[webkit-changes] [WebKit/WebKit] 57affb: [JSC] Handler IC Getter / Setter / Proxy accessors...

Wed, 22 May 2024 10:06:37 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 57affb62969db66ef07975567f4876d62d86da55
      
https://github.com/WebKit/WebKit/commit/57affb62969db66ef07975567f4876d62d86da55
  Author: Yusuke Suzuki <ysuz...@apple.com>
  Date:   2024-05-22 (Wed, 22 May 2024)

  Changed paths:
    M LayoutTests/platform/mac/TestExpectations
    M Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp
    M Source/JavaScriptCore/dfg/DFGJITCode.cpp
    M Source/JavaScriptCore/llint/LLIntData.cpp
    M Source/JavaScriptCore/runtime/JSGlobalObject.cpp
    M Source/JavaScriptCore/runtime/JSGlobalObject.h
    M Source/JavaScriptCore/runtime/JSGlobalObjectInlines.h
    M Source/JavaScriptCore/runtime/StructureInlines.h

  Log Message:
  -----------
  [JSC] Handler IC Getter / Setter / Proxy accessors should not use 
m_globalObject
https://bugs.webkit.org/show_bug.cgi?id=274485
rdar://128494111

Reviewed by Mark Lam.

Since Handler IC can be shared across JSGlobalObjects, the generated code 
should not rely on that.
This patch fixes so that all access are done through JSGlobalObject offered at 
runtime.
We made all necessary fields of JSGlobalObject from JIT.

* Source/JavaScriptCore/bytecode/InlineCacheCompiler.cpp:
(JSC::InlineCacheCompiler::generateWithGuard):
(JSC::InlineCacheCompiler::generateImpl):
(JSC::InlineCacheCompiler::emitProxyObjectAccess):
* Source/JavaScriptCore/runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildrenImpl):
* Source/JavaScriptCore/runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::symbolPrototype const):
(JSC::JSGlobalObject::dateStructure const):
(JSC::JSGlobalObject::symbolObjectStructure const):
(JSC::JSGlobalObject::offsetOfPerformProxyObjectHasFunction):
(JSC::JSGlobalObject::offsetOfPerformProxyObjectGetFunction):
(JSC::JSGlobalObject::offsetOfPerformProxyObjectGetByValFunction):
(JSC::JSGlobalObject::offsetOfPerformProxyObjectSetStrictFunction):
(JSC::JSGlobalObject::offsetOfPerformProxyObjectSetSloppyFunction):
(JSC::JSGlobalObject::offsetOfNullSetterStrictFunction):
(JSC::JSGlobalObject::offsetOfStringPrototype):
(JSC::JSGlobalObject::offsetOfBigIntPrototype):
(JSC::JSGlobalObject::offsetOfSymbolPrototype):
* Source/JavaScriptCore/runtime/JSGlobalObjectInlines.h:
(JSC::JSGlobalObject::performProxyObjectHasFunction const):
(JSC::JSGlobalObject::performProxyObjectGetFunction const):
(JSC::JSGlobalObject::performProxyObjectGetFunctionConcurrently const):
(JSC::JSGlobalObject::performProxyObjectGetByValFunction const):
(JSC::JSGlobalObject::performProxyObjectGetByValFunctionConcurrently const):
(JSC::JSGlobalObject::performProxyObjectSetSloppyFunction const):
(JSC::JSGlobalObject::performProxyObjectSetSloppyFunctionConcurrently const):
(JSC::JSGlobalObject::performProxyObjectSetStrictFunction const):
(JSC::JSGlobalObject::performProxyObjectSetStrictFunctionConcurrently const):
* Source/JavaScriptCore/runtime/StructureInlines.h:

Canonical link: https://commits.webkit.org/279136@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to