c178af4142e0d5f24ea909d5b0319f26d9cf9153
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2018-10-01  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
2
3         [WebAssembly] Move type conversion code of JSToWasm return type to JS wasm wrapper
4         https://bugs.webkit.org/show_bug.cgi?id=189498
5
6         Reviewed by Saam Barati.
7
8         To call JS-to-Wasm code we need to convert the result value from wasm function to
9         the JS type. Previously this is done by callWebAssemblyFunction by using swtich
10         over signature.returnType(). But since we know the value of `signature.returnType()`
11         at compiling phase, we can emit a small conversion code directly to JSToWasm glue
12         and remove this switch from callWebAssemblyFunction.
13
14         In JSToWasm glue code, we do not have tag registers. So we use DoNotHaveTagRegisters
15         in boxInt32 and boxDouble. Since boxDouble does not have DoNotHaveTagRegisters version,
16         we add an implementation for that.
17
18         * jit/AssemblyHelpers.h:
19         (JSC::AssemblyHelpers::boxDouble):
20         * wasm/js/JSToWasm.cpp:
21         (JSC::Wasm::createJSToWasmWrapper):
22         * wasm/js/WebAssemblyFunction.cpp:
23         (JSC::callWebAssemblyFunction):
24
25 2018-09-30  Caio Lima  <ticaiolima@gmail.com>
26
27         [BigInt] BigInt.proptotype.toString is broken when radix is power of 2
28         https://bugs.webkit.org/show_bug.cgi?id=190033
29
30         Reviewed by Yusuke Suzuki.
31
32         The implementation of JSBigInt::toStringToGeneric doesn't handle power
33         of 2 radix when JSBigInt length is >= 2. To handle such cases, we
34         implemented JSBigInt::toStringBasePowerOfTwo that follows the
35         algorithm that groups bits using mask of (2 ^ n) - 1 to extract every
36         digit.
37
38         * runtime/JSBigInt.cpp:
39         (JSC::JSBigInt::toString):
40         (JSC::JSBigInt::toStringBasePowerOfTwo):
41         * runtime/JSBigInt.h:
42
43 2018-09-28  Caio Lima  <ticaiolima@gmail.com>
44
45         [ESNext][BigInt] Implement support for "&"
46         https://bugs.webkit.org/show_bug.cgi?id=186228
47
48         Reviewed by Yusuke Suzuki.
49
50         This patch introduces support of BigInt into bitwise "&" operation.
51         We are also introducing the ValueBitAnd DFG node, that is responsible
52         to take care of JIT for non-Int32 operands. With the introduction of this
53         new node, we renamed the BitAnd node to ArithBitAnd. The ArithBitAnd
54         follows the behavior of ArithAdd and other arithmetic nodes, where
55         the Arith<op> version always results in Number (in the case of
56         ArithBitAnd, its is always an Int32).
57
58         * bytecode/CodeBlock.cpp:
59         (JSC::CodeBlock::finishCreation):
60         * bytecompiler/BytecodeGenerator.cpp:
61         (JSC::BytecodeGenerator::emitBinaryOp):
62         * dfg/DFGAbstractInterpreterInlines.h:
63         (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
64         * dfg/DFGBackwardsPropagationPhase.cpp:
65         (JSC::DFG::BackwardsPropagationPhase::isWithinPowerOfTwo):
66         (JSC::DFG::BackwardsPropagationPhase::propagate):
67         * dfg/DFGByteCodeParser.cpp:
68         (JSC::DFG::ByteCodeParser::parseBlock):
69         * dfg/DFGClobberize.h:
70         (JSC::DFG::clobberize):
71         * dfg/DFGDoesGC.cpp:
72         (JSC::DFG::doesGC):
73         * dfg/DFGFixupPhase.cpp:
74         (JSC::DFG::FixupPhase::fixupNode):
75         * dfg/DFGNodeType.h:
76         * dfg/DFGOperations.cpp:
77         * dfg/DFGOperations.h:
78         * dfg/DFGPredictionPropagationPhase.cpp:
79         * dfg/DFGSafeToExecute.h:
80         (JSC::DFG::safeToExecute):
81         * dfg/DFGSpeculativeJIT.cpp:
82         (JSC::DFG::SpeculativeJIT::compileValueBitwiseOp):
83         (JSC::DFG::SpeculativeJIT::compileBitwiseOp):
84         * dfg/DFGSpeculativeJIT.h:
85         (JSC::DFG::SpeculativeJIT::bitOp):
86         * dfg/DFGSpeculativeJIT32_64.cpp:
87         (JSC::DFG::SpeculativeJIT::compile):
88         * dfg/DFGSpeculativeJIT64.cpp:
89         (JSC::DFG::SpeculativeJIT::compile):
90         * dfg/DFGStrengthReductionPhase.cpp:
91         (JSC::DFG::StrengthReductionPhase::handleNode):
92         * ftl/FTLCapabilities.cpp:
93         (JSC::FTL::canCompile):
94         * ftl/FTLLowerDFGToB3.cpp:
95         (JSC::FTL::DFG::LowerDFGToB3::compileNode):
96         (JSC::FTL::DFG::LowerDFGToB3::compileValueBitAnd):
97         (JSC::FTL::DFG::LowerDFGToB3::compileArithBitAnd):
98         (JSC::FTL::DFG::LowerDFGToB3::compileBitAnd): Deleted.
99         * jit/JIT.h:
100         * jit/JITArithmetic.cpp:
101         (JSC::JIT::emitBitBinaryOpFastPath):
102         (JSC::JIT::emit_op_bitand):
103         * llint/LowLevelInterpreter32_64.asm:
104         * llint/LowLevelInterpreter64.asm:
105         * runtime/CommonSlowPaths.cpp:
106         (JSC::SLOW_PATH_DECL):
107         * runtime/JSBigInt.cpp:
108         (JSC::JSBigInt::JSBigInt):
109         (JSC::JSBigInt::initialize):
110         (JSC::JSBigInt::createZero):
111         (JSC::JSBigInt::createFrom):
112         (JSC::JSBigInt::bitwiseAnd):
113         (JSC::JSBigInt::absoluteBitwiseOp):
114         (JSC::JSBigInt::absoluteAnd):
115         (JSC::JSBigInt::absoluteOr):
116         (JSC::JSBigInt::absoluteAndNot):
117         (JSC::JSBigInt::absoluteAddOne):
118         (JSC::JSBigInt::absoluteSubOne):
119         * runtime/JSBigInt.h:
120         * runtime/JSCJSValue.h:
121         * runtime/JSCJSValueInlines.h:
122         (JSC::JSValue::toBigIntOrInt32 const):
123
124 2018-09-28  Mark Lam  <mark.lam@apple.com>
125
126         Gardening: speculative build fix.
127         <rdar://problem/44869924>
128
129         Not reviewed.
130
131         * assembler/LinkBuffer.cpp:
132         (JSC::LinkBuffer::copyCompactAndLinkCode):
133
134 2018-09-28  Guillaume Emont  <guijemont@igalia.com>
135
136         [JSC] [Armv7] Add a copy function argument to MacroAssemblerARMv7::link() and pass it down to the assembler's linking functions.
137         https://bugs.webkit.org/show_bug.cgi?id=190080
138
139         Reviewed by Mark Lam.
140
141         * assembler/ARMv7Assembler.h:
142         (JSC::ARMv7Assembler::link):
143         (JSC::ARMv7Assembler::linkJumpT1):
144         (JSC::ARMv7Assembler::linkJumpT2):
145         (JSC::ARMv7Assembler::linkJumpT3):
146         (JSC::ARMv7Assembler::linkJumpT4):
147         (JSC::ARMv7Assembler::linkConditionalJumpT4):
148         (JSC::ARMv7Assembler::linkBX):
149         (JSC::ARMv7Assembler::linkConditionalBX):
150         * assembler/MacroAssemblerARMv7.h:
151         (JSC::MacroAssemblerARMv7::link):
152
153 2018-09-27  Saam barati  <sbarati@apple.com>
154
155         Verify the contents of AssemblerBuffer on arm64e
156         https://bugs.webkit.org/show_bug.cgi?id=190057
157         <rdar://problem/38916630>
158
159         Reviewed by Mark Lam.
160
161         * assembler/ARM64Assembler.h:
162         (JSC::ARM64Assembler::ARM64Assembler):
163         (JSC::ARM64Assembler::fillNops):
164         (JSC::ARM64Assembler::link):
165         (JSC::ARM64Assembler::linkJumpOrCall):
166         (JSC::ARM64Assembler::linkCompareAndBranch):
167         (JSC::ARM64Assembler::linkConditionalBranch):
168         (JSC::ARM64Assembler::linkTestAndBranch):
169         (JSC::ARM64Assembler::unlinkedCode): Deleted.
170         * assembler/ARMAssembler.h:
171         (JSC::ARMAssembler::fillNops):
172         * assembler/ARMv7Assembler.h:
173         (JSC::ARMv7Assembler::unlinkedCode): Deleted.
174         * assembler/AbstractMacroAssembler.h:
175         (JSC::AbstractMacroAssembler::emitNops):
176         (JSC::AbstractMacroAssembler::AbstractMacroAssembler):
177         * assembler/AssemblerBuffer.h:
178         (JSC::ARM64EHash::ARM64EHash):
179         (JSC::ARM64EHash::update):
180         (JSC::ARM64EHash::hash const):
181         (JSC::ARM64EHash::randomSeed const):
182         (JSC::AssemblerBuffer::AssemblerBuffer):
183         (JSC::AssemblerBuffer::putShort):
184         (JSC::AssemblerBuffer::putIntUnchecked):
185         (JSC::AssemblerBuffer::putInt):
186         (JSC::AssemblerBuffer::hash const):
187         (JSC::AssemblerBuffer::data const):
188         (JSC::AssemblerBuffer::putIntegralUnchecked):
189         (JSC::AssemblerBuffer::append): Deleted.
190         * assembler/LinkBuffer.cpp:
191         (JSC::LinkBuffer::copyCompactAndLinkCode):
192         * assembler/MIPSAssembler.h:
193         (JSC::MIPSAssembler::fillNops):
194         * assembler/MacroAssemblerARM64.h:
195         (JSC::MacroAssemblerARM64::jumpsToLink):
196         (JSC::MacroAssemblerARM64::link):
197         (JSC::MacroAssemblerARM64::unlinkedCode): Deleted.
198         * assembler/MacroAssemblerARMv7.h:
199         (JSC::MacroAssemblerARMv7::jumpsToLink):
200         (JSC::MacroAssemblerARMv7::unlinkedCode): Deleted.
201         * assembler/X86Assembler.h:
202         (JSC::X86Assembler::fillNops):
203
204 2018-09-27  Mark Lam  <mark.lam@apple.com>
205
206         ByValInfo should not use integer offsets.
207         https://bugs.webkit.org/show_bug.cgi?id=190070
208         <rdar://problem/44803430>
209
210         Reviewed by Saam Barati.
211
212         Also moved some fields around to allow the ByValInfo struct to be more densely packed.
213
214         * bytecode/ByValInfo.h:
215         (JSC::ByValInfo::ByValInfo):
216         * jit/JIT.cpp:
217         (JSC::JIT::link):
218         * jit/JITOpcodes.cpp:
219         (JSC::JIT::privateCompileHasIndexedProperty):
220         * jit/JITOpcodes32_64.cpp:
221         (JSC::JIT::privateCompileHasIndexedProperty):
222         * jit/JITPropertyAccess.cpp:
223         (JSC::JIT::privateCompileGetByVal):
224         (JSC::JIT::privateCompileGetByValWithCachedId):
225         (JSC::JIT::privateCompilePutByVal):
226         (JSC::JIT::privateCompilePutByValWithCachedId):
227
228 2018-09-27  Saam barati  <sbarati@apple.com>
229
230         DFG::OSRExit::m_patchableCodeOffset should not be an int
231         https://bugs.webkit.org/show_bug.cgi?id=190066
232         <rdar://problem/39498244>
233
234         Reviewed by Mark Lam.
235
236         * dfg/DFGJITCompiler.cpp:
237         (JSC::DFG::JITCompiler::linkOSRExits):
238         (JSC::DFG::JITCompiler::link):
239         * dfg/DFGOSRExit.cpp:
240         (JSC::DFG::OSRExit::codeLocationForRepatch const):
241         (JSC::DFG::OSRExit::compileOSRExit):
242         (JSC::DFG::OSRExit::setPatchableCodeOffset): Deleted.
243         (JSC::DFG::OSRExit::getPatchableCodeOffsetAsJump const): Deleted.
244         (JSC::DFG::OSRExit::correctJump): Deleted.
245         * dfg/DFGOSRExit.h:
246         * dfg/DFGOSRExitCompilationInfo.h:
247
248 2018-09-27  Saam barati  <sbarati@apple.com>
249
250         Don't use int offsets in StructureStubInfo
251         https://bugs.webkit.org/show_bug.cgi?id=190064
252         <rdar://problem/44784719>
253
254         Reviewed by Mark Lam.
255
256         * bytecode/InlineAccess.cpp:
257         (JSC::linkCodeInline):
258         * bytecode/StructureStubInfo.h:
259         (JSC::StructureStubInfo::slowPathCallLocation):
260         (JSC::StructureStubInfo::doneLocation):
261         (JSC::StructureStubInfo::slowPathStartLocation):
262         * jit/JITInlineCacheGenerator.cpp:
263         (JSC::JITInlineCacheGenerator::finalize):
264
265 2018-09-27  Mark Lam  <mark.lam@apple.com>
266
267         DFG::OSREntry::m_machineCodeOffset should be a CodeLocation.
268         https://bugs.webkit.org/show_bug.cgi?id=190054
269         <rdar://problem/44803543>
270
271         Reviewed by Saam Barati.
272
273         * dfg/DFGJITCode.h:
274         (JSC::DFG::JITCode::appendOSREntryData):
275         * dfg/DFGJITCompiler.cpp:
276         (JSC::DFG::JITCompiler::noticeOSREntry):
277         * dfg/DFGOSREntry.cpp:
278         (JSC::DFG::OSREntryData::dumpInContext const):
279         (JSC::DFG::prepareOSREntry):
280         * dfg/DFGOSREntry.h:
281         * runtime/JSCPtrTag.h:
282
283 2018-09-27  Mark Lam  <mark.lam@apple.com>
284
285         JITMathIC should not use integer offsets into machine code.
286         https://bugs.webkit.org/show_bug.cgi?id=190030
287         <rdar://problem/44803307>
288
289         Reviewed by Saam Barati.
290
291         We'll replace them with CodeLocation smart pointers instead.
292
293         * jit/JITMathIC.h:
294         (JSC::isProfileEmpty):
295
296 2018-09-26  Mark Lam  <mark.lam@apple.com>
297
298         Options::useSeparatedWXHeap() should always be false when ENABLE(FAST_JIT_PERMISSIONS) && CPU(ARM64E).
299         https://bugs.webkit.org/show_bug.cgi?id=190022
300         <rdar://problem/44800928>
301
302         Reviewed by Saam Barati.
303
304         * jit/ExecutableAllocator.cpp:
305         (JSC::FixedVMPoolExecutableAllocator::FixedVMPoolExecutableAllocator):
306         (JSC::FixedVMPoolExecutableAllocator::initializeSeparatedWXHeaps):
307         * jit/ExecutableAllocator.h:
308         (JSC::performJITMemcpy):
309         * runtime/Options.cpp:
310         (JSC::recomputeDependentOptions):
311
312 2018-09-26  Mark Lam  <mark.lam@apple.com>
313
314         Assert that performJITMemcpy() is always called with instruction size aligned addresses on ARM64.
315         https://bugs.webkit.org/show_bug.cgi?id=190016
316         <rdar://problem/44802875>
317
318         Reviewed by Saam Barati.
319
320         Also assert in performJITMemcpy() that the entire buffer to be copied will fit in
321         JIT memory.
322
323         * assembler/ARM64Assembler.h:
324         (JSC::ARM64Assembler::fillNops):
325         (JSC::ARM64Assembler::replaceWithVMHalt):
326         (JSC::ARM64Assembler::replaceWithJump):
327         (JSC::ARM64Assembler::replaceWithLoad):
328         (JSC::ARM64Assembler::replaceWithAddressComputation):
329         (JSC::ARM64Assembler::setPointer):
330         (JSC::ARM64Assembler::repatchInt32):
331         (JSC::ARM64Assembler::repatchCompact):
332         (JSC::ARM64Assembler::linkJumpOrCall):
333         (JSC::ARM64Assembler::linkCompareAndBranch):
334         (JSC::ARM64Assembler::linkConditionalBranch):
335         (JSC::ARM64Assembler::linkTestAndBranch):
336         * assembler/LinkBuffer.cpp:
337         (JSC::LinkBuffer::copyCompactAndLinkCode):
338         (JSC::LinkBuffer::linkCode):
339         * jit/ExecutableAllocator.h:
340         (JSC::performJITMemcpy):
341
342 2018-09-25  Keith Miller  <keith_miller@apple.com>
343
344         Move Symbol API to SPI
345         https://bugs.webkit.org/show_bug.cgi?id=189946
346
347         Reviewed by Michael Saboff.
348
349         Some of the property access methods on JSValue needed to be moved
350         to a category so that SPI overloads don't result in a compiler
351         error for internal users.
352
353         Additionally, this patch does not move the new enum entry for
354         Symbols in the JSType enumeration.
355
356         * API/JSObjectRef.h:
357         * API/JSObjectRefPrivate.h:
358         * API/JSValue.h:
359         * API/JSValuePrivate.h:
360         * API/JSValueRef.h:
361
362 2018-09-26  Keith Miller  <keith_miller@apple.com>
363
364         We should zero unused property storage when rebalancing array storage.
365         https://bugs.webkit.org/show_bug.cgi?id=188151
366
367         Reviewed by Michael Saboff.
368
369         In unshiftCountSlowCase we sometimes will move property storage to the right even when net adding elements.
370         This can happen because we "balance" the pre/post-capacity in that code so we need to zero the unused
371         property storage.
372
373         * runtime/JSArray.cpp:
374         (JSC::JSArray::unshiftCountSlowCase):
375
376 2018-09-26  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
377
378         Unreviewed, add scope verification handling
379         https://bugs.webkit.org/show_bug.cgi?id=189780
380
381         * runtime/ArrayPrototype.cpp:
382         (JSC::arrayProtoFuncIndexOf):
383         (JSC::arrayProtoFuncLastIndexOf):
384
385 2018-09-26  Koby Boyango  <koby.b@mce.systems>
386
387         [JSC] offlineasm parser should handle CRLF in asm files
388         https://bugs.webkit.org/show_bug.cgi?id=189949
389
390         Reviewed by Mark Lam.
391
392         * offlineasm/parser.rb:
393
394 2018-09-20  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
395
396         [JSC] Optimize Array#lastIndexOf
397         https://bugs.webkit.org/show_bug.cgi?id=189780
398
399         Reviewed by Saam Barati.
400
401         Optimize Array#lastIndexOf as the same to Array#indexOf. We add a fast path
402         for JSArray with contiguous storage.
403
404         * runtime/ArrayPrototype.cpp:
405         (JSC::arrayProtoFuncLastIndexOf):
406
407 2018-09-25  Saam Barati  <sbarati@apple.com>
408
409         Calls to baselineCodeBlockForOriginAndBaselineCodeBlock in operationMaterializeObjectInOSR should actually pass in the baseline CodeBlock
410         https://bugs.webkit.org/show_bug.cgi?id=189940
411         <rdar://problem/43640987>
412
413         Reviewed by Mark Lam.
414
415         We were calling baselineCodeBlockForOriginAndBaselineCodeBlock with the FTL
416         CodeBlock. There is nothing semantically wrong with doing that (except for
417         poor naming), however, the poor naming here led us to make a real semantic
418         mistake. We wanted the baseline CodeBlock's constant pool, but we were
419         accessing the FTL CodeBlock's constant pool accidentally. We need to
420         access the baseline CodeBlock's constant pool when we update the NewArrayBuffer
421         constant value.
422
423         * bytecode/InlineCallFrame.h:
424         (JSC::baselineCodeBlockForOriginAndBaselineCodeBlock):
425         * ftl/FTLOperations.cpp:
426         (JSC::FTL::operationMaterializeObjectInOSR):
427
428 2018-09-25  Joseph Pecoraro  <pecoraro@apple.com>
429
430         Web Inspector: Stricter block syntax in generated ObjC protocol interfaces
431         https://bugs.webkit.org/show_bug.cgi?id=189962
432         <rdar://problem/44648287>
433
434         Reviewed by Brian Burg.
435
436         * inspector/scripts/codegen/generate_objc_header.py:
437         (ObjCHeaderGenerator._callback_block_for_command):
438         If there are no return parameters include "void" in the block signature.
439
440         * inspector/scripts/tests/all/expected/definitions-with-mac-platform.json-result:
441         * inspector/scripts/tests/generic/expected/domain-availability.json-result:
442         * inspector/scripts/tests/generic/expected/domains-with-varying-command-sizes.json-result:
443         * inspector/scripts/tests/generic/expected/generate-domains-with-feature-guards.json-result:
444         * inspector/scripts/tests/generic/expected/worker-supported-domains.json-result:
445         * inspector/scripts/tests/mac/expected/definitions-with-mac-platform.json-result:
446         Rebaseline test results.
447
448 2018-09-24  Joseph Pecoraro  <pecoraro@apple.com>
449
450         Remove AUTHORS and THANKS files which are stale
451         https://bugs.webkit.org/show_bug.cgi?id=189941
452
453         Reviewed by Darin Adler.
454
455         Included mentions below so their names are still in ChangeLogs.
456
457         * AUTHORS: Removed.
458         Harri Porten (porten@kde.org) and Peter Kelly (pmk@post.com).
459         These authors remain mentioned in copyrights in source files.
460
461         * THANKS: Removed.
462         Richard Moore <rich@kde.org> - for filling the Math object with some life
463         Daegeun Lee <realking@mizi.com> - for pointing out some bugs and providing much code for the String and Date object.
464         Marco Pinelli <pinmc@libero.it> - for his patches
465         Christian Kirsch <ck@held.mind.de> - for his contribution to the Date object
466         
467 2018-09-24  Fujii Hironori  <Hironori.Fujii@sony.com>
468
469         Rename WTF_COMPILER_GCC_OR_CLANG to WTF_COMPILER_GCC_COMPATIBLE
470         https://bugs.webkit.org/show_bug.cgi?id=189733
471
472         Reviewed by Michael Catanzaro.
473
474         * assembler/ARM64Assembler.h:
475         * assembler/ARMAssembler.h:
476         (JSC::ARMAssembler::cacheFlush):
477         * assembler/MacroAssemblerARM.cpp:
478         (JSC::isVFPPresent):
479         * assembler/MacroAssemblerARM64.cpp:
480         * assembler/MacroAssemblerARMv7.cpp:
481         * assembler/MacroAssemblerMIPS.cpp:
482         * assembler/MacroAssemblerX86Common.cpp:
483         * heap/HeapCell.cpp:
484         * heap/HeapCell.h:
485         * jit/HostCallReturnValue.h:
486         * jit/JIT.h:
487         * jit/JITOperations.cpp:
488         * jit/ThunkGenerators.cpp:
489         * runtime/ArrayConventions.cpp:
490         (JSC::clearArrayMemset):
491         * runtime/JSBigInt.cpp:
492         (JSC::JSBigInt::digitDiv):
493
494 2018-09-24  Saam Barati  <sbarati@apple.com>
495
496         Array.prototype.indexOf fast path needs to ensure the length is still valid after performing effects
497         https://bugs.webkit.org/show_bug.cgi?id=189922
498         <rdar://problem/44651275>
499
500         Reviewed by Mark Lam.
501
502         The implementation was first getting the length to iterate up to,
503         then getting the starting index. However, getting the starting
504         index may perform effects. e.g, it could change the length of the
505         array. This changes it so we verify the length is still valid.
506
507         * runtime/ArrayPrototype.cpp:
508         (JSC::arrayProtoFuncIndexOf):
509
510 2018-09-24  Tadeu Zagallo  <tzagallo@apple.com>
511
512         offlineasm: fix macro scoping
513         https://bugs.webkit.org/show_bug.cgi?id=189902
514
515         Reviewed by Mark Lam.
516
517         In the code below, the reference to `f` in `g`, which should refer to
518         the outer macro definition will instead refer to the f argument of the
519         anonymous macro passed to `g`. That leads to this code failing to
520         compile (f expected 0 args but got 1).
521         
522         ```
523         macro f(x)
524             move x, t0
525         end
526         
527         macro g(fn)
528             fn(macro () f(42) end)
529         end
530         
531         g(macro(f) f() end)
532         ```
533
534         * offlineasm/ast.rb:
535         * offlineasm/transform.rb:
536
537 2018-09-24  Tadeu Zagallo  <tzagallo@apple.com>
538
539         Add forEach method for iterating CodeBlock's ValueProfiles
540         https://bugs.webkit.org/show_bug.cgi?id=189897
541
542         Reviewed by Mark Lam.
543
544         Add method to abstract how we find ValueProfiles in a CodeBlock in
545         preparation for https://bugs.webkit.org/show_bug.cgi?id=189785, when
546         ValueProfiles will be stored in the MetadataTable.
547
548         * bytecode/CodeBlock.cpp:
549         (JSC::CodeBlock::updateAllPredictionsAndCountLiveness):
550         (JSC::CodeBlock::updateAllValueProfilePredictions):
551         (JSC::CodeBlock::shouldOptimizeNow):
552         (JSC::CodeBlock::dumpValueProfiles):
553         * bytecode/CodeBlock.h:
554         (JSC::CodeBlock::forEachValueProfile):
555         (JSC::CodeBlock::numberOfArgumentValueProfiles):
556         (JSC::CodeBlock::valueProfileForArgument):
557         (JSC::CodeBlock::numberOfValueProfiles):
558         (JSC::CodeBlock::valueProfile):
559         (JSC::CodeBlock::totalNumberOfValueProfiles): Deleted.
560         (JSC::CodeBlock::getFromAllValueProfiles): Deleted.
561         * tools/HeapVerifier.cpp:
562         (JSC::HeapVerifier::validateJSCell):
563
564 2018-09-24  Saam barati  <sbarati@apple.com>
565
566         ArgumentsEliminationPhase should snip basic blocks after proven OSR exits
567         https://bugs.webkit.org/show_bug.cgi?id=189682
568         <rdar://problem/43557315>
569
570         Reviewed by Mark Lam.
571
572         Otherwise, if we have code like this:
573         ```
574         a: Arguments
575         b: GetButterfly(@a)
576         c: ForceExit
577         d: GetArrayLength(@a, @b)
578         ```
579         it will get transformed into this invalid DFG IR:
580         ```
581         a: PhantomArguments
582         b: Check(@a)
583         c: ForceExit
584         d: GetArrayLength(@a, @b)
585         ```
586         
587         And we will fail DFG validation since @b does not have a result.
588         
589         The fix is to just remove all nodes after the ForceExit and plant an
590         Unreachable after it. So the above code program will now turn into this:
591         ```
592         a: PhantomArguments
593         b: Check(@a)
594         c: ForceExit
595         e: Unreachable
596         ```
597
598         * dfg/DFGArgumentsEliminationPhase.cpp:
599
600 2018-09-22  Saam barati  <sbarati@apple.com>
601
602         The sampling should not use Strong<CodeBlock> in its machineLocation field
603         https://bugs.webkit.org/show_bug.cgi?id=189319
604
605         Reviewed by Filip Pizlo.
606
607         The sampling profiler has a CLI mode where we gather information about inline
608         call frames. That data structure was using a Strong<CodeBlock>. We were
609         constructing this Strong<CodeBlock> during GC concurrently to processing all
610         the Strong handles. This is a bug since we end up corrupting that data
611         structure. This patch fixes this by just making this data structure use the
612         sampling profiler's mechanism for holding onto and properly visiting heap pointers.
613
614         * inspector/agents/InspectorScriptProfilerAgent.cpp:
615         (Inspector::InspectorScriptProfilerAgent::trackingComplete):
616         * runtime/SamplingProfiler.cpp:
617         (JSC::SamplingProfiler::processUnverifiedStackTraces):
618
619         (JSC::SamplingProfiler::reportTopFunctions):
620         (JSC::SamplingProfiler::reportTopBytecodes):
621         These CLI helpers needed a DeferGC otherwise we may end up deadlocking when we
622         cause a GC to happen while already holding the sampling profiler's
623         lock.
624
625 2018-09-21  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
626
627         [JSC] Enable LLInt ASM interpreter on X64 and ARM64 in non JIT configuration
628         https://bugs.webkit.org/show_bug.cgi?id=189778
629
630         Reviewed by Keith Miller.
631
632         LLInt ASM interpreter is 2x and 15% faster than CLoop interpreter on
633         Linux and macOS respectively. We would like to enable it for non JIT
634         configurations in X86_64 and ARM64.
635
636         This patch enables LLInt for non JIT builds in X86_64 and ARM64 architectures.
637         Previously, we switch LLInt ASM interpreter and CLoop by using ENABLE(JIT)
638         configuration. But it is wrong in the new scenario since we have a build
639         configuration that uses LLInt ASM interpreter and JIT is disabled. We introduce
640         ENABLE(C_LOOP) option, which represents that we use CLoop. And we replace
641         ENABLE(JIT) with ENABLE(C_LOOP) if the previous ENABLE(JIT) is essentially just
642         related to LLInt ASM interpreter and not related to JIT.
643
644         We also replace some ENABLE(JIT) configurations with ENABLE(ASSEMBLER).
645         ENABLE(ASSEMBLER) is now enabled even if we disable JIT since MacroAssembler
646         has machine register information that is used in LLInt ASM interpreter.
647
648         * API/tests/PingPongStackOverflowTest.cpp:
649         (testPingPongStackOverflow):
650         * CMakeLists.txt:
651         * JavaScriptCore.xcodeproj/project.pbxproj:
652         * assembler/MaxFrameExtentForSlowPathCall.h:
653         * bytecode/CallReturnOffsetToBytecodeOffset.h: Removed. It is no longer used.
654         * bytecode/CodeBlock.cpp:
655         (JSC::CodeBlock::finishCreation):
656         * bytecode/CodeBlock.h:
657         (JSC::CodeBlock::calleeSaveRegisters const):
658         (JSC::CodeBlock::numberOfLLIntBaselineCalleeSaveRegisters):
659         (JSC::CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters):
660         (JSC::CodeBlock::calleeSaveSpaceAsVirtualRegisters):
661         * bytecode/Opcode.h:
662         (JSC::padOpcodeName):
663         * heap/Heap.cpp:
664         (JSC::Heap::gatherJSStackRoots):
665         (JSC::Heap::stopThePeriphery):
666         * interpreter/CLoopStack.cpp:
667         * interpreter/CLoopStack.h:
668         * interpreter/CLoopStackInlines.h:
669         * interpreter/EntryFrame.h:
670         * interpreter/Interpreter.cpp:
671         (JSC::Interpreter::Interpreter):
672         (JSC::UnwindFunctor::copyCalleeSavesToEntryFrameCalleeSavesBuffer const):
673         * interpreter/Interpreter.h:
674         * interpreter/StackVisitor.cpp:
675         (JSC::StackVisitor::Frame::calleeSaveRegisters):
676         * interpreter/VMEntryRecord.h:
677         * jit/ExecutableAllocator.h:
678         * jit/FPRInfo.h:
679         (WTF::printInternal):
680         * jit/GPRInfo.cpp:
681         * jit/GPRInfo.h:
682         (WTF::printInternal):
683         * jit/HostCallReturnValue.cpp:
684         (JSC::getHostCallReturnValueWithExecState): Moved. They are used in LLInt ASM interpreter too.
685         * jit/HostCallReturnValue.h:
686         * jit/JITOperations.cpp:
687         (JSC::getHostCallReturnValueWithExecState): Deleted.
688         * jit/JITOperationsMSVC64.cpp:
689         * jit/Reg.cpp:
690         * jit/Reg.h:
691         * jit/RegisterAtOffset.cpp:
692         * jit/RegisterAtOffset.h:
693         * jit/RegisterAtOffsetList.cpp:
694         * jit/RegisterAtOffsetList.h:
695         * jit/RegisterMap.h:
696         * jit/RegisterSet.cpp:
697         * jit/RegisterSet.h:
698         * jit/TempRegisterSet.cpp:
699         * jit/TempRegisterSet.h:
700         * llint/LLIntCLoop.cpp:
701         * llint/LLIntCLoop.h:
702         * llint/LLIntData.cpp:
703         (JSC::LLInt::initialize):
704         (JSC::LLInt::Data::performAssertions):
705         * llint/LLIntData.h:
706         * llint/LLIntOfflineAsmConfig.h:
707         * llint/LLIntOpcode.h:
708         * llint/LLIntPCRanges.h:
709         * llint/LLIntSlowPaths.cpp:
710         (JSC::LLInt::LLINT_SLOW_PATH_DECL):
711         * llint/LLIntSlowPaths.h:
712         * llint/LLIntThunks.cpp:
713         * llint/LowLevelInterpreter.cpp:
714         * llint/LowLevelInterpreter.h:
715         * runtime/JSCJSValue.h:
716         * runtime/MachineContext.h:
717         * runtime/SamplingProfiler.cpp:
718         (JSC::SamplingProfiler::processUnverifiedStackTraces): Enable SamplingProfiler
719         for LLInt ASM interpreter with non JIT configuration.
720         * runtime/TestRunnerUtils.cpp:
721         (JSC::optimizeNextInvocation):
722         * runtime/VM.cpp:
723         (JSC::VM::VM):
724         (JSC::VM::getHostFunction):
725         (JSC::VM::updateSoftReservedZoneSize):
726         (JSC::sanitizeStackForVM):
727         (JSC::VM::committedStackByteCount):
728         * runtime/VM.h:
729         * runtime/VMInlines.h:
730         (JSC::VM::ensureStackCapacityFor):
731         (JSC::VM::isSafeToRecurseSoft const):
732
733 2018-09-21  Keith Miller  <keith_miller@apple.com>
734
735         Add Promise SPI
736         https://bugs.webkit.org/show_bug.cgi?id=189809
737
738         Reviewed by Saam Barati.
739
740         The Patch adds new SPI to create promises. It's mostly SPI because
741         I want to see how internal users react to it before we make it
742         public.
743
744         This patch adds a couple of new Obj-C SPI methods. The first
745         creates a new promise using the same API that JS does where the
746         user provides an executor callback. If an exception is raised
747         in/to that callback the promise is automagically rejected. The
748         other methods create a pre-resolved or rejected promise as this
749         appears to be a common way to initialize a promise.
750
751         I was also considering adding a second version of executor API
752         where it would catch specific Obj-C exceptions. This would work by
753         taking a Class paramter and checking isKindOfClass: on the
754         exception. I decided against this as nothing else in our API
755         handles Obj-C exceptions. I'm pretty sure the VM will end up in a
756         corrupt state if an Obj-C exception unwinds through JS frames.
757
758         This patch adds a new C function that will create a "deferred"
759         promise. A deferred promise is a style of creating promise/futures
760         where the resolve and reject functions are passed as outputs of a
761         function. I went with this style for the C SPI because we don't have
762         any concept of forwarding exceptions in the C API.
763
764         In order to make the C API work I refactored a bit of the promise code
765         so that we can call a static method on JSDeferredPromise and just get
766         the components without allocating an extra cell wrapper.
767
768         * API/JSContext.mm:
769         (+[JSContext currentCallee]):
770         * API/JSObjectRef.cpp:
771         (JSObjectMakeDeferredPromise):
772         * API/JSObjectRefPrivate.h:
773         * API/JSValue.mm:
774         (+[JSValue valueWithNewPromiseInContext:fromExecutor:]):
775         (+[JSValue valueWithNewPromiseResolvedWithResult:inContext:]):
776         (+[JSValue valueWithNewPromiseRejectedWithReason:inContext:]):
777         * API/JSValuePrivate.h: Added.
778         * API/JSVirtualMachine.mm:
779         * API/JSVirtualMachinePrivate.h:
780         * API/tests/testapi.c:
781         (main):
782         * API/tests/testapi.cpp:
783         (APIContext::operator JSC::ExecState*):
784         (TestAPI::failed const):
785         (TestAPI::check):
786         (TestAPI::basicSymbol):
787         (TestAPI::symbolsTypeof):
788         (TestAPI::symbolsGetPropertyForKey):
789         (TestAPI::symbolsSetPropertyForKey):
790         (TestAPI::symbolsHasPropertyForKey):
791         (TestAPI::symbolsDeletePropertyForKey):
792         (TestAPI::promiseResolveTrue):
793         (TestAPI::promiseRejectTrue):
794         (testCAPIViaCpp):
795         (TestAPI::run): Deleted.
796         * API/tests/testapi.mm:
797         (testObjectiveCAPIMain):
798         (promiseWithExecutor):
799         (promiseRejectOnJSException):
800         (promiseCreateResolved):
801         (promiseCreateRejected):
802         (parallelPromiseResolveTest):
803         (testObjectiveCAPI):
804         * JavaScriptCore.xcodeproj/project.pbxproj:
805         * runtime/JSInternalPromiseDeferred.cpp:
806         (JSC::JSInternalPromiseDeferred::create):
807         * runtime/JSPromise.h:
808         * runtime/JSPromiseConstructor.cpp:
809         (JSC::constructPromise):
810         * runtime/JSPromiseDeferred.cpp:
811         (JSC::JSPromiseDeferred::createDeferredData):
812         (JSC::JSPromiseDeferred::create):
813         (JSC::JSPromiseDeferred::finishCreation):
814         (JSC::newPromiseCapability): Deleted.
815         * runtime/JSPromiseDeferred.h:
816         (JSC::JSPromiseDeferred::promise const):
817         (JSC::JSPromiseDeferred::resolve const):
818         (JSC::JSPromiseDeferred::reject const):
819
820 2018-09-21  Ryan Haddad  <ryanhaddad@apple.com>
821
822         Unreviewed, rolling out r236359.
823
824         Broke the Windows build.
825
826         Reverted changeset:
827
828         "Add Promise SPI"
829         https://bugs.webkit.org/show_bug.cgi?id=189809
830         https://trac.webkit.org/changeset/236359
831
832 2018-09-21  Mark Lam  <mark.lam@apple.com>
833
834         JSRopeString::resolveRope() wrongly assumes that tryGetValue() passes it a valid ExecState.
835         https://bugs.webkit.org/show_bug.cgi?id=189855
836         <rdar://problem/44680181>
837
838         Reviewed by Filip Pizlo.
839
840         tryGetValue() always passes a nullptr to JSRopeString::resolveRope() for the
841         ExecState* argument.  This is intentional so that resolveRope() does not throw
842         in the event of an OutOfMemory error.  Hence, JSRopeString::resolveRope() should
843         get the VM from the cell instead of via the ExecState.
844
845         Also removed an obsolete and unused field in JSString.
846
847         * runtime/JSString.cpp:
848         (JSC::JSRopeString::resolveRope const):
849         (JSC::JSRopeString::outOfMemory const):
850         * runtime/JSString.h:
851         (JSC::JSString::tryGetValue const):
852
853 2018-09-21  Michael Saboff  <msaboff@apple.com>
854
855         Add functions to measure memory footprint to JSC
856         https://bugs.webkit.org/show_bug.cgi?id=189768
857
858         Reviewed by Saam Barati.
859
860         Rolling this back in again.
861
862         Provide system memory metrics for the current process to aid in memory reduction measurement and
863         tuning using native JS tests.
864
865         * jsc.cpp:
866         (MemoryFootprint::now):
867         (MemoryFootprint::resetPeak):
868         (GlobalObject::finishCreation):
869         (JSCMemoryFootprint::JSCMemoryFootprint):
870         (JSCMemoryFootprint::createStructure):
871         (JSCMemoryFootprint::create):
872         (JSCMemoryFootprint::finishCreation):
873         (JSCMemoryFootprint::addProperty):
874         (functionResetMemoryPeak):
875
876 2018-09-21  Keith Miller  <keith_miller@apple.com>
877
878         Add Promise SPI
879         https://bugs.webkit.org/show_bug.cgi?id=189809
880
881         Reviewed by Saam Barati.
882
883         The Patch adds new SPI to create promises. It's mostly SPI because
884         I want to see how internal users react to it before we make it
885         public.
886
887         This patch adds a couple of new Obj-C SPI methods. The first
888         creates a new promise using the same API that JS does where the
889         user provides an executor callback. If an exception is raised
890         in/to that callback the promise is automagically rejected. The
891         other methods create a pre-resolved or rejected promise as this
892         appears to be a common way to initialize a promise.
893
894         I was also considering adding a second version of executor API
895         where it would catch specific Obj-C exceptions. This would work by
896         taking a Class paramter and checking isKindOfClass: on the
897         exception. I decided against this as nothing else in our API
898         handles Obj-C exceptions. I'm pretty sure the VM will end up in a
899         corrupt state if an Obj-C exception unwinds through JS frames.
900
901         This patch adds a new C function that will create a "deferred"
902         promise. A deferred promise is a style of creating promise/futures
903         where the resolve and reject functions are passed as outputs of a
904         function. I went with this style for the C SPI because we don't have
905         any concept of forwarding exceptions in the C API.
906
907         In order to make the C API work I refactored a bit of the promise code
908         so that we can call a static method on JSDeferredPromise and just get
909         the components without allocating an extra cell wrapper.
910
911         * API/JSContext.mm:
912         (+[JSContext currentCallee]):
913         * API/JSObjectRef.cpp:
914         (JSObjectMakeDeferredPromise):
915         * API/JSObjectRefPrivate.h:
916         * API/JSValue.mm:
917         (+[JSValue valueWithNewPromiseInContext:fromExecutor:]):
918         (+[JSValue valueWithNewPromiseResolvedWithResult:inContext:]):
919         (+[JSValue valueWithNewPromiseRejectedWithReason:inContext:]):
920         * API/JSValuePrivate.h: Added.
921         * API/JSVirtualMachine.mm:
922         * API/JSVirtualMachinePrivate.h:
923         * API/tests/testapi.c:
924         (main):
925         * API/tests/testapi.cpp:
926         (APIContext::operator JSC::ExecState*):
927         (TestAPI::failed const):
928         (TestAPI::check):
929         (TestAPI::basicSymbol):
930         (TestAPI::symbolsTypeof):
931         (TestAPI::symbolsGetPropertyForKey):
932         (TestAPI::symbolsSetPropertyForKey):
933         (TestAPI::symbolsHasPropertyForKey):
934         (TestAPI::symbolsDeletePropertyForKey):
935         (TestAPI::promiseResolveTrue):
936         (TestAPI::promiseRejectTrue):
937         (testCAPIViaCpp):
938         (TestAPI::run): Deleted.
939         * API/tests/testapi.mm:
940         (testObjectiveCAPIMain):
941         (promiseWithExecutor):
942         (promiseRejectOnJSException):
943         (promiseCreateResolved):
944         (promiseCreateRejected):
945         (parallelPromiseResolveTest):
946         (testObjectiveCAPI):
947         * JavaScriptCore.xcodeproj/project.pbxproj:
948         * runtime/JSInternalPromiseDeferred.cpp:
949         (JSC::JSInternalPromiseDeferred::create):
950         * runtime/JSPromise.h:
951         * runtime/JSPromiseConstructor.cpp:
952         (JSC::constructPromise):
953         * runtime/JSPromiseDeferred.cpp:
954         (JSC::JSPromiseDeferred::createDeferredData):
955         (JSC::JSPromiseDeferred::create):
956         (JSC::JSPromiseDeferred::finishCreation):
957         (JSC::newPromiseCapability): Deleted.
958         * runtime/JSPromiseDeferred.h:
959         (JSC::JSPromiseDeferred::promise const):
960         (JSC::JSPromiseDeferred::resolve const):
961         (JSC::JSPromiseDeferred::reject const):
962
963 2018-09-21  Truitt Savell  <tsavell@apple.com>
964
965         Rebaseline tests after changes in https://trac.webkit.org/changeset/236321/webkit
966         https://bugs.webkit.org/show_bug.cgi?id=156674
967
968         Unreviewed Test Gardening
969
970         * Scripts/tests/builtins/expected/JavaScriptCore-Builtin.Promise-Combined.js-result:
971         * Scripts/tests/builtins/expected/JavaScriptCore-BuiltinConstructor-Combined.js-result:
972
973 2018-09-21  Mike Gorse  <mgorse@suse.com>
974
975         Build tools should work when the /usr/bin/python is python3
976         https://bugs.webkit.org/show_bug.cgi?id=156674
977
978         Reviewed by Michael Catanzaro.
979
980         * Scripts/cssmin.py:
981         * Scripts/generate-js-builtins.py:
982         (do_open):
983         (generate_bindings_for_builtins_files):
984         * Scripts/generateIntlCanonicalizeLanguage.py:
985         * Scripts/jsmin.py:
986         (JavascriptMinify.minify.write):
987         (JavascriptMinify):
988         (JavascriptMinify.minify):
989         * Scripts/make-js-file-arrays.py:
990         (chunk):
991         (main):
992         * Scripts/wkbuiltins/__init__.py:
993         * Scripts/wkbuiltins/builtins_generate_combined_header.py:
994         (generate_section_for_global_private_code_name_macro):
995         * Scripts/wkbuiltins/builtins_generate_internals_wrapper_header.py:
996         (BuiltinsInternalsWrapperHeaderGenerator.__init__):
997         * Scripts/wkbuiltins/builtins_generate_internals_wrapper_implementation.py:
998         (BuiltinsInternalsWrapperImplementationGenerator.__init__):
999         * Scripts/wkbuiltins/builtins_model.py:
1000         (BuiltinFunction.__lt__):
1001         (BuiltinsCollection.copyrights):
1002         (BuiltinsCollection._parse_functions):
1003         * disassembler/udis86/ud_opcode.py:
1004         (UdOpcodeTables.pprint.printWalk):
1005         * generate-bytecode-files:
1006         * inspector/scripts/codegen/__init__.py:
1007         * inspector/scripts/codegen/cpp_generator.py:
1008         * inspector/scripts/codegen/generate_cpp_alternate_backend_dispatcher_header.py:
1009         (CppAlternateBackendDispatcherHeaderGenerator.generate_output):
1010         * inspector/scripts/codegen/generate_cpp_backend_dispatcher_header.py:
1011         (CppBackendDispatcherHeaderGenerator.domains_to_generate):
1012         (CppBackendDispatcherHeaderGenerator.generate_output):
1013         (CppBackendDispatcherHeaderGenerator._generate_dispatcher_declarations_for_domain):
1014         * inspector/scripts/codegen/generate_cpp_backend_dispatcher_implementation.py:
1015         (CppBackendDispatcherImplementationGenerator.domains_to_generate):
1016         (CppBackendDispatcherImplementationGenerator.generate_output):
1017         * inspector/scripts/codegen/generate_cpp_frontend_dispatcher_header.py:
1018         (CppFrontendDispatcherHeaderGenerator.domains_to_generate):
1019         (CppFrontendDispatcherHeaderGenerator.generate_output):
1020         * inspector/scripts/codegen/generate_cpp_frontend_dispatcher_implementation.py:
1021         (CppFrontendDispatcherImplementationGenerator.domains_to_generate):
1022         (CppFrontendDispatcherImplementationGenerator.generate_output):
1023         * inspector/scripts/codegen/generate_cpp_protocol_types_header.py:
1024         (CppProtocolTypesHeaderGenerator.generate_output):
1025         (CppProtocolTypesHeaderGenerator._generate_forward_declarations):
1026         * inspector/scripts/codegen/generate_cpp_protocol_types_implementation.py:
1027         (CppProtocolTypesImplementationGenerator.generate_output):
1028         (CppProtocolTypesImplementationGenerator._generate_enum_conversion_methods_for_domain):
1029         (CppProtocolTypesImplementationGenerator._generate_enum_mapping_and_conversion_methods):
1030         (CppProtocolTypesImplementationGenerator._generate_open_field_names):
1031         (CppProtocolTypesImplementationGenerator._generate_builders_for_domain):
1032         (CppProtocolTypesImplementationGenerator._generate_assertion_for_object_declaration):
1033         * inspector/scripts/codegen/generate_js_backend_commands.py:
1034         (JSBackendCommandsGenerator.should_generate_domain):
1035         (JSBackendCommandsGenerator.domains_to_generate):
1036         (JSBackendCommandsGenerator.generate_output):
1037         (JSBackendCommandsGenerator.generate_domain):
1038         * inspector/scripts/codegen/generate_objc_backend_dispatcher_header.py:
1039         (ObjCBackendDispatcherHeaderGenerator.domains_to_generate):
1040         (ObjCBackendDispatcherHeaderGenerator.generate_output):
1041         * inspector/scripts/codegen/generate_objc_backend_dispatcher_implementation.py:
1042         (ObjCBackendDispatcherImplementationGenerator.domains_to_generate):
1043         (ObjCBackendDispatcherImplementationGenerator.generate_output):
1044         (ObjCBackendDispatcherImplementationGenerator._generate_success_block_for_command):
1045         * inspector/scripts/codegen/generate_objc_configuration_header.py:
1046         * inspector/scripts/codegen/generate_objc_configuration_implementation.py:
1047         * inspector/scripts/codegen/generate_objc_frontend_dispatcher_implementation.py:
1048         (ObjCFrontendDispatcherImplementationGenerator.domains_to_generate):
1049         (ObjCFrontendDispatcherImplementationGenerator.generate_output):
1050         (ObjCFrontendDispatcherImplementationGenerator._generate_event):
1051         * inspector/scripts/codegen/generate_objc_header.py:
1052         (ObjCHeaderGenerator.generate_output):
1053         (ObjCHeaderGenerator._generate_type_interface):
1054         * inspector/scripts/codegen/generate_objc_internal_header.py:
1055         (ObjCInternalHeaderGenerator.generate_output):
1056         * inspector/scripts/codegen/generate_objc_protocol_type_conversions_header.py:
1057         (ObjCProtocolTypeConversionsHeaderGenerator.domains_to_generate):
1058         (ObjCProtocolTypeConversionsHeaderGenerator.generate_output):
1059         * inspector/scripts/codegen/generate_objc_protocol_type_conversions_implementation.py:
1060         (ObjCProtocolTypeConversionsImplementationGenerator.domains_to_generate):
1061         * inspector/scripts/codegen/generate_objc_protocol_types_implementation.py:
1062         (ObjCProtocolTypesImplementationGenerator.domains_to_generate):
1063         (ObjCProtocolTypesImplementationGenerator.generate_output):
1064         (ObjCProtocolTypesImplementationGenerator.generate_type_implementation):
1065         (ObjCProtocolTypesImplementationGenerator._generate_init_method_for_required_members):
1066         * inspector/scripts/codegen/generator.py:
1067         (Generator.non_supplemental_domains):
1068         (Generator.open_fields):
1069         (Generator.calculate_types_requiring_shape_assertions):
1070         (Generator._traverse_and_assign_enum_values):
1071         (Generator.stylized_name_for_enum_value):
1072         * inspector/scripts/codegen/models.py:
1073         (find_duplicates):
1074         * inspector/scripts/codegen/objc_generator.py:
1075         * wasm/generateWasm.py:
1076         (opcodeIterator):
1077         * yarr/generateYarrCanonicalizeUnicode:
1078         * yarr/generateYarrUnicodePropertyTables.py:
1079         * yarr/hasher.py:
1080         (stringHash):
1081
1082 2018-09-21  Tomas Popela  <tpopela@redhat.com>
1083
1084         [ARM] Build broken on armv7hl after r235517
1085         https://bugs.webkit.org/show_bug.cgi?id=189831
1086
1087         Reviewed by Yusuke Suzuki.
1088
1089         Add missing implementation of patchebleBranch8() for traditional ARM.
1090
1091         * assembler/MacroAssemblerARM.h:
1092         (JSC::MacroAssemblerARM::patchableBranch8):
1093
1094 2018-09-20  Ryan Haddad  <ryanhaddad@apple.com>
1095
1096         Unreviewed, rolling out r236293.
1097
1098         Internal build still broken.
1099
1100         Reverted changeset:
1101
1102         "Add functions to measure memory footprint to JSC"
1103         https://bugs.webkit.org/show_bug.cgi?id=189768
1104         https://trac.webkit.org/changeset/236293
1105
1106 2018-09-20  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
1107
1108         [JSC] Heap::reportExtraMemoryVisited shows contention if we have many JSString
1109         https://bugs.webkit.org/show_bug.cgi?id=189558
1110
1111         Reviewed by Mark Lam.
1112
1113         When running web-tooling-benchmark postcss test on Linux JSCOnly port, we get the following result in `perf report`.
1114
1115             10.95%  AutomaticThread  libJavaScriptCore.so.1.0.0  [.] JSC::Heap::reportExtraMemoryVisited
1116
1117         This is because postcss produces bunch of JSString, which require reportExtraMemoryVisited calls in JSString::visitChildren.
1118         And since reportExtraMemoryVisited attempts to update atomic counter, if we have bunch of marking threads, it becomes super contended.
1119
1120         This patch reduces the frequency of updating the atomic counter. Each SlotVisitor has per-SlotVisitor m_extraMemorySize counter.
1121         And we propagate this value to the global atomic counter when rebalance happens.
1122
1123         We also reduce HeapCell::heap() access by using `vm.heap`.
1124
1125         * heap/SlotVisitor.cpp:
1126         (JSC::SlotVisitor::didStartMarking):
1127         (JSC::SlotVisitor::propagateExternalMemoryVisitedIfNecessary):
1128         (JSC::SlotVisitor::drain):
1129         (JSC::SlotVisitor::performIncrementOfDraining):
1130         * heap/SlotVisitor.h:
1131         * heap/SlotVisitorInlines.h:
1132         (JSC::SlotVisitor::reportExtraMemoryVisited):
1133         * runtime/JSString.cpp:
1134         (JSC::JSRopeString::resolveRopeToAtomicString const):
1135         (JSC::JSRopeString::resolveRope const):
1136         * runtime/JSString.h:
1137         (JSC::JSString::finishCreation):
1138         * wasm/js/JSWebAssemblyInstance.cpp:
1139         (JSC::JSWebAssemblyInstance::finishCreation):
1140         * wasm/js/JSWebAssemblyMemory.cpp:
1141         (JSC::JSWebAssemblyMemory::finishCreation):
1142
1143 2018-09-20  Michael Saboff  <msaboff@apple.com>
1144
1145         Add functions to measure memory footprint to JSC
1146         https://bugs.webkit.org/show_bug.cgi?id=189768
1147
1148         Reviewed by Saam Barati.
1149
1150         Rolling this back in.
1151
1152         Provide system memory metrics for the current process to aid in memory reduction measurement and
1153         tuning using native JS tests.
1154
1155         * jsc.cpp:
1156         (MemoryFootprint::now):
1157         (MemoryFootprint::resetPeak):
1158         (GlobalObject::finishCreation):
1159         (JSCMemoryFootprint::JSCMemoryFootprint):
1160         (JSCMemoryFootprint::createStructure):
1161         (JSCMemoryFootprint::create):
1162         (JSCMemoryFootprint::finishCreation):
1163         (JSCMemoryFootprint::addProperty):
1164         (functionResetMemoryPeak):
1165
1166 2018-09-20  Ryan Haddad  <ryanhaddad@apple.com>
1167
1168         Unreviewed, rolling out r236235.
1169
1170         Breaks internal builds.
1171
1172         Reverted changeset:
1173
1174         "Add functions to measure memory footprint to JSC"
1175         https://bugs.webkit.org/show_bug.cgi?id=189768
1176         https://trac.webkit.org/changeset/236235
1177
1178 2018-09-20  Fujii Hironori  <Hironori.Fujii@sony.com>
1179
1180         [Win][Clang] JITMathIC.h: error: missing 'template' keyword prior to dependent template name 'retagged'
1181         https://bugs.webkit.org/show_bug.cgi?id=189730
1182
1183         Reviewed by Saam Barati.
1184
1185         Clang for Windows can't compile the workaround for MSVC quirk in generateOutOfLine.
1186
1187         * jit/JITMathIC.h:
1188         (generateOutOfLine): Append "&& !COMPILER(CLANG)" to "#if COMPILER(MSVC)".
1189
1190 2018-09-19  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
1191
1192         [JSC] Optimize Array#indexOf in C++ runtime
1193         https://bugs.webkit.org/show_bug.cgi?id=189507
1194
1195         Reviewed by Saam Barati.
1196
1197         C++ Array#indexOf runtime function takes so much time in babylon benchmark in
1198         web-tooling-benchmark. While our DFG and FTL has Array#indexOf optimization
1199         and actually it is working well, C++ Array#indexOf is called significant amount
1200         of time before tiering up, and it takes 6.74% of jsc main thread samples according
1201         to perf command in Linux. This is because C++ Array#indexOf is too generic and
1202         misses the chance to optimize JSArray cases.
1203
1204         This patch adds JSArray fast path for Array#indexOf. If we know that indexed
1205         access to the given JSArray is non-observable and indexing type is good for the fast
1206         path, we go to the fast path. This makes sampling of Array#indexOf 3.83% in
1207         babylon web-tooling-benchmark.
1208
1209         * runtime/ArrayPrototype.cpp:
1210         (JSC::arrayProtoFuncIndexOf):
1211         * runtime/JSArray.h:
1212         * runtime/JSArrayInlines.h:
1213         (JSC::JSArray::canDoFastIndexedAccess):
1214         (JSC::toLength):
1215         * runtime/JSCJSValueInlines.h:
1216         (JSC::JSValue::JSValue):
1217         * runtime/JSGlobalObject.h:
1218         * runtime/JSGlobalObjectInlines.h:
1219         (JSC::JSGlobalObject::isArrayPrototypeIndexedAccessFastAndNonObservable):
1220         (JSC::JSGlobalObject::isArrayPrototypeIteratorProtocolFastAndNonObservable):
1221         * runtime/MathCommon.h:
1222         (JSC::canBeStrictInt32):
1223         (JSC::canBeInt32):
1224
1225 2018-09-19  Michael Saboff  <msaboff@apple.com>
1226
1227         Add functions to measure memory footprint to JSC
1228         https://bugs.webkit.org/show_bug.cgi?id=189768
1229
1230         Reviewed by Saam Barati.
1231
1232         Provide system memory metrics for the current process to aid in memory reduction measurement and
1233         tuning using native JS tests.
1234
1235         * jsc.cpp:
1236         (MemoryFootprint::now):
1237         (MemoryFootprint::resetPeak):
1238         (GlobalObject::finishCreation):
1239         (JSCMemoryFootprint::JSCMemoryFootprint):
1240         (JSCMemoryFootprint::createStructure):
1241         (JSCMemoryFootprint::create):
1242         (JSCMemoryFootprint::finishCreation):
1243         (JSCMemoryFootprint::addProperty):
1244         (functionResetMemoryPeak):
1245
1246 2018-09-19  Saam barati  <sbarati@apple.com>
1247
1248         CheckStructureOrEmpty should pass in a tempGPR to emitStructureCheck since it may jump over that code
1249         https://bugs.webkit.org/show_bug.cgi?id=189703
1250
1251         Reviewed by Mark Lam.
1252
1253         This fixes a crash that a TypeProfiler change revealed.
1254
1255         * dfg/DFGSpeculativeJIT64.cpp:
1256         (JSC::DFG::SpeculativeJIT::compile):
1257
1258 2018-09-19  Saam barati  <sbarati@apple.com>
1259
1260         AI rule for MultiPutByOffset executes its effects in the wrong order
1261         https://bugs.webkit.org/show_bug.cgi?id=189757
1262         <rdar://problem/43535257>
1263
1264         Reviewed by Michael Saboff.
1265
1266         The AI rule for MultiPutByOffset was executing effects in the wrong order.
1267         It first executed the transition effects and the effects on the base, and
1268         then executed the filtering effects on the value being stored. However, you
1269         can end up with the wrong type when the base and the value being stored
1270         are the same. E.g, in a program like `o.f = o`. These effects need to happen
1271         in the opposite order, modeling what happens in the runtime executing of
1272         MultiPutByOffset.
1273
1274         * dfg/DFGAbstractInterpreterInlines.h:
1275         (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
1276
1277 2018-09-18  Mark Lam  <mark.lam@apple.com>
1278
1279         Ensure that ForInContexts are invalidated if their loop local is over-written.
1280         https://bugs.webkit.org/show_bug.cgi?id=189571
1281         <rdar://problem/44402277>
1282
1283         Reviewed by Saam Barati.
1284
1285         Instead of hunting down every place in the BytecodeGenerator that potentially
1286         needs to invalidate an enclosing ForInContext (if one exists), we simply iterate
1287         the bytecode range of the loop body when the ForInContext is popped, and
1288         invalidate the context if we ever find the loop temp variable over-written.
1289
1290         This has 2 benefits:
1291         1. It ensures that every type of opcode that can write to the loop temp will be
1292            handled appropriately, not just the op_mov that we've hunted down.
1293         2. It avoids us having to check the BytecodeGenerator's m_forInContextStack
1294            every time we emit an op_mov (or other opcodes that can write to a local)
1295            even when we're not inside a for-in loop.
1296
1297         JSC benchmarks show that that this change is performance neutral.
1298
1299         * bytecompiler/BytecodeGenerator.cpp:
1300         (JSC::BytecodeGenerator::pushIndexedForInScope):
1301         (JSC::BytecodeGenerator::popIndexedForInScope):
1302         (JSC::BytecodeGenerator::pushStructureForInScope):
1303         (JSC::BytecodeGenerator::popStructureForInScope):
1304         (JSC::ForInContext::finalize):
1305         (JSC::StructureForInContext::finalize):
1306         (JSC::IndexedForInContext::finalize):
1307         (JSC::BytecodeGenerator::invalidateForInContextForLocal): Deleted.
1308         * bytecompiler/BytecodeGenerator.h:
1309         (JSC::ForInContext::ForInContext):
1310         (JSC::ForInContext::bodyBytecodeStartOffset const):
1311         (JSC::StructureForInContext::StructureForInContext):
1312         (JSC::IndexedForInContext::IndexedForInContext):
1313         * bytecompiler/NodesCodegen.cpp:
1314         (JSC::PostfixNode::emitResolve):
1315         (JSC::PrefixNode::emitResolve):
1316         (JSC::ReadModifyResolveNode::emitBytecode):
1317         (JSC::AssignResolveNode::emitBytecode):
1318         (JSC::EmptyLetExpression::emitBytecode):
1319         (JSC::ForInNode::emitLoopHeader):
1320         (JSC::ForOfNode::emitBytecode):
1321         (JSC::BindingNode::bindValue const):
1322         (JSC::AssignmentElementNode::bindValue const):
1323         * runtime/CommonSlowPaths.cpp:
1324         (JSC::SLOW_PATH_DECL):
1325
1326 2018-09-17  Devin Rousso  <drousso@apple.com>
1327
1328         Web Inspector: generate CSSKeywordCompletions from backend values
1329         https://bugs.webkit.org/show_bug.cgi?id=189041
1330
1331         Reviewed by Joseph Pecoraro.
1332
1333         * inspector/protocol/CSS.json:
1334         Include an optional `aliases` array and `inherited` boolean for `CSSPropertyInfo`.
1335
1336 2018-09-17  Saam barati  <sbarati@apple.com>
1337
1338         We must convert ProfileType to CheckStructureOrEmpty instead of CheckStructure
1339         https://bugs.webkit.org/show_bug.cgi?id=189676
1340         <rdar://problem/39682897>
1341
1342         Reviewed by Michael Saboff.
1343
1344         Because the incoming value may be TDZ, CheckStructure may end up crashing.
1345         Since the Type Profile does not currently record TDZ values in any of its
1346         data structures, this is not a semantic change in how it will show you data.
1347         It just fixes crashes when we emit a CheckStructure and the incoming value
1348         is TDZ.
1349
1350         * dfg/DFGFixupPhase.cpp:
1351         (JSC::DFG::FixupPhase::fixupNode):
1352         * dfg/DFGNode.h:
1353         (JSC::DFG::Node::convertToCheckStructureOrEmpty):
1354
1355 2018-09-17  Darin Adler  <darin@apple.com>
1356
1357         Use OpaqueJSString rather than JSRetainPtr inside WebKit
1358         https://bugs.webkit.org/show_bug.cgi?id=189652
1359
1360         Reviewed by Saam Barati.
1361
1362         * API/JSCallbackObjectFunctions.h: Removed an uneeded include of
1363         JSStringRef.h.
1364
1365         * API/JSContext.mm:
1366         (-[JSContext evaluateScript:withSourceURL:]): Use OpaqueJSString::create rather
1367         than JSStringCreateWithCFString, simplifying the code and also obviating the
1368         need for explicit JSStringRelease.
1369         (-[JSContext setName:]): Ditto.
1370
1371         * API/JSStringRef.cpp:
1372         (JSStringIsEqualToUTF8CString): Use adoptRef rather than explicit JSStringRelease.
1373         It seems that additional optimization is possible, obviating the need to allocate
1374         an OpaqueJSString, but that's true almost everywhere else in this patch, too.
1375
1376         * API/JSValue.mm:
1377         (+[JSValue valueWithNewRegularExpressionFromPattern:flags:inContext:]): Use
1378         OpaqueJSString::create and adoptRef as appropriate.
1379         (+[JSValue valueWithNewErrorFromMessage:inContext:]): Ditto.
1380         (+[JSValue valueWithNewSymbolFromDescription:inContext:]): Ditto.
1381         (performPropertyOperation): Ditto.
1382         (-[JSValue invokeMethod:withArguments:]): Ditto.
1383         (valueToObjectWithoutCopy): Ditto.
1384         (containerValueToObject): Ditto.
1385         (valueToString): Ditto.
1386         (objectToValueWithoutCopy): Ditto.
1387         (objectToValue): Ditto.
1388
1389 2018-09-08  Darin Adler  <darin@apple.com>
1390
1391         Streamline JSRetainPtr, fix leaks of JSString and JSGlobalContext
1392         https://bugs.webkit.org/show_bug.cgi?id=189455
1393
1394         Reviewed by Keith Miller.
1395
1396         * API/JSObjectRef.cpp:
1397         (OpaqueJSPropertyNameArray): Use Ref<OpaqueJSString> instead of
1398         JSRetainPtr<JSStringRef>.
1399         (JSObjectCopyPropertyNames): Remove now-unneeded use of leakRef and
1400         adopt constructor.
1401         (JSPropertyNameArrayGetNameAtIndex): Use ptr() instead of get() since
1402         the array elements are now Ref.
1403
1404         * API/JSRetainPtr.h: While JSRetainPtr is written as a template,
1405         it only works for two specific unrelated types, JSStringRef and
1406         JSGlobalContextRef. Simplified the default constructor using data
1407         member initialization. Prepared to make the adopt constructor private
1408         (got everything compiling that way, then made it public again so that
1409         Apple internal software will still build). Got rid of unneeded
1410         templated constructor and assignment operator, since it's not relevant
1411         since there is no inheritance between JSRetainPtr template types.
1412         Added WARN_UNUSED_RETURN to leakRef as in RefPtr and RetainPtr.
1413         Added move constructor and move assignment operator for slightly better
1414         performance. Simplified implementations of various member functions
1415         so they are more obviously correct, by using leakPtr in more of them
1416         and using std::exchange to make the flow of values more obvious.
1417
1418         * API/JSValue.mm:
1419         (+[JSValue valueWithNewSymbolFromDescription:inContext:]): Added a
1420         missing JSStringRelease to fix a leak.
1421
1422         * API/tests/CustomGlobalObjectClassTest.c:
1423         (customGlobalObjectClassTest): Added a JSGlobalContextRelease to fix a leak.
1424         (globalObjectSetPrototypeTest): Ditto.
1425         (globalObjectPrivatePropertyTest): Ditto.
1426
1427         * API/tests/ExecutionTimeLimitTest.cpp:
1428         (testResetAfterTimeout): Added a call to JSStringRelease to fix a leak.
1429         (testExecutionTimeLimit): Ditto, lots more.
1430
1431         * API/tests/FunctionOverridesTest.cpp:
1432         (testFunctionOverrides): Added a call to JSStringRelease to fix a leak.
1433
1434         * API/tests/JSObjectGetProxyTargetTest.cpp:
1435         (testJSObjectGetProxyTarget): Added a call to JSGlobalContextRelease to fix
1436         a leak.
1437
1438         * API/tests/PingPongStackOverflowTest.cpp:
1439         (testPingPongStackOverflow): Added calls to JSGlobalContextRelease and
1440         JSStringRelease to fix leaks.
1441
1442         * API/tests/testapi.c:
1443         (throwException): Added. Helper function for repeated idiom where we want
1444         to throw an exception, but with additional JSStringRelease calls so we don't
1445         have to leak just to keep the code simpler to read.
1446         (MyObject_getProperty): Use throwException.
1447         (MyObject_setProperty): Ditto.
1448         (MyObject_deleteProperty): Ditto.
1449         (isValueEqualToString): Added. Helper function for an idiom where we check
1450         if something is a string and then if it's equal to a particular string
1451         constant, but a version that has an additional JSStringRelease call so we
1452         don't have to leak just to keep the code simpler to read.
1453         (MyObject_callAsFunction): Use isValueEqualToString and throwException.
1454         (MyObject_callAsConstructor): Ditto.
1455         (MyObject_hasInstance): Ditto.
1456         (globalContextNameTest): Added a JSGlobalContextRelease to fix a leak.
1457         (testMarkingConstraintsAndHeapFinalizers): Ditto.
1458
1459 2018-09-14  Saam barati  <sbarati@apple.com>
1460
1461         Don't dump OSRAvailabilityData in Graph::dump because a stale Availability may point to a Node that is already freed
1462         https://bugs.webkit.org/show_bug.cgi?id=189628
1463         <rdar://problem/39481690>
1464
1465         Reviewed by Mark Lam.
1466
1467         An Availability may point to a Node. And that Node may be removed from
1468         the graph, e.g, it's freed and its memory is no longer owned by Graph.
1469         This patch makes it so we no longer dump this metadata by default. If
1470         this metadata is interesting to you, you'll need to go in and change
1471         Graph::dump to dump the needed metadata.
1472
1473         * dfg/DFGGraph.cpp:
1474         (JSC::DFG::Graph::dump):
1475
1476 2018-09-14  Mark Lam  <mark.lam@apple.com>
1477
1478         Refactor some ForInContext code for better encapsulation.
1479         https://bugs.webkit.org/show_bug.cgi?id=189626
1480         <rdar://problem/44466415>
1481
1482         Reviewed by Keith Miller.
1483
1484         1. Add a ForInContext::m_type field to store the context type.  This does not
1485            increase the class size, but eliminates the need for a virtual call to get the
1486            type.
1487
1488            Note: we still need a virtual destructor because we'll be mingling
1489            IndexedForInContexts and StructureForInContexts in the BytecodeGenerator::m_forInContextStack.
1490
1491         2. Add ForInContext::isIndexedForInContext() and ForInContext::isStructureForInContext()
1492            convenience methods.
1493
1494         3. Add ForInContext::asIndexedForInContext() and ForInContext::asStructureForInContext()
1495            to do the casting to the subclass types.  This ensures that we'll properly
1496            assert that the casting is legal.
1497
1498         * bytecompiler/BytecodeGenerator.cpp:
1499         (JSC::BytecodeGenerator::emitGetByVal):
1500         (JSC::BytecodeGenerator::popIndexedForInScope):
1501         (JSC::BytecodeGenerator::popStructureForInScope):
1502         * bytecompiler/BytecodeGenerator.h:
1503         (JSC::ForInContext::type const):
1504         (JSC::ForInContext::isIndexedForInContext const):
1505         (JSC::ForInContext::isStructureForInContext const):
1506         (JSC::ForInContext::asIndexedForInContext):
1507         (JSC::ForInContext::asStructureForInContext):
1508         (JSC::ForInContext::ForInContext):
1509         (JSC::StructureForInContext::StructureForInContext):
1510         (JSC::IndexedForInContext::IndexedForInContext):
1511         (JSC::ForInContext::~ForInContext): Deleted.
1512
1513 2018-09-14  Devin Rousso  <webkit@devinrousso.com>
1514
1515         Web Inspector: Record actions performed on ImageBitmapRenderingContext
1516         https://bugs.webkit.org/show_bug.cgi?id=181341
1517
1518         Reviewed by Joseph Pecoraro.
1519
1520         * inspector/protocol/Recording.json:
1521         * inspector/scripts/codegen/generator.py:
1522
1523 2018-09-14  Mike Gorse  <mgorse@suse.com>
1524
1525         builtins directory causes name conflict on Python 3
1526         https://bugs.webkit.org/show_bug.cgi?id=189552
1527
1528         Reviewed by Michael Catanzaro.
1529
1530         * CMakeLists.txt: builtins -> wkbuiltins.
1531         * DerivedSources.make: builtins -> wkbuiltins.
1532         * Scripts/generate-js-builtins.py: import wkbuiltins, rather than
1533           builtins.
1534         * Scripts/wkbuiltins/__init__.py: Renamed from Source/JavaScriptCore/Scripts/builtins/__init__.py.
1535         * Scripts/wkbuiltins/builtins_generate_combined_header.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_combined_header.py.
1536         * Scripts/wkbuiltins/builtins_generate_internals_wrapper_implementation.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_internals_wrapper_implementation.py.
1537         * Scripts/wkbuiltins/builtins_generate_separate_header.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_separate_header.py.
1538         * Scripts/wkbuiltins/builtins_generate_separate_implementation.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_separate_implementation.py.
1539         * Scripts/wkbuiltins/builtins_generate_wrapper_header.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_wrapper_header.py.
1540         * Scripts/wkbuiltins/builtins_generate_wrapper_implementation.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generate_wrapper_implementation.py.
1541         * Scripts/wkbuiltins/builtins_generator.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_generator.py.
1542         * Scripts/wkbuiltins/builtins_model.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_model.py.
1543         * Scripts/wkbuiltins/builtins_templates.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins_templates.py.
1544         * Scripts/wkbuiltins/wkbuiltins.py: Renamed from Source/JavaScriptCore/Scripts/builtins/builtins.py.
1545         * JavaScriptCore.xcodeproj/project.pbxproj: Update for the renaming.
1546
1547 2018-09-13  Yusuke Suzuki  <yusukesuzuki@slowstart.org>
1548
1549         [WebAssembly] Inline WasmContext accessor functions
1550         https://bugs.webkit.org/show_bug.cgi?id=189416
1551
1552         Reviewed by Saam Barati.
1553
1554         WasmContext accessor functions are very small while it resides in the critical path of
1555         JS to Wasm function call. This patch makes them inline to improve performance.
1556         This change improves a small benchmark (calling JS to Wasm function 1e7 times) from 320ms to 270ms.
1557
1558         * JavaScriptCore.xcodeproj/project.pbxproj:
1559         * Sources.txt:
1560         * interpreter/CallFrame.cpp:
1561         * jit/AssemblyHelpers.cpp:
1562         * wasm/WasmB3IRGenerator.cpp:
1563         * wasm/WasmContextInlines.h: Renamed from Source/JavaScriptCore/wasm/WasmContext.cpp.
1564         (JSC::Wasm::Context::useFastTLS):
1565         (JSC::Wasm::Context::load const):
1566         (JSC::Wasm::Context::store):
1567         * wasm/WasmMemoryInformation.cpp:
1568         * wasm/WasmModuleParser.cpp: Include <wtf/SHA1.h> due to changes of unified source combinations.
1569         * wasm/js/JSToWasm.cpp:
1570         * wasm/js/WebAssemblyFunction.cpp:
1571
1572 2018-09-12  David Kilzer  <ddkilzer@apple.com>
1573
1574         Move JavaScriptCore files to match Xcode project hierarchy
1575         <https://webkit.org/b/189574>
1576
1577         Reviewed by Filip Pizlo.
1578
1579         * API/JSAPIValueWrapper.cpp: Rename from Source/JavaScriptCore/runtime/JSAPIValueWrapper.cpp.
1580         * API/JSAPIValueWrapper.h: Rename from Source/JavaScriptCore/runtime/JSAPIValueWrapper.h.
1581         * CMakeLists.txt: Update for new path to
1582         generateYarrUnicodePropertyTables.py, hasher.py and
1583         JSAPIValueWrapper.h.
1584         * DerivedSources.make: Ditto. Add missing dependency on
1585         hasher.py captured by CMakeLists.txt.
1586         * JavaScriptCore.xcodeproj/project.pbxproj: Update for new file
1587         reference paths. Add hasher.py library to project.
1588         * Sources.txt: Update for new path to
1589         JSAPIValueWrapper.cpp.
1590         * runtime/JSImmutableButterfly.h: Add missing includes
1591         after changes to Sources.txt and regenerating unified
1592         sources.
1593         * runtime/RuntimeType.h: Ditto.
1594         * yarr/generateYarrUnicodePropertyTables.py: Rename from Source/JavaScriptCore/Scripts/generateYarrUnicodePropertyTables.py.
1595         * yarr/hasher.py: Rename from Source/JavaScriptCore/Scripts/hasher.py.
1596
1597 2018-09-12  David Kilzer  <ddkilzer@apple.com>
1598
1599         Let Xcode have its way with the JavaScriptCore project
1600
1601         * JavaScriptCore.xcodeproj/project.pbxproj:
1602
1603 2018-09-12  Guillaume Emont  <guijemont@igalia.com>
1604
1605         Add IGNORE_WARNING_.* macros
1606         https://bugs.webkit.org/show_bug.cgi?id=188996
1607
1608         Reviewed by Michael Catanzaro.
1609
1610         * API/JSCallbackObject.h:
1611         * API/tests/testapi.c:
1612         * assembler/LinkBuffer.h:
1613         (JSC::LinkBuffer::finalizeCodeWithDisassembly):
1614         * b3/B3LowerToAir.cpp:
1615         * b3/B3Opcode.cpp:
1616         * b3/B3Type.h:
1617         * b3/B3TypeMap.h:
1618         * b3/B3Width.h:
1619         * b3/air/AirArg.cpp:
1620         * b3/air/AirArg.h:
1621         * b3/air/AirCode.h:
1622         * bytecode/Opcode.h:
1623         (JSC::padOpcodeName):
1624         * dfg/DFGSpeculativeJIT.cpp:
1625         (JSC::DFG::SpeculativeJIT::speculateNumber):
1626         (JSC::DFG::SpeculativeJIT::speculateMisc):
1627         * dfg/DFGSpeculativeJIT64.cpp:
1628         * ftl/FTLOutput.h:
1629         * jit/CCallHelpers.h:
1630         (JSC::CCallHelpers::calculatePokeOffset):
1631         * llint/LLIntData.cpp:
1632         * llint/LLIntSlowPaths.cpp:
1633         (JSC::LLInt::slowPathLogF):
1634         * runtime/ConfigFile.cpp:
1635         (JSC::ConfigFile::canonicalizePaths):
1636         * runtime/JSDataViewPrototype.cpp:
1637         * runtime/JSGenericTypedArrayViewConstructor.h:
1638         * runtime/JSGenericTypedArrayViewPrototype.h:
1639         * runtime/Options.cpp:
1640         (JSC::Options::setAliasedOption):
1641         * tools/CodeProfiling.cpp:
1642         * wasm/WasmSections.h:
1643         * wasm/generateWasmValidateInlinesHeader.py:
1644
1645 == Rolled over to ChangeLog-2018-09-11 ==