Bug 178064

Summary:

[DFG] DFG should handle ArrayConstructor call for super()

Product:

WebKit

Reporter:

Yusuke Suzuki <ysuzuki>

Component:

JavaScriptCore

Assignee:

Yusuke Suzuki <ysuzuki>

Status:

NEW

Severity:

Normal

CC:

buildbot, ews-watchlist, keith_miller, mark.lam, msaboff, rniwa, saam

Priority:

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Bug Depends on:

179478, 144458, 178067

Bug Blocks:

Attachments:

Description	Flags
WIP	none
Archive of layout-test-results from ews113 for mac-elcapitan	none
Patch	none
Archive of layout-test-results from ews103 for mac-sierra	none
Archive of layout-test-results from ews107 for mac-sierra-wk2	none
Patch	none
Patch	none
Patch	none
Patch	none
Archive of layout-test-results from ews113 for mac-sierra	none
Archive of layout-test-results from ews206 for win-future	none
Patch	none

Yusuke Suzuki

Reported 2017-10-08 00:26:17 PDT

We have a class like, class Matrix4x4 extends Array { constructor() { super(4); .... } } In that case, we cannot inline super(4)'s ArrayConstructor call right now.

Attachments
WIP (44.11 KB, patch) 2017-11-11 09:26 PST, Yusuke Suzuki	no flags	Details Formatted Diff Diff
Archive of layout-test-results from ews113 for mac-elcapitan (929.17 KB, application/zip) 2017-11-11 10:23 PST, Build Bot	no flags	Details
Patch (38.75 KB, patch) 2018-04-03 07:59 PDT, Yusuke Suzuki	no flags	Details Formatted Diff Diff
Archive of layout-test-results from ews103 for mac-sierra (663.84 KB, application/zip) 2018-04-03 08:59 PDT, EWS Watchlist	no flags	Details
Archive of layout-test-results from ews107 for mac-sierra-wk2 (750.14 KB, application/zip) 2018-04-03 09:02 PDT, EWS Watchlist	no flags	Details
Patch (44.03 KB, patch) 2018-04-03 09:04 PDT, Yusuke Suzuki	no flags	Details Formatted Diff Diff
Patch (45.71 KB, patch) 2018-04-03 10:56 PDT, Yusuke Suzuki	no flags	Details Formatted Diff Diff
Patch (45.71 KB, patch) 2018-04-03 12:33 PDT, Yusuke Suzuki	no flags	Details Formatted Diff Diff
Patch (45.71 KB, patch) 2018-04-03 12:58 PDT, Yusuke Suzuki	no flags	Details Formatted Diff Diff
Archive of layout-test-results from ews113 for mac-sierra (3.79 MB, application/zip) 2018-04-03 14:58 PDT, EWS Watchlist	no flags	Details
Archive of layout-test-results from ews206 for win-future (12.13 MB, application/zip) 2018-04-03 15:27 PDT, EWS Watchlist	no flags	Details
Patch (45.72 KB, patch) 2018-04-04 06:06 PDT, Yusuke Suzuki	no flags	Details Formatted Diff Diff
Show Obsolete (6) View All Add attachment proposed patch, testcase, etc.

Yusuke Suzuki

Comment 1 2017-10-08 00:53:21 PDT

Hopefully, we have internalFunctionAllocationStructure in FunctionRareData. That is super fine for the first step.

Yusuke Suzuki

Comment 2 2017-10-08 01:41:26 PDT

Oh, lol. Bunch of issues should be fixed. Currently, CallLinkInfo::lastSeenCallee only remember JSFunction. So InternalFunction is not recorded...

Yusuke Suzuki

Comment 3 2017-10-08 01:42:16 PDT

(In reply to Yusuke Suzuki from comment #2) > Oh, lol. Bunch of issues should be fixed. > Currently, CallLinkInfo::lastSeenCallee only remember JSFunction. So > InternalFunction is not recorded... Ah, no. lastSeenCallee itself should hold it. But CallLinkInfo::lastSeenCallee only returns JSFunction*.

Yusuke Suzuki

Comment 4 2017-10-17 05:34:26 PDT

We should remember the new.target in op_construct's CallLinkInfo. Then, we should emit NewArray etc. with this information & watchpoint.

Saam Barati

Comment 5 2017-10-17 12:14:48 PDT

I believe we'll need something like this as well when deriving from a builtin and converting to doing poly proto.

Yusuke Suzuki

Comment 6 2017-10-19 09:06:26 PDT

Added bug 144458 as dependency. InternalFunction call should be tracked.

Yusuke Suzuki

Comment 7 2017-11-11 09:26:38 PST

Created attachment 326690 [details] WIP WIP

Yusuke Suzuki

Comment 8 2017-11-11 09:50:16 PST

Since the default constructor of the derived class is constructor(...args) { super(...args); }, this becomes construct_varargs + rest/spread, and it is not well-handled in DFGByteCodeParser. After arguments elimination phase, these rest/spread becomes phantom, and ConstructVarargs becomes Construct. After that, we should lower it to NewArrayWithSize.

Build Bot

Comment 9 2017-11-11 10:23:48 PST

Comment on attachment 326690 [details] WIP Attachment 326690 [details] did not pass mac-debug-ews (mac): Output: http://webkit-queues.webkit.org/results/5192310 Number of test failures exceeded the failure limit.

Build Bot

Comment 10 2017-11-11 10:23:49 PST

Created attachment 326693 [details] Archive of layout-test-results from ews113 for mac-elcapitan The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews113 Port: mac-elcapitan Platform: Mac OS X 10.11.6

Yusuke Suzuki

Comment 11 2017-11-30 12:03:35 PST

Let's do this first while this patch does not improve ARES-6/ML directly. This is because ARES-6/ML's super constructor is like this. class DerivedArray extends Array { }; Then, default constructor implementation is, constructor(...args) { super(...args); } This is not good for DFG since we cannot optimize ArrayConstructor (super) calls with varargs.

Yusuke Suzuki

Comment 12 2018-04-03 07:59:55 PDT

Created attachment 337079 [details] Patch WIP

EWS Watchlist

Comment 13 2018-04-03 08:59:26 PDT

Comment on attachment 337079 [details] Patch Attachment 337079 [details] did not pass mac-ews (mac): Output: http://webkit-queues.webkit.org/results/7193588 Number of test failures exceeded the failure limit.

EWS Watchlist

Comment 14 2018-04-03 08:59:27 PDT

Created attachment 337080 [details] Archive of layout-test-results from ews103 for mac-sierra The attached test failures were seen while running run-webkit-tests on the mac-ews. Bot: ews103 Port: mac-sierra Platform: Mac OS X 10.12.6

Saam Barati

Comment 15 2018-04-03 09:01:03 PDT

This pattern happens a bunch in ARES6 ML subtest

EWS Watchlist

Comment 16 2018-04-03 09:02:39 PDT

Comment on attachment 337079 [details] Patch Attachment 337079 [details] did not pass mac-wk2-ews (mac-wk2): Output: http://webkit-queues.webkit.org/results/7193593 Number of test failures exceeded the failure limit.

EWS Watchlist

Comment 17 2018-04-03 09:02:41 PDT

Created attachment 337081 [details] Archive of layout-test-results from ews107 for mac-sierra-wk2 The attached test failures were seen while running run-webkit-tests on the mac-wk2-ews. Bot: ews107 Port: mac-sierra-wk2 Platform: Mac OS X 10.12.6

Yusuke Suzuki

Comment 18 2018-04-03 09:04:50 PDT

Created attachment 337082 [details] Patch WIP

Yusuke Suzuki

Comment 19 2018-04-03 10:56:03 PDT

Created attachment 337089 [details] Patch WIP

Yusuke Suzuki

Comment 20 2018-04-03 12:33:47 PDT

Created attachment 337101 [details] Patch WIP

Yusuke Suzuki

Comment 21 2018-04-03 12:58:29 PDT

Created attachment 337104 [details] Patch WIP

EWS Watchlist

Comment 22 2018-04-03 14:58:47 PDT

Comment on attachment 337104 [details] Patch Attachment 337104 [details] did not pass mac-debug-ews (mac): Output: http://webkit-queues.webkit.org/results/7196513 New failing tests: imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-fetch-error.sub.html inspector/unit-tests/resource-query-controller.html imported/w3c/web-platform-tests/fetch/api/response/response-clone.html fast/canvas/webgl/array-unit-tests.html webgl/1.0.2/conformance/typedarrays/array-unit-tests.html http/wpt/fetch/request-clone.html inspector/codemirror/prettyprinting-css.html fast/canvas/webgl/webgl2-texture-upload-enums.html imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/dynamic-import/dynamic-imports-script-error.html jquery/core.html imported/w3c/web-platform-tests/streams/readable-streams/tee.dedicatedworker.html http/tests/inspector/network/resource-mime-type.html

EWS Watchlist

Comment 23 2018-04-03 14:58:49 PDT

Created attachment 337116 [details] Archive of layout-test-results from ews113 for mac-sierra The attached test failures were seen while running run-webkit-tests on the mac-debug-ews. Bot: ews113 Port: mac-sierra Platform: Mac OS X 10.12.6

EWS Watchlist

Comment 24 2018-04-03 15:27:48 PDT

Comment on attachment 337104 [details] Patch Attachment 337104 [details] did not pass win-ews (win): Output: http://webkit-queues.webkit.org/results/7196917 New failing tests: http/tests/preload/onload_event.html

EWS Watchlist

Comment 25 2018-04-03 15:27:59 PDT

Created attachment 337121 [details] Archive of layout-test-results from ews206 for win-future The attached test failures were seen while running run-webkit-tests on the win-ews. Bot: ews206 Port: win-future Platform: CYGWIN_NT-6.1-2.9.0-0.318-5-3-x86_64-64bit

Yusuke Suzuki

Comment 26 2018-04-04 06:06:52 PDT

Created attachment 337158 [details] Patch WIP

Note You need to log in before you can comment on or make changes to this bug.