[JSC] Generalize Get/PutPromiseInternalField for InternalFieldObjectImpl
authorysuzuki@apple.com <ysuzuki@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 5 Sep 2019 21:48:43 +0000 (21:48 +0000)
committerysuzuki@apple.com <ysuzuki@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 5 Sep 2019 21:48:43 +0000 (21:48 +0000)
https://bugs.webkit.org/show_bug.cgi?id=201513

Reviewed by Ross Kirsling.

This patch extracts JSPromise's internal fields mechanism as JSInternalFieldsObjectImpl, and make it reusable for the other objects.
It is preparation for using this internal fields mechanism for generators, async functions, async generators, array iterators and so on.

The profiler is telling many recompilation of Generator's resume function (including async generator's one). We are using properties
with private-symbols as a storage for internal state of generators. However, the spec defines that each generator from different generator-functions
has different [[Prototype]]. While we need to share one Generator.prototype.next function, generators tend to have different Structures due to
different [[Prototype]] and accessing internal fields with `get_by_id_direct` sadly becomes super megamorphic while it is not necessary.
And every time new Structure for new generator pops up, DFG/FTL code for generator resume function gets OSR exit or eventually this function gets
emits super generic code unfortunately. By using internal fields for storing these state, we can avoid this performance problem.

Bytecodes and corresponding DFG nodes are just renamed. JSPromise is now inheriting JSInternalFieldsObjectImpl, which can holds specified
number of internal fields. And op_get_internal_field / op_put_internal_field can access these internal fields.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* bytecode/BytecodeList.rb:
* bytecode/BytecodeUseDef.h:
(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::finishCreation):
* bytecode/Opcode.h:
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitGetInternalField):
(JSC::BytecodeGenerator::emitPutInternalField):
(JSC::BytecodeGenerator::emitGetPromiseInternalField): Deleted.
(JSC::BytecodeGenerator::emitPutPromiseInternalField): Deleted.
* bytecompiler/BytecodeGenerator.h:
* bytecompiler/NodesCodegen.cpp:
(JSC::BytecodeIntrinsicNode::emit_intrinsic_getPromiseInternalField):
(JSC::BytecodeIntrinsicNode::emit_intrinsic_putPromiseInternalField):
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
* dfg/DFGCapabilities.cpp:
(JSC::DFG::capabilityLevel):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGMayExit.cpp:
* dfg/DFGNode.h:
(JSC::DFG::Node::hasInternalFieldIndex):
(JSC::DFG::Node::hasHeapPrediction):
* dfg/DFGNodeType.h:
* dfg/DFGPredictionPropagationPhase.cpp:
* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileGetInternalField):
(JSC::DFG::SpeculativeJIT::compilePutInternalField):
(JSC::DFG::SpeculativeJIT::compileCreatePromise):
(JSC::DFG::SpeculativeJIT::compileNewPromise):
(JSC::DFG::SpeculativeJIT::compileGetPromiseInternalField): Deleted.
(JSC::DFG::SpeculativeJIT::compilePutPromiseInternalField): Deleted.
* dfg/DFGSpeculativeJIT.h:
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGStoreBarrierInsertionPhase.cpp:
* ftl/FTLAbstractHeapRepository.h:
* ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileNewPromise):
(JSC::FTL::DFG::LowerDFGToB3::compileCreatePromise):
(JSC::FTL::DFG::LowerDFGToB3::compileGetInternalField):
(JSC::FTL::DFG::LowerDFGToB3::compilePutInternalField):
(JSC::FTL::DFG::LowerDFGToB3::compileGetPromiseInternalField): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::compilePutPromiseInternalField): Deleted.
* jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
* jit/JIT.h:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_get_internal_field):
(JSC::JIT::emit_op_put_internal_field):
(JSC::JIT::emit_op_get_promise_internal_field): Deleted.
(JSC::JIT::emit_op_put_promise_internal_field): Deleted.
* jit/JITPropertyAccess32_64.cpp:
(JSC::JIT::emit_op_get_internal_field):
(JSC::JIT::emit_op_put_internal_field):
(JSC::JIT::emit_op_get_promise_internal_field): Deleted.
(JSC::JIT::emit_op_put_promise_internal_field): Deleted.
* llint/LLIntOffsetsExtractor.cpp:
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* runtime/JSInternalFieldObjectImpl.h: Copied from Source/JavaScriptCore/runtime/JSPromise.h.
(JSC::JSInternalFieldObjectImpl::allocationSize):
(JSC::JSInternalFieldObjectImpl::internalField const):
(JSC::JSInternalFieldObjectImpl::internalField):
(JSC::JSInternalFieldObjectImpl::offsetOfInternalFields):
(JSC::JSInternalFieldObjectImpl::offsetOfInternalField):
(JSC::JSInternalFieldObjectImpl::JSInternalFieldObjectImpl):
* runtime/JSInternalFieldObjectImplInlines.h: Added.
(JSC::JSInternalFieldObjectImpl<passedNumberOfInternalFields>::visitChildren):
* runtime/JSPromise.cpp:
(JSC::JSPromise::finishCreation):
(JSC::JSPromise::visitChildren):
(JSC::JSPromise::status const):
(JSC::JSPromise::result const):
(JSC::JSPromise::isHandled const):
* runtime/JSPromise.h:
(JSC::JSPromise::allocationSize): Deleted.
(JSC::JSPromise::offsetOfInternalFields): Deleted.
(JSC::JSPromise::offsetOfInternalField): Deleted.
(): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@249547 268f45cc-cd09-0410-ab3c-d52691b4dbfc

41 files changed:
Source/JavaScriptCore/CMakeLists.txt
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
Source/JavaScriptCore/bytecode/BytecodeList.rb
Source/JavaScriptCore/bytecode/BytecodeUseDef.h
Source/JavaScriptCore/bytecode/CodeBlock.cpp
Source/JavaScriptCore/bytecode/Opcode.h
Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp
Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h
Source/JavaScriptCore/bytecompiler/NodesCodegen.cpp
Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h
Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
Source/JavaScriptCore/dfg/DFGCapabilities.cpp
Source/JavaScriptCore/dfg/DFGClobberize.h
Source/JavaScriptCore/dfg/DFGDoesGC.cpp
Source/JavaScriptCore/dfg/DFGFixupPhase.cpp
Source/JavaScriptCore/dfg/DFGMayExit.cpp
Source/JavaScriptCore/dfg/DFGNode.h
Source/JavaScriptCore/dfg/DFGNodeType.h
Source/JavaScriptCore/dfg/DFGPredictionPropagationPhase.cpp
Source/JavaScriptCore/dfg/DFGSafeToExecute.h
Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h
Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp
Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
Source/JavaScriptCore/dfg/DFGStoreBarrierInsertionPhase.cpp
Source/JavaScriptCore/ftl/FTLAbstractHeapRepository.h
Source/JavaScriptCore/ftl/FTLCapabilities.cpp
Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
Source/JavaScriptCore/jit/JIT.cpp
Source/JavaScriptCore/jit/JIT.h
Source/JavaScriptCore/jit/JITPropertyAccess.cpp
Source/JavaScriptCore/jit/JITPropertyAccess32_64.cpp
Source/JavaScriptCore/llint/LLIntOffsetsExtractor.cpp
Source/JavaScriptCore/llint/LowLevelInterpreter.asm
Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm
Source/JavaScriptCore/llint/LowLevelInterpreter64.asm
Source/JavaScriptCore/runtime/JSInternalFieldObjectImpl.h [new file with mode: 0644]
Source/JavaScriptCore/runtime/JSInternalFieldObjectImplInlines.h [new file with mode: 0644]
Source/JavaScriptCore/runtime/JSPromise.cpp
Source/JavaScriptCore/runtime/JSPromise.h

index 3e6a497..d9940ff 100644 (file)
@@ -865,6 +865,7 @@ set(JavaScriptCore_PRIVATE_FRAMEWORK_HEADERS
     runtime/JSGlobalObjectFunctions.h
     runtime/JSGlobalObjectInlines.h
     runtime/JSImmutableButterfly.h
+    runtime/JSInternalFieldObjectImpl.h
     runtime/JSInternalPromise.h
     runtime/JSInternalPromiseDeferred.h
     runtime/JSMicrotask.h
index 096b7e0..7e405ca 100644 (file)
@@ -1,3 +1,123 @@
+2019-09-05  Yusuke Suzuki  <ysuzuki@apple.com>
+
+        [JSC] Generalize Get/PutPromiseInternalField for InternalFieldObjectImpl
+        https://bugs.webkit.org/show_bug.cgi?id=201513
+
+        Reviewed by Ross Kirsling.
+
+        This patch extracts JSPromise's internal fields mechanism as JSInternalFieldsObjectImpl, and make it reusable for the other objects.
+        It is preparation for using this internal fields mechanism for generators, async functions, async generators, array iterators and so on.
+
+        The profiler is telling many recompilation of Generator's resume function (including async generator's one). We are using properties
+        with private-symbols as a storage for internal state of generators. However, the spec defines that each generator from different generator-functions
+        has different [[Prototype]]. While we need to share one Generator.prototype.next function, generators tend to have different Structures due to
+        different [[Prototype]] and accessing internal fields with `get_by_id_direct` sadly becomes super megamorphic while it is not necessary.
+        And every time new Structure for new generator pops up, DFG/FTL code for generator resume function gets OSR exit or eventually this function gets
+        emits super generic code unfortunately. By using internal fields for storing these state, we can avoid this performance problem.
+
+        Bytecodes and corresponding DFG nodes are just renamed. JSPromise is now inheriting JSInternalFieldsObjectImpl, which can holds specified
+        number of internal fields. And op_get_internal_field / op_put_internal_field can access these internal fields.
+
+        * CMakeLists.txt:
+        * JavaScriptCore.xcodeproj/project.pbxproj:
+        * bytecode/BytecodeList.rb:
+        * bytecode/BytecodeUseDef.h:
+        (JSC::computeUsesForBytecodeOffset):
+        (JSC::computeDefsForBytecodeOffset):
+        * bytecode/CodeBlock.cpp:
+        (JSC::CodeBlock::finishCreation):
+        * bytecode/Opcode.h:
+        * bytecompiler/BytecodeGenerator.cpp:
+        (JSC::BytecodeGenerator::emitGetInternalField):
+        (JSC::BytecodeGenerator::emitPutInternalField):
+        (JSC::BytecodeGenerator::emitGetPromiseInternalField): Deleted.
+        (JSC::BytecodeGenerator::emitPutPromiseInternalField): Deleted.
+        * bytecompiler/BytecodeGenerator.h:
+        * bytecompiler/NodesCodegen.cpp:
+        (JSC::BytecodeIntrinsicNode::emit_intrinsic_getPromiseInternalField):
+        (JSC::BytecodeIntrinsicNode::emit_intrinsic_putPromiseInternalField):
+        * dfg/DFGAbstractInterpreterInlines.h:
+        (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
+        * dfg/DFGByteCodeParser.cpp:
+        (JSC::DFG::ByteCodeParser::parseBlock):
+        * dfg/DFGCapabilities.cpp:
+        (JSC::DFG::capabilityLevel):
+        * dfg/DFGClobberize.h:
+        (JSC::DFG::clobberize):
+        * dfg/DFGDoesGC.cpp:
+        (JSC::DFG::doesGC):
+        * dfg/DFGFixupPhase.cpp:
+        (JSC::DFG::FixupPhase::fixupNode):
+        * dfg/DFGMayExit.cpp:
+        * dfg/DFGNode.h:
+        (JSC::DFG::Node::hasInternalFieldIndex):
+        (JSC::DFG::Node::hasHeapPrediction):
+        * dfg/DFGNodeType.h:
+        * dfg/DFGPredictionPropagationPhase.cpp:
+        * dfg/DFGSafeToExecute.h:
+        (JSC::DFG::safeToExecute):
+        * dfg/DFGSpeculativeJIT.cpp:
+        (JSC::DFG::SpeculativeJIT::compileGetInternalField):
+        (JSC::DFG::SpeculativeJIT::compilePutInternalField):
+        (JSC::DFG::SpeculativeJIT::compileCreatePromise):
+        (JSC::DFG::SpeculativeJIT::compileNewPromise):
+        (JSC::DFG::SpeculativeJIT::compileGetPromiseInternalField): Deleted.
+        (JSC::DFG::SpeculativeJIT::compilePutPromiseInternalField): Deleted.
+        * dfg/DFGSpeculativeJIT.h:
+        * dfg/DFGSpeculativeJIT32_64.cpp:
+        (JSC::DFG::SpeculativeJIT::compile):
+        * dfg/DFGSpeculativeJIT64.cpp:
+        (JSC::DFG::SpeculativeJIT::compile):
+        * dfg/DFGStoreBarrierInsertionPhase.cpp:
+        * ftl/FTLAbstractHeapRepository.h:
+        * ftl/FTLCapabilities.cpp:
+        (JSC::FTL::canCompile):
+        * ftl/FTLLowerDFGToB3.cpp:
+        (JSC::FTL::DFG::LowerDFGToB3::compileNode):
+        (JSC::FTL::DFG::LowerDFGToB3::compileNewPromise):
+        (JSC::FTL::DFG::LowerDFGToB3::compileCreatePromise):
+        (JSC::FTL::DFG::LowerDFGToB3::compileGetInternalField):
+        (JSC::FTL::DFG::LowerDFGToB3::compilePutInternalField):
+        (JSC::FTL::DFG::LowerDFGToB3::compileGetPromiseInternalField): Deleted.
+        (JSC::FTL::DFG::LowerDFGToB3::compilePutPromiseInternalField): Deleted.
+        * jit/JIT.cpp:
+        (JSC::JIT::privateCompileMainPass):
+        * jit/JIT.h:
+        * jit/JITPropertyAccess.cpp:
+        (JSC::JIT::emit_op_get_internal_field):
+        (JSC::JIT::emit_op_put_internal_field):
+        (JSC::JIT::emit_op_get_promise_internal_field): Deleted.
+        (JSC::JIT::emit_op_put_promise_internal_field): Deleted.
+        * jit/JITPropertyAccess32_64.cpp:
+        (JSC::JIT::emit_op_get_internal_field):
+        (JSC::JIT::emit_op_put_internal_field):
+        (JSC::JIT::emit_op_get_promise_internal_field): Deleted.
+        (JSC::JIT::emit_op_put_promise_internal_field): Deleted.
+        * llint/LLIntOffsetsExtractor.cpp:
+        * llint/LowLevelInterpreter.asm:
+        * llint/LowLevelInterpreter32_64.asm:
+        * llint/LowLevelInterpreter64.asm:
+        * runtime/JSInternalFieldObjectImpl.h: Copied from Source/JavaScriptCore/runtime/JSPromise.h.
+        (JSC::JSInternalFieldObjectImpl::allocationSize):
+        (JSC::JSInternalFieldObjectImpl::internalField const):
+        (JSC::JSInternalFieldObjectImpl::internalField):
+        (JSC::JSInternalFieldObjectImpl::offsetOfInternalFields):
+        (JSC::JSInternalFieldObjectImpl::offsetOfInternalField):
+        (JSC::JSInternalFieldObjectImpl::JSInternalFieldObjectImpl):
+        * runtime/JSInternalFieldObjectImplInlines.h: Added.
+        (JSC::JSInternalFieldObjectImpl<passedNumberOfInternalFields>::visitChildren):
+        * runtime/JSPromise.cpp:
+        (JSC::JSPromise::finishCreation):
+        (JSC::JSPromise::visitChildren):
+        (JSC::JSPromise::status const):
+        (JSC::JSPromise::result const):
+        (JSC::JSPromise::isHandled const):
+        * runtime/JSPromise.h:
+        (JSC::JSPromise::allocationSize): Deleted.
+        (JSC::JSPromise::offsetOfInternalFields): Deleted.
+        (JSC::JSPromise::offsetOfInternalField): Deleted.
+        (): Deleted.
+
 2019-09-05  Commit Queue  <commit-queue@webkit.org>
 
         Unreviewed, rolling out r247463.
index 5dafe64..0d88b54 100644 (file)
                E328DAE91D38D005001A2529 /* BytecodeGraph.h in Headers */ = {isa = PBXBuildFile; fileRef = E3D264281D38C042000BE174 /* BytecodeGraph.h */; settings = {ATTRIBUTES = (Private, ); }; };
                E328DAEB1D38D005001A2529 /* BytecodeRewriter.h in Headers */ = {isa = PBXBuildFile; fileRef = E3D2642A1D38C042000BE174 /* BytecodeRewriter.h */; settings = {ATTRIBUTES = (Private, ); }; };
                E32AB2441DCD75F400D7533A /* MacroAssemblerHelpers.h in Headers */ = {isa = PBXBuildFile; fileRef = E380A76B1DCD7195000F89E6 /* MacroAssemblerHelpers.h */; settings = {ATTRIBUTES = (Private, ); }; };
+               E33095DD23210A1B00EB7856 /* JSInternalFieldObjectImpl.h in Headers */ = {isa = PBXBuildFile; fileRef = E33095DC23210A1400EB7856 /* JSInternalFieldObjectImpl.h */; settings = {ATTRIBUTES = (Private, ); }; };
                E334CBB521FD96A9000EB178 /* RegExpGlobalData.h in Headers */ = {isa = PBXBuildFile; fileRef = E334CBB321FD96A9000EB178 /* RegExpGlobalData.h */; settings = {ATTRIBUTES = (Private, ); }; };
                E33637A61B63220200EE0840 /* ReflectObject.h in Headers */ = {isa = PBXBuildFile; fileRef = E33637A41B63220200EE0840 /* ReflectObject.h */; settings = {ATTRIBUTES = (Private, ); }; };
                E337B967224324EA0093A820 /* WasmCapabilities.h in Headers */ = {isa = PBXBuildFile; fileRef = E337B966224324E50093A820 /* WasmCapabilities.h */; settings = {ATTRIBUTES = (Private, ); }; };
+               E339700523210E0B00B0AE21 /* JSInternalFieldObjectImplInlines.h in Headers */ = {isa = PBXBuildFile; fileRef = E339700423210E0A00B0AE21 /* JSInternalFieldObjectImplInlines.h */; };
                E33A94962255323000D42B06 /* RandomizingFuzzerAgent.h in Headers */ = {isa = PBXBuildFile; fileRef = E33A94942255322900D42B06 /* RandomizingFuzzerAgent.h */; };
                E33A94972255323300D42B06 /* FuzzerAgent.h in Headers */ = {isa = PBXBuildFile; fileRef = E33A94922255322900D42B06 /* FuzzerAgent.h */; settings = {ATTRIBUTES = (Private, ); }; };
                E33B3E261B7ABD750048DB2E /* InspectorInstrumentationObject.lut.h in Headers */ = {isa = PBXBuildFile; fileRef = E33B3E251B7ABD750048DB2E /* InspectorInstrumentationObject.lut.h */; };
                E3305FB020B0F78700CEB82B /* InByIdVariant.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = InByIdVariant.cpp; sourceTree = "<group>"; };
                E3305FB120B0F78800CEB82B /* InByIdVariant.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = InByIdVariant.h; sourceTree = "<group>"; };
                E3305FB220B0F78800CEB82B /* InByIdStatus.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = InByIdStatus.cpp; sourceTree = "<group>"; };
+               E33095DC23210A1400EB7856 /* JSInternalFieldObjectImpl.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = JSInternalFieldObjectImpl.h; sourceTree = "<group>"; };
                E334CBB221FD96A8000EB178 /* RegExpGlobalData.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = RegExpGlobalData.cpp; sourceTree = "<group>"; };
                E334CBB321FD96A9000EB178 /* RegExpGlobalData.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = RegExpGlobalData.h; sourceTree = "<group>"; };
                E33637A31B63220200EE0840 /* ReflectObject.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ReflectObject.cpp; sourceTree = "<group>"; };
                E33637A41B63220200EE0840 /* ReflectObject.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ReflectObject.h; sourceTree = "<group>"; };
                E337B966224324E50093A820 /* WasmCapabilities.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = WasmCapabilities.h; sourceTree = "<group>"; };
+               E339700423210E0A00B0AE21 /* JSInternalFieldObjectImplInlines.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = JSInternalFieldObjectImplInlines.h; sourceTree = "<group>"; };
                E33A94922255322900D42B06 /* FuzzerAgent.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = FuzzerAgent.h; sourceTree = "<group>"; };
                E33A94932255322900D42B06 /* RandomizingFuzzerAgent.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = RandomizingFuzzerAgent.cpp; sourceTree = "<group>"; };
                E33A94942255322900D42B06 /* RandomizingFuzzerAgent.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = RandomizingFuzzerAgent.h; sourceTree = "<group>"; };
                                0F2B66CA17B6B5AB00A7AE3F /* JSInt16Array.h */,
                                0F2B66CB17B6B5AB00A7AE3F /* JSInt32Array.h */,
                                0F2B66C917B6B5AB00A7AE3F /* JSInt8Array.h */,
+                               E33095DC23210A1400EB7856 /* JSInternalFieldObjectImpl.h */,
+                               E339700423210E0A00B0AE21 /* JSInternalFieldObjectImplInlines.h */,
                                E33F507E1B8429A400413856 /* JSInternalPromise.cpp */,
                                E33F507F1B8429A400413856 /* JSInternalPromise.h */,
                                E33F50761B84225700413856 /* JSInternalPromiseConstructor.cpp */,
                                0F2B66F917B6B5AB00A7AE3F /* JSInt32Array.h in Headers */,
                                0F2B66F717B6B5AB00A7AE3F /* JSInt8Array.h in Headers */,
                                A76C51761182748D00715B05 /* JSInterfaceJIT.h in Headers */,
+                               E33095DD23210A1B00EB7856 /* JSInternalFieldObjectImpl.h in Headers */,
+                               E339700523210E0B00B0AE21 /* JSInternalFieldObjectImplInlines.h in Headers */,
                                E33F50811B8429A400413856 /* JSInternalPromise.h in Headers */,
                                E33F50791B84225700413856 /* JSInternalPromiseConstructor.h in Headers */,
                                E33F50871B8449EF00413856 /* JSInternalPromiseConstructor.lut.h in Headers */,
index 658e11e..3b3998a 100644 (file)
@@ -1129,7 +1129,7 @@ op :resolve_scope_for_hoisting_func_decl_in_eval,
         property: unsigned,
     }
 
-op :get_promise_internal_field,
+op :get_internal_field,
     args: {
         dst: VirtualRegister,
         base: VirtualRegister,
@@ -1139,7 +1139,7 @@ op :get_promise_internal_field,
         profile: ValueProfile,
     }
 
-op :put_promise_internal_field,
+op :put_internal_field,
     args: {
         base: VirtualRegister,
         index: unsigned,
index 73b5a58..be08596 100644 (file)
@@ -254,8 +254,8 @@ void computeUsesForBytecodeOffset(Block* codeBlock, OpcodeID opcodeID, const Ins
     USES(OpSwitchChar, scrutinee)
     USES(OpSwitchImm, scrutinee)
 
-    USES(OpGetPromiseInternalField, base)
-    USES(OpPutPromiseInternalField, base, value)
+    USES(OpGetInternalField, base)
+    USES(OpPutInternalField, base, value)
 
     USES(OpYield, generator, argument)
 
@@ -345,7 +345,7 @@ void computeDefsForBytecodeOffset(Block* codeBlock, OpcodeID opcodeID, const Ins
     case op_put_setter_by_val:
     case op_put_by_val:
     case op_put_by_val_direct:
-    case op_put_promise_internal_field:
+    case op_put_internal_field:
     case op_define_data_property:
     case op_define_accessor_property:
     case op_profile_type:
@@ -477,7 +477,7 @@ void computeDefsForBytecodeOffset(Block* codeBlock, OpcodeID opcodeID, const Ins
     DEFS(OpGetArgument, dst)
     DEFS(OpCreateRest, dst)
     DEFS(OpGetRestLength, dst)
-    DEFS(OpGetPromiseInternalField, dst)
+    DEFS(OpGetInternalField, dst)
 
     DEFS(OpCatch, exception, thrownValue)
 
index bf37b0f..2943b2b 100644 (file)
@@ -540,7 +540,7 @@ bool CodeBlock::finishCreation(VM& vm, ScriptExecutable* ownerExecutable, Unlink
         LINK(OpToNumber, profile)
         LINK(OpToObject, profile)
         LINK(OpGetArgument, profile)
-        LINK(OpGetPromiseInternalField, profile)
+        LINK(OpGetInternalField, profile)
         LINK(OpToThis, profile)
         LINK(OpBitand, profile)
         LINK(OpBitor, profile)
index dcbeb8a..42a56fb 100644 (file)
@@ -97,7 +97,7 @@ extern const unsigned opcodeLengths[];
     macro(OpToNumber) \
     macro(OpToObject) \
     macro(OpGetArgument) \
-    macro(OpGetPromiseInternalField) \
+    macro(OpGetInternalField) \
     macro(OpToThis) \
     macro(OpCall) \
     macro(OpTailCall) \
index 7f67d66..ea7a4ac 100644 (file)
@@ -2808,15 +2808,15 @@ RegisterID* BytecodeGenerator::emitDeleteByVal(RegisterID* dst, RegisterID* base
     return dst;
 }
 
-RegisterID* BytecodeGenerator::emitGetPromiseInternalField(RegisterID* dst, RegisterID* base, unsigned index)
+RegisterID* BytecodeGenerator::emitGetInternalField(RegisterID* dst, RegisterID* base, unsigned index)
 {
-    OpGetPromiseInternalField::emit(this, dst, base, index);
+    OpGetInternalField::emit(this, dst, base, index);
     return dst;
 }
 
-RegisterID* BytecodeGenerator::emitPutPromiseInternalField(RegisterID* base, unsigned index, RegisterID* value)
+RegisterID* BytecodeGenerator::emitPutInternalField(RegisterID* base, unsigned index, RegisterID* value)
 {
-    OpPutPromiseInternalField::emit(this, base, index, value);
+    OpPutInternalField::emit(this, base, index, value);
     return value;
 }
 
index bb04cee..94eeb13 100644 (file)
@@ -776,8 +776,8 @@ namespace JSC {
         RegisterID* emitDirectPutByVal(RegisterID* base, RegisterID* property, RegisterID* value);
         RegisterID* emitDeleteByVal(RegisterID* dst, RegisterID* base, RegisterID* property);
 
-        RegisterID* emitGetPromiseInternalField(RegisterID* dst, RegisterID* base, unsigned index);
-        RegisterID* emitPutPromiseInternalField(RegisterID* base, unsigned index, RegisterID* value);
+        RegisterID* emitGetInternalField(RegisterID* dst, RegisterID* base, unsigned index);
+        RegisterID* emitPutInternalField(RegisterID* base, unsigned index, RegisterID* value);
 
         void emitSuperSamplerBegin();
         void emitSuperSamplerEnd();
index 2c83236..48909ef 100644 (file)
@@ -1030,7 +1030,7 @@ RegisterID* BytecodeIntrinsicNode::emit_intrinsic_getPromiseInternalField(Byteco
     ASSERT(index < JSPromise::numberOfInternalFields);
     ASSERT(!node->m_next);
 
-    return generator.emitGetPromiseInternalField(generator.finalDestination(dst), base.get(), index);
+    return generator.emitGetInternalField(generator.finalDestination(dst), base.get(), index);
 }
 
 RegisterID* BytecodeIntrinsicNode::emit_intrinsic_argument(BytecodeGenerator& generator, RegisterID* dst)
@@ -1115,7 +1115,7 @@ RegisterID* BytecodeIntrinsicNode::emit_intrinsic_putPromiseInternalField(Byteco
 
     ASSERT(!node->m_next);
 
-    return generator.move(dst, generator.emitPutPromiseInternalField(base.get(), index, value.get()));
+    return generator.move(dst, generator.emitPutInternalField(base.get(), index, value.get()));
 }
 
 RegisterID* BytecodeIntrinsicNode::emit_intrinsic_tailCallForwardArguments(BytecodeGenerator& generator, RegisterID* dst)
index 464781d..9b6bf03 100644 (file)
@@ -2940,11 +2940,11 @@ bool AbstractInterpreter<AbstractStateType>::executeEffects(unsigned clobberLimi
     case PutClosureVar:
         break;
 
-    case GetPromiseInternalField:
+    case GetInternalField:
         makeBytecodeTopForNode(node);
         break;
 
-    case PutPromiseInternalField:
+    case PutInternalField:
         break;
 
 
index 0f3fb7e..2c82b1e 100644 (file)
@@ -7049,16 +7049,16 @@ void ByteCodeParser::parseBlock(unsigned limit)
             NEXT_OPCODE(op_to_index_string);
         }
 
-        case op_get_promise_internal_field: {
-            auto bytecode = currentInstruction->as<OpGetPromiseInternalField>();
-            set(bytecode.m_dst, addToGraph(GetPromiseInternalField, OpInfo(bytecode.m_index), OpInfo(getPrediction()), get(bytecode.m_base)));
-            NEXT_OPCODE(op_get_promise_internal_field);
+        case op_get_internal_field: {
+            auto bytecode = currentInstruction->as<OpGetInternalField>();
+            set(bytecode.m_dst, addToGraph(GetInternalField, OpInfo(bytecode.m_index), OpInfo(getPrediction()), get(bytecode.m_base)));
+            NEXT_OPCODE(op_get_internal_field);
         }
 
-        case op_put_promise_internal_field: {
-            auto bytecode = currentInstruction->as<OpPutPromiseInternalField>();
-            addToGraph(PutPromiseInternalField, OpInfo(bytecode.m_index), get(bytecode.m_base), get(bytecode.m_value));
-            NEXT_OPCODE(op_put_promise_internal_field);
+        case op_put_internal_field: {
+            auto bytecode = currentInstruction->as<OpPutInternalField>();
+            addToGraph(PutInternalField, OpInfo(bytecode.m_index), get(bytecode.m_base), get(bytecode.m_value));
+            NEXT_OPCODE(op_put_internal_field);
         }
             
         case op_log_shadow_chicken_prologue: {
index 5ac7c42..c0ee98a 100644 (file)
@@ -275,8 +275,8 @@ CapabilityLevel capabilityLevel(OpcodeID opcodeID, CodeBlock* codeBlock, const I
     case op_resolve_scope:
     case op_resolve_scope_for_hoisting_func_decl_in_eval:
     case op_new_regexp:
-    case op_get_promise_internal_field:
-    case op_put_promise_internal_field:
+    case op_get_internal_field:
+    case op_put_internal_field:
     case op_unreachable:
     case op_super_sampler_begin:
     case op_super_sampler_end:
index 22dcf39..c1b7a0b 100644 (file)
@@ -1317,14 +1317,14 @@ void clobberize(Graph& graph, Node* node, const ReadFunctor& read, const WriteFu
         def(HeapLocation(ClosureVariableLoc, AbstractHeap(ScopeProperties, node->scopeOffset().offset()), node->child1()), LazyNode(node->child2().node()));
         return;
 
-    case GetPromiseInternalField: {
+    case GetInternalField: {
         AbstractHeap heap(JSPromiseFields, node->internalFieldIndex());
         read(heap);
         def(HeapLocation(PromiseInternalFieldLoc, heap, node->child1()), LazyNode(node));
         return;
     }
 
-    case PutPromiseInternalField: {
+    case PutInternalField: {
         AbstractHeap heap(JSPromiseFields, node->internalFieldIndex());
         write(heap);
         def(HeapLocation(PromiseInternalFieldLoc, heap, node->child1()), LazyNode(node->child2().node()));
index 8938805..fb3122b 100644 (file)
@@ -123,8 +123,8 @@ bool doesGC(Graph& graph, Node* node)
     case GetGlobalThis:
     case GetClosureVar:
     case PutClosureVar:
-    case GetPromiseInternalField:
-    case PutPromiseInternalField:
+    case GetInternalField:
+    case PutInternalField:
     case GetRegExpObjectLastIndex:
     case SetRegExpObjectLastIndex:
     case RecordRegExpCachedResult:
index 3c73563..e45ac5c 100644 (file)
@@ -1484,14 +1484,14 @@ private:
             
         case GetClosureVar:
         case GetFromArguments:
-        case GetPromiseInternalField: {
+        case GetInternalField: {
             fixEdge<KnownCellUse>(node->child1());
             break;
         }
 
         case PutClosureVar:
         case PutToArguments:
-        case PutPromiseInternalField: {
+        case PutInternalField: {
             fixEdge<KnownCellUse>(node->child1());
             speculateForBarrier(node->child2());
             break;
index fb73de6..f8ee99c 100644 (file)
@@ -101,7 +101,7 @@ ExitMode mayExitImpl(Graph& graph, Node* node, StateType& state)
     case FencedStoreBarrier:
     case PutByOffset:
     case PutClosureVar:
-    case PutPromiseInternalField:
+    case PutInternalField:
     case RecordRegExpCachedResult:
     case NukeStructureAndSetButterfly:
     case FilterCallLinkStatus:
index 6902025..69f08c1 100644 (file)
@@ -1286,7 +1286,7 @@ public:
 
     unsigned hasInternalFieldIndex()
     {
-        return op() == GetPromiseInternalField || op() == PutPromiseInternalField;
+        return op() == GetInternalField || op() == PutInternalField;
     }
 
     unsigned internalFieldIndex()
@@ -1699,7 +1699,7 @@ public:
         case GetByOffset:
         case MultiGetByOffset:
         case GetClosureVar:
-        case GetPromiseInternalField:
+        case GetInternalField:
         case GetFromArguments:
         case GetArgument:
         case ArrayPop:
index dd4efcd..4d71582 100644 (file)
@@ -401,8 +401,8 @@ namespace JSC { namespace DFG {
     macro(SetFunctionName, NodeMustGenerate) \
     macro(HasOwnProperty, NodeResultBoolean) \
     \
-    macro(GetPromiseInternalField, NodeResultJS) \
-    macro(PutPromiseInternalField, NodeMustGenerate) \
+    macro(GetInternalField, NodeResultJS) \
+    macro(PutInternalField, NodeMustGenerate) \
     \
     macro(CreateActivation, NodeResultJS) \
     macro(PushWithScope, NodeResultJS | NodeMustGenerate) \
index 337c8b4..48a41b3 100644 (file)
@@ -827,7 +827,7 @@ private:
         case GetGlobalVar:
         case GetGlobalLexicalVariable:
         case GetClosureVar:
-        case GetPromiseInternalField:
+        case GetInternalField:
         case GetFromArguments:
         case LoadKeyFromMapBucket:
         case LoadValueFromMapBucket:
@@ -1270,7 +1270,7 @@ private:
         case PutByIdWithThis:
         case PutByVal:
         case PutClosureVar:
-        case PutPromiseInternalField:
+        case PutInternalField:
         case PutToArguments:
         case Return:
         case Throw:
index 0560eec..ca8aea3 100644 (file)
@@ -283,8 +283,8 @@ bool safeToExecute(AbstractStateType& state, Graph& graph, Node* node, bool igno
     case GetGlobalVar:
     case GetGlobalLexicalVariable:
     case PutGlobalVariable:
-    case GetPromiseInternalField:
-    case PutPromiseInternalField:
+    case GetInternalField:
+    case PutInternalField:
     case CheckCell:
     case CheckBadCell:
     case CheckNotEmpty:
index 73eedc3..c3fe5a4 100644 (file)
@@ -11270,7 +11270,7 @@ void SpeculativeJIT::compilePutClosureVar(Node* node)
     noResult(node);
 }
 
-void SpeculativeJIT::compileGetPromiseInternalField(Node* node)
+void SpeculativeJIT::compileGetInternalField(Node* node)
 {
     SpeculateCellOperand base(this, node->child1());
     JSValueRegsTemporary result(this);
@@ -11278,11 +11278,11 @@ void SpeculativeJIT::compileGetPromiseInternalField(Node* node)
     GPRReg baseGPR = base.gpr();
     JSValueRegs resultRegs = result.regs();
 
-    m_jit.loadValue(JITCompiler::Address(baseGPR, JSPromise::offsetOfInternalField(node->internalFieldIndex())), resultRegs);
+    m_jit.loadValue(JITCompiler::Address(baseGPR, JSInternalFieldObjectImpl<>::offsetOfInternalField(node->internalFieldIndex())), resultRegs);
     jsValueResult(resultRegs, node);
 }
 
-void SpeculativeJIT::compilePutPromiseInternalField(Node* node)
+void SpeculativeJIT::compilePutInternalField(Node* node)
 {
     SpeculateCellOperand base(this, node->child1());
     JSValueOperand value(this, node->child2());
@@ -11290,7 +11290,7 @@ void SpeculativeJIT::compilePutPromiseInternalField(Node* node)
     GPRReg baseGPR = base.gpr();
     JSValueRegs valueRegs = value.jsValueRegs();
 
-    m_jit.storeValue(valueRegs, JITCompiler::Address(baseGPR, JSPromise::offsetOfInternalField(node->internalFieldIndex())));
+    m_jit.storeValue(valueRegs, JITCompiler::Address(baseGPR, JSInternalFieldObjectImpl<>::offsetOfInternalField(node->internalFieldIndex())));
     noResult(node);
 }
 
@@ -12759,8 +12759,8 @@ void SpeculativeJIT::compileCreatePromise(Node* node)
         emitAllocateJSObjectWithKnownSize<JSInternalPromise>(resultGPR, structureGPR, butterfly, scratch1GPR, scratch2GPR, slowCases, sizeof(JSInternalPromise));
     else
         emitAllocateJSObjectWithKnownSize<JSPromise>(resultGPR, structureGPR, butterfly, scratch1GPR, scratch2GPR, slowCases, sizeof(JSPromise));
-    m_jit.storeTrustedValue(jsNumber(static_cast<unsigned>(JSPromise::Status::Pending)), CCallHelpers::Address(resultGPR, JSPromise::offsetOfInternalField(static_cast<unsigned>(JSPromise::Field::Flags))));
-    m_jit.storeTrustedValue(jsUndefined(), CCallHelpers::Address(resultGPR, JSPromise::offsetOfInternalField(static_cast<unsigned>(JSPromise::Field::ReactionsOrResult))));
+    m_jit.storeTrustedValue(jsNumber(static_cast<unsigned>(JSPromise::Status::Pending)), CCallHelpers::Address(resultGPR, JSInternalFieldObjectImpl<>::offsetOfInternalField(static_cast<unsigned>(JSPromise::Field::Flags))));
+    m_jit.storeTrustedValue(jsUndefined(), CCallHelpers::Address(resultGPR, JSInternalFieldObjectImpl<>::offsetOfInternalField(static_cast<unsigned>(JSPromise::Field::ReactionsOrResult))));
     m_jit.mutatorFence(m_jit.vm());
 
     addSlowPathGenerator(slowPathCall(slowCases, this, node->isInternalPromise() ? operationCreateInternalPromise : operationCreatePromise, resultGPR, calleeGPR, TrustedImmPtr::weakPointer(m_jit.graph(), globalObject)));
@@ -12815,8 +12815,8 @@ void SpeculativeJIT::compileNewPromise(Node* node)
         emitAllocateJSObjectWithKnownSize<JSInternalPromise>(resultGPR, TrustedImmPtr(structure), butterfly, scratch1GPR, scratch2GPR, slowCases, sizeof(JSInternalPromise));
     else
         emitAllocateJSObjectWithKnownSize<JSPromise>(resultGPR, TrustedImmPtr(structure), butterfly, scratch1GPR, scratch2GPR, slowCases, sizeof(JSPromise));
-    m_jit.storeTrustedValue(jsNumber(static_cast<unsigned>(JSPromise::Status::Pending)), CCallHelpers::Address(resultGPR, JSPromise::offsetOfInternalField(static_cast<unsigned>(JSPromise::Field::Flags))));
-    m_jit.storeTrustedValue(jsUndefined(), CCallHelpers::Address(resultGPR, JSPromise::offsetOfInternalField(static_cast<unsigned>(JSPromise::Field::ReactionsOrResult))));
+    m_jit.storeTrustedValue(jsNumber(static_cast<unsigned>(JSPromise::Status::Pending)), CCallHelpers::Address(resultGPR, JSInternalFieldObjectImpl<>::offsetOfInternalField(static_cast<unsigned>(JSPromise::Field::Flags))));
+    m_jit.storeTrustedValue(jsUndefined(), CCallHelpers::Address(resultGPR, JSInternalFieldObjectImpl<>::offsetOfInternalField(static_cast<unsigned>(JSPromise::Field::ReactionsOrResult))));
     m_jit.mutatorFence(m_jit.vm());
 
     addSlowPathGenerator(slowPathCall(slowCases, this, node->isInternalPromise() ? operationNewInternalPromise : operationNewPromise, resultGPR, TrustedImmPtr(structure)));
index 14d47f2..f991dd2 100644 (file)
@@ -1448,8 +1448,8 @@ public:
     void compilePutDynamicVar(Node*);
     void compileGetClosureVar(Node*);
     void compilePutClosureVar(Node*);
-    void compileGetPromiseInternalField(Node*);
-    void compilePutPromiseInternalField(Node*);
+    void compileGetInternalField(Node*);
+    void compilePutInternalField(Node*);
     void compileCompareEqPtr(Node*);
     void compileDefineDataProperty(Node*);
     void compileDefineAccessorProperty(Node*);
index c3da08b..09cf098 100644 (file)
@@ -3257,13 +3257,13 @@ void SpeculativeJIT::compile(Node* node)
         break;
     }
 
-    case GetPromiseInternalField: {
-        compileGetPromiseInternalField(node);
+    case GetInternalField: {
+        compileGetInternalField(node);
         break;
     }
 
-    case PutPromiseInternalField: {
-        compilePutPromiseInternalField(node);
+    case PutInternalField: {
+        compilePutInternalField(node);
         break;
     }
 
index c9e29f4..f1f04c3 100644 (file)
@@ -3538,13 +3538,13 @@ void SpeculativeJIT::compile(Node* node)
         break;
     }
 
-    case GetPromiseInternalField: {
-        compileGetPromiseInternalField(node);
+    case GetInternalField: {
+        compileGetInternalField(node);
         break;
     }
 
-    case PutPromiseInternalField: {
-        compilePutPromiseInternalField(node);
+    case PutInternalField: {
+        compilePutInternalField(node);
         break;
     }
 
index 4c73cf6..24b55e7 100644 (file)
@@ -282,7 +282,7 @@ private:
             case PutClosureVar:
             case PutToArguments:
             case SetRegExpObjectLastIndex:
-            case PutPromiseInternalField: {
+            case PutInternalField: {
                 considerBarrier(m_node->child1(), m_node->child2());
                 break;
             }
index e2eb813..7b0c89a 100644 (file)
@@ -149,7 +149,7 @@ namespace JSC { namespace FTL {
     macro(DirectArguments_storage, DirectArguments::storageOffset(), sizeof(EncodedJSValue)) \
     macro(JSLexicalEnvironment_variables, JSLexicalEnvironment::offsetOfVariables(), sizeof(EncodedJSValue)) \
     macro(JSPropertyNameEnumerator_cachedPropertyNamesVectorContents, 0, sizeof(WriteBarrier<JSString>)) \
-    macro(JSPromise_internalFields, JSPromise::offsetOfInternalFields(), sizeof(WriteBarrier<Unknown>)) \
+    macro(JSInternalFieldObjectImpl_internalFields, JSInternalFieldObjectImpl<>::offsetOfInternalFields(), sizeof(WriteBarrier<Unknown>)) \
     macro(ScopedArguments_Storage_storage, 0, sizeof(EncodedJSValue)) \
     macro(WriteBarrierBuffer_bufferContents, 0, sizeof(JSCell*)) \
     macro(characters8, 0, sizeof(LChar)) \
index 43c9683..845c417 100644 (file)
@@ -142,8 +142,8 @@ inline CapabilityLevel canCompile(Node* node)
     case NewAsyncGeneratorFunction:
     case GetClosureVar:
     case PutClosureVar:
-    case GetPromiseInternalField:
-    case PutPromiseInternalField:
+    case GetInternalField:
+    case PutInternalField:
     case CreateDirectArguments:
     case CreateScopedArguments:
     case CreateClonedArguments:
index 6756863..4c0b6a4 100644 (file)
@@ -1178,11 +1178,11 @@ private:
         case PutClosureVar:
             compilePutClosureVar();
             break;
-        case GetPromiseInternalField:
-            compileGetPromiseInternalField();
+        case GetInternalField:
+            compileGetInternalField();
             break;
-        case PutPromiseInternalField:
-            compilePutPromiseInternalField();
+        case PutInternalField:
+            compilePutInternalField();
             break;
         case GetFromArguments:
             compileGetFromArguments();
@@ -5913,8 +5913,8 @@ private:
             promise = allocateObject<JSInternalPromise>(m_node->structure(), m_out.intPtrZero, slowCase);
         else
             promise = allocateObject<JSPromise>(m_node->structure(), m_out.intPtrZero, slowCase);
-        m_out.store64(m_out.constInt64(JSValue::encode(jsNumber(static_cast<unsigned>(JSPromise::Status::Pending)))), promise, m_heaps.JSPromise_internalFields[static_cast<unsigned>(JSPromise::Field::Flags)]);
-        m_out.store64(m_out.constInt64(JSValue::encode(jsUndefined())), promise, m_heaps.JSPromise_internalFields[static_cast<unsigned>(JSPromise::Field::ReactionsOrResult)]);
+        m_out.store64(m_out.constInt64(JSValue::encode(jsNumber(static_cast<unsigned>(JSPromise::Status::Pending)))), promise, m_heaps.JSInternalFieldObjectImpl_internalFields[static_cast<unsigned>(JSPromise::Field::Flags)]);
+        m_out.store64(m_out.constInt64(JSValue::encode(jsUndefined())), promise, m_heaps.JSInternalFieldObjectImpl_internalFields[static_cast<unsigned>(JSPromise::Field::ReactionsOrResult)]);
         mutatorFence();
         ValueFromBlock fastResult = m_out.anchor(promise);
         m_out.jump(continuation);
@@ -6323,8 +6323,8 @@ private:
             promise = allocateObject<JSInternalPromise>(m_out.phi(pointerType(), promiseStructure, derivedStructure), m_out.intPtrZero, slowCase);
         else
             promise = allocateObject<JSPromise>(m_out.phi(pointerType(), promiseStructure, derivedStructure), m_out.intPtrZero, slowCase);
-        m_out.store64(m_out.constInt64(JSValue::encode(jsNumber(static_cast<unsigned>(JSPromise::Status::Pending)))), promise, m_heaps.JSPromise_internalFields[static_cast<unsigned>(JSPromise::Field::Flags)]);
-        m_out.store64(m_out.constInt64(JSValue::encode(jsUndefined())), promise, m_heaps.JSPromise_internalFields[static_cast<unsigned>(JSPromise::Field::ReactionsOrResult)]);
+        m_out.store64(m_out.constInt64(JSValue::encode(jsNumber(static_cast<unsigned>(JSPromise::Status::Pending)))), promise, m_heaps.JSInternalFieldObjectImpl_internalFields[static_cast<unsigned>(JSPromise::Field::Flags)]);
+        m_out.store64(m_out.constInt64(JSValue::encode(jsUndefined())), promise, m_heaps.JSInternalFieldObjectImpl_internalFields[static_cast<unsigned>(JSPromise::Field::ReactionsOrResult)]);
         mutatorFence();
         ValueFromBlock fastResult = m_out.anchor(promise);
         m_out.jump(continuation);
@@ -7504,20 +7504,20 @@ private:
             m_heaps.JSLexicalEnvironment_variables[m_node->scopeOffset().offset()]);
     }
     
-    void compileGetPromiseInternalField()
+    void compileGetInternalField()
     {
         setJSValue(
             m_out.load64(
                 lowCell(m_node->child1()),
-                m_heaps.JSPromise_internalFields[m_node->internalFieldIndex()]));
+                m_heaps.JSInternalFieldObjectImpl_internalFields[m_node->internalFieldIndex()]));
     }
 
-    void compilePutPromiseInternalField()
+    void compilePutInternalField()
     {
         m_out.store64(
             lowJSValue(m_node->child2()),
             lowCell(m_node->child1()),
-            m_heaps.JSPromise_internalFields[m_node->internalFieldIndex()]);
+            m_heaps.JSInternalFieldObjectImpl_internalFields[m_node->internalFieldIndex()]);
     }
 
     void compileGetFromArguments()
index b99dddf..36de53a 100644 (file)
@@ -424,8 +424,8 @@ void JIT::privateCompileMainPass()
         DEFINE_OP(op_put_getter_by_val)
         DEFINE_OP(op_put_setter_by_val)
 
-        DEFINE_OP(op_get_promise_internal_field)
-        DEFINE_OP(op_put_promise_internal_field)
+        DEFINE_OP(op_get_internal_field)
+        DEFINE_OP(op_put_internal_field)
 
         DEFINE_OP(op_ret)
         DEFINE_OP(op_rshift)
index 2018638..427e9ae 100644 (file)
@@ -636,8 +636,8 @@ namespace JSC {
         void emit_op_get_direct_pname(const Instruction*);
         void emit_op_enumerator_structure_pname(const Instruction*);
         void emit_op_enumerator_generic_pname(const Instruction*);
-        void emit_op_get_promise_internal_field(const Instruction*);
-        void emit_op_put_promise_internal_field(const Instruction*);
+        void emit_op_get_internal_field(const Instruction*);
+        void emit_op_put_internal_field(const Instruction*);
         void emit_op_log_shadow_chicken_prologue(const Instruction*);
         void emit_op_log_shadow_chicken_tail(const Instruction*);
 
index 6a80641..40758e7 100644 (file)
@@ -1236,9 +1236,9 @@ void JIT::emitWriteBarrier(JSCell* owner, unsigned value, WriteBarrierMode mode)
         valueNotCell.link(this);
 }
 
-void JIT::emit_op_get_promise_internal_field(const Instruction* currentInstruction)
+void JIT::emit_op_get_internal_field(const Instruction* currentInstruction)
 {
-    auto bytecode = currentInstruction->as<OpGetPromiseInternalField>();
+    auto bytecode = currentInstruction->as<OpGetInternalField>();
     auto& metadata = bytecode.metadata(m_codeBlock);
     int dst = bytecode.m_dst.offset();
     int base = bytecode.m_base.offset();
@@ -1246,15 +1246,15 @@ void JIT::emit_op_get_promise_internal_field(const Instruction* currentInstructi
     ASSERT(index < JSPromise::numberOfInternalFields);
 
     emitGetVirtualRegister(base, regT1);
-    loadPtr(Address(regT1, JSPromise::offsetOfInternalField(index)), regT0);
+    loadPtr(Address(regT1, JSInternalFieldObjectImpl<>::offsetOfInternalField(index)), regT0);
 
     emitValueProfilingSite(metadata);
     emitPutVirtualRegister(dst);
 }
 
-void JIT::emit_op_put_promise_internal_field(const Instruction* currentInstruction)
+void JIT::emit_op_put_internal_field(const Instruction* currentInstruction)
 {
-    auto bytecode = currentInstruction->as<OpPutPromiseInternalField>();
+    auto bytecode = currentInstruction->as<OpPutInternalField>();
     int base = bytecode.m_base.offset();
     int value = bytecode.m_value.offset();
     unsigned index = bytecode.m_index;
@@ -1262,7 +1262,7 @@ void JIT::emit_op_put_promise_internal_field(const Instruction* currentInstructi
 
     emitGetVirtualRegister(base, regT0);
     emitGetVirtualRegister(value, regT1);
-    storePtr(regT1, Address(regT0, JSPromise::offsetOfInternalField(index)));
+    storePtr(regT1, Address(regT0, JSInternalFieldObjectImpl<>::offsetOfInternalField(index)));
     emitWriteBarrier(base, value, ShouldFilterValue);
 }
 
index bff8b9e..5213431 100644 (file)
@@ -1203,9 +1203,9 @@ void JIT::emit_op_put_to_arguments(const Instruction* currentInstruction)
     store32(regT2, Address(regT0, DirectArguments::storageOffset() + index * sizeof(WriteBarrier<Unknown>) + PayloadOffset));
 }
 
-void JIT::emit_op_get_promise_internal_field(const Instruction* currentInstruction)
+void JIT::emit_op_get_internal_field(const Instruction* currentInstruction)
 {
-    auto bytecode = currentInstruction->as<OpGetPromiseInternalField>();
+    auto bytecode = currentInstruction->as<OpGetInternalField>();
     auto& metadata = bytecode.metadata(m_codeBlock);
     int dst = bytecode.m_dst.offset();
     int base = bytecode.m_base.offset();
@@ -1213,15 +1213,15 @@ void JIT::emit_op_get_promise_internal_field(const Instruction* currentInstructi
     ASSERT(index < JSPromise::numberOfInternalFields);
 
     emitLoadPayload(base, regT2);
-    load32(Address(regT2, JSPromise::offsetOfInternalField(index) + TagOffset), regT1);
-    load32(Address(regT2, JSPromise::offsetOfInternalField(index) + PayloadOffset), regT0);
+    load32(Address(regT2, JSInternalFieldObjectImpl<>::offsetOfInternalField(index) + TagOffset), regT1);
+    load32(Address(regT2, JSInternalFieldObjectImpl<>::offsetOfInternalField(index) + PayloadOffset), regT0);
     emitValueProfilingSite(bytecode.metadata(m_codeBlock));
     emitStore(dst, regT1, regT0);
 }
 
-void JIT::emit_op_put_promise_internal_field(const Instruction* currentInstruction)
+void JIT::emit_op_put_internal_field(const Instruction* currentInstruction)
 {
-    auto bytecode = currentInstruction->as<OpPutPromiseInternalField>();
+    auto bytecode = currentInstruction->as<OpPutInternalField>();
     int base = bytecode.m_base.offset();
     int value = bytecode.m_value.offset();
     unsigned index = bytecode.m_index;
@@ -1229,8 +1229,8 @@ void JIT::emit_op_put_promise_internal_field(const Instruction* currentInstructi
 
     emitLoadPayload(base, regT0);
     emitLoad(value, regT1, regT2);
-    store32(regT1, Address(regT0, JSPromise::offsetOfInternalField(index) + TagOffset));
-    store32(regT2, Address(regT0, JSPromise::offsetOfInternalField(index) + PayloadOffset));
+    store32(regT1, Address(regT0, JSInternalFieldObjectImpl<>::offsetOfInternalField(index) + TagOffset));
+    store32(regT2, Address(regT0, JSInternalFieldObjectImpl<>::offsetOfInternalField(index) + PayloadOffset));
     emitWriteBarrier(base, value, ShouldFilterValue);
 }
 
index b185ce9..a25f984 100644 (file)
@@ -45,6 +45,7 @@
 #include "JSCast.h"
 #include "JSFunction.h"
 #include "JSGlobalObject.h"
+#include "JSInternalFieldObjectImpl.h"
 #include "JSLexicalEnvironment.h"
 #include "JSModuleRecord.h"
 #include "JSObject.h"
@@ -76,6 +77,7 @@ namespace JSC {
 class LLIntOffsetsExtractor {
     // These types are useful since we can't use '<...>' syntax in LLInt offsets extraction. e.g. Vector<int>::m_data
     using Vector = WTF::Vector<int>;
+    using JSInternalFieldObjectImpl = JSC::JSInternalFieldObjectImpl<>;
     using RefCountedArray = WTF::RefCountedArray<int>;
 
 public:
index acd7e4c..743e2ab 100644 (file)
@@ -165,6 +165,7 @@ end
 
 const JSLexicalEnvironment_variables = (sizeof JSLexicalEnvironment + SlotSize - 1) & ~(SlotSize - 1)
 const DirectArguments_storage = (sizeof DirectArguments + SlotSize - 1) & ~(SlotSize - 1)
+const JSInternalFieldObjectImpl_internalFields = JSInternalFieldObjectImpl::m_internalFields
 
 const StackAlignment = constexpr (stackAlignmentBytes())
 const StackAlignmentSlots = constexpr (stackAlignmentRegisters())
index 15b12d4..65f924f 100644 (file)
@@ -2521,23 +2521,23 @@ llintOpWithReturn(op_get_rest_length, OpGetRestLength, macro (size, get, dispatc
 end)
 
 
-llintOpWithProfile(op_get_promise_internal_field, OpGetPromiseInternalField, macro (size, get, dispatch, return)
+llintOpWithProfile(op_get_internal_field, OpGetInternalField, macro (size, get, dispatch, return)
     get(m_base, t0)
     loadi PayloadOffset[cfr, t0, 8], t0
-    getu(size, OpGetPromiseInternalField, m_index, t1)
-    loadi JSPromise::m_internalFields + TagOffset[t0, t1, SlotSize], t2
-    loadi JSPromise::m_internalFields + PayloadOffset[t0, t1, SlotSize], t3
+    getu(size, OpGetInternalField, m_index, t1)
+    loadi JSInternalFieldObjectImpl_internalFields + TagOffset[t0, t1, SlotSize], t2
+    loadi JSInternalFieldObjectImpl_internalFields + PayloadOffset[t0, t1, SlotSize], t3
     return(t2, t3)
 end)
 
-llintOp(op_put_promise_internal_field, OpPutPromiseInternalField, macro (size, get, dispatch)
+llintOp(op_put_internal_field, OpPutInternalField, macro (size, get, dispatch)
     get(m_base, t0)
     loadi PayloadOffset[cfr, t0, 8], t0
     get(m_value, t1)
     loadConstantOrVariable(size, t1, t2, t3)
-    getu(size, OpPutPromiseInternalField, m_index, t1)
-    storei t2, JSPromise::m_internalFields + TagOffset[t0, t1, SlotSize]
-    storei t3, JSPromise::m_internalFields + PayloadOffset[t0, t1, SlotSize]
+    getu(size, OpPutInternalField, m_index, t1)
+    storei t2, JSInternalFieldObjectImpl_internalFields + TagOffset[t0, t1, SlotSize]
+    storei t3, JSInternalFieldObjectImpl_internalFields + PayloadOffset[t0, t1, SlotSize]
     writeBarrierOnOperand(size, get, m_base)
     dispatch()
 end)
index 72d4dce..8d71ced 100644 (file)
@@ -2586,19 +2586,19 @@ llintOpWithReturn(op_get_rest_length, OpGetRestLength, macro (size, get, dispatc
 end)
 
 
-llintOpWithProfile(op_get_promise_internal_field, OpGetPromiseInternalField, macro (size, get, dispatch, return)
+llintOpWithProfile(op_get_internal_field, OpGetInternalField, macro (size, get, dispatch, return)
     loadVariable(get, m_base, t1)
-    getu(size, OpGetPromiseInternalField, m_index, t2)
-    loadq JSPromise::m_internalFields[t1, t2, SlotSize], t0
+    getu(size, OpGetInternalField, m_index, t2)
+    loadq JSInternalFieldObjectImpl_internalFields[t1, t2, SlotSize], t0
     return(t0)
 end)
 
-llintOp(op_put_promise_internal_field, OpPutPromiseInternalField, macro (size, get, dispatch)
+llintOp(op_put_internal_field, OpPutInternalField, macro (size, get, dispatch)
     loadVariable(get, m_base, t0)
     get(m_value, t1)
     loadConstantOrVariable(size, t1, t2)
-    getu(size, OpPutPromiseInternalField, m_index, t1)
-    storeq t2, JSPromise::m_internalFields[t0, t1, SlotSize]
+    getu(size, OpPutInternalField, m_index, t1)
+    storeq t2, JSInternalFieldObjectImpl_internalFields[t0, t1, SlotSize]
     writeBarrierOnCellAndValueWithReload(t0, t2, macro() end)
     dispatch()
 end)
diff --git a/Source/JavaScriptCore/runtime/JSInternalFieldObjectImpl.h b/Source/JavaScriptCore/runtime/JSInternalFieldObjectImpl.h
new file mode 100644 (file)
index 0000000..d48d1df
--- /dev/null
@@ -0,0 +1,73 @@
+/*
+ * Copyright (C) 2019 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#include "JSObject.h"
+
+namespace JSC {
+
+// This is used for sharing interface and implementation. It should not have its own classInfo.
+template<unsigned passedNumberOfInternalFields = 1>
+class JSInternalFieldObjectImpl : public JSNonFinalObject {
+public:
+    friend class LLIntOffsetsExtractor;
+
+    using Base = JSNonFinalObject;
+    static constexpr unsigned numberOfInternalFields = passedNumberOfInternalFields;
+
+    static size_t allocationSize(Checked<size_t> inlineCapacity)
+    {
+        ASSERT_UNUSED(inlineCapacity, !inlineCapacity);
+        return sizeof(JSInternalFieldObjectImpl);
+    }
+
+    const WriteBarrier<Unknown>& internalField(unsigned index) const
+    {
+        ASSERT(index < numberOfInternalFields);
+        return m_internalFields[index];
+    }
+
+    WriteBarrier<Unknown>& internalField(unsigned index)
+    {
+        ASSERT(index < numberOfInternalFields);
+        return m_internalFields[index];
+    }
+
+    static ptrdiff_t offsetOfInternalFields() { return OBJECT_OFFSETOF(JSInternalFieldObjectImpl, m_internalFields); }
+    static ptrdiff_t offsetOfInternalField(unsigned index) { return OBJECT_OFFSETOF(JSInternalFieldObjectImpl, m_internalFields) + index * sizeof(WriteBarrier<Unknown>); }
+
+protected:
+    static void visitChildren(JSCell*, SlotVisitor&);
+
+    JSInternalFieldObjectImpl(VM& vm, Structure* structure)
+        : Base(vm, structure)
+    {
+    }
+
+    WriteBarrier<Unknown> m_internalFields[numberOfInternalFields] { };
+};
+
+} // namespace JSC
diff --git a/Source/JavaScriptCore/runtime/JSInternalFieldObjectImplInlines.h b/Source/JavaScriptCore/runtime/JSInternalFieldObjectImplInlines.h
new file mode 100644 (file)
index 0000000..8f03c8a
--- /dev/null
@@ -0,0 +1,41 @@
+/*
+ * Copyright (C) 2019 Apple Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
+ * THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#pragma once
+
+#include "JSInternalFieldObjectImpl.h"
+
+namespace JSC {
+
+template<unsigned passedNumberOfInternalFields>
+void JSInternalFieldObjectImpl<passedNumberOfInternalFields>::visitChildren(JSCell* cell, SlotVisitor& visitor)
+{
+    auto* thisObject = jsCast<JSInternalFieldObjectImpl*>(cell);
+    ASSERT_GC_OBJECT_INHERITS(thisObject, info());
+    Base::visitChildren(thisObject, visitor);
+    visitor.appendValues(thisObject->m_internalFields, numberOfInternalFields);
+}
+
+} // namespace JSC
index 3b970a6..399c936 100644 (file)
@@ -29,6 +29,7 @@
 #include "BuiltinNames.h"
 #include "Error.h"
 #include "JSCInlines.h"
+#include "JSInternalFieldObjectImplInlines.h"
 #include "JSPromiseConstructor.h"
 #include "Microtask.h"
 
@@ -56,8 +57,8 @@ JSPromise::JSPromise(VM& vm, Structure* structure)
 void JSPromise::finishCreation(VM& vm)
 {
     Base::finishCreation(vm);
-    m_internalFields[static_cast<unsigned>(Field::Flags)].set(vm, this, jsNumber(static_cast<unsigned>(Status::Pending)));
-    m_internalFields[static_cast<unsigned>(Field::ReactionsOrResult)].set(vm, this, jsUndefined());
+    internalField(static_cast<unsigned>(Field::Flags)).set(vm, this, jsNumber(static_cast<unsigned>(Status::Pending)));
+    internalField(static_cast<unsigned>(Field::ReactionsOrResult)).set(vm, this, jsUndefined());
 }
 
 void JSPromise::visitChildren(JSCell* cell, SlotVisitor& visitor)
@@ -65,12 +66,11 @@ void JSPromise::visitChildren(JSCell* cell, SlotVisitor& visitor)
     auto* thisObject = jsCast<JSPromise*>(cell);
     ASSERT_GC_OBJECT_INHERITS(thisObject, info());
     Base::visitChildren(thisObject, visitor);
-    visitor.appendValues(thisObject->m_internalFields, numberOfInternalFields);
 }
 
 auto JSPromise::status(VM&) const -> Status
 {
-    JSValue value = m_internalFields[static_cast<unsigned>(Field::Flags)].get();
+    JSValue value = internalField(static_cast<unsigned>(Field::Flags)).get();
     uint32_t flags = value.asUInt32AsAnyInt();
     return static_cast<Status>(flags & stateMask);
 }
@@ -80,12 +80,12 @@ JSValue JSPromise::result(VM& vm) const
     Status status = this->status(vm);
     if (status == Status::Pending)
         return jsUndefined();
-    return m_internalFields[static_cast<unsigned>(Field::ReactionsOrResult)].get();
+    return internalField(static_cast<unsigned>(Field::ReactionsOrResult)).get();
 }
 
 bool JSPromise::isHandled(VM&) const
 {
-    JSValue value = m_internalFields[static_cast<unsigned>(Field::Flags)].get();
+    JSValue value = internalField(static_cast<unsigned>(Field::Flags)).get();
     uint32_t flags = value.asUInt32AsAnyInt();
     return flags & isHandledFlag;
 }
index d6d656e..0cf1974 100644 (file)
 
 #pragma once
 
-#include "JSObject.h"
+#include "JSInternalFieldObjectImpl.h"
 
 namespace JSC {
 
-class JSPromise : public JSNonFinalObject {
+class JSPromise : public JSInternalFieldObjectImpl<2> {
 public:
-    friend class LLIntOffsetsExtractor;
-    using Base = JSNonFinalObject;
-
-    static size_t allocationSize(Checked<size_t> inlineCapacity)
-    {
-        ASSERT_UNUSED(inlineCapacity, !inlineCapacity);
-        return sizeof(JSPromise);
-    }
+    using Base = JSInternalFieldObjectImpl<2>;
 
     static JSPromise* create(VM&, Structure*);
     static Structure* createStructure(VM&, JSGlobalObject*, JSValue);
@@ -58,7 +51,7 @@ public:
         Flags = 0,
         ReactionsOrResult = 1,
     };
-    static constexpr unsigned numberOfInternalFields = 2;
+    static_assert(numberOfInternalFields == 2);
 
     JS_EXPORT_PRIVATE Status status(VM&) const;
     JS_EXPORT_PRIVATE JSValue result(VM&) const;
@@ -68,14 +61,9 @@ public:
 
     static void visitChildren(JSCell*, SlotVisitor&);
 
-    static ptrdiff_t offsetOfInternalFields() { return OBJECT_OFFSETOF(JSPromise, m_internalFields); }
-    static ptrdiff_t offsetOfInternalField(unsigned index) { return OBJECT_OFFSETOF(JSPromise, m_internalFields) + index * sizeof(WriteBarrier<Unknown>); }
-
 protected:
     JSPromise(VM&, Structure*);
     void finishCreation(VM&);
-
-    WriteBarrier<Unknown> m_internalFields[numberOfInternalFields] { };
 };
 
 } // namespace JSC