Implementing caching transition puts that need to reallocate with indexing storage
authorfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 8 Apr 2016 02:11:48 +0000 (02:11 +0000)
committerfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 8 Apr 2016 02:11:48 +0000 (02:11 +0000)
commite1c2dd8a2b10f4459ff215df1aafd0daeed7105c
treeb37fa333135bfe7087c6f65c514785b6e37d9bc4
parent7e9adc40295807ec9db389ff332b949dcb931511
Implementing caching transition puts that need to reallocate with indexing storage
https://bugs.webkit.org/show_bug.cgi?id=130914

Reviewed by Saam Barati.

Source/JavaScriptCore:

This enables the IC's put_by_id path to handle reallocating the out-of-line storage even if
the butterfly has indexing storage. Like the DFG, we do this by calling operations that
reallocate the butterfly. Those use JSObject API and do all of the nasty work for us, like
triggering a barrier.

This does a bunch of refactoring to how PolymorphicAccess makes calls. It's a lot easier to
do it now because the hard work is hidden under AccessGenerationState methods. This means
that custom accessors now share logic with put_by_id transitions.

* bytecode/PolymorphicAccess.cpp:
(JSC::AccessGenerationState::succeed):
(JSC::AccessGenerationState::calculateLiveRegistersForCallAndExceptionHandling):
(JSC::AccessGenerationState::preserveLiveRegistersToStackForCall):
(JSC::AccessGenerationState::originalCallSiteIndex):
(JSC::AccessGenerationState::emitExplicitExceptionHandler):
(JSC::AccessCase::AccessCase):
(JSC::AccessCase::transition):
(JSC::AccessCase::generate):
(JSC::PolymorphicAccess::regenerate):
* bytecode/PolymorphicAccess.h:
(JSC::AccessGenerationState::needsToRestoreRegistersIfException):
(JSC::AccessGenerationState::liveRegistersToPreserveAtExceptionHandlingCallSite):
* dfg/DFGOperations.cpp:
* dfg/DFGOperations.h:
* jit/JITOperations.cpp:
* jit/JITOperations.h:

LayoutTests:

* js/regress/put-by-id-transition-with-indexing-header-expected.txt: Added.
* js/regress/put-by-id-transition-with-indexing-header.html: Added.
* js/regress/script-tests/put-by-id-transition-with-indexing-header.js: Added.
(allocate):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@199209 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/js/regress/put-by-id-transition-with-indexing-header-expected.txt [new file with mode: 0644]
LayoutTests/js/regress/put-by-id-transition-with-indexing-header.html [new file with mode: 0644]
LayoutTests/js/regress/script-tests/put-by-id-transition-with-indexing-header.js [new file with mode: 0644]
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp
Source/JavaScriptCore/bytecode/PolymorphicAccess.h
Source/JavaScriptCore/dfg/DFGOperations.cpp
Source/JavaScriptCore/dfg/DFGOperations.h
Source/JavaScriptCore/jit/JITOperations.cpp
Source/JavaScriptCore/jit/JITOperations.h