Move Symbol API to SPI
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2018-09-25  Keith Miller  <keith_miller@apple.com>
2
3         Move Symbol API to SPI
4         https://bugs.webkit.org/show_bug.cgi?id=189946
5
6         Reviewed by Michael Saboff.
7
8         Some of the property access methods on JSValue needed to be moved
9         to a category so that SPI overloads don't result in a compiler
10         error for internal users.
11
12         Additionally, this patch does not move the new enum entry for
13         Symbols in the JSType enumeration.
14
15         * API/JSObjectRef.h:
16         * API/JSObjectRefPrivate.h:
17         * API/JSValue.h:
18         * API/JSValuePrivate.h:
19         * API/JSValueRef.h:
20
21 2018-09-26  Keith Miller  <keith_miller@apple.com>
22
23         We should zero unused property storage when rebalancing array storage.
24         https://bugs.webkit.org/show_bug.cgi?id=188151
25
26         Reviewed by Michael Saboff.
27
28         In unshiftCountSlowCase we sometimes will move property storage to the right even when net adding elements.
29         This can happen because we "balance" the pre/post-capacity in that code so we need to zero the unused
30         property storage.
31
32         * runtime/JSArray.cpp:
33         (JSC::JSArray::unshiftCountSlowCase):
34
35 2018-09-26  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
36
37         Unreviewed, add scope verification handling
38         https://bugs.webkit.org/show_bug.cgi?id=189780
39
40         * runtime/ArrayPrototype.cpp:
41         (JSC::arrayProtoFuncIndexOf):
42         (JSC::arrayProtoFuncLastIndexOf):
43
44 2018-09-26  Koby Boyango  <koby.b@mce.systems>
45
46         [JSC] offlineasm parser should handle CRLF in asm files
47         https://bugs.webkit.org/show_bug.cgi?id=189949
48
49         Reviewed by Mark Lam.
50
51         * offlineasm/parser.rb:
52
53 2018-09-20  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
54
55         [JSC] Optimize Array#lastIndexOf
56         https://bugs.webkit.org/show_bug.cgi?id=189780
57
58         Reviewed by Saam Barati.
59
60         Optimize Array#lastIndexOf as the same to Array#indexOf. We add a fast path
61         for JSArray with contiguous storage.
62
63         * runtime/ArrayPrototype.cpp:
64         (JSC::arrayProtoFuncLastIndexOf):
65
66 2018-09-25  Saam Barati  <sbarati@apple.com>
67
68         Calls to baselineCodeBlockForOriginAndBaselineCodeBlock in operationMaterializeObjectInOSR should actually pass in the baseline CodeBlock
69         https://bugs.webkit.org/show_bug.cgi?id=189940
70         <rdar://problem/43640987>
71
72         Reviewed by Mark Lam.
73
74         We were calling baselineCodeBlockForOriginAndBaselineCodeBlock with the FTL
75         CodeBlock. There is nothing semantically wrong with doing that (except for
76         poor naming), however, the poor naming here led us to make a real semantic
77         mistake. We wanted the baseline CodeBlock's constant pool, but we were
78         accessing the FTL CodeBlock's constant pool accidentally. We need to
79         access the baseline CodeBlock's constant pool when we update the NewArrayBuffer
80         constant value.
81
82         * bytecode/InlineCallFrame.h:
83         (JSC::baselineCodeBlockForOriginAndBaselineCodeBlock):
84         * ftl/FTLOperations.cpp:
85         (JSC::FTL::operationMaterializeObjectInOSR):
86
87 2018-09-25  Joseph Pecoraro  <pecoraro@apple.com>
88
89         Web Inspector: Stricter block syntax in generated ObjC protocol interfaces
90         https://bugs.webkit.org/show_bug.cgi?id=189962
91         <rdar://problem/44648287>
92
93         Reviewed by Brian Burg.
94
95         * inspector/scripts/codegen/generate_objc_header.py:
96         (ObjCHeaderGenerator._callback_block_for_command):
97         If there are no return parameters include "void" in the block signature.
98
99         * inspector/scripts/tests/all/expected/definitions-with-mac-platform.json-result:
100         * inspector/scripts/tests/generic/expected/domain-availability.json-result:
101         * inspector/scripts/tests/generic/expected/domains-with-varying-command-sizes.json-result:
102         * inspector/scripts/tests/generic/expected/generate-domains-with-feature-guards.json-result:
103         * inspector/scripts/tests/generic/expected/worker-supported-domains.json-result:
104         * inspector/scripts/tests/mac/expected/definitions-with-mac-platform.json-result:
105         Rebaseline test results.
106
107 2018-09-24  Joseph Pecoraro  <pecoraro@apple.com>
108
109         Remove AUTHORS and THANKS files which are stale
110         https://bugs.webkit.org/show_bug.cgi?id=189941
111
112         Reviewed by Darin Adler.
113
114         Included mentions below so their names are still in ChangeLogs.
115
116         * AUTHORS: Removed.
117         Harri Porten (porten@kde.org) and Peter Kelly (pmk@post.com).
118         These authors remain mentioned in copyrights in source files.
119
120         * THANKS: Removed.
121         Richard Moore <rich@kde.org> - for filling the Math object with some life
122         Daegeun Lee <realking@mizi.com> - for pointing out some bugs and providing much code for the String and Date object.
123         Marco Pinelli <pinmc@libero.it> - for his patches
124         Christian Kirsch <ck@held.mind.de> - for his contribution to the Date object
125         
126 2018-09-24  Fujii Hironori  <Hironori.Fujii@sony.com>
127
128         Rename WTF_COMPILER_GCC_OR_CLANG to WTF_COMPILER_GCC_COMPATIBLE
129         https://bugs.webkit.org/show_bug.cgi?id=189733
130
131         Reviewed by Michael Catanzaro.
132
133         * assembler/ARM64Assembler.h:
134         * assembler/ARMAssembler.h:
135         (JSC::ARMAssembler::cacheFlush):
136         * assembler/MacroAssemblerARM.cpp:
137         (JSC::isVFPPresent):
138         * assembler/MacroAssemblerARM64.cpp:
139         * assembler/MacroAssemblerARMv7.cpp:
140         * assembler/MacroAssemblerMIPS.cpp:
141         * assembler/MacroAssemblerX86Common.cpp:
142         * heap/HeapCell.cpp:
143         * heap/HeapCell.h:
144         * jit/HostCallReturnValue.h:
145         * jit/JIT.h:
146         * jit/JITOperations.cpp:
147         * jit/ThunkGenerators.cpp:
148         * runtime/ArrayConventions.cpp:
149         (JSC::clearArrayMemset):
150         * runtime/JSBigInt.cpp:
151         (JSC::JSBigInt::digitDiv):
152
153 2018-09-24  Saam Barati  <sbarati@apple.com>
154
155         Array.prototype.indexOf fast path needs to ensure the length is still valid after performing effects
156         https://bugs.webkit.org/show_bug.cgi?id=189922
157         <rdar://problem/44651275>
158
159         Reviewed by Mark Lam.
160
161         The implementation was first getting the length to iterate up to,
162         then getting the starting index. However, getting the starting
163         index may perform effects. e.g, it could change the length of the
164         array. This changes it so we verify the length is still valid.
165
166         * runtime/ArrayPrototype.cpp:
167         (JSC::arrayProtoFuncIndexOf):
168
169 2018-09-24  Tadeu Zagallo  <tzagallo@apple.com>
170
171         offlineasm: fix macro scoping
172         https://bugs.webkit.org/show_bug.cgi?id=189902
173
174         Reviewed by Mark Lam.
175
176         In the code below, the reference to `f` in `g`, which should refer to
177         the outer macro definition will instead refer to the f argument of the
178         anonymous macro passed to `g`. That leads to this code failing to
179         compile (f expected 0 args but got 1).
180         
181         ```
182         macro f(x)
183             move x, t0
184         end
185         
186         macro g(fn)
187             fn(macro () f(42) end)
188         end
189         
190         g(macro(f) f() end)
191         ```
192
193         * offlineasm/ast.rb:
194         * offlineasm/transform.rb:
195
196 2018-09-24  Tadeu Zagallo  <tzagallo@apple.com>
197
198         Add forEach method for iterating CodeBlock's ValueProfiles
199         https://bugs.webkit.org/show_bug.cgi?id=189897
200
201         Reviewed by Mark Lam.
202
203         Add method to abstract how we find ValueProfiles in a CodeBlock in
204         preparation for https://bugs.webkit.org/show_bug.cgi?id=189785, when
205         ValueProfiles will be stored in the MetadataTable.
206
207         * bytecode/CodeBlock.cpp:
208         (JSC::CodeBlock::updateAllPredictionsAndCountLiveness):
209         (JSC::CodeBlock::updateAllValueProfilePredictions):
210         (JSC::CodeBlock::shouldOptimizeNow):
211         (JSC::CodeBlock::dumpValueProfiles):
212         * bytecode/CodeBlock.h:
213         (JSC::CodeBlock::forEachValueProfile):
214         (JSC::CodeBlock::numberOfArgumentValueProfiles):
215         (JSC::CodeBlock::valueProfileForArgument):
216         (JSC::CodeBlock::numberOfValueProfiles):
217         (JSC::CodeBlock::valueProfile):
218         (JSC::CodeBlock::totalNumberOfValueProfiles): Deleted.
219         (JSC::CodeBlock::getFromAllValueProfiles): Deleted.
220         * tools/HeapVerifier.cpp:
221         (JSC::HeapVerifier::validateJSCell):
222
223 2018-09-24  Saam barati  <sbarati@apple.com>
224
225         ArgumentsEliminationPhase should snip basic blocks after proven OSR exits
226         https://bugs.webkit.org/show_bug.cgi?id=189682
227         <rdar://problem/43557315>
228
229         Reviewed by Mark Lam.
230
231         Otherwise, if we have code like this:
232         ```
233         a: Arguments
234         b: GetButterfly(@a)
235         c: ForceExit
236         d: GetArrayLength(@a, @b)
237         ```
238         it will get transformed into this invalid DFG IR:
239         ```
240         a: PhantomArguments
241         b: Check(@a)
242         c: ForceExit
243         d: GetArrayLength(@a, @b)
244         ```
245         
246         And we will fail DFG validation since @b does not have a result.
247         
248         The fix is to just remove all nodes after the ForceExit and plant an
249         Unreachable after it. So the above code program will now turn into this:
250         ```
251         a: PhantomArguments
252         b: Check(@a)
253         c: ForceExit
254         e: Unreachable
255         ```
256
257         * dfg/DFGArgumentsEliminationPhase.cpp:
258
259 2018-09-22  Saam barati  <sbarati@apple.com>
260
261         The sampling should not use Strong<CodeBlock> in its machineLocation field
262         https://bugs.webkit.org/show_bug.cgi?id=189319
263
264         Reviewed by Filip Pizlo.
265
266         The sampling profiler has a CLI mode where we gather information about inline
267         call frames. That data structure was using a Strong<CodeBlock>. We were
268         constructing this Strong<CodeBlock> during GC concurrently to processing all
269         the Strong handles. This is a bug since we end up corrupting that data
270         structure. This patch fixes this by just making this data structure use the
271         sampling profiler's mechanism for holding onto and properly visiting heap pointers.
272
273         * inspector/agents/InspectorScriptProfilerAgent.cpp:
274         (Inspector::InspectorScriptProfilerAgent::trackingComplete):
275         * runtime/SamplingProfiler.cpp:
276         (JSC::SamplingProfiler::processUnverifiedStackTraces):
277
278         (JSC::SamplingProfiler::reportTopFunctions):
279         (JSC::SamplingProfiler::reportTopBytecodes):
280         These CLI helpers needed a DeferGC otherwise we may end up deadlocking when we
281         cause a GC to happen while already holding the sampling profiler's
282         lock.
283
284 2018-09-21  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
285
286         [JSC] Enable LLInt ASM interpreter on X64 and ARM64 in non JIT configuration
287         https://bugs.webkit.org/show_bug.cgi?id=189778
288
289         Reviewed by Keith Miller.
290
291         LLInt ASM interpreter is 2x and 15% faster than CLoop interpreter on
292         Linux and macOS respectively. We would like to enable it for non JIT
293         configurations in X86_64 and ARM64.
294
295         This patch enables LLInt for non JIT builds in X86_64 and ARM64 architectures.
296         Previously, we switch LLInt ASM interpreter and CLoop by using ENABLE(JIT)
297         configuration. But it is wrong in the new scenario since we have a build
298         configuration that uses LLInt ASM interpreter and JIT is disabled. We introduce
299         ENABLE(C_LOOP) option, which represents that we use CLoop. And we replace
300         ENABLE(JIT) with ENABLE(C_LOOP) if the previous ENABLE(JIT) is essentially just
301         related to LLInt ASM interpreter and not related to JIT.
302
303         We also replace some ENABLE(JIT) configurations with ENABLE(ASSEMBLER).
304         ENABLE(ASSEMBLER) is now enabled even if we disable JIT since MacroAssembler
305         has machine register information that is used in LLInt ASM interpreter.
306
307         * API/tests/PingPongStackOverflowTest.cpp:
308         (testPingPongStackOverflow):
309         * CMakeLists.txt:
310         * JavaScriptCore.xcodeproj/project.pbxproj:
311         * assembler/MaxFrameExtentForSlowPathCall.h:
312         * bytecode/CallReturnOffsetToBytecodeOffset.h: Removed. It is no longer used.
313         * bytecode/CodeBlock.cpp:
314         (JSC::CodeBlock::finishCreation):
315         * bytecode/CodeBlock.h:
316         (JSC::CodeBlock::calleeSaveRegisters const):
317         (JSC::CodeBlock::numberOfLLIntBaselineCalleeSaveRegisters):
318         (JSC::CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters):
319         (JSC::CodeBlock::calleeSaveSpaceAsVirtualRegisters):
320         * bytecode/Opcode.h:
321         (JSC::padOpcodeName):
322         * heap/Heap.cpp:
323         (JSC::Heap::gatherJSStackRoots):
324         (JSC::Heap::stopThePeriphery):
325         * interpreter/CLoopStack.cpp:
326         * interpreter/CLoopStack.h:
327         * interpreter/CLoopStackInlines.h:
328         * interpreter/EntryFrame.h:
329         * interpreter/Interpreter.cpp:
330         (JSC::Interpreter::Interpreter):
331         (JSC::UnwindFunctor::copyCalleeSavesToEntryFrameCalleeSavesBuffer const):
332         * interpreter/Interpreter.h:
333         * interpreter/StackVisitor.cpp:
334         (JSC::StackVisitor::Frame::calleeSaveRegisters):
335         * interpreter/VMEntryRecord.h:
336         * jit/ExecutableAllocator.h:
337         * jit/FPRInfo.h:
338         (WTF::printInternal):
339         * jit/GPRInfo.cpp:
340         * jit/GPRInfo.h:
341         (WTF::printInternal):
342         * jit/HostCallReturnValue.cpp:
343         (JSC::getHostCallReturnValueWithExecState): Moved. They are used in LLInt ASM interpreter too.
344         * jit/HostCallReturnValue.h:
345         * jit/JITOperations.cpp:
346         (JSC::getHostCallReturnValueWithExecState): Deleted.
347         * jit/JITOperationsMSVC64.cpp:
348         * jit/Reg.cpp:
349         * jit/Reg.h:
350         * jit/RegisterAtOffset.cpp:
351         * jit/RegisterAtOffset.h:
352         * jit/RegisterAtOffsetList.cpp:
353         * jit/RegisterAtOffsetList.h:
354         * jit/RegisterMap.h:
355         * jit/RegisterSet.cpp:
356         * jit/RegisterSet.h:
357         * jit/TempRegisterSet.cpp:
358         * jit/TempRegisterSet.h:
359         * llint/LLIntCLoop.cpp:
360         * llint/LLIntCLoop.h:
361         * llint/LLIntData.cpp:
362         (JSC::LLInt::initialize):
363         (JSC::LLInt::Data::performAssertions):
364         * llint/LLIntData.h:
365         * llint/LLIntOfflineAsmConfig.h:
366         * llint/LLIntOpcode.h:
367         * llint/LLIntPCRanges.h:
368         * llint/LLIntSlowPaths.cpp:
369         (JSC::LLInt::LLINT_SLOW_PATH_DECL):
370         * llint/LLIntSlowPaths.h:
371         * llint/LLIntThunks.cpp:
372         * llint/LowLevelInterpreter.cpp:
373         * llint/LowLevelInterpreter.h:
374         * runtime/JSCJSValue.h:
375         * runtime/MachineContext.h:
376         * runtime/SamplingProfiler.cpp:
377         (JSC::SamplingProfiler::processUnverifiedStackTraces): Enable SamplingProfiler
378         for LLInt ASM interpreter with non JIT configuration.
379         * runtime/TestRunnerUtils.cpp:
380         (JSC::optimizeNextInvocation):
381         * runtime/VM.cpp:
382         (JSC::VM::VM):
383         (JSC::VM::getHostFunction):
384         (JSC::VM::updateSoftReservedZoneSize):
385         (JSC::sanitizeStackForVM):
386         (JSC::VM::committedStackByteCount):
387         * runtime/VM.h:
388         * runtime/VMInlines.h:
389         (JSC::VM::ensureStackCapacityFor):
390         (JSC::VM::isSafeToRecurseSoft const):
391
392 2018-09-21  Keith Miller  <keith_miller@apple.com>
393
394         Add Promise SPI
395         https://bugs.webkit.org/show_bug.cgi?id=189809
396
397         Reviewed by Saam Barati.
398
399         The Patch adds new SPI to create promises. It's mostly SPI because
400         I want to see how internal users react to it before we make it
401         public.
402
403         This patch adds a couple of new Obj-C SPI methods. The first
404         creates a new promise using the same API that JS does where the
405         user provides an executor callback. If an exception is raised
406         in/to that callback the promise is automagically rejected. The
407         other methods create a pre-resolved or rejected promise as this
408         appears to be a common way to initialize a promise.
409
410         I was also considering adding a second version of executor API
411         where it would catch specific Obj-C exceptions. This would work by
412         taking a Class paramter and checking isKindOfClass: on the
413         exception. I decided against this as nothing else in our API
414         handles Obj-C exceptions. I'm pretty sure the VM will end up in a
415         corrupt state if an Obj-C exception unwinds through JS frames.
416
417         This patch adds a new C function that will create a "deferred"
418         promise. A deferred promise is a style of creating promise/futures
419         where the resolve and reject functions are passed as outputs of a
420         function. I went with this style for the C SPI because we don't have
421         any concept of forwarding exceptions in the C API.
422
423         In order to make the C API work I refactored a bit of the promise code
424         so that we can call a static method on JSDeferredPromise and just get
425         the components without allocating an extra cell wrapper.
426
427         * API/JSContext.mm:
428         (+[JSContext currentCallee]):
429         * API/JSObjectRef.cpp:
430         (JSObjectMakeDeferredPromise):
431         * API/JSObjectRefPrivate.h:
432         * API/JSValue.mm:
433         (+[JSValue valueWithNewPromiseInContext:fromExecutor:]):
434         (+[JSValue valueWithNewPromiseResolvedWithResult:inContext:]):
435         (+[JSValue valueWithNewPromiseRejectedWithReason:inContext:]):
436         * API/JSValuePrivate.h: Added.
437         * API/JSVirtualMachine.mm:
438         * API/JSVirtualMachinePrivate.h:
439         * API/tests/testapi.c:
440         (main):
441         * API/tests/testapi.cpp:
442         (APIContext::operator JSC::ExecState*):
443         (TestAPI::failed const):
444         (TestAPI::check):
445         (TestAPI::basicSymbol):
446         (TestAPI::symbolsTypeof):
447         (TestAPI::symbolsGetPropertyForKey):
448         (TestAPI::symbolsSetPropertyForKey):
449         (TestAPI::symbolsHasPropertyForKey):
450         (TestAPI::symbolsDeletePropertyForKey):
451         (TestAPI::promiseResolveTrue):
452         (TestAPI::promiseRejectTrue):
453         (testCAPIViaCpp):
454         (TestAPI::run): Deleted.
455         * API/tests/testapi.mm:
456         (testObjectiveCAPIMain):
457         (promiseWithExecutor):
458         (promiseRejectOnJSException):
459         (promiseCreateResolved):
460         (promiseCreateRejected):
461         (parallelPromiseResolveTest):
462         (testObjectiveCAPI):
463         * JavaScriptCore.xcodeproj/project.pbxproj:
464         * runtime/JSInternalPromiseDeferred.cpp:
465         (JSC::JSInternalPromiseDeferred::create):
466         * runtime/JSPromise.h:
467         * runtime/JSPromiseConstructor.cpp:
468         (JSC::constructPromise):
469         * runtime/JSPromiseDeferred.cpp:
470         (JSC::JSPromiseDeferred::createDeferredData):
471         (JSC::JSPromiseDeferred::create):
472         (JSC::JSPromiseDeferred::finishCreation):
473         (JSC::newPromiseCapability): Deleted.
474         * runtime/JSPromiseDeferred.h:
475         (JSC::JSPromiseDeferred::promise const):
476         (JSC::JSPromiseDeferred::resolve const):
477         (JSC::JSPromiseDeferred::reject const):
478
479 2018-09-21  Ryan Haddad  <ryanhaddad@apple.com>
480
481         Unreviewed, rolling out r236359.
482
483         Broke the Windows build.
484
485         Reverted changeset:
486
487         "Add Promise SPI"
488         https://bugs.webkit.org/show_bug.cgi?id=189809
489         https://trac.webkit.org/changeset/236359
490
491 2018-09-21  Mark Lam  <mark.lam@apple.com>
492
493         JSRopeString::resolveRope() wrongly assumes that tryGetValue() passes it a valid ExecState.
494         https://bugs.webkit.org/show_bug.cgi?id=189855
495         <rdar://problem/44680181>
496
497         Reviewed by Filip Pizlo.
498
499         tryGetValue() always passes a nullptr to JSRopeString::resolveRope() for the
500         ExecState* argument.  This is intentional so that resolveRope() does not throw
501         in the event of an OutOfMemory error.  Hence, JSRopeString::resolveRope() should
502         get the VM from the cell instead of via the ExecState.
503
504         Also removed an obsolete and unused field in JSString.
505
506         * runtime/JSString.cpp:
507         (JSC::JSRopeString::resolveRope const):
508         (JSC::JSRopeString::outOfMemory const):
509         * runtime/JSString.h:
510         (JSC::JSString::tryGetValue const):
511
512 2018-09-21  Michael Saboff  <msaboff@apple.com>
513
514         Add functions to measure memory footprint to JSC
515         https://bugs.webkit.org/show_bug.cgi?id=189768
516
517         Reviewed by Saam Barati.
518
519         Rolling this back in again.
520
521         Provide system memory metrics for the current process to aid in memory reduction measurement and
522         tuning using native JS tests.
523
524         * jsc.cpp:
525         (MemoryFootprint::now):
526         (MemoryFootprint::resetPeak):
527         (GlobalObject::finishCreation):
528         (JSCMemoryFootprint::JSCMemoryFootprint):
529         (JSCMemoryFootprint::createStructure):
530         (JSCMemoryFootprint::create):
531         (JSCMemoryFootprint::finishCreation):
532         (JSCMemoryFootprint::addProperty):
533         (functionResetMemoryPeak):
534
535 2018-09-21  Keith Miller  <keith_miller@apple.com>
536
537         Add Promise SPI
538         https://bugs.webkit.org/show_bug.cgi?id=189809
539
540         Reviewed by Saam Barati.
541
542         The Patch adds new SPI to create promises. It's mostly SPI because
543         I want to see how internal users react to it before we make it
544         public.
545
546         This patch adds a couple of new Obj-C SPI methods. The first
547         creates a new promise using the same API that JS does where the
548         user provides an executor callback. If an exception is raised
549         in/to that callback the promise is automagically rejected. The
550         other methods create a pre-resolved or rejected promise as this
551         appears to be a common way to initialize a promise.
552
553         I was also considering adding a second version of executor API
554         where it would catch specific Obj-C exceptions. This would work by
555         taking a Class paramter and checking isKindOfClass: on the
556         exception. I decided against this as nothing else in our API
557         handles Obj-C exceptions. I'm pretty sure the VM will end up in a
558         corrupt state if an Obj-C exception unwinds through JS frames.
559
560         This patch adds a new C function that will create a "deferred"
561         promise. A deferred promise is a style of creating promise/futures
562         where the resolve and reject functions are passed as outputs of a
563         function. I went with this style for the C SPI because we don't have
564         any concept of forwarding exceptions in the C API.
565
566         In order to make the C API work I refactored a bit of the promise code
567         so that we can call a static method on JSDeferredPromise and just get
568         the components without allocating an extra cell wrapper.
569
570         * API/JSContext.mm:
571         (+[JSContext currentCallee]):
572         * API/JSObjectRef.cpp:
573         (JSObjectMakeDeferredPromise):
574         * API/JSObjectRefPrivate.h:
575         * API/JSValue.mm:
576         (+[JSValue valueWithNewPromiseInContext:fromExecutor:]):
577         (+[JSValue valueWithNewPromiseResolvedWithResult:inContext:]):
578         (+[JSValue valueWithNewPromiseRejectedWithReason:inContext:]):
579         * API/JSValuePrivate.h: Added.
580         * API/JSVirtualMachine.mm:
581         * API/JSVirtualMachinePrivate.h:
582         * API/tests/testapi.c:
583         (main):
584         * API/tests/testapi.cpp:
585         (APIContext::operator JSC::ExecState*):
586         (TestAPI::failed const):
587         (TestAPI::check):
588         (TestAPI::basicSymbol):
589         (TestAPI::symbolsTypeof):
590         (TestAPI::symbolsGetPropertyForKey):
591         (TestAPI::symbolsSetPropertyForKey):
592         (TestAPI::symbolsHasPropertyForKey):
593         (TestAPI::symbolsDeletePropertyForKey):
594         (TestAPI::promiseResolveTrue):
595         (TestAPI::promiseRejectTrue):
596         (testCAPIViaCpp):
597         (TestAPI::run): Deleted.
598         * API/tests/testapi.mm:
599         (testObjectiveCAPIMain):
600         (promiseWithExecutor):
601         (promiseRejectOnJSException):
602         (promiseCreateResolved):
603         (promiseCreateRejected):
604         (parallelPromiseResolveTest):
605         (testObjectiveCAPI):
606         * JavaScriptCore.xcodeproj/project.pbxproj:
607         * runtime/JSInternalPromiseDeferred.cpp:
608         (JSC::JSInternalPromiseDeferred::create):
609         * runtime/JSPromise.h:
610         * runtime/JSPromiseConstructor.cpp:
611         (JSC::constructPromise):
612         * runtime/JSPromiseDeferred.cpp:
613         (JSC::JSPromiseDeferred::createDeferredData):
614         (JSC::JSPromiseDeferred::create):
615         (JSC::JSPromiseDeferred::finishCreation):
616         (JSC::newPromiseCapability): Deleted.
617         * runtime/JSPromiseDeferred.h:
618         (JSC::JSPromiseDeferred::promise const):
619         (JSC::JSPromiseDeferred::resolve const):
620         (JSC::JSPromiseDeferred::reject const):
621
622 2018-09-21  Truitt Savell  <tsavell@apple.com>
623
624         Rebaseline tests after changes in https://trac.webkit.org/changeset/236321/webkit
625         https://bugs.webkit.org/show_bug.cgi?id=156674
626
627         Unreviewed Test Gardening
628
629         * Scripts/tests/builtins/expected/JavaScriptCore-Builtin.Promise-Combined.js-result:
630         * Scripts/tests/builtins/expected/JavaScriptCore-BuiltinConstructor-Combined.js-result:
631
632 2018-09-21  Mike Gorse  <mgorse@suse.com>
633
634         Build tools should work when the /usr/bin/python is python3
635         https://bugs.webkit.org/show_bug.cgi?id=156674
636
637         Reviewed by Michael Catanzaro.
638
639         * Scripts/cssmin.py:
640         * Scripts/generate-js-builtins.py:
641         (do_open):
642         (generate_bindings_for_builtins_files):
643         * Scripts/generateIntlCanonicalizeLanguage.py:
644         * Scripts/jsmin.py:
645         (JavascriptMinify.minify.write):
646         (JavascriptMinify):
647         (JavascriptMinify.minify):
648         * Scripts/make-js-file-arrays.py:
649         (chunk):
650         (main):
651         * Scripts/wkbuiltins/__init__.py:
652         * Scripts/wkbuiltins/builtins_generate_combined_header.py:
653         (generate_section_for_global_private_code_name_macro):
654         * Scripts/wkbuiltins/builtins_generate_internals_wrapper_header.py:
655         (BuiltinsInternalsWrapperHeaderGenerator.__init__):
656         * Scripts/wkbuiltins/builtins_generate_internals_wrapper_implementation.py:
657         (BuiltinsInternalsWrapperImplementationGenerator.__init__):
658         * Scripts/wkbuiltins/builtins_model.py:
659         (BuiltinFunction.__lt__):
660         (BuiltinsCollection.copyrights):
661         (BuiltinsCollection._parse_functions):
662         * disassembler/udis86/ud_opcode.py:
663         (UdOpcodeTables.pprint.printWalk):
664         * generate-bytecode-files:
665         * inspector/scripts/codegen/__init__.py:
666         * inspector/scripts/codegen/cpp_generator.py:
667         * inspector/scripts/codegen/generate_cpp_alternate_backend_dispatcher_header.py:
668         (CppAlternateBackendDispatcherHeaderGenerator.generate_output):
669         * inspector/scripts/codegen/generate_cpp_backend_dispatcher_header.py:
670         (CppBackendDispatcherHeaderGenerator.domains_to_generate):
671         (CppBackendDispatcherHeaderGenerator.generate_output):
672         (CppBackendDispatcherHeaderGenerator._generate_dispatcher_declarations_for_domain):
673         * inspector/scripts/codegen/generate_cpp_backend_dispatcher_implementation.py:
674         (CppBackendDispatcherImplementationGenerator.domains_to_generate):
675         (CppBackendDispatcherImplementationGenerator.generate_output):
676         * inspector/scripts/codegen/generate_cpp_frontend_dispatcher_header.py:
677         (CppFrontendDispatcherHeaderGenerator.domains_to_generate):
678         (CppFrontendDispatcherHeaderGenerator.generate_output):
679         * inspector/scripts/codegen/generate_cpp_frontend_dispatcher_implementation.py:
680         (CppFrontendDispatcherImplementationGenerator.domains_to_generate):
681         (CppFrontendDispatcherImplementationGenerator.generate_output):
682         * inspector/scripts/codegen/generate_cpp_protocol_types_header.py:
683         (CppProtocolTypesHeaderGenerator.generate_output):
684         (CppProtocolTypesHeaderGenerator._generate_forward_declarations):
685         * inspector/scripts/codegen/generate_cpp_protocol_types_implementation.py:
686         (CppProtocolTypesImplementationGenerator.generate_output):
687         (CppProtocolTypesImplementationGenerator._generate_enum_conversion_methods_for_domain):
688         (CppProtocolTypesImplementationGenerator._generate_enum_mapping_and_conversion_methods):
689         (CppProtocolTypesImplementationGenerator._generate_open_field_names):
690         (CppProtocolTypesImplementationGenerator._generate_builders_for_domain):
691         (CppProtocolTypesImplementationGenerator._generate_assertion_for_object_declaration):
692         * inspector/scripts/codegen/generate_js_backend_commands.py:
693         (JSBackendCommandsGenerator.should_generate_domain):
694         (JSBackendCommandsGenerator.domains_to_generate):
695         (JSBackendCommandsGenerator.generate_output):
696         (JSBackendCommandsGenerator.generate_domain):
697         * inspector/scripts/codegen/generate_objc_backend_dispatcher_header.py:
698         (ObjCBackendDispatcherHeaderGenerator.domains_to_generate):
699         (ObjCBackendDispatcherHeaderGenerator.generate_output):
700         * inspector/scripts/codegen/generate_objc_backend_dispatcher_implementation.py:
701         (ObjCBackendDispatcherImplementationGenerator.domains_to_generate):
702         (ObjCBackendDispatcherImplementationGenerator.generate_output):
703         (ObjCBackendDispatcherImplementationGenerator._generate_success_block_for_command):
704         * inspector/scripts/codegen/generate_objc_configuration_header.py:
705         * inspector/scripts/codegen/generate_objc_configuration_implementation.py:
706         * inspector/scripts/codegen/generate_objc_frontend_dispatcher_implementation.py:
707         (ObjCFrontendDispatcherImplementationGenerator.domains_to_generate):
708         (ObjCFrontendDispatcherImplementationGenerator.generate_output):
709         (ObjCFrontendDispatcherImplementationGenerator._generate_event):
710         * inspector/scripts/codegen/generate_objc_header.py:
711         (ObjCHeaderGenerator.generate_output):
712         (ObjCHeaderGenerator._generate_type_interface):
713         * inspector/scripts/codegen/generate_objc_internal_header.py:
714         (ObjCInternalHeaderGenerator.generate_output):
715         * inspector/scripts/codegen/generate_objc_protocol_type_conversions_header.py:
716         (ObjCProtocolTypeConversionsHeaderGenerator.domains_to_generate):
717         (ObjCProtocolTypeConversionsHeaderGenerator.generate_output):
718         * inspector/scripts/codegen/generate_objc_protocol_type_conversions_implementation.py:
719         (ObjCProtocolTypeConversionsImplementationGenerator.domains_to_generate):
720         * inspector/scripts/codegen/generate_objc_protocol_types_implementation.py:
721         (ObjCProtocolTypesImplementationGenerator.domains_to_generate):
722         (ObjCProtocolTypesImplementationGenerator.generate_output):
723         (ObjCProtocolTypesImplementationGenerator.generate_type_implementation):
724         (ObjCProtocolTypesImplementationGenerator._generate_init_method_for_required_members):
725         * inspector/scripts/codegen/generator.py:
726         (Generator.non_supplemental_domains):
727         (Generator.open_fields):
728         (Generator.calculate_types_requiring_shape_assertions):
729         (Generator._traverse_and_assign_enum_values):
730         (Generator.stylized_name_for_enum_value):
731         * inspector/scripts/codegen/models.py:
732         (find_duplicates):
733         * inspector/scripts/codegen/objc_generator.py:
734         * wasm/generateWasm.py:
735         (opcodeIterator):
736         * yarr/generateYarrCanonicalizeUnicode:
737         * yarr/generateYarrUnicodePropertyTables.py:
738         * yarr/hasher.py:
739         (stringHash):
740
741 2018-09-21  Tomas Popela  <tpopela@redhat.com>
742
743         [ARM] Build broken on armv7hl after r235517
744         https://bugs.webkit.org/show_bug.cgi?id=189831
745
746         Reviewed by Yusuke Suzuki.
747
748         Add missing implementation of patchebleBranch8() for traditional ARM.
749
750         * assembler/MacroAssemblerARM.h:
751         (JSC::MacroAssemblerARM::patchableBranch8):
752
753 2018-09-20  Ryan Haddad  <ryanhaddad@apple.com>
754
755         Unreviewed, rolling out r236293.
756
757         Internal build still broken.
758
759         Reverted changeset:
760
761         "Add functions to measure memory footprint to JSC"
762         https://bugs.webkit.org/show_bug.cgi?id=189768
763         https://trac.webkit.org/changeset/236293
764
765 2018-09-20  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
766
767         [JSC] Heap::reportExtraMemoryVisited shows contention if we have many JSString
768         https://bugs.webkit.org/show_bug.cgi?id=189558
769
770         Reviewed by Mark Lam.
771
772         When running web-tooling-benchmark postcss test on Linux JSCOnly port, we get the following result in `perf report`.
773
774             10.95%  AutomaticThread  libJavaScriptCore.so.1.0.0  [.] JSC::Heap::reportExtraMemoryVisited
775
776         This is because postcss produces bunch of JSString, which require reportExtraMemoryVisited calls in JSString::visitChildren.
777         And since reportExtraMemoryVisited attempts to update atomic counter, if we have bunch of marking threads, it becomes super contended.
778
779         This patch reduces the frequency of updating the atomic counter. Each SlotVisitor has per-SlotVisitor m_extraMemorySize counter.
780         And we propagate this value to the global atomic counter when rebalance happens.
781
782         We also reduce HeapCell::heap() access by using `vm.heap`.
783
784         * heap/SlotVisitor.cpp:
785         (JSC::SlotVisitor::didStartMarking):
786         (JSC::SlotVisitor::propagateExternalMemoryVisitedIfNecessary):
787         (JSC::SlotVisitor::drain):
788         (JSC::SlotVisitor::performIncrementOfDraining):
789         * heap/SlotVisitor.h:
790         * heap/SlotVisitorInlines.h:
791         (JSC::SlotVisitor::reportExtraMemoryVisited):
792         * runtime/JSString.cpp:
793         (JSC::JSRopeString::resolveRopeToAtomicString const):
794         (JSC::JSRopeString::resolveRope const):
795         * runtime/JSString.h:
796         (JSC::JSString::finishCreation):
797         * wasm/js/JSWebAssemblyInstance.cpp:
798         (JSC::JSWebAssemblyInstance::finishCreation):
799         * wasm/js/JSWebAssemblyMemory.cpp:
800         (JSC::JSWebAssemblyMemory::finishCreation):
801
802 2018-09-20  Michael Saboff  <msaboff@apple.com>
803
804         Add functions to measure memory footprint to JSC
805         https://bugs.webkit.org/show_bug.cgi?id=189768
806
807         Reviewed by Saam Barati.
808
809         Rolling this back in.
810
811         Provide system memory metrics for the current process to aid in memory reduction measurement and
812         tuning using native JS tests.
813
814         * jsc.cpp:
815         (MemoryFootprint::now):
816         (MemoryFootprint::resetPeak):
817         (GlobalObject::finishCreation):
818         (JSCMemoryFootprint::JSCMemoryFootprint):
819         (JSCMemoryFootprint::createStructure):
820         (JSCMemoryFootprint::create):
821         (JSCMemoryFootprint::finishCreation):
822         (JSCMemoryFootprint::addProperty):
823         (functionResetMemoryPeak):
824
825 2018-09-20  Ryan Haddad  <ryanhaddad@apple.com>
826
827         Unreviewed, rolling out r236235.
828
829         Breaks internal builds.
830
831         Reverted changeset:
832
833         "Add functions to measure memory footprint to JSC"
834         https://bugs.webkit.org/show_bug.cgi?id=189768
835         https://trac.webkit.org/changeset/236235
836
837 2018-09-20  Fujii Hironori  <Hironori.Fujii@sony.com>
838
839         [Win][Clang] JITMathIC.h: error: missing 'template' keyword prior to dependent template name 'retagged'
840         https://bugs.webkit.org/show_bug.cgi?id=189730
841
842         Reviewed by Saam Barati.
843
844         Clang for Windows can't compile the workaround for MSVC quirk in generateOutOfLine.
845
846         * jit/JITMathIC.h:
847         (generateOutOfLine): Append "&& !COMPILER(CLANG)" to "#if COMPILER(MSVC)".
848
849 2018-09-19  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
850
851         [JSC] Optimize Array#indexOf in C++ runtime
852         https://bugs.webkit.org/show_bug.cgi?id=189507
853
854         Reviewed by Saam Barati.
855
856         C++ Array#indexOf runtime function takes so much time in babylon benchmark in
857         web-tooling-benchmark. While our DFG and FTL has Array#indexOf optimization
858         and actually it is working well, C++ Array#indexOf is called significant amount
859         of time before tiering up, and it takes 6.74% of jsc main thread samples according
860         to perf command in Linux. This is because C++ Array#indexOf is too generic and
861         misses the chance to optimize JSArray cases.
862
863         This patch adds JSArray fast path for Array#indexOf. If we know that indexed
864         access to the given JSArray is non-observable and indexing type is good for the fast
865         path, we go to the fast path. This makes sampling of Array#indexOf 3.83% in
866         babylon web-tooling-benchmark.
867
868         * runtime/ArrayPrototype.cpp:
869         (JSC::arrayProtoFuncIndexOf):
870         * runtime/JSArray.h:
871         * runtime/JSArrayInlines.h:
872         (JSC::JSArray::canDoFastIndexedAccess):
873         (JSC::toLength):
874         * runtime/JSCJSValueInlines.h:
875         (JSC::JSValue::JSValue):
876         * runtime/JSGlobalObject.h:
877         * runtime/JSGlobalObjectInlines.h:
878         (JSC::JSGlobalObject::isArrayPrototypeIndexedAccessFastAndNonObservable):
879         (JSC::JSGlobalObject::isArrayPrototypeIteratorProtocolFastAndNonObservable):
880         * runtime/MathCommon.h:
881         (JSC::canBeStrictInt32):
882         (JSC::canBeInt32):
883
884 2018-09-19  Michael Saboff  <msaboff@apple.com>
885
886         Add functions to measure memory footprint to JSC
887         https://bugs.webkit.org/show_bug.cgi?id=189768
888
889         Reviewed by Saam Barati.
890
891         Provide system memory metrics for the current process to aid in memory reduction measurement and
892         tuning using native JS tests.
893
894         * jsc.cpp:
895         (MemoryFootprint::now):
896         (MemoryFootprint::resetPeak):
897         (GlobalObject::finishCreation):
898         (JSCMemoryFootprint::JSCMemoryFootprint):
899         (JSCMemoryFootprint::createStructure):
900         (JSCMemoryFootprint::create):
901         (JSCMemoryFootprint::finishCreation):
902         (JSCMemoryFootprint::addProperty):
903         (functionResetMemoryPeak):
904
905 2018-09-19  Saam barati  <sbarati@apple.com>
906
907         CheckStructureOrEmpty should pass in a tempGPR to emitStructureCheck since it may jump over that code
908         https://bugs.webkit.org/show_bug.cgi?id=189703
909
910         Reviewed by Mark Lam.
911
912         This fixes a crash that a TypeProfiler change revealed.
913
914         * dfg/DFGSpeculativeJIT64.cpp:
915         (JSC::DFG::SpeculativeJIT::compile):
916
917 2018-09-19  Saam barati  <sbarati@apple.com>
918
919         AI rule for MultiPutByOffset executes its effects in the wrong order
920         https://bugs.webkit.org/show_bug.cgi?id=189757
921         <rdar://problem/43535257>
922
923         Reviewed by Michael Saboff.
924
925         The AI rule for MultiPutByOffset was executing effects in the wrong order.
926         It first executed the transition effects and the effects on the base, and
927         then executed the filtering effects on the value being stored. However, you
928         can end up with the wrong type when the base and the value being stored
929         are the same. E.g, in a program like `o.f = o`. These effects need to happen
930         in the opposite order, modeling what happens in the runtime executing of
931         MultiPutByOffset.
932
933         * dfg/DFGAbstractInterpreterInlines.h:
934         (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
935
936 2018-09-18  Mark Lam  <mark.lam@apple.com>
937
938         Ensure that ForInContexts are invalidated if their loop local is over-written.
939         https://bugs.webkit.org/show_bug.cgi?id=189571
940         <rdar://problem/44402277>
941
942         Reviewed by Saam Barati.
943
944         Instead of hunting down every place in the BytecodeGenerator that potentially
945         needs to invalidate an enclosing ForInContext (if one exists), we simply iterate
946         the bytecode range of the loop body when the ForInContext is popped, and
947         invalidate the context if we ever find the loop temp variable over-written.
948
949         This has 2 benefits:
950         1. It ensures that every type of opcode that can write to the loop temp will be
951            handled appropriately, not just the op_mov that we've hunted down.
952         2. It avoids us having to check the BytecodeGenerator's m_forInContextStack
953            every time we emit an op_mov (or other opcodes that can write to a local)
954            even when we're not inside a for-in loop.
955
956         JSC benchmarks show that that this change is performance neutral.
957
958         * bytecompiler/BytecodeGenerator.cpp:
959         (JSC::BytecodeGenerator::pushIndexedForInScope):
960         (JSC::BytecodeGenerator::popIndexedForInScope):
961         (JSC::BytecodeGenerator::pushStructureForInScope):
962         (JSC::BytecodeGenerator::popStructureForInScope):
963         (JSC::ForInContext::finalize):
964         (JSC::StructureForInContext::finalize):
965         (JSC::IndexedForInContext::finalize):
966         (JSC::BytecodeGenerator::invalidateForInContextForLocal): Deleted.
967         * bytecompiler/BytecodeGenerator.h:
968         (JSC::ForInContext::ForInContext):
969         (JSC::ForInContext::bodyBytecodeStartOffset const):
970         (JSC::StructureForInContext::StructureForInContext):
971         (JSC::IndexedForInContext::IndexedForInContext):
972         * bytecompiler/NodesCodegen.cpp:
973         (JSC::PostfixNode::emitResolve):
974         (JSC::PrefixNode::emitResolve):
975         (JSC::ReadModifyResolveNode::emitBytecode):
976         (JSC::AssignResolveNode::emitBytecode):
977         (JSC::EmptyLetExpression::emitBytecode):
978         (JSC::ForInNode::emitLoopHeader):
979         (JSC::ForOfNode::emitBytecode):
980         (JSC::BindingNode::bindValue const):
981         (JSC::AssignmentElementNode::bindValue const):
982         * runtime/CommonSlowPaths.cpp:
983         (JSC::SLOW_PATH_DECL):
984
985 2018-09-17  Devin Rousso  <drousso@apple.com>
986
987         Web Inspector: generate CSSKeywordCompletions from backend values
988         https://bugs.webkit.org/show_bug.cgi?id=189041
989
990         Reviewed by Joseph Pecoraro.
991
992         * inspector/protocol/CSS.json:
993         Include an optional `aliases` array and `inherited` boolean for `CSSPropertyInfo`.
994
995 2018-09-17  Saam barati  <sbarati@apple.com>
996
997         We must convert ProfileType to CheckStructureOrEmpty instead of CheckStructure
998         https://bugs.webkit.org/show_bug.cgi?id=189676
999         <rdar://problem/39682897>
1000
1001         Reviewed by Michael Saboff.
1002
1003         Because the incoming value may be TDZ, CheckStructure may end up crashing.
1004         Since the Type Profile does not currently record TDZ values in any of its
1005         data structures, this is not a semantic change in how it will show you data.
1006         It just fixes crashes when we emit a CheckStructure and the incoming value
1007         is TDZ.
1008
1009         * dfg/DFGFixupPhase.cpp:
1010         (JSC::DFG::FixupPhase::fixupNode):
1011         * dfg/DFGNode.h:
1012         (JSC::DFG::Node::convertToCheckStructureOrEmpty):
1013
1014 2018-09-17  Darin Adler  <darin@apple.com>
1015
1016         Use OpaqueJSString rather than JSRetainPtr inside WebKit
1017         https://bugs.webkit.org/show_bug.cgi?id=189652
1018
1019         Reviewed by Saam Barati.
1020
1021         * API/JSCallbackObjectFunctions.h: Removed an uneeded include of
1022         JSStringRef.h.
1023
1024         * API/JSContext.mm:
1025         (-[JSContext evaluateScript:withSourceURL:]): Use OpaqueJSString::create rather
1026         than JSStringCreateWithCFString, simplifying the code and also obviating the
1027         need for explicit JSStringRelease.
1028         (-[JSContext setName:]): Ditto.
1029
1030         * API/JSStringRef.cpp:
1031         (JSStringIsEqualToUTF8CString): Use adoptRef rather than explicit JSStringRelease.
1032         It seems that additional optimization is possible, obviating the need to allocate
1033         an OpaqueJSString, but that's true almost everywhere else in this patch, too.
1034
1035         * API/JSValue.mm:
1036         (+[JSValue valueWithNewRegularExpressionFromPattern:flags:inContext:]): Use
1037         OpaqueJSString::create and adoptRef as appropriate.
1038         (+[JSValue valueWithNewErrorFromMessage:inContext:]): Ditto.
1039         (+[JSValue valueWithNewSymbolFromDescription:inContext:]): Ditto.
1040         (performPropertyOperation): Ditto.
1041         (-[JSValue invokeMethod:withArguments:]): Ditto.
1042         (valueToObjectWithoutCopy): Ditto.
1043         (containerValueToObject): Ditto.
1044         (valueToString): Ditto.
1045         (objectToValueWithoutCopy): Ditto.
1046         (objectToValue): Ditto.
1047
1048 2018-09-08  Darin Adler  <darin@apple.com>
1049
1050         Streamline JSRetainPtr, fix leaks of JSString and JSGlobalContext
1051         https://bugs.webkit.org/show_bug.cgi?id=189455
1052
1053         Reviewed by Keith Miller.
1054
1055         * API/JSObjectRef.cpp:
1056         (OpaqueJSPropertyNameArray): Use Ref<OpaqueJSString> instead of
1057         JSRetainPtr<JSStringRef>.
1058         (JSObjectCopyPropertyNames): Remove now-unneeded use of leakRef and
1059         adopt constructor.
1060         (JSPropertyNameArrayGetNameAtIndex): Use ptr() instead of get() since
1061         the array elements are now Ref.
1062
1063         * API/JSRetainPtr.h: While JSRetainPtr is written as a template,
1064         it only works for two specific unrelated types, JSStringRef and
1065         JSGlobalContextRef. Simplified the default constructor using data
1066         member initialization. Prepared to make the adopt constructor private
1067         (got everything compiling that way, then made it public again so that
1068         Apple internal software will still build). Got rid of unneeded
1069         templated constructor and assignment operator, since it's not relevant
1070         since there is no inheritance between JSRetainPtr template types.
1071         Added WARN_UNUSED_RETURN to leakRef as in RefPtr and RetainPtr.
1072         Added move constructor and move assignment operator for slightly better
1073         performance. Simplified implementations of various member functions
1074         so they are more obviously correct, by using leakPtr in more of them
1075         and using std::exchange to make the flow of values more obvious.
1076
1077         * API/JSValue.mm:
1078         (+[JSValue valueWithNewSymbolFromDescription:inContext:]): Added a
1079         missing JSStringRelease to fix a leak.
1080
1081         * API/tests/CustomGlobalObjectClassTest.c:
1082         (customGlobalObjectClassTest): Added a JSGlobalContextRelease to fix a leak.
1083         (globalObjectSetPrototypeTest): Ditto.
1084         (globalObjectPrivatePropertyTest): Ditto.
1085
1086         * API/tests/ExecutionTimeLimitTest.cpp:
1087         (testResetAfterTimeout): Added a call to JSStringRelease to fix a leak.
1088         (testExecutionTimeLimit): Ditto, lots more.
1089
1090         * API/tests/FunctionOverridesTest.cpp:
1091         (testFunctionOverrides): Added a call to JSStringRelease to fix a leak.
1092
1093         * API/tests/JSObjectGetProxyTargetTest.cpp:
1094         (testJSObjectGetProxyTarget): Added a call to JSGlobalContextRelease to fix
1095         a leak.
1096
1097         * API/tests/PingPongStackOverflowTest.cpp:
1098         (testPingPongStackOverflow): Added calls to JSGlobalContextRelease and
1099         JSStringRelease to fix leaks.
1100
1101         * API/tests/testapi.c:
1102         (throwException): Added. Helper function for repeated idiom where we want
1103         to throw an exception, but with additional JSStringRelease calls so we don't
1104         have to leak just to keep the code simpler to read.
1105         (MyObject_getProperty): Use throwException.
1106         (MyObject_setProperty): Ditto.
1107         (MyObject_deleteProperty): Ditto.
1108         (isValueEqualToString): Added. Helper function for an idiom where we check
1109         if something is a string and then if it's equal to a particular string
1110         constant, but a version that has an additional JSStringRelease call so we
1111         don't have to leak just to keep the code simpler to read.
1112         (MyObject_callAsFunction): Use isValueEqualToString and throwException.
1113         (MyObject_callAsConstructor): Ditto.
1114         (MyObject_hasInstance): Ditto.
1115         (globalContextNameTest): Added a JSGlobalContextRelease to fix a leak.
1116         (testMarkingConstraintsAndHeapFinalizers): Ditto.
1117
1118 2018-09-14  Saam barati  <sbarati@apple.com>
1119
1120         Don't dump OSRAvailabilityData in Graph::dump because a stale Availability may point to a Node that is already freed
1121         https://bugs.webkit.org/show_bug.cgi?id=189628
1122         <rdar://problem/39481690>
1123
1124         Reviewed by Mark Lam.
1125
1126         An Availability may point to a Node. And that Node may be removed from
1127         the graph, e.g, it's freed and its memory is no longer owned by Graph.
1128         This patch makes it so we no longer dump this metadata by default. If
1129         this metadata is interesting to you, you'll need to go in and change
1130         Graph::dump to dump the needed metadata.
1131
1132         * dfg/DFGGraph.cpp:
1133         (JSC::DFG::Graph::dump):
1134
1135 2018-09-14  Mark Lam  <mark.lam@apple.com>
1136
1137         Refactor some ForInContext code for better encapsulation.
1138         https://bugs.webkit.org/show_bug.cgi?id=189626
1139         <rdar://problem/44466415>
1140
1141         Reviewed by Keith Miller.
1142
1143         1. Add a ForInContext::m_type field to store the context type.  This does not
1144            increase the class size, but eliminates the need for a virtual call to get the
1145            type.
1146
1147            Note: we still need a virtual destructor because we'll be mingling
1148            IndexedForInContexts and StructureForInContexts in the BytecodeGenerator::m_forInContextStack.
1149
1150         2. Add ForInContext::isIndexedForInContext() and ForInContext::isStructureForInContext()
1151            convenience methods.
1152
1153         3. Add ForInContext::asIndexedForInContext() and ForInContext::asStructureForInContext()
1154            to do the casting to the subclass types.  This ensures that we'll properly
1155            assert that the casting is legal.
1156
1157         * bytecompiler/BytecodeGenerator.cpp:
1158         (JSC::BytecodeGenerator::emitGetByVal):
1159         (JSC::BytecodeGenerator::popIndexedForInScope):
1160         (JSC::BytecodeGenerator::popStructureForInScope):
1161         * bytecompiler/BytecodeGenerator.h:
1162         (JSC::ForInContext::type const):
1163         (JSC::ForInContext::isIndexedForInContext const):
1164         (JSC::ForInContext::isStructureForInContext const):
1165         (JSC::ForInContext::asIndexedForInContext):
1166         (JSC::ForInContext::asStructureForInContext):
1167         (JSC::ForInContext::ForInContext):
1168         (JSC::StructureForInContext::StructureForInContext):
1169         (JSC::IndexedForInContext::IndexedForInContext):
1170         (JSC::ForInContext::~ForInContext): Deleted.
1171
1172 2018-09-14  Devin Rousso  <webkit@devinrousso.com>
1173
1174         Web Inspector: Record actions performed on ImageBitmapRenderingContext
1175         https://bugs.webkit.org/show_bug.cgi?id=181341
1176
1177         Reviewed by Joseph Pecoraro.
1178
1179         * inspector/protocol/Recording.json:
1180         * inspector/scripts/codegen/generator.py:
1181
1182 2018-09-14  Mike Gorse  <mgorse@suse.com>
1183
1184         builtins directory causes name conflict on Python 3
1185         https://bugs.webkit.org/show_bug.cgi?id=189552
1186
1187         Reviewed by Michael Catanzaro.
1188
1189         * CMakeLists.txt: builtins -> wkbuiltins.
1190         * DerivedSources.make: builtins -> wkbuiltins.
1191         * Scripts/generate-js-builtins.py: import wkbuiltins, rather than
1192           builtins.
1193         * Scripts/wkbuiltins/__init__.py: Renamed from Source/JavaScriptCore/Scripts/builtins/__init__.py.
1194         * Scripts/wkbuiltins/builtins_generate_combined_header.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_combined_header.py.
1195         * Scripts/wkbuiltins/builtins_generate_internals_wrapper_implementation.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_internals_wrapper_implementation.py.
1196         * Scripts/wkbuiltins/builtins_generate_separate_header.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_separate_header.py.
1197         * Scripts/wkbuiltins/builtins_generate_separate_implementation.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_separate_implementation.py.
1198         * Scripts/wkbuiltins/builtins_generate_wrapper_header.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_wrapper_header.py.
1199         * Scripts/wkbuiltins/builtins_generate_wrapper_implementation.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_wrapper_implementation.py.
1200         * Scripts/wkbuiltins/builtins_generator.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generator.py.
1201         * Scripts/wkbuiltins/builtins_model.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_model.py.
1202         * Scripts/wkbuiltins/builtins_templates.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_templates.py.
1203         * Scripts/wkbuiltins/wkbuiltins.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins.py.
1204         * JavaScriptCore.xcodeproj/project.pbxproj: Update for the renaming.
1205
1206 2018-09-13  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
1207
1208         [WebAssembly] Inline WasmContext accessor functions
1209         https://bugs.webkit.org/show_bug.cgi?id=189416
1210
1211         Reviewed by Saam Barati.
1212
1213         WasmContext accessor functions are very small while it resides in the critical path of
1214         JS to Wasm function call. This patch makes them inline to improve performance.
1215         This change improves a small benchmark (calling JS to Wasm function 1e7 times) from 320ms to 270ms.
1216
1217         * JavaScriptCore.xcodeproj/project.pbxproj:
1218         * Sources.txt:
1219         * interpreter/CallFrame.cpp:
1220         * jit/AssemblyHelpers.cpp:
1221         * wasm/WasmB3IRGenerator.cpp:
1222         * wasm/WasmContextInlines.h: Renamed from Source/JavaScriptCore/wasm/WasmContext.cpp.
1223         (JSC::Wasm::Context::useFastTLS):
1224         (JSC::Wasm::Context::load const):
1225         (JSC::Wasm::Context::store):
1226         * wasm/WasmMemoryInformation.cpp:
1227         * wasm/WasmModuleParser.cpp: Include <wtf/SHA1.h> due to changes of unified source combinations.
1228         * wasm/js/JSToWasm.cpp:
1229         * wasm/js/WebAssemblyFunction.cpp:
1230
1231 2018-09-12  David Kilzer  <ddkilzer@apple.com>
1232
1233         Move JavaScriptCore files to match Xcode project hierarchy
1234         <https://webkit.org/b/189574>
1235
1236         Reviewed by Filip Pizlo.
1237
1238         * API/JSAPIValueWrapper.cpp: Rename from Source/JavaScriptCore/runtime/JSAPIValueWrapper.cpp.
1239         * API/JSAPIValueWrapper.h: Rename from Source/JavaScriptCore/runtime/JSAPIValueWrapper.h.
1240         * CMakeLists.txt: Update for new path to
1241         generateYarrUnicodePropertyTables.py, hasher.py and
1242         JSAPIValueWrapper.h.
1243         * DerivedSources.make: Ditto. Add missing dependency on
1244         hasher.py captured by CMakeLists.txt.
1245         * JavaScriptCore.xcodeproj/project.pbxproj: Update for new file
1246         reference paths. Add hasher.py library to project.
1247         * Sources.txt: Update for new path to
1248         JSAPIValueWrapper.cpp.
1249         * runtime/JSImmutableButterfly.h: Add missing includes
1250         after changes to Sources.txt and regenerating unified
1251         sources.
1252         * runtime/RuntimeType.h: Ditto.
1253         * yarr/generateYarrUnicodePropertyTables.py: Rename from Source/JavaScriptCore/Scripts/generateYarrUnicodePropertyTables.py.
1254         * yarr/hasher.py: Rename from Source/JavaScriptCore/Scripts/hasher.py.
1255
1256 2018-09-12  David Kilzer  <ddkilzer@apple.com>
1257
1258         Let Xcode have its way with the JavaScriptCore project
1259
1260         * JavaScriptCore.xcodeproj/project.pbxproj:
1261
1262 2018-09-12  Guillaume Emont  <guijemont@igalia.com>
1263
1264         Add IGNORE_WARNING_.* macros
1265         https://bugs.webkit.org/show_bug.cgi?id=188996
1266
1267         Reviewed by Michael Catanzaro.
1268
1269         * API/JSCallbackObject.h:
1270         * API/tests/testapi.c:
1271         * assembler/LinkBuffer.h:
1272         (JSC::LinkBuffer::finalizeCodeWithDisassembly):
1273         * b3/B3LowerToAir.cpp:
1274         * b3/B3Opcode.cpp:
1275         * b3/B3Type.h:
1276         * b3/B3TypeMap.h:
1277         * b3/B3Width.h:
1278         * b3/air/AirArg.cpp:
1279         * b3/air/AirArg.h:
1280         * b3/air/AirCode.h:
1281         * bytecode/Opcode.h:
1282         (JSC::padOpcodeName):
1283         * dfg/DFGSpeculativeJIT.cpp:
1284         (JSC::DFG::SpeculativeJIT::speculateNumber):
1285         (JSC::DFG::SpeculativeJIT::speculateMisc):
1286         * dfg/DFGSpeculativeJIT64.cpp:
1287         * ftl/FTLOutput.h:
1288         * jit/CCallHelpers.h:
1289         (JSC::CCallHelpers::calculatePokeOffset):
1290         * llint/LLIntData.cpp:
1291         * llint/LLIntSlowPaths.cpp:
1292         (JSC::LLInt::slowPathLogF):
1293         * runtime/ConfigFile.cpp:
1294         (JSC::ConfigFile::canonicalizePaths):
1295         * runtime/JSDataViewPrototype.cpp:
1296         * runtime/JSGenericTypedArrayViewConstructor.h:
1297         * runtime/JSGenericTypedArrayViewPrototype.h:
1298         * runtime/Options.cpp:
1299         (JSC::Options::setAliasedOption):
1300         * tools/CodeProfiling.cpp:
1301         * wasm/WasmSections.h:
1302         * wasm/generateWasmValidateInlinesHeader.py:
1303
1304 == Rolled over to ChangeLog-2018-09-11 ==