Bug 182804 - We should be able to jsDynamicCast from JSType when possible
Summary: We should be able to jsDynamicCast from JSType when possible
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Keith Miller
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2018-02-14 12:58 PST by Keith Miller
Modified: 2018-02-14 18:09 PST (History)
7 users (show)

See Also:

Attachments
WIP (36.42 KB, patch)
2018-02-14 12:59 PST, Keith Miller 		no flags Details | Formatted Diff | Diff
Patch (39.72 KB, patch)
2018-02-14 15:11 PST, Keith Miller 		no flags Details | Formatted Diff | Diff
Patch (39.76 KB, patch)
2018-02-14 15:42 PST, Keith Miller 		no flags Details | Formatted Diff | Diff
Patch (40.46 KB, patch)
2018-02-14 16:31 PST, Keith Miller 		no flags Details | Formatted Diff | Diff
Patch for landing (40.67 KB, patch)
2018-02-14 16:45 PST, Keith Miller 		no flags Details | Formatted Diff | Diff
Patch for landing (41.40 KB, patch)
2018-02-14 17:21 PST, Keith Miller 		no flags Details | Formatted Diff | Diff
Show Obsolete (5) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Keith Miller 2018-02-14 12:58:13 PST 
We should be able to jsDynamicCast from JSType when possible
Comment 1 Keith Miller 2018-02-14 12:59:27 PST 
Created attachment 333832 [details]
WIP
Comment 2 Keith Miller 2018-02-14 15:11:26 PST 
Created attachment 333851 [details]
Patch
Comment 3 EWS Watchlist 2018-02-14 15:13:13 PST 
Attachment 333851 [details] did not pass style-queue:


ERROR: Source/JavaScriptCore/runtime/JSCast.h:36:  Please replace ASSERT_WITH_SECURITY_IMPLICATION() with RELEASE_ASSERT_WITH_SECURITY_IMPLICATION().  [security/assertion] [5]
ERROR: Source/JavaScriptCore/runtime/JSCast.h:44:  Please replace ASSERT_WITH_SECURITY_IMPLICATION() with RELEASE_ASSERT_WITH_SECURITY_IMPLICATION().  [security/assertion] [5]
ERROR: Source/JavaScriptCore/runtime/JSCast.h:109:  More than one command on the same line  [whitespace/newline] [4]
Total errors found: 3 in 53 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 4 Keith Miller 2018-02-14 15:42:35 PST 
Created attachment 333853 [details]
Patch
Comment 5 Mark Lam 2018-02-14 15:43:08 PST 
Comment on attachment 333851 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=333851&action=review

r=me me with build fixes.  You probably have to fix some #includes in WebCore and CodeGeneratorJS.pm.

> Source/JavaScriptCore/runtime/JSCast.h:35
> +    static_assert(std::is_base_of<JSCell, typename std::remove_pointer<To>::type>::value && std::is_base_of<JSCell, typename std::remove_pointer<From>::type>::value, "JS casting expects that the types you are casting to/from are subclasses of JSCells");

I suggest /JSCells/JSCell/.  No need for plural because there is only one JSCell class that these are subclasses of.

> Source/JavaScriptCore/runtime/JSCast.h:58
> +#define FORWARD_DECLARE_OVERLOAD_CLASS(className, jsType, op) class className;

I recommend you replace /jsType/unused1/ and /op/unused2/.  "op" is what caught my eye because the value passed in there is no some sort of op.

> Source/JavaScriptCore/runtime/JSCast.h:68
> +    static_assert(std::is_base_of<JSCell, typename std::remove_pointer<To>::type>::value && std::is_base_of<JSCell, typename std::remove_pointer<From>::type>::value, "JS casting expects that the types you are casting to/from are subclasses of JSCells");

Ditto /JSCells/JSCell/.

> Source/JavaScriptCore/runtime/JSCast.h:109
> +    return Dispatcher::template cast<To>(vm, from);;

Remove extra semicolon.

> Source/JavaScriptCore/runtime/JSFunction.cpp:110
>      ASSERT(inherits(vm, info()));
> +    ASSERT(jsDynamicCast<JSFunction*>(vm, this));

These 2 asserts are redundant.  I suggest removing the inherits one since the jsDynamicCast is clearer to read.
Comment 6 EWS Watchlist 2018-02-14 15:44:23 PST 
Attachment 333853 [details] did not pass style-queue:


ERROR: Source/JavaScriptCore/runtime/JSCast.h:36:  Please replace ASSERT_WITH_SECURITY_IMPLICATION() with RELEASE_ASSERT_WITH_SECURITY_IMPLICATION().  [security/assertion] [5]
ERROR: Source/JavaScriptCore/runtime/JSCast.h:44:  Please replace ASSERT_WITH_SECURITY_IMPLICATION() with RELEASE_ASSERT_WITH_SECURITY_IMPLICATION().  [security/assertion] [5]
ERROR: Source/JavaScriptCore/runtime/JSCast.h:109:  More than one command on the same line  [whitespace/newline] [4]
Total errors found: 3 in 53 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 7 Mark Lam 2018-02-14 15:44:45 PST 
Comment on attachment 333853 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=333853&action=review

> Source/JavaScriptCore/runtime/InternalFunction.cpp:51
>      ASSERT(inherits(vm, info()));

Can remove this.  It's now redundant.

> Source/JavaScriptCore/runtime/JSFunction.cpp:109
>      ASSERT(inherits(vm, info()));

Remove.  redundant.

> Source/JavaScriptCore/runtime/JSObject.h:880
>          ASSERT(inherits(vm, info()));

Remove.  Redundant.
Comment 8 Filip Pizlo 2018-02-14 15:46:39 PST 
Comment on attachment 333853 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=333853&action=review

r=me assuming you put out the bot fire.

> Source/JavaScriptCore/ChangeLog:10
> +        This patch beefs up jsDynamicCast in some of the cases where we
> +        can use the JSType to quickly determine if a cell is a subclass of
> +        the desired type.

you should say more about the mechanism, like the type range check.
Comment 9 Keith Miller 2018-02-14 16:31:05 PST 
Created attachment 333858 [details]
Patch
Comment 10 EWS Watchlist 2018-02-14 16:32:34 PST 
Attachment 333858 [details] did not pass style-queue:


ERROR: Source/JavaScriptCore/runtime/JSCast.h:36:  Please replace ASSERT_WITH_SECURITY_IMPLICATION() with RELEASE_ASSERT_WITH_SECURITY_IMPLICATION().  [security/assertion] [5]
ERROR: Source/JavaScriptCore/runtime/JSCast.h:44:  Please replace ASSERT_WITH_SECURITY_IMPLICATION() with RELEASE_ASSERT_WITH_SECURITY_IMPLICATION().  [security/assertion] [5]
Total errors found: 2 in 54 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 11 Keith Miller 2018-02-14 16:45:01 PST 
Created attachment 333861 [details]
Patch for landing
Comment 12 Mark Lam 2018-02-14 16:57:04 PST 
Comment on attachment 333861 [details]
Patch for landing

View in context: https://bugs.webkit.org/attachment.cgi?id=333861&action=review

> Source/JavaScriptCore/runtime/JSCast.h:35
> +    static_assert(std::is_base_of<JSCell, typename std::remove_pointer<To>::type>::value && std::is_base_of<JSCell, typename std::remove_pointer<From>::type>::value, "JS casting expects that the types you are casting to/from are subclasses of JSCells");

JSCells?
Comment 13 Saam Barati 2018-02-14 16:58:58 PST 
Comment on attachment 333861 [details]
Patch for landing

View in context: https://bugs.webkit.org/attachment.cgi?id=333861&action=review

LGTM too

> Source/JavaScriptCore/runtime/JSCast.h:53
> +    macro(JSArray, JSType::ArrayType, JSType::DerivedArrayType) \

Might be worth a comment in JSType.h that these need to be adjacent. Or perhaps a static_assert here
Comment 14 Keith Miller 2018-02-14 17:21:12 PST 
Created attachment 333862 [details]
Patch for landing
Comment 15 WebKit Commit Bot 2018-02-14 18:08:47 PST 
Comment on attachment 333862 [details]
Patch for landing

Clearing flags on attachment: 333862

Committed r228500: <https://trac.webkit.org/changeset/228500>
Comment 16 WebKit Commit Bot 2018-02-14 18:08:48 PST 
All reviewed patches have been landed.  Closing bug.
Comment 17 Radar WebKit Bug Importer 2018-02-14 18:09:42 PST 
<rdar://problem/37556223>