal):
* wtf/StringPrintStream.h:
(WTF):
(WTF::toCString):
* wtf/text/StringImpl.cpp:
(WTF::StringImpl::utf8ForRange):
(WTF::StringImpl::utf8):
(WTF):
* wtf/text/StringImpl.h:
(StringImpl):
(WTF::StringImpl::hasAtLeastOneRef):
(WTF::StringImpl::ref):
(WTF::StringImpl::deref):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@153142 268f45cc-cd09-0410-ab3c-d52691b4dbfc
44 files changed:
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
Source/JavaScriptCore/bytecode/CodeBlock.cpp
Source/JavaScriptCore/bytecode/CodeBlock.h
Source/JavaScriptCore/bytecode/CodeBlockHash.cpp
Source/JavaScriptCore/bytecode/CodeOrigin.cpp
Source/JavaScriptCore/bytecode/CodeOrigin.h
Source/JavaScriptCore/bytecode/GetByIdStatus.cpp
Source/JavaScriptCore/bytecode/GetByIdStatus.h
Source/JavaScriptCore/bytecode/PutByIdStatus.cpp
Source/JavaScriptCore/bytecode/PutByIdStatus.h
Source/JavaScriptCore/bytecode/ReduceWhitespace.cpp
Source/JavaScriptCore/bytecode/ReduceWhitespace.h
Source/JavaScriptCore/bytecode/ResolveGlobalStatus.cpp
Source/JavaScriptCore/bytecode/ResolveGlobalStatus.h
Source/JavaScriptCore/dfg/DFGAbstractState.cpp
Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
Source/JavaScriptCore/dfg/DFGConstantFoldingPhase.cpp
Source/JavaScriptCore/dfg/DFGDesiredIdentifiers.cpp [new file with mode: 0644]
Source/JavaScriptCore/dfg/DFGDesiredIdentifiers.h [new file with mode: 0644]
Source/JavaScriptCore/dfg/DFGFixupPhase.cpp
Source/JavaScriptCore/dfg/DFGGraph.cpp
Source/JavaScriptCore/dfg/DFGGraph.h
Source/JavaScriptCore/dfg/DFGJITCompiler.cpp
Source/JavaScriptCore/dfg/DFGOperations.cpp
Source/JavaScriptCore/dfg/DFGOperations.h
Source/JavaScriptCore/dfg/DFGRepatch.cpp
Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h
Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp
Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
Source/JavaScriptCore/parser/SourceCode.cpp [new file with mode: 0644]
Source/JavaScriptCore/parser/SourceCode.h
Source/JavaScriptCore/profiler/ProfilerBytecodes.cpp
Source/JavaScriptCore/profiler/ProfilerBytecodes.h
Source/JavaScriptCore/runtime/Identifier.h
Source/JavaScriptCore/runtime/Structure.cpp
Source/JavaScriptCore/runtime/Structure.h
Source/JavaScriptCore/runtime/StructureInlines.h
Source/WTF/ChangeLog
Source/WTF/wtf/PrintStream.cpp
Source/WTF/wtf/PrintStream.h
Source/WTF/wtf/StringPrintStream.h
Source/WTF/wtf/text/StringImpl.cpp
Source/WTF/wtf/text/StringImpl.h