Google Git
Sign in
webkit / WebKit / c488df6dd7bd7257b6e9a57b645b69b96206dac6 / . / Source / JavaScriptCore / ChangeLog
blob: 7ed6edf79e91bc451e88695a943fe6cf4646b7b3 [file] [log] [blame]
2022-03-02 Justin Michaud <justin_michaud@apple.com>
Refactor OpcodeTraits to support the possibility of having 2-byte WASM opcode ids in bytecode streams
https://bugs.webkit.org/show_bug.cgi?id=237347
The number of WASM opcodes will increase beyond 255 when WASM SIMD is implemented, and so this patch
changes OpcodeTraits to allow for the possibility of having two-byte WASM opcodes without regressing
JS. We have to thread these OpcodeTraits everywhere that they are used so that code can read the
correct value when decoding an instruction stream. This patch does not change the size of WASM opcodes
yet, although I have tested that the test suite still passes if we do increase the opcode size.
Reviewed by Keith Miller.
* bytecode/BytecodeBasicBlock.cpp:
(JSC::BytecodeBasicBlock<OpcodeTraits>::BytecodeBasicBlock):
(JSC::BytecodeBasicBlock<OpcodeTraits>::addLength):
(JSC::BytecodeBasicBlock<OpcodeTraits>::shrinkToFit):
(JSC::isJumpTarget):
(JSC::BytecodeBasicBlock<OpcodeTraits>::computeImpl):
(JSC::BytecodeBasicBlock<JSOpcodeTraits>::compute):
(JSC::BytecodeBasicBlock::BytecodeBasicBlock): Deleted.
(JSC::BytecodeBasicBlock::addLength): Deleted.
(JSC::BytecodeBasicBlock::shrinkToFit): Deleted.
(JSC::BytecodeBasicBlock::computeImpl): Deleted.
(JSC::BytecodeBasicBlock::compute): Deleted.
* bytecode/BytecodeBasicBlock.h:
(JSC::BytecodeBasicBlock::addSuccessor):
* bytecode/BytecodeDumper.cpp:
(JSC::BytecodeDumperBase<InstructionStreamType>::printLocationAndOp):
(JSC::BytecodeDumperBase<InstructionStreamType>::dumpValue):
(JSC::BytecodeDumper<Block>::outOfLineJumpOffset const):
(JSC::BytecodeDumper<Block>::dumpBytecode):
(JSC::dumpHeader):
(JSC::CodeBlockBytecodeDumper<Block>::dumpBlock):
(JSC::CodeBlockBytecodeDumper<Block>::dumpGraph):
(JSC::Wasm::BytecodeDumper::dumpBlock):
(JSC::Wasm::BytecodeDumper::registerName const):
(JSC::Wasm::BytecodeDumper::outOfLineJumpOffset const):
(JSC::BytecodeDumperBase::printLocationAndOp): Deleted.
(JSC::BytecodeDumperBase::dumpValue): Deleted.
* bytecode/BytecodeDumper.h:
* bytecode/BytecodeGeneratorification.cpp:
(JSC::BytecodeGeneratorification::BytecodeGeneratorification):
(JSC::BytecodeGeneratorification::enterPoint const):
(JSC::BytecodeGeneratorification::instructions const):
(JSC::GeneratorLivenessAnalysis::run):
(JSC::performGeneratorification):
* bytecode/BytecodeGeneratorification.h:
* bytecode/BytecodeGraph.h:
(JSC::BytecodeGraph::blockContainsBytecodeOffset):
(JSC::BytecodeGraph::findBasicBlockForBytecodeOffset):
(JSC::BytecodeGraph::findBasicBlockWithLeaderOffset):
(JSC::BytecodeGraph::at const):
(JSC::BytecodeGraph::operator[] const):
(JSC::BytecodeGraph::first):
(JSC::BytecodeGraph::last):
(JSC::BytecodeGraph::dump):
(JSC::BytecodeGraph::BytecodeGraph):
* bytecode/BytecodeLivenessAnalysis.cpp:
(JSC::BytecodeLivenessAnalysis::computeFullLiveness):
(JSC::BytecodeLivenessAnalysis::dumpResults):
* bytecode/BytecodeLivenessAnalysis.h:
* bytecode/BytecodeLivenessAnalysisInlines.h:
(JSC::BytecodeLivenessPropagation::stepOverBytecodeIndexDef):
(JSC::BytecodeLivenessPropagation::stepOverBytecodeIndexUse):
(JSC::BytecodeLivenessPropagation::stepOverBytecodeIndexUseInExceptionHandler):
(JSC::BytecodeLivenessPropagation::stepOverBytecodeIndex):
(JSC::BytecodeLivenessPropagation::stepOverInstruction):
(JSC::BytecodeLivenessPropagation::computeLocalLivenessForInstruction):
(JSC::BytecodeLivenessPropagation::computeLocalLivenessForBlock):
(JSC::BytecodeLivenessPropagation::getLivenessInfoAtInstruction):
(JSC::BytecodeLivenessPropagation::runLivenessFixpoint):
* bytecode/BytecodeRewriter.cpp:
(JSC::BytecodeRewriter::insertImpl):
(JSC::BytecodeRewriter::adjustJumpTargets):
* bytecode/BytecodeRewriter.h:
(JSC::BytecodeRewriter::InsertionPoint::InsertionPoint):
(JSC::BytecodeRewriter::Fragment::Fragment):
(JSC::BytecodeRewriter::BytecodeRewriter):
(JSC::BytecodeRewriter::insertFragmentBefore):
(JSC::BytecodeRewriter::insertFragmentAfter):
(JSC::BytecodeRewriter::replaceBytecodeWithFragment):
(JSC::BytecodeRewriter::adjustAbsoluteOffset):
(JSC::BytecodeRewriter::adjustJumpTarget):
* bytecode/BytecodeUseDef.cpp:
(JSC::computeUsesForBytecodeIndexImpl):
(JSC::computeDefsForBytecodeIndexImpl):
* bytecode/BytecodeUseDef.h:
(JSC::computeUsesForBytecodeIndex):
(JSC::computeDefsForBytecodeIndex):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpBytecode):
(JSC::CodeBlock::finishCreation):
(JSC::CodeBlock::hasOpDebugForLineAndColumn):
(JSC::CodeBlock::notifyLexicalBindingUpdate):
(JSC::CodeBlock::validate):
(JSC::CodeBlock::outOfLineJumpOffset):
(JSC::CodeBlock::outOfLineJumpTarget):
(JSC::CodeBlock::binaryArithProfileForPC):
(JSC::CodeBlock::unaryArithProfileForPC):
(JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler):
* bytecode/CodeBlock.h:
(JSC::CodeBlock::outOfLineJumpOffset):
(JSC::CodeBlock::bytecodeOffset):
(JSC::CodeBlock::bytecodeIndex):
(JSC::CodeBlock::instructions const):
(JSC::CodeBlock::instructionAt const):
* bytecode/Instruction.h:
(JSC::BaseInstruction::opcodeID const):
(JSC::BaseInstruction::name const):
(JSC::BaseInstruction::isWide16 const):
(JSC::BaseInstruction::isWide32 const):
(JSC::BaseInstruction::width const):
(JSC::BaseInstruction::hasMetadata const):
(JSC::BaseInstruction::hasCheckpoints const):
(JSC::BaseInstruction::numberOfCheckpoints const):
(JSC::BaseInstruction::sizeShiftAmount const):
(JSC::BaseInstruction::opcodeIDWidth const):
(JSC::BaseInstruction::opcodeIDBytes const):
(JSC::BaseInstruction::size const):
(JSC::BaseInstruction::is const):
(JSC::BaseInstruction::as const):
(JSC::BaseInstruction::asKnownWidth const):
(JSC::BaseInstruction::cast):
(JSC::BaseInstruction::cast const):
(JSC::BaseInstruction::wide16 const):
(JSC::BaseInstruction::wide32 const):
* bytecode/InstructionStream.cpp:
(JSC::InstructionStream::InstructionStream): Deleted.
(JSC::InstructionStream::sizeInBytes const): Deleted.
(JSC::InstructionStream::contains const): Deleted.
* bytecode/InstructionStream.h:
(JSC::InstructionStream::sizeInBytes const):
(JSC::InstructionStream::BaseRef::operator-> const):
(JSC::InstructionStream::BaseRef::ptr const):
(JSC::InstructionStream::BaseRef::unwrap const):
(JSC::InstructionStream::MutableRef::operator->):
(JSC::InstructionStream::MutableRef::operator-> const):
(JSC::InstructionStream::MutableRef::ptr):
(JSC::InstructionStream::MutableRef::ptr const):
(JSC::InstructionStream::MutableRef::unwrap):
(JSC::InstructionStream::MutableRef::unwrap const):
(JSC::InstructionStream::iterator::operator++):
(JSC::InstructionStream::contains const):
(JSC::InstructionStream::InstructionStream):
(JSC::InstructionStreamWriter::InstructionStreamWriter):
(JSC::InstructionStreamWriter::finalize):
(JSC::InstructionStreamWriter::swap):
(JSC::InstructionStreamWriter::iterator::operator++):
* bytecode/Opcode.h:
* bytecode/OpcodeInlines.h:
(JSC::isOpcodeShape):
* bytecode/OpcodeSize.h:
* bytecode/PreciseJumpTargets.cpp:
(JSC::getJumpTargetsForInstruction):
(JSC::computePreciseJumpTargetsInternal):
(JSC::computePreciseJumpTargets):
(JSC::recomputePreciseJumpTargets):
(JSC::findJumpTargetsForInstruction):
* bytecode/PreciseJumpTargets.h:
* bytecode/PreciseJumpTargetsInlines.h:
(JSC::jumpTargetForInstruction):
(JSC::extractStoredJumpTargetsForInstruction):
(JSC::updateStoredJumpTargetsForInstruction):
* bytecode/UnlinkedCodeBlock.cpp:
(JSC::dumpLineColumnEntry):
(JSC::UnlinkedCodeBlock::instructions const):
(JSC::UnlinkedCodeBlock::outOfLineJumpOffset):
* bytecode/UnlinkedCodeBlock.h:
(JSC::UnlinkedCodeBlock::instructionAt const):
(JSC::UnlinkedCodeBlock::bytecodeOffset):
(JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const):
(JSC::UnlinkedCodeBlock::outOfLineJumpOffset):
* bytecode/UnlinkedCodeBlockGenerator.cpp:
(JSC::UnlinkedCodeBlockGenerator::finalize):
(JSC::UnlinkedCodeBlockGenerator::applyModification):
(JSC::UnlinkedCodeBlockGenerator::addOutOfLineJumpTarget):
(JSC::UnlinkedCodeBlockGenerator::outOfLineJumpOffset):
* bytecode/UnlinkedCodeBlockGenerator.h:
(JSC::UnlinkedCodeBlockGenerator::addOpProfileControlFlowBytecodeOffset):
(JSC::UnlinkedCodeBlockGenerator::outOfLineJumpOffset):
* bytecompiler/BytecodeGenerator.h:
(JSC::BytecodeGenerator::instructions const):
(JSC::BytecodeGenerator::withWriter):
* bytecompiler/BytecodeGeneratorBase.h:
* bytecompiler/BytecodeGeneratorBaseInlines.h:
(JSC::BytecodeGeneratorBase<Traits>::recordOpcode):
(JSC::BytecodeGeneratorBase<Traits>::alignWideOpcode16):
(JSC::BytecodeGeneratorBase<Traits>::alignWideOpcode32):
* bytecompiler/StaticPropertyAnalysis.h:
(JSC::StaticPropertyAnalysis::create):
(JSC::StaticPropertyAnalysis::StaticPropertyAnalysis):
* bytecompiler/StaticPropertyAnalyzer.h:
(JSC::StaticPropertyAnalyzer::createThis):
(JSC::StaticPropertyAnalyzer::newObject):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleCall):
(JSC::DFG::ByteCodeParser::handleVarargsCall):
(JSC::DFG::ByteCodeParser::handleRecursiveTailCall):
(JSC::DFG::ByteCodeParser::inlineCall):
(JSC::DFG::ByteCodeParser::parseGetById):
(JSC::DFG::ByteCodeParser::parseBlock):
(JSC::DFG::ByteCodeParser::parseCodeBlock):
* dfg/DFGCapabilities.cpp:
(JSC::DFG::capabilityLevel):
* dfg/DFGCapabilities.h:
(JSC::DFG::capabilityLevel):
* dfg/DFGOSRExit.cpp:
(JSC::DFG::OSRExit::compileExit):
* dfg/DFGOSRExitCompilerCommon.cpp:
(JSC::DFG::callerReturnPC):
(JSC::DFG::adjustAndJumpToTarget):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileLoopHint):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):
* ftl/FTLOSRExitCompiler.cpp:
(JSC::FTL::compileStub):
* ftl/FTLOperations.cpp:
(JSC::FTL::JSC_DEFINE_JIT_OPERATION):
* generator/Argument.rb:
* generator/DSL.rb:
* generator/Opcode.rb:
* interpreter/AbstractPC.h:
* interpreter/CallFrame.cpp:
(JSC::CallFrame::currentVPC const):
(JSC::CallFrame::setCurrentVPC):
* interpreter/CallFrame.h:
* interpreter/Interpreter.cpp:
(JSC::CatchInfo::CatchInfo):
* interpreter/Interpreter.h:
* jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_op_jless):
(JSC::JIT::emit_op_jlesseq):
(JSC::JIT::emit_op_jgreater):
(JSC::JIT::emit_op_jgreatereq):
(JSC::JIT::emit_op_jnless):
(JSC::JIT::emit_op_jnlesseq):
(JSC::JIT::emit_op_jngreater):
(JSC::JIT::emit_op_jngreatereq):
(JSC::JIT::emitSlow_op_jless):
(JSC::JIT::emitSlow_op_jlesseq):
(JSC::JIT::emitSlow_op_jgreater):
(JSC::JIT::emitSlow_op_jgreatereq):
(JSC::JIT::emitSlow_op_jnless):
(JSC::JIT::emitSlow_op_jnlesseq):
(JSC::JIT::emitSlow_op_jngreater):
(JSC::JIT::emitSlow_op_jngreatereq):
(JSC::JIT::emit_op_below):
(JSC::JIT::emit_op_beloweq):
(JSC::JIT::emit_op_jbelow):
(JSC::JIT::emit_op_jbeloweq):
(JSC::JIT::emit_op_unsigned):
(JSC::JIT::emit_compareAndJump):
(JSC::JIT::emit_compareUnsignedAndJump):
(JSC::JIT::emit_compareUnsigned):
(JSC::JIT::emit_compareAndJumpSlow):
(JSC::JIT::emit_op_inc):
(JSC::JIT::emit_op_dec):
(JSC::JIT::emit_op_mod):
(JSC::JIT::emitSlow_op_mod):
(JSC::JIT::emit_op_pow):
(JSC::JIT::emitSlow_op_pow):
(JSC::JIT::emit_op_negate):
(JSC::JIT::emitSlow_op_negate):
(JSC::JIT::emitBitBinaryOpFastPath):
(JSC::JIT::emit_op_bitnot):
(JSC::JIT::emit_op_bitand):
(JSC::JIT::emit_op_bitor):
(JSC::JIT::emit_op_bitxor):
(JSC::JIT::emit_op_lshift):
(JSC::JIT::emitRightShiftFastPath):
(JSC::JIT::emit_op_rshift):
(JSC::JIT::emit_op_urshift):
(JSC::JIT::emit_op_add):
(JSC::JIT::emitSlow_op_add):
(JSC::JIT::emitMathICFast):
(JSC::JIT::emitMathICSlow):
(JSC::JIT::emit_op_div):
(JSC::JIT::emit_op_mul):
(JSC::JIT::emitSlow_op_mul):
(JSC::JIT::emit_op_sub):
(JSC::JIT::emitSlow_op_sub):
* jit/JITCall.cpp:
(JSC::JIT::emit_op_ret):
(JSC::JIT::compileCallEvalSlowCase):
(JSC::JIT::compileOpCall):
(JSC::JIT::compileOpCallSlowCase):
(JSC::JIT::emit_op_call):
(JSC::JIT::emit_op_tail_call):
(JSC::JIT::emit_op_call_eval):
(JSC::JIT::emit_op_call_varargs):
(JSC::JIT::emit_op_tail_call_varargs):
(JSC::JIT::emit_op_tail_call_forward_arguments):
(JSC::JIT::emit_op_construct_varargs):
(JSC::JIT::emit_op_construct):
(JSC::JIT::emitSlow_op_call):
(JSC::JIT::emitSlow_op_tail_call):
(JSC::JIT::emitSlow_op_call_eval):
(JSC::JIT::emitSlow_op_call_varargs):
(JSC::JIT::emitSlow_op_tail_call_varargs):
(JSC::JIT::emitSlow_op_tail_call_forward_arguments):
(JSC::JIT::emitSlow_op_construct_varargs):
(JSC::JIT::emitSlow_op_construct):
(JSC::JIT::emit_op_iterator_open):
(JSC::JIT::emitSlow_op_iterator_open):
(JSC::JIT::emit_op_iterator_next):
(JSC::JIT::emitSlow_op_iterator_next):
* jit/JITExceptions.cpp:
(JSC::genericUnwind):
* jit/JITInlines.h:
(JSC::JIT::fastPathResumePoint const):
(JSC::JIT::jumpTarget):
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_mov):
(JSC::JIT::emit_op_end):
(JSC::JIT::emit_op_jmp):
(JSC::JIT::emit_op_new_object):
(JSC::JIT::emitSlow_op_new_object):
(JSC::JIT::emit_op_overrides_has_instance):
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emitSlow_op_instanceof):
(JSC::JIT::emit_op_is_empty):
(JSC::JIT::emit_op_typeof_is_undefined):
(JSC::JIT::emit_op_is_undefined_or_null):
(JSC::JIT::emit_op_is_boolean):
(JSC::JIT::emit_op_is_number):
(JSC::JIT::emit_op_is_big_int):
(JSC::JIT::emit_op_is_cell_with_type):
(JSC::JIT::emit_op_is_object):
(JSC::JIT::emit_op_to_primitive):
(JSC::JIT::emit_op_to_property_key):
(JSC::JIT::emit_op_set_function_name):
(JSC::JIT::emit_op_not):
(JSC::JIT::emit_op_jfalse):
(JSC::JIT::emit_op_jeq_null):
(JSC::JIT::emit_op_jneq_null):
(JSC::JIT::emit_op_jundefined_or_null):
(JSC::JIT::emit_op_jnundefined_or_null):
(JSC::JIT::emit_op_jeq_ptr):
(JSC::JIT::emit_op_jneq_ptr):
(JSC::JIT::emit_op_eq):
(JSC::JIT::emit_op_jeq):
(JSC::JIT::emit_op_jtrue):
(JSC::JIT::emit_op_neq):
(JSC::JIT::emit_op_jneq):
(JSC::JIT::emit_op_throw):
(JSC::JIT::compileOpStrictEq):
(JSC::JIT::emit_op_stricteq):
(JSC::JIT::emit_op_nstricteq):
(JSC::JIT::compileOpStrictEqJump):
(JSC::JIT::emit_op_jstricteq):
(JSC::JIT::emit_op_jnstricteq):
(JSC::JIT::emitSlow_op_jstricteq):
(JSC::JIT::emitSlow_op_jnstricteq):
(JSC::JIT::emit_op_to_number):
(JSC::JIT::emit_op_to_numeric):
(JSC::JIT::emit_op_to_string):
(JSC::JIT::emit_op_to_object):
(JSC::JIT::emit_op_catch):
(JSC::JIT::emit_op_identity_with_profile):
(JSC::JIT::emit_op_get_parent_scope):
(JSC::JIT::emit_op_switch_imm):
(JSC::JIT::emit_op_switch_char):
(JSC::JIT::emit_op_switch_string):
(JSC::JIT::emit_op_eq_null):
(JSC::JIT::emit_op_neq_null):
(JSC::JIT::emit_op_enter):
(JSC::JIT::emit_op_get_scope):
(JSC::JIT::emit_op_to_this):
(JSC::JIT::emit_op_create_this):
(JSC::JIT::emit_op_check_tdz):
(JSC::JIT::emitSlow_op_eq):
(JSC::JIT::emitSlow_op_neq):
(JSC::JIT::emitSlow_op_jeq):
(JSC::JIT::emitSlow_op_jneq):
(JSC::JIT::emit_op_debug):
(JSC::JIT::emit_op_loop_hint):
(JSC::JIT::emitSlow_op_loop_hint):
(JSC::JIT::emit_op_check_traps):
(JSC::JIT::emit_op_nop):
(JSC::JIT::emit_op_super_sampler_begin):
(JSC::JIT::emit_op_super_sampler_end):
(JSC::JIT::emitSlow_op_check_traps):
(JSC::JIT::emit_op_new_regexp):
(JSC::JIT::emitNewFuncCommon):
(JSC::JIT::emit_op_new_func):
(JSC::JIT::emit_op_new_generator_func):
(JSC::JIT::emit_op_new_async_generator_func):
(JSC::JIT::emit_op_new_async_func):
(JSC::JIT::emitNewFuncExprCommon):
(JSC::JIT::emit_op_new_func_exp):
(JSC::JIT::emit_op_new_generator_func_exp):
(JSC::JIT::emit_op_new_async_func_exp):
(JSC::JIT::emit_op_new_async_generator_func_exp):
(JSC::JIT::emit_op_new_array):
(JSC::JIT::emit_op_new_array_with_size):
(JSC::JIT::emit_op_profile_type):
(JSC::JIT::emit_op_log_shadow_chicken_prologue):
(JSC::JIT::emit_op_log_shadow_chicken_tail):
(JSC::JIT::emit_op_profile_control_flow):
(JSC::JIT::emit_op_argument_count):
(JSC::JIT::emit_op_get_rest_length):
(JSC::JIT::emit_op_get_argument):
(JSC::JIT::emit_op_get_prototype_of):
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_eq):
(JSC::JIT::emit_op_neq):
(JSC::JIT::emit_op_jeq):
(JSC::JIT::emit_op_jneq):
(JSC::JIT::emitSlow_op_eq):
(JSC::JIT::emitSlow_op_neq):
(JSC::JIT::emitSlow_op_jeq):
(JSC::JIT::emitSlow_op_jneq):
(JSC::JIT::emit_op_stricteq):
(JSC::JIT::emit_op_nstricteq):
(JSC::JIT::emit_op_jstricteq):
(JSC::JIT::emit_op_jnstricteq):
(JSC::JIT::emitSlow_op_jstricteq):
(JSC::JIT::emitSlow_op_jnstricteq):
* jit/JITOperations.cpp:
(JSC::JSC_DEFINE_JIT_OPERATION):
* jit/JITOperations.h:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emit_op_get_private_name):
(JSC::JIT::emitSlow_op_get_private_name):
(JSC::JIT::emit_op_set_private_brand):
(JSC::JIT::emitSlow_op_set_private_brand):
(JSC::JIT::emit_op_check_private_brand):
(JSC::JIT::emitSlow_op_check_private_brand):
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emit_op_put_by_val_direct):
(JSC::JIT::emitSlow_op_put_by_val):
(JSC::JIT::emit_op_put_private_name):
(JSC::JIT::emitSlow_op_put_private_name):
(JSC::JIT::emit_op_put_getter_by_id):
(JSC::JIT::emit_op_put_setter_by_id):
(JSC::JIT::emit_op_put_getter_setter_by_id):
(JSC::JIT::emit_op_put_getter_by_val):
(JSC::JIT::emit_op_put_setter_by_val):
(JSC::JIT::emit_op_del_by_id):
(JSC::JIT::emitSlow_op_del_by_id):
(JSC::JIT::emit_op_del_by_val):
(JSC::JIT::emitSlow_op_del_by_val):
(JSC::JIT::emit_op_try_get_by_id):
(JSC::JIT::emitSlow_op_try_get_by_id):
(JSC::JIT::emit_op_get_by_id_direct):
(JSC::JIT::emitSlow_op_get_by_id_direct):
(JSC::JIT::emit_op_get_by_id):
(JSC::JIT::emitSlow_op_get_by_id):
(JSC::JIT::emit_op_get_by_id_with_this):
(JSC::JIT::emitSlow_op_get_by_id_with_this):
(JSC::JIT::emit_op_put_by_id):
(JSC::JIT::emitSlow_op_put_by_id):
(JSC::JIT::emit_op_in_by_id):
(JSC::JIT::emitSlow_op_in_by_id):
(JSC::JIT::emit_op_in_by_val):
(JSC::JIT::emitSlow_op_in_by_val):
(JSC::JIT::emit_op_has_private_name):
(JSC::JIT::emitSlow_op_has_private_name):
(JSC::JIT::emit_op_has_private_brand):
(JSC::JIT::emitSlow_op_has_private_brand):
(JSC::JIT::emit_op_resolve_scope):
(JSC::JIT::emit_op_get_from_scope):
(JSC::JIT::emit_op_put_to_scope):
(JSC::JIT::emitSlow_op_put_to_scope):
(JSC::JIT::emit_op_get_from_arguments):
(JSC::JIT::emit_op_put_to_arguments):
(JSC::JIT::emit_op_get_internal_field):
(JSC::JIT::emit_op_put_internal_field):
(JSC::JIT::emit_op_get_property_enumerator):
(JSC::JIT::emit_op_enumerator_next):
(JSC::JIT::emit_op_enumerator_get_by_val):
(JSC::JIT::emitSlow_op_enumerator_get_by_val):
(JSC::JIT::emit_op_enumerator_in_by_val):
(JSC::JIT::emit_op_enumerator_has_own_property):
* llint/LLIntData.cpp:
(JSC::LLInt::initialize):
* llint/LLIntData.h:
(JSC::LLInt::exceptionInstructions):
(JSC::LLInt::wasmExceptionInstructions):
* llint/LLIntExceptions.cpp:
(JSC::LLInt::returnToThrow):
(JSC::LLInt::wasmReturnToThrow):
* llint/LLIntExceptions.h:
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::llint_trace_operand):
(JSC::LLInt::llint_trace_value):
(JSC::LLInt::setupGetByIdPrototypeCache):
(JSC::LLInt::performLLIntGetByID):
(JSC::LLInt::varargsSetup):
(JSC::LLInt::commonCallEval):
(JSC::LLInt::dispatchToNextInstructionDuringExit):
* llint/LLIntSlowPaths.h:
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter.cpp:
(JSC::CLoopRegister::operator const JSInstruction*):
(JSC::CLoop::execute):
(JSC::CLoopRegister::operator const Instruction*): Deleted.
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* llint/WebAssembly.asm:
* runtime/CachedTypes.cpp:
(JSC::CachedInstructionStream::encode):
(JSC::CachedInstructionStream::decode const):
(JSC::CachedCodeBlock::instructions const):
* runtime/CommonSlowPaths.cpp:
(JSC::updateArithProfileForBinaryArithOp):
(JSC::iteratorOpenTryFastImpl):
(JSC::iteratorNextTryFastImpl):
* runtime/CommonSlowPaths.h:
* runtime/JSCConfig.h:
* runtime/JSCJSValue.h:
* runtime/SlowPathFunction.h:
* runtime/VM.cpp:
(JSC::VM::addLoopHintExecutionCounter):
(JSC::VM::getLoopHintExecutionCounter):
(JSC::VM::removeLoopHintExecutionCounter):
* runtime/VM.h:
* wasm/WasmCallee.cpp:
(JSC::Wasm::LLIntCallee::LLIntCallee):
(JSC::Wasm::LLIntCallee::outOfLineJumpOffset):
(JSC::Wasm::LLIntCallee::outOfLineJumpTarget):
* wasm/WasmCallee.h:
* wasm/WasmFunctionCodeBlockGenerator.cpp:
(JSC::Wasm::FunctionCodeBlockGenerator::setInstructions):
(JSC::Wasm::FunctionCodeBlockGenerator::addOutOfLineJumpTarget):
(JSC::Wasm::FunctionCodeBlockGenerator::outOfLineJumpOffset):
* wasm/WasmFunctionCodeBlockGenerator.h:
(JSC::Wasm::FunctionCodeBlockGenerator::constantRegisters const):
(JSC::Wasm::FunctionCodeBlockGenerator::instructions const):
(JSC::Wasm::FunctionCodeBlockGenerator::addJumpTarget):
(JSC::Wasm::FunctionCodeBlockGenerator::numberOfJumpTargets):
(JSC::Wasm::FunctionCodeBlockGenerator::lastJumpTarget):
(JSC::Wasm::FunctionCodeBlockGenerator::outOfLineJumpOffset):
(JSC::Wasm::FunctionCodeBlockGenerator::bytecodeOffset):
(JSC::Wasm::FunctionCodeBlockGenerator::tierUpCounter):
* wasm/WasmGeneratorTraits.h:
* wasm/WasmLLIntGenerator.cpp:
(JSC::Wasm::LLIntGenerator::addSwitch):
(JSC::GenericLabel<Wasm::GeneratorTraits>::setLocation):
* wasm/WasmLLIntTierUpCounter.cpp:
(JSC::Wasm::LLIntTierUpCounter::addOSREntryDataForLoop):
(JSC::Wasm::LLIntTierUpCounter::osrEntryDataForLoop const const):
* wasm/WasmLLIntTierUpCounter.h:
(JSC::Wasm::LLIntTierUpCounter::LLIntTierUpCounter):
* wasm/WasmSlowPaths.cpp:
(JSC::LLInt::WASM_SLOW_PATH_DECL):
(JSC::LLInt::slow_path_wasm_throw_exception):
(JSC::LLInt::slow_path_wasm_popcount):
(JSC::LLInt::slow_path_wasm_popcountll):
* wasm/WasmSlowPaths.h:
2022-03-01 Devin Rousso <drousso@apple.com>
Web Inspector: add a switch to control whether breakpoint evaluations (condition, ignore count, actions) are also affected by script blackboxing
https://bugs.webkit.org/show_bug.cgi?id=235274
Reviewed by Patrick Angle.
Being able to defer breakpoint evaluations until the next actual pause can sometimes be far
more useful than doing the breakpoint evaluations at the breakpoint's original location.
As an example, configuring the All Events breakpoint with a `console.trace()` action and
auto-continue enabled would not provide much useful information without also blackboxing
breakpoint evaluations as the original pause location of the All Events breakpoint is on the
first line of the event handler, meaning that if the script containing the event handler is
blackboxed then the `console.trace()` would still only show that location even though the
Sources Tab would show the first line of code outside of that script (due to the blackbox).
Being able to also blackbox breakpoint evaluations would instead cause the `console.trace()`
action to have the same output as the Sources Tab, since it's evaluation would be deferred
until execution actually paused, which is further inside the event handler.
* debugger/Debugger.cpp:
(JSC::Debugger::Debugger):
(JSC::Debugger::didHitBreakpoint):
(JSC::Debugger::evaluateBreakpointCondition):
(JSC::Debugger::continueProgram):
(JSC::Debugger::pauseIfNeeded):
(JSC::Debugger::didExecuteProgram):
(JSC::Debugger::setBlackboxBreakpointEvaluations): Added.
Keep track of every `Breakpoint` wants to pause but is deferred due to blackboxing.
Depending on whether breakpoint evaluations are also blackboxed (based on the flag set via
the piping code/logic below), check if the script attempting to be paused in is blackboxed
before or after handling breakpoint evaluations.
Side effects of this change are:
- breakpoint conditions are now evaluated right before that breakpoint's actions, instead of
evaluating all breakpoint conditions before all breakpoint actions
- if breakpoint evaluations are blackboxed, more than two breakpoints can now be evaluated
during a single pause attempt depending on how may deferrals (with breakpoints) happened
* debugger/Debugger.h:
(JSC::Debugger::Observer::didDeferBreakpointPause): Added.
Add a way to notify `InspectorDebuggerAgent` of deferred breakpoint pauses so that the
correct `originalReason` will be used after a deferred pause.
* inspector/protocol/Debugger.json:
* inspector/agents/InspectorDebuggerAgent.h:
* inspector/agents/InspectorDebuggerAgent.cpp:
(Inspector::InspectorDebuggerAgent::setBlackboxBreakpointEvaluations): Added.
(Inspector::InspectorDebuggerAgent::didDeferBreakpointPause): Added.
Add a `setBlackboxBreakpointEvaluations` command that passes directly to `Debugger`.
2022-03-01 Saam Barati <sbarati@apple.com>
Add a DeferTraps scope
https://bugs.webkit.org/show_bug.cgi?id=237306
<rdar://83494949>
Reviewed by Mark Lam.
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::jettison):
(JSC::CodeBlock::noticeIncomingCall):
* bytecode/CodeBlock.h:
* bytecode/RepatchInlines.h:
(JSC::linkFor):
(JSC::virtualForWithFunction):
* dfg/DFGOperations.cpp:
(JSC::DFG::JSC_DEFINE_JIT_OPERATION):
* interpreter/Interpreter.cpp:
(JSC::Interpreter::executeProgram):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):
(JSC::Interpreter::execute):
(JSC::Interpreter::executeModuleProgram):
* interpreter/InterpreterInlines.h:
(JSC::Interpreter::execute):
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::setUpCall):
* runtime/ScriptExecutable.cpp:
(JSC::ScriptExecutable::installCode):
* runtime/VMTraps.cpp:
(JSC::VMTraps::handleTraps):
(JSC::VMTraps::takeTopPriorityTrap):
* runtime/VMTraps.h:
(JSC::VMTraps::needHandling const):
(JSC::VMTraps::hasTrapBit):
(JSC::VMTraps::setTrapBit):
* runtime/VMTrapsInlines.h:
(JSC::DeferTraps::DeferTraps):
(JSC::DeferTraps::~DeferTraps):
2022-03-01 Fujii Hironori <Hironori.Fujii@sony.com>
WTF::SentinelLinkedList::iterator should have operator++ for range-for loop
https://bugs.webkit.org/show_bug.cgi?id=237265
Reviewed by Yusuke Suzuki.
SentinelLinkedList::iterator isn't a pointer of node now, it
should be deferenced before comparing with a pointer.
* bytecode/Watchpoint.cpp:
(JSC::WatchpointSet::fireAllWatchpoints):
* heap/HandleSet.cpp:
(JSC::HandleSet::visitStrongHandles):
(JSC::HandleSet::protectedGlobalObjectCount):
* heap/HandleSet.h:
(JSC::HandleSet::forEachStrongHandle):
* heap/IsoSubspace.cpp:
(JSC::IsoSubspace::tryAllocateFromLowerTier):
* heap/SubspaceInlines.h:
(JSC::Subspace::forEachPreciseAllocation):
* jsc.cpp:
(Workers::broadcast):
2022-03-01 Michael Catanzaro <mcatanzaro@gnome.org>
Misc compiler warnings, late Feb 2022 edition
https://bugs.webkit.org/show_bug.cgi?id=237275
Reviewed by Adrian Perez de Castro.
Suppress suspected false-positive -Wstringop-overflow and -Wformat-overflow warnings. Also,
remove an unused variable.
* API/tests/MultithreadedMultiVMExecutionTest.cpp:
(startMultithreadedMultiVMExecutionTest):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):
* ftl/FTLOSRExit.cpp:
(JSC::FTL::OSRExitDescriptor::prepareOSRExitHandle):
* yarr/YarrJIT.cpp:
2022-03-01 Alex Christensen <achristensen@webkit.org>
[AppleWin] Start using Visual Studio 2022
https://bugs.webkit.org/show_bug.cgi?id=234933
Reviewed by Maciej Stachowiak.
* JavaScriptCore.vcxproj/JavaScriptCore.proj:
2022-03-01 Geza Lore <glore@igalia.com>
[JSC] Port EXTRA_CTI_THUNKS to all platforms
https://bugs.webkit.org/show_bug.cgi?id=233822
Reviewed by Saam Barati.
Port and enable all code paths under #ifdef ENABLE(EXTRA_CTI_THUNKS)
on all platforms, and remove the now unused code paths.
To port the extra thunks to all platforms, it was necessary to enable
them to do function calls to C++ slow path operations, which on some
platforms require passing arguments on the stack. To enable this,
CCallHelpers::emitCTIThunkPrologue and
CCallHelpers::emitCTIThunkEpilogue are introduced that allocate some
additional stack space on platforms where this is necessary.
Additionally, the thunks that require subsequent exception checking
now tail call directly to the exception check thunk, rather than
returning to the baseline code and do a separate call to the exception
check thunk. This saves an extra call site in the generated baseline
ops and reduces code size on all platforms (~1.5% reduction on x86_64).
Also factored out the statically allocated register definitions for
baseline ops into BaselineJITRegisters.h, as there are now quite a lot
of them and some are somewhat elaborate. This necessitates moving the
noOverlap and preferredArgumentGPR/preferredArgumentJSR constexpr
functions out from their previous place, so these now live in
GPRInfo.h
Enabling the extra CTI thunks on ARMv7/Thumb-2 saves about 25%
baseline code size, according to --dumpLinkBufferStats.
* assembler/MacroAssembler.h:
(JSC::MacroAssembler::subPtr):
* assembler/MacroAssemblerARMv7.h:
(JSC::MacroAssemblerARMv7::scratchRegister):
* assembler/MacroAssemblerX86_64.h:
(JSC::MacroAssemblerX86_64::sub64):
* bytecode/PolymorphicAccess.cpp:
(JSC::AccessGenerationState::emitExplicitExceptionHandler):
* bytecode/StructureStubInfo.cpp:
(JSC::StructureStubInfo::initializeFromUnlinkedStructureStubInfo):
* dfg/DFGJITCompiler.cpp:
(JSC::DFG::JITCompiler::link):
(JSC::DFG::JITCompiler::compile):
(JSC::DFG::JITCompiler::compileFunction):
* dfg/DFGJITCompiler.h:
* ftl/FTLCompile.cpp:
(JSC::FTL::compile):
* ftl/FTLLink.cpp:
(JSC::FTL::link):
* jit/CCallHelpers.h:
(JSC::CCallHelpers::emitCTIThunkPrologue):
(JSC::CCallHelpers::emitCTIThunkEpilogue):
* jit/JIT.cpp:
(JSC::JIT::emitSlowCaseCall):
(JSC::JIT::privateCompileSlowCases):
(JSC::JIT::compileAndLinkWithoutFinalizing):
(JSC::JIT::link):
* jit/JIT.h:
* jit/JITArithmetic.cpp:
(JSC::JIT::emitSlow_op_mod):
(JSC::JIT::emit_op_mod):
(JSC::JIT::emit_op_div):
* jit/JITCall.cpp:
(JSC::JIT::emit_op_iterator_open):
(JSC::JIT::emit_op_iterator_next):
(JSC::JIT::emitSlow_op_iterator_next):
* jit/JITInlineCacheGenerator.cpp:
(JSC::JITGetByIdGenerator::generateBaselineDataICFastPath):
(JSC::JITGetByIdWithThisGenerator::generateBaselineDataICFastPath):
(JSC::JITPutByIdGenerator::generateBaselineDataICFastPath):
* jit/JITInlineCacheGenerator.h:
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_jfalse):
(JSC::JIT::valueIsFalseyGenerator):
(JSC::JIT::emit_op_jtrue):
(JSC::JIT::valueIsTruthyGenerator):
(JSC::JIT::emit_op_throw):
(JSC::JIT::op_throw_handlerGenerator):
(JSC::JIT::emit_op_enter):
(JSC::JIT::op_enter_handlerGenerator):
(JSC::JIT::emitSlow_op_check_traps):
(JSC::JIT::op_check_traps_handlerGenerator):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::generateGetByValSlowCase):
(JSC::JIT::slow_op_get_by_val_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emit_op_get_private_name):
(JSC::JIT::emitSlow_op_get_private_name):
(JSC::JIT::slow_op_get_private_name_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emit_op_set_private_brand):
(JSC::JIT::emitSlow_op_set_private_brand):
(JSC::JIT::emit_op_check_private_brand):
(JSC::JIT::emitSlow_op_check_private_brand):
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emitSlow_op_put_by_val):
(JSC::JIT::slow_op_put_by_val_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emit_op_put_private_name):
(JSC::JIT::emitSlow_op_put_private_name):
(JSC::JIT::slow_op_put_private_name_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emit_op_del_by_id):
(JSC::JIT::emitSlow_op_del_by_id):
(JSC::JIT::slow_op_del_by_id_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emit_op_del_by_val):
(JSC::JIT::emitSlow_op_del_by_val):
(JSC::JIT::slow_op_del_by_val_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emit_op_try_get_by_id):
(JSC::JIT::emitSlow_op_try_get_by_id):
(JSC::JIT::emit_op_get_by_id_direct):
(JSC::JIT::emitSlow_op_get_by_id_direct):
(JSC::JIT::emit_op_get_by_id):
(JSC::JIT::emitSlow_op_get_by_id):
(JSC::JIT::slow_op_get_by_id_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emit_op_get_by_id_with_this):
(JSC::JIT::emitSlow_op_get_by_id_with_this):
(JSC::JIT::slow_op_get_by_id_with_this_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emit_op_put_by_id):
(JSC::JIT::emitSlow_op_put_by_id):
(JSC::JIT::slow_op_put_by_id_callSlowOperationThenCheckExceptionGenerator):
(JSC::JIT::emitSlow_op_in_by_id):
(JSC::JIT::emitSlow_op_in_by_val):
(JSC::JIT::emitHasPrivateSlow):
(JSC::JIT::emitSlow_op_has_private_name):
(JSC::JIT::emitSlow_op_has_private_brand):
(JSC::JIT::emitSlow_op_put_to_scope):
(JSC::JIT::slow_op_put_to_scopeGenerator):
(JSC::JIT::emit_op_get_property_enumerator):
(JSC::JIT::emit_op_enumerator_next):
(JSC::JIT::emit_enumerator_has_propertyImpl):
(JSC::JIT::emit_op_enumerator_get_by_val):
(JSC::JIT::emit_op_enumerator_in_by_val):
(JSC::JIT::emit_op_enumerator_has_own_property):
* jit/JITThunks.cpp:
* jit/JITThunks.h:
* jit/SlowPathCall.cpp:
(JSC::JITSlowPathCall::call):
(JSC::JITSlowPathCall::generateThunk):
* jit/SlowPathCall.h:
(JSC::JITSlowPathCall::JITSlowPathCall):
* jit/ThunkGenerators.cpp:
(JSC::handleExceptionGenerator):
(JSC::checkExceptionGenerator):
* jit/ThunkGenerators.h:
2022-02-28 Devin Rousso <drousso@apple.com>
Web Inspector: [Flexbox] Add options to show each area's CSS `order` and/or DOM index in the parent flex container
https://bugs.webkit.org/show_bug.cgi?id=237215
Reviewed by Patrick Angle.
This will help developers better understand how CSS `order` and the DOM index of each flex
item interact and result in what's eventually rendered.
* inspector/protocol/DOM.json:
Add an optional boolean parameter to `DOM.showFlexOverlay`:
- `showOrderNumbers` controls whether labels with the computed CSS `order` value are shown
over each flex item's area.
2022-02-28 Yusuke Suzuki <ysuzuki@apple.com>
[JSC] Use DeferTerminationForAWhile in Interpreter::unwind
https://bugs.webkit.org/show_bug.cgi?id=237176
Reviewed by Mark Lam.
If we're unwinding the stack due to a regular exception (not a TerminationException), then
we want to use a DeferTerminationForAWhile scope. This is because we want to avoid a
TerminationException being raised (due to a concurrent termination request) in the middle
of unwinding. The unwinding code only checks if we're handling a TerminationException before
it starts unwinding and is not expecting this status to change in the middle. Without the
DeferTerminationForAWhile scope, control flow may end up in an exception handler, and effectively
"catch" the newly raised TerminationException, which should not be catchable.
On the other hand, if we're unwinding the stack due to a TerminationException, we do not need
nor want the DeferTerminationForAWhile scope. This is because on exit, DeferTerminationForAWhile
will set the VMTraps NeedTermination bit if termination is in progress. The system expects the
NeedTermination bit to be have been cleared by VMTraps::handleTraps() once the TerminationException
has been raised. Some legacy client apps relies on this and expects to be able to re-enter the
VM after it exits due to termination. If the NeedTermination bit is set, upon re-entry, the
VM will behave as if a termination request is pending and terminate almost immediately, thereby
breaking the legacy client apps.
* interpreter/Interpreter.cpp:
(JSC::UnwindFunctor::notifyDebuggerOfUnwinding):
(JSC::sanitizeRemoteFunctionException):
(JSC::Interpreter::unwind):
(JSC::notifyDebuggerOfUnwinding): Deleted.
2022-02-28 Angelos Oikonomopoulos <angelos@igalia.com>
[JSC] Reuse known register values on ARMv7
https://bugs.webkit.org/show_bug.cgi?id=237207
Reviewed by Žan Doberšek.
Set up a CachedTempRegister for each of addressTempRegister,
dataTempRegister on ARMv7 and use them to generate shorter instruction
sequences when possible.
Saves 1.5-2% of code size on JS2 with no measurable difference in
performance.
* assembler/AbstractMacroAssembler.h:
(JSC::AbstractMacroAssembler::CachedTempRegister::value):
* assembler/MacroAssemblerARMv7.cpp:
(JSC::MacroAssembler::probe):
* assembler/MacroAssemblerARMv7.h:
(JSC::MacroAssemblerARMv7::MacroAssemblerARMv7):
(JSC::MacroAssemblerARMv7::add32):
(JSC::MacroAssemblerARMv7::getEffectiveAddress):
(JSC::MacroAssemblerARMv7::add64):
(JSC::MacroAssemblerARMv7::lshift32):
(JSC::MacroAssemblerARMv7::mul32):
(JSC::MacroAssemblerARMv7::rshift32):
(JSC::MacroAssemblerARMv7::urshift32):
(JSC::MacroAssemblerARMv7::load32):
(JSC::MacroAssemblerARMv7::load16):
(JSC::MacroAssemblerARMv7::load16SignedExtendTo32):
(JSC::MacroAssemblerARMv7::load8):
(JSC::MacroAssemblerARMv7::load8SignedExtendTo32):
(JSC::MacroAssemblerARMv7::loadPair32):
(JSC::MacroAssemblerARMv7::store8):
(JSC::MacroAssemblerARMv7::storePair32):
(JSC::MacroAssemblerARMv7::loadDouble):
(JSC::MacroAssemblerARMv7::loadFloat):
(JSC::MacroAssemblerARMv7::storeDouble):
(JSC::MacroAssemblerARMv7::storeFloat):
(JSC::MacroAssemblerARMv7::branchTruncateDoubleToInt32):
(JSC::MacroAssemblerARMv7::branchConvertDoubleToInt32):
(JSC::MacroAssemblerARMv7::long_move):
(JSC::MacroAssemblerARMv7::short_move):
(JSC::MacroAssemblerARMv7::move):
(JSC::MacroAssemblerARMv7::compare32AndSetFlags):
(JSC::MacroAssemblerARMv7::branch8):
(JSC::MacroAssemblerARMv7::branchTest8):
(JSC::MacroAssemblerARMv7::branchTest16):
(JSC::MacroAssemblerARMv7::farJump):
(JSC::MacroAssemblerARMv7::branchMul32):
(JSC::MacroAssemblerARMv7::nearCall):
(JSC::MacroAssemblerARMv7::nearTailCall):
(JSC::MacroAssemblerARMv7::call):
(JSC::MacroAssemblerARMv7::compare8):
(JSC::MacroAssemblerARMv7::test8):
(JSC::MacroAssemblerARMv7::jump):
(JSC::MacroAssemblerARMv7::makeBranch):
(JSC::MacroAssemblerARMv7::setupArmAddress):
(JSC::MacroAssemblerARMv7::makeBaseIndexBase):
(JSC::MacroAssemblerARMv7::moveFixedWidthEncoding):
(JSC::MacroAssemblerARMv7::cachedDataTempRegister):
(JSC::MacroAssemblerARMv7::cachedAddressTempRegister):
(JSC::MacroAssemblerARMv7::getCachedDataTempRegisterIDAndInvalidate):
(JSC::MacroAssemblerARMv7::getCachedAddressTempRegisterIDAndInvalidate):
* bytecode/CallLinkInfo.cpp:
(JSC::CallLinkInfo::emitFastPathImpl):
2022-02-27 Chris Dumez <cdumez@apple.com>
Omit template parameter for SetForScope<> variables
https://bugs.webkit.org/show_bug.cgi?id=237258
Reviewed by Darin Adler.
* bytecompiler/BytecodeGenerator.h:
(JSC::BytecodeGenerator::emitNode):
* debugger/Debugger.cpp:
(JSC::Debugger::dispatchFunctionToObservers):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::setLocalOrTmp):
(JSC::DFG::ByteCodeParser::setArgument):
* inspector/InspectorBackendDispatcher.cpp:
(Inspector::BackendDispatcher::dispatch):
* parser/Parser.cpp:
(JSC::Parser<LexerType>::parseInner):
(JSC::Parser<LexerType>::parseAsyncFunctionSourceElements):
(JSC::Parser<LexerType>::parseAsyncGeneratorFunctionSourceElements):
(JSC::Parser<LexerType>::parseFunctionBody):
(JSC::Parser<LexerType>::parseFunctionParameters):
(JSC::Parser<LexerType>::parseFunctionInfo):
(JSC::Parser<LexerType>::parseFunctionDeclaration):
(JSC::Parser<LexerType>::parseAsyncFunctionDeclaration):
(JSC::Parser<LexerType>::parseClass):
(JSC::Parser<LexerType>::parseProperty):
(JSC::Parser<LexerType>::parseGetterSetter):
(JSC::Parser<LexerType>::parseFunctionExpression):
(JSC::Parser<LexerType>::parseAsyncFunctionExpression):
(JSC::Parser<LexerType>::parseArrowFunctionExpression):
2022-02-26 Basuke Suzuki <basuke.suzuki@sony.com>
Remove UNUSED warnings for non-Cocoa platform after r290449
https://bugs.webkit.org/show_bug.cgi?id=237233
Reviewed by Darin Adler.
* runtime/JSDateMath.cpp:
2022-02-24 Mark Lam <mark.lam@apple.com>
Remove incorrect ASSERT.
https://bugs.webkit.org/show_bug.cgi?id=237185
<rdar://problem/83902782>
Reviewed by Yusuke Suzuki.
These debug ASSERTs were added in http://trac.webkit.org/r283632 back when we
weren't sure that the StringImpl pointer can be null or not. We're now certain
that the StringImpl pointer can be null because:
The site of the ASSERT looks like this:
```
auto* impl = string->tryGetValueImpl();
ASSERT(impl); // FIXME: rdar://83902782
if (impl && impl->isAtom() &&
...
```
... where string is a JSString, which can also be a JSRopeString.
JSString::tryGetValueImpl() is:
```
inline const StringImpl* JSString::tryGetValueImpl() const
{
uintptr_t pointer = fiberConcurrently();
if (pointer & isRopeInPointer)
return nullptr;
return bitwise_cast<StringImpl*>(pointer);
}
```
If string is a JSRopeString, the returned impl will be null. Hence, the ASSERT is
invalid and should be removed.
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
(JSC::DFG::ByteCodeParser::handlePutByVal):
2022-02-25 Commit Queue <commit-queue@webkit.org>
Unreviewed, reverting r290516.
https://bugs.webkit.org/show_bug.cgi?id=237222
broke debug tests
Reverted changeset:
"[JSC] Use DeferTerminationForAWhile in Interpreter::unwind"
https://bugs.webkit.org/show_bug.cgi?id=237176
https://commits.webkit.org/r290516
2022-02-25 Mark Lam <mark.lam@apple.com>
operationMaterializeObjectInOSR should DeferTerminationForAWhile instead of just DeferTermination.
https://bugs.webkit.org/show_bug.cgi?id=237173
rdar://problem/89450245
Reviewed by Yusuke Suzuki.
DeferTermination can throw the TerminationException on destruction of the scope
object. operationMaterializeObjectInOSR() was using DeferTermination, resulting
in the TerminationException being thrown on exit. This trips up
validateDFGExceptionHandling testing (which is enabled on Debug builds) because the
TerminationException is unexpected. The solution is simply to use
DeferTerminationForAWhile instead, and let a more natural trap checkpoint throw
the TerminationException later.
Also refactored notifyDebuggerOfUnwinding() to return early if a debugger is not
present. This avoids unnecessarily entering and exiting a DeferTermination scope
in notifyDebuggerOfUnwinding(). This was observed while testing this change on
the attached test case.
* ftl/FTLOperations.cpp:
(JSC::FTL::operationMaterializeObjectInOSR):
* interpreter/Interpreter.cpp:
(JSC::notifyDebuggerOfUnwinding):
2022-02-24 Yusuke Suzuki <ysuzuki@apple.com>
[JSC] Use DeferTerminationForAWhile in Interpreter::unwind
https://bugs.webkit.org/show_bug.cgi?id=237176
Reviewed by Mark Lam.
Interpreter::unwind calls sanitizeRemoteFunctionException, which would like to create scope (but it
does not have user observable behavior). Problem is that, since it is creating a scope, it can throw
a termination exception. We were using DeferTermination, but destructor of this scope can still set
termination exception, which results in throwing a termination exception for the error handler.
We use DeferTerminationForAWhile in the prologue of the Interpreter::unwind to ensure that this function
will not accept termination exception coming concurrently.
* interpreter/Interpreter.cpp:
(JSC::sanitizeRemoteFunctionException):
(JSC::Interpreter::unwind):
2022-02-25 Patrick Angle <pangle@apple.com>
Web Inspector: [Cocoa] Split remote inspector message data into smaller chunks for large messages
https://bugs.webkit.org/show_bug.cgi?id=237110
<rdar://89364487>
Reviewed by Devin Rousso.
Messages over 2 MiB will now be split into multiple chunks, which allows us to not exceed any receiving daemon
process' memory limit under otherwise normal conditions. 2 MiB was chosen as a balance between not having to
split most messages at all and making sure that the messages (and any copies made during the relaying of the
messages) do not exceed the memory limits of the receiving daemon process.
In order to prevent us from sending chunked messages to a process that doesn't support them we check for a flag
to enable this functionality during connection setup.
* inspector/remote/RemoteInspector.h:
* inspector/remote/RemoteInspectorConstants.h:
* inspector/remote/cocoa/RemoteInspectorCocoa.mm:
(Inspector::RemoteInspector::sendMessageToRemote):
(Inspector::RemoteInspector::receivedSetupMessage):
2022-02-24 Chris Dumez <cdumez@apple.com>
[Cocoa] Only clear ICU cache when time zone is changed
https://bugs.webkit.org/show_bug.cgi?id=236996
Reviewed by Yusuke Suzuki.
We used to unconditionally invalidate the VM's DateCache in VMEntryScope in order to
make sure we always used the latest time zone from the host machine (in case it changed).
This overly aggressive invalidation was causing us to repeatedly go to the disk in order
to determine the host time zone. On Cocoa ports, we now listen to the
kCFTimeZoneSystemTimeZoneDidChangeNotification notification and only invalidate the
VM's DateCache in VMEntryScope if the host time zone has actually changed since the
last time.
* runtime/JSDateMath.cpp:
(JSC::timeZoneChangeNotification):
(JSC::DateCache::DateCache):
(JSC::DateCache::resetIfNecessary):
(JSC::DateCache::reset): Deleted.
* runtime/JSDateMath.h:
* runtime/VM.h:
(JSC::VM::resetDateCacheIfNecessary):
(JSC::VM::resetDateCache): Deleted.
* runtime/VMEntryScope.cpp:
(JSC::VMEntryScope::VMEntryScope):
2022-02-24 Geza Lore <glore@igalia.com>
[JSC] Respect bytecode alignment in BytecodeRewriter
https://bugs.webkit.org/show_bug.cgi?id=237092
Reviewed by Yusuke Suzuki.
Note: This patch only affects bytecode generation on platforms which
set CPU(NEEDS_ALIGNED_ACCESS), which are ARMv7 and MIPS. On all other
platforms the generated bytecode is identical.
The previous BytecodeRewriter::removeBytecode method unconditionally
removed the given instruction, which could then break the required
alignment of subsequent wide ops. While this could be fixed by
inserting padding after the removal, all current uses of
removeBytecode are such that they constitute one half of a replace.
Instead of adding unnecessary padding, added an explicit
replaceBytecodeWithFragment method that removes the old instruction
and replaces it with the given fragment, while maintaining alignment
of the subsequent bytecode. This yields fewer nops. If removeBytecode
turns out to be necessary later, use replaceBytecodeWithFragment with
an empty fragment.
* bytecode/BytecodeGeneratorification.cpp:
(JSC::BytecodeGeneratorification::run):
* bytecode/BytecodeRewriter.h:
(JSC::BytecodeRewriter::Fragment::align):
(JSC::BytecodeRewriter::insertFragmentAfter):
(JSC::BytecodeRewriter::replaceBytecodeWithFragment):
* bytecompiler/BytecodeGeneratorBaseInlines.h:
(JSC::BytecodeGeneratorBase<Traits>::alignWideOpcode32):
2022-02-23 Yusuke Suzuki <ysuzuki@apple.com>
[JSC] WeakMapImpl do not need to take cellLock in visitOutputConstraints and main thread
https://bugs.webkit.org/show_bug.cgi?id=200195
Reviewed by Mark Lam.
WeakMapImpl::visitOutputConstraints is called in the constraint solver, so the main thread is stopped.
WeakMapImpl::rehash can destroy the buffer, but it is only called on either the main thread or GC finalizer. As a result,
it never happens that destroying the buffer while touching it in visitOutputConstraints. We can remove the lock guarding
this buffer.
* runtime/WeakMapImpl.cpp:
(JSC::WeakMapImpl<BucketType>::visitOutputConstraints):
* runtime/WeakMapImpl.h:
(JSC::WeakMapImpl::WeakMapImpl):
(JSC::WeakMapImpl::makeAndSetNewBuffer):
(JSC::WeakMapImpl::finishCreation): Deleted.
* runtime/WeakMapImplInlines.h:
(JSC::WeakMapImpl<WeakMapBucket>::rehash):
2022-02-23 Yusuke Suzuki <ysuzuki@apple.com>
[JSC] Adjust thread number for GC throughput
https://bugs.webkit.org/show_bug.cgi?id=237122
Reviewed by Mark Lam.
Adjust numberOfGCMarkers from 4 to 3 to make GC and main thread througput better on M1 macOS.
3 makes sense since there is also a main thread when they are running concurrently to the
main thread.
It offers 1.2% improvement in Speedometer2 in M1Max MBP and 0.4% improvement in M1 MBP.
----------------------------------------------------------------------------------------------------------------------------------
| subtest | ms | ms | b / a | pValue (significance using False Discovery Rate) |
----------------------------------------------------------------------------------------------------------------------------------
| Elm-TodoMVC |107.445000 |102.856667 |0.957296 | 0.000000 (significant) |
| VueJS-TodoMVC |21.571667 |21.805000 |1.010817 | 0.403054 |
| EmberJS-TodoMVC |113.320000 |111.300000 |0.982174 | 0.000027 (significant) |
| BackboneJS-TodoMVC |39.981667 |39.318333 |0.983409 | 0.002346 (significant) |
| Preact-TodoMVC |15.516667 |15.648333 |1.008485 | 0.544754 |
| AngularJS-TodoMVC |117.010000 |115.346667 |0.985785 | 0.000495 (significant) |
| Vanilla-ES2015-TodoMVC |57.790000 |57.176667 |0.989387 | 0.000270 (significant) |
| Inferno-TodoMVC |55.275000 |53.755000 |0.972501 | 0.000000 (significant) |
| Flight-TodoMVC |53.875000 |53.941667 |1.001237 | 0.739556 |
| Angular2-TypeScript-TodoMVC |36.600000 |36.471667 |0.996494 | 0.743761 |
| VanillaJS-TodoMVC |48.058333 |47.671667 |0.991954 | 0.158193 |
| jQuery-TodoMVC |203.433333 |201.878333 |0.992356 | 0.009271 (significant) |
| EmberJS-Debug-TodoMVC |325.058333 |319.848333 |0.983972 | 0.000003 (significant) |
| React-TodoMVC |80.533333 |79.281667 |0.984458 | 0.000011 (significant) |
| React-Redux-TodoMVC |134.738333 |131.801667 |0.978205 | 0.000000 (significant) |
| Vanilla-ES2015-Babel-Webpack-TodoMVC |56.780000 |56.168333 |0.989227 | 0.000514 (significant) |
----------------------------------------------------------------------------------------------------------------------------------
a mean = 293.86568
b mean = 297.52900
pValue = 0.0266899465
(Bigger means are better.)
1.012 times better
Results ARE significant
* runtime/Options.cpp:
(JSC::overrideDefaults):
2022-02-23 Adrian Perez de Castro <aperez@igalia.com>
Ensure generated inline assembler that setups segments returns to previous state
https://bugs.webkit.org/show_bug.cgi?id=236976
Reviewed by Yusuke Suzuki.
Use .previous in inline assembler in order to ensure that mixed emission of assembler
functions and other definitions correctly puts each of them in their rightful sections
in the output object code.
* assembler/MacroAssemblerARM64.cpp:
* assembler/MacroAssemblerARMv7.cpp:
* assembler/MacroAssemblerMIPS.cpp:
* assembler/MacroAssemblerX86Common.cpp:
2022-02-22 Chris Dumez <cdumez@apple.com>
Add a URL constructor that takes a String
https://bugs.webkit.org/show_bug.cgi?id=237068
Reviewed by Darin Adler.
Adopt the new `URL(const String&)` constructor.
* API/JSAPIGlobalObject.mm:
(JSC::computeValidImportSpecifier):
2022-02-22 Alexander Kanavin <alex@linutronix.de>
When building introspection files, add CMAKE_C_FLAGS to the compiler flags.
https://bugs.webkit.org/show_bug.cgi?id=232936
Reviewed by Michael Catanzaro.
g-ir-compiler is using a C compiler internally, so it needs to set
the proper flags for it.
* PlatformGTK.cmake:
2022-02-22 Asumu Takikawa <asumu@igalia.com>
Initial support for Wasm/ESM-integration in the WebCore module loader
https://bugs.webkit.org/show_bug.cgi?id=236268
Reviewed by Yusuke Suzuki.
Adjust WebAssemblySourceProvider to inherit from a new abstract base
class that exposes the data as a pointer and size, to allow
implementations other than a Vector. Also add initialization
and cleanup methods managed by RAII class.
* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* parser/SourceProvider.cpp:
(JSC::BaseWebAssemblySourceProvider::BaseWebAssemblySourceProvider):
* parser/SourceProvider.h:
(JSC::BaseWebAssemblySourceProvider::lockUnderlyingBuffer):
(JSC::BaseWebAssemblySourceProvider::unlockUnderlyingBuffer):
(JSC::WebAssemblySourceProviderBufferGuard::WebAssemblySourceProviderBufferGuard):
(JSC::WebAssemblySourceProviderBufferGuard::~WebAssemblySourceProviderBufferGuard):
* runtime/CachedTypes.cpp:
(JSC::CachedWebAssemblySourceProvider::encode):
* tools/JSDollarVM.cpp:
* wasm/js/JSWebAssemblyHelpers.h:
(JSC::getWasmBufferFromValue):
(JSC::createSourceBufferFromValue):
2022-02-22 Yusuke Suzuki <ysuzuki@apple.com>
[JSC] ShadowRealm JSRemoteFunction creation should convert CopyNameAndLength errors to TypeError
https://bugs.webkit.org/show_bug.cgi?id=237007
Reviewed by Alexey Shvayka.
1. Rename JSRemoteFunction::create to tryCreate since it can throw an error.
2. Passing JSGlobalObject* as a first parameter to JSRemoteFunction::tryCreate since it can throw an error.
3. Extract CopyNameAndLength part and convert errors to TypeError as specified.
* jit/JITOperations.cpp:
(JSC::getWrappedValue):
(JSC::JSC_DEFINE_JIT_OPERATION):
* runtime/JSRemoteFunction.cpp:
(JSC::wrapValue):
(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::JSRemoteFunction::tryCreate):
(JSC::JSRemoteFunction::copyNameAndLength):
(JSC::JSRemoteFunction::finishCreation):
(JSC::JSRemoteFunction::create): Deleted.
* runtime/JSRemoteFunction.h:
2022-02-22 Yusuke Suzuki <ysuzuki@apple.com>
[JSC] TypeError from JSRemoteFunction should be generated by JSRemoteFunction's JSGlobalObject
https://bugs.webkit.org/show_bug.cgi?id=237013
Reviewed by Saam Barati.
Our unwinding converts any errors inside JSRemoteFunction to TypeError. At that time, we should
use JSRemoteFunction's JSGlobalObject for this type error.
* interpreter/Interpreter.cpp:
(JSC::UnwindFunctor::UnwindFunctor):
(JSC::UnwindFunctor::operator() const):
(JSC::sanitizeRemoteFunctionException):
(JSC::Interpreter::unwind):
2022-02-21 Robin Morisset <rmorisset@apple.com>
[JSC] Format the output of --reportTotalPhaseTimes=1 more nicely
https://bugs.webkit.org/show_bug.cgi?id=237005
Reviewed by Saam Barati.
Before this patch:
[B3] moveConstants total ms: 64.307583 max ms: 1.703167
[B3] lowerToAir total ms: 151.297782 max ms: 5.426375
[B3] generateToAir total ms: 1623.987166 max ms: 92.826750
[B3] simplifyCFG total ms: 11.760463 max ms: 1.088083
[B3] Air::lowerMacros total ms: 5.975679 max ms: 0.382000
After this patch:
total ms: 66.328 max ms: 2.283 [B3] moveConstants
total ms: 148.097 max ms: 5.361 [B3] lowerToAir
total ms: 1619.115 max ms: 96.307 [Total B3] generateToAir
total ms: 11.959 max ms: 1.185 [Air] simplifyCFG
total ms: 6.519 max ms: 0.697 [Air] Air::lowerMacros
Concretely there are two changes:
- use FixedWidthDouble (also introduced to WTF in this patch) to line-up the total times.
This makes it possible to see at a glance which phases are worth optimizing and which aren't.
- Tag phases more precisely, and in particular replace [B3] by [Air] where relevant,
and give different tags to measurements that correspond to groups of phases instead of a single phase (e.g. generateToAir).
* JavaScriptCore.xcodeproj/project.pbxproj:
* b3/B3Compile.cpp:
(JSC::B3::compile):
* b3/B3FixSSA.cpp:
* b3/B3Generate.cpp:
(JSC::B3::prepareForGeneration):
(JSC::B3::generateToAir):
* b3/B3PhaseScope.cpp:
(JSC::B3::PhaseScope::PhaseScope):
* b3/B3PhaseScope.h:
* b3/B3TimingScope.h: Removed.
(JSC::B3::TimingScope::TimingScope): Deleted.
* b3/B3VariableLiveness.cpp:
(JSC::B3::VariableLiveness::VariableLiveness):
* b3/air/AirAllocateRegistersAndStackAndGenerateCode.cpp:
(JSC::B3::Air::GenerateAndAllocateRegisters::generate):
* b3/air/AirAllocateRegistersAndStackByLinearScan.cpp:
* b3/air/AirGenerate.cpp:
(JSC::B3::Air::prepareForGeneration):
(JSC::B3::Air::generateWithAlreadyAllocatedRegisters):
* b3/air/AirLiveness.h:
(JSC::B3::Air::Liveness::Liveness):
* b3/air/AirPhaseScope.cpp:
(JSC::B3::Air::PhaseScope::PhaseScope):
* b3/air/AirPhaseScope.h:
* tools/CompilerTimingScope.cpp:
2022-02-21 Yusuke Suzuki <ysuzuki@apple.com>
[JSC] Fix ShadowRealm unwinding
https://bugs.webkit.org/show_bug.cgi?id=237001
Reviewed by Saam Barati.
This patch fixes a crash bug found by test262. Regardless of it is RemoteFunction,
we should handle it as the same way to the other normal host functions except
for setting m_seenRemoteFunction = true flag. Previously, we are early returning,
this is wrong since we should stop unwinding if the caller is entry frame.
* interpreter/Interpreter.cpp:
(JSC::UnwindFunctor::operator() const):
2022-02-21 Yusuke Suzuki <ysuzuki@apple.com>
[JSC] Temporal.PlainDate should validate input range
https://bugs.webkit.org/show_bug.cgi?id=236936
Reviewed by Darin Adler.
Implement https://tc39.es/proposal-temporal/#sec-temporal-isodatetimewithinlimits check in
PlainDate to validate input range. For example, 0x7fffffff year should be rejected since
it is larger than ECMAScript datetime representation value. This is checked via ISODateTimeWithinLimits
in the spec.
We also remove isValid assertions in ExactTime. This should not be checked in these accessors, rather,
we should call that function when we would like to check, since PlainDate can represent a bit smaller
value than ExactTime's minValue (minValue - nsPerDay).
We also extend ExactTime::fromISOPartsAndOffset to handle values via Int128 to accept int32_t range years.
By using Int128 for nanoseconds, we can even represent int32_t max / min years. And we remove
`ASSERT(y >= -999999 && y <= 999999)` check since this is not necessary.
* runtime/ISO8601.cpp:
(JSC::ISO8601::ExactTime::fromISOPartsAndOffset):
(JSC::ISO8601::isDateTimeWithinLimits):
* runtime/ISO8601.h:
(JSC::ISO8601::ExactTime::ExactTime): Deleted.
(JSC::ISO8601::ExactTime::fromEpochSeconds): Deleted.
(JSC::ISO8601::ExactTime::fromEpochMilliseconds): Deleted.
(JSC::ISO8601::ExactTime::fromEpochMicroseconds): Deleted.
(JSC::ISO8601::ExactTime::epochSeconds const): Deleted.
(JSC::ISO8601::ExactTime::epochMilliseconds const): Deleted.
(JSC::ISO8601::ExactTime::epochMicroseconds const): Deleted.
(JSC::ISO8601::ExactTime::epochNanoseconds const): Deleted.
(JSC::ISO8601::ExactTime::nanosecondsFraction const): Deleted.
(JSC::ISO8601::ExactTime::asString const): Deleted.
(JSC::ISO8601::ExactTime::isValid const): Deleted.
(JSC::ISO8601::ExactTime::operator< const): Deleted.
(JSC::ISO8601::ExactTime::operator<= const): Deleted.
(JSC::ISO8601::ExactTime::operator== const): Deleted.
(JSC::ISO8601::ExactTime::operator!= const): Deleted.
(JSC::ISO8601::ExactTime::operator>= const): Deleted.
(JSC::ISO8601::ExactTime::operator> const): Deleted.
* runtime/TemporalPlainDate.cpp:
(JSC::toPlainDate):
== Rolled over to ChangeLog-2022-02-22 ==