X-Git-Url: https://git.saurik.com/apple/javascriptcore.git/blobdiff_plain/4be4e30906bcb8ee30b4d189205cb70bad6707ce..81345200c95645a1b0d2635520f96ad55dfde63f:/dfg/DFGWatchpointCollectionPhase.cpp

diff --git a/dfg/DFGWatchpointCollectionPhase.cpp b/dfg/DFGWatchpointCollectionPhase.cpp
new file mode 100644
index 0000000..43e1b2d
--- /dev/null
+++ b/dfg/DFGWatchpointCollectionPhase.cpp
@@ -0,0 +1,216 @@
+/*
+ * Copyright (C) 2013 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL APPLE INC. OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+ * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 
+ */
+
+#include "config.h"
+#include "DFGWatchpointCollectionPhase.h"
+
+#if ENABLE(DFG_JIT)
+
+#include "ArrayPrototype.h"
+#include "DFGClobberize.h"
+#include "DFGGraph.h"
+#include "DFGPhase.h"
+#include "JSCInlines.h"
+
+namespace JSC { namespace DFG {
+
+class WatchpointCollectionPhase : public Phase {
+    static const bool verbose = false;
+    
+public:
+    WatchpointCollectionPhase(Graph& graph)
+        : Phase(graph, "watchpoint collection")
+    {
+    }
+    
+    bool run()
+    {
+        for (BlockIndex blockIndex = m_graph.numBlocks(); blockIndex--;) {
+            BasicBlock* block = m_graph.block(blockIndex);
+            if (!block)
+                continue;
+            
+            for (unsigned nodeIndex = block->size(); nodeIndex--;) {
+                m_node = block->at(nodeIndex);
+                handle();
+            }
+        }
+        
+        return true;
+    }
+
+private:
+    void handle()
+    {
+        DFG_NODE_DO_TO_CHILDREN(m_graph, m_node, handleEdge);
+        
+        switch (m_node->op()) {
+        case CompareEqConstant:
+        case IsUndefined:
+            handleMasqueradesAsUndefined();
+            break;
+            
+        case CompareEq:
+            if (m_node->isBinaryUseKind(ObjectUse)
+                || (m_node->child1().useKind() == ObjectUse && m_node->child2().useKind() == ObjectOrOtherUse)
+                || (m_node->child1().useKind() == ObjectOrOtherUse && m_node->child2().useKind() == ObjectUse))
+                handleMasqueradesAsUndefined();
+            break;
+            
+        case LogicalNot:
+        case Branch:
+            if (m_node->child1().useKind() == ObjectOrOtherUse)
+                handleMasqueradesAsUndefined();
+            break;
+            
+        case GetByVal:
+            if (m_node->arrayMode().type() == Array::Double
+                && m_node->arrayMode().isSaneChain()) {
+                addLazily(globalObject()->arrayPrototype()->structure()->transitionWatchpointSet());
+                addLazily(globalObject()->objectPrototype()->structure()->transitionWatchpointSet());
+            }
+            
+            if (m_node->arrayMode().type() == Array::String)
+                handleStringGetByVal();
+
+            if (JSArrayBufferView* view = m_graph.tryGetFoldableViewForChild1(m_node))
+                addLazily(view);
+            break;
+            
+        case PutByVal:
+            if (JSArrayBufferView* view = m_graph.tryGetFoldableViewForChild1(m_node))
+                addLazily(view);
+            break;
+            
+        case StringCharAt:
+            handleStringGetByVal();
+            break;
+            
+        case NewArray:
+        case NewArrayWithSize:
+        case NewArrayBuffer:
+            if (!globalObject()->isHavingABadTime() && !hasAnyArrayStorage(m_node->indexingType()))
+                addLazily(globalObject()->havingABadTimeWatchpoint());
+            break;
+            
+        case AllocationProfileWatchpoint:
+            addLazily(jsCast<JSFunction*>(m_node->function())->allocationProfileWatchpointSet());
+            break;
+            
+        case StructureTransitionWatchpoint:
+            m_graph.watchpoints().addLazily(
+                m_node->origin.semantic,
+                m_node->child1()->op() == WeakJSConstant ? BadWeakConstantCacheWatchpoint : BadCacheWatchpoint,
+                m_node->structure()->transitionWatchpointSet());
+            break;
+            
+        case VariableWatchpoint:
+            addLazily(m_node->variableWatchpointSet());
+            break;
+            
+        case VarInjectionWatchpoint:
+            addLazily(globalObject()->varInjectionWatchpoint());
+            break;
+            
+        case FunctionReentryWatchpoint:
+            addLazily(m_node->symbolTable()->m_functionEnteredOnce);
+            break;
+            
+        case TypedArrayWatchpoint:
+            addLazily(m_node->typedArray());
+            break;
+            
+        default:
+            break;
+        }
+    }
+    
+    void handleEdge(Node*, Edge edge)
+    {
+        switch (edge.useKind()) {
+        case StringObjectUse:
+        case StringOrStringObjectUse: {
+            Structure* stringObjectStructure = globalObject()->stringObjectStructure();
+            Structure* stringPrototypeStructure = stringObjectStructure->storedPrototype().asCell()->structure();
+            ASSERT(m_graph.watchpoints().isValidOrMixed(stringPrototypeStructure->transitionWatchpointSet()));
+            
+            m_graph.watchpoints().addLazily(
+                m_node->origin.semantic, NotStringObject,
+                stringPrototypeStructure->transitionWatchpointSet());
+            break;
+        }
+            
+        default:
+            break;
+        }
+    }
+    
+    void handleMasqueradesAsUndefined()
+    {
+        if (m_graph.masqueradesAsUndefinedWatchpointIsStillValid(m_node->origin.semantic))
+            addLazily(globalObject()->masqueradesAsUndefinedWatchpoint());
+    }
+    
+    void handleStringGetByVal()
+    {
+        if (!m_node->arrayMode().isOutOfBounds())
+            return;
+        if (!globalObject()->stringPrototypeChainIsSane())
+            return;
+        addLazily(globalObject()->stringPrototype()->structure()->transitionWatchpointSet());
+        addLazily(globalObject()->objectPrototype()->structure()->transitionWatchpointSet());
+    }
+
+    void addLazily(WatchpointSet* set)
+    {
+        m_graph.watchpoints().addLazily(set);
+    }
+    void addLazily(InlineWatchpointSet& set)
+    {
+        m_graph.watchpoints().addLazily(set);
+    }
+    void addLazily(JSArrayBufferView* view)
+    {
+        m_graph.watchpoints().addLazily(view);
+    }
+    
+    JSGlobalObject* globalObject()
+    {
+        return m_graph.globalObjectFor(m_node->origin.semantic);
+    }
+    
+    Node* m_node;
+};
+
+bool performWatchpointCollection(Graph& graph)
+{
+    SamplingRegion samplingRegion("DFG Watchpoint Collection Phase");
+    return runPhase<WatchpointCollectionPhase>(graph);
+}
+
+} } // namespace JSC::DFG
+
+#endif // ENABLE(DFG_JIT)
+