Diff
Modified: trunk/ChangeLog (182898 => 182899)
--- trunk/ChangeLog 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/ChangeLog 2015-04-16 19:15:09 UTC (rev 182899)
@@ -1,3 +1,12 @@
+2015-04-16 Basile Clement <basile_clem...@apple.com>
+
+ Extract the allocation profile from JSFunction into a rare object
+ https://bugs.webkit.org/show_bug.cgi?id=143807
+
+ Reviewed by Filip Pizlo.
+
+ * WebKit.xcworkspace/contents.xcworkspacedata:
+
2015-04-16 Csaba Osztrogonác <o...@webkit.org>
[EFL] Bump LLVM to version 3.6.0 on X86_64
Modified: trunk/Source/_javascript_Core/CMakeLists.txt (182898 => 182899)
--- trunk/Source/_javascript_Core/CMakeLists.txt 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/CMakeLists.txt 2015-04-16 19:15:09 UTC (rev 182899)
@@ -448,6 +448,7 @@
runtime/FunctionExecutableDump.cpp
runtime/FunctionHasExecutedCache.cpp
runtime/FunctionPrototype.cpp
+ runtime/FunctionRareData.cpp
runtime/GetterSetter.cpp
runtime/Identifier.cpp
runtime/IndexingType.cpp
Modified: trunk/Source/_javascript_Core/ChangeLog (182898 => 182899)
--- trunk/Source/_javascript_Core/ChangeLog 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/ChangeLog 2015-04-16 19:15:09 UTC (rev 182899)
@@ -1,3 +1,74 @@
+2015-04-16 Basile Clement <basile_clem...@apple.com>
+
+ Extract the allocation profile from JSFunction into a rare object
+ https://bugs.webkit.org/show_bug.cgi?id=143807
+
+ Reviewed by Filip Pizlo.
+
+ The allocation profile is only needed for those functions that are used
+ to create objects with [new].
+ Extracting it into its own JSCell removes the need for JSFunction and
+ JSCallee to be JSDestructibleObjects, which should improve performances in most
+ cases at the cost of an extra pointer dereference when the allocation profile
+ is actually needed.
+
+ * CMakeLists.txt:
+ * _javascript_Core.vcxproj/_javascript_Core.vcxproj:
+ * _javascript_Core.vcxproj/_javascript_Core.vcxproj.filters:
+ * _javascript_Core.xcodeproj/project.pbxproj:
+ * dfg/DFGOperations.cpp:
+ * dfg/DFGSpeculativeJIT32_64.cpp:
+ (JSC::DFG::SpeculativeJIT::compile):
+ * dfg/DFGSpeculativeJIT64.cpp:
+ (JSC::DFG::SpeculativeJIT::compile):
+ * jit/JITOpcodes.cpp:
+ (JSC::JIT::emit_op_create_this):
+ * jit/JITOpcodes32_64.cpp:
+ (JSC::JIT::emit_op_create_this):
+ * llint/LowLevelInterpreter32_64.asm:
+ * llint/LowLevelInterpreter64.asm:
+ * runtime/CommonSlowPaths.cpp:
+ (JSC::SLOW_PATH_DECL):
+ * runtime/FunctionRareData.cpp: Added.
+ (JSC::FunctionRareData::create):
+ (JSC::FunctionRareData::destroy):
+ (JSC::FunctionRareData::createStructure):
+ (JSC::FunctionRareData::visitChildren):
+ (JSC::FunctionRareData::FunctionRareData):
+ (JSC::FunctionRareData::~FunctionRareData):
+ (JSC::FunctionRareData::finishCreation):
+ * runtime/FunctionRareData.h: Added.
+ (JSC::FunctionRareData::offsetOfAllocationProfile):
+ (JSC::FunctionRareData::allocationProfile):
+ (JSC::FunctionRareData::allocationStructure):
+ (JSC::FunctionRareData::allocationProfileWatchpointSet):
+ * runtime/JSBoundFunction.cpp:
+ (JSC::JSBoundFunction::destroy): Deleted.
+ * runtime/JSBoundFunction.h:
+ * runtime/JSCallee.cpp:
+ (JSC::JSCallee::destroy): Deleted.
+ * runtime/JSCallee.h:
+ * runtime/JSFunction.cpp:
+ (JSC::JSFunction::JSFunction):
+ (JSC::JSFunction::createRareData):
+ (JSC::JSFunction::visitChildren):
+ (JSC::JSFunction::put):
+ (JSC::JSFunction::defineOwnProperty):
+ (JSC::JSFunction::destroy): Deleted.
+ (JSC::JSFunction::createAllocationProfile): Deleted.
+ * runtime/JSFunction.h:
+ (JSC::JSFunction::offsetOfRareData):
+ (JSC::JSFunction::rareData):
+ (JSC::JSFunction::allocationStructure):
+ (JSC::JSFunction::allocationProfileWatchpointSet):
+ (JSC::JSFunction::offsetOfAllocationProfile): Deleted.
+ (JSC::JSFunction::allocationProfile): Deleted.
+ * runtime/JSFunctionInlines.h:
+ (JSC::JSFunction::JSFunction):
+ * runtime/VM.cpp:
+ (JSC::VM::VM):
+ * runtime/VM.h:
+
2015-04-16 Csaba Osztrogonác <o...@webkit.org>
Remove the unnecessary WTF_CHANGES define
Modified: trunk/Source/_javascript_Core/_javascript_Core.vcxproj/_javascript_Core.vcxproj (182898 => 182899)
--- trunk/Source/_javascript_Core/_javascript_Core.vcxproj/_javascript_Core.vcxproj 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/_javascript_Core.vcxproj/_javascript_Core.vcxproj 2015-04-16 19:15:09 UTC (rev 182899)
@@ -716,6 +716,7 @@
<ClCompile Include="..\runtime\FunctionExecutableDump.cpp" />
<ClCompile Include="..\runtime\FunctionHasExecutedCache.cpp" />
<ClCompile Include="..\runtime\FunctionPrototype.cpp" />
+ <ClCompile Include="..\runtime\FunctionRareData.cpp" />
<ClCompile Include="..\runtime\GetterSetter.cpp" />
<ClCompile Include="..\runtime\Identifier.cpp" />
<ClCompile Include="..\runtime\IndexingType.cpp" />
@@ -1496,6 +1497,7 @@
<ClInclude Include="..\runtime\FunctionExecutableDump.h" />
<ClInclude Include="..\runtime\FunctionHasExecutedCache.h" />
<ClInclude Include="..\runtime\FunctionPrototype.h" />
+ <ClInclude Include="..\runtime\FunctionRareData.h" />
<ClInclude Include="..\runtime\GenericArguments.h" />
<ClInclude Include="..\runtime\GenericArgumentsInlines.h" />
<ClInclude Include="..\runtime\GenericOffset.h" />
Modified: trunk/Source/_javascript_Core/_javascript_Core.vcxproj/_javascript_Core.vcxproj.filters (182898 => 182899)
--- trunk/Source/_javascript_Core/_javascript_Core.vcxproj/_javascript_Core.vcxproj.filters 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/_javascript_Core.vcxproj/_javascript_Core.vcxproj.filters 2015-04-16 19:15:09 UTC (rev 182899)
@@ -606,6 +606,9 @@
<ClCompile Include="..\runtime\FunctionPrototype.cpp">
<Filter>runtime</Filter>
</ClCompile>
+ <ClCompile Include="..\runtime\FunctionRareData.cpp">
+ <Filter>runtime</Filter>
+ </ClCompile>
<ClCompile Include="..\runtime\GetterSetter.cpp">
<Filter>runtime</Filter>
</ClCompile>
@@ -2633,6 +2636,9 @@
<ClInclude Include="..\runtime\FunctionPrototype.h">
<Filter>runtime</Filter>
</ClInclude>
+ <ClInclude Include="..\runtime\FunctionRareData.h">
+ <Filter>runtime</Filter>
+ </ClInclude>
<ClInclude Include="..\runtime\GetterSetter.h">
<Filter>runtime</Filter>
</ClInclude>
Modified: trunk/Source/_javascript_Core/_javascript_Core.xcodeproj/project.pbxproj (182898 => 182899)
--- trunk/Source/_javascript_Core/_javascript_Core.xcodeproj/project.pbxproj 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/_javascript_Core.xcodeproj/project.pbxproj 2015-04-16 19:15:09 UTC (rev 182899)
@@ -953,6 +953,8 @@
5DBB151B131D0B310056AD36 /* testapi.js in Copy Support Script */ = {isa = PBXBuildFile; fileRef = 14D857740A4696C80032146C /* testapi.js */; };
5DBB1525131D0BD70056AD36 /* minidom.js in Copy Support Script */ = {isa = PBXBuildFile; fileRef = 1412110D0A48788700480255 /* minidom.js */; };
5DE6E5B30E1728EC00180407 /* create_hash_table in Headers */ = {isa = PBXBuildFile; fileRef = F692A8540255597D01FF60F7 /* create_hash_table */; settings = {ATTRIBUTES = (); }; };
+ 62D2D38F1ADF103F000206C1 /* FunctionRareData.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 62D2D38D1ADF103F000206C1 /* FunctionRareData.cpp */; };
+ 62D2D3901ADF103F000206C1 /* FunctionRareData.h in Headers */ = {isa = PBXBuildFile; fileRef = 62D2D38E1ADF103F000206C1 /* FunctionRareData.h */; settings = {ATTRIBUTES = (Private, ); }; };
6507D29E0E871E5E00D7D896 /* JSTypeInfo.h in Headers */ = {isa = PBXBuildFile; fileRef = 6507D2970E871E4A00D7D896 /* JSTypeInfo.h */; settings = {ATTRIBUTES = (Private, ); }; };
651122FD14046A4C002B101D /* _javascript_Core.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 932F5BD90822A1C700736975 /* _javascript_Core.framework */; };
651122FE14046A4C002B101D /* libedit.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = 5D5D8AD00E0D0EBE00F9C692 /* libedit.dylib */; };
@@ -2644,6 +2646,8 @@
5DAFD6CB146B686300FBEFB4 /* JSC.xcconfig */ = {isa = PBXFileReference; lastKnownFileType = text.xcconfig; path = JSC.xcconfig; sourceTree = "<group>"; };
5DDDF44614FEE72200B4FB4D /* LLIntDesiredOffsets.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = LLIntDesiredOffsets.h; path = LLIntOffsets/LLIntDesiredOffsets.h; sourceTree = BUILT_PRODUCTS_DIR; };
5DE3D0F40DD8DDFB00468714 /* WebKitAvailability.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WebKitAvailability.h; sourceTree = "<group>"; };
+ 62D2D38D1ADF103F000206C1 /* FunctionRareData.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = FunctionRareData.cpp; sourceTree = "<group>"; };
+ 62D2D38E1ADF103F000206C1 /* FunctionRareData.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = FunctionRareData.h; sourceTree = "<group>"; };
6507D2970E871E4A00D7D896 /* JSTypeInfo.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSTypeInfo.h; sourceTree = "<group>"; };
651122E5140469BA002B101D /* testRegExp.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = testRegExp.cpp; sourceTree = "<group>"; };
6511230514046A4C002B101D /* testRegExp */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = testRegExp; sourceTree = BUILT_PRODUCTS_DIR; };
@@ -4397,6 +4401,8 @@
52B310FA1974AE610080857C /* FunctionHasExecutedCache.h */,
F692A85C0255597D01FF60F7 /* FunctionPrototype.cpp */,
F692A85D0255597D01FF60F7 /* FunctionPrototype.h */,
+ 62D2D38D1ADF103F000206C1 /* FunctionRareData.cpp */,
+ 62D2D38E1ADF103F000206C1 /* FunctionRareData.h */,
0FE050111AA9091100D33B33 /* GenericArguments.h */,
0FE050121AA9091100D33B33 /* GenericArgumentsInlines.h */,
0FE050131AA9091100D33B33 /* GenericOffset.h */,
@@ -5624,6 +5630,7 @@
0F2B9CF719D0BAC100B1D1B5 /* FTLExitTimeObjectMaterialization.h in Headers */,
0FB7F39715ED8E4600F167B2 /* Butterfly.h in Headers */,
0FB7F39815ED8E4600F167B2 /* ButterflyInlines.h in Headers */,
+ 62D2D3901ADF103F000206C1 /* FunctionRareData.h in Headers */,
C2FCAE1117A9C24E0034C735 /* BytecodeBasicBlock.h in Headers */,
0F21C27F14BEAA8200ADC64B /* BytecodeConventions.h in Headers */,
969A07230ED1CE3300F1F681 /* BytecodeGenerator.h in Headers */,
@@ -7445,6 +7452,7 @@
A5BA15EC182340B400A82E69 /* RemoteInspectorDebuggableConnection.mm in Sources */,
A5BA15EE182340B400A82E69 /* RemoteInspectorXPCConnection.mm in Sources */,
0F24E55017EE274900ABB217 /* Repatch.cpp in Sources */,
+ 62D2D38F1ADF103F000206C1 /* FunctionRareData.cpp in Sources */,
0F7700921402FF3C0078EB39 /* SamplingCounter.cpp in Sources */,
1429D8850ED21C3D00B89619 /* SamplingTool.cpp in Sources */,
70EC0EC61AA0D7DA00B6AAFA /* StringIteratorPrototype.cpp in Sources */,
Modified: trunk/Source/_javascript_Core/dfg/DFGOperations.cpp (182898 => 182899)
--- trunk/Source/_javascript_Core/dfg/DFGOperations.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/dfg/DFGOperations.cpp 2015-04-16 19:15:09 UTC (rev 182899)
@@ -229,7 +229,7 @@
ASSERT(jsCast<JSFunction*>(constructor)->methodTable(vm)->getConstructData(jsCast<JSFunction*>(constructor), constructData) == ConstructTypeJS);
#endif
- return constructEmptyObject(exec, jsCast<JSFunction*>(constructor)->allocationProfile(exec, inlineCapacity)->structure());
+ return constructEmptyObject(exec, jsCast<JSFunction*>(constructor)->rareData(exec, inlineCapacity)->allocationProfile()->structure());
}
EncodedJSValue JIT_OPERATION operationValueAdd(ExecState* exec, EncodedJSValue encodedOp1, EncodedJSValue encodedOp2)
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp (182898 => 182899)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT32_64.cpp 2015-04-16 19:15:09 UTC (rev 182899)
@@ -3497,12 +3497,16 @@
GPRReg allocatorGPR = allocator.gpr();
GPRReg structureGPR = structure.gpr();
GPRReg scratchGPR = scratch.gpr();
+ // Rare data is only used to access the allocator & structure
+ // We can avoid using an additional GPR this way
+ GPRReg rareDataGPR = structureGPR;
MacroAssembler::JumpList slowPath;
- m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfAllocator()), allocatorGPR);
- m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfStructure()), structureGPR);
- slowPath.append(m_jit.branchTestPtr(MacroAssembler::Zero, allocatorGPR));
+ m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfRareData()), rareDataGPR);
+ slowPath.append(m_jit.branchTestPtr(MacroAssembler::Zero, rareDataGPR));
+ m_jit.loadPtr(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfAllocator()), allocatorGPR);
+ m_jit.loadPtr(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfStructure()), structureGPR);
emitAllocateJSObject(resultGPR, allocatorGPR, structureGPR, TrustedImmPtr(0), scratchGPR, slowPath);
addSlowPathGenerator(slowPathCall(slowPath, this, operationCreateThis, resultGPR, calleeGPR, node->inlineCapacity()));
Modified: trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp (182898 => 182899)
--- trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/dfg/DFGSpeculativeJIT64.cpp 2015-04-16 19:15:09 UTC (rev 182899)
@@ -3568,12 +3568,16 @@
GPRReg allocatorGPR = allocator.gpr();
GPRReg structureGPR = structure.gpr();
GPRReg scratchGPR = scratch.gpr();
+ // Rare data is only used to access the allocator & structure
+ // We can avoid using an additional GPR this way
+ GPRReg rareDataGPR = structureGPR;
MacroAssembler::JumpList slowPath;
-
- m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfAllocator()), allocatorGPR);
- m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfStructure()), structureGPR);
- slowPath.append(m_jit.branchTestPtr(MacroAssembler::Zero, allocatorGPR));
+
+ m_jit.loadPtr(JITCompiler::Address(calleeGPR, JSFunction::offsetOfRareData()), rareDataGPR);
+ slowPath.append(m_jit.branchTestPtr(MacroAssembler::Zero, rareDataGPR));
+ m_jit.loadPtr(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfAllocator()), allocatorGPR);
+ m_jit.loadPtr(JITCompiler::Address(rareDataGPR, FunctionRareData::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfStructure()), structureGPR);
emitAllocateJSObject(resultGPR, allocatorGPR, structureGPR, TrustedImmPtr(0), scratchGPR, slowPath);
addSlowPathGenerator(slowPathCall(slowPath, this, operationCreateThis, resultGPR, calleeGPR, node->inlineCapacity()));
Modified: trunk/Source/_javascript_Core/jit/JITOpcodes.cpp (182898 => 182899)
--- trunk/Source/_javascript_Core/jit/JITOpcodes.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/jit/JITOpcodes.cpp 2015-04-16 19:15:09 UTC (rev 182899)
@@ -695,15 +695,17 @@
{
int callee = currentInstruction[2].u.operand;
RegisterID calleeReg = regT0;
+ RegisterID rareDataReg = regT0;
RegisterID resultReg = regT0;
RegisterID allocatorReg = regT1;
RegisterID structureReg = regT2;
RegisterID scratchReg = regT3;
emitGetVirtualRegister(callee, calleeReg);
- loadPtr(Address(calleeReg, JSFunction::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfAllocator()), allocatorReg);
- loadPtr(Address(calleeReg, JSFunction::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfStructure()), structureReg);
- addSlowCase(branchTestPtr(Zero, allocatorReg));
+ loadPtr(Address(calleeReg, JSFunction::offsetOfRareData()), rareDataReg);
+ addSlowCase(branchTestPtr(Zero, rareDataReg));
+ loadPtr(Address(rareDataReg, FunctionRareData::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfAllocator()), allocatorReg);
+ loadPtr(Address(rareDataReg, FunctionRareData::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfStructure()), structureReg);
emitAllocateJSObject(allocatorReg, structureReg, resultReg, scratchReg);
emitPutVirtualRegister(currentInstruction[1].u.operand);
Modified: trunk/Source/_javascript_Core/jit/JITOpcodes32_64.cpp (182898 => 182899)
--- trunk/Source/_javascript_Core/jit/JITOpcodes32_64.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/jit/JITOpcodes32_64.cpp 2015-04-16 19:15:09 UTC (rev 182899)
@@ -914,15 +914,17 @@
{
int callee = currentInstruction[2].u.operand;
RegisterID calleeReg = regT0;
+ RegisterID rareDataReg = regT0;
RegisterID resultReg = regT0;
RegisterID allocatorReg = regT1;
RegisterID structureReg = regT2;
RegisterID scratchReg = regT3;
emitLoadPayload(callee, calleeReg);
- loadPtr(Address(calleeReg, JSFunction::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfAllocator()), allocatorReg);
- loadPtr(Address(calleeReg, JSFunction::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfStructure()), structureReg);
- addSlowCase(branchTestPtr(Zero, allocatorReg));
+ loadPtr(Address(calleeReg, JSFunction::offsetOfRareData()), rareDataReg);
+ addSlowCase(branchTestPtr(Zero, rareDataReg));
+ loadPtr(Address(rareDataReg, FunctionRareData::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfAllocator()), allocatorReg);
+ loadPtr(Address(rareDataReg, FunctionRareData::offsetOfAllocationProfile() + ObjectAllocationProfile::offsetOfStructure()), structureReg);
emitAllocateJSObject(allocatorReg, structureReg, resultReg, scratchReg);
emitStoreCell(currentInstruction[1].u.operand, resultReg);
Modified: trunk/Source/_javascript_Core/llint/LowLevelInterpreter32_64.asm (182898 => 182899)
--- trunk/Source/_javascript_Core/llint/LowLevelInterpreter32_64.asm 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/llint/LowLevelInterpreter32_64.asm 2015-04-16 19:15:09 UTC (rev 182899)
@@ -740,9 +740,10 @@
traceExecution()
loadi 8[PC], t0
loadp PayloadOffset[cfr, t0, 8], t0
- loadp JSFunction::m_allocationProfile + ObjectAllocationProfile::m_allocator[t0], t1
- loadp JSFunction::m_allocationProfile + ObjectAllocationProfile::m_structure[t0], t2
- btpz t1, .opCreateThisSlow
+ loadp JSFunction::m_rareData[t0], t4
+ btpz t4, .opCreateThisSlow
+ loadp FunctionRareData::m_allocationProfile + ObjectAllocationProfile::m_allocator[t4], t1
+ loadp FunctionRareData::m_allocationProfile + ObjectAllocationProfile::m_structure[t4], t2
allocateJSObject(t1, t2, t0, t3, .opCreateThisSlow)
loadi 4[PC], t1
storei CellTag, TagOffset[cfr, t1, 8]
Modified: trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm (182898 => 182899)
--- trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/llint/LowLevelInterpreter64.asm 2015-04-16 19:15:09 UTC (rev 182899)
@@ -626,9 +626,10 @@
traceExecution()
loadisFromInstruction(2, t0)
loadp [cfr, t0, 8], t0
- loadp JSFunction::m_allocationProfile + ObjectAllocationProfile::m_allocator[t0], t1
- loadp JSFunction::m_allocationProfile + ObjectAllocationProfile::m_structure[t0], t2
- btpz t1, .opCreateThisSlow
+ loadp JSFunction::m_rareData[t0], t4
+ btpz t4, .opCreateThisSlow
+ loadp FunctionRareData::m_allocationProfile + ObjectAllocationProfile::m_allocator[t4], t1
+ loadp FunctionRareData::m_allocationProfile + ObjectAllocationProfile::m_structure[t4], t2
allocateJSObject(t1, t2, t0, t3, .opCreateThisSlow)
loadisFromInstruction(1, t1)
storeq t0, [cfr, t1, 8]
Modified: trunk/Source/_javascript_Core/runtime/CommonSlowPaths.cpp (182898 => 182899)
--- trunk/Source/_javascript_Core/runtime/CommonSlowPaths.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/runtime/CommonSlowPaths.cpp 2015-04-16 19:15:09 UTC (rev 182899)
@@ -236,7 +236,7 @@
#endif
size_t inlineCapacity = pc[3].u.operand;
- Structure* structure = constructor->allocationProfile(exec, inlineCapacity)->structure();
+ Structure* structure = constructor->rareData(exec, inlineCapacity)->allocationProfile()->structure();
RETURN(constructEmptyObject(exec, structure));
}
Added: trunk/Source/_javascript_Core/runtime/FunctionRareData.cpp (0 => 182899)
--- trunk/Source/_javascript_Core/runtime/FunctionRareData.cpp (rev 0)
+++ trunk/Source/_javascript_Core/runtime/FunctionRareData.cpp 2015-04-16 19:15:09 UTC (rev 182899)
@@ -0,0 +1,86 @@
+/*
+ * Copyright (C) 2015 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "config.h"
+#include "FunctionRareData.h"
+
+#include "JSCInlines.h"
+
+namespace JSC {
+
+const ClassInfo FunctionRareData::s_info = { "FunctionRareData", 0, 0, CREATE_METHOD_TABLE(FunctionRareData) };
+
+FunctionRareData* FunctionRareData::create(VM& vm, JSObject* prototype, size_t inlineCapacity)
+{
+ FunctionRareData* rareData = new (NotNull, allocateCell<FunctionRareData>(vm.heap)) FunctionRareData(vm);
+ rareData->finishCreation(vm, prototype, inlineCapacity);
+ return rareData;
+}
+
+void FunctionRareData::destroy(JSCell* cell)
+{
+ FunctionRareData* rareData = static_cast<FunctionRareData*>(cell);
+ rareData->FunctionRareData::~FunctionRareData();
+}
+
+Structure* FunctionRareData::createStructure(VM& vm, JSGlobalObject* globalObject, JSValue prototype)
+{
+ return Structure::create(vm, globalObject, prototype, TypeInfo(CellType, StructureFlags), info());
+}
+
+void FunctionRareData::visitChildren(JSCell* cell, SlotVisitor& visitor)
+{
+ FunctionRareData* rareData = jsCast<FunctionRareData*>(cell);
+
+ rareData->m_allocationProfile.visitAggregate(visitor);
+}
+
+FunctionRareData::FunctionRareData(VM& vm)
+ : Base(vm, vm.functionRareDataStructure.get())
+ , m_allocationProfile()
+ // We initialize blind so that changes to the prototype after function creation but before
+ // the optimizer kicks in don't disable optimizations. Once the optimizer kicks in, the
+ // watchpoint will start watching and any changes will both force deoptimization and disable
+ // future attempts to optimize. This is necessary because we are guaranteed that the
+ // allocation profile is changed exactly once prior to optimizations kicking in. We could be
+ // smarter and count the number of times the prototype is clobbered and only optimize if it
+ // was clobbered exactly once, but that seems like overkill. In almost all cases it will be
+ // clobbered once, and if it's clobbered more than once, that will probably only occur
+ // before we started optimizing, anyway.
+ , m_allocationProfileWatchpoint(ClearWatchpoint)
+{
+}
+
+FunctionRareData::~FunctionRareData()
+{
+}
+
+void FunctionRareData::finishCreation(VM& vm, JSObject* prototype, size_t inlineCapacity)
+{
+ Base::finishCreation(vm);
+ m_allocationProfile.initialize(vm, this, prototype, inlineCapacity);
+}
+
+}
Added: trunk/Source/_javascript_Core/runtime/FunctionRareData.h (0 => 182899)
--- trunk/Source/_javascript_Core/runtime/FunctionRareData.h (rev 0)
+++ trunk/Source/_javascript_Core/runtime/FunctionRareData.h 2015-04-16 19:15:09 UTC (rev 182899)
@@ -0,0 +1,97 @@
+/*
+ * Copyright (C) 2015 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef FunctionRareData_h
+#define FunctionRareData_h
+
+#include "JSCell.h"
+#include "ObjectAllocationProfile.h"
+#include "Watchpoint.h"
+
+namespace JSC {
+
+class JSGlobalObject;
+class LLIntOffsetsExtractor;
+namespace DFG {
+class SpeculativeJIT;
+class JITCompiler;
+}
+
+class FunctionRareData : public JSCell {
+ friend class JIT;
+ friend class DFG::SpeculativeJIT;
+ friend class DFG::JITCompiler;
+ friend class VM;
+
+public:
+ typedef JSCell Base;
+ static const unsigned StructureFlags = StructureIsImmortal | Base::StructureFlags;
+
+ static FunctionRareData* create(VM&, JSObject* prototype, size_t inlineCapacity);
+
+ static const bool needsDestruction = true;
+ static void destroy(JSCell*);
+
+ static Structure* createStructure(VM&, JSGlobalObject*, JSValue prototype);
+
+ static void visitChildren(JSCell*, SlotVisitor&);
+
+ DECLARE_INFO;
+
+ static inline ptrdiff_t offsetOfAllocationProfile()
+ {
+ return OBJECT_OFFSETOF(FunctionRareData, m_allocationProfile);
+ }
+
+ ObjectAllocationProfile* allocationProfile()
+ {
+ return &m_allocationProfile;
+ }
+
+ Structure* allocationStructure() { return m_allocationProfile.structure(); }
+
+ InlineWatchpointSet& allocationProfileWatchpointSet()
+ {
+ return m_allocationProfileWatchpoint;
+ }
+
+protected:
+ FunctionRareData(VM&);
+ ~FunctionRareData();
+
+ void finishCreation(VM&, JSObject* prototype, size_t inlineCapacity);
+ using Base::finishCreation;
+
+private:
+
+ friend class LLIntOffsetsExtractor;
+
+ ObjectAllocationProfile m_allocationProfile;
+ InlineWatchpointSet m_allocationProfileWatchpoint;
+};
+
+} // namespace JSC
+
+#endif // FunctionRareData_h
Modified: trunk/Source/_javascript_Core/runtime/JSBoundFunction.cpp (182898 => 182899)
--- trunk/Source/_javascript_Core/runtime/JSBoundFunction.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/runtime/JSBoundFunction.cpp 2015-04-16 19:15:09 UTC (rev 182899)
@@ -86,11 +86,6 @@
return function;
}
-void JSBoundFunction::destroy(JSCell* cell)
-{
- static_cast<JSBoundFunction*>(cell)->JSBoundFunction::~JSBoundFunction();
-}
-
bool JSBoundFunction::customHasInstance(JSObject* object, ExecState* exec, JSValue value)
{
return jsCast<JSBoundFunction*>(object)->m_targetFunction->hasInstance(exec, value);
Modified: trunk/Source/_javascript_Core/runtime/JSBoundFunction.h (182898 => 182899)
--- trunk/Source/_javascript_Core/runtime/JSBoundFunction.h 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/runtime/JSBoundFunction.h 2015-04-16 19:15:09 UTC (rev 182899)
@@ -40,8 +40,6 @@
static JSBoundFunction* create(VM&, JSGlobalObject*, JSObject* targetFunction, JSValue boundThis, JSValue boundArgs, int, const String&);
- static void destroy(JSCell*);
-
static bool customHasInstance(JSObject*, ExecState*, JSValue);
JSObject* targetFunction() { return m_targetFunction.get(); }
Modified: trunk/Source/_javascript_Core/runtime/JSCallee.cpp (182898 => 182899)
--- trunk/Source/_javascript_Core/runtime/JSCallee.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/runtime/JSCallee.cpp 2015-04-16 19:15:09 UTC (rev 182899)
@@ -39,11 +39,6 @@
const ClassInfo JSCallee::s_info = { "Callee", &Base::s_info, 0, CREATE_METHOD_TABLE(JSCallee) };
-void JSCallee::destroy(JSCell* cell)
-{
- static_cast<JSCallee*>(cell)->JSCallee::~JSCallee();
-}
-
JSCallee::JSCallee(VM& vm, JSGlobalObject* globalObject, Structure* structure)
: Base(vm, structure)
, m_scope(vm, this, globalObject)
Modified: trunk/Source/_javascript_Core/runtime/JSCallee.h (182898 => 182899)
--- trunk/Source/_javascript_Core/runtime/JSCallee.h 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/runtime/JSCallee.h 2015-04-16 19:15:09 UTC (rev 182899)
@@ -26,8 +26,8 @@
#ifndef JSCallee_h
#define JSCallee_h
-#include "JSDestructibleObject.h"
#include "JSGlobalObject.h"
+#include "JSObject.h"
#include "JSScope.h"
namespace JSC {
@@ -36,7 +36,7 @@
class LLIntOffsetsExtractor;
-class JSCallee : public JSDestructibleObject {
+class JSCallee : public JSNonFinalObject {
friend class JIT;
#if ENABLE(DFG_JIT)
friend class DFG::SpeculativeJIT;
@@ -45,7 +45,7 @@
friend class VM;
public:
- typedef JSDestructibleObject Base;
+ typedef JSNonFinalObject Base;
const static unsigned StructureFlags = Base::StructureFlags | ImplementsHasInstance;
static JSCallee* create(VM& vm, JSGlobalObject* globalObject, JSScope* scope)
@@ -55,8 +55,6 @@
return callee;
}
- static void destroy(JSCell*);
-
JSScope* scope()
{
return m_scope.get();
Modified: trunk/Source/_javascript_Core/runtime/JSFunction.cpp (182898 => 182899)
--- trunk/Source/_javascript_Core/runtime/JSFunction.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/runtime/JSFunction.cpp 2015-04-16 19:15:09 UTC (rev 182899)
@@ -85,24 +85,9 @@
return function;
}
-void JSFunction::destroy(JSCell* cell)
-{
- static_cast<JSFunction*>(cell)->JSFunction::~JSFunction();
-}
-
JSFunction::JSFunction(VM& vm, JSGlobalObject* globalObject, Structure* structure)
: Base(vm, globalObject, structure)
, m_executable()
- // We initialize blind so that changes to the prototype after function creation but before
- // the optimizer kicks in don't disable optimizations. Once the optimizer kicks in, the
- // watchpoint will start watching and any changes will both force deoptimization and disable
- // future attempts to optimize. This is necessary because we are guaranteed that the
- // allocation profile is changed exactly once prior to optimizations kicking in. We could be
- // smarter and count the number of times the prototype is clobbered and only optimize if it
- // was clobbered exactly once, but that seems like overkill. In almost all cases it will be
- // clobbered once, and if it's clobbered more than once, that will probably only occur
- // before we started optimizing, anyway.
- , m_allocationProfileWatchpoint(ClearWatchpoint)
{
}
@@ -123,14 +108,15 @@
return function;
}
-ObjectAllocationProfile* JSFunction::createAllocationProfile(ExecState* exec, size_t inlineCapacity)
+FunctionRareData* JSFunction::createRareData(ExecState* exec, size_t inlineCapacity)
{
VM& vm = exec->vm();
JSObject* prototype = jsDynamicCast<JSObject*>(get(exec, vm.propertyNames->prototype));
if (!prototype)
prototype = globalObject()->objectPrototype();
- m_allocationProfile.initialize(globalObject()->vm(), this, prototype, inlineCapacity);
- return &m_allocationProfile;
+ FunctionRareData* rareData = FunctionRareData::create(vm, prototype, inlineCapacity);
+ m_rareData.set(vm, this, rareData);
+ return m_rareData.get();
}
String JSFunction::name(ExecState* exec)
@@ -176,7 +162,8 @@
Base::visitChildren(thisObject, visitor);
visitor.append(&thisObject->m_executable);
- thisObject->m_allocationProfile.visitAggregate(visitor);
+ if (thisObject->m_rareData)
+ visitor.append(&thisObject->m_rareData);
}
CallType JSFunction::getCallData(JSCell* cell, CallData& callData)
@@ -402,9 +389,11 @@
// following the rules set out in ECMA-262 8.12.9.
PropertySlot slot(thisObject);
thisObject->methodTable(exec->vm())->getOwnPropertySlot(thisObject, exec, propertyName, slot);
- thisObject->m_allocationProfile.clear();
- thisObject->m_allocationProfileWatchpoint.fireAll("Store to prototype property of a function");
- // Don't allow this to be cached, since a [[Put]] must clear m_allocationProfile.
+ if (thisObject->m_rareData) {
+ thisObject->m_rareData->allocationProfileWatchpointSet().fireAll("Store to prototype property of a function");
+ thisObject->m_rareData.clear();
+ }
+ // Don't allow this to be cached, since a [[Put]] must clear m_rareData.
PutPropertySlot dontCache(thisObject);
Base::put(thisObject, exec, propertyName, value, dontCache);
return;
@@ -449,8 +438,10 @@
// following the rules set out in ECMA-262 8.12.9.
PropertySlot slot(thisObject);
thisObject->methodTable(exec->vm())->getOwnPropertySlot(thisObject, exec, propertyName, slot);
- thisObject->m_allocationProfile.clear();
- thisObject->m_allocationProfileWatchpoint.fireAll("Store to prototype property of a function");
+ if (thisObject->m_rareData) {
+ thisObject->m_rareData->allocationProfileWatchpointSet().fireAll("Store to prototype property of a function");
+ thisObject->m_rareData.clear();
+ }
return Base::defineOwnProperty(object, exec, propertyName, descriptor, throwException);
}
Modified: trunk/Source/_javascript_Core/runtime/JSFunction.h (182898 => 182899)
--- trunk/Source/_javascript_Core/runtime/JSFunction.h 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/runtime/JSFunction.h 2015-04-16 19:15:09 UTC (rev 182899)
@@ -24,10 +24,10 @@
#ifndef JSFunction_h
#define JSFunction_h
+#include "FunctionRareData.h"
#include "InternalFunction.h"
#include "JSCallee.h"
#include "JSScope.h"
-#include "ObjectAllocationProfile.h"
#include "Watchpoint.h"
namespace JSC {
@@ -48,7 +48,7 @@
JS_EXPORT_PRIVATE EncodedJSValue JSC_HOST_CALL callHostFunctionAsConstructor(ExecState*);
JS_EXPORT_PRIVATE String getCalculatedDisplayName(CallFrame*, JSObject*);
-
+
class JSFunction : public JSCallee {
friend class JIT;
friend class DFG::SpeculativeJIT;
@@ -67,8 +67,6 @@
static JSFunction* createBuiltinFunction(VM&, FunctionExecutable*, JSGlobalObject*);
- static void destroy(JSCell*);
-
JS_EXPORT_PRIVATE String name(ExecState*);
JS_EXPORT_PRIVATE String displayName(ExecState*);
const String calculatedDisplayName(ExecState*);
@@ -100,23 +98,28 @@
return OBJECT_OFFSETOF(JSFunction, m_executable);
}
- static inline ptrdiff_t offsetOfAllocationProfile()
+ static inline ptrdiff_t offsetOfRareData()
{
- return OBJECT_OFFSETOF(JSFunction, m_allocationProfile);
+ return OBJECT_OFFSETOF(JSFunction, m_rareData);
}
- ObjectAllocationProfile* allocationProfile(ExecState* exec, unsigned inlineCapacity)
+ FunctionRareData* rareData(ExecState* exec, unsigned inlineCapacity)
{
- if (UNLIKELY(m_allocationProfile.isNull()))
- return createAllocationProfile(exec, inlineCapacity);
- return &m_allocationProfile;
+ if (UNLIKELY(!m_rareData))
+ return createRareData(exec, inlineCapacity);
+ return m_rareData.get();
}
- Structure* allocationStructure() { return m_allocationProfile.structure(); }
+ Structure* allocationStructure()
+ {
+ ASSERT(m_rareData);
+ return m_rareData.get()->allocationStructure();
+ }
InlineWatchpointSet& allocationProfileWatchpointSet()
{
- return m_allocationProfileWatchpoint;
+ ASSERT(m_rareData);
+ return m_rareData.get()->allocationProfileWatchpointSet();
}
bool isHostOrBuiltinFunction() const;
@@ -131,7 +134,7 @@
void finishCreation(VM&, NativeExecutable*, int length, const String& name);
using Base::finishCreation;
- ObjectAllocationProfile* createAllocationProfile(ExecState*, size_t inlineCapacity);
+ FunctionRareData* createRareData(ExecState*, size_t inlineCapacity);
static bool getOwnPropertySlot(JSObject*, ExecState*, PropertyName, PropertySlot&);
static void getOwnNonIndexPropertyNames(JSObject*, ExecState*, PropertyNameArray&, EnumerationMode = EnumerationMode());
@@ -160,8 +163,7 @@
static EncodedJSValue nameGetter(ExecState*, JSObject*, EncodedJSValue, PropertyName);
WriteBarrier<ExecutableBase> m_executable;
- ObjectAllocationProfile m_allocationProfile;
- InlineWatchpointSet m_allocationProfileWatchpoint;
+ WriteBarrier<FunctionRareData> m_rareData;
};
} // namespace JSC
Modified: trunk/Source/_javascript_Core/runtime/JSFunctionInlines.h (182898 => 182899)
--- trunk/Source/_javascript_Core/runtime/JSFunctionInlines.h 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/runtime/JSFunctionInlines.h 2015-04-16 19:15:09 UTC (rev 182899)
@@ -41,7 +41,7 @@
inline JSFunction::JSFunction(VM& vm, FunctionExecutable* executable, JSScope* scope)
: Base(vm, scope, scope->globalObject()->functionStructure())
, m_executable(vm, this, executable)
- , m_allocationProfileWatchpoint(ClearWatchpoint) // See comment in JSFunction.cpp concerning the reason for using ClearWatchpoint as opposed to IsWatched.
+ , m_rareData()
{
}
Modified: trunk/Source/_javascript_Core/runtime/VM.cpp (182898 => 182899)
--- trunk/Source/_javascript_Core/runtime/VM.cpp 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/runtime/VM.cpp 2015-04-16 19:15:09 UTC (rev 182899)
@@ -231,6 +231,7 @@
propertyTableStructure.set(*this, PropertyTable::createStructure(*this, 0, jsNull()));
weakMapDataStructure.set(*this, WeakMapData::createStructure(*this, 0, jsNull()));
inferredValueStructure.set(*this, InferredValue::createStructure(*this, 0, jsNull()));
+ functionRareDataStructure.set(*this, FunctionRareData::createStructure(*this, 0, jsNull()));
#if ENABLE(PROMISES)
promiseDeferredStructure.set(*this, JSPromiseDeferred::createStructure(*this, 0, jsNull()));
promiseReactionStructure.set(*this, JSPromiseReaction::createStructure(*this, 0, jsNull()));
Modified: trunk/Source/_javascript_Core/runtime/VM.h (182898 => 182899)
--- trunk/Source/_javascript_Core/runtime/VM.h 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/Source/_javascript_Core/runtime/VM.h 2015-04-16 19:15:09 UTC (rev 182899)
@@ -271,6 +271,7 @@
Strong<Structure> propertyTableStructure;
Strong<Structure> weakMapDataStructure;
Strong<Structure> inferredValueStructure;
+ Strong<Structure> functionRareDataStructure;
#if ENABLE(PROMISES)
Strong<Structure> promiseDeferredStructure;
Strong<Structure> promiseReactionStructure;
Modified: trunk/WebKit.xcworkspace/contents.xcworkspacedata (182898 => 182899)
--- trunk/WebKit.xcworkspace/contents.xcworkspacedata 2015-04-16 18:47:53 UTC (rev 182898)
+++ trunk/WebKit.xcworkspace/contents.xcworkspacedata 2015-04-16 19:15:09 UTC (rev 182899)
@@ -2,6 +2,15 @@
<Workspace
version = "1.0">
<FileRef
+ location = "group:Source/_javascript_Core/runtime/FunctionRareData.cpp">
+ </FileRef>
+ <FileRef
+ location = "group:Source/_javascript_Core/runtime/FunctionRareData.h">
+ </FileRef>
+ <FileRef
+ location = "group:Source">
+ </FileRef>
+ <FileRef
location = "group:Source/bmalloc/bmalloc.xcodeproj">
</FileRef>
<FileRef
