780997eb2acfdfcbdb771e1f71e6fae76af9f70a
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2018-10-01  Commit Queue  <commit-queue@webkit.org>
2
3         Unreviewed, rolling out r236647.
4         https://bugs.webkit.org/show_bug.cgi?id=190124
5
6         Breaking test stress/big-int-to-string.js (Requested by
7         caiolima_ on #webkit).
8
9         Reverted changeset:
10
11         "[BigInt] BigInt.proptotype.toString is broken when radix is
12         power of 2"
13         https://bugs.webkit.org/show_bug.cgi?id=190033
14         https://trac.webkit.org/changeset/236647
15
16 2018-10-01  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
17
18         [WebAssembly] Move type conversion code of JSToWasm return type to JS wasm wrapper
19         https://bugs.webkit.org/show_bug.cgi?id=189498
20
21         Reviewed by Saam Barati.
22
23         To call JS-to-Wasm code we need to convert the result value from wasm function to
24         the JS type. Previously this is done by callWebAssemblyFunction by using swtich
25         over signature.returnType(). But since we know the value of `signature.returnType()`
26         at compiling phase, we can emit a small conversion code directly to JSToWasm glue
27         and remove this switch from callWebAssemblyFunction.
28
29         In JSToWasm glue code, we do not have tag registers. So we use DoNotHaveTagRegisters
30         in boxInt32 and boxDouble. Since boxDouble does not have DoNotHaveTagRegisters version,
31         we add an implementation for that.
32
33         * jit/AssemblyHelpers.h:
34         (JSC::AssemblyHelpers::boxDouble):
35         * wasm/js/JSToWasm.cpp:
36         (JSC::Wasm::createJSToWasmWrapper):
37         * wasm/js/WebAssemblyFunction.cpp:
38         (JSC::callWebAssemblyFunction):
39
40 2018-09-30  Caio Lima  <ticaiolima@gmail.com>
41
42         [BigInt] BigInt.proptotype.toString is broken when radix is power of 2
43         https://bugs.webkit.org/show_bug.cgi?id=190033
44
45         Reviewed by Yusuke Suzuki.
46
47         The implementation of JSBigInt::toStringToGeneric doesn't handle power
48         of 2 radix when JSBigInt length is >= 2. To handle such cases, we
49         implemented JSBigInt::toStringBasePowerOfTwo that follows the
50         algorithm that groups bits using mask of (2 ^ n) - 1 to extract every
51         digit.
52
53         * runtime/JSBigInt.cpp:
54         (JSC::JSBigInt::toString):
55         (JSC::JSBigInt::toStringBasePowerOfTwo):
56         * runtime/JSBigInt.h:
57
58 2018-09-28  Caio Lima  <ticaiolima@gmail.com>
59
60         [ESNext][BigInt] Implement support for "&"
61         https://bugs.webkit.org/show_bug.cgi?id=186228
62
63         Reviewed by Yusuke Suzuki.
64
65         This patch introduces support of BigInt into bitwise "&" operation.
66         We are also introducing the ValueBitAnd DFG node, that is responsible
67         to take care of JIT for non-Int32 operands. With the introduction of this
68         new node, we renamed the BitAnd node to ArithBitAnd. The ArithBitAnd
69         follows the behavior of ArithAdd and other arithmetic nodes, where
70         the Arith<op> version always results in Number (in the case of
71         ArithBitAnd, its is always an Int32).
72
73         * bytecode/CodeBlock.cpp:
74         (JSC::CodeBlock::finishCreation):
75         * bytecompiler/BytecodeGenerator.cpp:
76         (JSC::BytecodeGenerator::emitBinaryOp):
77         * dfg/DFGAbstractInterpreterInlines.h:
78         (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
79         * dfg/DFGBackwardsPropagationPhase.cpp:
80         (JSC::DFG::BackwardsPropagationPhase::isWithinPowerOfTwo):
81         (JSC::DFG::BackwardsPropagationPhase::propagate):
82         * dfg/DFGByteCodeParser.cpp:
83         (JSC::DFG::ByteCodeParser::parseBlock):
84         * dfg/DFGClobberize.h:
85         (JSC::DFG::clobberize):
86         * dfg/DFGDoesGC.cpp:
87         (JSC::DFG::doesGC):
88         * dfg/DFGFixupPhase.cpp:
89         (JSC::DFG::FixupPhase::fixupNode):
90         * dfg/DFGNodeType.h:
91         * dfg/DFGOperations.cpp:
92         * dfg/DFGOperations.h:
93         * dfg/DFGPredictionPropagationPhase.cpp:
94         * dfg/DFGSafeToExecute.h:
95         (JSC::DFG::safeToExecute):
96         * dfg/DFGSpeculativeJIT.cpp:
97         (JSC::DFG::SpeculativeJIT::compileValueBitwiseOp):
98         (JSC::DFG::SpeculativeJIT::compileBitwiseOp):
99         * dfg/DFGSpeculativeJIT.h:
100         (JSC::DFG::SpeculativeJIT::bitOp):
101         * dfg/DFGSpeculativeJIT32_64.cpp:
102         (JSC::DFG::SpeculativeJIT::compile):
103         * dfg/DFGSpeculativeJIT64.cpp:
104         (JSC::DFG::SpeculativeJIT::compile):
105         * dfg/DFGStrengthReductionPhase.cpp:
106         (JSC::DFG::StrengthReductionPhase::handleNode):
107         * ftl/FTLCapabilities.cpp:
108         (JSC::FTL::canCompile):
109         * ftl/FTLLowerDFGToB3.cpp:
110         (JSC::FTL::DFG::LowerDFGToB3::compileNode):
111         (JSC::FTL::DFG::LowerDFGToB3::compileValueBitAnd):
112         (JSC::FTL::DFG::LowerDFGToB3::compileArithBitAnd):
113         (JSC::FTL::DFG::LowerDFGToB3::compileBitAnd): Deleted.
114         * jit/JIT.h:
115         * jit/JITArithmetic.cpp:
116         (JSC::JIT::emitBitBinaryOpFastPath):
117         (JSC::JIT::emit_op_bitand):
118         * llint/LowLevelInterpreter32_64.asm:
119         * llint/LowLevelInterpreter64.asm:
120         * runtime/CommonSlowPaths.cpp:
121         (JSC::SLOW_PATH_DECL):
122         * runtime/JSBigInt.cpp:
123         (JSC::JSBigInt::JSBigInt):
124         (JSC::JSBigInt::initialize):
125         (JSC::JSBigInt::createZero):
126         (JSC::JSBigInt::createFrom):
127         (JSC::JSBigInt::bitwiseAnd):
128         (JSC::JSBigInt::absoluteBitwiseOp):
129         (JSC::JSBigInt::absoluteAnd):
130         (JSC::JSBigInt::absoluteOr):
131         (JSC::JSBigInt::absoluteAndNot):
132         (JSC::JSBigInt::absoluteAddOne):
133         (JSC::JSBigInt::absoluteSubOne):
134         * runtime/JSBigInt.h:
135         * runtime/JSCJSValue.h:
136         * runtime/JSCJSValueInlines.h:
137         (JSC::JSValue::toBigIntOrInt32 const):
138
139 2018-09-28  Mark Lam  <mark.lam@apple.com>
140
141         Gardening: speculative build fix.
142         <rdar://problem/44869924>
143
144         Not reviewed.
145
146         * assembler/LinkBuffer.cpp:
147         (JSC::LinkBuffer::copyCompactAndLinkCode):
148
149 2018-09-28  Guillaume Emont  <guijemont@igalia.com>
150
151         [JSC] [Armv7] Add a copy function argument to MacroAssemblerARMv7::link() and pass it down to the assembler's linking functions.
152         https://bugs.webkit.org/show_bug.cgi?id=190080
153
154         Reviewed by Mark Lam.
155
156         * assembler/ARMv7Assembler.h:
157         (JSC::ARMv7Assembler::link):
158         (JSC::ARMv7Assembler::linkJumpT1):
159         (JSC::ARMv7Assembler::linkJumpT2):
160         (JSC::ARMv7Assembler::linkJumpT3):
161         (JSC::ARMv7Assembler::linkJumpT4):
162         (JSC::ARMv7Assembler::linkConditionalJumpT4):
163         (JSC::ARMv7Assembler::linkBX):
164         (JSC::ARMv7Assembler::linkConditionalBX):
165         * assembler/MacroAssemblerARMv7.h:
166         (JSC::MacroAssemblerARMv7::link):
167
168 2018-09-27  Saam barati  <sbarati@apple.com>
169
170         Verify the contents of AssemblerBuffer on arm64e
171         https://bugs.webkit.org/show_bug.cgi?id=190057
172         <rdar://problem/38916630>
173
174         Reviewed by Mark Lam.
175
176         * assembler/ARM64Assembler.h:
177         (JSC::ARM64Assembler::ARM64Assembler):
178         (JSC::ARM64Assembler::fillNops):
179         (JSC::ARM64Assembler::link):
180         (JSC::ARM64Assembler::linkJumpOrCall):
181         (JSC::ARM64Assembler::linkCompareAndBranch):
182         (JSC::ARM64Assembler::linkConditionalBranch):
183         (JSC::ARM64Assembler::linkTestAndBranch):
184         (JSC::ARM64Assembler::unlinkedCode): Deleted.
185         * assembler/ARMAssembler.h:
186         (JSC::ARMAssembler::fillNops):
187         * assembler/ARMv7Assembler.h:
188         (JSC::ARMv7Assembler::unlinkedCode): Deleted.
189         * assembler/AbstractMacroAssembler.h:
190         (JSC::AbstractMacroAssembler::emitNops):
191         (JSC::AbstractMacroAssembler::AbstractMacroAssembler):
192         * assembler/AssemblerBuffer.h:
193         (JSC::ARM64EHash::ARM64EHash):
194         (JSC::ARM64EHash::update):
195         (JSC::ARM64EHash::hash const):
196         (JSC::ARM64EHash::randomSeed const):
197         (JSC::AssemblerBuffer::AssemblerBuffer):
198         (JSC::AssemblerBuffer::putShort):
199         (JSC::AssemblerBuffer::putIntUnchecked):
200         (JSC::AssemblerBuffer::putInt):
201         (JSC::AssemblerBuffer::hash const):
202         (JSC::AssemblerBuffer::data const):
203         (JSC::AssemblerBuffer::putIntegralUnchecked):
204         (JSC::AssemblerBuffer::append): Deleted.
205         * assembler/LinkBuffer.cpp:
206         (JSC::LinkBuffer::copyCompactAndLinkCode):
207         * assembler/MIPSAssembler.h:
208         (JSC::MIPSAssembler::fillNops):
209         * assembler/MacroAssemblerARM64.h:
210         (JSC::MacroAssemblerARM64::jumpsToLink):
211         (JSC::MacroAssemblerARM64::link):
212         (JSC::MacroAssemblerARM64::unlinkedCode): Deleted.
213         * assembler/MacroAssemblerARMv7.h:
214         (JSC::MacroAssemblerARMv7::jumpsToLink):
215         (JSC::MacroAssemblerARMv7::unlinkedCode): Deleted.
216         * assembler/X86Assembler.h:
217         (JSC::X86Assembler::fillNops):
218
219 2018-09-27  Mark Lam  <mark.lam@apple.com>
220
221         ByValInfo should not use integer offsets.
222         https://bugs.webkit.org/show_bug.cgi?id=190070
223         <rdar://problem/44803430>
224
225         Reviewed by Saam Barati.
226
227         Also moved some fields around to allow the ByValInfo struct to be more densely packed.
228
229         * bytecode/ByValInfo.h:
230         (JSC::ByValInfo::ByValInfo):
231         * jit/JIT.cpp:
232         (JSC::JIT::link):
233         * jit/JITOpcodes.cpp:
234         (JSC::JIT::privateCompileHasIndexedProperty):
235         * jit/JITOpcodes32_64.cpp:
236         (JSC::JIT::privateCompileHasIndexedProperty):
237         * jit/JITPropertyAccess.cpp:
238         (JSC::JIT::privateCompileGetByVal):
239         (JSC::JIT::privateCompileGetByValWithCachedId):
240         (JSC::JIT::privateCompilePutByVal):
241         (JSC::JIT::privateCompilePutByValWithCachedId):
242
243 2018-09-27  Saam barati  <sbarati@apple.com>
244
245         DFG::OSRExit::m_patchableCodeOffset should not be an int
246         https://bugs.webkit.org/show_bug.cgi?id=190066
247         <rdar://problem/39498244>
248
249         Reviewed by Mark Lam.
250
251         * dfg/DFGJITCompiler.cpp:
252         (JSC::DFG::JITCompiler::linkOSRExits):
253         (JSC::DFG::JITCompiler::link):
254         * dfg/DFGOSRExit.cpp:
255         (JSC::DFG::OSRExit::codeLocationForRepatch const):
256         (JSC::DFG::OSRExit::compileOSRExit):
257         (JSC::DFG::OSRExit::setPatchableCodeOffset): Deleted.
258         (JSC::DFG::OSRExit::getPatchableCodeOffsetAsJump const): Deleted.
259         (JSC::DFG::OSRExit::correctJump): Deleted.
260         * dfg/DFGOSRExit.h:
261         * dfg/DFGOSRExitCompilationInfo.h:
262
263 2018-09-27  Saam barati  <sbarati@apple.com>
264
265         Don't use int offsets in StructureStubInfo
266         https://bugs.webkit.org/show_bug.cgi?id=190064
267         <rdar://problem/44784719>
268
269         Reviewed by Mark Lam.
270
271         * bytecode/InlineAccess.cpp:
272         (JSC::linkCodeInline):
273         * bytecode/StructureStubInfo.h:
274         (JSC::StructureStubInfo::slowPathCallLocation):
275         (JSC::StructureStubInfo::doneLocation):
276         (JSC::StructureStubInfo::slowPathStartLocation):
277         * jit/JITInlineCacheGenerator.cpp:
278         (JSC::JITInlineCacheGenerator::finalize):
279
280 2018-09-27  Mark Lam  <mark.lam@apple.com>
281
282         DFG::OSREntry::m_machineCodeOffset should be a CodeLocation.
283         https://bugs.webkit.org/show_bug.cgi?id=190054
284         <rdar://problem/44803543>
285
286         Reviewed by Saam Barati.
287
288         * dfg/DFGJITCode.h:
289         (JSC::DFG::JITCode::appendOSREntryData):
290         * dfg/DFGJITCompiler.cpp:
291         (JSC::DFG::JITCompiler::noticeOSREntry):
292         * dfg/DFGOSREntry.cpp:
293         (JSC::DFG::OSREntryData::dumpInContext const):
294         (JSC::DFG::prepareOSREntry):
295         * dfg/DFGOSREntry.h:
296         * runtime/JSCPtrTag.h:
297
298 2018-09-27  Mark Lam  <mark.lam@apple.com>
299
300         JITMathIC should not use integer offsets into machine code.
301         https://bugs.webkit.org/show_bug.cgi?id=190030
302         <rdar://problem/44803307>
303
304         Reviewed by Saam Barati.
305
306         We'll replace them with CodeLocation smart pointers instead.
307
308         * jit/JITMathIC.h:
309         (JSC::isProfileEmpty):
310
311 2018-09-26  Mark Lam  <mark.lam@apple.com>
312
313         Options::useSeparatedWXHeap() should always be false when ENABLE(FAST_JIT_PERMISSIONS) && CPU(ARM64E).
314         https://bugs.webkit.org/show_bug.cgi?id=190022
315         <rdar://problem/44800928>
316
317         Reviewed by Saam Barati.
318
319         * jit/ExecutableAllocator.cpp:
320         (JSC::FixedVMPoolExecutableAllocator::FixedVMPoolExecutableAllocator):
321         (JSC::FixedVMPoolExecutableAllocator::initializeSeparatedWXHeaps):
322         * jit/ExecutableAllocator.h:
323         (JSC::performJITMemcpy):
324         * runtime/Options.cpp:
325         (JSC::recomputeDependentOptions):
326
327 2018-09-26  Mark Lam  <mark.lam@apple.com>
328
329         Assert that performJITMemcpy() is always called with instruction size aligned addresses on ARM64.
330         https://bugs.webkit.org/show_bug.cgi?id=190016
331         <rdar://problem/44802875>
332
333         Reviewed by Saam Barati.
334
335         Also assert in performJITMemcpy() that the entire buffer to be copied will fit in
336         JIT memory.
337
338         * assembler/ARM64Assembler.h:
339         (JSC::ARM64Assembler::fillNops):
340         (JSC::ARM64Assembler::replaceWithVMHalt):
341         (JSC::ARM64Assembler::replaceWithJump):
342         (JSC::ARM64Assembler::replaceWithLoad):
343         (JSC::ARM64Assembler::replaceWithAddressComputation):
344         (JSC::ARM64Assembler::setPointer):
345         (JSC::ARM64Assembler::repatchInt32):
346         (JSC::ARM64Assembler::repatchCompact):
347         (JSC::ARM64Assembler::linkJumpOrCall):
348         (JSC::ARM64Assembler::linkCompareAndBranch):
349         (JSC::ARM64Assembler::linkConditionalBranch):
350         (JSC::ARM64Assembler::linkTestAndBranch):
351         * assembler/LinkBuffer.cpp:
352         (JSC::LinkBuffer::copyCompactAndLinkCode):
353         (JSC::LinkBuffer::linkCode):
354         * jit/ExecutableAllocator.h:
355         (JSC::performJITMemcpy):
356
357 2018-09-25  Keith Miller  <keith_miller@apple.com>
358
359         Move Symbol API to SPI
360         https://bugs.webkit.org/show_bug.cgi?id=189946
361
362         Reviewed by Michael Saboff.
363
364         Some of the property access methods on JSValue needed to be moved
365         to a category so that SPI overloads don't result in a compiler
366         error for internal users.
367
368         Additionally, this patch does not move the new enum entry for
369         Symbols in the JSType enumeration.
370
371         * API/JSObjectRef.h:
372         * API/JSObjectRefPrivate.h:
373         * API/JSValue.h:
374         * API/JSValuePrivate.h:
375         * API/JSValueRef.h:
376
377 2018-09-26  Keith Miller  <keith_miller@apple.com>
378
379         We should zero unused property storage when rebalancing array storage.
380         https://bugs.webkit.org/show_bug.cgi?id=188151
381
382         Reviewed by Michael Saboff.
383
384         In unshiftCountSlowCase we sometimes will move property storage to the right even when net adding elements.
385         This can happen because we "balance" the pre/post-capacity in that code so we need to zero the unused
386         property storage.
387
388         * runtime/JSArray.cpp:
389         (JSC::JSArray::unshiftCountSlowCase):
390
391 2018-09-26  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
392
393         Unreviewed, add scope verification handling
394         https://bugs.webkit.org/show_bug.cgi?id=189780
395
396         * runtime/ArrayPrototype.cpp:
397         (JSC::arrayProtoFuncIndexOf):
398         (JSC::arrayProtoFuncLastIndexOf):
399
400 2018-09-26  Koby Boyango  <koby.b@mce.systems>
401
402         [JSC] offlineasm parser should handle CRLF in asm files
403         https://bugs.webkit.org/show_bug.cgi?id=189949
404
405         Reviewed by Mark Lam.
406
407         * offlineasm/parser.rb:
408
409 2018-09-20  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
410
411         [JSC] Optimize Array#lastIndexOf
412         https://bugs.webkit.org/show_bug.cgi?id=189780
413
414         Reviewed by Saam Barati.
415
416         Optimize Array#lastIndexOf as the same to Array#indexOf. We add a fast path
417         for JSArray with contiguous storage.
418
419         * runtime/ArrayPrototype.cpp:
420         (JSC::arrayProtoFuncLastIndexOf):
421
422 2018-09-25  Saam Barati  <sbarati@apple.com>
423
424         Calls to baselineCodeBlockForOriginAndBaselineCodeBlock in operationMaterializeObjectInOSR should actually pass in the baseline CodeBlock
425         https://bugs.webkit.org/show_bug.cgi?id=189940
426         <rdar://problem/43640987>
427
428         Reviewed by Mark Lam.
429
430         We were calling baselineCodeBlockForOriginAndBaselineCodeBlock with the FTL
431         CodeBlock. There is nothing semantically wrong with doing that (except for
432         poor naming), however, the poor naming here led us to make a real semantic
433         mistake. We wanted the baseline CodeBlock's constant pool, but we were
434         accessing the FTL CodeBlock's constant pool accidentally. We need to
435         access the baseline CodeBlock's constant pool when we update the NewArrayBuffer
436         constant value.
437
438         * bytecode/InlineCallFrame.h:
439         (JSC::baselineCodeBlockForOriginAndBaselineCodeBlock):
440         * ftl/FTLOperations.cpp:
441         (JSC::FTL::operationMaterializeObjectInOSR):
442
443 2018-09-25  Joseph Pecoraro  <pecoraro@apple.com>
444
445         Web Inspector: Stricter block syntax in generated ObjC protocol interfaces
446         https://bugs.webkit.org/show_bug.cgi?id=189962
447         <rdar://problem/44648287>
448
449         Reviewed by Brian Burg.
450
451         * inspector/scripts/codegen/generate_objc_header.py:
452         (ObjCHeaderGenerator._callback_block_for_command):
453         If there are no return parameters include "void" in the block signature.
454
455         * inspector/scripts/tests/all/expected/definitions-with-mac-platform.json-result:
456         * inspector/scripts/tests/generic/expected/domain-availability.json-result:
457         * inspector/scripts/tests/generic/expected/domains-with-varying-command-sizes.json-result:
458         * inspector/scripts/tests/generic/expected/generate-domains-with-feature-guards.json-result:
459         * inspector/scripts/tests/generic/expected/worker-supported-domains.json-result:
460         * inspector/scripts/tests/mac/expected/definitions-with-mac-platform.json-result:
461         Rebaseline test results.
462
463 2018-09-24  Joseph Pecoraro  <pecoraro@apple.com>
464
465         Remove AUTHORS and THANKS files which are stale
466         https://bugs.webkit.org/show_bug.cgi?id=189941
467
468         Reviewed by Darin Adler.
469
470         Included mentions below so their names are still in ChangeLogs.
471
472         * AUTHORS: Removed.
473         Harri Porten (porten@kde.org) and Peter Kelly (pmk@post.com).
474         These authors remain mentioned in copyrights in source files.
475
476         * THANKS: Removed.
477         Richard Moore <rich@kde.org> - for filling the Math object with some life
478         Daegeun Lee <realking@mizi.com> - for pointing out some bugs and providing much code for the String and Date object.
479         Marco Pinelli <pinmc@libero.it> - for his patches
480         Christian Kirsch <ck@held.mind.de> - for his contribution to the Date object
481         
482 2018-09-24  Fujii Hironori  <Hironori.Fujii@sony.com>
483
484         Rename WTF_COMPILER_GCC_OR_CLANG to WTF_COMPILER_GCC_COMPATIBLE
485         https://bugs.webkit.org/show_bug.cgi?id=189733
486
487         Reviewed by Michael Catanzaro.
488
489         * assembler/ARM64Assembler.h:
490         * assembler/ARMAssembler.h:
491         (JSC::ARMAssembler::cacheFlush):
492         * assembler/MacroAssemblerARM.cpp:
493         (JSC::isVFPPresent):
494         * assembler/MacroAssemblerARM64.cpp:
495         * assembler/MacroAssemblerARMv7.cpp:
496         * assembler/MacroAssemblerMIPS.cpp:
497         * assembler/MacroAssemblerX86Common.cpp:
498         * heap/HeapCell.cpp:
499         * heap/HeapCell.h:
500         * jit/HostCallReturnValue.h:
501         * jit/JIT.h:
502         * jit/JITOperations.cpp:
503         * jit/ThunkGenerators.cpp:
504         * runtime/ArrayConventions.cpp:
505         (JSC::clearArrayMemset):
506         * runtime/JSBigInt.cpp:
507         (JSC::JSBigInt::digitDiv):
508
509 2018-09-24  Saam Barati  <sbarati@apple.com>
510
511         Array.prototype.indexOf fast path needs to ensure the length is still valid after performing effects
512         https://bugs.webkit.org/show_bug.cgi?id=189922
513         <rdar://problem/44651275>
514
515         Reviewed by Mark Lam.
516
517         The implementation was first getting the length to iterate up to,
518         then getting the starting index. However, getting the starting
519         index may perform effects. e.g, it could change the length of the
520         array. This changes it so we verify the length is still valid.
521
522         * runtime/ArrayPrototype.cpp:
523         (JSC::arrayProtoFuncIndexOf):
524
525 2018-09-24  Tadeu Zagallo  <tzagallo@apple.com>
526
527         offlineasm: fix macro scoping
528         https://bugs.webkit.org/show_bug.cgi?id=189902
529
530         Reviewed by Mark Lam.
531
532         In the code below, the reference to `f` in `g`, which should refer to
533         the outer macro definition will instead refer to the f argument of the
534         anonymous macro passed to `g`. That leads to this code failing to
535         compile (f expected 0 args but got 1).
536         
537         ```
538         macro f(x)
539             move x, t0
540         end
541         
542         macro g(fn)
543             fn(macro () f(42) end)
544         end
545         
546         g(macro(f) f() end)
547         ```
548
549         * offlineasm/ast.rb:
550         * offlineasm/transform.rb:
551
552 2018-09-24  Tadeu Zagallo  <tzagallo@apple.com>
553
554         Add forEach method for iterating CodeBlock's ValueProfiles
555         https://bugs.webkit.org/show_bug.cgi?id=189897
556
557         Reviewed by Mark Lam.
558
559         Add method to abstract how we find ValueProfiles in a CodeBlock in
560         preparation for https://bugs.webkit.org/show_bug.cgi?id=189785, when
561         ValueProfiles will be stored in the MetadataTable.
562
563         * bytecode/CodeBlock.cpp:
564         (JSC::CodeBlock::updateAllPredictionsAndCountLiveness):
565         (JSC::CodeBlock::updateAllValueProfilePredictions):
566         (JSC::CodeBlock::shouldOptimizeNow):
567         (JSC::CodeBlock::dumpValueProfiles):
568         * bytecode/CodeBlock.h:
569         (JSC::CodeBlock::forEachValueProfile):
570         (JSC::CodeBlock::numberOfArgumentValueProfiles):
571         (JSC::CodeBlock::valueProfileForArgument):
572         (JSC::CodeBlock::numberOfValueProfiles):
573         (JSC::CodeBlock::valueProfile):
574         (JSC::CodeBlock::totalNumberOfValueProfiles): Deleted.
575         (JSC::CodeBlock::getFromAllValueProfiles): Deleted.
576         * tools/HeapVerifier.cpp:
577         (JSC::HeapVerifier::validateJSCell):
578
579 2018-09-24  Saam barati  <sbarati@apple.com>
580
581         ArgumentsEliminationPhase should snip basic blocks after proven OSR exits
582         https://bugs.webkit.org/show_bug.cgi?id=189682
583         <rdar://problem/43557315>
584
585         Reviewed by Mark Lam.
586
587         Otherwise, if we have code like this:
588         ```
589         a: Arguments
590         b: GetButterfly(@a)
591         c: ForceExit
592         d: GetArrayLength(@a, @b)
593         ```
594         it will get transformed into this invalid DFG IR:
595         ```
596         a: PhantomArguments
597         b: Check(@a)
598         c: ForceExit
599         d: GetArrayLength(@a, @b)
600         ```
601         
602         And we will fail DFG validation since @b does not have a result.
603         
604         The fix is to just remove all nodes after the ForceExit and plant an
605         Unreachable after it. So the above code program will now turn into this:
606         ```
607         a: PhantomArguments
608         b: Check(@a)
609         c: ForceExit
610         e: Unreachable
611         ```
612
613         * dfg/DFGArgumentsEliminationPhase.cpp:
614
615 2018-09-22  Saam barati  <sbarati@apple.com>
616
617         The sampling should not use Strong<CodeBlock> in its machineLocation field
618         https://bugs.webkit.org/show_bug.cgi?id=189319
619
620         Reviewed by Filip Pizlo.
621
622         The sampling profiler has a CLI mode where we gather information about inline
623         call frames. That data structure was using a Strong<CodeBlock>. We were
624         constructing this Strong<CodeBlock> during GC concurrently to processing all
625         the Strong handles. This is a bug since we end up corrupting that data
626         structure. This patch fixes this by just making this data structure use the
627         sampling profiler's mechanism for holding onto and properly visiting heap pointers.
628
629         * inspector/agents/InspectorScriptProfilerAgent.cpp:
630         (Inspector::InspectorScriptProfilerAgent::trackingComplete):
631         * runtime/SamplingProfiler.cpp:
632         (JSC::SamplingProfiler::processUnverifiedStackTraces):
633
634         (JSC::SamplingProfiler::reportTopFunctions):
635         (JSC::SamplingProfiler::reportTopBytecodes):
636         These CLI helpers needed a DeferGC otherwise we may end up deadlocking when we
637         cause a GC to happen while already holding the sampling profiler's
638         lock.
639
640 2018-09-21  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
641
642         [JSC] Enable LLInt ASM interpreter on X64 and ARM64 in non JIT configuration
643         https://bugs.webkit.org/show_bug.cgi?id=189778
644
645         Reviewed by Keith Miller.
646
647         LLInt ASM interpreter is 2x and 15% faster than CLoop interpreter on
648         Linux and macOS respectively. We would like to enable it for non JIT
649         configurations in X86_64 and ARM64.
650
651         This patch enables LLInt for non JIT builds in X86_64 and ARM64 architectures.
652         Previously, we switch LLInt ASM interpreter and CLoop by using ENABLE(JIT)
653         configuration. But it is wrong in the new scenario since we have a build
654         configuration that uses LLInt ASM interpreter and JIT is disabled. We introduce
655         ENABLE(C_LOOP) option, which represents that we use CLoop. And we replace
656         ENABLE(JIT) with ENABLE(C_LOOP) if the previous ENABLE(JIT) is essentially just
657         related to LLInt ASM interpreter and not related to JIT.
658
659         We also replace some ENABLE(JIT) configurations with ENABLE(ASSEMBLER).
660         ENABLE(ASSEMBLER) is now enabled even if we disable JIT since MacroAssembler
661         has machine register information that is used in LLInt ASM interpreter.
662
663         * API/tests/PingPongStackOverflowTest.cpp:
664         (testPingPongStackOverflow):
665         * CMakeLists.txt:
666         * JavaScriptCore.xcodeproj/project.pbxproj:
667         * assembler/MaxFrameExtentForSlowPathCall.h:
668         * bytecode/CallReturnOffsetToBytecodeOffset.h: Removed. It is no longer used.
669         * bytecode/CodeBlock.cpp:
670         (JSC::CodeBlock::finishCreation):
671         * bytecode/CodeBlock.h:
672         (JSC::CodeBlock::calleeSaveRegisters const):
673         (JSC::CodeBlock::numberOfLLIntBaselineCalleeSaveRegisters):
674         (JSC::CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters):
675         (JSC::CodeBlock::calleeSaveSpaceAsVirtualRegisters):
676         * bytecode/Opcode.h:
677         (JSC::padOpcodeName):
678         * heap/Heap.cpp:
679         (JSC::Heap::gatherJSStackRoots):
680         (JSC::Heap::stopThePeriphery):
681         * interpreter/CLoopStack.cpp:
682         * interpreter/CLoopStack.h:
683         * interpreter/CLoopStackInlines.h:
684         * interpreter/EntryFrame.h:
685         * interpreter/Interpreter.cpp:
686         (JSC::Interpreter::Interpreter):
687         (JSC::UnwindFunctor::copyCalleeSavesToEntryFrameCalleeSavesBuffer const):
688         * interpreter/Interpreter.h:
689         * interpreter/StackVisitor.cpp:
690         (JSC::StackVisitor::Frame::calleeSaveRegisters):
691         * interpreter/VMEntryRecord.h:
692         * jit/ExecutableAllocator.h:
693         * jit/FPRInfo.h:
694         (WTF::printInternal):
695         * jit/GPRInfo.cpp:
696         * jit/GPRInfo.h:
697         (WTF::printInternal):
698         * jit/HostCallReturnValue.cpp:
699         (JSC::getHostCallReturnValueWithExecState): Moved. They are used in LLInt ASM interpreter too.
700         * jit/HostCallReturnValue.h:
701         * jit/JITOperations.cpp:
702         (JSC::getHostCallReturnValueWithExecState): Deleted.
703         * jit/JITOperationsMSVC64.cpp:
704         * jit/Reg.cpp:
705         * jit/Reg.h:
706         * jit/RegisterAtOffset.cpp:
707         * jit/RegisterAtOffset.h:
708         * jit/RegisterAtOffsetList.cpp:
709         * jit/RegisterAtOffsetList.h:
710         * jit/RegisterMap.h:
711         * jit/RegisterSet.cpp:
712         * jit/RegisterSet.h:
713         * jit/TempRegisterSet.cpp:
714         * jit/TempRegisterSet.h:
715         * llint/LLIntCLoop.cpp:
716         * llint/LLIntCLoop.h:
717         * llint/LLIntData.cpp:
718         (JSC::LLInt::initialize):
719         (JSC::LLInt::Data::performAssertions):
720         * llint/LLIntData.h:
721         * llint/LLIntOfflineAsmConfig.h:
722         * llint/LLIntOpcode.h:
723         * llint/LLIntPCRanges.h:
724         * llint/LLIntSlowPaths.cpp:
725         (JSC::LLInt::LLINT_SLOW_PATH_DECL):
726         * llint/LLIntSlowPaths.h:
727         * llint/LLIntThunks.cpp:
728         * llint/LowLevelInterpreter.cpp:
729         * llint/LowLevelInterpreter.h:
730         * runtime/JSCJSValue.h:
731         * runtime/MachineContext.h:
732         * runtime/SamplingProfiler.cpp:
733         (JSC::SamplingProfiler::processUnverifiedStackTraces): Enable SamplingProfiler
734         for LLInt ASM interpreter with non JIT configuration.
735         * runtime/TestRunnerUtils.cpp:
736         (JSC::optimizeNextInvocation):
737         * runtime/VM.cpp:
738         (JSC::VM::VM):
739         (JSC::VM::getHostFunction):
740         (JSC::VM::updateSoftReservedZoneSize):
741         (JSC::sanitizeStackForVM):
742         (JSC::VM::committedStackByteCount):
743         * runtime/VM.h:
744         * runtime/VMInlines.h:
745         (JSC::VM::ensureStackCapacityFor):
746         (JSC::VM::isSafeToRecurseSoft const):
747
748 2018-09-21  Keith Miller  <keith_miller@apple.com>
749
750         Add Promise SPI
751         https://bugs.webkit.org/show_bug.cgi?id=189809
752
753         Reviewed by Saam Barati.
754
755         The Patch adds new SPI to create promises. It's mostly SPI because
756         I want to see how internal users react to it before we make it
757         public.
758
759         This patch adds a couple of new Obj-C SPI methods. The first
760         creates a new promise using the same API that JS does where the
761         user provides an executor callback. If an exception is raised
762         in/to that callback the promise is automagically rejected. The
763         other methods create a pre-resolved or rejected promise as this
764         appears to be a common way to initialize a promise.
765
766         I was also considering adding a second version of executor API
767         where it would catch specific Obj-C exceptions. This would work by
768         taking a Class paramter and checking isKindOfClass: on the
769         exception. I decided against this as nothing else in our API
770         handles Obj-C exceptions. I'm pretty sure the VM will end up in a
771         corrupt state if an Obj-C exception unwinds through JS frames.
772
773         This patch adds a new C function that will create a "deferred"
774         promise. A deferred promise is a style of creating promise/futures
775         where the resolve and reject functions are passed as outputs of a
776         function. I went with this style for the C SPI because we don't have
777         any concept of forwarding exceptions in the C API.
778
779         In order to make the C API work I refactored a bit of the promise code
780         so that we can call a static method on JSDeferredPromise and just get
781         the components without allocating an extra cell wrapper.
782
783         * API/JSContext.mm:
784         (+[JSContext currentCallee]):
785         * API/JSObjectRef.cpp:
786         (JSObjectMakeDeferredPromise):
787         * API/JSObjectRefPrivate.h:
788         * API/JSValue.mm:
789         (+[JSValue valueWithNewPromiseInContext:fromExecutor:]):
790         (+[JSValue valueWithNewPromiseResolvedWithResult:inContext:]):
791         (+[JSValue valueWithNewPromiseRejectedWithReason:inContext:]):
792         * API/JSValuePrivate.h: Added.
793         * API/JSVirtualMachine.mm:
794         * API/JSVirtualMachinePrivate.h:
795         * API/tests/testapi.c:
796         (main):
797         * API/tests/testapi.cpp:
798         (APIContext::operator JSC::ExecState*):
799         (TestAPI::failed const):
800         (TestAPI::check):
801         (TestAPI::basicSymbol):
802         (TestAPI::symbolsTypeof):
803         (TestAPI::symbolsGetPropertyForKey):
804         (TestAPI::symbolsSetPropertyForKey):
805         (TestAPI::symbolsHasPropertyForKey):
806         (TestAPI::symbolsDeletePropertyForKey):
807         (TestAPI::promiseResolveTrue):
808         (TestAPI::promiseRejectTrue):
809         (testCAPIViaCpp):
810         (TestAPI::run): Deleted.
811         * API/tests/testapi.mm:
812         (testObjectiveCAPIMain):
813         (promiseWithExecutor):
814         (promiseRejectOnJSException):
815         (promiseCreateResolved):
816         (promiseCreateRejected):
817         (parallelPromiseResolveTest):
818         (testObjectiveCAPI):
819         * JavaScriptCore.xcodeproj/project.pbxproj:
820         * runtime/JSInternalPromiseDeferred.cpp:
821         (JSC::JSInternalPromiseDeferred::create):
822         * runtime/JSPromise.h:
823         * runtime/JSPromiseConstructor.cpp:
824         (JSC::constructPromise):
825         * runtime/JSPromiseDeferred.cpp:
826         (JSC::JSPromiseDeferred::createDeferredData):
827         (JSC::JSPromiseDeferred::create):
828         (JSC::JSPromiseDeferred::finishCreation):
829         (JSC::newPromiseCapability): Deleted.
830         * runtime/JSPromiseDeferred.h:
831         (JSC::JSPromiseDeferred::promise const):
832         (JSC::JSPromiseDeferred::resolve const):
833         (JSC::JSPromiseDeferred::reject const):
834
835 2018-09-21  Ryan Haddad  <ryanhaddad@apple.com>
836
837         Unreviewed, rolling out r236359.
838
839         Broke the Windows build.
840
841         Reverted changeset:
842
843         "Add Promise SPI"
844         https://bugs.webkit.org/show_bug.cgi?id=189809
845         https://trac.webkit.org/changeset/236359
846
847 2018-09-21  Mark Lam  <mark.lam@apple.com>
848
849         JSRopeString::resolveRope() wrongly assumes that tryGetValue() passes it a valid ExecState.
850         https://bugs.webkit.org/show_bug.cgi?id=189855
851         <rdar://problem/44680181>
852
853         Reviewed by Filip Pizlo.
854
855         tryGetValue() always passes a nullptr to JSRopeString::resolveRope() for the
856         ExecState* argument.  This is intentional so that resolveRope() does not throw
857         in the event of an OutOfMemory error.  Hence, JSRopeString::resolveRope() should
858         get the VM from the cell instead of via the ExecState.
859
860         Also removed an obsolete and unused field in JSString.
861
862         * runtime/JSString.cpp:
863         (JSC::JSRopeString::resolveRope const):
864         (JSC::JSRopeString::outOfMemory const):
865         * runtime/JSString.h:
866         (JSC::JSString::tryGetValue const):
867
868 2018-09-21  Michael Saboff  <msaboff@apple.com>
869
870         Add functions to measure memory footprint to JSC
871         https://bugs.webkit.org/show_bug.cgi?id=189768
872
873         Reviewed by Saam Barati.
874
875         Rolling this back in again.
876
877         Provide system memory metrics for the current process to aid in memory reduction measurement and
878         tuning using native JS tests.
879
880         * jsc.cpp:
881         (MemoryFootprint::now):
882         (MemoryFootprint::resetPeak):
883         (GlobalObject::finishCreation):
884         (JSCMemoryFootprint::JSCMemoryFootprint):
885         (JSCMemoryFootprint::createStructure):
886         (JSCMemoryFootprint::create):
887         (JSCMemoryFootprint::finishCreation):
888         (JSCMemoryFootprint::addProperty):
889         (functionResetMemoryPeak):
890
891 2018-09-21  Keith Miller  <keith_miller@apple.com>
892
893         Add Promise SPI
894         https://bugs.webkit.org/show_bug.cgi?id=189809
895
896         Reviewed by Saam Barati.
897
898         The Patch adds new SPI to create promises. It's mostly SPI because
899         I want to see how internal users react to it before we make it
900         public.
901
902         This patch adds a couple of new Obj-C SPI methods. The first
903         creates a new promise using the same API that JS does where the
904         user provides an executor callback. If an exception is raised
905         in/to that callback the promise is automagically rejected. The
906         other methods create a pre-resolved or rejected promise as this
907         appears to be a common way to initialize a promise.
908
909         I was also considering adding a second version of executor API
910         where it would catch specific Obj-C exceptions. This would work by
911         taking a Class paramter and checking isKindOfClass: on the
912         exception. I decided against this as nothing else in our API
913         handles Obj-C exceptions. I'm pretty sure the VM will end up in a
914         corrupt state if an Obj-C exception unwinds through JS frames.
915
916         This patch adds a new C function that will create a "deferred"
917         promise. A deferred promise is a style of creating promise/futures
918         where the resolve and reject functions are passed as outputs of a
919         function. I went with this style for the C SPI because we don't have
920         any concept of forwarding exceptions in the C API.
921
922         In order to make the C API work I refactored a bit of the promise code
923         so that we can call a static method on JSDeferredPromise and just get
924         the components without allocating an extra cell wrapper.
925
926         * API/JSContext.mm:
927         (+[JSContext currentCallee]):
928         * API/JSObjectRef.cpp:
929         (JSObjectMakeDeferredPromise):
930         * API/JSObjectRefPrivate.h:
931         * API/JSValue.mm:
932         (+[JSValue valueWithNewPromiseInContext:fromExecutor:]):
933         (+[JSValue valueWithNewPromiseResolvedWithResult:inContext:]):
934         (+[JSValue valueWithNewPromiseRejectedWithReason:inContext:]):
935         * API/JSValuePrivate.h: Added.
936         * API/JSVirtualMachine.mm:
937         * API/JSVirtualMachinePrivate.h:
938         * API/tests/testapi.c:
939         (main):
940         * API/tests/testapi.cpp:
941         (APIContext::operator JSC::ExecState*):
942         (TestAPI::failed const):
943         (TestAPI::check):
944         (TestAPI::basicSymbol):
945         (TestAPI::symbolsTypeof):
946         (TestAPI::symbolsGetPropertyForKey):
947         (TestAPI::symbolsSetPropertyForKey):
948         (TestAPI::symbolsHasPropertyForKey):
949         (TestAPI::symbolsDeletePropertyForKey):
950         (TestAPI::promiseResolveTrue):
951         (TestAPI::promiseRejectTrue):
952         (testCAPIViaCpp):
953         (TestAPI::run): Deleted.
954         * API/tests/testapi.mm:
955         (testObjectiveCAPIMain):
956         (promiseWithExecutor):
957         (promiseRejectOnJSException):
958         (promiseCreateResolved):
959         (promiseCreateRejected):
960         (parallelPromiseResolveTest):
961         (testObjectiveCAPI):
962         * JavaScriptCore.xcodeproj/project.pbxproj:
963         * runtime/JSInternalPromiseDeferred.cpp:
964         (JSC::JSInternalPromiseDeferred::create):
965         * runtime/JSPromise.h:
966         * runtime/JSPromiseConstructor.cpp:
967         (JSC::constructPromise):
968         * runtime/JSPromiseDeferred.cpp:
969         (JSC::JSPromiseDeferred::createDeferredData):
970         (JSC::JSPromiseDeferred::create):
971         (JSC::JSPromiseDeferred::finishCreation):
972         (JSC::newPromiseCapability): Deleted.
973         * runtime/JSPromiseDeferred.h:
974         (JSC::JSPromiseDeferred::promise const):
975         (JSC::JSPromiseDeferred::resolve const):
976         (JSC::JSPromiseDeferred::reject const):
977
978 2018-09-21  Truitt Savell  <tsavell@apple.com>
979
980         Rebaseline tests after changes in https://trac.webkit.org/changeset/236321/webkit
981         https://bugs.webkit.org/show_bug.cgi?id=156674
982
983         Unreviewed Test Gardening
984
985         * Scripts/tests/builtins/expected/JavaScriptCore-Builtin.Promise-Combined.js-result:
986         * Scripts/tests/builtins/expected/JavaScriptCore-BuiltinConstructor-Combined.js-result:
987
988 2018-09-21  Mike Gorse  <mgorse@suse.com>
989
990         Build tools should work when the /usr/bin/python is python3
991         https://bugs.webkit.org/show_bug.cgi?id=156674
992
993         Reviewed by Michael Catanzaro.
994
995         * Scripts/cssmin.py:
996         * Scripts/generate-js-builtins.py:
997         (do_open):
998         (generate_bindings_for_builtins_files):
999         * Scripts/generateIntlCanonicalizeLanguage.py:
1000         * Scripts/jsmin.py:
1001         (JavascriptMinify.minify.write):
1002         (JavascriptMinify):
1003         (JavascriptMinify.minify):
1004         * Scripts/make-js-file-arrays.py:
1005         (chunk):
1006         (main):
1007         * Scripts/wkbuiltins/__init__.py:
1008         * Scripts/wkbuiltins/builtins_generate_combined_header.py:
1009         (generate_section_for_global_private_code_name_macro):
1010         * Scripts/wkbuiltins/builtins_generate_internals_wrapper_header.py:
1011         (BuiltinsInternalsWrapperHeaderGenerator.__init__):
1012         * Scripts/wkbuiltins/builtins_generate_internals_wrapper_implementation.py:
1013         (BuiltinsInternalsWrapperImplementationGenerator.__init__):
1014         * Scripts/wkbuiltins/builtins_model.py:
1015         (BuiltinFunction.__lt__):
1016         (BuiltinsCollection.copyrights):
1017         (BuiltinsCollection._parse_functions):
1018         * disassembler/udis86/ud_opcode.py:
1019         (UdOpcodeTables.pprint.printWalk):
1020         * generate-bytecode-files:
1021         * inspector/scripts/codegen/__init__.py:
1022         * inspector/scripts/codegen/cpp_generator.py:
1023         * inspector/scripts/codegen/generate_cpp_alternate_backend_dispatcher_header.py:
1024         (CppAlternateBackendDispatcherHeaderGenerator.generate_output):
1025         * inspector/scripts/codegen/generate_cpp_backend_dispatcher_header.py:
1026         (CppBackendDispatcherHeaderGenerator.domains_to_generate):
1027         (CppBackendDispatcherHeaderGenerator.generate_output):
1028         (CppBackendDispatcherHeaderGenerator._generate_dispatcher_declarations_for_domain):
1029         * inspector/scripts/codegen/generate_cpp_backend_dispatcher_implementation.py:
1030         (CppBackendDispatcherImplementationGenerator.domains_to_generate):
1031         (CppBackendDispatcherImplementationGenerator.generate_output):
1032         * inspector/scripts/codegen/generate_cpp_frontend_dispatcher_header.py:
1033         (CppFrontendDispatcherHeaderGenerator.domains_to_generate):
1034         (CppFrontendDispatcherHeaderGenerator.generate_output):
1035         * inspector/scripts/codegen/generate_cpp_frontend_dispatcher_implementation.py:
1036         (CppFrontendDispatcherImplementationGenerator.domains_to_generate):
1037         (CppFrontendDispatcherImplementationGenerator.generate_output):
1038         * inspector/scripts/codegen/generate_cpp_protocol_types_header.py:
1039         (CppProtocolTypesHeaderGenerator.generate_output):
1040         (CppProtocolTypesHeaderGenerator._generate_forward_declarations):
1041         * inspector/scripts/codegen/generate_cpp_protocol_types_implementation.py:
1042         (CppProtocolTypesImplementationGenerator.generate_output):
1043         (CppProtocolTypesImplementationGenerator._generate_enum_conversion_methods_for_domain):
1044         (CppProtocolTypesImplementationGenerator._generate_enum_mapping_and_conversion_methods):
1045         (CppProtocolTypesImplementationGenerator._generate_open_field_names):
1046         (CppProtocolTypesImplementationGenerator._generate_builders_for_domain):
1047         (CppProtocolTypesImplementationGenerator._generate_assertion_for_object_declaration):
1048         * inspector/scripts/codegen/generate_js_backend_commands.py:
1049         (JSBackendCommandsGenerator.should_generate_domain):
1050         (JSBackendCommandsGenerator.domains_to_generate):
1051         (JSBackendCommandsGenerator.generate_output):
1052         (JSBackendCommandsGenerator.generate_domain):
1053         * inspector/scripts/codegen/generate_objc_backend_dispatcher_header.py:
1054         (ObjCBackendDispatcherHeaderGenerator.domains_to_generate):
1055         (ObjCBackendDispatcherHeaderGenerator.generate_output):
1056         * inspector/scripts/codegen/generate_objc_backend_dispatcher_implementation.py:
1057         (ObjCBackendDispatcherImplementationGenerator.domains_to_generate):
1058         (ObjCBackendDispatcherImplementationGenerator.generate_output):
1059         (ObjCBackendDispatcherImplementationGenerator._generate_success_block_for_command):
1060         * inspector/scripts/codegen/generate_objc_configuration_header.py:
1061         * inspector/scripts/codegen/generate_objc_configuration_implementation.py:
1062         * inspector/scripts/codegen/generate_objc_frontend_dispatcher_implementation.py:
1063         (ObjCFrontendDispatcherImplementationGenerator.domains_to_generate):
1064         (ObjCFrontendDispatcherImplementationGenerator.generate_output):
1065         (ObjCFrontendDispatcherImplementationGenerator._generate_event):
1066         * inspector/scripts/codegen/generate_objc_header.py:
1067         (ObjCHeaderGenerator.generate_output):
1068         (ObjCHeaderGenerator._generate_type_interface):
1069         * inspector/scripts/codegen/generate_objc_internal_header.py:
1070         (ObjCInternalHeaderGenerator.generate_output):
1071         * inspector/scripts/codegen/generate_objc_protocol_type_conversions_header.py:
1072         (ObjCProtocolTypeConversionsHeaderGenerator.domains_to_generate):
1073         (ObjCProtocolTypeConversionsHeaderGenerator.generate_output):
1074         * inspector/scripts/codegen/generate_objc_protocol_type_conversions_implementation.py:
1075         (ObjCProtocolTypeConversionsImplementationGenerator.domains_to_generate):
1076         * inspector/scripts/codegen/generate_objc_protocol_types_implementation.py:
1077         (ObjCProtocolTypesImplementationGenerator.domains_to_generate):
1078         (ObjCProtocolTypesImplementationGenerator.generate_output):
1079         (ObjCProtocolTypesImplementationGenerator.generate_type_implementation):
1080         (ObjCProtocolTypesImplementationGenerator._generate_init_method_for_required_members):
1081         * inspector/scripts/codegen/generator.py:
1082         (Generator.non_supplemental_domains):
1083         (Generator.open_fields):
1084         (Generator.calculate_types_requiring_shape_assertions):
1085         (Generator._traverse_and_assign_enum_values):
1086         (Generator.stylized_name_for_enum_value):
1087         * inspector/scripts/codegen/models.py:
1088         (find_duplicates):
1089         * inspector/scripts/codegen/objc_generator.py:
1090         * wasm/generateWasm.py:
1091         (opcodeIterator):
1092         * yarr/generateYarrCanonicalizeUnicode:
1093         * yarr/generateYarrUnicodePropertyTables.py:
1094         * yarr/hasher.py:
1095         (stringHash):
1096
1097 2018-09-21  Tomas Popela  <tpopela@redhat.com>
1098
1099         [ARM] Build broken on armv7hl after r235517
1100         https://bugs.webkit.org/show_bug.cgi?id=189831
1101
1102         Reviewed by Yusuke Suzuki.
1103
1104         Add missing implementation of patchebleBranch8() for traditional ARM.
1105
1106         * assembler/MacroAssemblerARM.h:
1107         (JSC::MacroAssemblerARM::patchableBranch8):
1108
1109 2018-09-20  Ryan Haddad  <ryanhaddad@apple.com>
1110
1111         Unreviewed, rolling out r236293.
1112
1113         Internal build still broken.
1114
1115         Reverted changeset:
1116
1117         "Add functions to measure memory footprint to JSC"
1118         https://bugs.webkit.org/show_bug.cgi?id=189768
1119         https://trac.webkit.org/changeset/236293
1120
1121 2018-09-20  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
1122
1123         [JSC] Heap::reportExtraMemoryVisited shows contention if we have many JSString
1124         https://bugs.webkit.org/show_bug.cgi?id=189558
1125
1126         Reviewed by Mark Lam.
1127
1128         When running web-tooling-benchmark postcss test on Linux JSCOnly port, we get the following result in `perf report`.
1129
1130             10.95%  AutomaticThread  libJavaScriptCore.so.1.0.0  [.] JSC::Heap::reportExtraMemoryVisited
1131
1132         This is because postcss produces bunch of JSString, which require reportExtraMemoryVisited calls in JSString::visitChildren.
1133         And since reportExtraMemoryVisited attempts to update atomic counter, if we have bunch of marking threads, it becomes super contended.
1134
1135         This patch reduces the frequency of updating the atomic counter. Each SlotVisitor has per-SlotVisitor m_extraMemorySize counter.
1136         And we propagate this value to the global atomic counter when rebalance happens.
1137
1138         We also reduce HeapCell::heap() access by using `vm.heap`.
1139
1140         * heap/SlotVisitor.cpp:
1141         (JSC::SlotVisitor::didStartMarking):
1142         (JSC::SlotVisitor::propagateExternalMemoryVisitedIfNecessary):
1143         (JSC::SlotVisitor::drain):
1144         (JSC::SlotVisitor::performIncrementOfDraining):
1145         * heap/SlotVisitor.h:
1146         * heap/SlotVisitorInlines.h:
1147         (JSC::SlotVisitor::reportExtraMemoryVisited):
1148         * runtime/JSString.cpp:
1149         (JSC::JSRopeString::resolveRopeToAtomicString const):
1150         (JSC::JSRopeString::resolveRope const):
1151         * runtime/JSString.h:
1152         (JSC::JSString::finishCreation):
1153         * wasm/js/JSWebAssemblyInstance.cpp:
1154         (JSC::JSWebAssemblyInstance::finishCreation):
1155         * wasm/js/JSWebAssemblyMemory.cpp:
1156         (JSC::JSWebAssemblyMemory::finishCreation):
1157
1158 2018-09-20  Michael Saboff  <msaboff@apple.com>
1159
1160         Add functions to measure memory footprint to JSC
1161         https://bugs.webkit.org/show_bug.cgi?id=189768
1162
1163         Reviewed by Saam Barati.
1164
1165         Rolling this back in.
1166
1167         Provide system memory metrics for the current process to aid in memory reduction measurement and
1168         tuning using native JS tests.
1169
1170         * jsc.cpp:
1171         (MemoryFootprint::now):
1172         (MemoryFootprint::resetPeak):
1173         (GlobalObject::finishCreation):
1174         (JSCMemoryFootprint::JSCMemoryFootprint):
1175         (JSCMemoryFootprint::createStructure):
1176         (JSCMemoryFootprint::create):
1177         (JSCMemoryFootprint::finishCreation):
1178         (JSCMemoryFootprint::addProperty):
1179         (functionResetMemoryPeak):
1180
1181 2018-09-20  Ryan Haddad  <ryanhaddad@apple.com>
1182
1183         Unreviewed, rolling out r236235.
1184
1185         Breaks internal builds.
1186
1187         Reverted changeset:
1188
1189         "Add functions to measure memory footprint to JSC"
1190         https://bugs.webkit.org/show_bug.cgi?id=189768
1191         https://trac.webkit.org/changeset/236235
1192
1193 2018-09-20  Fujii Hironori  <Hironori.Fujii@sony.com>
1194
1195         [Win][Clang] JITMathIC.h: error: missing 'template' keyword prior to dependent template name 'retagged'
1196         https://bugs.webkit.org/show_bug.cgi?id=189730
1197
1198         Reviewed by Saam Barati.
1199
1200         Clang for Windows can't compile the workaround for MSVC quirk in generateOutOfLine.
1201
1202         * jit/JITMathIC.h:
1203         (generateOutOfLine): Append "&& !COMPILER(CLANG)" to "#if COMPILER(MSVC)".
1204
1205 2018-09-19  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
1206
1207         [JSC] Optimize Array#indexOf in C++ runtime
1208         https://bugs.webkit.org/show_bug.cgi?id=189507
1209
1210         Reviewed by Saam Barati.
1211
1212         C++ Array#indexOf runtime function takes so much time in babylon benchmark in
1213         web-tooling-benchmark. While our DFG and FTL has Array#indexOf optimization
1214         and actually it is working well, C++ Array#indexOf is called significant amount
1215         of time before tiering up, and it takes 6.74% of jsc main thread samples according
1216         to perf command in Linux. This is because C++ Array#indexOf is too generic and
1217         misses the chance to optimize JSArray cases.
1218
1219         This patch adds JSArray fast path for Array#indexOf. If we know that indexed
1220         access to the given JSArray is non-observable and indexing type is good for the fast
1221         path, we go to the fast path. This makes sampling of Array#indexOf 3.83% in
1222         babylon web-tooling-benchmark.
1223
1224         * runtime/ArrayPrototype.cpp:
1225         (JSC::arrayProtoFuncIndexOf):
1226         * runtime/JSArray.h:
1227         * runtime/JSArrayInlines.h:
1228         (JSC::JSArray::canDoFastIndexedAccess):
1229         (JSC::toLength):
1230         * runtime/JSCJSValueInlines.h:
1231         (JSC::JSValue::JSValue):
1232         * runtime/JSGlobalObject.h:
1233         * runtime/JSGlobalObjectInlines.h:
1234         (JSC::JSGlobalObject::isArrayPrototypeIndexedAccessFastAndNonObservable):
1235         (JSC::JSGlobalObject::isArrayPrototypeIteratorProtocolFastAndNonObservable):
1236         * runtime/MathCommon.h:
1237         (JSC::canBeStrictInt32):
1238         (JSC::canBeInt32):
1239
1240 2018-09-19  Michael Saboff  <msaboff@apple.com>
1241
1242         Add functions to measure memory footprint to JSC
1243         https://bugs.webkit.org/show_bug.cgi?id=189768
1244
1245         Reviewed by Saam Barati.
1246
1247         Provide system memory metrics for the current process to aid in memory reduction measurement and
1248         tuning using native JS tests.
1249
1250         * jsc.cpp:
1251         (MemoryFootprint::now):
1252         (MemoryFootprint::resetPeak):
1253         (GlobalObject::finishCreation):
1254         (JSCMemoryFootprint::JSCMemoryFootprint):
1255         (JSCMemoryFootprint::createStructure):
1256         (JSCMemoryFootprint::create):
1257         (JSCMemoryFootprint::finishCreation):
1258         (JSCMemoryFootprint::addProperty):
1259         (functionResetMemoryPeak):
1260
1261 2018-09-19  Saam barati  <sbarati@apple.com>
1262
1263         CheckStructureOrEmpty should pass in a tempGPR to emitStructureCheck since it may jump over that code
1264         https://bugs.webkit.org/show_bug.cgi?id=189703
1265
1266         Reviewed by Mark Lam.
1267
1268         This fixes a crash that a TypeProfiler change revealed.
1269
1270         * dfg/DFGSpeculativeJIT64.cpp:
1271         (JSC::DFG::SpeculativeJIT::compile):
1272
1273 2018-09-19  Saam barati  <sbarati@apple.com>
1274
1275         AI rule for MultiPutByOffset executes its effects in the wrong order
1276         https://bugs.webkit.org/show_bug.cgi?id=189757
1277         <rdar://problem/43535257>
1278
1279         Reviewed by Michael Saboff.
1280
1281         The AI rule for MultiPutByOffset was executing effects in the wrong order.
1282         It first executed the transition effects and the effects on the base, and
1283         then executed the filtering effects on the value being stored. However, you
1284         can end up with the wrong type when the base and the value being stored
1285         are the same. E.g, in a program like `o.f = o`. These effects need to happen
1286         in the opposite order, modeling what happens in the runtime executing of
1287         MultiPutByOffset.
1288
1289         * dfg/DFGAbstractInterpreterInlines.h:
1290         (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
1291
1292 2018-09-18  Mark Lam  <mark.lam@apple.com>
1293
1294         Ensure that ForInContexts are invalidated if their loop local is over-written.
1295         https://bugs.webkit.org/show_bug.cgi?id=189571
1296         <rdar://problem/44402277>
1297
1298         Reviewed by Saam Barati.
1299
1300         Instead of hunting down every place in the BytecodeGenerator that potentially
1301         needs to invalidate an enclosing ForInContext (if one exists), we simply iterate
1302         the bytecode range of the loop body when the ForInContext is popped, and
1303         invalidate the context if we ever find the loop temp variable over-written.
1304
1305         This has 2 benefits:
1306         1. It ensures that every type of opcode that can write to the loop temp will be
1307            handled appropriately, not just the op_mov that we've hunted down.
1308         2. It avoids us having to check the BytecodeGenerator's m_forInContextStack
1309            every time we emit an op_mov (or other opcodes that can write to a local)
1310            even when we're not inside a for-in loop.
1311
1312         JSC benchmarks show that that this change is performance neutral.
1313
1314         * bytecompiler/BytecodeGenerator.cpp:
1315         (JSC::BytecodeGenerator::pushIndexedForInScope):
1316         (JSC::BytecodeGenerator::popIndexedForInScope):
1317         (JSC::BytecodeGenerator::pushStructureForInScope):
1318         (JSC::BytecodeGenerator::popStructureForInScope):
1319         (JSC::ForInContext::finalize):
1320         (JSC::StructureForInContext::finalize):
1321         (JSC::IndexedForInContext::finalize):
1322         (JSC::BytecodeGenerator::invalidateForInContextForLocal): Deleted.
1323         * bytecompiler/BytecodeGenerator.h:
1324         (JSC::ForInContext::ForInContext):
1325         (JSC::ForInContext::bodyBytecodeStartOffset const):
1326         (JSC::StructureForInContext::StructureForInContext):
1327         (JSC::IndexedForInContext::IndexedForInContext):
1328         * bytecompiler/NodesCodegen.cpp:
1329         (JSC::PostfixNode::emitResolve):
1330         (JSC::PrefixNode::emitResolve):
1331         (JSC::ReadModifyResolveNode::emitBytecode):
1332         (JSC::AssignResolveNode::emitBytecode):
1333         (JSC::EmptyLetExpression::emitBytecode):
1334         (JSC::ForInNode::emitLoopHeader):
1335         (JSC::ForOfNode::emitBytecode):
1336         (JSC::BindingNode::bindValue const):
1337         (JSC::AssignmentElementNode::bindValue const):
1338         * runtime/CommonSlowPaths.cpp:
1339         (JSC::SLOW_PATH_DECL):
1340
1341 2018-09-17  Devin Rousso  <drousso@apple.com>
1342
1343         Web Inspector: generate CSSKeywordCompletions from backend values
1344         https://bugs.webkit.org/show_bug.cgi?id=189041
1345
1346         Reviewed by Joseph Pecoraro.
1347
1348         * inspector/protocol/CSS.json:
1349         Include an optional `aliases` array and `inherited` boolean for `CSSPropertyInfo`.
1350
1351 2018-09-17  Saam barati  <sbarati@apple.com>
1352
1353         We must convert ProfileType to CheckStructureOrEmpty instead of CheckStructure
1354         https://bugs.webkit.org/show_bug.cgi?id=189676
1355         <rdar://problem/39682897>
1356
1357         Reviewed by Michael Saboff.
1358
1359         Because the incoming value may be TDZ, CheckStructure may end up crashing.
1360         Since the Type Profile does not currently record TDZ values in any of its
1361         data structures, this is not a semantic change in how it will show you data.
1362         It just fixes crashes when we emit a CheckStructure and the incoming value
1363         is TDZ.
1364
1365         * dfg/DFGFixupPhase.cpp:
1366         (JSC::DFG::FixupPhase::fixupNode):
1367         * dfg/DFGNode.h:
1368         (JSC::DFG::Node::convertToCheckStructureOrEmpty):
1369
1370 2018-09-17  Darin Adler  <darin@apple.com>
1371
1372         Use OpaqueJSString rather than JSRetainPtr inside WebKit
1373         https://bugs.webkit.org/show_bug.cgi?id=189652
1374
1375         Reviewed by Saam Barati.
1376
1377         * API/JSCallbackObjectFunctions.h: Removed an uneeded include of
1378         JSStringRef.h.
1379
1380         * API/JSContext.mm:
1381         (-[JSContext evaluateScript:withSourceURL:]): Use OpaqueJSString::create rather
1382         than JSStringCreateWithCFString, simplifying the code and also obviating the
1383         need for explicit JSStringRelease.
1384         (-[JSContext setName:]): Ditto.
1385
1386         * API/JSStringRef.cpp:
1387         (JSStringIsEqualToUTF8CString): Use adoptRef rather than explicit JSStringRelease.
1388         It seems that additional optimization is possible, obviating the need to allocate
1389         an OpaqueJSString, but that's true almost everywhere else in this patch, too.
1390
1391         * API/JSValue.mm:
1392         (+[JSValue valueWithNewRegularExpressionFromPattern:flags:inContext:]): Use
1393         OpaqueJSString::create and adoptRef as appropriate.
1394         (+[JSValue valueWithNewErrorFromMessage:inContext:]): Ditto.
1395         (+[JSValue valueWithNewSymbolFromDescription:inContext:]): Ditto.
1396         (performPropertyOperation): Ditto.
1397         (-[JSValue invokeMethod:withArguments:]): Ditto.
1398         (valueToObjectWithoutCopy): Ditto.
1399         (containerValueToObject): Ditto.
1400         (valueToString): Ditto.
1401         (objectToValueWithoutCopy): Ditto.
1402         (objectToValue): Ditto.
1403
1404 2018-09-08  Darin Adler  <darin@apple.com>
1405
1406         Streamline JSRetainPtr, fix leaks of JSString and JSGlobalContext
1407         https://bugs.webkit.org/show_bug.cgi?id=189455
1408
1409         Reviewed by Keith Miller.
1410
1411         * API/JSObjectRef.cpp:
1412         (OpaqueJSPropertyNameArray): Use Ref<OpaqueJSString> instead of
1413         JSRetainPtr<JSStringRef>.
1414         (JSObjectCopyPropertyNames): Remove now-unneeded use of leakRef and
1415         adopt constructor.
1416         (JSPropertyNameArrayGetNameAtIndex): Use ptr() instead of get() since
1417         the array elements are now Ref.
1418
1419         * API/JSRetainPtr.h: While JSRetainPtr is written as a template,
1420         it only works for two specific unrelated types, JSStringRef and
1421         JSGlobalContextRef. Simplified the default constructor using data
1422         member initialization. Prepared to make the adopt constructor private
1423         (got everything compiling that way, then made it public again so that
1424         Apple internal software will still build). Got rid of unneeded
1425         templated constructor and assignment operator, since it's not relevant
1426         since there is no inheritance between JSRetainPtr template types.
1427         Added WARN_UNUSED_RETURN to leakRef as in RefPtr and RetainPtr.
1428         Added move constructor and move assignment operator for slightly better
1429         performance. Simplified implementations of various member functions
1430         so they are more obviously correct, by using leakPtr in more of them
1431         and using std::exchange to make the flow of values more obvious.
1432
1433         * API/JSValue.mm:
1434         (+[JSValue valueWithNewSymbolFromDescription:inContext:]): Added a
1435         missing JSStringRelease to fix a leak.
1436
1437         * API/tests/CustomGlobalObjectClassTest.c:
1438         (customGlobalObjectClassTest): Added a JSGlobalContextRelease to fix a leak.
1439         (globalObjectSetPrototypeTest): Ditto.
1440         (globalObjectPrivatePropertyTest): Ditto.
1441
1442         * API/tests/ExecutionTimeLimitTest.cpp:
1443         (testResetAfterTimeout): Added a call to JSStringRelease to fix a leak.
1444         (testExecutionTimeLimit): Ditto, lots more.
1445
1446         * API/tests/FunctionOverridesTest.cpp:
1447         (testFunctionOverrides): Added a call to JSStringRelease to fix a leak.
1448
1449         * API/tests/JSObjectGetProxyTargetTest.cpp:
1450         (testJSObjectGetProxyTarget): Added a call to JSGlobalContextRelease to fix
1451         a leak.
1452
1453         * API/tests/PingPongStackOverflowTest.cpp:
1454         (testPingPongStackOverflow): Added calls to JSGlobalContextRelease and
1455         JSStringRelease to fix leaks.
1456
1457         * API/tests/testapi.c:
1458         (throwException): Added. Helper function for repeated idiom where we want
1459         to throw an exception, but with additional JSStringRelease calls so we don't
1460         have to leak just to keep the code simpler to read.
1461         (MyObject_getProperty): Use throwException.
1462         (MyObject_setProperty): Ditto.
1463         (MyObject_deleteProperty): Ditto.
1464         (isValueEqualToString): Added. Helper function for an idiom where we check
1465         if something is a string and then if it's equal to a particular string
1466         constant, but a version that has an additional JSStringRelease call so we
1467         don't have to leak just to keep the code simpler to read.
1468         (MyObject_callAsFunction): Use isValueEqualToString and throwException.
1469         (MyObject_callAsConstructor): Ditto.
1470         (MyObject_hasInstance): Ditto.
1471         (globalContextNameTest): Added a JSGlobalContextRelease to fix a leak.
1472         (testMarkingConstraintsAndHeapFinalizers): Ditto.
1473
1474 2018-09-14  Saam barati  <sbarati@apple.com>
1475
1476         Don't dump OSRAvailabilityData in Graph::dump because a stale Availability may point to a Node that is already freed
1477         https://bugs.webkit.org/show_bug.cgi?id=189628
1478         <rdar://problem/39481690>
1479
1480         Reviewed by Mark Lam.
1481
1482         An Availability may point to a Node. And that Node may be removed from
1483         the graph, e.g, it's freed and its memory is no longer owned by Graph.
1484         This patch makes it so we no longer dump this metadata by default. If
1485         this metadata is interesting to you, you'll need to go in and change
1486         Graph::dump to dump the needed metadata.
1487
1488         * dfg/DFGGraph.cpp:
1489         (JSC::DFG::Graph::dump):
1490
1491 2018-09-14  Mark Lam  <mark.lam@apple.com>
1492
1493         Refactor some ForInContext code for better encapsulation.
1494         https://bugs.webkit.org/show_bug.cgi?id=189626
1495         <rdar://problem/44466415>
1496
1497         Reviewed by Keith Miller.
1498
1499         1. Add a ForInContext::m_type field to store the context type.  This does not
1500            increase the class size, but eliminates the need for a virtual call to get the
1501            type.
1502
1503            Note: we still need a virtual destructor because we'll be mingling
1504            IndexedForInContexts and StructureForInContexts in the BytecodeGenerator::m_forInContextStack.
1505
1506         2. Add ForInContext::isIndexedForInContext() and ForInContext::isStructureForInContext()
1507            convenience methods.
1508
1509         3. Add ForInContext::asIndexedForInContext() and ForInContext::asStructureForInContext()
1510            to do the casting to the subclass types.  This ensures that we'll properly
1511            assert that the casting is legal.
1512
1513         * bytecompiler/BytecodeGenerator.cpp:
1514         (JSC::BytecodeGenerator::emitGetByVal):
1515         (JSC::BytecodeGenerator::popIndexedForInScope):
1516         (JSC::BytecodeGenerator::popStructureForInScope):
1517         * bytecompiler/BytecodeGenerator.h:
1518         (JSC::ForInContext::type const):
1519         (JSC::ForInContext::isIndexedForInContext const):
1520         (JSC::ForInContext::isStructureForInContext const):
1521         (JSC::ForInContext::asIndexedForInContext):
1522         (JSC::ForInContext::asStructureForInContext):
1523         (JSC::ForInContext::ForInContext):
1524         (JSC::StructureForInContext::StructureForInContext):
1525         (JSC::IndexedForInContext::IndexedForInContext):
1526         (JSC::ForInContext::~ForInContext): Deleted.
1527
1528 2018-09-14  Devin Rousso  <webkit@devinrousso.com>
1529
1530         Web Inspector: Record actions performed on ImageBitmapRenderingContext
1531         https://bugs.webkit.org/show_bug.cgi?id=181341
1532
1533         Reviewed by Joseph Pecoraro.
1534
1535         * inspector/protocol/Recording.json:
1536         * inspector/scripts/codegen/generator.py:
1537
1538 2018-09-14  Mike Gorse  <mgorse@suse.com>
1539
1540         builtins directory causes name conflict on Python 3
1541         https://bugs.webkit.org/show_bug.cgi?id=189552
1542
1543         Reviewed by Michael Catanzaro.
1544
1545         * CMakeLists.txt: builtins -> wkbuiltins.
1546         * DerivedSources.make: builtins -> wkbuiltins.
1547         * Scripts/generate-js-builtins.py: import wkbuiltins, rather than
1548           builtins.
1549         * Scripts/wkbuiltins/__init__.py: Renamed from Source/JavaScriptCore/Scripts/builtins/__init__.py.
1550         * Scripts/wkbuiltins/builtins_generate_combined_header.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_combined_header.py.
1551         * Scripts/wkbuiltins/builtins_generate_internals_wrapper_implementation.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_internals_wrapper_implementation.py.
1552         * Scripts/wkbuiltins/builtins_generate_separate_header.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_separate_header.py.
1553         * Scripts/wkbuiltins/builtins_generate_separate_implementation.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_separate_implementation.py.
1554         * Scripts/wkbuiltins/builtins_generate_wrapper_header.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_wrapper_header.py.
1555         * Scripts/wkbuiltins/builtins_generate_wrapper_implementation.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_wrapper_implementation.py.
1556         * Scripts/wkbuiltins/builtins_generator.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generator.py.
1557         * Scripts/wkbuiltins/builtins_model.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_model.py.
1558         * Scripts/wkbuiltins/builtins_templates.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_templates.py.
1559         * Scripts/wkbuiltins/wkbuiltins.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins.py.
1560         * JavaScriptCore.xcodeproj/project.pbxproj: Update for the renaming.
1561
1562 2018-09-13  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
1563
1564         [WebAssembly] Inline WasmContext accessor functions
1565         https://bugs.webkit.org/show_bug.cgi?id=189416
1566
1567         Reviewed by Saam Barati.
1568
1569         WasmContext accessor functions are very small while it resides in the critical path of
1570         JS to Wasm function call. This patch makes them inline to improve performance.
1571         This change improves a small benchmark (calling JS to Wasm function 1e7 times) from 320ms to 270ms.
1572
1573         * JavaScriptCore.xcodeproj/project.pbxproj:
1574         * Sources.txt:
1575         * interpreter/CallFrame.cpp:
1576         * jit/AssemblyHelpers.cpp:
1577         * wasm/WasmB3IRGenerator.cpp:
1578         * wasm/WasmContextInlines.h: Renamed from Source/JavaScriptCore/wasm/WasmContext.cpp.
1579         (JSC::Wasm::Context::useFastTLS):
1580         (JSC::Wasm::Context::load const):
1581         (JSC::Wasm::Context::store):
1582         * wasm/WasmMemoryInformation.cpp:
1583         * wasm/WasmModuleParser.cpp: Include <wtf/SHA1.h> due to changes of unified source combinations.
1584         * wasm/js/JSToWasm.cpp:
1585         * wasm/js/WebAssemblyFunction.cpp:
1586
1587 2018-09-12  David Kilzer  <ddkilzer@apple.com>
1588
1589         Move JavaScriptCore files to match Xcode project hierarchy
1590         <https://webkit.org/b/189574>
1591
1592         Reviewed by Filip Pizlo.
1593
1594         * API/JSAPIValueWrapper.cpp: Rename from Source/JavaScriptCore/runtime/JSAPIValueWrapper.cpp.
1595         * API/JSAPIValueWrapper.h: Rename from Source/JavaScriptCore/runtime/JSAPIValueWrapper.h.
1596         * CMakeLists.txt: Update for new path to
1597         generateYarrUnicodePropertyTables.py, hasher.py and
1598         JSAPIValueWrapper.h.
1599         * DerivedSources.make: Ditto. Add missing dependency on
1600         hasher.py captured by CMakeLists.txt.
1601         * JavaScriptCore.xcodeproj/project.pbxproj: Update for new file
1602         reference paths. Add hasher.py library to project.
1603         * Sources.txt: Update for new path to
1604         JSAPIValueWrapper.cpp.
1605         * runtime/JSImmutableButterfly.h: Add missing includes
1606         after changes to Sources.txt and regenerating unified
1607         sources.
1608         * runtime/RuntimeType.h: Ditto.
1609         * yarr/generateYarrUnicodePropertyTables.py: Rename from Source/JavaScriptCore/Scripts/generateYarrUnicodePropertyTables.py.
1610         * yarr/hasher.py: Rename from Source/JavaScriptCore/Scripts/hasher.py.
1611
1612 2018-09-12  David Kilzer  <ddkilzer@apple.com>
1613
1614         Let Xcode have its way with the JavaScriptCore project
1615
1616         * JavaScriptCore.xcodeproj/project.pbxproj:
1617
1618 2018-09-12  Guillaume Emont  <guijemont@igalia.com>
1619
1620         Add IGNORE_WARNING_.* macros
1621         https://bugs.webkit.org/show_bug.cgi?id=188996
1622
1623         Reviewed by Michael Catanzaro.
1624
1625         * API/JSCallbackObject.h:
1626         * API/tests/testapi.c:
1627         * assembler/LinkBuffer.h:
1628         (JSC::LinkBuffer::finalizeCodeWithDisassembly):
1629         * b3/B3LowerToAir.cpp:
1630         * b3/B3Opcode.cpp:
1631         * b3/B3Type.h:
1632         * b3/B3TypeMap.h:
1633         * b3/B3Width.h:
1634         * b3/air/AirArg.cpp:
1635         * b3/air/AirArg.h:
1636         * b3/air/AirCode.h:
1637         * bytecode/Opcode.h:
1638         (JSC::padOpcodeName):
1639         * dfg/DFGSpeculativeJIT.cpp:
1640         (JSC::DFG::SpeculativeJIT::speculateNumber):
1641         (JSC::DFG::SpeculativeJIT::speculateMisc):
1642         * dfg/DFGSpeculativeJIT64.cpp:
1643         * ftl/FTLOutput.h:
1644         * jit/CCallHelpers.h:
1645         (JSC::CCallHelpers::calculatePokeOffset):
1646         * llint/LLIntData.cpp:
1647         * llint/LLIntSlowPaths.cpp:
1648         (JSC::LLInt::slowPathLogF):
1649         * runtime/ConfigFile.cpp:
1650         (JSC::ConfigFile::canonicalizePaths):
1651         * runtime/JSDataViewPrototype.cpp:
1652         * runtime/JSGenericTypedArrayViewConstructor.h:
1653         * runtime/JSGenericTypedArrayViewPrototype.h:
1654         * runtime/Options.cpp:
1655         (JSC::Options::setAliasedOption):
1656         * tools/CodeProfiling.cpp:
1657         * wasm/WasmSections.h:
1658         * wasm/generateWasmValidateInlinesHeader.py:
1659
1660 == Rolled over to ChangeLog-2018-09-11 ==