nephele
/
haikuwebkit
1
0
Fork 0
Code Issues Releases Activity
haikuwebkit/Source/JavaScriptCore/bytecode/UnlinkedCodeBlock.cpp

320 lines
12 KiB
C++
Raw Permalink Normal View History

Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
/*
Implement a GC verifier. https://bugs.webkit.org/show_bug.cgi?id=217274 rdar://56255683 Reviewed by Filip Pizlo and Saam Barati. Source/JavaScriptCore: The idea behind the GC verifier is that in the GC End phase before we finalize and sweep, we'll do a simple stop the world synchronous full GC with the VerifierSlotVisitor. The VerifierSlotVisitor will collect it's own information on whether a JS cell should be marked or not. After this verifier GC pass, we'll compare the mark results. If the verifier GC says a cell should be marked, then the real GC should have marked the cell. The reverse is not true: if the verifier does not mark a cell, it is still OK for the real GC to mark it. For example, in an eden GC, all old generation cells would be considered mark by the real GC though the verifier would know better if they are already dead. Implementation details: 1. SlotVisitor (only used by the real GC) now inherits from a new abstract class, AbstractSlotVisitor. VerifierSlotVisitor (only used by the verifier GC) also inherits from AbstractSlotVisitor. 2. AbstractSlotVisitor declares many virtual methods. SlotVisitor implements some of these virtual methods as inline and final. If the client is invoking one these methods and knows that it will be operating on a SlotVisitor, the method being final allows it to be inlined into the client instead of going through the virtual dispatch. For the VerifierSlotVisitor, these methods will always be invoked by virtual dispatch via the AbstractSlotVisitor abstraction. 3. Almost all methods that takes a SlotVisitor previously (with a few exceptions) will now be templatized, and specialized to either take a SlotVisitor or an AbstractSlotVisitor. The cell MethodTable will now have 2 versions of visitChildren and visitOutputConstraints: one for SlotVisitor, and one for AbstractSlotVisitor. The reason we don't wire the 2nd version to VerifierSlotVisitor (instead of AbstractSlotVisitor) is because we don't need the GC verifier to run at top speed (though we don't want it to be too slow). Also, having hooks for using an AbstractSlotVisitor gives us more utility for implementing other types of GC checkers / analyzers in the future as subclasses of AbstractSlotVisitor. 4. Some minority of methods that used to take a SlotVisitor but are not critical to performance, will now just take an AbstractSlotVisitor instead. For example, see TypeProfilerLog::visit(). 5. isReachableFromOpaqueRoots() methods will also only take an AbstractSlotVisitor. The reason this is OK is because isReachableFromOpaqueRoots() only uses the visitor's addOpaqueRoot() and containsOpaqueRoot() methods, which are implemented in the AbstractSlotVisitor itself. For SlotVisitor, the m_opaqueRoot field will reference Heap::m_opaqueRoots. For VerifierSlotVisitor, the m_opaqueRoot field will reference its own opaque roots storage. This implementation of addOpaqueRoot() is perf neutral for SlotVisitor because where it would previously invoke m_heap.m_opaqueRoots.add(), it will now invoke m_opaqueRoot.add() instead where m_opaqueRoot points to m_heap.m_opaqueRoots. Ditto for AbstractSlotVisitor::containsOpaqueRoot(). 6. When reifying a templatized visit method, we do it in 2 ways: a. Implement the template method as an ALWAYS_INLINE Impl method, and have 2 visit methods (taking a SlotVisitor and an AbstractSlotVisitor respectively) inline the Impl method. For example, see JSObject::visitChildrenImpl(). b. Just templatize the visit method, and explicitly instantiate it with a SlotVisitor and an AbstractSlotVisitor. For example, see DesiredTransition::visitChildren(). The reason we need form (a) is if: i. we need to export the visit methods. For example, see JSObject:visitChildren(). Note: A Clang engineer told me that "there's no way to export an explicit instantiation that will make it a strong symbol." This is because "C++ does not provide any standard way to guarantee that an explicit instantiation is unique, and Clang hasn't added any extension to do so." ii. the visit method is an override of a virtual method. For example, see DFG::Scannable::visitChildren() and DFG::Graph::visitChildren(). Otherwise, we'll prefer form (b) as it is natural C++. 7. Because templatizing all the visit methods requires a lot of boiler plate code, we introduce some macros in SlotVisitorMacros.h to reduce some of the boiler plate burden. We especially try to do this for methods of form (a) (see (6) above) which require more boiler plate. 8. The driver of the real GC is MarkingConstraintSet::executeConvergence() which runs with the MarkingConstraintSolver. The driver of the verifier GC is Heap::verifyGC(), which has a loop to drain marked objects and execute contraints. 9. The GC verifier is built in by default but disabled. The relevant options are: JSC_verifyGC and JSC_verboseVerifyGC. JSC_verifyGC will enable the GC verifier. If JSC_verifyGC is true and the verifier finds a cell that is erroneously not marked by the real GC, it will dump an error message and then crash with a RELEASE_ASSERT. JSC_verboseVerifyGC will enable the GC verifier along with some more heavy weight record keeping (i.e. tracking the parent / owner cell that marked a cell, and capturing the call stack when the marked cell is appended to the mark stack). If JSC_verboseVerifyGC is true and the verifier finds a cell that is erroneously not marked by the real GC, it will dump the parent cell and captured stack along with an error message before crashing. This extra information provides the starting point for debugging GC bugs found by the verifier. Enabling JSC_verboseVerifyGC will automatically enable JSC_verifyGC. 10. Non-determinism in the real GC. The GC verifier's algorithm relies on the real GC being deterministic. However, there are a few places where this is not true: a. Marking conservative roots on the mutator stacks. By the time the verifier GC runs (in the GC End phase), the mutator stacks will look completely different than what the real GC saw. To work around this, if the verifier is enabled, then every conservative root captured by the real GC will also be added to the verifier's mark stack. When running verifyGC() in the End phase, the conservative root scans will be treated as no-ops. b. CodeBlock::shouldJettisonDueToOldAge() may return a different value. This is possible because the codeBlock may be in mid compilation while the real GC is in progress. CodeBlock::shouldVisitStrongly() calls shouldJettisonDueToOldAge(), and may see an old LLInt codeBlock whose timeToLive has expired. As a result, shouldJettisonDueToOldAge() returns true and shouldVisitStrongly() will return false for the real GC, leading to it not marking the codeBlock. However, before the verifier GC gets to run, baseline compilation on the codeBlock may finish. As a baseline codeBlock now, it gets a longer time to live. As a result, when the verifier GC runs, shouldJettisonDueToOldAge() will return false, and shouldVisitStrongly() in turn returns true. This results in the verifier GC marking the codeBlock (and its children) when the real GC did not, which leads to a false error. This is not a real error because if the real GC did not mark the code block, it will simply get jettisoned, and can be reinstantiated when needed later. There's no GC bug here. However, we do need to work around this to prevent the false error for the GC verifier. The work around is to introduce a CodeBlock::m_visitChildrenSkippedDueToOldAge flag that records what the real GC decided in shouldJettisonDueToOldAge(). This allows the verifier GC to replay the same decision and get a consistent result. c. CodeBlock::propagateTransitions() will only do a best effort at visiting cells in ICs, etc. If a cell is not already strongly marked by the time CodeBlock::propagateTransitions() checks it, propagateTransitions() will not mark other cells that are reachable from it. Since the real GC does marking on concurrent threads, marking order is not deterministic. CodeBlock::propagateTransitions() may or may not see a cell as already marked by the time it runs. The verifier GC may mark some of these cells in a different order than the real GC. As a result, in the verifier GC, CodeBlock::propagateTransitions() may see a cell as marked (and therefore, visit its children) when it did not for the real GC. To work around this, we currently add a SuppressGCVerifierScope to CodeBlock::propagateTransitions() to pessimize the verifier, and assume that propagateTransitions() will mark nothing. SuppressGCVerifierScope is a blunt hammer that stops the verifier GC from analyzing all cells potentially reachable via CodeBlock::propagateTransitions(). In the future, it may be possible to refine this and track which cells were actually skipped over (like we did for shouldJettisonDueToOldAge()). However, this decision tracking needs to be done in the real GC, and can be very expensive in terms of performance. The shouldJettisonDueToOldAge() case is rare, and as such lends itself to this more fine grain tracking without hurting performance. The decisions made in CodeBlock::propagateTransitions() are not as rare, and hence, it would hurt performance if we did fine grain decision tracking there (at least or now). 11. Marking in the verifier GC. The real GC tracks cell marks using a Bitmap in the MarkedBlocks. The verifier GC keeps tracks of MarkedBlock cell marks using a Bitmap on the side, stashed away in a HashMap. To improve the verifier marking performance, we reserve a void* m_verifierMemo pointer in the MarkedBlock, which the verifier will employ to cache its MarkedBlockData for that MarkedBlock. This allows the verifier to get to its side Bitmap without having to do a HashMap look up for every cell. Size-wise, in the current 16K MarkBlocks, there is previously room for 1005.5 atoms after reserving space for the MarkedBlock::Footer. Since we can never allocate half an atom anyway, that .5 atom gives us the 8 bytes we need for the m_verifierMemo pointer, which we'll put in the MarkedBlock::Footer. With this patch, each MarkedBlock will now have exactly 1005 atoms available for allocation. I ran JetStream2 and Speedometer2 locally on a MacBookAir10,1, MacBookPro16,1, and a 12.9” 4th Gen iPad Pro. The benchmark results for these were all neutral. The design of the GC verifier is such that it incurs almost no additional runtime memory overhead if not in use. Code size does increase significantly because there are now 2 variants of most of the methods that take a SlotVisitor. When in use, the additional runtime memory is encapsulated in the VerifierSlotVisitor, which is instantiated and destructed every GC cycle. Hence, it can affect peak memory usage during GCs, but the cost is transient. It does not persist past the GC End phase. * API/JSAPIWrapperObject.h: * API/JSAPIWrapperObject.mm: (JSAPIWrapperObjectHandleOwner::isReachableFromOpaqueRoots): (JSC::JSAPIWrapperObject::visitChildrenImpl): (JSC::JSAPIWrapperObject::visitChildren): Deleted. * API/JSCallbackObject.cpp: * API/JSCallbackObject.h: (JSC::JSCallbackObjectData::visitChildren): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::visitChildren): (JSC::JSCallbackObject<Parent>::visitChildrenImpl): * API/JSManagedValue.mm: (JSManagedValueHandleOwner::isReachableFromOpaqueRoots): * API/JSMarkingConstraintPrivate.cpp: (JSC::isMarked): (JSContextGroupAddMarkingConstraint): * API/JSVirtualMachine.mm: (scanExternalObjectGraph): (scanExternalRememberedSet): * API/JSVirtualMachineInternal.h: * API/MarkedJSValueRefArray.cpp: (JSC::MarkedJSValueRefArray::visitAggregate): * API/MarkedJSValueRefArray.h: * API/glib/JSAPIWrapperGlobalObject.cpp: (JSC::JSAPIWrapperGlobalObject::visitChildren): Deleted. * API/glib/JSAPIWrapperGlobalObject.h: * API/glib/JSAPIWrapperObjectGLib.cpp: (JSAPIWrapperObjectHandleOwner::isReachableFromOpaqueRoots): (JSC::JSAPIWrapperObject::visitChildrenImpl): (JSC::JSAPIWrapperObject::visitChildren): Deleted. * CMakeLists.txt: * JavaScriptCore.xcodeproj/project.pbxproj: * Scripts/wkbuiltins/builtins_generate_internals_wrapper_header.py: (BuiltinsInternalsWrapperHeaderGenerator): * Scripts/wkbuiltins/builtins_generate_internals_wrapper_implementation.py: (BuiltinsInternalsWrapperImplementationGenerator.generate_visit_method): * Scripts/wkbuiltins/builtins_templates.py: * Sources.txt: * bytecode/AccessCase.cpp: (JSC::AccessCase::propagateTransitions const): (JSC::AccessCase::visitAggregateImpl const): (JSC::AccessCase::visitAggregate const): Deleted. * bytecode/AccessCase.h: * bytecode/ByValInfo.cpp: (JSC::ByValInfo::visitAggregateImpl): (JSC::ByValInfo::visitAggregate): Deleted. * bytecode/ByValInfo.h: * bytecode/CheckPrivateBrandStatus.cpp: (JSC::CheckPrivateBrandStatus::visitAggregateImpl): (JSC::CheckPrivateBrandStatus::markIfCheap): (JSC::CheckPrivateBrandStatus::visitAggregate): Deleted. * bytecode/CheckPrivateBrandStatus.h: * bytecode/CheckPrivateBrandVariant.cpp: (JSC::CheckPrivateBrandVariant::markIfCheap): (JSC::CheckPrivateBrandVariant::visitAggregateImpl): (JSC::CheckPrivateBrandVariant::visitAggregate): Deleted. * bytecode/CheckPrivateBrandVariant.h: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::visitChildrenImpl): (JSC::CodeBlock::visitChildren): (JSC::CodeBlock::shouldVisitStrongly): (JSC::CodeBlock::shouldJettisonDueToOldAge): (JSC::shouldMarkTransition): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::determineLiveness): (JSC::CodeBlock::finalizeUnconditionally): (JSC::CodeBlock::visitOSRExitTargets): (JSC::CodeBlock::stronglyVisitStrongReferences): (JSC::CodeBlock::stronglyVisitWeakReferences): * bytecode/CodeBlock.h: * bytecode/DeleteByIdVariant.cpp: (JSC::DeleteByIdVariant::visitAggregateImpl): (JSC::DeleteByIdVariant::markIfCheap): (JSC::DeleteByIdVariant::visitAggregate): Deleted. * bytecode/DeleteByIdVariant.h: * bytecode/DeleteByStatus.cpp: (JSC::DeleteByStatus::visitAggregateImpl): (JSC::DeleteByStatus::markIfCheap): (JSC::DeleteByStatus::visitAggregate): Deleted. * bytecode/DeleteByStatus.h: * bytecode/DirectEvalCodeCache.cpp: (JSC::DirectEvalCodeCache::visitAggregateImpl): (JSC::DirectEvalCodeCache::visitAggregate): Deleted. * bytecode/DirectEvalCodeCache.h: * bytecode/ExecutableToCodeBlockEdge.cpp: (JSC::ExecutableToCodeBlockEdge::visitChildrenImpl): (JSC::ExecutableToCodeBlockEdge::visitOutputConstraintsImpl): (JSC::ExecutableToCodeBlockEdge::runConstraint): (JSC::ExecutableToCodeBlockEdge::visitChildren): Deleted. (JSC::ExecutableToCodeBlockEdge::visitOutputConstraints): Deleted. * bytecode/ExecutableToCodeBlockEdge.h: * bytecode/GetByIdVariant.cpp: (JSC::GetByIdVariant::visitAggregateImpl): (JSC::GetByIdVariant::markIfCheap): (JSC::GetByIdVariant::visitAggregate): Deleted. * bytecode/GetByIdVariant.h: * bytecode/GetByStatus.cpp: (JSC::GetByStatus::visitAggregateImpl): (JSC::GetByStatus::markIfCheap): (JSC::GetByStatus::visitAggregate): Deleted. * bytecode/GetByStatus.h: * bytecode/InByIdStatus.cpp: (JSC::InByIdStatus::markIfCheap): * bytecode/InByIdStatus.h: * bytecode/InByIdVariant.cpp: (JSC::InByIdVariant::markIfCheap): * bytecode/InByIdVariant.h: * bytecode/InternalFunctionAllocationProfile.h: (JSC::InternalFunctionAllocationProfile::visitAggregate): * bytecode/ObjectAllocationProfile.h: (JSC::ObjectAllocationProfileBase::visitAggregate): (JSC::ObjectAllocationProfileWithPrototype::visitAggregate): * bytecode/PolymorphicAccess.cpp: (JSC::PolymorphicAccess::propagateTransitions const): (JSC::PolymorphicAccess::visitAggregateImpl): (JSC::PolymorphicAccess::visitAggregate): Deleted. * bytecode/PolymorphicAccess.h: * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::markIfCheap): * bytecode/PutByIdStatus.h: * bytecode/PutByIdVariant.cpp: (JSC::PutByIdVariant::markIfCheap): * bytecode/PutByIdVariant.h: * bytecode/RecordedStatuses.cpp: (JSC::RecordedStatuses::visitAggregateImpl): (JSC::RecordedStatuses::markIfCheap): (JSC::RecordedStatuses::visitAggregate): Deleted. * bytecode/RecordedStatuses.h: * bytecode/SetPrivateBrandStatus.cpp: (JSC::SetPrivateBrandStatus::visitAggregateImpl): (JSC::SetPrivateBrandStatus::markIfCheap): (JSC::SetPrivateBrandStatus::visitAggregate): Deleted. * bytecode/SetPrivateBrandStatus.h: * bytecode/SetPrivateBrandVariant.cpp: (JSC::SetPrivateBrandVariant::markIfCheap): (JSC::SetPrivateBrandVariant::visitAggregateImpl): (JSC::SetPrivateBrandVariant::visitAggregate): Deleted. * bytecode/SetPrivateBrandVariant.h: * bytecode/StructureSet.cpp: (JSC::StructureSet::markIfCheap const): * bytecode/StructureSet.h: * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::visitAggregateImpl): (JSC::StructureStubInfo::propagateTransitions): (JSC::StructureStubInfo::visitAggregate): Deleted. * bytecode/StructureStubInfo.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::visitChildrenImpl): (JSC::UnlinkedCodeBlock::visitChildren): Deleted. * bytecode/UnlinkedCodeBlock.h: * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::UnlinkedFunctionExecutable::visitChildrenImpl): (JSC::UnlinkedFunctionExecutable::visitChildren): Deleted. * bytecode/UnlinkedFunctionExecutable.h: * debugger/DebuggerScope.cpp: (JSC::DebuggerScope::visitChildrenImpl): (JSC::DebuggerScope::visitChildren): Deleted. * debugger/DebuggerScope.h: * dfg/DFGDesiredTransitions.cpp: (JSC::DFG::DesiredTransition::visitChildren): (JSC::DFG::DesiredTransitions::visitChildren): * dfg/DFGDesiredTransitions.h: * dfg/DFGDesiredWeakReferences.cpp: (JSC::DFG::DesiredWeakReferences::visitChildren): * dfg/DFGDesiredWeakReferences.h: * dfg/DFGGraph.cpp: (JSC::DFG::Graph::visitChildrenImpl): (JSC::DFG::Graph::visitChildren): * dfg/DFGGraph.h: * dfg/DFGPlan.cpp: (JSC::DFG::Plan::checkLivenessAndVisitChildren): (JSC::DFG::Plan::isKnownToBeLiveDuringGC): (JSC::DFG::Plan::isKnownToBeLiveAfterGC): * dfg/DFGPlan.h: * dfg/DFGPlanInlines.h: (JSC::DFG::Plan::iterateCodeBlocksForGC): * dfg/DFGSafepoint.cpp: (JSC::DFG::Safepoint::checkLivenessAndVisitChildren): (JSC::DFG::Safepoint::isKnownToBeLiveDuringGC): (JSC::DFG::Safepoint::isKnownToBeLiveAfterGC): * dfg/DFGSafepoint.h: * dfg/DFGScannable.h: * dfg/DFGWorklist.cpp: (JSC::DFG::Worklist::visitWeakReferences): (JSC::DFG::Worklist::removeDeadPlans): * dfg/DFGWorklist.h: * dfg/DFGWorklistInlines.h: (JSC::DFG::iterateCodeBlocksForGC): (JSC::DFG::Worklist::iterateCodeBlocksForGC): * heap/AbstractSlotVisitor.h: Added. (JSC::AbstractSlotVisitor::Context::cell const): (JSC::AbstractSlotVisitor::SuppressGCVerifierScope::SuppressGCVerifierScope): (JSC::AbstractSlotVisitor::SuppressGCVerifierScope::~SuppressGCVerifierScope): (JSC::AbstractSlotVisitor::DefaultMarkingViolationAssertionScope::DefaultMarkingViolationAssertionScope): (JSC::AbstractSlotVisitor::collectorMarkStack): (JSC::AbstractSlotVisitor::mutatorMarkStack): (JSC::AbstractSlotVisitor::collectorMarkStack const): (JSC::AbstractSlotVisitor::mutatorMarkStack const): (JSC::AbstractSlotVisitor::isEmpty): (JSC::AbstractSlotVisitor::setIgnoreNewOpaqueRoots): (JSC::AbstractSlotVisitor::visitCount const): (JSC::AbstractSlotVisitor::addToVisitCount): (JSC::AbstractSlotVisitor::rootMarkReason const): (JSC::AbstractSlotVisitor::setRootMarkReason): (JSC::AbstractSlotVisitor::didRace): (JSC::AbstractSlotVisitor::codeName const): (JSC::SetRootMarkReasonScope::SetRootMarkReasonScope): (JSC::SetRootMarkReasonScope::~SetRootMarkReasonScope): * heap/AbstractSlotVisitorInlines.h: Added. (JSC::AbstractSlotVisitor::Context::Context): (JSC::AbstractSlotVisitor::Context::~Context): (JSC::AbstractSlotVisitor::AbstractSlotVisitor): (JSC::AbstractSlotVisitor::heap const): (JSC::AbstractSlotVisitor::vm): (JSC::AbstractSlotVisitor::vm const): (JSC::AbstractSlotVisitor::addOpaqueRoot): (JSC::AbstractSlotVisitor::containsOpaqueRoot const): (JSC::AbstractSlotVisitor::append): (JSC::AbstractSlotVisitor::appendHidden): (JSC::AbstractSlotVisitor::appendHiddenUnbarriered): (JSC::AbstractSlotVisitor::appendValues): (JSC::AbstractSlotVisitor::appendValuesHidden): (JSC::AbstractSlotVisitor::appendUnbarriered): (JSC::AbstractSlotVisitor::parentCell const): (JSC::AbstractSlotVisitor::reset): * heap/HandleSet.cpp: (JSC::HandleSet::visitStrongHandles): * heap/HandleSet.h: * heap/Heap.cpp: (JSC::Heap::iterateExecutingAndCompilingCodeBlocks): (JSC::Heap::iterateExecutingAndCompilingCodeBlocksWithoutHoldingLocks): (JSC::Heap::runEndPhase): (JSC::Heap::willStartCollection): (JSC::scanExternalRememberedSet): (JSC::serviceSamplingProfiler): (JSC::Heap::addCoreConstraints): (JSC::Heap::verifyGC): (JSC::Heap::isAnalyzingHeap const): Deleted. * heap/Heap.h: (JSC::Heap::isMarkingForGCVerifier const): (JSC::Heap::numOpaqueRoots const): Deleted. * heap/HeapInlines.h: (JSC::Heap::isMarked): * heap/HeapProfiler.cpp: (JSC::HeapProfiler::setActiveHeapAnalyzer): * heap/IsoCellSet.h: * heap/IsoCellSetInlines.h: (JSC::IsoCellSet::forEachMarkedCellInParallel): * heap/JITStubRoutineSet.cpp: (JSC::JITStubRoutineSet::traceMarkedStubRoutines): * heap/JITStubRoutineSet.h: (JSC::JITStubRoutineSet::traceMarkedStubRoutines): * heap/MarkStackMergingConstraint.cpp: (JSC::MarkStackMergingConstraint::prepareToExecuteImpl): (JSC::MarkStackMergingConstraint::executeImplImpl): (JSC::MarkStackMergingConstraint::executeImpl): * heap/MarkStackMergingConstraint.h: * heap/MarkedBlock.h: (JSC::MarkedBlock::Handle::atomAt const): (JSC::MarkedBlock::setVerifierMemo): (JSC::MarkedBlock::verifierMemo const): * heap/MarkedSpace.cpp: (JSC::MarkedSpace::visitWeakSets): * heap/MarkedSpace.h: * heap/MarkingConstraint.cpp: (JSC::MarkingConstraint::execute): (JSC::MarkingConstraint::executeSynchronously): (JSC::MarkingConstraint::prepareToExecute): (JSC::MarkingConstraint::doParallelWork): (JSC::MarkingConstraint::prepareToExecuteImpl): * heap/MarkingConstraint.h: * heap/MarkingConstraintExecutorPair.h: Added. (JSC::MarkingConstraintExecutorPair::MarkingConstraintExecutorPair): (JSC::MarkingConstraintExecutorPair::execute): * heap/MarkingConstraintSet.cpp: (JSC::MarkingConstraintSet::add): (JSC::MarkingConstraintSet::executeAllSynchronously): (JSC::MarkingConstraintSet::executeAll): Deleted. * heap/MarkingConstraintSet.h: (JSC::MarkingConstraintSet::add): * heap/MarkingConstraintSolver.cpp: * heap/MarkingConstraintSolver.h: * heap/SimpleMarkingConstraint.cpp: (JSC::SimpleMarkingConstraint::SimpleMarkingConstraint): (JSC::SimpleMarkingConstraint::executeImplImpl): (JSC::SimpleMarkingConstraint::executeImpl): * heap/SimpleMarkingConstraint.h: * heap/SlotVisitor.cpp: (JSC::SlotVisitor::SlotVisitor): (JSC::SlotVisitor::reset): (JSC::SlotVisitor::appendSlow): (JSC::SlotVisitor::addParallelConstraintTask): * heap/SlotVisitor.h: (JSC::SlotVisitor::collectorMarkStack): Deleted. (JSC::SlotVisitor::mutatorMarkStack): Deleted. (JSC::SlotVisitor::collectorMarkStack const): Deleted. (JSC::SlotVisitor::mutatorMarkStack const): Deleted. (JSC::SlotVisitor::isEmpty): Deleted. (JSC::SlotVisitor::isFirstVisit const): Deleted. (JSC::SlotVisitor::bytesVisited const): Deleted. (JSC::SlotVisitor::visitCount const): Deleted. (JSC::SlotVisitor::addToVisitCount): Deleted. (JSC::SlotVisitor::isAnalyzingHeap const): Deleted. (JSC::SlotVisitor::heapAnalyzer const): Deleted. (JSC::SlotVisitor::rootMarkReason const): Deleted. (JSC::SlotVisitor::setRootMarkReason): Deleted. (JSC::SlotVisitor::markingVersion const): Deleted. (JSC::SlotVisitor::mutatorIsStopped const): Deleted. (JSC::SlotVisitor::rightToRun): Deleted. (JSC::SlotVisitor::didRace): Deleted. (JSC::SlotVisitor::setIgnoreNewOpaqueRoots): Deleted. (JSC::SlotVisitor::codeName const): Deleted. (JSC::SetRootMarkReasonScope::SetRootMarkReasonScope): Deleted. (JSC::SetRootMarkReasonScope::~SetRootMarkReasonScope): Deleted. * heap/SlotVisitorInlines.h: (JSC::SlotVisitor::isMarked const): (JSC::SlotVisitor::addOpaqueRoot): Deleted. (JSC::SlotVisitor::containsOpaqueRoot const): Deleted. (JSC::SlotVisitor::heap const): Deleted. (JSC::SlotVisitor::vm): Deleted. (JSC::SlotVisitor::vm const): Deleted. * heap/SlotVisitorMacros.h: Added. * heap/Subspace.h: * heap/SubspaceInlines.h: (JSC::Subspace::forEachMarkedCellInParallel): * heap/VerifierSlotVisitor.cpp: Added. (JSC::MarkerData::MarkerData): (JSC::VerifierSlotVisitor::MarkedBlockData::MarkedBlockData): (JSC::VerifierSlotVisitor::MarkedBlockData::addMarkerData): (JSC::VerifierSlotVisitor::MarkedBlockData::markerData const): (JSC::VerifierSlotVisitor::PreciseAllocationData::PreciseAllocationData): (JSC::VerifierSlotVisitor::PreciseAllocationData::markerData const): (JSC::VerifierSlotVisitor::PreciseAllocationData::addMarkerData): (JSC::VerifierSlotVisitor::VerifierSlotVisitor): (JSC::VerifierSlotVisitor::~VerifierSlotVisitor): (JSC::VerifierSlotVisitor::addParallelConstraintTask): (JSC::VerifierSlotVisitor::executeConstraintTasks): (JSC::VerifierSlotVisitor::append): (JSC::VerifierSlotVisitor::appendToMarkStack): (JSC::VerifierSlotVisitor::appendUnbarriered): (JSC::VerifierSlotVisitor::appendHiddenUnbarriered): (JSC::VerifierSlotVisitor::drain): (JSC::VerifierSlotVisitor::dumpMarkerData): (JSC::VerifierSlotVisitor::isFirstVisit const): (JSC::VerifierSlotVisitor::isMarked const): (JSC::VerifierSlotVisitor::markAuxiliary): (JSC::VerifierSlotVisitor::mutatorIsStopped const): (JSC::VerifierSlotVisitor::testAndSetMarked): (JSC::VerifierSlotVisitor::setMarkedAndAppendToMarkStack): (JSC::VerifierSlotVisitor::visitAsConstraint): (JSC::VerifierSlotVisitor::visitChildren): * heap/VerifierSlotVisitor.h: Added. (JSC::VerifierSlotVisitor::MarkedBlockData::block const): (JSC::VerifierSlotVisitor::MarkedBlockData::atoms const): (JSC::VerifierSlotVisitor::MarkedBlockData::isMarked): (JSC::VerifierSlotVisitor::MarkedBlockData::testAndSetMarked): (JSC::VerifierSlotVisitor::PreciseAllocationData::allocation const): (JSC::VerifierSlotVisitor::appendSlow): * heap/VerifierSlotVisitorInlines.h: Added. (JSC::VerifierSlotVisitor::forEachLiveCell): (JSC::VerifierSlotVisitor::forEachLivePreciseAllocation): (JSC::VerifierSlotVisitor::forEachLiveMarkedBlockCell): * heap/VisitCounter.h: (JSC::VisitCounter::VisitCounter): (JSC::VisitCounter::visitor const): * heap/WeakBlock.cpp: (JSC::WeakBlock::specializedVisit): (JSC::WeakBlock::visitImpl): (JSC::WeakBlock::visit): * heap/WeakBlock.h: * heap/WeakHandleOwner.cpp: (JSC::WeakHandleOwner::isReachableFromOpaqueRoots): * heap/WeakHandleOwner.h: * heap/WeakSet.cpp: * heap/WeakSet.h: (JSC::WeakSet::visit): * interpreter/ShadowChicken.cpp: (JSC::ShadowChicken::visitChildren): * interpreter/ShadowChicken.h: * jit/GCAwareJITStubRoutine.cpp: (JSC::MarkingGCAwareJITStubRoutine::markRequiredObjectsInternalImpl): (JSC::MarkingGCAwareJITStubRoutine::markRequiredObjectsInternal): (JSC::GCAwareJITStubRoutine::markRequiredObjectsInternal): Deleted. * jit/GCAwareJITStubRoutine.h: (JSC::GCAwareJITStubRoutine::markRequiredObjects): (JSC::GCAwareJITStubRoutine::markRequiredObjectsInternal): * jit/JITWorklist.cpp: * jit/PolymorphicCallStubRoutine.cpp: (JSC::PolymorphicCallStubRoutine::markRequiredObjectsInternalImpl): (JSC::PolymorphicCallStubRoutine::markRequiredObjectsInternal): * jit/PolymorphicCallStubRoutine.h: * runtime/AbstractModuleRecord.cpp: (JSC::AbstractModuleRecord::visitChildrenImpl): (JSC::AbstractModuleRecord::visitChildren): Deleted. * runtime/AbstractModuleRecord.h: * runtime/ArgList.cpp: (JSC::MarkedArgumentBuffer::markLists): * runtime/ArgList.h: * runtime/CacheableIdentifier.h: * runtime/CacheableIdentifierInlines.h: (JSC::CacheableIdentifier::visitAggregate const): * runtime/ClassInfo.h: (JSC::MethodTable::visitChildren const): (JSC::MethodTable::visitOutputConstraints const): * runtime/ClonedArguments.cpp: (JSC::ClonedArguments::visitChildrenImpl): (JSC::ClonedArguments::visitChildren): Deleted. * runtime/ClonedArguments.h: * runtime/DirectArguments.cpp: (JSC::DirectArguments::visitChildrenImpl): (JSC::DirectArguments::visitChildren): Deleted. * runtime/DirectArguments.h: * runtime/EvalExecutable.cpp: (JSC::EvalExecutable::visitChildrenImpl): (JSC::EvalExecutable::visitChildren): Deleted. * runtime/EvalExecutable.h: * runtime/Exception.cpp: (JSC::Exception::visitChildrenImpl): (JSC::Exception::visitChildren): Deleted. * runtime/Exception.h: * runtime/FunctionExecutable.cpp: (JSC::FunctionExecutable::visitChildrenImpl): (JSC::FunctionExecutable::visitChildren): Deleted. * runtime/FunctionExecutable.h: * runtime/FunctionRareData.cpp: (JSC::FunctionRareData::visitChildrenImpl): (JSC::FunctionRareData::visitChildren): Deleted. * runtime/FunctionRareData.h: * runtime/GenericArguments.h: * runtime/GenericArgumentsInlines.h: (JSC::GenericArguments<Type>::visitChildrenImpl): (JSC::GenericArguments<Type>::visitChildren): Deleted. * runtime/GetterSetter.cpp: (JSC::GetterSetter::visitChildrenImpl): (JSC::GetterSetter::visitChildren): Deleted. * runtime/GetterSetter.h: * runtime/HashMapImpl.cpp: (JSC::HashMapBucket<Data>::visitChildrenImpl): (JSC::HashMapImpl<HashMapBucket>::visitChildrenImpl): (JSC::HashMapBucket<Data>::visitChildren): Deleted. (JSC::HashMapImpl<HashMapBucket>::visitChildren): Deleted. * runtime/HashMapImpl.h: * runtime/InternalFunction.cpp: (JSC::InternalFunction::visitChildrenImpl): (JSC::InternalFunction::visitChildren): Deleted. * runtime/InternalFunction.h: * runtime/IntlCollator.cpp: (JSC::IntlCollator::visitChildrenImpl): (JSC::IntlCollator::visitChildren): Deleted. * runtime/IntlCollator.h: * runtime/IntlDateTimeFormat.cpp: (JSC::IntlDateTimeFormat::visitChildrenImpl): (JSC::IntlDateTimeFormat::visitChildren): Deleted. * runtime/IntlDateTimeFormat.h: * runtime/IntlLocale.cpp: (JSC::IntlLocale::visitChildrenImpl): (JSC::IntlLocale::visitChildren): Deleted. * runtime/IntlLocale.h: * runtime/IntlNumberFormat.cpp: (JSC::IntlNumberFormat::visitChildrenImpl): (JSC::IntlNumberFormat::visitChildren): Deleted. * runtime/IntlNumberFormat.h: * runtime/IntlPluralRules.cpp: (JSC::IntlPluralRules::visitChildrenImpl): (JSC::IntlPluralRules::visitChildren): Deleted. * runtime/IntlPluralRules.h: * runtime/IntlRelativeTimeFormat.cpp: (JSC::IntlRelativeTimeFormat::visitChildrenImpl): (JSC::IntlRelativeTimeFormat::visitChildren): Deleted. * runtime/IntlRelativeTimeFormat.h: * runtime/IntlSegmentIterator.cpp: (JSC::IntlSegmentIterator::visitChildrenImpl): (JSC::IntlSegmentIterator::visitChildren): Deleted. * runtime/IntlSegmentIterator.h: * runtime/IntlSegments.cpp: (JSC::IntlSegments::visitChildrenImpl): (JSC::IntlSegments::visitChildren): Deleted. * runtime/IntlSegments.h: * runtime/JSArrayBufferView.cpp: (JSC::JSArrayBufferView::visitChildrenImpl): (JSC::JSArrayBufferView::visitChildren): Deleted. * runtime/JSArrayBufferView.h: * runtime/JSArrayIterator.cpp: (JSC::JSArrayIterator::visitChildrenImpl): (JSC::JSArrayIterator::visitChildren): Deleted. * runtime/JSArrayIterator.h: * runtime/JSAsyncGenerator.cpp: (JSC::JSAsyncGenerator::visitChildrenImpl): (JSC::JSAsyncGenerator::visitChildren): Deleted. * runtime/JSAsyncGenerator.h: * runtime/JSBigInt.cpp: (JSC::JSBigInt::visitChildrenImpl): (JSC::JSBigInt::visitChildren): Deleted. * runtime/JSBigInt.h: * runtime/JSBoundFunction.cpp: (JSC::JSBoundFunction::visitChildrenImpl): (JSC::JSBoundFunction::visitChildren): Deleted. * runtime/JSBoundFunction.h: * runtime/JSCallee.cpp: (JSC::JSCallee::visitChildrenImpl): (JSC::JSCallee::visitChildren): Deleted. * runtime/JSCallee.h: * runtime/JSCell.h: * runtime/JSCellInlines.h: (JSC::JSCell::visitChildrenImpl): (JSC::JSCell::visitOutputConstraintsImpl): (JSC::JSCell::visitChildren): Deleted. (JSC::JSCell::visitOutputConstraints): Deleted. * runtime/JSFinalizationRegistry.cpp: (JSC::JSFinalizationRegistry::visitChildrenImpl): (JSC::JSFinalizationRegistry::visitChildren): Deleted. * runtime/JSFinalizationRegistry.h: * runtime/JSFunction.cpp: (JSC::JSFunction::visitChildrenImpl): (JSC::JSFunction::visitChildren): Deleted. * runtime/JSFunction.h: * runtime/JSGenerator.cpp: (JSC::JSGenerator::visitChildrenImpl): (JSC::JSGenerator::visitChildren): Deleted. * runtime/JSGenerator.h: * runtime/JSGenericTypedArrayView.h: * runtime/JSGenericTypedArrayViewInlines.h: (JSC::JSGenericTypedArrayView<Adaptor>::visitChildrenImpl): (JSC::JSGenericTypedArrayView<Adaptor>::visitChildren): Deleted. * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::visitChildrenImpl): (JSC::JSGlobalObject::visitChildren): Deleted. * runtime/JSGlobalObject.h: * runtime/JSImmutableButterfly.cpp: (JSC::JSImmutableButterfly::visitChildrenImpl): (JSC::JSImmutableButterfly::visitChildren): Deleted. * runtime/JSImmutableButterfly.h: * runtime/JSInternalFieldObjectImpl.h: * runtime/JSInternalFieldObjectImplInlines.h: (JSC::JSInternalFieldObjectImpl<passedNumberOfInternalFields>::visitChildrenImpl): (JSC::JSInternalFieldObjectImpl<passedNumberOfInternalFields>::visitChildren): Deleted. * runtime/JSLexicalEnvironment.cpp: (JSC::JSLexicalEnvironment::visitChildrenImpl): (JSC::JSLexicalEnvironment::visitChildren): Deleted. * runtime/JSLexicalEnvironment.h: * runtime/JSMapIterator.cpp: (JSC::JSMapIterator::visitChildrenImpl): (JSC::JSMapIterator::visitChildren): Deleted. * runtime/JSMapIterator.h: * runtime/JSModuleEnvironment.cpp: (JSC::JSModuleEnvironment::visitChildrenImpl): (JSC::JSModuleEnvironment::visitChildren): Deleted. * runtime/JSModuleEnvironment.h: * runtime/JSModuleNamespaceObject.cpp: (JSC::JSModuleNamespaceObject::visitChildrenImpl): (JSC::JSModuleNamespaceObject::visitChildren): Deleted. * runtime/JSModuleNamespaceObject.h: * runtime/JSModuleRecord.cpp: (JSC::JSModuleRecord::visitChildrenImpl): (JSC::JSModuleRecord::visitChildren): Deleted. * runtime/JSModuleRecord.h: * runtime/JSNativeStdFunction.cpp: (JSC::JSNativeStdFunction::visitChildrenImpl): (JSC::JSNativeStdFunction::visitChildren): Deleted. * runtime/JSNativeStdFunction.h: * runtime/JSObject.cpp: (JSC::JSObject::markAuxiliaryAndVisitOutOfLineProperties): (JSC::JSObject::visitButterfly): (JSC::JSObject::visitButterflyImpl): (JSC::JSObject::visitChildrenImpl): (JSC::JSFinalObject::visitChildrenImpl): (JSC::JSObject::visitChildren): Deleted. (JSC::JSFinalObject::visitChildren): Deleted. * runtime/JSObject.h: * runtime/JSPromise.cpp: (JSC::JSPromise::visitChildrenImpl): (JSC::JSPromise::visitChildren): Deleted. * runtime/JSPromise.h: * runtime/JSPropertyNameEnumerator.cpp: (JSC::JSPropertyNameEnumerator::visitChildrenImpl): (JSC::JSPropertyNameEnumerator::visitChildren): Deleted. * runtime/JSPropertyNameEnumerator.h: * runtime/JSProxy.cpp: (JSC::JSProxy::visitChildrenImpl): (JSC::JSProxy::visitChildren): Deleted. * runtime/JSProxy.h: * runtime/JSScope.cpp: (JSC::JSScope::visitChildrenImpl): (JSC::JSScope::visitChildren): Deleted. * runtime/JSScope.h: * runtime/JSSegmentedVariableObject.cpp: (JSC::JSSegmentedVariableObject::visitChildrenImpl): (JSC::JSSegmentedVariableObject::visitChildren): Deleted. * runtime/JSSegmentedVariableObject.h: * runtime/JSSetIterator.cpp: (JSC::JSSetIterator::visitChildrenImpl): (JSC::JSSetIterator::visitChildren): Deleted. * runtime/JSSetIterator.h: * runtime/JSString.cpp: (JSC::JSString::visitChildrenImpl): (JSC::JSString::visitChildren): Deleted. * runtime/JSString.h: * runtime/JSStringIterator.cpp: (JSC::JSStringIterator::visitChildrenImpl): (JSC::JSStringIterator::visitChildren): Deleted. * runtime/JSStringIterator.h: * runtime/JSSymbolTableObject.cpp: (JSC::JSSymbolTableObject::visitChildrenImpl): (JSC::JSSymbolTableObject::visitChildren): Deleted. * runtime/JSSymbolTableObject.h: * runtime/JSWeakObjectRef.cpp: (JSC::JSWeakObjectRef::visitChildrenImpl): (JSC::JSWeakObjectRef::visitChildren): Deleted. * runtime/JSWeakObjectRef.h: * runtime/JSWithScope.cpp: (JSC::JSWithScope::visitChildrenImpl): (JSC::JSWithScope::visitChildren): Deleted. * runtime/JSWithScope.h: * runtime/JSWrapperObject.cpp: (JSC::JSWrapperObject::visitChildrenImpl): (JSC::JSWrapperObject::visitChildren): Deleted. * runtime/JSWrapperObject.h: * runtime/LazyClassStructure.cpp: (JSC::LazyClassStructure::visit): * runtime/LazyClassStructure.h: * runtime/LazyProperty.h: * runtime/LazyPropertyInlines.h: (JSC::ElementType>::visit): * runtime/ModuleProgramExecutable.cpp: (JSC::ModuleProgramExecutable::visitChildrenImpl): (JSC::ModuleProgramExecutable::visitChildren): Deleted. * runtime/ModuleProgramExecutable.h: * runtime/Options.cpp: (JSC::Options::recomputeDependentOptions): * runtime/OptionsList.h: * runtime/ProgramExecutable.cpp: (JSC::ProgramExecutable::visitChildrenImpl): (JSC::ProgramExecutable::visitChildren): Deleted. * runtime/ProgramExecutable.h: * runtime/PropertyMapHashTable.h: * runtime/PropertyTable.cpp: (JSC::PropertyTable::visitChildrenImpl): (JSC::PropertyTable::visitChildren): Deleted. * runtime/ProxyObject.cpp: (JSC::ProxyObject::visitChildrenImpl): (JSC::ProxyObject::visitChildren): Deleted. * runtime/ProxyObject.h: * runtime/ProxyRevoke.cpp: (JSC::ProxyRevoke::visitChildrenImpl): (JSC::ProxyRevoke::visitChildren): Deleted. * runtime/ProxyRevoke.h: * runtime/RegExpCachedResult.cpp: (JSC::RegExpCachedResult::visitAggregateImpl): (JSC::RegExpCachedResult::visitAggregate): Deleted. * runtime/RegExpCachedResult.h: * runtime/RegExpGlobalData.cpp: (JSC::RegExpGlobalData::visitAggregateImpl): (JSC::RegExpGlobalData::visitAggregate): Deleted. * runtime/RegExpGlobalData.h: * runtime/RegExpObject.cpp: (JSC::RegExpObject::visitChildrenImpl): (JSC::RegExpObject::visitChildren): Deleted. * runtime/RegExpObject.h: * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::visit): * runtime/SamplingProfiler.h: * runtime/ScopedArguments.cpp: (JSC::ScopedArguments::visitChildrenImpl): (JSC::ScopedArguments::visitChildren): Deleted. * runtime/ScopedArguments.h: * runtime/SimpleTypedArrayController.cpp: (JSC::SimpleTypedArrayController::JSArrayBufferOwner::isReachableFromOpaqueRoots): * runtime/SimpleTypedArrayController.h: * runtime/SmallStrings.cpp: (JSC::SmallStrings::visitStrongReferences): * runtime/SmallStrings.h: * runtime/SparseArrayValueMap.cpp: (JSC::SparseArrayValueMap::visitChildrenImpl): (JSC::SparseArrayValueMap::visitChildren): Deleted. * runtime/SparseArrayValueMap.h: * runtime/StackFrame.cpp: (JSC::StackFrame::visitChildren): Deleted. * runtime/StackFrame.h: (JSC::StackFrame::visitChildren): * runtime/Structure.cpp: (JSC::Structure::visitChildrenImpl): (JSC::Structure::isCheapDuringGC): (JSC::Structure::markIfCheap): (JSC::Structure::visitChildren): Deleted. * runtime/Structure.h: * runtime/StructureChain.cpp: (JSC::StructureChain::visitChildrenImpl): (JSC::StructureChain::visitChildren): Deleted. * runtime/StructureChain.h: * runtime/StructureRareData.cpp: (JSC::StructureRareData::visitChildrenImpl): (JSC::StructureRareData::visitChildren): Deleted. * runtime/StructureRareData.h: * runtime/SymbolTable.cpp: (JSC::SymbolTable::visitChildrenImpl): (JSC::SymbolTable::visitChildren): Deleted. * runtime/SymbolTable.h: * runtime/TypeProfilerLog.cpp: (JSC::TypeProfilerLog::visit): * runtime/TypeProfilerLog.h: * runtime/VM.h: (JSC::VM::isAnalyzingHeap const): (JSC::VM::activeHeapAnalyzer const): (JSC::VM::setActiveHeapAnalyzer): * runtime/WeakMapImpl.cpp: (JSC::WeakMapImpl<WeakMapBucket>::visitChildrenImpl): (JSC::WeakMapImpl<WeakMapBucket<WeakMapBucketDataKey>>::visitOutputConstraints): (JSC::WeakMapImpl<BucketType>::visitOutputConstraints): (JSC::WeakMapImpl<WeakMapBucket>::visitChildren): Deleted. (JSC::WeakMapImpl<WeakMapBucket<WeakMapBucketDataKeyValue>>::visitOutputConstraints): Deleted. * runtime/WeakMapImpl.h: (JSC::WeakMapBucket::visitAggregate): * tools/JSDollarVM.cpp: (JSC::JSDollarVM::visitChildrenImpl): (JSC::JSDollarVM::visitChildren): Deleted. * tools/JSDollarVM.h: * wasm/WasmGlobal.cpp: (JSC::Wasm::Global::visitAggregateImpl): (JSC::Wasm::Global::visitAggregate): Deleted. * wasm/WasmGlobal.h: * wasm/WasmTable.cpp: (JSC::Wasm::Table::visitAggregateImpl): (JSC::Wasm::Table::visitAggregate): Deleted. * wasm/WasmTable.h: * wasm/js/JSToWasmICCallee.cpp: (JSC::JSToWasmICCallee::visitChildrenImpl): (JSC::JSToWasmICCallee::visitChildren): Deleted. * wasm/js/JSToWasmICCallee.h: * wasm/js/JSWebAssemblyCodeBlock.cpp: (JSC::JSWebAssemblyCodeBlock::visitChildrenImpl): (JSC::JSWebAssemblyCodeBlock::visitChildren): Deleted. * wasm/js/JSWebAssemblyCodeBlock.h: * wasm/js/JSWebAssemblyGlobal.cpp: (JSC::JSWebAssemblyGlobal::visitChildrenImpl): (JSC::JSWebAssemblyGlobal::visitChildren): Deleted. * wasm/js/JSWebAssemblyGlobal.h: * wasm/js/JSWebAssemblyInstance.cpp: (JSC::JSWebAssemblyInstance::visitChildrenImpl): (JSC::JSWebAssemblyInstance::visitChildren): Deleted. * wasm/js/JSWebAssemblyInstance.h: * wasm/js/JSWebAssemblyMemory.cpp: (JSC::JSWebAssemblyMemory::visitChildrenImpl): (JSC::JSWebAssemblyMemory::visitChildren): Deleted. * wasm/js/JSWebAssemblyMemory.h: * wasm/js/JSWebAssemblyModule.cpp: (JSC::JSWebAssemblyModule::visitChildrenImpl): (JSC::JSWebAssemblyModule::visitChildren): Deleted. * wasm/js/JSWebAssemblyModule.h: * wasm/js/JSWebAssemblyTable.cpp: (JSC::JSWebAssemblyTable::visitChildrenImpl): (JSC::JSWebAssemblyTable::visitChildren): Deleted. * wasm/js/JSWebAssemblyTable.h: * wasm/js/WebAssemblyFunction.cpp: (JSC::WebAssemblyFunction::visitChildrenImpl): (JSC::WebAssemblyFunction::visitChildren): Deleted. * wasm/js/WebAssemblyFunction.h: * wasm/js/WebAssemblyFunctionBase.cpp: (JSC::WebAssemblyFunctionBase::visitChildrenImpl): (JSC::WebAssemblyFunctionBase::visitChildren): Deleted. * wasm/js/WebAssemblyFunctionBase.h: * wasm/js/WebAssemblyModuleRecord.cpp: (JSC::WebAssemblyModuleRecord::visitChildrenImpl): (JSC::WebAssemblyModuleRecord::visitChildren): Deleted. * wasm/js/WebAssemblyModuleRecord.h: * wasm/js/WebAssemblyWrapperFunction.cpp: (JSC::WebAssemblyWrapperFunction::visitChildrenImpl): (JSC::WebAssemblyWrapperFunction::visitChildren): Deleted. * wasm/js/WebAssemblyWrapperFunction.h: Source/WebCore: 1. Added support for the GC verifier. 2. Also removed NodeFilterCondition::visitAggregate() because it is not used. 3. Rebased bindings test results. * Modules/indexeddb/IDBObjectStore.cpp: (WebCore::IDBObjectStore::visitReferencedIndexes const): * Modules/indexeddb/IDBObjectStore.h: * Modules/indexeddb/IDBTransaction.cpp: (WebCore::IDBTransaction::visitReferencedObjectStores const): * Modules/indexeddb/IDBTransaction.h: * Modules/webaudio/AudioBuffer.cpp: (WebCore::AudioBuffer::visitChannelWrappers): * Modules/webaudio/AudioBuffer.h: * bindings/js/DOMGCOutputConstraint.cpp: (WebCore::DOMGCOutputConstraint::executeImplImpl): (WebCore::DOMGCOutputConstraint::executeImpl): * bindings/js/DOMGCOutputConstraint.h: * bindings/js/JSAbortControllerCustom.cpp: (WebCore::JSAbortController::visitAdditionalChildren): * bindings/js/JSAbortSignalCustom.cpp: (WebCore::JSAbortSignalOwner::isReachableFromOpaqueRoots): * bindings/js/JSAttrCustom.cpp: (WebCore::JSAttr::visitAdditionalChildren): * bindings/js/JSAudioBufferCustom.cpp: (WebCore::JSAudioBuffer::visitAdditionalChildren): * bindings/js/JSAudioTrackCustom.cpp: (WebCore::JSAudioTrack::visitAdditionalChildren): * bindings/js/JSAudioTrackListCustom.cpp: (WebCore::JSAudioTrackList::visitAdditionalChildren): * bindings/js/JSAudioWorkletProcessorCustom.cpp: (WebCore::JSAudioWorkletProcessor::visitAdditionalChildren): * bindings/js/JSCSSRuleCustom.cpp: (WebCore::JSCSSRule::visitAdditionalChildren): * bindings/js/JSCSSRuleListCustom.cpp: (WebCore::JSCSSRuleListOwner::isReachableFromOpaqueRoots): * bindings/js/JSCSSStyleDeclarationCustom.cpp: (WebCore::JSCSSStyleDeclaration::visitAdditionalChildren): * bindings/js/JSCallbackData.cpp: (WebCore::JSCallbackDataWeak::visitJSFunction): (WebCore::JSCallbackDataWeak::WeakOwner::isReachableFromOpaqueRoots): * bindings/js/JSCallbackData.h: * bindings/js/JSCanvasRenderingContext2DCustom.cpp: (WebCore::JSCanvasRenderingContext2DOwner::isReachableFromOpaqueRoots): (WebCore::JSCanvasRenderingContext2D::visitAdditionalChildren): * bindings/js/JSCustomEventCustom.cpp: (WebCore::JSCustomEvent::visitAdditionalChildren): * bindings/js/JSDOMBuiltinConstructorBase.cpp: (WebCore::JSDOMBuiltinConstructorBase::visitChildrenImpl): (WebCore::JSDOMBuiltinConstructorBase::visitChildren): Deleted. * bindings/js/JSDOMBuiltinConstructorBase.h: * bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::visitChildrenImpl): (WebCore::JSDOMGlobalObject::visitChildren): Deleted. * bindings/js/JSDOMGlobalObject.h: * bindings/js/JSDOMGuardedObject.h: * bindings/js/JSDOMQuadCustom.cpp: (WebCore::JSDOMQuad::visitAdditionalChildren): * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::visitAdditionalChildren): * bindings/js/JSDeprecatedCSSOMValueCustom.cpp: (WebCore::JSDeprecatedCSSOMValueOwner::isReachableFromOpaqueRoots): * bindings/js/JSDocumentCustom.cpp: (WebCore::JSDocument::visitAdditionalChildren): * bindings/js/JSErrorEventCustom.cpp: (WebCore::JSErrorEvent::visitAdditionalChildren): * bindings/js/JSEventListener.cpp: (WebCore::JSEventListener::visitJSFunctionImpl): (WebCore::JSEventListener::visitJSFunction): * bindings/js/JSEventListener.h: * bindings/js/JSEventTargetCustom.cpp: (WebCore::JSEventTarget::visitAdditionalChildren): * bindings/js/JSFetchEventCustom.cpp: (WebCore::JSFetchEvent::visitAdditionalChildren): * bindings/js/JSHTMLCanvasElementCustom.cpp: (WebCore::JSHTMLCanvasElement::visitAdditionalChildren): * bindings/js/JSHTMLTemplateElementCustom.cpp: (WebCore::JSHTMLTemplateElement::visitAdditionalChildren): * bindings/js/JSHistoryCustom.cpp: (WebCore::JSHistory::visitAdditionalChildren): * bindings/js/JSIDBCursorCustom.cpp: (WebCore::JSIDBCursor::visitAdditionalChildren): * bindings/js/JSIDBCursorWithValueCustom.cpp: (WebCore::JSIDBCursorWithValue::visitAdditionalChildren): * bindings/js/JSIDBIndexCustom.cpp: (WebCore::JSIDBIndex::visitAdditionalChildren): * bindings/js/JSIDBObjectStoreCustom.cpp: (WebCore::JSIDBObjectStore::visitAdditionalChildren): * bindings/js/JSIDBRequestCustom.cpp: (WebCore::JSIDBRequest::visitAdditionalChildren): * bindings/js/JSIDBTransactionCustom.cpp: (WebCore::JSIDBTransaction::visitAdditionalChildren): * bindings/js/JSIntersectionObserverCustom.cpp: (WebCore::JSIntersectionObserver::visitAdditionalChildren): * bindings/js/JSIntersectionObserverEntryCustom.cpp: (WebCore::JSIntersectionObserverEntry::visitAdditionalChildren): * bindings/js/JSMessageChannelCustom.cpp: (WebCore::JSMessageChannel::visitAdditionalChildren): * bindings/js/JSMessageEventCustom.cpp: (WebCore::JSMessageEvent::visitAdditionalChildren): * bindings/js/JSMessagePortCustom.cpp: (WebCore::JSMessagePort::visitAdditionalChildren): * bindings/js/JSMutationObserverCustom.cpp: (WebCore::JSMutationObserver::visitAdditionalChildren): (WebCore::JSMutationObserverOwner::isReachableFromOpaqueRoots): * bindings/js/JSMutationRecordCustom.cpp: (WebCore::JSMutationRecord::visitAdditionalChildren): * bindings/js/JSNavigatorCustom.cpp: (WebCore::JSNavigator::visitAdditionalChildren): * bindings/js/JSNodeCustom.cpp: (WebCore::isReachableFromDOM): (WebCore::JSNodeOwner::isReachableFromOpaqueRoots): (WebCore::JSNode::visitAdditionalChildren): * bindings/js/JSNodeIteratorCustom.cpp: (WebCore::JSNodeIterator::visitAdditionalChildren): * bindings/js/JSNodeListCustom.cpp: (WebCore::JSNodeListOwner::isReachableFromOpaqueRoots): * bindings/js/JSOffscreenCanvasRenderingContext2DCustom.cpp: (WebCore::JSOffscreenCanvasRenderingContext2DOwner::isReachableFromOpaqueRoots): (WebCore::JSOffscreenCanvasRenderingContext2D::visitAdditionalChildren): * bindings/js/JSPaintRenderingContext2DCustom.cpp: (WebCore::JSPaintRenderingContext2DOwner::isReachableFromOpaqueRoots): (WebCore::JSPaintRenderingContext2D::visitAdditionalChildren): * bindings/js/JSPaintWorkletGlobalScopeCustom.cpp: (WebCore::JSPaintWorkletGlobalScope::visitAdditionalChildren): * bindings/js/JSPaymentMethodChangeEventCustom.cpp: (WebCore::JSPaymentMethodChangeEvent::visitAdditionalChildren): * bindings/js/JSPaymentResponseCustom.cpp: (WebCore::JSPaymentResponse::visitAdditionalChildren): * bindings/js/JSPerformanceObserverCustom.cpp: (WebCore::JSPerformanceObserver::visitAdditionalChildren): (WebCore::JSPerformanceObserverOwner::isReachableFromOpaqueRoots): * bindings/js/JSPopStateEventCustom.cpp: (WebCore::JSPopStateEvent::visitAdditionalChildren): * bindings/js/JSPromiseRejectionEventCustom.cpp: (WebCore::JSPromiseRejectionEvent::visitAdditionalChildren): * bindings/js/JSResizeObserverCustom.cpp: (WebCore::JSResizeObserver::visitAdditionalChildren): * bindings/js/JSResizeObserverEntryCustom.cpp: (WebCore::JSResizeObserverEntry::visitAdditionalChildren): * bindings/js/JSSVGViewSpecCustom.cpp: (WebCore::JSSVGViewSpec::visitAdditionalChildren): * bindings/js/JSServiceWorkerGlobalScopeCustom.cpp: (WebCore::JSServiceWorkerGlobalScope::visitAdditionalChildren): * bindings/js/JSStaticRangeCustom.cpp: (WebCore::JSStaticRange::visitAdditionalChildren): * bindings/js/JSStyleSheetCustom.cpp: (WebCore::JSStyleSheet::visitAdditionalChildren): * bindings/js/JSTextTrackCueCustom.cpp: (WebCore::JSTextTrackCueOwner::isReachableFromOpaqueRoots): (WebCore::JSTextTrackCue::visitAdditionalChildren): * bindings/js/JSTextTrackCustom.cpp: (WebCore::JSTextTrack::visitAdditionalChildren): * bindings/js/JSTextTrackListCustom.cpp: (WebCore::JSTextTrackList::visitAdditionalChildren): * bindings/js/JSTreeWalkerCustom.cpp: (WebCore::JSTreeWalker::visitAdditionalChildren): * bindings/js/JSUndoItemCustom.cpp: (WebCore::JSUndoItem::visitAdditionalChildren): (WebCore::JSUndoItemOwner::isReachableFromOpaqueRoots): * bindings/js/JSValueInWrappedObject.h: (WebCore::JSValueInWrappedObject::visit const): * bindings/js/JSVideoTrackCustom.cpp: (WebCore::JSVideoTrack::visitAdditionalChildren): * bindings/js/JSVideoTrackListCustom.cpp: (WebCore::JSVideoTrackList::visitAdditionalChildren): * bindings/js/JSWebGL2RenderingContextCustom.cpp: (WebCore::JSWebGL2RenderingContext::visitAdditionalChildren): * bindings/js/JSWebGLRenderingContextCustom.cpp: (WebCore::JSWebGLRenderingContext::visitAdditionalChildren): * bindings/js/JSWorkerGlobalScopeBase.cpp: (WebCore::JSWorkerGlobalScopeBase::visitChildrenImpl): (WebCore::JSWorkerGlobalScopeBase::visitChildren): Deleted. * bindings/js/JSWorkerGlobalScopeBase.h: * bindings/js/JSWorkerGlobalScopeCustom.cpp: (WebCore::JSWorkerGlobalScope::visitAdditionalChildren): * bindings/js/JSWorkerNavigatorCustom.cpp: (WebCore::JSWorkerNavigator::visitAdditionalChildren): * bindings/js/JSWorkletGlobalScopeBase.cpp: (WebCore::JSWorkletGlobalScopeBase::visitChildrenImpl): (WebCore::JSWorkletGlobalScopeBase::visitChildren): Deleted. * bindings/js/JSWorkletGlobalScopeBase.h: * bindings/js/JSXMLHttpRequestCustom.cpp: (WebCore::JSXMLHttpRequest::visitAdditionalChildren): * bindings/js/JSXPathResultCustom.cpp: (WebCore::JSXPathResult::visitAdditionalChildren): * bindings/js/WebCoreTypedArrayController.cpp: (WebCore::WebCoreTypedArrayController::JSArrayBufferOwner::isReachableFromOpaqueRoots): * bindings/js/WebCoreTypedArrayController.h: * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): (GenerateImplementation): (GenerateCallbackHeaderContent): (GenerateCallbackImplementationContent): (GenerateIterableDefinition): * bindings/scripts/test/JS/JSDOMWindow.cpp: (WebCore::JSDOMWindow::subspaceForImpl): * bindings/scripts/test/JS/JSDedicatedWorkerGlobalScope.cpp: (WebCore::JSDedicatedWorkerGlobalScope::subspaceForImpl): * bindings/scripts/test/JS/JSExposedToWorkerAndWindow.cpp: (WebCore::JSExposedToWorkerAndWindow::subspaceForImpl): (WebCore::JSExposedToWorkerAndWindowOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSExposedToWorkerAndWindow.h: * bindings/scripts/test/JS/JSPaintWorkletGlobalScope.cpp: (WebCore::JSPaintWorkletGlobalScope::subspaceForImpl): * bindings/scripts/test/JS/JSServiceWorkerGlobalScope.cpp: (WebCore::JSServiceWorkerGlobalScope::subspaceForImpl): * bindings/scripts/test/JS/JSTestCEReactions.cpp: (WebCore::JSTestCEReactions::subspaceForImpl): (WebCore::JSTestCEReactionsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestCEReactions.h: * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp: (WebCore::JSTestCEReactionsStringifier::subspaceForImpl): (WebCore::JSTestCEReactionsStringifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestCEReactionsStringifier.h: * bindings/scripts/test/JS/JSTestCallTracer.cpp: (WebCore::JSTestCallTracer::subspaceForImpl): (WebCore::JSTestCallTracerOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestCallTracer.h: * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp: (WebCore::JSTestClassWithJSBuiltinConstructor::subspaceForImpl): (WebCore::JSTestClassWithJSBuiltinConstructorOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h: * bindings/scripts/test/JS/JSTestConditionalIncludes.cpp: (WebCore::JSTestConditionalIncludes::subspaceForImpl): (WebCore::JSTestConditionalIncludesOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestConditionalIncludes.h: * bindings/scripts/test/JS/JSTestConditionallyReadWrite.cpp: (WebCore::JSTestConditionallyReadWrite::subspaceForImpl): (WebCore::JSTestConditionallyReadWriteOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestConditionallyReadWrite.h: * bindings/scripts/test/JS/JSTestDOMJIT.cpp: (WebCore::JSTestDOMJIT::subspaceForImpl): * bindings/scripts/test/JS/JSTestDefaultToJSON.cpp: (WebCore::JSTestDefaultToJSON::subspaceForImpl): (WebCore::JSTestDefaultToJSONOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestDefaultToJSON.h: * bindings/scripts/test/JS/JSTestDefaultToJSONFilteredByExposed.cpp: (WebCore::JSTestDefaultToJSONFilteredByExposed::subspaceForImpl): (WebCore::JSTestDefaultToJSONFilteredByExposedOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestDefaultToJSONFilteredByExposed.h: * bindings/scripts/test/JS/JSTestDefaultToJSONIndirectInheritance.cpp: (WebCore::JSTestDefaultToJSONIndirectInheritance::subspaceForImpl): * bindings/scripts/test/JS/JSTestDefaultToJSONInherit.cpp: (WebCore::JSTestDefaultToJSONInherit::subspaceForImpl): * bindings/scripts/test/JS/JSTestDefaultToJSONInheritFinal.cpp: (WebCore::JSTestDefaultToJSONInheritFinal::subspaceForImpl): * bindings/scripts/test/JS/JSTestDomainSecurity.cpp: (WebCore::JSTestDomainSecurity::subspaceForImpl): (WebCore::JSTestDomainSecurityOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestDomainSecurity.h: * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp: (WebCore::JSTestEnabledBySetting::subspaceForImpl): (WebCore::JSTestEnabledBySettingOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestEnabledBySetting.h: * bindings/scripts/test/JS/JSTestEnabledForContext.cpp: (WebCore::JSTestEnabledForContext::subspaceForImpl): (WebCore::JSTestEnabledForContextOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestEnabledForContext.h: * bindings/scripts/test/JS/JSTestEventConstructor.cpp: (WebCore::JSTestEventConstructor::subspaceForImpl): * bindings/scripts/test/JS/JSTestEventTarget.cpp: (WebCore::JSTestEventTarget::subspaceForImpl): * bindings/scripts/test/JS/JSTestException.cpp: (WebCore::JSTestException::subspaceForImpl): (WebCore::JSTestExceptionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestException.h: * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp: (WebCore::JSTestGenerateIsReachable::subspaceForImpl): (WebCore::JSTestGenerateIsReachableOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestGenerateIsReachable.h: * bindings/scripts/test/JS/JSTestGlobalObject.cpp: (WebCore::JSTestGlobalObject::subspaceForImpl): (WebCore::JSTestGlobalObjectOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestGlobalObject.h: * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp: (WebCore::JSTestIndexedSetterNoIdentifier::subspaceForImpl): (WebCore::JSTestIndexedSetterNoIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.h: * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp: (WebCore::JSTestIndexedSetterThrowingException::subspaceForImpl): (WebCore::JSTestIndexedSetterThrowingExceptionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.h: * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp: (WebCore::JSTestIndexedSetterWithIdentifier::subspaceForImpl): (WebCore::JSTestIndexedSetterWithIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.h: * bindings/scripts/test/JS/JSTestInterface.cpp: (WebCore::jsTestInterfacePrototypeFunction_entriesCaller): (WebCore::JSTestInterface::subspaceForImpl): (WebCore::JSTestInterfaceOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestInterface.h: * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp: (WebCore::JSTestInterfaceLeadingUnderscore::subspaceForImpl): (WebCore::JSTestInterfaceLeadingUnderscoreOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.h: * bindings/scripts/test/JS/JSTestIterable.cpp: (WebCore::jsTestIterablePrototypeFunction_entriesCaller): (WebCore::JSTestIterable::subspaceForImpl): (WebCore::JSTestIterableOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestIterable.h: * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp: (WebCore::JSTestJSBuiltinConstructor::subspaceForImpl): * bindings/scripts/test/JS/JSTestLegacyFactoryFunction.cpp: (WebCore::JSTestLegacyFactoryFunction::subspaceForImpl): (WebCore::JSTestLegacyFactoryFunctionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestLegacyFactoryFunction.h: * bindings/scripts/test/JS/JSTestLegacyNoInterfaceObject.cpp: (WebCore::JSTestLegacyNoInterfaceObject::subspaceForImpl): (WebCore::JSTestLegacyNoInterfaceObjectOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestLegacyNoInterfaceObject.h: * bindings/scripts/test/JS/JSTestLegacyOverrideBuiltIns.cpp: (WebCore::JSTestLegacyOverrideBuiltIns::subspaceForImpl): (WebCore::JSTestLegacyOverrideBuiltInsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestLegacyOverrideBuiltIns.h: * bindings/scripts/test/JS/JSTestMapLike.cpp: (WebCore::JSTestMapLike::subspaceForImpl): (WebCore::JSTestMapLikeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestMapLike.h: * bindings/scripts/test/JS/JSTestMapLikeWithOverriddenOperations.cpp: (WebCore::JSTestMapLikeWithOverriddenOperations::subspaceForImpl): (WebCore::JSTestMapLikeWithOverriddenOperationsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestMapLikeWithOverriddenOperations.h: * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp: (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::subspaceForImpl): (WebCore::JSTestNamedAndIndexedSetterNoIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.h: * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp: (WebCore::JSTestNamedAndIndexedSetterThrowingException::subspaceForImpl): (WebCore::JSTestNamedAndIndexedSetterThrowingExceptionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.h: * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp: (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::subspaceForImpl): (WebCore::JSTestNamedAndIndexedSetterWithIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp: (WebCore::JSTestNamedDeleterNoIdentifier::subspaceForImpl): (WebCore::JSTestNamedDeleterNoIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.h: * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp: (WebCore::JSTestNamedDeleterThrowingException::subspaceForImpl): (WebCore::JSTestNamedDeleterThrowingExceptionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.h: * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp: (WebCore::JSTestNamedDeleterWithIdentifier::subspaceForImpl): (WebCore::JSTestNamedDeleterWithIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp: (WebCore::JSTestNamedDeleterWithIndexedGetter::subspaceForImpl): (WebCore::JSTestNamedDeleterWithIndexedGetterOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.h: * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp: (WebCore::JSTestNamedGetterCallWith::subspaceForImpl): (WebCore::JSTestNamedGetterCallWithOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedGetterCallWith.h: * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp: (WebCore::JSTestNamedGetterNoIdentifier::subspaceForImpl): (WebCore::JSTestNamedGetterNoIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.h: * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp: (WebCore::JSTestNamedGetterWithIdentifier::subspaceForImpl): (WebCore::JSTestNamedGetterWithIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp: (WebCore::JSTestNamedSetterNoIdentifier::subspaceForImpl): (WebCore::JSTestNamedSetterNoIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.h: * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp: (WebCore::JSTestNamedSetterThrowingException::subspaceForImpl): (WebCore::JSTestNamedSetterThrowingExceptionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.h: * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp: (WebCore::JSTestNamedSetterWithIdentifier::subspaceForImpl): (WebCore::JSTestNamedSetterWithIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp: (WebCore::JSTestNamedSetterWithIndexedGetter::subspaceForImpl): (WebCore::JSTestNamedSetterWithIndexedGetterOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.h: * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp: (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::subspaceForImpl): (WebCore::JSTestNamedSetterWithIndexedGetterAndSetterOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.h: * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyOverrideBuiltIns.cpp: (WebCore::JSTestNamedSetterWithLegacyOverrideBuiltIns::subspaceForImpl): (WebCore::JSTestNamedSetterWithLegacyOverrideBuiltInsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyOverrideBuiltIns.h: * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyUnforgeableProperties.cpp: (WebCore::JSTestNamedSetterWithLegacyUnforgeableProperties::subspaceForImpl): (WebCore::JSTestNamedSetterWithLegacyUnforgeablePropertiesOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyUnforgeableProperties.h: * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyUnforgeablePropertiesAndLegacyOverrideBuiltIns.cpp: (WebCore::JSTestNamedSetterWithLegacyUnforgeablePropertiesAndLegacyOverrideBuiltIns::subspaceForImpl): (WebCore::JSTestNamedSetterWithLegacyUnforgeablePropertiesAndLegacyOverrideBuiltInsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyUnforgeablePropertiesAndLegacyOverrideBuiltIns.h: * bindings/scripts/test/JS/JSTestNode.cpp: (WebCore::jsTestNodePrototypeFunction_entriesCaller): (WebCore::JSTestNode::subspaceForImpl): * bindings/scripts/test/JS/JSTestObj.cpp: (WebCore::JSTestObj::subspaceForImpl): (WebCore::JSTestObj::visitChildrenImpl): (WebCore::JSTestObjOwner::isReachableFromOpaqueRoots): (WebCore::JSTestObj::visitChildren): Deleted. * bindings/scripts/test/JS/JSTestObj.h: * bindings/scripts/test/JS/JSTestOperationConditional.cpp: (WebCore::JSTestOperationConditional::subspaceForImpl): (WebCore::JSTestOperationConditionalOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestOperationConditional.h: * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: (WebCore::JSTestOverloadedConstructors::subspaceForImpl): (WebCore::JSTestOverloadedConstructorsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestOverloadedConstructors.h: * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp: (WebCore::JSTestOverloadedConstructorsWithSequence::subspaceForImpl): (WebCore::JSTestOverloadedConstructorsWithSequenceOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.h: * bindings/scripts/test/JS/JSTestPluginInterface.cpp: (WebCore::JSTestPluginInterface::subspaceForImpl): (WebCore::JSTestPluginInterfaceOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestPluginInterface.h: * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp: (WebCore::JSTestPromiseRejectionEvent::subspaceForImpl): * bindings/scripts/test/JS/JSTestReadOnlyMapLike.cpp: (WebCore::JSTestReadOnlyMapLike::subspaceForImpl): (WebCore::JSTestReadOnlyMapLikeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestReadOnlyMapLike.h: * bindings/scripts/test/JS/JSTestReadOnlySetLike.cpp: (WebCore::JSTestReadOnlySetLike::subspaceForImpl): (WebCore::JSTestReadOnlySetLikeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestReadOnlySetLike.h: * bindings/scripts/test/JS/JSTestReportExtraMemoryCost.cpp: (WebCore::JSTestReportExtraMemoryCost::subspaceForImpl): (WebCore::JSTestReportExtraMemoryCost::visitChildrenImpl): (WebCore::JSTestReportExtraMemoryCostOwner::isReachableFromOpaqueRoots): (WebCore::JSTestReportExtraMemoryCost::visitChildren): Deleted. * bindings/scripts/test/JS/JSTestReportExtraMemoryCost.h: * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: (WebCore::JSTestSerializedScriptValueInterface::subspaceForImpl): (WebCore::JSTestSerializedScriptValueInterface::visitChildrenImpl): (WebCore::JSTestSerializedScriptValueInterfaceOwner::isReachableFromOpaqueRoots): (WebCore::JSTestSerializedScriptValueInterface::visitChildren): Deleted. * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h: * bindings/scripts/test/JS/JSTestSetLike.cpp: (WebCore::JSTestSetLike::subspaceForImpl): (WebCore::JSTestSetLikeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestSetLike.h: * bindings/scripts/test/JS/JSTestSetLikeWithOverriddenOperations.cpp: (WebCore::JSTestSetLikeWithOverriddenOperations::subspaceForImpl): (WebCore::JSTestSetLikeWithOverriddenOperationsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestSetLikeWithOverriddenOperations.h: * bindings/scripts/test/JS/JSTestStringifier.cpp: (WebCore::JSTestStringifier::subspaceForImpl): (WebCore::JSTestStringifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifier.h: * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp: (WebCore::JSTestStringifierAnonymousOperation::subspaceForImpl): (WebCore::JSTestStringifierAnonymousOperationOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.h: * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp: (WebCore::JSTestStringifierNamedOperation::subspaceForImpl): (WebCore::JSTestStringifierNamedOperationOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierNamedOperation.h: * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp: (WebCore::JSTestStringifierOperationImplementedAs::subspaceForImpl): (WebCore::JSTestStringifierOperationImplementedAsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.h: * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp: (WebCore::JSTestStringifierOperationNamedToString::subspaceForImpl): (WebCore::JSTestStringifierOperationNamedToStringOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.h: * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp: (WebCore::JSTestStringifierReadOnlyAttribute::subspaceForImpl): (WebCore::JSTestStringifierReadOnlyAttributeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.h: * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp: (WebCore::JSTestStringifierReadWriteAttribute::subspaceForImpl): (WebCore::JSTestStringifierReadWriteAttributeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.h: * bindings/scripts/test/JS/JSTestTypedefs.cpp: (WebCore::JSTestTypedefs::subspaceForImpl): (WebCore::JSTestTypedefsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestTypedefs.h: * bindings/scripts/test/JS/JSWorkerGlobalScope.cpp: (WebCore::JSWorkerGlobalScope::subspaceForImpl): * bindings/scripts/test/JS/JSWorkletGlobalScope.cpp: (WebCore::JSWorkletGlobalScope::subspaceForImpl): * dom/ActiveDOMCallback.h: (WebCore::ActiveDOMCallback::visitJSFunction): * dom/EventListener.h: (WebCore::EventListener::visitJSFunction): * dom/EventTarget.cpp: (WebCore::EventTarget::visitJSEventListeners): * dom/EventTarget.h: * dom/MutationRecord.cpp: * dom/MutationRecord.h: * dom/NodeFilterCondition.h: (WebCore::NodeFilterCondition::visitAggregate): Deleted. * dom/StaticRange.cpp: (WebCore::StaticRange::visitNodesConcurrently const): * dom/StaticRange.h: * html/canvas/WebGL2RenderingContext.cpp: (WebCore::WebGL2RenderingContext::addMembersToOpaqueRoots): * html/canvas/WebGL2RenderingContext.h: * html/canvas/WebGLFramebuffer.cpp: (WebCore::WebGLFramebuffer::addMembersToOpaqueRoots): * html/canvas/WebGLFramebuffer.h: * html/canvas/WebGLProgram.cpp: (WebCore::WebGLProgram::addMembersToOpaqueRoots): * html/canvas/WebGLProgram.h: * html/canvas/WebGLRenderingContextBase.cpp: (WebCore::WebGLRenderingContextBase::addMembersToOpaqueRoots): * html/canvas/WebGLRenderingContextBase.h: * html/canvas/WebGLTransformFeedback.cpp: (WebCore::WebGLTransformFeedback::addMembersToOpaqueRoots): * html/canvas/WebGLTransformFeedback.h: * html/canvas/WebGLVertexArrayObjectBase.cpp: (WebCore::WebGLVertexArrayObjectBase::addMembersToOpaqueRoots): * html/canvas/WebGLVertexArrayObjectBase.h: Canonical link: https://commits.webkit.org/234335@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@273138 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-02-19 15:51:15 +00:00
* Copyright (C) 2012-2021 Apple Inc. All Rights Reserved.
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
* CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
* EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
* OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "config.h"
#include "UnlinkedCodeBlock.h"
Bytecode liveness should live on UnlinkedCodeBlock so it can be shared amongst CodeBlocks https://bugs.webkit.org/show_bug.cgi?id=178949 Reviewed by Keith Miller. This patch stores BytecodeLiveness on UnlinkedCodeBlock instead of CodeBlock so that we don't need to recompute liveness for the same UnlinkedCodeBlock more than once. To do this, this patch solidifies the invariant that CodeBlock linking can't do anything that would change the result of liveness. For example, it can't introduce new locals. This invariant was met my JSC before, because we didn't do anything in bytecode linking that would change liveness. However, it is now a correctness requirement that we don't do anything that would change the result of running liveness. To support this change, I've refactored BytecodeGraph to not be tied to a CodeBlockType*. Things that perform liveness will pass in CodeBlockType* and the instruction stream as needed. This means that we may compute liveness with one CodeBlock*'s instruction stream, and then perform queries on that analysis with a different CodeBlock*'s instruction stream. This seems to be a 2% JSBench progression. * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::graph): (JSC::BytecodeGeneratorification::storageForGeneratorLocal): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): * bytecode/BytecodeGraph.h: (JSC::BytecodeGraph::BytecodeGraph): (JSC::BytecodeGraph::codeBlock const): Deleted. (JSC::BytecodeGraph::instructions): Deleted. (JSC::BytecodeGraph<Block>::BytecodeGraph): Deleted. * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::BytecodeLivenessAnalysis): (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset): (JSC::BytecodeLivenessAnalysis::computeFullLiveness): (JSC::BytecodeLivenessAnalysis::computeKills): (JSC::BytecodeLivenessAnalysis::dumpResults): (JSC::BytecodeLivenessAnalysis::operandIsLiveAtBytecodeOffset): Deleted. (JSC::BytecodeLivenessAnalysis::compute): Deleted. * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::BytecodeLivenessPropagation::stepOverInstruction): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeOffset): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBlock): (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeOffset): (JSC::BytecodeLivenessPropagation::runLivenessFixpoint): * bytecode/BytecodeRewriter.cpp: (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::graph): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::validate): (JSC::CodeBlock::livenessAnalysisSlow): Deleted. * bytecode/CodeBlock.h: (JSC::CodeBlock::livenessAnalysis): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::applyModification): (JSC::UnlinkedCodeBlock::livenessAnalysisSlow): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::livenessAnalysis): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::livenessFor): (JSC::DFG::Graph::killsFor): * dfg/DFGPlan.cpp: (JSC::DFG::Plan::cleanMustHandleValuesIfNecessary): * jit/JIT.cpp: (JSC::JIT::privateCompileMainPass): Canonical link: https://commits.webkit.org/195109@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@224138 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2017-10-28 01:03:22 +00:00
#include "BytecodeLivenessAnalysis.h"
[IWYU] Remove unnecessary includes from JSC implementation files https://bugs.webkit.org/show_bug.cgi?id=211867 Reviewed by Keith Miller. * API/: * assembler/: * b3/: * bindings/: * builtins/BuiltinExecutables.cpp: * bytecode/: * bytecompiler/: * debugger/: * dfg/: * disassembler/: * ftl/: * heap/: * inspector/: * interpreter/: * jit/: * jsc.cpp: * llint/: * parser/: * profiler/: * runtime/: * testRegExp.cpp: * tools/: * wasm/: * yarr/: Canonical link: https://commits.webkit.org/224848@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@261755 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2020-05-15 19:39:36 +00:00
#include "BytecodeStructs.h"
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
#include "ClassInfo.h"
Start beating UnlinkedCodeBlock.h/.cpp with the "One Class per File" stick https://bugs.webkit.org/show_bug.cgi?id=147856 Reviewed by Saam Barati. Split out UnlinkedFunctionExecutable.h/.cpp and ExecutableInfo.h into separate files. * CMakeLists.txt: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/ExecutableInfo.h: Copied from Source/JavaScriptCore/bytecode/UnlinkedCodeBlock.h. (JSC::ExecutableInfo::ExecutableInfo): (JSC::UnlinkedStringJumpTable::offsetForValue): Deleted. (JSC::UnlinkedSimpleJumpTable::add): Deleted. (JSC::UnlinkedInstruction::UnlinkedInstruction): Deleted. (JSC::UnlinkedCodeBlock::isConstructor): Deleted. (JSC::UnlinkedCodeBlock::isStrictMode): Deleted. (JSC::UnlinkedCodeBlock::usesEval): Deleted. (JSC::UnlinkedCodeBlock::needsFullScopeChain): Deleted. (JSC::UnlinkedCodeBlock::hasExpressionInfo): Deleted. (JSC::UnlinkedCodeBlock::setThisRegister): Deleted. (JSC::UnlinkedCodeBlock::setScopeRegister): Deleted. (JSC::UnlinkedCodeBlock::setActivationRegister): Deleted. (JSC::UnlinkedCodeBlock::usesGlobalObject): Deleted. (JSC::UnlinkedCodeBlock::setGlobalObjectRegister): Deleted. (JSC::UnlinkedCodeBlock::globalObjectRegister): Deleted. (JSC::UnlinkedCodeBlock::setNumParameters): Deleted. (JSC::UnlinkedCodeBlock::addParameter): Deleted. (JSC::UnlinkedCodeBlock::numParameters): Deleted. (JSC::UnlinkedCodeBlock::addRegExp): Deleted. (JSC::UnlinkedCodeBlock::numberOfRegExps): Deleted. (JSC::UnlinkedCodeBlock::regexp): Deleted. (JSC::UnlinkedCodeBlock::numberOfIdentifiers): Deleted. (JSC::UnlinkedCodeBlock::addIdentifier): Deleted. (JSC::UnlinkedCodeBlock::identifier): Deleted. (JSC::UnlinkedCodeBlock::identifiers): Deleted. (JSC::UnlinkedCodeBlock::addConstant): Deleted. (JSC::UnlinkedCodeBlock::registerIndexForLinkTimeConstant): Deleted. (JSC::UnlinkedCodeBlock::constantRegisters): Deleted. (JSC::UnlinkedCodeBlock::constantRegister): Deleted. (JSC::UnlinkedCodeBlock::isConstantRegisterIndex): Deleted. (JSC::UnlinkedCodeBlock::constantsSourceCodeRepresentation): Deleted. (JSC::UnlinkedCodeBlock::numberOfJumpTargets): Deleted. (JSC::UnlinkedCodeBlock::addJumpTarget): Deleted. (JSC::UnlinkedCodeBlock::jumpTarget): Deleted. (JSC::UnlinkedCodeBlock::lastJumpTarget): Deleted. (JSC::UnlinkedCodeBlock::isBuiltinFunction): Deleted. (JSC::UnlinkedCodeBlock::constructorKind): Deleted. (JSC::UnlinkedCodeBlock::shrinkToFit): Deleted. (JSC::UnlinkedCodeBlock::numberOfSwitchJumpTables): Deleted. (JSC::UnlinkedCodeBlock::addSwitchJumpTable): Deleted. (JSC::UnlinkedCodeBlock::switchJumpTable): Deleted. (JSC::UnlinkedCodeBlock::numberOfStringSwitchJumpTables): Deleted. (JSC::UnlinkedCodeBlock::addStringSwitchJumpTable): Deleted. (JSC::UnlinkedCodeBlock::stringSwitchJumpTable): Deleted. (JSC::UnlinkedCodeBlock::addFunctionDecl): Deleted. (JSC::UnlinkedCodeBlock::functionDecl): Deleted. (JSC::UnlinkedCodeBlock::numberOfFunctionDecls): Deleted. (JSC::UnlinkedCodeBlock::addFunctionExpr): Deleted. (JSC::UnlinkedCodeBlock::functionExpr): Deleted. (JSC::UnlinkedCodeBlock::numberOfFunctionExprs): Deleted. (JSC::UnlinkedCodeBlock::numberOfExceptionHandlers): Deleted. (JSC::UnlinkedCodeBlock::addExceptionHandler): Deleted. (JSC::UnlinkedCodeBlock::exceptionHandler): Deleted. (JSC::UnlinkedCodeBlock::vm): Deleted. (JSC::UnlinkedCodeBlock::addArrayProfile): Deleted. (JSC::UnlinkedCodeBlock::numberOfArrayProfiles): Deleted. (JSC::UnlinkedCodeBlock::addArrayAllocationProfile): Deleted. (JSC::UnlinkedCodeBlock::numberOfArrayAllocationProfiles): Deleted. (JSC::UnlinkedCodeBlock::addObjectAllocationProfile): Deleted. (JSC::UnlinkedCodeBlock::numberOfObjectAllocationProfiles): Deleted. (JSC::UnlinkedCodeBlock::addValueProfile): Deleted. (JSC::UnlinkedCodeBlock::numberOfValueProfiles): Deleted. (JSC::UnlinkedCodeBlock::addLLIntCallLinkInfo): Deleted. (JSC::UnlinkedCodeBlock::numberOfLLintCallLinkInfos): Deleted. (JSC::UnlinkedCodeBlock::codeType): Deleted. (JSC::UnlinkedCodeBlock::thisRegister): Deleted. (JSC::UnlinkedCodeBlock::scopeRegister): Deleted. (JSC::UnlinkedCodeBlock::activationRegister): Deleted. (JSC::UnlinkedCodeBlock::hasActivationRegister): Deleted. (JSC::UnlinkedCodeBlock::addPropertyAccessInstruction): Deleted. (JSC::UnlinkedCodeBlock::numberOfPropertyAccessInstructions): Deleted. (JSC::UnlinkedCodeBlock::propertyAccessInstructions): Deleted. (JSC::UnlinkedCodeBlock::constantBufferCount): Deleted. (JSC::UnlinkedCodeBlock::addConstantBuffer): Deleted. (JSC::UnlinkedCodeBlock::constantBuffer): Deleted. (JSC::UnlinkedCodeBlock::hasRareData): Deleted. (JSC::UnlinkedCodeBlock::recordParse): Deleted. (JSC::UnlinkedCodeBlock::codeFeatures): Deleted. (JSC::UnlinkedCodeBlock::hasCapturedVariables): Deleted. (JSC::UnlinkedCodeBlock::firstLine): Deleted. (JSC::UnlinkedCodeBlock::lineCount): Deleted. (JSC::UnlinkedCodeBlock::startColumn): Deleted. (JSC::UnlinkedCodeBlock::endColumn): Deleted. (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): Deleted. (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets): Deleted. (JSC::UnlinkedCodeBlock::finishCreation): Deleted. (JSC::UnlinkedCodeBlock::createRareDataIfNecessary): Deleted. (JSC::UnlinkedGlobalCodeBlock::UnlinkedGlobalCodeBlock): Deleted. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::generateFunctionCodeBlock): Deleted. (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): Deleted. (JSC::UnlinkedFunctionExecutable::visitChildren): Deleted. (JSC::UnlinkedFunctionExecutable::link): Deleted. (JSC::UnlinkedFunctionExecutable::fromGlobalCode): Deleted. (JSC::UnlinkedFunctionExecutable::codeBlockFor): Deleted. * bytecode/UnlinkedCodeBlock.h: (JSC::ExecutableInfo::ExecutableInfo): Deleted. (JSC::ExecutableInfo::needsActivation): Deleted. (JSC::ExecutableInfo::usesEval): Deleted. (JSC::ExecutableInfo::isStrictMode): Deleted. (JSC::ExecutableInfo::isConstructor): Deleted. (JSC::ExecutableInfo::isBuiltinFunction): Deleted. (JSC::ExecutableInfo::constructorKind): Deleted. * bytecode/UnlinkedFunctionExecutable.cpp: Copied from Source/JavaScriptCore/bytecode/UnlinkedCodeBlock.cpp. (JSC::generateFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::codeBlockFor): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): Deleted. (JSC::UnlinkedCodeBlock::visitChildren): Deleted. (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::UnlinkedCodeBlock::getLineAndColumn): Deleted. (JSC::dumpLineColumnEntry): Deleted. (JSC::UnlinkedCodeBlock::dumpExpressionRangeInfo): Deleted. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): Deleted. (JSC::UnlinkedCodeBlock::addExpressionInfo): Deleted. (JSC::UnlinkedCodeBlock::typeProfilerExpressionInfoForBytecodeOffset): Deleted. (JSC::UnlinkedCodeBlock::addTypeProfilerExpressionInfo): Deleted. (JSC::UnlinkedProgramCodeBlock::visitChildren): Deleted. (JSC::UnlinkedCodeBlock::~UnlinkedCodeBlock): Deleted. (JSC::UnlinkedProgramCodeBlock::destroy): Deleted. (JSC::UnlinkedEvalCodeBlock::destroy): Deleted. (JSC::UnlinkedFunctionCodeBlock::destroy): Deleted. (JSC::UnlinkedFunctionExecutable::destroy): Deleted. (JSC::UnlinkedCodeBlock::setInstructions): Deleted. (JSC::UnlinkedCodeBlock::instructions): Deleted. * bytecode/UnlinkedFunctionExecutable.h: Copied from Source/JavaScriptCore/bytecode/UnlinkedCodeBlock.h. (JSC::ExecutableInfo::ExecutableInfo): Deleted. (JSC::ExecutableInfo::needsActivation): Deleted. (JSC::ExecutableInfo::usesEval): Deleted. (JSC::ExecutableInfo::isStrictMode): Deleted. (JSC::ExecutableInfo::isConstructor): Deleted. (JSC::ExecutableInfo::isBuiltinFunction): Deleted. (JSC::ExecutableInfo::constructorKind): Deleted. (JSC::UnlinkedStringJumpTable::offsetForValue): Deleted. (JSC::UnlinkedSimpleJumpTable::add): Deleted. (JSC::UnlinkedInstruction::UnlinkedInstruction): Deleted. (JSC::UnlinkedCodeBlock::isConstructor): Deleted. (JSC::UnlinkedCodeBlock::isStrictMode): Deleted. (JSC::UnlinkedCodeBlock::usesEval): Deleted. (JSC::UnlinkedCodeBlock::needsFullScopeChain): Deleted. (JSC::UnlinkedCodeBlock::hasExpressionInfo): Deleted. (JSC::UnlinkedCodeBlock::setThisRegister): Deleted. (JSC::UnlinkedCodeBlock::setScopeRegister): Deleted. (JSC::UnlinkedCodeBlock::setActivationRegister): Deleted. (JSC::UnlinkedCodeBlock::usesGlobalObject): Deleted. (JSC::UnlinkedCodeBlock::setGlobalObjectRegister): Deleted. (JSC::UnlinkedCodeBlock::globalObjectRegister): Deleted. (JSC::UnlinkedCodeBlock::setNumParameters): Deleted. (JSC::UnlinkedCodeBlock::addParameter): Deleted. (JSC::UnlinkedCodeBlock::numParameters): Deleted. (JSC::UnlinkedCodeBlock::addRegExp): Deleted. (JSC::UnlinkedCodeBlock::numberOfRegExps): Deleted. (JSC::UnlinkedCodeBlock::regexp): Deleted. (JSC::UnlinkedCodeBlock::numberOfIdentifiers): Deleted. (JSC::UnlinkedCodeBlock::addIdentifier): Deleted. (JSC::UnlinkedCodeBlock::identifier): Deleted. (JSC::UnlinkedCodeBlock::identifiers): Deleted. (JSC::UnlinkedCodeBlock::addConstant): Deleted. (JSC::UnlinkedCodeBlock::registerIndexForLinkTimeConstant): Deleted. (JSC::UnlinkedCodeBlock::constantRegisters): Deleted. (JSC::UnlinkedCodeBlock::constantRegister): Deleted. (JSC::UnlinkedCodeBlock::isConstantRegisterIndex): Deleted. (JSC::UnlinkedCodeBlock::constantsSourceCodeRepresentation): Deleted. (JSC::UnlinkedCodeBlock::numberOfJumpTargets): Deleted. (JSC::UnlinkedCodeBlock::addJumpTarget): Deleted. (JSC::UnlinkedCodeBlock::jumpTarget): Deleted. (JSC::UnlinkedCodeBlock::lastJumpTarget): Deleted. (JSC::UnlinkedCodeBlock::isBuiltinFunction): Deleted. (JSC::UnlinkedCodeBlock::constructorKind): Deleted. (JSC::UnlinkedCodeBlock::shrinkToFit): Deleted. (JSC::UnlinkedCodeBlock::numberOfSwitchJumpTables): Deleted. (JSC::UnlinkedCodeBlock::addSwitchJumpTable): Deleted. (JSC::UnlinkedCodeBlock::switchJumpTable): Deleted. (JSC::UnlinkedCodeBlock::numberOfStringSwitchJumpTables): Deleted. (JSC::UnlinkedCodeBlock::addStringSwitchJumpTable): Deleted. (JSC::UnlinkedCodeBlock::stringSwitchJumpTable): Deleted. (JSC::UnlinkedCodeBlock::addFunctionDecl): Deleted. (JSC::UnlinkedCodeBlock::functionDecl): Deleted. (JSC::UnlinkedCodeBlock::numberOfFunctionDecls): Deleted. (JSC::UnlinkedCodeBlock::addFunctionExpr): Deleted. (JSC::UnlinkedCodeBlock::functionExpr): Deleted. (JSC::UnlinkedCodeBlock::numberOfFunctionExprs): Deleted. (JSC::UnlinkedCodeBlock::numberOfExceptionHandlers): Deleted. (JSC::UnlinkedCodeBlock::addExceptionHandler): Deleted. (JSC::UnlinkedCodeBlock::exceptionHandler): Deleted. (JSC::UnlinkedCodeBlock::vm): Deleted. (JSC::UnlinkedCodeBlock::addArrayProfile): Deleted. (JSC::UnlinkedCodeBlock::numberOfArrayProfiles): Deleted. (JSC::UnlinkedCodeBlock::addArrayAllocationProfile): Deleted. (JSC::UnlinkedCodeBlock::numberOfArrayAllocationProfiles): Deleted. (JSC::UnlinkedCodeBlock::addObjectAllocationProfile): Deleted. (JSC::UnlinkedCodeBlock::numberOfObjectAllocationProfiles): Deleted. (JSC::UnlinkedCodeBlock::addValueProfile): Deleted. (JSC::UnlinkedCodeBlock::numberOfValueProfiles): Deleted. (JSC::UnlinkedCodeBlock::addLLIntCallLinkInfo): Deleted. (JSC::UnlinkedCodeBlock::numberOfLLintCallLinkInfos): Deleted. (JSC::UnlinkedCodeBlock::codeType): Deleted. (JSC::UnlinkedCodeBlock::thisRegister): Deleted. (JSC::UnlinkedCodeBlock::scopeRegister): Deleted. (JSC::UnlinkedCodeBlock::activationRegister): Deleted. (JSC::UnlinkedCodeBlock::hasActivationRegister): Deleted. (JSC::UnlinkedCodeBlock::addPropertyAccessInstruction): Deleted. (JSC::UnlinkedCodeBlock::numberOfPropertyAccessInstructions): Deleted. (JSC::UnlinkedCodeBlock::propertyAccessInstructions): Deleted. (JSC::UnlinkedCodeBlock::constantBufferCount): Deleted. (JSC::UnlinkedCodeBlock::addConstantBuffer): Deleted. (JSC::UnlinkedCodeBlock::constantBuffer): Deleted. (JSC::UnlinkedCodeBlock::hasRareData): Deleted. (JSC::UnlinkedCodeBlock::recordParse): Deleted. (JSC::UnlinkedCodeBlock::codeFeatures): Deleted. (JSC::UnlinkedCodeBlock::hasCapturedVariables): Deleted. (JSC::UnlinkedCodeBlock::firstLine): Deleted. (JSC::UnlinkedCodeBlock::lineCount): Deleted. (JSC::UnlinkedCodeBlock::startColumn): Deleted. (JSC::UnlinkedCodeBlock::endColumn): Deleted. (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): Deleted. (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets): Deleted. (JSC::UnlinkedCodeBlock::finishCreation): Deleted. (JSC::UnlinkedCodeBlock::createRareDataIfNecessary): Deleted. (JSC::UnlinkedGlobalCodeBlock::UnlinkedGlobalCodeBlock): Deleted. * runtime/Executable.h: Canonical link: https://commits.webkit.org/165967@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@188242 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2015-08-11 01:26:30 +00:00
#include "ExecutableInfo.h"
New bytecode format for JSC https://bugs.webkit.org/show_bug.cgi?id=187373 <rdar://problem/44186758> Reviewed by Filip Pizlo. .: Disable JIT by default on 32-bit platforms * Source/cmake/WebKitFeatures.cmake: JSTests: Add tests to ensure that the inferred inline capacity for a narrow op_new_object will be capped at 255. * stress/maximum-inline-capacity.js: Added. (test1): (test3.Foo): (test3): Source/JavaScriptCore: Replace unlinked and linked bytecode with a new immutable bytecode that does not embed any addresses. Instructions can be encoded as narrow (1-byte operands) or wide (4-byte operands) and might contain an extra operand, the metadataID. The metadataID is used to access the instruction's mutable data in a side table in the CodeBlock (the MetadataTable). Bytecodes now must be structs declared in the new BytecodeList.rb. All bytecodes give names and types to all its operands. Additionally, reading a bytecode from the instruction stream requires decoding the whole bytecode, i.e. it's no longer possible to access arbitrary operands directly from the stream. * CMakeLists.txt: * DerivedSources.make: * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * assembler/MacroAssemblerCodeRef.h: (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): * bytecode/ArithProfile.h: (JSC::ArithProfile::ArithProfile): * bytecode/ArrayAllocationProfile.h: (JSC::ArrayAllocationProfile::ArrayAllocationProfile): * bytecode/ArrayProfile.h: * bytecode/BytecodeBasicBlock.cpp: (JSC::isJumpTarget): (JSC::BytecodeBasicBlock::computeImpl): (JSC::BytecodeBasicBlock::compute): * bytecode/BytecodeBasicBlock.h: (JSC::BytecodeBasicBlock::leaderOffset const): (JSC::BytecodeBasicBlock::totalLength const): (JSC::BytecodeBasicBlock::offsets const): (JSC::BytecodeBasicBlock::BytecodeBasicBlock): (JSC::BytecodeBasicBlock::addLength): * bytecode/BytecodeDumper.cpp: (JSC::BytecodeDumper<Block>::printLocationAndOp): (JSC::BytecodeDumper<Block>::dumpBytecode): (JSC::BytecodeDumper<Block>::dumpIdentifiers): (JSC::BytecodeDumper<Block>::dumpConstants): (JSC::BytecodeDumper<Block>::dumpExceptionHandlers): (JSC::BytecodeDumper<Block>::dumpSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpStringSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpBlock): * bytecode/BytecodeDumper.h: (JSC::BytecodeDumper::dumpOperand): (JSC::BytecodeDumper::dumpValue): (JSC::BytecodeDumper::BytecodeDumper): (JSC::BytecodeDumper::block const): * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::enterPoint const): (JSC::BytecodeGeneratorification::instructions const): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): (JSC::performGeneratorification): * bytecode/BytecodeGeneratorification.h: * bytecode/BytecodeGraph.h: (JSC::BytecodeGraph::blockContainsBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockForBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockWithLeaderOffset): (JSC::BytecodeGraph::BytecodeGraph): * bytecode/BytecodeKills.h: * bytecode/BytecodeList.json: Removed. * bytecode/BytecodeList.rb: Added. * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::dumpResults): * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::isValidRegisterForLiveness): (JSC::BytecodeLivenessPropagation::stepOverInstruction): * bytecode/BytecodeRewriter.cpp: (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): (JSC::BytecodeRewriter::insertImpl): (JSC::BytecodeRewriter::adjustJumpTarget): (JSC::BytecodeRewriter::adjustJumpTargets): * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::InsertionPoint::InsertionPoint): (JSC::BytecodeRewriter::Fragment::Fragment): (JSC::BytecodeRewriter::Fragment::appendInstruction): (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::insertFragmentBefore): (JSC::BytecodeRewriter::insertFragmentAfter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::adjustAbsoluteOffset): (JSC::BytecodeRewriter::adjustJumpTarget): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::estimatedSize): (JSC::CodeBlock::visitChildren): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::finalizeLLIntInlineCaches): (JSC::CodeBlock::addJITAddIC): (JSC::CodeBlock::addJITMulIC): (JSC::CodeBlock::addJITSubIC): (JSC::CodeBlock::addJITNegIC): (JSC::CodeBlock::stronglyVisitStrongReferences): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::updateAllArrayPredictions): (JSC::CodeBlock::predictedMachineCodeSize): (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): (JSC::CodeBlock::valueProfileForBytecodeOffset): (JSC::CodeBlock::validate): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::outOfLineJumpTarget): (JSC::CodeBlock::arithProfileForBytecodeOffset): (JSC::CodeBlock::arithProfileForPC): (JSC::CodeBlock::couldTakeSpecialFastCase): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: (JSC::CodeBlock::addMathIC): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::bytecodeOffset): (JSC::CodeBlock::instructions const): (JSC::CodeBlock::instructionCount const): (JSC::CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters): (JSC::CodeBlock::metadata): (JSC::CodeBlock::metadataSizeInBytes): (JSC::CodeBlock::numberOfNonArgumentValueProfiles): (JSC::CodeBlock::totalNumberOfValueProfiles): * bytecode/CodeBlockInlines.h: Added. (JSC::CodeBlock::forEachValueProfile): (JSC::CodeBlock::forEachArrayProfile): (JSC::CodeBlock::forEachArrayAllocationProfile): (JSC::CodeBlock::forEachObjectAllocationProfile): (JSC::CodeBlock::forEachLLIntCallLinkInfo): * bytecode/Fits.h: Added. * bytecode/GetByIdMetadata.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): * bytecode/Instruction.h: (JSC::Instruction::Instruction): (JSC::Instruction::Impl::opcodeID const): (JSC::Instruction::opcodeID const): (JSC::Instruction::name const): (JSC::Instruction::isWide const): (JSC::Instruction::size const): (JSC::Instruction::is const): (JSC::Instruction::as const): (JSC::Instruction::cast): (JSC::Instruction::cast const): (JSC::Instruction::narrow const): (JSC::Instruction::wide const): * bytecode/InstructionStream.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::InstructionStream::InstructionStream): (JSC::InstructionStream::sizeInBytes const): * bytecode/InstructionStream.h: Added. (JSC::InstructionStream::BaseRef::BaseRef): (JSC::InstructionStream::BaseRef::operator=): (JSC::InstructionStream::BaseRef::operator-> const): (JSC::InstructionStream::BaseRef::ptr const): (JSC::InstructionStream::BaseRef::operator!= const): (JSC::InstructionStream::BaseRef::next const): (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::isValid const): (JSC::InstructionStream::BaseRef::unwrap const): (JSC::InstructionStream::MutableRef::freeze const): (JSC::InstructionStream::MutableRef::operator->): (JSC::InstructionStream::MutableRef::ptr): (JSC::InstructionStream::MutableRef::operator Ref): (JSC::InstructionStream::MutableRef::unwrap): (JSC::InstructionStream::iterator::operator*): (JSC::InstructionStream::iterator::operator++): (JSC::InstructionStream::begin const): (JSC::InstructionStream::end const): (JSC::InstructionStream::at const): (JSC::InstructionStream::size const): (JSC::InstructionStreamWriter::InstructionStreamWriter): (JSC::InstructionStreamWriter::ref): (JSC::InstructionStreamWriter::seek): (JSC::InstructionStreamWriter::position): (JSC::InstructionStreamWriter::write): (JSC::InstructionStreamWriter::rewind): (JSC::InstructionStreamWriter::finalize): (JSC::InstructionStreamWriter::swap): (JSC::InstructionStreamWriter::iterator::operator*): (JSC::InstructionStreamWriter::iterator::operator++): (JSC::InstructionStreamWriter::begin): (JSC::InstructionStreamWriter::end): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp: (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::LLIntPrototypeLoadAdaptiveStructureWatchpoint): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::clearLLIntGetByIdCache): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h: * bytecode/MetadataTable.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::MetadataTable::MetadataTable): (JSC::DeallocTable::withOpcodeType): (JSC::MetadataTable::~MetadataTable): (JSC::MetadataTable::sizeInBytes): * bytecode/MetadataTable.h: Copied from Source/JavaScriptCore/runtime/Watchdog.h. (JSC::MetadataTable::get): (JSC::MetadataTable::forEach): (JSC::MetadataTable::getImpl): * bytecode/Opcode.cpp: (JSC::metadataSize): * bytecode/Opcode.h: (JSC::padOpcodeName): * bytecode/OpcodeInlines.h: (JSC::isOpcodeShape): (JSC::getOpcodeType): * bytecode/OpcodeSize.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecode/PreciseJumpTargets.cpp: (JSC::getJumpTargetsForInstruction): (JSC::computePreciseJumpTargetsInternal): (JSC::computePreciseJumpTargets): (JSC::recomputePreciseJumpTargets): (JSC::findJumpTargetsForInstruction): * bytecode/PreciseJumpTargets.h: * bytecode/PreciseJumpTargetsInlines.h: (JSC::jumpTargetForInstruction): (JSC::extractStoredJumpTargetsForInstruction): (JSC::updateStoredJumpTargetsForInstruction): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): * bytecode/SpecialPointer.cpp: (WTF::printInternal): * bytecode/SpecialPointer.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::estimatedSize): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): (JSC::UnlinkedCodeBlock::setInstructions): (JSC::UnlinkedCodeBlock::instructions const): (JSC::UnlinkedCodeBlock::applyModification): (JSC::UnlinkedCodeBlock::addOutOfLineJumpTarget): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::addPropertyAccessInstruction): (JSC::UnlinkedCodeBlock::propertyAccessInstructions const): (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const): (JSC::UnlinkedCodeBlock::metadata): (JSC::UnlinkedCodeBlock::metadataSizeInBytes): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): (JSC::UnlinkedCodeBlock::replaceOutOfLineJumpTargets): * bytecode/UnlinkedInstructionStream.cpp: Removed. * bytecode/UnlinkedInstructionStream.h: Removed. * bytecode/UnlinkedMetadataTable.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/UnlinkedMetadataTableInlines.h: Added. (JSC::UnlinkedMetadataTable::UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::~UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::addEntry): (JSC::UnlinkedMetadataTable::sizeInBytes): (JSC::UnlinkedMetadataTable::finalize): (JSC::UnlinkedMetadataTable::link): (JSC::UnlinkedMetadataTable::unlink): * bytecode/VirtualRegister.cpp: (JSC::VirtualRegister::VirtualRegister): * bytecode/VirtualRegister.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::Label::setLocation): (JSC::Label::bind): (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeVarLexicalEnvironment): (JSC::BytecodeGenerator::emitEnter): (JSC::BytecodeGenerator::emitLoopHint): (JSC::BytecodeGenerator::emitJump): (JSC::BytecodeGenerator::emitCheckTraps): (JSC::BytecodeGenerator::rewind): (JSC::BytecodeGenerator::fuseCompareAndJump): (JSC::BytecodeGenerator::fuseTestAndJmp): (JSC::BytecodeGenerator::emitJumpIfTrue): (JSC::BytecodeGenerator::emitJumpIfFalse): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::moveLinkTimeConstant): (JSC::BytecodeGenerator::moveEmptyValue): (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::emitBinaryOp): (JSC::BytecodeGenerator::emitToObject): (JSC::BytecodeGenerator::emitToNumber): (JSC::BytecodeGenerator::emitToString): (JSC::BytecodeGenerator::emitTypeOf): (JSC::BytecodeGenerator::emitInc): (JSC::BytecodeGenerator::emitDec): (JSC::BytecodeGenerator::emitEqualityOp): (JSC::BytecodeGenerator::emitProfileType): (JSC::BytecodeGenerator::emitProfileControlFlow): (JSC::BytecodeGenerator::pushLexicalScopeInternal): (JSC::BytecodeGenerator::emitResolveScopeForHoistingFuncDeclInEval): (JSC::BytecodeGenerator::prepareLexicalScopeForNextForLoopIteration): (JSC::BytecodeGenerator::emitOverridesHasInstance): (JSC::BytecodeGenerator::emitResolveScope): (JSC::BytecodeGenerator::emitGetFromScope): (JSC::BytecodeGenerator::emitPutToScope): (JSC::BytecodeGenerator::emitInstanceOf): (JSC::BytecodeGenerator::emitInstanceOfCustom): (JSC::BytecodeGenerator::emitInByVal): (JSC::BytecodeGenerator::emitInById): (JSC::BytecodeGenerator::emitTryGetById): (JSC::BytecodeGenerator::emitGetById): (JSC::BytecodeGenerator::emitDirectGetById): (JSC::BytecodeGenerator::emitPutById): (JSC::BytecodeGenerator::emitDirectPutById): (JSC::BytecodeGenerator::emitPutGetterById): (JSC::BytecodeGenerator::emitPutSetterById): (JSC::BytecodeGenerator::emitPutGetterSetter): (JSC::BytecodeGenerator::emitPutGetterByVal): (JSC::BytecodeGenerator::emitPutSetterByVal): (JSC::BytecodeGenerator::emitDeleteById): (JSC::BytecodeGenerator::emitGetByVal): (JSC::BytecodeGenerator::emitPutByVal): (JSC::BytecodeGenerator::emitDirectPutByVal): (JSC::BytecodeGenerator::emitDeleteByVal): (JSC::BytecodeGenerator::emitSuperSamplerBegin): (JSC::BytecodeGenerator::emitSuperSamplerEnd): (JSC::BytecodeGenerator::emitIdWithProfile): (JSC::BytecodeGenerator::emitUnreachable): (JSC::BytecodeGenerator::emitGetArgument): (JSC::BytecodeGenerator::emitCreateThis): (JSC::BytecodeGenerator::emitTDZCheck): (JSC::BytecodeGenerator::emitNewObject): (JSC::BytecodeGenerator::emitNewArrayBuffer): (JSC::BytecodeGenerator::emitNewArray): (JSC::BytecodeGenerator::emitNewArrayWithSpread): (JSC::BytecodeGenerator::emitNewArrayWithSize): (JSC::BytecodeGenerator::emitNewRegExp): (JSC::BytecodeGenerator::emitNewFunctionExpressionCommon): (JSC::BytecodeGenerator::emitNewDefaultConstructor): (JSC::BytecodeGenerator::emitNewFunction): (JSC::BytecodeGenerator::emitSetFunctionNameIfNeeded): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitCallInTailPosition): (JSC::BytecodeGenerator::emitCallEval): (JSC::BytecodeGenerator::emitExpectedFunctionSnippet): (JSC::BytecodeGenerator::emitCallVarargs): (JSC::BytecodeGenerator::emitCallVarargsInTailPosition): (JSC::BytecodeGenerator::emitConstructVarargs): (JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition): (JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary): (JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary): (JSC::BytecodeGenerator::emitCallDefineProperty): (JSC::BytecodeGenerator::emitReturn): (JSC::BytecodeGenerator::emitEnd): (JSC::BytecodeGenerator::emitConstruct): (JSC::BytecodeGenerator::emitStrcat): (JSC::BytecodeGenerator::emitToPrimitive): (JSC::BytecodeGenerator::emitGetScope): (JSC::BytecodeGenerator::emitPushWithScope): (JSC::BytecodeGenerator::emitGetParentScope): (JSC::BytecodeGenerator::emitDebugHook): (JSC::BytecodeGenerator::emitCatch): (JSC::BytecodeGenerator::emitThrow): (JSC::BytecodeGenerator::emitArgumentCount): (JSC::BytecodeGenerator::emitThrowStaticError): (JSC::BytecodeGenerator::beginSwitch): (JSC::prepareJumpTableForSwitch): (JSC::prepareJumpTableForStringSwitch): (JSC::BytecodeGenerator::endSwitch): (JSC::BytecodeGenerator::emitGetEnumerableLength): (JSC::BytecodeGenerator::emitHasGenericProperty): (JSC::BytecodeGenerator::emitHasIndexedProperty): (JSC::BytecodeGenerator::emitHasStructureProperty): (JSC::BytecodeGenerator::emitGetPropertyEnumerator): (JSC::BytecodeGenerator::emitEnumeratorStructurePropertyName): (JSC::BytecodeGenerator::emitEnumeratorGenericPropertyName): (JSC::BytecodeGenerator::emitToIndexString): (JSC::BytecodeGenerator::emitIsCellWithType): (JSC::BytecodeGenerator::emitIsObject): (JSC::BytecodeGenerator::emitIsNumber): (JSC::BytecodeGenerator::emitIsUndefined): (JSC::BytecodeGenerator::emitIsEmpty): (JSC::BytecodeGenerator::emitRestParameter): (JSC::BytecodeGenerator::emitRequireObjectCoercible): (JSC::BytecodeGenerator::emitYieldPoint): (JSC::BytecodeGenerator::emitYield): (JSC::BytecodeGenerator::emitGetAsyncIterator): (JSC::BytecodeGenerator::emitDelegateYield): (JSC::BytecodeGenerator::emitFinallyCompletion): (JSC::BytecodeGenerator::emitJumpIf): (JSC::ForInContext::finalize): (JSC::StructureForInContext::finalize): (JSC::IndexedForInContext::finalize): (JSC::StaticPropertyAnalysis::record): (JSC::BytecodeGenerator::emitToThis): * bytecompiler/BytecodeGenerator.h: (JSC::StructureForInContext::addGetInst): (JSC::BytecodeGenerator::recordOpcode): (JSC::BytecodeGenerator::addMetadataFor): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::kill): (JSC::BytecodeGenerator::instructions const): (JSC::BytecodeGenerator::write): (JSC::BytecodeGenerator::withWriter): * bytecompiler/Label.h: (JSC::Label::Label): (JSC::Label::bind): * bytecompiler/NodesCodegen.cpp: (JSC::ArrayNode::emitBytecode): (JSC::BytecodeIntrinsicNode::emit_intrinsic_argumentCount): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::BitwiseNotNode::emitBytecode): (JSC::BinaryOpNode::emitBytecode): (JSC::EqualNode::emitBytecode): (JSC::StrictEqualNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ForInNode::emitBytecode): (JSC::CaseBlockNode::emitBytecodeForBlock): (JSC::FunctionNode::emitBytecode): (JSC::ClassExprNode::emitBytecode): * bytecompiler/ProfileTypeBytecodeFlag.cpp: Copied from Source/JavaScriptCore/bytecode/VirtualRegister.cpp. (WTF::printInternal): * bytecompiler/ProfileTypeBytecodeFlag.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecompiler/RegisterID.h: * bytecompiler/StaticPropertyAnalysis.h: (JSC::StaticPropertyAnalysis::create): (JSC::StaticPropertyAnalysis::StaticPropertyAnalysis): * bytecompiler/StaticPropertyAnalyzer.h: (JSC::StaticPropertyAnalyzer::createThis): (JSC::StaticPropertyAnalyzer::newObject): (JSC::StaticPropertyAnalyzer::putById): (JSC::StaticPropertyAnalyzer::mov): (JSC::StaticPropertyAnalyzer::kill): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleVarargsCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleVarargsInlining): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::handleMinMax): (JSC::DFG::ByteCodeParser::handleIntrinsicCall): (JSC::DFG::ByteCodeParser::handleDOMJITCall): (JSC::DFG::ByteCodeParser::handleIntrinsicGetter): (JSC::DFG::ByteCodeParser::handleDOMJITGetter): (JSC::DFG::ByteCodeParser::handleModuleNamespaceLoad): (JSC::DFG::ByteCodeParser::handleTypedArrayConstructor): (JSC::DFG::ByteCodeParser::handleConstantInternalFunction): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseGetById): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::handlePutByVal): (JSC::DFG::ByteCodeParser::handlePutAccessorById): (JSC::DFG::ByteCodeParser::handlePutAccessorByVal): (JSC::DFG::ByteCodeParser::handleNewFunc): (JSC::DFG::ByteCodeParser::handleNewFuncExp): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCapabilities.cpp: (JSC::DFG::capabilityLevel): * dfg/DFGCapabilities.h: (JSC::DFG::capabilityLevel): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareCatchOSREntry): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileArithMul): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileUnaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileBinaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileArithMul): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOperations.cpp: (JSC::FTL::operationMaterializeObjectInOSR): * generate-bytecode-files: Removed. * generator/Argument.rb: Added. * generator/Assertion.rb: Added. * generator/DSL.rb: Added. * generator/Fits.rb: Added. * generator/GeneratedFile.rb: Added. * generator/Metadata.rb: Added. * generator/Opcode.rb: Added. * generator/OpcodeGroup.rb: Added. * generator/Options.rb: Added. * generator/Section.rb: Added. * generator/Template.rb: Added. * generator/Type.rb: Added. * generator/main.rb: Added. * interpreter/AbstractPC.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::currentVPC const): (JSC::CallFrame::setCurrentVPC): * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::ExecState::setReturnPC): * interpreter/Interpreter.cpp: (WTF::printInternal): * interpreter/Interpreter.h: * interpreter/InterpreterInlines.h: * interpreter/StackVisitor.cpp: (JSC::StackVisitor::Frame::dump const): * interpreter/VMEntryRecord.h: * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitSlowCaseCall): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): * jit/JIT.h: * jit/JITArithmetic.cpp: (JSC::JIT::emit_op_jless): (JSC::JIT::emit_op_jlesseq): (JSC::JIT::emit_op_jgreater): (JSC::JIT::emit_op_jgreatereq): (JSC::JIT::emit_op_jnless): (JSC::JIT::emit_op_jnlesseq): (JSC::JIT::emit_op_jngreater): (JSC::JIT::emit_op_jngreatereq): (JSC::JIT::emitSlow_op_jless): (JSC::JIT::emitSlow_op_jlesseq): (JSC::JIT::emitSlow_op_jgreater): (JSC::JIT::emitSlow_op_jgreatereq): (JSC::JIT::emitSlow_op_jnless): (JSC::JIT::emitSlow_op_jnlesseq): (JSC::JIT::emitSlow_op_jngreater): (JSC::JIT::emitSlow_op_jngreatereq): (JSC::JIT::emit_op_below): (JSC::JIT::emit_op_beloweq): (JSC::JIT::emit_op_jbelow): (JSC::JIT::emit_op_jbeloweq): (JSC::JIT::emit_op_unsigned): (JSC::JIT::emit_compareAndJump): (JSC::JIT::emit_compareUnsignedAndJump): (JSC::JIT::emit_compareUnsigned): (JSC::JIT::emit_compareAndJumpSlow): (JSC::JIT::emit_op_inc): (JSC::JIT::emit_op_dec): (JSC::JIT::emit_op_mod): (JSC::JIT::emitSlow_op_mod): (JSC::JIT::emit_op_negate): (JSC::JIT::emitSlow_op_negate): (JSC::JIT::emitBitBinaryOpFastPath): (JSC::JIT::emit_op_bitand): (JSC::JIT::emit_op_bitor): (JSC::JIT::emit_op_bitxor): (JSC::JIT::emit_op_lshift): (JSC::JIT::emitRightShiftFastPath): (JSC::JIT::emit_op_rshift): (JSC::JIT::emit_op_urshift): (JSC::getOperandTypes): (JSC::JIT::emit_op_add): (JSC::JIT::emitSlow_op_add): (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow): (JSC::JIT::emit_op_div): (JSC::JIT::emit_op_mul): (JSC::JIT::emitSlow_op_mul): (JSC::JIT::emit_op_sub): (JSC::JIT::emitSlow_op_sub): * jit/JITCall.cpp: (JSC::JIT::emitPutCallResult): (JSC::JIT::compileSetupFrame): (JSC::JIT::compileCallEval): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileTailCall): (JSC::JIT::compileOpCall): (JSC::JIT::compileOpCallSlowCase): (JSC::JIT::emit_op_call): (JSC::JIT::emit_op_tail_call): (JSC::JIT::emit_op_call_eval): (JSC::JIT::emit_op_call_varargs): (JSC::JIT::emit_op_tail_call_varargs): (JSC::JIT::emit_op_tail_call_forward_arguments): (JSC::JIT::emit_op_construct_varargs): (JSC::JIT::emit_op_construct): (JSC::JIT::emitSlow_op_call): (JSC::JIT::emitSlow_op_tail_call): (JSC::JIT::emitSlow_op_call_eval): (JSC::JIT::emitSlow_op_call_varargs): (JSC::JIT::emitSlow_op_tail_call_varargs): (JSC::JIT::emitSlow_op_tail_call_forward_arguments): (JSC::JIT::emitSlow_op_construct_varargs): (JSC::JIT::emitSlow_op_construct): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::JITDisassembler): * jit/JITExceptions.cpp: (JSC::genericUnwind): * jit/JITInlines.h: (JSC::JIT::emitDoubleGetByVal): (JSC::JIT::emitLoadForArrayMode): (JSC::JIT::emitContiguousGetByVal): (JSC::JIT::emitArrayStorageGetByVal): (JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile): (JSC::JIT::sampleInstruction): (JSC::JIT::emitValueProfilingSiteIfProfiledOpcode): (JSC::JIT::emitValueProfilingSite): (JSC::JIT::jumpTarget): (JSC::JIT::copiedGetPutInfo): (JSC::JIT::copiedArithProfile): * jit/JITMathIC.h: (JSC::isProfileEmpty): (JSC::JITBinaryMathIC::JITBinaryMathIC): (JSC::JITUnaryMathIC::JITUnaryMathIC): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_mov): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_jmp): (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_overrides_has_instance): (JSC::JIT::emit_op_instanceof): (JSC::JIT::emitSlow_op_instanceof): (JSC::JIT::emit_op_instanceof_custom): (JSC::JIT::emit_op_is_empty): (JSC::JIT::emit_op_is_undefined): (JSC::JIT::emit_op_is_boolean): (JSC::JIT::emit_op_is_number): (JSC::JIT::emit_op_is_cell_with_type): (JSC::JIT::emit_op_is_object): (JSC::JIT::emit_op_ret): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emit_op_set_function_name): (JSC::JIT::emit_op_not): (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jeq_null): (JSC::JIT::emit_op_jneq_null): (JSC::JIT::emit_op_jneq_ptr): (JSC::JIT::emit_op_eq): (JSC::JIT::emit_op_jeq): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_neq): (JSC::JIT::emit_op_jneq): (JSC::JIT::emit_op_throw): (JSC::JIT::compileOpStrictEq): (JSC::JIT::emit_op_stricteq): (JSC::JIT::emit_op_nstricteq): (JSC::JIT::compileOpStrictEqJump): (JSC::JIT::emit_op_jstricteq): (JSC::JIT::emit_op_jnstricteq): (JSC::JIT::emitSlow_op_jstricteq): (JSC::JIT::emitSlow_op_jnstricteq): (JSC::JIT::emit_op_to_number): (JSC::JIT::emit_op_to_string): (JSC::JIT::emit_op_to_object): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_identity_with_profile): (JSC::JIT::emit_op_get_parent_scope): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_debug): (JSC::JIT::emit_op_eq_null): (JSC::JIT::emit_op_neq_null): (JSC::JIT::emit_op_enter): (JSC::JIT::emit_op_get_scope): (JSC::JIT::emit_op_to_this): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_check_tdz): (JSC::JIT::emitSlow_op_eq): (JSC::JIT::emitSlow_op_neq): (JSC::JIT::emitSlow_op_jeq): (JSC::JIT::emitSlow_op_jneq): (JSC::JIT::emitSlow_op_instanceof_custom): (JSC::JIT::emit_op_loop_hint): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_check_traps): (JSC::JIT::emit_op_nop): (JSC::JIT::emit_op_super_sampler_begin): (JSC::JIT::emit_op_super_sampler_end): (JSC::JIT::emitSlow_op_check_traps): (JSC::JIT::emit_op_new_regexp): (JSC::JIT::emitNewFuncCommon): (JSC::JIT::emit_op_new_func): (JSC::JIT::emit_op_new_generator_func): (JSC::JIT::emit_op_new_async_generator_func): (JSC::JIT::emit_op_new_async_func): (JSC::JIT::emitNewFuncExprCommon): (JSC::JIT::emit_op_new_func_exp): (JSC::JIT::emit_op_new_generator_func_exp): (JSC::JIT::emit_op_new_async_func_exp): (JSC::JIT::emit_op_new_async_generator_func_exp): (JSC::JIT::emit_op_new_array): (JSC::JIT::emit_op_new_array_with_size): (JSC::JIT::emit_op_has_structure_property): (JSC::JIT::privateCompileHasIndexedProperty): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emitSlow_op_has_indexed_property): (JSC::JIT::emit_op_get_direct_pname): (JSC::JIT::emit_op_enumerator_structure_pname): (JSC::JIT::emit_op_enumerator_generic_pname): (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): (JSC::JIT::emit_op_profile_control_flow): (JSC::JIT::emit_op_argument_count): (JSC::JIT::emit_op_get_rest_length): (JSC::JIT::emit_op_get_argument): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_to_this): * jit/JITOperations.cpp: * jit/JITOperations.h: * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val_direct): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::emit_op_put_getter_by_id): (JSC::JIT::emit_op_put_setter_by_id): (JSC::JIT::emit_op_put_getter_setter_by_id): (JSC::JIT::emit_op_put_getter_by_val): (JSC::JIT::emit_op_put_setter_by_val): (JSC::JIT::emit_op_del_by_id): (JSC::JIT::emit_op_del_by_val): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emitSlow_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emitSlow_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emitSlow_op_get_by_id): (JSC::JIT::emitSlow_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emitSlow_op_put_by_id): (JSC::JIT::emit_op_in_by_id): (JSC::JIT::emitSlow_op_in_by_id): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emitSlow_op_put_to_scope): (JSC::JIT::emit_op_get_from_arguments): (JSC::JIT::emit_op_put_to_arguments): (JSC::JIT::privateCompileGetByVal): (JSC::JIT::privateCompileGetByValWithCachedId): (JSC::JIT::privateCompilePutByVal): (JSC::JIT::privateCompilePutByValWithCachedId): (JSC::JIT::emitDoubleLoad): (JSC::JIT::emitContiguousLoad): (JSC::JIT::emitArrayStorageLoad): (JSC::JIT::emitDirectArgumentsGetByVal): (JSC::JIT::emitScopedArgumentsGetByVal): (JSC::JIT::emitIntTypedArrayGetByVal): (JSC::JIT::emitFloatTypedArrayGetByVal): (JSC::JIT::emitIntTypedArrayPutByVal): (JSC::JIT::emitFloatTypedArrayPutByVal): * jit/RegisterSet.cpp: (JSC::RegisterSet::llintBaselineCalleeSaveRegisters): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::JITSlowPathCall): * llint/LLIntData.cpp: (JSC::LLInt::initialize): (JSC::LLInt::Data::performAssertions): * llint/LLIntData.h: (JSC::LLInt::exceptionInstructions): (JSC::LLInt::opcodeMap): (JSC::LLInt::opcodeMapWide): (JSC::LLInt::getOpcode): (JSC::LLInt::getOpcodeWide): (JSC::LLInt::getWideCodePtr): * llint/LLIntOffsetsExtractor.cpp: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::llint_trace_operand): (JSC::LLInt::llint_trace_value): (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::entryOSR): (JSC::LLInt::setupGetByIdPrototypeCache): (JSC::LLInt::getByVal): (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall): (JSC::LLInt::genericCall): (JSC::LLInt::varargsSetup): (JSC::LLInt::commonCallEval): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter.cpp: (JSC::CLoopRegister::operator const Instruction*): (JSC::CLoop::execute): * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * offlineasm/arm64.rb: * offlineasm/asm.rb: * offlineasm/ast.rb: * offlineasm/cloop.rb: * offlineasm/generate_offset_extractor.rb: * offlineasm/instructions.rb: * offlineasm/offsets.rb: * offlineasm/parser.rb: * offlineasm/transform.rb: * offlineasm/x86.rb: * parser/ResultType.h: (JSC::ResultType::dump const): (JSC::OperandTypes::first const): (JSC::OperandTypes::second const): (JSC::OperandTypes::dump const): * profiler/ProfilerBytecodeSequence.cpp: (JSC::Profiler::BytecodeSequence::BytecodeSequence): * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): (JSC::updateArithProfileForUnaryArithOp): (JSC::updateArithProfileForBinaryArithOp): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::tryCachePutToScopeGlobal): (JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal): * runtime/ExceptionFuzz.cpp: (JSC::doExceptionFuzzing): * runtime/ExceptionFuzz.h: (JSC::doExceptionFuzzingIfEnabled): * runtime/GetPutInfo.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::GetPutInfo::dump const): (WTF::printInternal): * runtime/GetPutInfo.h: (JSC::GetPutInfo::operand const): * runtime/JSCPoison.h: * runtime/JSType.cpp: Added. (WTF::printInternal): * runtime/JSType.h: * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::StackFrame::displayName): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::UnprocessedStackFrame::UnprocessedStackFrame): * runtime/SlowPathReturnType.h: (JSC::encodeResult): (JSC::decodeResult): * runtime/VM.h: * runtime/Watchdog.h: * tools/HeapVerifier.cpp: Source/WTF: * wtf/Forward.h: Fix WTF_LAZY_FOR_EACH_TERM on MSVC and add WTF_LAZY_HAS_REST to check whether a macro was passed multiple arguments * wtf/Platform.h: Force ENABLE_JIT=false on all 32-bit platforms * wtf/Vector.h: (WTF::minCapacity>::insertVector): Allow vectors with different overflow handlers to be passed to insertVector Tools: Do not force ENABLE_JIT=true when $forceCLoop is false. * Scripts/build-jsc: LayoutTests: Don't use recursion on `equal` to avoid premature stack overflows when testing deep arrays. * fast/dom/Window/resources/postmessage-test.js: Canonical link: https://commits.webkit.org/205839@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237547 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-10-29 13:16:03 +00:00
#include "InstructionStream.h"
REGRESSION(r261755): Win/Linux non-unified builds have hundreds of link failures https://bugs.webkit.org/show_bug.cgi?id=212111 Unreviewed build fix. * API/: * bindings/: * bytecode/: * bytecompiler/NodesCodegen.cpp: * debugger/: * dfg/: * heap/: * inspector/: * interpreter/: * jit/: * llint/LLIntEntrypoint.cpp: * parser/: * profiler/: * runtime/: Restore *Inlines.h includes for >300 files, but try to preserve the spirit of the original patch by pruning redundancies along the way. Canonical link: https://commits.webkit.org/224981@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@261895 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2020-05-19 23:56:00 +00:00
#include "JSCJSValueInlines.h"
New bytecode format for JSC https://bugs.webkit.org/show_bug.cgi?id=187373 <rdar://problem/44186758> Reviewed by Filip Pizlo. .: Disable JIT by default on 32-bit platforms * Source/cmake/WebKitFeatures.cmake: JSTests: Add tests to ensure that the inferred inline capacity for a narrow op_new_object will be capped at 255. * stress/maximum-inline-capacity.js: Added. (test1): (test3.Foo): (test3): Source/JavaScriptCore: Replace unlinked and linked bytecode with a new immutable bytecode that does not embed any addresses. Instructions can be encoded as narrow (1-byte operands) or wide (4-byte operands) and might contain an extra operand, the metadataID. The metadataID is used to access the instruction's mutable data in a side table in the CodeBlock (the MetadataTable). Bytecodes now must be structs declared in the new BytecodeList.rb. All bytecodes give names and types to all its operands. Additionally, reading a bytecode from the instruction stream requires decoding the whole bytecode, i.e. it's no longer possible to access arbitrary operands directly from the stream. * CMakeLists.txt: * DerivedSources.make: * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * assembler/MacroAssemblerCodeRef.h: (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): * bytecode/ArithProfile.h: (JSC::ArithProfile::ArithProfile): * bytecode/ArrayAllocationProfile.h: (JSC::ArrayAllocationProfile::ArrayAllocationProfile): * bytecode/ArrayProfile.h: * bytecode/BytecodeBasicBlock.cpp: (JSC::isJumpTarget): (JSC::BytecodeBasicBlock::computeImpl): (JSC::BytecodeBasicBlock::compute): * bytecode/BytecodeBasicBlock.h: (JSC::BytecodeBasicBlock::leaderOffset const): (JSC::BytecodeBasicBlock::totalLength const): (JSC::BytecodeBasicBlock::offsets const): (JSC::BytecodeBasicBlock::BytecodeBasicBlock): (JSC::BytecodeBasicBlock::addLength): * bytecode/BytecodeDumper.cpp: (JSC::BytecodeDumper<Block>::printLocationAndOp): (JSC::BytecodeDumper<Block>::dumpBytecode): (JSC::BytecodeDumper<Block>::dumpIdentifiers): (JSC::BytecodeDumper<Block>::dumpConstants): (JSC::BytecodeDumper<Block>::dumpExceptionHandlers): (JSC::BytecodeDumper<Block>::dumpSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpStringSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpBlock): * bytecode/BytecodeDumper.h: (JSC::BytecodeDumper::dumpOperand): (JSC::BytecodeDumper::dumpValue): (JSC::BytecodeDumper::BytecodeDumper): (JSC::BytecodeDumper::block const): * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::enterPoint const): (JSC::BytecodeGeneratorification::instructions const): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): (JSC::performGeneratorification): * bytecode/BytecodeGeneratorification.h: * bytecode/BytecodeGraph.h: (JSC::BytecodeGraph::blockContainsBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockForBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockWithLeaderOffset): (JSC::BytecodeGraph::BytecodeGraph): * bytecode/BytecodeKills.h: * bytecode/BytecodeList.json: Removed. * bytecode/BytecodeList.rb: Added. * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::dumpResults): * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::isValidRegisterForLiveness): (JSC::BytecodeLivenessPropagation::stepOverInstruction): * bytecode/BytecodeRewriter.cpp: (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): (JSC::BytecodeRewriter::insertImpl): (JSC::BytecodeRewriter::adjustJumpTarget): (JSC::BytecodeRewriter::adjustJumpTargets): * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::InsertionPoint::InsertionPoint): (JSC::BytecodeRewriter::Fragment::Fragment): (JSC::BytecodeRewriter::Fragment::appendInstruction): (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::insertFragmentBefore): (JSC::BytecodeRewriter::insertFragmentAfter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::adjustAbsoluteOffset): (JSC::BytecodeRewriter::adjustJumpTarget): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::estimatedSize): (JSC::CodeBlock::visitChildren): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::finalizeLLIntInlineCaches): (JSC::CodeBlock::addJITAddIC): (JSC::CodeBlock::addJITMulIC): (JSC::CodeBlock::addJITSubIC): (JSC::CodeBlock::addJITNegIC): (JSC::CodeBlock::stronglyVisitStrongReferences): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::updateAllArrayPredictions): (JSC::CodeBlock::predictedMachineCodeSize): (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): (JSC::CodeBlock::valueProfileForBytecodeOffset): (JSC::CodeBlock::validate): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::outOfLineJumpTarget): (JSC::CodeBlock::arithProfileForBytecodeOffset): (JSC::CodeBlock::arithProfileForPC): (JSC::CodeBlock::couldTakeSpecialFastCase): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: (JSC::CodeBlock::addMathIC): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::bytecodeOffset): (JSC::CodeBlock::instructions const): (JSC::CodeBlock::instructionCount const): (JSC::CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters): (JSC::CodeBlock::metadata): (JSC::CodeBlock::metadataSizeInBytes): (JSC::CodeBlock::numberOfNonArgumentValueProfiles): (JSC::CodeBlock::totalNumberOfValueProfiles): * bytecode/CodeBlockInlines.h: Added. (JSC::CodeBlock::forEachValueProfile): (JSC::CodeBlock::forEachArrayProfile): (JSC::CodeBlock::forEachArrayAllocationProfile): (JSC::CodeBlock::forEachObjectAllocationProfile): (JSC::CodeBlock::forEachLLIntCallLinkInfo): * bytecode/Fits.h: Added. * bytecode/GetByIdMetadata.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): * bytecode/Instruction.h: (JSC::Instruction::Instruction): (JSC::Instruction::Impl::opcodeID const): (JSC::Instruction::opcodeID const): (JSC::Instruction::name const): (JSC::Instruction::isWide const): (JSC::Instruction::size const): (JSC::Instruction::is const): (JSC::Instruction::as const): (JSC::Instruction::cast): (JSC::Instruction::cast const): (JSC::Instruction::narrow const): (JSC::Instruction::wide const): * bytecode/InstructionStream.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::InstructionStream::InstructionStream): (JSC::InstructionStream::sizeInBytes const): * bytecode/InstructionStream.h: Added. (JSC::InstructionStream::BaseRef::BaseRef): (JSC::InstructionStream::BaseRef::operator=): (JSC::InstructionStream::BaseRef::operator-> const): (JSC::InstructionStream::BaseRef::ptr const): (JSC::InstructionStream::BaseRef::operator!= const): (JSC::InstructionStream::BaseRef::next const): (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::isValid const): (JSC::InstructionStream::BaseRef::unwrap const): (JSC::InstructionStream::MutableRef::freeze const): (JSC::InstructionStream::MutableRef::operator->): (JSC::InstructionStream::MutableRef::ptr): (JSC::InstructionStream::MutableRef::operator Ref): (JSC::InstructionStream::MutableRef::unwrap): (JSC::InstructionStream::iterator::operator*): (JSC::InstructionStream::iterator::operator++): (JSC::InstructionStream::begin const): (JSC::InstructionStream::end const): (JSC::InstructionStream::at const): (JSC::InstructionStream::size const): (JSC::InstructionStreamWriter::InstructionStreamWriter): (JSC::InstructionStreamWriter::ref): (JSC::InstructionStreamWriter::seek): (JSC::InstructionStreamWriter::position): (JSC::InstructionStreamWriter::write): (JSC::InstructionStreamWriter::rewind): (JSC::InstructionStreamWriter::finalize): (JSC::InstructionStreamWriter::swap): (JSC::InstructionStreamWriter::iterator::operator*): (JSC::InstructionStreamWriter::iterator::operator++): (JSC::InstructionStreamWriter::begin): (JSC::InstructionStreamWriter::end): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp: (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::LLIntPrototypeLoadAdaptiveStructureWatchpoint): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::clearLLIntGetByIdCache): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h: * bytecode/MetadataTable.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::MetadataTable::MetadataTable): (JSC::DeallocTable::withOpcodeType): (JSC::MetadataTable::~MetadataTable): (JSC::MetadataTable::sizeInBytes): * bytecode/MetadataTable.h: Copied from Source/JavaScriptCore/runtime/Watchdog.h. (JSC::MetadataTable::get): (JSC::MetadataTable::forEach): (JSC::MetadataTable::getImpl): * bytecode/Opcode.cpp: (JSC::metadataSize): * bytecode/Opcode.h: (JSC::padOpcodeName): * bytecode/OpcodeInlines.h: (JSC::isOpcodeShape): (JSC::getOpcodeType): * bytecode/OpcodeSize.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecode/PreciseJumpTargets.cpp: (JSC::getJumpTargetsForInstruction): (JSC::computePreciseJumpTargetsInternal): (JSC::computePreciseJumpTargets): (JSC::recomputePreciseJumpTargets): (JSC::findJumpTargetsForInstruction): * bytecode/PreciseJumpTargets.h: * bytecode/PreciseJumpTargetsInlines.h: (JSC::jumpTargetForInstruction): (JSC::extractStoredJumpTargetsForInstruction): (JSC::updateStoredJumpTargetsForInstruction): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): * bytecode/SpecialPointer.cpp: (WTF::printInternal): * bytecode/SpecialPointer.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::estimatedSize): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): (JSC::UnlinkedCodeBlock::setInstructions): (JSC::UnlinkedCodeBlock::instructions const): (JSC::UnlinkedCodeBlock::applyModification): (JSC::UnlinkedCodeBlock::addOutOfLineJumpTarget): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::addPropertyAccessInstruction): (JSC::UnlinkedCodeBlock::propertyAccessInstructions const): (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const): (JSC::UnlinkedCodeBlock::metadata): (JSC::UnlinkedCodeBlock::metadataSizeInBytes): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): (JSC::UnlinkedCodeBlock::replaceOutOfLineJumpTargets): * bytecode/UnlinkedInstructionStream.cpp: Removed. * bytecode/UnlinkedInstructionStream.h: Removed. * bytecode/UnlinkedMetadataTable.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/UnlinkedMetadataTableInlines.h: Added. (JSC::UnlinkedMetadataTable::UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::~UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::addEntry): (JSC::UnlinkedMetadataTable::sizeInBytes): (JSC::UnlinkedMetadataTable::finalize): (JSC::UnlinkedMetadataTable::link): (JSC::UnlinkedMetadataTable::unlink): * bytecode/VirtualRegister.cpp: (JSC::VirtualRegister::VirtualRegister): * bytecode/VirtualRegister.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::Label::setLocation): (JSC::Label::bind): (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeVarLexicalEnvironment): (JSC::BytecodeGenerator::emitEnter): (JSC::BytecodeGenerator::emitLoopHint): (JSC::BytecodeGenerator::emitJump): (JSC::BytecodeGenerator::emitCheckTraps): (JSC::BytecodeGenerator::rewind): (JSC::BytecodeGenerator::fuseCompareAndJump): (JSC::BytecodeGenerator::fuseTestAndJmp): (JSC::BytecodeGenerator::emitJumpIfTrue): (JSC::BytecodeGenerator::emitJumpIfFalse): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::moveLinkTimeConstant): (JSC::BytecodeGenerator::moveEmptyValue): (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::emitBinaryOp): (JSC::BytecodeGenerator::emitToObject): (JSC::BytecodeGenerator::emitToNumber): (JSC::BytecodeGenerator::emitToString): (JSC::BytecodeGenerator::emitTypeOf): (JSC::BytecodeGenerator::emitInc): (JSC::BytecodeGenerator::emitDec): (JSC::BytecodeGenerator::emitEqualityOp): (JSC::BytecodeGenerator::emitProfileType): (JSC::BytecodeGenerator::emitProfileControlFlow): (JSC::BytecodeGenerator::pushLexicalScopeInternal): (JSC::BytecodeGenerator::emitResolveScopeForHoistingFuncDeclInEval): (JSC::BytecodeGenerator::prepareLexicalScopeForNextForLoopIteration): (JSC::BytecodeGenerator::emitOverridesHasInstance): (JSC::BytecodeGenerator::emitResolveScope): (JSC::BytecodeGenerator::emitGetFromScope): (JSC::BytecodeGenerator::emitPutToScope): (JSC::BytecodeGenerator::emitInstanceOf): (JSC::BytecodeGenerator::emitInstanceOfCustom): (JSC::BytecodeGenerator::emitInByVal): (JSC::BytecodeGenerator::emitInById): (JSC::BytecodeGenerator::emitTryGetById): (JSC::BytecodeGenerator::emitGetById): (JSC::BytecodeGenerator::emitDirectGetById): (JSC::BytecodeGenerator::emitPutById): (JSC::BytecodeGenerator::emitDirectPutById): (JSC::BytecodeGenerator::emitPutGetterById): (JSC::BytecodeGenerator::emitPutSetterById): (JSC::BytecodeGenerator::emitPutGetterSetter): (JSC::BytecodeGenerator::emitPutGetterByVal): (JSC::BytecodeGenerator::emitPutSetterByVal): (JSC::BytecodeGenerator::emitDeleteById): (JSC::BytecodeGenerator::emitGetByVal): (JSC::BytecodeGenerator::emitPutByVal): (JSC::BytecodeGenerator::emitDirectPutByVal): (JSC::BytecodeGenerator::emitDeleteByVal): (JSC::BytecodeGenerator::emitSuperSamplerBegin): (JSC::BytecodeGenerator::emitSuperSamplerEnd): (JSC::BytecodeGenerator::emitIdWithProfile): (JSC::BytecodeGenerator::emitUnreachable): (JSC::BytecodeGenerator::emitGetArgument): (JSC::BytecodeGenerator::emitCreateThis): (JSC::BytecodeGenerator::emitTDZCheck): (JSC::BytecodeGenerator::emitNewObject): (JSC::BytecodeGenerator::emitNewArrayBuffer): (JSC::BytecodeGenerator::emitNewArray): (JSC::BytecodeGenerator::emitNewArrayWithSpread): (JSC::BytecodeGenerator::emitNewArrayWithSize): (JSC::BytecodeGenerator::emitNewRegExp): (JSC::BytecodeGenerator::emitNewFunctionExpressionCommon): (JSC::BytecodeGenerator::emitNewDefaultConstructor): (JSC::BytecodeGenerator::emitNewFunction): (JSC::BytecodeGenerator::emitSetFunctionNameIfNeeded): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitCallInTailPosition): (JSC::BytecodeGenerator::emitCallEval): (JSC::BytecodeGenerator::emitExpectedFunctionSnippet): (JSC::BytecodeGenerator::emitCallVarargs): (JSC::BytecodeGenerator::emitCallVarargsInTailPosition): (JSC::BytecodeGenerator::emitConstructVarargs): (JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition): (JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary): (JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary): (JSC::BytecodeGenerator::emitCallDefineProperty): (JSC::BytecodeGenerator::emitReturn): (JSC::BytecodeGenerator::emitEnd): (JSC::BytecodeGenerator::emitConstruct): (JSC::BytecodeGenerator::emitStrcat): (JSC::BytecodeGenerator::emitToPrimitive): (JSC::BytecodeGenerator::emitGetScope): (JSC::BytecodeGenerator::emitPushWithScope): (JSC::BytecodeGenerator::emitGetParentScope): (JSC::BytecodeGenerator::emitDebugHook): (JSC::BytecodeGenerator::emitCatch): (JSC::BytecodeGenerator::emitThrow): (JSC::BytecodeGenerator::emitArgumentCount): (JSC::BytecodeGenerator::emitThrowStaticError): (JSC::BytecodeGenerator::beginSwitch): (JSC::prepareJumpTableForSwitch): (JSC::prepareJumpTableForStringSwitch): (JSC::BytecodeGenerator::endSwitch): (JSC::BytecodeGenerator::emitGetEnumerableLength): (JSC::BytecodeGenerator::emitHasGenericProperty): (JSC::BytecodeGenerator::emitHasIndexedProperty): (JSC::BytecodeGenerator::emitHasStructureProperty): (JSC::BytecodeGenerator::emitGetPropertyEnumerator): (JSC::BytecodeGenerator::emitEnumeratorStructurePropertyName): (JSC::BytecodeGenerator::emitEnumeratorGenericPropertyName): (JSC::BytecodeGenerator::emitToIndexString): (JSC::BytecodeGenerator::emitIsCellWithType): (JSC::BytecodeGenerator::emitIsObject): (JSC::BytecodeGenerator::emitIsNumber): (JSC::BytecodeGenerator::emitIsUndefined): (JSC::BytecodeGenerator::emitIsEmpty): (JSC::BytecodeGenerator::emitRestParameter): (JSC::BytecodeGenerator::emitRequireObjectCoercible): (JSC::BytecodeGenerator::emitYieldPoint): (JSC::BytecodeGenerator::emitYield): (JSC::BytecodeGenerator::emitGetAsyncIterator): (JSC::BytecodeGenerator::emitDelegateYield): (JSC::BytecodeGenerator::emitFinallyCompletion): (JSC::BytecodeGenerator::emitJumpIf): (JSC::ForInContext::finalize): (JSC::StructureForInContext::finalize): (JSC::IndexedForInContext::finalize): (JSC::StaticPropertyAnalysis::record): (JSC::BytecodeGenerator::emitToThis): * bytecompiler/BytecodeGenerator.h: (JSC::StructureForInContext::addGetInst): (JSC::BytecodeGenerator::recordOpcode): (JSC::BytecodeGenerator::addMetadataFor): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::kill): (JSC::BytecodeGenerator::instructions const): (JSC::BytecodeGenerator::write): (JSC::BytecodeGenerator::withWriter): * bytecompiler/Label.h: (JSC::Label::Label): (JSC::Label::bind): * bytecompiler/NodesCodegen.cpp: (JSC::ArrayNode::emitBytecode): (JSC::BytecodeIntrinsicNode::emit_intrinsic_argumentCount): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::BitwiseNotNode::emitBytecode): (JSC::BinaryOpNode::emitBytecode): (JSC::EqualNode::emitBytecode): (JSC::StrictEqualNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ForInNode::emitBytecode): (JSC::CaseBlockNode::emitBytecodeForBlock): (JSC::FunctionNode::emitBytecode): (JSC::ClassExprNode::emitBytecode): * bytecompiler/ProfileTypeBytecodeFlag.cpp: Copied from Source/JavaScriptCore/bytecode/VirtualRegister.cpp. (WTF::printInternal): * bytecompiler/ProfileTypeBytecodeFlag.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecompiler/RegisterID.h: * bytecompiler/StaticPropertyAnalysis.h: (JSC::StaticPropertyAnalysis::create): (JSC::StaticPropertyAnalysis::StaticPropertyAnalysis): * bytecompiler/StaticPropertyAnalyzer.h: (JSC::StaticPropertyAnalyzer::createThis): (JSC::StaticPropertyAnalyzer::newObject): (JSC::StaticPropertyAnalyzer::putById): (JSC::StaticPropertyAnalyzer::mov): (JSC::StaticPropertyAnalyzer::kill): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleVarargsCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleVarargsInlining): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::handleMinMax): (JSC::DFG::ByteCodeParser::handleIntrinsicCall): (JSC::DFG::ByteCodeParser::handleDOMJITCall): (JSC::DFG::ByteCodeParser::handleIntrinsicGetter): (JSC::DFG::ByteCodeParser::handleDOMJITGetter): (JSC::DFG::ByteCodeParser::handleModuleNamespaceLoad): (JSC::DFG::ByteCodeParser::handleTypedArrayConstructor): (JSC::DFG::ByteCodeParser::handleConstantInternalFunction): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseGetById): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::handlePutByVal): (JSC::DFG::ByteCodeParser::handlePutAccessorById): (JSC::DFG::ByteCodeParser::handlePutAccessorByVal): (JSC::DFG::ByteCodeParser::handleNewFunc): (JSC::DFG::ByteCodeParser::handleNewFuncExp): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCapabilities.cpp: (JSC::DFG::capabilityLevel): * dfg/DFGCapabilities.h: (JSC::DFG::capabilityLevel): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareCatchOSREntry): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileArithMul): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileUnaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileBinaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileArithMul): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOperations.cpp: (JSC::FTL::operationMaterializeObjectInOSR): * generate-bytecode-files: Removed. * generator/Argument.rb: Added. * generator/Assertion.rb: Added. * generator/DSL.rb: Added. * generator/Fits.rb: Added. * generator/GeneratedFile.rb: Added. * generator/Metadata.rb: Added. * generator/Opcode.rb: Added. * generator/OpcodeGroup.rb: Added. * generator/Options.rb: Added. * generator/Section.rb: Added. * generator/Template.rb: Added. * generator/Type.rb: Added. * generator/main.rb: Added. * interpreter/AbstractPC.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::currentVPC const): (JSC::CallFrame::setCurrentVPC): * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::ExecState::setReturnPC): * interpreter/Interpreter.cpp: (WTF::printInternal): * interpreter/Interpreter.h: * interpreter/InterpreterInlines.h: * interpreter/StackVisitor.cpp: (JSC::StackVisitor::Frame::dump const): * interpreter/VMEntryRecord.h: * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitSlowCaseCall): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): * jit/JIT.h: * jit/JITArithmetic.cpp: (JSC::JIT::emit_op_jless): (JSC::JIT::emit_op_jlesseq): (JSC::JIT::emit_op_jgreater): (JSC::JIT::emit_op_jgreatereq): (JSC::JIT::emit_op_jnless): (JSC::JIT::emit_op_jnlesseq): (JSC::JIT::emit_op_jngreater): (JSC::JIT::emit_op_jngreatereq): (JSC::JIT::emitSlow_op_jless): (JSC::JIT::emitSlow_op_jlesseq): (JSC::JIT::emitSlow_op_jgreater): (JSC::JIT::emitSlow_op_jgreatereq): (JSC::JIT::emitSlow_op_jnless): (JSC::JIT::emitSlow_op_jnlesseq): (JSC::JIT::emitSlow_op_jngreater): (JSC::JIT::emitSlow_op_jngreatereq): (JSC::JIT::emit_op_below): (JSC::JIT::emit_op_beloweq): (JSC::JIT::emit_op_jbelow): (JSC::JIT::emit_op_jbeloweq): (JSC::JIT::emit_op_unsigned): (JSC::JIT::emit_compareAndJump): (JSC::JIT::emit_compareUnsignedAndJump): (JSC::JIT::emit_compareUnsigned): (JSC::JIT::emit_compareAndJumpSlow): (JSC::JIT::emit_op_inc): (JSC::JIT::emit_op_dec): (JSC::JIT::emit_op_mod): (JSC::JIT::emitSlow_op_mod): (JSC::JIT::emit_op_negate): (JSC::JIT::emitSlow_op_negate): (JSC::JIT::emitBitBinaryOpFastPath): (JSC::JIT::emit_op_bitand): (JSC::JIT::emit_op_bitor): (JSC::JIT::emit_op_bitxor): (JSC::JIT::emit_op_lshift): (JSC::JIT::emitRightShiftFastPath): (JSC::JIT::emit_op_rshift): (JSC::JIT::emit_op_urshift): (JSC::getOperandTypes): (JSC::JIT::emit_op_add): (JSC::JIT::emitSlow_op_add): (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow): (JSC::JIT::emit_op_div): (JSC::JIT::emit_op_mul): (JSC::JIT::emitSlow_op_mul): (JSC::JIT::emit_op_sub): (JSC::JIT::emitSlow_op_sub): * jit/JITCall.cpp: (JSC::JIT::emitPutCallResult): (JSC::JIT::compileSetupFrame): (JSC::JIT::compileCallEval): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileTailCall): (JSC::JIT::compileOpCall): (JSC::JIT::compileOpCallSlowCase): (JSC::JIT::emit_op_call): (JSC::JIT::emit_op_tail_call): (JSC::JIT::emit_op_call_eval): (JSC::JIT::emit_op_call_varargs): (JSC::JIT::emit_op_tail_call_varargs): (JSC::JIT::emit_op_tail_call_forward_arguments): (JSC::JIT::emit_op_construct_varargs): (JSC::JIT::emit_op_construct): (JSC::JIT::emitSlow_op_call): (JSC::JIT::emitSlow_op_tail_call): (JSC::JIT::emitSlow_op_call_eval): (JSC::JIT::emitSlow_op_call_varargs): (JSC::JIT::emitSlow_op_tail_call_varargs): (JSC::JIT::emitSlow_op_tail_call_forward_arguments): (JSC::JIT::emitSlow_op_construct_varargs): (JSC::JIT::emitSlow_op_construct): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::JITDisassembler): * jit/JITExceptions.cpp: (JSC::genericUnwind): * jit/JITInlines.h: (JSC::JIT::emitDoubleGetByVal): (JSC::JIT::emitLoadForArrayMode): (JSC::JIT::emitContiguousGetByVal): (JSC::JIT::emitArrayStorageGetByVal): (JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile): (JSC::JIT::sampleInstruction): (JSC::JIT::emitValueProfilingSiteIfProfiledOpcode): (JSC::JIT::emitValueProfilingSite): (JSC::JIT::jumpTarget): (JSC::JIT::copiedGetPutInfo): (JSC::JIT::copiedArithProfile): * jit/JITMathIC.h: (JSC::isProfileEmpty): (JSC::JITBinaryMathIC::JITBinaryMathIC): (JSC::JITUnaryMathIC::JITUnaryMathIC): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_mov): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_jmp): (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_overrides_has_instance): (JSC::JIT::emit_op_instanceof): (JSC::JIT::emitSlow_op_instanceof): (JSC::JIT::emit_op_instanceof_custom): (JSC::JIT::emit_op_is_empty): (JSC::JIT::emit_op_is_undefined): (JSC::JIT::emit_op_is_boolean): (JSC::JIT::emit_op_is_number): (JSC::JIT::emit_op_is_cell_with_type): (JSC::JIT::emit_op_is_object): (JSC::JIT::emit_op_ret): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emit_op_set_function_name): (JSC::JIT::emit_op_not): (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jeq_null): (JSC::JIT::emit_op_jneq_null): (JSC::JIT::emit_op_jneq_ptr): (JSC::JIT::emit_op_eq): (JSC::JIT::emit_op_jeq): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_neq): (JSC::JIT::emit_op_jneq): (JSC::JIT::emit_op_throw): (JSC::JIT::compileOpStrictEq): (JSC::JIT::emit_op_stricteq): (JSC::JIT::emit_op_nstricteq): (JSC::JIT::compileOpStrictEqJump): (JSC::JIT::emit_op_jstricteq): (JSC::JIT::emit_op_jnstricteq): (JSC::JIT::emitSlow_op_jstricteq): (JSC::JIT::emitSlow_op_jnstricteq): (JSC::JIT::emit_op_to_number): (JSC::JIT::emit_op_to_string): (JSC::JIT::emit_op_to_object): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_identity_with_profile): (JSC::JIT::emit_op_get_parent_scope): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_debug): (JSC::JIT::emit_op_eq_null): (JSC::JIT::emit_op_neq_null): (JSC::JIT::emit_op_enter): (JSC::JIT::emit_op_get_scope): (JSC::JIT::emit_op_to_this): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_check_tdz): (JSC::JIT::emitSlow_op_eq): (JSC::JIT::emitSlow_op_neq): (JSC::JIT::emitSlow_op_jeq): (JSC::JIT::emitSlow_op_jneq): (JSC::JIT::emitSlow_op_instanceof_custom): (JSC::JIT::emit_op_loop_hint): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_check_traps): (JSC::JIT::emit_op_nop): (JSC::JIT::emit_op_super_sampler_begin): (JSC::JIT::emit_op_super_sampler_end): (JSC::JIT::emitSlow_op_check_traps): (JSC::JIT::emit_op_new_regexp): (JSC::JIT::emitNewFuncCommon): (JSC::JIT::emit_op_new_func): (JSC::JIT::emit_op_new_generator_func): (JSC::JIT::emit_op_new_async_generator_func): (JSC::JIT::emit_op_new_async_func): (JSC::JIT::emitNewFuncExprCommon): (JSC::JIT::emit_op_new_func_exp): (JSC::JIT::emit_op_new_generator_func_exp): (JSC::JIT::emit_op_new_async_func_exp): (JSC::JIT::emit_op_new_async_generator_func_exp): (JSC::JIT::emit_op_new_array): (JSC::JIT::emit_op_new_array_with_size): (JSC::JIT::emit_op_has_structure_property): (JSC::JIT::privateCompileHasIndexedProperty): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emitSlow_op_has_indexed_property): (JSC::JIT::emit_op_get_direct_pname): (JSC::JIT::emit_op_enumerator_structure_pname): (JSC::JIT::emit_op_enumerator_generic_pname): (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): (JSC::JIT::emit_op_profile_control_flow): (JSC::JIT::emit_op_argument_count): (JSC::JIT::emit_op_get_rest_length): (JSC::JIT::emit_op_get_argument): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_to_this): * jit/JITOperations.cpp: * jit/JITOperations.h: * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val_direct): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::emit_op_put_getter_by_id): (JSC::JIT::emit_op_put_setter_by_id): (JSC::JIT::emit_op_put_getter_setter_by_id): (JSC::JIT::emit_op_put_getter_by_val): (JSC::JIT::emit_op_put_setter_by_val): (JSC::JIT::emit_op_del_by_id): (JSC::JIT::emit_op_del_by_val): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emitSlow_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emitSlow_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emitSlow_op_get_by_id): (JSC::JIT::emitSlow_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emitSlow_op_put_by_id): (JSC::JIT::emit_op_in_by_id): (JSC::JIT::emitSlow_op_in_by_id): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emitSlow_op_put_to_scope): (JSC::JIT::emit_op_get_from_arguments): (JSC::JIT::emit_op_put_to_arguments): (JSC::JIT::privateCompileGetByVal): (JSC::JIT::privateCompileGetByValWithCachedId): (JSC::JIT::privateCompilePutByVal): (JSC::JIT::privateCompilePutByValWithCachedId): (JSC::JIT::emitDoubleLoad): (JSC::JIT::emitContiguousLoad): (JSC::JIT::emitArrayStorageLoad): (JSC::JIT::emitDirectArgumentsGetByVal): (JSC::JIT::emitScopedArgumentsGetByVal): (JSC::JIT::emitIntTypedArrayGetByVal): (JSC::JIT::emitFloatTypedArrayGetByVal): (JSC::JIT::emitIntTypedArrayPutByVal): (JSC::JIT::emitFloatTypedArrayPutByVal): * jit/RegisterSet.cpp: (JSC::RegisterSet::llintBaselineCalleeSaveRegisters): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::JITSlowPathCall): * llint/LLIntData.cpp: (JSC::LLInt::initialize): (JSC::LLInt::Data::performAssertions): * llint/LLIntData.h: (JSC::LLInt::exceptionInstructions): (JSC::LLInt::opcodeMap): (JSC::LLInt::opcodeMapWide): (JSC::LLInt::getOpcode): (JSC::LLInt::getOpcodeWide): (JSC::LLInt::getWideCodePtr): * llint/LLIntOffsetsExtractor.cpp: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::llint_trace_operand): (JSC::LLInt::llint_trace_value): (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::entryOSR): (JSC::LLInt::setupGetByIdPrototypeCache): (JSC::LLInt::getByVal): (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall): (JSC::LLInt::genericCall): (JSC::LLInt::varargsSetup): (JSC::LLInt::commonCallEval): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter.cpp: (JSC::CLoopRegister::operator const Instruction*): (JSC::CLoop::execute): * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * offlineasm/arm64.rb: * offlineasm/asm.rb: * offlineasm/ast.rb: * offlineasm/cloop.rb: * offlineasm/generate_offset_extractor.rb: * offlineasm/instructions.rb: * offlineasm/offsets.rb: * offlineasm/parser.rb: * offlineasm/transform.rb: * offlineasm/x86.rb: * parser/ResultType.h: (JSC::ResultType::dump const): (JSC::OperandTypes::first const): (JSC::OperandTypes::second const): (JSC::OperandTypes::dump const): * profiler/ProfilerBytecodeSequence.cpp: (JSC::Profiler::BytecodeSequence::BytecodeSequence): * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): (JSC::updateArithProfileForUnaryArithOp): (JSC::updateArithProfileForBinaryArithOp): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::tryCachePutToScopeGlobal): (JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal): * runtime/ExceptionFuzz.cpp: (JSC::doExceptionFuzzing): * runtime/ExceptionFuzz.h: (JSC::doExceptionFuzzingIfEnabled): * runtime/GetPutInfo.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::GetPutInfo::dump const): (WTF::printInternal): * runtime/GetPutInfo.h: (JSC::GetPutInfo::operand const): * runtime/JSCPoison.h: * runtime/JSType.cpp: Added. (WTF::printInternal): * runtime/JSType.h: * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::StackFrame::displayName): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::UnprocessedStackFrame::UnprocessedStackFrame): * runtime/SlowPathReturnType.h: (JSC::encodeResult): (JSC::decodeResult): * runtime/VM.h: * runtime/Watchdog.h: * tools/HeapVerifier.cpp: Source/WTF: * wtf/Forward.h: Fix WTF_LAZY_FOR_EACH_TERM on MSVC and add WTF_LAZY_HAS_REST to check whether a macro was passed multiple arguments * wtf/Platform.h: Force ENABLE_JIT=false on all 32-bit platforms * wtf/Vector.h: (WTF::minCapacity>::insertVector): Allow vectors with different overflow handlers to be passed to insertVector Tools: Do not force ENABLE_JIT=true when $forceCLoop is false. * Scripts/build-jsc: LayoutTests: Don't use recursion on `equal` to avoid premature stack overflows when testing deep arrays. * fast/dom/Window/resources/postmessage-test.js: Canonical link: https://commits.webkit.org/205839@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237547 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-10-29 13:16:03 +00:00
#include "UnlinkedMetadataTableInlines.h"
Adding UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn().. https://bugs.webkit.org/show_bug.cgi?id=127127. Reviewed by Geoffrey Garen. In order to implement bytecode level breakpoints, we need a mechanism for computing the best fit op_debug bytecode offset for any valid given line and column value in the source. The "best fit" op_debug bytecode in this case is defined below in the comment for UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn(). * GNUmakefile.list.am: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Convert the line and column to unlinked line and column values and pass them to UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn() to do the real work. * bytecode/CodeBlock.h: * bytecode/LineColumnInfo.h: Added. (JSC::LineColumnInfo::operator <): (JSC::LineColumnInfo::LineColumnPair::LineColumnPair): (JSC::LineColumnInfo::operator ==): (JSC::LineColumnInfo::operator !=): (JSC::LineColumnInfo::operator <=): (JSC::LineColumnInfo::operator >): (JSC::LineColumnInfo::operator >=): * bytecode/LineInfo.h: Removed. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::decodeExpressionRangeLineAndColumn): - Factored this out of expressionRangeForBytecodeOffset() so that it can be called from multiple places. (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::dumpExpressionRangeInfo): (JSC::UnlinkedCodeBlock::dumpOpDebugLineColumnInfoList): - Some dumpers for debugging use only. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): (JSC::UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Finds the earliest op_debug bytecode whose line and column matches the specified line and column values. If an exact match is not found, then finds the nearest op_debug bytecode that precedes the specified line and column values. If there are more than one op_debug at that preceding line and column value, then the earliest of those op_debug bytecodes will be be selected. The offset of the selected bytecode will be returned. We want the earliest one because when we have multiple op_debug bytecodes that map to a given line and column, a debugger user would expect to break on the first one and step through the rest thereafter if needed. (JSC::compareLineColumnInfo): (JSC::UnlinkedCodeBlock::opDebugLineColumnInfoList): - Creates the sorted opDebugLineColumnInfoList on demand. This list is stored in the UnlinkedCodeBlock's rareData. * bytecode/UnlinkedCodeBlock.h: Canonical link: https://commits.webkit.org/145215@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@162256 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2014-01-18 17:55:07 +00:00
#include <wtf/DataLog.h>
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
namespace JSC {
[JSC][DFG][DOMJIT] Extend CheckDOM to CheckSubClass https://bugs.webkit.org/show_bug.cgi?id=172098 Reviewed by Saam Barati. JSTests: * stress/check-sub-class.js: Added. (shouldBe): (shouldThrow): (calling): (array.forEach): (i.array.forEach): Source/JavaScriptCore: In this patch, we generalize CheckDOM to CheckSubClass. It can accept any ClassInfo and perform ClassInfo check in DFG / FTL. Now, we add a new function pointer to ClassInfo, checkSubClassPatchpoint. It can create DOMJIT patchpoint for that ClassInfo. It it natural that ClassInfo holds the way to emit DOMJIT::Patchpoint to perform CheckSubClass rather than having it in each DOMJIT getter / function signature annotation. One problem is that it enlarges the size of ClassInfo. But this is the best place to put this function pointer. By doing so, we can add a patchpoint for CheckSubClass in an non-intrusive manner: WebCore can inject patchpoints without interactive JSC. We still have a way to reduce the size of ClassInfo if we move ArrayBuffer related methods out to the other places. This patch touches many files because we add a new function pointer to ClassInfo. But they are basically mechanical change. * API/JSAPIWrapperObject.mm: * API/JSCallbackConstructor.cpp: * API/JSCallbackFunction.cpp: * API/JSCallbackObject.cpp: * API/ObjCCallbackFunction.mm: * CMakeLists.txt: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/DOMJITAccessCasePatchpointParams.h: (JSC::DOMJITAccessCasePatchpointParams::DOMJITAccessCasePatchpointParams): * bytecode/EvalCodeBlock.cpp: * bytecode/FunctionCodeBlock.cpp: * bytecode/GetterSetterAccessCase.cpp: (JSC::GetterSetterAccessCase::emitDOMJITGetter): * bytecode/ModuleProgramCodeBlock.cpp: * bytecode/ProgramCodeBlock.cpp: * bytecode/UnlinkedCodeBlock.cpp: * bytecode/UnlinkedEvalCodeBlock.cpp: * bytecode/UnlinkedFunctionCodeBlock.cpp: * bytecode/UnlinkedFunctionExecutable.cpp: * bytecode/UnlinkedModuleProgramCodeBlock.cpp: * bytecode/UnlinkedProgramCodeBlock.cpp: * debugger/DebuggerScope.cpp: * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleDOMJITGetter): * dfg/DFGClobberize.h: (JSC::DFG::clobberize): * dfg/DFGConstantFoldingPhase.cpp: (JSC::DFG::ConstantFoldingPhase::foldConstants): * dfg/DFGDOMJITPatchpointParams.h: (JSC::DFG::DOMJITPatchpointParams::DOMJITPatchpointParams): * dfg/DFGDoesGC.cpp: (JSC::DFG::doesGC): * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode): (JSC::DFG::FixupPhase::attemptToMakeCallDOM): (JSC::DFG::FixupPhase::fixupCheckSubClass): (JSC::DFG::FixupPhase::fixupCheckDOM): Deleted. * dfg/DFGGraph.cpp: (JSC::DFG::Graph::dump): * dfg/DFGNode.h: (JSC::DFG::Node::hasClassInfo): (JSC::DFG::Node::classInfo): (JSC::DFG::Node::hasCheckDOMPatchpoint): Deleted. (JSC::DFG::Node::checkDOMPatchpoint): Deleted. * dfg/DFGNodeType.h: * dfg/DFGPredictionPropagationPhase.cpp: * dfg/DFGSafeToExecute.h: (JSC::DFG::safeToExecute): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileCheckSubClass): (JSC::DFG::SpeculativeJIT::compileCheckDOM): Deleted. * dfg/DFGSpeculativeJIT.h: (JSC::DFG::SpeculativeJIT::vm): * dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * domjit/DOMJITGetterSetter.h: * domjit/DOMJITPatchpointParams.h: (JSC::DOMJIT::PatchpointParams::PatchpointParams): (JSC::DOMJIT::PatchpointParams::vm): * domjit/DOMJITSignature.h: (JSC::DOMJIT::Signature::Signature): (JSC::DOMJIT::Signature::checkDOM): Deleted. * ftl/FTLAbstractHeapRepository.h: * ftl/FTLCapabilities.cpp: (JSC::FTL::canCompile): * ftl/FTLDOMJITPatchpointParams.h: (JSC::FTL::DOMJITPatchpointParams::DOMJITPatchpointParams): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileNode): (JSC::FTL::DFG::LowerDFGToB3::compileCheckSubClass): (JSC::FTL::DFG::LowerDFGToB3::compileCheckDOM): Deleted. * inspector/JSInjectedScriptHost.cpp: * inspector/JSInjectedScriptHostPrototype.cpp: * inspector/JSJavaScriptCallFrame.cpp: * inspector/JSJavaScriptCallFramePrototype.cpp: * jsc.cpp: (WTF::DOMJITNode::checkSubClassPatchpoint): (WTF::DOMJITFunctionObject::checkSubClassPatchpoint): (WTF::DOMJITFunctionObject::finishCreation): (WTF::DOMJITCheckSubClassObject::DOMJITCheckSubClassObject): (WTF::DOMJITCheckSubClassObject::createStructure): (WTF::DOMJITCheckSubClassObject::create): (WTF::DOMJITCheckSubClassObject::safeFunction): (WTF::DOMJITCheckSubClassObject::unsafeFunction): (WTF::DOMJITCheckSubClassObject::finishCreation): (GlobalObject::finishCreation): (functionCreateDOMJITCheckSubClassObject): (WTF::DOMJITNode::checkDOMJITNode): Deleted. (WTF::DOMJITFunctionObject::checkDOMJITNode): Deleted. * runtime/AbstractModuleRecord.cpp: * runtime/ArrayBufferNeuteringWatchpoint.cpp: * runtime/ArrayConstructor.cpp: * runtime/ArrayIteratorPrototype.cpp: * runtime/ArrayPrototype.cpp: * runtime/AsyncFunctionConstructor.cpp: * runtime/AsyncFunctionPrototype.cpp: * runtime/AtomicsObject.cpp: * runtime/BooleanConstructor.cpp: * runtime/BooleanObject.cpp: * runtime/BooleanPrototype.cpp: * runtime/ClassInfo.cpp: Copied from Source/JavaScriptCore/tools/JSDollarVM.cpp. (JSC::ClassInfo::dump): * runtime/ClassInfo.h: (JSC::ClassInfo::offsetOfParentClass): * runtime/ClonedArguments.cpp: * runtime/ConsoleObject.cpp: * runtime/CustomGetterSetter.cpp: * runtime/DateConstructor.cpp: * runtime/DateInstance.cpp: * runtime/DatePrototype.cpp: * runtime/DirectArguments.cpp: * runtime/Error.cpp: * runtime/ErrorConstructor.cpp: * runtime/ErrorInstance.cpp: * runtime/ErrorPrototype.cpp: * runtime/EvalExecutable.cpp: * runtime/Exception.cpp: * runtime/ExceptionHelpers.cpp: * runtime/ExecutableBase.cpp: * runtime/FunctionConstructor.cpp: * runtime/FunctionExecutable.cpp: * runtime/FunctionPrototype.cpp: * runtime/FunctionRareData.cpp: * runtime/GeneratorFunctionConstructor.cpp: * runtime/GeneratorFunctionPrototype.cpp: * runtime/GeneratorPrototype.cpp: * runtime/GetterSetter.cpp: * runtime/HashMapImpl.cpp: * runtime/HashMapImpl.h: * runtime/InferredType.cpp: (JSC::InferredType::create): * runtime/InferredTypeTable.cpp: * runtime/InferredValue.cpp: * runtime/InspectorInstrumentationObject.cpp: * runtime/InternalFunction.cpp: * runtime/IntlCollator.cpp: * runtime/IntlCollatorConstructor.cpp: * runtime/IntlCollatorPrototype.cpp: * runtime/IntlDateTimeFormat.cpp: * runtime/IntlDateTimeFormatConstructor.cpp: * runtime/IntlDateTimeFormatPrototype.cpp: * runtime/IntlNumberFormat.cpp: * runtime/IntlNumberFormatConstructor.cpp: * runtime/IntlNumberFormatPrototype.cpp: * runtime/IntlObject.cpp: * runtime/IteratorPrototype.cpp: * runtime/JSAPIValueWrapper.cpp: * runtime/JSArray.cpp: * runtime/JSArrayBuffer.cpp: * runtime/JSArrayBufferConstructor.cpp: * runtime/JSArrayBufferPrototype.cpp: * runtime/JSArrayBufferView.cpp: * runtime/JSAsyncFunction.cpp: * runtime/JSBoundFunction.cpp: * runtime/JSCallee.cpp: * runtime/JSCustomGetterSetterFunction.cpp: * runtime/JSDataView.cpp: * runtime/JSDataViewPrototype.cpp: * runtime/JSEnvironmentRecord.cpp: * runtime/JSFixedArray.cpp: * runtime/JSFunction.cpp: * runtime/JSGeneratorFunction.cpp: * runtime/JSGlobalLexicalEnvironment.cpp: * runtime/JSGlobalObject.cpp: * runtime/JSInternalPromise.cpp: * runtime/JSInternalPromiseConstructor.cpp: * runtime/JSInternalPromiseDeferred.cpp: * runtime/JSInternalPromisePrototype.cpp: * runtime/JSLexicalEnvironment.cpp: * runtime/JSMap.cpp: * runtime/JSMapIterator.cpp: * runtime/JSModuleEnvironment.cpp: * runtime/JSModuleLoader.cpp: * runtime/JSModuleNamespaceObject.cpp: * runtime/JSModuleRecord.cpp: * runtime/JSNativeStdFunction.cpp: * runtime/JSONObject.cpp: * runtime/JSObject.cpp: * runtime/JSPromise.cpp: * runtime/JSPromiseConstructor.cpp: * runtime/JSPromiseDeferred.cpp: * runtime/JSPromisePrototype.cpp: * runtime/JSPropertyNameEnumerator.cpp: * runtime/JSPropertyNameIterator.cpp: * runtime/JSProxy.cpp: * runtime/JSScriptFetcher.cpp: * runtime/JSSet.cpp: * runtime/JSSetIterator.cpp: * runtime/JSSourceCode.cpp: * runtime/JSString.cpp: * runtime/JSStringIterator.cpp: * runtime/JSSymbolTableObject.cpp: * runtime/JSTemplateRegistryKey.cpp: * runtime/JSTypedArrayConstructors.cpp: * runtime/JSTypedArrayPrototypes.cpp: * runtime/JSTypedArrayViewConstructor.cpp: * runtime/JSTypedArrays.cpp: * runtime/JSWeakMap.cpp: * runtime/JSWeakSet.cpp: * runtime/JSWithScope.cpp: * runtime/MapConstructor.cpp: * runtime/MapIteratorPrototype.cpp: * runtime/MapPrototype.cpp: * runtime/MathObject.cpp: * runtime/ModuleLoaderPrototype.cpp: * runtime/ModuleProgramExecutable.cpp: * runtime/NativeErrorConstructor.cpp: * runtime/NativeExecutable.cpp: * runtime/NativeStdFunctionCell.cpp: * runtime/NullGetterFunction.cpp: * runtime/NullSetterFunction.cpp: * runtime/NumberConstructor.cpp: * runtime/NumberObject.cpp: * runtime/NumberPrototype.cpp: * runtime/ObjectConstructor.cpp: * runtime/ObjectPrototype.cpp: * runtime/ProgramExecutable.cpp: * runtime/PropertyTable.cpp: * runtime/ProxyConstructor.cpp: * runtime/ProxyObject.cpp: * runtime/ProxyRevoke.cpp: * runtime/ReflectObject.cpp: * runtime/RegExp.cpp: * runtime/RegExpConstructor.cpp: * runtime/RegExpObject.cpp: * runtime/RegExpPrototype.cpp: * runtime/ScopedArguments.cpp: * runtime/ScopedArgumentsTable.cpp: * runtime/ScriptExecutable.cpp: * runtime/SetConstructor.cpp: * runtime/SetIteratorPrototype.cpp: * runtime/SetPrototype.cpp: * runtime/SparseArrayValueMap.cpp: * runtime/StrictEvalActivation.cpp: * runtime/StringConstructor.cpp: * runtime/StringIteratorPrototype.cpp: * runtime/StringObject.cpp: * runtime/StringPrototype.cpp: * runtime/Structure.cpp: * runtime/StructureChain.cpp: * runtime/StructureRareData.cpp: * runtime/Symbol.cpp: * runtime/SymbolConstructor.cpp: * runtime/SymbolObject.cpp: * runtime/SymbolPrototype.cpp: * runtime/SymbolTable.cpp: * runtime/WeakMapConstructor.cpp: * runtime/WeakMapData.cpp: * runtime/WeakMapPrototype.cpp: * runtime/WeakSetConstructor.cpp: * runtime/WeakSetPrototype.cpp: * testRegExp.cpp: * tools/JSDollarVM.cpp: * tools/JSDollarVMPrototype.cpp: * wasm/JSWebAssembly.cpp: * wasm/js/JSWebAssemblyCodeBlock.cpp: * wasm/js/JSWebAssemblyCompileError.cpp: * wasm/js/JSWebAssemblyInstance.cpp: * wasm/js/JSWebAssemblyLinkError.cpp: * wasm/js/JSWebAssemblyMemory.cpp: * wasm/js/JSWebAssemblyModule.cpp: * wasm/js/JSWebAssemblyRuntimeError.cpp: * wasm/js/JSWebAssemblyTable.cpp: * wasm/js/WebAssemblyCompileErrorConstructor.cpp: * wasm/js/WebAssemblyCompileErrorPrototype.cpp: * wasm/js/WebAssemblyFunction.cpp: * wasm/js/WebAssemblyFunctionBase.cpp: * wasm/js/WebAssemblyInstanceConstructor.cpp: * wasm/js/WebAssemblyInstancePrototype.cpp: * wasm/js/WebAssemblyLinkErrorConstructor.cpp: * wasm/js/WebAssemblyLinkErrorPrototype.cpp: * wasm/js/WebAssemblyMemoryConstructor.cpp: * wasm/js/WebAssemblyMemoryPrototype.cpp: * wasm/js/WebAssemblyModuleConstructor.cpp: * wasm/js/WebAssemblyModulePrototype.cpp: * wasm/js/WebAssemblyModuleRecord.cpp: * wasm/js/WebAssemblyPrototype.cpp: * wasm/js/WebAssemblyRuntimeErrorConstructor.cpp: * wasm/js/WebAssemblyRuntimeErrorPrototype.cpp: * wasm/js/WebAssemblyTableConstructor.cpp: * wasm/js/WebAssemblyTablePrototype.cpp: * wasm/js/WebAssemblyToJSCallee.cpp: * wasm/js/WebAssemblyWrapperFunction.cpp: Source/WebCore: Add DOMJIT interface IDL attribute. Which allows us to define checkSubClassPatchpointFor${className} function for that ClassInfo. And we move CheckSubClass patchpoint implementation to ClassInfo's member * CMakeLists.txt: * WebCore.xcodeproj/project.pbxproj: * bindings/js/JSDOMGlobalObject.cpp: * bindings/js/JSDOMWindowBase.cpp: * bindings/js/JSDOMWindowProperties.cpp: * bindings/js/JSDOMWindowShell.cpp: * bindings/js/JSReadableStreamPrivateConstructors.cpp: * bindings/js/JSWorkerGlobalScopeBase.cpp: * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): (GenerateImplementation): (GenerateImplementationIterableFunctions): (GenerateConstructorHelperMethods): * bindings/scripts/IDLAttributes.json: * bindings/scripts/test/JS/JSInterfaceName.cpp: * bindings/scripts/test/JS/JSMapLike.cpp: * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp: * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: * bindings/scripts/test/JS/JSTestCEReactions.cpp: * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp: * bindings/scripts/test/JS/JSTestCallbackInterface.cpp: * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp: * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp: * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp: * bindings/scripts/test/JS/JSTestDOMJIT.cpp: * bindings/scripts/test/JS/JSTestDOMJIT.h: * bindings/scripts/test/JS/JSTestEventConstructor.cpp: * bindings/scripts/test/JS/JSTestEventTarget.cpp: * bindings/scripts/test/JS/JSTestException.cpp: * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp: * bindings/scripts/test/JS/JSTestGlobalObject.cpp: * bindings/scripts/test/JS/JSTestInterface.cpp: * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp: * bindings/scripts/test/JS/JSTestIterable.cpp: * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp: * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp: * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: * bindings/scripts/test/JS/JSTestNode.cpp: * bindings/scripts/test/JS/JSTestObj.cpp: * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp: * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp: * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp: * bindings/scripts/test/JS/JSTestSerialization.cpp: * bindings/scripts/test/JS/JSTestSerializationInherit.cpp: * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp: * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: * bindings/scripts/test/JS/JSTestTypedefs.cpp: * bridge/c/CRuntimeObject.cpp: * bridge/c/c_instance.cpp: * bridge/objc/ObjCRuntimeObject.mm: * bridge/objc/objc_instance.mm: * bridge/objc/objc_runtime.mm: * bridge/runtime_array.cpp: * bridge/runtime_method.cpp: * bridge/runtime_object.cpp: * dom/Document.idl: * dom/DocumentFragment.idl: * dom/Element.idl: * dom/Event.idl: * dom/Node.idl: * domjit/JSDocumentDOMJIT.cpp: (WebCore::checkSubClassPatchpointForJSDocument): (WebCore::DocumentDocumentElementDOMJIT::checkDOM): Deleted. (WebCore::DocumentBodyDOMJIT::checkDOM): Deleted. * domjit/JSDocumentFragmentDOMJIT.cpp: Copied from Source/JavaScriptCore/runtime/JSMap.cpp. (WebCore::checkSubClassPatchpointForJSDocumentFragment): * domjit/JSElementDOMJIT.cpp: Copied from Source/JavaScriptCore/tools/JSDollarVM.cpp. (WebCore::checkSubClassPatchpointForJSElement): * domjit/JSEventDOMJIT.cpp: Copied from Source/JavaScriptCore/tools/JSDollarVM.cpp. (WebCore::checkSubClassPatchpointForJSEvent): * domjit/JSNodeDOMJIT.cpp: (WebCore::checkSubClassPatchpointForJSNode): (WebCore::NodeFirstChildDOMJIT::checkDOM): Deleted. (WebCore::NodeLastChildDOMJIT::checkDOM): Deleted. (WebCore::NodeNextSiblingDOMJIT::checkDOM): Deleted. (WebCore::NodePreviousSiblingDOMJIT::checkDOM): Deleted. (WebCore::NodeParentNodeDOMJIT::checkDOM): Deleted. (WebCore::NodeNodeTypeDOMJIT::checkDOM): Deleted. (WebCore::NodeOwnerDocumentDOMJIT::checkDOM): Deleted. Source/WebKit/mac: * Plugins/Hosted/ProxyInstance.mm: * Plugins/Hosted/ProxyRuntimeObject.mm: Source/WebKit2: * WebProcess/Plugins/Netscape/JSNPMethod.cpp: * WebProcess/Plugins/Netscape/JSNPObject.cpp: Canonical link: https://commits.webkit.org/189246@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@217108 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2017-05-19 09:23:20 +00:00
const ClassInfo UnlinkedCodeBlock::s_info = { "UnlinkedCodeBlock", nullptr, nullptr, nullptr, CREATE_METHOD_TABLE(UnlinkedCodeBlock) };
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
Refactor to use VM& instead of VM* at as many places as possible. https://bugs.webkit.org/show_bug.cgi?id=201172 Reviewed by Yusuke Suzuki. Source/JavaScriptCore: Using VM& documents more clearly that the VM pointer is expected to never be null in most cases. There are a few places where it can be null (e.g JSLock, and DFG::Plan). Those will be left using a VM*. Also converted some uses of ExecState* to using VM& instead since the ExecState* is only there to fetch the VM pointer. Doing this also reduces the number of times we have to compute VM* from ExecState*. This patch is not exhaustive in converting to use VM&, but applies the change to many commonly used pieces of code for a start. Also fixed a missing exception check in JSString::toIdentifier() and JSValue::toPropertyKey() exposed by this patch. * API/APICast.h: (toJS): * API/JSAPIGlobalObject.mm: (JSC::JSAPIGlobalObject::moduleLoaderResolve): (JSC::JSAPIGlobalObject::moduleLoaderImportModule): (JSC::JSAPIGlobalObject::moduleLoaderFetch): (JSC::JSAPIGlobalObject::moduleLoaderCreateImportMetaProperties): (JSC::JSAPIGlobalObject::loadAndEvaluateJSScriptModule): * API/JSCallbackConstructor.cpp: (JSC::JSCallbackConstructor::finishCreation): * API/JSCallbackObjectFunctions.h: (JSC::JSCallbackObject<Parent>::asCallbackObject): (JSC::JSCallbackObject<Parent>::~JSCallbackObject): (JSC::JSCallbackObject<Parent>::getOwnPropertySlotByIndex): (JSC::JSCallbackObject<Parent>::putByIndex): (JSC::JSCallbackObject<Parent>::deletePropertyByIndex): (JSC::JSCallbackObject<Parent>::getOwnNonIndexPropertyNames): * API/JSContext.mm: (-[JSContext dependencyIdentifiersForModuleJSScript:]): * API/JSObjectRef.cpp: (JSObjectMakeFunction): (classInfoPrivate): (JSObjectGetPrivate): (JSObjectSetPrivate): (JSObjectCopyPropertyNames): (JSPropertyNameAccumulatorAddName): (JSObjectGetProxyTarget): * API/JSScriptRef.cpp: (parseScript): * API/JSValueRef.cpp: (JSValueMakeString): * API/OpaqueJSString.cpp: (OpaqueJSString::identifier const): * API/glib/JSCContext.cpp: (jsc_context_check_syntax): * KeywordLookupGenerator.py: (Trie.printSubTreeAsC): * Scripts/wkbuiltins/builtins_generate_wrapper_header.py: (BuiltinsWrapperHeaderGenerator.generate_constructor): * Scripts/wkbuiltins/builtins_templates.py: * bindings/ScriptFunctionCall.cpp: (Deprecated::ScriptCallArgumentHandler::appendArgument): (Deprecated::ScriptFunctionCall::call): * bindings/ScriptValue.cpp: (Inspector::jsToInspectorValue): * builtins/BuiltinExecutables.cpp: (JSC::BuiltinExecutables::createExecutable): * builtins/BuiltinNames.cpp: (JSC::BuiltinNames::BuiltinNames): * builtins/BuiltinNames.h: (JSC::BuiltinNames::getPublicName const): * bytecode/BytecodeDumper.cpp: (JSC::BytecodeDumper<Block>::vm const): * bytecode/BytecodeDumper.h: * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::storageForGeneratorLocal): (JSC::BytecodeGeneratorification::run): * bytecode/BytecodeIntrinsicRegistry.cpp: (JSC::BytecodeIntrinsicRegistry::sentinelMapBucketValue): (JSC::BytecodeIntrinsicRegistry::sentinelSetBucketValue): * bytecode/CallVariant.h: (JSC::CallVariant::internalFunction const): (JSC::CallVariant::function const): (JSC::CallVariant::isClosureCall const): (JSC::CallVariant::executable const): (JSC::CallVariant::functionExecutable const): (JSC::CallVariant::nativeExecutable const): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpSource): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::setConstantIdentifierSetRegisters): (JSC::CodeBlock::setNumParameters): (JSC::CodeBlock::finalizeBaselineJITInlineCaches): (JSC::CodeBlock::unlinkIncomingCalls): (JSC::CodeBlock::replacement): (JSC::CodeBlock::computeCapabilityLevel): (JSC::CodeBlock::noticeIncomingCall): (JSC::CodeBlock::nameForRegister): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: (JSC::CodeBlock::vm const): (JSC::CodeBlock::numberOfArgumentValueProfiles): (JSC::CodeBlock::valueProfileForArgument): * bytecode/DeferredSourceDump.cpp: (JSC::DeferredSourceDump::DeferredSourceDump): * bytecode/EvalCodeBlock.h: * bytecode/FunctionCodeBlock.h: * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): * bytecode/GlobalCodeBlock.h: (JSC::GlobalCodeBlock::GlobalCodeBlock): * bytecode/ModuleProgramCodeBlock.h: * bytecode/ObjectAllocationProfileInlines.h: (JSC::ObjectAllocationProfileBase<Derived>::possibleDefaultPropertyCount): * bytecode/PolyProtoAccessChain.cpp: (JSC::PolyProtoAccessChain::create): * bytecode/ProgramCodeBlock.h: * bytecode/PropertyCondition.cpp: (JSC::PropertyCondition::isWatchableWhenValid const): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::initGetByIdSelf): (JSC::StructureStubInfo::initPutByIdReplace): (JSC::StructureStubInfo::initInByIdSelf): (JSC::StructureStubInfo::addAccessCase): (JSC::StructureStubInfo::visitWeakReferences): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::addSetConstant): (JSC::UnlinkedCodeBlock::addConstant): (JSC::UnlinkedCodeBlock::addFunctionDecl): (JSC::UnlinkedCodeBlock::addFunctionExpr): * bytecode/UnlinkedEvalCodeBlock.h: * bytecode/UnlinkedFunctionCodeBlock.h: * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::generateUnlinkedFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): * bytecode/UnlinkedFunctionExecutable.h: * bytecode/UnlinkedGlobalCodeBlock.h: (JSC::UnlinkedGlobalCodeBlock::UnlinkedGlobalCodeBlock): * bytecode/UnlinkedModuleProgramCodeBlock.h: * bytecode/UnlinkedProgramCodeBlock.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::pushLexicalScopeInternal): (JSC::BytecodeGenerator::emitDirectPutById): (JSC::BytecodeGenerator::getVariablesUnderTDZ): (JSC::BytecodeGenerator::addBigIntConstant): (JSC::BytecodeGenerator::addTemplateObjectConstant): (JSC::BytecodeGenerator::emitNewDefaultConstructor): (JSC::BytecodeGenerator::emitSetFunctionNameIfNeeded): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::vm const): (JSC::BytecodeGenerator::propertyNames const): (JSC::BytecodeGenerator::emitNodeInTailPosition): (JSC::BytecodeGenerator::emitDefineClassElements): (JSC::BytecodeGenerator::emitNodeInConditionContext): * bytecompiler/NodesCodegen.cpp: (JSC::RegExpNode::emitBytecode): (JSC::ArrayNode::emitBytecode): (JSC::FunctionCallResolveNode::emitBytecode): (JSC::BytecodeIntrinsicNode::emit_intrinsic_getByIdDirectPrivate): (JSC::BytecodeIntrinsicNode::emit_intrinsic_putByIdDirectPrivate): (JSC::BytecodeIntrinsicNode::emit_intrinsic_toObject): (JSC::InstanceOfNode::emitBytecode): * debugger/Debugger.cpp: * debugger/DebuggerParseData.cpp: (JSC::gatherDebuggerParseData): * debugger/DebuggerScope.cpp: (JSC::DebuggerScope::next): (JSC::DebuggerScope::name const): (JSC::DebuggerScope::location const): * dfg/DFGDesiredIdentifiers.cpp: (JSC::DFG::DesiredIdentifiers::reallyAdd): * dfg/DFGDesiredWatchpoints.cpp: (JSC::DFG::ArrayBufferViewWatchpointAdaptor::add): (JSC::DFG::AdaptiveStructureWatchpointAdaptor::add): * dfg/DFGFrozenValue.h: (JSC::DFG::FrozenValue::FrozenValue): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::canOptimizeStringObjectAccess): * dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::linkOSRExits): (JSC::DFG::JITCompiler::compileExceptionHandlers): (JSC::DFG::JITCompiler::link): (JSC::DFG::emitStackOverflowCheck): (JSC::DFG::JITCompiler::compileFunction): (JSC::DFG::JITCompiler::exceptionCheck): (JSC::DFG::JITCompiler::makeCatchOSREntryBuffer): * dfg/DFGJITCompiler.h: (JSC::DFG::JITCompiler::exceptionCheckWithCallFrameRollback): (JSC::DFG::JITCompiler::fastExceptionCheck): (JSC::DFG::JITCompiler::vm): * dfg/DFGLazyJSValue.cpp: (JSC::DFG::LazyJSValue::getValue const): (JSC::DFG::LazyJSValue::emit const): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareOSREntry): * dfg/DFGOSRExit.cpp: (JSC::DFG::OSRExit::compileOSRExit): (JSC::DFG::OSRExit::debugOperationPrintSpeculationFailure): * dfg/DFGOSRExitCompilerCommon.h: (JSC::DFG::adjustFrameAndStackInOSRExitCompilerThunk): * dfg/DFGOperations.cpp: (JSC::DFG::newTypedArrayWithSize): (JSC::DFG::binaryOp): (JSC::DFG::bitwiseBinaryOp): * dfg/DFGPlan.cpp: (JSC::DFG::Plan::Plan): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::emitAllocateRawObject): (JSC::DFG::SpeculativeJIT::compileStringSlice): (JSC::DFG::SpeculativeJIT::compileCurrentBlock): (JSC::DFG::SpeculativeJIT::compileCheckTraps): (JSC::DFG::SpeculativeJIT::compileGetByValOnString): (JSC::DFG::SpeculativeJIT::compileFromCharCode): (JSC::DFG::SpeculativeJIT::compileStringZeroLength): (JSC::DFG::SpeculativeJIT::compileLogicalNotStringOrOther): (JSC::DFG::SpeculativeJIT::emitStringBranch): (JSC::DFG::SpeculativeJIT::emitStringOrOtherBranch): (JSC::DFG::SpeculativeJIT::cageTypedArrayStorage): (JSC::DFG::SpeculativeJIT::compileGetGlobalObject): (JSC::DFG::SpeculativeJIT::compileNewFunctionCommon): (JSC::DFG::SpeculativeJIT::compileCreateActivation): (JSC::DFG::SpeculativeJIT::compileCreateDirectArguments): (JSC::DFG::SpeculativeJIT::compileSpread): (JSC::DFG::SpeculativeJIT::compileNewArray): (JSC::DFG::SpeculativeJIT::compileNewArrayWithSpread): (JSC::DFG::SpeculativeJIT::compileArraySlice): (JSC::DFG::SpeculativeJIT::compileArrayPush): (JSC::DFG::SpeculativeJIT::compileTypeOf): (JSC::DFG::SpeculativeJIT::compileAllocatePropertyStorage): (JSC::DFG::SpeculativeJIT::compileReallocatePropertyStorage): (JSC::DFG::SpeculativeJIT::compileNukeStructureAndSetButterfly): (JSC::DFG::SpeculativeJIT::compileCallDOMGetter): (JSC::DFG::SpeculativeJIT::compileCheckSubClass): (JSC::DFG::SpeculativeJIT::compileNewStringObject): (JSC::DFG::SpeculativeJIT::compileNewTypedArrayWithSize): (JSC::DFG::SpeculativeJIT::compileNewRegexp): (JSC::DFG::SpeculativeJIT::compileStoreBarrier): (JSC::DFG::SpeculativeJIT::compileStringReplace): (JSC::DFG::SpeculativeJIT::compileMaterializeNewObject): (JSC::DFG::SpeculativeJIT::emitAllocateButterfly): (JSC::DFG::SpeculativeJIT::compileGetMapBucketNext): (JSC::DFG::SpeculativeJIT::compileObjectKeys): (JSC::DFG::SpeculativeJIT::compileCreateThis): (JSC::DFG::SpeculativeJIT::compileNewObject): (JSC::DFG::SpeculativeJIT::compileLogShadowChickenPrologue): (JSC::DFG::SpeculativeJIT::compileLogShadowChickenTail): (JSC::DFG::SpeculativeJIT::compileGetPrototypeOf): (JSC::DFG::SpeculativeJIT::compileAllocateNewArrayWithSize): (JSC::DFG::SpeculativeJIT::compileProfileType): (JSC::DFG::SpeculativeJIT::compileMakeRope): * dfg/DFGSpeculativeJIT.h: (JSC::DFG::SpeculativeJIT::vm): (JSC::DFG::SpeculativeJIT::prepareForExternalCall): (JSC::DFG::SpeculativeJIT::emitAllocateJSObjectWithKnownSize): (JSC::DFG::SpeculativeJIT::emitAllocateJSObject): (JSC::DFG::SpeculativeJIT::emitAllocateVariableSizedJSObject): (JSC::DFG::SpeculativeJIT::emitAllocateDestructibleObject): * dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::emitCall): (JSC::DFG::SpeculativeJIT::compileLogicalNot): (JSC::DFG::SpeculativeJIT::emitBranch): (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNullOrUndefined): (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNullOrUndefined): (JSC::DFG::SpeculativeJIT::emitCall): (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot): (JSC::DFG::SpeculativeJIT::compileLogicalNot): (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch): (JSC::DFG::SpeculativeJIT::emitBranch): (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGThunks.cpp: (JSC::DFG::osrExitThunkGenerator): (JSC::DFG::osrExitGenerationThunkGenerator): (JSC::DFG::osrEntryThunkGenerator): * dfg/DFGThunks.h: * dfg/DFGToFTLForOSREntryDeferredCompilationCallback.cpp: (JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::compilationDidComplete): * dfg/DFGWorklist.cpp: (JSC::DFG::Worklist::visitWeakReferences): * dynbench.cpp: (main): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileMakeRope): (JSC::FTL::DFG::LowerDFGToB3::compileStringSlice): (JSC::FTL::DFG::LowerDFGToB3::boolify): * ftl/FTLThunks.cpp: (JSC::FTL::genericGenerationThunkGenerator): (JSC::FTL::osrExitGenerationThunkGenerator): (JSC::FTL::lazySlowPathGenerationThunkGenerator): * ftl/FTLThunks.h: * heap/CellContainer.h: * heap/CellContainerInlines.h: (JSC::CellContainer::vm const): (JSC::CellContainer::heap const): * heap/CompleteSubspace.cpp: (JSC::CompleteSubspace::tryAllocateSlow): (JSC::CompleteSubspace::reallocateLargeAllocationNonVirtual): * heap/GCActivityCallback.h: * heap/GCAssertions.h: * heap/HandleSet.cpp: (JSC::HandleSet::HandleSet): * heap/HandleSet.h: (JSC::HandleSet::vm): * heap/Heap.cpp: (JSC::Heap::Heap): (JSC::Heap::lastChanceToFinalize): (JSC::Heap::releaseDelayedReleasedObjects): (JSC::Heap::protect): (JSC::Heap::unprotect): (JSC::Heap::finalizeMarkedUnconditionalFinalizers): (JSC::Heap::finalizeUnconditionalFinalizers): (JSC::Heap::completeAllJITPlans): (JSC::Heap::iterateExecutingAndCompilingCodeBlocks): (JSC::Heap::gatherJSStackRoots): (JSC::Heap::gatherScratchBufferRoots): (JSC::Heap::removeDeadCompilerWorklistEntries): (JSC::Heap::isAnalyzingHeap const): (JSC::Heap::gatherExtraHeapData): (JSC::Heap::protectedObjectTypeCounts): (JSC::Heap::objectTypeCounts): (JSC::Heap::deleteAllCodeBlocks): (JSC::Heap::deleteAllUnlinkedCodeBlocks): (JSC::Heap::deleteUnmarkedCompiledCode): (JSC::Heap::checkConn): (JSC::Heap::runEndPhase): (JSC::Heap::stopThePeriphery): (JSC::Heap::finalize): (JSC::Heap::requestCollection): (JSC::Heap::sweepInFinalize): (JSC::Heap::sweepArrayBuffers): (JSC::Heap::deleteSourceProviderCaches): (JSC::Heap::didFinishCollection): (JSC::Heap::addCoreConstraints): * heap/Heap.h: * heap/HeapCell.h: * heap/HeapCellInlines.h: (JSC::HeapCell::heap const): (JSC::HeapCell::vm const): * heap/HeapInlines.h: (JSC::Heap::vm const): * heap/IsoSubspacePerVM.cpp: (JSC::IsoSubspacePerVM::AutoremovingIsoSubspace::~AutoremovingIsoSubspace): * heap/LargeAllocation.cpp: (JSC::LargeAllocation::sweep): (JSC::LargeAllocation::assertValidCell const): * heap/LargeAllocation.h: (JSC::LargeAllocation::vm const): * heap/LocalAllocator.cpp: (JSC::LocalAllocator::allocateSlowCase): * heap/MarkedBlock.cpp: (JSC::MarkedBlock::Handle::Handle): (JSC::MarkedBlock::aboutToMarkSlow): (JSC::MarkedBlock::assertMarksNotStale): (JSC::MarkedBlock::areMarksStale): (JSC::MarkedBlock::isMarked): (JSC::MarkedBlock::assertValidCell const): * heap/MarkedBlock.h: (JSC::MarkedBlock::Handle::vm const): (JSC::MarkedBlock::vm const): * heap/MarkedBlockInlines.h: (JSC::MarkedBlock::heap const): (JSC::MarkedBlock::Handle::specializedSweep): * heap/SlotVisitor.cpp: (JSC::validate): * heap/SlotVisitorInlines.h: (JSC::SlotVisitor::vm): (JSC::SlotVisitor::vm const): * heap/StopIfNecessaryTimer.cpp: (JSC::StopIfNecessaryTimer::StopIfNecessaryTimer): * heap/StopIfNecessaryTimer.h: * heap/Strong.h: (JSC::Strong::operator=): * heap/WeakSet.h: (JSC::WeakSet::WeakSet): (JSC::WeakSet::vm const): * inspector/JSInjectedScriptHost.cpp: (Inspector::JSInjectedScriptHost::savedResultAlias const): (Inspector::JSInjectedScriptHost::internalConstructorName): (Inspector::JSInjectedScriptHost::subtype): (Inspector::JSInjectedScriptHost::functionDetails): (Inspector::constructInternalProperty): (Inspector::JSInjectedScriptHost::getInternalProperties): (Inspector::JSInjectedScriptHost::weakMapEntries): (Inspector::JSInjectedScriptHost::weakSetEntries): (Inspector::JSInjectedScriptHost::iteratorEntries): (Inspector::JSInjectedScriptHost::queryInstances): (Inspector::JSInjectedScriptHost::queryHolders): * inspector/JSJavaScriptCallFrame.cpp: (Inspector::valueForScopeLocation): (Inspector::JSJavaScriptCallFrame::scopeDescriptions): (Inspector::JSJavaScriptCallFrame::functionName const): (Inspector::JSJavaScriptCallFrame::type const): * inspector/ScriptCallStackFactory.cpp: (Inspector::extractSourceInformationFromException): * inspector/agents/InspectorAuditAgent.cpp: (Inspector::InspectorAuditAgent::populateAuditObject): * inspector/agents/InspectorHeapAgent.cpp: (Inspector::InspectorHeapAgent::gc): * interpreter/FrameTracers.h: (JSC::NativeCallFrameTracer::NativeCallFrameTracer): * interpreter/Interpreter.cpp: (JSC::Interpreter::executeProgram): (JSC::Interpreter::prepareForRepeatCall): (JSC::Interpreter::execute): (JSC::Interpreter::executeModuleProgram): * interpreter/StackVisitor.cpp: (JSC::StackVisitor::Frame::calleeSaveRegistersForUnwinding): (JSC::StackVisitor::Frame::computeLineAndColumn const): * jit/AssemblyHelpers.cpp: (JSC::AssemblyHelpers::emitDumbVirtualCall): (JSC::AssemblyHelpers::emitConvertValueToBoolean): (JSC::AssemblyHelpers::branchIfValue): * jit/AssemblyHelpers.h: (JSC::AssemblyHelpers::vm): * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitEnterOptimizationCheck): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileExceptionHandlers): * jit/JIT.h: * jit/JITCall.cpp: (JSC::JIT::compileCallEvalSlowCase): * jit/JITCall32_64.cpp: (JSC::JIT::compileCallEvalSlowCase): * jit/JITExceptions.cpp: (JSC::genericUnwind): * jit/JITExceptions.h: * jit/JITInlineCacheGenerator.cpp: (JSC::JITGetByIdGenerator::JITGetByIdGenerator): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_is_undefined): (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jeq_null): (JSC::JIT::emit_op_jneq_null): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_throw): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_eq_null): (JSC::JIT::emit_op_neq_null): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_throw): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): * jit/JITOperations.cpp: (JSC::operationNewFunctionCommon): (JSC::tryGetByValOptimize): * jit/JITPropertyAccess.cpp: (JSC::JIT::emitWriteBarrier): * jit/JITThunks.cpp: (JSC::JITThunks::ctiNativeCall): (JSC::JITThunks::ctiNativeConstruct): (JSC::JITThunks::ctiNativeTailCall): (JSC::JITThunks::ctiNativeTailCallWithoutSavedTags): (JSC::JITThunks::ctiInternalFunctionCall): (JSC::JITThunks::ctiInternalFunctionConstruct): (JSC::JITThunks::ctiStub): (JSC::JITThunks::hostFunctionStub): * jit/JITThunks.h: * jit/JITWorklist.cpp: (JSC::JITWorklist::Plan::vm): (JSC::JITWorklist::completeAllForVM): (JSC::JITWorklist::poll): (JSC::JITWorklist::compileLater): (JSC::JITWorklist::compileNow): * jit/Repatch.cpp: (JSC::readPutICCallTarget): (JSC::ftlThunkAwareRepatchCall): (JSC::linkSlowFor): (JSC::linkFor): (JSC::linkDirectFor): (JSC::revertCall): (JSC::unlinkFor): (JSC::linkVirtualFor): (JSC::linkPolymorphicCall): * jit/SpecializedThunkJIT.h: (JSC::SpecializedThunkJIT::SpecializedThunkJIT): * jit/ThunkGenerator.h: * jit/ThunkGenerators.cpp: (JSC::throwExceptionFromCallSlowPathGenerator): (JSC::slowPathFor): (JSC::linkCallThunkGenerator): (JSC::linkPolymorphicCallThunkGenerator): (JSC::virtualThunkFor): (JSC::nativeForGenerator): (JSC::nativeCallGenerator): (JSC::nativeTailCallGenerator): (JSC::nativeTailCallWithoutSavedTagsGenerator): (JSC::nativeConstructGenerator): (JSC::internalFunctionCallGenerator): (JSC::internalFunctionConstructGenerator): (JSC::arityFixupGenerator): (JSC::unreachableGenerator): (JSC::stringGetByValGenerator): (JSC::charToString): (JSC::charCodeAtThunkGenerator): (JSC::charAtThunkGenerator): (JSC::fromCharCodeThunkGenerator): (JSC::clz32ThunkGenerator): (JSC::sqrtThunkGenerator): (JSC::floorThunkGenerator): (JSC::ceilThunkGenerator): (JSC::truncThunkGenerator): (JSC::roundThunkGenerator): (JSC::expThunkGenerator): (JSC::logThunkGenerator): (JSC::absThunkGenerator): (JSC::imulThunkGenerator): (JSC::randomThunkGenerator): (JSC::boundThisNoArgsFunctionCallGenerator): * jit/ThunkGenerators.h: * jsc.cpp: (GlobalObject::finishCreation): (GlobalObject::addFunction): (GlobalObject::moduleLoaderImportModule): (GlobalObject::moduleLoaderResolve): (GlobalObject::moduleLoaderCreateImportMetaProperties): (functionDescribe): (functionDescribeArray): (JSCMemoryFootprint::addProperty): (functionRun): (functionRunString): (functionReadFile): (functionCallerSourceOrigin): (functionReadline): (functionDollarCreateRealm): (functionDollarEvalScript): (functionDollarAgentGetReport): (functionWaitForReport): (functionJSCOptions): (functionCheckModuleSyntax): (functionGenerateHeapSnapshotForGCDebugging): (functionWebAssemblyMemoryMode): (dumpException): (checkUncaughtException): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::handleHostCall): * parser/ASTBuilder.h: (JSC::ASTBuilder::ASTBuilder): (JSC::ASTBuilder::createResolve): (JSC::ASTBuilder::createGetterOrSetterProperty): (JSC::ASTBuilder::createProperty): (JSC::ASTBuilder::createFuncDeclStatement): (JSC::ASTBuilder::makeFunctionCallNode): * parser/Lexer.cpp: (JSC::Lexer<T>::Lexer): (JSC::Lexer<LChar>::parseIdentifier): (JSC::Lexer<UChar>::parseIdentifier): * parser/Lexer.h: (JSC::Lexer<T>::lexExpectIdentifier): * parser/ModuleAnalyzer.cpp: (JSC::ModuleAnalyzer::ModuleAnalyzer): * parser/ModuleAnalyzer.h: (JSC::ModuleAnalyzer::vm): * parser/Parser.cpp: (JSC::Parser<LexerType>::Parser): (JSC::Parser<LexerType>::parseInner): (JSC::Parser<LexerType>::isArrowFunctionParameters): (JSC::Parser<LexerType>::parseSourceElements): (JSC::Parser<LexerType>::parseModuleSourceElements): (JSC::Parser<LexerType>::parseGeneratorFunctionSourceElements): (JSC::Parser<LexerType>::parseAsyncFunctionSourceElements): (JSC::Parser<LexerType>::parseAsyncGeneratorFunctionSourceElements): (JSC::Parser<LexerType>::parseSingleFunction): (JSC::Parser<LexerType>::parseStatementListItem): (JSC::Parser<LexerType>::parseObjectRestAssignmentElement): (JSC::Parser<LexerType>::parseAssignmentElement): (JSC::Parser<LexerType>::parseDestructuringPattern): (JSC::Parser<LexerType>::parseForStatement): (JSC::Parser<LexerType>::parseBreakStatement): (JSC::Parser<LexerType>::parseContinueStatement): (JSC::Parser<LexerType>::parseStatement): (JSC::Parser<LexerType>::maybeParseAsyncFunctionDeclarationStatement): (JSC::Parser<LexerType>::createGeneratorParameters): (JSC::Parser<LexerType>::parseFunctionInfo): (JSC::Parser<LexerType>::parseFunctionDeclaration): (JSC::Parser<LexerType>::parseAsyncFunctionDeclaration): (JSC::Parser<LexerType>::parseClassDeclaration): (JSC::Parser<LexerType>::parseClass): (JSC::Parser<LexerType>::parseImportClauseItem): (JSC::Parser<LexerType>::parseImportDeclaration): (JSC::Parser<LexerType>::parseExportSpecifier): (JSC::Parser<LexerType>::parseExportDeclaration): (JSC::Parser<LexerType>::parseAssignmentExpression): (JSC::Parser<LexerType>::parseProperty): (JSC::Parser<LexerType>::parseGetterSetter): (JSC::Parser<LexerType>::parseObjectLiteral): (JSC::Parser<LexerType>::parseStrictObjectLiteral): (JSC::Parser<LexerType>::parseClassExpression): (JSC::Parser<LexerType>::parseFunctionExpression): (JSC::Parser<LexerType>::parseAsyncFunctionExpression): (JSC::Parser<LexerType>::parsePrimaryExpression): (JSC::Parser<LexerType>::parseMemberExpression): (JSC::Parser<LexerType>::parseArrowFunctionExpression): (JSC::Parser<LexerType>::parseUnaryExpression): * parser/Parser.h: (JSC::isArguments): (JSC::isEval): (JSC::isEvalOrArgumentsIdentifier): (JSC::Scope::Scope): (JSC::Scope::declareParameter): (JSC::Scope::setInnerArrowFunctionUsesEvalAndUseArgumentsIfNeeded): (JSC::Scope::collectFreeVariables): (JSC::Parser::canRecurse): (JSC::parse): (JSC::parseFunctionForFunctionConstructor): * parser/ParserArena.h: (JSC::IdentifierArena::makeIdentifier): (JSC::IdentifierArena::makeEmptyIdentifier): (JSC::IdentifierArena::makeIdentifierLCharFromUChar): (JSC::IdentifierArena::makeNumericIdentifier): * parser/SyntaxChecker.h: (JSC::SyntaxChecker::SyntaxChecker): (JSC::SyntaxChecker::createProperty): (JSC::SyntaxChecker::createGetterOrSetterProperty): * profiler/ProfilerBytecode.cpp: (JSC::Profiler::Bytecode::toJS const): * profiler/ProfilerBytecodeSequence.cpp: (JSC::Profiler::BytecodeSequence::addSequenceProperties const): * profiler/ProfilerBytecodes.cpp: (JSC::Profiler::Bytecodes::toJS const): * profiler/ProfilerCompilation.cpp: (JSC::Profiler::Compilation::toJS const): * profiler/ProfilerCompiledBytecode.cpp: (JSC::Profiler::CompiledBytecode::toJS const): * profiler/ProfilerEvent.cpp: (JSC::Profiler::Event::toJS const): * profiler/ProfilerOSRExit.cpp: (JSC::Profiler::OSRExit::toJS const): * profiler/ProfilerOSRExitSite.cpp: (JSC::Profiler::OSRExitSite::toJS const): * profiler/ProfilerUID.cpp: (JSC::Profiler::UID::toJS const): * runtime/AbstractModuleRecord.cpp: (JSC::AbstractModuleRecord::finishCreation): (JSC::AbstractModuleRecord::hostResolveImportedModule): (JSC::AbstractModuleRecord::resolveExportImpl): (JSC::getExportedNames): (JSC::AbstractModuleRecord::getModuleNamespace): * runtime/ArrayBufferNeuteringWatchpointSet.cpp: (JSC::ArrayBufferNeuteringWatchpointSet::fireAll): * runtime/ArrayIteratorPrototype.cpp: (JSC::ArrayIteratorPrototype::finishCreation): * runtime/ArrayPrototype.cpp: (JSC::fastJoin): (JSC::arrayProtoFuncToLocaleString): (JSC::slowJoin): (JSC::arrayProtoFuncJoin): (JSC::arrayProtoFuncPush): * runtime/AsyncFunctionPrototype.cpp: (JSC::AsyncFunctionPrototype::finishCreation): * runtime/AsyncGeneratorFunctionPrototype.cpp: (JSC::AsyncGeneratorFunctionPrototype::finishCreation): * runtime/AsyncGeneratorPrototype.cpp: (JSC::AsyncGeneratorPrototype::finishCreation): * runtime/AtomicsObject.cpp: (JSC::AtomicsObject::finishCreation): (JSC::atomicsFuncWait): (JSC::operationAtomicsAdd): (JSC::operationAtomicsAnd): (JSC::operationAtomicsCompareExchange): (JSC::operationAtomicsExchange): (JSC::operationAtomicsIsLockFree): (JSC::operationAtomicsLoad): (JSC::operationAtomicsOr): (JSC::operationAtomicsStore): (JSC::operationAtomicsSub): (JSC::operationAtomicsXor): * runtime/BigIntPrototype.cpp: (JSC::BigIntPrototype::finishCreation): (JSC::bigIntProtoFuncToString): * runtime/CachedTypes.cpp: (JSC::CachedUniquedStringImplBase::decode const): (JSC::CachedIdentifier::decode const): (JSC::CachedJSValue::decode const): * runtime/CodeCache.cpp: (JSC::CodeCacheMap::pruneSlowCase): (JSC::CodeCache::getUnlinkedGlobalFunctionExecutable): * runtime/CodeCache.h: (JSC::generateUnlinkedCodeBlockImpl): * runtime/CommonIdentifiers.cpp: (JSC::CommonIdentifiers::CommonIdentifiers): * runtime/CommonIdentifiers.h: * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): * runtime/Completion.cpp: (JSC::checkSyntaxInternal): (JSC::checkModuleSyntax): (JSC::loadAndEvaluateModule): (JSC::loadModule): * runtime/DateConstructor.cpp: (JSC::callDate): * runtime/DatePrototype.cpp: (JSC::formatLocaleDate): (JSC::formateDateInstance): (JSC::DatePrototype::finishCreation): (JSC::dateProtoFuncToISOString): * runtime/Error.cpp: (JSC::addErrorInfo): * runtime/ErrorInstance.cpp: (JSC::appendSourceToError): (JSC::ErrorInstance::finishCreation): (JSC::ErrorInstance::materializeErrorInfoIfNeeded): * runtime/ErrorPrototype.cpp: (JSC::ErrorPrototype::finishCreation): (JSC::errorProtoFuncToString): * runtime/ExceptionHelpers.cpp: (JSC::TerminatedExecutionError::defaultValue): * runtime/FunctionPrototype.cpp: (JSC::functionProtoFuncToString): * runtime/FunctionRareData.cpp: (JSC::FunctionRareData::clear): * runtime/GeneratorFunctionPrototype.cpp: (JSC::GeneratorFunctionPrototype::finishCreation): * runtime/GeneratorPrototype.cpp: (JSC::GeneratorPrototype::finishCreation): * runtime/GenericArgumentsInlines.h: (JSC::GenericArguments<Type>::getOwnPropertyNames): * runtime/GetterSetter.h: * runtime/Identifier.cpp: (JSC::Identifier::add): (JSC::Identifier::add8): (JSC::Identifier::from): (JSC::Identifier::checkCurrentAtomStringTable): * runtime/Identifier.h: (JSC::Identifier::fromString): (JSC::Identifier::createLCharFromUChar): (JSC::Identifier::Identifier): (JSC::Identifier::add): * runtime/IdentifierInlines.h: (JSC::Identifier::Identifier): (JSC::Identifier::add): (JSC::Identifier::fromUid): (JSC::Identifier::fromString): (JSC::identifierToJSValue): (JSC::identifierToSafePublicJSValue): * runtime/InternalFunction.cpp: (JSC::InternalFunction::finishCreation): * runtime/IntlCollator.cpp: (JSC::IntlCollator::resolvedOptions): * runtime/IntlCollatorPrototype.cpp: (JSC::IntlCollatorPrototype::finishCreation): * runtime/IntlDateTimeFormat.cpp: (JSC::IntlDTFInternal::toDateTimeOptionsAnyDate): (JSC::IntlDateTimeFormat::resolvedOptions): (JSC::IntlDateTimeFormat::format): (JSC::IntlDateTimeFormat::formatToParts): * runtime/IntlDateTimeFormatPrototype.cpp: (JSC::IntlDateTimeFormatPrototype::finishCreation): * runtime/IntlNumberFormat.cpp: (JSC::IntlNumberFormat::initializeNumberFormat): (JSC::IntlNumberFormat::formatNumber): (JSC::IntlNumberFormat::resolvedOptions): (JSC::IntlNumberFormat::formatToParts): * runtime/IntlNumberFormatPrototype.cpp: (JSC::IntlNumberFormatPrototype::finishCreation): * runtime/IntlObject.cpp: (JSC::lookupSupportedLocales): (JSC::supportedLocales): (JSC::intlObjectFuncGetCanonicalLocales): * runtime/IntlPluralRules.cpp: (JSC::IntlPluralRules::initializePluralRules): (JSC::IntlPluralRules::resolvedOptions): (JSC::IntlPluralRules::select): * runtime/IntlPluralRulesPrototype.cpp: (JSC::IntlPluralRulesPrototype::finishCreation): * runtime/JSArray.h: (JSC::asArray): (JSC::isJSArray): * runtime/JSArrayBufferPrototype.cpp: (JSC::JSArrayBufferPrototype::finishCreation): * runtime/JSArrayBufferView.cpp: (JSC::JSArrayBufferView::slowDownAndWasteMemory): * runtime/JSCJSValue.cpp: (JSC::JSValue::putToPrimitiveByIndex): (JSC::JSValue::dumpForBacktrace const): (JSC::JSValue::toStringSlowCase const): * runtime/JSCJSValueInlines.h: (JSC::JSValue::toPropertyKey const): (JSC::JSValue::get const): * runtime/JSCast.h: (JSC::jsCast): * runtime/JSCell.cpp: (JSC::JSCell::dump const): (JSC::JSCell::dumpToStream): (JSC::JSCell::putByIndex): * runtime/JSCellInlines.h: (JSC::JSCell::structure const): (JSC::ExecState::vm const): (JSC::tryAllocateCellHelper): * runtime/JSDataViewPrototype.cpp: (JSC::JSDataViewPrototype::finishCreation): * runtime/JSFixedArray.cpp: (JSC::JSFixedArray::dumpToStream): * runtime/JSFunction.cpp: (JSC::JSFunction::finishCreation): (JSC::RetrieveCallerFunctionFunctor::operator() const): (JSC::JSFunction::reifyName): (JSC::JSFunction::reifyLazyBoundNameIfNeeded): (JSC::JSFunction::assertTypeInfoFlagInvariants): * runtime/JSGenericTypedArrayViewInlines.h: (JSC::JSGenericTypedArrayView<Adaptor>::deletePropertyByIndex): (JSC::JSGenericTypedArrayView<Adaptor>::getOwnPropertyNames): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::init): (JSC::JSGlobalObject::exposeDollarVM): * runtime/JSGlobalObjectFunctions.cpp: (JSC::encode): (JSC::decode): (JSC::globalFuncEscape): (JSC::globalFuncUnescape): (JSC::globalFuncBuiltinDescribe): * runtime/JSLexicalEnvironment.cpp: (JSC::JSLexicalEnvironment::getOwnNonIndexPropertyNames): * runtime/JSModuleEnvironment.cpp: (JSC::JSModuleEnvironment::getOwnPropertySlot): (JSC::JSModuleEnvironment::put): (JSC::JSModuleEnvironment::deleteProperty): * runtime/JSModuleLoader.cpp: (JSC::JSModuleLoader::finishCreation): (JSC::JSModuleLoader::requestImportModule): (JSC::moduleLoaderParseModule): (JSC::moduleLoaderRequestedModules): * runtime/JSModuleNamespaceObject.cpp: (JSC::JSModuleNamespaceObject::finishCreation): (JSC::JSModuleNamespaceObject::getOwnPropertySlotByIndex): * runtime/JSModuleRecord.cpp: (JSC::JSModuleRecord::instantiateDeclarations): * runtime/JSONObject.cpp: (JSC::JSONObject::finishCreation): (JSC::PropertyNameForFunctionCall::value const): (JSC::Stringifier::Stringifier): (JSC::Stringifier::stringify): (JSC::Stringifier::Holder::appendNextProperty): (JSC::Walker::walk): * runtime/JSObject.cpp: (JSC::getClassPropertyNames): (JSC::JSObject::getOwnPropertySlotByIndex): (JSC::JSObject::putByIndex): (JSC::JSObject::deletePropertyByIndex): (JSC::JSObject::toString const): (JSC::JSObject::reifyAllStaticProperties): (JSC::JSObject::putDirectIndexSlowOrBeyondVectorLength): * runtime/JSObject.h: (JSC::JSObject::putByIndexInline): (JSC::JSObject::butterflyPreCapacity): (JSC::JSObject::butterflyTotalSize): (JSC::makeIdentifier): * runtime/JSPromisePrototype.cpp: (JSC::JSPromisePrototype::finishCreation): * runtime/JSPropertyNameEnumerator.cpp: (JSC::JSPropertyNameEnumerator::finishCreation): * runtime/JSPropertyNameEnumerator.h: (JSC::propertyNameEnumerator): * runtime/JSRunLoopTimer.cpp: (JSC::JSRunLoopTimer::JSRunLoopTimer): * runtime/JSRunLoopTimer.h: * runtime/JSString.cpp: (JSC::JSString::dumpToStream): (JSC::JSRopeString::resolveRopeWithFunction const): (JSC::jsStringWithCacheSlowCase): * runtime/JSString.h: (JSC::jsEmptyString): (JSC::jsSingleCharacterString): (JSC::jsNontrivialString): (JSC::JSString::toIdentifier const): (JSC::JSString::toAtomString const): (JSC::JSString::toExistingAtomString const): (JSC::JSString::value const): (JSC::JSString::tryGetValue const): (JSC::JSString::getIndex): (JSC::jsString): (JSC::jsSubstring): (JSC::jsOwnedString): (JSC::jsStringWithCache): (JSC::JSRopeString::unsafeView const): (JSC::JSRopeString::viewWithUnderlyingString const): (JSC::JSString::unsafeView const): * runtime/JSStringInlines.h: (JSC::jsMakeNontrivialString): (JSC::repeatCharacter): * runtime/JSStringJoiner.cpp: (JSC::JSStringJoiner::join): * runtime/JSSymbolTableObject.cpp: (JSC::JSSymbolTableObject::getOwnNonIndexPropertyNames): * runtime/JSTemplateObjectDescriptor.cpp: (JSC::JSTemplateObjectDescriptor::createTemplateObject): * runtime/JSTypedArrayViewPrototype.cpp: (JSC::typedArrayViewProtoGetterFuncToStringTag): * runtime/LazyClassStructure.cpp: (JSC::LazyClassStructure::Initializer::setConstructor): * runtime/LazyProperty.h: (JSC::LazyProperty::Initializer::Initializer): * runtime/LiteralParser.cpp: (JSC::LiteralParser<CharType>::tryJSONPParse): (JSC::LiteralParser<CharType>::makeIdentifier): (JSC::LiteralParser<CharType>::parse): * runtime/Lookup.h: (JSC::reifyStaticProperties): * runtime/MapIteratorPrototype.cpp: (JSC::MapIteratorPrototype::finishCreation): * runtime/MapPrototype.cpp: (JSC::MapPrototype::finishCreation): * runtime/MathObject.cpp: (JSC::MathObject::finishCreation): * runtime/NumberConstructor.cpp: (JSC::NumberConstructor::finishCreation): * runtime/NumberPrototype.cpp: (JSC::numberProtoFuncToExponential): (JSC::numberProtoFuncToFixed): (JSC::numberProtoFuncToPrecision): (JSC::int32ToStringInternal): (JSC::numberToStringInternal): (JSC::int52ToString): * runtime/ObjectConstructor.cpp: (JSC::objectConstructorGetOwnPropertyDescriptors): (JSC::objectConstructorAssign): (JSC::objectConstructorValues): (JSC::defineProperties): (JSC::setIntegrityLevel): (JSC::testIntegrityLevel): (JSC::ownPropertyKeys): * runtime/ObjectPrototype.cpp: (JSC::objectProtoFuncToString): * runtime/Operations.h: (JSC::jsString): (JSC::jsStringFromRegisterArray): (JSC::jsStringFromArguments): * runtime/ProgramExecutable.cpp: (JSC::ProgramExecutable::initializeGlobalProperties): * runtime/PromiseDeferredTimer.cpp: (JSC::PromiseDeferredTimer::PromiseDeferredTimer): (JSC::PromiseDeferredTimer::hasPendingPromise): (JSC::PromiseDeferredTimer::hasDependancyInPendingPromise): (JSC::PromiseDeferredTimer::cancelPendingPromise): * runtime/PropertyNameArray.h: (JSC::PropertyNameArray::PropertyNameArray): (JSC::PropertyNameArray::vm): * runtime/PropertySlot.h: (JSC::PropertySlot::getValue const): * runtime/ProxyObject.cpp: (JSC::performProxyGet): (JSC::ProxyObject::performInternalMethodGetOwnProperty): (JSC::ProxyObject::performHasProperty): (JSC::ProxyObject::getOwnPropertySlotByIndex): (JSC::ProxyObject::performPut): (JSC::ProxyObject::putByIndexCommon): (JSC::ProxyObject::performDelete): (JSC::ProxyObject::deletePropertyByIndex): (JSC::ProxyObject::performDefineOwnProperty): (JSC::ProxyObject::performGetOwnPropertyNames): * runtime/RegExpGlobalData.cpp: (JSC::RegExpGlobalData::getBackref): (JSC::RegExpGlobalData::getLastParen): * runtime/RegExpMatchesArray.cpp: (JSC::createEmptyRegExpMatchesArray): * runtime/RegExpMatchesArray.h: (JSC::createRegExpMatchesArray): * runtime/RegExpPrototype.cpp: (JSC::regExpProtoGetterFlags): (JSC::regExpProtoGetterSourceInternal): (JSC::regExpProtoGetterSource): * runtime/RegExpStringIteratorPrototype.cpp: (JSC::RegExpStringIteratorPrototype::finishCreation): * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::processUnverifiedStackTraces): * runtime/ScriptExecutable.cpp: (JSC::ScriptExecutable::installCode): (JSC::ScriptExecutable::newCodeBlockFor): (JSC::ScriptExecutable::newReplacementCodeBlockFor): (JSC::setupJIT): * runtime/SetIteratorPrototype.cpp: (JSC::SetIteratorPrototype::finishCreation): * runtime/SetPrototype.cpp: (JSC::SetPrototype::finishCreation): * runtime/StackFrame.cpp: (JSC::StackFrame::computeLineAndColumn const): * runtime/StringConstructor.cpp: (JSC::stringFromCharCode): (JSC::stringFromCodePoint): (JSC::stringConstructor): (JSC::callStringConstructor): * runtime/StringIteratorPrototype.cpp: (JSC::StringIteratorPrototype::finishCreation): * runtime/StringObject.cpp: (JSC::StringObject::getOwnPropertySlotByIndex): (JSC::StringObject::getOwnPropertyNames): * runtime/StringObject.h: (JSC::StringObject::create): (JSC::jsStringWithReuse): (JSC::jsSubstring): * runtime/StringPrototype.cpp: (JSC::StringPrototype::finishCreation): (JSC::StringPrototype::create): (JSC::jsSpliceSubstrings): (JSC::jsSpliceSubstringsWithSeparators): (JSC::replaceUsingRegExpSearch): (JSC::operationStringProtoFuncReplaceRegExpEmptyStr): (JSC::operationStringProtoFuncReplaceRegExpString): (JSC::replaceUsingStringSearch): (JSC::operationStringProtoFuncReplaceGeneric): (JSC::stringProtoFuncCharAt): (JSC::stringProtoFuncSplitFast): (JSC::stringProtoFuncSubstr): (JSC::stringProtoFuncToLowerCase): (JSC::stringProtoFuncToUpperCase): (JSC::toLocaleCase): (JSC::trimString): (JSC::normalize): * runtime/StringPrototypeInlines.h: (JSC::stringSlice): * runtime/StringRecursionChecker.cpp: (JSC::StringRecursionChecker::emptyString): * runtime/Structure.cpp: (JSC::Structure::didTransitionFromThisStructure const): * runtime/StructureInlines.h: (JSC::Structure::didReplaceProperty): (JSC::Structure::shouldConvertToPolyProto): * runtime/SymbolConstructor.cpp: (JSC::symbolConstructorKeyFor): * runtime/SymbolPrototype.cpp: (JSC::SymbolPrototype::finishCreation): (JSC::symbolProtoGetterDescription): (JSC::symbolProtoFuncToString): * runtime/SymbolTable.cpp: (JSC::SymbolTable::setRareDataCodeBlock): * runtime/TestRunnerUtils.cpp: (JSC::getExecutableForFunction): * runtime/VM.cpp: (JSC::VM::VM): (JSC::VM::getHostFunction): (JSC::VM::getCTIInternalFunctionTrampolineFor): (JSC::VM::shrinkFootprintWhenIdle): (JSC::logSanitizeStack): (JSC::sanitizeStackForVM): (JSC::VM::emptyPropertyNameEnumeratorSlow): * runtime/VM.h: (JSC::VM::getCTIStub): (JSC::WeakSet::heap const): * runtime/VMTraps.cpp: * runtime/WeakMapPrototype.cpp: (JSC::WeakMapPrototype::finishCreation): * runtime/WeakObjectRefPrototype.cpp: (JSC::WeakObjectRefPrototype::finishCreation): * runtime/WeakSetPrototype.cpp: (JSC::WeakSetPrototype::finishCreation): * tools/HeapVerifier.cpp: (JSC::HeapVerifier::printVerificationHeader): (JSC::HeapVerifier::verifyCellList): (JSC::HeapVerifier::validateJSCell): (JSC::HeapVerifier::reportCell): * tools/JSDollarVM.cpp: (JSC::JSDollarVMCallFrame::finishCreation): (JSC::JSDollarVMCallFrame::addProperty): (JSC::CustomGetter::getOwnPropertySlot): (JSC::CustomGetter::customGetter): (JSC::CustomGetter::customGetterAcessor): (JSC::DOMJITGetter::DOMJITAttribute::slowCall): (JSC::DOMJITGetter::finishCreation): (JSC::DOMJITGetterComplex::DOMJITAttribute::slowCall): (JSC::DOMJITGetterComplex::finishCreation): (JSC::DOMJITFunctionObject::functionWithoutTypeCheck): (JSC::DOMJITFunctionObject::finishCreation): (JSC::DOMJITCheckSubClassObject::functionWithoutTypeCheck): (JSC::DOMJITCheckSubClassObject::finishCreation): (JSC::DOMJITGetterBaseJSObject::DOMJITAttribute::slowCall): (JSC::DOMJITGetterBaseJSObject::finishCreation): (JSC::customSetAccessor): (JSC::customSetValue): (JSC::JSTestCustomGetterSetter::finishCreation): (JSC::WasmStreamingParser::finishCreation): (JSC::getExecutableForFunction): (JSC::functionCodeBlockFor): (JSC::functionIndexingMode): (JSC::functionValue): (JSC::functionCreateBuiltin): (JSC::functionGetPrivateProperty): (JSC::JSDollarVM::finishCreation): (JSC::JSDollarVM::addFunction): (JSC::JSDollarVM::addConstructibleFunction): * tools/VMInspector.cpp: (JSC::VMInspector::dumpRegisters): (JSC::VMInspector::dumpCellMemoryToStream): * wasm/WasmInstance.cpp: (JSC::Wasm::Instance::setGlobal): (JSC::Wasm::Instance::setFunctionWrapper): (JSC::Wasm::setWasmTableElement): (JSC::Wasm::doWasmRefFunc): * wasm/WasmTable.cpp: (JSC::Wasm::Table::set): (JSC::Wasm::FuncRefTable::setFunction): * wasm/js/JSWebAssembly.cpp: (JSC::resolve): * wasm/js/JSWebAssemblyInstance.cpp: (JSC::JSWebAssemblyInstance::create): * wasm/js/WasmToJS.cpp: (JSC::Wasm::handleBadI64Use): (JSC::Wasm::wasmToJS): (JSC::Wasm::wasmToJSException): * wasm/js/WebAssemblyFunction.cpp: (JSC::WebAssemblyFunction::jsCallEntrypointSlow): * wasm/js/WebAssemblyMemoryConstructor.cpp: (JSC::constructJSWebAssemblyMemory): * wasm/js/WebAssemblyModuleConstructor.cpp: (JSC::webAssemblyModuleImports): (JSC::webAssemblyModuleExports): * wasm/js/WebAssemblyModuleRecord.cpp: (JSC::WebAssemblyModuleRecord::finishCreation): (JSC::WebAssemblyModuleRecord::link): * wasm/js/WebAssemblyTableConstructor.cpp: (JSC::constructJSWebAssemblyTable): Source/WebCore: No new tests. Covered by existing tests. * Modules/encryptedmedia/legacy/LegacyCDMSessionClearKey.cpp: (WebCore::CDMSessionClearKey::update): * Modules/plugins/QuickTimePluginReplacement.mm: (WebCore::QuickTimePluginReplacement::ensureReplacementScriptInjected): (WebCore::QuickTimePluginReplacement::installReplacement): * animation/KeyframeEffect.cpp: (WebCore::processKeyframeLikeObject): * bindings/js/GCController.cpp: (WebCore::GCController::dumpHeap): * bindings/js/IDBBindingUtilities.cpp: (WebCore::get): (WebCore::set): * bindings/js/JSCSSRuleListCustom.cpp: (WebCore::JSCSSRuleListOwner::isReachableFromOpaqueRoots): * bindings/js/JSCustomElementRegistryCustom.cpp: (WebCore::JSCustomElementRegistry::define): * bindings/js/JSCustomXPathNSResolver.cpp: (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI): * bindings/js/JSDOMConvertRecord.h: * bindings/js/JSDOMConvertStrings.h: (WebCore::JSConverter<IDLDOMString>::convert): (WebCore::JSConverter<IDLByteString>::convert): (WebCore::JSConverter<IDLUSVString>::convert): * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::getOwnPropertySlotByIndex): (WebCore::addScopedChildrenIndexes): (WebCore::JSDOMWindow::defineOwnProperty): (WebCore::DialogHandler::dialogCreated): (WebCore::DialogHandler::returnValue const): (WebCore::JSDOMWindow::setOpener): (WebCore::JSDOMWindow::setOpenDatabase): * bindings/js/JSDOMWindowProperties.cpp: (WebCore::JSDOMWindowProperties::getOwnPropertySlotByIndex): * bindings/js/JSDeprecatedCSSOMValueCustom.cpp: (WebCore::JSDeprecatedCSSOMValueOwner::isReachableFromOpaqueRoots): * bindings/js/JSEventListener.cpp: (WebCore::JSEventListener::handleEvent): * bindings/js/JSImageDataCustom.cpp: (WebCore::toJSNewlyCreated): * bindings/js/JSLazyEventListener.cpp: (WebCore::JSLazyEventListener::initializeJSFunction const): * bindings/js/JSLocationCustom.cpp: (WebCore::JSLocation::getOwnPropertySlotByIndex): (WebCore::JSLocation::putByIndex): * bindings/js/JSNodeListCustom.cpp: (WebCore::JSNodeListOwner::isReachableFromOpaqueRoots): * bindings/js/JSPluginElementFunctions.cpp: (WebCore::pluginElementCustomGetCallData): * bindings/js/JSRemoteDOMWindowCustom.cpp: (WebCore::JSRemoteDOMWindow::getOwnPropertySlotByIndex): * bindings/js/ReadableStreamDefaultController.cpp: (WebCore::ReadableStreamDefaultController::invoke): * bindings/js/ScriptController.cpp: (WebCore::ScriptController::linkAndEvaluateModuleScriptInWorld): * bindings/js/ScriptModuleLoader.cpp: (WebCore::ScriptModuleLoader::resolve): (WebCore::ScriptModuleLoader::importModule): (WebCore::ScriptModuleLoader::createImportMetaProperties): * bindings/js/SerializedScriptValue.cpp: (WebCore::CloneSerializer::CloneSerializer): (WebCore::CloneSerializer::write): (WebCore::CloneSerializer::serialize): (WebCore::CloneDeserializer::CachedString::jsString): (WebCore::CloneDeserializer::readTerminal): (WebCore::CloneDeserializer::deserialize): * bindings/js/WebCoreBuiltinNames.h: (WebCore::WebCoreBuiltinNames::WebCoreBuiltinNames): * bindings/js/WebCoreJSClientData.cpp: (WebCore::JSVMClientData::JSVMClientData): * bindings/js/WindowProxy.cpp: (WebCore::WindowProxy::clearJSWindowProxiesNotMatchingDOMWindow): * bindings/scripts/CodeGeneratorJS.pm: (GenerateGetOwnPropertySlotByIndex): (GenerateGetOwnPropertyNames): (GeneratePutByIndex): (GenerateDeletePropertyByIndex): (GenerateDictionaryImplementationContent): (addUnscopableProperties): (GenerateImplementation): (GenerateAttributeSetterBodyDefinition): (GenerateOperationDefinition): (GenerateSerializerDefinition): (GenerateCallbackImplementationContent): (GenerateConstructorHelperMethods): * bindings/scripts/test/JS/JSInterfaceName.cpp: (WebCore::JSInterfaceNameConstructor::initializeProperties): * bindings/scripts/test/JS/JSMapLike.cpp: (WebCore::JSMapLikeConstructor::initializeProperties): * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp: (WebCore::JSReadOnlyMapLikeConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: (WebCore::JSTestActiveDOMObjectConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestCEReactions.cpp: (WebCore::JSTestCEReactionsConstructor::initializeProperties): (WebCore::setJSTestCEReactionsAttributeWithCEReactionsSetter): (WebCore::setJSTestCEReactionsReflectAttributeWithCEReactionsSetter): (WebCore::setJSTestCEReactionsStringifierAttributeSetter): (WebCore::setJSTestCEReactionsAttributeWithCEReactionsNotNeededSetter): (WebCore::setJSTestCEReactionsReflectAttributeWithCEReactionsNotNeededSetter): (WebCore::setJSTestCEReactionsStringifierAttributeNotNeededSetter): * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp: (WebCore::JSTestCEReactionsStringifierConstructor::initializeProperties): (WebCore::setJSTestCEReactionsStringifierValueSetter): (WebCore::setJSTestCEReactionsStringifierValueWithoutReactionsSetter): * bindings/scripts/test/JS/JSTestCallTracer.cpp: (WebCore::JSTestCallTracerConstructor::initializeProperties): (WebCore::setJSTestCallTracerTestAttributeInterfaceSetter): (WebCore::setJSTestCallTracerTestAttributeSpecifiedSetter): (WebCore::setJSTestCallTracerTestAttributeWithVariantSetter): * bindings/scripts/test/JS/JSTestCallbackInterface.cpp: (WebCore::convertDictionary<TestCallbackInterface::Dictionary>): (WebCore::JSTestCallbackInterfaceConstructor::initializeProperties): (WebCore::JSTestCallbackInterface::callbackWithNoParam): (WebCore::JSTestCallbackInterface::callbackWithArrayParam): (WebCore::JSTestCallbackInterface::callbackWithSerializedScriptValueParam): (WebCore::JSTestCallbackInterface::callbackWithStringList): (WebCore::JSTestCallbackInterface::callbackWithBoolean): (WebCore::JSTestCallbackInterface::callbackRequiresThisToPass): (WebCore::JSTestCallbackInterface::callbackWithAReturnValue): (WebCore::JSTestCallbackInterface::callbackThatRethrowsExceptions): (WebCore::JSTestCallbackInterface::callbackThatSkipsInvokeCheck): (WebCore::JSTestCallbackInterface::callbackWithThisObject): * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp: (WebCore::JSTestClassWithJSBuiltinConstructorConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestDOMJIT.cpp: (WebCore::JSTestDOMJITConstructor::initializeProperties): (WebCore::jsTestDOMJITPrototypeFunctionGetAttributeWithoutTypeCheck): (WebCore::jsTestDOMJITPrototypeFunctionItemWithoutTypeCheck): (WebCore::jsTestDOMJITPrototypeFunctionHasAttributeWithoutTypeCheck): (WebCore::jsTestDOMJITPrototypeFunctionGetElementByIdWithoutTypeCheck): (WebCore::jsTestDOMJITPrototypeFunctionGetElementsByNameWithoutTypeCheck): * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp: (WebCore::JSTestEnabledBySettingConstructor::initializeProperties): (WebCore::JSTestEnabledBySettingPrototype::finishCreation): (WebCore::setJSTestEnabledBySettingTestSubObjEnabledBySettingConstructorSetter): (WebCore::setJSTestEnabledBySettingEnabledBySettingAttributeSetter): * bindings/scripts/test/JS/JSTestEnabledForContext.cpp: (WebCore::JSTestEnabledForContextConstructor::initializeProperties): (WebCore::setJSTestEnabledForContextTestSubObjEnabledForContextConstructorSetter): * bindings/scripts/test/JS/JSTestEventConstructor.cpp: (WebCore::convertDictionary<TestEventConstructor::Init>): (WebCore::JSTestEventConstructorConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestEventTarget.cpp: (WebCore::JSTestEventTargetConstructor::initializeProperties): (WebCore::JSTestEventTarget::getOwnPropertySlotByIndex): (WebCore::JSTestEventTarget::getOwnPropertyNames): * bindings/scripts/test/JS/JSTestException.cpp: (WebCore::JSTestExceptionConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp: (WebCore::JSTestGenerateIsReachableConstructor::initializeProperties): (WebCore::JSTestGenerateIsReachablePrototype::finishCreation): * bindings/scripts/test/JS/JSTestGlobalObject.cpp: (WebCore::JSTestGlobalObjectConstructor::initializeProperties): (WebCore::setJSTestGlobalObjectRegularAttributeSetter): (WebCore::setJSTestGlobalObjectPublicAndPrivateAttributeSetter): (WebCore::setJSTestGlobalObjectPublicAndPrivateConditionalAttributeSetter): (WebCore::setJSTestGlobalObjectEnabledAtRuntimeAttributeSetter): (WebCore::setJSTestGlobalObjectTestCEReactionsConstructorSetter): (WebCore::setJSTestGlobalObjectTestCEReactionsStringifierConstructorSetter): (WebCore::setJSTestGlobalObjectTestCallTracerConstructorSetter): (WebCore::setJSTestGlobalObjectTestCallbackInterfaceConstructorSetter): (WebCore::setJSTestGlobalObjectTestClassWithJSBuiltinConstructorConstructorSetter): (WebCore::setJSTestGlobalObjectTestDOMJITConstructorSetter): (WebCore::setJSTestGlobalObjectTestDomainSecurityConstructorSetter): (WebCore::setJSTestGlobalObjectTestEnabledBySettingConstructorSetter): (WebCore::setJSTestGlobalObjectTestEnabledForContextConstructorSetter): (WebCore::setJSTestGlobalObjectTestEventConstructorConstructorSetter): (WebCore::setJSTestGlobalObjectTestEventTargetConstructorSetter): (WebCore::setJSTestGlobalObjectTestExceptionConstructorSetter): (WebCore::setJSTestGlobalObjectTestGenerateIsReachableConstructorSetter): (WebCore::setJSTestGlobalObjectTestGlobalObjectConstructorSetter): (WebCore::setJSTestGlobalObjectTestIndexedSetterNoIdentifierConstructorSetter): (WebCore::setJSTestGlobalObjectTestIndexedSetterThrowingExceptionConstructorSetter): (WebCore::setJSTestGlobalObjectTestIndexedSetterWithIdentifierConstructorSetter): (WebCore::setJSTestGlobalObjectTestInterfaceConstructorSetter): (WebCore::setJSTestGlobalObjectTestInterfaceLeadingUnderscoreConstructorSetter): (WebCore::setJSTestGlobalObjectTestIterableConstructorSetter): (WebCore::setJSTestGlobalObjectTestJSBuiltinConstructorConstructorSetter): (WebCore::setJSTestGlobalObjectTestMapLikeConstructorSetter): (WebCore::setJSTestGlobalObjectTestMediaQueryListListenerConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedAndIndexedSetterNoIdentifierConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedAndIndexedSetterThrowingExceptionConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedAndIndexedSetterWithIdentifierConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedConstructorConstructorSetter): (WebCore::setJSTestGlobalObjectAudioConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedDeleterNoIdentifierConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedDeleterThrowingExceptionConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedDeleterWithIdentifierConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedDeleterWithIndexedGetterConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedGetterCallWithConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedGetterNoIdentifierConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedGetterWithIdentifierConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedSetterNoIdentifierConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedSetterThrowingExceptionConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedSetterWithIdentifierConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedSetterWithIndexedGetterConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedSetterWithIndexedGetterAndSetterConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedSetterWithOverrideBuiltinsConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedSetterWithUnforgablePropertiesConstructorSetter): (WebCore::setJSTestGlobalObjectTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsConstructorSetter): (WebCore::setJSTestGlobalObjectTestOverloadedConstructorsConstructorSetter): (WebCore::setJSTestGlobalObjectTestOverloadedConstructorsWithSequenceConstructorSetter): (WebCore::setJSTestGlobalObjectTestOverrideBuiltinsConstructorSetter): (WebCore::setJSTestGlobalObjectTestPluginInterfaceConstructorSetter): (WebCore::setJSTestGlobalObjectTestReadOnlyMapLikeConstructorSetter): (WebCore::setJSTestGlobalObjectTestReportExtraMemoryCostConstructorSetter): (WebCore::setJSTestGlobalObjectTestSerializationConstructorSetter): (WebCore::setJSTestGlobalObjectTestSerializationIndirectInheritanceConstructorSetter): (WebCore::setJSTestGlobalObjectTestSerializationInheritConstructorSetter): (WebCore::setJSTestGlobalObjectTestSerializationInheritFinalConstructorSetter): (WebCore::setJSTestGlobalObjectTestSerializedScriptValueInterfaceConstructorSetter): (WebCore::setJSTestGlobalObjectTestStringifierConstructorSetter): (WebCore::setJSTestGlobalObjectTestStringifierAnonymousOperationConstructorSetter): (WebCore::setJSTestGlobalObjectTestStringifierNamedOperationConstructorSetter): (WebCore::setJSTestGlobalObjectTestStringifierOperationImplementedAsConstructorSetter): (WebCore::setJSTestGlobalObjectTestStringifierOperationNamedToStringConstructorSetter): (WebCore::setJSTestGlobalObjectTestStringifierReadOnlyAttributeConstructorSetter): (WebCore::setJSTestGlobalObjectTestStringifierReadWriteAttributeConstructorSetter): (WebCore::setJSTestGlobalObjectTestTypedefsConstructorSetter): * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp: (WebCore::JSTestIndexedSetterNoIdentifierConstructor::initializeProperties): (WebCore::JSTestIndexedSetterNoIdentifier::getOwnPropertyNames): * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp: (WebCore::JSTestIndexedSetterThrowingExceptionConstructor::initializeProperties): (WebCore::JSTestIndexedSetterThrowingException::getOwnPropertyNames): * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp: (WebCore::JSTestIndexedSetterWithIdentifierConstructor::initializeProperties): (WebCore::JSTestIndexedSetterWithIdentifier::getOwnPropertyNames): * bindings/scripts/test/JS/JSTestInterface.cpp: (WebCore::JSTestInterfaceConstructor::initializeProperties): (WebCore::setJSTestInterfaceConstructorImplementsStaticAttrSetter): (WebCore::setJSTestInterfaceImplementsStr2Setter): (WebCore::setJSTestInterfaceImplementsStr3Setter): (WebCore::setJSTestInterfaceImplementsNodeSetter): (WebCore::setJSTestInterfaceConstructorSupplementalStaticAttrSetter): (WebCore::setJSTestInterfaceSupplementalStr2Setter): (WebCore::setJSTestInterfaceSupplementalStr3Setter): (WebCore::setJSTestInterfaceSupplementalNodeSetter): (WebCore::setJSTestInterfaceReflectAttributeSetter): * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp: (WebCore::JSTestInterfaceLeadingUnderscoreConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestIterable.cpp: (WebCore::JSTestIterableConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp: (WebCore::JSTestJSBuiltinConstructorConstructor::initializeProperties): (WebCore::setJSTestJSBuiltinConstructorTestAttributeRWCustomSetter): * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp: (WebCore::JSTestMediaQueryListListenerConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp: (WebCore::JSTestNamedAndIndexedSetterNoIdentifierConstructor::initializeProperties): (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::getOwnPropertySlotByIndex): (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::getOwnPropertyNames): (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::putByIndex): * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp: (WebCore::JSTestNamedAndIndexedSetterThrowingExceptionConstructor::initializeProperties): (WebCore::JSTestNamedAndIndexedSetterThrowingException::getOwnPropertySlotByIndex): (WebCore::JSTestNamedAndIndexedSetterThrowingException::getOwnPropertyNames): (WebCore::JSTestNamedAndIndexedSetterThrowingException::putByIndex): * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp: (WebCore::JSTestNamedAndIndexedSetterWithIdentifierConstructor::initializeProperties): (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::getOwnPropertySlotByIndex): (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::getOwnPropertyNames): (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::putByIndex): * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: (WebCore::JSTestNamedConstructorConstructor::initializeProperties): (WebCore::JSTestNamedConstructorNamedConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp: (WebCore::JSTestNamedDeleterNoIdentifierConstructor::initializeProperties): (WebCore::JSTestNamedDeleterNoIdentifier::getOwnPropertySlotByIndex): (WebCore::JSTestNamedDeleterNoIdentifier::getOwnPropertyNames): (WebCore::JSTestNamedDeleterNoIdentifier::deletePropertyByIndex): * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp: (WebCore::JSTestNamedDeleterThrowingExceptionConstructor::initializeProperties): (WebCore::JSTestNamedDeleterThrowingException::getOwnPropertySlotByIndex): (WebCore::JSTestNamedDeleterThrowingException::getOwnPropertyNames): (WebCore::JSTestNamedDeleterThrowingException::deletePropertyByIndex): * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp: (WebCore::JSTestNamedDeleterWithIdentifierConstructor::initializeProperties): (WebCore::JSTestNamedDeleterWithIdentifier::getOwnPropertySlotByIndex): (WebCore::JSTestNamedDeleterWithIdentifier::getOwnPropertyNames): (WebCore::JSTestNamedDeleterWithIdentifier::deletePropertyByIndex): * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp: (WebCore::JSTestNamedDeleterWithIndexedGetterConstructor::initializeProperties): (WebCore::JSTestNamedDeleterWithIndexedGetter::getOwnPropertySlotByIndex): (WebCore::JSTestNamedDeleterWithIndexedGetter::getOwnPropertyNames): * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp: (WebCore::JSTestNamedGetterCallWithConstructor::initializeProperties): (WebCore::JSTestNamedGetterCallWith::getOwnPropertySlotByIndex): (WebCore::JSTestNamedGetterCallWith::getOwnPropertyNames): * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp: (WebCore::JSTestNamedGetterNoIdentifierConstructor::initializeProperties): (WebCore::JSTestNamedGetterNoIdentifier::getOwnPropertySlotByIndex): (WebCore::JSTestNamedGetterNoIdentifier::getOwnPropertyNames): * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp: (WebCore::JSTestNamedGetterWithIdentifierConstructor::initializeProperties): (WebCore::JSTestNamedGetterWithIdentifier::getOwnPropertySlotByIndex): (WebCore::JSTestNamedGetterWithIdentifier::getOwnPropertyNames): * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp: (WebCore::JSTestNamedSetterNoIdentifierConstructor::initializeProperties): (WebCore::JSTestNamedSetterNoIdentifier::getOwnPropertySlotByIndex): (WebCore::JSTestNamedSetterNoIdentifier::getOwnPropertyNames): (WebCore::JSTestNamedSetterNoIdentifier::putByIndex): * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp: (WebCore::JSTestNamedSetterThrowingExceptionConstructor::initializeProperties): (WebCore::JSTestNamedSetterThrowingException::getOwnPropertySlotByIndex): (WebCore::JSTestNamedSetterThrowingException::getOwnPropertyNames): (WebCore::JSTestNamedSetterThrowingException::putByIndex): * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp: (WebCore::JSTestNamedSetterWithIdentifierConstructor::initializeProperties): (WebCore::JSTestNamedSetterWithIdentifier::getOwnPropertySlotByIndex): (WebCore::JSTestNamedSetterWithIdentifier::getOwnPropertyNames): (WebCore::JSTestNamedSetterWithIdentifier::putByIndex): * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp: (WebCore::JSTestNamedSetterWithIndexedGetterConstructor::initializeProperties): (WebCore::JSTestNamedSetterWithIndexedGetter::getOwnPropertySlotByIndex): (WebCore::JSTestNamedSetterWithIndexedGetter::getOwnPropertyNames): (WebCore::JSTestNamedSetterWithIndexedGetter::putByIndex): * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp: (WebCore::JSTestNamedSetterWithIndexedGetterAndSetterConstructor::initializeProperties): (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::getOwnPropertySlotByIndex): (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::getOwnPropertyNames): (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::putByIndex): * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.cpp: (WebCore::JSTestNamedSetterWithOverrideBuiltinsConstructor::initializeProperties): (WebCore::JSTestNamedSetterWithOverrideBuiltins::getOwnPropertySlotByIndex): (WebCore::JSTestNamedSetterWithOverrideBuiltins::getOwnPropertyNames): (WebCore::JSTestNamedSetterWithOverrideBuiltins::putByIndex): * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.cpp: (WebCore::JSTestNamedSetterWithUnforgablePropertiesConstructor::initializeProperties): (WebCore::JSTestNamedSetterWithUnforgableProperties::getOwnPropertySlotByIndex): (WebCore::JSTestNamedSetterWithUnforgableProperties::getOwnPropertyNames): (WebCore::JSTestNamedSetterWithUnforgableProperties::putByIndex): * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.cpp: (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltinsConstructor::initializeProperties): (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins::getOwnPropertySlotByIndex): (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins::getOwnPropertyNames): (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins::putByIndex): * bindings/scripts/test/JS/JSTestNode.cpp: (WebCore::JSTestNodeConstructor::initializeProperties): (WebCore::JSTestNodePrototype::finishCreation): (WebCore::setJSTestNodeNameSetter): (WebCore::JSTestNode::serialize): * bindings/scripts/test/JS/JSTestObj.cpp: (WebCore::convertDictionary<TestObj::Dictionary>): (WebCore::convertDictionaryToJS): (WebCore::convertDictionary<TestObj::DictionaryThatShouldNotTolerateNull>): (WebCore::convertDictionary<TestObj::DictionaryThatShouldTolerateNull>): (WebCore::convertDictionary<AlternateDictionaryName>): (WebCore::convertDictionary<TestObj::ParentDictionary>): (WebCore::convertDictionary<TestObj::ChildDictionary>): (WebCore::convertDictionary<TestObj::ConditionalDictionaryA>): (WebCore::convertDictionary<TestObj::ConditionalDictionaryB>): (WebCore::convertDictionary<TestObj::ConditionalDictionaryC>): (WebCore::JSTestObjConstructor::initializeProperties): (WebCore::JSTestObjPrototype::finishCreation): (WebCore::JSTestObj::getOwnPropertyNames): (WebCore::setJSTestObjConstructorStaticStringAttrSetter): (WebCore::setJSTestObjEnumAttrSetter): (WebCore::setJSTestObjByteAttrSetter): (WebCore::setJSTestObjOctetAttrSetter): (WebCore::setJSTestObjShortAttrSetter): (WebCore::setJSTestObjClampedShortAttrSetter): (WebCore::setJSTestObjEnforceRangeShortAttrSetter): (WebCore::setJSTestObjUnsignedShortAttrSetter): (WebCore::setJSTestObjLongAttrSetter): (WebCore::setJSTestObjLongLongAttrSetter): (WebCore::setJSTestObjUnsignedLongLongAttrSetter): (WebCore::setJSTestObjStringAttrSetter): (WebCore::setJSTestObjUsvstringAttrSetter): (WebCore::setJSTestObjTestObjAttrSetter): (WebCore::setJSTestObjTestNullableObjAttrSetter): (WebCore::setJSTestObjLenientTestObjAttrSetter): (WebCore::setJSTestObjStringAttrTreatingNullAsEmptyStringSetter): (WebCore::setJSTestObjUsvstringAttrTreatingNullAsEmptyStringSetter): (WebCore::setJSTestObjByteStringAttrTreatingNullAsEmptyStringSetter): (WebCore::setJSTestObjStringLongRecordAttrSetter): (WebCore::setJSTestObjUsvstringLongRecordAttrSetter): (WebCore::setJSTestObjStringObjRecordAttrSetter): (WebCore::setJSTestObjStringNullableObjRecordAttrSetter): (WebCore::setJSTestObjDictionaryAttrSetter): (WebCore::setJSTestObjNullableDictionaryAttrSetter): (WebCore::setJSTestObjAnnotatedTypeInUnionAttrSetter): (WebCore::setJSTestObjAnnotatedTypeInSequenceAttrSetter): (WebCore::setJSTestObjImplementationEnumAttrSetter): (WebCore::setJSTestObjXMLObjAttrSetter): (WebCore::setJSTestObjCreateSetter): (WebCore::setJSTestObjReflectedStringAttrSetter): (WebCore::setJSTestObjReflectedUSVStringAttrSetter): (WebCore::setJSTestObjReflectedIntegralAttrSetter): (WebCore::setJSTestObjReflectedUnsignedIntegralAttrSetter): (WebCore::setJSTestObjReflectedBooleanAttrSetter): (WebCore::setJSTestObjReflectedURLAttrSetter): (WebCore::setJSTestObjReflectedUSVURLAttrSetter): (WebCore::setJSTestObjReflectedCustomIntegralAttrSetter): (WebCore::setJSTestObjReflectedCustomBooleanAttrSetter): (WebCore::setJSTestObjReflectedCustomURLAttrSetter): (WebCore::setJSTestObjEnabledAtRuntimeAttributeSetter): (WebCore::setJSTestObjConstructorEnabledAtRuntimeAttributeStaticSetter): (WebCore::setJSTestObjTypedArrayAttrSetter): (WebCore::setJSTestObjCustomAttrSetter): (WebCore::setJSTestObjOnfooSetter): (WebCore::setJSTestObjOnwebkitfooSetter): (WebCore::setJSTestObjWithExecStateAttributeSetter): (WebCore::setJSTestObjWithCallWithAndSetterCallWithAttributeSetter): (WebCore::setJSTestObjWithScriptExecutionContextAttributeSetter): (WebCore::setJSTestObjWithScriptExecutionContextAndExecStateAttributeSetter): (WebCore::setJSTestObjWithScriptExecutionContextAndExecStateWithSpacesAttributeSetter): (WebCore::setJSTestObjConditionalAttr1Setter): (WebCore::setJSTestObjConditionalAttr2Setter): (WebCore::setJSTestObjConditionalAttr3Setter): (WebCore::setJSTestObjConditionalAttr4ConstructorSetter): (WebCore::setJSTestObjConditionalAttr5ConstructorSetter): (WebCore::setJSTestObjConditionalAttr6ConstructorSetter): (WebCore::setJSTestObjAnyAttributeSetter): (WebCore::setJSTestObjObjectAttributeSetter): (WebCore::setJSTestObjMutablePointSetter): (WebCore::setJSTestObjStrawberrySetter): (WebCore::setJSTestObjIdSetter): (WebCore::setJSTestObjReplaceableAttributeSetter): (WebCore::setJSTestObjNullableLongSettableAttributeSetter): (WebCore::setJSTestObjNullableStringSettableAttributeSetter): (WebCore::setJSTestObjNullableUSVStringSettableAttributeSetter): (WebCore::setJSTestObjNullableByteStringSettableAttributeSetter): (WebCore::setJSTestObjAttributeWithReservedEnumTypeSetter): (WebCore::setJSTestObjPutForwardsAttributeSetter): (WebCore::setJSTestObjPutForwardsNullableAttributeSetter): (WebCore::setJSTestObjStringifierAttributeSetter): (WebCore::setJSTestObjConditionallyReadWriteAttributeSetter): (WebCore::setJSTestObjConditionalAndConditionallyReadWriteAttributeSetter): (WebCore::setJSTestObjConditionallyExposedToWindowAttributeSetter): (WebCore::setJSTestObjConditionallyExposedToWorkerAttributeSetter): (WebCore::setJSTestObjConditionallyExposedToWindowAndWorkerAttributeSetter): (WebCore::JSTestObj::serialize): * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: (WebCore::JSTestOverloadedConstructorsConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp: (WebCore::JSTestOverloadedConstructorsWithSequenceConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp: (WebCore::JSTestOverrideBuiltinsConstructor::initializeProperties): (WebCore::JSTestOverrideBuiltins::getOwnPropertySlotByIndex): (WebCore::JSTestOverrideBuiltins::getOwnPropertyNames): * bindings/scripts/test/JS/JSTestPluginInterface.cpp: (WebCore::JSTestPluginInterfaceConstructor::initializeProperties): (WebCore::JSTestPluginInterface::getOwnPropertySlotByIndex): (WebCore::JSTestPluginInterface::putByIndex): * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp: (WebCore::convertDictionary<TestPromiseRejectionEvent::Init>): (WebCore::JSTestPromiseRejectionEventConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestSerialization.cpp: (WebCore::JSTestSerializationConstructor::initializeProperties): (WebCore::setJSTestSerializationFirstStringAttributeSetter): (WebCore::setJSTestSerializationSecondLongAttributeSetter): (WebCore::setJSTestSerializationThirdUnserializableAttributeSetter): (WebCore::setJSTestSerializationFourthUnrestrictedDoubleAttributeSetter): (WebCore::setJSTestSerializationFifthLongAttributeSetter): (WebCore::setJSTestSerializationSixthTypedefAttributeSetter): (WebCore::setJSTestSerializationSeventhDirectlySerializableAttributeSetter): (WebCore::setJSTestSerializationEighthIndirectlyAttributeSetter): (WebCore::setJSTestSerializationNinthOptionalDirectlySerializableAttributeSetter): (WebCore::setJSTestSerializationTenthFrozenArrayAttributeSetter): (WebCore::setJSTestSerializationEleventhSequenceAttributeSetter): (WebCore::setJSTestSerializationTwelfthInterfaceSequenceAttributeSetter): (WebCore::JSTestSerialization::serialize): * bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.cpp: (WebCore::JSTestSerializationIndirectInheritanceConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestSerializationInherit.cpp: (WebCore::JSTestSerializationInheritConstructor::initializeProperties): (WebCore::setJSTestSerializationInheritInheritLongAttributeSetter): (WebCore::JSTestSerializationInherit::serialize): * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp: (WebCore::JSTestSerializationInheritFinalConstructor::initializeProperties): (WebCore::setJSTestSerializationInheritFinalFinalLongAttributeFooSetter): (WebCore::setJSTestSerializationInheritFinalFinalLongAttributeBarSetter): (WebCore::JSTestSerializationInheritFinal::serialize): * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: (WebCore::JSTestSerializedScriptValueInterfaceConstructor::initializeProperties): (WebCore::setJSTestSerializedScriptValueInterfaceValueSetter): (WebCore::setJSTestSerializedScriptValueInterfaceCachedValueSetter): * bindings/scripts/test/JS/JSTestStandaloneDictionary.cpp: (WebCore::convertDictionary<DictionaryImplName>): (WebCore::convertDictionaryToJS): * bindings/scripts/test/JS/JSTestStringifier.cpp: (WebCore::JSTestStringifierConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp: (WebCore::JSTestStringifierAnonymousOperationConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp: (WebCore::JSTestStringifierNamedOperationConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp: (WebCore::JSTestStringifierOperationImplementedAsConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp: (WebCore::JSTestStringifierOperationNamedToStringConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp: (WebCore::JSTestStringifierReadOnlyAttributeConstructor::initializeProperties): * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp: (WebCore::JSTestStringifierReadWriteAttributeConstructor::initializeProperties): (WebCore::setJSTestStringifierReadWriteAttributeIdentifierSetter): * bindings/scripts/test/JS/JSTestTypedefs.cpp: (WebCore::JSTestTypedefsConstructor::initializeProperties): (WebCore::setJSTestTypedefsUnsignedLongLongAttrSetter): (WebCore::setJSTestTypedefsSerializedScriptValueSetter): (WebCore::setJSTestTypedefsAttributeWithClampSetter): (WebCore::setJSTestTypedefsAttributeWithClampInTypedefSetter): (WebCore::setJSTestTypedefsBufferSourceAttrSetter): (WebCore::setJSTestTypedefsDomTimeStampAttrSetter): * bridge/NP_jsobject.cpp: * bridge/c/c_instance.cpp: (JSC::Bindings::CInstance::stringValue const): (JSC::Bindings::CInstance::getPropertyNames): * bridge/c/c_utility.cpp: (JSC::Bindings::identifierFromNPIdentifier): * bridge/objc/WebScriptObject.mm: (-[WebScriptObject callWebScriptMethod:withArguments:]): (-[WebScriptObject setValue:forKey:]): (-[WebScriptObject valueForKey:]): (-[WebScriptObject removeWebScriptKey:]): (-[WebScriptObject hasWebScriptKey:]): * bridge/objc/objc_runtime.mm: (JSC::Bindings::ObjcFallbackObjectImp::defaultValue): * bridge/objc/objc_utility.mm: (JSC::Bindings::convertNSStringToString): * bridge/runtime_array.cpp: (JSC::RuntimeArray::getOwnPropertyNames): * contentextensions/ContentExtensionParser.cpp: (WebCore::ContentExtensions::loadTrigger): (WebCore::ContentExtensions::loadAction): * crypto/SubtleCrypto.cpp: (WebCore::normalizeCryptoAlgorithmParameters): * domjit/DOMJITHelpers.h: (WebCore::DOMJIT::toWrapperSlow): * html/HTMLMediaElement.cpp: (WebCore::controllerJSValue): (WebCore::HTMLMediaElement::updateCaptionContainer): (WebCore::HTMLMediaElement::ensureMediaControlsInjectedScript): (WebCore::HTMLMediaElement::setControllerJSProperty): (WebCore::HTMLMediaElement::didAddUserAgentShadowRoot): (WebCore::HTMLMediaElement::updateMediaControlsAfterPresentationModeChange): (WebCore::HTMLMediaElement::getCurrentMediaControlsStatus): * html/HTMLPlugInImageElement.cpp: (WebCore::HTMLPlugInImageElement::didAddUserAgentShadowRoot): * inspector/InspectorFrontendHost.cpp: (WebCore::InspectorFrontendHost::addSelfToGlobalObjectInWorld): (WebCore::InspectorFrontendHost::showContextMenu): * inspector/WebInjectedScriptHost.cpp: (WebCore::WebInjectedScriptHost::subtype): (WebCore::constructInternalProperty): (WebCore::objectForPaymentOptions): (WebCore::objectForPaymentCurrencyAmount): (WebCore::objectForPaymentItem): (WebCore::objectForPaymentShippingOption): (WebCore::objectForPaymentDetailsModifier): (WebCore::objectForPaymentDetails): (WebCore::jsStringForPaymentRequestState): (WebCore::WebInjectedScriptHost::getInternalProperties): * inspector/agents/InspectorCanvasAgent.cpp: (WebCore::InspectorCanvasAgent::consoleStartRecordingCanvas): * inspector/agents/InspectorDOMAgent.cpp: (WebCore::InspectorDOMAgent::buildObjectForEventListener): (WebCore::InspectorDOMAgent::scriptValueAsNode): * inspector/agents/page/PageAuditAgent.cpp: (WebCore::PageAuditAgent::populateAuditObject): * page/PageConsoleClient.cpp: (WebCore::PageConsoleClient::screenshot): * platform/graphics/CustomPaintImage.cpp: (WebCore::CustomPaintImage::doCustomPaint): * testing/js/WebCoreTestSupport.cpp: (WebCoreTestSupport::injectInternalsObject): (WebCoreTestSupport::setupNewlyCreatedServiceWorker): * worklets/PaintWorkletGlobalScope.cpp: (WebCore::PaintWorkletGlobalScope::registerPaint): Source/WebKit: * WebProcess/InjectedBundle/API/glib/DOM/WebKitDOMNode.cpp: (webkit_dom_node_for_js_value): * WebProcess/InjectedBundle/DOM/InjectedBundleNodeHandle.cpp: (WebKit::InjectedBundleNodeHandle::getOrCreate): * WebProcess/Plugins/Netscape/JSNPObject.cpp: (WebKit::JSNPObject::getOwnPropertyNames): * WebProcess/Plugins/Netscape/NPJSObject.cpp: (WebKit::identifierFromIdentifierRep): (WebKit::NPJSObject::enumerate): * WebProcess/Plugins/Netscape/NPRuntimeObjectMap.cpp: (WebKit::NPRuntimeObjectMap::convertNPVariantToJSValue): (WebKit::NPRuntimeObjectMap::convertJSValueToNPVariant): * WebProcess/WebPage/WebFrame.cpp: (WebKit::WebFrame::counterValue): Source/WebKitLegacy/mac: * DOM/DOM.mm: (+[DOMNode _nodeFromJSWrapper:]): * DOM/DOMUtility.mm: (createDOMWrapper): * Plugins/Hosted/NetscapePluginHostProxy.mm: (identifierFromIdentifierRep): * Plugins/Hosted/NetscapePluginInstanceProxy.mm: (WebKit::NetscapePluginInstanceProxy::enumerate): (WebKit::getObjectID): (WebKit::NetscapePluginInstanceProxy::addValueToArray): (WebKit::NetscapePluginInstanceProxy::demarshalValueFromArray): (WebKit::NetscapePluginInstanceProxy::retainLocalObject): (WebKit::NetscapePluginInstanceProxy::releaseLocalObject): * Plugins/Hosted/ProxyInstance.mm: (WebKit::ProxyInstance::stringValue const): (WebKit::ProxyInstance::getPropertyNames): * WebView/WebFrame.mm: (-[WebFrame _stringByEvaluatingJavaScriptFromString:withGlobalObject:inScriptWorld:]): Source/WebKitLegacy/win: * WebFrame.cpp: (WebFrame::stringByEvaluatingJavaScriptInScriptWorld): Canonical link: https://commits.webkit.org/214886@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@249175 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-08-27 22:14:52 +00:00
UnlinkedCodeBlock::UnlinkedCodeBlock(VM& vm, Structure* structure, CodeType codeType, const ExecutableInfo& info, OptionSet<CodeGenerationMode> codeGenerationMode)
: Base(vm, structure)
Introduce LexicalScopeFeatures to enable future bytecode optimizations https://bugs.webkit.org/show_bug.cgi?id=224072 Reviewed by Keith Miller. Before this patch, BytecodeGenerator was capable of reasoning about the presence of `with` statements, direct `eval`, or any other code features only within the current executable: ``` with (foo) { (function() { // There was no way to detect WithScope during generation of this function. })(); } ``` This change is required for op_to_this rewrite (#225397): if FunctionCallResolveNode and friends knew there is no WithScope, op_call could be emitted with |this| value of `undefined` as per spec [1], instead of resolved scope. This would: - simplify op_to_this on all tiers, likely resulting in minor perf boost; - save 1 instruction per strict function by removing op_to_this; - remove toThis() from the method table and ~30 its call sites from built-ins; - fix built-in methods that were observably lacking toThis(); - fix __proto__ getter / setter called on global scope; - fix WebIDL accessors called with |this| value of `undefined` and `null`. Also, if ResolveNode knew that unforgeable global properties are not shadowed and there is no `with` statement or sloppy mode direct `eval`, then `undefined` / `Infinity` / `NaN` lookups could be constant-folded. This would save up to 3 bytecode ops per each usage and allow emitting op_is_undefined_or_null for `x === undefined || x === null`. V8 performs this optimization [2]. This patch introduces LexicalScopeFeatures to allow passing such information from Parser to BytecodeGenerator with a minimal code diff. These features are kept separate from CodeFeature to simplify reasoning about feature's scope and because we need to propagate lexical features from parent to child scope. Strict mode is the first use case of LexicalScopeFeatures, which this change carefully fits into existing abstractions without increasing their memory usage even by 1 byte. [1]: https://tc39.es/ecma262/#sec-evaluatecall (step 2) [2]: https://medium.com/@bmeurer/sometimes-undefined-is-defined-7701e1c9eff8 * builtins/BuiltinExecutables.cpp: (JSC::BuiltinExecutables::createExecutable): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::recordParse): (JSC::UnlinkedCodeBlock::lexicalScopeFeatures const): * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::generateUnlinkedFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): (JSC::UnlinkedFunctionExecutable::setInvalidTypeProfilingOffsets): * bytecode/UnlinkedFunctionExecutable.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::emitNewClassFieldInitializerFunction): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::lexicalScopeFeatures const): (JSC::BytecodeGenerator::generate): * parser/ASTBuilder.h: (JSC::ASTBuilder::createFunctionMetadata): * parser/Nodes.cpp: (JSC::ScopeNode::ScopeNode): (JSC::ProgramNode::ProgramNode): (JSC::ModuleProgramNode::ModuleProgramNode): (JSC::EvalNode::EvalNode): (JSC::FunctionMetadataNode::FunctionMetadataNode): (JSC::FunctionMetadataNode::operator== const): (JSC::FunctionMetadataNode::dump const): (JSC::FunctionNode::FunctionNode): * parser/Nodes.h: (JSC::ScopeNode::lexicalScopeFeatures): (JSC::ScopeNode::isStrictMode const): * parser/Parser.cpp: (JSC::Parser<LexerType>::parseInner): (JSC::Parser<LexerType>::parseGeneratorFunctionSourceElements): (JSC::Parser<LexerType>::parseAsyncFunctionSourceElements): (JSC::Parser<LexerType>::parseAsyncGeneratorFunctionSourceElements): (JSC::Parser<LexerType>::parseFunctionBody): (JSC::Parser<LexerType>::parseFunctionInfo): * parser/Parser.h: (JSC::Scope::Scope): (JSC::Scope::lexicalScopeFeatures const): (JSC::Scope::setStrictMode): (JSC::Scope::strictMode const): (JSC::Scope::fillParametersForSourceProviderCache): (JSC::Scope::restoreFromSourceProviderCache): (JSC::Parser::pushScope): (JSC::Parser::lexicalScopeFeatures): (JSC::Parser<LexerType>::parse): * parser/ParserModes.h: * parser/SourceProviderCacheItem.h: (JSC::SourceProviderCacheItem::lexicalScopeFeatures const): (JSC::SourceProviderCacheItem::SourceProviderCacheItem): * parser/SyntaxChecker.h: (JSC::SyntaxChecker::createFunctionMetadata): * runtime/CachedBytecode.cpp: (JSC::CachedBytecode::addFunctionUpdate): * runtime/CachedTypes.cpp: (JSC::CachedFunctionExecutable::lexicalScopeFeatures const): (JSC::CachedCodeBlock::lexicalScopeFeatures const): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::CachedFunctionExecutable::encode): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): (JSC::CachedCodeBlock<CodeBlockType>::encode): (JSC::CachedFunctionExecutable::isInStrictContext const): Deleted. * runtime/CachedTypes.h: * runtime/CodeCache.cpp: (JSC::generateUnlinkedCodeBlockImpl): (JSC::CodeCache::getUnlinkedGlobalCodeBlock): * runtime/ECMAMode.h: (JSC::ECMAMode::fromBool): * runtime/FunctionExecutable.cpp: (JSC::FunctionExecutable::FunctionExecutable): * runtime/GlobalExecutable.h: (JSC::GlobalExecutable::recordParse): (JSC::GlobalExecutable::GlobalExecutable): * runtime/ScriptExecutable.cpp: (JSC::ScriptExecutable::ScriptExecutable): (JSC::ScriptExecutable::newCodeBlockFor): (JSC::ScriptExecutable::recordParse): * runtime/ScriptExecutable.h: (JSC::ScriptExecutable::isInStrictContext const): (JSC::ScriptExecutable::recordParse): Canonical link: https://commits.webkit.org/238578@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@278588 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-06-08 01:43:14 +00:00
, m_numVars(0)
Don't trust parsing information to tell us if we've emitted op_call_eval https://bugs.webkit.org/show_bug.cgi?id=222694 rdar://74778016 Reviewed by Yusuke Suzuki. JSTests: * stress/eval-liveness-should-not-come-from-parser.js: Added. (foo): Source/JavaScriptCore: In the DFG, op_call_eval can't be inlined. Not inlining is required for how eval is currently implemented in the DFG. For CodeBlocks with eval in them, the scope register is also alive everywhere. When doing spread of arguments in eval, we end up emitting a call varargs instead of a direct eval. This seems like a spec bug: https://bugs.webkit.org/show_bug.cgi?id=222671 However, this leads to something that had eval textually in it leading to us reporting the scope register is always alive, even if op_call_eval isn't in the bytecode stream. This leads to a validation error, since the DFG isn't actually keeping this scope register alive everywhere, because op_call_eval isn't in the bytecode stream. This patch fixes this by having a bit indicating if op_call_eval is in the bytecode stream or not. * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeIndex): * bytecode/CodeBlock.h: (JSC::CodeBlock::usesCallEval const): (JSC::CodeBlock::usesEval const): Deleted. * bytecode/ExecutableInfo.h: (JSC::ExecutableInfo::ExecutableInfo): (JSC::ExecutableInfo::usesEval const): Deleted. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::usesCallEval const): (JSC::UnlinkedCodeBlock::setUsesCallEval): (JSC::UnlinkedCodeBlock::usesEval const): Deleted. * bytecode/UnlinkedCodeBlockGenerator.h: (JSC::UnlinkedCodeBlockGenerator::usesCallEval const): (JSC::UnlinkedCodeBlockGenerator::setUsesCallEval): (JSC::UnlinkedCodeBlockGenerator::usesEval const): Deleted. * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::generateUnlinkedFunctionCodeBlock): * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::isThisUsedInInnerArrowFunction): (JSC::BytecodeGenerator::isNewTargetUsedInInnerArrowFunction): (JSC::BytecodeGenerator::isSuperUsedInInnerArrowFunction): (JSC::BytecodeGenerator::isSuperCallUsedInInnerArrowFunction): * dfg/DFGGraph.h: * runtime/CachedTypes.cpp: (JSC::CachedCodeBlock::usesCallEval const): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::CachedCodeBlock<CodeBlockType>::encode): (JSC::CachedCodeBlock::usesEval const): Deleted. * runtime/CodeCache.cpp: (JSC::generateUnlinkedCodeBlockImpl): * runtime/EvalExecutable.h: (JSC::EvalExecutable::executableInfo const): Deleted. * runtime/ModuleProgramExecutable.h: * runtime/ProgramExecutable.h: * runtime/ScriptExecutable.h: (JSC::ScriptExecutable::usesEval const): Deleted. Canonical link: https://commits.webkit.org/234885@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@273931 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-03-05 00:18:23 +00:00
, m_usesCallEval(false)
Introduce LexicalScopeFeatures to enable future bytecode optimizations https://bugs.webkit.org/show_bug.cgi?id=224072 Reviewed by Keith Miller. Before this patch, BytecodeGenerator was capable of reasoning about the presence of `with` statements, direct `eval`, or any other code features only within the current executable: ``` with (foo) { (function() { // There was no way to detect WithScope during generation of this function. })(); } ``` This change is required for op_to_this rewrite (#225397): if FunctionCallResolveNode and friends knew there is no WithScope, op_call could be emitted with |this| value of `undefined` as per spec [1], instead of resolved scope. This would: - simplify op_to_this on all tiers, likely resulting in minor perf boost; - save 1 instruction per strict function by removing op_to_this; - remove toThis() from the method table and ~30 its call sites from built-ins; - fix built-in methods that were observably lacking toThis(); - fix __proto__ getter / setter called on global scope; - fix WebIDL accessors called with |this| value of `undefined` and `null`. Also, if ResolveNode knew that unforgeable global properties are not shadowed and there is no `with` statement or sloppy mode direct `eval`, then `undefined` / `Infinity` / `NaN` lookups could be constant-folded. This would save up to 3 bytecode ops per each usage and allow emitting op_is_undefined_or_null for `x === undefined || x === null`. V8 performs this optimization [2]. This patch introduces LexicalScopeFeatures to allow passing such information from Parser to BytecodeGenerator with a minimal code diff. These features are kept separate from CodeFeature to simplify reasoning about feature's scope and because we need to propagate lexical features from parent to child scope. Strict mode is the first use case of LexicalScopeFeatures, which this change carefully fits into existing abstractions without increasing their memory usage even by 1 byte. [1]: https://tc39.es/ecma262/#sec-evaluatecall (step 2) [2]: https://medium.com/@bmeurer/sometimes-undefined-is-defined-7701e1c9eff8 * builtins/BuiltinExecutables.cpp: (JSC::BuiltinExecutables::createExecutable): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::recordParse): (JSC::UnlinkedCodeBlock::lexicalScopeFeatures const): * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::generateUnlinkedFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): (JSC::UnlinkedFunctionExecutable::setInvalidTypeProfilingOffsets): * bytecode/UnlinkedFunctionExecutable.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::emitNewClassFieldInitializerFunction): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::lexicalScopeFeatures const): (JSC::BytecodeGenerator::generate): * parser/ASTBuilder.h: (JSC::ASTBuilder::createFunctionMetadata): * parser/Nodes.cpp: (JSC::ScopeNode::ScopeNode): (JSC::ProgramNode::ProgramNode): (JSC::ModuleProgramNode::ModuleProgramNode): (JSC::EvalNode::EvalNode): (JSC::FunctionMetadataNode::FunctionMetadataNode): (JSC::FunctionMetadataNode::operator== const): (JSC::FunctionMetadataNode::dump const): (JSC::FunctionNode::FunctionNode): * parser/Nodes.h: (JSC::ScopeNode::lexicalScopeFeatures): (JSC::ScopeNode::isStrictMode const): * parser/Parser.cpp: (JSC::Parser<LexerType>::parseInner): (JSC::Parser<LexerType>::parseGeneratorFunctionSourceElements): (JSC::Parser<LexerType>::parseAsyncFunctionSourceElements): (JSC::Parser<LexerType>::parseAsyncGeneratorFunctionSourceElements): (JSC::Parser<LexerType>::parseFunctionBody): (JSC::Parser<LexerType>::parseFunctionInfo): * parser/Parser.h: (JSC::Scope::Scope): (JSC::Scope::lexicalScopeFeatures const): (JSC::Scope::setStrictMode): (JSC::Scope::strictMode const): (JSC::Scope::fillParametersForSourceProviderCache): (JSC::Scope::restoreFromSourceProviderCache): (JSC::Parser::pushScope): (JSC::Parser::lexicalScopeFeatures): (JSC::Parser<LexerType>::parse): * parser/ParserModes.h: * parser/SourceProviderCacheItem.h: (JSC::SourceProviderCacheItem::lexicalScopeFeatures const): (JSC::SourceProviderCacheItem::SourceProviderCacheItem): * parser/SyntaxChecker.h: (JSC::SyntaxChecker::createFunctionMetadata): * runtime/CachedBytecode.cpp: (JSC::CachedBytecode::addFunctionUpdate): * runtime/CachedTypes.cpp: (JSC::CachedFunctionExecutable::lexicalScopeFeatures const): (JSC::CachedCodeBlock::lexicalScopeFeatures const): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::CachedFunctionExecutable::encode): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): (JSC::CachedCodeBlock<CodeBlockType>::encode): (JSC::CachedFunctionExecutable::isInStrictContext const): Deleted. * runtime/CachedTypes.h: * runtime/CodeCache.cpp: (JSC::generateUnlinkedCodeBlockImpl): (JSC::CodeCache::getUnlinkedGlobalCodeBlock): * runtime/ECMAMode.h: (JSC::ECMAMode::fromBool): * runtime/FunctionExecutable.cpp: (JSC::FunctionExecutable::FunctionExecutable): * runtime/GlobalExecutable.h: (JSC::GlobalExecutable::recordParse): (JSC::GlobalExecutable::GlobalExecutable): * runtime/ScriptExecutable.cpp: (JSC::ScriptExecutable::ScriptExecutable): (JSC::ScriptExecutable::newCodeBlockFor): (JSC::ScriptExecutable::recordParse): * runtime/ScriptExecutable.h: (JSC::ScriptExecutable::isInStrictContext const): (JSC::ScriptExecutable::recordParse): Canonical link: https://commits.webkit.org/238578@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@278588 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-06-08 01:43:14 +00:00
, m_numCalleeLocals(0)
Class constructor should throw TypeError when "called" https://bugs.webkit.org/show_bug.cgi?id=142566 Reviewed by Michael Saboff. Source/JavaScriptCore: Added ConstructorKind::None to denote code that doesn't belong to an ES6 class. This allows BytecodeGenerator to emit code to throw TypeError when generating code block to call ES6 class constructors. Most of changes are about increasing the number of bits to store ConstructorKind from one bit to two bits. * bytecode/UnlinkedCodeBlock.cpp: (JSC::generateFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::ExecutableInfo::ExecutableInfo): (JSC::ExecutableInfo::needsActivation): (JSC::ExecutableInfo::usesEval): (JSC::ExecutableInfo::isStrictMode): (JSC::ExecutableInfo::isConstructor): (JSC::ExecutableInfo::isBuiltinFunction): (JSC::ExecutableInfo::constructorKind): (JSC::UnlinkedFunctionExecutable::constructorKind): (JSC::UnlinkedCodeBlock::constructorKind): (JSC::UnlinkedFunctionExecutable::constructorKindIsDerived): Deleted. (JSC::UnlinkedCodeBlock::constructorKindIsDerived): Deleted. * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::generate): Don't emit bytecode when we had already emitted code to throw TypeError. (JSC::BytecodeGenerator::BytecodeGenerator): Emit code to throw TypeError when generating code to call. (JSC::BytecodeGenerator::emitReturn): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::constructorKind): (JSC::BytecodeGenerator::constructorKindIsDerived): Deleted. * bytecompiler/NodesCodegen.cpp: (JSC::ThisNode::emitBytecode): (JSC::FunctionCallValueNode::emitBytecode): * parser/Nodes.cpp: (JSC::FunctionBodyNode::FunctionBodyNode): * parser/Nodes.h: * parser/Parser.cpp: (JSC::Parser<LexerType>::parseFunctionInfo): Renamed the incoming function argument to ownerClassKind. Set constructorKind to Base or Derived only if we're parsing a constructor. (JSC::Parser<LexerType>::parseFunctionDeclaration): (JSC::Parser<LexerType>::parseClass): Don't parse static methods using MethodMode since that would result in BytecodeGenerator erroneously treating static method named "constructor" as a class constructor. (JSC::Parser<LexerType>::parsePropertyMethod): (JSC::Parser<LexerType>::parsePrimaryExpression): * parser/Parser.h: * parser/ParserModes.h: * runtime/Executable.h: (JSC::EvalExecutable::executableInfo): (JSC::ProgramExecutable::executableInfo): LayoutTests: Added tests for calling class constructors. * TestExpectations: Skipped the test since ES6 class syntax isn't enabled by default. * js/class-syntax-call-expected.txt: Added. * js/class-syntax-call.html: Added. * js/script-tests/class-syntax-call.js: Added. Canonical link: https://commits.webkit.org/160694@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181490 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2015-03-13 23:01:51 +00:00
, m_isConstructor(info.isConstructor())
Introduce LexicalScopeFeatures to enable future bytecode optimizations https://bugs.webkit.org/show_bug.cgi?id=224072 Reviewed by Keith Miller. Before this patch, BytecodeGenerator was capable of reasoning about the presence of `with` statements, direct `eval`, or any other code features only within the current executable: ``` with (foo) { (function() { // There was no way to detect WithScope during generation of this function. })(); } ``` This change is required for op_to_this rewrite (#225397): if FunctionCallResolveNode and friends knew there is no WithScope, op_call could be emitted with |this| value of `undefined` as per spec [1], instead of resolved scope. This would: - simplify op_to_this on all tiers, likely resulting in minor perf boost; - save 1 instruction per strict function by removing op_to_this; - remove toThis() from the method table and ~30 its call sites from built-ins; - fix built-in methods that were observably lacking toThis(); - fix __proto__ getter / setter called on global scope; - fix WebIDL accessors called with |this| value of `undefined` and `null`. Also, if ResolveNode knew that unforgeable global properties are not shadowed and there is no `with` statement or sloppy mode direct `eval`, then `undefined` / `Infinity` / `NaN` lookups could be constant-folded. This would save up to 3 bytecode ops per each usage and allow emitting op_is_undefined_or_null for `x === undefined || x === null`. V8 performs this optimization [2]. This patch introduces LexicalScopeFeatures to allow passing such information from Parser to BytecodeGenerator with a minimal code diff. These features are kept separate from CodeFeature to simplify reasoning about feature's scope and because we need to propagate lexical features from parent to child scope. Strict mode is the first use case of LexicalScopeFeatures, which this change carefully fits into existing abstractions without increasing their memory usage even by 1 byte. [1]: https://tc39.es/ecma262/#sec-evaluatecall (step 2) [2]: https://medium.com/@bmeurer/sometimes-undefined-is-defined-7701e1c9eff8 * builtins/BuiltinExecutables.cpp: (JSC::BuiltinExecutables::createExecutable): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::recordParse): (JSC::UnlinkedCodeBlock::lexicalScopeFeatures const): * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::generateUnlinkedFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): (JSC::UnlinkedFunctionExecutable::setInvalidTypeProfilingOffsets): * bytecode/UnlinkedFunctionExecutable.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::emitNewClassFieldInitializerFunction): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::lexicalScopeFeatures const): (JSC::BytecodeGenerator::generate): * parser/ASTBuilder.h: (JSC::ASTBuilder::createFunctionMetadata): * parser/Nodes.cpp: (JSC::ScopeNode::ScopeNode): (JSC::ProgramNode::ProgramNode): (JSC::ModuleProgramNode::ModuleProgramNode): (JSC::EvalNode::EvalNode): (JSC::FunctionMetadataNode::FunctionMetadataNode): (JSC::FunctionMetadataNode::operator== const): (JSC::FunctionMetadataNode::dump const): (JSC::FunctionNode::FunctionNode): * parser/Nodes.h: (JSC::ScopeNode::lexicalScopeFeatures): (JSC::ScopeNode::isStrictMode const): * parser/Parser.cpp: (JSC::Parser<LexerType>::parseInner): (JSC::Parser<LexerType>::parseGeneratorFunctionSourceElements): (JSC::Parser<LexerType>::parseAsyncFunctionSourceElements): (JSC::Parser<LexerType>::parseAsyncGeneratorFunctionSourceElements): (JSC::Parser<LexerType>::parseFunctionBody): (JSC::Parser<LexerType>::parseFunctionInfo): * parser/Parser.h: (JSC::Scope::Scope): (JSC::Scope::lexicalScopeFeatures const): (JSC::Scope::setStrictMode): (JSC::Scope::strictMode const): (JSC::Scope::fillParametersForSourceProviderCache): (JSC::Scope::restoreFromSourceProviderCache): (JSC::Parser::pushScope): (JSC::Parser::lexicalScopeFeatures): (JSC::Parser<LexerType>::parse): * parser/ParserModes.h: * parser/SourceProviderCacheItem.h: (JSC::SourceProviderCacheItem::lexicalScopeFeatures const): (JSC::SourceProviderCacheItem::SourceProviderCacheItem): * parser/SyntaxChecker.h: (JSC::SyntaxChecker::createFunctionMetadata): * runtime/CachedBytecode.cpp: (JSC::CachedBytecode::addFunctionUpdate): * runtime/CachedTypes.cpp: (JSC::CachedFunctionExecutable::lexicalScopeFeatures const): (JSC::CachedCodeBlock::lexicalScopeFeatures const): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::CachedFunctionExecutable::encode): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): (JSC::CachedCodeBlock<CodeBlockType>::encode): (JSC::CachedFunctionExecutable::isInStrictContext const): Deleted. * runtime/CachedTypes.h: * runtime/CodeCache.cpp: (JSC::generateUnlinkedCodeBlockImpl): (JSC::CodeCache::getUnlinkedGlobalCodeBlock): * runtime/ECMAMode.h: (JSC::ECMAMode::fromBool): * runtime/FunctionExecutable.cpp: (JSC::FunctionExecutable::FunctionExecutable): * runtime/GlobalExecutable.h: (JSC::GlobalExecutable::recordParse): (JSC::GlobalExecutable::GlobalExecutable): * runtime/ScriptExecutable.cpp: (JSC::ScriptExecutable::ScriptExecutable): (JSC::ScriptExecutable::newCodeBlockFor): (JSC::ScriptExecutable::recordParse): * runtime/ScriptExecutable.h: (JSC::ScriptExecutable::isInStrictContext const): (JSC::ScriptExecutable::recordParse): Canonical link: https://commits.webkit.org/238578@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@278588 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-06-08 01:43:14 +00:00
, m_numParameters(0)
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
, m_hasCapturedVariables(false)
Class constructor should throw TypeError when "called" https://bugs.webkit.org/show_bug.cgi?id=142566 Reviewed by Michael Saboff. Source/JavaScriptCore: Added ConstructorKind::None to denote code that doesn't belong to an ES6 class. This allows BytecodeGenerator to emit code to throw TypeError when generating code block to call ES6 class constructors. Most of changes are about increasing the number of bits to store ConstructorKind from one bit to two bits. * bytecode/UnlinkedCodeBlock.cpp: (JSC::generateFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::ExecutableInfo::ExecutableInfo): (JSC::ExecutableInfo::needsActivation): (JSC::ExecutableInfo::usesEval): (JSC::ExecutableInfo::isStrictMode): (JSC::ExecutableInfo::isConstructor): (JSC::ExecutableInfo::isBuiltinFunction): (JSC::ExecutableInfo::constructorKind): (JSC::UnlinkedFunctionExecutable::constructorKind): (JSC::UnlinkedCodeBlock::constructorKind): (JSC::UnlinkedFunctionExecutable::constructorKindIsDerived): Deleted. (JSC::UnlinkedCodeBlock::constructorKindIsDerived): Deleted. * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::generate): Don't emit bytecode when we had already emitted code to throw TypeError. (JSC::BytecodeGenerator::BytecodeGenerator): Emit code to throw TypeError when generating code to call. (JSC::BytecodeGenerator::emitReturn): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::constructorKind): (JSC::BytecodeGenerator::constructorKindIsDerived): Deleted. * bytecompiler/NodesCodegen.cpp: (JSC::ThisNode::emitBytecode): (JSC::FunctionCallValueNode::emitBytecode): * parser/Nodes.cpp: (JSC::FunctionBodyNode::FunctionBodyNode): * parser/Nodes.h: * parser/Parser.cpp: (JSC::Parser<LexerType>::parseFunctionInfo): Renamed the incoming function argument to ownerClassKind. Set constructorKind to Base or Derived only if we're parsing a constructor. (JSC::Parser<LexerType>::parseFunctionDeclaration): (JSC::Parser<LexerType>::parseClass): Don't parse static methods using MethodMode since that would result in BytecodeGenerator erroneously treating static method named "constructor" as a class constructor. (JSC::Parser<LexerType>::parsePropertyMethod): (JSC::Parser<LexerType>::parsePrimaryExpression): * parser/Parser.h: * parser/ParserModes.h: * runtime/Executable.h: (JSC::EvalExecutable::executableInfo): (JSC::ProgramExecutable::executableInfo): LayoutTests: Added tests for calling class constructors. * TestExpectations: Skipped the test since ES6 class syntax isn't enabled by default. * js/class-syntax-call-expected.txt: Added. * js/class-syntax-call.html: Added. * js/script-tests/class-syntax-call.js: Added. Canonical link: https://commits.webkit.org/160694@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181490 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2015-03-13 23:01:51 +00:00
, m_isBuiltinFunction(info.isBuiltinFunction())
[ES6] Implement LLInt/Baseline Support for ES6 Generators and enable this feature https://bugs.webkit.org/show_bug.cgi?id=150792 Reviewed by Saam Barati. .: * Source/cmake/OptionsWin.cmake: * Source/cmake/WebKitFeatures.cmake: Source/JavaScriptCore: This patch implements basic functionality of ES6 Generators in LLInt and Baseline tiers. While the implementation has some inefficient part, the implementation covers edge cases. Later, we will make this efficient. https://bugs.webkit.org/show_bug.cgi?id=151545 https://bugs.webkit.org/show_bug.cgi?id=151546 https://bugs.webkit.org/show_bug.cgi?id=151547 https://bugs.webkit.org/show_bug.cgi?id=151552 https://bugs.webkit.org/show_bug.cgi?id=151560 https://bugs.webkit.org/show_bug.cgi?id=151586 To encourage DFG / FTL later, we take the following design. 1. Use switch_imm to jump to the save/resume points. Instead of saving / restoring instruction pointer to resume from it, we use switch_imm to jump to the resume point. This limits one entry point to a given generator function. This design makes inlining easy. The generated code becomes the following. function @generatorNext(@generator, @generatorState, @generatorValue, @generatorResumeMode) { switch (@generatorState) { case Initial: ... initial sequence. ... op_save(Yield_0); // op_save contains *virtual* jump to Yield_0. // CFG shows a jump edge to Yield_0 point, but it won't be actually used. return ...; case Yield_0: op_resume(); if (@generatorResumeMode == Throw) ... else if (@generatorResumeMode == Return) ... ... // sentValue is a value sent from a caller by `generator.next(sentValue)`. sentValue = @generatorValue; ... op_save(Yield_1); return ...; case Yield_1: op_resume(); if (@generatorResumeMode == Throw) ... else if (@generatorResumeMode == Return) ... ... sentValue = @generatorValue; ... ... } } Resume sequence should not be emitted per yield. This should be done in https://bugs.webkit.org/show_bug.cgi?id=151552. 2. Store live frame registers to GeneratorFrame To save and resume generator's state, we save all the live registers in GeneratorFrame. And when resuming, we refill registers with saved ones. Since saved register contains scope register, |this| etc., the environment including the scope chain will be recovered automatically. While saving and resuming callee registers, we don't save parameter registers. These registers will be used to control generator's resume behavior. We perform BytecodeLivenessAnalysis in CodeBlock to determine actually *def*ined registers at that resume point. 3. GeneratorFunction will evaluate parameters before generating Generator Generator's parameter should be evaluated before entering Generator's body. For example, function hello() { ... } function *gen(a, b = hello()) { yield b; } let g = gen(20); // Now, hello should be called. To enable this, we evaluate parameters in GeneratorFunction, and after that, we create a Generator and return it. This can be explained by the following pseudo code. function *gen(a, b = hello()) { // This is generator. return { @generatorNext: function (@generator, @generatorState, @generatorValue, @generatorResumeMode) { ... } } } 4. op_save seems similar to conditional jump We won't jump to elsewhere from op_save actually. But we add a *virtual* jump edge (flow) from op_save to the point so called *merge point*. We construct the CFG as follows, (global generator switch) -> (initial sequence) -> (op_save) ----+-> (merge point) -> (next sequence)* | | | | v | | (op_ret) | | | +------------------------------------------->(op_resume)--+ By constructing such a graph, 1. Since we have a flow from (op_save) to (merge point), at merge point, we can *use* locals that are defined before (op_save) 2. op_save should claim that it does not define anything. And claim that it *use*s locals that are used in (merge point). 3. at op_resume, we see *use*d locals at merge point and define all of them. We can do the above things in use-def analysis because use-def analysis is backward analysis. And after analyzing use-def chains, in op_save / op_resume, we only save / resume live registers at the head of merge point. * API/JSScriptRef.cpp: (parseScript): * CMakeLists.txt: * Configurations/FeatureDefines.xcconfig: * DerivedSources.make: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.xcodeproj/project.pbxproj: * builtins/BuiltinExecutables.cpp: (JSC::createExecutableInternal): * builtins/GeneratorPrototype.js: Added. (generatorResume): (next): (return): (throw): * bytecode/BytecodeBasicBlock.cpp: (JSC::isBranch): * bytecode/BytecodeList.json: * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::stepOverInstruction): (JSC::computeLocalLivenessForBytecodeOffset): (JSC::BytecodeLivenessAnalysis::runLivenessFixpoint): (JSC::BytecodeLivenessAnalysis::computeFullLiveness): (JSC::BytecodeLivenessAnalysis::computeKills): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::shrinkToFit): (JSC::CodeBlock::validate): * bytecode/CodeBlock.h: (JSC::CodeBlock::numCalleeLocals): (JSC::CodeBlock::liveCalleeLocalsAtYield): * bytecode/EvalCodeCache.h: (JSC::EvalCodeCache::tryGet): (JSC::EvalCodeCache::getSlow): (JSC::EvalCodeCache::isCacheable): * bytecode/ExecutableInfo.h: (JSC::ExecutableInfo::ExecutableInfo): (JSC::ExecutableInfo::generatorThisMode): (JSC::ExecutableInfo::superBinding): (JSC::ExecutableInfo::parseMode): (JSC::ExecutableInfo::isArrowFunction): Deleted. * bytecode/PreciseJumpTargets.cpp: (JSC::getJumpTargetsForBytecodeOffset): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::parseMode): (JSC::UnlinkedCodeBlock::generatorThisMode): (JSC::UnlinkedCodeBlock::superBinding): (JSC::UnlinkedCodeBlock::isArrowFunction): Deleted. * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::generateUnlinkedFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): (JSC::UnlinkedFunctionExecutable::unlinkedCodeBlockFor): * bytecode/UnlinkedFunctionExecutable.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeParameters): (JSC::BytecodeGenerator::newRegister): (JSC::BytecodeGenerator::reclaimFreeRegisters): (JSC::BytecodeGenerator::createVariable): (JSC::BytecodeGenerator::emitCreateThis): (JSC::BytecodeGenerator::emitNewFunctionExpressionCommon): (JSC::BytecodeGenerator::emitNewFunctionExpression): (JSC::BytecodeGenerator::emitNewArrowFunctionExpression): (JSC::BytecodeGenerator::emitNewFunction): (JSC::BytecodeGenerator::emitIteratorNextWithValue): (JSC::BytecodeGenerator::emitYieldPoint): (JSC::BytecodeGenerator::emitSave): (JSC::BytecodeGenerator::emitResume): (JSC::BytecodeGenerator::emitYield): (JSC::BytecodeGenerator::emitDelegateYield): (JSC::BytecodeGenerator::emitGeneratorStateChange): (JSC::BytecodeGenerator::emitGeneratorStateLabel): (JSC::BytecodeGenerator::beginGenerator): (JSC::BytecodeGenerator::endGenerator): (JSC::BytecodeGenerator::emitNewFunctionInternal): Deleted. (JSC::BytecodeGenerator::emitNewFunctionCommon): Deleted. * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::generatorThisMode): (JSC::BytecodeGenerator::superBinding): (JSC::BytecodeGenerator::generatorRegister): (JSC::BytecodeGenerator::generatorStateRegister): (JSC::BytecodeGenerator::generatorValueRegister): (JSC::BytecodeGenerator::generatorResumeModeRegister): (JSC::BytecodeGenerator::parseMode): (JSC::BytecodeGenerator::registerFor): (JSC::BytecodeGenerator::makeFunction): * bytecompiler/NodesCodegen.cpp: (JSC::ThisNode::emitBytecode): (JSC::emitHomeObjectForCallee): (JSC::emitSuperBaseForCallee): (JSC::ReturnNode::emitBytecode): (JSC::FunctionNode::emitBytecode): (JSC::YieldExprNode::emitBytecode): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::ByteCodeParser): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): * dfg/DFGForAllKills.h: (JSC::DFG::forAllKilledOperands): * dfg/DFGGraph.h: (JSC::DFG::Graph::forAllLocalsLiveInBytecode): * dfg/DFGOSREntrypointCreationPhase.cpp: (JSC::DFG::OSREntrypointCreationPhase::run): * dfg/DFGVariableEventStream.cpp: (JSC::DFG::VariableEventStream::reconstruct): * ftl/FTLForOSREntryJITCode.cpp: (JSC::FTL::ForOSREntryJITCode::initializeEntryBuffer): * ftl/FTLForOSREntryJITCode.h: * ftl/FTLOSREntry.cpp: (JSC::FTL::prepareOSREntry): * ftl/FTLState.cpp: (JSC::FTL::State::State): * heap/MarkedBlock.h: (JSC::MarkedBlock::isAtom): (JSC::MarkedBlock::isLiveCell): * interpreter/Interpreter.cpp: (JSC::eval): (JSC::Interpreter::dumpRegisters): * jit/JIT.cpp: (JSC::JIT::privateCompileMainPass): (JSC::JIT::frameRegisterCountFor): * jit/JIT.h: * jit/JITOpcodes.cpp: (JSC::JIT::emitNewFuncCommon): (JSC::JIT::emit_op_new_func): (JSC::JIT::emit_op_new_generator_func): (JSC::JIT::emitNewFuncExprCommon): (JSC::JIT::emit_op_new_func_exp): (JSC::JIT::emit_op_new_generator_func_exp): (JSC::JIT::emit_op_save): (JSC::JIT::emit_op_resume): * jit/JITOperations.cpp: (JSC::operationNewFunctionCommon): * jit/JITOperations.h: * llint/LLIntEntrypoint.cpp: (JSC::LLInt::frameRegisterCountFor): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::traceFunctionPrologue): (JSC::LLInt::LLINT_SLOW_PATH_DECL): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * parser/ASTBuilder.h: (JSC::ASTBuilder::createYield): (JSC::ASTBuilder::createFunctionMetadata): (JSC::ASTBuilder::propagateArgumentsUse): * parser/Nodes.cpp: (JSC::FunctionMetadataNode::FunctionMetadataNode): * parser/Nodes.h: * parser/Parser.cpp: (JSC::Parser<LexerType>::Parser): (JSC::Parser<LexerType>::parseInner): (JSC::Parser<LexerType>::parseGeneratorFunctionSourceElements): (JSC::Parser<LexerType>::parseFunctionBody): (JSC::stringForFunctionMode): (JSC::Parser<LexerType>::createGeneratorParameters): (JSC::Parser<LexerType>::parseFunctionInfo): (JSC::Parser<LexerType>::parseFunctionDeclaration): (JSC::Parser<LexerType>::parseClass): (JSC::Parser<LexerType>::parseAssignmentExpression): (JSC::Parser<LexerType>::parseYieldExpression): (JSC::Parser<LexerType>::parsePropertyMethod): (JSC::Parser<LexerType>::parseFunctionExpression): * parser/Parser.h: (JSC::Scope::Scope): (JSC::Scope::setSourceParseMode): (JSC::Scope::hasArguments): (JSC::Scope::collectFreeVariables): (JSC::Scope::setIsFunction): (JSC::Scope::setIsGeneratorFunction): (JSC::Scope::setIsGenerator): (JSC::parse): * parser/ParserModes.h: (JSC::isFunctionParseMode): (JSC::isModuleParseMode): (JSC::isProgramParseMode): * parser/SourceCodeKey.h: Added. (JSC::SourceCodeKey::SourceCodeKey): (JSC::SourceCodeKey::isHashTableDeletedValue): (JSC::SourceCodeKey::hash): (JSC::SourceCodeKey::length): (JSC::SourceCodeKey::isNull): (JSC::SourceCodeKey::string): (JSC::SourceCodeKey::operator==): (JSC::SourceCodeKeyHash::hash): (JSC::SourceCodeKeyHash::equal): (JSC::SourceCodeKeyHashTraits::isEmptyValue): * parser/SyntaxChecker.h: (JSC::SyntaxChecker::createYield): (JSC::SyntaxChecker::createFunctionMetadata): (JSC::SyntaxChecker::operatorStackPop): * runtime/CodeCache.cpp: (JSC::CodeCache::getGlobalCodeBlock): (JSC::CodeCache::getFunctionExecutableFromGlobalCode): * runtime/CodeCache.h: (JSC::SourceCodeKey::SourceCodeKey): Deleted. (JSC::SourceCodeKey::isHashTableDeletedValue): Deleted. (JSC::SourceCodeKey::hash): Deleted. (JSC::SourceCodeKey::length): Deleted. (JSC::SourceCodeKey::isNull): Deleted. (JSC::SourceCodeKey::string): Deleted. (JSC::SourceCodeKey::operator==): Deleted. (JSC::SourceCodeKeyHash::hash): Deleted. (JSC::SourceCodeKeyHash::equal): Deleted. (JSC::SourceCodeKeyHashTraits::isEmptyValue): Deleted. * runtime/CommonIdentifiers.h: * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): * runtime/CommonSlowPaths.h: * runtime/Completion.cpp: (JSC::checkSyntax): (JSC::checkModuleSyntax): * runtime/Executable.cpp: (JSC::ScriptExecutable::newCodeBlockFor): (JSC::ProgramExecutable::checkSyntax): * runtime/Executable.h: * runtime/FunctionConstructor.cpp: (JSC::constructFunction): (JSC::constructFunctionSkippingEvalEnabledCheck): * runtime/FunctionConstructor.h: * runtime/GeneratorFrame.cpp: Added. (JSC::GeneratorFrame::GeneratorFrame): (JSC::GeneratorFrame::finishCreation): (JSC::GeneratorFrame::createStructure): (JSC::GeneratorFrame::create): (JSC::GeneratorFrame::save): (JSC::GeneratorFrame::resume): (JSC::GeneratorFrame::visitChildren): * runtime/GeneratorFrame.h: Added. (JSC::GeneratorFrame::locals): (JSC::GeneratorFrame::localAt): (JSC::GeneratorFrame::offsetOfLocals): (JSC::GeneratorFrame::allocationSizeForLocals): * runtime/GeneratorFunctionConstructor.cpp: Added. (JSC::GeneratorFunctionConstructor::GeneratorFunctionConstructor): (JSC::GeneratorFunctionConstructor::finishCreation): (JSC::callGeneratorFunctionConstructor): (JSC::constructGeneratorFunctionConstructor): (JSC::GeneratorFunctionConstructor::getCallData): (JSC::GeneratorFunctionConstructor::getConstructData): * runtime/GeneratorFunctionConstructor.h: Added. (JSC::GeneratorFunctionConstructor::create): (JSC::GeneratorFunctionConstructor::createStructure): * runtime/GeneratorFunctionPrototype.cpp: Added. (JSC::GeneratorFunctionPrototype::GeneratorFunctionPrototype): (JSC::GeneratorFunctionPrototype::finishCreation): * runtime/GeneratorFunctionPrototype.h: Added. (JSC::GeneratorFunctionPrototype::create): (JSC::GeneratorFunctionPrototype::createStructure): * runtime/GeneratorPrototype.cpp: Copied from Source/JavaScriptCore/ftl/FTLForOSREntryJITCode.cpp. (JSC::GeneratorPrototype::finishCreation): (JSC::GeneratorPrototype::getOwnPropertySlot): * runtime/GeneratorPrototype.h: Copied from Source/JavaScriptCore/ftl/FTLForOSREntryJITCode.cpp. (JSC::GeneratorPrototype::create): (JSC::GeneratorPrototype::createStructure): (JSC::GeneratorPrototype::GeneratorPrototype): * runtime/GeneratorThisMode.h: Added. * runtime/JSFunction.cpp: (JSC::JSFunction::getOwnPropertySlot): * runtime/JSGeneratorFunction.cpp: Added. (JSC::JSGeneratorFunction::JSGeneratorFunction): (JSC::JSGeneratorFunction::createImpl): (JSC::JSGeneratorFunction::create): (JSC::JSGeneratorFunction::createWithInvalidatedReallocationWatchpoint): * runtime/JSGeneratorFunction.h: Added. (JSC::JSGeneratorFunction::allocationSize): (JSC::JSGeneratorFunction::createStructure): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::init): (JSC::JSGlobalObject::visitChildren): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::generatorFunctionPrototype): (JSC::JSGlobalObject::generatorPrototype): (JSC::JSGlobalObject::generatorFunctionStructure): * runtime/ModuleLoaderObject.cpp: (JSC::moduleLoaderObjectParseModule): * runtime/VM.cpp: (JSC::VM::VM): * runtime/VM.h: * tests/es6.yaml: * tests/es6/generators_yield_star_generic_iterables.js: (iterator.next): (iterable.Symbol.iterator): (__createIterableObject): * tests/es6/generators_yield_star_instances_of_iterables.js: (iterator.next): (iterable.Symbol.iterator): (__createIterableObject): * tests/es6/generators_yield_star_iterator_closing.js: (iterator.next): (iterable.Symbol.iterator): (__createIterableObject): * tests/es6/generators_yield_star_iterator_closing_via_throw.js: (iterator.next): (iterable.Symbol.iterator): (__createIterableObject): * tests/stress/generator-arguments-from-function.js: Added. (shouldBe): (test): * tests/stress/generator-arguments.js: Added. (shouldBe): (g1): * tests/stress/generator-class-methods-syntax.js: Added. (testSyntax): (testSyntaxError): (testSyntaxError.Cocoa): (testSyntax.Cocoa.prototype.ok): (testSyntax.Cocoa): (testSyntax.Cocoa.ok): * tests/stress/generator-class-methods.js: Added. (shouldBe): (prototype.gen): (staticGen): (shouldBe.g.next): * tests/stress/generator-eval-this.js: Added. (shouldBe): (shouldThrow): (B): (A): (C.prototype.generator): (C): (TypeError): * tests/stress/generator-function-constructor.js: Added. (shouldBe): (generatorFunctionConstructor): * tests/stress/generator-function-name.js: Added. (shouldBe): (ok): * tests/stress/generator-methods-with-non-generator.js: Added. (shouldThrow): * tests/stress/generator-relations.js: Added. (shouldBe): (generatorFunction): * tests/stress/generator-return-before-first-call.js: Added. (shouldBe): (shouldBeIteratorResult): * tests/stress/generator-return.js: Added. (shouldBe): (shouldBeIteratorResult): * tests/stress/generator-this.js: Added. (shouldBe): (shouldThrow): (gen): (shouldBe.g.next): * tests/stress/generator-throw-before-first-call.js: Added. (unreachable): (gen): (catch): * tests/stress/generator-throw.js: Added. (shouldBe): (shouldBeIteratorResult): * tests/stress/generator-with-new-target.js: Added. (shouldBe): (gen): * tests/stress/generator-with-super.js: Added. (shouldThrow): (test): (B.prototype.gen): (B): (A.prototype.gen): (A): * tests/stress/generator-yield-star.js: Added. (shouldBe): (shouldThrow): (prototype.call): (Arrays): (Arrays.prototype.Symbol.iterator): (Iterator.prototype.next): (Iterator.prototype.string_appeared_here): (Iterator.prototype.Symbol.iterator): (Iterator): (gen): Source/WebCore: * Configurations/FeatureDefines.xcconfig: Source/WebKit/mac: * Configurations/FeatureDefines.xcconfig: Source/WebKit2: * Configurations/FeatureDefines.xcconfig: Source/WTF: * wtf/FastBitVector.h: (WTF::FastBitVector::forEachSetBit): * wtf/FeatureDefines.h: Tools: * Scripts/webkitperl/FeatureList.pm: WebKitLibraries: * win/tools/vsprops/FeatureDefines.props: * win/tools/vsprops/FeatureDefinesCairo.props: Canonical link: https://commits.webkit.org/169884@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@192937 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2015-12-02 03:16:28 +00:00
, m_superBinding(static_cast<unsigned>(info.superBinding()))
[JSC] Implement parsing of Async Functions https://bugs.webkit.org/show_bug.cgi?id=161409 Reviewed by Yusuke Suzuki. .: * Source/cmake/WebKitFeatures.cmake: JSTests: * stress/async-await-syntax.js: Added. (testSyntax): (testSyntaxError): (testTopLevelAsyncAwaitSyntaxSloppyMode.testSyntax): (testTopLevelAsyncAwaitSyntaxSloppyMode): (testTopLevelAsyncAwaitSyntaxStrictMode): (testTopLevelAsyncAwaitSyntaxStrictMode.testSyntax): (testNestedAsyncAwaitSyntax.async): (testNestedAsyncAwaitSyntax.foo): (testTopLevelAsyncAwaitSyntaxSloppyMode.testSyntaxError): Source/JavaScriptCore: Introduces frontend parsing for the async function proposal soon to be ratified in ECMA262 (https://tc39.github.io/ecmascript-asyncawait/). * API/JSScriptRef.cpp: (parseScript): * Configurations/FeatureDefines.xcconfig: * builtins/BuiltinExecutables.cpp: (JSC::BuiltinExecutables::createExecutable): * bytecode/EvalCodeCache.h: (JSC::EvalCodeCache::CacheKey::CacheKey): * bytecode/ExecutableInfo.h: (JSC::ExecutableInfo::ExecutableInfo): (JSC::ExecutableInfo::scriptMode): (JSC::ExecutableInfo::commentMode): Deleted. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::scriptMode): (JSC::UnlinkedCodeBlock::commentMode): Deleted. * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::generateUnlinkedFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): * bytecode/UnlinkedFunctionExecutable.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitNewArrowFunctionExpression): (JSC::BytecodeGenerator::emitNewMethodDefinition): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::scriptMode): (JSC::BytecodeGenerator::makeFunction): (JSC::BytecodeGenerator::commentMode): Deleted. * bytecompiler/NodesCodegen.cpp: (JSC::AwaitExprNode::emitBytecode): * parser/ASTBuilder.h: (JSC::ASTBuilder::createAwait): (JSC::ASTBuilder::createAsyncFunctionBody): * parser/Keywords.table: * parser/Lexer.cpp: (JSC::Lexer<T>::Lexer): (JSC::Lexer<T>::lex): * parser/Lexer.h: * parser/NodeConstructors.h: (JSC::AwaitExprNode::AwaitExprNode): * parser/Nodes.h: * parser/Parser.cpp: (JSC::Parser<LexerType>::Parser): (JSC::Parser<LexerType>::parseInner): (JSC::Parser<LexerType>::isArrowFunctionParameters): (JSC::Parser<LexerType>::parseAsyncFunctionSourceElements): (JSC::Parser<LexerType>::parseStatementListItem): (JSC::Parser<LexerType>::parseVariableDeclarationList): (JSC::Parser<LexerType>::parseDestructuringPattern): (JSC::Parser<LexerType>::parseStatement): (JSC::Parser<LexerType>::parseFunctionDeclarationStatement): (JSC::Parser<LexerType>::maybeParseAsyncFunctionDeclarationStatement): (JSC::Parser<LexerType>::parseFormalParameters): (JSC::stringForFunctionMode): (JSC::Parser<LexerType>::parseFunctionParameters): (JSC::Parser<LexerType>::parseFunctionInfo): (JSC::Parser<LexerType>::parseAsyncFunctionDeclaration): (JSC::Parser<LexerType>::parseClass): (JSC::Parser<LexerType>::parseExpressionOrLabelStatement): (JSC::Parser<LexerType>::parseImportClauseItem): (JSC::Parser<LexerType>::parseImportDeclaration): (JSC::Parser<LexerType>::parseExportDeclaration): (JSC::Parser<LexerType>::parseAssignmentExpression): (JSC::Parser<LexerType>::parseProperty): Deleted. (JSC::Parser<LexerType>::parsePropertyMethod): Deleted. (JSC::Parser<LexerType>::parsePrimaryExpression): Deleted. (JSC::Parser<LexerType>::parseMemberExpression): Deleted. (JSC::Parser<LexerType>::parseArrowFunctionExpression): Deleted. (JSC::Parser<LexerType>::parseUnaryExpression): Deleted. (JSC::Parser<LexerType>::printUnexpectedTokenText): Deleted. * parser/Parser.h: (JSC::Scope::Scope): (JSC::Scope::setSourceParseMode): (JSC::Scope::isAsyncFunction): (JSC::Scope::isAsyncFunctionBoundary): (JSC::Scope::setIsAsyncArrowFunction): (JSC::Scope::setIsAsyncFunction): (JSC::Scope::setIsAsyncFunctionBody): (JSC::Scope::setIsAsyncArrowFunctionBody): (JSC::Parser::ExpressionErrorClassifier::forceClassifyExpressionError): (JSC::Parser::ExpressionErrorClassifier::propagateExpressionErrorClass): (JSC::Parser::ExpressionErrorClassifier::indicatesPossibleAsyncArrowFunction): (JSC::Parser::forceClassifyExpressionError): (JSC::Parser::declarationTypeToVariableKind): (JSC::Parser::upperScope): (JSC::Parser::pushScope): (JSC::Parser::matchSpecIdentifier): (JSC::Parser::isDisallowedIdentifierAwait): (JSC::Parser::disallowedIdentifierAwaitReason): (JSC::parse): (JSC::Scope::isGeneratorBoundary): Deleted. (JSC::Parser::ExpressionErrorClassifier::indicatesPossiblePattern): Deleted. * parser/ParserModes.h: (JSC::SourceParseModeSet::SourceParseModeSet): (JSC::SourceParseModeSet::contains): (JSC::SourceParseModeSet::mergeSourceParseModes): (JSC::isFunctionParseMode): (JSC::isAsyncFunctionParseMode): (JSC::isAsyncArrowFunctionParseMode): (JSC::isAsyncFunctionWrapperParseMode): (JSC::isAsyncFunctionBodyParseMode): (JSC::isMethodParseMode): (JSC::isModuleParseMode): (JSC::isProgramParseMode): (JSC::constructAbilityForParseMode): * parser/ParserTokens.h: * parser/SourceCodeKey.h: (JSC::SourceCodeFlags::SourceCodeFlags): (JSC::SourceCodeKey::SourceCodeKey): * parser/SyntaxChecker.h: (JSC::SyntaxChecker::createAwait): (JSC::SyntaxChecker::createAsyncFunctionBody): (JSC::SyntaxChecker::createYield): Deleted. (JSC::SyntaxChecker::createFunctionExpr): Deleted. * runtime/CodeCache.cpp: (JSC::CodeCache::getGlobalCodeBlock): (JSC::CodeCache::getProgramCodeBlock): (JSC::CodeCache::getEvalCodeBlock): (JSC::CodeCache::getModuleProgramCodeBlock): (JSC::CodeCache::getFunctionExecutableFromGlobalCode): * runtime/CodeCache.h: * runtime/CommonIdentifiers.h: * runtime/Completion.cpp: (JSC::checkSyntax): (JSC::checkModuleSyntax): * runtime/Executable.cpp: (JSC::ProgramExecutable::checkSyntax): * runtime/Executable.h: * runtime/ModuleLoaderPrototype.cpp: (JSC::moduleLoaderPrototypeParseModule): Source/WebCore: * Configurations/FeatureDefines.xcconfig: Source/WebKit/mac: * Configurations/FeatureDefines.xcconfig: Source/WebKit2: * Configurations/FeatureDefines.xcconfig: Source/WTF: * wtf/FeatureDefines.h: Tools: * Scripts/build-jsc: (cMakeArgsFromFeatures): * Scripts/webkitperl/FeatureList.pm: * TestWebKitAPI/Configurations/FeatureDefines.xcconfig: Canonical link: https://commits.webkit.org/180462@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206333 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2016-09-23 22:24:27 +00:00
, m_scriptMode(static_cast<unsigned>(info.scriptMode()))
[ES6] "super" and "this" should be lexically bound inside an arrow function and should live in a JSLexicalEnvironment https://bugs.webkit.org/show_bug.cgi?id=149338 Source/JavaScriptCore: Patch by Aleksandr Skachkov <gskachkov@gmail.com> on 2015-12-05 Reviewed by Saam Barati. Implemented new version of the lexically bound 'this' in arrow function. In current version 'this' is stored inside of the lexical environment of the function. To store and load we use op_get_from_scope and op_put_to_scope operations. Also new implementation prevent raising TDZ error for arrow functions that are declared before super() but invoke after. * builtins/BuiltinExecutables.cpp: (JSC::createExecutableInternal): * bytecode/BytecodeList.json: * bytecode/BytecodeUseDef.h: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): * bytecode/EvalCodeCache.h: (JSC::EvalCodeCache::getSlow): * bytecode/ExecutableInfo.h: (JSC::ExecutableInfo::ExecutableInfo): (JSC::ExecutableInfo::isDerivedConstructorContext): (JSC::ExecutableInfo::isArrowFunctionContext): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::isArrowFunction): (JSC::UnlinkedCodeBlock::isDerivedConstructorContext): (JSC::UnlinkedCodeBlock::isArrowFunctionContext): * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::generateUnlinkedFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): * bytecode/UnlinkedFunctionExecutable.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeArrowFunctionContextScopeIfNeeded): (JSC::BytecodeGenerator::variable): (JSC::BytecodeGenerator::emitNewArrowFunctionExpression): (JSC::BytecodeGenerator::emitLoadArrowFunctionLexicalEnvironment): (JSC::BytecodeGenerator::emitLoadThisFromArrowFunctionLexicalEnvironment): (JSC::BytecodeGenerator::emitLoadNewTargetFromArrowFunctionLexicalEnvironment): (JSC::BytecodeGenerator::emitLoadDerivedConstructorFromArrowFunctionLexicalEnvironment): (JSC::BytecodeGenerator::emitPutNewTargetToArrowFunctionContextScope): (JSC::BytecodeGenerator::emitPutDerivedConstructorToArrowFunctionContextScope): (JSC::BytecodeGenerator::emitPutThisToArrowFunctionContextScope): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::isDerivedConstructorContext): (JSC::BytecodeGenerator::usesArrowFunction): (JSC::BytecodeGenerator::needsToUpdateArrowFunctionContext): (JSC::BytecodeGenerator::usesEval): (JSC::BytecodeGenerator::usesThis): (JSC::BytecodeGenerator::newTarget): (JSC::BytecodeGenerator::makeFunction): * bytecompiler/NodesCodegen.cpp: (JSC::ThisNode::emitBytecode): (JSC::SuperNode::emitBytecode): (JSC::EvalFunctionCallNode::emitBytecode): (JSC::FunctionCallValueNode::emitBytecode): (JSC::FunctionNode::emitBytecode): * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::evaluate): * dfg/DFGAbstractInterpreterInlines.h: * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::parseBlock): * dfg/DFGCapabilities.cpp: * dfg/DFGClobberize.h: * dfg/DFGDoesGC.cpp: * dfg/DFGFixupPhase.cpp: * dfg/DFGNodeType.h: * dfg/DFGObjectAllocationSinkingPhase.cpp: * dfg/DFGPredictionPropagationPhase.cpp: * dfg/DFGPromotedHeapLocation.cpp: * dfg/DFGPromotedHeapLocation.h: * dfg/DFGSafeToExecute.h: * dfg/DFGSpeculativeJIT.cpp: * dfg/DFGSpeculativeJIT.h: * dfg/DFGSpeculativeJIT32_64.cpp: * dfg/DFGSpeculativeJIT64.cpp: * ftl/FTLCapabilities.cpp: * ftl/FTLLowerDFGToLLVM.cpp: * ftl/FTLOperations.cpp: (JSC::FTL::operationMaterializeObjectInOSR): * interpreter/Interpreter.cpp: (JSC::eval): * jit/JIT.cpp: * jit/JIT.h: * jit/JITOpcodes.cpp: (JSC::JIT::emitNewFuncExprCommon): * jit/JITOpcodes32_64.cpp: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::LLINT_SLOW_PATH_DECL): * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * parser/ASTBuilder.h: (JSC::ASTBuilder::createArrowFunctionExpr): (JSC::ASTBuilder::usesArrowFunction): * parser/Nodes.h: (JSC::ScopeNode::usesArrowFunction): * parser/Parser.cpp: (JSC::Parser<LexerType>::parseFunctionInfo): * parser/ParserModes.h: * runtime/CodeCache.cpp: (JSC::CodeCache::getGlobalCodeBlock): (JSC::CodeCache::getProgramCodeBlock): (JSC::CodeCache::getEvalCodeBlock): (JSC::CodeCache::getModuleProgramCodeBlock): (JSC::CodeCache::getFunctionExecutableFromGlobalCode): * runtime/CodeCache.h: * runtime/CommonIdentifiers.h: * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): * runtime/Executable.cpp: (JSC::ScriptExecutable::ScriptExecutable): (JSC::EvalExecutable::create): (JSC::EvalExecutable::EvalExecutable): (JSC::ProgramExecutable::ProgramExecutable): (JSC::ModuleProgramExecutable::ModuleProgramExecutable): (JSC::FunctionExecutable::FunctionExecutable): * runtime/Executable.h: (JSC::ScriptExecutable::isArrowFunctionContext): (JSC::ScriptExecutable::isDerivedConstructorContext): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::createEvalCodeBlock): * runtime/JSGlobalObject.h: * runtime/JSGlobalObjectFunctions.cpp: (JSC::globalFuncEval): * tests/es6.yaml: * tests/stress/arrowfunction-activation-sink-osrexit.js: * tests/stress/arrowfunction-activation-sink.js: * tests/stress/arrowfunction-lexical-bind-newtarget.js: Added. * tests/stress/arrowfunction-lexical-bind-supercall-1.js: Added. * tests/stress/arrowfunction-lexical-bind-supercall-2.js: Added. * tests/stress/arrowfunction-lexical-bind-supercall-3.js: Added. * tests/stress/arrowfunction-lexical-bind-supercall-4.js: Added. * tests/stress/arrowfunction-lexical-bind-this-1.js: * tests/stress/arrowfunction-lexical-bind-this-7.js: Added. * tests/stress/arrowfunction-tdz-1.js: Added. * tests/stress/arrowfunction-tdz-2.js: Added. * tests/stress/arrowfunction-tdz-3.js: Added. * tests/stress/arrowfunction-tdz-4.js: Added. * tests/stress/arrowfunction-tdz.js: Removed. LayoutTests: Patch by Skachkov Oleksandr <gskachkov@gmail.com> on 2015-12-08 Reviewed by Saam Barati. * js/arrowfunction-supercall-expected.txt: Added. * js/arrowfunction-supercall.html: Added. * js/arrowfunction-tdz-expected.txt: Added new expectation. * js/script-tests/arrowfunction-supercall.js: Added. * js/script-tests/arrowfunction-tdz.js: Added new cases. Canonical link: https://commits.webkit.org/170152@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@193766 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2015-12-08 20:24:04 +00:00
, m_isArrowFunctionContext(info.isArrowFunctionContext())
[ES6] Arrow function syntax. Arrow function specific features. Lexical bind "super" https://bugs.webkit.org/show_bug.cgi?id=149615 Source/JavaScriptCore: Patch by Aleksandr Skachkov <gskachkov@gmail.com> on 2015-12-30 Reviewed by Saam Barati. Implemented lexical bind "super" property for arrow function. 'super' property can be accessed inside of the arrow function in case if arrow function is nested in constructor, method, getter or setter of class. In current patch using 'super' in arrow function, that declared out of the class, lead to wrong type of error, should be SyntaxError(https://bugs.webkit.org/show_bug.cgi?id=150893) and this will be fixed in separete patch. * builtins/BuiltinExecutables.cpp: (JSC::createExecutableInternal): * bytecode/EvalCodeCache.h: (JSC::EvalCodeCache::getSlow): * bytecode/ExecutableInfo.h: (JSC::ExecutableInfo::ExecutableInfo): (JSC::ExecutableInfo::derivedContextType): (JSC::ExecutableInfo::isClassContext): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::derivedContextType): (JSC::UnlinkedCodeBlock::isClassContext): * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::generateUnlinkedFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): * bytecode/UnlinkedFunctionExecutable.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::emitPutDerivedConstructorToArrowFunctionContextScope): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::derivedContextType): (JSC::BytecodeGenerator::isDerivedConstructorContext): (JSC::BytecodeGenerator::isDerivedClassContext): (JSC::BytecodeGenerator::isArrowFunction): (JSC::BytecodeGenerator::makeFunction): * bytecompiler/NodesCodegen.cpp: (JSC::emitHomeObjectForCallee): (JSC::FunctionCallValueNode::emitBytecode): * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::evaluate): * interpreter/Interpreter.cpp: (JSC::eval): * runtime/CodeCache.cpp: (JSC::CodeCache::getFunctionExecutableFromGlobalCode): * runtime/Executable.cpp: (JSC::ScriptExecutable::ScriptExecutable): (JSC::EvalExecutable::create): (JSC::EvalExecutable::EvalExecutable): (JSC::ProgramExecutable::ProgramExecutable): (JSC::ModuleProgramExecutable::ModuleProgramExecutable): (JSC::FunctionExecutable::FunctionExecutable): * runtime/Executable.h: (JSC::ScriptExecutable::derivedContextType): * runtime/JSGlobalObjectFunctions.cpp: (JSC::globalFuncEval): * tests/es6.yaml: * tests/stress/arrowfunction-lexical-bind-superproperty.js: Added. LayoutTests: Patch by Skachkov Oleksandr <gskachkov@gmail.com> on 2015-12-30 Reviewed by Saam Barati. * js/arrowfunction-superproperty-expected.txt: Added. * js/arrowfunction-superproperty.html: Added. * js/script-tests/arrowfunction-superproperty.js: Added. Canonical link: https://commits.webkit.org/170687@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194449 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2015-12-30 21:08:16 +00:00
, m_isClassContext(info.isClassContext())
[JSC] Generator CodeBlock generation should be idempotent https://bugs.webkit.org/show_bug.cgi?id=197552 Reviewed by Keith Miller. JSTests: Add complex.yaml, which controls how to run JSC shell more. We split test files into two to run macro task between them which allows debugger to be attached to VM. * complex.yaml: Added. * complex/generator-regeneration-after.js: Added. * complex/generator-regeneration.js: Added. (gen): Source/JavaScriptCore: ES6 Generator saves and resumes the current execution state. Since ES6 generator can save the execution state at expression granularity (not statement granularity), the saved state involves locals. But if the underlying CodeBlock is jettisoned and recompiled with different code generation option (like, debugger, type profiler etc.), the generated instructions can be largely different and it does not have the same state previously used. If we resume the previously created generator with the newly generator function, resuming is messed up. function* gen () { ... } var g = gen(); g.next(); // CodeBlock is destroyed & Debugger is enabled. g.next(); In this patch, 1. In generatorification, we use index Identifier (localN => Identifier("N")) instead of private symbols to generate the same instructions every time we regenerate the CodeBlock. 2. We decouple the options which can affect on the generated code (Debugger, TypeProfiler, ControlFlowProfiler) from the BytecodeGenerator, and pass them as a parameter, OptionSet<CodeGeneratorMode>. 3. Generator ScriptExecutable remembers the previous CodeGeneratorMode and reuses this parameter to regenerate CodeBlock. It means that, even if the debugger is enabled, previously created generators are not debuggable. But newly created generators are debuggable. * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::storageForGeneratorLocal): (JSC::BytecodeGeneratorification::run): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::setConstantRegisters): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::wasCompiledWithDebuggingOpcodes const): (JSC::UnlinkedCodeBlock::wasCompiledWithTypeProfilerOpcodes const): (JSC::UnlinkedCodeBlock::wasCompiledWithControlFlowProfilerOpcodes const): (JSC::UnlinkedCodeBlock::codeGenerationMode const): * bytecode/UnlinkedEvalCodeBlock.h: * bytecode/UnlinkedFunctionCodeBlock.h: * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::generateUnlinkedFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::fromGlobalCode): (JSC::UnlinkedFunctionExecutable::unlinkedCodeBlockFor): * bytecode/UnlinkedFunctionExecutable.h: * bytecode/UnlinkedGlobalCodeBlock.h: (JSC::UnlinkedGlobalCodeBlock::UnlinkedGlobalCodeBlock): * bytecode/UnlinkedModuleProgramCodeBlock.h: * bytecode/UnlinkedProgramCodeBlock.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::emitTypeProfilerExpressionInfo): (JSC::BytecodeGenerator::emitProfileType): (JSC::BytecodeGenerator::emitProfileControlFlow): (JSC::BytecodeGenerator::pushLexicalScopeInternal): (JSC::BytecodeGenerator::popLexicalScopeInternal): (JSC::BytecodeGenerator::prepareLexicalScopeForNextForLoopIteration): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitCallVarargs): (JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary): (JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary): (JSC::BytecodeGenerator::emitDebugHook): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::shouldEmitDebugHooks const): (JSC::BytecodeGenerator::shouldEmitTypeProfilerHooks const): (JSC::BytecodeGenerator::shouldEmitControlFlowProfilerHooks const): * bytecompiler/NodesCodegen.cpp: (JSC::PrefixNode::emitResolve): (JSC::EmptyVarExpression::emitBytecode): (JSC::ReturnNode::emitBytecode): (JSC::FunctionNode::emitBytecode): * parser/ParserModes.h: (): Deleted. * parser/SourceCodeKey.h: (JSC::SourceCodeFlags::SourceCodeFlags): (JSC::SourceCodeKey::SourceCodeKey): * runtime/CachedTypes.cpp: (JSC::CachedCodeBlock::isClassContext const): (JSC::CachedCodeBlock::codeGenerationMode const): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::CachedCodeBlock<CodeBlockType>::encode): (JSC::CachedCodeBlock::wasCompiledWithDebuggingOpcodes const): Deleted. * runtime/CodeCache.cpp: (JSC::CodeCache::getUnlinkedGlobalCodeBlock): (JSC::CodeCache::getUnlinkedProgramCodeBlock): (JSC::CodeCache::getUnlinkedEvalCodeBlock): (JSC::CodeCache::getUnlinkedModuleProgramCodeBlock): (JSC::CodeCache::getUnlinkedGlobalFunctionExecutable): (JSC::generateUnlinkedCodeBlockForFunctions): (JSC::sourceCodeKeyForSerializedBytecode): (JSC::sourceCodeKeyForSerializedProgram): (JSC::sourceCodeKeyForSerializedModule): (JSC::serializeBytecode): * runtime/CodeCache.h: (JSC::generateUnlinkedCodeBlockImpl): (JSC::generateUnlinkedCodeBlock): * runtime/Completion.cpp: (JSC::generateProgramBytecode): (JSC::generateModuleBytecode): * runtime/DirectEvalExecutable.cpp: (JSC::DirectEvalExecutable::create): * runtime/IndirectEvalExecutable.cpp: (JSC::IndirectEvalExecutable::create): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::defaultCodeGenerationMode const): * runtime/ModuleProgramExecutable.cpp: (JSC::ModuleProgramExecutable::create): * runtime/ProgramExecutable.cpp: (JSC::ProgramExecutable::initializeGlobalProperties): * runtime/ScriptExecutable.cpp: (JSC::ScriptExecutable::ScriptExecutable): (JSC::ScriptExecutable::newCodeBlockFor): * runtime/ScriptExecutable.h: * tools/JSDollarVM.cpp: (JSC::changeDebuggerModeWhenIdle): (JSC::functionEnableDebuggerModeWhenIdle): (JSC::functionDisableDebuggerModeWhenIdle): Tools: * Scripts/run-javascriptcore-tests: (runJSCStressTests): * Scripts/run-jsc-stress-tests: Canonical link: https://commits.webkit.org/211707@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244915 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-05-03 18:54:44 +00:00
, m_hasTailCalls(false)
[ES6] Module should not allow HTML comments https://bugs.webkit.org/show_bug.cgi?id=161041 Reviewed by Saam Barati. JSTests: * modules/html-comments.js: Added. (shouldThrow): * test262.yaml: Source/JavaScriptCore: ES6 Modules intentionally disable HTML comments[1]. [1]: https://tc39.github.io/ecma262/#sec-html-like-comments * API/JSScriptRef.cpp: (parseScript): * builtins/BuiltinExecutables.cpp: (JSC::BuiltinExecutables::createExecutable): * bytecode/EvalCodeCache.h: (JSC::EvalCodeCache::CacheKey::CacheKey): * bytecode/ExecutableInfo.h: (JSC::ExecutableInfo::ExecutableInfo): (JSC::ExecutableInfo::commentMode): (JSC::ExecutableInfo::superBinding): Deleted. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::commentMode): (JSC::UnlinkedCodeBlock::superBinding): Deleted. * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::generateUnlinkedFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): * bytecode/UnlinkedFunctionExecutable.h: * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::commentMode): (JSC::BytecodeGenerator::makeFunction): (JSC::BytecodeGenerator::superBinding): Deleted. * parser/Lexer.cpp: (JSC::Lexer<T>::Lexer): (JSC::Lexer<T>::lex): * parser/Lexer.h: * parser/Parser.cpp: (JSC::Parser<LexerType>::Parser): * parser/Parser.h: (JSC::parse): * parser/ParserModes.h: * parser/SourceCodeKey.h: (JSC::SourceCodeFlags::SourceCodeFlags): (JSC::SourceCodeKey::SourceCodeKey): * runtime/CodeCache.cpp: (JSC::CodeCache::getGlobalCodeBlock): (JSC::CodeCache::getProgramCodeBlock): (JSC::CodeCache::getEvalCodeBlock): (JSC::CodeCache::getModuleProgramCodeBlock): (JSC::CodeCache::getFunctionExecutableFromGlobalCode): * runtime/CodeCache.h: * runtime/Completion.cpp: (JSC::checkSyntax): (JSC::checkModuleSyntax): * runtime/Executable.cpp: (JSC::ProgramExecutable::checkSyntax): * runtime/Executable.h: * runtime/ModuleLoaderPrototype.cpp: (JSC::moduleLoaderPrototypeParseModule): Canonical link: https://commits.webkit.org/179179@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@204714 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2016-08-22 14:12:10 +00:00
, m_constructorKind(static_cast<unsigned>(info.constructorKind()))
, m_derivedContextType(static_cast<unsigned>(info.derivedContextType()))
, m_evalContextType(static_cast<unsigned>(info.evalContextType()))
[JSC] Shrink sizeof(UnlinkedCodeBlock) https://bugs.webkit.org/show_bug.cgi?id=194281 Reviewed by Michael Saboff. Source/JavaScriptCore: This patch first attempts to reduce the size of UnlinkedCodeBlock in a relatively simpler way. Reordering members, remove unused member, and move rarely used members to RareData. This changes sizeof(UnlinkedCodeBlock) from 312 to 256. Still we have several chances to reduce sizeof(UnlinkedCodeBlock). Making more Vectors to RefCountedArrays can be done with some restructuring of generatorification phase. It would be possible to remove m_sourceURLDirective and m_sourceMappingURLDirective from UnlinkedCodeBlock since they should be in SourceProvider and that should be enough. These changes require some intrusive modifications and we make them as a future work. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): * bytecode/CodeBlock.h: (JSC::CodeBlock::bitVectors const): Deleted. * bytecode/CodeType.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::shrinkToFit): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::bitVector): (JSC::UnlinkedCodeBlock::addBitVector): (JSC::UnlinkedCodeBlock::addSetConstant): (JSC::UnlinkedCodeBlock::constantRegisters): (JSC::UnlinkedCodeBlock::numberOfConstantIdentifierSets const): (JSC::UnlinkedCodeBlock::constantIdentifierSets): (JSC::UnlinkedCodeBlock::codeType const): (JSC::UnlinkedCodeBlock::didOptimize const): (JSC::UnlinkedCodeBlock::setDidOptimize): (JSC::UnlinkedCodeBlock::usesGlobalObject const): Deleted. (JSC::UnlinkedCodeBlock::setGlobalObjectRegister): Deleted. (JSC::UnlinkedCodeBlock::globalObjectRegister const): Deleted. (JSC::UnlinkedCodeBlock::bitVectors const): Deleted. * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitLoad): (JSC::BytecodeGenerator::emitLoadGlobalObject): Deleted. * bytecompiler/BytecodeGenerator.h: * runtime/CachedTypes.cpp: (JSC::CachedCodeBlockRareData::encode): (JSC::CachedCodeBlockRareData::decode const): (JSC::CachedCodeBlock::scopeRegister const): (JSC::CachedCodeBlock::codeType const): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::CachedCodeBlock<CodeBlockType>::decode const): (JSC::CachedCodeBlock<CodeBlockType>::encode): (JSC::CachedCodeBlock::globalObjectRegister const): Deleted. Source/WTF: * wtf/TriState.h: Canonical link: https://commits.webkit.org/208739@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240981 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-02-05 18:28:33 +00:00
, m_codeType(static_cast<unsigned>(codeType))
TriState should be an enum class and use "Indeterminate" instead of "Mixed" https://bugs.webkit.org/show_bug.cgi?id=211268 Reviewed by Mark Lam. Source/JavaScriptCore: * b3/B3Const32Value.cpp: (JSC::B3::Const32Value::equalConstant const): (JSC::B3::Const32Value::notEqualConstant const): (JSC::B3::Const32Value::lessThanConstant const): (JSC::B3::Const32Value::greaterThanConstant const): (JSC::B3::Const32Value::lessEqualConstant const): (JSC::B3::Const32Value::greaterEqualConstant const): (JSC::B3::Const32Value::aboveConstant const): (JSC::B3::Const32Value::belowConstant const): (JSC::B3::Const32Value::aboveEqualConstant const): (JSC::B3::Const32Value::belowEqualConstant const): * b3/B3Const64Value.cpp: (JSC::B3::Const64Value::equalConstant const): (JSC::B3::Const64Value::notEqualConstant const): (JSC::B3::Const64Value::lessThanConstant const): (JSC::B3::Const64Value::greaterThanConstant const): (JSC::B3::Const64Value::lessEqualConstant const): (JSC::B3::Const64Value::greaterEqualConstant const): (JSC::B3::Const64Value::aboveConstant const): (JSC::B3::Const64Value::belowConstant const): (JSC::B3::Const64Value::aboveEqualConstant const): (JSC::B3::Const64Value::belowEqualConstant const): * b3/B3ConstDoubleValue.cpp: (JSC::B3::ConstDoubleValue::equalConstant const): (JSC::B3::ConstDoubleValue::notEqualConstant const): (JSC::B3::ConstDoubleValue::lessThanConstant const): (JSC::B3::ConstDoubleValue::greaterThanConstant const): (JSC::B3::ConstDoubleValue::lessEqualConstant const): (JSC::B3::ConstDoubleValue::greaterEqualConstant const): (JSC::B3::ConstDoubleValue::equalOrUnorderedConstant const): * b3/B3ConstFloatValue.cpp: (JSC::B3::ConstFloatValue::equalConstant const): (JSC::B3::ConstFloatValue::notEqualConstant const): (JSC::B3::ConstFloatValue::lessThanConstant const): (JSC::B3::ConstFloatValue::greaterThanConstant const): (JSC::B3::ConstFloatValue::lessEqualConstant const): (JSC::B3::ConstFloatValue::greaterEqualConstant const): (JSC::B3::ConstFloatValue::equalOrUnorderedConstant const): * b3/B3Procedure.cpp: (JSC::B3::Procedure::addBoolConstant): * b3/B3Procedure.h: * b3/B3ReduceStrength.cpp: * b3/B3Value.cpp: (JSC::B3::Value::equalConstant const): (JSC::B3::Value::notEqualConstant const): (JSC::B3::Value::lessThanConstant const): (JSC::B3::Value::greaterThanConstant const): (JSC::B3::Value::lessEqualConstant const): (JSC::B3::Value::greaterEqualConstant const): (JSC::B3::Value::aboveConstant const): (JSC::B3::Value::belowConstant const): (JSC::B3::Value::aboveEqualConstant const): (JSC::B3::Value::belowEqualConstant const): (JSC::B3::Value::equalOrUnorderedConstant const): (JSC::B3::Value::asTriState const): * b3/B3Value.h: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::~CodeBlock): (JSC::CodeBlock::thresholdForJIT): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::UnlinkedFunctionExecutable::visitChildren): * bytecompiler/NodesCodegen.cpp: (JSC::ConstantNode::emitBytecodeInConditionContext): (JSC::BinaryOpNode::emitBytecodeInConditionContext): (JSC::BinaryOpNode::tryFoldToBranch): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleIntrinsicCall): * dfg/DFGCFGSimplificationPhase.cpp: (JSC::DFG::CFGSimplificationPhase::run): * dfg/DFGLazyJSValue.cpp: (JSC::DFG::equalToSingleCharacter): (JSC::DFG::equalToStringImpl): (JSC::DFG::LazyJSValue::strictEqual const): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileDataViewGet): (JSC::FTL::DFG::LowerDFGToB3::compileDataViewSet): * ftl/FTLOutput.cpp: (JSC::FTL::Output::equal): (JSC::FTL::Output::notEqual): (JSC::FTL::Output::above): (JSC::FTL::Output::aboveOrEqual): (JSC::FTL::Output::below): (JSC::FTL::Output::belowOrEqual): (JSC::FTL::Output::greaterThan): (JSC::FTL::Output::greaterThanOrEqual): (JSC::FTL::Output::lessThan): (JSC::FTL::Output::lessThanOrEqual): * jit/JITOperations.cpp: * runtime/CachedTypes.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * runtime/DefinePropertyAttributes.h: (JSC::DefinePropertyAttributes::DefinePropertyAttributes): (JSC::DefinePropertyAttributes::hasWritable const): (JSC::DefinePropertyAttributes::writable const): (JSC::DefinePropertyAttributes::hasConfigurable const): (JSC::DefinePropertyAttributes::configurable const): (JSC::DefinePropertyAttributes::hasEnumerable const): (JSC::DefinePropertyAttributes::enumerable const): (JSC::DefinePropertyAttributes::setWritable): (JSC::DefinePropertyAttributes::setConfigurable): (JSC::DefinePropertyAttributes::setEnumerable): * runtime/IntlCollator.cpp: (JSC::IntlCollator::initializeCollator): * runtime/IntlDateTimeFormat.cpp: (JSC::IntlDateTimeFormat::initializeDateTimeFormat): * runtime/IntlNumberFormat.cpp: (JSC::IntlNumberFormat::initializeNumberFormat): * runtime/IntlObject.cpp: (JSC::intlBooleanOption): * runtime/JSCJSValueInlines.h: (JSC::JSValue::pureStrictEqual): (JSC::JSValue::pureToBoolean const): * runtime/JSCellInlines.h: (JSC::JSCell::pureToBoolean const): Source/WebCore: * dom/Document.cpp: (WebCore::Document::queryCommandIndeterm): (WebCore::Document::queryCommandState): * editing/EditingStyle.cpp: (WebCore::EditingStyle::triStateOfStyle const): (WebCore::EditingStyle::hasStyle): * editing/Editor.cpp: (WebCore::Editor::selectionUnorderedListState const): (WebCore::Editor::selectionOrderedListState const): * editing/EditorCommand.cpp: (WebCore::isStylePresent): (WebCore::stateStyle): (WebCore::stateTextWritingDirection): (WebCore::stateNone): (WebCore::stateStyleWithCSS): (WebCore::Editor::Command::state const): (WebCore::Editor::Command::value const): * page/ContextMenuController.cpp: (WebCore::ContextMenuController::checkOrEnableIfNeeded const): Source/WebKit: * WebProcess/WebPage/WebPage.cpp: (WebKit::WebPage::validateCommand): * WebProcess/WebPage/glib/WebPageGLib.cpp: (WebKit::WebPage::getPlatformEditorState const): Source/WebKitLegacy/mac: * WebView/WebHTMLView.mm: (kit): (-[WebHTMLView validateUserInterfaceItemWithoutDelegate:]): Source/WTF: The word "indeterminate" comes from boost::tribool. A third state is generally not "mixed" but rather unknown. * wtf/TriState.h: Canonical link: https://commits.webkit.org/224166@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@260984 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2020-05-01 05:38:06 +00:00
, m_didOptimize(static_cast<unsigned>(TriState::Indeterminate))
[JSC] UnlinkedCodeBlock should be eventually jettisoned in VM mini mode https://bugs.webkit.org/show_bug.cgi?id=198023 Reviewed by Saam Barati. JSTests: * stress/reparsing-unlinked-codeblock.js: Added. (shouldBe): (hello): Source/JavaScriptCore: While CodeBlock is periodically jettisoned, UnlinkedCodeBlock and UnlinkedFunctionExecutable can be retained almost forever in certain type of applications. When we execute a program, which has UnlinkedProgramCodeBlock retained in CodeCache. And UnlinkedProgramCodeBlock holds array of UnlinkedFunctionExecutable. And UnlinkedFunctionExecutables hold UnlinkedFunctionCodeBlocks once it is generated. So eventually, this tree gets larger and larger until we purge UnlinkedProgramCodeBlock from CodeCache. This is OK in the browser case. We navigate to various other pages, and UnlinkedProgramCodeBlocks should eventually be pruned from CodeCache with the new ones. So this tree won't be retained forever. But the behavior is different in the other applications that do not have navigations. If they only have one program which holds all, we basically retain this tree during executing this application. The same thing can happen in web applications which does not have navigation and keeps alive for a long time. Once we hit CodeCache limit by periodically executing a new script, we will hit the uppermost of memory footprint. But until that, we increase our memory footprint. However, destroying these UnlinkedCodeBlocks and UnlinkedFunctionExecutables causes a tricky problem. In the browser environment, navigation can happen at any time. So even if the given UnlinkedCodeBlock seems unused in the current page, it can be used when navigating to a new page which is under the same domain. One example is initializing function in a script. It is only executed once per page. So once it is executed, it seems that this UnlinkedCodeBlock is unused. But this will be used when we navigate to a new page. Pruning code blocks based on usage could cause performance regression. But if our VM is mini VM mode, the story is different. In mini VM mode, we focus on memory footprint rather than performance e.g. daemons. The daemon never reuse these CodeCache since we do not have the navigation. This patch logically makes UnlinkedFunctionExecutable -> UnlinkedCodeBlock reference weak when VM is mini mode. If UnlinkedCodeBlock is used in previous GC cycle, we retain it. But if it is not used, and if UnlinkedFunctionExecutable is only the cell keeping UnlinkedCodeBlock alive, we destroy it. It is a heuristic. In a super pathological case, it could increase memory footprint. Consider the following example. UnlinkedFunctionExecutable(A1) -> UnlinkedCodeBlock(B1) -> UnlinkedFunctionExecutable(C1) -> UnlinkedCodeBlock(D1) ^ CodeBlock(E1) We could delete A1, B1, and C1 while keeping D1. But if we eventually re-execute the same code corresponding to A1, B1, C1, they will be newly created, and we will create duplicate UnlinkedCodeBlock and instructions stream for D1. UnlinkedCodeBlock(D1) ^ CodeBlock(E1) UnlinkedFunctionExecutable(A2) -> UnlinkedCodeBlock(B2) -> UnlinkedFunctionExecutable(C2) -> UnlinkedCodeBlock(D2) But this does not happen in practice and even it happens, we eventually discard D1 and D2 since CodeBlock E1 will be jettisoned anyway. So in practice, we do not see memory footprint increase. We tested it in Gmail and the target application, but both said memory footprint reduction (30 MB / 400 MB and 1 MB /6 MB). While this affects on performance much on tests which has navigation (1-3 % regression in Speedometer2, note that JetStream2 does not show regression in x64, while it is not enabling mini mode), we do not apply this to non mini mode VM until we come up with a good strategy to fasten performance of re-generation. Personally I think flushing destroyed UnlinkedCodeBlock to the disk sounds promising. If UnlinkedCodeBlock is generated from bytecode cache, we do not make UnlinkedFunctionExecutable -> UnlinkedCodeBlock link weak because the decoder of the bytecode cache assumes that generated JSCells won't be destroyed while the parent cells of that cell are live. This is true in the current implementation, and this assumption will be broken with this patch. So, for now, we do not make this link weak. Currently, our target application does not use bytecode cache so it is OK. This patch also introduce simple heuristic. We are counting UnlinkedCodeBlock's age. And once the age becomes maximum size, we make UnlinkedFunctionExecutable -> UnlinkedCodeBlock link weak. We also use execution counter information to reset this age: CodeBlock will reset undelying UnlinkedCodeBlock's age if it has executed While this heuristic is quite simple, it has some effect in practice. Basically what happens with this heuristic is that UnlinkedFunctionExecutable -> UnlinkedCodeBlock link strong. When GC happens, we are executing some CodeBlocks, which become live. And ScriptExecutables -> UnlinkedFunctionExecutables held by this CodeBlock become also live. Then UnlinkedFunctionExecutables can mark the child UnlinkedCodeBlocks if it is not so old. If some of parent UnlinkedFunctionExecutable becomes dead, child UnlinkedCodeBlocks tends to be dead unless some live CodeBlock holds it. But it is OK for a first heuristics since this means that parent code block is now considered old, reachable UnlinkedCodeBlock will be used when the parent is executed again. So destroying the tree is OK even if the tree may include some new UnlinkedCodeBlock. While we could make more sophisticated mechanism to manage these lifetime, I think this is a good starting point. Based on measurement, we pick 7 as a maximum age. If we pick 0, we can get more memory reduction (1 - 1.5 MB!), while we ends up reparsing codes so many times. It seems that 7 can reduce fair amount of memory while doing small # of reparsing on average (usually, 1, 2. Sometimes, 100. But not 300, which is the case in 0). If we want to get more memory reduction for the sake of performance, we could decrease this age limit. Since we do not have an automated script right now so it is a bit difficult to measure memory footprint precisely. But manual testing shows that this patch improves memory footprint of our target application from about 6.5 MB to about 5.9 MB. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finalizeUnconditionally): * bytecode/CodeBlock.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::age const): (JSC::UnlinkedCodeBlock::resetAge): * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): (JSC::UnlinkedFunctionExecutable::visitChildren): (JSC::UnlinkedFunctionExecutable::unlinkedCodeBlockFor): (JSC::UnlinkedFunctionExecutable::decodeCachedCodeBlocks): (JSC::UnlinkedFunctionExecutable::finalizeUnconditionally): * bytecode/UnlinkedFunctionExecutable.h: * heap/Heap.cpp: (JSC::Heap::finalizeUnconditionalFinalizers): * runtime/CachedTypes.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): * runtime/CodeSpecializationKind.h: * runtime/Options.h: * runtime/VM.cpp: (JSC::VM::isInMiniMode): Deleted. * runtime/VM.h: (JSC::VM::isInMiniMode): (JSC::VM::useUnlinkedCodeBlockJettisoning): Tools: * Scripts/run-jsc-stress-tests: Canonical link: https://commits.webkit.org/212700@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@246272 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-06-10 19:49:58 +00:00
, m_age(0)
Reland bytecode checkpoints since bugs have been fixed https://bugs.webkit.org/show_bug.cgi?id=206361 Unreviewed, reland. The watch bugs have been fixed by https://trac.webkit.org/changeset/254674 JSTests: * stress/apply-osr-exit-should-get-length-once-exceptions-occasionally.js: Added. (expectedArgCount): (callee): (test): (let.array.get length): * stress/apply-osr-exit-should-get-length-once.js: Added. (expectedArgCount): (callee): (test): (let.array.get length): * stress/load-varargs-then-inlined-call-and-exit-strict.js: (checkEqual): * stress/recursive-tail-call-with-different-argument-count.js: * stress/rest-varargs-osr-exit-to-checkpoint.js: Added. (foo): (bar): Source/JavaScriptCore: * CMakeLists.txt: * DerivedSources-input.xcfilelist: * JavaScriptCore.xcodeproj/project.pbxproj: * assembler/MacroAssemblerCodeRef.h: * assembler/ProbeFrame.h: (JSC::Probe::Frame::operand): (JSC::Probe::Frame::setOperand): * b3/testb3.h: (populateWithInterestingValues): (floatingPointOperands): * bytecode/AccessCase.cpp: (JSC::AccessCase::generateImpl): * bytecode/AccessCaseSnippetParams.cpp: (JSC::SlowPathCallGeneratorWithArguments::generateImpl): * bytecode/BytecodeDumper.cpp: (JSC::BytecodeDumperBase::dumpValue): (JSC::BytecodeDumper<Block>::registerName const): (JSC::BytecodeDumper<Block>::constantName const): (JSC::Wasm::BytecodeDumper::constantName const): * bytecode/BytecodeDumper.h: * bytecode/BytecodeIndex.cpp: (JSC::BytecodeIndex::dump const): * bytecode/BytecodeIndex.h: (JSC::BytecodeIndex::BytecodeIndex): (JSC::BytecodeIndex::offset const): (JSC::BytecodeIndex::checkpoint const): (JSC::BytecodeIndex::asBits const): (JSC::BytecodeIndex::hash const): (JSC::BytecodeIndex::operator bool const): (JSC::BytecodeIndex::pack): (JSC::BytecodeIndex::fromBits): * bytecode/BytecodeList.rb: * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::enumValuesEqualAsIntegral): (JSC::tmpLivenessForCheckpoint): * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::virtualRegisterIsAlwaysLive): (JSC::virtualRegisterThatIsNotAlwaysLiveIsLive): (JSC::virtualRegisterIsLive): (JSC::operandIsAlwaysLive): Deleted. (JSC::operandThatIsNotAlwaysLiveIsLive): Deleted. (JSC::operandIsLive): Deleted. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::bytecodeIndexForExit const): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndexSlow): (JSC::CodeBlock::updateAllValueProfilePredictionsAndCountLiveness): * bytecode/CodeBlock.h: (JSC::CodeBlock::numTmps const): (JSC::CodeBlock::isKnownNotImmediate): (JSC::CodeBlock::isTemporaryRegister): (JSC::CodeBlock::constantRegister): (JSC::CodeBlock::getConstant const): (JSC::CodeBlock::constantSourceCodeRepresentation const): (JSC::CodeBlock::replaceConstant): (JSC::CodeBlock::isTemporaryRegisterIndex): Deleted. (JSC::CodeBlock::isConstantRegisterIndex): Deleted. * bytecode/CodeOrigin.h: * bytecode/FullBytecodeLiveness.h: (JSC::FullBytecodeLiveness::virtualRegisterIsLive const): (JSC::FullBytecodeLiveness::operandIsLive const): Deleted. * bytecode/InlineCallFrame.h: (JSC::InlineCallFrame::InlineCallFrame): (JSC::InlineCallFrame::setTmpOffset): (JSC::CodeOrigin::walkUpInlineStack const): (JSC::CodeOrigin::inlineStackContainsActiveCheckpoint const): (JSC::remapOperand): (JSC::unmapOperand): (JSC::CodeOrigin::walkUpInlineStack): Deleted. * bytecode/LazyOperandValueProfile.h: (JSC::LazyOperandValueProfileKey::LazyOperandValueProfileKey): (JSC::LazyOperandValueProfileKey::hash const): (JSC::LazyOperandValueProfileKey::operand const): * bytecode/MethodOfGettingAValueProfile.cpp: (JSC::MethodOfGettingAValueProfile::fromLazyOperand): (JSC::MethodOfGettingAValueProfile::emitReportValue const): (JSC::MethodOfGettingAValueProfile::reportValue): * bytecode/MethodOfGettingAValueProfile.h: * bytecode/Operands.h: (JSC::Operand::Operand): (JSC::Operand::tmp): (JSC::Operand::kind const): (JSC::Operand::value const): (JSC::Operand::virtualRegister const): (JSC::Operand::asBits const): (JSC::Operand::isTmp const): (JSC::Operand::isArgument const): (JSC::Operand::isLocal const): (JSC::Operand::isHeader const): (JSC::Operand::isConstant const): (JSC::Operand::toArgument const): (JSC::Operand::toLocal const): (JSC::Operand::operator== const): (JSC::Operand::isValid const): (JSC::Operand::fromBits): (JSC::Operands::Operands): (JSC::Operands::numberOfLocals const): (JSC::Operands::numberOfTmps const): (JSC::Operands::tmpIndex const): (JSC::Operands::argumentIndex const): (JSC::Operands::localIndex const): (JSC::Operands::tmp): (JSC::Operands::tmp const): (JSC::Operands::argument): (JSC::Operands::argument const): (JSC::Operands::local): (JSC::Operands::local const): (JSC::Operands::sizeFor const): (JSC::Operands::atFor): (JSC::Operands::atFor const): (JSC::Operands::ensureLocals): (JSC::Operands::ensureTmps): (JSC::Operands::getForOperandIndex): (JSC::Operands::getForOperandIndex const): (JSC::Operands::operandIndex const): (JSC::Operands::operand): (JSC::Operands::operand const): (JSC::Operands::hasOperand const): (JSC::Operands::setOperand): (JSC::Operands::at const): (JSC::Operands::at): (JSC::Operands::operator[] const): (JSC::Operands::operator[]): (JSC::Operands::operandForIndex const): (JSC::Operands::operator== const): (JSC::Operands::isArgument const): Deleted. (JSC::Operands::isLocal const): Deleted. (JSC::Operands::virtualRegisterForIndex const): Deleted. (JSC::Operands::setOperandFirstTime): Deleted. * bytecode/OperandsInlines.h: (JSC::Operand::dump const): (JSC::Operands<T>::dumpInContext const): (JSC::Operands<T>::dump const): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::hasCheckpoints const): (JSC::UnlinkedCodeBlock::setHasCheckpoints): (JSC::UnlinkedCodeBlock::constantRegister const): (JSC::UnlinkedCodeBlock::getConstant const): (JSC::UnlinkedCodeBlock::isConstantRegisterIndex const): Deleted. * bytecode/ValueProfile.h: (JSC::ValueProfileAndVirtualRegisterBuffer::ValueProfileAndVirtualRegisterBuffer): (JSC::ValueProfileAndVirtualRegisterBuffer::~ValueProfileAndVirtualRegisterBuffer): (JSC::ValueProfileAndOperandBuffer::ValueProfileAndOperandBuffer): Deleted. (JSC::ValueProfileAndOperandBuffer::~ValueProfileAndOperandBuffer): Deleted. (JSC::ValueProfileAndOperandBuffer::forEach): Deleted. * bytecode/ValueRecovery.cpp: (JSC::ValueRecovery::recover const): * bytecode/ValueRecovery.h: * bytecode/VirtualRegister.h: (JSC::virtualRegisterIsLocal): (JSC::virtualRegisterIsArgument): (JSC::VirtualRegister::VirtualRegister): (JSC::VirtualRegister::isValid const): (JSC::VirtualRegister::isLocal const): (JSC::VirtualRegister::isArgument const): (JSC::VirtualRegister::isConstant const): (JSC::VirtualRegister::toConstantIndex const): (JSC::operandIsLocal): Deleted. (JSC::operandIsArgument): Deleted. * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::initializeNextParameter): (JSC::BytecodeGenerator::initializeParameters): (JSC::BytecodeGenerator::emitEqualityOpImpl): (JSC::BytecodeGenerator::emitCallVarargs): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::setUsesCheckpoints): * bytecompiler/RegisterID.h: (JSC::RegisterID::setIndex): * dfg/DFGAbstractHeap.cpp: (JSC::DFG::AbstractHeap::Payload::dumpAsOperand const): (JSC::DFG::AbstractHeap::dump const): * dfg/DFGAbstractHeap.h: (JSC::DFG::AbstractHeap::Payload::Payload): (JSC::DFG::AbstractHeap::AbstractHeap): (JSC::DFG::AbstractHeap::operand const): * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): * dfg/DFGArgumentPosition.h: (JSC::DFG::ArgumentPosition::dump): * dfg/DFGArgumentsEliminationPhase.cpp: * dfg/DFGArgumentsUtilities.cpp: (JSC::DFG::argumentsInvolveStackSlot): (JSC::DFG::emitCodeToGetArgumentsArrayLength): * dfg/DFGArgumentsUtilities.h: * dfg/DFGAtTailAbstractState.h: (JSC::DFG::AtTailAbstractState::operand): * dfg/DFGAvailabilityMap.cpp: (JSC::DFG::AvailabilityMap::pruneByLiveness): * dfg/DFGAvailabilityMap.h: (JSC::DFG::AvailabilityMap::closeStartingWithLocal): * dfg/DFGBasicBlock.cpp: (JSC::DFG::BasicBlock::BasicBlock): (JSC::DFG::BasicBlock::ensureTmps): * dfg/DFGBasicBlock.h: * dfg/DFGBlockInsertionSet.cpp: (JSC::DFG::BlockInsertionSet::insert): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::ByteCodeParser): (JSC::DFG::ByteCodeParser::ensureTmps): (JSC::DFG::ByteCodeParser::progressToNextCheckpoint): (JSC::DFG::ByteCodeParser::newVariableAccessData): (JSC::DFG::ByteCodeParser::getDirect): (JSC::DFG::ByteCodeParser::get): (JSC::DFG::ByteCodeParser::setDirect): (JSC::DFG::ByteCodeParser::injectLazyOperandSpeculation): (JSC::DFG::ByteCodeParser::getLocalOrTmp): (JSC::DFG::ByteCodeParser::setLocalOrTmp): (JSC::DFG::ByteCodeParser::setArgument): (JSC::DFG::ByteCodeParser::findArgumentPositionForLocal): (JSC::DFG::ByteCodeParser::findArgumentPosition): (JSC::DFG::ByteCodeParser::flushImpl): (JSC::DFG::ByteCodeParser::flushForTerminalImpl): (JSC::DFG::ByteCodeParser::flush): (JSC::DFG::ByteCodeParser::flushDirect): (JSC::DFG::ByteCodeParser::addFlushOrPhantomLocal): (JSC::DFG::ByteCodeParser::phantomLocalDirect): (JSC::DFG::ByteCodeParser::flushForTerminal): (JSC::DFG::ByteCodeParser::addToGraph): (JSC::DFG::ByteCodeParser::InlineStackEntry::remapOperand const): (JSC::DFG::ByteCodeParser::DelayedSetLocal::DelayedSetLocal): (JSC::DFG::ByteCodeParser::DelayedSetLocal::execute): (JSC::DFG::ByteCodeParser::allocateTargetableBlock): (JSC::DFG::ByteCodeParser::allocateUntargetableBlock): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleVarargsInlining): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry): (JSC::DFG::ByteCodeParser::parse): (JSC::DFG::ByteCodeParser::getLocal): Deleted. (JSC::DFG::ByteCodeParser::setLocal): Deleted. * dfg/DFGCFAPhase.cpp: (JSC::DFG::CFAPhase::injectOSR): * dfg/DFGCPSRethreadingPhase.cpp: (JSC::DFG::CPSRethreadingPhase::run): (JSC::DFG::CPSRethreadingPhase::canonicalizeGetLocal): (JSC::DFG::CPSRethreadingPhase::canonicalizeFlushOrPhantomLocalFor): (JSC::DFG::CPSRethreadingPhase::canonicalizeFlushOrPhantomLocal): (JSC::DFG::CPSRethreadingPhase::canonicalizeSet): (JSC::DFG::CPSRethreadingPhase::canonicalizeLocalsInBlock): (JSC::DFG::CPSRethreadingPhase::propagatePhis): (JSC::DFG::CPSRethreadingPhase::phiStackFor): * dfg/DFGCSEPhase.cpp: * dfg/DFGCapabilities.cpp: (JSC::DFG::capabilityLevel): * dfg/DFGClobberize.h: (JSC::DFG::clobberize): * dfg/DFGCombinedLiveness.cpp: (JSC::DFG::addBytecodeLiveness): * dfg/DFGCommonData.cpp: (JSC::DFG::CommonData::addCodeOrigin): (JSC::DFG::CommonData::addUniqueCallSiteIndex): (JSC::DFG::CommonData::lastCallSite const): * dfg/DFGConstantFoldingPhase.cpp: (JSC::DFG::ConstantFoldingPhase::foldConstants): * dfg/DFGDoesGC.cpp: (JSC::DFG::doesGC): * dfg/DFGDriver.cpp: (JSC::DFG::compileImpl): * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode): * dfg/DFGForAllKills.h: (JSC::DFG::forAllKilledOperands): (JSC::DFG::forAllKilledNodesAtNodeIndex): (JSC::DFG::forAllKillsInBlock): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::dump): (JSC::DFG::Graph::dumpBlockHeader): (JSC::DFG::Graph::substituteGetLocal): (JSC::DFG::Graph::isLiveInBytecode): (JSC::DFG::Graph::localsAndTmpsLiveInBytecode): (JSC::DFG::Graph::methodOfGettingAValueProfileFor): (JSC::DFG::Graph::localsLiveInBytecode): Deleted. * dfg/DFGGraph.h: (JSC::DFG::Graph::forAllLocalsAndTmpsLiveInBytecode): (JSC::DFG::Graph::forAllLiveInBytecode): (JSC::DFG::Graph::forAllLocalsLiveInBytecode): Deleted. * dfg/DFGInPlaceAbstractState.cpp: (JSC::DFG::InPlaceAbstractState::InPlaceAbstractState): * dfg/DFGInPlaceAbstractState.h: (JSC::DFG::InPlaceAbstractState::operand): * dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::linkOSRExits): (JSC::DFG::JITCompiler::noticeOSREntry): * dfg/DFGJITCompiler.h: (JSC::DFG::JITCompiler::emitStoreCallSiteIndex): * dfg/DFGLiveCatchVariablePreservationPhase.cpp: (JSC::DFG::LiveCatchVariablePreservationPhase::isValidFlushLocation): (JSC::DFG::LiveCatchVariablePreservationPhase::handleBlockForTryCatch): (JSC::DFG::LiveCatchVariablePreservationPhase::newVariableAccessData): * dfg/DFGMovHintRemovalPhase.cpp: * dfg/DFGNode.h: (JSC::DFG::StackAccessData::StackAccessData): (JSC::DFG::Node::hasArgumentsChild): (JSC::DFG::Node::argumentsChild): (JSC::DFG::Node::operand): (JSC::DFG::Node::hasUnlinkedOperand): (JSC::DFG::Node::unlinkedOperand): (JSC::DFG::Node::hasLoadVarargsData): (JSC::DFG::Node::local): Deleted. (JSC::DFG::Node::hasUnlinkedLocal): Deleted. (JSC::DFG::Node::unlinkedLocal): Deleted. * dfg/DFGNodeType.h: * dfg/DFGOSRAvailabilityAnalysisPhase.cpp: (JSC::DFG::OSRAvailabilityAnalysisPhase::run): (JSC::DFG::LocalOSRAvailabilityCalculator::executeNode): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareOSREntry): (JSC::DFG::prepareCatchOSREntry): * dfg/DFGOSREntrypointCreationPhase.cpp: (JSC::DFG::OSREntrypointCreationPhase::run): * dfg/DFGOSRExit.cpp: (JSC::DFG::OSRExit::emitRestoreArguments): (JSC::DFG::OSRExit::compileExit): (JSC::DFG::jsValueFor): Deleted. (JSC::DFG::restoreCalleeSavesFor): Deleted. (JSC::DFG::saveCalleeSavesFor): Deleted. (JSC::DFG::restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer): Deleted. (JSC::DFG::copyCalleeSavesToVMEntryFrameCalleeSavesBuffer): Deleted. (JSC::DFG::saveOrCopyCalleeSavesFor): Deleted. (JSC::DFG::createDirectArgumentsDuringExit): Deleted. (JSC::DFG::createClonedArgumentsDuringExit): Deleted. (JSC::DFG::emitRestoreArguments): Deleted. (JSC::DFG::OSRExit::executeOSRExit): Deleted. (JSC::DFG::reifyInlinedCallFrames): Deleted. (JSC::DFG::adjustAndJumpToTarget): Deleted. (JSC::DFG::printOSRExit): Deleted. * dfg/DFGOSRExit.h: * dfg/DFGOSRExitBase.h: (JSC::DFG::OSRExitBase::isExitingToCheckpointHandler const): * dfg/DFGOSRExitCompilerCommon.cpp: (JSC::DFG::callerReturnPC): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): * dfg/DFGObjectAllocationSinkingPhase.cpp: * dfg/DFGOpInfo.h: (JSC::DFG::OpInfo::OpInfo): * dfg/DFGOperations.cpp: * dfg/DFGPhantomInsertionPhase.cpp: * dfg/DFGPreciseLocalClobberize.h: (JSC::DFG::PreciseLocalClobberizeAdaptor::read): (JSC::DFG::PreciseLocalClobberizeAdaptor::write): (JSC::DFG::PreciseLocalClobberizeAdaptor::def): (JSC::DFG::PreciseLocalClobberizeAdaptor::callIfAppropriate): * dfg/DFGPredictionInjectionPhase.cpp: (JSC::DFG::PredictionInjectionPhase::run): * dfg/DFGPredictionPropagationPhase.cpp: * dfg/DFGPutStackSinkingPhase.cpp: * dfg/DFGSSAConversionPhase.cpp: (JSC::DFG::SSAConversionPhase::run): * dfg/DFGSafeToExecute.h: (JSC::DFG::safeToExecute): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileMovHint): (JSC::DFG::SpeculativeJIT::compileCurrentBlock): (JSC::DFG::SpeculativeJIT::checkArgumentTypes): (JSC::DFG::SpeculativeJIT::compileVarargsLength): (JSC::DFG::SpeculativeJIT::compileLoadVarargs): (JSC::DFG::SpeculativeJIT::compileForwardVarargs): (JSC::DFG::SpeculativeJIT::compileCreateDirectArguments): (JSC::DFG::SpeculativeJIT::compileGetArgumentCountIncludingThis): * dfg/DFGSpeculativeJIT.h: (JSC::DFG::SpeculativeJIT::recordSetLocal): * dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGStackLayoutPhase.cpp: (JSC::DFG::StackLayoutPhase::run): (JSC::DFG::StackLayoutPhase::assign): * dfg/DFGStrengthReductionPhase.cpp: (JSC::DFG::StrengthReductionPhase::handleNode): * dfg/DFGThunks.cpp: (JSC::DFG::osrExitThunkGenerator): Deleted. * dfg/DFGThunks.h: * dfg/DFGTypeCheckHoistingPhase.cpp: (JSC::DFG::TypeCheckHoistingPhase::run): (JSC::DFG::TypeCheckHoistingPhase::disableHoistingAcrossOSREntries): * dfg/DFGValidate.cpp: * dfg/DFGVarargsForwardingPhase.cpp: * dfg/DFGVariableAccessData.cpp: (JSC::DFG::VariableAccessData::VariableAccessData): (JSC::DFG::VariableAccessData::shouldUseDoubleFormatAccordingToVote): (JSC::DFG::VariableAccessData::tallyVotesForShouldUseDoubleFormat): (JSC::DFG::VariableAccessData::couldRepresentInt52Impl): * dfg/DFGVariableAccessData.h: (JSC::DFG::VariableAccessData::operand): (JSC::DFG::VariableAccessData::local): Deleted. * dfg/DFGVariableEvent.cpp: (JSC::DFG::VariableEvent::dump const): * dfg/DFGVariableEvent.h: (JSC::DFG::VariableEvent::spill): (JSC::DFG::VariableEvent::setLocal): (JSC::DFG::VariableEvent::movHint): (JSC::DFG::VariableEvent::spillRegister const): (JSC::DFG::VariableEvent::operand const): (JSC::DFG::VariableEvent::bytecodeRegister const): Deleted. * dfg/DFGVariableEventStream.cpp: (JSC::DFG::VariableEventStream::logEvent): (JSC::DFG::VariableEventStream::reconstruct const): * dfg/DFGVariableEventStream.h: (JSC::DFG::VariableEventStream::appendAndLog): * ftl/FTLCapabilities.cpp: (JSC::FTL::canCompile): * ftl/FTLForOSREntryJITCode.cpp: (JSC::FTL::ForOSREntryJITCode::ForOSREntryJITCode): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::lower): (JSC::FTL::DFG::LowerDFGToB3::compileNode): (JSC::FTL::DFG::LowerDFGToB3::compileExtractOSREntryLocal): (JSC::FTL::DFG::LowerDFGToB3::compileGetStack): (JSC::FTL::DFG::LowerDFGToB3::compileGetCallee): (JSC::FTL::DFG::LowerDFGToB3::compileSetCallee): (JSC::FTL::DFG::LowerDFGToB3::compileSetArgumentCountIncludingThis): (JSC::FTL::DFG::LowerDFGToB3::compileVarargsLength): (JSC::FTL::DFG::LowerDFGToB3::compileLoadVarargs): (JSC::FTL::DFG::LowerDFGToB3::compileForwardVarargs): (JSC::FTL::DFG::LowerDFGToB3::getSpreadLengthFromInlineCallFrame): (JSC::FTL::DFG::LowerDFGToB3::compileForwardVarargsWithSpread): (JSC::FTL::DFG::LowerDFGToB3::compileLogShadowChickenPrologue): (JSC::FTL::DFG::LowerDFGToB3::getArgumentsLength): (JSC::FTL::DFG::LowerDFGToB3::getCurrentCallee): (JSC::FTL::DFG::LowerDFGToB3::callPreflight): (JSC::FTL::DFG::LowerDFGToB3::appendOSRExitDescriptor): (JSC::FTL::DFG::LowerDFGToB3::buildExitArguments): (JSC::FTL::DFG::LowerDFGToB3::addressFor): (JSC::FTL::DFG::LowerDFGToB3::payloadFor): (JSC::FTL::DFG::LowerDFGToB3::tagFor): * ftl/FTLOSREntry.cpp: (JSC::FTL::prepareOSREntry): * ftl/FTLOSRExit.cpp: (JSC::FTL::OSRExitDescriptor::OSRExitDescriptor): * ftl/FTLOSRExit.h: * ftl/FTLOSRExitCompiler.cpp: (JSC::FTL::compileStub): * ftl/FTLOperations.cpp: (JSC::FTL::operationMaterializeObjectInOSR): * ftl/FTLOutput.cpp: (JSC::FTL::Output::select): * ftl/FTLOutput.h: * ftl/FTLSelectPredictability.h: Copied from Source/JavaScriptCore/ftl/FTLForOSREntryJITCode.cpp. * ftl/FTLSlowPathCall.h: (JSC::FTL::callOperation): * generator/Checkpoints.rb: Added. * generator/Opcode.rb: * generator/Section.rb: * heap/Heap.cpp: (JSC::Heap::gatherScratchBufferRoots): * interpreter/CallFrame.cpp: (JSC::CallFrame::callSiteAsRawBits const): (JSC::CallFrame::unsafeCallSiteAsRawBits const): (JSC::CallFrame::callSiteIndex const): (JSC::CallFrame::unsafeCallSiteIndex const): (JSC::CallFrame::setCurrentVPC): (JSC::CallFrame::bytecodeIndex): (JSC::CallFrame::codeOrigin): * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::CallSiteIndex::operator bool const): (JSC::CallSiteIndex::operator== const): (JSC::CallSiteIndex::bits const): (JSC::CallSiteIndex::fromBits): (JSC::CallSiteIndex::bytecodeIndex const): (JSC::DisposableCallSiteIndex::DisposableCallSiteIndex): (JSC::CallFrame::callee const): (JSC::CallFrame::unsafeCallee const): (JSC::CallFrame::addressOfCodeBlock const): (JSC::CallFrame::argumentCountIncludingThis const): (JSC::CallFrame::offsetFor): (JSC::CallFrame::setArgumentCountIncludingThis): (JSC::CallFrame::setReturnPC): * interpreter/CallFrameInlines.h: (JSC::CallFrame::r): (JSC::CallFrame::uncheckedR): (JSC::CallFrame::guaranteedJSValueCallee const): (JSC::CallFrame::jsCallee const): (JSC::CallFrame::codeBlock const): (JSC::CallFrame::unsafeCodeBlock const): (JSC::CallFrame::setCallee): (JSC::CallFrame::setCodeBlock): * interpreter/CheckpointOSRExitSideState.h: Copied from Source/JavaScriptCore/dfg/DFGThunks.h. * interpreter/Interpreter.cpp: (JSC::eval): (JSC::sizeOfVarargs): (JSC::loadVarargs): (JSC::setupVarargsFrame): (JSC::UnwindFunctor::operator() const): (JSC::Interpreter::executeCall): (JSC::Interpreter::executeConstruct): * interpreter/Interpreter.h: * interpreter/StackVisitor.cpp: (JSC::StackVisitor::readInlinedFrame): * jit/AssemblyHelpers.h: (JSC::AssemblyHelpers::emitGetFromCallFrameHeaderPtr): (JSC::AssemblyHelpers::emitGetFromCallFrameHeader32): (JSC::AssemblyHelpers::emitGetFromCallFrameHeader64): (JSC::AssemblyHelpers::emitPutToCallFrameHeader): (JSC::AssemblyHelpers::emitPutToCallFrameHeaderBeforePrologue): (JSC::AssemblyHelpers::emitPutPayloadToCallFrameHeaderBeforePrologue): (JSC::AssemblyHelpers::emitPutTagToCallFrameHeaderBeforePrologue): (JSC::AssemblyHelpers::addressFor): (JSC::AssemblyHelpers::tagFor): (JSC::AssemblyHelpers::payloadFor): (JSC::AssemblyHelpers::calleeFrameSlot): (JSC::AssemblyHelpers::calleeArgumentSlot): (JSC::AssemblyHelpers::calleeFrameTagSlot): (JSC::AssemblyHelpers::calleeFramePayloadSlot): (JSC::AssemblyHelpers::calleeFrameCallerFrame): (JSC::AssemblyHelpers::argumentCount): * jit/CallFrameShuffler.cpp: (JSC::CallFrameShuffler::CallFrameShuffler): * jit/CallFrameShuffler.h: (JSC::CallFrameShuffler::setCalleeJSValueRegs): (JSC::CallFrameShuffler::assumeCalleeIsCell): * jit/JIT.h: * jit/JITArithmetic.cpp: (JSC::JIT::emit_op_unsigned): (JSC::JIT::emit_compareAndJump): (JSC::JIT::emit_compareAndJumpImpl): (JSC::JIT::emit_compareUnsignedAndJump): (JSC::JIT::emit_compareUnsignedAndJumpImpl): (JSC::JIT::emit_compareUnsigned): (JSC::JIT::emit_compareUnsignedImpl): (JSC::JIT::emit_compareAndJumpSlow): (JSC::JIT::emit_compareAndJumpSlowImpl): (JSC::JIT::emit_op_inc): (JSC::JIT::emit_op_dec): (JSC::JIT::emit_op_mod): (JSC::JIT::emitBitBinaryOpFastPath): (JSC::JIT::emit_op_bitnot): (JSC::JIT::emitRightShiftFastPath): (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow): (JSC::JIT::emit_op_div): * jit/JITCall.cpp: (JSC::JIT::emitPutCallResult): (JSC::JIT::compileSetupFrame): (JSC::JIT::compileOpCall): * jit/JITExceptions.cpp: (JSC::genericUnwind): * jit/JITInlines.h: (JSC::JIT::isOperandConstantDouble): (JSC::JIT::getConstantOperand): (JSC::JIT::emitPutIntToCallFrameHeader): (JSC::JIT::appendCallWithExceptionCheckSetJSValueResult): (JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile): (JSC::JIT::linkSlowCaseIfNotJSCell): (JSC::JIT::isOperandConstantChar): (JSC::JIT::getOperandConstantInt): (JSC::JIT::getOperandConstantDouble): (JSC::JIT::emitInitRegister): (JSC::JIT::emitLoadTag): (JSC::JIT::emitLoadPayload): (JSC::JIT::emitGet): (JSC::JIT::emitPutVirtualRegister): (JSC::JIT::emitLoad): (JSC::JIT::emitLoad2): (JSC::JIT::emitLoadDouble): (JSC::JIT::emitLoadInt32ToDouble): (JSC::JIT::emitStore): (JSC::JIT::emitStoreInt32): (JSC::JIT::emitStoreCell): (JSC::JIT::emitStoreBool): (JSC::JIT::emitStoreDouble): (JSC::JIT::emitJumpSlowCaseIfNotJSCell): (JSC::JIT::isOperandConstantInt): (JSC::JIT::emitGetVirtualRegister): (JSC::JIT::emitGetVirtualRegisters): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_mov): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_overrides_has_instance): (JSC::JIT::emit_op_instanceof): (JSC::JIT::emitSlow_op_instanceof): (JSC::JIT::emit_op_is_empty): (JSC::JIT::emit_op_is_undefined): (JSC::JIT::emit_op_is_undefined_or_null): (JSC::JIT::emit_op_is_boolean): (JSC::JIT::emit_op_is_number): (JSC::JIT::emit_op_is_cell_with_type): (JSC::JIT::emit_op_is_object): (JSC::JIT::emit_op_ret): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emit_op_set_function_name): (JSC::JIT::emit_op_not): (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jeq_null): (JSC::JIT::emit_op_jneq_null): (JSC::JIT::emit_op_jundefined_or_null): (JSC::JIT::emit_op_jnundefined_or_null): (JSC::JIT::emit_op_jneq_ptr): (JSC::JIT::emit_op_eq): (JSC::JIT::emit_op_jeq): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_neq): (JSC::JIT::emit_op_jneq): (JSC::JIT::emit_op_throw): (JSC::JIT::compileOpStrictEq): (JSC::JIT::compileOpStrictEqJump): (JSC::JIT::emit_op_to_number): (JSC::JIT::emit_op_to_numeric): (JSC::JIT::emit_op_to_string): (JSC::JIT::emit_op_to_object): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_get_parent_scope): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_eq_null): (JSC::JIT::emit_op_neq_null): (JSC::JIT::emit_op_enter): (JSC::JIT::emit_op_get_scope): (JSC::JIT::emit_op_to_this): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_check_tdz): (JSC::JIT::emitSlow_op_eq): (JSC::JIT::emitSlow_op_neq): (JSC::JIT::emitSlow_op_instanceof_custom): (JSC::JIT::emit_op_new_regexp): (JSC::JIT::emitNewFuncCommon): (JSC::JIT::emitNewFuncExprCommon): (JSC::JIT::emit_op_new_array): (JSC::JIT::emit_op_new_array_with_size): (JSC::JIT::emit_op_has_structure_property): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emitSlow_op_has_indexed_property): (JSC::JIT::emit_op_get_direct_pname): (JSC::JIT::emit_op_enumerator_structure_pname): (JSC::JIT::emit_op_enumerator_generic_pname): (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): (JSC::JIT::emit_op_argument_count): (JSC::JIT::emit_op_get_rest_length): (JSC::JIT::emit_op_get_argument): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_catch): * jit/JITOperations.cpp: * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::emit_op_put_getter_by_id): (JSC::JIT::emit_op_put_setter_by_id): (JSC::JIT::emit_op_put_getter_setter_by_id): (JSC::JIT::emit_op_put_getter_by_val): (JSC::JIT::emit_op_put_setter_by_val): (JSC::JIT::emit_op_del_by_id): (JSC::JIT::emit_op_del_by_val): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emitSlow_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emitSlow_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emitSlow_op_get_by_id): (JSC::JIT::emitSlow_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emit_op_in_by_id): (JSC::JIT::emitSlow_op_in_by_id): (JSC::JIT::emitResolveClosure): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emitLoadWithStructureCheck): (JSC::JIT::emitGetClosureVar): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emitPutGlobalVariable): (JSC::JIT::emitPutGlobalVariableIndirect): (JSC::JIT::emitPutClosureVar): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emit_op_get_from_arguments): (JSC::JIT::emit_op_put_to_arguments): (JSC::JIT::emitWriteBarrier): (JSC::JIT::emit_op_get_internal_field): (JSC::JIT::emit_op_put_internal_field): (JSC::JIT::emitIntTypedArrayPutByVal): (JSC::JIT::emitFloatTypedArrayPutByVal): * jit/JSInterfaceJIT.h: (JSC::JSInterfaceJIT::emitLoadJSCell): (JSC::JSInterfaceJIT::emitJumpIfNotJSCell): (JSC::JSInterfaceJIT::emitLoadInt32): (JSC::JSInterfaceJIT::emitLoadDouble): (JSC::JSInterfaceJIT::emitGetFromCallFrameHeaderPtr): (JSC::JSInterfaceJIT::emitPutToCallFrameHeader): (JSC::JSInterfaceJIT::emitPutCellToCallFrameHeader): * jit/SetupVarargsFrame.cpp: (JSC::emitSetupVarargsFrameFastCase): * jit/SpecializedThunkJIT.h: (JSC::SpecializedThunkJIT::loadDoubleArgument): (JSC::SpecializedThunkJIT::loadCellArgument): (JSC::SpecializedThunkJIT::loadInt32Argument): * jit/ThunkGenerators.cpp: (JSC::absThunkGenerator): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::getNonConstantOperand): (JSC::LLInt::getOperand): (JSC::LLInt::genericCall): (JSC::LLInt::varargsSetup): (JSC::LLInt::commonCallEval): (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::handleVarargsCheckpoint): (JSC::LLInt::dispatchToNextInstruction): (JSC::LLInt::slow_path_checkpoint_osr_exit_from_inlined_call): (JSC::LLInt::slow_path_checkpoint_osr_exit): (JSC::LLInt::llint_throw_stack_overflow_error): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * runtime/ArgList.h: (JSC::MarkedArgumentBuffer::fill): * runtime/CachedTypes.cpp: (JSC::CachedCodeBlock::hasCheckpoints const): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::CachedCodeBlock<CodeBlockType>::encode): * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): * runtime/ConstructData.cpp: (JSC::construct): * runtime/ConstructData.h: * runtime/DirectArguments.cpp: (JSC::DirectArguments::copyToArguments): * runtime/DirectArguments.h: * runtime/GenericArguments.h: * runtime/GenericArgumentsInlines.h: (JSC::GenericArguments<Type>::copyToArguments): * runtime/JSArray.cpp: (JSC::JSArray::copyToArguments): * runtime/JSArray.h: * runtime/JSImmutableButterfly.cpp: (JSC::JSImmutableButterfly::copyToArguments): * runtime/JSImmutableButterfly.h: * runtime/JSLock.cpp: (JSC::JSLock::willReleaseLock): * runtime/ModuleProgramExecutable.cpp: (JSC::ModuleProgramExecutable::create): * runtime/Options.cpp: (JSC::recomputeDependentOptions): * runtime/ScopedArguments.cpp: (JSC::ScopedArguments::copyToArguments): * runtime/ScopedArguments.h: * runtime/VM.cpp: (JSC::VM::scanSideState const): (JSC::VM::addCheckpointOSRSideState): (JSC::VM::findCheckpointOSRSideState): * runtime/VM.h: (JSC::VM::hasCheckpointOSRSideState const): * tools/VMInspector.cpp: (JSC::VMInspector::dumpRegisters): * wasm/WasmFunctionCodeBlock.h: (JSC::Wasm::FunctionCodeBlock::getConstant const): (JSC::Wasm::FunctionCodeBlock::getConstantType const): * wasm/WasmLLIntGenerator.cpp: (JSC::Wasm::LLIntGenerator::setUsesCheckpoints const): * wasm/WasmOperations.cpp: (JSC::Wasm::operationWasmToJSException): * wasm/WasmSlowPaths.cpp: Source/WTF: * WTF.xcodeproj/project.pbxproj: * wtf/Bitmap.h: (WTF::WordType>::invert): (WTF::WordType>::operator): (WTF::WordType>::operator const const): * wtf/CMakeLists.txt: * wtf/EnumClassOperatorOverloads.h: Added. * wtf/FastBitVector.h: (WTF::FastBitReference::operator bool const): (WTF::FastBitReference::operator|=): (WTF::FastBitReference::operator&=): (WTF::FastBitVector::fill): (WTF::FastBitVector::grow): * wtf/UnalignedAccess.h: (WTF::unalignedLoad): (WTF::unalignedStore): Tools: * Scripts/run-jsc-stress-tests: Canonical link: https://commits.webkit.org/219481@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254735 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2020-01-17 04:09:32 +00:00
, m_hasCheckpoints(false)
[ES6] Implement LLInt/Baseline Support for ES6 Generators and enable this feature https://bugs.webkit.org/show_bug.cgi?id=150792 Reviewed by Saam Barati. .: * Source/cmake/OptionsWin.cmake: * Source/cmake/WebKitFeatures.cmake: Source/JavaScriptCore: This patch implements basic functionality of ES6 Generators in LLInt and Baseline tiers. While the implementation has some inefficient part, the implementation covers edge cases. Later, we will make this efficient. https://bugs.webkit.org/show_bug.cgi?id=151545 https://bugs.webkit.org/show_bug.cgi?id=151546 https://bugs.webkit.org/show_bug.cgi?id=151547 https://bugs.webkit.org/show_bug.cgi?id=151552 https://bugs.webkit.org/show_bug.cgi?id=151560 https://bugs.webkit.org/show_bug.cgi?id=151586 To encourage DFG / FTL later, we take the following design. 1. Use switch_imm to jump to the save/resume points. Instead of saving / restoring instruction pointer to resume from it, we use switch_imm to jump to the resume point. This limits one entry point to a given generator function. This design makes inlining easy. The generated code becomes the following. function @generatorNext(@generator, @generatorState, @generatorValue, @generatorResumeMode) { switch (@generatorState) { case Initial: ... initial sequence. ... op_save(Yield_0); // op_save contains *virtual* jump to Yield_0. // CFG shows a jump edge to Yield_0 point, but it won't be actually used. return ...; case Yield_0: op_resume(); if (@generatorResumeMode == Throw) ... else if (@generatorResumeMode == Return) ... ... // sentValue is a value sent from a caller by `generator.next(sentValue)`. sentValue = @generatorValue; ... op_save(Yield_1); return ...; case Yield_1: op_resume(); if (@generatorResumeMode == Throw) ... else if (@generatorResumeMode == Return) ... ... sentValue = @generatorValue; ... ... } } Resume sequence should not be emitted per yield. This should be done in https://bugs.webkit.org/show_bug.cgi?id=151552. 2. Store live frame registers to GeneratorFrame To save and resume generator's state, we save all the live registers in GeneratorFrame. And when resuming, we refill registers with saved ones. Since saved register contains scope register, |this| etc., the environment including the scope chain will be recovered automatically. While saving and resuming callee registers, we don't save parameter registers. These registers will be used to control generator's resume behavior. We perform BytecodeLivenessAnalysis in CodeBlock to determine actually *def*ined registers at that resume point. 3. GeneratorFunction will evaluate parameters before generating Generator Generator's parameter should be evaluated before entering Generator's body. For example, function hello() { ... } function *gen(a, b = hello()) { yield b; } let g = gen(20); // Now, hello should be called. To enable this, we evaluate parameters in GeneratorFunction, and after that, we create a Generator and return it. This can be explained by the following pseudo code. function *gen(a, b = hello()) { // This is generator. return { @generatorNext: function (@generator, @generatorState, @generatorValue, @generatorResumeMode) { ... } } } 4. op_save seems similar to conditional jump We won't jump to elsewhere from op_save actually. But we add a *virtual* jump edge (flow) from op_save to the point so called *merge point*. We construct the CFG as follows, (global generator switch) -> (initial sequence) -> (op_save) ----+-> (merge point) -> (next sequence)* | | | | v | | (op_ret) | | | +------------------------------------------->(op_resume)--+ By constructing such a graph, 1. Since we have a flow from (op_save) to (merge point), at merge point, we can *use* locals that are defined before (op_save) 2. op_save should claim that it does not define anything. And claim that it *use*s locals that are used in (merge point). 3. at op_resume, we see *use*d locals at merge point and define all of them. We can do the above things in use-def analysis because use-def analysis is backward analysis. And after analyzing use-def chains, in op_save / op_resume, we only save / resume live registers at the head of merge point. * API/JSScriptRef.cpp: (parseScript): * CMakeLists.txt: * Configurations/FeatureDefines.xcconfig: * DerivedSources.make: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.xcodeproj/project.pbxproj: * builtins/BuiltinExecutables.cpp: (JSC::createExecutableInternal): * builtins/GeneratorPrototype.js: Added. (generatorResume): (next): (return): (throw): * bytecode/BytecodeBasicBlock.cpp: (JSC::isBranch): * bytecode/BytecodeList.json: * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::stepOverInstruction): (JSC::computeLocalLivenessForBytecodeOffset): (JSC::BytecodeLivenessAnalysis::runLivenessFixpoint): (JSC::BytecodeLivenessAnalysis::computeFullLiveness): (JSC::BytecodeLivenessAnalysis::computeKills): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::shrinkToFit): (JSC::CodeBlock::validate): * bytecode/CodeBlock.h: (JSC::CodeBlock::numCalleeLocals): (JSC::CodeBlock::liveCalleeLocalsAtYield): * bytecode/EvalCodeCache.h: (JSC::EvalCodeCache::tryGet): (JSC::EvalCodeCache::getSlow): (JSC::EvalCodeCache::isCacheable): * bytecode/ExecutableInfo.h: (JSC::ExecutableInfo::ExecutableInfo): (JSC::ExecutableInfo::generatorThisMode): (JSC::ExecutableInfo::superBinding): (JSC::ExecutableInfo::parseMode): (JSC::ExecutableInfo::isArrowFunction): Deleted. * bytecode/PreciseJumpTargets.cpp: (JSC::getJumpTargetsForBytecodeOffset): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::parseMode): (JSC::UnlinkedCodeBlock::generatorThisMode): (JSC::UnlinkedCodeBlock::superBinding): (JSC::UnlinkedCodeBlock::isArrowFunction): Deleted. * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::generateUnlinkedFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): (JSC::UnlinkedFunctionExecutable::unlinkedCodeBlockFor): * bytecode/UnlinkedFunctionExecutable.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeParameters): (JSC::BytecodeGenerator::newRegister): (JSC::BytecodeGenerator::reclaimFreeRegisters): (JSC::BytecodeGenerator::createVariable): (JSC::BytecodeGenerator::emitCreateThis): (JSC::BytecodeGenerator::emitNewFunctionExpressionCommon): (JSC::BytecodeGenerator::emitNewFunctionExpression): (JSC::BytecodeGenerator::emitNewArrowFunctionExpression): (JSC::BytecodeGenerator::emitNewFunction): (JSC::BytecodeGenerator::emitIteratorNextWithValue): (JSC::BytecodeGenerator::emitYieldPoint): (JSC::BytecodeGenerator::emitSave): (JSC::BytecodeGenerator::emitResume): (JSC::BytecodeGenerator::emitYield): (JSC::BytecodeGenerator::emitDelegateYield): (JSC::BytecodeGenerator::emitGeneratorStateChange): (JSC::BytecodeGenerator::emitGeneratorStateLabel): (JSC::BytecodeGenerator::beginGenerator): (JSC::BytecodeGenerator::endGenerator): (JSC::BytecodeGenerator::emitNewFunctionInternal): Deleted. (JSC::BytecodeGenerator::emitNewFunctionCommon): Deleted. * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::generatorThisMode): (JSC::BytecodeGenerator::superBinding): (JSC::BytecodeGenerator::generatorRegister): (JSC::BytecodeGenerator::generatorStateRegister): (JSC::BytecodeGenerator::generatorValueRegister): (JSC::BytecodeGenerator::generatorResumeModeRegister): (JSC::BytecodeGenerator::parseMode): (JSC::BytecodeGenerator::registerFor): (JSC::BytecodeGenerator::makeFunction): * bytecompiler/NodesCodegen.cpp: (JSC::ThisNode::emitBytecode): (JSC::emitHomeObjectForCallee): (JSC::emitSuperBaseForCallee): (JSC::ReturnNode::emitBytecode): (JSC::FunctionNode::emitBytecode): (JSC::YieldExprNode::emitBytecode): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::ByteCodeParser): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): * dfg/DFGForAllKills.h: (JSC::DFG::forAllKilledOperands): * dfg/DFGGraph.h: (JSC::DFG::Graph::forAllLocalsLiveInBytecode): * dfg/DFGOSREntrypointCreationPhase.cpp: (JSC::DFG::OSREntrypointCreationPhase::run): * dfg/DFGVariableEventStream.cpp: (JSC::DFG::VariableEventStream::reconstruct): * ftl/FTLForOSREntryJITCode.cpp: (JSC::FTL::ForOSREntryJITCode::initializeEntryBuffer): * ftl/FTLForOSREntryJITCode.h: * ftl/FTLOSREntry.cpp: (JSC::FTL::prepareOSREntry): * ftl/FTLState.cpp: (JSC::FTL::State::State): * heap/MarkedBlock.h: (JSC::MarkedBlock::isAtom): (JSC::MarkedBlock::isLiveCell): * interpreter/Interpreter.cpp: (JSC::eval): (JSC::Interpreter::dumpRegisters): * jit/JIT.cpp: (JSC::JIT::privateCompileMainPass): (JSC::JIT::frameRegisterCountFor): * jit/JIT.h: * jit/JITOpcodes.cpp: (JSC::JIT::emitNewFuncCommon): (JSC::JIT::emit_op_new_func): (JSC::JIT::emit_op_new_generator_func): (JSC::JIT::emitNewFuncExprCommon): (JSC::JIT::emit_op_new_func_exp): (JSC::JIT::emit_op_new_generator_func_exp): (JSC::JIT::emit_op_save): (JSC::JIT::emit_op_resume): * jit/JITOperations.cpp: (JSC::operationNewFunctionCommon): * jit/JITOperations.h: * llint/LLIntEntrypoint.cpp: (JSC::LLInt::frameRegisterCountFor): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::traceFunctionPrologue): (JSC::LLInt::LLINT_SLOW_PATH_DECL): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * parser/ASTBuilder.h: (JSC::ASTBuilder::createYield): (JSC::ASTBuilder::createFunctionMetadata): (JSC::ASTBuilder::propagateArgumentsUse): * parser/Nodes.cpp: (JSC::FunctionMetadataNode::FunctionMetadataNode): * parser/Nodes.h: * parser/Parser.cpp: (JSC::Parser<LexerType>::Parser): (JSC::Parser<LexerType>::parseInner): (JSC::Parser<LexerType>::parseGeneratorFunctionSourceElements): (JSC::Parser<LexerType>::parseFunctionBody): (JSC::stringForFunctionMode): (JSC::Parser<LexerType>::createGeneratorParameters): (JSC::Parser<LexerType>::parseFunctionInfo): (JSC::Parser<LexerType>::parseFunctionDeclaration): (JSC::Parser<LexerType>::parseClass): (JSC::Parser<LexerType>::parseAssignmentExpression): (JSC::Parser<LexerType>::parseYieldExpression): (JSC::Parser<LexerType>::parsePropertyMethod): (JSC::Parser<LexerType>::parseFunctionExpression): * parser/Parser.h: (JSC::Scope::Scope): (JSC::Scope::setSourceParseMode): (JSC::Scope::hasArguments): (JSC::Scope::collectFreeVariables): (JSC::Scope::setIsFunction): (JSC::Scope::setIsGeneratorFunction): (JSC::Scope::setIsGenerator): (JSC::parse): * parser/ParserModes.h: (JSC::isFunctionParseMode): (JSC::isModuleParseMode): (JSC::isProgramParseMode): * parser/SourceCodeKey.h: Added. (JSC::SourceCodeKey::SourceCodeKey): (JSC::SourceCodeKey::isHashTableDeletedValue): (JSC::SourceCodeKey::hash): (JSC::SourceCodeKey::length): (JSC::SourceCodeKey::isNull): (JSC::SourceCodeKey::string): (JSC::SourceCodeKey::operator==): (JSC::SourceCodeKeyHash::hash): (JSC::SourceCodeKeyHash::equal): (JSC::SourceCodeKeyHashTraits::isEmptyValue): * parser/SyntaxChecker.h: (JSC::SyntaxChecker::createYield): (JSC::SyntaxChecker::createFunctionMetadata): (JSC::SyntaxChecker::operatorStackPop): * runtime/CodeCache.cpp: (JSC::CodeCache::getGlobalCodeBlock): (JSC::CodeCache::getFunctionExecutableFromGlobalCode): * runtime/CodeCache.h: (JSC::SourceCodeKey::SourceCodeKey): Deleted. (JSC::SourceCodeKey::isHashTableDeletedValue): Deleted. (JSC::SourceCodeKey::hash): Deleted. (JSC::SourceCodeKey::length): Deleted. (JSC::SourceCodeKey::isNull): Deleted. (JSC::SourceCodeKey::string): Deleted. (JSC::SourceCodeKey::operator==): Deleted. (JSC::SourceCodeKeyHash::hash): Deleted. (JSC::SourceCodeKeyHash::equal): Deleted. (JSC::SourceCodeKeyHashTraits::isEmptyValue): Deleted. * runtime/CommonIdentifiers.h: * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): * runtime/CommonSlowPaths.h: * runtime/Completion.cpp: (JSC::checkSyntax): (JSC::checkModuleSyntax): * runtime/Executable.cpp: (JSC::ScriptExecutable::newCodeBlockFor): (JSC::ProgramExecutable::checkSyntax): * runtime/Executable.h: * runtime/FunctionConstructor.cpp: (JSC::constructFunction): (JSC::constructFunctionSkippingEvalEnabledCheck): * runtime/FunctionConstructor.h: * runtime/GeneratorFrame.cpp: Added. (JSC::GeneratorFrame::GeneratorFrame): (JSC::GeneratorFrame::finishCreation): (JSC::GeneratorFrame::createStructure): (JSC::GeneratorFrame::create): (JSC::GeneratorFrame::save): (JSC::GeneratorFrame::resume): (JSC::GeneratorFrame::visitChildren): * runtime/GeneratorFrame.h: Added. (JSC::GeneratorFrame::locals): (JSC::GeneratorFrame::localAt): (JSC::GeneratorFrame::offsetOfLocals): (JSC::GeneratorFrame::allocationSizeForLocals): * runtime/GeneratorFunctionConstructor.cpp: Added. (JSC::GeneratorFunctionConstructor::GeneratorFunctionConstructor): (JSC::GeneratorFunctionConstructor::finishCreation): (JSC::callGeneratorFunctionConstructor): (JSC::constructGeneratorFunctionConstructor): (JSC::GeneratorFunctionConstructor::getCallData): (JSC::GeneratorFunctionConstructor::getConstructData): * runtime/GeneratorFunctionConstructor.h: Added. (JSC::GeneratorFunctionConstructor::create): (JSC::GeneratorFunctionConstructor::createStructure): * runtime/GeneratorFunctionPrototype.cpp: Added. (JSC::GeneratorFunctionPrototype::GeneratorFunctionPrototype): (JSC::GeneratorFunctionPrototype::finishCreation): * runtime/GeneratorFunctionPrototype.h: Added. (JSC::GeneratorFunctionPrototype::create): (JSC::GeneratorFunctionPrototype::createStructure): * runtime/GeneratorPrototype.cpp: Copied from Source/JavaScriptCore/ftl/FTLForOSREntryJITCode.cpp. (JSC::GeneratorPrototype::finishCreation): (JSC::GeneratorPrototype::getOwnPropertySlot): * runtime/GeneratorPrototype.h: Copied from Source/JavaScriptCore/ftl/FTLForOSREntryJITCode.cpp. (JSC::GeneratorPrototype::create): (JSC::GeneratorPrototype::createStructure): (JSC::GeneratorPrototype::GeneratorPrototype): * runtime/GeneratorThisMode.h: Added. * runtime/JSFunction.cpp: (JSC::JSFunction::getOwnPropertySlot): * runtime/JSGeneratorFunction.cpp: Added. (JSC::JSGeneratorFunction::JSGeneratorFunction): (JSC::JSGeneratorFunction::createImpl): (JSC::JSGeneratorFunction::create): (JSC::JSGeneratorFunction::createWithInvalidatedReallocationWatchpoint): * runtime/JSGeneratorFunction.h: Added. (JSC::JSGeneratorFunction::allocationSize): (JSC::JSGeneratorFunction::createStructure): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::init): (JSC::JSGlobalObject::visitChildren): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::generatorFunctionPrototype): (JSC::JSGlobalObject::generatorPrototype): (JSC::JSGlobalObject::generatorFunctionStructure): * runtime/ModuleLoaderObject.cpp: (JSC::moduleLoaderObjectParseModule): * runtime/VM.cpp: (JSC::VM::VM): * runtime/VM.h: * tests/es6.yaml: * tests/es6/generators_yield_star_generic_iterables.js: (iterator.next): (iterable.Symbol.iterator): (__createIterableObject): * tests/es6/generators_yield_star_instances_of_iterables.js: (iterator.next): (iterable.Symbol.iterator): (__createIterableObject): * tests/es6/generators_yield_star_iterator_closing.js: (iterator.next): (iterable.Symbol.iterator): (__createIterableObject): * tests/es6/generators_yield_star_iterator_closing_via_throw.js: (iterator.next): (iterable.Symbol.iterator): (__createIterableObject): * tests/stress/generator-arguments-from-function.js: Added. (shouldBe): (test): * tests/stress/generator-arguments.js: Added. (shouldBe): (g1): * tests/stress/generator-class-methods-syntax.js: Added. (testSyntax): (testSyntaxError): (testSyntaxError.Cocoa): (testSyntax.Cocoa.prototype.ok): (testSyntax.Cocoa): (testSyntax.Cocoa.ok): * tests/stress/generator-class-methods.js: Added. (shouldBe): (prototype.gen): (staticGen): (shouldBe.g.next): * tests/stress/generator-eval-this.js: Added. (shouldBe): (shouldThrow): (B): (A): (C.prototype.generator): (C): (TypeError): * tests/stress/generator-function-constructor.js: Added. (shouldBe): (generatorFunctionConstructor): * tests/stress/generator-function-name.js: Added. (shouldBe): (ok): * tests/stress/generator-methods-with-non-generator.js: Added. (shouldThrow): * tests/stress/generator-relations.js: Added. (shouldBe): (generatorFunction): * tests/stress/generator-return-before-first-call.js: Added. (shouldBe): (shouldBeIteratorResult): * tests/stress/generator-return.js: Added. (shouldBe): (shouldBeIteratorResult): * tests/stress/generator-this.js: Added. (shouldBe): (shouldThrow): (gen): (shouldBe.g.next): * tests/stress/generator-throw-before-first-call.js: Added. (unreachable): (gen): (catch): * tests/stress/generator-throw.js: Added. (shouldBe): (shouldBeIteratorResult): * tests/stress/generator-with-new-target.js: Added. (shouldBe): (gen): * tests/stress/generator-with-super.js: Added. (shouldThrow): (test): (B.prototype.gen): (B): (A.prototype.gen): (A): * tests/stress/generator-yield-star.js: Added. (shouldBe): (shouldThrow): (prototype.call): (Arrays): (Arrays.prototype.Symbol.iterator): (Iterator.prototype.next): (Iterator.prototype.string_appeared_here): (Iterator.prototype.Symbol.iterator): (Iterator): (gen): Source/WebCore: * Configurations/FeatureDefines.xcconfig: Source/WebKit/mac: * Configurations/FeatureDefines.xcconfig: Source/WebKit2: * Configurations/FeatureDefines.xcconfig: Source/WTF: * wtf/FastBitVector.h: (WTF::FastBitVector::forEachSetBit): * wtf/FeatureDefines.h: Tools: * Scripts/webkitperl/FeatureList.pm: WebKitLibraries: * win/tools/vsprops/FeatureDefines.props: * win/tools/vsprops/FeatureDefinesCairo.props: Canonical link: https://commits.webkit.org/169884@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@192937 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2015-12-02 03:16:28 +00:00
, m_parseMode(info.parseMode())
[JSC] Generator CodeBlock generation should be idempotent https://bugs.webkit.org/show_bug.cgi?id=197552 Reviewed by Keith Miller. JSTests: Add complex.yaml, which controls how to run JSC shell more. We split test files into two to run macro task between them which allows debugger to be attached to VM. * complex.yaml: Added. * complex/generator-regeneration-after.js: Added. * complex/generator-regeneration.js: Added. (gen): Source/JavaScriptCore: ES6 Generator saves and resumes the current execution state. Since ES6 generator can save the execution state at expression granularity (not statement granularity), the saved state involves locals. But if the underlying CodeBlock is jettisoned and recompiled with different code generation option (like, debugger, type profiler etc.), the generated instructions can be largely different and it does not have the same state previously used. If we resume the previously created generator with the newly generator function, resuming is messed up. function* gen () { ... } var g = gen(); g.next(); // CodeBlock is destroyed & Debugger is enabled. g.next(); In this patch, 1. In generatorification, we use index Identifier (localN => Identifier("N")) instead of private symbols to generate the same instructions every time we regenerate the CodeBlock. 2. We decouple the options which can affect on the generated code (Debugger, TypeProfiler, ControlFlowProfiler) from the BytecodeGenerator, and pass them as a parameter, OptionSet<CodeGeneratorMode>. 3. Generator ScriptExecutable remembers the previous CodeGeneratorMode and reuses this parameter to regenerate CodeBlock. It means that, even if the debugger is enabled, previously created generators are not debuggable. But newly created generators are debuggable. * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::storageForGeneratorLocal): (JSC::BytecodeGeneratorification::run): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::setConstantRegisters): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::wasCompiledWithDebuggingOpcodes const): (JSC::UnlinkedCodeBlock::wasCompiledWithTypeProfilerOpcodes const): (JSC::UnlinkedCodeBlock::wasCompiledWithControlFlowProfilerOpcodes const): (JSC::UnlinkedCodeBlock::codeGenerationMode const): * bytecode/UnlinkedEvalCodeBlock.h: * bytecode/UnlinkedFunctionCodeBlock.h: * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::generateUnlinkedFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::fromGlobalCode): (JSC::UnlinkedFunctionExecutable::unlinkedCodeBlockFor): * bytecode/UnlinkedFunctionExecutable.h: * bytecode/UnlinkedGlobalCodeBlock.h: (JSC::UnlinkedGlobalCodeBlock::UnlinkedGlobalCodeBlock): * bytecode/UnlinkedModuleProgramCodeBlock.h: * bytecode/UnlinkedProgramCodeBlock.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::emitTypeProfilerExpressionInfo): (JSC::BytecodeGenerator::emitProfileType): (JSC::BytecodeGenerator::emitProfileControlFlow): (JSC::BytecodeGenerator::pushLexicalScopeInternal): (JSC::BytecodeGenerator::popLexicalScopeInternal): (JSC::BytecodeGenerator::prepareLexicalScopeForNextForLoopIteration): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitCallVarargs): (JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary): (JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary): (JSC::BytecodeGenerator::emitDebugHook): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::shouldEmitDebugHooks const): (JSC::BytecodeGenerator::shouldEmitTypeProfilerHooks const): (JSC::BytecodeGenerator::shouldEmitControlFlowProfilerHooks const): * bytecompiler/NodesCodegen.cpp: (JSC::PrefixNode::emitResolve): (JSC::EmptyVarExpression::emitBytecode): (JSC::ReturnNode::emitBytecode): (JSC::FunctionNode::emitBytecode): * parser/ParserModes.h: (): Deleted. * parser/SourceCodeKey.h: (JSC::SourceCodeFlags::SourceCodeFlags): (JSC::SourceCodeKey::SourceCodeKey): * runtime/CachedTypes.cpp: (JSC::CachedCodeBlock::isClassContext const): (JSC::CachedCodeBlock::codeGenerationMode const): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::CachedCodeBlock<CodeBlockType>::encode): (JSC::CachedCodeBlock::wasCompiledWithDebuggingOpcodes const): Deleted. * runtime/CodeCache.cpp: (JSC::CodeCache::getUnlinkedGlobalCodeBlock): (JSC::CodeCache::getUnlinkedProgramCodeBlock): (JSC::CodeCache::getUnlinkedEvalCodeBlock): (JSC::CodeCache::getUnlinkedModuleProgramCodeBlock): (JSC::CodeCache::getUnlinkedGlobalFunctionExecutable): (JSC::generateUnlinkedCodeBlockForFunctions): (JSC::sourceCodeKeyForSerializedBytecode): (JSC::sourceCodeKeyForSerializedProgram): (JSC::sourceCodeKeyForSerializedModule): (JSC::serializeBytecode): * runtime/CodeCache.h: (JSC::generateUnlinkedCodeBlockImpl): (JSC::generateUnlinkedCodeBlock): * runtime/Completion.cpp: (JSC::generateProgramBytecode): (JSC::generateModuleBytecode): * runtime/DirectEvalExecutable.cpp: (JSC::DirectEvalExecutable::create): * runtime/IndirectEvalExecutable.cpp: (JSC::IndirectEvalExecutable::create): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::defaultCodeGenerationMode const): * runtime/ModuleProgramExecutable.cpp: (JSC::ModuleProgramExecutable::create): * runtime/ProgramExecutable.cpp: (JSC::ProgramExecutable::initializeGlobalProperties): * runtime/ScriptExecutable.cpp: (JSC::ScriptExecutable::ScriptExecutable): (JSC::ScriptExecutable::newCodeBlockFor): * runtime/ScriptExecutable.h: * tools/JSDollarVM.cpp: (JSC::changeDebuggerModeWhenIdle): (JSC::functionEnableDebuggerModeWhenIdle): (JSC::functionDisableDebuggerModeWhenIdle): Tools: * Scripts/run-javascriptcore-tests: (runJSCStressTests): * Scripts/run-jsc-stress-tests: Canonical link: https://commits.webkit.org/211707@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244915 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-05-03 18:54:44 +00:00
, m_codeGenerationMode(codeGenerationMode)
[JSC] Shrink sizeof(UnlinkedCodeBlock) https://bugs.webkit.org/show_bug.cgi?id=194281 Reviewed by Michael Saboff. Source/JavaScriptCore: This patch first attempts to reduce the size of UnlinkedCodeBlock in a relatively simpler way. Reordering members, remove unused member, and move rarely used members to RareData. This changes sizeof(UnlinkedCodeBlock) from 312 to 256. Still we have several chances to reduce sizeof(UnlinkedCodeBlock). Making more Vectors to RefCountedArrays can be done with some restructuring of generatorification phase. It would be possible to remove m_sourceURLDirective and m_sourceMappingURLDirective from UnlinkedCodeBlock since they should be in SourceProvider and that should be enough. These changes require some intrusive modifications and we make them as a future work. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): * bytecode/CodeBlock.h: (JSC::CodeBlock::bitVectors const): Deleted. * bytecode/CodeType.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::shrinkToFit): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::bitVector): (JSC::UnlinkedCodeBlock::addBitVector): (JSC::UnlinkedCodeBlock::addSetConstant): (JSC::UnlinkedCodeBlock::constantRegisters): (JSC::UnlinkedCodeBlock::numberOfConstantIdentifierSets const): (JSC::UnlinkedCodeBlock::constantIdentifierSets): (JSC::UnlinkedCodeBlock::codeType const): (JSC::UnlinkedCodeBlock::didOptimize const): (JSC::UnlinkedCodeBlock::setDidOptimize): (JSC::UnlinkedCodeBlock::usesGlobalObject const): Deleted. (JSC::UnlinkedCodeBlock::setGlobalObjectRegister): Deleted. (JSC::UnlinkedCodeBlock::globalObjectRegister const): Deleted. (JSC::UnlinkedCodeBlock::bitVectors const): Deleted. * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitLoad): (JSC::BytecodeGenerator::emitLoadGlobalObject): Deleted. * bytecompiler/BytecodeGenerator.h: * runtime/CachedTypes.cpp: (JSC::CachedCodeBlockRareData::encode): (JSC::CachedCodeBlockRareData::decode const): (JSC::CachedCodeBlock::scopeRegister const): (JSC::CachedCodeBlock::codeType const): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::CachedCodeBlock<CodeBlockType>::decode const): (JSC::CachedCodeBlock<CodeBlockType>::encode): (JSC::CachedCodeBlock::globalObjectRegister const): Deleted. Source/WTF: * wtf/TriState.h: Canonical link: https://commits.webkit.org/208739@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240981 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-02-05 18:28:33 +00:00
, m_metadata(UnlinkedMetadataTable::create())
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
{
Class constructor should throw TypeError when "called" https://bugs.webkit.org/show_bug.cgi?id=142566 Reviewed by Michael Saboff. Source/JavaScriptCore: Added ConstructorKind::None to denote code that doesn't belong to an ES6 class. This allows BytecodeGenerator to emit code to throw TypeError when generating code block to call ES6 class constructors. Most of changes are about increasing the number of bits to store ConstructorKind from one bit to two bits. * bytecode/UnlinkedCodeBlock.cpp: (JSC::generateFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::ExecutableInfo::ExecutableInfo): (JSC::ExecutableInfo::needsActivation): (JSC::ExecutableInfo::usesEval): (JSC::ExecutableInfo::isStrictMode): (JSC::ExecutableInfo::isConstructor): (JSC::ExecutableInfo::isBuiltinFunction): (JSC::ExecutableInfo::constructorKind): (JSC::UnlinkedFunctionExecutable::constructorKind): (JSC::UnlinkedCodeBlock::constructorKind): (JSC::UnlinkedFunctionExecutable::constructorKindIsDerived): Deleted. (JSC::UnlinkedCodeBlock::constructorKindIsDerived): Deleted. * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::generate): Don't emit bytecode when we had already emitted code to throw TypeError. (JSC::BytecodeGenerator::BytecodeGenerator): Emit code to throw TypeError when generating code to call. (JSC::BytecodeGenerator::emitReturn): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::constructorKind): (JSC::BytecodeGenerator::constructorKindIsDerived): Deleted. * bytecompiler/NodesCodegen.cpp: (JSC::ThisNode::emitBytecode): (JSC::FunctionCallValueNode::emitBytecode): * parser/Nodes.cpp: (JSC::FunctionBodyNode::FunctionBodyNode): * parser/Nodes.h: * parser/Parser.cpp: (JSC::Parser<LexerType>::parseFunctionInfo): Renamed the incoming function argument to ownerClassKind. Set constructorKind to Base or Derived only if we're parsing a constructor. (JSC::Parser<LexerType>::parseFunctionDeclaration): (JSC::Parser<LexerType>::parseClass): Don't parse static methods using MethodMode since that would result in BytecodeGenerator erroneously treating static method named "constructor" as a class constructor. (JSC::Parser<LexerType>::parsePropertyMethod): (JSC::Parser<LexerType>::parsePrimaryExpression): * parser/Parser.h: * parser/ParserModes.h: * runtime/Executable.h: (JSC::EvalExecutable::executableInfo): (JSC::ProgramExecutable::executableInfo): LayoutTests: Added tests for calling class constructors. * TestExpectations: Skipped the test since ES6 class syntax isn't enabled by default. * js/class-syntax-call-expected.txt: Added. * js/class-syntax-call.html: Added. * js/script-tests/class-syntax-call.js: Added. Canonical link: https://commits.webkit.org/160694@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@181490 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2015-03-13 23:01:51 +00:00
ASSERT(m_constructorKind == static_cast<unsigned>(info.constructorKind()));
[JSC] Shrink sizeof(UnlinkedCodeBlock) https://bugs.webkit.org/show_bug.cgi?id=194281 Reviewed by Michael Saboff. Source/JavaScriptCore: This patch first attempts to reduce the size of UnlinkedCodeBlock in a relatively simpler way. Reordering members, remove unused member, and move rarely used members to RareData. This changes sizeof(UnlinkedCodeBlock) from 312 to 256. Still we have several chances to reduce sizeof(UnlinkedCodeBlock). Making more Vectors to RefCountedArrays can be done with some restructuring of generatorification phase. It would be possible to remove m_sourceURLDirective and m_sourceMappingURLDirective from UnlinkedCodeBlock since they should be in SourceProvider and that should be enough. These changes require some intrusive modifications and we make them as a future work. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): * bytecode/CodeBlock.h: (JSC::CodeBlock::bitVectors const): Deleted. * bytecode/CodeType.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::shrinkToFit): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::bitVector): (JSC::UnlinkedCodeBlock::addBitVector): (JSC::UnlinkedCodeBlock::addSetConstant): (JSC::UnlinkedCodeBlock::constantRegisters): (JSC::UnlinkedCodeBlock::numberOfConstantIdentifierSets const): (JSC::UnlinkedCodeBlock::constantIdentifierSets): (JSC::UnlinkedCodeBlock::codeType const): (JSC::UnlinkedCodeBlock::didOptimize const): (JSC::UnlinkedCodeBlock::setDidOptimize): (JSC::UnlinkedCodeBlock::usesGlobalObject const): Deleted. (JSC::UnlinkedCodeBlock::setGlobalObjectRegister): Deleted. (JSC::UnlinkedCodeBlock::globalObjectRegister const): Deleted. (JSC::UnlinkedCodeBlock::bitVectors const): Deleted. * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitLoad): (JSC::BytecodeGenerator::emitLoadGlobalObject): Deleted. * bytecompiler/BytecodeGenerator.h: * runtime/CachedTypes.cpp: (JSC::CachedCodeBlockRareData::encode): (JSC::CachedCodeBlockRareData::decode const): (JSC::CachedCodeBlock::scopeRegister const): (JSC::CachedCodeBlock::codeType const): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::CachedCodeBlock<CodeBlockType>::decode const): (JSC::CachedCodeBlock<CodeBlockType>::encode): (JSC::CachedCodeBlock::globalObjectRegister const): Deleted. Source/WTF: * wtf/TriState.h: Canonical link: https://commits.webkit.org/208739@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240981 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-02-05 18:28:33 +00:00
ASSERT(m_codeType == static_cast<unsigned>(codeType));
TriState should be an enum class and use "Indeterminate" instead of "Mixed" https://bugs.webkit.org/show_bug.cgi?id=211268 Reviewed by Mark Lam. Source/JavaScriptCore: * b3/B3Const32Value.cpp: (JSC::B3::Const32Value::equalConstant const): (JSC::B3::Const32Value::notEqualConstant const): (JSC::B3::Const32Value::lessThanConstant const): (JSC::B3::Const32Value::greaterThanConstant const): (JSC::B3::Const32Value::lessEqualConstant const): (JSC::B3::Const32Value::greaterEqualConstant const): (JSC::B3::Const32Value::aboveConstant const): (JSC::B3::Const32Value::belowConstant const): (JSC::B3::Const32Value::aboveEqualConstant const): (JSC::B3::Const32Value::belowEqualConstant const): * b3/B3Const64Value.cpp: (JSC::B3::Const64Value::equalConstant const): (JSC::B3::Const64Value::notEqualConstant const): (JSC::B3::Const64Value::lessThanConstant const): (JSC::B3::Const64Value::greaterThanConstant const): (JSC::B3::Const64Value::lessEqualConstant const): (JSC::B3::Const64Value::greaterEqualConstant const): (JSC::B3::Const64Value::aboveConstant const): (JSC::B3::Const64Value::belowConstant const): (JSC::B3::Const64Value::aboveEqualConstant const): (JSC::B3::Const64Value::belowEqualConstant const): * b3/B3ConstDoubleValue.cpp: (JSC::B3::ConstDoubleValue::equalConstant const): (JSC::B3::ConstDoubleValue::notEqualConstant const): (JSC::B3::ConstDoubleValue::lessThanConstant const): (JSC::B3::ConstDoubleValue::greaterThanConstant const): (JSC::B3::ConstDoubleValue::lessEqualConstant const): (JSC::B3::ConstDoubleValue::greaterEqualConstant const): (JSC::B3::ConstDoubleValue::equalOrUnorderedConstant const): * b3/B3ConstFloatValue.cpp: (JSC::B3::ConstFloatValue::equalConstant const): (JSC::B3::ConstFloatValue::notEqualConstant const): (JSC::B3::ConstFloatValue::lessThanConstant const): (JSC::B3::ConstFloatValue::greaterThanConstant const): (JSC::B3::ConstFloatValue::lessEqualConstant const): (JSC::B3::ConstFloatValue::greaterEqualConstant const): (JSC::B3::ConstFloatValue::equalOrUnorderedConstant const): * b3/B3Procedure.cpp: (JSC::B3::Procedure::addBoolConstant): * b3/B3Procedure.h: * b3/B3ReduceStrength.cpp: * b3/B3Value.cpp: (JSC::B3::Value::equalConstant const): (JSC::B3::Value::notEqualConstant const): (JSC::B3::Value::lessThanConstant const): (JSC::B3::Value::greaterThanConstant const): (JSC::B3::Value::lessEqualConstant const): (JSC::B3::Value::greaterEqualConstant const): (JSC::B3::Value::aboveConstant const): (JSC::B3::Value::belowConstant const): (JSC::B3::Value::aboveEqualConstant const): (JSC::B3::Value::belowEqualConstant const): (JSC::B3::Value::equalOrUnorderedConstant const): (JSC::B3::Value::asTriState const): * b3/B3Value.h: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::~CodeBlock): (JSC::CodeBlock::thresholdForJIT): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::UnlinkedFunctionExecutable::visitChildren): * bytecompiler/NodesCodegen.cpp: (JSC::ConstantNode::emitBytecodeInConditionContext): (JSC::BinaryOpNode::emitBytecodeInConditionContext): (JSC::BinaryOpNode::tryFoldToBranch): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleIntrinsicCall): * dfg/DFGCFGSimplificationPhase.cpp: (JSC::DFG::CFGSimplificationPhase::run): * dfg/DFGLazyJSValue.cpp: (JSC::DFG::equalToSingleCharacter): (JSC::DFG::equalToStringImpl): (JSC::DFG::LazyJSValue::strictEqual const): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileDataViewGet): (JSC::FTL::DFG::LowerDFGToB3::compileDataViewSet): * ftl/FTLOutput.cpp: (JSC::FTL::Output::equal): (JSC::FTL::Output::notEqual): (JSC::FTL::Output::above): (JSC::FTL::Output::aboveOrEqual): (JSC::FTL::Output::below): (JSC::FTL::Output::belowOrEqual): (JSC::FTL::Output::greaterThan): (JSC::FTL::Output::greaterThanOrEqual): (JSC::FTL::Output::lessThan): (JSC::FTL::Output::lessThanOrEqual): * jit/JITOperations.cpp: * runtime/CachedTypes.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * runtime/DefinePropertyAttributes.h: (JSC::DefinePropertyAttributes::DefinePropertyAttributes): (JSC::DefinePropertyAttributes::hasWritable const): (JSC::DefinePropertyAttributes::writable const): (JSC::DefinePropertyAttributes::hasConfigurable const): (JSC::DefinePropertyAttributes::configurable const): (JSC::DefinePropertyAttributes::hasEnumerable const): (JSC::DefinePropertyAttributes::enumerable const): (JSC::DefinePropertyAttributes::setWritable): (JSC::DefinePropertyAttributes::setConfigurable): (JSC::DefinePropertyAttributes::setEnumerable): * runtime/IntlCollator.cpp: (JSC::IntlCollator::initializeCollator): * runtime/IntlDateTimeFormat.cpp: (JSC::IntlDateTimeFormat::initializeDateTimeFormat): * runtime/IntlNumberFormat.cpp: (JSC::IntlNumberFormat::initializeNumberFormat): * runtime/IntlObject.cpp: (JSC::intlBooleanOption): * runtime/JSCJSValueInlines.h: (JSC::JSValue::pureStrictEqual): (JSC::JSValue::pureToBoolean const): * runtime/JSCellInlines.h: (JSC::JSCell::pureToBoolean const): Source/WebCore: * dom/Document.cpp: (WebCore::Document::queryCommandIndeterm): (WebCore::Document::queryCommandState): * editing/EditingStyle.cpp: (WebCore::EditingStyle::triStateOfStyle const): (WebCore::EditingStyle::hasStyle): * editing/Editor.cpp: (WebCore::Editor::selectionUnorderedListState const): (WebCore::Editor::selectionOrderedListState const): * editing/EditorCommand.cpp: (WebCore::isStylePresent): (WebCore::stateStyle): (WebCore::stateTextWritingDirection): (WebCore::stateNone): (WebCore::stateStyleWithCSS): (WebCore::Editor::Command::state const): (WebCore::Editor::Command::value const): * page/ContextMenuController.cpp: (WebCore::ContextMenuController::checkOrEnableIfNeeded const): Source/WebKit: * WebProcess/WebPage/WebPage.cpp: (WebKit::WebPage::validateCommand): * WebProcess/WebPage/glib/WebPageGLib.cpp: (WebKit::WebPage::getPlatformEditorState const): Source/WebKitLegacy/mac: * WebView/WebHTMLView.mm: (kit): (-[WebHTMLView validateUserInterfaceItemWithoutDelegate:]): Source/WTF: The word "indeterminate" comes from boost::tribool. A third state is generally not "mixed" but rather unknown. * wtf/TriState.h: Canonical link: https://commits.webkit.org/224166@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@260984 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2020-05-01 05:38:06 +00:00
ASSERT(m_didOptimize == static_cast<unsigned>(TriState::Indeterminate));
[JSC] Add support for public class fields https://bugs.webkit.org/show_bug.cgi?id=174212 Reviewed by Yusuke Suzuki. JSTests: New syntax invalidates some test expectations: "async <linefeed> MethodDefinition" is no longer an unexpected "async" token. It is now an instance field named "async" with no initializer, and an automatic semicolon, followed by MethodDefinition. "get|set GeneratorMethodDefinition"'s error message has changed, due to "get" being valid class field names. Many class-syntax tests relating to automatic semicolon insertion are no longer valid, as a line containing nothing but an identifier is now a valid class element. * stress/async-await-syntax.js: * stress/class-fields-bytecode-cache.js: Added. * stress/class-fields-computed-to-property-key.js: Added. * stress/class-fields-function-name.js: Added. * stress/class-fields-harmony.js: Added. * stress/class-fields-proxy-define-property.js: Added. * stress/class-fields-stress-instance.js: Added. * stress/generator-syntax.js: * stress/method-name.js: * test262/config.yaml: Source/JavaScriptCore: Implements the instance class fields proposal (https://tc39.es/proposal-class-fields/), minus support for private fields (split into a separate patch). In summary, class fields are initialized by a synthetic JSFunction. In its unlinked state, the UnlinkedFunctionExecutable for the function includes an ordered list of JSTokenLocations pointing to the start of each class field in the class. Each of these fields are parsed and included as DefineFieldNodes, which implement the appropriate DefineField behaviour in the proposal. This synthetic function is only created, and only loaded, if there are class fields present. The decision to use a synthetic function was for simplicity. There are a number of factors which make inlining the initialization complicated, though we may opt to do this in the future. For reference, the complexities are: instance fields and constructor in different currently in different parsing arenas, distinct scopes between the 2 which require work to manage, and complexity in doing to this work for child classes, where the location of initialization can depend, and in some cases occur more than once. Computed property fields require a new bytecode, op_to_property_key, as an implementation detail. It is necessary in the proposal to convert computed properties to property keys during class evaluation, rather than during field initialization. Additionally, we allocate the class lexical scope when computed class fields are used (previously, only when there was a class name), as a location to keep the computed property keys. They can be loaded from the scope via indexed keys. To illustrate computed field names in action, consider the following pseudocode: <during class evaluation> 1) fieldName = emitNode({expr}) 2) fieldName = emitToPropertyKey(fieldName) 3) classScope[numComputedNames++] = fieldName <during class field initialization> 1) fieldName = emitGetFromScope(classScope, computedFieldNameIndex++) 2) value = emitNode({initializer}) 3) instance[fieldName] = value The feature is currently hidden behind the feature flag JSC::Options::useClassFields. LayoutTests: New syntax invalidates some test expectations: "async <linefeed> MethodDefinition" is no longer an unexpected "async" token. It is now an instance field named "async" with no initializer, and an automatic semicolon, followed by MethodDefinition. "get|set GeneratorMethodDefinition"'s error message has changed, due to "get" being valid class field names. Many class-syntax tests relating to automatic semicolon insertion are no longer valid, as a line containing nothing but an identifier is now a valid class element. * js/class-syntax-semicolon-expected.txt: * js/script-tests/class-syntax-semicolon.js: Canonical link: https://commits.webkit.org/219405@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254653 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2020-01-16 00:09:50 +00:00
if (info.needsClassFieldInitializer() == NeedsClassFieldInitializer::Yes) {
Stop using holdLock() in JSC as it is not compatible with Clang thread safety analysis https://bugs.webkit.org/show_bug.cgi?id=226116 Reviewed by Mark Lam. Stop using holdLock() in JSC as it is not compatible with Clang thread safety analysis (WTF::CheckedLock). Use the Locker constructor instead. I'll eventually get rid of the holdLock() definition once I have managed to get rid of all its usages. * API/JSVirtualMachine.mm: (+[JSVMWrapperCache addWrapper:forJSContextGroupRef:]): (+[JSVMWrapperCache wrapperForJSContextGroupRef:]): (-[JSVirtualMachine addExternalRememberedObject:]): (-[JSVirtualMachine addManagedReference:withOwner:]): (-[JSVirtualMachine removeManagedReference:withOwner:]): (scanExternalObjectGraph): (scanExternalRememberedSet): * API/glib/JSCVirtualMachine.cpp: (addWrapper): (removeWrapper): * API/tests/ExecutionTimeLimitTest.cpp: (testExecutionTimeLimit): * assembler/PerfLog.cpp: (JSC::PerfLog::PerfLog): (JSC::PerfLog::log): * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::visitAggregateImpl): (JSC::StructureStubInfo::visitWeakReferences): * bytecode/StructureStubInfo.h: (JSC::StructureStubInfo::considerCaching): (JSC::StructureStubInfo::clearBufferedStructures): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildrenImpl): * bytecode/UnlinkedCodeBlockGenerator.cpp: (JSC::UnlinkedCodeBlockGenerator::finalize): * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): * heap/BlockDirectory.cpp: (JSC::BlockDirectory::~BlockDirectory): (JSC::BlockDirectory::removeBlock): (JSC::BlockDirectory::stopAllocatingForGood): (JSC::BlockDirectory::parallelNotEmptyBlockSource): * heap/CodeBlockSet.cpp: (JSC::CodeBlockSet::add): (JSC::CodeBlockSet::remove): * heap/CodeBlockSetInlines.h: (JSC::CodeBlockSet::iterate): * heap/CompleteSubspace.cpp: (JSC::CompleteSubspace::allocatorForSlow): * heap/Heap.cpp: (JSC::Heap::lastChanceToFinalize): (JSC::Heap::runNotRunningPhase): (JSC::Heap::runEndPhase): (JSC::Heap::finishRelinquishingConn): (JSC::visitSamplingProfiler): (JSC::Heap::setBonusVisitorTask): (JSC::Heap::runTaskInParallel): * heap/HeapSnapshotBuilder.cpp: (JSC::HeapSnapshotBuilder::buildSnapshot): (JSC::HeapSnapshotBuilder::analyzeNode): (JSC::HeapSnapshotBuilder::analyzeEdge): (JSC::HeapSnapshotBuilder::analyzePropertyNameEdge): (JSC::HeapSnapshotBuilder::analyzeVariableNameEdge): (JSC::HeapSnapshotBuilder::analyzeIndexEdge): (JSC::HeapSnapshotBuilder::setOpaqueRootReachabilityReasonForCell): * heap/IsoAlignedMemoryAllocator.cpp: (JSC::IsoAlignedMemoryAllocator::tryAllocateAlignedMemory): (JSC::IsoAlignedMemoryAllocator::freeAlignedMemory): * heap/IsoCellSet.cpp: (JSC::IsoCellSet::parallelNotEmptyMarkedBlockSource): (JSC::IsoCellSet::addSlow): (JSC::IsoCellSet::didRemoveBlock): (JSC::IsoCellSet::sweepToFreeList): * heap/IsoCellSetInlines.h: (JSC::IsoCellSet::forEachMarkedCellInParallel): * heap/IsoSubspace.cpp: (JSC::IsoSubspace::IsoSubspace): * heap/IsoSubspacePerVM.cpp: (JSC::IsoSubspacePerVM::forVM): * heap/LocalAllocator.cpp: (JSC::LocalAllocator::LocalAllocator): (JSC::LocalAllocator::~LocalAllocator): * heap/MachineStackMarker.cpp: (JSC::MachineThreads::tryCopyOtherThreadStacks): (JSC::MachineThreads::gatherConservativeRoots): * heap/MarkedBlock.cpp: (JSC::MarkedBlock::Handle::stopAllocating): (JSC::MarkedBlock::Handle::resumeAllocating): (JSC::MarkedBlock::aboutToMarkSlow): (JSC::MarkedBlock::Handle::didConsumeFreeList): (JSC::MarkedBlock::noteMarkedSlow): (JSC::MarkedBlock::Handle::dumpState): * heap/MarkedBlockInlines.h: (JSC::MarkedBlock::Handle::isLive): * heap/MarkingConstraint.cpp: (JSC::MarkingConstraint::doParallelWork): * heap/MarkingConstraintSolver.cpp: (JSC::MarkingConstraintSolver::addParallelTask): (JSC::MarkingConstraintSolver::runExecutionThread): * heap/ParallelSourceAdapter.h: * heap/SlotVisitor.cpp: (JSC::SlotVisitor::updateMutatorIsStopped): (JSC::SlotVisitor::drain): (JSC::SlotVisitor::performIncrementOfDraining): (JSC::SlotVisitor::drainFromShared): (JSC::SlotVisitor::drainInParallelPassively): (JSC::SlotVisitor::waitForTermination): (JSC::SlotVisitor::donateAll): (JSC::SlotVisitor::didRace): * heap/Subspace.cpp: (JSC::Subspace::parallelDirectorySource): * heap/SubspaceInlines.h: (JSC::Subspace::forEachMarkedCellInParallel): * inspector/JSInjectedScriptHost.cpp: * jit/ExecutableAllocator.cpp: * jsc.cpp: (Worker::Worker): (Worker::~Worker): (Worker::dequeue): (Workers::broadcast): (Workers::report): (Workers::tryGetReport): (Workers::getReport): (JSC_DEFINE_HOST_FUNCTION): * runtime/DeferredWorkTimer.cpp: (JSC::DeferredWorkTimer::doWork): * runtime/ErrorInstance.cpp: (JSC::ErrorInstance::finishCreation): * runtime/EvalExecutable.cpp: (JSC::EvalExecutable::visitChildrenImpl): * runtime/FileBasedFuzzerAgentBase.cpp: (JSC::FileBasedFuzzerAgentBase::getPrediction): * runtime/FunctionExecutable.cpp: (JSC::FunctionExecutable::visitChildrenImpl): * runtime/JSArray.cpp: (JSC::JSArray::shiftCountWithArrayStorage): (JSC::JSArray::unshiftCountWithArrayStorage): * runtime/JSArrayBufferView.cpp: (JSC::JSArrayBufferView::detach): (JSC::JSArrayBufferView::slowDownAndWasteMemory): * runtime/JSCell.h: * runtime/JSFinalizationRegistry.cpp: (JSC::JSFinalizationRegistry::visitChildrenImpl): (JSC::JSFinalizationRegistry::finalizeUnconditionally): (JSC::JSFinalizationRegistry::takeDeadHoldingsValue): (JSC::JSFinalizationRegistry::registerTarget): (JSC::JSFinalizationRegistry::unregister): * runtime/JSGenericTypedArrayViewInlines.h: (JSC::JSGenericTypedArrayView<Adaptor>::visitChildrenImpl): * runtime/JSGlobalObject.cpp: (JSC::JSC_DEFINE_HOST_FUNCTION): * runtime/JSModuleNamespaceObject.cpp: (JSC::JSModuleNamespaceObject::finishCreation): (JSC::JSModuleNamespaceObject::visitChildrenImpl): * runtime/JSObject.cpp: (JSC::JSObject::visitButterflyImpl): * runtime/JSRunLoopTimer.cpp: (JSC::JSRunLoopTimer::Manager::timerDidFire): (JSC::JSRunLoopTimer::Manager::registerVM): (JSC::JSRunLoopTimer::Manager::unregisterVM): (JSC::JSRunLoopTimer::Manager::scheduleTimer): (JSC::JSRunLoopTimer::Manager::cancelTimer): (JSC::JSRunLoopTimer::Manager::timeUntilFire): (JSC::JSRunLoopTimer::timerDidFire): (JSC::JSRunLoopTimer::setTimeUntilFire): (JSC::JSRunLoopTimer::cancelTimer): (JSC::JSRunLoopTimer::addTimerSetNotification): (JSC::JSRunLoopTimer::removeTimerSetNotification): * runtime/JSSegmentedVariableObject.cpp: (JSC::JSSegmentedVariableObject::findVariableIndex): (JSC::JSSegmentedVariableObject::addVariables): (JSC::JSSegmentedVariableObject::visitChildrenImpl): * runtime/ModuleProgramExecutable.cpp: (JSC::ModuleProgramExecutable::visitChildrenImpl): * runtime/NarrowingNumberPredictionFuzzerAgent.cpp: (JSC::NarrowingNumberPredictionFuzzerAgent::getPrediction): * runtime/ProgramExecutable.cpp: (JSC::ProgramExecutable::visitChildrenImpl): * runtime/RandomizingFuzzerAgent.cpp: (JSC::RandomizingFuzzerAgent::getPrediction): * runtime/RegExp.cpp: (JSC::RegExp::compile): (JSC::RegExp::matchConcurrently): (JSC::RegExp::compileMatchOnly): (JSC::RegExp::deleteCode): * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::takeSample): (JSC::SamplingProfiler::stackTracesAsJSON): (JSC::SamplingProfiler::reportTopFunctions): (JSC::SamplingProfiler::reportTopBytecodes): * runtime/ScriptExecutable.cpp: (JSC::ScriptExecutable::createTemplateObject): * runtime/SparseArrayValueMap.cpp: (JSC::SparseArrayValueMap::add): (JSC::SparseArrayValueMap::remove): (JSC::SparseArrayValueMap::getConcurrently): (JSC::SparseArrayValueMap::visitChildrenImpl): * runtime/Structure.cpp: (JSC::Structure::changePrototypeTransition): (JSC::Structure::toDictionaryTransition): (JSC::Structure::nonPropertyTransitionSlow): (JSC::Structure::setBrandTransition): * runtime/StructureCache.cpp: (JSC::StructureCache::createEmptyStructure): (JSC::StructureCache::emptyObjectStructureConcurrently): * runtime/VM.cpp: (JSC::waitForVMDestruction): (JSC::VM::~VM): (JSC::VM::gatherScratchBufferRoots): (JSC::VM::scratchBufferForSize): (JSC::VM::clearScratchBuffers): (JSC::VM::addLoopHintExecutionCounter): (JSC::VM::getLoopHintExecutionCounter): (JSC::VM::removeLoopHintExecutionCounter): * runtime/VMTraps.cpp: (JSC::VMTraps::tryInstallTrapBreakpoints): (JSC::VMTraps::invalidateCodeBlocksOnStack): (JSC::VMTraps::willDestroyVM): (JSC::VMTraps::fireTrap): (JSC::VMTraps::handleTraps): (JSC::VMTraps::takeTopPriorityTrap): * runtime/WeakMapImpl.cpp: (JSC::WeakMapImpl<BucketType>::visitOutputConstraints): * runtime/WeakMapImpl.h: (JSC::WeakMapImpl::finishCreation): * runtime/WeakMapImplInlines.h: (JSC::WeakMapImpl<WeakMapBucket>::rehash): * runtime/WideningNumberPredictionFuzzerAgent.cpp: (JSC::WideningNumberPredictionFuzzerAgent::getPrediction): * tools/CompilerTimingScope.cpp: * tools/FunctionOverrides.cpp: (JSC::FunctionOverrides::FunctionOverrides): (JSC::FunctionOverrides::reinstallOverrides): (JSC::FunctionOverrides::initializeOverrideFor): * tools/Integrity.cpp: (JSC::Integrity::Random::reloadAndCheckShouldAuditSlow): * tools/VMInspector.cpp: (JSC::VMInspector::add): (JSC::VMInspector::remove): (JSC::VMInspector::codeBlockForMachinePC): * wasm/WasmBBQPlan.cpp: (JSC::Wasm::BBQPlan::work): (JSC::Wasm::BBQPlan::compileFunction): * wasm/WasmCalleeRegistry.h: (JSC::Wasm::CalleeRegistry::registerCallee): (JSC::Wasm::CalleeRegistry::unregisterCallee): * wasm/WasmCodeBlock.cpp: (JSC::Wasm::CodeBlock::CodeBlock): (JSC::Wasm::CodeBlock::waitUntilFinished): (JSC::Wasm::CodeBlock::compileAsync): * wasm/WasmContext.cpp: (JSC::Wasm::Context::scratchBufferForSize): * wasm/WasmEntryPlan.cpp: (JSC::Wasm::EntryPlan::parseAndValidateModule): (JSC::Wasm::EntryPlan::prepare): (JSC::Wasm::EntryPlan::compileFunctions): * wasm/WasmEntryPlan.h: (JSC::Wasm::EntryPlan::tryReserveCapacity): * wasm/WasmFaultSignalHandler.cpp: (JSC::Wasm::trapHandler): * wasm/WasmInstance.cpp: (JSC::Wasm::Instance::setFunctionWrapper): * wasm/WasmLLIntPlan.cpp: (JSC::Wasm::LLIntPlan::compileFunction): (JSC::Wasm::LLIntPlan::completeInStreaming): (JSC::Wasm::LLIntPlan::didCompileFunctionInStreaming): (JSC::Wasm::LLIntPlan::didFailInStreaming): * wasm/WasmMachineThreads.cpp: (JSC::Wasm::resetInstructionCacheOnAllThreads): * wasm/WasmMemory.cpp: (JSC::Wasm::Memory::growShared): * wasm/WasmModule.cpp: (JSC::Wasm::Module::getOrCreateCodeBlock): * wasm/WasmOMGForOSREntryPlan.cpp: (JSC::Wasm::OMGForOSREntryPlan::work): * wasm/WasmOMGPlan.cpp: (JSC::Wasm::OMGPlan::work): * wasm/WasmOperations.cpp: (JSC::Wasm::triggerOMGReplacementCompile): (JSC::Wasm::JSC_DEFINE_JIT_OPERATION): * wasm/WasmSignatureInlines.h: (JSC::Wasm::SignatureInformation::get): * wasm/WasmSlowPaths.cpp: (JSC::LLInt::jitCompileAndSetHeuristics): (JSC::LLInt::WASM_SLOW_PATH_DECL): * wasm/WasmStreamingCompiler.cpp: (JSC::Wasm::StreamingCompiler::didCompileFunction): (JSC::Wasm::StreamingCompiler::finalize): (JSC::Wasm::StreamingCompiler::fail): (JSC::Wasm::StreamingCompiler::cancel): * wasm/WasmStreamingPlan.cpp: (JSC::Wasm::StreamingPlan::work): * wasm/WasmTable.cpp: (JSC::Wasm::Table::grow): (JSC::Wasm::Table::visitAggregateImpl): * wasm/WasmThunks.cpp: (JSC::Wasm::Thunks::stub): (JSC::Wasm::Thunks::existingStub): * wasm/WasmWorklist.cpp: * wasm/js/JSWebAssemblyInstance.cpp: (JSC::JSWebAssemblyInstance::visitChildrenImpl): Canonical link: https://commits.webkit.org/238042@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@277909 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-05-22 03:13:17 +00:00
Locker locker { cellLock() };
UnlinkedCodeBlock should have better accounting for extra memory https://bugs.webkit.org/show_bug.cgi?id=225080 Reviewed by Mark Lam. Right now we aren't telling the JS GC about the extra memory attached to UnlinkedCodeBlocks. It looks like on at least some sites this can be a fairly large percentage of the total memory retained by the JS object graph. This is very similar to the change we made for CodeBlocks in r276610. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::visitChildrenImpl): (JSC::UnlinkedCodeBlock::RareData::sizeInBytes const): * bytecode/UnlinkedCodeBlock.h: Canonical link: https://commits.webkit.org/237053@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276625 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-04-27 01:09:59 +00:00
createRareDataIfNecessary(locker);
[JSC] Add support for public class fields https://bugs.webkit.org/show_bug.cgi?id=174212 Reviewed by Yusuke Suzuki. JSTests: New syntax invalidates some test expectations: "async <linefeed> MethodDefinition" is no longer an unexpected "async" token. It is now an instance field named "async" with no initializer, and an automatic semicolon, followed by MethodDefinition. "get|set GeneratorMethodDefinition"'s error message has changed, due to "get" being valid class field names. Many class-syntax tests relating to automatic semicolon insertion are no longer valid, as a line containing nothing but an identifier is now a valid class element. * stress/async-await-syntax.js: * stress/class-fields-bytecode-cache.js: Added. * stress/class-fields-computed-to-property-key.js: Added. * stress/class-fields-function-name.js: Added. * stress/class-fields-harmony.js: Added. * stress/class-fields-proxy-define-property.js: Added. * stress/class-fields-stress-instance.js: Added. * stress/generator-syntax.js: * stress/method-name.js: * test262/config.yaml: Source/JavaScriptCore: Implements the instance class fields proposal (https://tc39.es/proposal-class-fields/), minus support for private fields (split into a separate patch). In summary, class fields are initialized by a synthetic JSFunction. In its unlinked state, the UnlinkedFunctionExecutable for the function includes an ordered list of JSTokenLocations pointing to the start of each class field in the class. Each of these fields are parsed and included as DefineFieldNodes, which implement the appropriate DefineField behaviour in the proposal. This synthetic function is only created, and only loaded, if there are class fields present. The decision to use a synthetic function was for simplicity. There are a number of factors which make inlining the initialization complicated, though we may opt to do this in the future. For reference, the complexities are: instance fields and constructor in different currently in different parsing arenas, distinct scopes between the 2 which require work to manage, and complexity in doing to this work for child classes, where the location of initialization can depend, and in some cases occur more than once. Computed property fields require a new bytecode, op_to_property_key, as an implementation detail. It is necessary in the proposal to convert computed properties to property keys during class evaluation, rather than during field initialization. Additionally, we allocate the class lexical scope when computed class fields are used (previously, only when there was a class name), as a location to keep the computed property keys. They can be loaded from the scope via indexed keys. To illustrate computed field names in action, consider the following pseudocode: <during class evaluation> 1) fieldName = emitNode({expr}) 2) fieldName = emitToPropertyKey(fieldName) 3) classScope[numComputedNames++] = fieldName <during class field initialization> 1) fieldName = emitGetFromScope(classScope, computedFieldNameIndex++) 2) value = emitNode({initializer}) 3) instance[fieldName] = value The feature is currently hidden behind the feature flag JSC::Options::useClassFields. LayoutTests: New syntax invalidates some test expectations: "async <linefeed> MethodDefinition" is no longer an unexpected "async" token. It is now an instance field named "async" with no initializer, and an automatic semicolon, followed by MethodDefinition. "get|set GeneratorMethodDefinition"'s error message has changed, due to "get" being valid class field names. Many class-syntax tests relating to automatic semicolon insertion are no longer valid, as a line containing nothing but an identifier is now a valid class element. * js/class-syntax-semicolon-expected.txt: * js/script-tests/class-syntax-semicolon.js: Canonical link: https://commits.webkit.org/219405@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@254653 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2020-01-16 00:09:50 +00:00
m_rareData->m_needsClassFieldInitializer = static_cast<unsigned>(NeedsClassFieldInitializer::Yes);
}
[ESNext] Implement private methods https://bugs.webkit.org/show_bug.cgi?id=194434 Reviewed by Filip Pizlo. JSTests: * stress/private-brand-installed-after-super-call-from-arrow-function.js: Added. * stress/private-brand-installed-after-super-call-from-eval.js: Added. * stress/private-method-brand-check.js: Added. * stress/private-method-change-attribute-from-branded-structure.js: Added. * stress/private-method-change-prototype-from-branded-structure.js: Added. * stress/private-method-check-private-brand-ic.js: Added. * stress/private-method-check-structure-miss.js: Added. * stress/private-method-comparison.js: Added. * stress/private-method-delete-property-from-branded-structure.js: Added. * stress/private-method-extends-brand-check.js: Added. * stress/private-method-get-and-call.js: Added. * stress/private-method-invalid-multiple-brand-installation.js: Added. * stress/private-method-invalidate-compiled-with-constant-symbol.js: Added. * stress/private-method-nested-class.js: Added. * stress/private-method-on-sealed-objects.js: Added. * stress/private-method-on-uncacheable-dictionary.js: Added. * stress/private-method-polymorphic-with-constant-symbol.js: Added. * stress/private-method-set-brand-should-have-write-barrier.js: Added. * stress/private-method-untyped-use.js: Added. * stress/private-method-with-uncacheable-dictionary-transition.js: Added. * stress/private-methods-inline-cache.js: Added. * stress/private-methods-megamorphic-ic.js: Added. * stress/private-methods-on-proxy.js: Added. * stress/private-methods-poly-ic-multiple-classes.js: Added. * stress/private-methods-poly-ic-single-class.js: Added. * stress/private-names-available-on-direct-eval.js: Added. * test262/config.yaml: Source/JavaScriptCore: This patch is adding support to private methods following the specification on https://tc39.es/proposal-private-methods/. This is introducing a new way to declare private methods on class syntax. Private methods are only accessible within classes they were declared, and only can be called from objects that are instance of these classes. To guarantee such rules, the proposal presents the concept of Brand Check. During class evaluation, if a private method is present, a `brand` is installed in this class. Every instance of such class then gets this brand installed during `[[Construct]]` operation. It means that an object can have multiple brands (e.g when there is also private methods declared on super class). Before accessing a private method, there is a check to validate if the target of the call has the brand of callee method. The brand check mechanism is implemented using a `@privateBrand` stored on class scope. Here is a representation of how this mechanism works: ``` class C { #m() { return 3; } method() { return this.#m(); } } let c = new C(); console.log(c.method()); // prints 3 ``` Generated bytecode for the following representation: ``` { // class lexical scope const @privateBrand = @createPrivateSymbol(); const #m = function () { return 3; } C.prototype.method = function() { @check_private_brand(this, @privateBrand); return #m.call(this); } C = function() { @set_private_brand(this, @privateBrand); } } let c = new C(); console.log(c.method()); // prints 3 ``` # Resolving correct brand to check In the case of shadowing or nested scope, we need to emit brand checks to the right private brand. See code below: ``` class C { #m() { return 3; } method() { return this.#m();} A = class { #m2() { return 3; } foo(o) { return o.#m(); } } } ``` The call of "#m" in `foo` refers to "C::#m". In such case, we need to check C's private brand, instead of A's private brand. To perform the proper check, we first resolve scope of "#m" and then check the private brand of this scope (the scope where the private method and brand are stored is the same). So the bytecode to lookup the right brand is: ``` mov loc9, arg1 resolve_scope loc10, "#m" get_from_scope loc11, loc10, "@privateBrand" check_private_brand loc9, loc11 get_from_scope loc11, loc10, "#m" // setup call frame call loc11, ... // ... ``` # Brand check mechanism We are introducing in this patch 2 new bytecodes to allow brand check of objects: `op_set_brand` and `op_check_brand`. `op_set_brand` sets a new brand in an object, so we can perform the brand check later when accessing private methods. This operations throws when trying to add the same brand twice in an Object. `op_check_brand` checks if the given object contains the brand we are looking for. It traverses the brand chain to verify if the brand is present, and throws `TypeError` otherwise. We are also introducing a subclass for Structure called BrandedStructure. It is used to store brands and to allow brand check mechanism. BrandedStructure stores a brand and a parent pointer to another BrandedStructure that allow us traverse the brand chain. With `BrandedStructure`, we can then infer that a given object has the brand we are looking for just checking its structureId. This is a very good optimization, since we can reduce most of brand checks to structure checks. We created a new kind of transition called `SetBrand` that happens when `op_set_brand` is executed. This allow us to cache such kind of trasitions on trasition table using the key `<brand->uid, 0, TransitionKind::SetBrand>`. During this transition, we take previous structure and apply one of the following rules: 1. If it's a BrandedStructure, we then set it to `m_parentBrand`, to allow proper brand chain check. 2. If it's not a BrandedStructure, we set `m_parentBrand` to `nullptr`, meaning that this is the first brand being added to the object with this structure. For now, we are using the flag `isBrandedStructure` to identify that a given Structure is a BrandedStructure. This is done to avoid changes on places where we are checking for `vm.structureStructure()`. However, if we ever need space on Structure, this flag is a good candidate to be deleted and we can move to a solution that uses `vm.brandedStructureStructure()`; # JIT Support This patch also includes initial JIT support for `set_private_brand` and `check_private_brand`. On Baseline JIT, we are using `JITPravateBrandAccessGenerator` to support IC for both operands. On `DFGByteCodeParser` we are trying to inline brand access whenever possible, and fallbacking to `SetPrivateBrand` and `CheckPrivateBrand` otherwise. Those nodes are not being optimized at their full potential, but the code generated by them is also relying on `JITPrivateBrandAccessGenerator` to have IC support for both DFG and FTL. During DFG parsing, we try to reduce those access to `CheckIsConstant` and `CheckStructure` (with `PutStructure` for `set_private_brand` cases) based on available profiled data. This is meant to make brand checks almost free on DFG/FTL tiers when we have a single evaluation of a class, since the `CheckIsConstant` can be eliminated by the constant-folded scope load, and the `CheckStructure` is very likely to be redundant to any other `CheckStructure` that can be performed on receiver when we have a finite structure set. For instance, when we have a brand check on a path-of-no-return to a `GetByOffset` sequence on the same receiver, the `CheckStructure` for the brand check will enable CSE of the `CheckStructure` that would happen for that `GetByOffset`. Such design is possible because brand checks supports polymorphic access very similr to what we have for `GetByOffset` sequences. * CMakeLists.txt: * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * builtins/BuiltinExecutables.cpp: (JSC::BuiltinExecutables::createDefaultConstructor): (JSC::BuiltinExecutables::createExecutable): * builtins/BuiltinExecutables.h: We are adding a new parameter `PrivateBrandRequirement` to propagate when a default constructor needs to emit code to setup private brand on instances. * builtins/BuiltinNames.h: Adding `@privateBrand` that we use to store private brand on class's scope. * bytecode/AccessCase.cpp: (JSC::AccessCase::createCheckPrivateBrand): (JSC::AccessCase::createSetPrivateBrand): (JSC::AccessCase::requiresIdentifierNameMatch const): (JSC::AccessCase::requiresInt32PropertyCheck const): (JSC::AccessCase::needsScratchFPR const): (JSC::AccessCase::forEachDependentCell const): (JSC::AccessCase::doesCalls const): (JSC::AccessCase::canReplace const): (JSC::AccessCase::dump const): (JSC::AccessCase::generateWithGuard): (JSC::AccessCase::generateImpl): * bytecode/AccessCase.h: (JSC::AccessCase::structure const): (JSC::AccessCase::newStructure const): * bytecode/BytecodeList.rb: * bytecode/BytecodeUseDef.cpp: (JSC::computeUsesForBytecodeIndexImpl): (JSC::computeDefsForBytecodeIndexImpl): * bytecode/CheckPrivateBrandStatus.cpp: Added. (JSC::CheckPrivateBrandStatus::appendVariant): (JSC::CheckPrivateBrandStatus::computeForBaseline): (JSC::CheckPrivateBrandStatus::CheckPrivateBrandStatus): (JSC::CheckPrivateBrandStatus::computeForStubInfoWithoutExitSiteFeedback): (JSC::CheckPrivateBrandStatus::computeFor): (JSC::CheckPrivateBrandStatus::slowVersion const): (JSC::CheckPrivateBrandStatus::merge): (JSC::CheckPrivateBrandStatus::filter): (JSC::CheckPrivateBrandStatus::singleIdentifier const): (JSC::CheckPrivateBrandStatus::visitAggregate): (JSC::CheckPrivateBrandStatus::markIfCheap): (JSC::CheckPrivateBrandStatus::finalize): (JSC::CheckPrivateBrandStatus::dump const): * bytecode/CheckPrivateBrandStatus.h: Added. * bytecode/CheckPrivateBrandVariant.cpp: Added. (JSC::CheckPrivateBrandVariant::CheckPrivateBrandVariant): (JSC::CheckPrivateBrandVariant::~CheckPrivateBrandVariant): (JSC::CheckPrivateBrandVariant::attemptToMerge): (JSC::CheckPrivateBrandVariant::markIfCheap): (JSC::CheckPrivateBrandVariant::finalize): (JSC::CheckPrivateBrandVariant::visitAggregate): (JSC::CheckPrivateBrandVariant::dump const): (JSC::CheckPrivateBrandVariant::dumpInContext const): * bytecode/CheckPrivateBrandVariant.h: Added. (JSC::CheckPrivateBrandVariant::structureSet const): (JSC::CheckPrivateBrandVariant::structureSet): (JSC::CheckPrivateBrandVariant::identifier const): (JSC::CheckPrivateBrandVariant::overlaps): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::finalizeLLIntInlineCaches): * bytecode/ExecutableInfo.h: (JSC::ExecutableInfo::ExecutableInfo): (JSC::ExecutableInfo::privateBrandRequirement const): * bytecode/PolymorphicAccess.cpp: (JSC::PolymorphicAccess::regenerate): (WTF::printInternal): * bytecode/RecordedStatuses.cpp: (JSC::RecordedStatuses::operator=): (JSC::RecordedStatuses::addCheckPrivateBrandStatus): (JSC::RecordedStatuses::addSetPrivateBrandStatus): (JSC::RecordedStatuses::visitAggregate): (JSC::RecordedStatuses::markIfCheap): * bytecode/RecordedStatuses.h: (JSC::RecordedStatuses::forEachVector): * bytecode/SetPrivateBrandStatus.cpp: Added. (JSC::SetPrivateBrandStatus::appendVariant): (JSC::SetPrivateBrandStatus::computeForBaseline): (JSC::SetPrivateBrandStatus::SetPrivateBrandStatus): (JSC::SetPrivateBrandStatus::computeForStubInfoWithoutExitSiteFeedback): (JSC::SetPrivateBrandStatus::computeFor): (JSC::SetPrivateBrandStatus::slowVersion const): (JSC::SetPrivateBrandStatus::merge): (JSC::SetPrivateBrandStatus::filter): (JSC::SetPrivateBrandStatus::singleIdentifier const): (JSC::SetPrivateBrandStatus::visitAggregate): (JSC::SetPrivateBrandStatus::markIfCheap): (JSC::SetPrivateBrandStatus::finalize): (JSC::SetPrivateBrandStatus::dump const): * bytecode/SetPrivateBrandStatus.h: Added. * bytecode/SetPrivateBrandVariant.cpp: Added. (JSC::SetPrivateBrandVariant::SetPrivateBrandVariant): (JSC::SetPrivateBrandVariant::~SetPrivateBrandVariant): (JSC::SetPrivateBrandVariant::attemptToMerge): (JSC::SetPrivateBrandVariant::markIfCheap): (JSC::SetPrivateBrandVariant::finalize): (JSC::SetPrivateBrandVariant::visitAggregate): (JSC::SetPrivateBrandVariant::dump const): (JSC::SetPrivateBrandVariant::dumpInContext const): * bytecode/SetPrivateBrandVariant.h: Added. (JSC::SetPrivateBrandVariant::oldStructure const): (JSC::SetPrivateBrandVariant::newStructure const): (JSC::SetPrivateBrandVariant::identifier const): (JSC::SetPrivateBrandVariant::overlaps): * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::reset): * bytecode/StructureStubInfo.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::privateBrandRequirement const): * bytecode/UnlinkedCodeBlockGenerator.h: (JSC::UnlinkedCodeBlockGenerator::privateBrandRequirement const): * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::generateUnlinkedFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): * bytecode/UnlinkedFunctionExecutable.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): We changed BytecodeGenerator for FunctionNode and EvalNode to propagate parentScope PrivateNameEnvironment. These environments stores private name entries that are visible into the scope of the function/eval. This is required to identify the kind of access a private name is referring to, since it can be a private field or a private method. (JSC::BytecodeGenerator::instantiateLexicalVariables): (JSC::BytecodeGenerator::emitGetPrivateName): (JSC::BytecodeGenerator::emitCreatePrivateBrand): The process to create a private brand is as follows: 1. Create a PrivateSymbol using `@createPrivateSymbol`. 2. Store this symbol into a given scope (i.e class lexical scope) on `@privateBrand` variable. (JSC::BytecodeGenerator::emitInstallPrivateBrand): (JSC::BytecodeGenerator::emitGetPrivateBrand): We added `m_privateNamesStack` to BytecodeGenerator to represent the scope chain of available private names while generating bytecode. (JSC::BytecodeGenerator::emitCheckPrivateBrand): (JSC::BytecodeGenerator::isPrivateMethod): (JSC::BytecodeGenerator::pushPrivateAccessNames): (JSC::BytecodeGenerator::popPrivateAccessNames): (JSC::BytecodeGenerator::getAvailablePrivateAccessNames): (JSC::BytecodeGenerator::emitNewDefaultConstructor): (JSC::BytecodeGenerator::emitNewClassFieldInitializerFunction): (JSC::BytecodeGenerator::emitDirectGetByVal): Deleted. * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::privateBrandRequirement const): (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::makeFunction): This change is required to properly propagate PrivateBrandRequirement to arrow functions that can potentially call `super()`. * bytecompiler/NodesCodegen.cpp: (JSC::PropertyListNode::emitDeclarePrivateFieldNames): (JSC::PropertyListNode::emitBytecode): (JSC::PropertyListNode::emitPutConstantProperty): (JSC::BaseDotNode::emitGetPropertyValue): Adding support to properly access private method. Since we store private methods on class lexical scope, we need a different set of instructions to access a private method. (JSC::BaseDotNode::emitPutProperty): In the case of we trying to write in a private method, we need to throw a TypeError according to specification (https://tc39.es/proposal-private-methods/#sec-privatefieldset). (JSC::FunctionCallValueNode::emitBytecode): (JSC::PostfixNode::emitDot): (JSC::PrefixNode::emitDot): (JSC::ClassExprNode::emitBytecode): * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::evaluateWithScopeExtension): * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): (JSC::DFG::AbstractInterpreter<AbstractStateType>::filterICStatus): * dfg/DFGArgumentsEliminationPhase.cpp: * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::parseBlock): * dfg/DFGCapabilities.cpp: (JSC::DFG::capabilityLevel): * dfg/DFGClobberize.h: (JSC::DFG::clobberize): * dfg/DFGClobbersExitState.cpp: (JSC::DFG::clobbersExitState): * dfg/DFGDoesGC.cpp: (JSC::DFG::doesGC): * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode): * dfg/DFGGraph.h: * dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::link): * dfg/DFGJITCompiler.h: (JSC::DFG::JITCompiler::addPrivateBrandAccess): * dfg/DFGMayExit.cpp: * dfg/DFGNode.h: (JSC::DFG::Node::hasCheckPrivateBrandStatus): (JSC::DFG::Node::checkPrivateBrandStatus): (JSC::DFG::Node::hasSetPrivateBrandStatus): (JSC::DFG::Node::setPrivateBrandStatus): * dfg/DFGNodeType.h: * dfg/DFGObjectAllocationSinkingPhase.cpp: * dfg/DFGPredictionPropagationPhase.cpp: * dfg/DFGSafeToExecute.h: (JSC::DFG::safeToExecute): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileCheckPrivateBrand): (JSC::DFG::SpeculativeJIT::compileSetPrivateBrand): * dfg/DFGSpeculativeJIT.h: * dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGStoreBarrierInsertionPhase.cpp: * dfg/DFGVarargsForwardingPhase.cpp: * ftl/FTLCapabilities.cpp: (JSC::FTL::canCompile): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileNode): (JSC::FTL::DFG::LowerDFGToB3::compilePrivateBrandAccess): (JSC::FTL::DFG::LowerDFGToB3::compileCheckPrivateBrand): (JSC::FTL::DFG::LowerDFGToB3::compileSetPrivateBrand): * interpreter/Interpreter.cpp: (JSC::eval): * jit/JIT.cpp: (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::link): * jit/JIT.h: * jit/JITInlineCacheGenerator.cpp: (JSC::JITPrivateBrandAccessGenerator::JITPrivateBrandAccessGenerator): (JSC::JITPrivateBrandAccessGenerator::generateFastPath): (JSC::JITPrivateBrandAccessGenerator::finalize): * jit/JITInlineCacheGenerator.h: (JSC::JITPrivateBrandAccessGenerator::JITPrivateBrandAccessGenerator): (JSC::JITPrivateBrandAccessGenerator::slowPathJump const): * jit/JITOperations.cpp: (JSC::JSC_DEFINE_JIT_OPERATION): (JSC::getPrivateName): * jit/JITOperations.h: * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_set_private_brand): (JSC::JIT::emitSlow_op_set_private_brand): (JSC::JIT::emit_op_check_private_brand): (JSC::JIT::emitSlow_op_check_private_brand): * jit/JITPropertyAccess32_64.cpp: (JSC::JIT::emit_op_set_private_brand): (JSC::JIT::emitSlow_op_set_private_brand): (JSC::JIT::emit_op_check_private_brand): (JSC::JIT::emitSlow_op_check_private_brand): * jit/Repatch.cpp: (JSC::tryCacheCheckPrivateBrand): (JSC::repatchCheckPrivateBrand): (JSC::tryCacheSetPrivateBrand): (JSC::repatchSetPrivateBrand): (JSC::resetCheckPrivateBrand): (JSC::resetSetPrivateBrand): * jit/Repatch.h: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::LLINT_SLOW_PATH_DECL): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * parser/Nodes.cpp: (JSC::FunctionMetadataNode::FunctionMetadataNode): * parser/Nodes.h: (JSC::BaseDotNode::isPrivateMember const): (JSC::BaseDotNode::isPrivateField const): Deleted. * parser/Parser.cpp: (JSC::Parser<LexerType>::parseClass): (JSC::Parser<LexerType>::parseMemberExpression): * parser/Parser.h: (JSC::Scope::declarePrivateMethod): (JSC::Scope::declarePrivateField): (JSC::Parser<LexerType>::parse): (JSC::parse): (JSC::Scope::declarePrivateName): Deleted. * parser/ParserModes.h: * parser/SyntaxChecker.h: (JSC::SyntaxChecker::createDotAccess): * parser/VariableEnvironment.cpp: (JSC::VariableEnvironment::declarePrivateMethod): * parser/VariableEnvironment.h: (JSC::VariableEnvironmentEntry::isPrivateField const): (JSC::VariableEnvironmentEntry::isPrivateMethod const): (JSC::VariableEnvironmentEntry::setIsPrivateField): (JSC::VariableEnvironmentEntry::setIsPrivateMethod): (JSC::PrivateNameEntry::isMethod const): (JSC::PrivateNameEntry::isPrivateMethodOrAcessor const): (JSC::VariableEnvironment::addPrivateName): (JSC::VariableEnvironment::declarePrivateField): (JSC::VariableEnvironment::declarePrivateMethod): (JSC::VariableEnvironment::privateNameEnvironment const): (JSC::VariableEnvironment::hasPrivateMethodOrAccessor const): (JSC::VariableEnvironment::addPrivateNamesFrom): (JSC::VariableEnvironmentEntry::isPrivateName const): Deleted. (JSC::VariableEnvironmentEntry::setIsPrivateName): Deleted. (JSC::VariableEnvironment::declarePrivateName): Deleted. * runtime/CachedTypes.cpp: (JSC::CachedCodeBlockRareData::encode): (JSC::CachedCodeBlockRareData::decode const): (JSC::CachedFunctionExecutableRareData::encode): (JSC::CachedFunctionExecutableRareData::decode const): (JSC::CachedFunctionExecutable::privateBrandRequirement const): (JSC::CachedCodeBlock::derivedContextType const): (JSC::CachedFunctionExecutable::encode): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): (JSC::CachedCodeBlock::needsClassFieldInitializer const): Deleted. * runtime/CodeCache.cpp: (JSC::generateUnlinkedCodeBlockImpl): (JSC::generateUnlinkedCodeBlock): (JSC::generateUnlinkedCodeBlockForDirectEval): (JSC::CodeCache::getUnlinkedGlobalFunctionExecutable): * runtime/CodeCache.h: * runtime/DirectEvalExecutable.cpp: (JSC::DirectEvalExecutable::create): (JSC::DirectEvalExecutable::DirectEvalExecutable): * runtime/DirectEvalExecutable.h: * runtime/EvalExecutable.cpp: (JSC::EvalExecutable::EvalExecutable): * runtime/EvalExecutable.h: (JSC::EvalExecutable::executableInfo const): (JSC::EvalExecutable::privateBrandRequirement const): * runtime/ExceptionHelpers.cpp: (JSC::createInvalidPrivateNameError): * runtime/IndirectEvalExecutable.cpp: (JSC::IndirectEvalExecutable::IndirectEvalExecutable): * runtime/JSObject.h: * runtime/JSObjectInlines.h: (JSC::JSObject::checkPrivateBrand): (JSC::JSObject::setPrivateBrand): * runtime/JSScope.cpp: (JSC::JSScope::collectClosureVariablesUnderTDZ): * runtime/JSScope.h: * runtime/ModuleProgramExecutable.h: * runtime/Options.cpp: (JSC::Options::recomputeDependentOptions): * runtime/OptionsList.h: * runtime/ProgramExecutable.h: * runtime/Structure.cpp: (JSC::Structure::materializePropertyTable): (JSC::BrandedStructure::BrandedStructure): (JSC::BrandedStructure::create): (JSC::BrandedStructure::checkBrand): (JSC::Structure::setBrandTransitionFromExistingStructureImpl): (JSC::Structure::setBrandTransitionFromExistingStructureConcurrently): (JSC::Structure::setBrandTransition): * runtime/Structure.h: (JSC::Structure::finishCreation): * runtime/StructureInlines.h: (JSC::Structure::create): (JSC::Structure::forEachPropertyConcurrently): * runtime/StructureTransitionTable.h: * runtime/SymbolTable.cpp: (JSC::SymbolTable::cloneScopePart): * runtime/SymbolTable.h: * runtime/VM.cpp: (JSC::VM::VM): * runtime/VM.h: Canonical link: https://commits.webkit.org/233852@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@272580 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-02-09 16:30:24 +00:00
if (info.privateBrandRequirement() == PrivateBrandRequirement::Needed) {
Stop using holdLock() in JSC as it is not compatible with Clang thread safety analysis https://bugs.webkit.org/show_bug.cgi?id=226116 Reviewed by Mark Lam. Stop using holdLock() in JSC as it is not compatible with Clang thread safety analysis (WTF::CheckedLock). Use the Locker constructor instead. I'll eventually get rid of the holdLock() definition once I have managed to get rid of all its usages. * API/JSVirtualMachine.mm: (+[JSVMWrapperCache addWrapper:forJSContextGroupRef:]): (+[JSVMWrapperCache wrapperForJSContextGroupRef:]): (-[JSVirtualMachine addExternalRememberedObject:]): (-[JSVirtualMachine addManagedReference:withOwner:]): (-[JSVirtualMachine removeManagedReference:withOwner:]): (scanExternalObjectGraph): (scanExternalRememberedSet): * API/glib/JSCVirtualMachine.cpp: (addWrapper): (removeWrapper): * API/tests/ExecutionTimeLimitTest.cpp: (testExecutionTimeLimit): * assembler/PerfLog.cpp: (JSC::PerfLog::PerfLog): (JSC::PerfLog::log): * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::visitAggregateImpl): (JSC::StructureStubInfo::visitWeakReferences): * bytecode/StructureStubInfo.h: (JSC::StructureStubInfo::considerCaching): (JSC::StructureStubInfo::clearBufferedStructures): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildrenImpl): * bytecode/UnlinkedCodeBlockGenerator.cpp: (JSC::UnlinkedCodeBlockGenerator::finalize): * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): * heap/BlockDirectory.cpp: (JSC::BlockDirectory::~BlockDirectory): (JSC::BlockDirectory::removeBlock): (JSC::BlockDirectory::stopAllocatingForGood): (JSC::BlockDirectory::parallelNotEmptyBlockSource): * heap/CodeBlockSet.cpp: (JSC::CodeBlockSet::add): (JSC::CodeBlockSet::remove): * heap/CodeBlockSetInlines.h: (JSC::CodeBlockSet::iterate): * heap/CompleteSubspace.cpp: (JSC::CompleteSubspace::allocatorForSlow): * heap/Heap.cpp: (JSC::Heap::lastChanceToFinalize): (JSC::Heap::runNotRunningPhase): (JSC::Heap::runEndPhase): (JSC::Heap::finishRelinquishingConn): (JSC::visitSamplingProfiler): (JSC::Heap::setBonusVisitorTask): (JSC::Heap::runTaskInParallel): * heap/HeapSnapshotBuilder.cpp: (JSC::HeapSnapshotBuilder::buildSnapshot): (JSC::HeapSnapshotBuilder::analyzeNode): (JSC::HeapSnapshotBuilder::analyzeEdge): (JSC::HeapSnapshotBuilder::analyzePropertyNameEdge): (JSC::HeapSnapshotBuilder::analyzeVariableNameEdge): (JSC::HeapSnapshotBuilder::analyzeIndexEdge): (JSC::HeapSnapshotBuilder::setOpaqueRootReachabilityReasonForCell): * heap/IsoAlignedMemoryAllocator.cpp: (JSC::IsoAlignedMemoryAllocator::tryAllocateAlignedMemory): (JSC::IsoAlignedMemoryAllocator::freeAlignedMemory): * heap/IsoCellSet.cpp: (JSC::IsoCellSet::parallelNotEmptyMarkedBlockSource): (JSC::IsoCellSet::addSlow): (JSC::IsoCellSet::didRemoveBlock): (JSC::IsoCellSet::sweepToFreeList): * heap/IsoCellSetInlines.h: (JSC::IsoCellSet::forEachMarkedCellInParallel): * heap/IsoSubspace.cpp: (JSC::IsoSubspace::IsoSubspace): * heap/IsoSubspacePerVM.cpp: (JSC::IsoSubspacePerVM::forVM): * heap/LocalAllocator.cpp: (JSC::LocalAllocator::LocalAllocator): (JSC::LocalAllocator::~LocalAllocator): * heap/MachineStackMarker.cpp: (JSC::MachineThreads::tryCopyOtherThreadStacks): (JSC::MachineThreads::gatherConservativeRoots): * heap/MarkedBlock.cpp: (JSC::MarkedBlock::Handle::stopAllocating): (JSC::MarkedBlock::Handle::resumeAllocating): (JSC::MarkedBlock::aboutToMarkSlow): (JSC::MarkedBlock::Handle::didConsumeFreeList): (JSC::MarkedBlock::noteMarkedSlow): (JSC::MarkedBlock::Handle::dumpState): * heap/MarkedBlockInlines.h: (JSC::MarkedBlock::Handle::isLive): * heap/MarkingConstraint.cpp: (JSC::MarkingConstraint::doParallelWork): * heap/MarkingConstraintSolver.cpp: (JSC::MarkingConstraintSolver::addParallelTask): (JSC::MarkingConstraintSolver::runExecutionThread): * heap/ParallelSourceAdapter.h: * heap/SlotVisitor.cpp: (JSC::SlotVisitor::updateMutatorIsStopped): (JSC::SlotVisitor::drain): (JSC::SlotVisitor::performIncrementOfDraining): (JSC::SlotVisitor::drainFromShared): (JSC::SlotVisitor::drainInParallelPassively): (JSC::SlotVisitor::waitForTermination): (JSC::SlotVisitor::donateAll): (JSC::SlotVisitor::didRace): * heap/Subspace.cpp: (JSC::Subspace::parallelDirectorySource): * heap/SubspaceInlines.h: (JSC::Subspace::forEachMarkedCellInParallel): * inspector/JSInjectedScriptHost.cpp: * jit/ExecutableAllocator.cpp: * jsc.cpp: (Worker::Worker): (Worker::~Worker): (Worker::dequeue): (Workers::broadcast): (Workers::report): (Workers::tryGetReport): (Workers::getReport): (JSC_DEFINE_HOST_FUNCTION): * runtime/DeferredWorkTimer.cpp: (JSC::DeferredWorkTimer::doWork): * runtime/ErrorInstance.cpp: (JSC::ErrorInstance::finishCreation): * runtime/EvalExecutable.cpp: (JSC::EvalExecutable::visitChildrenImpl): * runtime/FileBasedFuzzerAgentBase.cpp: (JSC::FileBasedFuzzerAgentBase::getPrediction): * runtime/FunctionExecutable.cpp: (JSC::FunctionExecutable::visitChildrenImpl): * runtime/JSArray.cpp: (JSC::JSArray::shiftCountWithArrayStorage): (JSC::JSArray::unshiftCountWithArrayStorage): * runtime/JSArrayBufferView.cpp: (JSC::JSArrayBufferView::detach): (JSC::JSArrayBufferView::slowDownAndWasteMemory): * runtime/JSCell.h: * runtime/JSFinalizationRegistry.cpp: (JSC::JSFinalizationRegistry::visitChildrenImpl): (JSC::JSFinalizationRegistry::finalizeUnconditionally): (JSC::JSFinalizationRegistry::takeDeadHoldingsValue): (JSC::JSFinalizationRegistry::registerTarget): (JSC::JSFinalizationRegistry::unregister): * runtime/JSGenericTypedArrayViewInlines.h: (JSC::JSGenericTypedArrayView<Adaptor>::visitChildrenImpl): * runtime/JSGlobalObject.cpp: (JSC::JSC_DEFINE_HOST_FUNCTION): * runtime/JSModuleNamespaceObject.cpp: (JSC::JSModuleNamespaceObject::finishCreation): (JSC::JSModuleNamespaceObject::visitChildrenImpl): * runtime/JSObject.cpp: (JSC::JSObject::visitButterflyImpl): * runtime/JSRunLoopTimer.cpp: (JSC::JSRunLoopTimer::Manager::timerDidFire): (JSC::JSRunLoopTimer::Manager::registerVM): (JSC::JSRunLoopTimer::Manager::unregisterVM): (JSC::JSRunLoopTimer::Manager::scheduleTimer): (JSC::JSRunLoopTimer::Manager::cancelTimer): (JSC::JSRunLoopTimer::Manager::timeUntilFire): (JSC::JSRunLoopTimer::timerDidFire): (JSC::JSRunLoopTimer::setTimeUntilFire): (JSC::JSRunLoopTimer::cancelTimer): (JSC::JSRunLoopTimer::addTimerSetNotification): (JSC::JSRunLoopTimer::removeTimerSetNotification): * runtime/JSSegmentedVariableObject.cpp: (JSC::JSSegmentedVariableObject::findVariableIndex): (JSC::JSSegmentedVariableObject::addVariables): (JSC::JSSegmentedVariableObject::visitChildrenImpl): * runtime/ModuleProgramExecutable.cpp: (JSC::ModuleProgramExecutable::visitChildrenImpl): * runtime/NarrowingNumberPredictionFuzzerAgent.cpp: (JSC::NarrowingNumberPredictionFuzzerAgent::getPrediction): * runtime/ProgramExecutable.cpp: (JSC::ProgramExecutable::visitChildrenImpl): * runtime/RandomizingFuzzerAgent.cpp: (JSC::RandomizingFuzzerAgent::getPrediction): * runtime/RegExp.cpp: (JSC::RegExp::compile): (JSC::RegExp::matchConcurrently): (JSC::RegExp::compileMatchOnly): (JSC::RegExp::deleteCode): * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::takeSample): (JSC::SamplingProfiler::stackTracesAsJSON): (JSC::SamplingProfiler::reportTopFunctions): (JSC::SamplingProfiler::reportTopBytecodes): * runtime/ScriptExecutable.cpp: (JSC::ScriptExecutable::createTemplateObject): * runtime/SparseArrayValueMap.cpp: (JSC::SparseArrayValueMap::add): (JSC::SparseArrayValueMap::remove): (JSC::SparseArrayValueMap::getConcurrently): (JSC::SparseArrayValueMap::visitChildrenImpl): * runtime/Structure.cpp: (JSC::Structure::changePrototypeTransition): (JSC::Structure::toDictionaryTransition): (JSC::Structure::nonPropertyTransitionSlow): (JSC::Structure::setBrandTransition): * runtime/StructureCache.cpp: (JSC::StructureCache::createEmptyStructure): (JSC::StructureCache::emptyObjectStructureConcurrently): * runtime/VM.cpp: (JSC::waitForVMDestruction): (JSC::VM::~VM): (JSC::VM::gatherScratchBufferRoots): (JSC::VM::scratchBufferForSize): (JSC::VM::clearScratchBuffers): (JSC::VM::addLoopHintExecutionCounter): (JSC::VM::getLoopHintExecutionCounter): (JSC::VM::removeLoopHintExecutionCounter): * runtime/VMTraps.cpp: (JSC::VMTraps::tryInstallTrapBreakpoints): (JSC::VMTraps::invalidateCodeBlocksOnStack): (JSC::VMTraps::willDestroyVM): (JSC::VMTraps::fireTrap): (JSC::VMTraps::handleTraps): (JSC::VMTraps::takeTopPriorityTrap): * runtime/WeakMapImpl.cpp: (JSC::WeakMapImpl<BucketType>::visitOutputConstraints): * runtime/WeakMapImpl.h: (JSC::WeakMapImpl::finishCreation): * runtime/WeakMapImplInlines.h: (JSC::WeakMapImpl<WeakMapBucket>::rehash): * runtime/WideningNumberPredictionFuzzerAgent.cpp: (JSC::WideningNumberPredictionFuzzerAgent::getPrediction): * tools/CompilerTimingScope.cpp: * tools/FunctionOverrides.cpp: (JSC::FunctionOverrides::FunctionOverrides): (JSC::FunctionOverrides::reinstallOverrides): (JSC::FunctionOverrides::initializeOverrideFor): * tools/Integrity.cpp: (JSC::Integrity::Random::reloadAndCheckShouldAuditSlow): * tools/VMInspector.cpp: (JSC::VMInspector::add): (JSC::VMInspector::remove): (JSC::VMInspector::codeBlockForMachinePC): * wasm/WasmBBQPlan.cpp: (JSC::Wasm::BBQPlan::work): (JSC::Wasm::BBQPlan::compileFunction): * wasm/WasmCalleeRegistry.h: (JSC::Wasm::CalleeRegistry::registerCallee): (JSC::Wasm::CalleeRegistry::unregisterCallee): * wasm/WasmCodeBlock.cpp: (JSC::Wasm::CodeBlock::CodeBlock): (JSC::Wasm::CodeBlock::waitUntilFinished): (JSC::Wasm::CodeBlock::compileAsync): * wasm/WasmContext.cpp: (JSC::Wasm::Context::scratchBufferForSize): * wasm/WasmEntryPlan.cpp: (JSC::Wasm::EntryPlan::parseAndValidateModule): (JSC::Wasm::EntryPlan::prepare): (JSC::Wasm::EntryPlan::compileFunctions): * wasm/WasmEntryPlan.h: (JSC::Wasm::EntryPlan::tryReserveCapacity): * wasm/WasmFaultSignalHandler.cpp: (JSC::Wasm::trapHandler): * wasm/WasmInstance.cpp: (JSC::Wasm::Instance::setFunctionWrapper): * wasm/WasmLLIntPlan.cpp: (JSC::Wasm::LLIntPlan::compileFunction): (JSC::Wasm::LLIntPlan::completeInStreaming): (JSC::Wasm::LLIntPlan::didCompileFunctionInStreaming): (JSC::Wasm::LLIntPlan::didFailInStreaming): * wasm/WasmMachineThreads.cpp: (JSC::Wasm::resetInstructionCacheOnAllThreads): * wasm/WasmMemory.cpp: (JSC::Wasm::Memory::growShared): * wasm/WasmModule.cpp: (JSC::Wasm::Module::getOrCreateCodeBlock): * wasm/WasmOMGForOSREntryPlan.cpp: (JSC::Wasm::OMGForOSREntryPlan::work): * wasm/WasmOMGPlan.cpp: (JSC::Wasm::OMGPlan::work): * wasm/WasmOperations.cpp: (JSC::Wasm::triggerOMGReplacementCompile): (JSC::Wasm::JSC_DEFINE_JIT_OPERATION): * wasm/WasmSignatureInlines.h: (JSC::Wasm::SignatureInformation::get): * wasm/WasmSlowPaths.cpp: (JSC::LLInt::jitCompileAndSetHeuristics): (JSC::LLInt::WASM_SLOW_PATH_DECL): * wasm/WasmStreamingCompiler.cpp: (JSC::Wasm::StreamingCompiler::didCompileFunction): (JSC::Wasm::StreamingCompiler::finalize): (JSC::Wasm::StreamingCompiler::fail): (JSC::Wasm::StreamingCompiler::cancel): * wasm/WasmStreamingPlan.cpp: (JSC::Wasm::StreamingPlan::work): * wasm/WasmTable.cpp: (JSC::Wasm::Table::grow): (JSC::Wasm::Table::visitAggregateImpl): * wasm/WasmThunks.cpp: (JSC::Wasm::Thunks::stub): (JSC::Wasm::Thunks::existingStub): * wasm/WasmWorklist.cpp: * wasm/js/JSWebAssemblyInstance.cpp: (JSC::JSWebAssemblyInstance::visitChildrenImpl): Canonical link: https://commits.webkit.org/238042@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@277909 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-05-22 03:13:17 +00:00
Locker locker { cellLock() };
UnlinkedCodeBlock should have better accounting for extra memory https://bugs.webkit.org/show_bug.cgi?id=225080 Reviewed by Mark Lam. Right now we aren't telling the JS GC about the extra memory attached to UnlinkedCodeBlocks. It looks like on at least some sites this can be a fairly large percentage of the total memory retained by the JS object graph. This is very similar to the change we made for CodeBlocks in r276610. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::visitChildrenImpl): (JSC::UnlinkedCodeBlock::RareData::sizeInBytes const): * bytecode/UnlinkedCodeBlock.h: Canonical link: https://commits.webkit.org/237053@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276625 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-04-27 01:09:59 +00:00
createRareDataIfNecessary(locker);
[ESNext] Implement private methods https://bugs.webkit.org/show_bug.cgi?id=194434 Reviewed by Filip Pizlo. JSTests: * stress/private-brand-installed-after-super-call-from-arrow-function.js: Added. * stress/private-brand-installed-after-super-call-from-eval.js: Added. * stress/private-method-brand-check.js: Added. * stress/private-method-change-attribute-from-branded-structure.js: Added. * stress/private-method-change-prototype-from-branded-structure.js: Added. * stress/private-method-check-private-brand-ic.js: Added. * stress/private-method-check-structure-miss.js: Added. * stress/private-method-comparison.js: Added. * stress/private-method-delete-property-from-branded-structure.js: Added. * stress/private-method-extends-brand-check.js: Added. * stress/private-method-get-and-call.js: Added. * stress/private-method-invalid-multiple-brand-installation.js: Added. * stress/private-method-invalidate-compiled-with-constant-symbol.js: Added. * stress/private-method-nested-class.js: Added. * stress/private-method-on-sealed-objects.js: Added. * stress/private-method-on-uncacheable-dictionary.js: Added. * stress/private-method-polymorphic-with-constant-symbol.js: Added. * stress/private-method-set-brand-should-have-write-barrier.js: Added. * stress/private-method-untyped-use.js: Added. * stress/private-method-with-uncacheable-dictionary-transition.js: Added. * stress/private-methods-inline-cache.js: Added. * stress/private-methods-megamorphic-ic.js: Added. * stress/private-methods-on-proxy.js: Added. * stress/private-methods-poly-ic-multiple-classes.js: Added. * stress/private-methods-poly-ic-single-class.js: Added. * stress/private-names-available-on-direct-eval.js: Added. * test262/config.yaml: Source/JavaScriptCore: This patch is adding support to private methods following the specification on https://tc39.es/proposal-private-methods/. This is introducing a new way to declare private methods on class syntax. Private methods are only accessible within classes they were declared, and only can be called from objects that are instance of these classes. To guarantee such rules, the proposal presents the concept of Brand Check. During class evaluation, if a private method is present, a `brand` is installed in this class. Every instance of such class then gets this brand installed during `[[Construct]]` operation. It means that an object can have multiple brands (e.g when there is also private methods declared on super class). Before accessing a private method, there is a check to validate if the target of the call has the brand of callee method. The brand check mechanism is implemented using a `@privateBrand` stored on class scope. Here is a representation of how this mechanism works: ``` class C { #m() { return 3; } method() { return this.#m(); } } let c = new C(); console.log(c.method()); // prints 3 ``` Generated bytecode for the following representation: ``` { // class lexical scope const @privateBrand = @createPrivateSymbol(); const #m = function () { return 3; } C.prototype.method = function() { @check_private_brand(this, @privateBrand); return #m.call(this); } C = function() { @set_private_brand(this, @privateBrand); } } let c = new C(); console.log(c.method()); // prints 3 ``` # Resolving correct brand to check In the case of shadowing or nested scope, we need to emit brand checks to the right private brand. See code below: ``` class C { #m() { return 3; } method() { return this.#m();} A = class { #m2() { return 3; } foo(o) { return o.#m(); } } } ``` The call of "#m" in `foo` refers to "C::#m". In such case, we need to check C's private brand, instead of A's private brand. To perform the proper check, we first resolve scope of "#m" and then check the private brand of this scope (the scope where the private method and brand are stored is the same). So the bytecode to lookup the right brand is: ``` mov loc9, arg1 resolve_scope loc10, "#m" get_from_scope loc11, loc10, "@privateBrand" check_private_brand loc9, loc11 get_from_scope loc11, loc10, "#m" // setup call frame call loc11, ... // ... ``` # Brand check mechanism We are introducing in this patch 2 new bytecodes to allow brand check of objects: `op_set_brand` and `op_check_brand`. `op_set_brand` sets a new brand in an object, so we can perform the brand check later when accessing private methods. This operations throws when trying to add the same brand twice in an Object. `op_check_brand` checks if the given object contains the brand we are looking for. It traverses the brand chain to verify if the brand is present, and throws `TypeError` otherwise. We are also introducing a subclass for Structure called BrandedStructure. It is used to store brands and to allow brand check mechanism. BrandedStructure stores a brand and a parent pointer to another BrandedStructure that allow us traverse the brand chain. With `BrandedStructure`, we can then infer that a given object has the brand we are looking for just checking its structureId. This is a very good optimization, since we can reduce most of brand checks to structure checks. We created a new kind of transition called `SetBrand` that happens when `op_set_brand` is executed. This allow us to cache such kind of trasitions on trasition table using the key `<brand->uid, 0, TransitionKind::SetBrand>`. During this transition, we take previous structure and apply one of the following rules: 1. If it's a BrandedStructure, we then set it to `m_parentBrand`, to allow proper brand chain check. 2. If it's not a BrandedStructure, we set `m_parentBrand` to `nullptr`, meaning that this is the first brand being added to the object with this structure. For now, we are using the flag `isBrandedStructure` to identify that a given Structure is a BrandedStructure. This is done to avoid changes on places where we are checking for `vm.structureStructure()`. However, if we ever need space on Structure, this flag is a good candidate to be deleted and we can move to a solution that uses `vm.brandedStructureStructure()`; # JIT Support This patch also includes initial JIT support for `set_private_brand` and `check_private_brand`. On Baseline JIT, we are using `JITPravateBrandAccessGenerator` to support IC for both operands. On `DFGByteCodeParser` we are trying to inline brand access whenever possible, and fallbacking to `SetPrivateBrand` and `CheckPrivateBrand` otherwise. Those nodes are not being optimized at their full potential, but the code generated by them is also relying on `JITPrivateBrandAccessGenerator` to have IC support for both DFG and FTL. During DFG parsing, we try to reduce those access to `CheckIsConstant` and `CheckStructure` (with `PutStructure` for `set_private_brand` cases) based on available profiled data. This is meant to make brand checks almost free on DFG/FTL tiers when we have a single evaluation of a class, since the `CheckIsConstant` can be eliminated by the constant-folded scope load, and the `CheckStructure` is very likely to be redundant to any other `CheckStructure` that can be performed on receiver when we have a finite structure set. For instance, when we have a brand check on a path-of-no-return to a `GetByOffset` sequence on the same receiver, the `CheckStructure` for the brand check will enable CSE of the `CheckStructure` that would happen for that `GetByOffset`. Such design is possible because brand checks supports polymorphic access very similr to what we have for `GetByOffset` sequences. * CMakeLists.txt: * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * builtins/BuiltinExecutables.cpp: (JSC::BuiltinExecutables::createDefaultConstructor): (JSC::BuiltinExecutables::createExecutable): * builtins/BuiltinExecutables.h: We are adding a new parameter `PrivateBrandRequirement` to propagate when a default constructor needs to emit code to setup private brand on instances. * builtins/BuiltinNames.h: Adding `@privateBrand` that we use to store private brand on class's scope. * bytecode/AccessCase.cpp: (JSC::AccessCase::createCheckPrivateBrand): (JSC::AccessCase::createSetPrivateBrand): (JSC::AccessCase::requiresIdentifierNameMatch const): (JSC::AccessCase::requiresInt32PropertyCheck const): (JSC::AccessCase::needsScratchFPR const): (JSC::AccessCase::forEachDependentCell const): (JSC::AccessCase::doesCalls const): (JSC::AccessCase::canReplace const): (JSC::AccessCase::dump const): (JSC::AccessCase::generateWithGuard): (JSC::AccessCase::generateImpl): * bytecode/AccessCase.h: (JSC::AccessCase::structure const): (JSC::AccessCase::newStructure const): * bytecode/BytecodeList.rb: * bytecode/BytecodeUseDef.cpp: (JSC::computeUsesForBytecodeIndexImpl): (JSC::computeDefsForBytecodeIndexImpl): * bytecode/CheckPrivateBrandStatus.cpp: Added. (JSC::CheckPrivateBrandStatus::appendVariant): (JSC::CheckPrivateBrandStatus::computeForBaseline): (JSC::CheckPrivateBrandStatus::CheckPrivateBrandStatus): (JSC::CheckPrivateBrandStatus::computeForStubInfoWithoutExitSiteFeedback): (JSC::CheckPrivateBrandStatus::computeFor): (JSC::CheckPrivateBrandStatus::slowVersion const): (JSC::CheckPrivateBrandStatus::merge): (JSC::CheckPrivateBrandStatus::filter): (JSC::CheckPrivateBrandStatus::singleIdentifier const): (JSC::CheckPrivateBrandStatus::visitAggregate): (JSC::CheckPrivateBrandStatus::markIfCheap): (JSC::CheckPrivateBrandStatus::finalize): (JSC::CheckPrivateBrandStatus::dump const): * bytecode/CheckPrivateBrandStatus.h: Added. * bytecode/CheckPrivateBrandVariant.cpp: Added. (JSC::CheckPrivateBrandVariant::CheckPrivateBrandVariant): (JSC::CheckPrivateBrandVariant::~CheckPrivateBrandVariant): (JSC::CheckPrivateBrandVariant::attemptToMerge): (JSC::CheckPrivateBrandVariant::markIfCheap): (JSC::CheckPrivateBrandVariant::finalize): (JSC::CheckPrivateBrandVariant::visitAggregate): (JSC::CheckPrivateBrandVariant::dump const): (JSC::CheckPrivateBrandVariant::dumpInContext const): * bytecode/CheckPrivateBrandVariant.h: Added. (JSC::CheckPrivateBrandVariant::structureSet const): (JSC::CheckPrivateBrandVariant::structureSet): (JSC::CheckPrivateBrandVariant::identifier const): (JSC::CheckPrivateBrandVariant::overlaps): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::finalizeLLIntInlineCaches): * bytecode/ExecutableInfo.h: (JSC::ExecutableInfo::ExecutableInfo): (JSC::ExecutableInfo::privateBrandRequirement const): * bytecode/PolymorphicAccess.cpp: (JSC::PolymorphicAccess::regenerate): (WTF::printInternal): * bytecode/RecordedStatuses.cpp: (JSC::RecordedStatuses::operator=): (JSC::RecordedStatuses::addCheckPrivateBrandStatus): (JSC::RecordedStatuses::addSetPrivateBrandStatus): (JSC::RecordedStatuses::visitAggregate): (JSC::RecordedStatuses::markIfCheap): * bytecode/RecordedStatuses.h: (JSC::RecordedStatuses::forEachVector): * bytecode/SetPrivateBrandStatus.cpp: Added. (JSC::SetPrivateBrandStatus::appendVariant): (JSC::SetPrivateBrandStatus::computeForBaseline): (JSC::SetPrivateBrandStatus::SetPrivateBrandStatus): (JSC::SetPrivateBrandStatus::computeForStubInfoWithoutExitSiteFeedback): (JSC::SetPrivateBrandStatus::computeFor): (JSC::SetPrivateBrandStatus::slowVersion const): (JSC::SetPrivateBrandStatus::merge): (JSC::SetPrivateBrandStatus::filter): (JSC::SetPrivateBrandStatus::singleIdentifier const): (JSC::SetPrivateBrandStatus::visitAggregate): (JSC::SetPrivateBrandStatus::markIfCheap): (JSC::SetPrivateBrandStatus::finalize): (JSC::SetPrivateBrandStatus::dump const): * bytecode/SetPrivateBrandStatus.h: Added. * bytecode/SetPrivateBrandVariant.cpp: Added. (JSC::SetPrivateBrandVariant::SetPrivateBrandVariant): (JSC::SetPrivateBrandVariant::~SetPrivateBrandVariant): (JSC::SetPrivateBrandVariant::attemptToMerge): (JSC::SetPrivateBrandVariant::markIfCheap): (JSC::SetPrivateBrandVariant::finalize): (JSC::SetPrivateBrandVariant::visitAggregate): (JSC::SetPrivateBrandVariant::dump const): (JSC::SetPrivateBrandVariant::dumpInContext const): * bytecode/SetPrivateBrandVariant.h: Added. (JSC::SetPrivateBrandVariant::oldStructure const): (JSC::SetPrivateBrandVariant::newStructure const): (JSC::SetPrivateBrandVariant::identifier const): (JSC::SetPrivateBrandVariant::overlaps): * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::reset): * bytecode/StructureStubInfo.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::privateBrandRequirement const): * bytecode/UnlinkedCodeBlockGenerator.h: (JSC::UnlinkedCodeBlockGenerator::privateBrandRequirement const): * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::generateUnlinkedFunctionCodeBlock): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): * bytecode/UnlinkedFunctionExecutable.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::BytecodeGenerator): We changed BytecodeGenerator for FunctionNode and EvalNode to propagate parentScope PrivateNameEnvironment. These environments stores private name entries that are visible into the scope of the function/eval. This is required to identify the kind of access a private name is referring to, since it can be a private field or a private method. (JSC::BytecodeGenerator::instantiateLexicalVariables): (JSC::BytecodeGenerator::emitGetPrivateName): (JSC::BytecodeGenerator::emitCreatePrivateBrand): The process to create a private brand is as follows: 1. Create a PrivateSymbol using `@createPrivateSymbol`. 2. Store this symbol into a given scope (i.e class lexical scope) on `@privateBrand` variable. (JSC::BytecodeGenerator::emitInstallPrivateBrand): (JSC::BytecodeGenerator::emitGetPrivateBrand): We added `m_privateNamesStack` to BytecodeGenerator to represent the scope chain of available private names while generating bytecode. (JSC::BytecodeGenerator::emitCheckPrivateBrand): (JSC::BytecodeGenerator::isPrivateMethod): (JSC::BytecodeGenerator::pushPrivateAccessNames): (JSC::BytecodeGenerator::popPrivateAccessNames): (JSC::BytecodeGenerator::getAvailablePrivateAccessNames): (JSC::BytecodeGenerator::emitNewDefaultConstructor): (JSC::BytecodeGenerator::emitNewClassFieldInitializerFunction): (JSC::BytecodeGenerator::emitDirectGetByVal): Deleted. * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::privateBrandRequirement const): (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::makeFunction): This change is required to properly propagate PrivateBrandRequirement to arrow functions that can potentially call `super()`. * bytecompiler/NodesCodegen.cpp: (JSC::PropertyListNode::emitDeclarePrivateFieldNames): (JSC::PropertyListNode::emitBytecode): (JSC::PropertyListNode::emitPutConstantProperty): (JSC::BaseDotNode::emitGetPropertyValue): Adding support to properly access private method. Since we store private methods on class lexical scope, we need a different set of instructions to access a private method. (JSC::BaseDotNode::emitPutProperty): In the case of we trying to write in a private method, we need to throw a TypeError according to specification (https://tc39.es/proposal-private-methods/#sec-privatefieldset). (JSC::FunctionCallValueNode::emitBytecode): (JSC::PostfixNode::emitDot): (JSC::PrefixNode::emitDot): (JSC::ClassExprNode::emitBytecode): * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::evaluateWithScopeExtension): * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): (JSC::DFG::AbstractInterpreter<AbstractStateType>::filterICStatus): * dfg/DFGArgumentsEliminationPhase.cpp: * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::parseBlock): * dfg/DFGCapabilities.cpp: (JSC::DFG::capabilityLevel): * dfg/DFGClobberize.h: (JSC::DFG::clobberize): * dfg/DFGClobbersExitState.cpp: (JSC::DFG::clobbersExitState): * dfg/DFGDoesGC.cpp: (JSC::DFG::doesGC): * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode): * dfg/DFGGraph.h: * dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::link): * dfg/DFGJITCompiler.h: (JSC::DFG::JITCompiler::addPrivateBrandAccess): * dfg/DFGMayExit.cpp: * dfg/DFGNode.h: (JSC::DFG::Node::hasCheckPrivateBrandStatus): (JSC::DFG::Node::checkPrivateBrandStatus): (JSC::DFG::Node::hasSetPrivateBrandStatus): (JSC::DFG::Node::setPrivateBrandStatus): * dfg/DFGNodeType.h: * dfg/DFGObjectAllocationSinkingPhase.cpp: * dfg/DFGPredictionPropagationPhase.cpp: * dfg/DFGSafeToExecute.h: (JSC::DFG::safeToExecute): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileCheckPrivateBrand): (JSC::DFG::SpeculativeJIT::compileSetPrivateBrand): * dfg/DFGSpeculativeJIT.h: * dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGStoreBarrierInsertionPhase.cpp: * dfg/DFGVarargsForwardingPhase.cpp: * ftl/FTLCapabilities.cpp: (JSC::FTL::canCompile): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileNode): (JSC::FTL::DFG::LowerDFGToB3::compilePrivateBrandAccess): (JSC::FTL::DFG::LowerDFGToB3::compileCheckPrivateBrand): (JSC::FTL::DFG::LowerDFGToB3::compileSetPrivateBrand): * interpreter/Interpreter.cpp: (JSC::eval): * jit/JIT.cpp: (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::link): * jit/JIT.h: * jit/JITInlineCacheGenerator.cpp: (JSC::JITPrivateBrandAccessGenerator::JITPrivateBrandAccessGenerator): (JSC::JITPrivateBrandAccessGenerator::generateFastPath): (JSC::JITPrivateBrandAccessGenerator::finalize): * jit/JITInlineCacheGenerator.h: (JSC::JITPrivateBrandAccessGenerator::JITPrivateBrandAccessGenerator): (JSC::JITPrivateBrandAccessGenerator::slowPathJump const): * jit/JITOperations.cpp: (JSC::JSC_DEFINE_JIT_OPERATION): (JSC::getPrivateName): * jit/JITOperations.h: * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_set_private_brand): (JSC::JIT::emitSlow_op_set_private_brand): (JSC::JIT::emit_op_check_private_brand): (JSC::JIT::emitSlow_op_check_private_brand): * jit/JITPropertyAccess32_64.cpp: (JSC::JIT::emit_op_set_private_brand): (JSC::JIT::emitSlow_op_set_private_brand): (JSC::JIT::emit_op_check_private_brand): (JSC::JIT::emitSlow_op_check_private_brand): * jit/Repatch.cpp: (JSC::tryCacheCheckPrivateBrand): (JSC::repatchCheckPrivateBrand): (JSC::tryCacheSetPrivateBrand): (JSC::repatchSetPrivateBrand): (JSC::resetCheckPrivateBrand): (JSC::resetSetPrivateBrand): * jit/Repatch.h: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::LLINT_SLOW_PATH_DECL): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * parser/Nodes.cpp: (JSC::FunctionMetadataNode::FunctionMetadataNode): * parser/Nodes.h: (JSC::BaseDotNode::isPrivateMember const): (JSC::BaseDotNode::isPrivateField const): Deleted. * parser/Parser.cpp: (JSC::Parser<LexerType>::parseClass): (JSC::Parser<LexerType>::parseMemberExpression): * parser/Parser.h: (JSC::Scope::declarePrivateMethod): (JSC::Scope::declarePrivateField): (JSC::Parser<LexerType>::parse): (JSC::parse): (JSC::Scope::declarePrivateName): Deleted. * parser/ParserModes.h: * parser/SyntaxChecker.h: (JSC::SyntaxChecker::createDotAccess): * parser/VariableEnvironment.cpp: (JSC::VariableEnvironment::declarePrivateMethod): * parser/VariableEnvironment.h: (JSC::VariableEnvironmentEntry::isPrivateField const): (JSC::VariableEnvironmentEntry::isPrivateMethod const): (JSC::VariableEnvironmentEntry::setIsPrivateField): (JSC::VariableEnvironmentEntry::setIsPrivateMethod): (JSC::PrivateNameEntry::isMethod const): (JSC::PrivateNameEntry::isPrivateMethodOrAcessor const): (JSC::VariableEnvironment::addPrivateName): (JSC::VariableEnvironment::declarePrivateField): (JSC::VariableEnvironment::declarePrivateMethod): (JSC::VariableEnvironment::privateNameEnvironment const): (JSC::VariableEnvironment::hasPrivateMethodOrAccessor const): (JSC::VariableEnvironment::addPrivateNamesFrom): (JSC::VariableEnvironmentEntry::isPrivateName const): Deleted. (JSC::VariableEnvironmentEntry::setIsPrivateName): Deleted. (JSC::VariableEnvironment::declarePrivateName): Deleted. * runtime/CachedTypes.cpp: (JSC::CachedCodeBlockRareData::encode): (JSC::CachedCodeBlockRareData::decode const): (JSC::CachedFunctionExecutableRareData::encode): (JSC::CachedFunctionExecutableRareData::decode const): (JSC::CachedFunctionExecutable::privateBrandRequirement const): (JSC::CachedCodeBlock::derivedContextType const): (JSC::CachedFunctionExecutable::encode): (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): (JSC::CachedCodeBlock::needsClassFieldInitializer const): Deleted. * runtime/CodeCache.cpp: (JSC::generateUnlinkedCodeBlockImpl): (JSC::generateUnlinkedCodeBlock): (JSC::generateUnlinkedCodeBlockForDirectEval): (JSC::CodeCache::getUnlinkedGlobalFunctionExecutable): * runtime/CodeCache.h: * runtime/DirectEvalExecutable.cpp: (JSC::DirectEvalExecutable::create): (JSC::DirectEvalExecutable::DirectEvalExecutable): * runtime/DirectEvalExecutable.h: * runtime/EvalExecutable.cpp: (JSC::EvalExecutable::EvalExecutable): * runtime/EvalExecutable.h: (JSC::EvalExecutable::executableInfo const): (JSC::EvalExecutable::privateBrandRequirement const): * runtime/ExceptionHelpers.cpp: (JSC::createInvalidPrivateNameError): * runtime/IndirectEvalExecutable.cpp: (JSC::IndirectEvalExecutable::IndirectEvalExecutable): * runtime/JSObject.h: * runtime/JSObjectInlines.h: (JSC::JSObject::checkPrivateBrand): (JSC::JSObject::setPrivateBrand): * runtime/JSScope.cpp: (JSC::JSScope::collectClosureVariablesUnderTDZ): * runtime/JSScope.h: * runtime/ModuleProgramExecutable.h: * runtime/Options.cpp: (JSC::Options::recomputeDependentOptions): * runtime/OptionsList.h: * runtime/ProgramExecutable.h: * runtime/Structure.cpp: (JSC::Structure::materializePropertyTable): (JSC::BrandedStructure::BrandedStructure): (JSC::BrandedStructure::create): (JSC::BrandedStructure::checkBrand): (JSC::Structure::setBrandTransitionFromExistingStructureImpl): (JSC::Structure::setBrandTransitionFromExistingStructureConcurrently): (JSC::Structure::setBrandTransition): * runtime/Structure.h: (JSC::Structure::finishCreation): * runtime/StructureInlines.h: (JSC::Structure::create): (JSC::Structure::forEachPropertyConcurrently): * runtime/StructureTransitionTable.h: * runtime/SymbolTable.cpp: (JSC::SymbolTable::cloneScopePart): * runtime/SymbolTable.h: * runtime/VM.cpp: (JSC::VM::VM): * runtime/VM.h: Canonical link: https://commits.webkit.org/233852@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@272580 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-02-09 16:30:24 +00:00
m_rareData->m_privateBrandRequirement = static_cast<unsigned>(PrivateBrandRequirement::Needed);
}
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
}
Implement a GC verifier. https://bugs.webkit.org/show_bug.cgi?id=217274 rdar://56255683 Reviewed by Filip Pizlo and Saam Barati. Source/JavaScriptCore: The idea behind the GC verifier is that in the GC End phase before we finalize and sweep, we'll do a simple stop the world synchronous full GC with the VerifierSlotVisitor. The VerifierSlotVisitor will collect it's own information on whether a JS cell should be marked or not. After this verifier GC pass, we'll compare the mark results. If the verifier GC says a cell should be marked, then the real GC should have marked the cell. The reverse is not true: if the verifier does not mark a cell, it is still OK for the real GC to mark it. For example, in an eden GC, all old generation cells would be considered mark by the real GC though the verifier would know better if they are already dead. Implementation details: 1. SlotVisitor (only used by the real GC) now inherits from a new abstract class, AbstractSlotVisitor. VerifierSlotVisitor (only used by the verifier GC) also inherits from AbstractSlotVisitor. 2. AbstractSlotVisitor declares many virtual methods. SlotVisitor implements some of these virtual methods as inline and final. If the client is invoking one these methods and knows that it will be operating on a SlotVisitor, the method being final allows it to be inlined into the client instead of going through the virtual dispatch. For the VerifierSlotVisitor, these methods will always be invoked by virtual dispatch via the AbstractSlotVisitor abstraction. 3. Almost all methods that takes a SlotVisitor previously (with a few exceptions) will now be templatized, and specialized to either take a SlotVisitor or an AbstractSlotVisitor. The cell MethodTable will now have 2 versions of visitChildren and visitOutputConstraints: one for SlotVisitor, and one for AbstractSlotVisitor. The reason we don't wire the 2nd version to VerifierSlotVisitor (instead of AbstractSlotVisitor) is because we don't need the GC verifier to run at top speed (though we don't want it to be too slow). Also, having hooks for using an AbstractSlotVisitor gives us more utility for implementing other types of GC checkers / analyzers in the future as subclasses of AbstractSlotVisitor. 4. Some minority of methods that used to take a SlotVisitor but are not critical to performance, will now just take an AbstractSlotVisitor instead. For example, see TypeProfilerLog::visit(). 5. isReachableFromOpaqueRoots() methods will also only take an AbstractSlotVisitor. The reason this is OK is because isReachableFromOpaqueRoots() only uses the visitor's addOpaqueRoot() and containsOpaqueRoot() methods, which are implemented in the AbstractSlotVisitor itself. For SlotVisitor, the m_opaqueRoot field will reference Heap::m_opaqueRoots. For VerifierSlotVisitor, the m_opaqueRoot field will reference its own opaque roots storage. This implementation of addOpaqueRoot() is perf neutral for SlotVisitor because where it would previously invoke m_heap.m_opaqueRoots.add(), it will now invoke m_opaqueRoot.add() instead where m_opaqueRoot points to m_heap.m_opaqueRoots. Ditto for AbstractSlotVisitor::containsOpaqueRoot(). 6. When reifying a templatized visit method, we do it in 2 ways: a. Implement the template method as an ALWAYS_INLINE Impl method, and have 2 visit methods (taking a SlotVisitor and an AbstractSlotVisitor respectively) inline the Impl method. For example, see JSObject::visitChildrenImpl(). b. Just templatize the visit method, and explicitly instantiate it with a SlotVisitor and an AbstractSlotVisitor. For example, see DesiredTransition::visitChildren(). The reason we need form (a) is if: i. we need to export the visit methods. For example, see JSObject:visitChildren(). Note: A Clang engineer told me that "there's no way to export an explicit instantiation that will make it a strong symbol." This is because "C++ does not provide any standard way to guarantee that an explicit instantiation is unique, and Clang hasn't added any extension to do so." ii. the visit method is an override of a virtual method. For example, see DFG::Scannable::visitChildren() and DFG::Graph::visitChildren(). Otherwise, we'll prefer form (b) as it is natural C++. 7. Because templatizing all the visit methods requires a lot of boiler plate code, we introduce some macros in SlotVisitorMacros.h to reduce some of the boiler plate burden. We especially try to do this for methods of form (a) (see (6) above) which require more boiler plate. 8. The driver of the real GC is MarkingConstraintSet::executeConvergence() which runs with the MarkingConstraintSolver. The driver of the verifier GC is Heap::verifyGC(), which has a loop to drain marked objects and execute contraints. 9. The GC verifier is built in by default but disabled. The relevant options are: JSC_verifyGC and JSC_verboseVerifyGC. JSC_verifyGC will enable the GC verifier. If JSC_verifyGC is true and the verifier finds a cell that is erroneously not marked by the real GC, it will dump an error message and then crash with a RELEASE_ASSERT. JSC_verboseVerifyGC will enable the GC verifier along with some more heavy weight record keeping (i.e. tracking the parent / owner cell that marked a cell, and capturing the call stack when the marked cell is appended to the mark stack). If JSC_verboseVerifyGC is true and the verifier finds a cell that is erroneously not marked by the real GC, it will dump the parent cell and captured stack along with an error message before crashing. This extra information provides the starting point for debugging GC bugs found by the verifier. Enabling JSC_verboseVerifyGC will automatically enable JSC_verifyGC. 10. Non-determinism in the real GC. The GC verifier's algorithm relies on the real GC being deterministic. However, there are a few places where this is not true: a. Marking conservative roots on the mutator stacks. By the time the verifier GC runs (in the GC End phase), the mutator stacks will look completely different than what the real GC saw. To work around this, if the verifier is enabled, then every conservative root captured by the real GC will also be added to the verifier's mark stack. When running verifyGC() in the End phase, the conservative root scans will be treated as no-ops. b. CodeBlock::shouldJettisonDueToOldAge() may return a different value. This is possible because the codeBlock may be in mid compilation while the real GC is in progress. CodeBlock::shouldVisitStrongly() calls shouldJettisonDueToOldAge(), and may see an old LLInt codeBlock whose timeToLive has expired. As a result, shouldJettisonDueToOldAge() returns true and shouldVisitStrongly() will return false for the real GC, leading to it not marking the codeBlock. However, before the verifier GC gets to run, baseline compilation on the codeBlock may finish. As a baseline codeBlock now, it gets a longer time to live. As a result, when the verifier GC runs, shouldJettisonDueToOldAge() will return false, and shouldVisitStrongly() in turn returns true. This results in the verifier GC marking the codeBlock (and its children) when the real GC did not, which leads to a false error. This is not a real error because if the real GC did not mark the code block, it will simply get jettisoned, and can be reinstantiated when needed later. There's no GC bug here. However, we do need to work around this to prevent the false error for the GC verifier. The work around is to introduce a CodeBlock::m_visitChildrenSkippedDueToOldAge flag that records what the real GC decided in shouldJettisonDueToOldAge(). This allows the verifier GC to replay the same decision and get a consistent result. c. CodeBlock::propagateTransitions() will only do a best effort at visiting cells in ICs, etc. If a cell is not already strongly marked by the time CodeBlock::propagateTransitions() checks it, propagateTransitions() will not mark other cells that are reachable from it. Since the real GC does marking on concurrent threads, marking order is not deterministic. CodeBlock::propagateTransitions() may or may not see a cell as already marked by the time it runs. The verifier GC may mark some of these cells in a different order than the real GC. As a result, in the verifier GC, CodeBlock::propagateTransitions() may see a cell as marked (and therefore, visit its children) when it did not for the real GC. To work around this, we currently add a SuppressGCVerifierScope to CodeBlock::propagateTransitions() to pessimize the verifier, and assume that propagateTransitions() will mark nothing. SuppressGCVerifierScope is a blunt hammer that stops the verifier GC from analyzing all cells potentially reachable via CodeBlock::propagateTransitions(). In the future, it may be possible to refine this and track which cells were actually skipped over (like we did for shouldJettisonDueToOldAge()). However, this decision tracking needs to be done in the real GC, and can be very expensive in terms of performance. The shouldJettisonDueToOldAge() case is rare, and as such lends itself to this more fine grain tracking without hurting performance. The decisions made in CodeBlock::propagateTransitions() are not as rare, and hence, it would hurt performance if we did fine grain decision tracking there (at least or now). 11. Marking in the verifier GC. The real GC tracks cell marks using a Bitmap in the MarkedBlocks. The verifier GC keeps tracks of MarkedBlock cell marks using a Bitmap on the side, stashed away in a HashMap. To improve the verifier marking performance, we reserve a void* m_verifierMemo pointer in the MarkedBlock, which the verifier will employ to cache its MarkedBlockData for that MarkedBlock. This allows the verifier to get to its side Bitmap without having to do a HashMap look up for every cell. Size-wise, in the current 16K MarkBlocks, there is previously room for 1005.5 atoms after reserving space for the MarkedBlock::Footer. Since we can never allocate half an atom anyway, that .5 atom gives us the 8 bytes we need for the m_verifierMemo pointer, which we'll put in the MarkedBlock::Footer. With this patch, each MarkedBlock will now have exactly 1005 atoms available for allocation. I ran JetStream2 and Speedometer2 locally on a MacBookAir10,1, MacBookPro16,1, and a 12.9” 4th Gen iPad Pro. The benchmark results for these were all neutral. The design of the GC verifier is such that it incurs almost no additional runtime memory overhead if not in use. Code size does increase significantly because there are now 2 variants of most of the methods that take a SlotVisitor. When in use, the additional runtime memory is encapsulated in the VerifierSlotVisitor, which is instantiated and destructed every GC cycle. Hence, it can affect peak memory usage during GCs, but the cost is transient. It does not persist past the GC End phase. * API/JSAPIWrapperObject.h: * API/JSAPIWrapperObject.mm: (JSAPIWrapperObjectHandleOwner::isReachableFromOpaqueRoots): (JSC::JSAPIWrapperObject::visitChildrenImpl): (JSC::JSAPIWrapperObject::visitChildren): Deleted. * API/JSCallbackObject.cpp: * API/JSCallbackObject.h: (JSC::JSCallbackObjectData::visitChildren): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::visitChildren): (JSC::JSCallbackObject<Parent>::visitChildrenImpl): * API/JSManagedValue.mm: (JSManagedValueHandleOwner::isReachableFromOpaqueRoots): * API/JSMarkingConstraintPrivate.cpp: (JSC::isMarked): (JSContextGroupAddMarkingConstraint): * API/JSVirtualMachine.mm: (scanExternalObjectGraph): (scanExternalRememberedSet): * API/JSVirtualMachineInternal.h: * API/MarkedJSValueRefArray.cpp: (JSC::MarkedJSValueRefArray::visitAggregate): * API/MarkedJSValueRefArray.h: * API/glib/JSAPIWrapperGlobalObject.cpp: (JSC::JSAPIWrapperGlobalObject::visitChildren): Deleted. * API/glib/JSAPIWrapperGlobalObject.h: * API/glib/JSAPIWrapperObjectGLib.cpp: (JSAPIWrapperObjectHandleOwner::isReachableFromOpaqueRoots): (JSC::JSAPIWrapperObject::visitChildrenImpl): (JSC::JSAPIWrapperObject::visitChildren): Deleted. * CMakeLists.txt: * JavaScriptCore.xcodeproj/project.pbxproj: * Scripts/wkbuiltins/builtins_generate_internals_wrapper_header.py: (BuiltinsInternalsWrapperHeaderGenerator): * Scripts/wkbuiltins/builtins_generate_internals_wrapper_implementation.py: (BuiltinsInternalsWrapperImplementationGenerator.generate_visit_method): * Scripts/wkbuiltins/builtins_templates.py: * Sources.txt: * bytecode/AccessCase.cpp: (JSC::AccessCase::propagateTransitions const): (JSC::AccessCase::visitAggregateImpl const): (JSC::AccessCase::visitAggregate const): Deleted. * bytecode/AccessCase.h: * bytecode/ByValInfo.cpp: (JSC::ByValInfo::visitAggregateImpl): (JSC::ByValInfo::visitAggregate): Deleted. * bytecode/ByValInfo.h: * bytecode/CheckPrivateBrandStatus.cpp: (JSC::CheckPrivateBrandStatus::visitAggregateImpl): (JSC::CheckPrivateBrandStatus::markIfCheap): (JSC::CheckPrivateBrandStatus::visitAggregate): Deleted. * bytecode/CheckPrivateBrandStatus.h: * bytecode/CheckPrivateBrandVariant.cpp: (JSC::CheckPrivateBrandVariant::markIfCheap): (JSC::CheckPrivateBrandVariant::visitAggregateImpl): (JSC::CheckPrivateBrandVariant::visitAggregate): Deleted. * bytecode/CheckPrivateBrandVariant.h: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::visitChildrenImpl): (JSC::CodeBlock::visitChildren): (JSC::CodeBlock::shouldVisitStrongly): (JSC::CodeBlock::shouldJettisonDueToOldAge): (JSC::shouldMarkTransition): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::determineLiveness): (JSC::CodeBlock::finalizeUnconditionally): (JSC::CodeBlock::visitOSRExitTargets): (JSC::CodeBlock::stronglyVisitStrongReferences): (JSC::CodeBlock::stronglyVisitWeakReferences): * bytecode/CodeBlock.h: * bytecode/DeleteByIdVariant.cpp: (JSC::DeleteByIdVariant::visitAggregateImpl): (JSC::DeleteByIdVariant::markIfCheap): (JSC::DeleteByIdVariant::visitAggregate): Deleted. * bytecode/DeleteByIdVariant.h: * bytecode/DeleteByStatus.cpp: (JSC::DeleteByStatus::visitAggregateImpl): (JSC::DeleteByStatus::markIfCheap): (JSC::DeleteByStatus::visitAggregate): Deleted. * bytecode/DeleteByStatus.h: * bytecode/DirectEvalCodeCache.cpp: (JSC::DirectEvalCodeCache::visitAggregateImpl): (JSC::DirectEvalCodeCache::visitAggregate): Deleted. * bytecode/DirectEvalCodeCache.h: * bytecode/ExecutableToCodeBlockEdge.cpp: (JSC::ExecutableToCodeBlockEdge::visitChildrenImpl): (JSC::ExecutableToCodeBlockEdge::visitOutputConstraintsImpl): (JSC::ExecutableToCodeBlockEdge::runConstraint): (JSC::ExecutableToCodeBlockEdge::visitChildren): Deleted. (JSC::ExecutableToCodeBlockEdge::visitOutputConstraints): Deleted. * bytecode/ExecutableToCodeBlockEdge.h: * bytecode/GetByIdVariant.cpp: (JSC::GetByIdVariant::visitAggregateImpl): (JSC::GetByIdVariant::markIfCheap): (JSC::GetByIdVariant::visitAggregate): Deleted. * bytecode/GetByIdVariant.h: * bytecode/GetByStatus.cpp: (JSC::GetByStatus::visitAggregateImpl): (JSC::GetByStatus::markIfCheap): (JSC::GetByStatus::visitAggregate): Deleted. * bytecode/GetByStatus.h: * bytecode/InByIdStatus.cpp: (JSC::InByIdStatus::markIfCheap): * bytecode/InByIdStatus.h: * bytecode/InByIdVariant.cpp: (JSC::InByIdVariant::markIfCheap): * bytecode/InByIdVariant.h: * bytecode/InternalFunctionAllocationProfile.h: (JSC::InternalFunctionAllocationProfile::visitAggregate): * bytecode/ObjectAllocationProfile.h: (JSC::ObjectAllocationProfileBase::visitAggregate): (JSC::ObjectAllocationProfileWithPrototype::visitAggregate): * bytecode/PolymorphicAccess.cpp: (JSC::PolymorphicAccess::propagateTransitions const): (JSC::PolymorphicAccess::visitAggregateImpl): (JSC::PolymorphicAccess::visitAggregate): Deleted. * bytecode/PolymorphicAccess.h: * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::markIfCheap): * bytecode/PutByIdStatus.h: * bytecode/PutByIdVariant.cpp: (JSC::PutByIdVariant::markIfCheap): * bytecode/PutByIdVariant.h: * bytecode/RecordedStatuses.cpp: (JSC::RecordedStatuses::visitAggregateImpl): (JSC::RecordedStatuses::markIfCheap): (JSC::RecordedStatuses::visitAggregate): Deleted. * bytecode/RecordedStatuses.h: * bytecode/SetPrivateBrandStatus.cpp: (JSC::SetPrivateBrandStatus::visitAggregateImpl): (JSC::SetPrivateBrandStatus::markIfCheap): (JSC::SetPrivateBrandStatus::visitAggregate): Deleted. * bytecode/SetPrivateBrandStatus.h: * bytecode/SetPrivateBrandVariant.cpp: (JSC::SetPrivateBrandVariant::markIfCheap): (JSC::SetPrivateBrandVariant::visitAggregateImpl): (JSC::SetPrivateBrandVariant::visitAggregate): Deleted. * bytecode/SetPrivateBrandVariant.h: * bytecode/StructureSet.cpp: (JSC::StructureSet::markIfCheap const): * bytecode/StructureSet.h: * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::visitAggregateImpl): (JSC::StructureStubInfo::propagateTransitions): (JSC::StructureStubInfo::visitAggregate): Deleted. * bytecode/StructureStubInfo.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::visitChildrenImpl): (JSC::UnlinkedCodeBlock::visitChildren): Deleted. * bytecode/UnlinkedCodeBlock.h: * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::UnlinkedFunctionExecutable::visitChildrenImpl): (JSC::UnlinkedFunctionExecutable::visitChildren): Deleted. * bytecode/UnlinkedFunctionExecutable.h: * debugger/DebuggerScope.cpp: (JSC::DebuggerScope::visitChildrenImpl): (JSC::DebuggerScope::visitChildren): Deleted. * debugger/DebuggerScope.h: * dfg/DFGDesiredTransitions.cpp: (JSC::DFG::DesiredTransition::visitChildren): (JSC::DFG::DesiredTransitions::visitChildren): * dfg/DFGDesiredTransitions.h: * dfg/DFGDesiredWeakReferences.cpp: (JSC::DFG::DesiredWeakReferences::visitChildren): * dfg/DFGDesiredWeakReferences.h: * dfg/DFGGraph.cpp: (JSC::DFG::Graph::visitChildrenImpl): (JSC::DFG::Graph::visitChildren): * dfg/DFGGraph.h: * dfg/DFGPlan.cpp: (JSC::DFG::Plan::checkLivenessAndVisitChildren): (JSC::DFG::Plan::isKnownToBeLiveDuringGC): (JSC::DFG::Plan::isKnownToBeLiveAfterGC): * dfg/DFGPlan.h: * dfg/DFGPlanInlines.h: (JSC::DFG::Plan::iterateCodeBlocksForGC): * dfg/DFGSafepoint.cpp: (JSC::DFG::Safepoint::checkLivenessAndVisitChildren): (JSC::DFG::Safepoint::isKnownToBeLiveDuringGC): (JSC::DFG::Safepoint::isKnownToBeLiveAfterGC): * dfg/DFGSafepoint.h: * dfg/DFGScannable.h: * dfg/DFGWorklist.cpp: (JSC::DFG::Worklist::visitWeakReferences): (JSC::DFG::Worklist::removeDeadPlans): * dfg/DFGWorklist.h: * dfg/DFGWorklistInlines.h: (JSC::DFG::iterateCodeBlocksForGC): (JSC::DFG::Worklist::iterateCodeBlocksForGC): * heap/AbstractSlotVisitor.h: Added. (JSC::AbstractSlotVisitor::Context::cell const): (JSC::AbstractSlotVisitor::SuppressGCVerifierScope::SuppressGCVerifierScope): (JSC::AbstractSlotVisitor::SuppressGCVerifierScope::~SuppressGCVerifierScope): (JSC::AbstractSlotVisitor::DefaultMarkingViolationAssertionScope::DefaultMarkingViolationAssertionScope): (JSC::AbstractSlotVisitor::collectorMarkStack): (JSC::AbstractSlotVisitor::mutatorMarkStack): (JSC::AbstractSlotVisitor::collectorMarkStack const): (JSC::AbstractSlotVisitor::mutatorMarkStack const): (JSC::AbstractSlotVisitor::isEmpty): (JSC::AbstractSlotVisitor::setIgnoreNewOpaqueRoots): (JSC::AbstractSlotVisitor::visitCount const): (JSC::AbstractSlotVisitor::addToVisitCount): (JSC::AbstractSlotVisitor::rootMarkReason const): (JSC::AbstractSlotVisitor::setRootMarkReason): (JSC::AbstractSlotVisitor::didRace): (JSC::AbstractSlotVisitor::codeName const): (JSC::SetRootMarkReasonScope::SetRootMarkReasonScope): (JSC::SetRootMarkReasonScope::~SetRootMarkReasonScope): * heap/AbstractSlotVisitorInlines.h: Added. (JSC::AbstractSlotVisitor::Context::Context): (JSC::AbstractSlotVisitor::Context::~Context): (JSC::AbstractSlotVisitor::AbstractSlotVisitor): (JSC::AbstractSlotVisitor::heap const): (JSC::AbstractSlotVisitor::vm): (JSC::AbstractSlotVisitor::vm const): (JSC::AbstractSlotVisitor::addOpaqueRoot): (JSC::AbstractSlotVisitor::containsOpaqueRoot const): (JSC::AbstractSlotVisitor::append): (JSC::AbstractSlotVisitor::appendHidden): (JSC::AbstractSlotVisitor::appendHiddenUnbarriered): (JSC::AbstractSlotVisitor::appendValues): (JSC::AbstractSlotVisitor::appendValuesHidden): (JSC::AbstractSlotVisitor::appendUnbarriered): (JSC::AbstractSlotVisitor::parentCell const): (JSC::AbstractSlotVisitor::reset): * heap/HandleSet.cpp: (JSC::HandleSet::visitStrongHandles): * heap/HandleSet.h: * heap/Heap.cpp: (JSC::Heap::iterateExecutingAndCompilingCodeBlocks): (JSC::Heap::iterateExecutingAndCompilingCodeBlocksWithoutHoldingLocks): (JSC::Heap::runEndPhase): (JSC::Heap::willStartCollection): (JSC::scanExternalRememberedSet): (JSC::serviceSamplingProfiler): (JSC::Heap::addCoreConstraints): (JSC::Heap::verifyGC): (JSC::Heap::isAnalyzingHeap const): Deleted. * heap/Heap.h: (JSC::Heap::isMarkingForGCVerifier const): (JSC::Heap::numOpaqueRoots const): Deleted. * heap/HeapInlines.h: (JSC::Heap::isMarked): * heap/HeapProfiler.cpp: (JSC::HeapProfiler::setActiveHeapAnalyzer): * heap/IsoCellSet.h: * heap/IsoCellSetInlines.h: (JSC::IsoCellSet::forEachMarkedCellInParallel): * heap/JITStubRoutineSet.cpp: (JSC::JITStubRoutineSet::traceMarkedStubRoutines): * heap/JITStubRoutineSet.h: (JSC::JITStubRoutineSet::traceMarkedStubRoutines): * heap/MarkStackMergingConstraint.cpp: (JSC::MarkStackMergingConstraint::prepareToExecuteImpl): (JSC::MarkStackMergingConstraint::executeImplImpl): (JSC::MarkStackMergingConstraint::executeImpl): * heap/MarkStackMergingConstraint.h: * heap/MarkedBlock.h: (JSC::MarkedBlock::Handle::atomAt const): (JSC::MarkedBlock::setVerifierMemo): (JSC::MarkedBlock::verifierMemo const): * heap/MarkedSpace.cpp: (JSC::MarkedSpace::visitWeakSets): * heap/MarkedSpace.h: * heap/MarkingConstraint.cpp: (JSC::MarkingConstraint::execute): (JSC::MarkingConstraint::executeSynchronously): (JSC::MarkingConstraint::prepareToExecute): (JSC::MarkingConstraint::doParallelWork): (JSC::MarkingConstraint::prepareToExecuteImpl): * heap/MarkingConstraint.h: * heap/MarkingConstraintExecutorPair.h: Added. (JSC::MarkingConstraintExecutorPair::MarkingConstraintExecutorPair): (JSC::MarkingConstraintExecutorPair::execute): * heap/MarkingConstraintSet.cpp: (JSC::MarkingConstraintSet::add): (JSC::MarkingConstraintSet::executeAllSynchronously): (JSC::MarkingConstraintSet::executeAll): Deleted. * heap/MarkingConstraintSet.h: (JSC::MarkingConstraintSet::add): * heap/MarkingConstraintSolver.cpp: * heap/MarkingConstraintSolver.h: * heap/SimpleMarkingConstraint.cpp: (JSC::SimpleMarkingConstraint::SimpleMarkingConstraint): (JSC::SimpleMarkingConstraint::executeImplImpl): (JSC::SimpleMarkingConstraint::executeImpl): * heap/SimpleMarkingConstraint.h: * heap/SlotVisitor.cpp: (JSC::SlotVisitor::SlotVisitor): (JSC::SlotVisitor::reset): (JSC::SlotVisitor::appendSlow): (JSC::SlotVisitor::addParallelConstraintTask): * heap/SlotVisitor.h: (JSC::SlotVisitor::collectorMarkStack): Deleted. (JSC::SlotVisitor::mutatorMarkStack): Deleted. (JSC::SlotVisitor::collectorMarkStack const): Deleted. (JSC::SlotVisitor::mutatorMarkStack const): Deleted. (JSC::SlotVisitor::isEmpty): Deleted. (JSC::SlotVisitor::isFirstVisit const): Deleted. (JSC::SlotVisitor::bytesVisited const): Deleted. (JSC::SlotVisitor::visitCount const): Deleted. (JSC::SlotVisitor::addToVisitCount): Deleted. (JSC::SlotVisitor::isAnalyzingHeap const): Deleted. (JSC::SlotVisitor::heapAnalyzer const): Deleted. (JSC::SlotVisitor::rootMarkReason const): Deleted. (JSC::SlotVisitor::setRootMarkReason): Deleted. (JSC::SlotVisitor::markingVersion const): Deleted. (JSC::SlotVisitor::mutatorIsStopped const): Deleted. (JSC::SlotVisitor::rightToRun): Deleted. (JSC::SlotVisitor::didRace): Deleted. (JSC::SlotVisitor::setIgnoreNewOpaqueRoots): Deleted. (JSC::SlotVisitor::codeName const): Deleted. (JSC::SetRootMarkReasonScope::SetRootMarkReasonScope): Deleted. (JSC::SetRootMarkReasonScope::~SetRootMarkReasonScope): Deleted. * heap/SlotVisitorInlines.h: (JSC::SlotVisitor::isMarked const): (JSC::SlotVisitor::addOpaqueRoot): Deleted. (JSC::SlotVisitor::containsOpaqueRoot const): Deleted. (JSC::SlotVisitor::heap const): Deleted. (JSC::SlotVisitor::vm): Deleted. (JSC::SlotVisitor::vm const): Deleted. * heap/SlotVisitorMacros.h: Added. * heap/Subspace.h: * heap/SubspaceInlines.h: (JSC::Subspace::forEachMarkedCellInParallel): * heap/VerifierSlotVisitor.cpp: Added. (JSC::MarkerData::MarkerData): (JSC::VerifierSlotVisitor::MarkedBlockData::MarkedBlockData): (JSC::VerifierSlotVisitor::MarkedBlockData::addMarkerData): (JSC::VerifierSlotVisitor::MarkedBlockData::markerData const): (JSC::VerifierSlotVisitor::PreciseAllocationData::PreciseAllocationData): (JSC::VerifierSlotVisitor::PreciseAllocationData::markerData const): (JSC::VerifierSlotVisitor::PreciseAllocationData::addMarkerData): (JSC::VerifierSlotVisitor::VerifierSlotVisitor): (JSC::VerifierSlotVisitor::~VerifierSlotVisitor): (JSC::VerifierSlotVisitor::addParallelConstraintTask): (JSC::VerifierSlotVisitor::executeConstraintTasks): (JSC::VerifierSlotVisitor::append): (JSC::VerifierSlotVisitor::appendToMarkStack): (JSC::VerifierSlotVisitor::appendUnbarriered): (JSC::VerifierSlotVisitor::appendHiddenUnbarriered): (JSC::VerifierSlotVisitor::drain): (JSC::VerifierSlotVisitor::dumpMarkerData): (JSC::VerifierSlotVisitor::isFirstVisit const): (JSC::VerifierSlotVisitor::isMarked const): (JSC::VerifierSlotVisitor::markAuxiliary): (JSC::VerifierSlotVisitor::mutatorIsStopped const): (JSC::VerifierSlotVisitor::testAndSetMarked): (JSC::VerifierSlotVisitor::setMarkedAndAppendToMarkStack): (JSC::VerifierSlotVisitor::visitAsConstraint): (JSC::VerifierSlotVisitor::visitChildren): * heap/VerifierSlotVisitor.h: Added. (JSC::VerifierSlotVisitor::MarkedBlockData::block const): (JSC::VerifierSlotVisitor::MarkedBlockData::atoms const): (JSC::VerifierSlotVisitor::MarkedBlockData::isMarked): (JSC::VerifierSlotVisitor::MarkedBlockData::testAndSetMarked): (JSC::VerifierSlotVisitor::PreciseAllocationData::allocation const): (JSC::VerifierSlotVisitor::appendSlow): * heap/VerifierSlotVisitorInlines.h: Added. (JSC::VerifierSlotVisitor::forEachLiveCell): (JSC::VerifierSlotVisitor::forEachLivePreciseAllocation): (JSC::VerifierSlotVisitor::forEachLiveMarkedBlockCell): * heap/VisitCounter.h: (JSC::VisitCounter::VisitCounter): (JSC::VisitCounter::visitor const): * heap/WeakBlock.cpp: (JSC::WeakBlock::specializedVisit): (JSC::WeakBlock::visitImpl): (JSC::WeakBlock::visit): * heap/WeakBlock.h: * heap/WeakHandleOwner.cpp: (JSC::WeakHandleOwner::isReachableFromOpaqueRoots): * heap/WeakHandleOwner.h: * heap/WeakSet.cpp: * heap/WeakSet.h: (JSC::WeakSet::visit): * interpreter/ShadowChicken.cpp: (JSC::ShadowChicken::visitChildren): * interpreter/ShadowChicken.h: * jit/GCAwareJITStubRoutine.cpp: (JSC::MarkingGCAwareJITStubRoutine::markRequiredObjectsInternalImpl): (JSC::MarkingGCAwareJITStubRoutine::markRequiredObjectsInternal): (JSC::GCAwareJITStubRoutine::markRequiredObjectsInternal): Deleted. * jit/GCAwareJITStubRoutine.h: (JSC::GCAwareJITStubRoutine::markRequiredObjects): (JSC::GCAwareJITStubRoutine::markRequiredObjectsInternal): * jit/JITWorklist.cpp: * jit/PolymorphicCallStubRoutine.cpp: (JSC::PolymorphicCallStubRoutine::markRequiredObjectsInternalImpl): (JSC::PolymorphicCallStubRoutine::markRequiredObjectsInternal): * jit/PolymorphicCallStubRoutine.h: * runtime/AbstractModuleRecord.cpp: (JSC::AbstractModuleRecord::visitChildrenImpl): (JSC::AbstractModuleRecord::visitChildren): Deleted. * runtime/AbstractModuleRecord.h: * runtime/ArgList.cpp: (JSC::MarkedArgumentBuffer::markLists): * runtime/ArgList.h: * runtime/CacheableIdentifier.h: * runtime/CacheableIdentifierInlines.h: (JSC::CacheableIdentifier::visitAggregate const): * runtime/ClassInfo.h: (JSC::MethodTable::visitChildren const): (JSC::MethodTable::visitOutputConstraints const): * runtime/ClonedArguments.cpp: (JSC::ClonedArguments::visitChildrenImpl): (JSC::ClonedArguments::visitChildren): Deleted. * runtime/ClonedArguments.h: * runtime/DirectArguments.cpp: (JSC::DirectArguments::visitChildrenImpl): (JSC::DirectArguments::visitChildren): Deleted. * runtime/DirectArguments.h: * runtime/EvalExecutable.cpp: (JSC::EvalExecutable::visitChildrenImpl): (JSC::EvalExecutable::visitChildren): Deleted. * runtime/EvalExecutable.h: * runtime/Exception.cpp: (JSC::Exception::visitChildrenImpl): (JSC::Exception::visitChildren): Deleted. * runtime/Exception.h: * runtime/FunctionExecutable.cpp: (JSC::FunctionExecutable::visitChildrenImpl): (JSC::FunctionExecutable::visitChildren): Deleted. * runtime/FunctionExecutable.h: * runtime/FunctionRareData.cpp: (JSC::FunctionRareData::visitChildrenImpl): (JSC::FunctionRareData::visitChildren): Deleted. * runtime/FunctionRareData.h: * runtime/GenericArguments.h: * runtime/GenericArgumentsInlines.h: (JSC::GenericArguments<Type>::visitChildrenImpl): (JSC::GenericArguments<Type>::visitChildren): Deleted. * runtime/GetterSetter.cpp: (JSC::GetterSetter::visitChildrenImpl): (JSC::GetterSetter::visitChildren): Deleted. * runtime/GetterSetter.h: * runtime/HashMapImpl.cpp: (JSC::HashMapBucket<Data>::visitChildrenImpl): (JSC::HashMapImpl<HashMapBucket>::visitChildrenImpl): (JSC::HashMapBucket<Data>::visitChildren): Deleted. (JSC::HashMapImpl<HashMapBucket>::visitChildren): Deleted. * runtime/HashMapImpl.h: * runtime/InternalFunction.cpp: (JSC::InternalFunction::visitChildrenImpl): (JSC::InternalFunction::visitChildren): Deleted. * runtime/InternalFunction.h: * runtime/IntlCollator.cpp: (JSC::IntlCollator::visitChildrenImpl): (JSC::IntlCollator::visitChildren): Deleted. * runtime/IntlCollator.h: * runtime/IntlDateTimeFormat.cpp: (JSC::IntlDateTimeFormat::visitChildrenImpl): (JSC::IntlDateTimeFormat::visitChildren): Deleted. * runtime/IntlDateTimeFormat.h: * runtime/IntlLocale.cpp: (JSC::IntlLocale::visitChildrenImpl): (JSC::IntlLocale::visitChildren): Deleted. * runtime/IntlLocale.h: * runtime/IntlNumberFormat.cpp: (JSC::IntlNumberFormat::visitChildrenImpl): (JSC::IntlNumberFormat::visitChildren): Deleted. * runtime/IntlNumberFormat.h: * runtime/IntlPluralRules.cpp: (JSC::IntlPluralRules::visitChildrenImpl): (JSC::IntlPluralRules::visitChildren): Deleted. * runtime/IntlPluralRules.h: * runtime/IntlRelativeTimeFormat.cpp: (JSC::IntlRelativeTimeFormat::visitChildrenImpl): (JSC::IntlRelativeTimeFormat::visitChildren): Deleted. * runtime/IntlRelativeTimeFormat.h: * runtime/IntlSegmentIterator.cpp: (JSC::IntlSegmentIterator::visitChildrenImpl): (JSC::IntlSegmentIterator::visitChildren): Deleted. * runtime/IntlSegmentIterator.h: * runtime/IntlSegments.cpp: (JSC::IntlSegments::visitChildrenImpl): (JSC::IntlSegments::visitChildren): Deleted. * runtime/IntlSegments.h: * runtime/JSArrayBufferView.cpp: (JSC::JSArrayBufferView::visitChildrenImpl): (JSC::JSArrayBufferView::visitChildren): Deleted. * runtime/JSArrayBufferView.h: * runtime/JSArrayIterator.cpp: (JSC::JSArrayIterator::visitChildrenImpl): (JSC::JSArrayIterator::visitChildren): Deleted. * runtime/JSArrayIterator.h: * runtime/JSAsyncGenerator.cpp: (JSC::JSAsyncGenerator::visitChildrenImpl): (JSC::JSAsyncGenerator::visitChildren): Deleted. * runtime/JSAsyncGenerator.h: * runtime/JSBigInt.cpp: (JSC::JSBigInt::visitChildrenImpl): (JSC::JSBigInt::visitChildren): Deleted. * runtime/JSBigInt.h: * runtime/JSBoundFunction.cpp: (JSC::JSBoundFunction::visitChildrenImpl): (JSC::JSBoundFunction::visitChildren): Deleted. * runtime/JSBoundFunction.h: * runtime/JSCallee.cpp: (JSC::JSCallee::visitChildrenImpl): (JSC::JSCallee::visitChildren): Deleted. * runtime/JSCallee.h: * runtime/JSCell.h: * runtime/JSCellInlines.h: (JSC::JSCell::visitChildrenImpl): (JSC::JSCell::visitOutputConstraintsImpl): (JSC::JSCell::visitChildren): Deleted. (JSC::JSCell::visitOutputConstraints): Deleted. * runtime/JSFinalizationRegistry.cpp: (JSC::JSFinalizationRegistry::visitChildrenImpl): (JSC::JSFinalizationRegistry::visitChildren): Deleted. * runtime/JSFinalizationRegistry.h: * runtime/JSFunction.cpp: (JSC::JSFunction::visitChildrenImpl): (JSC::JSFunction::visitChildren): Deleted. * runtime/JSFunction.h: * runtime/JSGenerator.cpp: (JSC::JSGenerator::visitChildrenImpl): (JSC::JSGenerator::visitChildren): Deleted. * runtime/JSGenerator.h: * runtime/JSGenericTypedArrayView.h: * runtime/JSGenericTypedArrayViewInlines.h: (JSC::JSGenericTypedArrayView<Adaptor>::visitChildrenImpl): (JSC::JSGenericTypedArrayView<Adaptor>::visitChildren): Deleted. * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::visitChildrenImpl): (JSC::JSGlobalObject::visitChildren): Deleted. * runtime/JSGlobalObject.h: * runtime/JSImmutableButterfly.cpp: (JSC::JSImmutableButterfly::visitChildrenImpl): (JSC::JSImmutableButterfly::visitChildren): Deleted. * runtime/JSImmutableButterfly.h: * runtime/JSInternalFieldObjectImpl.h: * runtime/JSInternalFieldObjectImplInlines.h: (JSC::JSInternalFieldObjectImpl<passedNumberOfInternalFields>::visitChildrenImpl): (JSC::JSInternalFieldObjectImpl<passedNumberOfInternalFields>::visitChildren): Deleted. * runtime/JSLexicalEnvironment.cpp: (JSC::JSLexicalEnvironment::visitChildrenImpl): (JSC::JSLexicalEnvironment::visitChildren): Deleted. * runtime/JSLexicalEnvironment.h: * runtime/JSMapIterator.cpp: (JSC::JSMapIterator::visitChildrenImpl): (JSC::JSMapIterator::visitChildren): Deleted. * runtime/JSMapIterator.h: * runtime/JSModuleEnvironment.cpp: (JSC::JSModuleEnvironment::visitChildrenImpl): (JSC::JSModuleEnvironment::visitChildren): Deleted. * runtime/JSModuleEnvironment.h: * runtime/JSModuleNamespaceObject.cpp: (JSC::JSModuleNamespaceObject::visitChildrenImpl): (JSC::JSModuleNamespaceObject::visitChildren): Deleted. * runtime/JSModuleNamespaceObject.h: * runtime/JSModuleRecord.cpp: (JSC::JSModuleRecord::visitChildrenImpl): (JSC::JSModuleRecord::visitChildren): Deleted. * runtime/JSModuleRecord.h: * runtime/JSNativeStdFunction.cpp: (JSC::JSNativeStdFunction::visitChildrenImpl): (JSC::JSNativeStdFunction::visitChildren): Deleted. * runtime/JSNativeStdFunction.h: * runtime/JSObject.cpp: (JSC::JSObject::markAuxiliaryAndVisitOutOfLineProperties): (JSC::JSObject::visitButterfly): (JSC::JSObject::visitButterflyImpl): (JSC::JSObject::visitChildrenImpl): (JSC::JSFinalObject::visitChildrenImpl): (JSC::JSObject::visitChildren): Deleted. (JSC::JSFinalObject::visitChildren): Deleted. * runtime/JSObject.h: * runtime/JSPromise.cpp: (JSC::JSPromise::visitChildrenImpl): (JSC::JSPromise::visitChildren): Deleted. * runtime/JSPromise.h: * runtime/JSPropertyNameEnumerator.cpp: (JSC::JSPropertyNameEnumerator::visitChildrenImpl): (JSC::JSPropertyNameEnumerator::visitChildren): Deleted. * runtime/JSPropertyNameEnumerator.h: * runtime/JSProxy.cpp: (JSC::JSProxy::visitChildrenImpl): (JSC::JSProxy::visitChildren): Deleted. * runtime/JSProxy.h: * runtime/JSScope.cpp: (JSC::JSScope::visitChildrenImpl): (JSC::JSScope::visitChildren): Deleted. * runtime/JSScope.h: * runtime/JSSegmentedVariableObject.cpp: (JSC::JSSegmentedVariableObject::visitChildrenImpl): (JSC::JSSegmentedVariableObject::visitChildren): Deleted. * runtime/JSSegmentedVariableObject.h: * runtime/JSSetIterator.cpp: (JSC::JSSetIterator::visitChildrenImpl): (JSC::JSSetIterator::visitChildren): Deleted. * runtime/JSSetIterator.h: * runtime/JSString.cpp: (JSC::JSString::visitChildrenImpl): (JSC::JSString::visitChildren): Deleted. * runtime/JSString.h: * runtime/JSStringIterator.cpp: (JSC::JSStringIterator::visitChildrenImpl): (JSC::JSStringIterator::visitChildren): Deleted. * runtime/JSStringIterator.h: * runtime/JSSymbolTableObject.cpp: (JSC::JSSymbolTableObject::visitChildrenImpl): (JSC::JSSymbolTableObject::visitChildren): Deleted. * runtime/JSSymbolTableObject.h: * runtime/JSWeakObjectRef.cpp: (JSC::JSWeakObjectRef::visitChildrenImpl): (JSC::JSWeakObjectRef::visitChildren): Deleted. * runtime/JSWeakObjectRef.h: * runtime/JSWithScope.cpp: (JSC::JSWithScope::visitChildrenImpl): (JSC::JSWithScope::visitChildren): Deleted. * runtime/JSWithScope.h: * runtime/JSWrapperObject.cpp: (JSC::JSWrapperObject::visitChildrenImpl): (JSC::JSWrapperObject::visitChildren): Deleted. * runtime/JSWrapperObject.h: * runtime/LazyClassStructure.cpp: (JSC::LazyClassStructure::visit): * runtime/LazyClassStructure.h: * runtime/LazyProperty.h: * runtime/LazyPropertyInlines.h: (JSC::ElementType>::visit): * runtime/ModuleProgramExecutable.cpp: (JSC::ModuleProgramExecutable::visitChildrenImpl): (JSC::ModuleProgramExecutable::visitChildren): Deleted. * runtime/ModuleProgramExecutable.h: * runtime/Options.cpp: (JSC::Options::recomputeDependentOptions): * runtime/OptionsList.h: * runtime/ProgramExecutable.cpp: (JSC::ProgramExecutable::visitChildrenImpl): (JSC::ProgramExecutable::visitChildren): Deleted. * runtime/ProgramExecutable.h: * runtime/PropertyMapHashTable.h: * runtime/PropertyTable.cpp: (JSC::PropertyTable::visitChildrenImpl): (JSC::PropertyTable::visitChildren): Deleted. * runtime/ProxyObject.cpp: (JSC::ProxyObject::visitChildrenImpl): (JSC::ProxyObject::visitChildren): Deleted. * runtime/ProxyObject.h: * runtime/ProxyRevoke.cpp: (JSC::ProxyRevoke::visitChildrenImpl): (JSC::ProxyRevoke::visitChildren): Deleted. * runtime/ProxyRevoke.h: * runtime/RegExpCachedResult.cpp: (JSC::RegExpCachedResult::visitAggregateImpl): (JSC::RegExpCachedResult::visitAggregate): Deleted. * runtime/RegExpCachedResult.h: * runtime/RegExpGlobalData.cpp: (JSC::RegExpGlobalData::visitAggregateImpl): (JSC::RegExpGlobalData::visitAggregate): Deleted. * runtime/RegExpGlobalData.h: * runtime/RegExpObject.cpp: (JSC::RegExpObject::visitChildrenImpl): (JSC::RegExpObject::visitChildren): Deleted. * runtime/RegExpObject.h: * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::visit): * runtime/SamplingProfiler.h: * runtime/ScopedArguments.cpp: (JSC::ScopedArguments::visitChildrenImpl): (JSC::ScopedArguments::visitChildren): Deleted. * runtime/ScopedArguments.h: * runtime/SimpleTypedArrayController.cpp: (JSC::SimpleTypedArrayController::JSArrayBufferOwner::isReachableFromOpaqueRoots): * runtime/SimpleTypedArrayController.h: * runtime/SmallStrings.cpp: (JSC::SmallStrings::visitStrongReferences): * runtime/SmallStrings.h: * runtime/SparseArrayValueMap.cpp: (JSC::SparseArrayValueMap::visitChildrenImpl): (JSC::SparseArrayValueMap::visitChildren): Deleted. * runtime/SparseArrayValueMap.h: * runtime/StackFrame.cpp: (JSC::StackFrame::visitChildren): Deleted. * runtime/StackFrame.h: (JSC::StackFrame::visitChildren): * runtime/Structure.cpp: (JSC::Structure::visitChildrenImpl): (JSC::Structure::isCheapDuringGC): (JSC::Structure::markIfCheap): (JSC::Structure::visitChildren): Deleted. * runtime/Structure.h: * runtime/StructureChain.cpp: (JSC::StructureChain::visitChildrenImpl): (JSC::StructureChain::visitChildren): Deleted. * runtime/StructureChain.h: * runtime/StructureRareData.cpp: (JSC::StructureRareData::visitChildrenImpl): (JSC::StructureRareData::visitChildren): Deleted. * runtime/StructureRareData.h: * runtime/SymbolTable.cpp: (JSC::SymbolTable::visitChildrenImpl): (JSC::SymbolTable::visitChildren): Deleted. * runtime/SymbolTable.h: * runtime/TypeProfilerLog.cpp: (JSC::TypeProfilerLog::visit): * runtime/TypeProfilerLog.h: * runtime/VM.h: (JSC::VM::isAnalyzingHeap const): (JSC::VM::activeHeapAnalyzer const): (JSC::VM::setActiveHeapAnalyzer): * runtime/WeakMapImpl.cpp: (JSC::WeakMapImpl<WeakMapBucket>::visitChildrenImpl): (JSC::WeakMapImpl<WeakMapBucket<WeakMapBucketDataKey>>::visitOutputConstraints): (JSC::WeakMapImpl<BucketType>::visitOutputConstraints): (JSC::WeakMapImpl<WeakMapBucket>::visitChildren): Deleted. (JSC::WeakMapImpl<WeakMapBucket<WeakMapBucketDataKeyValue>>::visitOutputConstraints): Deleted. * runtime/WeakMapImpl.h: (JSC::WeakMapBucket::visitAggregate): * tools/JSDollarVM.cpp: (JSC::JSDollarVM::visitChildrenImpl): (JSC::JSDollarVM::visitChildren): Deleted. * tools/JSDollarVM.h: * wasm/WasmGlobal.cpp: (JSC::Wasm::Global::visitAggregateImpl): (JSC::Wasm::Global::visitAggregate): Deleted. * wasm/WasmGlobal.h: * wasm/WasmTable.cpp: (JSC::Wasm::Table::visitAggregateImpl): (JSC::Wasm::Table::visitAggregate): Deleted. * wasm/WasmTable.h: * wasm/js/JSToWasmICCallee.cpp: (JSC::JSToWasmICCallee::visitChildrenImpl): (JSC::JSToWasmICCallee::visitChildren): Deleted. * wasm/js/JSToWasmICCallee.h: * wasm/js/JSWebAssemblyCodeBlock.cpp: (JSC::JSWebAssemblyCodeBlock::visitChildrenImpl): (JSC::JSWebAssemblyCodeBlock::visitChildren): Deleted. * wasm/js/JSWebAssemblyCodeBlock.h: * wasm/js/JSWebAssemblyGlobal.cpp: (JSC::JSWebAssemblyGlobal::visitChildrenImpl): (JSC::JSWebAssemblyGlobal::visitChildren): Deleted. * wasm/js/JSWebAssemblyGlobal.h: * wasm/js/JSWebAssemblyInstance.cpp: (JSC::JSWebAssemblyInstance::visitChildrenImpl): (JSC::JSWebAssemblyInstance::visitChildren): Deleted. * wasm/js/JSWebAssemblyInstance.h: * wasm/js/JSWebAssemblyMemory.cpp: (JSC::JSWebAssemblyMemory::visitChildrenImpl): (JSC::JSWebAssemblyMemory::visitChildren): Deleted. * wasm/js/JSWebAssemblyMemory.h: * wasm/js/JSWebAssemblyModule.cpp: (JSC::JSWebAssemblyModule::visitChildrenImpl): (JSC::JSWebAssemblyModule::visitChildren): Deleted. * wasm/js/JSWebAssemblyModule.h: * wasm/js/JSWebAssemblyTable.cpp: (JSC::JSWebAssemblyTable::visitChildrenImpl): (JSC::JSWebAssemblyTable::visitChildren): Deleted. * wasm/js/JSWebAssemblyTable.h: * wasm/js/WebAssemblyFunction.cpp: (JSC::WebAssemblyFunction::visitChildrenImpl): (JSC::WebAssemblyFunction::visitChildren): Deleted. * wasm/js/WebAssemblyFunction.h: * wasm/js/WebAssemblyFunctionBase.cpp: (JSC::WebAssemblyFunctionBase::visitChildrenImpl): (JSC::WebAssemblyFunctionBase::visitChildren): Deleted. * wasm/js/WebAssemblyFunctionBase.h: * wasm/js/WebAssemblyModuleRecord.cpp: (JSC::WebAssemblyModuleRecord::visitChildrenImpl): (JSC::WebAssemblyModuleRecord::visitChildren): Deleted. * wasm/js/WebAssemblyModuleRecord.h: * wasm/js/WebAssemblyWrapperFunction.cpp: (JSC::WebAssemblyWrapperFunction::visitChildrenImpl): (JSC::WebAssemblyWrapperFunction::visitChildren): Deleted. * wasm/js/WebAssemblyWrapperFunction.h: Source/WebCore: 1. Added support for the GC verifier. 2. Also removed NodeFilterCondition::visitAggregate() because it is not used. 3. Rebased bindings test results. * Modules/indexeddb/IDBObjectStore.cpp: (WebCore::IDBObjectStore::visitReferencedIndexes const): * Modules/indexeddb/IDBObjectStore.h: * Modules/indexeddb/IDBTransaction.cpp: (WebCore::IDBTransaction::visitReferencedObjectStores const): * Modules/indexeddb/IDBTransaction.h: * Modules/webaudio/AudioBuffer.cpp: (WebCore::AudioBuffer::visitChannelWrappers): * Modules/webaudio/AudioBuffer.h: * bindings/js/DOMGCOutputConstraint.cpp: (WebCore::DOMGCOutputConstraint::executeImplImpl): (WebCore::DOMGCOutputConstraint::executeImpl): * bindings/js/DOMGCOutputConstraint.h: * bindings/js/JSAbortControllerCustom.cpp: (WebCore::JSAbortController::visitAdditionalChildren): * bindings/js/JSAbortSignalCustom.cpp: (WebCore::JSAbortSignalOwner::isReachableFromOpaqueRoots): * bindings/js/JSAttrCustom.cpp: (WebCore::JSAttr::visitAdditionalChildren): * bindings/js/JSAudioBufferCustom.cpp: (WebCore::JSAudioBuffer::visitAdditionalChildren): * bindings/js/JSAudioTrackCustom.cpp: (WebCore::JSAudioTrack::visitAdditionalChildren): * bindings/js/JSAudioTrackListCustom.cpp: (WebCore::JSAudioTrackList::visitAdditionalChildren): * bindings/js/JSAudioWorkletProcessorCustom.cpp: (WebCore::JSAudioWorkletProcessor::visitAdditionalChildren): * bindings/js/JSCSSRuleCustom.cpp: (WebCore::JSCSSRule::visitAdditionalChildren): * bindings/js/JSCSSRuleListCustom.cpp: (WebCore::JSCSSRuleListOwner::isReachableFromOpaqueRoots): * bindings/js/JSCSSStyleDeclarationCustom.cpp: (WebCore::JSCSSStyleDeclaration::visitAdditionalChildren): * bindings/js/JSCallbackData.cpp: (WebCore::JSCallbackDataWeak::visitJSFunction): (WebCore::JSCallbackDataWeak::WeakOwner::isReachableFromOpaqueRoots): * bindings/js/JSCallbackData.h: * bindings/js/JSCanvasRenderingContext2DCustom.cpp: (WebCore::JSCanvasRenderingContext2DOwner::isReachableFromOpaqueRoots): (WebCore::JSCanvasRenderingContext2D::visitAdditionalChildren): * bindings/js/JSCustomEventCustom.cpp: (WebCore::JSCustomEvent::visitAdditionalChildren): * bindings/js/JSDOMBuiltinConstructorBase.cpp: (WebCore::JSDOMBuiltinConstructorBase::visitChildrenImpl): (WebCore::JSDOMBuiltinConstructorBase::visitChildren): Deleted. * bindings/js/JSDOMBuiltinConstructorBase.h: * bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::visitChildrenImpl): (WebCore::JSDOMGlobalObject::visitChildren): Deleted. * bindings/js/JSDOMGlobalObject.h: * bindings/js/JSDOMGuardedObject.h: * bindings/js/JSDOMQuadCustom.cpp: (WebCore::JSDOMQuad::visitAdditionalChildren): * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::visitAdditionalChildren): * bindings/js/JSDeprecatedCSSOMValueCustom.cpp: (WebCore::JSDeprecatedCSSOMValueOwner::isReachableFromOpaqueRoots): * bindings/js/JSDocumentCustom.cpp: (WebCore::JSDocument::visitAdditionalChildren): * bindings/js/JSErrorEventCustom.cpp: (WebCore::JSErrorEvent::visitAdditionalChildren): * bindings/js/JSEventListener.cpp: (WebCore::JSEventListener::visitJSFunctionImpl): (WebCore::JSEventListener::visitJSFunction): * bindings/js/JSEventListener.h: * bindings/js/JSEventTargetCustom.cpp: (WebCore::JSEventTarget::visitAdditionalChildren): * bindings/js/JSFetchEventCustom.cpp: (WebCore::JSFetchEvent::visitAdditionalChildren): * bindings/js/JSHTMLCanvasElementCustom.cpp: (WebCore::JSHTMLCanvasElement::visitAdditionalChildren): * bindings/js/JSHTMLTemplateElementCustom.cpp: (WebCore::JSHTMLTemplateElement::visitAdditionalChildren): * bindings/js/JSHistoryCustom.cpp: (WebCore::JSHistory::visitAdditionalChildren): * bindings/js/JSIDBCursorCustom.cpp: (WebCore::JSIDBCursor::visitAdditionalChildren): * bindings/js/JSIDBCursorWithValueCustom.cpp: (WebCore::JSIDBCursorWithValue::visitAdditionalChildren): * bindings/js/JSIDBIndexCustom.cpp: (WebCore::JSIDBIndex::visitAdditionalChildren): * bindings/js/JSIDBObjectStoreCustom.cpp: (WebCore::JSIDBObjectStore::visitAdditionalChildren): * bindings/js/JSIDBRequestCustom.cpp: (WebCore::JSIDBRequest::visitAdditionalChildren): * bindings/js/JSIDBTransactionCustom.cpp: (WebCore::JSIDBTransaction::visitAdditionalChildren): * bindings/js/JSIntersectionObserverCustom.cpp: (WebCore::JSIntersectionObserver::visitAdditionalChildren): * bindings/js/JSIntersectionObserverEntryCustom.cpp: (WebCore::JSIntersectionObserverEntry::visitAdditionalChildren): * bindings/js/JSMessageChannelCustom.cpp: (WebCore::JSMessageChannel::visitAdditionalChildren): * bindings/js/JSMessageEventCustom.cpp: (WebCore::JSMessageEvent::visitAdditionalChildren): * bindings/js/JSMessagePortCustom.cpp: (WebCore::JSMessagePort::visitAdditionalChildren): * bindings/js/JSMutationObserverCustom.cpp: (WebCore::JSMutationObserver::visitAdditionalChildren): (WebCore::JSMutationObserverOwner::isReachableFromOpaqueRoots): * bindings/js/JSMutationRecordCustom.cpp: (WebCore::JSMutationRecord::visitAdditionalChildren): * bindings/js/JSNavigatorCustom.cpp: (WebCore::JSNavigator::visitAdditionalChildren): * bindings/js/JSNodeCustom.cpp: (WebCore::isReachableFromDOM): (WebCore::JSNodeOwner::isReachableFromOpaqueRoots): (WebCore::JSNode::visitAdditionalChildren): * bindings/js/JSNodeIteratorCustom.cpp: (WebCore::JSNodeIterator::visitAdditionalChildren): * bindings/js/JSNodeListCustom.cpp: (WebCore::JSNodeListOwner::isReachableFromOpaqueRoots): * bindings/js/JSOffscreenCanvasRenderingContext2DCustom.cpp: (WebCore::JSOffscreenCanvasRenderingContext2DOwner::isReachableFromOpaqueRoots): (WebCore::JSOffscreenCanvasRenderingContext2D::visitAdditionalChildren): * bindings/js/JSPaintRenderingContext2DCustom.cpp: (WebCore::JSPaintRenderingContext2DOwner::isReachableFromOpaqueRoots): (WebCore::JSPaintRenderingContext2D::visitAdditionalChildren): * bindings/js/JSPaintWorkletGlobalScopeCustom.cpp: (WebCore::JSPaintWorkletGlobalScope::visitAdditionalChildren): * bindings/js/JSPaymentMethodChangeEventCustom.cpp: (WebCore::JSPaymentMethodChangeEvent::visitAdditionalChildren): * bindings/js/JSPaymentResponseCustom.cpp: (WebCore::JSPaymentResponse::visitAdditionalChildren): * bindings/js/JSPerformanceObserverCustom.cpp: (WebCore::JSPerformanceObserver::visitAdditionalChildren): (WebCore::JSPerformanceObserverOwner::isReachableFromOpaqueRoots): * bindings/js/JSPopStateEventCustom.cpp: (WebCore::JSPopStateEvent::visitAdditionalChildren): * bindings/js/JSPromiseRejectionEventCustom.cpp: (WebCore::JSPromiseRejectionEvent::visitAdditionalChildren): * bindings/js/JSResizeObserverCustom.cpp: (WebCore::JSResizeObserver::visitAdditionalChildren): * bindings/js/JSResizeObserverEntryCustom.cpp: (WebCore::JSResizeObserverEntry::visitAdditionalChildren): * bindings/js/JSSVGViewSpecCustom.cpp: (WebCore::JSSVGViewSpec::visitAdditionalChildren): * bindings/js/JSServiceWorkerGlobalScopeCustom.cpp: (WebCore::JSServiceWorkerGlobalScope::visitAdditionalChildren): * bindings/js/JSStaticRangeCustom.cpp: (WebCore::JSStaticRange::visitAdditionalChildren): * bindings/js/JSStyleSheetCustom.cpp: (WebCore::JSStyleSheet::visitAdditionalChildren): * bindings/js/JSTextTrackCueCustom.cpp: (WebCore::JSTextTrackCueOwner::isReachableFromOpaqueRoots): (WebCore::JSTextTrackCue::visitAdditionalChildren): * bindings/js/JSTextTrackCustom.cpp: (WebCore::JSTextTrack::visitAdditionalChildren): * bindings/js/JSTextTrackListCustom.cpp: (WebCore::JSTextTrackList::visitAdditionalChildren): * bindings/js/JSTreeWalkerCustom.cpp: (WebCore::JSTreeWalker::visitAdditionalChildren): * bindings/js/JSUndoItemCustom.cpp: (WebCore::JSUndoItem::visitAdditionalChildren): (WebCore::JSUndoItemOwner::isReachableFromOpaqueRoots): * bindings/js/JSValueInWrappedObject.h: (WebCore::JSValueInWrappedObject::visit const): * bindings/js/JSVideoTrackCustom.cpp: (WebCore::JSVideoTrack::visitAdditionalChildren): * bindings/js/JSVideoTrackListCustom.cpp: (WebCore::JSVideoTrackList::visitAdditionalChildren): * bindings/js/JSWebGL2RenderingContextCustom.cpp: (WebCore::JSWebGL2RenderingContext::visitAdditionalChildren): * bindings/js/JSWebGLRenderingContextCustom.cpp: (WebCore::JSWebGLRenderingContext::visitAdditionalChildren): * bindings/js/JSWorkerGlobalScopeBase.cpp: (WebCore::JSWorkerGlobalScopeBase::visitChildrenImpl): (WebCore::JSWorkerGlobalScopeBase::visitChildren): Deleted. * bindings/js/JSWorkerGlobalScopeBase.h: * bindings/js/JSWorkerGlobalScopeCustom.cpp: (WebCore::JSWorkerGlobalScope::visitAdditionalChildren): * bindings/js/JSWorkerNavigatorCustom.cpp: (WebCore::JSWorkerNavigator::visitAdditionalChildren): * bindings/js/JSWorkletGlobalScopeBase.cpp: (WebCore::JSWorkletGlobalScopeBase::visitChildrenImpl): (WebCore::JSWorkletGlobalScopeBase::visitChildren): Deleted. * bindings/js/JSWorkletGlobalScopeBase.h: * bindings/js/JSXMLHttpRequestCustom.cpp: (WebCore::JSXMLHttpRequest::visitAdditionalChildren): * bindings/js/JSXPathResultCustom.cpp: (WebCore::JSXPathResult::visitAdditionalChildren): * bindings/js/WebCoreTypedArrayController.cpp: (WebCore::WebCoreTypedArrayController::JSArrayBufferOwner::isReachableFromOpaqueRoots): * bindings/js/WebCoreTypedArrayController.h: * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): (GenerateImplementation): (GenerateCallbackHeaderContent): (GenerateCallbackImplementationContent): (GenerateIterableDefinition): * bindings/scripts/test/JS/JSDOMWindow.cpp: (WebCore::JSDOMWindow::subspaceForImpl): * bindings/scripts/test/JS/JSDedicatedWorkerGlobalScope.cpp: (WebCore::JSDedicatedWorkerGlobalScope::subspaceForImpl): * bindings/scripts/test/JS/JSExposedToWorkerAndWindow.cpp: (WebCore::JSExposedToWorkerAndWindow::subspaceForImpl): (WebCore::JSExposedToWorkerAndWindowOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSExposedToWorkerAndWindow.h: * bindings/scripts/test/JS/JSPaintWorkletGlobalScope.cpp: (WebCore::JSPaintWorkletGlobalScope::subspaceForImpl): * bindings/scripts/test/JS/JSServiceWorkerGlobalScope.cpp: (WebCore::JSServiceWorkerGlobalScope::subspaceForImpl): * bindings/scripts/test/JS/JSTestCEReactions.cpp: (WebCore::JSTestCEReactions::subspaceForImpl): (WebCore::JSTestCEReactionsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestCEReactions.h: * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp: (WebCore::JSTestCEReactionsStringifier::subspaceForImpl): (WebCore::JSTestCEReactionsStringifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestCEReactionsStringifier.h: * bindings/scripts/test/JS/JSTestCallTracer.cpp: (WebCore::JSTestCallTracer::subspaceForImpl): (WebCore::JSTestCallTracerOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestCallTracer.h: * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp: (WebCore::JSTestClassWithJSBuiltinConstructor::subspaceForImpl): (WebCore::JSTestClassWithJSBuiltinConstructorOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h: * bindings/scripts/test/JS/JSTestConditionalIncludes.cpp: (WebCore::JSTestConditionalIncludes::subspaceForImpl): (WebCore::JSTestConditionalIncludesOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestConditionalIncludes.h: * bindings/scripts/test/JS/JSTestConditionallyReadWrite.cpp: (WebCore::JSTestConditionallyReadWrite::subspaceForImpl): (WebCore::JSTestConditionallyReadWriteOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestConditionallyReadWrite.h: * bindings/scripts/test/JS/JSTestDOMJIT.cpp: (WebCore::JSTestDOMJIT::subspaceForImpl): * bindings/scripts/test/JS/JSTestDefaultToJSON.cpp: (WebCore::JSTestDefaultToJSON::subspaceForImpl): (WebCore::JSTestDefaultToJSONOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestDefaultToJSON.h: * bindings/scripts/test/JS/JSTestDefaultToJSONFilteredByExposed.cpp: (WebCore::JSTestDefaultToJSONFilteredByExposed::subspaceForImpl): (WebCore::JSTestDefaultToJSONFilteredByExposedOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestDefaultToJSONFilteredByExposed.h: * bindings/scripts/test/JS/JSTestDefaultToJSONIndirectInheritance.cpp: (WebCore::JSTestDefaultToJSONIndirectInheritance::subspaceForImpl): * bindings/scripts/test/JS/JSTestDefaultToJSONInherit.cpp: (WebCore::JSTestDefaultToJSONInherit::subspaceForImpl): * bindings/scripts/test/JS/JSTestDefaultToJSONInheritFinal.cpp: (WebCore::JSTestDefaultToJSONInheritFinal::subspaceForImpl): * bindings/scripts/test/JS/JSTestDomainSecurity.cpp: (WebCore::JSTestDomainSecurity::subspaceForImpl): (WebCore::JSTestDomainSecurityOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestDomainSecurity.h: * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp: (WebCore::JSTestEnabledBySetting::subspaceForImpl): (WebCore::JSTestEnabledBySettingOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestEnabledBySetting.h: * bindings/scripts/test/JS/JSTestEnabledForContext.cpp: (WebCore::JSTestEnabledForContext::subspaceForImpl): (WebCore::JSTestEnabledForContextOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestEnabledForContext.h: * bindings/scripts/test/JS/JSTestEventConstructor.cpp: (WebCore::JSTestEventConstructor::subspaceForImpl): * bindings/scripts/test/JS/JSTestEventTarget.cpp: (WebCore::JSTestEventTarget::subspaceForImpl): * bindings/scripts/test/JS/JSTestException.cpp: (WebCore::JSTestException::subspaceForImpl): (WebCore::JSTestExceptionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestException.h: * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp: (WebCore::JSTestGenerateIsReachable::subspaceForImpl): (WebCore::JSTestGenerateIsReachableOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestGenerateIsReachable.h: * bindings/scripts/test/JS/JSTestGlobalObject.cpp: (WebCore::JSTestGlobalObject::subspaceForImpl): (WebCore::JSTestGlobalObjectOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestGlobalObject.h: * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp: (WebCore::JSTestIndexedSetterNoIdentifier::subspaceForImpl): (WebCore::JSTestIndexedSetterNoIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.h: * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp: (WebCore::JSTestIndexedSetterThrowingException::subspaceForImpl): (WebCore::JSTestIndexedSetterThrowingExceptionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.h: * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp: (WebCore::JSTestIndexedSetterWithIdentifier::subspaceForImpl): (WebCore::JSTestIndexedSetterWithIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.h: * bindings/scripts/test/JS/JSTestInterface.cpp: (WebCore::jsTestInterfacePrototypeFunction_entriesCaller): (WebCore::JSTestInterface::subspaceForImpl): (WebCore::JSTestInterfaceOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestInterface.h: * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp: (WebCore::JSTestInterfaceLeadingUnderscore::subspaceForImpl): (WebCore::JSTestInterfaceLeadingUnderscoreOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.h: * bindings/scripts/test/JS/JSTestIterable.cpp: (WebCore::jsTestIterablePrototypeFunction_entriesCaller): (WebCore::JSTestIterable::subspaceForImpl): (WebCore::JSTestIterableOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestIterable.h: * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp: (WebCore::JSTestJSBuiltinConstructor::subspaceForImpl): * bindings/scripts/test/JS/JSTestLegacyFactoryFunction.cpp: (WebCore::JSTestLegacyFactoryFunction::subspaceForImpl): (WebCore::JSTestLegacyFactoryFunctionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestLegacyFactoryFunction.h: * bindings/scripts/test/JS/JSTestLegacyNoInterfaceObject.cpp: (WebCore::JSTestLegacyNoInterfaceObject::subspaceForImpl): (WebCore::JSTestLegacyNoInterfaceObjectOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestLegacyNoInterfaceObject.h: * bindings/scripts/test/JS/JSTestLegacyOverrideBuiltIns.cpp: (WebCore::JSTestLegacyOverrideBuiltIns::subspaceForImpl): (WebCore::JSTestLegacyOverrideBuiltInsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestLegacyOverrideBuiltIns.h: * bindings/scripts/test/JS/JSTestMapLike.cpp: (WebCore::JSTestMapLike::subspaceForImpl): (WebCore::JSTestMapLikeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestMapLike.h: * bindings/scripts/test/JS/JSTestMapLikeWithOverriddenOperations.cpp: (WebCore::JSTestMapLikeWithOverriddenOperations::subspaceForImpl): (WebCore::JSTestMapLikeWithOverriddenOperationsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestMapLikeWithOverriddenOperations.h: * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp: (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::subspaceForImpl): (WebCore::JSTestNamedAndIndexedSetterNoIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.h: * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp: (WebCore::JSTestNamedAndIndexedSetterThrowingException::subspaceForImpl): (WebCore::JSTestNamedAndIndexedSetterThrowingExceptionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.h: * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp: (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::subspaceForImpl): (WebCore::JSTestNamedAndIndexedSetterWithIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp: (WebCore::JSTestNamedDeleterNoIdentifier::subspaceForImpl): (WebCore::JSTestNamedDeleterNoIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.h: * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp: (WebCore::JSTestNamedDeleterThrowingException::subspaceForImpl): (WebCore::JSTestNamedDeleterThrowingExceptionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.h: * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp: (WebCore::JSTestNamedDeleterWithIdentifier::subspaceForImpl): (WebCore::JSTestNamedDeleterWithIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp: (WebCore::JSTestNamedDeleterWithIndexedGetter::subspaceForImpl): (WebCore::JSTestNamedDeleterWithIndexedGetterOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.h: * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp: (WebCore::JSTestNamedGetterCallWith::subspaceForImpl): (WebCore::JSTestNamedGetterCallWithOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedGetterCallWith.h: * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp: (WebCore::JSTestNamedGetterNoIdentifier::subspaceForImpl): (WebCore::JSTestNamedGetterNoIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.h: * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp: (WebCore::JSTestNamedGetterWithIdentifier::subspaceForImpl): (WebCore::JSTestNamedGetterWithIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp: (WebCore::JSTestNamedSetterNoIdentifier::subspaceForImpl): (WebCore::JSTestNamedSetterNoIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.h: * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp: (WebCore::JSTestNamedSetterThrowingException::subspaceForImpl): (WebCore::JSTestNamedSetterThrowingExceptionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.h: * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp: (WebCore::JSTestNamedSetterWithIdentifier::subspaceForImpl): (WebCore::JSTestNamedSetterWithIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp: (WebCore::JSTestNamedSetterWithIndexedGetter::subspaceForImpl): (WebCore::JSTestNamedSetterWithIndexedGetterOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.h: * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp: (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::subspaceForImpl): (WebCore::JSTestNamedSetterWithIndexedGetterAndSetterOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.h: * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyOverrideBuiltIns.cpp: (WebCore::JSTestNamedSetterWithLegacyOverrideBuiltIns::subspaceForImpl): (WebCore::JSTestNamedSetterWithLegacyOverrideBuiltInsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyOverrideBuiltIns.h: * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyUnforgeableProperties.cpp: (WebCore::JSTestNamedSetterWithLegacyUnforgeableProperties::subspaceForImpl): (WebCore::JSTestNamedSetterWithLegacyUnforgeablePropertiesOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyUnforgeableProperties.h: * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyUnforgeablePropertiesAndLegacyOverrideBuiltIns.cpp: (WebCore::JSTestNamedSetterWithLegacyUnforgeablePropertiesAndLegacyOverrideBuiltIns::subspaceForImpl): (WebCore::JSTestNamedSetterWithLegacyUnforgeablePropertiesAndLegacyOverrideBuiltInsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyUnforgeablePropertiesAndLegacyOverrideBuiltIns.h: * bindings/scripts/test/JS/JSTestNode.cpp: (WebCore::jsTestNodePrototypeFunction_entriesCaller): (WebCore::JSTestNode::subspaceForImpl): * bindings/scripts/test/JS/JSTestObj.cpp: (WebCore::JSTestObj::subspaceForImpl): (WebCore::JSTestObj::visitChildrenImpl): (WebCore::JSTestObjOwner::isReachableFromOpaqueRoots): (WebCore::JSTestObj::visitChildren): Deleted. * bindings/scripts/test/JS/JSTestObj.h: * bindings/scripts/test/JS/JSTestOperationConditional.cpp: (WebCore::JSTestOperationConditional::subspaceForImpl): (WebCore::JSTestOperationConditionalOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestOperationConditional.h: * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: (WebCore::JSTestOverloadedConstructors::subspaceForImpl): (WebCore::JSTestOverloadedConstructorsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestOverloadedConstructors.h: * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp: (WebCore::JSTestOverloadedConstructorsWithSequence::subspaceForImpl): (WebCore::JSTestOverloadedConstructorsWithSequenceOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.h: * bindings/scripts/test/JS/JSTestPluginInterface.cpp: (WebCore::JSTestPluginInterface::subspaceForImpl): (WebCore::JSTestPluginInterfaceOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestPluginInterface.h: * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp: (WebCore::JSTestPromiseRejectionEvent::subspaceForImpl): * bindings/scripts/test/JS/JSTestReadOnlyMapLike.cpp: (WebCore::JSTestReadOnlyMapLike::subspaceForImpl): (WebCore::JSTestReadOnlyMapLikeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestReadOnlyMapLike.h: * bindings/scripts/test/JS/JSTestReadOnlySetLike.cpp: (WebCore::JSTestReadOnlySetLike::subspaceForImpl): (WebCore::JSTestReadOnlySetLikeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestReadOnlySetLike.h: * bindings/scripts/test/JS/JSTestReportExtraMemoryCost.cpp: (WebCore::JSTestReportExtraMemoryCost::subspaceForImpl): (WebCore::JSTestReportExtraMemoryCost::visitChildrenImpl): (WebCore::JSTestReportExtraMemoryCostOwner::isReachableFromOpaqueRoots): (WebCore::JSTestReportExtraMemoryCost::visitChildren): Deleted. * bindings/scripts/test/JS/JSTestReportExtraMemoryCost.h: * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: (WebCore::JSTestSerializedScriptValueInterface::subspaceForImpl): (WebCore::JSTestSerializedScriptValueInterface::visitChildrenImpl): (WebCore::JSTestSerializedScriptValueInterfaceOwner::isReachableFromOpaqueRoots): (WebCore::JSTestSerializedScriptValueInterface::visitChildren): Deleted. * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h: * bindings/scripts/test/JS/JSTestSetLike.cpp: (WebCore::JSTestSetLike::subspaceForImpl): (WebCore::JSTestSetLikeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestSetLike.h: * bindings/scripts/test/JS/JSTestSetLikeWithOverriddenOperations.cpp: (WebCore::JSTestSetLikeWithOverriddenOperations::subspaceForImpl): (WebCore::JSTestSetLikeWithOverriddenOperationsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestSetLikeWithOverriddenOperations.h: * bindings/scripts/test/JS/JSTestStringifier.cpp: (WebCore::JSTestStringifier::subspaceForImpl): (WebCore::JSTestStringifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifier.h: * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp: (WebCore::JSTestStringifierAnonymousOperation::subspaceForImpl): (WebCore::JSTestStringifierAnonymousOperationOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.h: * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp: (WebCore::JSTestStringifierNamedOperation::subspaceForImpl): (WebCore::JSTestStringifierNamedOperationOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierNamedOperation.h: * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp: (WebCore::JSTestStringifierOperationImplementedAs::subspaceForImpl): (WebCore::JSTestStringifierOperationImplementedAsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.h: * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp: (WebCore::JSTestStringifierOperationNamedToString::subspaceForImpl): (WebCore::JSTestStringifierOperationNamedToStringOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.h: * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp: (WebCore::JSTestStringifierReadOnlyAttribute::subspaceForImpl): (WebCore::JSTestStringifierReadOnlyAttributeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.h: * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp: (WebCore::JSTestStringifierReadWriteAttribute::subspaceForImpl): (WebCore::JSTestStringifierReadWriteAttributeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.h: * bindings/scripts/test/JS/JSTestTypedefs.cpp: (WebCore::JSTestTypedefs::subspaceForImpl): (WebCore::JSTestTypedefsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestTypedefs.h: * bindings/scripts/test/JS/JSWorkerGlobalScope.cpp: (WebCore::JSWorkerGlobalScope::subspaceForImpl): * bindings/scripts/test/JS/JSWorkletGlobalScope.cpp: (WebCore::JSWorkletGlobalScope::subspaceForImpl): * dom/ActiveDOMCallback.h: (WebCore::ActiveDOMCallback::visitJSFunction): * dom/EventListener.h: (WebCore::EventListener::visitJSFunction): * dom/EventTarget.cpp: (WebCore::EventTarget::visitJSEventListeners): * dom/EventTarget.h: * dom/MutationRecord.cpp: * dom/MutationRecord.h: * dom/NodeFilterCondition.h: (WebCore::NodeFilterCondition::visitAggregate): Deleted. * dom/StaticRange.cpp: (WebCore::StaticRange::visitNodesConcurrently const): * dom/StaticRange.h: * html/canvas/WebGL2RenderingContext.cpp: (WebCore::WebGL2RenderingContext::addMembersToOpaqueRoots): * html/canvas/WebGL2RenderingContext.h: * html/canvas/WebGLFramebuffer.cpp: (WebCore::WebGLFramebuffer::addMembersToOpaqueRoots): * html/canvas/WebGLFramebuffer.h: * html/canvas/WebGLProgram.cpp: (WebCore::WebGLProgram::addMembersToOpaqueRoots): * html/canvas/WebGLProgram.h: * html/canvas/WebGLRenderingContextBase.cpp: (WebCore::WebGLRenderingContextBase::addMembersToOpaqueRoots): * html/canvas/WebGLRenderingContextBase.h: * html/canvas/WebGLTransformFeedback.cpp: (WebCore::WebGLTransformFeedback::addMembersToOpaqueRoots): * html/canvas/WebGLTransformFeedback.h: * html/canvas/WebGLVertexArrayObjectBase.cpp: (WebCore::WebGLVertexArrayObjectBase::addMembersToOpaqueRoots): * html/canvas/WebGLVertexArrayObjectBase.h: Canonical link: https://commits.webkit.org/234335@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@273138 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-02-19 15:51:15 +00:00
template<typename Visitor>
void UnlinkedCodeBlock::visitChildrenImpl(JSCell* cell, Visitor& visitor)
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
{
UnlinkedCodeBlock* thisObject = jsCast<UnlinkedCodeBlock*>(cell);
Foo::s_info should be Foo::info(), so that you can change how the s_info is actually linked https://bugs.webkit.org/show_bug.cgi?id=119770 Reviewed by Mark Hahnenberg. Source/JavaScriptCore: * API/JSCallbackConstructor.cpp: (JSC::JSCallbackConstructor::finishCreation): * API/JSCallbackConstructor.h: (JSC::JSCallbackConstructor::createStructure): * API/JSCallbackFunction.cpp: (JSC::JSCallbackFunction::finishCreation): * API/JSCallbackFunction.h: (JSC::JSCallbackFunction::createStructure): * API/JSCallbackObject.cpp: (JSC::::createStructure): * API/JSCallbackObject.h: (JSC::JSCallbackObject::visitChildren): * API/JSCallbackObjectFunctions.h: (JSC::::asCallbackObject): (JSC::::finishCreation): * API/JSObjectRef.cpp: (JSObjectGetPrivate): (JSObjectSetPrivate): (JSObjectGetPrivateProperty): (JSObjectSetPrivateProperty): (JSObjectDeletePrivateProperty): * API/JSValueRef.cpp: (JSValueIsObjectOfClass): * API/JSWeakObjectMapRefPrivate.cpp: * API/ObjCCallbackFunction.h: (JSC::ObjCCallbackFunction::createStructure): * JSCTypedArrayStubs.h: * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::CallLinkStatus): (JSC::CallLinkStatus::function): (JSC::CallLinkStatus::internalFunction): * bytecode/CodeBlock.h: (JSC::baselineCodeBlockForInlineCallFrame): * bytecode/SpeculatedType.cpp: (JSC::speculationFromClassInfo): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedFunctionExecutable::visitChildren): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedProgramCodeBlock::visitChildren): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedFunctionExecutable::createStructure): (JSC::UnlinkedProgramCodeBlock::createStructure): (JSC::UnlinkedEvalCodeBlock::createStructure): (JSC::UnlinkedFunctionCodeBlock::createStructure): * debugger/Debugger.cpp: * debugger/DebuggerActivation.cpp: (JSC::DebuggerActivation::visitChildren): * debugger/DebuggerActivation.h: (JSC::DebuggerActivation::createStructure): * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::functionName): * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::::executeEffects): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleConstantInternalFunction): (JSC::DFG::ByteCodeParser::parseBlock): * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::isStringPrototypeMethodSane): (JSC::DFG::FixupPhase::canOptimizeStringObjectAccess): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::dump): * dfg/DFGGraph.h: (JSC::DFG::Graph::isInternalFunctionConstant): * dfg/DFGOperations.cpp: * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::checkArray): (JSC::DFG::SpeculativeJIT::compileNewStringObject): * dfg/DFGThunks.cpp: (JSC::DFG::virtualForThunkGenerator): * interpreter/Interpreter.cpp: (JSC::loadVarargs): * jsc.cpp: (GlobalObject::createStructure): * profiler/LegacyProfiler.cpp: (JSC::LegacyProfiler::createCallIdentifier): * runtime/Arguments.cpp: (JSC::Arguments::visitChildren): * runtime/Arguments.h: (JSC::Arguments::createStructure): (JSC::asArguments): (JSC::Arguments::finishCreation): * runtime/ArrayConstructor.cpp: (JSC::arrayConstructorIsArray): * runtime/ArrayConstructor.h: (JSC::ArrayConstructor::createStructure): * runtime/ArrayPrototype.cpp: (JSC::ArrayPrototype::finishCreation): (JSC::arrayProtoFuncConcat): (JSC::attemptFastSort): * runtime/ArrayPrototype.h: (JSC::ArrayPrototype::createStructure): * runtime/BooleanConstructor.h: (JSC::BooleanConstructor::createStructure): * runtime/BooleanObject.cpp: (JSC::BooleanObject::finishCreation): * runtime/BooleanObject.h: (JSC::BooleanObject::createStructure): (JSC::asBooleanObject): * runtime/BooleanPrototype.cpp: (JSC::BooleanPrototype::finishCreation): (JSC::booleanProtoFuncToString): (JSC::booleanProtoFuncValueOf): * runtime/BooleanPrototype.h: (JSC::BooleanPrototype::createStructure): * runtime/DateConstructor.cpp: (JSC::constructDate): * runtime/DateConstructor.h: (JSC::DateConstructor::createStructure): * runtime/DateInstance.cpp: (JSC::DateInstance::finishCreation): * runtime/DateInstance.h: (JSC::DateInstance::createStructure): (JSC::asDateInstance): * runtime/DatePrototype.cpp: (JSC::formateDateInstance): (JSC::DatePrototype::finishCreation): (JSC::dateProtoFuncToISOString): (JSC::dateProtoFuncToLocaleString): (JSC::dateProtoFuncToLocaleDateString): (JSC::dateProtoFuncToLocaleTimeString): (JSC::dateProtoFuncGetTime): (JSC::dateProtoFuncGetFullYear): (JSC::dateProtoFuncGetUTCFullYear): (JSC::dateProtoFuncGetMonth): (JSC::dateProtoFuncGetUTCMonth): (JSC::dateProtoFuncGetDate): (JSC::dateProtoFuncGetUTCDate): (JSC::dateProtoFuncGetDay): (JSC::dateProtoFuncGetUTCDay): (JSC::dateProtoFuncGetHours): (JSC::dateProtoFuncGetUTCHours): (JSC::dateProtoFuncGetMinutes): (JSC::dateProtoFuncGetUTCMinutes): (JSC::dateProtoFuncGetSeconds): (JSC::dateProtoFuncGetUTCSeconds): (JSC::dateProtoFuncGetMilliSeconds): (JSC::dateProtoFuncGetUTCMilliseconds): (JSC::dateProtoFuncGetTimezoneOffset): (JSC::dateProtoFuncSetTime): (JSC::setNewValueFromTimeArgs): (JSC::setNewValueFromDateArgs): (JSC::dateProtoFuncSetYear): (JSC::dateProtoFuncGetYear): * runtime/DatePrototype.h: (JSC::DatePrototype::createStructure): * runtime/Error.h: (JSC::StrictModeTypeErrorFunction::createStructure): * runtime/ErrorConstructor.h: (JSC::ErrorConstructor::createStructure): * runtime/ErrorInstance.cpp: (JSC::ErrorInstance::finishCreation): * runtime/ErrorInstance.h: (JSC::ErrorInstance::createStructure): * runtime/ErrorPrototype.cpp: (JSC::ErrorPrototype::finishCreation): * runtime/ErrorPrototype.h: (JSC::ErrorPrototype::createStructure): * runtime/ExceptionHelpers.cpp: (JSC::isTerminatedExecutionException): * runtime/ExceptionHelpers.h: (JSC::TerminatedExecutionError::createStructure): * runtime/Executable.cpp: (JSC::EvalExecutable::visitChildren): (JSC::ProgramExecutable::visitChildren): (JSC::FunctionExecutable::visitChildren): (JSC::ExecutableBase::hashFor): * runtime/Executable.h: (JSC::ExecutableBase::createStructure): (JSC::NativeExecutable::createStructure): (JSC::EvalExecutable::createStructure): (JSC::ProgramExecutable::createStructure): (JSC::FunctionExecutable::compileFor): (JSC::FunctionExecutable::compileOptimizedFor): (JSC::FunctionExecutable::createStructure): * runtime/FunctionConstructor.h: (JSC::FunctionConstructor::createStructure): * runtime/FunctionPrototype.cpp: (JSC::functionProtoFuncToString): (JSC::functionProtoFuncApply): (JSC::functionProtoFuncBind): * runtime/FunctionPrototype.h: (JSC::FunctionPrototype::createStructure): * runtime/GetterSetter.cpp: (JSC::GetterSetter::visitChildren): * runtime/GetterSetter.h: (JSC::GetterSetter::createStructure): * runtime/InternalFunction.cpp: (JSC::InternalFunction::finishCreation): * runtime/InternalFunction.h: (JSC::InternalFunction::createStructure): (JSC::asInternalFunction): * runtime/JSAPIValueWrapper.h: (JSC::JSAPIValueWrapper::createStructure): * runtime/JSActivation.cpp: (JSC::JSActivation::visitChildren): (JSC::JSActivation::argumentsGetter): * runtime/JSActivation.h: (JSC::JSActivation::createStructure): (JSC::asActivation): * runtime/JSArray.h: (JSC::JSArray::createStructure): (JSC::asArray): (JSC::isJSArray): * runtime/JSBoundFunction.cpp: (JSC::JSBoundFunction::finishCreation): (JSC::JSBoundFunction::visitChildren): * runtime/JSBoundFunction.h: (JSC::JSBoundFunction::createStructure): * runtime/JSCJSValue.cpp: (JSC::JSValue::dumpInContext): * runtime/JSCJSValueInlines.h: (JSC::JSValue::isFunction): * runtime/JSCell.h: (JSC::jsCast): (JSC::jsDynamicCast): * runtime/JSCellInlines.h: (JSC::allocateCell): * runtime/JSFunction.cpp: (JSC::JSFunction::finishCreation): (JSC::JSFunction::visitChildren): (JSC::skipOverBoundFunctions): (JSC::JSFunction::callerGetter): * runtime/JSFunction.h: (JSC::JSFunction::createStructure): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::visitChildren): (JSC::slowValidateCell): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::createStructure): * runtime/JSNameScope.cpp: (JSC::JSNameScope::visitChildren): * runtime/JSNameScope.h: (JSC::JSNameScope::createStructure): * runtime/JSNotAnObject.h: (JSC::JSNotAnObject::createStructure): * runtime/JSONObject.cpp: (JSC::JSONObject::finishCreation): (JSC::unwrapBoxedPrimitive): (JSC::Stringifier::Stringifier): (JSC::Stringifier::appendStringifiedValue): (JSC::Stringifier::Holder::Holder): (JSC::Walker::walk): (JSC::JSONProtoFuncStringify): * runtime/JSONObject.h: (JSC::JSONObject::createStructure): * runtime/JSObject.cpp: (JSC::getCallableObjectSlow): (JSC::JSObject::visitChildren): (JSC::JSObject::copyBackingStore): (JSC::JSFinalObject::visitChildren): (JSC::JSObject::ensureInt32Slow): (JSC::JSObject::ensureDoubleSlow): (JSC::JSObject::ensureContiguousSlow): (JSC::JSObject::ensureArrayStorageSlow): * runtime/JSObject.h: (JSC::JSObject::finishCreation): (JSC::JSObject::createStructure): (JSC::JSNonFinalObject::createStructure): (JSC::JSFinalObject::createStructure): (JSC::isJSFinalObject): * runtime/JSPropertyNameIterator.cpp: (JSC::JSPropertyNameIterator::visitChildren): * runtime/JSPropertyNameIterator.h: (JSC::JSPropertyNameIterator::createStructure): * runtime/JSProxy.cpp: (JSC::JSProxy::visitChildren): * runtime/JSProxy.h: (JSC::JSProxy::createStructure): * runtime/JSScope.cpp: (JSC::JSScope::visitChildren): * runtime/JSSegmentedVariableObject.cpp: (JSC::JSSegmentedVariableObject::visitChildren): * runtime/JSString.h: (JSC::JSString::createStructure): (JSC::isJSString): * runtime/JSSymbolTableObject.cpp: (JSC::JSSymbolTableObject::visitChildren): * runtime/JSVariableObject.h: * runtime/JSWithScope.cpp: (JSC::JSWithScope::visitChildren): * runtime/JSWithScope.h: (JSC::JSWithScope::createStructure): * runtime/JSWrapperObject.cpp: (JSC::JSWrapperObject::visitChildren): * runtime/JSWrapperObject.h: (JSC::JSWrapperObject::createStructure): * runtime/MathObject.cpp: (JSC::MathObject::finishCreation): * runtime/MathObject.h: (JSC::MathObject::createStructure): * runtime/NameConstructor.h: (JSC::NameConstructor::createStructure): * runtime/NameInstance.h: (JSC::NameInstance::createStructure): (JSC::NameInstance::finishCreation): * runtime/NamePrototype.cpp: (JSC::NamePrototype::finishCreation): (JSC::privateNameProtoFuncToString): * runtime/NamePrototype.h: (JSC::NamePrototype::createStructure): * runtime/NativeErrorConstructor.cpp: (JSC::NativeErrorConstructor::visitChildren): * runtime/NativeErrorConstructor.h: (JSC::NativeErrorConstructor::createStructure): (JSC::NativeErrorConstructor::finishCreation): * runtime/NumberConstructor.cpp: (JSC::NumberConstructor::finishCreation): * runtime/NumberConstructor.h: (JSC::NumberConstructor::createStructure): * runtime/NumberObject.cpp: (JSC::NumberObject::finishCreation): * runtime/NumberObject.h: (JSC::NumberObject::createStructure): * runtime/NumberPrototype.cpp: (JSC::NumberPrototype::finishCreation): * runtime/NumberPrototype.h: (JSC::NumberPrototype::createStructure): * runtime/ObjectConstructor.h: (JSC::ObjectConstructor::createStructure): * runtime/ObjectPrototype.cpp: (JSC::ObjectPrototype::finishCreation): * runtime/ObjectPrototype.h: (JSC::ObjectPrototype::createStructure): * runtime/PropertyMapHashTable.h: (JSC::PropertyTable::createStructure): * runtime/PropertyTable.cpp: (JSC::PropertyTable::visitChildren): * runtime/RegExp.h: (JSC::RegExp::createStructure): * runtime/RegExpConstructor.cpp: (JSC::RegExpConstructor::finishCreation): (JSC::RegExpConstructor::visitChildren): (JSC::constructRegExp): * runtime/RegExpConstructor.h: (JSC::RegExpConstructor::createStructure): (JSC::asRegExpConstructor): * runtime/RegExpMatchesArray.cpp: (JSC::RegExpMatchesArray::visitChildren): * runtime/RegExpMatchesArray.h: (JSC::RegExpMatchesArray::createStructure): * runtime/RegExpObject.cpp: (JSC::RegExpObject::finishCreation): (JSC::RegExpObject::visitChildren): * runtime/RegExpObject.h: (JSC::RegExpObject::createStructure): (JSC::asRegExpObject): * runtime/RegExpPrototype.cpp: (JSC::regExpProtoFuncTest): (JSC::regExpProtoFuncExec): (JSC::regExpProtoFuncCompile): (JSC::regExpProtoFuncToString): * runtime/RegExpPrototype.h: (JSC::RegExpPrototype::createStructure): * runtime/SparseArrayValueMap.cpp: (JSC::SparseArrayValueMap::createStructure): * runtime/SparseArrayValueMap.h: * runtime/StrictEvalActivation.h: (JSC::StrictEvalActivation::createStructure): * runtime/StringConstructor.h: (JSC::StringConstructor::createStructure): * runtime/StringObject.cpp: (JSC::StringObject::finishCreation): * runtime/StringObject.h: (JSC::StringObject::createStructure): (JSC::asStringObject): * runtime/StringPrototype.cpp: (JSC::StringPrototype::finishCreation): (JSC::stringProtoFuncReplace): (JSC::stringProtoFuncToString): (JSC::stringProtoFuncMatch): (JSC::stringProtoFuncSearch): (JSC::stringProtoFuncSplit): * runtime/StringPrototype.h: (JSC::StringPrototype::createStructure): * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::materializePropertyMap): (JSC::Structure::get): (JSC::Structure::visitChildren): * runtime/Structure.h: (JSC::Structure::typeInfo): (JSC::Structure::previousID): (JSC::Structure::outOfLineSize): (JSC::Structure::totalStorageCapacity): (JSC::Structure::materializePropertyMapIfNecessary): (JSC::Structure::materializePropertyMapIfNecessaryForPinning): * runtime/StructureChain.cpp: (JSC::StructureChain::visitChildren): * runtime/StructureChain.h: (JSC::StructureChain::createStructure): * runtime/StructureInlines.h: (JSC::Structure::get): * runtime/StructureRareData.cpp: (JSC::StructureRareData::createStructure): (JSC::StructureRareData::visitChildren): * runtime/StructureRareData.h: * runtime/SymbolTable.h: (JSC::SharedSymbolTable::createStructure): * runtime/VM.cpp: (JSC::VM::VM): (JSC::StackPreservingRecompiler::operator()): (JSC::VM::releaseExecutableMemory): * runtime/WriteBarrier.h: (JSC::validateCell): * testRegExp.cpp: (GlobalObject::createStructure): Source/WebCore: No new tests because no new behavior. * bindings/js/IDBBindingUtilities.cpp: (WebCore::createIDBKeyFromValue): * bindings/js/JSAttrCustom.cpp: (WebCore::JSAttr::visitChildren): * bindings/js/JSAudioTrackCustom.cpp: (WebCore::JSAudioTrack::visitChildren): * bindings/js/JSAudioTrackListCustom.cpp: (WebCore::JSAudioTrackList::visitChildren): * bindings/js/JSBlobCustom.cpp: (WebCore::JSBlobConstructor::constructJSBlob): * bindings/js/JSCSSRuleCustom.cpp: (WebCore::JSCSSRule::visitChildren): * bindings/js/JSCSSStyleDeclarationCustom.cpp: (WebCore::JSCSSStyleDeclaration::visitChildren): (WebCore::JSCSSStyleDeclaration::getOwnPropertyNames): * bindings/js/JSCanvasRenderingContext2DCustom.cpp: (WebCore::toHTMLCanvasStyle): * bindings/js/JSCanvasRenderingContextCustom.cpp: (WebCore::JSCanvasRenderingContext::visitChildren): * bindings/js/JSDOMBinding.cpp: (WebCore::valueToDate): * bindings/js/JSDOMBinding.h: (WebCore::DOMConstructorObject::createStructure): (WebCore::getDOMStructure): (WebCore::toRefPtrNativeArray): (WebCore::getStaticValueSlotEntryWithoutCaching): * bindings/js/JSDOMFormDataCustom.cpp: (WebCore::toHTMLFormElement): (WebCore::JSDOMFormData::append): * bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::finishCreation): (WebCore::JSDOMGlobalObject::scriptExecutionContext): (WebCore::JSDOMGlobalObject::visitChildren): * bindings/js/JSDOMGlobalObject.h: (WebCore::JSDOMGlobalObject::info): (WebCore::JSDOMGlobalObject::createStructure): (WebCore::getDOMConstructor): * bindings/js/JSDOMStringListCustom.cpp: (WebCore::toDOMStringList): * bindings/js/JSDOMWindowBase.cpp: (WebCore::JSDOMWindowBase::finishCreation): (WebCore::toJSDOMWindow): * bindings/js/JSDOMWindowBase.h: (WebCore::JSDOMWindowBase::createStructure): * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::visitChildren): (WebCore::JSDOMWindow::getOwnPropertySlot): (WebCore::JSDOMWindow::getOwnPropertyDescriptor): (WebCore::toDOMWindow): * bindings/js/JSDOMWindowShell.cpp: (WebCore::JSDOMWindowShell::finishCreation): * bindings/js/JSDOMWindowShell.h: (WebCore::JSDOMWindowShell::createStructure): * bindings/js/JSEventTargetCustom.cpp: (WebCore::toEventTarget): * bindings/js/JSHistoryCustom.cpp: (WebCore::JSHistory::getOwnPropertySlotDelegate): (WebCore::JSHistory::getOwnPropertyDescriptorDelegate): * bindings/js/JSImageConstructor.cpp: (WebCore::JSImageConstructor::finishCreation): * bindings/js/JSImageConstructor.h: (WebCore::JSImageConstructor::createStructure): * bindings/js/JSInjectedScriptHostCustom.cpp: (WebCore::JSInjectedScriptHost::isHTMLAllCollection): (WebCore::JSInjectedScriptHost::type): (WebCore::JSInjectedScriptHost::functionDetails): * bindings/js/JSInspectorFrontendHostCustom.cpp: (WebCore::populateContextMenuItems): * bindings/js/JSLocationCustom.cpp: (WebCore::JSLocation::getOwnPropertySlotDelegate): (WebCore::JSLocation::getOwnPropertyDescriptorDelegate): (WebCore::JSLocation::putDelegate): * bindings/js/JSMessageChannelCustom.cpp: (WebCore::JSMessageChannel::visitChildren): * bindings/js/JSMessagePortCustom.cpp: (WebCore::JSMessagePort::visitChildren): * bindings/js/JSNodeCustom.cpp: (WebCore::JSNode::pushEventHandlerScope): (WebCore::JSNode::visitChildren): * bindings/js/JSNodeFilterCustom.cpp: (WebCore::JSNodeFilter::visitChildren): (WebCore::toNodeFilter): * bindings/js/JSNodeIteratorCustom.cpp: (WebCore::JSNodeIterator::visitChildren): * bindings/js/JSPluginElementFunctions.h: (WebCore::pluginElementCustomGetOwnPropertySlot): (WebCore::pluginElementCustomGetOwnPropertyDescriptor): * bindings/js/JSSVGElementInstanceCustom.cpp: (WebCore::JSSVGElementInstance::visitChildren): * bindings/js/JSSharedWorkerCustom.cpp: (WebCore::JSSharedWorker::visitChildren): * bindings/js/JSStyleSheetCustom.cpp: (WebCore::JSStyleSheet::visitChildren): * bindings/js/JSTextTrackCueCustom.cpp: (WebCore::JSTextTrackCue::visitChildren): * bindings/js/JSTextTrackCustom.cpp: (WebCore::JSTextTrack::visitChildren): * bindings/js/JSTextTrackListCustom.cpp: (WebCore::JSTextTrackList::visitChildren): * bindings/js/JSTrackCustom.cpp: (WebCore::toTrack): * bindings/js/JSTreeWalkerCustom.cpp: (WebCore::JSTreeWalker::visitChildren): * bindings/js/JSVideoTrackCustom.cpp: (WebCore::JSVideoTrack::visitChildren): * bindings/js/JSVideoTrackListCustom.cpp: (WebCore::JSVideoTrackList::visitChildren): * bindings/js/JSWebGLRenderingContextCustom.cpp: (WebCore::JSWebGLRenderingContext::visitChildren): (WebCore::JSWebGLRenderingContext::getAttachedShaders): (WebCore::JSWebGLRenderingContext::getProgramParameter): (WebCore::JSWebGLRenderingContext::getShaderParameter): (WebCore::JSWebGLRenderingContext::getUniform): (WebCore::dataFunctionf): (WebCore::dataFunctioni): (WebCore::dataFunctionMatrix): * bindings/js/JSWorkerGlobalScopeBase.cpp: (WebCore::JSWorkerGlobalScopeBase::finishCreation): (WebCore::toJSDedicatedWorkerGlobalScope): (WebCore::toJSSharedWorkerGlobalScope): * bindings/js/JSWorkerGlobalScopeBase.h: (WebCore::JSWorkerGlobalScopeBase::createStructure): * bindings/js/JSWorkerGlobalScopeCustom.cpp: (WebCore::JSWorkerGlobalScope::visitChildren): * bindings/js/JSXMLHttpRequestCustom.cpp: (WebCore::JSXMLHttpRequest::visitChildren): (WebCore::JSXMLHttpRequest::send): * bindings/js/JSXPathResultCustom.cpp: (WebCore::JSXPathResult::visitChildren): * bindings/js/ScriptDebugServer.cpp: (WebCore::ScriptDebugServer::dispatchDidPause): * bindings/js/ScriptState.cpp: (WebCore::domWindowFromScriptState): (WebCore::scriptExecutionContextFromScriptState): * bindings/js/SerializedScriptValue.cpp: (WebCore::CloneSerializer::isArray): (WebCore::CloneSerializer::dumpArrayBufferView): (WebCore::CloneSerializer::dumpIfTerminal): (WebCore::CloneSerializer::serialize): (WebCore::CloneDeserializer::CloneDeserializer): (WebCore::CloneDeserializer::readArrayBufferView): * bindings/objc/DOM.mm: (+[DOMNode _nodeFromJSWrapper:]): * bindings/objc/DOMUtility.mm: (JSC::createDOMWrapper): * bindings/objc/WebScriptObject.mm: (+[WebScriptObject _convertValueToObjcValue:JSC::originRootObject:rootObject:]): * bindings/scripts/CodeGeneratorJS.pm: (GenerateGetOwnPropertySlotBody): (GenerateGetOwnPropertyDescriptorBody): (GenerateHeader): (GenerateParametersCheckExpression): (GenerateImplementation): (GenerateParametersCheck): (GenerateConstructorDeclaration): (GenerateConstructorHelperMethods): * bindings/scripts/test/JS/JSFloat64Array.cpp: (WebCore::JSFloat64ArrayConstructor::finishCreation): (WebCore::JSFloat64Array::finishCreation): (WebCore::JSFloat64Array::getOwnPropertySlot): (WebCore::JSFloat64Array::getOwnPropertyDescriptor): (WebCore::JSFloat64Array::getOwnPropertySlotByIndex): (WebCore::JSFloat64Array::put): (WebCore::JSFloat64Array::putByIndex): (WebCore::JSFloat64Array::getOwnPropertyNames): (WebCore::jsFloat64ArrayPrototypeFunctionFoo): (WebCore::jsFloat64ArrayPrototypeFunctionSet): (WebCore::JSFloat64Array::getByIndex): (WebCore::toFloat64Array): * bindings/scripts/test/JS/JSFloat64Array.h: (WebCore::JSFloat64Array::createStructure): (WebCore::JSFloat64ArrayPrototype::createStructure): (WebCore::JSFloat64ArrayConstructor::createStructure): * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: (WebCore::JSTestActiveDOMObjectConstructor::finishCreation): (WebCore::JSTestActiveDOMObject::finishCreation): (WebCore::JSTestActiveDOMObject::getOwnPropertySlot): (WebCore::JSTestActiveDOMObject::getOwnPropertyDescriptor): (WebCore::jsTestActiveDOMObjectPrototypeFunctionExcitingFunction): (WebCore::jsTestActiveDOMObjectPrototypeFunctionPostMessage): (WebCore::toTestActiveDOMObject): * bindings/scripts/test/JS/JSTestActiveDOMObject.h: (WebCore::JSTestActiveDOMObject::createStructure): (WebCore::JSTestActiveDOMObjectPrototype::createStructure): (WebCore::JSTestActiveDOMObjectConstructor::createStructure): * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp: (WebCore::JSTestCustomNamedGetterConstructor::finishCreation): (WebCore::JSTestCustomNamedGetter::finishCreation): (WebCore::JSTestCustomNamedGetter::getOwnPropertySlot): (WebCore::JSTestCustomNamedGetter::getOwnPropertyDescriptor): (WebCore::JSTestCustomNamedGetter::getOwnPropertySlotByIndex): (WebCore::jsTestCustomNamedGetterPrototypeFunctionAnotherFunction): (WebCore::toTestCustomNamedGetter): * bindings/scripts/test/JS/JSTestCustomNamedGetter.h: (WebCore::JSTestCustomNamedGetter::createStructure): (WebCore::JSTestCustomNamedGetterPrototype::createStructure): (WebCore::JSTestCustomNamedGetterConstructor::createStructure): * bindings/scripts/test/JS/JSTestEventConstructor.cpp: (WebCore::JSTestEventConstructorConstructor::finishCreation): (WebCore::JSTestEventConstructor::finishCreation): (WebCore::JSTestEventConstructor::getOwnPropertySlot): (WebCore::JSTestEventConstructor::getOwnPropertyDescriptor): (WebCore::toTestEventConstructor): * bindings/scripts/test/JS/JSTestEventConstructor.h: (WebCore::JSTestEventConstructor::createStructure): (WebCore::JSTestEventConstructorPrototype::createStructure): (WebCore::JSTestEventConstructorConstructor::createStructure): * bindings/scripts/test/JS/JSTestEventTarget.cpp: (WebCore::JSTestEventTargetConstructor::finishCreation): (WebCore::JSTestEventTarget::finishCreation): (WebCore::JSTestEventTarget::getOwnPropertySlot): (WebCore::JSTestEventTarget::getOwnPropertyDescriptor): (WebCore::JSTestEventTarget::getOwnPropertySlotByIndex): (WebCore::JSTestEventTarget::getOwnPropertyNames): (WebCore::jsTestEventTargetPrototypeFunctionItem): (WebCore::jsTestEventTargetPrototypeFunctionAddEventListener): (WebCore::jsTestEventTargetPrototypeFunctionRemoveEventListener): (WebCore::jsTestEventTargetPrototypeFunctionDispatchEvent): (WebCore::JSTestEventTarget::visitChildren): (WebCore::JSTestEventTarget::indexGetter): (WebCore::toTestEventTarget): * bindings/scripts/test/JS/JSTestEventTarget.h: (WebCore::JSTestEventTarget::createStructure): (WebCore::JSTestEventTargetPrototype::createStructure): (WebCore::JSTestEventTargetConstructor::createStructure): * bindings/scripts/test/JS/JSTestException.cpp: (WebCore::JSTestExceptionConstructor::finishCreation): (WebCore::JSTestException::finishCreation): (WebCore::JSTestException::getOwnPropertySlot): (WebCore::JSTestException::getOwnPropertyDescriptor): (WebCore::toTestException): * bindings/scripts/test/JS/JSTestException.h: (WebCore::JSTestException::createStructure): (WebCore::JSTestExceptionPrototype::createStructure): (WebCore::JSTestExceptionConstructor::createStructure): * bindings/scripts/test/JS/JSTestInterface.cpp: (WebCore::JSTestInterfaceConstructor::finishCreation): (WebCore::JSTestInterface::finishCreation): (WebCore::JSTestInterface::getOwnPropertySlot): (WebCore::JSTestInterface::getOwnPropertyDescriptor): (WebCore::JSTestInterface::put): (WebCore::JSTestInterface::putByIndex): (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod1): (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod2): (WebCore::jsTestInterfacePrototypeFunctionImplementsMethod3): (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod1): (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod2): (WebCore::jsTestInterfacePrototypeFunctionSupplementalMethod3): (WebCore::toTestInterface): * bindings/scripts/test/JS/JSTestInterface.h: (WebCore::JSTestInterface::createStructure): (WebCore::JSTestInterfacePrototype::createStructure): (WebCore::JSTestInterfaceConstructor::createStructure): * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp: (WebCore::JSTestMediaQueryListListenerConstructor::finishCreation): (WebCore::JSTestMediaQueryListListener::finishCreation): (WebCore::JSTestMediaQueryListListener::getOwnPropertySlot): (WebCore::JSTestMediaQueryListListener::getOwnPropertyDescriptor): (WebCore::jsTestMediaQueryListListenerPrototypeFunctionMethod): (WebCore::toTestMediaQueryListListener): * bindings/scripts/test/JS/JSTestMediaQueryListListener.h: (WebCore::JSTestMediaQueryListListener::createStructure): (WebCore::JSTestMediaQueryListListenerPrototype::createStructure): (WebCore::JSTestMediaQueryListListenerConstructor::createStructure): * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: (WebCore::JSTestNamedConstructorConstructor::finishCreation): (WebCore::JSTestNamedConstructorNamedConstructor::finishCreation): (WebCore::JSTestNamedConstructor::finishCreation): (WebCore::JSTestNamedConstructor::getOwnPropertySlot): (WebCore::JSTestNamedConstructor::getOwnPropertyDescriptor): (WebCore::toTestNamedConstructor): * bindings/scripts/test/JS/JSTestNamedConstructor.h: (WebCore::JSTestNamedConstructor::createStructure): (WebCore::JSTestNamedConstructorPrototype::createStructure): (WebCore::JSTestNamedConstructorConstructor::createStructure): (WebCore::JSTestNamedConstructorNamedConstructor::createStructure): * bindings/scripts/test/JS/JSTestNode.cpp: (WebCore::JSTestNodeConstructor::finishCreation): (WebCore::JSTestNode::finishCreation): (WebCore::JSTestNode::getOwnPropertySlot): (WebCore::JSTestNode::getOwnPropertyDescriptor): (WebCore::JSTestNode::visitChildren): * bindings/scripts/test/JS/JSTestNode.h: (WebCore::JSTestNode::createStructure): (WebCore::JSTestNodePrototype::createStructure): (WebCore::JSTestNodeConstructor::createStructure): * bindings/scripts/test/JS/JSTestObj.cpp: (WebCore::JSTestObjConstructor::finishCreation): (WebCore::JSTestObj::finishCreation): (WebCore::JSTestObj::getOwnPropertySlot): (WebCore::JSTestObj::getOwnPropertyDescriptor): (WebCore::JSTestObj::put): (WebCore::jsTestObjPrototypeFunctionVoidMethod): (WebCore::jsTestObjPrototypeFunctionVoidMethodWithArgs): (WebCore::jsTestObjPrototypeFunctionByteMethod): (WebCore::jsTestObjPrototypeFunctionByteMethodWithArgs): (WebCore::jsTestObjPrototypeFunctionOctetMethod): (WebCore::jsTestObjPrototypeFunctionOctetMethodWithArgs): (WebCore::jsTestObjPrototypeFunctionLongMethod): (WebCore::jsTestObjPrototypeFunctionLongMethodWithArgs): (WebCore::jsTestObjPrototypeFunctionObjMethod): (WebCore::jsTestObjPrototypeFunctionObjMethodWithArgs): (WebCore::jsTestObjPrototypeFunctionMethodWithSequenceArg): (WebCore::jsTestObjPrototypeFunctionMethodReturningSequence): (WebCore::jsTestObjPrototypeFunctionMethodWithEnumArg): (WebCore::jsTestObjPrototypeFunctionMethodThatRequiresAllArgsAndThrows): (WebCore::jsTestObjPrototypeFunctionSerializedValue): (WebCore::jsTestObjPrototypeFunctionOptionsObject): (WebCore::jsTestObjPrototypeFunctionMethodWithException): (WebCore::jsTestObjPrototypeFunctionCustomMethod): (WebCore::jsTestObjPrototypeFunctionCustomMethodWithArgs): (WebCore::jsTestObjPrototypeFunctionAddEventListener): (WebCore::jsTestObjPrototypeFunctionRemoveEventListener): (WebCore::jsTestObjPrototypeFunctionWithScriptStateVoid): (WebCore::jsTestObjPrototypeFunctionWithScriptStateObj): (WebCore::jsTestObjPrototypeFunctionWithScriptStateVoidException): (WebCore::jsTestObjPrototypeFunctionWithScriptStateObjException): (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContext): (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptState): (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptStateObjException): (WebCore::jsTestObjPrototypeFunctionWithScriptExecutionContextAndScriptStateWithSpaces): (WebCore::jsTestObjPrototypeFunctionWithScriptArgumentsAndCallStack): (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalArg): (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndOptionalArg): (WebCore::jsTestObjPrototypeFunctionMethodWithNonOptionalArgAndTwoOptionalArgs): (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalString): (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringIsUndefined): (WebCore::jsTestObjPrototypeFunctionMethodWithOptionalStringIsNullString): (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackArg): (WebCore::jsTestObjPrototypeFunctionMethodWithNonCallbackArgAndCallbackArg): (WebCore::jsTestObjPrototypeFunctionMethodWithCallbackAndOptionalArg): (WebCore::jsTestObjPrototypeFunctionConditionalMethod1): (WebCore::jsTestObjPrototypeFunctionConditionalMethod2): (WebCore::jsTestObjPrototypeFunctionConditionalMethod3): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod1): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod2): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod3): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod4): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod5): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod6): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod7): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod8): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod9): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod10): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod11): (WebCore::jsTestObjPrototypeFunctionOverloadedMethod): (WebCore::jsTestObjPrototypeFunctionClassMethodWithClamp): (WebCore::jsTestObjPrototypeFunctionMethodWithUnsignedLongSequence): (WebCore::jsTestObjPrototypeFunctionStringArrayFunction): (WebCore::jsTestObjPrototypeFunctionDomStringListFunction): (WebCore::jsTestObjPrototypeFunctionGetSVGDocument): (WebCore::jsTestObjPrototypeFunctionConvert1): (WebCore::jsTestObjPrototypeFunctionConvert2): (WebCore::jsTestObjPrototypeFunctionConvert4): (WebCore::jsTestObjPrototypeFunctionConvert5): (WebCore::jsTestObjPrototypeFunctionMutablePointFunction): (WebCore::jsTestObjPrototypeFunctionImmutablePointFunction): (WebCore::jsTestObjPrototypeFunctionOrange): (WebCore::jsTestObjPrototypeFunctionStrictFunction): (WebCore::jsTestObjPrototypeFunctionVariadicStringMethod): (WebCore::jsTestObjPrototypeFunctionVariadicDoubleMethod): (WebCore::jsTestObjPrototypeFunctionVariadicNodeMethod): (WebCore::JSTestObj::visitChildren): (WebCore::toTestObj): * bindings/scripts/test/JS/JSTestObj.h: (WebCore::JSTestObj::createStructure): (WebCore::JSTestObjPrototype::createStructure): (WebCore::JSTestObjConstructor::createStructure): * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: (WebCore::JSTestOverloadedConstructorsConstructor::constructJSTestOverloadedConstructors): (WebCore::JSTestOverloadedConstructorsConstructor::finishCreation): (WebCore::JSTestOverloadedConstructors::finishCreation): (WebCore::JSTestOverloadedConstructors::getOwnPropertySlot): (WebCore::JSTestOverloadedConstructors::getOwnPropertyDescriptor): (WebCore::toTestOverloadedConstructors): * bindings/scripts/test/JS/JSTestOverloadedConstructors.h: (WebCore::JSTestOverloadedConstructors::createStructure): (WebCore::JSTestOverloadedConstructorsPrototype::createStructure): (WebCore::JSTestOverloadedConstructorsConstructor::createStructure): * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: (WebCore::JSTestSerializedScriptValueInterfaceConstructor::finishCreation): (WebCore::JSTestSerializedScriptValueInterface::finishCreation): (WebCore::JSTestSerializedScriptValueInterface::getOwnPropertySlot): (WebCore::JSTestSerializedScriptValueInterface::getOwnPropertyDescriptor): (WebCore::JSTestSerializedScriptValueInterface::put): (WebCore::JSTestSerializedScriptValueInterface::visitChildren): (WebCore::toTestSerializedScriptValueInterface): * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h: (WebCore::JSTestSerializedScriptValueInterface::createStructure): (WebCore::JSTestSerializedScriptValueInterfacePrototype::createStructure): (WebCore::JSTestSerializedScriptValueInterfaceConstructor::createStructure): * bindings/scripts/test/JS/JSTestTypedefs.cpp: (WebCore::JSTestTypedefsConstructor::finishCreation): (WebCore::JSTestTypedefs::finishCreation): (WebCore::JSTestTypedefs::getOwnPropertySlot): (WebCore::JSTestTypedefs::getOwnPropertyDescriptor): (WebCore::JSTestTypedefs::put): (WebCore::jsTestTypedefsPrototypeFunctionFunc): (WebCore::jsTestTypedefsPrototypeFunctionSetShadow): (WebCore::jsTestTypedefsPrototypeFunctionMethodWithSequenceArg): (WebCore::jsTestTypedefsPrototypeFunctionNullableArrayArg): (WebCore::jsTestTypedefsPrototypeFunctionFuncWithClamp): (WebCore::jsTestTypedefsPrototypeFunctionImmutablePointFunction): (WebCore::jsTestTypedefsPrototypeFunctionStringArrayFunction): (WebCore::jsTestTypedefsPrototypeFunctionStringArrayFunction2): (WebCore::jsTestTypedefsPrototypeFunctionMethodWithException): (WebCore::toTestTypedefs): * bindings/scripts/test/JS/JSTestTypedefs.h: (WebCore::JSTestTypedefs::createStructure): (WebCore::JSTestTypedefsPrototype::createStructure): (WebCore::JSTestTypedefsConstructor::createStructure): * bridge/c/CRuntimeObject.cpp: (JSC::Bindings::CRuntimeObject::finishCreation): * bridge/c/CRuntimeObject.h: (JSC::Bindings::CRuntimeObject::createStructure): * bridge/c/c_instance.cpp: (JSC::Bindings::CRuntimeMethod::createStructure): (JSC::Bindings::CRuntimeMethod::finishCreation): (JSC::Bindings::CInstance::invokeMethod): * bridge/c/c_utility.cpp: (JSC::Bindings::convertValueToNPVariant): * bridge/objc/ObjCRuntimeObject.h: (JSC::Bindings::ObjCRuntimeObject::createStructure): * bridge/objc/objc_instance.mm: (ObjCRuntimeMethod::finishCreation): (ObjcInstance::invokeMethod): * bridge/objc/objc_runtime.h: (JSC::Bindings::ObjcFallbackObjectImp::createStructure): * bridge/objc/objc_runtime.mm: (JSC::Bindings::ObjcFallbackObjectImp::finishCreation): (JSC::Bindings::callObjCFallbackObject): * bridge/qt/qt_instance.cpp: (JSC::Bindings::QtRuntimeObject::createStructure): (JSC::Bindings::QtInstance::getInstance): * bridge/qt/qt_pixmapruntime.cpp: (JSC::Bindings::assignToHTMLImageElement): (JSC::Bindings::QtPixmapRuntime::toQt): * bridge/qt/qt_runtime.cpp: (JSC::Bindings::isJSUint8Array): (JSC::Bindings::isJSArray): (JSC::Bindings::isJSDate): (JSC::Bindings::isQtObject): (JSC::Bindings::unwrapBoxedPrimitive): (JSC::Bindings::convertQVariantToValue): * bridge/runtime_array.cpp: (JSC::RuntimeArray::finishCreation): * bridge/runtime_array.h: (JSC::RuntimeArray::createStructure): * bridge/runtime_method.cpp: (JSC::RuntimeMethod::finishCreation): (JSC::callRuntimeMethod): * bridge/runtime_method.h: (JSC::RuntimeMethod::createStructure): * bridge/runtime_object.cpp: (JSC::Bindings::RuntimeObject::finishCreation): (JSC::Bindings::callRuntimeObject): (JSC::Bindings::callRuntimeConstructor): * bridge/runtime_object.h: (JSC::Bindings::RuntimeObject::createStructure): Source/WebKit/mac: * Plugins/Hosted/NetscapePluginInstanceProxy.mm: (WebKit::getObjectID): (WebKit::NetscapePluginInstanceProxy::retainLocalObject): (WebKit::NetscapePluginInstanceProxy::releaseLocalObject): * Plugins/Hosted/ProxyInstance.mm: (WebKit::ProxyRuntimeMethod::finishCreation): (WebKit::ProxyInstance::invokeMethod): * Plugins/Hosted/ProxyRuntimeObject.h: (WebKit::ProxyRuntimeObject::createStructure): * WebView/WebView.mm: (aeDescFromJSValue): Source/WebKit/qt: * Api/qwebelement.cpp: (convertJSValueToWebElementVariant): * WebCoreSupport/DumpRenderTreeSupportQt.cpp: (convertJSValueToNodeVariant): Canonical link: https://commits.webkit.org/137727@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@154038 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2013-08-14 02:41:47 +00:00
ASSERT_GC_OBJECT_INHERITS(thisObject, info());
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
Base::visitChildren(thisObject, visitor);
Stop using holdLock() in JSC as it is not compatible with Clang thread safety analysis https://bugs.webkit.org/show_bug.cgi?id=226116 Reviewed by Mark Lam. Stop using holdLock() in JSC as it is not compatible with Clang thread safety analysis (WTF::CheckedLock). Use the Locker constructor instead. I'll eventually get rid of the holdLock() definition once I have managed to get rid of all its usages. * API/JSVirtualMachine.mm: (+[JSVMWrapperCache addWrapper:forJSContextGroupRef:]): (+[JSVMWrapperCache wrapperForJSContextGroupRef:]): (-[JSVirtualMachine addExternalRememberedObject:]): (-[JSVirtualMachine addManagedReference:withOwner:]): (-[JSVirtualMachine removeManagedReference:withOwner:]): (scanExternalObjectGraph): (scanExternalRememberedSet): * API/glib/JSCVirtualMachine.cpp: (addWrapper): (removeWrapper): * API/tests/ExecutionTimeLimitTest.cpp: (testExecutionTimeLimit): * assembler/PerfLog.cpp: (JSC::PerfLog::PerfLog): (JSC::PerfLog::log): * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::visitAggregateImpl): (JSC::StructureStubInfo::visitWeakReferences): * bytecode/StructureStubInfo.h: (JSC::StructureStubInfo::considerCaching): (JSC::StructureStubInfo::clearBufferedStructures): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildrenImpl): * bytecode/UnlinkedCodeBlockGenerator.cpp: (JSC::UnlinkedCodeBlockGenerator::finalize): * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): * heap/BlockDirectory.cpp: (JSC::BlockDirectory::~BlockDirectory): (JSC::BlockDirectory::removeBlock): (JSC::BlockDirectory::stopAllocatingForGood): (JSC::BlockDirectory::parallelNotEmptyBlockSource): * heap/CodeBlockSet.cpp: (JSC::CodeBlockSet::add): (JSC::CodeBlockSet::remove): * heap/CodeBlockSetInlines.h: (JSC::CodeBlockSet::iterate): * heap/CompleteSubspace.cpp: (JSC::CompleteSubspace::allocatorForSlow): * heap/Heap.cpp: (JSC::Heap::lastChanceToFinalize): (JSC::Heap::runNotRunningPhase): (JSC::Heap::runEndPhase): (JSC::Heap::finishRelinquishingConn): (JSC::visitSamplingProfiler): (JSC::Heap::setBonusVisitorTask): (JSC::Heap::runTaskInParallel): * heap/HeapSnapshotBuilder.cpp: (JSC::HeapSnapshotBuilder::buildSnapshot): (JSC::HeapSnapshotBuilder::analyzeNode): (JSC::HeapSnapshotBuilder::analyzeEdge): (JSC::HeapSnapshotBuilder::analyzePropertyNameEdge): (JSC::HeapSnapshotBuilder::analyzeVariableNameEdge): (JSC::HeapSnapshotBuilder::analyzeIndexEdge): (JSC::HeapSnapshotBuilder::setOpaqueRootReachabilityReasonForCell): * heap/IsoAlignedMemoryAllocator.cpp: (JSC::IsoAlignedMemoryAllocator::tryAllocateAlignedMemory): (JSC::IsoAlignedMemoryAllocator::freeAlignedMemory): * heap/IsoCellSet.cpp: (JSC::IsoCellSet::parallelNotEmptyMarkedBlockSource): (JSC::IsoCellSet::addSlow): (JSC::IsoCellSet::didRemoveBlock): (JSC::IsoCellSet::sweepToFreeList): * heap/IsoCellSetInlines.h: (JSC::IsoCellSet::forEachMarkedCellInParallel): * heap/IsoSubspace.cpp: (JSC::IsoSubspace::IsoSubspace): * heap/IsoSubspacePerVM.cpp: (JSC::IsoSubspacePerVM::forVM): * heap/LocalAllocator.cpp: (JSC::LocalAllocator::LocalAllocator): (JSC::LocalAllocator::~LocalAllocator): * heap/MachineStackMarker.cpp: (JSC::MachineThreads::tryCopyOtherThreadStacks): (JSC::MachineThreads::gatherConservativeRoots): * heap/MarkedBlock.cpp: (JSC::MarkedBlock::Handle::stopAllocating): (JSC::MarkedBlock::Handle::resumeAllocating): (JSC::MarkedBlock::aboutToMarkSlow): (JSC::MarkedBlock::Handle::didConsumeFreeList): (JSC::MarkedBlock::noteMarkedSlow): (JSC::MarkedBlock::Handle::dumpState): * heap/MarkedBlockInlines.h: (JSC::MarkedBlock::Handle::isLive): * heap/MarkingConstraint.cpp: (JSC::MarkingConstraint::doParallelWork): * heap/MarkingConstraintSolver.cpp: (JSC::MarkingConstraintSolver::addParallelTask): (JSC::MarkingConstraintSolver::runExecutionThread): * heap/ParallelSourceAdapter.h: * heap/SlotVisitor.cpp: (JSC::SlotVisitor::updateMutatorIsStopped): (JSC::SlotVisitor::drain): (JSC::SlotVisitor::performIncrementOfDraining): (JSC::SlotVisitor::drainFromShared): (JSC::SlotVisitor::drainInParallelPassively): (JSC::SlotVisitor::waitForTermination): (JSC::SlotVisitor::donateAll): (JSC::SlotVisitor::didRace): * heap/Subspace.cpp: (JSC::Subspace::parallelDirectorySource): * heap/SubspaceInlines.h: (JSC::Subspace::forEachMarkedCellInParallel): * inspector/JSInjectedScriptHost.cpp: * jit/ExecutableAllocator.cpp: * jsc.cpp: (Worker::Worker): (Worker::~Worker): (Worker::dequeue): (Workers::broadcast): (Workers::report): (Workers::tryGetReport): (Workers::getReport): (JSC_DEFINE_HOST_FUNCTION): * runtime/DeferredWorkTimer.cpp: (JSC::DeferredWorkTimer::doWork): * runtime/ErrorInstance.cpp: (JSC::ErrorInstance::finishCreation): * runtime/EvalExecutable.cpp: (JSC::EvalExecutable::visitChildrenImpl): * runtime/FileBasedFuzzerAgentBase.cpp: (JSC::FileBasedFuzzerAgentBase::getPrediction): * runtime/FunctionExecutable.cpp: (JSC::FunctionExecutable::visitChildrenImpl): * runtime/JSArray.cpp: (JSC::JSArray::shiftCountWithArrayStorage): (JSC::JSArray::unshiftCountWithArrayStorage): * runtime/JSArrayBufferView.cpp: (JSC::JSArrayBufferView::detach): (JSC::JSArrayBufferView::slowDownAndWasteMemory): * runtime/JSCell.h: * runtime/JSFinalizationRegistry.cpp: (JSC::JSFinalizationRegistry::visitChildrenImpl): (JSC::JSFinalizationRegistry::finalizeUnconditionally): (JSC::JSFinalizationRegistry::takeDeadHoldingsValue): (JSC::JSFinalizationRegistry::registerTarget): (JSC::JSFinalizationRegistry::unregister): * runtime/JSGenericTypedArrayViewInlines.h: (JSC::JSGenericTypedArrayView<Adaptor>::visitChildrenImpl): * runtime/JSGlobalObject.cpp: (JSC::JSC_DEFINE_HOST_FUNCTION): * runtime/JSModuleNamespaceObject.cpp: (JSC::JSModuleNamespaceObject::finishCreation): (JSC::JSModuleNamespaceObject::visitChildrenImpl): * runtime/JSObject.cpp: (JSC::JSObject::visitButterflyImpl): * runtime/JSRunLoopTimer.cpp: (JSC::JSRunLoopTimer::Manager::timerDidFire): (JSC::JSRunLoopTimer::Manager::registerVM): (JSC::JSRunLoopTimer::Manager::unregisterVM): (JSC::JSRunLoopTimer::Manager::scheduleTimer): (JSC::JSRunLoopTimer::Manager::cancelTimer): (JSC::JSRunLoopTimer::Manager::timeUntilFire): (JSC::JSRunLoopTimer::timerDidFire): (JSC::JSRunLoopTimer::setTimeUntilFire): (JSC::JSRunLoopTimer::cancelTimer): (JSC::JSRunLoopTimer::addTimerSetNotification): (JSC::JSRunLoopTimer::removeTimerSetNotification): * runtime/JSSegmentedVariableObject.cpp: (JSC::JSSegmentedVariableObject::findVariableIndex): (JSC::JSSegmentedVariableObject::addVariables): (JSC::JSSegmentedVariableObject::visitChildrenImpl): * runtime/ModuleProgramExecutable.cpp: (JSC::ModuleProgramExecutable::visitChildrenImpl): * runtime/NarrowingNumberPredictionFuzzerAgent.cpp: (JSC::NarrowingNumberPredictionFuzzerAgent::getPrediction): * runtime/ProgramExecutable.cpp: (JSC::ProgramExecutable::visitChildrenImpl): * runtime/RandomizingFuzzerAgent.cpp: (JSC::RandomizingFuzzerAgent::getPrediction): * runtime/RegExp.cpp: (JSC::RegExp::compile): (JSC::RegExp::matchConcurrently): (JSC::RegExp::compileMatchOnly): (JSC::RegExp::deleteCode): * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::takeSample): (JSC::SamplingProfiler::stackTracesAsJSON): (JSC::SamplingProfiler::reportTopFunctions): (JSC::SamplingProfiler::reportTopBytecodes): * runtime/ScriptExecutable.cpp: (JSC::ScriptExecutable::createTemplateObject): * runtime/SparseArrayValueMap.cpp: (JSC::SparseArrayValueMap::add): (JSC::SparseArrayValueMap::remove): (JSC::SparseArrayValueMap::getConcurrently): (JSC::SparseArrayValueMap::visitChildrenImpl): * runtime/Structure.cpp: (JSC::Structure::changePrototypeTransition): (JSC::Structure::toDictionaryTransition): (JSC::Structure::nonPropertyTransitionSlow): (JSC::Structure::setBrandTransition): * runtime/StructureCache.cpp: (JSC::StructureCache::createEmptyStructure): (JSC::StructureCache::emptyObjectStructureConcurrently): * runtime/VM.cpp: (JSC::waitForVMDestruction): (JSC::VM::~VM): (JSC::VM::gatherScratchBufferRoots): (JSC::VM::scratchBufferForSize): (JSC::VM::clearScratchBuffers): (JSC::VM::addLoopHintExecutionCounter): (JSC::VM::getLoopHintExecutionCounter): (JSC::VM::removeLoopHintExecutionCounter): * runtime/VMTraps.cpp: (JSC::VMTraps::tryInstallTrapBreakpoints): (JSC::VMTraps::invalidateCodeBlocksOnStack): (JSC::VMTraps::willDestroyVM): (JSC::VMTraps::fireTrap): (JSC::VMTraps::handleTraps): (JSC::VMTraps::takeTopPriorityTrap): * runtime/WeakMapImpl.cpp: (JSC::WeakMapImpl<BucketType>::visitOutputConstraints): * runtime/WeakMapImpl.h: (JSC::WeakMapImpl::finishCreation): * runtime/WeakMapImplInlines.h: (JSC::WeakMapImpl<WeakMapBucket>::rehash): * runtime/WideningNumberPredictionFuzzerAgent.cpp: (JSC::WideningNumberPredictionFuzzerAgent::getPrediction): * tools/CompilerTimingScope.cpp: * tools/FunctionOverrides.cpp: (JSC::FunctionOverrides::FunctionOverrides): (JSC::FunctionOverrides::reinstallOverrides): (JSC::FunctionOverrides::initializeOverrideFor): * tools/Integrity.cpp: (JSC::Integrity::Random::reloadAndCheckShouldAuditSlow): * tools/VMInspector.cpp: (JSC::VMInspector::add): (JSC::VMInspector::remove): (JSC::VMInspector::codeBlockForMachinePC): * wasm/WasmBBQPlan.cpp: (JSC::Wasm::BBQPlan::work): (JSC::Wasm::BBQPlan::compileFunction): * wasm/WasmCalleeRegistry.h: (JSC::Wasm::CalleeRegistry::registerCallee): (JSC::Wasm::CalleeRegistry::unregisterCallee): * wasm/WasmCodeBlock.cpp: (JSC::Wasm::CodeBlock::CodeBlock): (JSC::Wasm::CodeBlock::waitUntilFinished): (JSC::Wasm::CodeBlock::compileAsync): * wasm/WasmContext.cpp: (JSC::Wasm::Context::scratchBufferForSize): * wasm/WasmEntryPlan.cpp: (JSC::Wasm::EntryPlan::parseAndValidateModule): (JSC::Wasm::EntryPlan::prepare): (JSC::Wasm::EntryPlan::compileFunctions): * wasm/WasmEntryPlan.h: (JSC::Wasm::EntryPlan::tryReserveCapacity): * wasm/WasmFaultSignalHandler.cpp: (JSC::Wasm::trapHandler): * wasm/WasmInstance.cpp: (JSC::Wasm::Instance::setFunctionWrapper): * wasm/WasmLLIntPlan.cpp: (JSC::Wasm::LLIntPlan::compileFunction): (JSC::Wasm::LLIntPlan::completeInStreaming): (JSC::Wasm::LLIntPlan::didCompileFunctionInStreaming): (JSC::Wasm::LLIntPlan::didFailInStreaming): * wasm/WasmMachineThreads.cpp: (JSC::Wasm::resetInstructionCacheOnAllThreads): * wasm/WasmMemory.cpp: (JSC::Wasm::Memory::growShared): * wasm/WasmModule.cpp: (JSC::Wasm::Module::getOrCreateCodeBlock): * wasm/WasmOMGForOSREntryPlan.cpp: (JSC::Wasm::OMGForOSREntryPlan::work): * wasm/WasmOMGPlan.cpp: (JSC::Wasm::OMGPlan::work): * wasm/WasmOperations.cpp: (JSC::Wasm::triggerOMGReplacementCompile): (JSC::Wasm::JSC_DEFINE_JIT_OPERATION): * wasm/WasmSignatureInlines.h: (JSC::Wasm::SignatureInformation::get): * wasm/WasmSlowPaths.cpp: (JSC::LLInt::jitCompileAndSetHeuristics): (JSC::LLInt::WASM_SLOW_PATH_DECL): * wasm/WasmStreamingCompiler.cpp: (JSC::Wasm::StreamingCompiler::didCompileFunction): (JSC::Wasm::StreamingCompiler::finalize): (JSC::Wasm::StreamingCompiler::fail): (JSC::Wasm::StreamingCompiler::cancel): * wasm/WasmStreamingPlan.cpp: (JSC::Wasm::StreamingPlan::work): * wasm/WasmTable.cpp: (JSC::Wasm::Table::grow): (JSC::Wasm::Table::visitAggregateImpl): * wasm/WasmThunks.cpp: (JSC::Wasm::Thunks::stub): (JSC::Wasm::Thunks::existingStub): * wasm/WasmWorklist.cpp: * wasm/js/JSWebAssemblyInstance.cpp: (JSC::JSWebAssemblyInstance::visitChildrenImpl): Canonical link: https://commits.webkit.org/238042@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@277909 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-05-22 03:13:17 +00:00
Locker locker { thisObject->cellLock() };
[JSC] Increment bytecode age only when SlotVisitor is first-visit https://bugs.webkit.org/show_bug.cgi?id=200196 Reviewed by Robin Morisset. JSTests: * stress/reparsing-unlinked-codeblock.js: Source/JavaScriptCore: WriteBarrier can cause multiple visits for the same UnlinkedCodeBlock. But this does not mean that we are having multiple cycles of GC. We should increment the age of the UnlinkedCodeBlock only when the SlotVisitor is saying that this is the first visit. In practice,this almost never happens. Multiple visits can happen only when the marked UnlinkedCodeBlock gets a write-barrier. But, mutation of UnlinkedCodeBlock is rare or none after it is initialized. I ran all the JSTests and I cannot find any tests that get re-visiting of UnlinkedCodeBlock. This patch extends JSTests/stress/reparsing-unlinked-codeblock.js to ensure that UnlinkedCodeBlockJettisoning feature is working after this change. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::visitChildren): * heap/SlotVisitor.h: (JSC::SlotVisitor::isFirstVisit const): * parser/Parser.cpp: * parser/Parser.h: (JSC::parse): (JSC::parseFunctionForFunctionConstructor): * runtime/Options.h: * tools/JSDollarVM.cpp: (JSC::functionParseCount): (JSC::JSDollarVM::finishCreation): Canonical link: https://commits.webkit.org/214038@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@247925 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-07-29 22:26:58 +00:00
if (visitor.isFirstVisit())
thisObject->m_age = std::min<unsigned>(static_cast<unsigned>(thisObject->m_age) + 1, maxAge);
[JSC] Introduce UnlinkedCodeBlockGenerator and reduce sizeof(UnlinkedCodeBlock) https://bugs.webkit.org/show_bug.cgi?id=207087 Reviewed by Tadeu Zagallo. Source/JavaScriptCore: While UnlinkedCodeBlock is immutable once it is created from BytecodeGenerator, it has many mutable Vectors. This is because we are using UnlinkedCodeBlock as a builder of UnlinkedCodeBlock itself too in BytecodeGenerator. Since Vector takes 16 bytes to allow efficient expansions, it is nice if we can use RefCountedArray instead when we know this Vector is immutable. In this patch, we introduce UnlinkedCodeBlockGenerator wrapper. BytecodeGenerator, BytecodeRewriter, BytecodeDumper, and BytecodeGeneratorification interact with UnlinkedCodeBlockGenerator instead of UnlinkedCodeBlock. And UnlinkedCodeBlockGenerator will generate the finalized UnlinkedCodeBlock. This design allows us to use RefCountedArray for data in UnlinkedCodeBlock, which is (1) smaller and (2) doing shrinkToFit operation when creating it from Vector. This patch reduces sizeof(UnlinkedCodeBlock) from 256 to 168, 88 bytes reduction. * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * bytecode/BytecodeBasicBlock.cpp: (JSC::BytecodeBasicBlock::compute): * bytecode/BytecodeBasicBlock.h: * bytecode/BytecodeDumper.cpp: * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): (JSC::performGeneratorification): * bytecode/BytecodeGeneratorification.h: * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::BytecodeRewriter): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::setConstantIdentifierSetRegisters): (JSC::CodeBlock::setConstantRegisters): (JSC::CodeBlock::handlerForIndex): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: (JSC::CodeBlock::numberOfSwitchJumpTables const): (JSC::CodeBlock::numberOfStringSwitchJumpTables const): (JSC::CodeBlock::addSwitchJumpTable): Deleted. (JSC::CodeBlock::addStringSwitchJumpTable): Deleted. * bytecode/HandlerInfo.h: (JSC::HandlerInfoBase::handlerForIndex): * bytecode/JumpTable.h: (JSC::SimpleJumpTable::add): Deleted. * bytecode/PreciseJumpTargets.cpp: (JSC::computePreciseJumpTargets): (JSC::recomputePreciseJumpTargets): (JSC::findJumpTargetsForInstruction): * bytecode/PreciseJumpTargets.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::dumpExpressionRangeInfo): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeIndex const): (JSC::UnlinkedCodeBlock::handlerForIndex): (JSC::UnlinkedCodeBlock::addExpressionInfo): Deleted. (JSC::UnlinkedCodeBlock::addTypeProfilerExpressionInfo): Deleted. (JSC::UnlinkedCodeBlock::setInstructions): Deleted. (JSC::UnlinkedCodeBlock::applyModification): Deleted. (JSC::UnlinkedCodeBlock::shrinkToFit): Deleted. (JSC::UnlinkedCodeBlock::addOutOfLineJumpTarget): Deleted. * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::expressionInfo): (JSC::UnlinkedCodeBlock::setNumParameters): (JSC::UnlinkedCodeBlock::numberOfIdentifiers const): (JSC::UnlinkedCodeBlock::identifiers const): (JSC::UnlinkedCodeBlock::bitVector): (JSC::UnlinkedCodeBlock::constantRegisters): (JSC::UnlinkedCodeBlock::constantsSourceCodeRepresentation): (JSC::UnlinkedCodeBlock::constantIdentifierSets): (JSC::UnlinkedCodeBlock::numberOfJumpTargets const): (JSC::UnlinkedCodeBlock::numberOfSwitchJumpTables const): (JSC::UnlinkedCodeBlock::numberOfStringSwitchJumpTables const): (JSC::UnlinkedCodeBlock::numberOfFunctionDecls): (JSC::UnlinkedCodeBlock::numberOfExceptionHandlers const): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const): (JSC::UnlinkedCodeBlock::createRareDataIfNecessary): (JSC::UnlinkedCodeBlock::addParameter): Deleted. (JSC::UnlinkedCodeBlock::addIdentifier): Deleted. (JSC::UnlinkedCodeBlock::addBitVector): Deleted. (JSC::UnlinkedCodeBlock::addSetConstant): Deleted. (JSC::UnlinkedCodeBlock::addConstant): Deleted. (JSC::UnlinkedCodeBlock::addJumpTarget): Deleted. (JSC::UnlinkedCodeBlock::addSwitchJumpTable): Deleted. (JSC::UnlinkedCodeBlock::addStringSwitchJumpTable): Deleted. (JSC::UnlinkedCodeBlock::addFunctionDecl): Deleted. (JSC::UnlinkedCodeBlock::addFunctionExpr): Deleted. (JSC::UnlinkedCodeBlock::addExceptionHandler): Deleted. (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): Deleted. (JSC::UnlinkedCodeBlock::replaceOutOfLineJumpTargets): Deleted. * bytecode/UnlinkedCodeBlockGenerator.cpp: Added. (JSC::UnlinkedCodeBlockGenerator::getLineAndColumn const): (JSC::UnlinkedCodeBlockGenerator::addExpressionInfo): (JSC::UnlinkedCodeBlockGenerator::addTypeProfilerExpressionInfo): (JSC::UnlinkedCodeBlockGenerator::finalize): (JSC::UnlinkedCodeBlockGenerator::handlerForBytecodeIndex): (JSC::UnlinkedCodeBlockGenerator::handlerForIndex): (JSC::UnlinkedCodeBlockGenerator::applyModification): (JSC::UnlinkedCodeBlockGenerator::addOutOfLineJumpTarget): (JSC::UnlinkedCodeBlockGenerator::outOfLineJumpOffset): (JSC::UnlinkedCodeBlockGenerator::dump const): * bytecode/UnlinkedCodeBlockGenerator.h: Added. (JSC::UnlinkedCodeBlockGenerator::UnlinkedCodeBlockGenerator): (JSC::UnlinkedCodeBlockGenerator::vm): (JSC::UnlinkedCodeBlockGenerator::isConstructor const): (JSC::UnlinkedCodeBlockGenerator::constructorKind const): (JSC::UnlinkedCodeBlockGenerator::superBinding const): (JSC::UnlinkedCodeBlockGenerator::scriptMode const): (JSC::UnlinkedCodeBlockGenerator::needsClassFieldInitializer const): (JSC::UnlinkedCodeBlockGenerator::isStrictMode const): (JSC::UnlinkedCodeBlockGenerator::usesEval const): (JSC::UnlinkedCodeBlockGenerator::parseMode const): (JSC::UnlinkedCodeBlockGenerator::isArrowFunction): (JSC::UnlinkedCodeBlockGenerator::derivedContextType const): (JSC::UnlinkedCodeBlockGenerator::evalContextType const): (JSC::UnlinkedCodeBlockGenerator::isArrowFunctionContext const): (JSC::UnlinkedCodeBlockGenerator::isClassContext const): (JSC::UnlinkedCodeBlockGenerator::numCalleeLocals const): (JSC::UnlinkedCodeBlockGenerator::numVars const): (JSC::UnlinkedCodeBlockGenerator::numParameters const): (JSC::UnlinkedCodeBlockGenerator::thisRegister const): (JSC::UnlinkedCodeBlockGenerator::scopeRegister const): (JSC::UnlinkedCodeBlockGenerator::wasCompiledWithDebuggingOpcodes const): (JSC::UnlinkedCodeBlockGenerator::hasCheckpoints const): (JSC::UnlinkedCodeBlockGenerator::hasTailCalls const): (JSC::UnlinkedCodeBlockGenerator::setHasCheckpoints): (JSC::UnlinkedCodeBlockGenerator::setHasTailCalls): (JSC::UnlinkedCodeBlockGenerator::setNumCalleeLocals): (JSC::UnlinkedCodeBlockGenerator::setNumVars): (JSC::UnlinkedCodeBlockGenerator::setThisRegister): (JSC::UnlinkedCodeBlockGenerator::setScopeRegister): (JSC::UnlinkedCodeBlockGenerator::setNumParameters): (JSC::UnlinkedCodeBlockGenerator::metadata): (JSC::UnlinkedCodeBlockGenerator::addOpProfileControlFlowBytecodeOffset): (JSC::UnlinkedCodeBlockGenerator::numberOfJumpTargets const): (JSC::UnlinkedCodeBlockGenerator::addJumpTarget): (JSC::UnlinkedCodeBlockGenerator::jumpTarget const): (JSC::UnlinkedCodeBlockGenerator::lastJumpTarget const): (JSC::UnlinkedCodeBlockGenerator::numberOfSwitchJumpTables const): (JSC::UnlinkedCodeBlockGenerator::addSwitchJumpTable): (JSC::UnlinkedCodeBlockGenerator::switchJumpTable): (JSC::UnlinkedCodeBlockGenerator::numberOfStringSwitchJumpTables const): (JSC::UnlinkedCodeBlockGenerator::addStringSwitchJumpTable): (JSC::UnlinkedCodeBlockGenerator::stringSwitchJumpTable): (JSC::UnlinkedCodeBlockGenerator::numberOfExceptionHandlers const): (JSC::UnlinkedCodeBlockGenerator::exceptionHandler): (JSC::UnlinkedCodeBlockGenerator::addExceptionHandler): (JSC::UnlinkedCodeBlockGenerator::bitVector): (JSC::UnlinkedCodeBlockGenerator::addBitVector): (JSC::UnlinkedCodeBlockGenerator::numberOfConstantIdentifierSets const): (JSC::UnlinkedCodeBlockGenerator::constantIdentifierSets): (JSC::UnlinkedCodeBlockGenerator::addSetConstant): (JSC::UnlinkedCodeBlockGenerator::constantRegister const): (JSC::UnlinkedCodeBlockGenerator::constantRegisters): (JSC::UnlinkedCodeBlockGenerator::getConstant const): (JSC::UnlinkedCodeBlockGenerator::constantsSourceCodeRepresentation): (JSC::UnlinkedCodeBlockGenerator::addConstant): (JSC::UnlinkedCodeBlockGenerator::addFunctionDecl): (JSC::UnlinkedCodeBlockGenerator::addFunctionExpr): (JSC::UnlinkedCodeBlockGenerator::numberOfIdentifiers const): (JSC::UnlinkedCodeBlockGenerator::identifier const): (JSC::UnlinkedCodeBlockGenerator::addIdentifier): (JSC::UnlinkedCodeBlockGenerator::outOfLineJumpOffset): (JSC::UnlinkedCodeBlockGenerator::replaceOutOfLineJumpTargets): (JSC::UnlinkedCodeBlockGenerator::metadataSizeInBytes): * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeNextParameter): (JSC::BytecodeGenerator::emitPushFunctionNameScope): (JSC::prepareJumpTableForSwitch): (JSC::ForInContext::finalize): (JSC::StructureForInContext::finalize): (JSC::IndexedForInContext::finalize): * bytecompiler/BytecodeGenerator.h: * bytecompiler/BytecodeGeneratorBaseInlines.h: (JSC::BytecodeGeneratorBase<Traits>::newRegister): (JSC::BytecodeGeneratorBase<Traits>::addVar): * runtime/CachedTypes.cpp: (JSC::CachedVector::encode): (JSC::CachedVector::decode const): * wasm/WasmFunctionCodeBlock.h: (JSC::Wasm::FunctionCodeBlock::setNumVars): (JSC::Wasm::FunctionCodeBlock::setNumCalleeLocals): Source/WTF: Add more useful methods for RefCountedArray. * wtf/RefCountedArray.h: (WTF::RefCountedArray::operator=): (WTF::RefCountedArray::isEmpty const): (WTF::RefCountedArray::front): (WTF::RefCountedArray::front const): (WTF::RefCountedArray::last): (WTF::RefCountedArray::last const): Canonical link: https://commits.webkit.org/220203@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255687 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2020-02-04 19:05:17 +00:00
for (auto& barrier : thisObject->m_functionDecls)
visitor.append(barrier);
for (auto& barrier : thisObject->m_functionExprs)
visitor.append(barrier);
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
visitor.appendValues(thisObject->m_constantRegisters.data(), thisObject->m_constantRegisters.size());
[JSC] UnlinkedMetadataTable assumes that MetadataTable is destroyed before it is destructed, but order of destruction of JS heap cells are not guaranteed https://bugs.webkit.org/show_bug.cgi?id=194031 Reviewed by Saam Barati. UnlinkedMetadataTable assumes that MetadataTable linked against this UnlinkedMetadataTable is already destroyed when UnlinkedMetadataTable is destroyed. This means that UnlinkedCodeBlock is destroyed after all the linked CodeBlocks are destroyed. But this assumption is not valid since GC's finalizer sweeps objects without considering the dependencies among swept objects. UnlinkedMetadataTable can be destroyed even before linked MetadataTable is destroyed if UnlinkedCodeBlock is destroyed before linked CodeBlock is destroyed. To make the above assumption valid, we make UnlinkedMetadataTable RefCounted object, and make MetadataTable hold the strong ref to UnlinkedMetadataTable. This ensures that UnlinkedMetadataTable is destroyed after all the linked MetadataTables are destroyed. * bytecode/MetadataTable.cpp: (JSC::MetadataTable::MetadataTable): (JSC::MetadataTable::~MetadataTable): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::estimatedSize): (JSC::UnlinkedCodeBlock::setInstructions): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::metadata): (JSC::UnlinkedCodeBlock::metadataSizeInBytes): * bytecode/UnlinkedMetadataTable.h: (JSC::UnlinkedMetadataTable::create): * bytecode/UnlinkedMetadataTableInlines.h: (JSC::UnlinkedMetadataTable::UnlinkedMetadataTable): * runtime/CachedTypes.cpp: (JSC::CachedMetadataTable::decode const): (JSC::CachedCodeBlock::metadata const): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::CachedCodeBlock<CodeBlockType>::decode const): (JSC::CachedCodeBlock<CodeBlockType>::encode): Canonical link: https://commits.webkit.org/208677@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240915 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-02-04 07:13:00 +00:00
size_t extraMemory = thisObject->m_metadata->sizeInBytes();
New bytecode format for JSC https://bugs.webkit.org/show_bug.cgi?id=187373 <rdar://problem/44186758> Reviewed by Filip Pizlo. .: Disable JIT by default on 32-bit platforms * Source/cmake/WebKitFeatures.cmake: JSTests: Add tests to ensure that the inferred inline capacity for a narrow op_new_object will be capped at 255. * stress/maximum-inline-capacity.js: Added. (test1): (test3.Foo): (test3): Source/JavaScriptCore: Replace unlinked and linked bytecode with a new immutable bytecode that does not embed any addresses. Instructions can be encoded as narrow (1-byte operands) or wide (4-byte operands) and might contain an extra operand, the metadataID. The metadataID is used to access the instruction's mutable data in a side table in the CodeBlock (the MetadataTable). Bytecodes now must be structs declared in the new BytecodeList.rb. All bytecodes give names and types to all its operands. Additionally, reading a bytecode from the instruction stream requires decoding the whole bytecode, i.e. it's no longer possible to access arbitrary operands directly from the stream. * CMakeLists.txt: * DerivedSources.make: * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * assembler/MacroAssemblerCodeRef.h: (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): * bytecode/ArithProfile.h: (JSC::ArithProfile::ArithProfile): * bytecode/ArrayAllocationProfile.h: (JSC::ArrayAllocationProfile::ArrayAllocationProfile): * bytecode/ArrayProfile.h: * bytecode/BytecodeBasicBlock.cpp: (JSC::isJumpTarget): (JSC::BytecodeBasicBlock::computeImpl): (JSC::BytecodeBasicBlock::compute): * bytecode/BytecodeBasicBlock.h: (JSC::BytecodeBasicBlock::leaderOffset const): (JSC::BytecodeBasicBlock::totalLength const): (JSC::BytecodeBasicBlock::offsets const): (JSC::BytecodeBasicBlock::BytecodeBasicBlock): (JSC::BytecodeBasicBlock::addLength): * bytecode/BytecodeDumper.cpp: (JSC::BytecodeDumper<Block>::printLocationAndOp): (JSC::BytecodeDumper<Block>::dumpBytecode): (JSC::BytecodeDumper<Block>::dumpIdentifiers): (JSC::BytecodeDumper<Block>::dumpConstants): (JSC::BytecodeDumper<Block>::dumpExceptionHandlers): (JSC::BytecodeDumper<Block>::dumpSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpStringSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpBlock): * bytecode/BytecodeDumper.h: (JSC::BytecodeDumper::dumpOperand): (JSC::BytecodeDumper::dumpValue): (JSC::BytecodeDumper::BytecodeDumper): (JSC::BytecodeDumper::block const): * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::enterPoint const): (JSC::BytecodeGeneratorification::instructions const): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): (JSC::performGeneratorification): * bytecode/BytecodeGeneratorification.h: * bytecode/BytecodeGraph.h: (JSC::BytecodeGraph::blockContainsBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockForBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockWithLeaderOffset): (JSC::BytecodeGraph::BytecodeGraph): * bytecode/BytecodeKills.h: * bytecode/BytecodeList.json: Removed. * bytecode/BytecodeList.rb: Added. * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::dumpResults): * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::isValidRegisterForLiveness): (JSC::BytecodeLivenessPropagation::stepOverInstruction): * bytecode/BytecodeRewriter.cpp: (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): (JSC::BytecodeRewriter::insertImpl): (JSC::BytecodeRewriter::adjustJumpTarget): (JSC::BytecodeRewriter::adjustJumpTargets): * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::InsertionPoint::InsertionPoint): (JSC::BytecodeRewriter::Fragment::Fragment): (JSC::BytecodeRewriter::Fragment::appendInstruction): (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::insertFragmentBefore): (JSC::BytecodeRewriter::insertFragmentAfter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::adjustAbsoluteOffset): (JSC::BytecodeRewriter::adjustJumpTarget): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::estimatedSize): (JSC::CodeBlock::visitChildren): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::finalizeLLIntInlineCaches): (JSC::CodeBlock::addJITAddIC): (JSC::CodeBlock::addJITMulIC): (JSC::CodeBlock::addJITSubIC): (JSC::CodeBlock::addJITNegIC): (JSC::CodeBlock::stronglyVisitStrongReferences): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::updateAllArrayPredictions): (JSC::CodeBlock::predictedMachineCodeSize): (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): (JSC::CodeBlock::valueProfileForBytecodeOffset): (JSC::CodeBlock::validate): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::outOfLineJumpTarget): (JSC::CodeBlock::arithProfileForBytecodeOffset): (JSC::CodeBlock::arithProfileForPC): (JSC::CodeBlock::couldTakeSpecialFastCase): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: (JSC::CodeBlock::addMathIC): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::bytecodeOffset): (JSC::CodeBlock::instructions const): (JSC::CodeBlock::instructionCount const): (JSC::CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters): (JSC::CodeBlock::metadata): (JSC::CodeBlock::metadataSizeInBytes): (JSC::CodeBlock::numberOfNonArgumentValueProfiles): (JSC::CodeBlock::totalNumberOfValueProfiles): * bytecode/CodeBlockInlines.h: Added. (JSC::CodeBlock::forEachValueProfile): (JSC::CodeBlock::forEachArrayProfile): (JSC::CodeBlock::forEachArrayAllocationProfile): (JSC::CodeBlock::forEachObjectAllocationProfile): (JSC::CodeBlock::forEachLLIntCallLinkInfo): * bytecode/Fits.h: Added. * bytecode/GetByIdMetadata.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): * bytecode/Instruction.h: (JSC::Instruction::Instruction): (JSC::Instruction::Impl::opcodeID const): (JSC::Instruction::opcodeID const): (JSC::Instruction::name const): (JSC::Instruction::isWide const): (JSC::Instruction::size const): (JSC::Instruction::is const): (JSC::Instruction::as const): (JSC::Instruction::cast): (JSC::Instruction::cast const): (JSC::Instruction::narrow const): (JSC::Instruction::wide const): * bytecode/InstructionStream.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::InstructionStream::InstructionStream): (JSC::InstructionStream::sizeInBytes const): * bytecode/InstructionStream.h: Added. (JSC::InstructionStream::BaseRef::BaseRef): (JSC::InstructionStream::BaseRef::operator=): (JSC::InstructionStream::BaseRef::operator-> const): (JSC::InstructionStream::BaseRef::ptr const): (JSC::InstructionStream::BaseRef::operator!= const): (JSC::InstructionStream::BaseRef::next const): (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::isValid const): (JSC::InstructionStream::BaseRef::unwrap const): (JSC::InstructionStream::MutableRef::freeze const): (JSC::InstructionStream::MutableRef::operator->): (JSC::InstructionStream::MutableRef::ptr): (JSC::InstructionStream::MutableRef::operator Ref): (JSC::InstructionStream::MutableRef::unwrap): (JSC::InstructionStream::iterator::operator*): (JSC::InstructionStream::iterator::operator++): (JSC::InstructionStream::begin const): (JSC::InstructionStream::end const): (JSC::InstructionStream::at const): (JSC::InstructionStream::size const): (JSC::InstructionStreamWriter::InstructionStreamWriter): (JSC::InstructionStreamWriter::ref): (JSC::InstructionStreamWriter::seek): (JSC::InstructionStreamWriter::position): (JSC::InstructionStreamWriter::write): (JSC::InstructionStreamWriter::rewind): (JSC::InstructionStreamWriter::finalize): (JSC::InstructionStreamWriter::swap): (JSC::InstructionStreamWriter::iterator::operator*): (JSC::InstructionStreamWriter::iterator::operator++): (JSC::InstructionStreamWriter::begin): (JSC::InstructionStreamWriter::end): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp: (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::LLIntPrototypeLoadAdaptiveStructureWatchpoint): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::clearLLIntGetByIdCache): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h: * bytecode/MetadataTable.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::MetadataTable::MetadataTable): (JSC::DeallocTable::withOpcodeType): (JSC::MetadataTable::~MetadataTable): (JSC::MetadataTable::sizeInBytes): * bytecode/MetadataTable.h: Copied from Source/JavaScriptCore/runtime/Watchdog.h. (JSC::MetadataTable::get): (JSC::MetadataTable::forEach): (JSC::MetadataTable::getImpl): * bytecode/Opcode.cpp: (JSC::metadataSize): * bytecode/Opcode.h: (JSC::padOpcodeName): * bytecode/OpcodeInlines.h: (JSC::isOpcodeShape): (JSC::getOpcodeType): * bytecode/OpcodeSize.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecode/PreciseJumpTargets.cpp: (JSC::getJumpTargetsForInstruction): (JSC::computePreciseJumpTargetsInternal): (JSC::computePreciseJumpTargets): (JSC::recomputePreciseJumpTargets): (JSC::findJumpTargetsForInstruction): * bytecode/PreciseJumpTargets.h: * bytecode/PreciseJumpTargetsInlines.h: (JSC::jumpTargetForInstruction): (JSC::extractStoredJumpTargetsForInstruction): (JSC::updateStoredJumpTargetsForInstruction): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): * bytecode/SpecialPointer.cpp: (WTF::printInternal): * bytecode/SpecialPointer.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::estimatedSize): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): (JSC::UnlinkedCodeBlock::setInstructions): (JSC::UnlinkedCodeBlock::instructions const): (JSC::UnlinkedCodeBlock::applyModification): (JSC::UnlinkedCodeBlock::addOutOfLineJumpTarget): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::addPropertyAccessInstruction): (JSC::UnlinkedCodeBlock::propertyAccessInstructions const): (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const): (JSC::UnlinkedCodeBlock::metadata): (JSC::UnlinkedCodeBlock::metadataSizeInBytes): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): (JSC::UnlinkedCodeBlock::replaceOutOfLineJumpTargets): * bytecode/UnlinkedInstructionStream.cpp: Removed. * bytecode/UnlinkedInstructionStream.h: Removed. * bytecode/UnlinkedMetadataTable.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/UnlinkedMetadataTableInlines.h: Added. (JSC::UnlinkedMetadataTable::UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::~UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::addEntry): (JSC::UnlinkedMetadataTable::sizeInBytes): (JSC::UnlinkedMetadataTable::finalize): (JSC::UnlinkedMetadataTable::link): (JSC::UnlinkedMetadataTable::unlink): * bytecode/VirtualRegister.cpp: (JSC::VirtualRegister::VirtualRegister): * bytecode/VirtualRegister.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::Label::setLocation): (JSC::Label::bind): (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeVarLexicalEnvironment): (JSC::BytecodeGenerator::emitEnter): (JSC::BytecodeGenerator::emitLoopHint): (JSC::BytecodeGenerator::emitJump): (JSC::BytecodeGenerator::emitCheckTraps): (JSC::BytecodeGenerator::rewind): (JSC::BytecodeGenerator::fuseCompareAndJump): (JSC::BytecodeGenerator::fuseTestAndJmp): (JSC::BytecodeGenerator::emitJumpIfTrue): (JSC::BytecodeGenerator::emitJumpIfFalse): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::moveLinkTimeConstant): (JSC::BytecodeGenerator::moveEmptyValue): (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::emitBinaryOp): (JSC::BytecodeGenerator::emitToObject): (JSC::BytecodeGenerator::emitToNumber): (JSC::BytecodeGenerator::emitToString): (JSC::BytecodeGenerator::emitTypeOf): (JSC::BytecodeGenerator::emitInc): (JSC::BytecodeGenerator::emitDec): (JSC::BytecodeGenerator::emitEqualityOp): (JSC::BytecodeGenerator::emitProfileType): (JSC::BytecodeGenerator::emitProfileControlFlow): (JSC::BytecodeGenerator::pushLexicalScopeInternal): (JSC::BytecodeGenerator::emitResolveScopeForHoistingFuncDeclInEval): (JSC::BytecodeGenerator::prepareLexicalScopeForNextForLoopIteration): (JSC::BytecodeGenerator::emitOverridesHasInstance): (JSC::BytecodeGenerator::emitResolveScope): (JSC::BytecodeGenerator::emitGetFromScope): (JSC::BytecodeGenerator::emitPutToScope): (JSC::BytecodeGenerator::emitInstanceOf): (JSC::BytecodeGenerator::emitInstanceOfCustom): (JSC::BytecodeGenerator::emitInByVal): (JSC::BytecodeGenerator::emitInById): (JSC::BytecodeGenerator::emitTryGetById): (JSC::BytecodeGenerator::emitGetById): (JSC::BytecodeGenerator::emitDirectGetById): (JSC::BytecodeGenerator::emitPutById): (JSC::BytecodeGenerator::emitDirectPutById): (JSC::BytecodeGenerator::emitPutGetterById): (JSC::BytecodeGenerator::emitPutSetterById): (JSC::BytecodeGenerator::emitPutGetterSetter): (JSC::BytecodeGenerator::emitPutGetterByVal): (JSC::BytecodeGenerator::emitPutSetterByVal): (JSC::BytecodeGenerator::emitDeleteById): (JSC::BytecodeGenerator::emitGetByVal): (JSC::BytecodeGenerator::emitPutByVal): (JSC::BytecodeGenerator::emitDirectPutByVal): (JSC::BytecodeGenerator::emitDeleteByVal): (JSC::BytecodeGenerator::emitSuperSamplerBegin): (JSC::BytecodeGenerator::emitSuperSamplerEnd): (JSC::BytecodeGenerator::emitIdWithProfile): (JSC::BytecodeGenerator::emitUnreachable): (JSC::BytecodeGenerator::emitGetArgument): (JSC::BytecodeGenerator::emitCreateThis): (JSC::BytecodeGenerator::emitTDZCheck): (JSC::BytecodeGenerator::emitNewObject): (JSC::BytecodeGenerator::emitNewArrayBuffer): (JSC::BytecodeGenerator::emitNewArray): (JSC::BytecodeGenerator::emitNewArrayWithSpread): (JSC::BytecodeGenerator::emitNewArrayWithSize): (JSC::BytecodeGenerator::emitNewRegExp): (JSC::BytecodeGenerator::emitNewFunctionExpressionCommon): (JSC::BytecodeGenerator::emitNewDefaultConstructor): (JSC::BytecodeGenerator::emitNewFunction): (JSC::BytecodeGenerator::emitSetFunctionNameIfNeeded): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitCallInTailPosition): (JSC::BytecodeGenerator::emitCallEval): (JSC::BytecodeGenerator::emitExpectedFunctionSnippet): (JSC::BytecodeGenerator::emitCallVarargs): (JSC::BytecodeGenerator::emitCallVarargsInTailPosition): (JSC::BytecodeGenerator::emitConstructVarargs): (JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition): (JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary): (JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary): (JSC::BytecodeGenerator::emitCallDefineProperty): (JSC::BytecodeGenerator::emitReturn): (JSC::BytecodeGenerator::emitEnd): (JSC::BytecodeGenerator::emitConstruct): (JSC::BytecodeGenerator::emitStrcat): (JSC::BytecodeGenerator::emitToPrimitive): (JSC::BytecodeGenerator::emitGetScope): (JSC::BytecodeGenerator::emitPushWithScope): (JSC::BytecodeGenerator::emitGetParentScope): (JSC::BytecodeGenerator::emitDebugHook): (JSC::BytecodeGenerator::emitCatch): (JSC::BytecodeGenerator::emitThrow): (JSC::BytecodeGenerator::emitArgumentCount): (JSC::BytecodeGenerator::emitThrowStaticError): (JSC::BytecodeGenerator::beginSwitch): (JSC::prepareJumpTableForSwitch): (JSC::prepareJumpTableForStringSwitch): (JSC::BytecodeGenerator::endSwitch): (JSC::BytecodeGenerator::emitGetEnumerableLength): (JSC::BytecodeGenerator::emitHasGenericProperty): (JSC::BytecodeGenerator::emitHasIndexedProperty): (JSC::BytecodeGenerator::emitHasStructureProperty): (JSC::BytecodeGenerator::emitGetPropertyEnumerator): (JSC::BytecodeGenerator::emitEnumeratorStructurePropertyName): (JSC::BytecodeGenerator::emitEnumeratorGenericPropertyName): (JSC::BytecodeGenerator::emitToIndexString): (JSC::BytecodeGenerator::emitIsCellWithType): (JSC::BytecodeGenerator::emitIsObject): (JSC::BytecodeGenerator::emitIsNumber): (JSC::BytecodeGenerator::emitIsUndefined): (JSC::BytecodeGenerator::emitIsEmpty): (JSC::BytecodeGenerator::emitRestParameter): (JSC::BytecodeGenerator::emitRequireObjectCoercible): (JSC::BytecodeGenerator::emitYieldPoint): (JSC::BytecodeGenerator::emitYield): (JSC::BytecodeGenerator::emitGetAsyncIterator): (JSC::BytecodeGenerator::emitDelegateYield): (JSC::BytecodeGenerator::emitFinallyCompletion): (JSC::BytecodeGenerator::emitJumpIf): (JSC::ForInContext::finalize): (JSC::StructureForInContext::finalize): (JSC::IndexedForInContext::finalize): (JSC::StaticPropertyAnalysis::record): (JSC::BytecodeGenerator::emitToThis): * bytecompiler/BytecodeGenerator.h: (JSC::StructureForInContext::addGetInst): (JSC::BytecodeGenerator::recordOpcode): (JSC::BytecodeGenerator::addMetadataFor): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::kill): (JSC::BytecodeGenerator::instructions const): (JSC::BytecodeGenerator::write): (JSC::BytecodeGenerator::withWriter): * bytecompiler/Label.h: (JSC::Label::Label): (JSC::Label::bind): * bytecompiler/NodesCodegen.cpp: (JSC::ArrayNode::emitBytecode): (JSC::BytecodeIntrinsicNode::emit_intrinsic_argumentCount): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::BitwiseNotNode::emitBytecode): (JSC::BinaryOpNode::emitBytecode): (JSC::EqualNode::emitBytecode): (JSC::StrictEqualNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ForInNode::emitBytecode): (JSC::CaseBlockNode::emitBytecodeForBlock): (JSC::FunctionNode::emitBytecode): (JSC::ClassExprNode::emitBytecode): * bytecompiler/ProfileTypeBytecodeFlag.cpp: Copied from Source/JavaScriptCore/bytecode/VirtualRegister.cpp. (WTF::printInternal): * bytecompiler/ProfileTypeBytecodeFlag.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecompiler/RegisterID.h: * bytecompiler/StaticPropertyAnalysis.h: (JSC::StaticPropertyAnalysis::create): (JSC::StaticPropertyAnalysis::StaticPropertyAnalysis): * bytecompiler/StaticPropertyAnalyzer.h: (JSC::StaticPropertyAnalyzer::createThis): (JSC::StaticPropertyAnalyzer::newObject): (JSC::StaticPropertyAnalyzer::putById): (JSC::StaticPropertyAnalyzer::mov): (JSC::StaticPropertyAnalyzer::kill): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleVarargsCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleVarargsInlining): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::handleMinMax): (JSC::DFG::ByteCodeParser::handleIntrinsicCall): (JSC::DFG::ByteCodeParser::handleDOMJITCall): (JSC::DFG::ByteCodeParser::handleIntrinsicGetter): (JSC::DFG::ByteCodeParser::handleDOMJITGetter): (JSC::DFG::ByteCodeParser::handleModuleNamespaceLoad): (JSC::DFG::ByteCodeParser::handleTypedArrayConstructor): (JSC::DFG::ByteCodeParser::handleConstantInternalFunction): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseGetById): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::handlePutByVal): (JSC::DFG::ByteCodeParser::handlePutAccessorById): (JSC::DFG::ByteCodeParser::handlePutAccessorByVal): (JSC::DFG::ByteCodeParser::handleNewFunc): (JSC::DFG::ByteCodeParser::handleNewFuncExp): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCapabilities.cpp: (JSC::DFG::capabilityLevel): * dfg/DFGCapabilities.h: (JSC::DFG::capabilityLevel): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareCatchOSREntry): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileArithMul): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileUnaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileBinaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileArithMul): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOperations.cpp: (JSC::FTL::operationMaterializeObjectInOSR): * generate-bytecode-files: Removed. * generator/Argument.rb: Added. * generator/Assertion.rb: Added. * generator/DSL.rb: Added. * generator/Fits.rb: Added. * generator/GeneratedFile.rb: Added. * generator/Metadata.rb: Added. * generator/Opcode.rb: Added. * generator/OpcodeGroup.rb: Added. * generator/Options.rb: Added. * generator/Section.rb: Added. * generator/Template.rb: Added. * generator/Type.rb: Added. * generator/main.rb: Added. * interpreter/AbstractPC.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::currentVPC const): (JSC::CallFrame::setCurrentVPC): * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::ExecState::setReturnPC): * interpreter/Interpreter.cpp: (WTF::printInternal): * interpreter/Interpreter.h: * interpreter/InterpreterInlines.h: * interpreter/StackVisitor.cpp: (JSC::StackVisitor::Frame::dump const): * interpreter/VMEntryRecord.h: * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitSlowCaseCall): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): * jit/JIT.h: * jit/JITArithmetic.cpp: (JSC::JIT::emit_op_jless): (JSC::JIT::emit_op_jlesseq): (JSC::JIT::emit_op_jgreater): (JSC::JIT::emit_op_jgreatereq): (JSC::JIT::emit_op_jnless): (JSC::JIT::emit_op_jnlesseq): (JSC::JIT::emit_op_jngreater): (JSC::JIT::emit_op_jngreatereq): (JSC::JIT::emitSlow_op_jless): (JSC::JIT::emitSlow_op_jlesseq): (JSC::JIT::emitSlow_op_jgreater): (JSC::JIT::emitSlow_op_jgreatereq): (JSC::JIT::emitSlow_op_jnless): (JSC::JIT::emitSlow_op_jnlesseq): (JSC::JIT::emitSlow_op_jngreater): (JSC::JIT::emitSlow_op_jngreatereq): (JSC::JIT::emit_op_below): (JSC::JIT::emit_op_beloweq): (JSC::JIT::emit_op_jbelow): (JSC::JIT::emit_op_jbeloweq): (JSC::JIT::emit_op_unsigned): (JSC::JIT::emit_compareAndJump): (JSC::JIT::emit_compareUnsignedAndJump): (JSC::JIT::emit_compareUnsigned): (JSC::JIT::emit_compareAndJumpSlow): (JSC::JIT::emit_op_inc): (JSC::JIT::emit_op_dec): (JSC::JIT::emit_op_mod): (JSC::JIT::emitSlow_op_mod): (JSC::JIT::emit_op_negate): (JSC::JIT::emitSlow_op_negate): (JSC::JIT::emitBitBinaryOpFastPath): (JSC::JIT::emit_op_bitand): (JSC::JIT::emit_op_bitor): (JSC::JIT::emit_op_bitxor): (JSC::JIT::emit_op_lshift): (JSC::JIT::emitRightShiftFastPath): (JSC::JIT::emit_op_rshift): (JSC::JIT::emit_op_urshift): (JSC::getOperandTypes): (JSC::JIT::emit_op_add): (JSC::JIT::emitSlow_op_add): (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow): (JSC::JIT::emit_op_div): (JSC::JIT::emit_op_mul): (JSC::JIT::emitSlow_op_mul): (JSC::JIT::emit_op_sub): (JSC::JIT::emitSlow_op_sub): * jit/JITCall.cpp: (JSC::JIT::emitPutCallResult): (JSC::JIT::compileSetupFrame): (JSC::JIT::compileCallEval): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileTailCall): (JSC::JIT::compileOpCall): (JSC::JIT::compileOpCallSlowCase): (JSC::JIT::emit_op_call): (JSC::JIT::emit_op_tail_call): (JSC::JIT::emit_op_call_eval): (JSC::JIT::emit_op_call_varargs): (JSC::JIT::emit_op_tail_call_varargs): (JSC::JIT::emit_op_tail_call_forward_arguments): (JSC::JIT::emit_op_construct_varargs): (JSC::JIT::emit_op_construct): (JSC::JIT::emitSlow_op_call): (JSC::JIT::emitSlow_op_tail_call): (JSC::JIT::emitSlow_op_call_eval): (JSC::JIT::emitSlow_op_call_varargs): (JSC::JIT::emitSlow_op_tail_call_varargs): (JSC::JIT::emitSlow_op_tail_call_forward_arguments): (JSC::JIT::emitSlow_op_construct_varargs): (JSC::JIT::emitSlow_op_construct): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::JITDisassembler): * jit/JITExceptions.cpp: (JSC::genericUnwind): * jit/JITInlines.h: (JSC::JIT::emitDoubleGetByVal): (JSC::JIT::emitLoadForArrayMode): (JSC::JIT::emitContiguousGetByVal): (JSC::JIT::emitArrayStorageGetByVal): (JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile): (JSC::JIT::sampleInstruction): (JSC::JIT::emitValueProfilingSiteIfProfiledOpcode): (JSC::JIT::emitValueProfilingSite): (JSC::JIT::jumpTarget): (JSC::JIT::copiedGetPutInfo): (JSC::JIT::copiedArithProfile): * jit/JITMathIC.h: (JSC::isProfileEmpty): (JSC::JITBinaryMathIC::JITBinaryMathIC): (JSC::JITUnaryMathIC::JITUnaryMathIC): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_mov): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_jmp): (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_overrides_has_instance): (JSC::JIT::emit_op_instanceof): (JSC::JIT::emitSlow_op_instanceof): (JSC::JIT::emit_op_instanceof_custom): (JSC::JIT::emit_op_is_empty): (JSC::JIT::emit_op_is_undefined): (JSC::JIT::emit_op_is_boolean): (JSC::JIT::emit_op_is_number): (JSC::JIT::emit_op_is_cell_with_type): (JSC::JIT::emit_op_is_object): (JSC::JIT::emit_op_ret): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emit_op_set_function_name): (JSC::JIT::emit_op_not): (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jeq_null): (JSC::JIT::emit_op_jneq_null): (JSC::JIT::emit_op_jneq_ptr): (JSC::JIT::emit_op_eq): (JSC::JIT::emit_op_jeq): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_neq): (JSC::JIT::emit_op_jneq): (JSC::JIT::emit_op_throw): (JSC::JIT::compileOpStrictEq): (JSC::JIT::emit_op_stricteq): (JSC::JIT::emit_op_nstricteq): (JSC::JIT::compileOpStrictEqJump): (JSC::JIT::emit_op_jstricteq): (JSC::JIT::emit_op_jnstricteq): (JSC::JIT::emitSlow_op_jstricteq): (JSC::JIT::emitSlow_op_jnstricteq): (JSC::JIT::emit_op_to_number): (JSC::JIT::emit_op_to_string): (JSC::JIT::emit_op_to_object): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_identity_with_profile): (JSC::JIT::emit_op_get_parent_scope): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_debug): (JSC::JIT::emit_op_eq_null): (JSC::JIT::emit_op_neq_null): (JSC::JIT::emit_op_enter): (JSC::JIT::emit_op_get_scope): (JSC::JIT::emit_op_to_this): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_check_tdz): (JSC::JIT::emitSlow_op_eq): (JSC::JIT::emitSlow_op_neq): (JSC::JIT::emitSlow_op_jeq): (JSC::JIT::emitSlow_op_jneq): (JSC::JIT::emitSlow_op_instanceof_custom): (JSC::JIT::emit_op_loop_hint): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_check_traps): (JSC::JIT::emit_op_nop): (JSC::JIT::emit_op_super_sampler_begin): (JSC::JIT::emit_op_super_sampler_end): (JSC::JIT::emitSlow_op_check_traps): (JSC::JIT::emit_op_new_regexp): (JSC::JIT::emitNewFuncCommon): (JSC::JIT::emit_op_new_func): (JSC::JIT::emit_op_new_generator_func): (JSC::JIT::emit_op_new_async_generator_func): (JSC::JIT::emit_op_new_async_func): (JSC::JIT::emitNewFuncExprCommon): (JSC::JIT::emit_op_new_func_exp): (JSC::JIT::emit_op_new_generator_func_exp): (JSC::JIT::emit_op_new_async_func_exp): (JSC::JIT::emit_op_new_async_generator_func_exp): (JSC::JIT::emit_op_new_array): (JSC::JIT::emit_op_new_array_with_size): (JSC::JIT::emit_op_has_structure_property): (JSC::JIT::privateCompileHasIndexedProperty): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emitSlow_op_has_indexed_property): (JSC::JIT::emit_op_get_direct_pname): (JSC::JIT::emit_op_enumerator_structure_pname): (JSC::JIT::emit_op_enumerator_generic_pname): (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): (JSC::JIT::emit_op_profile_control_flow): (JSC::JIT::emit_op_argument_count): (JSC::JIT::emit_op_get_rest_length): (JSC::JIT::emit_op_get_argument): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_to_this): * jit/JITOperations.cpp: * jit/JITOperations.h: * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val_direct): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::emit_op_put_getter_by_id): (JSC::JIT::emit_op_put_setter_by_id): (JSC::JIT::emit_op_put_getter_setter_by_id): (JSC::JIT::emit_op_put_getter_by_val): (JSC::JIT::emit_op_put_setter_by_val): (JSC::JIT::emit_op_del_by_id): (JSC::JIT::emit_op_del_by_val): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emitSlow_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emitSlow_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emitSlow_op_get_by_id): (JSC::JIT::emitSlow_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emitSlow_op_put_by_id): (JSC::JIT::emit_op_in_by_id): (JSC::JIT::emitSlow_op_in_by_id): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emitSlow_op_put_to_scope): (JSC::JIT::emit_op_get_from_arguments): (JSC::JIT::emit_op_put_to_arguments): (JSC::JIT::privateCompileGetByVal): (JSC::JIT::privateCompileGetByValWithCachedId): (JSC::JIT::privateCompilePutByVal): (JSC::JIT::privateCompilePutByValWithCachedId): (JSC::JIT::emitDoubleLoad): (JSC::JIT::emitContiguousLoad): (JSC::JIT::emitArrayStorageLoad): (JSC::JIT::emitDirectArgumentsGetByVal): (JSC::JIT::emitScopedArgumentsGetByVal): (JSC::JIT::emitIntTypedArrayGetByVal): (JSC::JIT::emitFloatTypedArrayGetByVal): (JSC::JIT::emitIntTypedArrayPutByVal): (JSC::JIT::emitFloatTypedArrayPutByVal): * jit/RegisterSet.cpp: (JSC::RegisterSet::llintBaselineCalleeSaveRegisters): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::JITSlowPathCall): * llint/LLIntData.cpp: (JSC::LLInt::initialize): (JSC::LLInt::Data::performAssertions): * llint/LLIntData.h: (JSC::LLInt::exceptionInstructions): (JSC::LLInt::opcodeMap): (JSC::LLInt::opcodeMapWide): (JSC::LLInt::getOpcode): (JSC::LLInt::getOpcodeWide): (JSC::LLInt::getWideCodePtr): * llint/LLIntOffsetsExtractor.cpp: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::llint_trace_operand): (JSC::LLInt::llint_trace_value): (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::entryOSR): (JSC::LLInt::setupGetByIdPrototypeCache): (JSC::LLInt::getByVal): (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall): (JSC::LLInt::genericCall): (JSC::LLInt::varargsSetup): (JSC::LLInt::commonCallEval): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter.cpp: (JSC::CLoopRegister::operator const Instruction*): (JSC::CLoop::execute): * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * offlineasm/arm64.rb: * offlineasm/asm.rb: * offlineasm/ast.rb: * offlineasm/cloop.rb: * offlineasm/generate_offset_extractor.rb: * offlineasm/instructions.rb: * offlineasm/offsets.rb: * offlineasm/parser.rb: * offlineasm/transform.rb: * offlineasm/x86.rb: * parser/ResultType.h: (JSC::ResultType::dump const): (JSC::OperandTypes::first const): (JSC::OperandTypes::second const): (JSC::OperandTypes::dump const): * profiler/ProfilerBytecodeSequence.cpp: (JSC::Profiler::BytecodeSequence::BytecodeSequence): * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): (JSC::updateArithProfileForUnaryArithOp): (JSC::updateArithProfileForBinaryArithOp): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::tryCachePutToScopeGlobal): (JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal): * runtime/ExceptionFuzz.cpp: (JSC::doExceptionFuzzing): * runtime/ExceptionFuzz.h: (JSC::doExceptionFuzzingIfEnabled): * runtime/GetPutInfo.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::GetPutInfo::dump const): (WTF::printInternal): * runtime/GetPutInfo.h: (JSC::GetPutInfo::operand const): * runtime/JSCPoison.h: * runtime/JSType.cpp: Added. (WTF::printInternal): * runtime/JSType.h: * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::StackFrame::displayName): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::UnprocessedStackFrame::UnprocessedStackFrame): * runtime/SlowPathReturnType.h: (JSC::encodeResult): (JSC::decodeResult): * runtime/VM.h: * runtime/Watchdog.h: * tools/HeapVerifier.cpp: Source/WTF: * wtf/Forward.h: Fix WTF_LAZY_FOR_EACH_TERM on MSVC and add WTF_LAZY_HAS_REST to check whether a macro was passed multiple arguments * wtf/Platform.h: Force ENABLE_JIT=false on all 32-bit platforms * wtf/Vector.h: (WTF::minCapacity>::insertVector): Allow vectors with different overflow handlers to be passed to insertVector Tools: Do not force ENABLE_JIT=true when $forceCLoop is false. * Scripts/build-jsc: LayoutTests: Don't use recursion on `equal` to avoid premature stack overflows when testing deep arrays. * fast/dom/Window/resources/postmessage-test.js: Canonical link: https://commits.webkit.org/205839@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237547 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-10-29 13:16:03 +00:00
if (thisObject->m_instructions)
extraMemory += thisObject->m_instructions->sizeInBytes();
UnlinkedCodeBlock should have better accounting for extra memory https://bugs.webkit.org/show_bug.cgi?id=225080 Reviewed by Mark Lam. Right now we aren't telling the JS GC about the extra memory attached to UnlinkedCodeBlocks. It looks like on at least some sites this can be a fairly large percentage of the total memory retained by the JS object graph. This is very similar to the change we made for CodeBlocks in r276610. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::visitChildrenImpl): (JSC::UnlinkedCodeBlock::RareData::sizeInBytes const): * bytecode/UnlinkedCodeBlock.h: Canonical link: https://commits.webkit.org/237053@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276625 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-04-27 01:09:59 +00:00
if (thisObject->hasRareData())
extraMemory += thisObject->m_rareData->sizeInBytes(locker);
extraMemory += thisObject->m_jumpTargets.byteSize();
extraMemory += thisObject->m_identifiers.byteSize();
extraMemory += thisObject->m_constantRegisters.byteSize();
extraMemory += thisObject->m_constantsSourceCodeRepresentation.byteSize();
extraMemory += thisObject->m_functionDecls.byteSize();
extraMemory += thisObject->m_functionExprs.byteSize();
New bytecode format for JSC https://bugs.webkit.org/show_bug.cgi?id=187373 <rdar://problem/44186758> Reviewed by Filip Pizlo. .: Disable JIT by default on 32-bit platforms * Source/cmake/WebKitFeatures.cmake: JSTests: Add tests to ensure that the inferred inline capacity for a narrow op_new_object will be capped at 255. * stress/maximum-inline-capacity.js: Added. (test1): (test3.Foo): (test3): Source/JavaScriptCore: Replace unlinked and linked bytecode with a new immutable bytecode that does not embed any addresses. Instructions can be encoded as narrow (1-byte operands) or wide (4-byte operands) and might contain an extra operand, the metadataID. The metadataID is used to access the instruction's mutable data in a side table in the CodeBlock (the MetadataTable). Bytecodes now must be structs declared in the new BytecodeList.rb. All bytecodes give names and types to all its operands. Additionally, reading a bytecode from the instruction stream requires decoding the whole bytecode, i.e. it's no longer possible to access arbitrary operands directly from the stream. * CMakeLists.txt: * DerivedSources.make: * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * assembler/MacroAssemblerCodeRef.h: (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): * bytecode/ArithProfile.h: (JSC::ArithProfile::ArithProfile): * bytecode/ArrayAllocationProfile.h: (JSC::ArrayAllocationProfile::ArrayAllocationProfile): * bytecode/ArrayProfile.h: * bytecode/BytecodeBasicBlock.cpp: (JSC::isJumpTarget): (JSC::BytecodeBasicBlock::computeImpl): (JSC::BytecodeBasicBlock::compute): * bytecode/BytecodeBasicBlock.h: (JSC::BytecodeBasicBlock::leaderOffset const): (JSC::BytecodeBasicBlock::totalLength const): (JSC::BytecodeBasicBlock::offsets const): (JSC::BytecodeBasicBlock::BytecodeBasicBlock): (JSC::BytecodeBasicBlock::addLength): * bytecode/BytecodeDumper.cpp: (JSC::BytecodeDumper<Block>::printLocationAndOp): (JSC::BytecodeDumper<Block>::dumpBytecode): (JSC::BytecodeDumper<Block>::dumpIdentifiers): (JSC::BytecodeDumper<Block>::dumpConstants): (JSC::BytecodeDumper<Block>::dumpExceptionHandlers): (JSC::BytecodeDumper<Block>::dumpSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpStringSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpBlock): * bytecode/BytecodeDumper.h: (JSC::BytecodeDumper::dumpOperand): (JSC::BytecodeDumper::dumpValue): (JSC::BytecodeDumper::BytecodeDumper): (JSC::BytecodeDumper::block const): * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::enterPoint const): (JSC::BytecodeGeneratorification::instructions const): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): (JSC::performGeneratorification): * bytecode/BytecodeGeneratorification.h: * bytecode/BytecodeGraph.h: (JSC::BytecodeGraph::blockContainsBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockForBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockWithLeaderOffset): (JSC::BytecodeGraph::BytecodeGraph): * bytecode/BytecodeKills.h: * bytecode/BytecodeList.json: Removed. * bytecode/BytecodeList.rb: Added. * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::dumpResults): * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::isValidRegisterForLiveness): (JSC::BytecodeLivenessPropagation::stepOverInstruction): * bytecode/BytecodeRewriter.cpp: (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): (JSC::BytecodeRewriter::insertImpl): (JSC::BytecodeRewriter::adjustJumpTarget): (JSC::BytecodeRewriter::adjustJumpTargets): * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::InsertionPoint::InsertionPoint): (JSC::BytecodeRewriter::Fragment::Fragment): (JSC::BytecodeRewriter::Fragment::appendInstruction): (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::insertFragmentBefore): (JSC::BytecodeRewriter::insertFragmentAfter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::adjustAbsoluteOffset): (JSC::BytecodeRewriter::adjustJumpTarget): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::estimatedSize): (JSC::CodeBlock::visitChildren): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::finalizeLLIntInlineCaches): (JSC::CodeBlock::addJITAddIC): (JSC::CodeBlock::addJITMulIC): (JSC::CodeBlock::addJITSubIC): (JSC::CodeBlock::addJITNegIC): (JSC::CodeBlock::stronglyVisitStrongReferences): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::updateAllArrayPredictions): (JSC::CodeBlock::predictedMachineCodeSize): (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): (JSC::CodeBlock::valueProfileForBytecodeOffset): (JSC::CodeBlock::validate): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::outOfLineJumpTarget): (JSC::CodeBlock::arithProfileForBytecodeOffset): (JSC::CodeBlock::arithProfileForPC): (JSC::CodeBlock::couldTakeSpecialFastCase): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: (JSC::CodeBlock::addMathIC): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::bytecodeOffset): (JSC::CodeBlock::instructions const): (JSC::CodeBlock::instructionCount const): (JSC::CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters): (JSC::CodeBlock::metadata): (JSC::CodeBlock::metadataSizeInBytes): (JSC::CodeBlock::numberOfNonArgumentValueProfiles): (JSC::CodeBlock::totalNumberOfValueProfiles): * bytecode/CodeBlockInlines.h: Added. (JSC::CodeBlock::forEachValueProfile): (JSC::CodeBlock::forEachArrayProfile): (JSC::CodeBlock::forEachArrayAllocationProfile): (JSC::CodeBlock::forEachObjectAllocationProfile): (JSC::CodeBlock::forEachLLIntCallLinkInfo): * bytecode/Fits.h: Added. * bytecode/GetByIdMetadata.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): * bytecode/Instruction.h: (JSC::Instruction::Instruction): (JSC::Instruction::Impl::opcodeID const): (JSC::Instruction::opcodeID const): (JSC::Instruction::name const): (JSC::Instruction::isWide const): (JSC::Instruction::size const): (JSC::Instruction::is const): (JSC::Instruction::as const): (JSC::Instruction::cast): (JSC::Instruction::cast const): (JSC::Instruction::narrow const): (JSC::Instruction::wide const): * bytecode/InstructionStream.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::InstructionStream::InstructionStream): (JSC::InstructionStream::sizeInBytes const): * bytecode/InstructionStream.h: Added. (JSC::InstructionStream::BaseRef::BaseRef): (JSC::InstructionStream::BaseRef::operator=): (JSC::InstructionStream::BaseRef::operator-> const): (JSC::InstructionStream::BaseRef::ptr const): (JSC::InstructionStream::BaseRef::operator!= const): (JSC::InstructionStream::BaseRef::next const): (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::isValid const): (JSC::InstructionStream::BaseRef::unwrap const): (JSC::InstructionStream::MutableRef::freeze const): (JSC::InstructionStream::MutableRef::operator->): (JSC::InstructionStream::MutableRef::ptr): (JSC::InstructionStream::MutableRef::operator Ref): (JSC::InstructionStream::MutableRef::unwrap): (JSC::InstructionStream::iterator::operator*): (JSC::InstructionStream::iterator::operator++): (JSC::InstructionStream::begin const): (JSC::InstructionStream::end const): (JSC::InstructionStream::at const): (JSC::InstructionStream::size const): (JSC::InstructionStreamWriter::InstructionStreamWriter): (JSC::InstructionStreamWriter::ref): (JSC::InstructionStreamWriter::seek): (JSC::InstructionStreamWriter::position): (JSC::InstructionStreamWriter::write): (JSC::InstructionStreamWriter::rewind): (JSC::InstructionStreamWriter::finalize): (JSC::InstructionStreamWriter::swap): (JSC::InstructionStreamWriter::iterator::operator*): (JSC::InstructionStreamWriter::iterator::operator++): (JSC::InstructionStreamWriter::begin): (JSC::InstructionStreamWriter::end): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp: (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::LLIntPrototypeLoadAdaptiveStructureWatchpoint): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::clearLLIntGetByIdCache): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h: * bytecode/MetadataTable.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::MetadataTable::MetadataTable): (JSC::DeallocTable::withOpcodeType): (JSC::MetadataTable::~MetadataTable): (JSC::MetadataTable::sizeInBytes): * bytecode/MetadataTable.h: Copied from Source/JavaScriptCore/runtime/Watchdog.h. (JSC::MetadataTable::get): (JSC::MetadataTable::forEach): (JSC::MetadataTable::getImpl): * bytecode/Opcode.cpp: (JSC::metadataSize): * bytecode/Opcode.h: (JSC::padOpcodeName): * bytecode/OpcodeInlines.h: (JSC::isOpcodeShape): (JSC::getOpcodeType): * bytecode/OpcodeSize.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecode/PreciseJumpTargets.cpp: (JSC::getJumpTargetsForInstruction): (JSC::computePreciseJumpTargetsInternal): (JSC::computePreciseJumpTargets): (JSC::recomputePreciseJumpTargets): (JSC::findJumpTargetsForInstruction): * bytecode/PreciseJumpTargets.h: * bytecode/PreciseJumpTargetsInlines.h: (JSC::jumpTargetForInstruction): (JSC::extractStoredJumpTargetsForInstruction): (JSC::updateStoredJumpTargetsForInstruction): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): * bytecode/SpecialPointer.cpp: (WTF::printInternal): * bytecode/SpecialPointer.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::estimatedSize): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): (JSC::UnlinkedCodeBlock::setInstructions): (JSC::UnlinkedCodeBlock::instructions const): (JSC::UnlinkedCodeBlock::applyModification): (JSC::UnlinkedCodeBlock::addOutOfLineJumpTarget): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::addPropertyAccessInstruction): (JSC::UnlinkedCodeBlock::propertyAccessInstructions const): (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const): (JSC::UnlinkedCodeBlock::metadata): (JSC::UnlinkedCodeBlock::metadataSizeInBytes): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): (JSC::UnlinkedCodeBlock::replaceOutOfLineJumpTargets): * bytecode/UnlinkedInstructionStream.cpp: Removed. * bytecode/UnlinkedInstructionStream.h: Removed. * bytecode/UnlinkedMetadataTable.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/UnlinkedMetadataTableInlines.h: Added. (JSC::UnlinkedMetadataTable::UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::~UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::addEntry): (JSC::UnlinkedMetadataTable::sizeInBytes): (JSC::UnlinkedMetadataTable::finalize): (JSC::UnlinkedMetadataTable::link): (JSC::UnlinkedMetadataTable::unlink): * bytecode/VirtualRegister.cpp: (JSC::VirtualRegister::VirtualRegister): * bytecode/VirtualRegister.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::Label::setLocation): (JSC::Label::bind): (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeVarLexicalEnvironment): (JSC::BytecodeGenerator::emitEnter): (JSC::BytecodeGenerator::emitLoopHint): (JSC::BytecodeGenerator::emitJump): (JSC::BytecodeGenerator::emitCheckTraps): (JSC::BytecodeGenerator::rewind): (JSC::BytecodeGenerator::fuseCompareAndJump): (JSC::BytecodeGenerator::fuseTestAndJmp): (JSC::BytecodeGenerator::emitJumpIfTrue): (JSC::BytecodeGenerator::emitJumpIfFalse): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::moveLinkTimeConstant): (JSC::BytecodeGenerator::moveEmptyValue): (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::emitBinaryOp): (JSC::BytecodeGenerator::emitToObject): (JSC::BytecodeGenerator::emitToNumber): (JSC::BytecodeGenerator::emitToString): (JSC::BytecodeGenerator::emitTypeOf): (JSC::BytecodeGenerator::emitInc): (JSC::BytecodeGenerator::emitDec): (JSC::BytecodeGenerator::emitEqualityOp): (JSC::BytecodeGenerator::emitProfileType): (JSC::BytecodeGenerator::emitProfileControlFlow): (JSC::BytecodeGenerator::pushLexicalScopeInternal): (JSC::BytecodeGenerator::emitResolveScopeForHoistingFuncDeclInEval): (JSC::BytecodeGenerator::prepareLexicalScopeForNextForLoopIteration): (JSC::BytecodeGenerator::emitOverridesHasInstance): (JSC::BytecodeGenerator::emitResolveScope): (JSC::BytecodeGenerator::emitGetFromScope): (JSC::BytecodeGenerator::emitPutToScope): (JSC::BytecodeGenerator::emitInstanceOf): (JSC::BytecodeGenerator::emitInstanceOfCustom): (JSC::BytecodeGenerator::emitInByVal): (JSC::BytecodeGenerator::emitInById): (JSC::BytecodeGenerator::emitTryGetById): (JSC::BytecodeGenerator::emitGetById): (JSC::BytecodeGenerator::emitDirectGetById): (JSC::BytecodeGenerator::emitPutById): (JSC::BytecodeGenerator::emitDirectPutById): (JSC::BytecodeGenerator::emitPutGetterById): (JSC::BytecodeGenerator::emitPutSetterById): (JSC::BytecodeGenerator::emitPutGetterSetter): (JSC::BytecodeGenerator::emitPutGetterByVal): (JSC::BytecodeGenerator::emitPutSetterByVal): (JSC::BytecodeGenerator::emitDeleteById): (JSC::BytecodeGenerator::emitGetByVal): (JSC::BytecodeGenerator::emitPutByVal): (JSC::BytecodeGenerator::emitDirectPutByVal): (JSC::BytecodeGenerator::emitDeleteByVal): (JSC::BytecodeGenerator::emitSuperSamplerBegin): (JSC::BytecodeGenerator::emitSuperSamplerEnd): (JSC::BytecodeGenerator::emitIdWithProfile): (JSC::BytecodeGenerator::emitUnreachable): (JSC::BytecodeGenerator::emitGetArgument): (JSC::BytecodeGenerator::emitCreateThis): (JSC::BytecodeGenerator::emitTDZCheck): (JSC::BytecodeGenerator::emitNewObject): (JSC::BytecodeGenerator::emitNewArrayBuffer): (JSC::BytecodeGenerator::emitNewArray): (JSC::BytecodeGenerator::emitNewArrayWithSpread): (JSC::BytecodeGenerator::emitNewArrayWithSize): (JSC::BytecodeGenerator::emitNewRegExp): (JSC::BytecodeGenerator::emitNewFunctionExpressionCommon): (JSC::BytecodeGenerator::emitNewDefaultConstructor): (JSC::BytecodeGenerator::emitNewFunction): (JSC::BytecodeGenerator::emitSetFunctionNameIfNeeded): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitCallInTailPosition): (JSC::BytecodeGenerator::emitCallEval): (JSC::BytecodeGenerator::emitExpectedFunctionSnippet): (JSC::BytecodeGenerator::emitCallVarargs): (JSC::BytecodeGenerator::emitCallVarargsInTailPosition): (JSC::BytecodeGenerator::emitConstructVarargs): (JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition): (JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary): (JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary): (JSC::BytecodeGenerator::emitCallDefineProperty): (JSC::BytecodeGenerator::emitReturn): (JSC::BytecodeGenerator::emitEnd): (JSC::BytecodeGenerator::emitConstruct): (JSC::BytecodeGenerator::emitStrcat): (JSC::BytecodeGenerator::emitToPrimitive): (JSC::BytecodeGenerator::emitGetScope): (JSC::BytecodeGenerator::emitPushWithScope): (JSC::BytecodeGenerator::emitGetParentScope): (JSC::BytecodeGenerator::emitDebugHook): (JSC::BytecodeGenerator::emitCatch): (JSC::BytecodeGenerator::emitThrow): (JSC::BytecodeGenerator::emitArgumentCount): (JSC::BytecodeGenerator::emitThrowStaticError): (JSC::BytecodeGenerator::beginSwitch): (JSC::prepareJumpTableForSwitch): (JSC::prepareJumpTableForStringSwitch): (JSC::BytecodeGenerator::endSwitch): (JSC::BytecodeGenerator::emitGetEnumerableLength): (JSC::BytecodeGenerator::emitHasGenericProperty): (JSC::BytecodeGenerator::emitHasIndexedProperty): (JSC::BytecodeGenerator::emitHasStructureProperty): (JSC::BytecodeGenerator::emitGetPropertyEnumerator): (JSC::BytecodeGenerator::emitEnumeratorStructurePropertyName): (JSC::BytecodeGenerator::emitEnumeratorGenericPropertyName): (JSC::BytecodeGenerator::emitToIndexString): (JSC::BytecodeGenerator::emitIsCellWithType): (JSC::BytecodeGenerator::emitIsObject): (JSC::BytecodeGenerator::emitIsNumber): (JSC::BytecodeGenerator::emitIsUndefined): (JSC::BytecodeGenerator::emitIsEmpty): (JSC::BytecodeGenerator::emitRestParameter): (JSC::BytecodeGenerator::emitRequireObjectCoercible): (JSC::BytecodeGenerator::emitYieldPoint): (JSC::BytecodeGenerator::emitYield): (JSC::BytecodeGenerator::emitGetAsyncIterator): (JSC::BytecodeGenerator::emitDelegateYield): (JSC::BytecodeGenerator::emitFinallyCompletion): (JSC::BytecodeGenerator::emitJumpIf): (JSC::ForInContext::finalize): (JSC::StructureForInContext::finalize): (JSC::IndexedForInContext::finalize): (JSC::StaticPropertyAnalysis::record): (JSC::BytecodeGenerator::emitToThis): * bytecompiler/BytecodeGenerator.h: (JSC::StructureForInContext::addGetInst): (JSC::BytecodeGenerator::recordOpcode): (JSC::BytecodeGenerator::addMetadataFor): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::kill): (JSC::BytecodeGenerator::instructions const): (JSC::BytecodeGenerator::write): (JSC::BytecodeGenerator::withWriter): * bytecompiler/Label.h: (JSC::Label::Label): (JSC::Label::bind): * bytecompiler/NodesCodegen.cpp: (JSC::ArrayNode::emitBytecode): (JSC::BytecodeIntrinsicNode::emit_intrinsic_argumentCount): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::BitwiseNotNode::emitBytecode): (JSC::BinaryOpNode::emitBytecode): (JSC::EqualNode::emitBytecode): (JSC::StrictEqualNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ForInNode::emitBytecode): (JSC::CaseBlockNode::emitBytecodeForBlock): (JSC::FunctionNode::emitBytecode): (JSC::ClassExprNode::emitBytecode): * bytecompiler/ProfileTypeBytecodeFlag.cpp: Copied from Source/JavaScriptCore/bytecode/VirtualRegister.cpp. (WTF::printInternal): * bytecompiler/ProfileTypeBytecodeFlag.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecompiler/RegisterID.h: * bytecompiler/StaticPropertyAnalysis.h: (JSC::StaticPropertyAnalysis::create): (JSC::StaticPropertyAnalysis::StaticPropertyAnalysis): * bytecompiler/StaticPropertyAnalyzer.h: (JSC::StaticPropertyAnalyzer::createThis): (JSC::StaticPropertyAnalyzer::newObject): (JSC::StaticPropertyAnalyzer::putById): (JSC::StaticPropertyAnalyzer::mov): (JSC::StaticPropertyAnalyzer::kill): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleVarargsCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleVarargsInlining): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::handleMinMax): (JSC::DFG::ByteCodeParser::handleIntrinsicCall): (JSC::DFG::ByteCodeParser::handleDOMJITCall): (JSC::DFG::ByteCodeParser::handleIntrinsicGetter): (JSC::DFG::ByteCodeParser::handleDOMJITGetter): (JSC::DFG::ByteCodeParser::handleModuleNamespaceLoad): (JSC::DFG::ByteCodeParser::handleTypedArrayConstructor): (JSC::DFG::ByteCodeParser::handleConstantInternalFunction): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseGetById): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::handlePutByVal): (JSC::DFG::ByteCodeParser::handlePutAccessorById): (JSC::DFG::ByteCodeParser::handlePutAccessorByVal): (JSC::DFG::ByteCodeParser::handleNewFunc): (JSC::DFG::ByteCodeParser::handleNewFuncExp): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCapabilities.cpp: (JSC::DFG::capabilityLevel): * dfg/DFGCapabilities.h: (JSC::DFG::capabilityLevel): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareCatchOSREntry): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileArithMul): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileUnaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileBinaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileArithMul): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOperations.cpp: (JSC::FTL::operationMaterializeObjectInOSR): * generate-bytecode-files: Removed. * generator/Argument.rb: Added. * generator/Assertion.rb: Added. * generator/DSL.rb: Added. * generator/Fits.rb: Added. * generator/GeneratedFile.rb: Added. * generator/Metadata.rb: Added. * generator/Opcode.rb: Added. * generator/OpcodeGroup.rb: Added. * generator/Options.rb: Added. * generator/Section.rb: Added. * generator/Template.rb: Added. * generator/Type.rb: Added. * generator/main.rb: Added. * interpreter/AbstractPC.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::currentVPC const): (JSC::CallFrame::setCurrentVPC): * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::ExecState::setReturnPC): * interpreter/Interpreter.cpp: (WTF::printInternal): * interpreter/Interpreter.h: * interpreter/InterpreterInlines.h: * interpreter/StackVisitor.cpp: (JSC::StackVisitor::Frame::dump const): * interpreter/VMEntryRecord.h: * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitSlowCaseCall): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): * jit/JIT.h: * jit/JITArithmetic.cpp: (JSC::JIT::emit_op_jless): (JSC::JIT::emit_op_jlesseq): (JSC::JIT::emit_op_jgreater): (JSC::JIT::emit_op_jgreatereq): (JSC::JIT::emit_op_jnless): (JSC::JIT::emit_op_jnlesseq): (JSC::JIT::emit_op_jngreater): (JSC::JIT::emit_op_jngreatereq): (JSC::JIT::emitSlow_op_jless): (JSC::JIT::emitSlow_op_jlesseq): (JSC::JIT::emitSlow_op_jgreater): (JSC::JIT::emitSlow_op_jgreatereq): (JSC::JIT::emitSlow_op_jnless): (JSC::JIT::emitSlow_op_jnlesseq): (JSC::JIT::emitSlow_op_jngreater): (JSC::JIT::emitSlow_op_jngreatereq): (JSC::JIT::emit_op_below): (JSC::JIT::emit_op_beloweq): (JSC::JIT::emit_op_jbelow): (JSC::JIT::emit_op_jbeloweq): (JSC::JIT::emit_op_unsigned): (JSC::JIT::emit_compareAndJump): (JSC::JIT::emit_compareUnsignedAndJump): (JSC::JIT::emit_compareUnsigned): (JSC::JIT::emit_compareAndJumpSlow): (JSC::JIT::emit_op_inc): (JSC::JIT::emit_op_dec): (JSC::JIT::emit_op_mod): (JSC::JIT::emitSlow_op_mod): (JSC::JIT::emit_op_negate): (JSC::JIT::emitSlow_op_negate): (JSC::JIT::emitBitBinaryOpFastPath): (JSC::JIT::emit_op_bitand): (JSC::JIT::emit_op_bitor): (JSC::JIT::emit_op_bitxor): (JSC::JIT::emit_op_lshift): (JSC::JIT::emitRightShiftFastPath): (JSC::JIT::emit_op_rshift): (JSC::JIT::emit_op_urshift): (JSC::getOperandTypes): (JSC::JIT::emit_op_add): (JSC::JIT::emitSlow_op_add): (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow): (JSC::JIT::emit_op_div): (JSC::JIT::emit_op_mul): (JSC::JIT::emitSlow_op_mul): (JSC::JIT::emit_op_sub): (JSC::JIT::emitSlow_op_sub): * jit/JITCall.cpp: (JSC::JIT::emitPutCallResult): (JSC::JIT::compileSetupFrame): (JSC::JIT::compileCallEval): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileTailCall): (JSC::JIT::compileOpCall): (JSC::JIT::compileOpCallSlowCase): (JSC::JIT::emit_op_call): (JSC::JIT::emit_op_tail_call): (JSC::JIT::emit_op_call_eval): (JSC::JIT::emit_op_call_varargs): (JSC::JIT::emit_op_tail_call_varargs): (JSC::JIT::emit_op_tail_call_forward_arguments): (JSC::JIT::emit_op_construct_varargs): (JSC::JIT::emit_op_construct): (JSC::JIT::emitSlow_op_call): (JSC::JIT::emitSlow_op_tail_call): (JSC::JIT::emitSlow_op_call_eval): (JSC::JIT::emitSlow_op_call_varargs): (JSC::JIT::emitSlow_op_tail_call_varargs): (JSC::JIT::emitSlow_op_tail_call_forward_arguments): (JSC::JIT::emitSlow_op_construct_varargs): (JSC::JIT::emitSlow_op_construct): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::JITDisassembler): * jit/JITExceptions.cpp: (JSC::genericUnwind): * jit/JITInlines.h: (JSC::JIT::emitDoubleGetByVal): (JSC::JIT::emitLoadForArrayMode): (JSC::JIT::emitContiguousGetByVal): (JSC::JIT::emitArrayStorageGetByVal): (JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile): (JSC::JIT::sampleInstruction): (JSC::JIT::emitValueProfilingSiteIfProfiledOpcode): (JSC::JIT::emitValueProfilingSite): (JSC::JIT::jumpTarget): (JSC::JIT::copiedGetPutInfo): (JSC::JIT::copiedArithProfile): * jit/JITMathIC.h: (JSC::isProfileEmpty): (JSC::JITBinaryMathIC::JITBinaryMathIC): (JSC::JITUnaryMathIC::JITUnaryMathIC): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_mov): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_jmp): (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_overrides_has_instance): (JSC::JIT::emit_op_instanceof): (JSC::JIT::emitSlow_op_instanceof): (JSC::JIT::emit_op_instanceof_custom): (JSC::JIT::emit_op_is_empty): (JSC::JIT::emit_op_is_undefined): (JSC::JIT::emit_op_is_boolean): (JSC::JIT::emit_op_is_number): (JSC::JIT::emit_op_is_cell_with_type): (JSC::JIT::emit_op_is_object): (JSC::JIT::emit_op_ret): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emit_op_set_function_name): (JSC::JIT::emit_op_not): (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jeq_null): (JSC::JIT::emit_op_jneq_null): (JSC::JIT::emit_op_jneq_ptr): (JSC::JIT::emit_op_eq): (JSC::JIT::emit_op_jeq): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_neq): (JSC::JIT::emit_op_jneq): (JSC::JIT::emit_op_throw): (JSC::JIT::compileOpStrictEq): (JSC::JIT::emit_op_stricteq): (JSC::JIT::emit_op_nstricteq): (JSC::JIT::compileOpStrictEqJump): (JSC::JIT::emit_op_jstricteq): (JSC::JIT::emit_op_jnstricteq): (JSC::JIT::emitSlow_op_jstricteq): (JSC::JIT::emitSlow_op_jnstricteq): (JSC::JIT::emit_op_to_number): (JSC::JIT::emit_op_to_string): (JSC::JIT::emit_op_to_object): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_identity_with_profile): (JSC::JIT::emit_op_get_parent_scope): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_debug): (JSC::JIT::emit_op_eq_null): (JSC::JIT::emit_op_neq_null): (JSC::JIT::emit_op_enter): (JSC::JIT::emit_op_get_scope): (JSC::JIT::emit_op_to_this): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_check_tdz): (JSC::JIT::emitSlow_op_eq): (JSC::JIT::emitSlow_op_neq): (JSC::JIT::emitSlow_op_jeq): (JSC::JIT::emitSlow_op_jneq): (JSC::JIT::emitSlow_op_instanceof_custom): (JSC::JIT::emit_op_loop_hint): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_check_traps): (JSC::JIT::emit_op_nop): (JSC::JIT::emit_op_super_sampler_begin): (JSC::JIT::emit_op_super_sampler_end): (JSC::JIT::emitSlow_op_check_traps): (JSC::JIT::emit_op_new_regexp): (JSC::JIT::emitNewFuncCommon): (JSC::JIT::emit_op_new_func): (JSC::JIT::emit_op_new_generator_func): (JSC::JIT::emit_op_new_async_generator_func): (JSC::JIT::emit_op_new_async_func): (JSC::JIT::emitNewFuncExprCommon): (JSC::JIT::emit_op_new_func_exp): (JSC::JIT::emit_op_new_generator_func_exp): (JSC::JIT::emit_op_new_async_func_exp): (JSC::JIT::emit_op_new_async_generator_func_exp): (JSC::JIT::emit_op_new_array): (JSC::JIT::emit_op_new_array_with_size): (JSC::JIT::emit_op_has_structure_property): (JSC::JIT::privateCompileHasIndexedProperty): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emitSlow_op_has_indexed_property): (JSC::JIT::emit_op_get_direct_pname): (JSC::JIT::emit_op_enumerator_structure_pname): (JSC::JIT::emit_op_enumerator_generic_pname): (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): (JSC::JIT::emit_op_profile_control_flow): (JSC::JIT::emit_op_argument_count): (JSC::JIT::emit_op_get_rest_length): (JSC::JIT::emit_op_get_argument): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_to_this): * jit/JITOperations.cpp: * jit/JITOperations.h: * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val_direct): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::emit_op_put_getter_by_id): (JSC::JIT::emit_op_put_setter_by_id): (JSC::JIT::emit_op_put_getter_setter_by_id): (JSC::JIT::emit_op_put_getter_by_val): (JSC::JIT::emit_op_put_setter_by_val): (JSC::JIT::emit_op_del_by_id): (JSC::JIT::emit_op_del_by_val): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emitSlow_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emitSlow_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emitSlow_op_get_by_id): (JSC::JIT::emitSlow_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emitSlow_op_put_by_id): (JSC::JIT::emit_op_in_by_id): (JSC::JIT::emitSlow_op_in_by_id): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emitSlow_op_put_to_scope): (JSC::JIT::emit_op_get_from_arguments): (JSC::JIT::emit_op_put_to_arguments): (JSC::JIT::privateCompileGetByVal): (JSC::JIT::privateCompileGetByValWithCachedId): (JSC::JIT::privateCompilePutByVal): (JSC::JIT::privateCompilePutByValWithCachedId): (JSC::JIT::emitDoubleLoad): (JSC::JIT::emitContiguousLoad): (JSC::JIT::emitArrayStorageLoad): (JSC::JIT::emitDirectArgumentsGetByVal): (JSC::JIT::emitScopedArgumentsGetByVal): (JSC::JIT::emitIntTypedArrayGetByVal): (JSC::JIT::emitFloatTypedArrayGetByVal): (JSC::JIT::emitIntTypedArrayPutByVal): (JSC::JIT::emitFloatTypedArrayPutByVal): * jit/RegisterSet.cpp: (JSC::RegisterSet::llintBaselineCalleeSaveRegisters): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::JITSlowPathCall): * llint/LLIntData.cpp: (JSC::LLInt::initialize): (JSC::LLInt::Data::performAssertions): * llint/LLIntData.h: (JSC::LLInt::exceptionInstructions): (JSC::LLInt::opcodeMap): (JSC::LLInt::opcodeMapWide): (JSC::LLInt::getOpcode): (JSC::LLInt::getOpcodeWide): (JSC::LLInt::getWideCodePtr): * llint/LLIntOffsetsExtractor.cpp: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::llint_trace_operand): (JSC::LLInt::llint_trace_value): (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::entryOSR): (JSC::LLInt::setupGetByIdPrototypeCache): (JSC::LLInt::getByVal): (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall): (JSC::LLInt::genericCall): (JSC::LLInt::varargsSetup): (JSC::LLInt::commonCallEval): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter.cpp: (JSC::CLoopRegister::operator const Instruction*): (JSC::CLoop::execute): * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * offlineasm/arm64.rb: * offlineasm/asm.rb: * offlineasm/ast.rb: * offlineasm/cloop.rb: * offlineasm/generate_offset_extractor.rb: * offlineasm/instructions.rb: * offlineasm/offsets.rb: * offlineasm/parser.rb: * offlineasm/transform.rb: * offlineasm/x86.rb: * parser/ResultType.h: (JSC::ResultType::dump const): (JSC::OperandTypes::first const): (JSC::OperandTypes::second const): (JSC::OperandTypes::dump const): * profiler/ProfilerBytecodeSequence.cpp: (JSC::Profiler::BytecodeSequence::BytecodeSequence): * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): (JSC::updateArithProfileForUnaryArithOp): (JSC::updateArithProfileForBinaryArithOp): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::tryCachePutToScopeGlobal): (JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal): * runtime/ExceptionFuzz.cpp: (JSC::doExceptionFuzzing): * runtime/ExceptionFuzz.h: (JSC::doExceptionFuzzingIfEnabled): * runtime/GetPutInfo.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::GetPutInfo::dump const): (WTF::printInternal): * runtime/GetPutInfo.h: (JSC::GetPutInfo::operand const): * runtime/JSCPoison.h: * runtime/JSType.cpp: Added. (WTF::printInternal): * runtime/JSType.h: * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::StackFrame::displayName): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::UnprocessedStackFrame::UnprocessedStackFrame): * runtime/SlowPathReturnType.h: (JSC::encodeResult): (JSC::decodeResult): * runtime/VM.h: * runtime/Watchdog.h: * tools/HeapVerifier.cpp: Source/WTF: * wtf/Forward.h: Fix WTF_LAZY_FOR_EACH_TERM on MSVC and add WTF_LAZY_HAS_REST to check whether a macro was passed multiple arguments * wtf/Platform.h: Force ENABLE_JIT=false on all 32-bit platforms * wtf/Vector.h: (WTF::minCapacity>::insertVector): Allow vectors with different overflow handlers to be passed to insertVector Tools: Do not force ENABLE_JIT=true when $forceCLoop is false. * Scripts/build-jsc: LayoutTests: Don't use recursion on `equal` to avoid premature stack overflows when testing deep arrays. * fast/dom/Window/resources/postmessage-test.js: Canonical link: https://commits.webkit.org/205839@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237547 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-10-29 13:16:03 +00:00
visitor.reportExtraMemoryVisited(extraMemory);
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
}
Implement a GC verifier. https://bugs.webkit.org/show_bug.cgi?id=217274 rdar://56255683 Reviewed by Filip Pizlo and Saam Barati. Source/JavaScriptCore: The idea behind the GC verifier is that in the GC End phase before we finalize and sweep, we'll do a simple stop the world synchronous full GC with the VerifierSlotVisitor. The VerifierSlotVisitor will collect it's own information on whether a JS cell should be marked or not. After this verifier GC pass, we'll compare the mark results. If the verifier GC says a cell should be marked, then the real GC should have marked the cell. The reverse is not true: if the verifier does not mark a cell, it is still OK for the real GC to mark it. For example, in an eden GC, all old generation cells would be considered mark by the real GC though the verifier would know better if they are already dead. Implementation details: 1. SlotVisitor (only used by the real GC) now inherits from a new abstract class, AbstractSlotVisitor. VerifierSlotVisitor (only used by the verifier GC) also inherits from AbstractSlotVisitor. 2. AbstractSlotVisitor declares many virtual methods. SlotVisitor implements some of these virtual methods as inline and final. If the client is invoking one these methods and knows that it will be operating on a SlotVisitor, the method being final allows it to be inlined into the client instead of going through the virtual dispatch. For the VerifierSlotVisitor, these methods will always be invoked by virtual dispatch via the AbstractSlotVisitor abstraction. 3. Almost all methods that takes a SlotVisitor previously (with a few exceptions) will now be templatized, and specialized to either take a SlotVisitor or an AbstractSlotVisitor. The cell MethodTable will now have 2 versions of visitChildren and visitOutputConstraints: one for SlotVisitor, and one for AbstractSlotVisitor. The reason we don't wire the 2nd version to VerifierSlotVisitor (instead of AbstractSlotVisitor) is because we don't need the GC verifier to run at top speed (though we don't want it to be too slow). Also, having hooks for using an AbstractSlotVisitor gives us more utility for implementing other types of GC checkers / analyzers in the future as subclasses of AbstractSlotVisitor. 4. Some minority of methods that used to take a SlotVisitor but are not critical to performance, will now just take an AbstractSlotVisitor instead. For example, see TypeProfilerLog::visit(). 5. isReachableFromOpaqueRoots() methods will also only take an AbstractSlotVisitor. The reason this is OK is because isReachableFromOpaqueRoots() only uses the visitor's addOpaqueRoot() and containsOpaqueRoot() methods, which are implemented in the AbstractSlotVisitor itself. For SlotVisitor, the m_opaqueRoot field will reference Heap::m_opaqueRoots. For VerifierSlotVisitor, the m_opaqueRoot field will reference its own opaque roots storage. This implementation of addOpaqueRoot() is perf neutral for SlotVisitor because where it would previously invoke m_heap.m_opaqueRoots.add(), it will now invoke m_opaqueRoot.add() instead where m_opaqueRoot points to m_heap.m_opaqueRoots. Ditto for AbstractSlotVisitor::containsOpaqueRoot(). 6. When reifying a templatized visit method, we do it in 2 ways: a. Implement the template method as an ALWAYS_INLINE Impl method, and have 2 visit methods (taking a SlotVisitor and an AbstractSlotVisitor respectively) inline the Impl method. For example, see JSObject::visitChildrenImpl(). b. Just templatize the visit method, and explicitly instantiate it with a SlotVisitor and an AbstractSlotVisitor. For example, see DesiredTransition::visitChildren(). The reason we need form (a) is if: i. we need to export the visit methods. For example, see JSObject:visitChildren(). Note: A Clang engineer told me that "there's no way to export an explicit instantiation that will make it a strong symbol." This is because "C++ does not provide any standard way to guarantee that an explicit instantiation is unique, and Clang hasn't added any extension to do so." ii. the visit method is an override of a virtual method. For example, see DFG::Scannable::visitChildren() and DFG::Graph::visitChildren(). Otherwise, we'll prefer form (b) as it is natural C++. 7. Because templatizing all the visit methods requires a lot of boiler plate code, we introduce some macros in SlotVisitorMacros.h to reduce some of the boiler plate burden. We especially try to do this for methods of form (a) (see (6) above) which require more boiler plate. 8. The driver of the real GC is MarkingConstraintSet::executeConvergence() which runs with the MarkingConstraintSolver. The driver of the verifier GC is Heap::verifyGC(), which has a loop to drain marked objects and execute contraints. 9. The GC verifier is built in by default but disabled. The relevant options are: JSC_verifyGC and JSC_verboseVerifyGC. JSC_verifyGC will enable the GC verifier. If JSC_verifyGC is true and the verifier finds a cell that is erroneously not marked by the real GC, it will dump an error message and then crash with a RELEASE_ASSERT. JSC_verboseVerifyGC will enable the GC verifier along with some more heavy weight record keeping (i.e. tracking the parent / owner cell that marked a cell, and capturing the call stack when the marked cell is appended to the mark stack). If JSC_verboseVerifyGC is true and the verifier finds a cell that is erroneously not marked by the real GC, it will dump the parent cell and captured stack along with an error message before crashing. This extra information provides the starting point for debugging GC bugs found by the verifier. Enabling JSC_verboseVerifyGC will automatically enable JSC_verifyGC. 10. Non-determinism in the real GC. The GC verifier's algorithm relies on the real GC being deterministic. However, there are a few places where this is not true: a. Marking conservative roots on the mutator stacks. By the time the verifier GC runs (in the GC End phase), the mutator stacks will look completely different than what the real GC saw. To work around this, if the verifier is enabled, then every conservative root captured by the real GC will also be added to the verifier's mark stack. When running verifyGC() in the End phase, the conservative root scans will be treated as no-ops. b. CodeBlock::shouldJettisonDueToOldAge() may return a different value. This is possible because the codeBlock may be in mid compilation while the real GC is in progress. CodeBlock::shouldVisitStrongly() calls shouldJettisonDueToOldAge(), and may see an old LLInt codeBlock whose timeToLive has expired. As a result, shouldJettisonDueToOldAge() returns true and shouldVisitStrongly() will return false for the real GC, leading to it not marking the codeBlock. However, before the verifier GC gets to run, baseline compilation on the codeBlock may finish. As a baseline codeBlock now, it gets a longer time to live. As a result, when the verifier GC runs, shouldJettisonDueToOldAge() will return false, and shouldVisitStrongly() in turn returns true. This results in the verifier GC marking the codeBlock (and its children) when the real GC did not, which leads to a false error. This is not a real error because if the real GC did not mark the code block, it will simply get jettisoned, and can be reinstantiated when needed later. There's no GC bug here. However, we do need to work around this to prevent the false error for the GC verifier. The work around is to introduce a CodeBlock::m_visitChildrenSkippedDueToOldAge flag that records what the real GC decided in shouldJettisonDueToOldAge(). This allows the verifier GC to replay the same decision and get a consistent result. c. CodeBlock::propagateTransitions() will only do a best effort at visiting cells in ICs, etc. If a cell is not already strongly marked by the time CodeBlock::propagateTransitions() checks it, propagateTransitions() will not mark other cells that are reachable from it. Since the real GC does marking on concurrent threads, marking order is not deterministic. CodeBlock::propagateTransitions() may or may not see a cell as already marked by the time it runs. The verifier GC may mark some of these cells in a different order than the real GC. As a result, in the verifier GC, CodeBlock::propagateTransitions() may see a cell as marked (and therefore, visit its children) when it did not for the real GC. To work around this, we currently add a SuppressGCVerifierScope to CodeBlock::propagateTransitions() to pessimize the verifier, and assume that propagateTransitions() will mark nothing. SuppressGCVerifierScope is a blunt hammer that stops the verifier GC from analyzing all cells potentially reachable via CodeBlock::propagateTransitions(). In the future, it may be possible to refine this and track which cells were actually skipped over (like we did for shouldJettisonDueToOldAge()). However, this decision tracking needs to be done in the real GC, and can be very expensive in terms of performance. The shouldJettisonDueToOldAge() case is rare, and as such lends itself to this more fine grain tracking without hurting performance. The decisions made in CodeBlock::propagateTransitions() are not as rare, and hence, it would hurt performance if we did fine grain decision tracking there (at least or now). 11. Marking in the verifier GC. The real GC tracks cell marks using a Bitmap in the MarkedBlocks. The verifier GC keeps tracks of MarkedBlock cell marks using a Bitmap on the side, stashed away in a HashMap. To improve the verifier marking performance, we reserve a void* m_verifierMemo pointer in the MarkedBlock, which the verifier will employ to cache its MarkedBlockData for that MarkedBlock. This allows the verifier to get to its side Bitmap without having to do a HashMap look up for every cell. Size-wise, in the current 16K MarkBlocks, there is previously room for 1005.5 atoms after reserving space for the MarkedBlock::Footer. Since we can never allocate half an atom anyway, that .5 atom gives us the 8 bytes we need for the m_verifierMemo pointer, which we'll put in the MarkedBlock::Footer. With this patch, each MarkedBlock will now have exactly 1005 atoms available for allocation. I ran JetStream2 and Speedometer2 locally on a MacBookAir10,1, MacBookPro16,1, and a 12.9” 4th Gen iPad Pro. The benchmark results for these were all neutral. The design of the GC verifier is such that it incurs almost no additional runtime memory overhead if not in use. Code size does increase significantly because there are now 2 variants of most of the methods that take a SlotVisitor. When in use, the additional runtime memory is encapsulated in the VerifierSlotVisitor, which is instantiated and destructed every GC cycle. Hence, it can affect peak memory usage during GCs, but the cost is transient. It does not persist past the GC End phase. * API/JSAPIWrapperObject.h: * API/JSAPIWrapperObject.mm: (JSAPIWrapperObjectHandleOwner::isReachableFromOpaqueRoots): (JSC::JSAPIWrapperObject::visitChildrenImpl): (JSC::JSAPIWrapperObject::visitChildren): Deleted. * API/JSCallbackObject.cpp: * API/JSCallbackObject.h: (JSC::JSCallbackObjectData::visitChildren): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::visitChildren): (JSC::JSCallbackObject<Parent>::visitChildrenImpl): * API/JSManagedValue.mm: (JSManagedValueHandleOwner::isReachableFromOpaqueRoots): * API/JSMarkingConstraintPrivate.cpp: (JSC::isMarked): (JSContextGroupAddMarkingConstraint): * API/JSVirtualMachine.mm: (scanExternalObjectGraph): (scanExternalRememberedSet): * API/JSVirtualMachineInternal.h: * API/MarkedJSValueRefArray.cpp: (JSC::MarkedJSValueRefArray::visitAggregate): * API/MarkedJSValueRefArray.h: * API/glib/JSAPIWrapperGlobalObject.cpp: (JSC::JSAPIWrapperGlobalObject::visitChildren): Deleted. * API/glib/JSAPIWrapperGlobalObject.h: * API/glib/JSAPIWrapperObjectGLib.cpp: (JSAPIWrapperObjectHandleOwner::isReachableFromOpaqueRoots): (JSC::JSAPIWrapperObject::visitChildrenImpl): (JSC::JSAPIWrapperObject::visitChildren): Deleted. * CMakeLists.txt: * JavaScriptCore.xcodeproj/project.pbxproj: * Scripts/wkbuiltins/builtins_generate_internals_wrapper_header.py: (BuiltinsInternalsWrapperHeaderGenerator): * Scripts/wkbuiltins/builtins_generate_internals_wrapper_implementation.py: (BuiltinsInternalsWrapperImplementationGenerator.generate_visit_method): * Scripts/wkbuiltins/builtins_templates.py: * Sources.txt: * bytecode/AccessCase.cpp: (JSC::AccessCase::propagateTransitions const): (JSC::AccessCase::visitAggregateImpl const): (JSC::AccessCase::visitAggregate const): Deleted. * bytecode/AccessCase.h: * bytecode/ByValInfo.cpp: (JSC::ByValInfo::visitAggregateImpl): (JSC::ByValInfo::visitAggregate): Deleted. * bytecode/ByValInfo.h: * bytecode/CheckPrivateBrandStatus.cpp: (JSC::CheckPrivateBrandStatus::visitAggregateImpl): (JSC::CheckPrivateBrandStatus::markIfCheap): (JSC::CheckPrivateBrandStatus::visitAggregate): Deleted. * bytecode/CheckPrivateBrandStatus.h: * bytecode/CheckPrivateBrandVariant.cpp: (JSC::CheckPrivateBrandVariant::markIfCheap): (JSC::CheckPrivateBrandVariant::visitAggregateImpl): (JSC::CheckPrivateBrandVariant::visitAggregate): Deleted. * bytecode/CheckPrivateBrandVariant.h: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::visitChildrenImpl): (JSC::CodeBlock::visitChildren): (JSC::CodeBlock::shouldVisitStrongly): (JSC::CodeBlock::shouldJettisonDueToOldAge): (JSC::shouldMarkTransition): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::determineLiveness): (JSC::CodeBlock::finalizeUnconditionally): (JSC::CodeBlock::visitOSRExitTargets): (JSC::CodeBlock::stronglyVisitStrongReferences): (JSC::CodeBlock::stronglyVisitWeakReferences): * bytecode/CodeBlock.h: * bytecode/DeleteByIdVariant.cpp: (JSC::DeleteByIdVariant::visitAggregateImpl): (JSC::DeleteByIdVariant::markIfCheap): (JSC::DeleteByIdVariant::visitAggregate): Deleted. * bytecode/DeleteByIdVariant.h: * bytecode/DeleteByStatus.cpp: (JSC::DeleteByStatus::visitAggregateImpl): (JSC::DeleteByStatus::markIfCheap): (JSC::DeleteByStatus::visitAggregate): Deleted. * bytecode/DeleteByStatus.h: * bytecode/DirectEvalCodeCache.cpp: (JSC::DirectEvalCodeCache::visitAggregateImpl): (JSC::DirectEvalCodeCache::visitAggregate): Deleted. * bytecode/DirectEvalCodeCache.h: * bytecode/ExecutableToCodeBlockEdge.cpp: (JSC::ExecutableToCodeBlockEdge::visitChildrenImpl): (JSC::ExecutableToCodeBlockEdge::visitOutputConstraintsImpl): (JSC::ExecutableToCodeBlockEdge::runConstraint): (JSC::ExecutableToCodeBlockEdge::visitChildren): Deleted. (JSC::ExecutableToCodeBlockEdge::visitOutputConstraints): Deleted. * bytecode/ExecutableToCodeBlockEdge.h: * bytecode/GetByIdVariant.cpp: (JSC::GetByIdVariant::visitAggregateImpl): (JSC::GetByIdVariant::markIfCheap): (JSC::GetByIdVariant::visitAggregate): Deleted. * bytecode/GetByIdVariant.h: * bytecode/GetByStatus.cpp: (JSC::GetByStatus::visitAggregateImpl): (JSC::GetByStatus::markIfCheap): (JSC::GetByStatus::visitAggregate): Deleted. * bytecode/GetByStatus.h: * bytecode/InByIdStatus.cpp: (JSC::InByIdStatus::markIfCheap): * bytecode/InByIdStatus.h: * bytecode/InByIdVariant.cpp: (JSC::InByIdVariant::markIfCheap): * bytecode/InByIdVariant.h: * bytecode/InternalFunctionAllocationProfile.h: (JSC::InternalFunctionAllocationProfile::visitAggregate): * bytecode/ObjectAllocationProfile.h: (JSC::ObjectAllocationProfileBase::visitAggregate): (JSC::ObjectAllocationProfileWithPrototype::visitAggregate): * bytecode/PolymorphicAccess.cpp: (JSC::PolymorphicAccess::propagateTransitions const): (JSC::PolymorphicAccess::visitAggregateImpl): (JSC::PolymorphicAccess::visitAggregate): Deleted. * bytecode/PolymorphicAccess.h: * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::markIfCheap): * bytecode/PutByIdStatus.h: * bytecode/PutByIdVariant.cpp: (JSC::PutByIdVariant::markIfCheap): * bytecode/PutByIdVariant.h: * bytecode/RecordedStatuses.cpp: (JSC::RecordedStatuses::visitAggregateImpl): (JSC::RecordedStatuses::markIfCheap): (JSC::RecordedStatuses::visitAggregate): Deleted. * bytecode/RecordedStatuses.h: * bytecode/SetPrivateBrandStatus.cpp: (JSC::SetPrivateBrandStatus::visitAggregateImpl): (JSC::SetPrivateBrandStatus::markIfCheap): (JSC::SetPrivateBrandStatus::visitAggregate): Deleted. * bytecode/SetPrivateBrandStatus.h: * bytecode/SetPrivateBrandVariant.cpp: (JSC::SetPrivateBrandVariant::markIfCheap): (JSC::SetPrivateBrandVariant::visitAggregateImpl): (JSC::SetPrivateBrandVariant::visitAggregate): Deleted. * bytecode/SetPrivateBrandVariant.h: * bytecode/StructureSet.cpp: (JSC::StructureSet::markIfCheap const): * bytecode/StructureSet.h: * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::visitAggregateImpl): (JSC::StructureStubInfo::propagateTransitions): (JSC::StructureStubInfo::visitAggregate): Deleted. * bytecode/StructureStubInfo.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::visitChildrenImpl): (JSC::UnlinkedCodeBlock::visitChildren): Deleted. * bytecode/UnlinkedCodeBlock.h: * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::UnlinkedFunctionExecutable::visitChildrenImpl): (JSC::UnlinkedFunctionExecutable::visitChildren): Deleted. * bytecode/UnlinkedFunctionExecutable.h: * debugger/DebuggerScope.cpp: (JSC::DebuggerScope::visitChildrenImpl): (JSC::DebuggerScope::visitChildren): Deleted. * debugger/DebuggerScope.h: * dfg/DFGDesiredTransitions.cpp: (JSC::DFG::DesiredTransition::visitChildren): (JSC::DFG::DesiredTransitions::visitChildren): * dfg/DFGDesiredTransitions.h: * dfg/DFGDesiredWeakReferences.cpp: (JSC::DFG::DesiredWeakReferences::visitChildren): * dfg/DFGDesiredWeakReferences.h: * dfg/DFGGraph.cpp: (JSC::DFG::Graph::visitChildrenImpl): (JSC::DFG::Graph::visitChildren): * dfg/DFGGraph.h: * dfg/DFGPlan.cpp: (JSC::DFG::Plan::checkLivenessAndVisitChildren): (JSC::DFG::Plan::isKnownToBeLiveDuringGC): (JSC::DFG::Plan::isKnownToBeLiveAfterGC): * dfg/DFGPlan.h: * dfg/DFGPlanInlines.h: (JSC::DFG::Plan::iterateCodeBlocksForGC): * dfg/DFGSafepoint.cpp: (JSC::DFG::Safepoint::checkLivenessAndVisitChildren): (JSC::DFG::Safepoint::isKnownToBeLiveDuringGC): (JSC::DFG::Safepoint::isKnownToBeLiveAfterGC): * dfg/DFGSafepoint.h: * dfg/DFGScannable.h: * dfg/DFGWorklist.cpp: (JSC::DFG::Worklist::visitWeakReferences): (JSC::DFG::Worklist::removeDeadPlans): * dfg/DFGWorklist.h: * dfg/DFGWorklistInlines.h: (JSC::DFG::iterateCodeBlocksForGC): (JSC::DFG::Worklist::iterateCodeBlocksForGC): * heap/AbstractSlotVisitor.h: Added. (JSC::AbstractSlotVisitor::Context::cell const): (JSC::AbstractSlotVisitor::SuppressGCVerifierScope::SuppressGCVerifierScope): (JSC::AbstractSlotVisitor::SuppressGCVerifierScope::~SuppressGCVerifierScope): (JSC::AbstractSlotVisitor::DefaultMarkingViolationAssertionScope::DefaultMarkingViolationAssertionScope): (JSC::AbstractSlotVisitor::collectorMarkStack): (JSC::AbstractSlotVisitor::mutatorMarkStack): (JSC::AbstractSlotVisitor::collectorMarkStack const): (JSC::AbstractSlotVisitor::mutatorMarkStack const): (JSC::AbstractSlotVisitor::isEmpty): (JSC::AbstractSlotVisitor::setIgnoreNewOpaqueRoots): (JSC::AbstractSlotVisitor::visitCount const): (JSC::AbstractSlotVisitor::addToVisitCount): (JSC::AbstractSlotVisitor::rootMarkReason const): (JSC::AbstractSlotVisitor::setRootMarkReason): (JSC::AbstractSlotVisitor::didRace): (JSC::AbstractSlotVisitor::codeName const): (JSC::SetRootMarkReasonScope::SetRootMarkReasonScope): (JSC::SetRootMarkReasonScope::~SetRootMarkReasonScope): * heap/AbstractSlotVisitorInlines.h: Added. (JSC::AbstractSlotVisitor::Context::Context): (JSC::AbstractSlotVisitor::Context::~Context): (JSC::AbstractSlotVisitor::AbstractSlotVisitor): (JSC::AbstractSlotVisitor::heap const): (JSC::AbstractSlotVisitor::vm): (JSC::AbstractSlotVisitor::vm const): (JSC::AbstractSlotVisitor::addOpaqueRoot): (JSC::AbstractSlotVisitor::containsOpaqueRoot const): (JSC::AbstractSlotVisitor::append): (JSC::AbstractSlotVisitor::appendHidden): (JSC::AbstractSlotVisitor::appendHiddenUnbarriered): (JSC::AbstractSlotVisitor::appendValues): (JSC::AbstractSlotVisitor::appendValuesHidden): (JSC::AbstractSlotVisitor::appendUnbarriered): (JSC::AbstractSlotVisitor::parentCell const): (JSC::AbstractSlotVisitor::reset): * heap/HandleSet.cpp: (JSC::HandleSet::visitStrongHandles): * heap/HandleSet.h: * heap/Heap.cpp: (JSC::Heap::iterateExecutingAndCompilingCodeBlocks): (JSC::Heap::iterateExecutingAndCompilingCodeBlocksWithoutHoldingLocks): (JSC::Heap::runEndPhase): (JSC::Heap::willStartCollection): (JSC::scanExternalRememberedSet): (JSC::serviceSamplingProfiler): (JSC::Heap::addCoreConstraints): (JSC::Heap::verifyGC): (JSC::Heap::isAnalyzingHeap const): Deleted. * heap/Heap.h: (JSC::Heap::isMarkingForGCVerifier const): (JSC::Heap::numOpaqueRoots const): Deleted. * heap/HeapInlines.h: (JSC::Heap::isMarked): * heap/HeapProfiler.cpp: (JSC::HeapProfiler::setActiveHeapAnalyzer): * heap/IsoCellSet.h: * heap/IsoCellSetInlines.h: (JSC::IsoCellSet::forEachMarkedCellInParallel): * heap/JITStubRoutineSet.cpp: (JSC::JITStubRoutineSet::traceMarkedStubRoutines): * heap/JITStubRoutineSet.h: (JSC::JITStubRoutineSet::traceMarkedStubRoutines): * heap/MarkStackMergingConstraint.cpp: (JSC::MarkStackMergingConstraint::prepareToExecuteImpl): (JSC::MarkStackMergingConstraint::executeImplImpl): (JSC::MarkStackMergingConstraint::executeImpl): * heap/MarkStackMergingConstraint.h: * heap/MarkedBlock.h: (JSC::MarkedBlock::Handle::atomAt const): (JSC::MarkedBlock::setVerifierMemo): (JSC::MarkedBlock::verifierMemo const): * heap/MarkedSpace.cpp: (JSC::MarkedSpace::visitWeakSets): * heap/MarkedSpace.h: * heap/MarkingConstraint.cpp: (JSC::MarkingConstraint::execute): (JSC::MarkingConstraint::executeSynchronously): (JSC::MarkingConstraint::prepareToExecute): (JSC::MarkingConstraint::doParallelWork): (JSC::MarkingConstraint::prepareToExecuteImpl): * heap/MarkingConstraint.h: * heap/MarkingConstraintExecutorPair.h: Added. (JSC::MarkingConstraintExecutorPair::MarkingConstraintExecutorPair): (JSC::MarkingConstraintExecutorPair::execute): * heap/MarkingConstraintSet.cpp: (JSC::MarkingConstraintSet::add): (JSC::MarkingConstraintSet::executeAllSynchronously): (JSC::MarkingConstraintSet::executeAll): Deleted. * heap/MarkingConstraintSet.h: (JSC::MarkingConstraintSet::add): * heap/MarkingConstraintSolver.cpp: * heap/MarkingConstraintSolver.h: * heap/SimpleMarkingConstraint.cpp: (JSC::SimpleMarkingConstraint::SimpleMarkingConstraint): (JSC::SimpleMarkingConstraint::executeImplImpl): (JSC::SimpleMarkingConstraint::executeImpl): * heap/SimpleMarkingConstraint.h: * heap/SlotVisitor.cpp: (JSC::SlotVisitor::SlotVisitor): (JSC::SlotVisitor::reset): (JSC::SlotVisitor::appendSlow): (JSC::SlotVisitor::addParallelConstraintTask): * heap/SlotVisitor.h: (JSC::SlotVisitor::collectorMarkStack): Deleted. (JSC::SlotVisitor::mutatorMarkStack): Deleted. (JSC::SlotVisitor::collectorMarkStack const): Deleted. (JSC::SlotVisitor::mutatorMarkStack const): Deleted. (JSC::SlotVisitor::isEmpty): Deleted. (JSC::SlotVisitor::isFirstVisit const): Deleted. (JSC::SlotVisitor::bytesVisited const): Deleted. (JSC::SlotVisitor::visitCount const): Deleted. (JSC::SlotVisitor::addToVisitCount): Deleted. (JSC::SlotVisitor::isAnalyzingHeap const): Deleted. (JSC::SlotVisitor::heapAnalyzer const): Deleted. (JSC::SlotVisitor::rootMarkReason const): Deleted. (JSC::SlotVisitor::setRootMarkReason): Deleted. (JSC::SlotVisitor::markingVersion const): Deleted. (JSC::SlotVisitor::mutatorIsStopped const): Deleted. (JSC::SlotVisitor::rightToRun): Deleted. (JSC::SlotVisitor::didRace): Deleted. (JSC::SlotVisitor::setIgnoreNewOpaqueRoots): Deleted. (JSC::SlotVisitor::codeName const): Deleted. (JSC::SetRootMarkReasonScope::SetRootMarkReasonScope): Deleted. (JSC::SetRootMarkReasonScope::~SetRootMarkReasonScope): Deleted. * heap/SlotVisitorInlines.h: (JSC::SlotVisitor::isMarked const): (JSC::SlotVisitor::addOpaqueRoot): Deleted. (JSC::SlotVisitor::containsOpaqueRoot const): Deleted. (JSC::SlotVisitor::heap const): Deleted. (JSC::SlotVisitor::vm): Deleted. (JSC::SlotVisitor::vm const): Deleted. * heap/SlotVisitorMacros.h: Added. * heap/Subspace.h: * heap/SubspaceInlines.h: (JSC::Subspace::forEachMarkedCellInParallel): * heap/VerifierSlotVisitor.cpp: Added. (JSC::MarkerData::MarkerData): (JSC::VerifierSlotVisitor::MarkedBlockData::MarkedBlockData): (JSC::VerifierSlotVisitor::MarkedBlockData::addMarkerData): (JSC::VerifierSlotVisitor::MarkedBlockData::markerData const): (JSC::VerifierSlotVisitor::PreciseAllocationData::PreciseAllocationData): (JSC::VerifierSlotVisitor::PreciseAllocationData::markerData const): (JSC::VerifierSlotVisitor::PreciseAllocationData::addMarkerData): (JSC::VerifierSlotVisitor::VerifierSlotVisitor): (JSC::VerifierSlotVisitor::~VerifierSlotVisitor): (JSC::VerifierSlotVisitor::addParallelConstraintTask): (JSC::VerifierSlotVisitor::executeConstraintTasks): (JSC::VerifierSlotVisitor::append): (JSC::VerifierSlotVisitor::appendToMarkStack): (JSC::VerifierSlotVisitor::appendUnbarriered): (JSC::VerifierSlotVisitor::appendHiddenUnbarriered): (JSC::VerifierSlotVisitor::drain): (JSC::VerifierSlotVisitor::dumpMarkerData): (JSC::VerifierSlotVisitor::isFirstVisit const): (JSC::VerifierSlotVisitor::isMarked const): (JSC::VerifierSlotVisitor::markAuxiliary): (JSC::VerifierSlotVisitor::mutatorIsStopped const): (JSC::VerifierSlotVisitor::testAndSetMarked): (JSC::VerifierSlotVisitor::setMarkedAndAppendToMarkStack): (JSC::VerifierSlotVisitor::visitAsConstraint): (JSC::VerifierSlotVisitor::visitChildren): * heap/VerifierSlotVisitor.h: Added. (JSC::VerifierSlotVisitor::MarkedBlockData::block const): (JSC::VerifierSlotVisitor::MarkedBlockData::atoms const): (JSC::VerifierSlotVisitor::MarkedBlockData::isMarked): (JSC::VerifierSlotVisitor::MarkedBlockData::testAndSetMarked): (JSC::VerifierSlotVisitor::PreciseAllocationData::allocation const): (JSC::VerifierSlotVisitor::appendSlow): * heap/VerifierSlotVisitorInlines.h: Added. (JSC::VerifierSlotVisitor::forEachLiveCell): (JSC::VerifierSlotVisitor::forEachLivePreciseAllocation): (JSC::VerifierSlotVisitor::forEachLiveMarkedBlockCell): * heap/VisitCounter.h: (JSC::VisitCounter::VisitCounter): (JSC::VisitCounter::visitor const): * heap/WeakBlock.cpp: (JSC::WeakBlock::specializedVisit): (JSC::WeakBlock::visitImpl): (JSC::WeakBlock::visit): * heap/WeakBlock.h: * heap/WeakHandleOwner.cpp: (JSC::WeakHandleOwner::isReachableFromOpaqueRoots): * heap/WeakHandleOwner.h: * heap/WeakSet.cpp: * heap/WeakSet.h: (JSC::WeakSet::visit): * interpreter/ShadowChicken.cpp: (JSC::ShadowChicken::visitChildren): * interpreter/ShadowChicken.h: * jit/GCAwareJITStubRoutine.cpp: (JSC::MarkingGCAwareJITStubRoutine::markRequiredObjectsInternalImpl): (JSC::MarkingGCAwareJITStubRoutine::markRequiredObjectsInternal): (JSC::GCAwareJITStubRoutine::markRequiredObjectsInternal): Deleted. * jit/GCAwareJITStubRoutine.h: (JSC::GCAwareJITStubRoutine::markRequiredObjects): (JSC::GCAwareJITStubRoutine::markRequiredObjectsInternal): * jit/JITWorklist.cpp: * jit/PolymorphicCallStubRoutine.cpp: (JSC::PolymorphicCallStubRoutine::markRequiredObjectsInternalImpl): (JSC::PolymorphicCallStubRoutine::markRequiredObjectsInternal): * jit/PolymorphicCallStubRoutine.h: * runtime/AbstractModuleRecord.cpp: (JSC::AbstractModuleRecord::visitChildrenImpl): (JSC::AbstractModuleRecord::visitChildren): Deleted. * runtime/AbstractModuleRecord.h: * runtime/ArgList.cpp: (JSC::MarkedArgumentBuffer::markLists): * runtime/ArgList.h: * runtime/CacheableIdentifier.h: * runtime/CacheableIdentifierInlines.h: (JSC::CacheableIdentifier::visitAggregate const): * runtime/ClassInfo.h: (JSC::MethodTable::visitChildren const): (JSC::MethodTable::visitOutputConstraints const): * runtime/ClonedArguments.cpp: (JSC::ClonedArguments::visitChildrenImpl): (JSC::ClonedArguments::visitChildren): Deleted. * runtime/ClonedArguments.h: * runtime/DirectArguments.cpp: (JSC::DirectArguments::visitChildrenImpl): (JSC::DirectArguments::visitChildren): Deleted. * runtime/DirectArguments.h: * runtime/EvalExecutable.cpp: (JSC::EvalExecutable::visitChildrenImpl): (JSC::EvalExecutable::visitChildren): Deleted. * runtime/EvalExecutable.h: * runtime/Exception.cpp: (JSC::Exception::visitChildrenImpl): (JSC::Exception::visitChildren): Deleted. * runtime/Exception.h: * runtime/FunctionExecutable.cpp: (JSC::FunctionExecutable::visitChildrenImpl): (JSC::FunctionExecutable::visitChildren): Deleted. * runtime/FunctionExecutable.h: * runtime/FunctionRareData.cpp: (JSC::FunctionRareData::visitChildrenImpl): (JSC::FunctionRareData::visitChildren): Deleted. * runtime/FunctionRareData.h: * runtime/GenericArguments.h: * runtime/GenericArgumentsInlines.h: (JSC::GenericArguments<Type>::visitChildrenImpl): (JSC::GenericArguments<Type>::visitChildren): Deleted. * runtime/GetterSetter.cpp: (JSC::GetterSetter::visitChildrenImpl): (JSC::GetterSetter::visitChildren): Deleted. * runtime/GetterSetter.h: * runtime/HashMapImpl.cpp: (JSC::HashMapBucket<Data>::visitChildrenImpl): (JSC::HashMapImpl<HashMapBucket>::visitChildrenImpl): (JSC::HashMapBucket<Data>::visitChildren): Deleted. (JSC::HashMapImpl<HashMapBucket>::visitChildren): Deleted. * runtime/HashMapImpl.h: * runtime/InternalFunction.cpp: (JSC::InternalFunction::visitChildrenImpl): (JSC::InternalFunction::visitChildren): Deleted. * runtime/InternalFunction.h: * runtime/IntlCollator.cpp: (JSC::IntlCollator::visitChildrenImpl): (JSC::IntlCollator::visitChildren): Deleted. * runtime/IntlCollator.h: * runtime/IntlDateTimeFormat.cpp: (JSC::IntlDateTimeFormat::visitChildrenImpl): (JSC::IntlDateTimeFormat::visitChildren): Deleted. * runtime/IntlDateTimeFormat.h: * runtime/IntlLocale.cpp: (JSC::IntlLocale::visitChildrenImpl): (JSC::IntlLocale::visitChildren): Deleted. * runtime/IntlLocale.h: * runtime/IntlNumberFormat.cpp: (JSC::IntlNumberFormat::visitChildrenImpl): (JSC::IntlNumberFormat::visitChildren): Deleted. * runtime/IntlNumberFormat.h: * runtime/IntlPluralRules.cpp: (JSC::IntlPluralRules::visitChildrenImpl): (JSC::IntlPluralRules::visitChildren): Deleted. * runtime/IntlPluralRules.h: * runtime/IntlRelativeTimeFormat.cpp: (JSC::IntlRelativeTimeFormat::visitChildrenImpl): (JSC::IntlRelativeTimeFormat::visitChildren): Deleted. * runtime/IntlRelativeTimeFormat.h: * runtime/IntlSegmentIterator.cpp: (JSC::IntlSegmentIterator::visitChildrenImpl): (JSC::IntlSegmentIterator::visitChildren): Deleted. * runtime/IntlSegmentIterator.h: * runtime/IntlSegments.cpp: (JSC::IntlSegments::visitChildrenImpl): (JSC::IntlSegments::visitChildren): Deleted. * runtime/IntlSegments.h: * runtime/JSArrayBufferView.cpp: (JSC::JSArrayBufferView::visitChildrenImpl): (JSC::JSArrayBufferView::visitChildren): Deleted. * runtime/JSArrayBufferView.h: * runtime/JSArrayIterator.cpp: (JSC::JSArrayIterator::visitChildrenImpl): (JSC::JSArrayIterator::visitChildren): Deleted. * runtime/JSArrayIterator.h: * runtime/JSAsyncGenerator.cpp: (JSC::JSAsyncGenerator::visitChildrenImpl): (JSC::JSAsyncGenerator::visitChildren): Deleted. * runtime/JSAsyncGenerator.h: * runtime/JSBigInt.cpp: (JSC::JSBigInt::visitChildrenImpl): (JSC::JSBigInt::visitChildren): Deleted. * runtime/JSBigInt.h: * runtime/JSBoundFunction.cpp: (JSC::JSBoundFunction::visitChildrenImpl): (JSC::JSBoundFunction::visitChildren): Deleted. * runtime/JSBoundFunction.h: * runtime/JSCallee.cpp: (JSC::JSCallee::visitChildrenImpl): (JSC::JSCallee::visitChildren): Deleted. * runtime/JSCallee.h: * runtime/JSCell.h: * runtime/JSCellInlines.h: (JSC::JSCell::visitChildrenImpl): (JSC::JSCell::visitOutputConstraintsImpl): (JSC::JSCell::visitChildren): Deleted. (JSC::JSCell::visitOutputConstraints): Deleted. * runtime/JSFinalizationRegistry.cpp: (JSC::JSFinalizationRegistry::visitChildrenImpl): (JSC::JSFinalizationRegistry::visitChildren): Deleted. * runtime/JSFinalizationRegistry.h: * runtime/JSFunction.cpp: (JSC::JSFunction::visitChildrenImpl): (JSC::JSFunction::visitChildren): Deleted. * runtime/JSFunction.h: * runtime/JSGenerator.cpp: (JSC::JSGenerator::visitChildrenImpl): (JSC::JSGenerator::visitChildren): Deleted. * runtime/JSGenerator.h: * runtime/JSGenericTypedArrayView.h: * runtime/JSGenericTypedArrayViewInlines.h: (JSC::JSGenericTypedArrayView<Adaptor>::visitChildrenImpl): (JSC::JSGenericTypedArrayView<Adaptor>::visitChildren): Deleted. * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::visitChildrenImpl): (JSC::JSGlobalObject::visitChildren): Deleted. * runtime/JSGlobalObject.h: * runtime/JSImmutableButterfly.cpp: (JSC::JSImmutableButterfly::visitChildrenImpl): (JSC::JSImmutableButterfly::visitChildren): Deleted. * runtime/JSImmutableButterfly.h: * runtime/JSInternalFieldObjectImpl.h: * runtime/JSInternalFieldObjectImplInlines.h: (JSC::JSInternalFieldObjectImpl<passedNumberOfInternalFields>::visitChildrenImpl): (JSC::JSInternalFieldObjectImpl<passedNumberOfInternalFields>::visitChildren): Deleted. * runtime/JSLexicalEnvironment.cpp: (JSC::JSLexicalEnvironment::visitChildrenImpl): (JSC::JSLexicalEnvironment::visitChildren): Deleted. * runtime/JSLexicalEnvironment.h: * runtime/JSMapIterator.cpp: (JSC::JSMapIterator::visitChildrenImpl): (JSC::JSMapIterator::visitChildren): Deleted. * runtime/JSMapIterator.h: * runtime/JSModuleEnvironment.cpp: (JSC::JSModuleEnvironment::visitChildrenImpl): (JSC::JSModuleEnvironment::visitChildren): Deleted. * runtime/JSModuleEnvironment.h: * runtime/JSModuleNamespaceObject.cpp: (JSC::JSModuleNamespaceObject::visitChildrenImpl): (JSC::JSModuleNamespaceObject::visitChildren): Deleted. * runtime/JSModuleNamespaceObject.h: * runtime/JSModuleRecord.cpp: (JSC::JSModuleRecord::visitChildrenImpl): (JSC::JSModuleRecord::visitChildren): Deleted. * runtime/JSModuleRecord.h: * runtime/JSNativeStdFunction.cpp: (JSC::JSNativeStdFunction::visitChildrenImpl): (JSC::JSNativeStdFunction::visitChildren): Deleted. * runtime/JSNativeStdFunction.h: * runtime/JSObject.cpp: (JSC::JSObject::markAuxiliaryAndVisitOutOfLineProperties): (JSC::JSObject::visitButterfly): (JSC::JSObject::visitButterflyImpl): (JSC::JSObject::visitChildrenImpl): (JSC::JSFinalObject::visitChildrenImpl): (JSC::JSObject::visitChildren): Deleted. (JSC::JSFinalObject::visitChildren): Deleted. * runtime/JSObject.h: * runtime/JSPromise.cpp: (JSC::JSPromise::visitChildrenImpl): (JSC::JSPromise::visitChildren): Deleted. * runtime/JSPromise.h: * runtime/JSPropertyNameEnumerator.cpp: (JSC::JSPropertyNameEnumerator::visitChildrenImpl): (JSC::JSPropertyNameEnumerator::visitChildren): Deleted. * runtime/JSPropertyNameEnumerator.h: * runtime/JSProxy.cpp: (JSC::JSProxy::visitChildrenImpl): (JSC::JSProxy::visitChildren): Deleted. * runtime/JSProxy.h: * runtime/JSScope.cpp: (JSC::JSScope::visitChildrenImpl): (JSC::JSScope::visitChildren): Deleted. * runtime/JSScope.h: * runtime/JSSegmentedVariableObject.cpp: (JSC::JSSegmentedVariableObject::visitChildrenImpl): (JSC::JSSegmentedVariableObject::visitChildren): Deleted. * runtime/JSSegmentedVariableObject.h: * runtime/JSSetIterator.cpp: (JSC::JSSetIterator::visitChildrenImpl): (JSC::JSSetIterator::visitChildren): Deleted. * runtime/JSSetIterator.h: * runtime/JSString.cpp: (JSC::JSString::visitChildrenImpl): (JSC::JSString::visitChildren): Deleted. * runtime/JSString.h: * runtime/JSStringIterator.cpp: (JSC::JSStringIterator::visitChildrenImpl): (JSC::JSStringIterator::visitChildren): Deleted. * runtime/JSStringIterator.h: * runtime/JSSymbolTableObject.cpp: (JSC::JSSymbolTableObject::visitChildrenImpl): (JSC::JSSymbolTableObject::visitChildren): Deleted. * runtime/JSSymbolTableObject.h: * runtime/JSWeakObjectRef.cpp: (JSC::JSWeakObjectRef::visitChildrenImpl): (JSC::JSWeakObjectRef::visitChildren): Deleted. * runtime/JSWeakObjectRef.h: * runtime/JSWithScope.cpp: (JSC::JSWithScope::visitChildrenImpl): (JSC::JSWithScope::visitChildren): Deleted. * runtime/JSWithScope.h: * runtime/JSWrapperObject.cpp: (JSC::JSWrapperObject::visitChildrenImpl): (JSC::JSWrapperObject::visitChildren): Deleted. * runtime/JSWrapperObject.h: * runtime/LazyClassStructure.cpp: (JSC::LazyClassStructure::visit): * runtime/LazyClassStructure.h: * runtime/LazyProperty.h: * runtime/LazyPropertyInlines.h: (JSC::ElementType>::visit): * runtime/ModuleProgramExecutable.cpp: (JSC::ModuleProgramExecutable::visitChildrenImpl): (JSC::ModuleProgramExecutable::visitChildren): Deleted. * runtime/ModuleProgramExecutable.h: * runtime/Options.cpp: (JSC::Options::recomputeDependentOptions): * runtime/OptionsList.h: * runtime/ProgramExecutable.cpp: (JSC::ProgramExecutable::visitChildrenImpl): (JSC::ProgramExecutable::visitChildren): Deleted. * runtime/ProgramExecutable.h: * runtime/PropertyMapHashTable.h: * runtime/PropertyTable.cpp: (JSC::PropertyTable::visitChildrenImpl): (JSC::PropertyTable::visitChildren): Deleted. * runtime/ProxyObject.cpp: (JSC::ProxyObject::visitChildrenImpl): (JSC::ProxyObject::visitChildren): Deleted. * runtime/ProxyObject.h: * runtime/ProxyRevoke.cpp: (JSC::ProxyRevoke::visitChildrenImpl): (JSC::ProxyRevoke::visitChildren): Deleted. * runtime/ProxyRevoke.h: * runtime/RegExpCachedResult.cpp: (JSC::RegExpCachedResult::visitAggregateImpl): (JSC::RegExpCachedResult::visitAggregate): Deleted. * runtime/RegExpCachedResult.h: * runtime/RegExpGlobalData.cpp: (JSC::RegExpGlobalData::visitAggregateImpl): (JSC::RegExpGlobalData::visitAggregate): Deleted. * runtime/RegExpGlobalData.h: * runtime/RegExpObject.cpp: (JSC::RegExpObject::visitChildrenImpl): (JSC::RegExpObject::visitChildren): Deleted. * runtime/RegExpObject.h: * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::visit): * runtime/SamplingProfiler.h: * runtime/ScopedArguments.cpp: (JSC::ScopedArguments::visitChildrenImpl): (JSC::ScopedArguments::visitChildren): Deleted. * runtime/ScopedArguments.h: * runtime/SimpleTypedArrayController.cpp: (JSC::SimpleTypedArrayController::JSArrayBufferOwner::isReachableFromOpaqueRoots): * runtime/SimpleTypedArrayController.h: * runtime/SmallStrings.cpp: (JSC::SmallStrings::visitStrongReferences): * runtime/SmallStrings.h: * runtime/SparseArrayValueMap.cpp: (JSC::SparseArrayValueMap::visitChildrenImpl): (JSC::SparseArrayValueMap::visitChildren): Deleted. * runtime/SparseArrayValueMap.h: * runtime/StackFrame.cpp: (JSC::StackFrame::visitChildren): Deleted. * runtime/StackFrame.h: (JSC::StackFrame::visitChildren): * runtime/Structure.cpp: (JSC::Structure::visitChildrenImpl): (JSC::Structure::isCheapDuringGC): (JSC::Structure::markIfCheap): (JSC::Structure::visitChildren): Deleted. * runtime/Structure.h: * runtime/StructureChain.cpp: (JSC::StructureChain::visitChildrenImpl): (JSC::StructureChain::visitChildren): Deleted. * runtime/StructureChain.h: * runtime/StructureRareData.cpp: (JSC::StructureRareData::visitChildrenImpl): (JSC::StructureRareData::visitChildren): Deleted. * runtime/StructureRareData.h: * runtime/SymbolTable.cpp: (JSC::SymbolTable::visitChildrenImpl): (JSC::SymbolTable::visitChildren): Deleted. * runtime/SymbolTable.h: * runtime/TypeProfilerLog.cpp: (JSC::TypeProfilerLog::visit): * runtime/TypeProfilerLog.h: * runtime/VM.h: (JSC::VM::isAnalyzingHeap const): (JSC::VM::activeHeapAnalyzer const): (JSC::VM::setActiveHeapAnalyzer): * runtime/WeakMapImpl.cpp: (JSC::WeakMapImpl<WeakMapBucket>::visitChildrenImpl): (JSC::WeakMapImpl<WeakMapBucket<WeakMapBucketDataKey>>::visitOutputConstraints): (JSC::WeakMapImpl<BucketType>::visitOutputConstraints): (JSC::WeakMapImpl<WeakMapBucket>::visitChildren): Deleted. (JSC::WeakMapImpl<WeakMapBucket<WeakMapBucketDataKeyValue>>::visitOutputConstraints): Deleted. * runtime/WeakMapImpl.h: (JSC::WeakMapBucket::visitAggregate): * tools/JSDollarVM.cpp: (JSC::JSDollarVM::visitChildrenImpl): (JSC::JSDollarVM::visitChildren): Deleted. * tools/JSDollarVM.h: * wasm/WasmGlobal.cpp: (JSC::Wasm::Global::visitAggregateImpl): (JSC::Wasm::Global::visitAggregate): Deleted. * wasm/WasmGlobal.h: * wasm/WasmTable.cpp: (JSC::Wasm::Table::visitAggregateImpl): (JSC::Wasm::Table::visitAggregate): Deleted. * wasm/WasmTable.h: * wasm/js/JSToWasmICCallee.cpp: (JSC::JSToWasmICCallee::visitChildrenImpl): (JSC::JSToWasmICCallee::visitChildren): Deleted. * wasm/js/JSToWasmICCallee.h: * wasm/js/JSWebAssemblyCodeBlock.cpp: (JSC::JSWebAssemblyCodeBlock::visitChildrenImpl): (JSC::JSWebAssemblyCodeBlock::visitChildren): Deleted. * wasm/js/JSWebAssemblyCodeBlock.h: * wasm/js/JSWebAssemblyGlobal.cpp: (JSC::JSWebAssemblyGlobal::visitChildrenImpl): (JSC::JSWebAssemblyGlobal::visitChildren): Deleted. * wasm/js/JSWebAssemblyGlobal.h: * wasm/js/JSWebAssemblyInstance.cpp: (JSC::JSWebAssemblyInstance::visitChildrenImpl): (JSC::JSWebAssemblyInstance::visitChildren): Deleted. * wasm/js/JSWebAssemblyInstance.h: * wasm/js/JSWebAssemblyMemory.cpp: (JSC::JSWebAssemblyMemory::visitChildrenImpl): (JSC::JSWebAssemblyMemory::visitChildren): Deleted. * wasm/js/JSWebAssemblyMemory.h: * wasm/js/JSWebAssemblyModule.cpp: (JSC::JSWebAssemblyModule::visitChildrenImpl): (JSC::JSWebAssemblyModule::visitChildren): Deleted. * wasm/js/JSWebAssemblyModule.h: * wasm/js/JSWebAssemblyTable.cpp: (JSC::JSWebAssemblyTable::visitChildrenImpl): (JSC::JSWebAssemblyTable::visitChildren): Deleted. * wasm/js/JSWebAssemblyTable.h: * wasm/js/WebAssemblyFunction.cpp: (JSC::WebAssemblyFunction::visitChildrenImpl): (JSC::WebAssemblyFunction::visitChildren): Deleted. * wasm/js/WebAssemblyFunction.h: * wasm/js/WebAssemblyFunctionBase.cpp: (JSC::WebAssemblyFunctionBase::visitChildrenImpl): (JSC::WebAssemblyFunctionBase::visitChildren): Deleted. * wasm/js/WebAssemblyFunctionBase.h: * wasm/js/WebAssemblyModuleRecord.cpp: (JSC::WebAssemblyModuleRecord::visitChildrenImpl): (JSC::WebAssemblyModuleRecord::visitChildren): Deleted. * wasm/js/WebAssemblyModuleRecord.h: * wasm/js/WebAssemblyWrapperFunction.cpp: (JSC::WebAssemblyWrapperFunction::visitChildrenImpl): (JSC::WebAssemblyWrapperFunction::visitChildren): Deleted. * wasm/js/WebAssemblyWrapperFunction.h: Source/WebCore: 1. Added support for the GC verifier. 2. Also removed NodeFilterCondition::visitAggregate() because it is not used. 3. Rebased bindings test results. * Modules/indexeddb/IDBObjectStore.cpp: (WebCore::IDBObjectStore::visitReferencedIndexes const): * Modules/indexeddb/IDBObjectStore.h: * Modules/indexeddb/IDBTransaction.cpp: (WebCore::IDBTransaction::visitReferencedObjectStores const): * Modules/indexeddb/IDBTransaction.h: * Modules/webaudio/AudioBuffer.cpp: (WebCore::AudioBuffer::visitChannelWrappers): * Modules/webaudio/AudioBuffer.h: * bindings/js/DOMGCOutputConstraint.cpp: (WebCore::DOMGCOutputConstraint::executeImplImpl): (WebCore::DOMGCOutputConstraint::executeImpl): * bindings/js/DOMGCOutputConstraint.h: * bindings/js/JSAbortControllerCustom.cpp: (WebCore::JSAbortController::visitAdditionalChildren): * bindings/js/JSAbortSignalCustom.cpp: (WebCore::JSAbortSignalOwner::isReachableFromOpaqueRoots): * bindings/js/JSAttrCustom.cpp: (WebCore::JSAttr::visitAdditionalChildren): * bindings/js/JSAudioBufferCustom.cpp: (WebCore::JSAudioBuffer::visitAdditionalChildren): * bindings/js/JSAudioTrackCustom.cpp: (WebCore::JSAudioTrack::visitAdditionalChildren): * bindings/js/JSAudioTrackListCustom.cpp: (WebCore::JSAudioTrackList::visitAdditionalChildren): * bindings/js/JSAudioWorkletProcessorCustom.cpp: (WebCore::JSAudioWorkletProcessor::visitAdditionalChildren): * bindings/js/JSCSSRuleCustom.cpp: (WebCore::JSCSSRule::visitAdditionalChildren): * bindings/js/JSCSSRuleListCustom.cpp: (WebCore::JSCSSRuleListOwner::isReachableFromOpaqueRoots): * bindings/js/JSCSSStyleDeclarationCustom.cpp: (WebCore::JSCSSStyleDeclaration::visitAdditionalChildren): * bindings/js/JSCallbackData.cpp: (WebCore::JSCallbackDataWeak::visitJSFunction): (WebCore::JSCallbackDataWeak::WeakOwner::isReachableFromOpaqueRoots): * bindings/js/JSCallbackData.h: * bindings/js/JSCanvasRenderingContext2DCustom.cpp: (WebCore::JSCanvasRenderingContext2DOwner::isReachableFromOpaqueRoots): (WebCore::JSCanvasRenderingContext2D::visitAdditionalChildren): * bindings/js/JSCustomEventCustom.cpp: (WebCore::JSCustomEvent::visitAdditionalChildren): * bindings/js/JSDOMBuiltinConstructorBase.cpp: (WebCore::JSDOMBuiltinConstructorBase::visitChildrenImpl): (WebCore::JSDOMBuiltinConstructorBase::visitChildren): Deleted. * bindings/js/JSDOMBuiltinConstructorBase.h: * bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::visitChildrenImpl): (WebCore::JSDOMGlobalObject::visitChildren): Deleted. * bindings/js/JSDOMGlobalObject.h: * bindings/js/JSDOMGuardedObject.h: * bindings/js/JSDOMQuadCustom.cpp: (WebCore::JSDOMQuad::visitAdditionalChildren): * bindings/js/JSDOMWindowCustom.cpp: (WebCore::JSDOMWindow::visitAdditionalChildren): * bindings/js/JSDeprecatedCSSOMValueCustom.cpp: (WebCore::JSDeprecatedCSSOMValueOwner::isReachableFromOpaqueRoots): * bindings/js/JSDocumentCustom.cpp: (WebCore::JSDocument::visitAdditionalChildren): * bindings/js/JSErrorEventCustom.cpp: (WebCore::JSErrorEvent::visitAdditionalChildren): * bindings/js/JSEventListener.cpp: (WebCore::JSEventListener::visitJSFunctionImpl): (WebCore::JSEventListener::visitJSFunction): * bindings/js/JSEventListener.h: * bindings/js/JSEventTargetCustom.cpp: (WebCore::JSEventTarget::visitAdditionalChildren): * bindings/js/JSFetchEventCustom.cpp: (WebCore::JSFetchEvent::visitAdditionalChildren): * bindings/js/JSHTMLCanvasElementCustom.cpp: (WebCore::JSHTMLCanvasElement::visitAdditionalChildren): * bindings/js/JSHTMLTemplateElementCustom.cpp: (WebCore::JSHTMLTemplateElement::visitAdditionalChildren): * bindings/js/JSHistoryCustom.cpp: (WebCore::JSHistory::visitAdditionalChildren): * bindings/js/JSIDBCursorCustom.cpp: (WebCore::JSIDBCursor::visitAdditionalChildren): * bindings/js/JSIDBCursorWithValueCustom.cpp: (WebCore::JSIDBCursorWithValue::visitAdditionalChildren): * bindings/js/JSIDBIndexCustom.cpp: (WebCore::JSIDBIndex::visitAdditionalChildren): * bindings/js/JSIDBObjectStoreCustom.cpp: (WebCore::JSIDBObjectStore::visitAdditionalChildren): * bindings/js/JSIDBRequestCustom.cpp: (WebCore::JSIDBRequest::visitAdditionalChildren): * bindings/js/JSIDBTransactionCustom.cpp: (WebCore::JSIDBTransaction::visitAdditionalChildren): * bindings/js/JSIntersectionObserverCustom.cpp: (WebCore::JSIntersectionObserver::visitAdditionalChildren): * bindings/js/JSIntersectionObserverEntryCustom.cpp: (WebCore::JSIntersectionObserverEntry::visitAdditionalChildren): * bindings/js/JSMessageChannelCustom.cpp: (WebCore::JSMessageChannel::visitAdditionalChildren): * bindings/js/JSMessageEventCustom.cpp: (WebCore::JSMessageEvent::visitAdditionalChildren): * bindings/js/JSMessagePortCustom.cpp: (WebCore::JSMessagePort::visitAdditionalChildren): * bindings/js/JSMutationObserverCustom.cpp: (WebCore::JSMutationObserver::visitAdditionalChildren): (WebCore::JSMutationObserverOwner::isReachableFromOpaqueRoots): * bindings/js/JSMutationRecordCustom.cpp: (WebCore::JSMutationRecord::visitAdditionalChildren): * bindings/js/JSNavigatorCustom.cpp: (WebCore::JSNavigator::visitAdditionalChildren): * bindings/js/JSNodeCustom.cpp: (WebCore::isReachableFromDOM): (WebCore::JSNodeOwner::isReachableFromOpaqueRoots): (WebCore::JSNode::visitAdditionalChildren): * bindings/js/JSNodeIteratorCustom.cpp: (WebCore::JSNodeIterator::visitAdditionalChildren): * bindings/js/JSNodeListCustom.cpp: (WebCore::JSNodeListOwner::isReachableFromOpaqueRoots): * bindings/js/JSOffscreenCanvasRenderingContext2DCustom.cpp: (WebCore::JSOffscreenCanvasRenderingContext2DOwner::isReachableFromOpaqueRoots): (WebCore::JSOffscreenCanvasRenderingContext2D::visitAdditionalChildren): * bindings/js/JSPaintRenderingContext2DCustom.cpp: (WebCore::JSPaintRenderingContext2DOwner::isReachableFromOpaqueRoots): (WebCore::JSPaintRenderingContext2D::visitAdditionalChildren): * bindings/js/JSPaintWorkletGlobalScopeCustom.cpp: (WebCore::JSPaintWorkletGlobalScope::visitAdditionalChildren): * bindings/js/JSPaymentMethodChangeEventCustom.cpp: (WebCore::JSPaymentMethodChangeEvent::visitAdditionalChildren): * bindings/js/JSPaymentResponseCustom.cpp: (WebCore::JSPaymentResponse::visitAdditionalChildren): * bindings/js/JSPerformanceObserverCustom.cpp: (WebCore::JSPerformanceObserver::visitAdditionalChildren): (WebCore::JSPerformanceObserverOwner::isReachableFromOpaqueRoots): * bindings/js/JSPopStateEventCustom.cpp: (WebCore::JSPopStateEvent::visitAdditionalChildren): * bindings/js/JSPromiseRejectionEventCustom.cpp: (WebCore::JSPromiseRejectionEvent::visitAdditionalChildren): * bindings/js/JSResizeObserverCustom.cpp: (WebCore::JSResizeObserver::visitAdditionalChildren): * bindings/js/JSResizeObserverEntryCustom.cpp: (WebCore::JSResizeObserverEntry::visitAdditionalChildren): * bindings/js/JSSVGViewSpecCustom.cpp: (WebCore::JSSVGViewSpec::visitAdditionalChildren): * bindings/js/JSServiceWorkerGlobalScopeCustom.cpp: (WebCore::JSServiceWorkerGlobalScope::visitAdditionalChildren): * bindings/js/JSStaticRangeCustom.cpp: (WebCore::JSStaticRange::visitAdditionalChildren): * bindings/js/JSStyleSheetCustom.cpp: (WebCore::JSStyleSheet::visitAdditionalChildren): * bindings/js/JSTextTrackCueCustom.cpp: (WebCore::JSTextTrackCueOwner::isReachableFromOpaqueRoots): (WebCore::JSTextTrackCue::visitAdditionalChildren): * bindings/js/JSTextTrackCustom.cpp: (WebCore::JSTextTrack::visitAdditionalChildren): * bindings/js/JSTextTrackListCustom.cpp: (WebCore::JSTextTrackList::visitAdditionalChildren): * bindings/js/JSTreeWalkerCustom.cpp: (WebCore::JSTreeWalker::visitAdditionalChildren): * bindings/js/JSUndoItemCustom.cpp: (WebCore::JSUndoItem::visitAdditionalChildren): (WebCore::JSUndoItemOwner::isReachableFromOpaqueRoots): * bindings/js/JSValueInWrappedObject.h: (WebCore::JSValueInWrappedObject::visit const): * bindings/js/JSVideoTrackCustom.cpp: (WebCore::JSVideoTrack::visitAdditionalChildren): * bindings/js/JSVideoTrackListCustom.cpp: (WebCore::JSVideoTrackList::visitAdditionalChildren): * bindings/js/JSWebGL2RenderingContextCustom.cpp: (WebCore::JSWebGL2RenderingContext::visitAdditionalChildren): * bindings/js/JSWebGLRenderingContextCustom.cpp: (WebCore::JSWebGLRenderingContext::visitAdditionalChildren): * bindings/js/JSWorkerGlobalScopeBase.cpp: (WebCore::JSWorkerGlobalScopeBase::visitChildrenImpl): (WebCore::JSWorkerGlobalScopeBase::visitChildren): Deleted. * bindings/js/JSWorkerGlobalScopeBase.h: * bindings/js/JSWorkerGlobalScopeCustom.cpp: (WebCore::JSWorkerGlobalScope::visitAdditionalChildren): * bindings/js/JSWorkerNavigatorCustom.cpp: (WebCore::JSWorkerNavigator::visitAdditionalChildren): * bindings/js/JSWorkletGlobalScopeBase.cpp: (WebCore::JSWorkletGlobalScopeBase::visitChildrenImpl): (WebCore::JSWorkletGlobalScopeBase::visitChildren): Deleted. * bindings/js/JSWorkletGlobalScopeBase.h: * bindings/js/JSXMLHttpRequestCustom.cpp: (WebCore::JSXMLHttpRequest::visitAdditionalChildren): * bindings/js/JSXPathResultCustom.cpp: (WebCore::JSXPathResult::visitAdditionalChildren): * bindings/js/WebCoreTypedArrayController.cpp: (WebCore::WebCoreTypedArrayController::JSArrayBufferOwner::isReachableFromOpaqueRoots): * bindings/js/WebCoreTypedArrayController.h: * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): (GenerateImplementation): (GenerateCallbackHeaderContent): (GenerateCallbackImplementationContent): (GenerateIterableDefinition): * bindings/scripts/test/JS/JSDOMWindow.cpp: (WebCore::JSDOMWindow::subspaceForImpl): * bindings/scripts/test/JS/JSDedicatedWorkerGlobalScope.cpp: (WebCore::JSDedicatedWorkerGlobalScope::subspaceForImpl): * bindings/scripts/test/JS/JSExposedToWorkerAndWindow.cpp: (WebCore::JSExposedToWorkerAndWindow::subspaceForImpl): (WebCore::JSExposedToWorkerAndWindowOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSExposedToWorkerAndWindow.h: * bindings/scripts/test/JS/JSPaintWorkletGlobalScope.cpp: (WebCore::JSPaintWorkletGlobalScope::subspaceForImpl): * bindings/scripts/test/JS/JSServiceWorkerGlobalScope.cpp: (WebCore::JSServiceWorkerGlobalScope::subspaceForImpl): * bindings/scripts/test/JS/JSTestCEReactions.cpp: (WebCore::JSTestCEReactions::subspaceForImpl): (WebCore::JSTestCEReactionsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestCEReactions.h: * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp: (WebCore::JSTestCEReactionsStringifier::subspaceForImpl): (WebCore::JSTestCEReactionsStringifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestCEReactionsStringifier.h: * bindings/scripts/test/JS/JSTestCallTracer.cpp: (WebCore::JSTestCallTracer::subspaceForImpl): (WebCore::JSTestCallTracerOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestCallTracer.h: * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp: (WebCore::JSTestClassWithJSBuiltinConstructor::subspaceForImpl): (WebCore::JSTestClassWithJSBuiltinConstructorOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h: * bindings/scripts/test/JS/JSTestConditionalIncludes.cpp: (WebCore::JSTestConditionalIncludes::subspaceForImpl): (WebCore::JSTestConditionalIncludesOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestConditionalIncludes.h: * bindings/scripts/test/JS/JSTestConditionallyReadWrite.cpp: (WebCore::JSTestConditionallyReadWrite::subspaceForImpl): (WebCore::JSTestConditionallyReadWriteOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestConditionallyReadWrite.h: * bindings/scripts/test/JS/JSTestDOMJIT.cpp: (WebCore::JSTestDOMJIT::subspaceForImpl): * bindings/scripts/test/JS/JSTestDefaultToJSON.cpp: (WebCore::JSTestDefaultToJSON::subspaceForImpl): (WebCore::JSTestDefaultToJSONOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestDefaultToJSON.h: * bindings/scripts/test/JS/JSTestDefaultToJSONFilteredByExposed.cpp: (WebCore::JSTestDefaultToJSONFilteredByExposed::subspaceForImpl): (WebCore::JSTestDefaultToJSONFilteredByExposedOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestDefaultToJSONFilteredByExposed.h: * bindings/scripts/test/JS/JSTestDefaultToJSONIndirectInheritance.cpp: (WebCore::JSTestDefaultToJSONIndirectInheritance::subspaceForImpl): * bindings/scripts/test/JS/JSTestDefaultToJSONInherit.cpp: (WebCore::JSTestDefaultToJSONInherit::subspaceForImpl): * bindings/scripts/test/JS/JSTestDefaultToJSONInheritFinal.cpp: (WebCore::JSTestDefaultToJSONInheritFinal::subspaceForImpl): * bindings/scripts/test/JS/JSTestDomainSecurity.cpp: (WebCore::JSTestDomainSecurity::subspaceForImpl): (WebCore::JSTestDomainSecurityOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestDomainSecurity.h: * bindings/scripts/test/JS/JSTestEnabledBySetting.cpp: (WebCore::JSTestEnabledBySetting::subspaceForImpl): (WebCore::JSTestEnabledBySettingOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestEnabledBySetting.h: * bindings/scripts/test/JS/JSTestEnabledForContext.cpp: (WebCore::JSTestEnabledForContext::subspaceForImpl): (WebCore::JSTestEnabledForContextOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestEnabledForContext.h: * bindings/scripts/test/JS/JSTestEventConstructor.cpp: (WebCore::JSTestEventConstructor::subspaceForImpl): * bindings/scripts/test/JS/JSTestEventTarget.cpp: (WebCore::JSTestEventTarget::subspaceForImpl): * bindings/scripts/test/JS/JSTestException.cpp: (WebCore::JSTestException::subspaceForImpl): (WebCore::JSTestExceptionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestException.h: * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp: (WebCore::JSTestGenerateIsReachable::subspaceForImpl): (WebCore::JSTestGenerateIsReachableOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestGenerateIsReachable.h: * bindings/scripts/test/JS/JSTestGlobalObject.cpp: (WebCore::JSTestGlobalObject::subspaceForImpl): (WebCore::JSTestGlobalObjectOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestGlobalObject.h: * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp: (WebCore::JSTestIndexedSetterNoIdentifier::subspaceForImpl): (WebCore::JSTestIndexedSetterNoIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.h: * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp: (WebCore::JSTestIndexedSetterThrowingException::subspaceForImpl): (WebCore::JSTestIndexedSetterThrowingExceptionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.h: * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp: (WebCore::JSTestIndexedSetterWithIdentifier::subspaceForImpl): (WebCore::JSTestIndexedSetterWithIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.h: * bindings/scripts/test/JS/JSTestInterface.cpp: (WebCore::jsTestInterfacePrototypeFunction_entriesCaller): (WebCore::JSTestInterface::subspaceForImpl): (WebCore::JSTestInterfaceOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestInterface.h: * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp: (WebCore::JSTestInterfaceLeadingUnderscore::subspaceForImpl): (WebCore::JSTestInterfaceLeadingUnderscoreOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.h: * bindings/scripts/test/JS/JSTestIterable.cpp: (WebCore::jsTestIterablePrototypeFunction_entriesCaller): (WebCore::JSTestIterable::subspaceForImpl): (WebCore::JSTestIterableOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestIterable.h: * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp: (WebCore::JSTestJSBuiltinConstructor::subspaceForImpl): * bindings/scripts/test/JS/JSTestLegacyFactoryFunction.cpp: (WebCore::JSTestLegacyFactoryFunction::subspaceForImpl): (WebCore::JSTestLegacyFactoryFunctionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestLegacyFactoryFunction.h: * bindings/scripts/test/JS/JSTestLegacyNoInterfaceObject.cpp: (WebCore::JSTestLegacyNoInterfaceObject::subspaceForImpl): (WebCore::JSTestLegacyNoInterfaceObjectOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestLegacyNoInterfaceObject.h: * bindings/scripts/test/JS/JSTestLegacyOverrideBuiltIns.cpp: (WebCore::JSTestLegacyOverrideBuiltIns::subspaceForImpl): (WebCore::JSTestLegacyOverrideBuiltInsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestLegacyOverrideBuiltIns.h: * bindings/scripts/test/JS/JSTestMapLike.cpp: (WebCore::JSTestMapLike::subspaceForImpl): (WebCore::JSTestMapLikeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestMapLike.h: * bindings/scripts/test/JS/JSTestMapLikeWithOverriddenOperations.cpp: (WebCore::JSTestMapLikeWithOverriddenOperations::subspaceForImpl): (WebCore::JSTestMapLikeWithOverriddenOperationsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestMapLikeWithOverriddenOperations.h: * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp: (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::subspaceForImpl): (WebCore::JSTestNamedAndIndexedSetterNoIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.h: * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp: (WebCore::JSTestNamedAndIndexedSetterThrowingException::subspaceForImpl): (WebCore::JSTestNamedAndIndexedSetterThrowingExceptionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.h: * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp: (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::subspaceForImpl): (WebCore::JSTestNamedAndIndexedSetterWithIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp: (WebCore::JSTestNamedDeleterNoIdentifier::subspaceForImpl): (WebCore::JSTestNamedDeleterNoIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.h: * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp: (WebCore::JSTestNamedDeleterThrowingException::subspaceForImpl): (WebCore::JSTestNamedDeleterThrowingExceptionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.h: * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp: (WebCore::JSTestNamedDeleterWithIdentifier::subspaceForImpl): (WebCore::JSTestNamedDeleterWithIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp: (WebCore::JSTestNamedDeleterWithIndexedGetter::subspaceForImpl): (WebCore::JSTestNamedDeleterWithIndexedGetterOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.h: * bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp: (WebCore::JSTestNamedGetterCallWith::subspaceForImpl): (WebCore::JSTestNamedGetterCallWithOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedGetterCallWith.h: * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp: (WebCore::JSTestNamedGetterNoIdentifier::subspaceForImpl): (WebCore::JSTestNamedGetterNoIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.h: * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp: (WebCore::JSTestNamedGetterWithIdentifier::subspaceForImpl): (WebCore::JSTestNamedGetterWithIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp: (WebCore::JSTestNamedSetterNoIdentifier::subspaceForImpl): (WebCore::JSTestNamedSetterNoIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.h: * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp: (WebCore::JSTestNamedSetterThrowingException::subspaceForImpl): (WebCore::JSTestNamedSetterThrowingExceptionOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.h: * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp: (WebCore::JSTestNamedSetterWithIdentifier::subspaceForImpl): (WebCore::JSTestNamedSetterWithIdentifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp: (WebCore::JSTestNamedSetterWithIndexedGetter::subspaceForImpl): (WebCore::JSTestNamedSetterWithIndexedGetterOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.h: * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp: (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::subspaceForImpl): (WebCore::JSTestNamedSetterWithIndexedGetterAndSetterOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.h: * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyOverrideBuiltIns.cpp: (WebCore::JSTestNamedSetterWithLegacyOverrideBuiltIns::subspaceForImpl): (WebCore::JSTestNamedSetterWithLegacyOverrideBuiltInsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyOverrideBuiltIns.h: * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyUnforgeableProperties.cpp: (WebCore::JSTestNamedSetterWithLegacyUnforgeableProperties::subspaceForImpl): (WebCore::JSTestNamedSetterWithLegacyUnforgeablePropertiesOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyUnforgeableProperties.h: * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyUnforgeablePropertiesAndLegacyOverrideBuiltIns.cpp: (WebCore::JSTestNamedSetterWithLegacyUnforgeablePropertiesAndLegacyOverrideBuiltIns::subspaceForImpl): (WebCore::JSTestNamedSetterWithLegacyUnforgeablePropertiesAndLegacyOverrideBuiltInsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestNamedSetterWithLegacyUnforgeablePropertiesAndLegacyOverrideBuiltIns.h: * bindings/scripts/test/JS/JSTestNode.cpp: (WebCore::jsTestNodePrototypeFunction_entriesCaller): (WebCore::JSTestNode::subspaceForImpl): * bindings/scripts/test/JS/JSTestObj.cpp: (WebCore::JSTestObj::subspaceForImpl): (WebCore::JSTestObj::visitChildrenImpl): (WebCore::JSTestObjOwner::isReachableFromOpaqueRoots): (WebCore::JSTestObj::visitChildren): Deleted. * bindings/scripts/test/JS/JSTestObj.h: * bindings/scripts/test/JS/JSTestOperationConditional.cpp: (WebCore::JSTestOperationConditional::subspaceForImpl): (WebCore::JSTestOperationConditionalOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestOperationConditional.h: * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: (WebCore::JSTestOverloadedConstructors::subspaceForImpl): (WebCore::JSTestOverloadedConstructorsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestOverloadedConstructors.h: * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp: (WebCore::JSTestOverloadedConstructorsWithSequence::subspaceForImpl): (WebCore::JSTestOverloadedConstructorsWithSequenceOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.h: * bindings/scripts/test/JS/JSTestPluginInterface.cpp: (WebCore::JSTestPluginInterface::subspaceForImpl): (WebCore::JSTestPluginInterfaceOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestPluginInterface.h: * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp: (WebCore::JSTestPromiseRejectionEvent::subspaceForImpl): * bindings/scripts/test/JS/JSTestReadOnlyMapLike.cpp: (WebCore::JSTestReadOnlyMapLike::subspaceForImpl): (WebCore::JSTestReadOnlyMapLikeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestReadOnlyMapLike.h: * bindings/scripts/test/JS/JSTestReadOnlySetLike.cpp: (WebCore::JSTestReadOnlySetLike::subspaceForImpl): (WebCore::JSTestReadOnlySetLikeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestReadOnlySetLike.h: * bindings/scripts/test/JS/JSTestReportExtraMemoryCost.cpp: (WebCore::JSTestReportExtraMemoryCost::subspaceForImpl): (WebCore::JSTestReportExtraMemoryCost::visitChildrenImpl): (WebCore::JSTestReportExtraMemoryCostOwner::isReachableFromOpaqueRoots): (WebCore::JSTestReportExtraMemoryCost::visitChildren): Deleted. * bindings/scripts/test/JS/JSTestReportExtraMemoryCost.h: * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: (WebCore::JSTestSerializedScriptValueInterface::subspaceForImpl): (WebCore::JSTestSerializedScriptValueInterface::visitChildrenImpl): (WebCore::JSTestSerializedScriptValueInterfaceOwner::isReachableFromOpaqueRoots): (WebCore::JSTestSerializedScriptValueInterface::visitChildren): Deleted. * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h: * bindings/scripts/test/JS/JSTestSetLike.cpp: (WebCore::JSTestSetLike::subspaceForImpl): (WebCore::JSTestSetLikeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestSetLike.h: * bindings/scripts/test/JS/JSTestSetLikeWithOverriddenOperations.cpp: (WebCore::JSTestSetLikeWithOverriddenOperations::subspaceForImpl): (WebCore::JSTestSetLikeWithOverriddenOperationsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestSetLikeWithOverriddenOperations.h: * bindings/scripts/test/JS/JSTestStringifier.cpp: (WebCore::JSTestStringifier::subspaceForImpl): (WebCore::JSTestStringifierOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifier.h: * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp: (WebCore::JSTestStringifierAnonymousOperation::subspaceForImpl): (WebCore::JSTestStringifierAnonymousOperationOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.h: * bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp: (WebCore::JSTestStringifierNamedOperation::subspaceForImpl): (WebCore::JSTestStringifierNamedOperationOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierNamedOperation.h: * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp: (WebCore::JSTestStringifierOperationImplementedAs::subspaceForImpl): (WebCore::JSTestStringifierOperationImplementedAsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.h: * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp: (WebCore::JSTestStringifierOperationNamedToString::subspaceForImpl): (WebCore::JSTestStringifierOperationNamedToStringOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.h: * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp: (WebCore::JSTestStringifierReadOnlyAttribute::subspaceForImpl): (WebCore::JSTestStringifierReadOnlyAttributeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.h: * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp: (WebCore::JSTestStringifierReadWriteAttribute::subspaceForImpl): (WebCore::JSTestStringifierReadWriteAttributeOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.h: * bindings/scripts/test/JS/JSTestTypedefs.cpp: (WebCore::JSTestTypedefs::subspaceForImpl): (WebCore::JSTestTypedefsOwner::isReachableFromOpaqueRoots): * bindings/scripts/test/JS/JSTestTypedefs.h: * bindings/scripts/test/JS/JSWorkerGlobalScope.cpp: (WebCore::JSWorkerGlobalScope::subspaceForImpl): * bindings/scripts/test/JS/JSWorkletGlobalScope.cpp: (WebCore::JSWorkletGlobalScope::subspaceForImpl): * dom/ActiveDOMCallback.h: (WebCore::ActiveDOMCallback::visitJSFunction): * dom/EventListener.h: (WebCore::EventListener::visitJSFunction): * dom/EventTarget.cpp: (WebCore::EventTarget::visitJSEventListeners): * dom/EventTarget.h: * dom/MutationRecord.cpp: * dom/MutationRecord.h: * dom/NodeFilterCondition.h: (WebCore::NodeFilterCondition::visitAggregate): Deleted. * dom/StaticRange.cpp: (WebCore::StaticRange::visitNodesConcurrently const): * dom/StaticRange.h: * html/canvas/WebGL2RenderingContext.cpp: (WebCore::WebGL2RenderingContext::addMembersToOpaqueRoots): * html/canvas/WebGL2RenderingContext.h: * html/canvas/WebGLFramebuffer.cpp: (WebCore::WebGLFramebuffer::addMembersToOpaqueRoots): * html/canvas/WebGLFramebuffer.h: * html/canvas/WebGLProgram.cpp: (WebCore::WebGLProgram::addMembersToOpaqueRoots): * html/canvas/WebGLProgram.h: * html/canvas/WebGLRenderingContextBase.cpp: (WebCore::WebGLRenderingContextBase::addMembersToOpaqueRoots): * html/canvas/WebGLRenderingContextBase.h: * html/canvas/WebGLTransformFeedback.cpp: (WebCore::WebGLTransformFeedback::addMembersToOpaqueRoots): * html/canvas/WebGLTransformFeedback.h: * html/canvas/WebGLVertexArrayObjectBase.cpp: (WebCore::WebGLVertexArrayObjectBase::addMembersToOpaqueRoots): * html/canvas/WebGLVertexArrayObjectBase.h: Canonical link: https://commits.webkit.org/234335@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@273138 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-02-19 15:51:15 +00:00
DEFINE_VISIT_CHILDREN(UnlinkedCodeBlock);
[JSC] Thread VM& to JSCell::methodTable(VM&) https://bugs.webkit.org/show_bug.cgi?id=187548 Reviewed by Saam Barati. Source/JavaScriptCore: This patch threads VM& to methodTable(VM&) and remove methodTable(). We add VM& parameter to estimatedSize() to thread VM& in estimatedSize implementations. * API/APICast.h: (toJS): * API/JSCallbackObject.h: * API/JSCallbackObjectFunctions.h: (JSC::JSCallbackObject<Parent>::className): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::estimatedSize): * bytecode/CodeBlock.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::estimatedSize): * bytecode/UnlinkedCodeBlock.h: * debugger/DebuggerScope.cpp: (JSC::DebuggerScope::className): * debugger/DebuggerScope.h: * heap/Heap.cpp: (JSC::GatherHeapSnapshotData::GatherHeapSnapshotData): (JSC::GatherHeapSnapshotData::operator() const): (JSC::Heap::gatherExtraHeapSnapshotData): * heap/HeapSnapshotBuilder.cpp: (JSC::HeapSnapshotBuilder::json): * runtime/ArrayPrototype.cpp: (JSC::arrayProtoFuncToString): * runtime/ClassInfo.h: * runtime/DirectArguments.cpp: (JSC::DirectArguments::estimatedSize): * runtime/DirectArguments.h: * runtime/HashMapImpl.cpp: (JSC::HashMapImpl<HashMapBucket>::estimatedSize): * runtime/HashMapImpl.h: * runtime/JSArrayBuffer.cpp: (JSC::JSArrayBuffer::estimatedSize): * runtime/JSArrayBuffer.h: * runtime/JSBigInt.cpp: (JSC::JSBigInt::estimatedSize): * runtime/JSBigInt.h: * runtime/JSCell.cpp: (JSC::JSCell::dump const): (JSC::JSCell::estimatedSizeInBytes const): (JSC::JSCell::estimatedSize): (JSC::JSCell::className): * runtime/JSCell.h: * runtime/JSCellInlines.h: * runtime/JSGenericTypedArrayView.h: * runtime/JSGenericTypedArrayViewInlines.h: (JSC::JSGenericTypedArrayView<Adaptor>::estimatedSize): * runtime/JSObject.cpp: (JSC::JSObject::estimatedSize): (JSC::JSObject::className): (JSC::JSObject::toStringName): (JSC::JSObject::calculatedClassName): * runtime/JSObject.h: * runtime/JSProxy.cpp: (JSC::JSProxy::className): * runtime/JSProxy.h: * runtime/JSString.cpp: (JSC::JSString::estimatedSize): * runtime/JSString.h: * runtime/RegExp.cpp: (JSC::RegExp::estimatedSize): * runtime/RegExp.h: * runtime/WeakMapImpl.cpp: (JSC::WeakMapImpl<WeakMapBucket>::estimatedSize): * runtime/WeakMapImpl.h: Source/WebCore: * bindings/js/JSDOMConstructorBase.h: (WebCore::JSDOMConstructorBase::className): * bindings/js/JSPluginElementFunctions.cpp: (WebCore::pluginElementCustomGetCallData): * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): (GenerateImplementation): * bindings/scripts/test/JS/JSInterfaceName.cpp: (WebCore::JSInterfaceName::estimatedSize): * bindings/scripts/test/JS/JSInterfaceName.h: Canonical link: https://commits.webkit.org/202816@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233765 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-07-12 08:43:38 +00:00
size_t UnlinkedCodeBlock::estimatedSize(JSCell* cell, VM& vm)
Add new MethodTable method to get an estimated size for a cell https://bugs.webkit.org/show_bug.cgi?id=154838 Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-02-29 Reviewed by Filip Pizlo. The new class method estimatedSize(JSCell*) estimates the size for a single cell. As the name implies, this is meant to be an approximation. It is more important that big objects report a large size, then to get perfect size information for all objects in the heap. Base implementation (JSCell): - returns the MarkedBlock bucket size for this cell. - This gets us the object size include inline storage. Basically a better sizeof. Subclasses with "Extra Memory Cost": - Any class that reports extra memory (reportExtraMemoryVisited) should include that in the estimated size. - E.g. CodeBlock, JSGenericTypedArrayView, WeakMapData, etc. Subclasses with "Copied Space" storage: - Any class with data in copied space (copyBackingStore) should include that in the estimated size. - E.g. JSObject, JSGenericTypedArrayView, JSMap, JSSet, DirectArguments, etc. Add reportExtraMemoryVisited for UnlinkedCodeBlock's compressed unlinked instructions because this can be larger than 1kb, which is significant. This has one special case for RegExp generated bytecode / JIT code, which does not currently fall into the extra memory cost or copied space storage. In practice I haven't seen this grow to a significant cost. * runtime/ClassInfo.h: Add the new estimatedSize method to the table. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::estimatedSize): (JSC::UnlinkedCodeBlock::setInstructions): * bytecode/UnlinkedCodeBlock.h: Report an extra memory cost for unlinked code blocks like we do for linked code blocks. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::estimatedSize): * bytecode/CodeBlock.h: * bytecode/UnlinkedInstructionStream.cpp: (JSC::UnlinkedInstructionStream::sizeInBytes): * bytecode/UnlinkedInstructionStream.h: * runtime/DirectArguments.cpp: (JSC::DirectArguments::estimatedSize): * runtime/DirectArguments.h: * runtime/JSCell.cpp: (JSC::JSCell::estimatedSizeInBytes): (JSC::JSCell::estimatedSize): * runtime/JSCell.h: * runtime/JSGenericTypedArrayView.h: * runtime/JSGenericTypedArrayViewInlines.h: (JSC::JSGenericTypedArrayView<Adaptor>::estimatedSize): * runtime/JSMap.cpp: (JSC::JSMap::estimatedSize): * runtime/JSMap.h: * runtime/JSObject.cpp: (JSC::JSObject::visitButterfly): * runtime/JSObject.h: * runtime/JSSet.cpp: (JSC::JSSet::estimatedSize): * runtime/JSSet.h: * runtime/JSString.cpp: (JSC::JSString::estimatedSize): * runtime/JSString.h: * runtime/MapData.h: (JSC::MapDataImpl::capacityInBytes): * runtime/WeakMapData.cpp: (JSC::WeakMapData::estimatedSize): (JSC::WeakMapData::visitChildren): * runtime/WeakMapData.h: Implement estimated size following the pattern of reporting extra visited size, or copy space memory. * runtime/RegExp.cpp: (JSC::RegExp::estimatedSize): * runtime/RegExp.h: * yarr/YarrInterpreter.h: (JSC::Yarr::ByteDisjunction::estimatedSizeInBytes): (JSC::Yarr::BytecodePattern::estimatedSizeInBytes): * yarr/YarrJIT.h: (JSC::Yarr::YarrCodeBlock::size): Include generated bytecode / JITCode to a RegExp's size. Canonical link: https://commits.webkit.org/172939@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197379 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2016-03-01 02:07:12 +00:00
{
UnlinkedCodeBlock* thisObject = jsCast<UnlinkedCodeBlock*>(cell);
[JSC] UnlinkedMetadataTable assumes that MetadataTable is destroyed before it is destructed, but order of destruction of JS heap cells are not guaranteed https://bugs.webkit.org/show_bug.cgi?id=194031 Reviewed by Saam Barati. UnlinkedMetadataTable assumes that MetadataTable linked against this UnlinkedMetadataTable is already destroyed when UnlinkedMetadataTable is destroyed. This means that UnlinkedCodeBlock is destroyed after all the linked CodeBlocks are destroyed. But this assumption is not valid since GC's finalizer sweeps objects without considering the dependencies among swept objects. UnlinkedMetadataTable can be destroyed even before linked MetadataTable is destroyed if UnlinkedCodeBlock is destroyed before linked CodeBlock is destroyed. To make the above assumption valid, we make UnlinkedMetadataTable RefCounted object, and make MetadataTable hold the strong ref to UnlinkedMetadataTable. This ensures that UnlinkedMetadataTable is destroyed after all the linked MetadataTables are destroyed. * bytecode/MetadataTable.cpp: (JSC::MetadataTable::MetadataTable): (JSC::MetadataTable::~MetadataTable): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::estimatedSize): (JSC::UnlinkedCodeBlock::setInstructions): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::metadata): (JSC::UnlinkedCodeBlock::metadataSizeInBytes): * bytecode/UnlinkedMetadataTable.h: (JSC::UnlinkedMetadataTable::create): * bytecode/UnlinkedMetadataTableInlines.h: (JSC::UnlinkedMetadataTable::UnlinkedMetadataTable): * runtime/CachedTypes.cpp: (JSC::CachedMetadataTable::decode const): (JSC::CachedCodeBlock::metadata const): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::CachedCodeBlock<CodeBlockType>::decode const): (JSC::CachedCodeBlock<CodeBlockType>::encode): Canonical link: https://commits.webkit.org/208677@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240915 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-02-04 07:13:00 +00:00
size_t extraSize = thisObject->m_metadata->sizeInBytes();
New bytecode format for JSC https://bugs.webkit.org/show_bug.cgi?id=187373 <rdar://problem/44186758> Reviewed by Filip Pizlo. .: Disable JIT by default on 32-bit platforms * Source/cmake/WebKitFeatures.cmake: JSTests: Add tests to ensure that the inferred inline capacity for a narrow op_new_object will be capped at 255. * stress/maximum-inline-capacity.js: Added. (test1): (test3.Foo): (test3): Source/JavaScriptCore: Replace unlinked and linked bytecode with a new immutable bytecode that does not embed any addresses. Instructions can be encoded as narrow (1-byte operands) or wide (4-byte operands) and might contain an extra operand, the metadataID. The metadataID is used to access the instruction's mutable data in a side table in the CodeBlock (the MetadataTable). Bytecodes now must be structs declared in the new BytecodeList.rb. All bytecodes give names and types to all its operands. Additionally, reading a bytecode from the instruction stream requires decoding the whole bytecode, i.e. it's no longer possible to access arbitrary operands directly from the stream. * CMakeLists.txt: * DerivedSources.make: * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * assembler/MacroAssemblerCodeRef.h: (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): * bytecode/ArithProfile.h: (JSC::ArithProfile::ArithProfile): * bytecode/ArrayAllocationProfile.h: (JSC::ArrayAllocationProfile::ArrayAllocationProfile): * bytecode/ArrayProfile.h: * bytecode/BytecodeBasicBlock.cpp: (JSC::isJumpTarget): (JSC::BytecodeBasicBlock::computeImpl): (JSC::BytecodeBasicBlock::compute): * bytecode/BytecodeBasicBlock.h: (JSC::BytecodeBasicBlock::leaderOffset const): (JSC::BytecodeBasicBlock::totalLength const): (JSC::BytecodeBasicBlock::offsets const): (JSC::BytecodeBasicBlock::BytecodeBasicBlock): (JSC::BytecodeBasicBlock::addLength): * bytecode/BytecodeDumper.cpp: (JSC::BytecodeDumper<Block>::printLocationAndOp): (JSC::BytecodeDumper<Block>::dumpBytecode): (JSC::BytecodeDumper<Block>::dumpIdentifiers): (JSC::BytecodeDumper<Block>::dumpConstants): (JSC::BytecodeDumper<Block>::dumpExceptionHandlers): (JSC::BytecodeDumper<Block>::dumpSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpStringSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpBlock): * bytecode/BytecodeDumper.h: (JSC::BytecodeDumper::dumpOperand): (JSC::BytecodeDumper::dumpValue): (JSC::BytecodeDumper::BytecodeDumper): (JSC::BytecodeDumper::block const): * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::enterPoint const): (JSC::BytecodeGeneratorification::instructions const): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): (JSC::performGeneratorification): * bytecode/BytecodeGeneratorification.h: * bytecode/BytecodeGraph.h: (JSC::BytecodeGraph::blockContainsBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockForBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockWithLeaderOffset): (JSC::BytecodeGraph::BytecodeGraph): * bytecode/BytecodeKills.h: * bytecode/BytecodeList.json: Removed. * bytecode/BytecodeList.rb: Added. * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::dumpResults): * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::isValidRegisterForLiveness): (JSC::BytecodeLivenessPropagation::stepOverInstruction): * bytecode/BytecodeRewriter.cpp: (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): (JSC::BytecodeRewriter::insertImpl): (JSC::BytecodeRewriter::adjustJumpTarget): (JSC::BytecodeRewriter::adjustJumpTargets): * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::InsertionPoint::InsertionPoint): (JSC::BytecodeRewriter::Fragment::Fragment): (JSC::BytecodeRewriter::Fragment::appendInstruction): (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::insertFragmentBefore): (JSC::BytecodeRewriter::insertFragmentAfter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::adjustAbsoluteOffset): (JSC::BytecodeRewriter::adjustJumpTarget): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::estimatedSize): (JSC::CodeBlock::visitChildren): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::finalizeLLIntInlineCaches): (JSC::CodeBlock::addJITAddIC): (JSC::CodeBlock::addJITMulIC): (JSC::CodeBlock::addJITSubIC): (JSC::CodeBlock::addJITNegIC): (JSC::CodeBlock::stronglyVisitStrongReferences): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::updateAllArrayPredictions): (JSC::CodeBlock::predictedMachineCodeSize): (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): (JSC::CodeBlock::valueProfileForBytecodeOffset): (JSC::CodeBlock::validate): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::outOfLineJumpTarget): (JSC::CodeBlock::arithProfileForBytecodeOffset): (JSC::CodeBlock::arithProfileForPC): (JSC::CodeBlock::couldTakeSpecialFastCase): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: (JSC::CodeBlock::addMathIC): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::bytecodeOffset): (JSC::CodeBlock::instructions const): (JSC::CodeBlock::instructionCount const): (JSC::CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters): (JSC::CodeBlock::metadata): (JSC::CodeBlock::metadataSizeInBytes): (JSC::CodeBlock::numberOfNonArgumentValueProfiles): (JSC::CodeBlock::totalNumberOfValueProfiles): * bytecode/CodeBlockInlines.h: Added. (JSC::CodeBlock::forEachValueProfile): (JSC::CodeBlock::forEachArrayProfile): (JSC::CodeBlock::forEachArrayAllocationProfile): (JSC::CodeBlock::forEachObjectAllocationProfile): (JSC::CodeBlock::forEachLLIntCallLinkInfo): * bytecode/Fits.h: Added. * bytecode/GetByIdMetadata.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): * bytecode/Instruction.h: (JSC::Instruction::Instruction): (JSC::Instruction::Impl::opcodeID const): (JSC::Instruction::opcodeID const): (JSC::Instruction::name const): (JSC::Instruction::isWide const): (JSC::Instruction::size const): (JSC::Instruction::is const): (JSC::Instruction::as const): (JSC::Instruction::cast): (JSC::Instruction::cast const): (JSC::Instruction::narrow const): (JSC::Instruction::wide const): * bytecode/InstructionStream.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::InstructionStream::InstructionStream): (JSC::InstructionStream::sizeInBytes const): * bytecode/InstructionStream.h: Added. (JSC::InstructionStream::BaseRef::BaseRef): (JSC::InstructionStream::BaseRef::operator=): (JSC::InstructionStream::BaseRef::operator-> const): (JSC::InstructionStream::BaseRef::ptr const): (JSC::InstructionStream::BaseRef::operator!= const): (JSC::InstructionStream::BaseRef::next const): (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::isValid const): (JSC::InstructionStream::BaseRef::unwrap const): (JSC::InstructionStream::MutableRef::freeze const): (JSC::InstructionStream::MutableRef::operator->): (JSC::InstructionStream::MutableRef::ptr): (JSC::InstructionStream::MutableRef::operator Ref): (JSC::InstructionStream::MutableRef::unwrap): (JSC::InstructionStream::iterator::operator*): (JSC::InstructionStream::iterator::operator++): (JSC::InstructionStream::begin const): (JSC::InstructionStream::end const): (JSC::InstructionStream::at const): (JSC::InstructionStream::size const): (JSC::InstructionStreamWriter::InstructionStreamWriter): (JSC::InstructionStreamWriter::ref): (JSC::InstructionStreamWriter::seek): (JSC::InstructionStreamWriter::position): (JSC::InstructionStreamWriter::write): (JSC::InstructionStreamWriter::rewind): (JSC::InstructionStreamWriter::finalize): (JSC::InstructionStreamWriter::swap): (JSC::InstructionStreamWriter::iterator::operator*): (JSC::InstructionStreamWriter::iterator::operator++): (JSC::InstructionStreamWriter::begin): (JSC::InstructionStreamWriter::end): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp: (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::LLIntPrototypeLoadAdaptiveStructureWatchpoint): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::clearLLIntGetByIdCache): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h: * bytecode/MetadataTable.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::MetadataTable::MetadataTable): (JSC::DeallocTable::withOpcodeType): (JSC::MetadataTable::~MetadataTable): (JSC::MetadataTable::sizeInBytes): * bytecode/MetadataTable.h: Copied from Source/JavaScriptCore/runtime/Watchdog.h. (JSC::MetadataTable::get): (JSC::MetadataTable::forEach): (JSC::MetadataTable::getImpl): * bytecode/Opcode.cpp: (JSC::metadataSize): * bytecode/Opcode.h: (JSC::padOpcodeName): * bytecode/OpcodeInlines.h: (JSC::isOpcodeShape): (JSC::getOpcodeType): * bytecode/OpcodeSize.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecode/PreciseJumpTargets.cpp: (JSC::getJumpTargetsForInstruction): (JSC::computePreciseJumpTargetsInternal): (JSC::computePreciseJumpTargets): (JSC::recomputePreciseJumpTargets): (JSC::findJumpTargetsForInstruction): * bytecode/PreciseJumpTargets.h: * bytecode/PreciseJumpTargetsInlines.h: (JSC::jumpTargetForInstruction): (JSC::extractStoredJumpTargetsForInstruction): (JSC::updateStoredJumpTargetsForInstruction): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): * bytecode/SpecialPointer.cpp: (WTF::printInternal): * bytecode/SpecialPointer.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::estimatedSize): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): (JSC::UnlinkedCodeBlock::setInstructions): (JSC::UnlinkedCodeBlock::instructions const): (JSC::UnlinkedCodeBlock::applyModification): (JSC::UnlinkedCodeBlock::addOutOfLineJumpTarget): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::addPropertyAccessInstruction): (JSC::UnlinkedCodeBlock::propertyAccessInstructions const): (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const): (JSC::UnlinkedCodeBlock::metadata): (JSC::UnlinkedCodeBlock::metadataSizeInBytes): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): (JSC::UnlinkedCodeBlock::replaceOutOfLineJumpTargets): * bytecode/UnlinkedInstructionStream.cpp: Removed. * bytecode/UnlinkedInstructionStream.h: Removed. * bytecode/UnlinkedMetadataTable.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/UnlinkedMetadataTableInlines.h: Added. (JSC::UnlinkedMetadataTable::UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::~UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::addEntry): (JSC::UnlinkedMetadataTable::sizeInBytes): (JSC::UnlinkedMetadataTable::finalize): (JSC::UnlinkedMetadataTable::link): (JSC::UnlinkedMetadataTable::unlink): * bytecode/VirtualRegister.cpp: (JSC::VirtualRegister::VirtualRegister): * bytecode/VirtualRegister.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::Label::setLocation): (JSC::Label::bind): (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeVarLexicalEnvironment): (JSC::BytecodeGenerator::emitEnter): (JSC::BytecodeGenerator::emitLoopHint): (JSC::BytecodeGenerator::emitJump): (JSC::BytecodeGenerator::emitCheckTraps): (JSC::BytecodeGenerator::rewind): (JSC::BytecodeGenerator::fuseCompareAndJump): (JSC::BytecodeGenerator::fuseTestAndJmp): (JSC::BytecodeGenerator::emitJumpIfTrue): (JSC::BytecodeGenerator::emitJumpIfFalse): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::moveLinkTimeConstant): (JSC::BytecodeGenerator::moveEmptyValue): (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::emitBinaryOp): (JSC::BytecodeGenerator::emitToObject): (JSC::BytecodeGenerator::emitToNumber): (JSC::BytecodeGenerator::emitToString): (JSC::BytecodeGenerator::emitTypeOf): (JSC::BytecodeGenerator::emitInc): (JSC::BytecodeGenerator::emitDec): (JSC::BytecodeGenerator::emitEqualityOp): (JSC::BytecodeGenerator::emitProfileType): (JSC::BytecodeGenerator::emitProfileControlFlow): (JSC::BytecodeGenerator::pushLexicalScopeInternal): (JSC::BytecodeGenerator::emitResolveScopeForHoistingFuncDeclInEval): (JSC::BytecodeGenerator::prepareLexicalScopeForNextForLoopIteration): (JSC::BytecodeGenerator::emitOverridesHasInstance): (JSC::BytecodeGenerator::emitResolveScope): (JSC::BytecodeGenerator::emitGetFromScope): (JSC::BytecodeGenerator::emitPutToScope): (JSC::BytecodeGenerator::emitInstanceOf): (JSC::BytecodeGenerator::emitInstanceOfCustom): (JSC::BytecodeGenerator::emitInByVal): (JSC::BytecodeGenerator::emitInById): (JSC::BytecodeGenerator::emitTryGetById): (JSC::BytecodeGenerator::emitGetById): (JSC::BytecodeGenerator::emitDirectGetById): (JSC::BytecodeGenerator::emitPutById): (JSC::BytecodeGenerator::emitDirectPutById): (JSC::BytecodeGenerator::emitPutGetterById): (JSC::BytecodeGenerator::emitPutSetterById): (JSC::BytecodeGenerator::emitPutGetterSetter): (JSC::BytecodeGenerator::emitPutGetterByVal): (JSC::BytecodeGenerator::emitPutSetterByVal): (JSC::BytecodeGenerator::emitDeleteById): (JSC::BytecodeGenerator::emitGetByVal): (JSC::BytecodeGenerator::emitPutByVal): (JSC::BytecodeGenerator::emitDirectPutByVal): (JSC::BytecodeGenerator::emitDeleteByVal): (JSC::BytecodeGenerator::emitSuperSamplerBegin): (JSC::BytecodeGenerator::emitSuperSamplerEnd): (JSC::BytecodeGenerator::emitIdWithProfile): (JSC::BytecodeGenerator::emitUnreachable): (JSC::BytecodeGenerator::emitGetArgument): (JSC::BytecodeGenerator::emitCreateThis): (JSC::BytecodeGenerator::emitTDZCheck): (JSC::BytecodeGenerator::emitNewObject): (JSC::BytecodeGenerator::emitNewArrayBuffer): (JSC::BytecodeGenerator::emitNewArray): (JSC::BytecodeGenerator::emitNewArrayWithSpread): (JSC::BytecodeGenerator::emitNewArrayWithSize): (JSC::BytecodeGenerator::emitNewRegExp): (JSC::BytecodeGenerator::emitNewFunctionExpressionCommon): (JSC::BytecodeGenerator::emitNewDefaultConstructor): (JSC::BytecodeGenerator::emitNewFunction): (JSC::BytecodeGenerator::emitSetFunctionNameIfNeeded): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitCallInTailPosition): (JSC::BytecodeGenerator::emitCallEval): (JSC::BytecodeGenerator::emitExpectedFunctionSnippet): (JSC::BytecodeGenerator::emitCallVarargs): (JSC::BytecodeGenerator::emitCallVarargsInTailPosition): (JSC::BytecodeGenerator::emitConstructVarargs): (JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition): (JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary): (JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary): (JSC::BytecodeGenerator::emitCallDefineProperty): (JSC::BytecodeGenerator::emitReturn): (JSC::BytecodeGenerator::emitEnd): (JSC::BytecodeGenerator::emitConstruct): (JSC::BytecodeGenerator::emitStrcat): (JSC::BytecodeGenerator::emitToPrimitive): (JSC::BytecodeGenerator::emitGetScope): (JSC::BytecodeGenerator::emitPushWithScope): (JSC::BytecodeGenerator::emitGetParentScope): (JSC::BytecodeGenerator::emitDebugHook): (JSC::BytecodeGenerator::emitCatch): (JSC::BytecodeGenerator::emitThrow): (JSC::BytecodeGenerator::emitArgumentCount): (JSC::BytecodeGenerator::emitThrowStaticError): (JSC::BytecodeGenerator::beginSwitch): (JSC::prepareJumpTableForSwitch): (JSC::prepareJumpTableForStringSwitch): (JSC::BytecodeGenerator::endSwitch): (JSC::BytecodeGenerator::emitGetEnumerableLength): (JSC::BytecodeGenerator::emitHasGenericProperty): (JSC::BytecodeGenerator::emitHasIndexedProperty): (JSC::BytecodeGenerator::emitHasStructureProperty): (JSC::BytecodeGenerator::emitGetPropertyEnumerator): (JSC::BytecodeGenerator::emitEnumeratorStructurePropertyName): (JSC::BytecodeGenerator::emitEnumeratorGenericPropertyName): (JSC::BytecodeGenerator::emitToIndexString): (JSC::BytecodeGenerator::emitIsCellWithType): (JSC::BytecodeGenerator::emitIsObject): (JSC::BytecodeGenerator::emitIsNumber): (JSC::BytecodeGenerator::emitIsUndefined): (JSC::BytecodeGenerator::emitIsEmpty): (JSC::BytecodeGenerator::emitRestParameter): (JSC::BytecodeGenerator::emitRequireObjectCoercible): (JSC::BytecodeGenerator::emitYieldPoint): (JSC::BytecodeGenerator::emitYield): (JSC::BytecodeGenerator::emitGetAsyncIterator): (JSC::BytecodeGenerator::emitDelegateYield): (JSC::BytecodeGenerator::emitFinallyCompletion): (JSC::BytecodeGenerator::emitJumpIf): (JSC::ForInContext::finalize): (JSC::StructureForInContext::finalize): (JSC::IndexedForInContext::finalize): (JSC::StaticPropertyAnalysis::record): (JSC::BytecodeGenerator::emitToThis): * bytecompiler/BytecodeGenerator.h: (JSC::StructureForInContext::addGetInst): (JSC::BytecodeGenerator::recordOpcode): (JSC::BytecodeGenerator::addMetadataFor): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::kill): (JSC::BytecodeGenerator::instructions const): (JSC::BytecodeGenerator::write): (JSC::BytecodeGenerator::withWriter): * bytecompiler/Label.h: (JSC::Label::Label): (JSC::Label::bind): * bytecompiler/NodesCodegen.cpp: (JSC::ArrayNode::emitBytecode): (JSC::BytecodeIntrinsicNode::emit_intrinsic_argumentCount): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::BitwiseNotNode::emitBytecode): (JSC::BinaryOpNode::emitBytecode): (JSC::EqualNode::emitBytecode): (JSC::StrictEqualNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ForInNode::emitBytecode): (JSC::CaseBlockNode::emitBytecodeForBlock): (JSC::FunctionNode::emitBytecode): (JSC::ClassExprNode::emitBytecode): * bytecompiler/ProfileTypeBytecodeFlag.cpp: Copied from Source/JavaScriptCore/bytecode/VirtualRegister.cpp. (WTF::printInternal): * bytecompiler/ProfileTypeBytecodeFlag.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecompiler/RegisterID.h: * bytecompiler/StaticPropertyAnalysis.h: (JSC::StaticPropertyAnalysis::create): (JSC::StaticPropertyAnalysis::StaticPropertyAnalysis): * bytecompiler/StaticPropertyAnalyzer.h: (JSC::StaticPropertyAnalyzer::createThis): (JSC::StaticPropertyAnalyzer::newObject): (JSC::StaticPropertyAnalyzer::putById): (JSC::StaticPropertyAnalyzer::mov): (JSC::StaticPropertyAnalyzer::kill): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleVarargsCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleVarargsInlining): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::handleMinMax): (JSC::DFG::ByteCodeParser::handleIntrinsicCall): (JSC::DFG::ByteCodeParser::handleDOMJITCall): (JSC::DFG::ByteCodeParser::handleIntrinsicGetter): (JSC::DFG::ByteCodeParser::handleDOMJITGetter): (JSC::DFG::ByteCodeParser::handleModuleNamespaceLoad): (JSC::DFG::ByteCodeParser::handleTypedArrayConstructor): (JSC::DFG::ByteCodeParser::handleConstantInternalFunction): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseGetById): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::handlePutByVal): (JSC::DFG::ByteCodeParser::handlePutAccessorById): (JSC::DFG::ByteCodeParser::handlePutAccessorByVal): (JSC::DFG::ByteCodeParser::handleNewFunc): (JSC::DFG::ByteCodeParser::handleNewFuncExp): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCapabilities.cpp: (JSC::DFG::capabilityLevel): * dfg/DFGCapabilities.h: (JSC::DFG::capabilityLevel): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareCatchOSREntry): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileArithMul): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileUnaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileBinaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileArithMul): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOperations.cpp: (JSC::FTL::operationMaterializeObjectInOSR): * generate-bytecode-files: Removed. * generator/Argument.rb: Added. * generator/Assertion.rb: Added. * generator/DSL.rb: Added. * generator/Fits.rb: Added. * generator/GeneratedFile.rb: Added. * generator/Metadata.rb: Added. * generator/Opcode.rb: Added. * generator/OpcodeGroup.rb: Added. * generator/Options.rb: Added. * generator/Section.rb: Added. * generator/Template.rb: Added. * generator/Type.rb: Added. * generator/main.rb: Added. * interpreter/AbstractPC.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::currentVPC const): (JSC::CallFrame::setCurrentVPC): * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::ExecState::setReturnPC): * interpreter/Interpreter.cpp: (WTF::printInternal): * interpreter/Interpreter.h: * interpreter/InterpreterInlines.h: * interpreter/StackVisitor.cpp: (JSC::StackVisitor::Frame::dump const): * interpreter/VMEntryRecord.h: * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitSlowCaseCall): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): * jit/JIT.h: * jit/JITArithmetic.cpp: (JSC::JIT::emit_op_jless): (JSC::JIT::emit_op_jlesseq): (JSC::JIT::emit_op_jgreater): (JSC::JIT::emit_op_jgreatereq): (JSC::JIT::emit_op_jnless): (JSC::JIT::emit_op_jnlesseq): (JSC::JIT::emit_op_jngreater): (JSC::JIT::emit_op_jngreatereq): (JSC::JIT::emitSlow_op_jless): (JSC::JIT::emitSlow_op_jlesseq): (JSC::JIT::emitSlow_op_jgreater): (JSC::JIT::emitSlow_op_jgreatereq): (JSC::JIT::emitSlow_op_jnless): (JSC::JIT::emitSlow_op_jnlesseq): (JSC::JIT::emitSlow_op_jngreater): (JSC::JIT::emitSlow_op_jngreatereq): (JSC::JIT::emit_op_below): (JSC::JIT::emit_op_beloweq): (JSC::JIT::emit_op_jbelow): (JSC::JIT::emit_op_jbeloweq): (JSC::JIT::emit_op_unsigned): (JSC::JIT::emit_compareAndJump): (JSC::JIT::emit_compareUnsignedAndJump): (JSC::JIT::emit_compareUnsigned): (JSC::JIT::emit_compareAndJumpSlow): (JSC::JIT::emit_op_inc): (JSC::JIT::emit_op_dec): (JSC::JIT::emit_op_mod): (JSC::JIT::emitSlow_op_mod): (JSC::JIT::emit_op_negate): (JSC::JIT::emitSlow_op_negate): (JSC::JIT::emitBitBinaryOpFastPath): (JSC::JIT::emit_op_bitand): (JSC::JIT::emit_op_bitor): (JSC::JIT::emit_op_bitxor): (JSC::JIT::emit_op_lshift): (JSC::JIT::emitRightShiftFastPath): (JSC::JIT::emit_op_rshift): (JSC::JIT::emit_op_urshift): (JSC::getOperandTypes): (JSC::JIT::emit_op_add): (JSC::JIT::emitSlow_op_add): (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow): (JSC::JIT::emit_op_div): (JSC::JIT::emit_op_mul): (JSC::JIT::emitSlow_op_mul): (JSC::JIT::emit_op_sub): (JSC::JIT::emitSlow_op_sub): * jit/JITCall.cpp: (JSC::JIT::emitPutCallResult): (JSC::JIT::compileSetupFrame): (JSC::JIT::compileCallEval): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileTailCall): (JSC::JIT::compileOpCall): (JSC::JIT::compileOpCallSlowCase): (JSC::JIT::emit_op_call): (JSC::JIT::emit_op_tail_call): (JSC::JIT::emit_op_call_eval): (JSC::JIT::emit_op_call_varargs): (JSC::JIT::emit_op_tail_call_varargs): (JSC::JIT::emit_op_tail_call_forward_arguments): (JSC::JIT::emit_op_construct_varargs): (JSC::JIT::emit_op_construct): (JSC::JIT::emitSlow_op_call): (JSC::JIT::emitSlow_op_tail_call): (JSC::JIT::emitSlow_op_call_eval): (JSC::JIT::emitSlow_op_call_varargs): (JSC::JIT::emitSlow_op_tail_call_varargs): (JSC::JIT::emitSlow_op_tail_call_forward_arguments): (JSC::JIT::emitSlow_op_construct_varargs): (JSC::JIT::emitSlow_op_construct): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::JITDisassembler): * jit/JITExceptions.cpp: (JSC::genericUnwind): * jit/JITInlines.h: (JSC::JIT::emitDoubleGetByVal): (JSC::JIT::emitLoadForArrayMode): (JSC::JIT::emitContiguousGetByVal): (JSC::JIT::emitArrayStorageGetByVal): (JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile): (JSC::JIT::sampleInstruction): (JSC::JIT::emitValueProfilingSiteIfProfiledOpcode): (JSC::JIT::emitValueProfilingSite): (JSC::JIT::jumpTarget): (JSC::JIT::copiedGetPutInfo): (JSC::JIT::copiedArithProfile): * jit/JITMathIC.h: (JSC::isProfileEmpty): (JSC::JITBinaryMathIC::JITBinaryMathIC): (JSC::JITUnaryMathIC::JITUnaryMathIC): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_mov): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_jmp): (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_overrides_has_instance): (JSC::JIT::emit_op_instanceof): (JSC::JIT::emitSlow_op_instanceof): (JSC::JIT::emit_op_instanceof_custom): (JSC::JIT::emit_op_is_empty): (JSC::JIT::emit_op_is_undefined): (JSC::JIT::emit_op_is_boolean): (JSC::JIT::emit_op_is_number): (JSC::JIT::emit_op_is_cell_with_type): (JSC::JIT::emit_op_is_object): (JSC::JIT::emit_op_ret): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emit_op_set_function_name): (JSC::JIT::emit_op_not): (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jeq_null): (JSC::JIT::emit_op_jneq_null): (JSC::JIT::emit_op_jneq_ptr): (JSC::JIT::emit_op_eq): (JSC::JIT::emit_op_jeq): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_neq): (JSC::JIT::emit_op_jneq): (JSC::JIT::emit_op_throw): (JSC::JIT::compileOpStrictEq): (JSC::JIT::emit_op_stricteq): (JSC::JIT::emit_op_nstricteq): (JSC::JIT::compileOpStrictEqJump): (JSC::JIT::emit_op_jstricteq): (JSC::JIT::emit_op_jnstricteq): (JSC::JIT::emitSlow_op_jstricteq): (JSC::JIT::emitSlow_op_jnstricteq): (JSC::JIT::emit_op_to_number): (JSC::JIT::emit_op_to_string): (JSC::JIT::emit_op_to_object): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_identity_with_profile): (JSC::JIT::emit_op_get_parent_scope): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_debug): (JSC::JIT::emit_op_eq_null): (JSC::JIT::emit_op_neq_null): (JSC::JIT::emit_op_enter): (JSC::JIT::emit_op_get_scope): (JSC::JIT::emit_op_to_this): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_check_tdz): (JSC::JIT::emitSlow_op_eq): (JSC::JIT::emitSlow_op_neq): (JSC::JIT::emitSlow_op_jeq): (JSC::JIT::emitSlow_op_jneq): (JSC::JIT::emitSlow_op_instanceof_custom): (JSC::JIT::emit_op_loop_hint): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_check_traps): (JSC::JIT::emit_op_nop): (JSC::JIT::emit_op_super_sampler_begin): (JSC::JIT::emit_op_super_sampler_end): (JSC::JIT::emitSlow_op_check_traps): (JSC::JIT::emit_op_new_regexp): (JSC::JIT::emitNewFuncCommon): (JSC::JIT::emit_op_new_func): (JSC::JIT::emit_op_new_generator_func): (JSC::JIT::emit_op_new_async_generator_func): (JSC::JIT::emit_op_new_async_func): (JSC::JIT::emitNewFuncExprCommon): (JSC::JIT::emit_op_new_func_exp): (JSC::JIT::emit_op_new_generator_func_exp): (JSC::JIT::emit_op_new_async_func_exp): (JSC::JIT::emit_op_new_async_generator_func_exp): (JSC::JIT::emit_op_new_array): (JSC::JIT::emit_op_new_array_with_size): (JSC::JIT::emit_op_has_structure_property): (JSC::JIT::privateCompileHasIndexedProperty): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emitSlow_op_has_indexed_property): (JSC::JIT::emit_op_get_direct_pname): (JSC::JIT::emit_op_enumerator_structure_pname): (JSC::JIT::emit_op_enumerator_generic_pname): (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): (JSC::JIT::emit_op_profile_control_flow): (JSC::JIT::emit_op_argument_count): (JSC::JIT::emit_op_get_rest_length): (JSC::JIT::emit_op_get_argument): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_to_this): * jit/JITOperations.cpp: * jit/JITOperations.h: * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val_direct): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::emit_op_put_getter_by_id): (JSC::JIT::emit_op_put_setter_by_id): (JSC::JIT::emit_op_put_getter_setter_by_id): (JSC::JIT::emit_op_put_getter_by_val): (JSC::JIT::emit_op_put_setter_by_val): (JSC::JIT::emit_op_del_by_id): (JSC::JIT::emit_op_del_by_val): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emitSlow_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emitSlow_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emitSlow_op_get_by_id): (JSC::JIT::emitSlow_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emitSlow_op_put_by_id): (JSC::JIT::emit_op_in_by_id): (JSC::JIT::emitSlow_op_in_by_id): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emitSlow_op_put_to_scope): (JSC::JIT::emit_op_get_from_arguments): (JSC::JIT::emit_op_put_to_arguments): (JSC::JIT::privateCompileGetByVal): (JSC::JIT::privateCompileGetByValWithCachedId): (JSC::JIT::privateCompilePutByVal): (JSC::JIT::privateCompilePutByValWithCachedId): (JSC::JIT::emitDoubleLoad): (JSC::JIT::emitContiguousLoad): (JSC::JIT::emitArrayStorageLoad): (JSC::JIT::emitDirectArgumentsGetByVal): (JSC::JIT::emitScopedArgumentsGetByVal): (JSC::JIT::emitIntTypedArrayGetByVal): (JSC::JIT::emitFloatTypedArrayGetByVal): (JSC::JIT::emitIntTypedArrayPutByVal): (JSC::JIT::emitFloatTypedArrayPutByVal): * jit/RegisterSet.cpp: (JSC::RegisterSet::llintBaselineCalleeSaveRegisters): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::JITSlowPathCall): * llint/LLIntData.cpp: (JSC::LLInt::initialize): (JSC::LLInt::Data::performAssertions): * llint/LLIntData.h: (JSC::LLInt::exceptionInstructions): (JSC::LLInt::opcodeMap): (JSC::LLInt::opcodeMapWide): (JSC::LLInt::getOpcode): (JSC::LLInt::getOpcodeWide): (JSC::LLInt::getWideCodePtr): * llint/LLIntOffsetsExtractor.cpp: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::llint_trace_operand): (JSC::LLInt::llint_trace_value): (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::entryOSR): (JSC::LLInt::setupGetByIdPrototypeCache): (JSC::LLInt::getByVal): (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall): (JSC::LLInt::genericCall): (JSC::LLInt::varargsSetup): (JSC::LLInt::commonCallEval): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter.cpp: (JSC::CLoopRegister::operator const Instruction*): (JSC::CLoop::execute): * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * offlineasm/arm64.rb: * offlineasm/asm.rb: * offlineasm/ast.rb: * offlineasm/cloop.rb: * offlineasm/generate_offset_extractor.rb: * offlineasm/instructions.rb: * offlineasm/offsets.rb: * offlineasm/parser.rb: * offlineasm/transform.rb: * offlineasm/x86.rb: * parser/ResultType.h: (JSC::ResultType::dump const): (JSC::OperandTypes::first const): (JSC::OperandTypes::second const): (JSC::OperandTypes::dump const): * profiler/ProfilerBytecodeSequence.cpp: (JSC::Profiler::BytecodeSequence::BytecodeSequence): * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): (JSC::updateArithProfileForUnaryArithOp): (JSC::updateArithProfileForBinaryArithOp): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::tryCachePutToScopeGlobal): (JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal): * runtime/ExceptionFuzz.cpp: (JSC::doExceptionFuzzing): * runtime/ExceptionFuzz.h: (JSC::doExceptionFuzzingIfEnabled): * runtime/GetPutInfo.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::GetPutInfo::dump const): (WTF::printInternal): * runtime/GetPutInfo.h: (JSC::GetPutInfo::operand const): * runtime/JSCPoison.h: * runtime/JSType.cpp: Added. (WTF::printInternal): * runtime/JSType.h: * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::StackFrame::displayName): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::UnprocessedStackFrame::UnprocessedStackFrame): * runtime/SlowPathReturnType.h: (JSC::encodeResult): (JSC::decodeResult): * runtime/VM.h: * runtime/Watchdog.h: * tools/HeapVerifier.cpp: Source/WTF: * wtf/Forward.h: Fix WTF_LAZY_FOR_EACH_TERM on MSVC and add WTF_LAZY_HAS_REST to check whether a macro was passed multiple arguments * wtf/Platform.h: Force ENABLE_JIT=false on all 32-bit platforms * wtf/Vector.h: (WTF::minCapacity>::insertVector): Allow vectors with different overflow handlers to be passed to insertVector Tools: Do not force ENABLE_JIT=true when $forceCLoop is false. * Scripts/build-jsc: LayoutTests: Don't use recursion on `equal` to avoid premature stack overflows when testing deep arrays. * fast/dom/Window/resources/postmessage-test.js: Canonical link: https://commits.webkit.org/205839@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237547 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-10-29 13:16:03 +00:00
if (thisObject->m_instructions)
extraSize += thisObject->m_instructions->sizeInBytes();
[JSC] Thread VM& to JSCell::methodTable(VM&) https://bugs.webkit.org/show_bug.cgi?id=187548 Reviewed by Saam Barati. Source/JavaScriptCore: This patch threads VM& to methodTable(VM&) and remove methodTable(). We add VM& parameter to estimatedSize() to thread VM& in estimatedSize implementations. * API/APICast.h: (toJS): * API/JSCallbackObject.h: * API/JSCallbackObjectFunctions.h: (JSC::JSCallbackObject<Parent>::className): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::estimatedSize): * bytecode/CodeBlock.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::estimatedSize): * bytecode/UnlinkedCodeBlock.h: * debugger/DebuggerScope.cpp: (JSC::DebuggerScope::className): * debugger/DebuggerScope.h: * heap/Heap.cpp: (JSC::GatherHeapSnapshotData::GatherHeapSnapshotData): (JSC::GatherHeapSnapshotData::operator() const): (JSC::Heap::gatherExtraHeapSnapshotData): * heap/HeapSnapshotBuilder.cpp: (JSC::HeapSnapshotBuilder::json): * runtime/ArrayPrototype.cpp: (JSC::arrayProtoFuncToString): * runtime/ClassInfo.h: * runtime/DirectArguments.cpp: (JSC::DirectArguments::estimatedSize): * runtime/DirectArguments.h: * runtime/HashMapImpl.cpp: (JSC::HashMapImpl<HashMapBucket>::estimatedSize): * runtime/HashMapImpl.h: * runtime/JSArrayBuffer.cpp: (JSC::JSArrayBuffer::estimatedSize): * runtime/JSArrayBuffer.h: * runtime/JSBigInt.cpp: (JSC::JSBigInt::estimatedSize): * runtime/JSBigInt.h: * runtime/JSCell.cpp: (JSC::JSCell::dump const): (JSC::JSCell::estimatedSizeInBytes const): (JSC::JSCell::estimatedSize): (JSC::JSCell::className): * runtime/JSCell.h: * runtime/JSCellInlines.h: * runtime/JSGenericTypedArrayView.h: * runtime/JSGenericTypedArrayViewInlines.h: (JSC::JSGenericTypedArrayView<Adaptor>::estimatedSize): * runtime/JSObject.cpp: (JSC::JSObject::estimatedSize): (JSC::JSObject::className): (JSC::JSObject::toStringName): (JSC::JSObject::calculatedClassName): * runtime/JSObject.h: * runtime/JSProxy.cpp: (JSC::JSProxy::className): * runtime/JSProxy.h: * runtime/JSString.cpp: (JSC::JSString::estimatedSize): * runtime/JSString.h: * runtime/RegExp.cpp: (JSC::RegExp::estimatedSize): * runtime/RegExp.h: * runtime/WeakMapImpl.cpp: (JSC::WeakMapImpl<WeakMapBucket>::estimatedSize): * runtime/WeakMapImpl.h: Source/WebCore: * bindings/js/JSDOMConstructorBase.h: (WebCore::JSDOMConstructorBase::className): * bindings/js/JSPluginElementFunctions.cpp: (WebCore::pluginElementCustomGetCallData): * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): (GenerateImplementation): * bindings/scripts/test/JS/JSInterfaceName.cpp: (WebCore::JSInterfaceName::estimatedSize): * bindings/scripts/test/JS/JSInterfaceName.h: Canonical link: https://commits.webkit.org/202816@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233765 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-07-12 08:43:38 +00:00
return Base::estimatedSize(cell, vm) + extraSize;
Add new MethodTable method to get an estimated size for a cell https://bugs.webkit.org/show_bug.cgi?id=154838 Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-02-29 Reviewed by Filip Pizlo. The new class method estimatedSize(JSCell*) estimates the size for a single cell. As the name implies, this is meant to be an approximation. It is more important that big objects report a large size, then to get perfect size information for all objects in the heap. Base implementation (JSCell): - returns the MarkedBlock bucket size for this cell. - This gets us the object size include inline storage. Basically a better sizeof. Subclasses with "Extra Memory Cost": - Any class that reports extra memory (reportExtraMemoryVisited) should include that in the estimated size. - E.g. CodeBlock, JSGenericTypedArrayView, WeakMapData, etc. Subclasses with "Copied Space" storage: - Any class with data in copied space (copyBackingStore) should include that in the estimated size. - E.g. JSObject, JSGenericTypedArrayView, JSMap, JSSet, DirectArguments, etc. Add reportExtraMemoryVisited for UnlinkedCodeBlock's compressed unlinked instructions because this can be larger than 1kb, which is significant. This has one special case for RegExp generated bytecode / JIT code, which does not currently fall into the extra memory cost or copied space storage. In practice I haven't seen this grow to a significant cost. * runtime/ClassInfo.h: Add the new estimatedSize method to the table. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::estimatedSize): (JSC::UnlinkedCodeBlock::setInstructions): * bytecode/UnlinkedCodeBlock.h: Report an extra memory cost for unlinked code blocks like we do for linked code blocks. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::estimatedSize): * bytecode/CodeBlock.h: * bytecode/UnlinkedInstructionStream.cpp: (JSC::UnlinkedInstructionStream::sizeInBytes): * bytecode/UnlinkedInstructionStream.h: * runtime/DirectArguments.cpp: (JSC::DirectArguments::estimatedSize): * runtime/DirectArguments.h: * runtime/JSCell.cpp: (JSC::JSCell::estimatedSizeInBytes): (JSC::JSCell::estimatedSize): * runtime/JSCell.h: * runtime/JSGenericTypedArrayView.h: * runtime/JSGenericTypedArrayViewInlines.h: (JSC::JSGenericTypedArrayView<Adaptor>::estimatedSize): * runtime/JSMap.cpp: (JSC::JSMap::estimatedSize): * runtime/JSMap.h: * runtime/JSObject.cpp: (JSC::JSObject::visitButterfly): * runtime/JSObject.h: * runtime/JSSet.cpp: (JSC::JSSet::estimatedSize): * runtime/JSSet.h: * runtime/JSString.cpp: (JSC::JSString::estimatedSize): * runtime/JSString.h: * runtime/MapData.h: (JSC::MapDataImpl::capacityInBytes): * runtime/WeakMapData.cpp: (JSC::WeakMapData::estimatedSize): (JSC::WeakMapData::visitChildren): * runtime/WeakMapData.h: Implement estimated size following the pattern of reporting extra visited size, or copy space memory. * runtime/RegExp.cpp: (JSC::RegExp::estimatedSize): * runtime/RegExp.h: * yarr/YarrInterpreter.h: (JSC::Yarr::ByteDisjunction::estimatedSizeInBytes): (JSC::Yarr::BytecodePattern::estimatedSizeInBytes): * yarr/YarrJIT.h: (JSC::Yarr::YarrCodeBlock::size): Include generated bytecode / JITCode to a RegExp's size. Canonical link: https://commits.webkit.org/172939@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197379 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2016-03-01 02:07:12 +00:00
}
UnlinkedCodeBlock should have better accounting for extra memory https://bugs.webkit.org/show_bug.cgi?id=225080 Reviewed by Mark Lam. Right now we aren't telling the JS GC about the extra memory attached to UnlinkedCodeBlocks. It looks like on at least some sites this can be a fairly large percentage of the total memory retained by the JS object graph. This is very similar to the change we made for CodeBlocks in r276610. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::visitChildrenImpl): (JSC::UnlinkedCodeBlock::RareData::sizeInBytes const): * bytecode/UnlinkedCodeBlock.h: Canonical link: https://commits.webkit.org/237053@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276625 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-04-27 01:09:59 +00:00
size_t UnlinkedCodeBlock::RareData::sizeInBytes(const AbstractLocker&) const
{
size_t size = sizeof(RareData);
size += m_exceptionHandlers.byteSize();
size += m_unlinkedSwitchJumpTables.byteSize();
size += m_unlinkedStringSwitchJumpTables.byteSize();
size += m_expressionInfoFatPositions.byteSize();
size += m_typeProfilerInfoMap.capacity() * sizeof(decltype(m_typeProfilerInfoMap)::KeyValuePairType);
size += m_opProfileControlFlowBytecodeOffsets.byteSize();
size += m_bitVectors.byteSize();
// FIXME: account for each bit vector.
size += m_constantIdentifierSets.byteSize();
for (const auto& identifierSet : m_constantIdentifierSets)
size += identifierSet.capacity() * sizeof(std::remove_reference_t<decltype(identifierSet)>::ValueType);
return size;
}
BytecodeIndex should be a proper C++ class https://bugs.webkit.org/show_bug.cgi?id=203276 Reviewed by Mark Lam. This patch makes a change to how we refer to the bytecode index in a bytecode stream. Previously we just used an unsigned number to represent the index, this patch changes most of the code to use a BytecodeIndex class instead. The only places where this patch does not change this is for jump and switch targets / deltas. Additionally, this patch attempts to canonicalize the terminology around how we refer to bytecode indices. Now we use the word index to refer to the bytecode index class and offset to refer to the unsigned byte offset into the instruction stream. * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * bytecode/ByValInfo.h: (JSC::ByValInfo::ByValInfo): (JSC::getByValInfoBytecodeIndex): * bytecode/BytecodeBasicBlock.cpp: (JSC::BytecodeBasicBlock::computeImpl): * bytecode/BytecodeGeneratorification.cpp: (JSC::GeneratorLivenessAnalysis::run): * bytecode/BytecodeIndex.cpp: Added. (JSC::BytecodeIndex::dump const): * bytecode/BytecodeIndex.h: Added. (JSC::BytecodeIndex::BytecodeIndex): (JSC::BytecodeIndex::offset const): (JSC::BytecodeIndex::asBits const): (JSC::BytecodeIndex::hash const): (JSC::BytecodeIndex::deletedValue): (JSC::BytecodeIndex::isHashTableDeletedValue const): (JSC::BytecodeIndex::operator bool const): (JSC::BytecodeIndex::operator == const): (JSC::BytecodeIndex::operator != const): (JSC::BytecodeIndex::operator < const): (JSC::BytecodeIndex::operator > const): (JSC::BytecodeIndex::operator <= const): (JSC::BytecodeIndex::operator >= const): (JSC::BytecodeIndex::fromBits): (JSC::BytecodeIndexHash::hash): (JSC::BytecodeIndexHash::equal): * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeIndex): (JSC::BytecodeLivenessAnalysis::computeFullLiveness): (JSC::BytecodeLivenessAnalysis::computeKills): (JSC::BytecodeLivenessAnalysis::dumpResults): (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset): Deleted. * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::BytecodeLivenessPropagation::stepOverInstruction): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeIndex): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBlock): (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeIndex): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeOffset): Deleted. (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeOffset): Deleted. * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeIndex): (JSC::computeDefsForBytecodeIndex): (JSC::computeUsesForBytecodeOffset): Deleted. (JSC::computeDefsForBytecodeOffset): Deleted. * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): (JSC::CallLinkStatus::computeFor): (JSC::CallLinkStatus::computeExitSiteData): * bytecode/CallLinkStatus.h: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::getCallLinkInfoForBytecodeIndex): (JSC::CodeBlock::addRareCaseProfile): (JSC::CodeBlock::rareCaseProfileForBytecodeIndex): (JSC::CodeBlock::rareCaseProfileCountForBytecodeIndex): (JSC::CodeBlock::handlerForBytecodeIndex): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndex): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndexSlow): (JSC::CodeBlock::lineNumberForBytecodeIndex): (JSC::CodeBlock::columnNumberForBytecodeIndex): (JSC::CodeBlock::expressionRangeForBytecodeIndex const): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::tryGetValueProfileForBytecodeIndex): (JSC::CodeBlock::valueProfilePredictionForBytecodeIndex): (JSC::CodeBlock::valueProfileForBytecodeIndex): (JSC::CodeBlock::validate): (JSC::CodeBlock::arithProfileForBytecodeIndex): (JSC::CodeBlock::couldTakeSpecialArithFastCase): (JSC::CodeBlock::bytecodeIndexFromCallSiteIndex): (JSC::CodeBlock::rareCaseProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::rareCaseProfileCountForBytecodeOffset): Deleted. (JSC::CodeBlock::handlerForBytecodeOffset): Deleted. (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): Deleted. (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): Deleted. (JSC::CodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::CodeBlock::columnNumberForBytecodeOffset): Deleted. (JSC::CodeBlock::expressionRangeForBytecodeOffset const): Deleted. (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): Deleted. (JSC::CodeBlock::valueProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::arithProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::couldTakeSpecialFastCase): Deleted. (JSC::CodeBlock::bytecodeOffsetFromCallSiteIndex): Deleted. * bytecode/CodeBlock.h: (JSC::CodeBlock::likelyToTakeSlowCase): (JSC::CodeBlock::couldTakeSlowCase): (JSC::CodeBlock::bytecodeIndex): * bytecode/CodeOrigin.cpp: (JSC::CodeOrigin::approximateHash const): (JSC::CodeOrigin::dump const): * bytecode/CodeOrigin.h: (JSC::CodeOrigin::CodeOrigin): (JSC::CodeOrigin::isSet const): (JSC::CodeOrigin::isHashTableDeletedValue const): (JSC::CodeOrigin::bytecodeIndex const): (JSC::CodeOrigin::OutOfLineCodeOrigin::OutOfLineCodeOrigin): (JSC::CodeOrigin::buildCompositeValue): (JSC::CodeOrigin::hash const): * bytecode/DFGExitProfile.cpp: (JSC::DFG::FrequentExitSite::dump const): (JSC::DFG::ExitProfile::exitSitesFor): * bytecode/DFGExitProfile.h: (JSC::DFG::FrequentExitSite::FrequentExitSite): (JSC::DFG::FrequentExitSite::operator== const): (JSC::DFG::FrequentExitSite::subsumes const): (JSC::DFG::FrequentExitSite::hash const): (JSC::DFG::FrequentExitSite::bytecodeIndex const): (JSC::DFG::FrequentExitSite::isHashTableDeletedValue const): (JSC::DFG::QueryableExitProfile::hasExitSite const): (JSC::DFG::FrequentExitSite::bytecodeOffset const): Deleted. * bytecode/DeferredSourceDump.cpp: (JSC::DeferredSourceDump::DeferredSourceDump): (JSC::DeferredSourceDump::dump): * bytecode/DeferredSourceDump.h: (): Deleted. * bytecode/FullBytecodeLiveness.h: (JSC::FullBytecodeLiveness::getLiveness const): (JSC::FullBytecodeLiveness::operandIsLive const): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): (JSC::GetByIdStatus::computeFor): (JSC::GetByIdStatus::computeForStubInfo): * bytecode/GetByIdStatus.h: * bytecode/ICStatusUtils.cpp: (JSC::hasBadCacheExitSite): * bytecode/ICStatusUtils.h: * bytecode/InByIdStatus.cpp: (JSC::InByIdStatus::computeFor): * bytecode/InByIdStatus.h: * bytecode/InlineCallFrame.cpp: (JSC::InlineCallFrame::dumpInContext const): * bytecode/InstanceOfStatus.cpp: (JSC::InstanceOfStatus::computeFor): * bytecode/InstanceOfStatus.h: * bytecode/InstructionStream.h: (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::index const): (JSC::InstructionStream::at const): * bytecode/LazyOperandValueProfile.h: (JSC::LazyOperandValueProfileKey::LazyOperandValueProfileKey): (JSC::LazyOperandValueProfileKey::operator== const): (JSC::LazyOperandValueProfileKey::hash const): (JSC::LazyOperandValueProfileKey::bytecodeIndex const): (JSC::LazyOperandValueProfileKey::isHashTableDeletedValue const): (JSC::LazyOperandValueProfileKey::bytecodeOffset const): Deleted. * bytecode/MethodOfGettingAValueProfile.cpp: (JSC::MethodOfGettingAValueProfile::fromLazyOperand): * bytecode/MethodOfGettingAValueProfile.h: * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): (JSC::PutByIdStatus::computeFor): * bytecode/PutByIdStatus.h: * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::StructureStubInfo): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::lineNumberForBytecodeIndex): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeIndex const): (JSC::UnlinkedCodeBlock::handlerForBytecodeIndex): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): Deleted. (JSC::UnlinkedCodeBlock::handlerForBytecodeOffset): Deleted. * bytecode/UnlinkedCodeBlock.h: * bytecode/ValueProfile.h: (JSC::RareCaseProfile::RareCaseProfile): (JSC::getRareCaseProfileBytecodeIndex): (JSC::getRareCaseProfileBytecodeOffset): Deleted. * bytecompiler/BytecodeGenerator.cpp: (JSC::ForInContext::finalize): * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::currentPosition): * dfg/DFGBasicBlock.cpp: (JSC::DFG::BasicBlock::BasicBlock): * dfg/DFGBasicBlock.h: (JSC::DFG::getBytecodeBeginForBlock): (JSC::DFG::blockForBytecodeIndex): (JSC::DFG::blockForBytecodeOffset): Deleted. * dfg/DFGBlockInsertionSet.cpp: (JSC::DFG::BlockInsertionSet::insert): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::flushForTerminalImpl): (JSC::DFG::ByteCodeParser::flushIfTerminal): (JSC::DFG::ByteCodeParser::branchData): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getPrediction): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::makeSafe): (JSC::DFG::ByteCodeParser::makeDivSafe): (JSC::DFG::ByteCodeParser::allocateTargetableBlock): (JSC::DFG::ByteCodeParser::allocateUntargetableBlock): (JSC::DFG::ByteCodeParser::makeBlockTargetable): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::linkBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCommonData.cpp: (JSC::DFG::CommonData::addCodeOrigin): (JSC::DFG::CommonData::addUniqueCallSiteIndex): (JSC::DFG::CommonData::lastCallSite const): * dfg/DFGCommonData.h: (JSC::DFG::CommonData::catchOSREntryDataForBytecodeIndex): (JSC::DFG::CommonData::appendCatchEntrypoint): * dfg/DFGDriver.cpp: (JSC::DFG::compileImpl): (JSC::DFG::compile): * dfg/DFGDriver.h: * dfg/DFGGraph.cpp: (JSC::DFG::Graph::dump): (JSC::DFG::Graph::methodOfGettingAValueProfileFor): (JSC::DFG::Graph::willCatchExceptionInMachineFrame): * dfg/DFGGraph.h: * dfg/DFGJITCode.cpp: (JSC::DFG::JITCode::clearOSREntryBlockAndResetThresholds): * dfg/DFGJITCode.h: (JSC::DFG::JITCode::appendOSREntryData): (JSC::DFG::JITCode::osrEntryDataForBytecodeIndex): * dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::JITCompiler): (JSC::DFG::JITCompiler::compile): (JSC::DFG::JITCompiler::compileFunction): * dfg/DFGJITCompiler.h: (JSC::DFG::JITCompiler::setStartOfCode): * dfg/DFGLiveCatchVariablePreservationPhase.cpp: (JSC::DFG::LiveCatchVariablePreservationPhase::handleBlockForTryCatch): * dfg/DFGOSREntry.cpp: (JSC::DFG::OSREntryData::dumpInContext const): (JSC::DFG::prepareOSREntry): (JSC::DFG::prepareCatchOSREntry): * dfg/DFGOSREntry.h: (JSC::DFG::getOSREntryDataBytecodeIndex): (JSC::DFG::prepareOSREntry): * dfg/DFGOSREntrypointCreationPhase.cpp: (JSC::DFG::OSREntrypointCreationPhase::run): * dfg/DFGOSRExit.cpp: (JSC::DFG::OSRExit::executeOSRExit): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): (JSC::DFG::printOSRExit): (JSC::DFG::OSRExit::compileExit): (JSC::DFG::OSRExit::debugOperationPrintSpeculationFailure): * dfg/DFGOSRExit.h: * dfg/DFGOSRExitCompilerCommon.cpp: (JSC::DFG::callerReturnPC): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): * dfg/DFGOSRExitCompilerCommon.h: * dfg/DFGOperations.cpp: * dfg/DFGOperations.h: * dfg/DFGPlan.cpp: (JSC::DFG::Plan::Plan): (JSC::DFG::Plan::compileInThreadImpl): (JSC::DFG::Plan::cleanMustHandleValuesIfNecessary): * dfg/DFGPlan.h: (JSC::DFG::Plan::osrEntryBytecodeIndex const): (JSC::DFG::Plan::tierUpInLoopHierarchy): (JSC::DFG::Plan::tierUpAndOSREnterBytecodes): * dfg/DFGSSAConversionPhase.cpp: (JSC::DFG::SSAConversionPhase::run): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileCurrentBlock): (JSC::DFG::SpeculativeJIT::checkArgumentTypes): (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileValueMul): (JSC::DFG::SpeculativeJIT::emitSwitchCharStringJump): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGTierUpCheckInjectionPhase.cpp: (JSC::DFG::TierUpCheckInjectionPhase::run): (JSC::DFG::TierUpCheckInjectionPhase::buildNaturalLoopToLoopHintMap): * dfg/DFGToFTLForOSREntryDeferredCompilationCallback.cpp: (JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::compilationDidComplete): * dfg/DFGValidate.cpp: * ftl/FTLCompile.cpp: (JSC::FTL::compile): * ftl/FTLForOSREntryJITCode.h: (JSC::FTL::ForOSREntryJITCode::setBytecodeIndex): (JSC::FTL::ForOSREntryJITCode::bytecodeIndex const): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::lower): (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileValueMul): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOSREntry.cpp: (JSC::FTL::prepareOSREntry): * ftl/FTLOSREntry.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::callSiteIndex const): (JSC::CallFrame::unsafeCallSiteIndex const): (JSC::CallFrame::setCurrentVPC): (JSC::CallFrame::bytecodeIndex): (JSC::CallFrame::codeOrigin): (JSC::CallFrame::dump): (JSC::CallFrame::bytecodeOffset): Deleted. * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::CallSiteIndex::operator bool const): (JSC::CallSiteIndex::operator== const): (JSC::CallSiteIndex::bits const): (JSC::CallSiteIndex::bytecodeIndex const): (JSC::DisposableCallSiteIndex::DisposableCallSiteIndex): (): Deleted. * interpreter/Interpreter.cpp: (JSC::GetStackTraceFunctor::operator() const): (JSC::findExceptionHandler): * interpreter/ShadowChicken.cpp: (JSC::ShadowChicken::update): * interpreter/StackVisitor.cpp: (JSC::StackVisitor::readNonInlinedFrame): (JSC::StackVisitor::readInlinedFrame): (JSC::StackVisitor::Frame::retrieveExpressionInfo const): (JSC::StackVisitor::Frame::dump const): * interpreter/StackVisitor.h: (JSC::StackVisitor::Frame::bytecodeIndex const): (JSC::StackVisitor::Frame::bytecodeOffset const): Deleted. * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitEnterOptimizationCheck): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): (JSC::JIT::privateCompileExceptionHandlers): * jit/JIT.h: (JSC::CallRecord::CallRecord): (JSC::SlowCaseEntry::SlowCaseEntry): (JSC::SwitchRecord::SwitchRecord): (JSC::ByValCompilationInfo::ByValCompilationInfo): * jit/JITCall.cpp: (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileOpCall): * jit/JITCodeMap.h: (JSC::JITCodeMap::Entry::Entry): (JSC::JITCodeMap::Entry::bytecodeIndex const): (JSC::JITCodeMap::append): (JSC::JITCodeMap::find const): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::dumpVectorForInstructions): (JSC::JITDisassembler::reportInstructions): * jit/JITDisassembler.h: * jit/JITInlines.h: (JSC::JIT::emitNakedCall): (JSC::JIT::emitNakedTailCall): (JSC::JIT::updateTopCallFrame): (JSC::JIT::linkAllSlowCasesForBytecodeIndex): (JSC::JIT::addSlowCase): (JSC::JIT::addJump): (JSC::JIT::emitJumpSlowToHot): (JSC::JIT::emitGetVirtualRegister): (JSC::JIT::linkAllSlowCasesForBytecodeOffset): Deleted. * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_instanceof): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emit_op_log_shadow_chicken_tail): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_instanceof): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_has_indexed_property): * jit/JITOperations.cpp: (JSC::getByVal): (JSC::tryGetByValOptimize): * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emit_op_in_by_id): * jit/JITWorklist.cpp: (JSC::JITWorklist::Plan::Plan): (JSC::JITWorklist::Plan::compileNow): (JSC::JITWorklist::compileLater): (JSC::JITWorklist::compileNow): * jit/JITWorklist.h: * jit/PCToCodeOriginMap.cpp: (JSC::PCToCodeOriginMap::PCToCodeOriginMap): (JSC::PCToCodeOriginMap::findPC const): * jit/PCToCodeOriginMap.h: (JSC::PCToCodeOriginMapBuilder::defaultCodeOrigin): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::call): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::jitCompileAndSetHeuristics): (JSC::LLInt::LLINT_SLOW_PATH_DECL): * profiler/ProfilerOrigin.cpp: (JSC::Profiler::Origin::Origin): (JSC::Profiler::Origin::dump const): (JSC::Profiler::Origin::toJS const): * profiler/ProfilerOrigin.h: (JSC::Profiler::Origin::Origin): (JSC::Profiler::Origin::operator! const): (JSC::Profiler::Origin::bytecodeIndex const): (JSC::Profiler::Origin::hash const): (JSC::Profiler::Origin::isHashTableDeletedValue const): * runtime/Error.cpp: (JSC::getBytecodeIndex): (JSC::getBytecodeOffset): Deleted. * runtime/Error.h: * runtime/ErrorInstance.cpp: (JSC::appendSourceToError): (JSC::ErrorInstance::finishCreation): * runtime/SamplingProfiler.cpp: (JSC::tryGetBytecodeIndex): (JSC::SamplingProfiler::processUnverifiedStackTraces): (JSC::SamplingProfiler::reportTopBytecodes): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::StackFrame::CodeLocation::hasBytecodeIndex const): * runtime/StackFrame.cpp: (JSC::StackFrame::StackFrame): (JSC::StackFrame::computeLineAndColumn const): * runtime/StackFrame.h: (JSC::StackFrame::hasBytecodeIndex const): (JSC::StackFrame::bytecodeIndex): (JSC::StackFrame::hasBytecodeOffset const): Deleted. (JSC::StackFrame::bytecodeOffset): Deleted. * tools/VMInspector.cpp: (JSC::VMInspector::dumpRegisters): Canonical link: https://commits.webkit.org/216705@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@251468 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-10-23 00:55:38 +00:00
int UnlinkedCodeBlock::lineNumberForBytecodeIndex(BytecodeIndex bytecodeIndex)
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
{
BytecodeIndex should be a proper C++ class https://bugs.webkit.org/show_bug.cgi?id=203276 Reviewed by Mark Lam. This patch makes a change to how we refer to the bytecode index in a bytecode stream. Previously we just used an unsigned number to represent the index, this patch changes most of the code to use a BytecodeIndex class instead. The only places where this patch does not change this is for jump and switch targets / deltas. Additionally, this patch attempts to canonicalize the terminology around how we refer to bytecode indices. Now we use the word index to refer to the bytecode index class and offset to refer to the unsigned byte offset into the instruction stream. * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * bytecode/ByValInfo.h: (JSC::ByValInfo::ByValInfo): (JSC::getByValInfoBytecodeIndex): * bytecode/BytecodeBasicBlock.cpp: (JSC::BytecodeBasicBlock::computeImpl): * bytecode/BytecodeGeneratorification.cpp: (JSC::GeneratorLivenessAnalysis::run): * bytecode/BytecodeIndex.cpp: Added. (JSC::BytecodeIndex::dump const): * bytecode/BytecodeIndex.h: Added. (JSC::BytecodeIndex::BytecodeIndex): (JSC::BytecodeIndex::offset const): (JSC::BytecodeIndex::asBits const): (JSC::BytecodeIndex::hash const): (JSC::BytecodeIndex::deletedValue): (JSC::BytecodeIndex::isHashTableDeletedValue const): (JSC::BytecodeIndex::operator bool const): (JSC::BytecodeIndex::operator == const): (JSC::BytecodeIndex::operator != const): (JSC::BytecodeIndex::operator < const): (JSC::BytecodeIndex::operator > const): (JSC::BytecodeIndex::operator <= const): (JSC::BytecodeIndex::operator >= const): (JSC::BytecodeIndex::fromBits): (JSC::BytecodeIndexHash::hash): (JSC::BytecodeIndexHash::equal): * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeIndex): (JSC::BytecodeLivenessAnalysis::computeFullLiveness): (JSC::BytecodeLivenessAnalysis::computeKills): (JSC::BytecodeLivenessAnalysis::dumpResults): (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset): Deleted. * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::BytecodeLivenessPropagation::stepOverInstruction): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeIndex): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBlock): (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeIndex): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeOffset): Deleted. (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeOffset): Deleted. * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeIndex): (JSC::computeDefsForBytecodeIndex): (JSC::computeUsesForBytecodeOffset): Deleted. (JSC::computeDefsForBytecodeOffset): Deleted. * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): (JSC::CallLinkStatus::computeFor): (JSC::CallLinkStatus::computeExitSiteData): * bytecode/CallLinkStatus.h: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::getCallLinkInfoForBytecodeIndex): (JSC::CodeBlock::addRareCaseProfile): (JSC::CodeBlock::rareCaseProfileForBytecodeIndex): (JSC::CodeBlock::rareCaseProfileCountForBytecodeIndex): (JSC::CodeBlock::handlerForBytecodeIndex): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndex): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndexSlow): (JSC::CodeBlock::lineNumberForBytecodeIndex): (JSC::CodeBlock::columnNumberForBytecodeIndex): (JSC::CodeBlock::expressionRangeForBytecodeIndex const): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::tryGetValueProfileForBytecodeIndex): (JSC::CodeBlock::valueProfilePredictionForBytecodeIndex): (JSC::CodeBlock::valueProfileForBytecodeIndex): (JSC::CodeBlock::validate): (JSC::CodeBlock::arithProfileForBytecodeIndex): (JSC::CodeBlock::couldTakeSpecialArithFastCase): (JSC::CodeBlock::bytecodeIndexFromCallSiteIndex): (JSC::CodeBlock::rareCaseProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::rareCaseProfileCountForBytecodeOffset): Deleted. (JSC::CodeBlock::handlerForBytecodeOffset): Deleted. (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): Deleted. (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): Deleted. (JSC::CodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::CodeBlock::columnNumberForBytecodeOffset): Deleted. (JSC::CodeBlock::expressionRangeForBytecodeOffset const): Deleted. (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): Deleted. (JSC::CodeBlock::valueProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::arithProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::couldTakeSpecialFastCase): Deleted. (JSC::CodeBlock::bytecodeOffsetFromCallSiteIndex): Deleted. * bytecode/CodeBlock.h: (JSC::CodeBlock::likelyToTakeSlowCase): (JSC::CodeBlock::couldTakeSlowCase): (JSC::CodeBlock::bytecodeIndex): * bytecode/CodeOrigin.cpp: (JSC::CodeOrigin::approximateHash const): (JSC::CodeOrigin::dump const): * bytecode/CodeOrigin.h: (JSC::CodeOrigin::CodeOrigin): (JSC::CodeOrigin::isSet const): (JSC::CodeOrigin::isHashTableDeletedValue const): (JSC::CodeOrigin::bytecodeIndex const): (JSC::CodeOrigin::OutOfLineCodeOrigin::OutOfLineCodeOrigin): (JSC::CodeOrigin::buildCompositeValue): (JSC::CodeOrigin::hash const): * bytecode/DFGExitProfile.cpp: (JSC::DFG::FrequentExitSite::dump const): (JSC::DFG::ExitProfile::exitSitesFor): * bytecode/DFGExitProfile.h: (JSC::DFG::FrequentExitSite::FrequentExitSite): (JSC::DFG::FrequentExitSite::operator== const): (JSC::DFG::FrequentExitSite::subsumes const): (JSC::DFG::FrequentExitSite::hash const): (JSC::DFG::FrequentExitSite::bytecodeIndex const): (JSC::DFG::FrequentExitSite::isHashTableDeletedValue const): (JSC::DFG::QueryableExitProfile::hasExitSite const): (JSC::DFG::FrequentExitSite::bytecodeOffset const): Deleted. * bytecode/DeferredSourceDump.cpp: (JSC::DeferredSourceDump::DeferredSourceDump): (JSC::DeferredSourceDump::dump): * bytecode/DeferredSourceDump.h: (): Deleted. * bytecode/FullBytecodeLiveness.h: (JSC::FullBytecodeLiveness::getLiveness const): (JSC::FullBytecodeLiveness::operandIsLive const): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): (JSC::GetByIdStatus::computeFor): (JSC::GetByIdStatus::computeForStubInfo): * bytecode/GetByIdStatus.h: * bytecode/ICStatusUtils.cpp: (JSC::hasBadCacheExitSite): * bytecode/ICStatusUtils.h: * bytecode/InByIdStatus.cpp: (JSC::InByIdStatus::computeFor): * bytecode/InByIdStatus.h: * bytecode/InlineCallFrame.cpp: (JSC::InlineCallFrame::dumpInContext const): * bytecode/InstanceOfStatus.cpp: (JSC::InstanceOfStatus::computeFor): * bytecode/InstanceOfStatus.h: * bytecode/InstructionStream.h: (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::index const): (JSC::InstructionStream::at const): * bytecode/LazyOperandValueProfile.h: (JSC::LazyOperandValueProfileKey::LazyOperandValueProfileKey): (JSC::LazyOperandValueProfileKey::operator== const): (JSC::LazyOperandValueProfileKey::hash const): (JSC::LazyOperandValueProfileKey::bytecodeIndex const): (JSC::LazyOperandValueProfileKey::isHashTableDeletedValue const): (JSC::LazyOperandValueProfileKey::bytecodeOffset const): Deleted. * bytecode/MethodOfGettingAValueProfile.cpp: (JSC::MethodOfGettingAValueProfile::fromLazyOperand): * bytecode/MethodOfGettingAValueProfile.h: * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): (JSC::PutByIdStatus::computeFor): * bytecode/PutByIdStatus.h: * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::StructureStubInfo): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::lineNumberForBytecodeIndex): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeIndex const): (JSC::UnlinkedCodeBlock::handlerForBytecodeIndex): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): Deleted. (JSC::UnlinkedCodeBlock::handlerForBytecodeOffset): Deleted. * bytecode/UnlinkedCodeBlock.h: * bytecode/ValueProfile.h: (JSC::RareCaseProfile::RareCaseProfile): (JSC::getRareCaseProfileBytecodeIndex): (JSC::getRareCaseProfileBytecodeOffset): Deleted. * bytecompiler/BytecodeGenerator.cpp: (JSC::ForInContext::finalize): * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::currentPosition): * dfg/DFGBasicBlock.cpp: (JSC::DFG::BasicBlock::BasicBlock): * dfg/DFGBasicBlock.h: (JSC::DFG::getBytecodeBeginForBlock): (JSC::DFG::blockForBytecodeIndex): (JSC::DFG::blockForBytecodeOffset): Deleted. * dfg/DFGBlockInsertionSet.cpp: (JSC::DFG::BlockInsertionSet::insert): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::flushForTerminalImpl): (JSC::DFG::ByteCodeParser::flushIfTerminal): (JSC::DFG::ByteCodeParser::branchData): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getPrediction): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::makeSafe): (JSC::DFG::ByteCodeParser::makeDivSafe): (JSC::DFG::ByteCodeParser::allocateTargetableBlock): (JSC::DFG::ByteCodeParser::allocateUntargetableBlock): (JSC::DFG::ByteCodeParser::makeBlockTargetable): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::linkBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCommonData.cpp: (JSC::DFG::CommonData::addCodeOrigin): (JSC::DFG::CommonData::addUniqueCallSiteIndex): (JSC::DFG::CommonData::lastCallSite const): * dfg/DFGCommonData.h: (JSC::DFG::CommonData::catchOSREntryDataForBytecodeIndex): (JSC::DFG::CommonData::appendCatchEntrypoint): * dfg/DFGDriver.cpp: (JSC::DFG::compileImpl): (JSC::DFG::compile): * dfg/DFGDriver.h: * dfg/DFGGraph.cpp: (JSC::DFG::Graph::dump): (JSC::DFG::Graph::methodOfGettingAValueProfileFor): (JSC::DFG::Graph::willCatchExceptionInMachineFrame): * dfg/DFGGraph.h: * dfg/DFGJITCode.cpp: (JSC::DFG::JITCode::clearOSREntryBlockAndResetThresholds): * dfg/DFGJITCode.h: (JSC::DFG::JITCode::appendOSREntryData): (JSC::DFG::JITCode::osrEntryDataForBytecodeIndex): * dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::JITCompiler): (JSC::DFG::JITCompiler::compile): (JSC::DFG::JITCompiler::compileFunction): * dfg/DFGJITCompiler.h: (JSC::DFG::JITCompiler::setStartOfCode): * dfg/DFGLiveCatchVariablePreservationPhase.cpp: (JSC::DFG::LiveCatchVariablePreservationPhase::handleBlockForTryCatch): * dfg/DFGOSREntry.cpp: (JSC::DFG::OSREntryData::dumpInContext const): (JSC::DFG::prepareOSREntry): (JSC::DFG::prepareCatchOSREntry): * dfg/DFGOSREntry.h: (JSC::DFG::getOSREntryDataBytecodeIndex): (JSC::DFG::prepareOSREntry): * dfg/DFGOSREntrypointCreationPhase.cpp: (JSC::DFG::OSREntrypointCreationPhase::run): * dfg/DFGOSRExit.cpp: (JSC::DFG::OSRExit::executeOSRExit): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): (JSC::DFG::printOSRExit): (JSC::DFG::OSRExit::compileExit): (JSC::DFG::OSRExit::debugOperationPrintSpeculationFailure): * dfg/DFGOSRExit.h: * dfg/DFGOSRExitCompilerCommon.cpp: (JSC::DFG::callerReturnPC): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): * dfg/DFGOSRExitCompilerCommon.h: * dfg/DFGOperations.cpp: * dfg/DFGOperations.h: * dfg/DFGPlan.cpp: (JSC::DFG::Plan::Plan): (JSC::DFG::Plan::compileInThreadImpl): (JSC::DFG::Plan::cleanMustHandleValuesIfNecessary): * dfg/DFGPlan.h: (JSC::DFG::Plan::osrEntryBytecodeIndex const): (JSC::DFG::Plan::tierUpInLoopHierarchy): (JSC::DFG::Plan::tierUpAndOSREnterBytecodes): * dfg/DFGSSAConversionPhase.cpp: (JSC::DFG::SSAConversionPhase::run): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileCurrentBlock): (JSC::DFG::SpeculativeJIT::checkArgumentTypes): (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileValueMul): (JSC::DFG::SpeculativeJIT::emitSwitchCharStringJump): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGTierUpCheckInjectionPhase.cpp: (JSC::DFG::TierUpCheckInjectionPhase::run): (JSC::DFG::TierUpCheckInjectionPhase::buildNaturalLoopToLoopHintMap): * dfg/DFGToFTLForOSREntryDeferredCompilationCallback.cpp: (JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::compilationDidComplete): * dfg/DFGValidate.cpp: * ftl/FTLCompile.cpp: (JSC::FTL::compile): * ftl/FTLForOSREntryJITCode.h: (JSC::FTL::ForOSREntryJITCode::setBytecodeIndex): (JSC::FTL::ForOSREntryJITCode::bytecodeIndex const): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::lower): (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileValueMul): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOSREntry.cpp: (JSC::FTL::prepareOSREntry): * ftl/FTLOSREntry.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::callSiteIndex const): (JSC::CallFrame::unsafeCallSiteIndex const): (JSC::CallFrame::setCurrentVPC): (JSC::CallFrame::bytecodeIndex): (JSC::CallFrame::codeOrigin): (JSC::CallFrame::dump): (JSC::CallFrame::bytecodeOffset): Deleted. * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::CallSiteIndex::operator bool const): (JSC::CallSiteIndex::operator== const): (JSC::CallSiteIndex::bits const): (JSC::CallSiteIndex::bytecodeIndex const): (JSC::DisposableCallSiteIndex::DisposableCallSiteIndex): (): Deleted. * interpreter/Interpreter.cpp: (JSC::GetStackTraceFunctor::operator() const): (JSC::findExceptionHandler): * interpreter/ShadowChicken.cpp: (JSC::ShadowChicken::update): * interpreter/StackVisitor.cpp: (JSC::StackVisitor::readNonInlinedFrame): (JSC::StackVisitor::readInlinedFrame): (JSC::StackVisitor::Frame::retrieveExpressionInfo const): (JSC::StackVisitor::Frame::dump const): * interpreter/StackVisitor.h: (JSC::StackVisitor::Frame::bytecodeIndex const): (JSC::StackVisitor::Frame::bytecodeOffset const): Deleted. * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitEnterOptimizationCheck): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): (JSC::JIT::privateCompileExceptionHandlers): * jit/JIT.h: (JSC::CallRecord::CallRecord): (JSC::SlowCaseEntry::SlowCaseEntry): (JSC::SwitchRecord::SwitchRecord): (JSC::ByValCompilationInfo::ByValCompilationInfo): * jit/JITCall.cpp: (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileOpCall): * jit/JITCodeMap.h: (JSC::JITCodeMap::Entry::Entry): (JSC::JITCodeMap::Entry::bytecodeIndex const): (JSC::JITCodeMap::append): (JSC::JITCodeMap::find const): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::dumpVectorForInstructions): (JSC::JITDisassembler::reportInstructions): * jit/JITDisassembler.h: * jit/JITInlines.h: (JSC::JIT::emitNakedCall): (JSC::JIT::emitNakedTailCall): (JSC::JIT::updateTopCallFrame): (JSC::JIT::linkAllSlowCasesForBytecodeIndex): (JSC::JIT::addSlowCase): (JSC::JIT::addJump): (JSC::JIT::emitJumpSlowToHot): (JSC::JIT::emitGetVirtualRegister): (JSC::JIT::linkAllSlowCasesForBytecodeOffset): Deleted. * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_instanceof): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emit_op_log_shadow_chicken_tail): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_instanceof): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_has_indexed_property): * jit/JITOperations.cpp: (JSC::getByVal): (JSC::tryGetByValOptimize): * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emit_op_in_by_id): * jit/JITWorklist.cpp: (JSC::JITWorklist::Plan::Plan): (JSC::JITWorklist::Plan::compileNow): (JSC::JITWorklist::compileLater): (JSC::JITWorklist::compileNow): * jit/JITWorklist.h: * jit/PCToCodeOriginMap.cpp: (JSC::PCToCodeOriginMap::PCToCodeOriginMap): (JSC::PCToCodeOriginMap::findPC const): * jit/PCToCodeOriginMap.h: (JSC::PCToCodeOriginMapBuilder::defaultCodeOrigin): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::call): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::jitCompileAndSetHeuristics): (JSC::LLInt::LLINT_SLOW_PATH_DECL): * profiler/ProfilerOrigin.cpp: (JSC::Profiler::Origin::Origin): (JSC::Profiler::Origin::dump const): (JSC::Profiler::Origin::toJS const): * profiler/ProfilerOrigin.h: (JSC::Profiler::Origin::Origin): (JSC::Profiler::Origin::operator! const): (JSC::Profiler::Origin::bytecodeIndex const): (JSC::Profiler::Origin::hash const): (JSC::Profiler::Origin::isHashTableDeletedValue const): * runtime/Error.cpp: (JSC::getBytecodeIndex): (JSC::getBytecodeOffset): Deleted. * runtime/Error.h: * runtime/ErrorInstance.cpp: (JSC::appendSourceToError): (JSC::ErrorInstance::finishCreation): * runtime/SamplingProfiler.cpp: (JSC::tryGetBytecodeIndex): (JSC::SamplingProfiler::processUnverifiedStackTraces): (JSC::SamplingProfiler::reportTopBytecodes): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::StackFrame::CodeLocation::hasBytecodeIndex const): * runtime/StackFrame.cpp: (JSC::StackFrame::StackFrame): (JSC::StackFrame::computeLineAndColumn const): * runtime/StackFrame.h: (JSC::StackFrame::hasBytecodeIndex const): (JSC::StackFrame::bytecodeIndex): (JSC::StackFrame::hasBytecodeOffset const): Deleted. (JSC::StackFrame::bytecodeOffset): Deleted. * tools/VMInspector.cpp: (JSC::VMInspector::dumpRegisters): Canonical link: https://commits.webkit.org/216705@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@251468 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-10-23 00:55:38 +00:00
ASSERT(bytecodeIndex.offset() < instructions().size());
Fix clang static analyzer warnings: Garbage return value <https://webkit.org/b/187224> Reviewed by Eric Carlson. Source/JavaScriptCore: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): - Use brace initialization for local variables. * debugger/DebuggerCallFrame.cpp: (class JSC::LineAndColumnFunctor): - Use class member initialization for member variables. Source/WebCore: * platform/mediastream/MediaConstraints.h: (WebCore::NumericConstraint::valueForCapabilityRange const): - Use brace initialization for local variables. Source/WebKit: * WebProcess/WebCoreSupport/WebPlatformStrategies.cpp: (WebKit::WebPlatformStrategies::changeCount): (WebKit::WebPlatformStrategies::addTypes): (WebKit::WebPlatformStrategies::setTypes): (WebKit::WebPlatformStrategies::setBufferForType): (WebKit::WebPlatformStrategies::setPathnamesForType): (WebKit::WebPlatformStrategies::setStringForType): (WebKit::WebPlatformStrategies::getNumberOfFiles): (WebKit::WebPlatformStrategies::getPasteboardItemsCount): (WebKit::WebPlatformStrategies::writeCustomData): * WebProcess/WebCoreSupport/mac/WebEditorClientMac.mm: (WebKit::WebEditorClient::substitutionsPanelIsShowing): - Use brace initialization for local variables. Canonical link: https://commits.webkit.org/202488@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233403 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-07-01 00:06:38 +00:00
int divot { 0 };
int startOffset { 0 };
int endOffset { 0 };
unsigned line { 0 };
unsigned column { 0 };
BytecodeIndex should be a proper C++ class https://bugs.webkit.org/show_bug.cgi?id=203276 Reviewed by Mark Lam. This patch makes a change to how we refer to the bytecode index in a bytecode stream. Previously we just used an unsigned number to represent the index, this patch changes most of the code to use a BytecodeIndex class instead. The only places where this patch does not change this is for jump and switch targets / deltas. Additionally, this patch attempts to canonicalize the terminology around how we refer to bytecode indices. Now we use the word index to refer to the bytecode index class and offset to refer to the unsigned byte offset into the instruction stream. * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * bytecode/ByValInfo.h: (JSC::ByValInfo::ByValInfo): (JSC::getByValInfoBytecodeIndex): * bytecode/BytecodeBasicBlock.cpp: (JSC::BytecodeBasicBlock::computeImpl): * bytecode/BytecodeGeneratorification.cpp: (JSC::GeneratorLivenessAnalysis::run): * bytecode/BytecodeIndex.cpp: Added. (JSC::BytecodeIndex::dump const): * bytecode/BytecodeIndex.h: Added. (JSC::BytecodeIndex::BytecodeIndex): (JSC::BytecodeIndex::offset const): (JSC::BytecodeIndex::asBits const): (JSC::BytecodeIndex::hash const): (JSC::BytecodeIndex::deletedValue): (JSC::BytecodeIndex::isHashTableDeletedValue const): (JSC::BytecodeIndex::operator bool const): (JSC::BytecodeIndex::operator == const): (JSC::BytecodeIndex::operator != const): (JSC::BytecodeIndex::operator < const): (JSC::BytecodeIndex::operator > const): (JSC::BytecodeIndex::operator <= const): (JSC::BytecodeIndex::operator >= const): (JSC::BytecodeIndex::fromBits): (JSC::BytecodeIndexHash::hash): (JSC::BytecodeIndexHash::equal): * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeIndex): (JSC::BytecodeLivenessAnalysis::computeFullLiveness): (JSC::BytecodeLivenessAnalysis::computeKills): (JSC::BytecodeLivenessAnalysis::dumpResults): (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset): Deleted. * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::BytecodeLivenessPropagation::stepOverInstruction): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeIndex): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBlock): (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeIndex): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeOffset): Deleted. (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeOffset): Deleted. * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeIndex): (JSC::computeDefsForBytecodeIndex): (JSC::computeUsesForBytecodeOffset): Deleted. (JSC::computeDefsForBytecodeOffset): Deleted. * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): (JSC::CallLinkStatus::computeFor): (JSC::CallLinkStatus::computeExitSiteData): * bytecode/CallLinkStatus.h: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::getCallLinkInfoForBytecodeIndex): (JSC::CodeBlock::addRareCaseProfile): (JSC::CodeBlock::rareCaseProfileForBytecodeIndex): (JSC::CodeBlock::rareCaseProfileCountForBytecodeIndex): (JSC::CodeBlock::handlerForBytecodeIndex): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndex): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndexSlow): (JSC::CodeBlock::lineNumberForBytecodeIndex): (JSC::CodeBlock::columnNumberForBytecodeIndex): (JSC::CodeBlock::expressionRangeForBytecodeIndex const): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::tryGetValueProfileForBytecodeIndex): (JSC::CodeBlock::valueProfilePredictionForBytecodeIndex): (JSC::CodeBlock::valueProfileForBytecodeIndex): (JSC::CodeBlock::validate): (JSC::CodeBlock::arithProfileForBytecodeIndex): (JSC::CodeBlock::couldTakeSpecialArithFastCase): (JSC::CodeBlock::bytecodeIndexFromCallSiteIndex): (JSC::CodeBlock::rareCaseProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::rareCaseProfileCountForBytecodeOffset): Deleted. (JSC::CodeBlock::handlerForBytecodeOffset): Deleted. (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): Deleted. (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): Deleted. (JSC::CodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::CodeBlock::columnNumberForBytecodeOffset): Deleted. (JSC::CodeBlock::expressionRangeForBytecodeOffset const): Deleted. (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): Deleted. (JSC::CodeBlock::valueProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::arithProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::couldTakeSpecialFastCase): Deleted. (JSC::CodeBlock::bytecodeOffsetFromCallSiteIndex): Deleted. * bytecode/CodeBlock.h: (JSC::CodeBlock::likelyToTakeSlowCase): (JSC::CodeBlock::couldTakeSlowCase): (JSC::CodeBlock::bytecodeIndex): * bytecode/CodeOrigin.cpp: (JSC::CodeOrigin::approximateHash const): (JSC::CodeOrigin::dump const): * bytecode/CodeOrigin.h: (JSC::CodeOrigin::CodeOrigin): (JSC::CodeOrigin::isSet const): (JSC::CodeOrigin::isHashTableDeletedValue const): (JSC::CodeOrigin::bytecodeIndex const): (JSC::CodeOrigin::OutOfLineCodeOrigin::OutOfLineCodeOrigin): (JSC::CodeOrigin::buildCompositeValue): (JSC::CodeOrigin::hash const): * bytecode/DFGExitProfile.cpp: (JSC::DFG::FrequentExitSite::dump const): (JSC::DFG::ExitProfile::exitSitesFor): * bytecode/DFGExitProfile.h: (JSC::DFG::FrequentExitSite::FrequentExitSite): (JSC::DFG::FrequentExitSite::operator== const): (JSC::DFG::FrequentExitSite::subsumes const): (JSC::DFG::FrequentExitSite::hash const): (JSC::DFG::FrequentExitSite::bytecodeIndex const): (JSC::DFG::FrequentExitSite::isHashTableDeletedValue const): (JSC::DFG::QueryableExitProfile::hasExitSite const): (JSC::DFG::FrequentExitSite::bytecodeOffset const): Deleted. * bytecode/DeferredSourceDump.cpp: (JSC::DeferredSourceDump::DeferredSourceDump): (JSC::DeferredSourceDump::dump): * bytecode/DeferredSourceDump.h: (): Deleted. * bytecode/FullBytecodeLiveness.h: (JSC::FullBytecodeLiveness::getLiveness const): (JSC::FullBytecodeLiveness::operandIsLive const): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): (JSC::GetByIdStatus::computeFor): (JSC::GetByIdStatus::computeForStubInfo): * bytecode/GetByIdStatus.h: * bytecode/ICStatusUtils.cpp: (JSC::hasBadCacheExitSite): * bytecode/ICStatusUtils.h: * bytecode/InByIdStatus.cpp: (JSC::InByIdStatus::computeFor): * bytecode/InByIdStatus.h: * bytecode/InlineCallFrame.cpp: (JSC::InlineCallFrame::dumpInContext const): * bytecode/InstanceOfStatus.cpp: (JSC::InstanceOfStatus::computeFor): * bytecode/InstanceOfStatus.h: * bytecode/InstructionStream.h: (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::index const): (JSC::InstructionStream::at const): * bytecode/LazyOperandValueProfile.h: (JSC::LazyOperandValueProfileKey::LazyOperandValueProfileKey): (JSC::LazyOperandValueProfileKey::operator== const): (JSC::LazyOperandValueProfileKey::hash const): (JSC::LazyOperandValueProfileKey::bytecodeIndex const): (JSC::LazyOperandValueProfileKey::isHashTableDeletedValue const): (JSC::LazyOperandValueProfileKey::bytecodeOffset const): Deleted. * bytecode/MethodOfGettingAValueProfile.cpp: (JSC::MethodOfGettingAValueProfile::fromLazyOperand): * bytecode/MethodOfGettingAValueProfile.h: * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): (JSC::PutByIdStatus::computeFor): * bytecode/PutByIdStatus.h: * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::StructureStubInfo): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::lineNumberForBytecodeIndex): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeIndex const): (JSC::UnlinkedCodeBlock::handlerForBytecodeIndex): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): Deleted. (JSC::UnlinkedCodeBlock::handlerForBytecodeOffset): Deleted. * bytecode/UnlinkedCodeBlock.h: * bytecode/ValueProfile.h: (JSC::RareCaseProfile::RareCaseProfile): (JSC::getRareCaseProfileBytecodeIndex): (JSC::getRareCaseProfileBytecodeOffset): Deleted. * bytecompiler/BytecodeGenerator.cpp: (JSC::ForInContext::finalize): * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::currentPosition): * dfg/DFGBasicBlock.cpp: (JSC::DFG::BasicBlock::BasicBlock): * dfg/DFGBasicBlock.h: (JSC::DFG::getBytecodeBeginForBlock): (JSC::DFG::blockForBytecodeIndex): (JSC::DFG::blockForBytecodeOffset): Deleted. * dfg/DFGBlockInsertionSet.cpp: (JSC::DFG::BlockInsertionSet::insert): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::flushForTerminalImpl): (JSC::DFG::ByteCodeParser::flushIfTerminal): (JSC::DFG::ByteCodeParser::branchData): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getPrediction): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::makeSafe): (JSC::DFG::ByteCodeParser::makeDivSafe): (JSC::DFG::ByteCodeParser::allocateTargetableBlock): (JSC::DFG::ByteCodeParser::allocateUntargetableBlock): (JSC::DFG::ByteCodeParser::makeBlockTargetable): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::linkBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCommonData.cpp: (JSC::DFG::CommonData::addCodeOrigin): (JSC::DFG::CommonData::addUniqueCallSiteIndex): (JSC::DFG::CommonData::lastCallSite const): * dfg/DFGCommonData.h: (JSC::DFG::CommonData::catchOSREntryDataForBytecodeIndex): (JSC::DFG::CommonData::appendCatchEntrypoint): * dfg/DFGDriver.cpp: (JSC::DFG::compileImpl): (JSC::DFG::compile): * dfg/DFGDriver.h: * dfg/DFGGraph.cpp: (JSC::DFG::Graph::dump): (JSC::DFG::Graph::methodOfGettingAValueProfileFor): (JSC::DFG::Graph::willCatchExceptionInMachineFrame): * dfg/DFGGraph.h: * dfg/DFGJITCode.cpp: (JSC::DFG::JITCode::clearOSREntryBlockAndResetThresholds): * dfg/DFGJITCode.h: (JSC::DFG::JITCode::appendOSREntryData): (JSC::DFG::JITCode::osrEntryDataForBytecodeIndex): * dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::JITCompiler): (JSC::DFG::JITCompiler::compile): (JSC::DFG::JITCompiler::compileFunction): * dfg/DFGJITCompiler.h: (JSC::DFG::JITCompiler::setStartOfCode): * dfg/DFGLiveCatchVariablePreservationPhase.cpp: (JSC::DFG::LiveCatchVariablePreservationPhase::handleBlockForTryCatch): * dfg/DFGOSREntry.cpp: (JSC::DFG::OSREntryData::dumpInContext const): (JSC::DFG::prepareOSREntry): (JSC::DFG::prepareCatchOSREntry): * dfg/DFGOSREntry.h: (JSC::DFG::getOSREntryDataBytecodeIndex): (JSC::DFG::prepareOSREntry): * dfg/DFGOSREntrypointCreationPhase.cpp: (JSC::DFG::OSREntrypointCreationPhase::run): * dfg/DFGOSRExit.cpp: (JSC::DFG::OSRExit::executeOSRExit): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): (JSC::DFG::printOSRExit): (JSC::DFG::OSRExit::compileExit): (JSC::DFG::OSRExit::debugOperationPrintSpeculationFailure): * dfg/DFGOSRExit.h: * dfg/DFGOSRExitCompilerCommon.cpp: (JSC::DFG::callerReturnPC): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): * dfg/DFGOSRExitCompilerCommon.h: * dfg/DFGOperations.cpp: * dfg/DFGOperations.h: * dfg/DFGPlan.cpp: (JSC::DFG::Plan::Plan): (JSC::DFG::Plan::compileInThreadImpl): (JSC::DFG::Plan::cleanMustHandleValuesIfNecessary): * dfg/DFGPlan.h: (JSC::DFG::Plan::osrEntryBytecodeIndex const): (JSC::DFG::Plan::tierUpInLoopHierarchy): (JSC::DFG::Plan::tierUpAndOSREnterBytecodes): * dfg/DFGSSAConversionPhase.cpp: (JSC::DFG::SSAConversionPhase::run): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileCurrentBlock): (JSC::DFG::SpeculativeJIT::checkArgumentTypes): (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileValueMul): (JSC::DFG::SpeculativeJIT::emitSwitchCharStringJump): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGTierUpCheckInjectionPhase.cpp: (JSC::DFG::TierUpCheckInjectionPhase::run): (JSC::DFG::TierUpCheckInjectionPhase::buildNaturalLoopToLoopHintMap): * dfg/DFGToFTLForOSREntryDeferredCompilationCallback.cpp: (JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::compilationDidComplete): * dfg/DFGValidate.cpp: * ftl/FTLCompile.cpp: (JSC::FTL::compile): * ftl/FTLForOSREntryJITCode.h: (JSC::FTL::ForOSREntryJITCode::setBytecodeIndex): (JSC::FTL::ForOSREntryJITCode::bytecodeIndex const): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::lower): (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileValueMul): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOSREntry.cpp: (JSC::FTL::prepareOSREntry): * ftl/FTLOSREntry.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::callSiteIndex const): (JSC::CallFrame::unsafeCallSiteIndex const): (JSC::CallFrame::setCurrentVPC): (JSC::CallFrame::bytecodeIndex): (JSC::CallFrame::codeOrigin): (JSC::CallFrame::dump): (JSC::CallFrame::bytecodeOffset): Deleted. * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::CallSiteIndex::operator bool const): (JSC::CallSiteIndex::operator== const): (JSC::CallSiteIndex::bits const): (JSC::CallSiteIndex::bytecodeIndex const): (JSC::DisposableCallSiteIndex::DisposableCallSiteIndex): (): Deleted. * interpreter/Interpreter.cpp: (JSC::GetStackTraceFunctor::operator() const): (JSC::findExceptionHandler): * interpreter/ShadowChicken.cpp: (JSC::ShadowChicken::update): * interpreter/StackVisitor.cpp: (JSC::StackVisitor::readNonInlinedFrame): (JSC::StackVisitor::readInlinedFrame): (JSC::StackVisitor::Frame::retrieveExpressionInfo const): (JSC::StackVisitor::Frame::dump const): * interpreter/StackVisitor.h: (JSC::StackVisitor::Frame::bytecodeIndex const): (JSC::StackVisitor::Frame::bytecodeOffset const): Deleted. * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitEnterOptimizationCheck): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): (JSC::JIT::privateCompileExceptionHandlers): * jit/JIT.h: (JSC::CallRecord::CallRecord): (JSC::SlowCaseEntry::SlowCaseEntry): (JSC::SwitchRecord::SwitchRecord): (JSC::ByValCompilationInfo::ByValCompilationInfo): * jit/JITCall.cpp: (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileOpCall): * jit/JITCodeMap.h: (JSC::JITCodeMap::Entry::Entry): (JSC::JITCodeMap::Entry::bytecodeIndex const): (JSC::JITCodeMap::append): (JSC::JITCodeMap::find const): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::dumpVectorForInstructions): (JSC::JITDisassembler::reportInstructions): * jit/JITDisassembler.h: * jit/JITInlines.h: (JSC::JIT::emitNakedCall): (JSC::JIT::emitNakedTailCall): (JSC::JIT::updateTopCallFrame): (JSC::JIT::linkAllSlowCasesForBytecodeIndex): (JSC::JIT::addSlowCase): (JSC::JIT::addJump): (JSC::JIT::emitJumpSlowToHot): (JSC::JIT::emitGetVirtualRegister): (JSC::JIT::linkAllSlowCasesForBytecodeOffset): Deleted. * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_instanceof): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emit_op_log_shadow_chicken_tail): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_instanceof): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_has_indexed_property): * jit/JITOperations.cpp: (JSC::getByVal): (JSC::tryGetByValOptimize): * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emit_op_in_by_id): * jit/JITWorklist.cpp: (JSC::JITWorklist::Plan::Plan): (JSC::JITWorklist::Plan::compileNow): (JSC::JITWorklist::compileLater): (JSC::JITWorklist::compileNow): * jit/JITWorklist.h: * jit/PCToCodeOriginMap.cpp: (JSC::PCToCodeOriginMap::PCToCodeOriginMap): (JSC::PCToCodeOriginMap::findPC const): * jit/PCToCodeOriginMap.h: (JSC::PCToCodeOriginMapBuilder::defaultCodeOrigin): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::call): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::jitCompileAndSetHeuristics): (JSC::LLInt::LLINT_SLOW_PATH_DECL): * profiler/ProfilerOrigin.cpp: (JSC::Profiler::Origin::Origin): (JSC::Profiler::Origin::dump const): (JSC::Profiler::Origin::toJS const): * profiler/ProfilerOrigin.h: (JSC::Profiler::Origin::Origin): (JSC::Profiler::Origin::operator! const): (JSC::Profiler::Origin::bytecodeIndex const): (JSC::Profiler::Origin::hash const): (JSC::Profiler::Origin::isHashTableDeletedValue const): * runtime/Error.cpp: (JSC::getBytecodeIndex): (JSC::getBytecodeOffset): Deleted. * runtime/Error.h: * runtime/ErrorInstance.cpp: (JSC::appendSourceToError): (JSC::ErrorInstance::finishCreation): * runtime/SamplingProfiler.cpp: (JSC::tryGetBytecodeIndex): (JSC::SamplingProfiler::processUnverifiedStackTraces): (JSC::SamplingProfiler::reportTopBytecodes): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::StackFrame::CodeLocation::hasBytecodeIndex const): * runtime/StackFrame.cpp: (JSC::StackFrame::StackFrame): (JSC::StackFrame::computeLineAndColumn const): * runtime/StackFrame.h: (JSC::StackFrame::hasBytecodeIndex const): (JSC::StackFrame::bytecodeIndex): (JSC::StackFrame::hasBytecodeOffset const): Deleted. (JSC::StackFrame::bytecodeOffset): Deleted. * tools/VMInspector.cpp: (JSC::VMInspector::dumpRegisters): Canonical link: https://commits.webkit.org/216705@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@251468 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-10-23 00:55:38 +00:00
expressionRangeForBytecodeIndex(bytecodeIndex, divot, startOffset, endOffset, line, column);
Fix 30% JSBench regression (caused by adding column numbers to stack traces). https://bugs.webkit.org/show_bug.cgi?id=118481. Reviewed by Mark Hahnenberg and Geoffrey Garen. Source/JavaScriptCore: Previously, we already capture ExpressionRangeInfo that provides a divot for each bytecode that can potentially throw an exception (and therefore generate a stack trace). On first attempt to compute column numbers, we then do a walk of the source string to record all line start positions in a table associated with the SourceProvider. The column number can then be computed as divot - lineStartFor(bytecodeOffset). The computation of this lineStarts table is the source of the 30% JSBench performance regression. The new code now records lineStarts as the lexer and parser scans the source code. These lineStarts are then used to compute the column number for the given divot, and stored in the ExpressionRangeInfo. Similarly, we also capture the line number at the divot point and store that in the ExpressionRangeInfo. Hence, to look up line and column numbers, we now lookup the ExpressionRangeInfo for the bytecodeOffset, and then compute the line and column from the values stored in the expression info. The strategy: 1. We want to minimize perturbations to the lexer and parser. Specifically, the changes added should not change how it scans code, and generate bytecode. 2. We regard the divot as the source character position we are interested in. As such, we'll capture line and lineStart (for column) at the point when we capture the divot information. This ensures that the 3 values are consistent. How the change is done: 1. Change the lexer to track lineStarts. 2. Change the parser to capture line and lineStarts at the point of capturing divots. 3. Change the parser and associated code to plumb these values all the way to the point that the correspoinding ExpressionRangeInfo is emitted. 4. Propagate and record SourceCode firstLine and firstLineColumnOffset to the the necessary places so that we can add them as needed when reifying UnlinkedCodeBlocks into CodeBlocks. 5. Compress the line and column number values in the ExpressionRangeInfo. In practice, we seldom have both large line and column numbers. Hence, we can encode both in an uint32_t most of the time. For the times when we encounter both large line and column numbers, we have a fallback to store the "fat" position info. 6. Emit an ExpressionRangeInfo for UnaryOp nodes to get more line and column number coverage. 7. Change the interpreter to use the new way of computing line and column. 8. Delete old line and column computation code that is now unused. Misc details: - the old lexer was tracking both a startOffset and charPosition where charPosition equals startOffset - SourceCode.startOffset. We now use startOffset exclusively throughout the system for consistency. All offset values (including lineStart) are relative to the start of the SourceProvider string. These values will only be converted to be relative to the SourceCode.startOffset at the very last minute i.e. when the divot is stored into the ExpressionRangeInfo. This change to use the same offset system everywhere reduces confusion from having to convert back and forth between the 2 systems. It also enables a lot of assertions to be used. - Also fixed some bugs in the choice of divot positions to use. For example, both Eval and Function expressions previously used column numbers from the start of the expression but used the line number at the end of the expression. This is now fixed to use either the start or end positions as appropriate, but not a mix of line and columns from both. - Why use ints instead of unsigneds for offsets and lineStarts inside the lexer and parser? Some tests (e.g. fast/js/call-base-resolution.html and fast/js/eval-cross-window.html) has shown that lineStart offsets can be prior to the SourceCode.startOffset. Keeping the lexer offsets as ints simplifies computations and makes it easier to maintain the assertions that (startOffset >= lineStartOffset). However, column and line numbers are always unsigned when we publish them to the ExpressionRangeInfo. The ints are only used inside the lexer and parser ... well, and bytecode generator. - For all cases, lineStart is always captured where the divot is captured. However, some sputnik conformance tests have shown that we cannot honor line breaks for assignment statements like the following: eval("x\u000A*=\u000A-1;"); In this case, the lineStart is expected to be captured at the start of the assignment expression instead of at the divot point in the middle. The assignment expression is the only special case for this. This patch has been tested against the full layout tests both with release and debug builds with no regression. * API/JSContextRef.cpp: (JSContextCreateBacktrace): - Updated to use the new StackFrame::computeLineAndColumn(). * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): - Added m_firstLineColumnOffset initialization. - Plumbed the firstLineColumnOffset into the SourceCode. - Initialized column for op_debug using the new way. (JSC::CodeBlock::lineNumberForBytecodeOffset): - Changed to compute line number using the ExpressionRangeInfo. (JSC::CodeBlock::columnNumberForBytecodeOffset): Added - Changed to compute column number using the ExpressionRangeInfo. (JSC::CodeBlock::expressionRangeForBytecodeOffset): * bytecode/CodeBlock.h: (JSC::CodeBlock::firstLineColumnOffset): (JSC::GlobalCodeBlock::GlobalCodeBlock): - Plumbed firstLineColumnOffset through to the super class. (JSC::ProgramCodeBlock::ProgramCodeBlock): - Plumbed firstLineColumnOffset through to the super class. (JSC::EvalCodeBlock::EvalCodeBlock): - Plumbed firstLineColumnOffset through to the super class. But for EvalCodeBlocks, the firstLineColumnOffset is always 1 because we're starting with a new source string with no start offset. (JSC::FunctionCodeBlock::FunctionCodeBlock): - Plumbed firstLineColumnOffset through to the super class. * bytecode/ExpressionRangeInfo.h: - Added modes for encoding line and column into a single 30-bit unsigned. The encoding is in 1 of 3 modes: 1. FatLineMode: 22-bit line, 8-bit column 2. FatColumnMode: 8-bit line, 22-bit column 3. FatLineAndColumnMode: 32-bit line, 32-bit column (JSC::ExpressionRangeInfo::encodeFatLineMode): Added. - Encodes line and column into the 30-bit position using FatLine mode. (JSC::ExpressionRangeInfo::encodeFatColumnMode): Added. - Encodes line and column into the 30-bit position using FatColumn mode. (JSC::ExpressionRangeInfo::decodeFatLineMode): Added. - Decodes the FatLine mode 30-bit position into line and column. (JSC::ExpressionRangeInfo::decodeFatColumnMode): Added. - Decodes the FatColumn mode 30-bit position into line and column. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): - Plumbed startColumn through. (JSC::UnlinkedFunctionExecutable::link): - Plumbed startColumn through. (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): - Computes a line number using the new way. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): - Added decoding of line and column. - Added handling of the case when we do not find a fitting expression range info for a specified bytecodeOffset. This only happens if the bytecodeOffset is below the first expression range info. In that case, we'll use the first expression range info entry. (JSC::UnlinkedCodeBlock::addExpressionInfo): - Added encoding of line and column. * bytecode/UnlinkedCodeBlock.h: - Added m_expressionInfoFatPositions in RareData. (JSC::UnlinkedFunctionExecutable::functionStartColumn): (JSC::UnlinkedCodeBlock::shrinkToFit): - Removed obsoleted m_lineInfo. * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitCall): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitCallEval): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitCallVarargs): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitConstruct): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitDebugHook): Plumbed lineStart through. * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::emitNode): (JSC::BytecodeGenerator::emitNodeInConditionContext): - Removed obsoleted m_lineInfo. (JSC::BytecodeGenerator::emitExpressionInfo): - Plumbed line and lineStart through. - Compute the line and column to be added to the expression range info. * bytecompiler/NodesCodegen.cpp: (JSC::ThrowableExpressionData::emitThrowReferenceError): (JSC::ResolveNode::emitBytecode): (JSC::ArrayNode::toArgumentList): (JSC::BracketAccessorNode::emitBytecode): (JSC::DotAccessorNode::emitBytecode): (JSC::NewExprNode::emitBytecode): (JSC::EvalFunctionCallNode::emitBytecode): (JSC::FunctionCallValueNode::emitBytecode): (JSC::FunctionCallResolveNode::emitBytecode): (JSC::FunctionCallBracketNode::emitBytecode): (JSC::FunctionCallDotNode::emitBytecode): (JSC::CallFunctionCallDotNode::emitBytecode): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::PostfixNode::emitResolve): (JSC::PostfixNode::emitBracket): (JSC::PostfixNode::emitDot): (JSC::DeleteResolveNode::emitBytecode): (JSC::DeleteBracketNode::emitBytecode): (JSC::DeleteDotNode::emitBytecode): (JSC::PrefixNode::emitResolve): (JSC::PrefixNode::emitBracket): (JSC::PrefixNode::emitDot): - Plumbed line and lineStart through the above as needed. (JSC::UnaryOpNode::emitBytecode): - Added emission of an ExpressionRangeInfo for the UnaryOp node. (JSC::BinaryOpNode::emitStrcat): (JSC::ThrowableBinaryOpNode::emitBytecode): (JSC::InstanceOfNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ReadModifyResolveNode::emitBytecode): (JSC::AssignResolveNode::emitBytecode): (JSC::AssignDotNode::emitBytecode): (JSC::ReadModifyDotNode::emitBytecode): (JSC::AssignBracketNode::emitBytecode): (JSC::ReadModifyBracketNode::emitBytecode): - Plumbed line and lineStart through the above as needed. (JSC::ConstStatementNode::emitBytecode): (JSC::EmptyStatementNode::emitBytecode): (JSC::DebuggerStatementNode::emitBytecode): (JSC::ExprStatementNode::emitBytecode): (JSC::VarStatementNode::emitBytecode): (JSC::IfElseNode::emitBytecode): (JSC::DoWhileNode::emitBytecode): (JSC::WhileNode::emitBytecode): (JSC::ForNode::emitBytecode): (JSC::ForInNode::emitBytecode): (JSC::ContinueNode::emitBytecode): (JSC::BreakNode::emitBytecode): (JSC::ReturnNode::emitBytecode): (JSC::WithNode::emitBytecode): (JSC::SwitchNode::emitBytecode): (JSC::LabelNode::emitBytecode): (JSC::ThrowNode::emitBytecode): (JSC::TryNode::emitBytecode): (JSC::ProgramNode::emitBytecode): (JSC::EvalNode::emitBytecode): (JSC::FunctionBodyNode::emitBytecode): - Plumbed line and lineStart through the above as needed. * interpreter/Interpreter.cpp: (JSC::appendSourceToError): - Added line and column arguments for expressionRangeForBytecodeOffset(). (JSC::StackFrame::computeLineAndColumn): - Replaces StackFrame::line() and StackFrame::column(). (JSC::StackFrame::expressionInfo): - Added line and column arguments. (JSC::StackFrame::toString): - Changed to use the new StackFrame::computeLineAndColumn(). (JSC::Interpreter::getStackTrace): - Added the needed firstLineColumnOffset arg for the StackFrame. * interpreter/Interpreter.h: * parser/ASTBuilder.h: (JSC::ASTBuilder::BinaryOpInfo::BinaryOpInfo): (JSC::ASTBuilder::AssignmentInfo::AssignmentInfo): (JSC::ASTBuilder::createResolve): (JSC::ASTBuilder::createBracketAccess): (JSC::ASTBuilder::createDotAccess): (JSC::ASTBuilder::createRegExp): (JSC::ASTBuilder::createNewExpr): (JSC::ASTBuilder::createAssignResolve): (JSC::ASTBuilder::createFunctionExpr): (JSC::ASTBuilder::createFunctionBody): (JSC::ASTBuilder::createGetterOrSetterProperty): (JSC::ASTBuilder::createFuncDeclStatement): (JSC::ASTBuilder::createBlockStatement): (JSC::ASTBuilder::createExprStatement): (JSC::ASTBuilder::createIfStatement): (JSC::ASTBuilder::createForLoop): (JSC::ASTBuilder::createForInLoop): (JSC::ASTBuilder::createVarStatement): (JSC::ASTBuilder::createReturnStatement): (JSC::ASTBuilder::createBreakStatement): (JSC::ASTBuilder::createContinueStatement): (JSC::ASTBuilder::createTryStatement): (JSC::ASTBuilder::createSwitchStatement): (JSC::ASTBuilder::createWhileStatement): (JSC::ASTBuilder::createDoWhileStatement): (JSC::ASTBuilder::createLabelStatement): (JSC::ASTBuilder::createWithStatement): (JSC::ASTBuilder::createThrowStatement): (JSC::ASTBuilder::createDebugger): (JSC::ASTBuilder::createConstStatement): (JSC::ASTBuilder::appendBinaryExpressionInfo): (JSC::ASTBuilder::appendUnaryToken): (JSC::ASTBuilder::unaryTokenStackLastStart): (JSC::ASTBuilder::unaryTokenStackLastLineStartPosition): Added. (JSC::ASTBuilder::assignmentStackAppend): (JSC::ASTBuilder::createAssignment): (JSC::ASTBuilder::setExceptionLocation): (JSC::ASTBuilder::makeDeleteNode): (JSC::ASTBuilder::makeFunctionCallNode): (JSC::ASTBuilder::makeBinaryNode): (JSC::ASTBuilder::makeAssignNode): (JSC::ASTBuilder::makePrefixNode): (JSC::ASTBuilder::makePostfixNode):. - Plumbed line, lineStart, and startColumn through the above as needed. * parser/Lexer.cpp: (JSC::::currentSourcePtr): (JSC::::setCode): - Added tracking for sourceoffset and lineStart. (JSC::::internalShift): (JSC::::parseIdentifier): - Added tracking for lineStart. (JSC::::parseIdentifierSlowCase): (JSC::::parseString): - Added tracking for lineStart. (JSC::::parseStringSlowCase): (JSC::::lex): - Added tracking for sourceoffset. (JSC::::sourceCode): * parser/Lexer.h: (JSC::Lexer::currentOffset): (JSC::Lexer::currentLineStartOffset): (JSC::Lexer::setOffset): - Added tracking for lineStart. (JSC::Lexer::offsetFromSourcePtr): Added. conversion function. (JSC::Lexer::sourcePtrFromOffset): Added. conversion function. (JSC::Lexer::setOffsetFromSourcePtr): (JSC::::lexExpectIdentifier): - Added tracking for sourceoffset and lineStart. * parser/NodeConstructors.h: (JSC::Node::Node): (JSC::ResolveNode::ResolveNode): (JSC::EvalFunctionCallNode::EvalFunctionCallNode): (JSC::FunctionCallValueNode::FunctionCallValueNode): (JSC::FunctionCallResolveNode::FunctionCallResolveNode): (JSC::FunctionCallBracketNode::FunctionCallBracketNode): (JSC::FunctionCallDotNode::FunctionCallDotNode): (JSC::CallFunctionCallDotNode::CallFunctionCallDotNode): (JSC::ApplyFunctionCallDotNode::ApplyFunctionCallDotNode): (JSC::PostfixNode::PostfixNode): (JSC::DeleteResolveNode::DeleteResolveNode): (JSC::DeleteBracketNode::DeleteBracketNode): (JSC::DeleteDotNode::DeleteDotNode): (JSC::PrefixNode::PrefixNode): (JSC::ReadModifyResolveNode::ReadModifyResolveNode): (JSC::ReadModifyBracketNode::ReadModifyBracketNode): (JSC::AssignBracketNode::AssignBracketNode): (JSC::AssignDotNode::AssignDotNode): (JSC::ReadModifyDotNode::ReadModifyDotNode): (JSC::AssignErrorNode::AssignErrorNode): (JSC::WithNode::WithNode): (JSC::ForInNode::ForInNode): - Plumbed line and lineStart through the above as needed. * parser/Nodes.cpp: (JSC::StatementNode::setLoc): Plumbed lineStart. (JSC::ScopeNode::ScopeNode): Plumbed lineStart. (JSC::ProgramNode::ProgramNode): Plumbed startColumn. (JSC::ProgramNode::create): Plumbed startColumn. (JSC::EvalNode::create): (JSC::FunctionBodyNode::FunctionBodyNode): Plumbed startColumn. (JSC::FunctionBodyNode::create): Plumbed startColumn. * parser/Nodes.h: (JSC::Node::startOffset): (JSC::Node::lineStartOffset): Added. (JSC::StatementNode::firstLine): (JSC::StatementNode::lastLine): (JSC::ThrowableExpressionData::ThrowableExpressionData): (JSC::ThrowableExpressionData::setExceptionSourceCode): (JSC::ThrowableExpressionData::divotStartOffset): (JSC::ThrowableExpressionData::divotEndOffset): (JSC::ThrowableExpressionData::divotLine): (JSC::ThrowableExpressionData::divotLineStart): (JSC::ThrowableSubExpressionData::ThrowableSubExpressionData): (JSC::ThrowableSubExpressionData::setSubexpressionInfo): (JSC::ThrowableSubExpressionData::subexpressionDivot): (JSC::ThrowableSubExpressionData::subexpressionStartOffset): (JSC::ThrowableSubExpressionData::subexpressionEndOffset): (JSC::ThrowableSubExpressionData::subexpressionLine): (JSC::ThrowableSubExpressionData::subexpressionLineStart): (JSC::ThrowablePrefixedSubExpressionData::ThrowablePrefixedSubExpressionData): (JSC::ThrowablePrefixedSubExpressionData::setSubexpressionInfo): (JSC::ThrowablePrefixedSubExpressionData::subexpressionDivot): (JSC::ThrowablePrefixedSubExpressionData::subexpressionStartOffset): (JSC::ThrowablePrefixedSubExpressionData::subexpressionEndOffset): (JSC::ThrowablePrefixedSubExpressionData::subexpressionLine): (JSC::ThrowablePrefixedSubExpressionData::subexpressionLineStart): (JSC::ScopeNode::startStartOffset): (JSC::ScopeNode::startLineStartOffset): (JSC::ProgramNode::startColumn): (JSC::EvalNode::startColumn): (JSC::FunctionBodyNode::startColumn): - Plumbed line and lineStart through the above as needed. * parser/Parser.cpp: (JSC::::Parser): (JSC::::parseSourceElements): (JSC::::parseVarDeclarationList): (JSC::::parseConstDeclarationList): (JSC::::parseForStatement): (JSC::::parseBreakStatement): (JSC::::parseContinueStatement): (JSC::::parseReturnStatement): (JSC::::parseThrowStatement): (JSC::::parseWithStatement): - Plumbed line and lineStart through the above as needed. (JSC::::parseFunctionBody): - Plumbed startColumn. (JSC::::parseFunctionInfo): (JSC::::parseFunctionDeclaration): (JSC::LabelInfo::LabelInfo): (JSC::::parseExpressionOrLabelStatement): (JSC::::parseAssignmentExpression): (JSC::::parseBinaryExpression): (JSC::::parseProperty): (JSC::::parseObjectLiteral): (JSC::::parsePrimaryExpression): (JSC::::parseMemberExpression): (JSC::::parseUnaryExpression): - Plumbed line, lineStart, startColumn through the above as needed. * parser/Parser.h: (JSC::Parser::next): (JSC::Parser::nextExpectIdentifier): (JSC::Parser::tokenStart): (JSC::Parser::tokenColumn): (JSC::Parser::tokenEnd): (JSC::Parser::tokenLineStart): (JSC::Parser::lastTokenLine): (JSC::Parser::lastTokenLineStart): (JSC::::parse): * parser/ParserTokens.h: (JSC::JSTokenLocation::JSTokenLocation): - Plumbed lineStart. (JSC::JSTokenLocation::lineStartPosition): (JSC::JSTokenLocation::startPosition): (JSC::JSTokenLocation::endPosition): * parser/SourceCode.h: (JSC::SourceCode::SourceCode): (JSC::SourceCode::startColumn): (JSC::makeSource): (JSC::SourceCode::subExpression): * parser/SourceProvider.cpp: delete old code. * parser/SourceProvider.h: delete old code. * parser/SourceProviderCacheItem.h: (JSC::SourceProviderCacheItem::closeBraceToken): (JSC::SourceProviderCacheItem::SourceProviderCacheItem): - Plumbed lineStart. * parser/SyntaxChecker.h: (JSC::SyntaxChecker::makeFunctionCallNode): (JSC::SyntaxChecker::makeAssignNode): (JSC::SyntaxChecker::makePrefixNode): (JSC::SyntaxChecker::makePostfixNode): (JSC::SyntaxChecker::makeDeleteNode): (JSC::SyntaxChecker::createResolve): (JSC::SyntaxChecker::createBracketAccess): (JSC::SyntaxChecker::createDotAccess): (JSC::SyntaxChecker::createRegExp): (JSC::SyntaxChecker::createNewExpr): (JSC::SyntaxChecker::createAssignResolve): (JSC::SyntaxChecker::createFunctionExpr): (JSC::SyntaxChecker::createFunctionBody): (JSC::SyntaxChecker::createFuncDeclStatement): (JSC::SyntaxChecker::createForInLoop): (JSC::SyntaxChecker::createReturnStatement): (JSC::SyntaxChecker::createBreakStatement): (JSC::SyntaxChecker::createContinueStatement): (JSC::SyntaxChecker::createWithStatement): (JSC::SyntaxChecker::createLabelStatement): (JSC::SyntaxChecker::createThrowStatement): (JSC::SyntaxChecker::createGetterOrSetterProperty): (JSC::SyntaxChecker::appendBinaryExpressionInfo): (JSC::SyntaxChecker::operatorStackPop): - Made SyntaxChecker prototype changes to match ASTBuilder due to new args added for plumbing line, lineStart, and startColumn. * runtime/CodeCache.cpp: (JSC::CodeCache::generateBytecode): (JSC::CodeCache::getCodeBlock): - Plumbed startColumn. * runtime/Executable.cpp: (JSC::FunctionExecutable::FunctionExecutable): (JSC::ProgramExecutable::compileInternal): (JSC::FunctionExecutable::produceCodeBlockFor): (JSC::FunctionExecutable::fromGlobalCode): - Plumbed startColumn. * runtime/Executable.h: (JSC::ScriptExecutable::startColumn): (JSC::ScriptExecutable::recordParse): (JSC::FunctionExecutable::create): - Plumbed startColumn. Source/WebCore: Test: fast/js/line-column-numbers.html Updated the bindings to use StackFrame::computeLineAndColumn(). The old StackFrame::line() and StackFrame::column() has been removed. The new algorithm always computes the 2 values together anyway. Hence it is more efficient to return them as a pair instead of doing the same computation twice for each half of the result. * bindings/js/ScriptCallStackFactory.cpp: (WebCore::createScriptCallStack): (WebCore::createScriptCallStackFromException): * bindings/js/ScriptSourceCode.h: (WebCore::ScriptSourceCode::ScriptSourceCode): LayoutTests: The fix now computes line and column numbers more accurately. As a result, some of the test results need to be re-baselined. Among other fixes, one major source of difference is that the old code was incorrectly computing 0-based column numbers. This has now been fixed to be 1-based. Note: line numbers were always 1-based. Also added a new test: fast/js/line-column-numbers.html, which tests line and column numbers for source code in various configurations. * editing/execCommand/outdent-blockquote-test1-expected.txt: * editing/execCommand/outdent-blockquote-test2-expected.txt: * editing/execCommand/outdent-blockquote-test3-expected.txt: * editing/execCommand/outdent-blockquote-test4-expected.txt: * editing/pasteboard/copy-paste-float-expected.txt: * editing/pasteboard/paste-blockquote-before-blockquote-expected.txt: * editing/pasteboard/paste-double-nested-blockquote-before-blockquote-expected.txt: * fast/dom/Window/window-resize-contents-expected.txt: * fast/events/remove-target-with-shadow-in-drag-expected.txt: * fast/js/line-column-numbers-expected.txt: Added. * fast/js/line-column-numbers.html: Added. * fast/js/script-tests/line-column-numbers.js: Added. (try.doThrow4b): (doThrow5b.try.innerFunc): (doThrow5b): (doThrow6b.try.innerFunc): (doThrow6b): (catch): (try.doThrow11b): (try.doThrow14b): * fast/js/stack-trace-expected.txt: * inspector/console/console-url-line-column-expected.txt: Canonical link: https://commits.webkit.org/136467@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@152494 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2013-07-09 16:15:12 +00:00
return line;
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
}
Make some methods const. https://bugs.webkit.org/show_bug.cgi?id=158594 Reviewed by Benjamin Poulain. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::columnNumberForBytecodeOffset): (JSC::CodeBlock::expressionRangeForBytecodeOffset): * bytecode/CodeBlock.h: * bytecode/ExpressionRangeInfo.h: (JSC::ExpressionRangeInfo::encodeFatColumnMode): (JSC::ExpressionRangeInfo::decodeFatLineMode): (JSC::ExpressionRangeInfo::decodeFatColumnMode): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::UnlinkedCodeBlock::getLineAndColumn): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::createRareDataIfNecessary): * interpreter/Interpreter.cpp: (JSC::Interpreter::isOpcode): (JSC::StackFrame::computeLineAndColumn): (JSC::StackFrame::toString): * interpreter/Interpreter.h: (JSC::StackFrame::isNative): Canonical link: https://commits.webkit.org/176678@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201896 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2016-06-10 00:42:19 +00:00
inline void UnlinkedCodeBlock::getLineAndColumn(const ExpressionRangeInfo& info,
unsigned& line, unsigned& column) const
Adding UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn().. https://bugs.webkit.org/show_bug.cgi?id=127127. Reviewed by Geoffrey Garen. In order to implement bytecode level breakpoints, we need a mechanism for computing the best fit op_debug bytecode offset for any valid given line and column value in the source. The "best fit" op_debug bytecode in this case is defined below in the comment for UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn(). * GNUmakefile.list.am: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Convert the line and column to unlinked line and column values and pass them to UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn() to do the real work. * bytecode/CodeBlock.h: * bytecode/LineColumnInfo.h: Added. (JSC::LineColumnInfo::operator <): (JSC::LineColumnInfo::LineColumnPair::LineColumnPair): (JSC::LineColumnInfo::operator ==): (JSC::LineColumnInfo::operator !=): (JSC::LineColumnInfo::operator <=): (JSC::LineColumnInfo::operator >): (JSC::LineColumnInfo::operator >=): * bytecode/LineInfo.h: Removed. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::decodeExpressionRangeLineAndColumn): - Factored this out of expressionRangeForBytecodeOffset() so that it can be called from multiple places. (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::dumpExpressionRangeInfo): (JSC::UnlinkedCodeBlock::dumpOpDebugLineColumnInfoList): - Some dumpers for debugging use only. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): (JSC::UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Finds the earliest op_debug bytecode whose line and column matches the specified line and column values. If an exact match is not found, then finds the nearest op_debug bytecode that precedes the specified line and column values. If there are more than one op_debug at that preceding line and column value, then the earliest of those op_debug bytecodes will be be selected. The offset of the selected bytecode will be returned. We want the earliest one because when we have multiple op_debug bytecodes that map to a given line and column, a debugger user would expect to break on the first one and step through the rest thereafter if needed. (JSC::compareLineColumnInfo): (JSC::UnlinkedCodeBlock::opDebugLineColumnInfoList): - Creates the sorted opDebugLineColumnInfoList on demand. This list is stored in the UnlinkedCodeBlock's rareData. * bytecode/UnlinkedCodeBlock.h: Canonical link: https://commits.webkit.org/145215@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@162256 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2014-01-18 17:55:07 +00:00
{
switch (info.mode) {
case ExpressionRangeInfo::FatLineMode:
info.decodeFatLineMode(line, column);
break;
case ExpressionRangeInfo::FatColumnMode:
info.decodeFatColumnMode(line, column);
break;
case ExpressionRangeInfo::FatLineAndColumnMode: {
unsigned fatIndex = info.position;
ExpressionRangeInfo::FatPosition& fatPos = m_rareData->m_expressionInfoFatPositions[fatIndex];
line = fatPos.line;
column = fatPos.column;
break;
}
} // switch
}
#ifndef NDEBUG
New bytecode format for JSC https://bugs.webkit.org/show_bug.cgi?id=187373 <rdar://problem/44186758> Reviewed by Filip Pizlo. .: Disable JIT by default on 32-bit platforms * Source/cmake/WebKitFeatures.cmake: JSTests: Add tests to ensure that the inferred inline capacity for a narrow op_new_object will be capped at 255. * stress/maximum-inline-capacity.js: Added. (test1): (test3.Foo): (test3): Source/JavaScriptCore: Replace unlinked and linked bytecode with a new immutable bytecode that does not embed any addresses. Instructions can be encoded as narrow (1-byte operands) or wide (4-byte operands) and might contain an extra operand, the metadataID. The metadataID is used to access the instruction's mutable data in a side table in the CodeBlock (the MetadataTable). Bytecodes now must be structs declared in the new BytecodeList.rb. All bytecodes give names and types to all its operands. Additionally, reading a bytecode from the instruction stream requires decoding the whole bytecode, i.e. it's no longer possible to access arbitrary operands directly from the stream. * CMakeLists.txt: * DerivedSources.make: * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * assembler/MacroAssemblerCodeRef.h: (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): * bytecode/ArithProfile.h: (JSC::ArithProfile::ArithProfile): * bytecode/ArrayAllocationProfile.h: (JSC::ArrayAllocationProfile::ArrayAllocationProfile): * bytecode/ArrayProfile.h: * bytecode/BytecodeBasicBlock.cpp: (JSC::isJumpTarget): (JSC::BytecodeBasicBlock::computeImpl): (JSC::BytecodeBasicBlock::compute): * bytecode/BytecodeBasicBlock.h: (JSC::BytecodeBasicBlock::leaderOffset const): (JSC::BytecodeBasicBlock::totalLength const): (JSC::BytecodeBasicBlock::offsets const): (JSC::BytecodeBasicBlock::BytecodeBasicBlock): (JSC::BytecodeBasicBlock::addLength): * bytecode/BytecodeDumper.cpp: (JSC::BytecodeDumper<Block>::printLocationAndOp): (JSC::BytecodeDumper<Block>::dumpBytecode): (JSC::BytecodeDumper<Block>::dumpIdentifiers): (JSC::BytecodeDumper<Block>::dumpConstants): (JSC::BytecodeDumper<Block>::dumpExceptionHandlers): (JSC::BytecodeDumper<Block>::dumpSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpStringSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpBlock): * bytecode/BytecodeDumper.h: (JSC::BytecodeDumper::dumpOperand): (JSC::BytecodeDumper::dumpValue): (JSC::BytecodeDumper::BytecodeDumper): (JSC::BytecodeDumper::block const): * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::enterPoint const): (JSC::BytecodeGeneratorification::instructions const): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): (JSC::performGeneratorification): * bytecode/BytecodeGeneratorification.h: * bytecode/BytecodeGraph.h: (JSC::BytecodeGraph::blockContainsBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockForBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockWithLeaderOffset): (JSC::BytecodeGraph::BytecodeGraph): * bytecode/BytecodeKills.h: * bytecode/BytecodeList.json: Removed. * bytecode/BytecodeList.rb: Added. * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::dumpResults): * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::isValidRegisterForLiveness): (JSC::BytecodeLivenessPropagation::stepOverInstruction): * bytecode/BytecodeRewriter.cpp: (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): (JSC::BytecodeRewriter::insertImpl): (JSC::BytecodeRewriter::adjustJumpTarget): (JSC::BytecodeRewriter::adjustJumpTargets): * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::InsertionPoint::InsertionPoint): (JSC::BytecodeRewriter::Fragment::Fragment): (JSC::BytecodeRewriter::Fragment::appendInstruction): (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::insertFragmentBefore): (JSC::BytecodeRewriter::insertFragmentAfter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::adjustAbsoluteOffset): (JSC::BytecodeRewriter::adjustJumpTarget): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::estimatedSize): (JSC::CodeBlock::visitChildren): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::finalizeLLIntInlineCaches): (JSC::CodeBlock::addJITAddIC): (JSC::CodeBlock::addJITMulIC): (JSC::CodeBlock::addJITSubIC): (JSC::CodeBlock::addJITNegIC): (JSC::CodeBlock::stronglyVisitStrongReferences): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::updateAllArrayPredictions): (JSC::CodeBlock::predictedMachineCodeSize): (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): (JSC::CodeBlock::valueProfileForBytecodeOffset): (JSC::CodeBlock::validate): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::outOfLineJumpTarget): (JSC::CodeBlock::arithProfileForBytecodeOffset): (JSC::CodeBlock::arithProfileForPC): (JSC::CodeBlock::couldTakeSpecialFastCase): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: (JSC::CodeBlock::addMathIC): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::bytecodeOffset): (JSC::CodeBlock::instructions const): (JSC::CodeBlock::instructionCount const): (JSC::CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters): (JSC::CodeBlock::metadata): (JSC::CodeBlock::metadataSizeInBytes): (JSC::CodeBlock::numberOfNonArgumentValueProfiles): (JSC::CodeBlock::totalNumberOfValueProfiles): * bytecode/CodeBlockInlines.h: Added. (JSC::CodeBlock::forEachValueProfile): (JSC::CodeBlock::forEachArrayProfile): (JSC::CodeBlock::forEachArrayAllocationProfile): (JSC::CodeBlock::forEachObjectAllocationProfile): (JSC::CodeBlock::forEachLLIntCallLinkInfo): * bytecode/Fits.h: Added. * bytecode/GetByIdMetadata.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): * bytecode/Instruction.h: (JSC::Instruction::Instruction): (JSC::Instruction::Impl::opcodeID const): (JSC::Instruction::opcodeID const): (JSC::Instruction::name const): (JSC::Instruction::isWide const): (JSC::Instruction::size const): (JSC::Instruction::is const): (JSC::Instruction::as const): (JSC::Instruction::cast): (JSC::Instruction::cast const): (JSC::Instruction::narrow const): (JSC::Instruction::wide const): * bytecode/InstructionStream.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::InstructionStream::InstructionStream): (JSC::InstructionStream::sizeInBytes const): * bytecode/InstructionStream.h: Added. (JSC::InstructionStream::BaseRef::BaseRef): (JSC::InstructionStream::BaseRef::operator=): (JSC::InstructionStream::BaseRef::operator-> const): (JSC::InstructionStream::BaseRef::ptr const): (JSC::InstructionStream::BaseRef::operator!= const): (JSC::InstructionStream::BaseRef::next const): (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::isValid const): (JSC::InstructionStream::BaseRef::unwrap const): (JSC::InstructionStream::MutableRef::freeze const): (JSC::InstructionStream::MutableRef::operator->): (JSC::InstructionStream::MutableRef::ptr): (JSC::InstructionStream::MutableRef::operator Ref): (JSC::InstructionStream::MutableRef::unwrap): (JSC::InstructionStream::iterator::operator*): (JSC::InstructionStream::iterator::operator++): (JSC::InstructionStream::begin const): (JSC::InstructionStream::end const): (JSC::InstructionStream::at const): (JSC::InstructionStream::size const): (JSC::InstructionStreamWriter::InstructionStreamWriter): (JSC::InstructionStreamWriter::ref): (JSC::InstructionStreamWriter::seek): (JSC::InstructionStreamWriter::position): (JSC::InstructionStreamWriter::write): (JSC::InstructionStreamWriter::rewind): (JSC::InstructionStreamWriter::finalize): (JSC::InstructionStreamWriter::swap): (JSC::InstructionStreamWriter::iterator::operator*): (JSC::InstructionStreamWriter::iterator::operator++): (JSC::InstructionStreamWriter::begin): (JSC::InstructionStreamWriter::end): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp: (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::LLIntPrototypeLoadAdaptiveStructureWatchpoint): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::clearLLIntGetByIdCache): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h: * bytecode/MetadataTable.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::MetadataTable::MetadataTable): (JSC::DeallocTable::withOpcodeType): (JSC::MetadataTable::~MetadataTable): (JSC::MetadataTable::sizeInBytes): * bytecode/MetadataTable.h: Copied from Source/JavaScriptCore/runtime/Watchdog.h. (JSC::MetadataTable::get): (JSC::MetadataTable::forEach): (JSC::MetadataTable::getImpl): * bytecode/Opcode.cpp: (JSC::metadataSize): * bytecode/Opcode.h: (JSC::padOpcodeName): * bytecode/OpcodeInlines.h: (JSC::isOpcodeShape): (JSC::getOpcodeType): * bytecode/OpcodeSize.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecode/PreciseJumpTargets.cpp: (JSC::getJumpTargetsForInstruction): (JSC::computePreciseJumpTargetsInternal): (JSC::computePreciseJumpTargets): (JSC::recomputePreciseJumpTargets): (JSC::findJumpTargetsForInstruction): * bytecode/PreciseJumpTargets.h: * bytecode/PreciseJumpTargetsInlines.h: (JSC::jumpTargetForInstruction): (JSC::extractStoredJumpTargetsForInstruction): (JSC::updateStoredJumpTargetsForInstruction): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): * bytecode/SpecialPointer.cpp: (WTF::printInternal): * bytecode/SpecialPointer.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::estimatedSize): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): (JSC::UnlinkedCodeBlock::setInstructions): (JSC::UnlinkedCodeBlock::instructions const): (JSC::UnlinkedCodeBlock::applyModification): (JSC::UnlinkedCodeBlock::addOutOfLineJumpTarget): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::addPropertyAccessInstruction): (JSC::UnlinkedCodeBlock::propertyAccessInstructions const): (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const): (JSC::UnlinkedCodeBlock::metadata): (JSC::UnlinkedCodeBlock::metadataSizeInBytes): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): (JSC::UnlinkedCodeBlock::replaceOutOfLineJumpTargets): * bytecode/UnlinkedInstructionStream.cpp: Removed. * bytecode/UnlinkedInstructionStream.h: Removed. * bytecode/UnlinkedMetadataTable.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/UnlinkedMetadataTableInlines.h: Added. (JSC::UnlinkedMetadataTable::UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::~UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::addEntry): (JSC::UnlinkedMetadataTable::sizeInBytes): (JSC::UnlinkedMetadataTable::finalize): (JSC::UnlinkedMetadataTable::link): (JSC::UnlinkedMetadataTable::unlink): * bytecode/VirtualRegister.cpp: (JSC::VirtualRegister::VirtualRegister): * bytecode/VirtualRegister.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::Label::setLocation): (JSC::Label::bind): (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeVarLexicalEnvironment): (JSC::BytecodeGenerator::emitEnter): (JSC::BytecodeGenerator::emitLoopHint): (JSC::BytecodeGenerator::emitJump): (JSC::BytecodeGenerator::emitCheckTraps): (JSC::BytecodeGenerator::rewind): (JSC::BytecodeGenerator::fuseCompareAndJump): (JSC::BytecodeGenerator::fuseTestAndJmp): (JSC::BytecodeGenerator::emitJumpIfTrue): (JSC::BytecodeGenerator::emitJumpIfFalse): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::moveLinkTimeConstant): (JSC::BytecodeGenerator::moveEmptyValue): (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::emitBinaryOp): (JSC::BytecodeGenerator::emitToObject): (JSC::BytecodeGenerator::emitToNumber): (JSC::BytecodeGenerator::emitToString): (JSC::BytecodeGenerator::emitTypeOf): (JSC::BytecodeGenerator::emitInc): (JSC::BytecodeGenerator::emitDec): (JSC::BytecodeGenerator::emitEqualityOp): (JSC::BytecodeGenerator::emitProfileType): (JSC::BytecodeGenerator::emitProfileControlFlow): (JSC::BytecodeGenerator::pushLexicalScopeInternal): (JSC::BytecodeGenerator::emitResolveScopeForHoistingFuncDeclInEval): (JSC::BytecodeGenerator::prepareLexicalScopeForNextForLoopIteration): (JSC::BytecodeGenerator::emitOverridesHasInstance): (JSC::BytecodeGenerator::emitResolveScope): (JSC::BytecodeGenerator::emitGetFromScope): (JSC::BytecodeGenerator::emitPutToScope): (JSC::BytecodeGenerator::emitInstanceOf): (JSC::BytecodeGenerator::emitInstanceOfCustom): (JSC::BytecodeGenerator::emitInByVal): (JSC::BytecodeGenerator::emitInById): (JSC::BytecodeGenerator::emitTryGetById): (JSC::BytecodeGenerator::emitGetById): (JSC::BytecodeGenerator::emitDirectGetById): (JSC::BytecodeGenerator::emitPutById): (JSC::BytecodeGenerator::emitDirectPutById): (JSC::BytecodeGenerator::emitPutGetterById): (JSC::BytecodeGenerator::emitPutSetterById): (JSC::BytecodeGenerator::emitPutGetterSetter): (JSC::BytecodeGenerator::emitPutGetterByVal): (JSC::BytecodeGenerator::emitPutSetterByVal): (JSC::BytecodeGenerator::emitDeleteById): (JSC::BytecodeGenerator::emitGetByVal): (JSC::BytecodeGenerator::emitPutByVal): (JSC::BytecodeGenerator::emitDirectPutByVal): (JSC::BytecodeGenerator::emitDeleteByVal): (JSC::BytecodeGenerator::emitSuperSamplerBegin): (JSC::BytecodeGenerator::emitSuperSamplerEnd): (JSC::BytecodeGenerator::emitIdWithProfile): (JSC::BytecodeGenerator::emitUnreachable): (JSC::BytecodeGenerator::emitGetArgument): (JSC::BytecodeGenerator::emitCreateThis): (JSC::BytecodeGenerator::emitTDZCheck): (JSC::BytecodeGenerator::emitNewObject): (JSC::BytecodeGenerator::emitNewArrayBuffer): (JSC::BytecodeGenerator::emitNewArray): (JSC::BytecodeGenerator::emitNewArrayWithSpread): (JSC::BytecodeGenerator::emitNewArrayWithSize): (JSC::BytecodeGenerator::emitNewRegExp): (JSC::BytecodeGenerator::emitNewFunctionExpressionCommon): (JSC::BytecodeGenerator::emitNewDefaultConstructor): (JSC::BytecodeGenerator::emitNewFunction): (JSC::BytecodeGenerator::emitSetFunctionNameIfNeeded): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitCallInTailPosition): (JSC::BytecodeGenerator::emitCallEval): (JSC::BytecodeGenerator::emitExpectedFunctionSnippet): (JSC::BytecodeGenerator::emitCallVarargs): (JSC::BytecodeGenerator::emitCallVarargsInTailPosition): (JSC::BytecodeGenerator::emitConstructVarargs): (JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition): (JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary): (JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary): (JSC::BytecodeGenerator::emitCallDefineProperty): (JSC::BytecodeGenerator::emitReturn): (JSC::BytecodeGenerator::emitEnd): (JSC::BytecodeGenerator::emitConstruct): (JSC::BytecodeGenerator::emitStrcat): (JSC::BytecodeGenerator::emitToPrimitive): (JSC::BytecodeGenerator::emitGetScope): (JSC::BytecodeGenerator::emitPushWithScope): (JSC::BytecodeGenerator::emitGetParentScope): (JSC::BytecodeGenerator::emitDebugHook): (JSC::BytecodeGenerator::emitCatch): (JSC::BytecodeGenerator::emitThrow): (JSC::BytecodeGenerator::emitArgumentCount): (JSC::BytecodeGenerator::emitThrowStaticError): (JSC::BytecodeGenerator::beginSwitch): (JSC::prepareJumpTableForSwitch): (JSC::prepareJumpTableForStringSwitch): (JSC::BytecodeGenerator::endSwitch): (JSC::BytecodeGenerator::emitGetEnumerableLength): (JSC::BytecodeGenerator::emitHasGenericProperty): (JSC::BytecodeGenerator::emitHasIndexedProperty): (JSC::BytecodeGenerator::emitHasStructureProperty): (JSC::BytecodeGenerator::emitGetPropertyEnumerator): (JSC::BytecodeGenerator::emitEnumeratorStructurePropertyName): (JSC::BytecodeGenerator::emitEnumeratorGenericPropertyName): (JSC::BytecodeGenerator::emitToIndexString): (JSC::BytecodeGenerator::emitIsCellWithType): (JSC::BytecodeGenerator::emitIsObject): (JSC::BytecodeGenerator::emitIsNumber): (JSC::BytecodeGenerator::emitIsUndefined): (JSC::BytecodeGenerator::emitIsEmpty): (JSC::BytecodeGenerator::emitRestParameter): (JSC::BytecodeGenerator::emitRequireObjectCoercible): (JSC::BytecodeGenerator::emitYieldPoint): (JSC::BytecodeGenerator::emitYield): (JSC::BytecodeGenerator::emitGetAsyncIterator): (JSC::BytecodeGenerator::emitDelegateYield): (JSC::BytecodeGenerator::emitFinallyCompletion): (JSC::BytecodeGenerator::emitJumpIf): (JSC::ForInContext::finalize): (JSC::StructureForInContext::finalize): (JSC::IndexedForInContext::finalize): (JSC::StaticPropertyAnalysis::record): (JSC::BytecodeGenerator::emitToThis): * bytecompiler/BytecodeGenerator.h: (JSC::StructureForInContext::addGetInst): (JSC::BytecodeGenerator::recordOpcode): (JSC::BytecodeGenerator::addMetadataFor): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::kill): (JSC::BytecodeGenerator::instructions const): (JSC::BytecodeGenerator::write): (JSC::BytecodeGenerator::withWriter): * bytecompiler/Label.h: (JSC::Label::Label): (JSC::Label::bind): * bytecompiler/NodesCodegen.cpp: (JSC::ArrayNode::emitBytecode): (JSC::BytecodeIntrinsicNode::emit_intrinsic_argumentCount): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::BitwiseNotNode::emitBytecode): (JSC::BinaryOpNode::emitBytecode): (JSC::EqualNode::emitBytecode): (JSC::StrictEqualNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ForInNode::emitBytecode): (JSC::CaseBlockNode::emitBytecodeForBlock): (JSC::FunctionNode::emitBytecode): (JSC::ClassExprNode::emitBytecode): * bytecompiler/ProfileTypeBytecodeFlag.cpp: Copied from Source/JavaScriptCore/bytecode/VirtualRegister.cpp. (WTF::printInternal): * bytecompiler/ProfileTypeBytecodeFlag.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecompiler/RegisterID.h: * bytecompiler/StaticPropertyAnalysis.h: (JSC::StaticPropertyAnalysis::create): (JSC::StaticPropertyAnalysis::StaticPropertyAnalysis): * bytecompiler/StaticPropertyAnalyzer.h: (JSC::StaticPropertyAnalyzer::createThis): (JSC::StaticPropertyAnalyzer::newObject): (JSC::StaticPropertyAnalyzer::putById): (JSC::StaticPropertyAnalyzer::mov): (JSC::StaticPropertyAnalyzer::kill): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleVarargsCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleVarargsInlining): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::handleMinMax): (JSC::DFG::ByteCodeParser::handleIntrinsicCall): (JSC::DFG::ByteCodeParser::handleDOMJITCall): (JSC::DFG::ByteCodeParser::handleIntrinsicGetter): (JSC::DFG::ByteCodeParser::handleDOMJITGetter): (JSC::DFG::ByteCodeParser::handleModuleNamespaceLoad): (JSC::DFG::ByteCodeParser::handleTypedArrayConstructor): (JSC::DFG::ByteCodeParser::handleConstantInternalFunction): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseGetById): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::handlePutByVal): (JSC::DFG::ByteCodeParser::handlePutAccessorById): (JSC::DFG::ByteCodeParser::handlePutAccessorByVal): (JSC::DFG::ByteCodeParser::handleNewFunc): (JSC::DFG::ByteCodeParser::handleNewFuncExp): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCapabilities.cpp: (JSC::DFG::capabilityLevel): * dfg/DFGCapabilities.h: (JSC::DFG::capabilityLevel): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareCatchOSREntry): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileArithMul): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileUnaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileBinaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileArithMul): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOperations.cpp: (JSC::FTL::operationMaterializeObjectInOSR): * generate-bytecode-files: Removed. * generator/Argument.rb: Added. * generator/Assertion.rb: Added. * generator/DSL.rb: Added. * generator/Fits.rb: Added. * generator/GeneratedFile.rb: Added. * generator/Metadata.rb: Added. * generator/Opcode.rb: Added. * generator/OpcodeGroup.rb: Added. * generator/Options.rb: Added. * generator/Section.rb: Added. * generator/Template.rb: Added. * generator/Type.rb: Added. * generator/main.rb: Added. * interpreter/AbstractPC.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::currentVPC const): (JSC::CallFrame::setCurrentVPC): * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::ExecState::setReturnPC): * interpreter/Interpreter.cpp: (WTF::printInternal): * interpreter/Interpreter.h: * interpreter/InterpreterInlines.h: * interpreter/StackVisitor.cpp: (JSC::StackVisitor::Frame::dump const): * interpreter/VMEntryRecord.h: * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitSlowCaseCall): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): * jit/JIT.h: * jit/JITArithmetic.cpp: (JSC::JIT::emit_op_jless): (JSC::JIT::emit_op_jlesseq): (JSC::JIT::emit_op_jgreater): (JSC::JIT::emit_op_jgreatereq): (JSC::JIT::emit_op_jnless): (JSC::JIT::emit_op_jnlesseq): (JSC::JIT::emit_op_jngreater): (JSC::JIT::emit_op_jngreatereq): (JSC::JIT::emitSlow_op_jless): (JSC::JIT::emitSlow_op_jlesseq): (JSC::JIT::emitSlow_op_jgreater): (JSC::JIT::emitSlow_op_jgreatereq): (JSC::JIT::emitSlow_op_jnless): (JSC::JIT::emitSlow_op_jnlesseq): (JSC::JIT::emitSlow_op_jngreater): (JSC::JIT::emitSlow_op_jngreatereq): (JSC::JIT::emit_op_below): (JSC::JIT::emit_op_beloweq): (JSC::JIT::emit_op_jbelow): (JSC::JIT::emit_op_jbeloweq): (JSC::JIT::emit_op_unsigned): (JSC::JIT::emit_compareAndJump): (JSC::JIT::emit_compareUnsignedAndJump): (JSC::JIT::emit_compareUnsigned): (JSC::JIT::emit_compareAndJumpSlow): (JSC::JIT::emit_op_inc): (JSC::JIT::emit_op_dec): (JSC::JIT::emit_op_mod): (JSC::JIT::emitSlow_op_mod): (JSC::JIT::emit_op_negate): (JSC::JIT::emitSlow_op_negate): (JSC::JIT::emitBitBinaryOpFastPath): (JSC::JIT::emit_op_bitand): (JSC::JIT::emit_op_bitor): (JSC::JIT::emit_op_bitxor): (JSC::JIT::emit_op_lshift): (JSC::JIT::emitRightShiftFastPath): (JSC::JIT::emit_op_rshift): (JSC::JIT::emit_op_urshift): (JSC::getOperandTypes): (JSC::JIT::emit_op_add): (JSC::JIT::emitSlow_op_add): (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow): (JSC::JIT::emit_op_div): (JSC::JIT::emit_op_mul): (JSC::JIT::emitSlow_op_mul): (JSC::JIT::emit_op_sub): (JSC::JIT::emitSlow_op_sub): * jit/JITCall.cpp: (JSC::JIT::emitPutCallResult): (JSC::JIT::compileSetupFrame): (JSC::JIT::compileCallEval): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileTailCall): (JSC::JIT::compileOpCall): (JSC::JIT::compileOpCallSlowCase): (JSC::JIT::emit_op_call): (JSC::JIT::emit_op_tail_call): (JSC::JIT::emit_op_call_eval): (JSC::JIT::emit_op_call_varargs): (JSC::JIT::emit_op_tail_call_varargs): (JSC::JIT::emit_op_tail_call_forward_arguments): (JSC::JIT::emit_op_construct_varargs): (JSC::JIT::emit_op_construct): (JSC::JIT::emitSlow_op_call): (JSC::JIT::emitSlow_op_tail_call): (JSC::JIT::emitSlow_op_call_eval): (JSC::JIT::emitSlow_op_call_varargs): (JSC::JIT::emitSlow_op_tail_call_varargs): (JSC::JIT::emitSlow_op_tail_call_forward_arguments): (JSC::JIT::emitSlow_op_construct_varargs): (JSC::JIT::emitSlow_op_construct): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::JITDisassembler): * jit/JITExceptions.cpp: (JSC::genericUnwind): * jit/JITInlines.h: (JSC::JIT::emitDoubleGetByVal): (JSC::JIT::emitLoadForArrayMode): (JSC::JIT::emitContiguousGetByVal): (JSC::JIT::emitArrayStorageGetByVal): (JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile): (JSC::JIT::sampleInstruction): (JSC::JIT::emitValueProfilingSiteIfProfiledOpcode): (JSC::JIT::emitValueProfilingSite): (JSC::JIT::jumpTarget): (JSC::JIT::copiedGetPutInfo): (JSC::JIT::copiedArithProfile): * jit/JITMathIC.h: (JSC::isProfileEmpty): (JSC::JITBinaryMathIC::JITBinaryMathIC): (JSC::JITUnaryMathIC::JITUnaryMathIC): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_mov): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_jmp): (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_overrides_has_instance): (JSC::JIT::emit_op_instanceof): (JSC::JIT::emitSlow_op_instanceof): (JSC::JIT::emit_op_instanceof_custom): (JSC::JIT::emit_op_is_empty): (JSC::JIT::emit_op_is_undefined): (JSC::JIT::emit_op_is_boolean): (JSC::JIT::emit_op_is_number): (JSC::JIT::emit_op_is_cell_with_type): (JSC::JIT::emit_op_is_object): (JSC::JIT::emit_op_ret): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emit_op_set_function_name): (JSC::JIT::emit_op_not): (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jeq_null): (JSC::JIT::emit_op_jneq_null): (JSC::JIT::emit_op_jneq_ptr): (JSC::JIT::emit_op_eq): (JSC::JIT::emit_op_jeq): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_neq): (JSC::JIT::emit_op_jneq): (JSC::JIT::emit_op_throw): (JSC::JIT::compileOpStrictEq): (JSC::JIT::emit_op_stricteq): (JSC::JIT::emit_op_nstricteq): (JSC::JIT::compileOpStrictEqJump): (JSC::JIT::emit_op_jstricteq): (JSC::JIT::emit_op_jnstricteq): (JSC::JIT::emitSlow_op_jstricteq): (JSC::JIT::emitSlow_op_jnstricteq): (JSC::JIT::emit_op_to_number): (JSC::JIT::emit_op_to_string): (JSC::JIT::emit_op_to_object): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_identity_with_profile): (JSC::JIT::emit_op_get_parent_scope): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_debug): (JSC::JIT::emit_op_eq_null): (JSC::JIT::emit_op_neq_null): (JSC::JIT::emit_op_enter): (JSC::JIT::emit_op_get_scope): (JSC::JIT::emit_op_to_this): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_check_tdz): (JSC::JIT::emitSlow_op_eq): (JSC::JIT::emitSlow_op_neq): (JSC::JIT::emitSlow_op_jeq): (JSC::JIT::emitSlow_op_jneq): (JSC::JIT::emitSlow_op_instanceof_custom): (JSC::JIT::emit_op_loop_hint): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_check_traps): (JSC::JIT::emit_op_nop): (JSC::JIT::emit_op_super_sampler_begin): (JSC::JIT::emit_op_super_sampler_end): (JSC::JIT::emitSlow_op_check_traps): (JSC::JIT::emit_op_new_regexp): (JSC::JIT::emitNewFuncCommon): (JSC::JIT::emit_op_new_func): (JSC::JIT::emit_op_new_generator_func): (JSC::JIT::emit_op_new_async_generator_func): (JSC::JIT::emit_op_new_async_func): (JSC::JIT::emitNewFuncExprCommon): (JSC::JIT::emit_op_new_func_exp): (JSC::JIT::emit_op_new_generator_func_exp): (JSC::JIT::emit_op_new_async_func_exp): (JSC::JIT::emit_op_new_async_generator_func_exp): (JSC::JIT::emit_op_new_array): (JSC::JIT::emit_op_new_array_with_size): (JSC::JIT::emit_op_has_structure_property): (JSC::JIT::privateCompileHasIndexedProperty): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emitSlow_op_has_indexed_property): (JSC::JIT::emit_op_get_direct_pname): (JSC::JIT::emit_op_enumerator_structure_pname): (JSC::JIT::emit_op_enumerator_generic_pname): (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): (JSC::JIT::emit_op_profile_control_flow): (JSC::JIT::emit_op_argument_count): (JSC::JIT::emit_op_get_rest_length): (JSC::JIT::emit_op_get_argument): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_to_this): * jit/JITOperations.cpp: * jit/JITOperations.h: * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val_direct): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::emit_op_put_getter_by_id): (JSC::JIT::emit_op_put_setter_by_id): (JSC::JIT::emit_op_put_getter_setter_by_id): (JSC::JIT::emit_op_put_getter_by_val): (JSC::JIT::emit_op_put_setter_by_val): (JSC::JIT::emit_op_del_by_id): (JSC::JIT::emit_op_del_by_val): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emitSlow_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emitSlow_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emitSlow_op_get_by_id): (JSC::JIT::emitSlow_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emitSlow_op_put_by_id): (JSC::JIT::emit_op_in_by_id): (JSC::JIT::emitSlow_op_in_by_id): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emitSlow_op_put_to_scope): (JSC::JIT::emit_op_get_from_arguments): (JSC::JIT::emit_op_put_to_arguments): (JSC::JIT::privateCompileGetByVal): (JSC::JIT::privateCompileGetByValWithCachedId): (JSC::JIT::privateCompilePutByVal): (JSC::JIT::privateCompilePutByValWithCachedId): (JSC::JIT::emitDoubleLoad): (JSC::JIT::emitContiguousLoad): (JSC::JIT::emitArrayStorageLoad): (JSC::JIT::emitDirectArgumentsGetByVal): (JSC::JIT::emitScopedArgumentsGetByVal): (JSC::JIT::emitIntTypedArrayGetByVal): (JSC::JIT::emitFloatTypedArrayGetByVal): (JSC::JIT::emitIntTypedArrayPutByVal): (JSC::JIT::emitFloatTypedArrayPutByVal): * jit/RegisterSet.cpp: (JSC::RegisterSet::llintBaselineCalleeSaveRegisters): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::JITSlowPathCall): * llint/LLIntData.cpp: (JSC::LLInt::initialize): (JSC::LLInt::Data::performAssertions): * llint/LLIntData.h: (JSC::LLInt::exceptionInstructions): (JSC::LLInt::opcodeMap): (JSC::LLInt::opcodeMapWide): (JSC::LLInt::getOpcode): (JSC::LLInt::getOpcodeWide): (JSC::LLInt::getWideCodePtr): * llint/LLIntOffsetsExtractor.cpp: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::llint_trace_operand): (JSC::LLInt::llint_trace_value): (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::entryOSR): (JSC::LLInt::setupGetByIdPrototypeCache): (JSC::LLInt::getByVal): (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall): (JSC::LLInt::genericCall): (JSC::LLInt::varargsSetup): (JSC::LLInt::commonCallEval): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter.cpp: (JSC::CLoopRegister::operator const Instruction*): (JSC::CLoop::execute): * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * offlineasm/arm64.rb: * offlineasm/asm.rb: * offlineasm/ast.rb: * offlineasm/cloop.rb: * offlineasm/generate_offset_extractor.rb: * offlineasm/instructions.rb: * offlineasm/offsets.rb: * offlineasm/parser.rb: * offlineasm/transform.rb: * offlineasm/x86.rb: * parser/ResultType.h: (JSC::ResultType::dump const): (JSC::OperandTypes::first const): (JSC::OperandTypes::second const): (JSC::OperandTypes::dump const): * profiler/ProfilerBytecodeSequence.cpp: (JSC::Profiler::BytecodeSequence::BytecodeSequence): * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): (JSC::updateArithProfileForUnaryArithOp): (JSC::updateArithProfileForBinaryArithOp): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::tryCachePutToScopeGlobal): (JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal): * runtime/ExceptionFuzz.cpp: (JSC::doExceptionFuzzing): * runtime/ExceptionFuzz.h: (JSC::doExceptionFuzzingIfEnabled): * runtime/GetPutInfo.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::GetPutInfo::dump const): (WTF::printInternal): * runtime/GetPutInfo.h: (JSC::GetPutInfo::operand const): * runtime/JSCPoison.h: * runtime/JSType.cpp: Added. (WTF::printInternal): * runtime/JSType.h: * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::StackFrame::displayName): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::UnprocessedStackFrame::UnprocessedStackFrame): * runtime/SlowPathReturnType.h: (JSC::encodeResult): (JSC::decodeResult): * runtime/VM.h: * runtime/Watchdog.h: * tools/HeapVerifier.cpp: Source/WTF: * wtf/Forward.h: Fix WTF_LAZY_FOR_EACH_TERM on MSVC and add WTF_LAZY_HAS_REST to check whether a macro was passed multiple arguments * wtf/Platform.h: Force ENABLE_JIT=false on all 32-bit platforms * wtf/Vector.h: (WTF::minCapacity>::insertVector): Allow vectors with different overflow handlers to be passed to insertVector Tools: Do not force ENABLE_JIT=true when $forceCLoop is false. * Scripts/build-jsc: LayoutTests: Don't use recursion on `equal` to avoid premature stack overflows when testing deep arrays. * fast/dom/Window/resources/postmessage-test.js: Canonical link: https://commits.webkit.org/205839@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237547 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-10-29 13:16:03 +00:00
static void dumpLineColumnEntry(size_t index, const InstructionStream& instructionStream, unsigned instructionOffset, unsigned line, unsigned column)
Adding UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn().. https://bugs.webkit.org/show_bug.cgi?id=127127. Reviewed by Geoffrey Garen. In order to implement bytecode level breakpoints, we need a mechanism for computing the best fit op_debug bytecode offset for any valid given line and column value in the source. The "best fit" op_debug bytecode in this case is defined below in the comment for UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn(). * GNUmakefile.list.am: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Convert the line and column to unlinked line and column values and pass them to UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn() to do the real work. * bytecode/CodeBlock.h: * bytecode/LineColumnInfo.h: Added. (JSC::LineColumnInfo::operator <): (JSC::LineColumnInfo::LineColumnPair::LineColumnPair): (JSC::LineColumnInfo::operator ==): (JSC::LineColumnInfo::operator !=): (JSC::LineColumnInfo::operator <=): (JSC::LineColumnInfo::operator >): (JSC::LineColumnInfo::operator >=): * bytecode/LineInfo.h: Removed. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::decodeExpressionRangeLineAndColumn): - Factored this out of expressionRangeForBytecodeOffset() so that it can be called from multiple places. (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::dumpExpressionRangeInfo): (JSC::UnlinkedCodeBlock::dumpOpDebugLineColumnInfoList): - Some dumpers for debugging use only. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): (JSC::UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Finds the earliest op_debug bytecode whose line and column matches the specified line and column values. If an exact match is not found, then finds the nearest op_debug bytecode that precedes the specified line and column values. If there are more than one op_debug at that preceding line and column value, then the earliest of those op_debug bytecodes will be be selected. The offset of the selected bytecode will be returned. We want the earliest one because when we have multiple op_debug bytecodes that map to a given line and column, a debugger user would expect to break on the first one and step through the rest thereafter if needed. (JSC::compareLineColumnInfo): (JSC::UnlinkedCodeBlock::opDebugLineColumnInfoList): - Creates the sorted opDebugLineColumnInfoList on demand. This list is stored in the UnlinkedCodeBlock's rareData. * bytecode/UnlinkedCodeBlock.h: Canonical link: https://commits.webkit.org/145215@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@162256 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2014-01-18 17:55:07 +00:00
{
New bytecode format for JSC https://bugs.webkit.org/show_bug.cgi?id=187373 <rdar://problem/44186758> Reviewed by Filip Pizlo. .: Disable JIT by default on 32-bit platforms * Source/cmake/WebKitFeatures.cmake: JSTests: Add tests to ensure that the inferred inline capacity for a narrow op_new_object will be capped at 255. * stress/maximum-inline-capacity.js: Added. (test1): (test3.Foo): (test3): Source/JavaScriptCore: Replace unlinked and linked bytecode with a new immutable bytecode that does not embed any addresses. Instructions can be encoded as narrow (1-byte operands) or wide (4-byte operands) and might contain an extra operand, the metadataID. The metadataID is used to access the instruction's mutable data in a side table in the CodeBlock (the MetadataTable). Bytecodes now must be structs declared in the new BytecodeList.rb. All bytecodes give names and types to all its operands. Additionally, reading a bytecode from the instruction stream requires decoding the whole bytecode, i.e. it's no longer possible to access arbitrary operands directly from the stream. * CMakeLists.txt: * DerivedSources.make: * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * assembler/MacroAssemblerCodeRef.h: (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): * bytecode/ArithProfile.h: (JSC::ArithProfile::ArithProfile): * bytecode/ArrayAllocationProfile.h: (JSC::ArrayAllocationProfile::ArrayAllocationProfile): * bytecode/ArrayProfile.h: * bytecode/BytecodeBasicBlock.cpp: (JSC::isJumpTarget): (JSC::BytecodeBasicBlock::computeImpl): (JSC::BytecodeBasicBlock::compute): * bytecode/BytecodeBasicBlock.h: (JSC::BytecodeBasicBlock::leaderOffset const): (JSC::BytecodeBasicBlock::totalLength const): (JSC::BytecodeBasicBlock::offsets const): (JSC::BytecodeBasicBlock::BytecodeBasicBlock): (JSC::BytecodeBasicBlock::addLength): * bytecode/BytecodeDumper.cpp: (JSC::BytecodeDumper<Block>::printLocationAndOp): (JSC::BytecodeDumper<Block>::dumpBytecode): (JSC::BytecodeDumper<Block>::dumpIdentifiers): (JSC::BytecodeDumper<Block>::dumpConstants): (JSC::BytecodeDumper<Block>::dumpExceptionHandlers): (JSC::BytecodeDumper<Block>::dumpSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpStringSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpBlock): * bytecode/BytecodeDumper.h: (JSC::BytecodeDumper::dumpOperand): (JSC::BytecodeDumper::dumpValue): (JSC::BytecodeDumper::BytecodeDumper): (JSC::BytecodeDumper::block const): * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::enterPoint const): (JSC::BytecodeGeneratorification::instructions const): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): (JSC::performGeneratorification): * bytecode/BytecodeGeneratorification.h: * bytecode/BytecodeGraph.h: (JSC::BytecodeGraph::blockContainsBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockForBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockWithLeaderOffset): (JSC::BytecodeGraph::BytecodeGraph): * bytecode/BytecodeKills.h: * bytecode/BytecodeList.json: Removed. * bytecode/BytecodeList.rb: Added. * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::dumpResults): * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::isValidRegisterForLiveness): (JSC::BytecodeLivenessPropagation::stepOverInstruction): * bytecode/BytecodeRewriter.cpp: (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): (JSC::BytecodeRewriter::insertImpl): (JSC::BytecodeRewriter::adjustJumpTarget): (JSC::BytecodeRewriter::adjustJumpTargets): * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::InsertionPoint::InsertionPoint): (JSC::BytecodeRewriter::Fragment::Fragment): (JSC::BytecodeRewriter::Fragment::appendInstruction): (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::insertFragmentBefore): (JSC::BytecodeRewriter::insertFragmentAfter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::adjustAbsoluteOffset): (JSC::BytecodeRewriter::adjustJumpTarget): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::estimatedSize): (JSC::CodeBlock::visitChildren): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::finalizeLLIntInlineCaches): (JSC::CodeBlock::addJITAddIC): (JSC::CodeBlock::addJITMulIC): (JSC::CodeBlock::addJITSubIC): (JSC::CodeBlock::addJITNegIC): (JSC::CodeBlock::stronglyVisitStrongReferences): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::updateAllArrayPredictions): (JSC::CodeBlock::predictedMachineCodeSize): (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): (JSC::CodeBlock::valueProfileForBytecodeOffset): (JSC::CodeBlock::validate): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::outOfLineJumpTarget): (JSC::CodeBlock::arithProfileForBytecodeOffset): (JSC::CodeBlock::arithProfileForPC): (JSC::CodeBlock::couldTakeSpecialFastCase): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: (JSC::CodeBlock::addMathIC): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::bytecodeOffset): (JSC::CodeBlock::instructions const): (JSC::CodeBlock::instructionCount const): (JSC::CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters): (JSC::CodeBlock::metadata): (JSC::CodeBlock::metadataSizeInBytes): (JSC::CodeBlock::numberOfNonArgumentValueProfiles): (JSC::CodeBlock::totalNumberOfValueProfiles): * bytecode/CodeBlockInlines.h: Added. (JSC::CodeBlock::forEachValueProfile): (JSC::CodeBlock::forEachArrayProfile): (JSC::CodeBlock::forEachArrayAllocationProfile): (JSC::CodeBlock::forEachObjectAllocationProfile): (JSC::CodeBlock::forEachLLIntCallLinkInfo): * bytecode/Fits.h: Added. * bytecode/GetByIdMetadata.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): * bytecode/Instruction.h: (JSC::Instruction::Instruction): (JSC::Instruction::Impl::opcodeID const): (JSC::Instruction::opcodeID const): (JSC::Instruction::name const): (JSC::Instruction::isWide const): (JSC::Instruction::size const): (JSC::Instruction::is const): (JSC::Instruction::as const): (JSC::Instruction::cast): (JSC::Instruction::cast const): (JSC::Instruction::narrow const): (JSC::Instruction::wide const): * bytecode/InstructionStream.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::InstructionStream::InstructionStream): (JSC::InstructionStream::sizeInBytes const): * bytecode/InstructionStream.h: Added. (JSC::InstructionStream::BaseRef::BaseRef): (JSC::InstructionStream::BaseRef::operator=): (JSC::InstructionStream::BaseRef::operator-> const): (JSC::InstructionStream::BaseRef::ptr const): (JSC::InstructionStream::BaseRef::operator!= const): (JSC::InstructionStream::BaseRef::next const): (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::isValid const): (JSC::InstructionStream::BaseRef::unwrap const): (JSC::InstructionStream::MutableRef::freeze const): (JSC::InstructionStream::MutableRef::operator->): (JSC::InstructionStream::MutableRef::ptr): (JSC::InstructionStream::MutableRef::operator Ref): (JSC::InstructionStream::MutableRef::unwrap): (JSC::InstructionStream::iterator::operator*): (JSC::InstructionStream::iterator::operator++): (JSC::InstructionStream::begin const): (JSC::InstructionStream::end const): (JSC::InstructionStream::at const): (JSC::InstructionStream::size const): (JSC::InstructionStreamWriter::InstructionStreamWriter): (JSC::InstructionStreamWriter::ref): (JSC::InstructionStreamWriter::seek): (JSC::InstructionStreamWriter::position): (JSC::InstructionStreamWriter::write): (JSC::InstructionStreamWriter::rewind): (JSC::InstructionStreamWriter::finalize): (JSC::InstructionStreamWriter::swap): (JSC::InstructionStreamWriter::iterator::operator*): (JSC::InstructionStreamWriter::iterator::operator++): (JSC::InstructionStreamWriter::begin): (JSC::InstructionStreamWriter::end): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp: (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::LLIntPrototypeLoadAdaptiveStructureWatchpoint): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::clearLLIntGetByIdCache): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h: * bytecode/MetadataTable.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::MetadataTable::MetadataTable): (JSC::DeallocTable::withOpcodeType): (JSC::MetadataTable::~MetadataTable): (JSC::MetadataTable::sizeInBytes): * bytecode/MetadataTable.h: Copied from Source/JavaScriptCore/runtime/Watchdog.h. (JSC::MetadataTable::get): (JSC::MetadataTable::forEach): (JSC::MetadataTable::getImpl): * bytecode/Opcode.cpp: (JSC::metadataSize): * bytecode/Opcode.h: (JSC::padOpcodeName): * bytecode/OpcodeInlines.h: (JSC::isOpcodeShape): (JSC::getOpcodeType): * bytecode/OpcodeSize.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecode/PreciseJumpTargets.cpp: (JSC::getJumpTargetsForInstruction): (JSC::computePreciseJumpTargetsInternal): (JSC::computePreciseJumpTargets): (JSC::recomputePreciseJumpTargets): (JSC::findJumpTargetsForInstruction): * bytecode/PreciseJumpTargets.h: * bytecode/PreciseJumpTargetsInlines.h: (JSC::jumpTargetForInstruction): (JSC::extractStoredJumpTargetsForInstruction): (JSC::updateStoredJumpTargetsForInstruction): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): * bytecode/SpecialPointer.cpp: (WTF::printInternal): * bytecode/SpecialPointer.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::estimatedSize): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): (JSC::UnlinkedCodeBlock::setInstructions): (JSC::UnlinkedCodeBlock::instructions const): (JSC::UnlinkedCodeBlock::applyModification): (JSC::UnlinkedCodeBlock::addOutOfLineJumpTarget): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::addPropertyAccessInstruction): (JSC::UnlinkedCodeBlock::propertyAccessInstructions const): (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const): (JSC::UnlinkedCodeBlock::metadata): (JSC::UnlinkedCodeBlock::metadataSizeInBytes): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): (JSC::UnlinkedCodeBlock::replaceOutOfLineJumpTargets): * bytecode/UnlinkedInstructionStream.cpp: Removed. * bytecode/UnlinkedInstructionStream.h: Removed. * bytecode/UnlinkedMetadataTable.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/UnlinkedMetadataTableInlines.h: Added. (JSC::UnlinkedMetadataTable::UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::~UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::addEntry): (JSC::UnlinkedMetadataTable::sizeInBytes): (JSC::UnlinkedMetadataTable::finalize): (JSC::UnlinkedMetadataTable::link): (JSC::UnlinkedMetadataTable::unlink): * bytecode/VirtualRegister.cpp: (JSC::VirtualRegister::VirtualRegister): * bytecode/VirtualRegister.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::Label::setLocation): (JSC::Label::bind): (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeVarLexicalEnvironment): (JSC::BytecodeGenerator::emitEnter): (JSC::BytecodeGenerator::emitLoopHint): (JSC::BytecodeGenerator::emitJump): (JSC::BytecodeGenerator::emitCheckTraps): (JSC::BytecodeGenerator::rewind): (JSC::BytecodeGenerator::fuseCompareAndJump): (JSC::BytecodeGenerator::fuseTestAndJmp): (JSC::BytecodeGenerator::emitJumpIfTrue): (JSC::BytecodeGenerator::emitJumpIfFalse): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::moveLinkTimeConstant): (JSC::BytecodeGenerator::moveEmptyValue): (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::emitBinaryOp): (JSC::BytecodeGenerator::emitToObject): (JSC::BytecodeGenerator::emitToNumber): (JSC::BytecodeGenerator::emitToString): (JSC::BytecodeGenerator::emitTypeOf): (JSC::BytecodeGenerator::emitInc): (JSC::BytecodeGenerator::emitDec): (JSC::BytecodeGenerator::emitEqualityOp): (JSC::BytecodeGenerator::emitProfileType): (JSC::BytecodeGenerator::emitProfileControlFlow): (JSC::BytecodeGenerator::pushLexicalScopeInternal): (JSC::BytecodeGenerator::emitResolveScopeForHoistingFuncDeclInEval): (JSC::BytecodeGenerator::prepareLexicalScopeForNextForLoopIteration): (JSC::BytecodeGenerator::emitOverridesHasInstance): (JSC::BytecodeGenerator::emitResolveScope): (JSC::BytecodeGenerator::emitGetFromScope): (JSC::BytecodeGenerator::emitPutToScope): (JSC::BytecodeGenerator::emitInstanceOf): (JSC::BytecodeGenerator::emitInstanceOfCustom): (JSC::BytecodeGenerator::emitInByVal): (JSC::BytecodeGenerator::emitInById): (JSC::BytecodeGenerator::emitTryGetById): (JSC::BytecodeGenerator::emitGetById): (JSC::BytecodeGenerator::emitDirectGetById): (JSC::BytecodeGenerator::emitPutById): (JSC::BytecodeGenerator::emitDirectPutById): (JSC::BytecodeGenerator::emitPutGetterById): (JSC::BytecodeGenerator::emitPutSetterById): (JSC::BytecodeGenerator::emitPutGetterSetter): (JSC::BytecodeGenerator::emitPutGetterByVal): (JSC::BytecodeGenerator::emitPutSetterByVal): (JSC::BytecodeGenerator::emitDeleteById): (JSC::BytecodeGenerator::emitGetByVal): (JSC::BytecodeGenerator::emitPutByVal): (JSC::BytecodeGenerator::emitDirectPutByVal): (JSC::BytecodeGenerator::emitDeleteByVal): (JSC::BytecodeGenerator::emitSuperSamplerBegin): (JSC::BytecodeGenerator::emitSuperSamplerEnd): (JSC::BytecodeGenerator::emitIdWithProfile): (JSC::BytecodeGenerator::emitUnreachable): (JSC::BytecodeGenerator::emitGetArgument): (JSC::BytecodeGenerator::emitCreateThis): (JSC::BytecodeGenerator::emitTDZCheck): (JSC::BytecodeGenerator::emitNewObject): (JSC::BytecodeGenerator::emitNewArrayBuffer): (JSC::BytecodeGenerator::emitNewArray): (JSC::BytecodeGenerator::emitNewArrayWithSpread): (JSC::BytecodeGenerator::emitNewArrayWithSize): (JSC::BytecodeGenerator::emitNewRegExp): (JSC::BytecodeGenerator::emitNewFunctionExpressionCommon): (JSC::BytecodeGenerator::emitNewDefaultConstructor): (JSC::BytecodeGenerator::emitNewFunction): (JSC::BytecodeGenerator::emitSetFunctionNameIfNeeded): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitCallInTailPosition): (JSC::BytecodeGenerator::emitCallEval): (JSC::BytecodeGenerator::emitExpectedFunctionSnippet): (JSC::BytecodeGenerator::emitCallVarargs): (JSC::BytecodeGenerator::emitCallVarargsInTailPosition): (JSC::BytecodeGenerator::emitConstructVarargs): (JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition): (JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary): (JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary): (JSC::BytecodeGenerator::emitCallDefineProperty): (JSC::BytecodeGenerator::emitReturn): (JSC::BytecodeGenerator::emitEnd): (JSC::BytecodeGenerator::emitConstruct): (JSC::BytecodeGenerator::emitStrcat): (JSC::BytecodeGenerator::emitToPrimitive): (JSC::BytecodeGenerator::emitGetScope): (JSC::BytecodeGenerator::emitPushWithScope): (JSC::BytecodeGenerator::emitGetParentScope): (JSC::BytecodeGenerator::emitDebugHook): (JSC::BytecodeGenerator::emitCatch): (JSC::BytecodeGenerator::emitThrow): (JSC::BytecodeGenerator::emitArgumentCount): (JSC::BytecodeGenerator::emitThrowStaticError): (JSC::BytecodeGenerator::beginSwitch): (JSC::prepareJumpTableForSwitch): (JSC::prepareJumpTableForStringSwitch): (JSC::BytecodeGenerator::endSwitch): (JSC::BytecodeGenerator::emitGetEnumerableLength): (JSC::BytecodeGenerator::emitHasGenericProperty): (JSC::BytecodeGenerator::emitHasIndexedProperty): (JSC::BytecodeGenerator::emitHasStructureProperty): (JSC::BytecodeGenerator::emitGetPropertyEnumerator): (JSC::BytecodeGenerator::emitEnumeratorStructurePropertyName): (JSC::BytecodeGenerator::emitEnumeratorGenericPropertyName): (JSC::BytecodeGenerator::emitToIndexString): (JSC::BytecodeGenerator::emitIsCellWithType): (JSC::BytecodeGenerator::emitIsObject): (JSC::BytecodeGenerator::emitIsNumber): (JSC::BytecodeGenerator::emitIsUndefined): (JSC::BytecodeGenerator::emitIsEmpty): (JSC::BytecodeGenerator::emitRestParameter): (JSC::BytecodeGenerator::emitRequireObjectCoercible): (JSC::BytecodeGenerator::emitYieldPoint): (JSC::BytecodeGenerator::emitYield): (JSC::BytecodeGenerator::emitGetAsyncIterator): (JSC::BytecodeGenerator::emitDelegateYield): (JSC::BytecodeGenerator::emitFinallyCompletion): (JSC::BytecodeGenerator::emitJumpIf): (JSC::ForInContext::finalize): (JSC::StructureForInContext::finalize): (JSC::IndexedForInContext::finalize): (JSC::StaticPropertyAnalysis::record): (JSC::BytecodeGenerator::emitToThis): * bytecompiler/BytecodeGenerator.h: (JSC::StructureForInContext::addGetInst): (JSC::BytecodeGenerator::recordOpcode): (JSC::BytecodeGenerator::addMetadataFor): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::kill): (JSC::BytecodeGenerator::instructions const): (JSC::BytecodeGenerator::write): (JSC::BytecodeGenerator::withWriter): * bytecompiler/Label.h: (JSC::Label::Label): (JSC::Label::bind): * bytecompiler/NodesCodegen.cpp: (JSC::ArrayNode::emitBytecode): (JSC::BytecodeIntrinsicNode::emit_intrinsic_argumentCount): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::BitwiseNotNode::emitBytecode): (JSC::BinaryOpNode::emitBytecode): (JSC::EqualNode::emitBytecode): (JSC::StrictEqualNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ForInNode::emitBytecode): (JSC::CaseBlockNode::emitBytecodeForBlock): (JSC::FunctionNode::emitBytecode): (JSC::ClassExprNode::emitBytecode): * bytecompiler/ProfileTypeBytecodeFlag.cpp: Copied from Source/JavaScriptCore/bytecode/VirtualRegister.cpp. (WTF::printInternal): * bytecompiler/ProfileTypeBytecodeFlag.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecompiler/RegisterID.h: * bytecompiler/StaticPropertyAnalysis.h: (JSC::StaticPropertyAnalysis::create): (JSC::StaticPropertyAnalysis::StaticPropertyAnalysis): * bytecompiler/StaticPropertyAnalyzer.h: (JSC::StaticPropertyAnalyzer::createThis): (JSC::StaticPropertyAnalyzer::newObject): (JSC::StaticPropertyAnalyzer::putById): (JSC::StaticPropertyAnalyzer::mov): (JSC::StaticPropertyAnalyzer::kill): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleVarargsCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleVarargsInlining): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::handleMinMax): (JSC::DFG::ByteCodeParser::handleIntrinsicCall): (JSC::DFG::ByteCodeParser::handleDOMJITCall): (JSC::DFG::ByteCodeParser::handleIntrinsicGetter): (JSC::DFG::ByteCodeParser::handleDOMJITGetter): (JSC::DFG::ByteCodeParser::handleModuleNamespaceLoad): (JSC::DFG::ByteCodeParser::handleTypedArrayConstructor): (JSC::DFG::ByteCodeParser::handleConstantInternalFunction): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseGetById): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::handlePutByVal): (JSC::DFG::ByteCodeParser::handlePutAccessorById): (JSC::DFG::ByteCodeParser::handlePutAccessorByVal): (JSC::DFG::ByteCodeParser::handleNewFunc): (JSC::DFG::ByteCodeParser::handleNewFuncExp): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCapabilities.cpp: (JSC::DFG::capabilityLevel): * dfg/DFGCapabilities.h: (JSC::DFG::capabilityLevel): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareCatchOSREntry): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileArithMul): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileUnaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileBinaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileArithMul): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOperations.cpp: (JSC::FTL::operationMaterializeObjectInOSR): * generate-bytecode-files: Removed. * generator/Argument.rb: Added. * generator/Assertion.rb: Added. * generator/DSL.rb: Added. * generator/Fits.rb: Added. * generator/GeneratedFile.rb: Added. * generator/Metadata.rb: Added. * generator/Opcode.rb: Added. * generator/OpcodeGroup.rb: Added. * generator/Options.rb: Added. * generator/Section.rb: Added. * generator/Template.rb: Added. * generator/Type.rb: Added. * generator/main.rb: Added. * interpreter/AbstractPC.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::currentVPC const): (JSC::CallFrame::setCurrentVPC): * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::ExecState::setReturnPC): * interpreter/Interpreter.cpp: (WTF::printInternal): * interpreter/Interpreter.h: * interpreter/InterpreterInlines.h: * interpreter/StackVisitor.cpp: (JSC::StackVisitor::Frame::dump const): * interpreter/VMEntryRecord.h: * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitSlowCaseCall): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): * jit/JIT.h: * jit/JITArithmetic.cpp: (JSC::JIT::emit_op_jless): (JSC::JIT::emit_op_jlesseq): (JSC::JIT::emit_op_jgreater): (JSC::JIT::emit_op_jgreatereq): (JSC::JIT::emit_op_jnless): (JSC::JIT::emit_op_jnlesseq): (JSC::JIT::emit_op_jngreater): (JSC::JIT::emit_op_jngreatereq): (JSC::JIT::emitSlow_op_jless): (JSC::JIT::emitSlow_op_jlesseq): (JSC::JIT::emitSlow_op_jgreater): (JSC::JIT::emitSlow_op_jgreatereq): (JSC::JIT::emitSlow_op_jnless): (JSC::JIT::emitSlow_op_jnlesseq): (JSC::JIT::emitSlow_op_jngreater): (JSC::JIT::emitSlow_op_jngreatereq): (JSC::JIT::emit_op_below): (JSC::JIT::emit_op_beloweq): (JSC::JIT::emit_op_jbelow): (JSC::JIT::emit_op_jbeloweq): (JSC::JIT::emit_op_unsigned): (JSC::JIT::emit_compareAndJump): (JSC::JIT::emit_compareUnsignedAndJump): (JSC::JIT::emit_compareUnsigned): (JSC::JIT::emit_compareAndJumpSlow): (JSC::JIT::emit_op_inc): (JSC::JIT::emit_op_dec): (JSC::JIT::emit_op_mod): (JSC::JIT::emitSlow_op_mod): (JSC::JIT::emit_op_negate): (JSC::JIT::emitSlow_op_negate): (JSC::JIT::emitBitBinaryOpFastPath): (JSC::JIT::emit_op_bitand): (JSC::JIT::emit_op_bitor): (JSC::JIT::emit_op_bitxor): (JSC::JIT::emit_op_lshift): (JSC::JIT::emitRightShiftFastPath): (JSC::JIT::emit_op_rshift): (JSC::JIT::emit_op_urshift): (JSC::getOperandTypes): (JSC::JIT::emit_op_add): (JSC::JIT::emitSlow_op_add): (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow): (JSC::JIT::emit_op_div): (JSC::JIT::emit_op_mul): (JSC::JIT::emitSlow_op_mul): (JSC::JIT::emit_op_sub): (JSC::JIT::emitSlow_op_sub): * jit/JITCall.cpp: (JSC::JIT::emitPutCallResult): (JSC::JIT::compileSetupFrame): (JSC::JIT::compileCallEval): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileTailCall): (JSC::JIT::compileOpCall): (JSC::JIT::compileOpCallSlowCase): (JSC::JIT::emit_op_call): (JSC::JIT::emit_op_tail_call): (JSC::JIT::emit_op_call_eval): (JSC::JIT::emit_op_call_varargs): (JSC::JIT::emit_op_tail_call_varargs): (JSC::JIT::emit_op_tail_call_forward_arguments): (JSC::JIT::emit_op_construct_varargs): (JSC::JIT::emit_op_construct): (JSC::JIT::emitSlow_op_call): (JSC::JIT::emitSlow_op_tail_call): (JSC::JIT::emitSlow_op_call_eval): (JSC::JIT::emitSlow_op_call_varargs): (JSC::JIT::emitSlow_op_tail_call_varargs): (JSC::JIT::emitSlow_op_tail_call_forward_arguments): (JSC::JIT::emitSlow_op_construct_varargs): (JSC::JIT::emitSlow_op_construct): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::JITDisassembler): * jit/JITExceptions.cpp: (JSC::genericUnwind): * jit/JITInlines.h: (JSC::JIT::emitDoubleGetByVal): (JSC::JIT::emitLoadForArrayMode): (JSC::JIT::emitContiguousGetByVal): (JSC::JIT::emitArrayStorageGetByVal): (JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile): (JSC::JIT::sampleInstruction): (JSC::JIT::emitValueProfilingSiteIfProfiledOpcode): (JSC::JIT::emitValueProfilingSite): (JSC::JIT::jumpTarget): (JSC::JIT::copiedGetPutInfo): (JSC::JIT::copiedArithProfile): * jit/JITMathIC.h: (JSC::isProfileEmpty): (JSC::JITBinaryMathIC::JITBinaryMathIC): (JSC::JITUnaryMathIC::JITUnaryMathIC): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_mov): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_jmp): (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_overrides_has_instance): (JSC::JIT::emit_op_instanceof): (JSC::JIT::emitSlow_op_instanceof): (JSC::JIT::emit_op_instanceof_custom): (JSC::JIT::emit_op_is_empty): (JSC::JIT::emit_op_is_undefined): (JSC::JIT::emit_op_is_boolean): (JSC::JIT::emit_op_is_number): (JSC::JIT::emit_op_is_cell_with_type): (JSC::JIT::emit_op_is_object): (JSC::JIT::emit_op_ret): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emit_op_set_function_name): (JSC::JIT::emit_op_not): (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jeq_null): (JSC::JIT::emit_op_jneq_null): (JSC::JIT::emit_op_jneq_ptr): (JSC::JIT::emit_op_eq): (JSC::JIT::emit_op_jeq): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_neq): (JSC::JIT::emit_op_jneq): (JSC::JIT::emit_op_throw): (JSC::JIT::compileOpStrictEq): (JSC::JIT::emit_op_stricteq): (JSC::JIT::emit_op_nstricteq): (JSC::JIT::compileOpStrictEqJump): (JSC::JIT::emit_op_jstricteq): (JSC::JIT::emit_op_jnstricteq): (JSC::JIT::emitSlow_op_jstricteq): (JSC::JIT::emitSlow_op_jnstricteq): (JSC::JIT::emit_op_to_number): (JSC::JIT::emit_op_to_string): (JSC::JIT::emit_op_to_object): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_identity_with_profile): (JSC::JIT::emit_op_get_parent_scope): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_debug): (JSC::JIT::emit_op_eq_null): (JSC::JIT::emit_op_neq_null): (JSC::JIT::emit_op_enter): (JSC::JIT::emit_op_get_scope): (JSC::JIT::emit_op_to_this): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_check_tdz): (JSC::JIT::emitSlow_op_eq): (JSC::JIT::emitSlow_op_neq): (JSC::JIT::emitSlow_op_jeq): (JSC::JIT::emitSlow_op_jneq): (JSC::JIT::emitSlow_op_instanceof_custom): (JSC::JIT::emit_op_loop_hint): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_check_traps): (JSC::JIT::emit_op_nop): (JSC::JIT::emit_op_super_sampler_begin): (JSC::JIT::emit_op_super_sampler_end): (JSC::JIT::emitSlow_op_check_traps): (JSC::JIT::emit_op_new_regexp): (JSC::JIT::emitNewFuncCommon): (JSC::JIT::emit_op_new_func): (JSC::JIT::emit_op_new_generator_func): (JSC::JIT::emit_op_new_async_generator_func): (JSC::JIT::emit_op_new_async_func): (JSC::JIT::emitNewFuncExprCommon): (JSC::JIT::emit_op_new_func_exp): (JSC::JIT::emit_op_new_generator_func_exp): (JSC::JIT::emit_op_new_async_func_exp): (JSC::JIT::emit_op_new_async_generator_func_exp): (JSC::JIT::emit_op_new_array): (JSC::JIT::emit_op_new_array_with_size): (JSC::JIT::emit_op_has_structure_property): (JSC::JIT::privateCompileHasIndexedProperty): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emitSlow_op_has_indexed_property): (JSC::JIT::emit_op_get_direct_pname): (JSC::JIT::emit_op_enumerator_structure_pname): (JSC::JIT::emit_op_enumerator_generic_pname): (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): (JSC::JIT::emit_op_profile_control_flow): (JSC::JIT::emit_op_argument_count): (JSC::JIT::emit_op_get_rest_length): (JSC::JIT::emit_op_get_argument): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_to_this): * jit/JITOperations.cpp: * jit/JITOperations.h: * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val_direct): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::emit_op_put_getter_by_id): (JSC::JIT::emit_op_put_setter_by_id): (JSC::JIT::emit_op_put_getter_setter_by_id): (JSC::JIT::emit_op_put_getter_by_val): (JSC::JIT::emit_op_put_setter_by_val): (JSC::JIT::emit_op_del_by_id): (JSC::JIT::emit_op_del_by_val): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emitSlow_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emitSlow_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emitSlow_op_get_by_id): (JSC::JIT::emitSlow_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emitSlow_op_put_by_id): (JSC::JIT::emit_op_in_by_id): (JSC::JIT::emitSlow_op_in_by_id): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emitSlow_op_put_to_scope): (JSC::JIT::emit_op_get_from_arguments): (JSC::JIT::emit_op_put_to_arguments): (JSC::JIT::privateCompileGetByVal): (JSC::JIT::privateCompileGetByValWithCachedId): (JSC::JIT::privateCompilePutByVal): (JSC::JIT::privateCompilePutByValWithCachedId): (JSC::JIT::emitDoubleLoad): (JSC::JIT::emitContiguousLoad): (JSC::JIT::emitArrayStorageLoad): (JSC::JIT::emitDirectArgumentsGetByVal): (JSC::JIT::emitScopedArgumentsGetByVal): (JSC::JIT::emitIntTypedArrayGetByVal): (JSC::JIT::emitFloatTypedArrayGetByVal): (JSC::JIT::emitIntTypedArrayPutByVal): (JSC::JIT::emitFloatTypedArrayPutByVal): * jit/RegisterSet.cpp: (JSC::RegisterSet::llintBaselineCalleeSaveRegisters): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::JITSlowPathCall): * llint/LLIntData.cpp: (JSC::LLInt::initialize): (JSC::LLInt::Data::performAssertions): * llint/LLIntData.h: (JSC::LLInt::exceptionInstructions): (JSC::LLInt::opcodeMap): (JSC::LLInt::opcodeMapWide): (JSC::LLInt::getOpcode): (JSC::LLInt::getOpcodeWide): (JSC::LLInt::getWideCodePtr): * llint/LLIntOffsetsExtractor.cpp: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::llint_trace_operand): (JSC::LLInt::llint_trace_value): (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::entryOSR): (JSC::LLInt::setupGetByIdPrototypeCache): (JSC::LLInt::getByVal): (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall): (JSC::LLInt::genericCall): (JSC::LLInt::varargsSetup): (JSC::LLInt::commonCallEval): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter.cpp: (JSC::CLoopRegister::operator const Instruction*): (JSC::CLoop::execute): * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * offlineasm/arm64.rb: * offlineasm/asm.rb: * offlineasm/ast.rb: * offlineasm/cloop.rb: * offlineasm/generate_offset_extractor.rb: * offlineasm/instructions.rb: * offlineasm/offsets.rb: * offlineasm/parser.rb: * offlineasm/transform.rb: * offlineasm/x86.rb: * parser/ResultType.h: (JSC::ResultType::dump const): (JSC::OperandTypes::first const): (JSC::OperandTypes::second const): (JSC::OperandTypes::dump const): * profiler/ProfilerBytecodeSequence.cpp: (JSC::Profiler::BytecodeSequence::BytecodeSequence): * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): (JSC::updateArithProfileForUnaryArithOp): (JSC::updateArithProfileForBinaryArithOp): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::tryCachePutToScopeGlobal): (JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal): * runtime/ExceptionFuzz.cpp: (JSC::doExceptionFuzzing): * runtime/ExceptionFuzz.h: (JSC::doExceptionFuzzingIfEnabled): * runtime/GetPutInfo.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::GetPutInfo::dump const): (WTF::printInternal): * runtime/GetPutInfo.h: (JSC::GetPutInfo::operand const): * runtime/JSCPoison.h: * runtime/JSType.cpp: Added. (WTF::printInternal): * runtime/JSType.h: * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::StackFrame::displayName): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::UnprocessedStackFrame::UnprocessedStackFrame): * runtime/SlowPathReturnType.h: (JSC::encodeResult): (JSC::decodeResult): * runtime/VM.h: * runtime/Watchdog.h: * tools/HeapVerifier.cpp: Source/WTF: * wtf/Forward.h: Fix WTF_LAZY_FOR_EACH_TERM on MSVC and add WTF_LAZY_HAS_REST to check whether a macro was passed multiple arguments * wtf/Platform.h: Force ENABLE_JIT=false on all 32-bit platforms * wtf/Vector.h: (WTF::minCapacity>::insertVector): Allow vectors with different overflow handlers to be passed to insertVector Tools: Do not force ENABLE_JIT=true when $forceCLoop is false. * Scripts/build-jsc: LayoutTests: Don't use recursion on `equal` to avoid premature stack overflows when testing deep arrays. * fast/dom/Window/resources/postmessage-test.js: Canonical link: https://commits.webkit.org/205839@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237547 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-10-29 13:16:03 +00:00
const auto instruction = instructionStream.at(instructionOffset);
Adding UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn().. https://bugs.webkit.org/show_bug.cgi?id=127127. Reviewed by Geoffrey Garen. In order to implement bytecode level breakpoints, we need a mechanism for computing the best fit op_debug bytecode offset for any valid given line and column value in the source. The "best fit" op_debug bytecode in this case is defined below in the comment for UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn(). * GNUmakefile.list.am: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Convert the line and column to unlinked line and column values and pass them to UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn() to do the real work. * bytecode/CodeBlock.h: * bytecode/LineColumnInfo.h: Added. (JSC::LineColumnInfo::operator <): (JSC::LineColumnInfo::LineColumnPair::LineColumnPair): (JSC::LineColumnInfo::operator ==): (JSC::LineColumnInfo::operator !=): (JSC::LineColumnInfo::operator <=): (JSC::LineColumnInfo::operator >): (JSC::LineColumnInfo::operator >=): * bytecode/LineInfo.h: Removed. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::decodeExpressionRangeLineAndColumn): - Factored this out of expressionRangeForBytecodeOffset() so that it can be called from multiple places. (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::dumpExpressionRangeInfo): (JSC::UnlinkedCodeBlock::dumpOpDebugLineColumnInfoList): - Some dumpers for debugging use only. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): (JSC::UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Finds the earliest op_debug bytecode whose line and column matches the specified line and column values. If an exact match is not found, then finds the nearest op_debug bytecode that precedes the specified line and column values. If there are more than one op_debug at that preceding line and column value, then the earliest of those op_debug bytecodes will be be selected. The offset of the selected bytecode will be returned. We want the earliest one because when we have multiple op_debug bytecodes that map to a given line and column, a debugger user would expect to break on the first one and step through the rest thereafter if needed. (JSC::compareLineColumnInfo): (JSC::UnlinkedCodeBlock::opDebugLineColumnInfoList): - Creates the sorted opDebugLineColumnInfoList on demand. This list is stored in the UnlinkedCodeBlock's rareData. * bytecode/UnlinkedCodeBlock.h: Canonical link: https://commits.webkit.org/145215@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@162256 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2014-01-18 17:55:07 +00:00
const char* event = "";
New bytecode format for JSC https://bugs.webkit.org/show_bug.cgi?id=187373 <rdar://problem/44186758> Reviewed by Filip Pizlo. .: Disable JIT by default on 32-bit platforms * Source/cmake/WebKitFeatures.cmake: JSTests: Add tests to ensure that the inferred inline capacity for a narrow op_new_object will be capped at 255. * stress/maximum-inline-capacity.js: Added. (test1): (test3.Foo): (test3): Source/JavaScriptCore: Replace unlinked and linked bytecode with a new immutable bytecode that does not embed any addresses. Instructions can be encoded as narrow (1-byte operands) or wide (4-byte operands) and might contain an extra operand, the metadataID. The metadataID is used to access the instruction's mutable data in a side table in the CodeBlock (the MetadataTable). Bytecodes now must be structs declared in the new BytecodeList.rb. All bytecodes give names and types to all its operands. Additionally, reading a bytecode from the instruction stream requires decoding the whole bytecode, i.e. it's no longer possible to access arbitrary operands directly from the stream. * CMakeLists.txt: * DerivedSources.make: * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * assembler/MacroAssemblerCodeRef.h: (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): * bytecode/ArithProfile.h: (JSC::ArithProfile::ArithProfile): * bytecode/ArrayAllocationProfile.h: (JSC::ArrayAllocationProfile::ArrayAllocationProfile): * bytecode/ArrayProfile.h: * bytecode/BytecodeBasicBlock.cpp: (JSC::isJumpTarget): (JSC::BytecodeBasicBlock::computeImpl): (JSC::BytecodeBasicBlock::compute): * bytecode/BytecodeBasicBlock.h: (JSC::BytecodeBasicBlock::leaderOffset const): (JSC::BytecodeBasicBlock::totalLength const): (JSC::BytecodeBasicBlock::offsets const): (JSC::BytecodeBasicBlock::BytecodeBasicBlock): (JSC::BytecodeBasicBlock::addLength): * bytecode/BytecodeDumper.cpp: (JSC::BytecodeDumper<Block>::printLocationAndOp): (JSC::BytecodeDumper<Block>::dumpBytecode): (JSC::BytecodeDumper<Block>::dumpIdentifiers): (JSC::BytecodeDumper<Block>::dumpConstants): (JSC::BytecodeDumper<Block>::dumpExceptionHandlers): (JSC::BytecodeDumper<Block>::dumpSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpStringSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpBlock): * bytecode/BytecodeDumper.h: (JSC::BytecodeDumper::dumpOperand): (JSC::BytecodeDumper::dumpValue): (JSC::BytecodeDumper::BytecodeDumper): (JSC::BytecodeDumper::block const): * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::enterPoint const): (JSC::BytecodeGeneratorification::instructions const): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): (JSC::performGeneratorification): * bytecode/BytecodeGeneratorification.h: * bytecode/BytecodeGraph.h: (JSC::BytecodeGraph::blockContainsBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockForBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockWithLeaderOffset): (JSC::BytecodeGraph::BytecodeGraph): * bytecode/BytecodeKills.h: * bytecode/BytecodeList.json: Removed. * bytecode/BytecodeList.rb: Added. * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::dumpResults): * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::isValidRegisterForLiveness): (JSC::BytecodeLivenessPropagation::stepOverInstruction): * bytecode/BytecodeRewriter.cpp: (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): (JSC::BytecodeRewriter::insertImpl): (JSC::BytecodeRewriter::adjustJumpTarget): (JSC::BytecodeRewriter::adjustJumpTargets): * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::InsertionPoint::InsertionPoint): (JSC::BytecodeRewriter::Fragment::Fragment): (JSC::BytecodeRewriter::Fragment::appendInstruction): (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::insertFragmentBefore): (JSC::BytecodeRewriter::insertFragmentAfter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::adjustAbsoluteOffset): (JSC::BytecodeRewriter::adjustJumpTarget): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::estimatedSize): (JSC::CodeBlock::visitChildren): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::finalizeLLIntInlineCaches): (JSC::CodeBlock::addJITAddIC): (JSC::CodeBlock::addJITMulIC): (JSC::CodeBlock::addJITSubIC): (JSC::CodeBlock::addJITNegIC): (JSC::CodeBlock::stronglyVisitStrongReferences): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::updateAllArrayPredictions): (JSC::CodeBlock::predictedMachineCodeSize): (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): (JSC::CodeBlock::valueProfileForBytecodeOffset): (JSC::CodeBlock::validate): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::outOfLineJumpTarget): (JSC::CodeBlock::arithProfileForBytecodeOffset): (JSC::CodeBlock::arithProfileForPC): (JSC::CodeBlock::couldTakeSpecialFastCase): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: (JSC::CodeBlock::addMathIC): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::bytecodeOffset): (JSC::CodeBlock::instructions const): (JSC::CodeBlock::instructionCount const): (JSC::CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters): (JSC::CodeBlock::metadata): (JSC::CodeBlock::metadataSizeInBytes): (JSC::CodeBlock::numberOfNonArgumentValueProfiles): (JSC::CodeBlock::totalNumberOfValueProfiles): * bytecode/CodeBlockInlines.h: Added. (JSC::CodeBlock::forEachValueProfile): (JSC::CodeBlock::forEachArrayProfile): (JSC::CodeBlock::forEachArrayAllocationProfile): (JSC::CodeBlock::forEachObjectAllocationProfile): (JSC::CodeBlock::forEachLLIntCallLinkInfo): * bytecode/Fits.h: Added. * bytecode/GetByIdMetadata.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): * bytecode/Instruction.h: (JSC::Instruction::Instruction): (JSC::Instruction::Impl::opcodeID const): (JSC::Instruction::opcodeID const): (JSC::Instruction::name const): (JSC::Instruction::isWide const): (JSC::Instruction::size const): (JSC::Instruction::is const): (JSC::Instruction::as const): (JSC::Instruction::cast): (JSC::Instruction::cast const): (JSC::Instruction::narrow const): (JSC::Instruction::wide const): * bytecode/InstructionStream.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::InstructionStream::InstructionStream): (JSC::InstructionStream::sizeInBytes const): * bytecode/InstructionStream.h: Added. (JSC::InstructionStream::BaseRef::BaseRef): (JSC::InstructionStream::BaseRef::operator=): (JSC::InstructionStream::BaseRef::operator-> const): (JSC::InstructionStream::BaseRef::ptr const): (JSC::InstructionStream::BaseRef::operator!= const): (JSC::InstructionStream::BaseRef::next const): (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::isValid const): (JSC::InstructionStream::BaseRef::unwrap const): (JSC::InstructionStream::MutableRef::freeze const): (JSC::InstructionStream::MutableRef::operator->): (JSC::InstructionStream::MutableRef::ptr): (JSC::InstructionStream::MutableRef::operator Ref): (JSC::InstructionStream::MutableRef::unwrap): (JSC::InstructionStream::iterator::operator*): (JSC::InstructionStream::iterator::operator++): (JSC::InstructionStream::begin const): (JSC::InstructionStream::end const): (JSC::InstructionStream::at const): (JSC::InstructionStream::size const): (JSC::InstructionStreamWriter::InstructionStreamWriter): (JSC::InstructionStreamWriter::ref): (JSC::InstructionStreamWriter::seek): (JSC::InstructionStreamWriter::position): (JSC::InstructionStreamWriter::write): (JSC::InstructionStreamWriter::rewind): (JSC::InstructionStreamWriter::finalize): (JSC::InstructionStreamWriter::swap): (JSC::InstructionStreamWriter::iterator::operator*): (JSC::InstructionStreamWriter::iterator::operator++): (JSC::InstructionStreamWriter::begin): (JSC::InstructionStreamWriter::end): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp: (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::LLIntPrototypeLoadAdaptiveStructureWatchpoint): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::clearLLIntGetByIdCache): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h: * bytecode/MetadataTable.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::MetadataTable::MetadataTable): (JSC::DeallocTable::withOpcodeType): (JSC::MetadataTable::~MetadataTable): (JSC::MetadataTable::sizeInBytes): * bytecode/MetadataTable.h: Copied from Source/JavaScriptCore/runtime/Watchdog.h. (JSC::MetadataTable::get): (JSC::MetadataTable::forEach): (JSC::MetadataTable::getImpl): * bytecode/Opcode.cpp: (JSC::metadataSize): * bytecode/Opcode.h: (JSC::padOpcodeName): * bytecode/OpcodeInlines.h: (JSC::isOpcodeShape): (JSC::getOpcodeType): * bytecode/OpcodeSize.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecode/PreciseJumpTargets.cpp: (JSC::getJumpTargetsForInstruction): (JSC::computePreciseJumpTargetsInternal): (JSC::computePreciseJumpTargets): (JSC::recomputePreciseJumpTargets): (JSC::findJumpTargetsForInstruction): * bytecode/PreciseJumpTargets.h: * bytecode/PreciseJumpTargetsInlines.h: (JSC::jumpTargetForInstruction): (JSC::extractStoredJumpTargetsForInstruction): (JSC::updateStoredJumpTargetsForInstruction): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): * bytecode/SpecialPointer.cpp: (WTF::printInternal): * bytecode/SpecialPointer.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::estimatedSize): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): (JSC::UnlinkedCodeBlock::setInstructions): (JSC::UnlinkedCodeBlock::instructions const): (JSC::UnlinkedCodeBlock::applyModification): (JSC::UnlinkedCodeBlock::addOutOfLineJumpTarget): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::addPropertyAccessInstruction): (JSC::UnlinkedCodeBlock::propertyAccessInstructions const): (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const): (JSC::UnlinkedCodeBlock::metadata): (JSC::UnlinkedCodeBlock::metadataSizeInBytes): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): (JSC::UnlinkedCodeBlock::replaceOutOfLineJumpTargets): * bytecode/UnlinkedInstructionStream.cpp: Removed. * bytecode/UnlinkedInstructionStream.h: Removed. * bytecode/UnlinkedMetadataTable.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/UnlinkedMetadataTableInlines.h: Added. (JSC::UnlinkedMetadataTable::UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::~UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::addEntry): (JSC::UnlinkedMetadataTable::sizeInBytes): (JSC::UnlinkedMetadataTable::finalize): (JSC::UnlinkedMetadataTable::link): (JSC::UnlinkedMetadataTable::unlink): * bytecode/VirtualRegister.cpp: (JSC::VirtualRegister::VirtualRegister): * bytecode/VirtualRegister.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::Label::setLocation): (JSC::Label::bind): (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeVarLexicalEnvironment): (JSC::BytecodeGenerator::emitEnter): (JSC::BytecodeGenerator::emitLoopHint): (JSC::BytecodeGenerator::emitJump): (JSC::BytecodeGenerator::emitCheckTraps): (JSC::BytecodeGenerator::rewind): (JSC::BytecodeGenerator::fuseCompareAndJump): (JSC::BytecodeGenerator::fuseTestAndJmp): (JSC::BytecodeGenerator::emitJumpIfTrue): (JSC::BytecodeGenerator::emitJumpIfFalse): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::moveLinkTimeConstant): (JSC::BytecodeGenerator::moveEmptyValue): (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::emitBinaryOp): (JSC::BytecodeGenerator::emitToObject): (JSC::BytecodeGenerator::emitToNumber): (JSC::BytecodeGenerator::emitToString): (JSC::BytecodeGenerator::emitTypeOf): (JSC::BytecodeGenerator::emitInc): (JSC::BytecodeGenerator::emitDec): (JSC::BytecodeGenerator::emitEqualityOp): (JSC::BytecodeGenerator::emitProfileType): (JSC::BytecodeGenerator::emitProfileControlFlow): (JSC::BytecodeGenerator::pushLexicalScopeInternal): (JSC::BytecodeGenerator::emitResolveScopeForHoistingFuncDeclInEval): (JSC::BytecodeGenerator::prepareLexicalScopeForNextForLoopIteration): (JSC::BytecodeGenerator::emitOverridesHasInstance): (JSC::BytecodeGenerator::emitResolveScope): (JSC::BytecodeGenerator::emitGetFromScope): (JSC::BytecodeGenerator::emitPutToScope): (JSC::BytecodeGenerator::emitInstanceOf): (JSC::BytecodeGenerator::emitInstanceOfCustom): (JSC::BytecodeGenerator::emitInByVal): (JSC::BytecodeGenerator::emitInById): (JSC::BytecodeGenerator::emitTryGetById): (JSC::BytecodeGenerator::emitGetById): (JSC::BytecodeGenerator::emitDirectGetById): (JSC::BytecodeGenerator::emitPutById): (JSC::BytecodeGenerator::emitDirectPutById): (JSC::BytecodeGenerator::emitPutGetterById): (JSC::BytecodeGenerator::emitPutSetterById): (JSC::BytecodeGenerator::emitPutGetterSetter): (JSC::BytecodeGenerator::emitPutGetterByVal): (JSC::BytecodeGenerator::emitPutSetterByVal): (JSC::BytecodeGenerator::emitDeleteById): (JSC::BytecodeGenerator::emitGetByVal): (JSC::BytecodeGenerator::emitPutByVal): (JSC::BytecodeGenerator::emitDirectPutByVal): (JSC::BytecodeGenerator::emitDeleteByVal): (JSC::BytecodeGenerator::emitSuperSamplerBegin): (JSC::BytecodeGenerator::emitSuperSamplerEnd): (JSC::BytecodeGenerator::emitIdWithProfile): (JSC::BytecodeGenerator::emitUnreachable): (JSC::BytecodeGenerator::emitGetArgument): (JSC::BytecodeGenerator::emitCreateThis): (JSC::BytecodeGenerator::emitTDZCheck): (JSC::BytecodeGenerator::emitNewObject): (JSC::BytecodeGenerator::emitNewArrayBuffer): (JSC::BytecodeGenerator::emitNewArray): (JSC::BytecodeGenerator::emitNewArrayWithSpread): (JSC::BytecodeGenerator::emitNewArrayWithSize): (JSC::BytecodeGenerator::emitNewRegExp): (JSC::BytecodeGenerator::emitNewFunctionExpressionCommon): (JSC::BytecodeGenerator::emitNewDefaultConstructor): (JSC::BytecodeGenerator::emitNewFunction): (JSC::BytecodeGenerator::emitSetFunctionNameIfNeeded): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitCallInTailPosition): (JSC::BytecodeGenerator::emitCallEval): (JSC::BytecodeGenerator::emitExpectedFunctionSnippet): (JSC::BytecodeGenerator::emitCallVarargs): (JSC::BytecodeGenerator::emitCallVarargsInTailPosition): (JSC::BytecodeGenerator::emitConstructVarargs): (JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition): (JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary): (JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary): (JSC::BytecodeGenerator::emitCallDefineProperty): (JSC::BytecodeGenerator::emitReturn): (JSC::BytecodeGenerator::emitEnd): (JSC::BytecodeGenerator::emitConstruct): (JSC::BytecodeGenerator::emitStrcat): (JSC::BytecodeGenerator::emitToPrimitive): (JSC::BytecodeGenerator::emitGetScope): (JSC::BytecodeGenerator::emitPushWithScope): (JSC::BytecodeGenerator::emitGetParentScope): (JSC::BytecodeGenerator::emitDebugHook): (JSC::BytecodeGenerator::emitCatch): (JSC::BytecodeGenerator::emitThrow): (JSC::BytecodeGenerator::emitArgumentCount): (JSC::BytecodeGenerator::emitThrowStaticError): (JSC::BytecodeGenerator::beginSwitch): (JSC::prepareJumpTableForSwitch): (JSC::prepareJumpTableForStringSwitch): (JSC::BytecodeGenerator::endSwitch): (JSC::BytecodeGenerator::emitGetEnumerableLength): (JSC::BytecodeGenerator::emitHasGenericProperty): (JSC::BytecodeGenerator::emitHasIndexedProperty): (JSC::BytecodeGenerator::emitHasStructureProperty): (JSC::BytecodeGenerator::emitGetPropertyEnumerator): (JSC::BytecodeGenerator::emitEnumeratorStructurePropertyName): (JSC::BytecodeGenerator::emitEnumeratorGenericPropertyName): (JSC::BytecodeGenerator::emitToIndexString): (JSC::BytecodeGenerator::emitIsCellWithType): (JSC::BytecodeGenerator::emitIsObject): (JSC::BytecodeGenerator::emitIsNumber): (JSC::BytecodeGenerator::emitIsUndefined): (JSC::BytecodeGenerator::emitIsEmpty): (JSC::BytecodeGenerator::emitRestParameter): (JSC::BytecodeGenerator::emitRequireObjectCoercible): (JSC::BytecodeGenerator::emitYieldPoint): (JSC::BytecodeGenerator::emitYield): (JSC::BytecodeGenerator::emitGetAsyncIterator): (JSC::BytecodeGenerator::emitDelegateYield): (JSC::BytecodeGenerator::emitFinallyCompletion): (JSC::BytecodeGenerator::emitJumpIf): (JSC::ForInContext::finalize): (JSC::StructureForInContext::finalize): (JSC::IndexedForInContext::finalize): (JSC::StaticPropertyAnalysis::record): (JSC::BytecodeGenerator::emitToThis): * bytecompiler/BytecodeGenerator.h: (JSC::StructureForInContext::addGetInst): (JSC::BytecodeGenerator::recordOpcode): (JSC::BytecodeGenerator::addMetadataFor): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::kill): (JSC::BytecodeGenerator::instructions const): (JSC::BytecodeGenerator::write): (JSC::BytecodeGenerator::withWriter): * bytecompiler/Label.h: (JSC::Label::Label): (JSC::Label::bind): * bytecompiler/NodesCodegen.cpp: (JSC::ArrayNode::emitBytecode): (JSC::BytecodeIntrinsicNode::emit_intrinsic_argumentCount): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::BitwiseNotNode::emitBytecode): (JSC::BinaryOpNode::emitBytecode): (JSC::EqualNode::emitBytecode): (JSC::StrictEqualNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ForInNode::emitBytecode): (JSC::CaseBlockNode::emitBytecodeForBlock): (JSC::FunctionNode::emitBytecode): (JSC::ClassExprNode::emitBytecode): * bytecompiler/ProfileTypeBytecodeFlag.cpp: Copied from Source/JavaScriptCore/bytecode/VirtualRegister.cpp. (WTF::printInternal): * bytecompiler/ProfileTypeBytecodeFlag.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecompiler/RegisterID.h: * bytecompiler/StaticPropertyAnalysis.h: (JSC::StaticPropertyAnalysis::create): (JSC::StaticPropertyAnalysis::StaticPropertyAnalysis): * bytecompiler/StaticPropertyAnalyzer.h: (JSC::StaticPropertyAnalyzer::createThis): (JSC::StaticPropertyAnalyzer::newObject): (JSC::StaticPropertyAnalyzer::putById): (JSC::StaticPropertyAnalyzer::mov): (JSC::StaticPropertyAnalyzer::kill): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleVarargsCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleVarargsInlining): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::handleMinMax): (JSC::DFG::ByteCodeParser::handleIntrinsicCall): (JSC::DFG::ByteCodeParser::handleDOMJITCall): (JSC::DFG::ByteCodeParser::handleIntrinsicGetter): (JSC::DFG::ByteCodeParser::handleDOMJITGetter): (JSC::DFG::ByteCodeParser::handleModuleNamespaceLoad): (JSC::DFG::ByteCodeParser::handleTypedArrayConstructor): (JSC::DFG::ByteCodeParser::handleConstantInternalFunction): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseGetById): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::handlePutByVal): (JSC::DFG::ByteCodeParser::handlePutAccessorById): (JSC::DFG::ByteCodeParser::handlePutAccessorByVal): (JSC::DFG::ByteCodeParser::handleNewFunc): (JSC::DFG::ByteCodeParser::handleNewFuncExp): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCapabilities.cpp: (JSC::DFG::capabilityLevel): * dfg/DFGCapabilities.h: (JSC::DFG::capabilityLevel): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareCatchOSREntry): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileArithMul): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileUnaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileBinaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileArithMul): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOperations.cpp: (JSC::FTL::operationMaterializeObjectInOSR): * generate-bytecode-files: Removed. * generator/Argument.rb: Added. * generator/Assertion.rb: Added. * generator/DSL.rb: Added. * generator/Fits.rb: Added. * generator/GeneratedFile.rb: Added. * generator/Metadata.rb: Added. * generator/Opcode.rb: Added. * generator/OpcodeGroup.rb: Added. * generator/Options.rb: Added. * generator/Section.rb: Added. * generator/Template.rb: Added. * generator/Type.rb: Added. * generator/main.rb: Added. * interpreter/AbstractPC.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::currentVPC const): (JSC::CallFrame::setCurrentVPC): * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::ExecState::setReturnPC): * interpreter/Interpreter.cpp: (WTF::printInternal): * interpreter/Interpreter.h: * interpreter/InterpreterInlines.h: * interpreter/StackVisitor.cpp: (JSC::StackVisitor::Frame::dump const): * interpreter/VMEntryRecord.h: * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitSlowCaseCall): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): * jit/JIT.h: * jit/JITArithmetic.cpp: (JSC::JIT::emit_op_jless): (JSC::JIT::emit_op_jlesseq): (JSC::JIT::emit_op_jgreater): (JSC::JIT::emit_op_jgreatereq): (JSC::JIT::emit_op_jnless): (JSC::JIT::emit_op_jnlesseq): (JSC::JIT::emit_op_jngreater): (JSC::JIT::emit_op_jngreatereq): (JSC::JIT::emitSlow_op_jless): (JSC::JIT::emitSlow_op_jlesseq): (JSC::JIT::emitSlow_op_jgreater): (JSC::JIT::emitSlow_op_jgreatereq): (JSC::JIT::emitSlow_op_jnless): (JSC::JIT::emitSlow_op_jnlesseq): (JSC::JIT::emitSlow_op_jngreater): (JSC::JIT::emitSlow_op_jngreatereq): (JSC::JIT::emit_op_below): (JSC::JIT::emit_op_beloweq): (JSC::JIT::emit_op_jbelow): (JSC::JIT::emit_op_jbeloweq): (JSC::JIT::emit_op_unsigned): (JSC::JIT::emit_compareAndJump): (JSC::JIT::emit_compareUnsignedAndJump): (JSC::JIT::emit_compareUnsigned): (JSC::JIT::emit_compareAndJumpSlow): (JSC::JIT::emit_op_inc): (JSC::JIT::emit_op_dec): (JSC::JIT::emit_op_mod): (JSC::JIT::emitSlow_op_mod): (JSC::JIT::emit_op_negate): (JSC::JIT::emitSlow_op_negate): (JSC::JIT::emitBitBinaryOpFastPath): (JSC::JIT::emit_op_bitand): (JSC::JIT::emit_op_bitor): (JSC::JIT::emit_op_bitxor): (JSC::JIT::emit_op_lshift): (JSC::JIT::emitRightShiftFastPath): (JSC::JIT::emit_op_rshift): (JSC::JIT::emit_op_urshift): (JSC::getOperandTypes): (JSC::JIT::emit_op_add): (JSC::JIT::emitSlow_op_add): (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow): (JSC::JIT::emit_op_div): (JSC::JIT::emit_op_mul): (JSC::JIT::emitSlow_op_mul): (JSC::JIT::emit_op_sub): (JSC::JIT::emitSlow_op_sub): * jit/JITCall.cpp: (JSC::JIT::emitPutCallResult): (JSC::JIT::compileSetupFrame): (JSC::JIT::compileCallEval): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileTailCall): (JSC::JIT::compileOpCall): (JSC::JIT::compileOpCallSlowCase): (JSC::JIT::emit_op_call): (JSC::JIT::emit_op_tail_call): (JSC::JIT::emit_op_call_eval): (JSC::JIT::emit_op_call_varargs): (JSC::JIT::emit_op_tail_call_varargs): (JSC::JIT::emit_op_tail_call_forward_arguments): (JSC::JIT::emit_op_construct_varargs): (JSC::JIT::emit_op_construct): (JSC::JIT::emitSlow_op_call): (JSC::JIT::emitSlow_op_tail_call): (JSC::JIT::emitSlow_op_call_eval): (JSC::JIT::emitSlow_op_call_varargs): (JSC::JIT::emitSlow_op_tail_call_varargs): (JSC::JIT::emitSlow_op_tail_call_forward_arguments): (JSC::JIT::emitSlow_op_construct_varargs): (JSC::JIT::emitSlow_op_construct): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::JITDisassembler): * jit/JITExceptions.cpp: (JSC::genericUnwind): * jit/JITInlines.h: (JSC::JIT::emitDoubleGetByVal): (JSC::JIT::emitLoadForArrayMode): (JSC::JIT::emitContiguousGetByVal): (JSC::JIT::emitArrayStorageGetByVal): (JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile): (JSC::JIT::sampleInstruction): (JSC::JIT::emitValueProfilingSiteIfProfiledOpcode): (JSC::JIT::emitValueProfilingSite): (JSC::JIT::jumpTarget): (JSC::JIT::copiedGetPutInfo): (JSC::JIT::copiedArithProfile): * jit/JITMathIC.h: (JSC::isProfileEmpty): (JSC::JITBinaryMathIC::JITBinaryMathIC): (JSC::JITUnaryMathIC::JITUnaryMathIC): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_mov): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_jmp): (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_overrides_has_instance): (JSC::JIT::emit_op_instanceof): (JSC::JIT::emitSlow_op_instanceof): (JSC::JIT::emit_op_instanceof_custom): (JSC::JIT::emit_op_is_empty): (JSC::JIT::emit_op_is_undefined): (JSC::JIT::emit_op_is_boolean): (JSC::JIT::emit_op_is_number): (JSC::JIT::emit_op_is_cell_with_type): (JSC::JIT::emit_op_is_object): (JSC::JIT::emit_op_ret): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emit_op_set_function_name): (JSC::JIT::emit_op_not): (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jeq_null): (JSC::JIT::emit_op_jneq_null): (JSC::JIT::emit_op_jneq_ptr): (JSC::JIT::emit_op_eq): (JSC::JIT::emit_op_jeq): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_neq): (JSC::JIT::emit_op_jneq): (JSC::JIT::emit_op_throw): (JSC::JIT::compileOpStrictEq): (JSC::JIT::emit_op_stricteq): (JSC::JIT::emit_op_nstricteq): (JSC::JIT::compileOpStrictEqJump): (JSC::JIT::emit_op_jstricteq): (JSC::JIT::emit_op_jnstricteq): (JSC::JIT::emitSlow_op_jstricteq): (JSC::JIT::emitSlow_op_jnstricteq): (JSC::JIT::emit_op_to_number): (JSC::JIT::emit_op_to_string): (JSC::JIT::emit_op_to_object): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_identity_with_profile): (JSC::JIT::emit_op_get_parent_scope): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_debug): (JSC::JIT::emit_op_eq_null): (JSC::JIT::emit_op_neq_null): (JSC::JIT::emit_op_enter): (JSC::JIT::emit_op_get_scope): (JSC::JIT::emit_op_to_this): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_check_tdz): (JSC::JIT::emitSlow_op_eq): (JSC::JIT::emitSlow_op_neq): (JSC::JIT::emitSlow_op_jeq): (JSC::JIT::emitSlow_op_jneq): (JSC::JIT::emitSlow_op_instanceof_custom): (JSC::JIT::emit_op_loop_hint): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_check_traps): (JSC::JIT::emit_op_nop): (JSC::JIT::emit_op_super_sampler_begin): (JSC::JIT::emit_op_super_sampler_end): (JSC::JIT::emitSlow_op_check_traps): (JSC::JIT::emit_op_new_regexp): (JSC::JIT::emitNewFuncCommon): (JSC::JIT::emit_op_new_func): (JSC::JIT::emit_op_new_generator_func): (JSC::JIT::emit_op_new_async_generator_func): (JSC::JIT::emit_op_new_async_func): (JSC::JIT::emitNewFuncExprCommon): (JSC::JIT::emit_op_new_func_exp): (JSC::JIT::emit_op_new_generator_func_exp): (JSC::JIT::emit_op_new_async_func_exp): (JSC::JIT::emit_op_new_async_generator_func_exp): (JSC::JIT::emit_op_new_array): (JSC::JIT::emit_op_new_array_with_size): (JSC::JIT::emit_op_has_structure_property): (JSC::JIT::privateCompileHasIndexedProperty): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emitSlow_op_has_indexed_property): (JSC::JIT::emit_op_get_direct_pname): (JSC::JIT::emit_op_enumerator_structure_pname): (JSC::JIT::emit_op_enumerator_generic_pname): (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): (JSC::JIT::emit_op_profile_control_flow): (JSC::JIT::emit_op_argument_count): (JSC::JIT::emit_op_get_rest_length): (JSC::JIT::emit_op_get_argument): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_to_this): * jit/JITOperations.cpp: * jit/JITOperations.h: * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val_direct): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::emit_op_put_getter_by_id): (JSC::JIT::emit_op_put_setter_by_id): (JSC::JIT::emit_op_put_getter_setter_by_id): (JSC::JIT::emit_op_put_getter_by_val): (JSC::JIT::emit_op_put_setter_by_val): (JSC::JIT::emit_op_del_by_id): (JSC::JIT::emit_op_del_by_val): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emitSlow_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emitSlow_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emitSlow_op_get_by_id): (JSC::JIT::emitSlow_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emitSlow_op_put_by_id): (JSC::JIT::emit_op_in_by_id): (JSC::JIT::emitSlow_op_in_by_id): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emitSlow_op_put_to_scope): (JSC::JIT::emit_op_get_from_arguments): (JSC::JIT::emit_op_put_to_arguments): (JSC::JIT::privateCompileGetByVal): (JSC::JIT::privateCompileGetByValWithCachedId): (JSC::JIT::privateCompilePutByVal): (JSC::JIT::privateCompilePutByValWithCachedId): (JSC::JIT::emitDoubleLoad): (JSC::JIT::emitContiguousLoad): (JSC::JIT::emitArrayStorageLoad): (JSC::JIT::emitDirectArgumentsGetByVal): (JSC::JIT::emitScopedArgumentsGetByVal): (JSC::JIT::emitIntTypedArrayGetByVal): (JSC::JIT::emitFloatTypedArrayGetByVal): (JSC::JIT::emitIntTypedArrayPutByVal): (JSC::JIT::emitFloatTypedArrayPutByVal): * jit/RegisterSet.cpp: (JSC::RegisterSet::llintBaselineCalleeSaveRegisters): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::JITSlowPathCall): * llint/LLIntData.cpp: (JSC::LLInt::initialize): (JSC::LLInt::Data::performAssertions): * llint/LLIntData.h: (JSC::LLInt::exceptionInstructions): (JSC::LLInt::opcodeMap): (JSC::LLInt::opcodeMapWide): (JSC::LLInt::getOpcode): (JSC::LLInt::getOpcodeWide): (JSC::LLInt::getWideCodePtr): * llint/LLIntOffsetsExtractor.cpp: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::llint_trace_operand): (JSC::LLInt::llint_trace_value): (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::entryOSR): (JSC::LLInt::setupGetByIdPrototypeCache): (JSC::LLInt::getByVal): (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall): (JSC::LLInt::genericCall): (JSC::LLInt::varargsSetup): (JSC::LLInt::commonCallEval): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter.cpp: (JSC::CLoopRegister::operator const Instruction*): (JSC::CLoop::execute): * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * offlineasm/arm64.rb: * offlineasm/asm.rb: * offlineasm/ast.rb: * offlineasm/cloop.rb: * offlineasm/generate_offset_extractor.rb: * offlineasm/instructions.rb: * offlineasm/offsets.rb: * offlineasm/parser.rb: * offlineasm/transform.rb: * offlineasm/x86.rb: * parser/ResultType.h: (JSC::ResultType::dump const): (JSC::OperandTypes::first const): (JSC::OperandTypes::second const): (JSC::OperandTypes::dump const): * profiler/ProfilerBytecodeSequence.cpp: (JSC::Profiler::BytecodeSequence::BytecodeSequence): * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): (JSC::updateArithProfileForUnaryArithOp): (JSC::updateArithProfileForBinaryArithOp): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::tryCachePutToScopeGlobal): (JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal): * runtime/ExceptionFuzz.cpp: (JSC::doExceptionFuzzing): * runtime/ExceptionFuzz.h: (JSC::doExceptionFuzzingIfEnabled): * runtime/GetPutInfo.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::GetPutInfo::dump const): (WTF::printInternal): * runtime/GetPutInfo.h: (JSC::GetPutInfo::operand const): * runtime/JSCPoison.h: * runtime/JSType.cpp: Added. (WTF::printInternal): * runtime/JSType.h: * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::StackFrame::displayName): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::UnprocessedStackFrame::UnprocessedStackFrame): * runtime/SlowPathReturnType.h: (JSC::encodeResult): (JSC::decodeResult): * runtime/VM.h: * runtime/Watchdog.h: * tools/HeapVerifier.cpp: Source/WTF: * wtf/Forward.h: Fix WTF_LAZY_FOR_EACH_TERM on MSVC and add WTF_LAZY_HAS_REST to check whether a macro was passed multiple arguments * wtf/Platform.h: Force ENABLE_JIT=false on all 32-bit platforms * wtf/Vector.h: (WTF::minCapacity>::insertVector): Allow vectors with different overflow handlers to be passed to insertVector Tools: Do not force ENABLE_JIT=true when $forceCLoop is false. * Scripts/build-jsc: LayoutTests: Don't use recursion on `equal` to avoid premature stack overflows when testing deep arrays. * fast/dom/Window/resources/postmessage-test.js: Canonical link: https://commits.webkit.org/205839@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237547 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-10-29 13:16:03 +00:00
if (instruction->is<OpDebug>()) {
Refactor new bytecode structs so that the fields are prefixed with "m_". https://bugs.webkit.org/show_bug.cgi?id=193467 Reviewed by Saam Barati and Tadeu Zagallo. This makes it easier to do a manual audit of type correctness of the LLInt instructions used to access these fields. Without this change, it would be difficult (and error prone) to distinguish the difference between field names and macro variables. This audit will be done after this patch lands. * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::finalizeLLIntInlineCaches): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::notifyLexicalBindingShadowing): (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): (JSC::CodeBlock::arithProfileForPC): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlockInlines.h: (JSC::CodeBlock::forEachValueProfile): (JSC::CodeBlock::forEachArrayProfile): (JSC::CodeBlock::forEachArrayAllocationProfile): (JSC::CodeBlock::forEachObjectAllocationProfile): (JSC::CodeBlock::forEachLLIntCallLinkInfo): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp: (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::clearLLIntGetByIdCache): * bytecode/PreciseJumpTargetsInlines.h: (JSC::jumpTargetForInstruction): (JSC::extractStoredJumpTargetsForInstruction): (JSC::updateStoredJumpTargetsForInstruction): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): * bytecode/UnlinkedCodeBlock.cpp: (JSC::dumpLineColumnEntry): * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::fuseCompareAndJump): (JSC::BytecodeGenerator::fuseTestAndJmp): (JSC::BytecodeGenerator::emitEqualityOp): (JSC::BytecodeGenerator::endSwitch): (JSC::StructureForInContext::finalize): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleVarargsCall): (JSC::DFG::ByteCodeParser::parseGetById): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::handlePutByVal): (JSC::DFG::ByteCodeParser::handlePutAccessorById): (JSC::DFG::ByteCodeParser::handlePutAccessorByVal): (JSC::DFG::ByteCodeParser::handleNewFunc): (JSC::DFG::ByteCodeParser::handleNewFuncExp): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareCatchOSREntry): * ftl/FTLOperations.cpp: (JSC::FTL::operationMaterializeObjectInOSR): * generator/Argument.rb: * generator/Metadata.rb: * generator/Opcode.rb: * jit/JIT.h: * jit/JITArithmetic.cpp: (JSC::JIT::emit_op_unsigned): (JSC::JIT::emit_compareAndJump): (JSC::JIT::emit_compareUnsignedAndJump): (JSC::JIT::emit_compareUnsigned): (JSC::JIT::emit_compareAndJumpSlow): (JSC::JIT::emit_op_inc): (JSC::JIT::emit_op_dec): (JSC::JIT::emit_op_mod): (JSC::JIT::emit_op_negate): (JSC::JIT::emitBitBinaryOpFastPath): (JSC::JIT::emit_op_bitnot): (JSC::JIT::emitRightShiftFastPath): (JSC::JIT::emit_op_add): (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow): (JSC::JIT::emit_op_div): (JSC::JIT::emit_op_mul): (JSC::JIT::emit_op_sub): * jit/JITArithmetic32_64.cpp: (JSC::JIT::emit_compareAndJump): (JSC::JIT::emit_compareUnsignedAndJump): (JSC::JIT::emit_compareUnsigned): (JSC::JIT::emit_compareAndJumpSlow): (JSC::JIT::emit_op_unsigned): (JSC::JIT::emit_op_inc): (JSC::JIT::emit_op_dec): (JSC::JIT::emitBinaryDoubleOp): (JSC::JIT::emit_op_mod): * jit/JITCall.cpp: (JSC::JIT::emitPutCallResult): (JSC::JIT::compileSetupFrame): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileTailCall): (JSC::JIT::compileOpCall): * jit/JITCall32_64.cpp: (JSC::JIT::emitPutCallResult): (JSC::JIT::emit_op_ret): (JSC::JIT::compileSetupFrame): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileOpCall): * jit/JITInlines.h: (JSC::JIT::emitValueProfilingSiteIfProfiledOpcode): (JSC::JIT::emitValueProfilingSite): (JSC::JIT::copiedGetPutInfo): (JSC::JIT::copiedArithProfile): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_mov): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_jmp): (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_overrides_has_instance): (JSC::JIT::emit_op_instanceof): (JSC::JIT::emitSlow_op_instanceof): (JSC::JIT::emit_op_is_empty): (JSC::JIT::emit_op_is_undefined): (JSC::JIT::emit_op_is_undefined_or_null): (JSC::JIT::emit_op_is_boolean): (JSC::JIT::emit_op_is_number): (JSC::JIT::emit_op_is_cell_with_type): (JSC::JIT::emit_op_is_object): (JSC::JIT::emit_op_ret): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emit_op_set_function_name): (JSC::JIT::emit_op_not): (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jeq_null): (JSC::JIT::emit_op_jneq_null): (JSC::JIT::emit_op_jneq_ptr): (JSC::JIT::emit_op_eq): (JSC::JIT::emit_op_jeq): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_neq): (JSC::JIT::emit_op_jneq): (JSC::JIT::emit_op_throw): (JSC::JIT::compileOpStrictEq): (JSC::JIT::compileOpStrictEqJump): (JSC::JIT::emitSlow_op_jstricteq): (JSC::JIT::emitSlow_op_jnstricteq): (JSC::JIT::emit_op_to_number): (JSC::JIT::emit_op_to_string): (JSC::JIT::emit_op_to_object): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_get_parent_scope): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_debug): (JSC::JIT::emit_op_eq_null): (JSC::JIT::emit_op_neq_null): (JSC::JIT::emit_op_get_scope): (JSC::JIT::emit_op_to_this): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_check_tdz): (JSC::JIT::emitSlow_op_eq): (JSC::JIT::emitSlow_op_neq): (JSC::JIT::emitSlow_op_jeq): (JSC::JIT::emitSlow_op_jneq): (JSC::JIT::emitSlow_op_instanceof_custom): (JSC::JIT::emit_op_new_regexp): (JSC::JIT::emitNewFuncCommon): (JSC::JIT::emitNewFuncExprCommon): (JSC::JIT::emit_op_new_array): (JSC::JIT::emit_op_new_array_with_size): (JSC::JIT::emit_op_has_structure_property): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emitSlow_op_has_indexed_property): (JSC::JIT::emit_op_get_direct_pname): (JSC::JIT::emit_op_enumerator_structure_pname): (JSC::JIT::emit_op_enumerator_generic_pname): (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): (JSC::JIT::emit_op_profile_control_flow): (JSC::JIT::emit_op_argument_count): (JSC::JIT::emit_op_get_rest_length): (JSC::JIT::emit_op_get_argument): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_mov): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_jmp): (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_overrides_has_instance): (JSC::JIT::emit_op_instanceof): (JSC::JIT::emitSlow_op_instanceof): (JSC::JIT::emitSlow_op_instanceof_custom): (JSC::JIT::emit_op_is_empty): (JSC::JIT::emit_op_is_undefined): (JSC::JIT::emit_op_is_undefined_or_null): (JSC::JIT::emit_op_is_boolean): (JSC::JIT::emit_op_is_number): (JSC::JIT::emit_op_is_cell_with_type): (JSC::JIT::emit_op_is_object): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emit_op_set_function_name): (JSC::JIT::emit_op_not): (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_jeq_null): (JSC::JIT::emit_op_jneq_null): (JSC::JIT::emit_op_jneq_ptr): (JSC::JIT::emit_op_eq): (JSC::JIT::emitSlow_op_eq): (JSC::JIT::emit_op_jeq): (JSC::JIT::emitSlow_op_jeq): (JSC::JIT::emit_op_neq): (JSC::JIT::emitSlow_op_neq): (JSC::JIT::emit_op_jneq): (JSC::JIT::emitSlow_op_jneq): (JSC::JIT::compileOpStrictEq): (JSC::JIT::compileOpStrictEqJump): (JSC::JIT::emitSlow_op_jstricteq): (JSC::JIT::emitSlow_op_jnstricteq): (JSC::JIT::emit_op_eq_null): (JSC::JIT::emit_op_neq_null): (JSC::JIT::emit_op_throw): (JSC::JIT::emit_op_to_number): (JSC::JIT::emit_op_to_string): (JSC::JIT::emit_op_to_object): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_get_parent_scope): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_debug): (JSC::JIT::emit_op_get_scope): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_to_this): (JSC::JIT::emit_op_check_tdz): (JSC::JIT::emit_op_has_structure_property): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emitSlow_op_has_indexed_property): (JSC::JIT::emit_op_get_direct_pname): (JSC::JIT::emit_op_enumerator_structure_pname): (JSC::JIT::emit_op_enumerator_generic_pname): (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): * jit/JITOperations.cpp: * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::emit_op_put_getter_by_id): (JSC::JIT::emit_op_put_setter_by_id): (JSC::JIT::emit_op_put_getter_setter_by_id): (JSC::JIT::emit_op_put_getter_by_val): (JSC::JIT::emit_op_put_setter_by_val): (JSC::JIT::emit_op_del_by_id): (JSC::JIT::emit_op_del_by_val): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emitSlow_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emitSlow_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emitSlow_op_get_by_id): (JSC::JIT::emitSlow_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emitSlow_op_put_by_id): (JSC::JIT::emit_op_in_by_id): (JSC::JIT::emitSlow_op_in_by_id): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emit_op_get_from_arguments): (JSC::JIT::emit_op_put_to_arguments): (JSC::JIT::emitIntTypedArrayPutByVal): (JSC::JIT::emitFloatTypedArrayPutByVal): * jit/JITPropertyAccess32_64.cpp: (JSC::JIT::emit_op_put_getter_by_id): (JSC::JIT::emit_op_put_setter_by_id): (JSC::JIT::emit_op_put_getter_setter_by_id): (JSC::JIT::emit_op_put_getter_by_val): (JSC::JIT::emit_op_put_setter_by_val): (JSC::JIT::emit_op_del_by_id): (JSC::JIT::emit_op_del_by_val): (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emitSlow_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emitSlow_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emitSlow_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emitSlow_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emitSlow_op_put_by_id): (JSC::JIT::emit_op_in_by_id): (JSC::JIT::emitSlow_op_in_by_id): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emit_op_get_from_arguments): (JSC::JIT::emit_op_put_to_arguments): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::setupGetByIdPrototypeCache): (JSC::LLInt::getByVal): (JSC::LLInt::genericCall): (JSC::LLInt::varargsSetup): (JSC::LLInt::commonCallEval): * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): (JSC::updateArithProfileForUnaryArithOp): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::tryCachePutToScopeGlobal): (JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal): Canonical link: https://commits.webkit.org/208004@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240041 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-01-16 18:44:25 +00:00
switch (instruction->as<OpDebug>().m_debugHookType) {
Adding UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn().. https://bugs.webkit.org/show_bug.cgi?id=127127. Reviewed by Geoffrey Garen. In order to implement bytecode level breakpoints, we need a mechanism for computing the best fit op_debug bytecode offset for any valid given line and column value in the source. The "best fit" op_debug bytecode in this case is defined below in the comment for UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn(). * GNUmakefile.list.am: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Convert the line and column to unlinked line and column values and pass them to UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn() to do the real work. * bytecode/CodeBlock.h: * bytecode/LineColumnInfo.h: Added. (JSC::LineColumnInfo::operator <): (JSC::LineColumnInfo::LineColumnPair::LineColumnPair): (JSC::LineColumnInfo::operator ==): (JSC::LineColumnInfo::operator !=): (JSC::LineColumnInfo::operator <=): (JSC::LineColumnInfo::operator >): (JSC::LineColumnInfo::operator >=): * bytecode/LineInfo.h: Removed. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::decodeExpressionRangeLineAndColumn): - Factored this out of expressionRangeForBytecodeOffset() so that it can be called from multiple places. (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::dumpExpressionRangeInfo): (JSC::UnlinkedCodeBlock::dumpOpDebugLineColumnInfoList): - Some dumpers for debugging use only. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): (JSC::UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Finds the earliest op_debug bytecode whose line and column matches the specified line and column values. If an exact match is not found, then finds the nearest op_debug bytecode that precedes the specified line and column values. If there are more than one op_debug at that preceding line and column value, then the earliest of those op_debug bytecodes will be be selected. The offset of the selected bytecode will be returned. We want the earliest one because when we have multiple op_debug bytecodes that map to a given line and column, a debugger user would expect to break on the first one and step through the rest thereafter if needed. (JSC::compareLineColumnInfo): (JSC::UnlinkedCodeBlock::opDebugLineColumnInfoList): - Creates the sorted opDebugLineColumnInfoList on demand. This list is stored in the UnlinkedCodeBlock's rareData. * bytecode/UnlinkedCodeBlock.h: Canonical link: https://commits.webkit.org/145215@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@162256 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2014-01-18 17:55:07 +00:00
case WillExecuteProgram: event = " WillExecuteProgram"; break;
case DidExecuteProgram: event = " DidExecuteProgram"; break;
case DidEnterCallFrame: event = " DidEnterCallFrame"; break;
Web Inspector: Sources: add a special breakpoint for controlling whether `debugger` statements pause https://bugs.webkit.org/show_bug.cgi?id=206818 Reviewed by Timothy Hatcher. Source/JavaScriptCore: * inspector/protocol/Debugger.json: * inspector/agents/InspectorDebuggerAgent.h: * inspector/agents/InspectorDebuggerAgent.cpp: (Inspector::InspectorDebuggerAgent::setPauseOnDebuggerStatements): Added. * bytecompiler/NodesCodegen.cpp: (JSC::DebuggerStatementNode::emitBytecode): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): * bytecode/UnlinkedCodeBlock.cpp: (JSC::dumpLineColumnEntry): * interpreter/Interpreter.h: * interpreter/Interpreter.cpp: (JSC::Interpreter::debug): (WTF::printInternal): * debugger/Debugger.h: (JSC::Debugger::setPauseOnDebuggerStatements): Added. * debugger/Debugger.cpp: (JSC::Debugger::didReachDebuggerStatement): Added. (JSC::Debugger::didReachBreakpoint): Deleted. Replace `DebugHookType::DidReachBreakpoint` with `DebugHookType::DidReachDebuggerStatement`, as it is only actually used for `debugger;` statements, not breakpoints. Source/WebInspectorUI: * UserInterface/Controllers/DebuggerManager.js: (WI.DebuggerManager): (WI.DebuggerManager.prototype.async initializeTarget): (WI.DebuggerManager.prototype.get debuggerStatementsBreakpoint): Added. (WI.DebuggerManager.prototype.isBreakpointRemovable): (WI.DebuggerManager.prototype._breakpointDisabledStateDidChange): * UserInterface/Views/SourcesNavigationSidebarPanel.js: (WI.SourcesNavigationSidebarPanel): (WI.SourcesNavigationSidebarPanel.prototype._insertDebuggerTreeElement): (WI.SourcesNavigationSidebarPanel.prototype._addBreakpoint): * UserInterface/Views/BreakpointTreeElement.css: (.breakpoint-debugger-statement-icon .icon): Added. * UserInterface/Images/DebuggerStatement.svg: Added. * Localizations/en.lproj/localizedStrings.js: LayoutTests: * inspector/debugger/setPauseOnDebuggerStatements.html: Added. * inspector/debugger/setPauseOnDebuggerStatements-expected.txt: Added. Canonical link: https://commits.webkit.org/220298@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255887 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2020-02-06 02:19:10 +00:00
case DidReachDebuggerStatement: event = " DidReachDebuggerStatement"; break;
Adding UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn().. https://bugs.webkit.org/show_bug.cgi?id=127127. Reviewed by Geoffrey Garen. In order to implement bytecode level breakpoints, we need a mechanism for computing the best fit op_debug bytecode offset for any valid given line and column value in the source. The "best fit" op_debug bytecode in this case is defined below in the comment for UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn(). * GNUmakefile.list.am: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Convert the line and column to unlinked line and column values and pass them to UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn() to do the real work. * bytecode/CodeBlock.h: * bytecode/LineColumnInfo.h: Added. (JSC::LineColumnInfo::operator <): (JSC::LineColumnInfo::LineColumnPair::LineColumnPair): (JSC::LineColumnInfo::operator ==): (JSC::LineColumnInfo::operator !=): (JSC::LineColumnInfo::operator <=): (JSC::LineColumnInfo::operator >): (JSC::LineColumnInfo::operator >=): * bytecode/LineInfo.h: Removed. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::decodeExpressionRangeLineAndColumn): - Factored this out of expressionRangeForBytecodeOffset() so that it can be called from multiple places. (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::dumpExpressionRangeInfo): (JSC::UnlinkedCodeBlock::dumpOpDebugLineColumnInfoList): - Some dumpers for debugging use only. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): (JSC::UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Finds the earliest op_debug bytecode whose line and column matches the specified line and column values. If an exact match is not found, then finds the nearest op_debug bytecode that precedes the specified line and column values. If there are more than one op_debug at that preceding line and column value, then the earliest of those op_debug bytecodes will be be selected. The offset of the selected bytecode will be returned. We want the earliest one because when we have multiple op_debug bytecodes that map to a given line and column, a debugger user would expect to break on the first one and step through the rest thereafter if needed. (JSC::compareLineColumnInfo): (JSC::UnlinkedCodeBlock::opDebugLineColumnInfoList): - Creates the sorted opDebugLineColumnInfoList on demand. This list is stored in the UnlinkedCodeBlock's rareData. * bytecode/UnlinkedCodeBlock.h: Canonical link: https://commits.webkit.org/145215@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@162256 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2014-01-18 17:55:07 +00:00
case WillLeaveCallFrame: event = " WillLeaveCallFrame"; break;
case WillExecuteStatement: event = " WillExecuteStatement"; break;
Web Inspector: Stepping out of a function finishes the line that called it. https://bugs.webkit.org/show_bug.cgi?id=155325 <rdar://problem/25094578> Reviewed by Mark Lam. Source/JavaScriptCore: Also addresses: <https://webkit.org/b/161721> Web Inspector: Stepping all the way through program should not cause a pause on the next program that executes <https://webkit.org/b/161716> Web Inspector: Stepping into a function / program should not require stepping to the first statement This change introduces a new op_debug hook: WillExecuteExpression. Currently this new hook is only used for pausing at function calls. We may decide to add it to other places later where pausing with finer granularity then statements (or lines) if useful. This updates the location and behavior of some of the existing debug hooks, to be more consistent and useful if the exact location of the pause is displayed. For example, in control flow statements like `if` and `while`, the pause location is the expression itself that will be evaluated, not the location of the `if` or `while` keyword. For example: if (|condition) while (|condition) Finally, this change gets rid of some unnecessary / useless pause locations such as on entering a function and on entering a program. These pauses are not needed because if there is a statement, we would pause before the statement and it is equivalent. We continue to pause when leaving a function via stepping by uniformly jumping to the closing brace of the function. This gives users a chance to observe state before leaving the function. * bytecode/CodeBlock.cpp: (JSC::debugHookName): * bytecode/UnlinkedCodeBlock.cpp: (JSC::dumpLineColumnEntry): Logging strings for the new debug hook. * bytecompiler/BytecodeGenerator.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitCallInTailPosition): (JSC::BytecodeGenerator::emitCallEval): (JSC::BytecodeGenerator::emitCallVarargsInTailPosition): (JSC::BytecodeGenerator::emitConstructVarargs): (JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition): (JSC::BytecodeGenerator::emitCallDefineProperty): (JSC::BytecodeGenerator::emitConstruct): (JSC::BytecodeGenerator::emitGetTemplateObject): (JSC::BytecodeGenerator::emitIteratorNext): (JSC::BytecodeGenerator::emitIteratorNextWithValue): (JSC::BytecodeGenerator::emitIteratorClose): (JSC::BytecodeGenerator::emitDelegateYield): All emitCall variants now take an enum to decide whether or not to emit the WillExecuteExpression debug hook. (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitCallVarargs): In the two real implementations, actually decide to emit the debug hook or not based on the parameter. (JSC::BytecodeGenerator::emitEnumeration): This is shared looping code used by for..of iteration of iterables. When used by ForOfNode, we want to emit a pause location during iteration. (JSC::BytecodeGenerator::emitWillLeaveCallFrameDebugHook): This is shared call frame leave code to emit a consistent pause location when leaving a function. * bytecompiler/NodesCodegen.cpp: (JSC::EvalFunctionCallNode::emitBytecode): (JSC::FunctionCallValueNode::emitBytecode): (JSC::FunctionCallResolveNode::emitBytecode): (JSC::BytecodeIntrinsicNode::emit_intrinsic_tailCallForwardArguments): (JSC::FunctionCallBracketNode::emitBytecode): (JSC::FunctionCallDotNode::emitBytecode): (JSC::CallFunctionCallDotNode::emitBytecode): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::TaggedTemplateNode::emitBytecode): (JSC::ArrayPatternNode::bindValue): All tail position calls are the function calls that we want to emit debug hooks for. All non-tail call calls appear to be internal implementation details, and these should not have the debug hook. (JSC::IfElseNode::emitBytecode): (JSC::WhileNode::emitBytecode): (JSC::WithNode::emitBytecode): (JSC::SwitchNode::emitBytecode): Make the pause location consistent at the expression. (JSC::DoWhileNode::emitBytecode): Make the pause location consistent at the expression. Remove the errant pause at the do's '}' when entering the do block. (JSC::ForNode::emitBytecode): (JSC::ForInNode::emitMultiLoopBytecode): (JSC::ForOfNode::emitBytecode): Make the pause location consistent at expressions. Also allow stepping to the traditional for loop's update expression, which was previously not possible. (JSC::ReturnNode::emitBytecode): (JSC::FunctionNode::emitBytecode): Make the pause location when leaving a function consistently be the function's closing brace. The two cases are stepping through a return statement, or the implicit return undefined at the end of a function. (JSC::LabelNode::emitBytecode): (JSC::TryNode::emitBytecode): Remove unnecessary pauses that add no value, as they contain a statement and we will then pause at that statement. * parser/Nodes.h: (JSC::StatementNode::isFunctionNode): (JSC::StatementNode::isForOfNode): (JSC::EnumerationNode::lexpr): (JSC::ForOfNode::isForOfNode): New virtual methods to distinguish different nodes. * debugger/Debugger.h: Rename m_pauseAtNextStatement to m_pauseAtNextOpportunity. This is the finest granularity of stepping, and it can be pausing at a location that is not a statement. Introduce state to properly handle step out and stepping when there are multiple expressions in a statement. * debugger/Debugger.cpp: (JSC::Debugger::Debugger): (JSC::Debugger::setPauseOnNextStatement): (JSC::Debugger::breakProgram): (JSC::Debugger::continueProgram): (JSC::Debugger::stepIntoStatement): (JSC::Debugger::exception): (JSC::Debugger::didReachBreakpoint): Use new variable names, and clarify if we should attempt to pause or not. (JSC::Debugger::stepOutOfFunction): Set a new state to indicate a step out action. (JSC::Debugger::updateCallFrame): (JSC::Debugger::updateCallFrameAndPauseIfNeeded): Deleted. (JSC::Debugger::updateCallFrameInternal): (JSC::Debugger::pauseIfNeeded): Allow updateCallFrame to either attempt a pause or not. (JSC::Debugger::atStatement): Attempt pause and reset the at first expression flag. (JSC::Debugger::atExpression): Attempt a pause when not stepping over. Also skip the first expression pause, since that would be equivalent to when we paused for the expression. (JSC::Debugger::callEvent): Do not pause when entering a function. (JSC::Debugger::returnEvent): Attempt pause when leaving a function. If the user did a step-over and is leaving the function, then behave like step-out. (JSC::Debugger::unwindEvent): Behave like return except don't change any pausing states. If we needed to pause the Debugger::exception will have handled it. (JSC::Debugger::willExecuteProgram): Do not pause when entering a program. (JSC::Debugger::didExecuteProgram): Attempt pause when leaving a program that has a caller. This can be useful for exiting an eval(...) program. Otherwise treat this like return, and step-over out of the program should behave like step-out. We use pause at next opportunity because there may be extra callframes we do not know about. When the program doesn't have a parent, clear all our state so we don't errantly pause on the next JavaScript microtask that gets executed. (JSC::Debugger::clearNextPauseState): Helper to clear all of the pause states now that it happens in a couple places. * interpreter/Interpreter.cpp: (JSC::notifyDebuggerOfUnwinding): Treat unwinding slightly differently from returning. We will not want to pause when unwinding callframes. (JSC::Interpreter::debug): * interpreter/Interpreter.h: New debug hook. * inspector/agents/InspectorDebuggerAgent.cpp: (Inspector::InspectorDebuggerAgent::stepInto): (Inspector::InspectorDebuggerAgent::didPause): * inspector/agents/InspectorDebuggerAgent.h: Remove unnecessary stepInto code notification for listeners. The listeners are never notified if the debugger resumes, so whatever state they were setting by this is going to get out of date. Source/WebCore: Tests: inspector/debugger/stepping/stepInto.html inspector/debugger/stepping/stepOut.html inspector/debugger/stepping/stepOver.html inspector/debugger/stepping/stepping-arrow-functions.html inspector/debugger/stepping/stepping-classes.html inspector/debugger/stepping/stepping-control-flow.html inspector/debugger/stepping/stepping-function-calls.html inspector/debugger/stepping/stepping-function-default-parameters.html inspector/debugger/stepping/stepping-literal-construction.html inspector/debugger/stepping/stepping-loops.html inspector/debugger/stepping/stepping-misc.html inspector/debugger/stepping/stepping-switch.html inspector/debugger/stepping/stepping-template-string.html inspector/debugger/stepping/stepping-try-catch-finally.html * inspector/InspectorDOMDebuggerAgent.h: * inspector/InspectorDOMDebuggerAgent.cpp: (WebCore::InspectorDOMDebuggerAgent::stepInto): Deleted. Setting this state in step-into does not make sense since we do not know when the debugger resumes and won't know when to clear it. LayoutTests: * inspector/debugger/break-on-exception-throw-in-promise.html: Drive-by remove debug only code that shouldn't have been checked in. * inspector/debugger/resources/log-pause-location.js: Added. (TestPage.registerInitializer.String.prototype.myPadStart): (TestPage.registerInitializer.insertCaretIntoStringAtIndex): (TestPage.registerInitializer.logLinesWithContext): (TestPage.registerInitializer.window.logPauseLocation): (TestPage.registerInitializer.window.step): (TestPage.registerInitializer.window.initializeSteppingTestSuite): (TestPage.registerInitializer.window.addSteppingTestCase): (TestPage.registerInitializer.window.loadMainPageContent): Shared code for stepping tests that runs in the inspected page. (global): When the test page is loaded outside of the test runner, create buttons for each of the different entry test functions. This makes it very easy to inspect the test page and run through an individual test. * inspector/debugger/stepping/stepInto-expected.txt: Added. * inspector/debugger/stepping/stepInto.html: Added. * inspector/debugger/stepping/stepOut-expected.txt: Added. * inspector/debugger/stepping/stepOut.html: Added. * inspector/debugger/stepping/stepOver-expected.txt: Added. * inspector/debugger/stepping/stepOver.html: Added. * inspector/debugger/stepping/stepping-arrow-functions-expected.txt: Added. * inspector/debugger/stepping/stepping-arrow-functions.html: Added. * inspector/debugger/stepping/stepping-classes-expected.txt: Added. * inspector/debugger/stepping/stepping-classes.html: Added. * inspector/debugger/stepping/stepping-control-flow-expected.txt: Added. * inspector/debugger/stepping/stepping-control-flow.html: Added. * inspector/debugger/stepping/stepping-function-calls-expected.txt: Added. * inspector/debugger/stepping/stepping-function-calls.html: Added. * inspector/debugger/stepping/stepping-function-default-parameters-expected.txt: Added. * inspector/debugger/stepping/stepping-function-default-parameters.html: Added. * inspector/debugger/stepping/stepping-literal-construction-expected.txt: Added. * inspector/debugger/stepping/stepping-literal-construction.html: Added. * inspector/debugger/stepping/stepping-loops-expected.txt: Added. * inspector/debugger/stepping/stepping-loops.html: Added. * inspector/debugger/stepping/stepping-misc-expected.txt: Added. * inspector/debugger/stepping/stepping-misc.html: Added. * inspector/debugger/stepping/stepping-switch-expected.txt: Added. * inspector/debugger/stepping/stepping-switch.html: Added. * inspector/debugger/stepping/stepping-template-string-expected.txt: Added. * inspector/debugger/stepping/stepping-template-string.html: Added. * inspector/debugger/stepping/stepping-try-catch-finally-expected.txt: Added. * inspector/debugger/stepping/stepping-try-catch-finally.html: Added. Test stepping in different common scenarios. * inspector/debugger/regress-133182.html: * inspector/debugger/regress-133182-expected.txt: * inspector/debugger/tail-deleted-frames-from-vm-entry-expected.txt: * inspector/debugger/tail-deleted-frames-from-vm-entry.html: Rebaseline. No need for a double step. And the second pause doesn't make any sense in the tail deleted frames test. Canonical link: https://commits.webkit.org/180730@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@206652 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2016-09-30 19:22:37 +00:00
case WillExecuteExpression: event = " WillExecuteExpression"; break;
Adding UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn().. https://bugs.webkit.org/show_bug.cgi?id=127127. Reviewed by Geoffrey Garen. In order to implement bytecode level breakpoints, we need a mechanism for computing the best fit op_debug bytecode offset for any valid given line and column value in the source. The "best fit" op_debug bytecode in this case is defined below in the comment for UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn(). * GNUmakefile.list.am: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Convert the line and column to unlinked line and column values and pass them to UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn() to do the real work. * bytecode/CodeBlock.h: * bytecode/LineColumnInfo.h: Added. (JSC::LineColumnInfo::operator <): (JSC::LineColumnInfo::LineColumnPair::LineColumnPair): (JSC::LineColumnInfo::operator ==): (JSC::LineColumnInfo::operator !=): (JSC::LineColumnInfo::operator <=): (JSC::LineColumnInfo::operator >): (JSC::LineColumnInfo::operator >=): * bytecode/LineInfo.h: Removed. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::decodeExpressionRangeLineAndColumn): - Factored this out of expressionRangeForBytecodeOffset() so that it can be called from multiple places. (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::dumpExpressionRangeInfo): (JSC::UnlinkedCodeBlock::dumpOpDebugLineColumnInfoList): - Some dumpers for debugging use only. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): (JSC::UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Finds the earliest op_debug bytecode whose line and column matches the specified line and column values. If an exact match is not found, then finds the nearest op_debug bytecode that precedes the specified line and column values. If there are more than one op_debug at that preceding line and column value, then the earliest of those op_debug bytecodes will be be selected. The offset of the selected bytecode will be returned. We want the earliest one because when we have multiple op_debug bytecodes that map to a given line and column, a debugger user would expect to break on the first one and step through the rest thereafter if needed. (JSC::compareLineColumnInfo): (JSC::UnlinkedCodeBlock::opDebugLineColumnInfoList): - Creates the sorted opDebugLineColumnInfoList on demand. This list is stored in the UnlinkedCodeBlock's rareData. * bytecode/UnlinkedCodeBlock.h: Canonical link: https://commits.webkit.org/145215@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@162256 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2014-01-18 17:55:07 +00:00
}
}
New bytecode format for JSC https://bugs.webkit.org/show_bug.cgi?id=187373 <rdar://problem/44186758> Reviewed by Filip Pizlo. .: Disable JIT by default on 32-bit platforms * Source/cmake/WebKitFeatures.cmake: JSTests: Add tests to ensure that the inferred inline capacity for a narrow op_new_object will be capped at 255. * stress/maximum-inline-capacity.js: Added. (test1): (test3.Foo): (test3): Source/JavaScriptCore: Replace unlinked and linked bytecode with a new immutable bytecode that does not embed any addresses. Instructions can be encoded as narrow (1-byte operands) or wide (4-byte operands) and might contain an extra operand, the metadataID. The metadataID is used to access the instruction's mutable data in a side table in the CodeBlock (the MetadataTable). Bytecodes now must be structs declared in the new BytecodeList.rb. All bytecodes give names and types to all its operands. Additionally, reading a bytecode from the instruction stream requires decoding the whole bytecode, i.e. it's no longer possible to access arbitrary operands directly from the stream. * CMakeLists.txt: * DerivedSources.make: * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * assembler/MacroAssemblerCodeRef.h: (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): * bytecode/ArithProfile.h: (JSC::ArithProfile::ArithProfile): * bytecode/ArrayAllocationProfile.h: (JSC::ArrayAllocationProfile::ArrayAllocationProfile): * bytecode/ArrayProfile.h: * bytecode/BytecodeBasicBlock.cpp: (JSC::isJumpTarget): (JSC::BytecodeBasicBlock::computeImpl): (JSC::BytecodeBasicBlock::compute): * bytecode/BytecodeBasicBlock.h: (JSC::BytecodeBasicBlock::leaderOffset const): (JSC::BytecodeBasicBlock::totalLength const): (JSC::BytecodeBasicBlock::offsets const): (JSC::BytecodeBasicBlock::BytecodeBasicBlock): (JSC::BytecodeBasicBlock::addLength): * bytecode/BytecodeDumper.cpp: (JSC::BytecodeDumper<Block>::printLocationAndOp): (JSC::BytecodeDumper<Block>::dumpBytecode): (JSC::BytecodeDumper<Block>::dumpIdentifiers): (JSC::BytecodeDumper<Block>::dumpConstants): (JSC::BytecodeDumper<Block>::dumpExceptionHandlers): (JSC::BytecodeDumper<Block>::dumpSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpStringSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpBlock): * bytecode/BytecodeDumper.h: (JSC::BytecodeDumper::dumpOperand): (JSC::BytecodeDumper::dumpValue): (JSC::BytecodeDumper::BytecodeDumper): (JSC::BytecodeDumper::block const): * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::enterPoint const): (JSC::BytecodeGeneratorification::instructions const): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): (JSC::performGeneratorification): * bytecode/BytecodeGeneratorification.h: * bytecode/BytecodeGraph.h: (JSC::BytecodeGraph::blockContainsBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockForBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockWithLeaderOffset): (JSC::BytecodeGraph::BytecodeGraph): * bytecode/BytecodeKills.h: * bytecode/BytecodeList.json: Removed. * bytecode/BytecodeList.rb: Added. * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::dumpResults): * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::isValidRegisterForLiveness): (JSC::BytecodeLivenessPropagation::stepOverInstruction): * bytecode/BytecodeRewriter.cpp: (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): (JSC::BytecodeRewriter::insertImpl): (JSC::BytecodeRewriter::adjustJumpTarget): (JSC::BytecodeRewriter::adjustJumpTargets): * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::InsertionPoint::InsertionPoint): (JSC::BytecodeRewriter::Fragment::Fragment): (JSC::BytecodeRewriter::Fragment::appendInstruction): (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::insertFragmentBefore): (JSC::BytecodeRewriter::insertFragmentAfter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::adjustAbsoluteOffset): (JSC::BytecodeRewriter::adjustJumpTarget): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::estimatedSize): (JSC::CodeBlock::visitChildren): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::finalizeLLIntInlineCaches): (JSC::CodeBlock::addJITAddIC): (JSC::CodeBlock::addJITMulIC): (JSC::CodeBlock::addJITSubIC): (JSC::CodeBlock::addJITNegIC): (JSC::CodeBlock::stronglyVisitStrongReferences): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::updateAllArrayPredictions): (JSC::CodeBlock::predictedMachineCodeSize): (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): (JSC::CodeBlock::valueProfileForBytecodeOffset): (JSC::CodeBlock::validate): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::outOfLineJumpTarget): (JSC::CodeBlock::arithProfileForBytecodeOffset): (JSC::CodeBlock::arithProfileForPC): (JSC::CodeBlock::couldTakeSpecialFastCase): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: (JSC::CodeBlock::addMathIC): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::bytecodeOffset): (JSC::CodeBlock::instructions const): (JSC::CodeBlock::instructionCount const): (JSC::CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters): (JSC::CodeBlock::metadata): (JSC::CodeBlock::metadataSizeInBytes): (JSC::CodeBlock::numberOfNonArgumentValueProfiles): (JSC::CodeBlock::totalNumberOfValueProfiles): * bytecode/CodeBlockInlines.h: Added. (JSC::CodeBlock::forEachValueProfile): (JSC::CodeBlock::forEachArrayProfile): (JSC::CodeBlock::forEachArrayAllocationProfile): (JSC::CodeBlock::forEachObjectAllocationProfile): (JSC::CodeBlock::forEachLLIntCallLinkInfo): * bytecode/Fits.h: Added. * bytecode/GetByIdMetadata.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): * bytecode/Instruction.h: (JSC::Instruction::Instruction): (JSC::Instruction::Impl::opcodeID const): (JSC::Instruction::opcodeID const): (JSC::Instruction::name const): (JSC::Instruction::isWide const): (JSC::Instruction::size const): (JSC::Instruction::is const): (JSC::Instruction::as const): (JSC::Instruction::cast): (JSC::Instruction::cast const): (JSC::Instruction::narrow const): (JSC::Instruction::wide const): * bytecode/InstructionStream.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::InstructionStream::InstructionStream): (JSC::InstructionStream::sizeInBytes const): * bytecode/InstructionStream.h: Added. (JSC::InstructionStream::BaseRef::BaseRef): (JSC::InstructionStream::BaseRef::operator=): (JSC::InstructionStream::BaseRef::operator-> const): (JSC::InstructionStream::BaseRef::ptr const): (JSC::InstructionStream::BaseRef::operator!= const): (JSC::InstructionStream::BaseRef::next const): (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::isValid const): (JSC::InstructionStream::BaseRef::unwrap const): (JSC::InstructionStream::MutableRef::freeze const): (JSC::InstructionStream::MutableRef::operator->): (JSC::InstructionStream::MutableRef::ptr): (JSC::InstructionStream::MutableRef::operator Ref): (JSC::InstructionStream::MutableRef::unwrap): (JSC::InstructionStream::iterator::operator*): (JSC::InstructionStream::iterator::operator++): (JSC::InstructionStream::begin const): (JSC::InstructionStream::end const): (JSC::InstructionStream::at const): (JSC::InstructionStream::size const): (JSC::InstructionStreamWriter::InstructionStreamWriter): (JSC::InstructionStreamWriter::ref): (JSC::InstructionStreamWriter::seek): (JSC::InstructionStreamWriter::position): (JSC::InstructionStreamWriter::write): (JSC::InstructionStreamWriter::rewind): (JSC::InstructionStreamWriter::finalize): (JSC::InstructionStreamWriter::swap): (JSC::InstructionStreamWriter::iterator::operator*): (JSC::InstructionStreamWriter::iterator::operator++): (JSC::InstructionStreamWriter::begin): (JSC::InstructionStreamWriter::end): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp: (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::LLIntPrototypeLoadAdaptiveStructureWatchpoint): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::clearLLIntGetByIdCache): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h: * bytecode/MetadataTable.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::MetadataTable::MetadataTable): (JSC::DeallocTable::withOpcodeType): (JSC::MetadataTable::~MetadataTable): (JSC::MetadataTable::sizeInBytes): * bytecode/MetadataTable.h: Copied from Source/JavaScriptCore/runtime/Watchdog.h. (JSC::MetadataTable::get): (JSC::MetadataTable::forEach): (JSC::MetadataTable::getImpl): * bytecode/Opcode.cpp: (JSC::metadataSize): * bytecode/Opcode.h: (JSC::padOpcodeName): * bytecode/OpcodeInlines.h: (JSC::isOpcodeShape): (JSC::getOpcodeType): * bytecode/OpcodeSize.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecode/PreciseJumpTargets.cpp: (JSC::getJumpTargetsForInstruction): (JSC::computePreciseJumpTargetsInternal): (JSC::computePreciseJumpTargets): (JSC::recomputePreciseJumpTargets): (JSC::findJumpTargetsForInstruction): * bytecode/PreciseJumpTargets.h: * bytecode/PreciseJumpTargetsInlines.h: (JSC::jumpTargetForInstruction): (JSC::extractStoredJumpTargetsForInstruction): (JSC::updateStoredJumpTargetsForInstruction): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): * bytecode/SpecialPointer.cpp: (WTF::printInternal): * bytecode/SpecialPointer.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::estimatedSize): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): (JSC::UnlinkedCodeBlock::setInstructions): (JSC::UnlinkedCodeBlock::instructions const): (JSC::UnlinkedCodeBlock::applyModification): (JSC::UnlinkedCodeBlock::addOutOfLineJumpTarget): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::addPropertyAccessInstruction): (JSC::UnlinkedCodeBlock::propertyAccessInstructions const): (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const): (JSC::UnlinkedCodeBlock::metadata): (JSC::UnlinkedCodeBlock::metadataSizeInBytes): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): (JSC::UnlinkedCodeBlock::replaceOutOfLineJumpTargets): * bytecode/UnlinkedInstructionStream.cpp: Removed. * bytecode/UnlinkedInstructionStream.h: Removed. * bytecode/UnlinkedMetadataTable.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/UnlinkedMetadataTableInlines.h: Added. (JSC::UnlinkedMetadataTable::UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::~UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::addEntry): (JSC::UnlinkedMetadataTable::sizeInBytes): (JSC::UnlinkedMetadataTable::finalize): (JSC::UnlinkedMetadataTable::link): (JSC::UnlinkedMetadataTable::unlink): * bytecode/VirtualRegister.cpp: (JSC::VirtualRegister::VirtualRegister): * bytecode/VirtualRegister.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::Label::setLocation): (JSC::Label::bind): (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeVarLexicalEnvironment): (JSC::BytecodeGenerator::emitEnter): (JSC::BytecodeGenerator::emitLoopHint): (JSC::BytecodeGenerator::emitJump): (JSC::BytecodeGenerator::emitCheckTraps): (JSC::BytecodeGenerator::rewind): (JSC::BytecodeGenerator::fuseCompareAndJump): (JSC::BytecodeGenerator::fuseTestAndJmp): (JSC::BytecodeGenerator::emitJumpIfTrue): (JSC::BytecodeGenerator::emitJumpIfFalse): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::moveLinkTimeConstant): (JSC::BytecodeGenerator::moveEmptyValue): (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::emitBinaryOp): (JSC::BytecodeGenerator::emitToObject): (JSC::BytecodeGenerator::emitToNumber): (JSC::BytecodeGenerator::emitToString): (JSC::BytecodeGenerator::emitTypeOf): (JSC::BytecodeGenerator::emitInc): (JSC::BytecodeGenerator::emitDec): (JSC::BytecodeGenerator::emitEqualityOp): (JSC::BytecodeGenerator::emitProfileType): (JSC::BytecodeGenerator::emitProfileControlFlow): (JSC::BytecodeGenerator::pushLexicalScopeInternal): (JSC::BytecodeGenerator::emitResolveScopeForHoistingFuncDeclInEval): (JSC::BytecodeGenerator::prepareLexicalScopeForNextForLoopIteration): (JSC::BytecodeGenerator::emitOverridesHasInstance): (JSC::BytecodeGenerator::emitResolveScope): (JSC::BytecodeGenerator::emitGetFromScope): (JSC::BytecodeGenerator::emitPutToScope): (JSC::BytecodeGenerator::emitInstanceOf): (JSC::BytecodeGenerator::emitInstanceOfCustom): (JSC::BytecodeGenerator::emitInByVal): (JSC::BytecodeGenerator::emitInById): (JSC::BytecodeGenerator::emitTryGetById): (JSC::BytecodeGenerator::emitGetById): (JSC::BytecodeGenerator::emitDirectGetById): (JSC::BytecodeGenerator::emitPutById): (JSC::BytecodeGenerator::emitDirectPutById): (JSC::BytecodeGenerator::emitPutGetterById): (JSC::BytecodeGenerator::emitPutSetterById): (JSC::BytecodeGenerator::emitPutGetterSetter): (JSC::BytecodeGenerator::emitPutGetterByVal): (JSC::BytecodeGenerator::emitPutSetterByVal): (JSC::BytecodeGenerator::emitDeleteById): (JSC::BytecodeGenerator::emitGetByVal): (JSC::BytecodeGenerator::emitPutByVal): (JSC::BytecodeGenerator::emitDirectPutByVal): (JSC::BytecodeGenerator::emitDeleteByVal): (JSC::BytecodeGenerator::emitSuperSamplerBegin): (JSC::BytecodeGenerator::emitSuperSamplerEnd): (JSC::BytecodeGenerator::emitIdWithProfile): (JSC::BytecodeGenerator::emitUnreachable): (JSC::BytecodeGenerator::emitGetArgument): (JSC::BytecodeGenerator::emitCreateThis): (JSC::BytecodeGenerator::emitTDZCheck): (JSC::BytecodeGenerator::emitNewObject): (JSC::BytecodeGenerator::emitNewArrayBuffer): (JSC::BytecodeGenerator::emitNewArray): (JSC::BytecodeGenerator::emitNewArrayWithSpread): (JSC::BytecodeGenerator::emitNewArrayWithSize): (JSC::BytecodeGenerator::emitNewRegExp): (JSC::BytecodeGenerator::emitNewFunctionExpressionCommon): (JSC::BytecodeGenerator::emitNewDefaultConstructor): (JSC::BytecodeGenerator::emitNewFunction): (JSC::BytecodeGenerator::emitSetFunctionNameIfNeeded): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitCallInTailPosition): (JSC::BytecodeGenerator::emitCallEval): (JSC::BytecodeGenerator::emitExpectedFunctionSnippet): (JSC::BytecodeGenerator::emitCallVarargs): (JSC::BytecodeGenerator::emitCallVarargsInTailPosition): (JSC::BytecodeGenerator::emitConstructVarargs): (JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition): (JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary): (JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary): (JSC::BytecodeGenerator::emitCallDefineProperty): (JSC::BytecodeGenerator::emitReturn): (JSC::BytecodeGenerator::emitEnd): (JSC::BytecodeGenerator::emitConstruct): (JSC::BytecodeGenerator::emitStrcat): (JSC::BytecodeGenerator::emitToPrimitive): (JSC::BytecodeGenerator::emitGetScope): (JSC::BytecodeGenerator::emitPushWithScope): (JSC::BytecodeGenerator::emitGetParentScope): (JSC::BytecodeGenerator::emitDebugHook): (JSC::BytecodeGenerator::emitCatch): (JSC::BytecodeGenerator::emitThrow): (JSC::BytecodeGenerator::emitArgumentCount): (JSC::BytecodeGenerator::emitThrowStaticError): (JSC::BytecodeGenerator::beginSwitch): (JSC::prepareJumpTableForSwitch): (JSC::prepareJumpTableForStringSwitch): (JSC::BytecodeGenerator::endSwitch): (JSC::BytecodeGenerator::emitGetEnumerableLength): (JSC::BytecodeGenerator::emitHasGenericProperty): (JSC::BytecodeGenerator::emitHasIndexedProperty): (JSC::BytecodeGenerator::emitHasStructureProperty): (JSC::BytecodeGenerator::emitGetPropertyEnumerator): (JSC::BytecodeGenerator::emitEnumeratorStructurePropertyName): (JSC::BytecodeGenerator::emitEnumeratorGenericPropertyName): (JSC::BytecodeGenerator::emitToIndexString): (JSC::BytecodeGenerator::emitIsCellWithType): (JSC::BytecodeGenerator::emitIsObject): (JSC::BytecodeGenerator::emitIsNumber): (JSC::BytecodeGenerator::emitIsUndefined): (JSC::BytecodeGenerator::emitIsEmpty): (JSC::BytecodeGenerator::emitRestParameter): (JSC::BytecodeGenerator::emitRequireObjectCoercible): (JSC::BytecodeGenerator::emitYieldPoint): (JSC::BytecodeGenerator::emitYield): (JSC::BytecodeGenerator::emitGetAsyncIterator): (JSC::BytecodeGenerator::emitDelegateYield): (JSC::BytecodeGenerator::emitFinallyCompletion): (JSC::BytecodeGenerator::emitJumpIf): (JSC::ForInContext::finalize): (JSC::StructureForInContext::finalize): (JSC::IndexedForInContext::finalize): (JSC::StaticPropertyAnalysis::record): (JSC::BytecodeGenerator::emitToThis): * bytecompiler/BytecodeGenerator.h: (JSC::StructureForInContext::addGetInst): (JSC::BytecodeGenerator::recordOpcode): (JSC::BytecodeGenerator::addMetadataFor): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::kill): (JSC::BytecodeGenerator::instructions const): (JSC::BytecodeGenerator::write): (JSC::BytecodeGenerator::withWriter): * bytecompiler/Label.h: (JSC::Label::Label): (JSC::Label::bind): * bytecompiler/NodesCodegen.cpp: (JSC::ArrayNode::emitBytecode): (JSC::BytecodeIntrinsicNode::emit_intrinsic_argumentCount): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::BitwiseNotNode::emitBytecode): (JSC::BinaryOpNode::emitBytecode): (JSC::EqualNode::emitBytecode): (JSC::StrictEqualNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ForInNode::emitBytecode): (JSC::CaseBlockNode::emitBytecodeForBlock): (JSC::FunctionNode::emitBytecode): (JSC::ClassExprNode::emitBytecode): * bytecompiler/ProfileTypeBytecodeFlag.cpp: Copied from Source/JavaScriptCore/bytecode/VirtualRegister.cpp. (WTF::printInternal): * bytecompiler/ProfileTypeBytecodeFlag.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecompiler/RegisterID.h: * bytecompiler/StaticPropertyAnalysis.h: (JSC::StaticPropertyAnalysis::create): (JSC::StaticPropertyAnalysis::StaticPropertyAnalysis): * bytecompiler/StaticPropertyAnalyzer.h: (JSC::StaticPropertyAnalyzer::createThis): (JSC::StaticPropertyAnalyzer::newObject): (JSC::StaticPropertyAnalyzer::putById): (JSC::StaticPropertyAnalyzer::mov): (JSC::StaticPropertyAnalyzer::kill): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleVarargsCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleVarargsInlining): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::handleMinMax): (JSC::DFG::ByteCodeParser::handleIntrinsicCall): (JSC::DFG::ByteCodeParser::handleDOMJITCall): (JSC::DFG::ByteCodeParser::handleIntrinsicGetter): (JSC::DFG::ByteCodeParser::handleDOMJITGetter): (JSC::DFG::ByteCodeParser::handleModuleNamespaceLoad): (JSC::DFG::ByteCodeParser::handleTypedArrayConstructor): (JSC::DFG::ByteCodeParser::handleConstantInternalFunction): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseGetById): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::handlePutByVal): (JSC::DFG::ByteCodeParser::handlePutAccessorById): (JSC::DFG::ByteCodeParser::handlePutAccessorByVal): (JSC::DFG::ByteCodeParser::handleNewFunc): (JSC::DFG::ByteCodeParser::handleNewFuncExp): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCapabilities.cpp: (JSC::DFG::capabilityLevel): * dfg/DFGCapabilities.h: (JSC::DFG::capabilityLevel): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareCatchOSREntry): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileArithMul): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileUnaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileBinaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileArithMul): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOperations.cpp: (JSC::FTL::operationMaterializeObjectInOSR): * generate-bytecode-files: Removed. * generator/Argument.rb: Added. * generator/Assertion.rb: Added. * generator/DSL.rb: Added. * generator/Fits.rb: Added. * generator/GeneratedFile.rb: Added. * generator/Metadata.rb: Added. * generator/Opcode.rb: Added. * generator/OpcodeGroup.rb: Added. * generator/Options.rb: Added. * generator/Section.rb: Added. * generator/Template.rb: Added. * generator/Type.rb: Added. * generator/main.rb: Added. * interpreter/AbstractPC.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::currentVPC const): (JSC::CallFrame::setCurrentVPC): * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::ExecState::setReturnPC): * interpreter/Interpreter.cpp: (WTF::printInternal): * interpreter/Interpreter.h: * interpreter/InterpreterInlines.h: * interpreter/StackVisitor.cpp: (JSC::StackVisitor::Frame::dump const): * interpreter/VMEntryRecord.h: * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitSlowCaseCall): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): * jit/JIT.h: * jit/JITArithmetic.cpp: (JSC::JIT::emit_op_jless): (JSC::JIT::emit_op_jlesseq): (JSC::JIT::emit_op_jgreater): (JSC::JIT::emit_op_jgreatereq): (JSC::JIT::emit_op_jnless): (JSC::JIT::emit_op_jnlesseq): (JSC::JIT::emit_op_jngreater): (JSC::JIT::emit_op_jngreatereq): (JSC::JIT::emitSlow_op_jless): (JSC::JIT::emitSlow_op_jlesseq): (JSC::JIT::emitSlow_op_jgreater): (JSC::JIT::emitSlow_op_jgreatereq): (JSC::JIT::emitSlow_op_jnless): (JSC::JIT::emitSlow_op_jnlesseq): (JSC::JIT::emitSlow_op_jngreater): (JSC::JIT::emitSlow_op_jngreatereq): (JSC::JIT::emit_op_below): (JSC::JIT::emit_op_beloweq): (JSC::JIT::emit_op_jbelow): (JSC::JIT::emit_op_jbeloweq): (JSC::JIT::emit_op_unsigned): (JSC::JIT::emit_compareAndJump): (JSC::JIT::emit_compareUnsignedAndJump): (JSC::JIT::emit_compareUnsigned): (JSC::JIT::emit_compareAndJumpSlow): (JSC::JIT::emit_op_inc): (JSC::JIT::emit_op_dec): (JSC::JIT::emit_op_mod): (JSC::JIT::emitSlow_op_mod): (JSC::JIT::emit_op_negate): (JSC::JIT::emitSlow_op_negate): (JSC::JIT::emitBitBinaryOpFastPath): (JSC::JIT::emit_op_bitand): (JSC::JIT::emit_op_bitor): (JSC::JIT::emit_op_bitxor): (JSC::JIT::emit_op_lshift): (JSC::JIT::emitRightShiftFastPath): (JSC::JIT::emit_op_rshift): (JSC::JIT::emit_op_urshift): (JSC::getOperandTypes): (JSC::JIT::emit_op_add): (JSC::JIT::emitSlow_op_add): (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow): (JSC::JIT::emit_op_div): (JSC::JIT::emit_op_mul): (JSC::JIT::emitSlow_op_mul): (JSC::JIT::emit_op_sub): (JSC::JIT::emitSlow_op_sub): * jit/JITCall.cpp: (JSC::JIT::emitPutCallResult): (JSC::JIT::compileSetupFrame): (JSC::JIT::compileCallEval): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileTailCall): (JSC::JIT::compileOpCall): (JSC::JIT::compileOpCallSlowCase): (JSC::JIT::emit_op_call): (JSC::JIT::emit_op_tail_call): (JSC::JIT::emit_op_call_eval): (JSC::JIT::emit_op_call_varargs): (JSC::JIT::emit_op_tail_call_varargs): (JSC::JIT::emit_op_tail_call_forward_arguments): (JSC::JIT::emit_op_construct_varargs): (JSC::JIT::emit_op_construct): (JSC::JIT::emitSlow_op_call): (JSC::JIT::emitSlow_op_tail_call): (JSC::JIT::emitSlow_op_call_eval): (JSC::JIT::emitSlow_op_call_varargs): (JSC::JIT::emitSlow_op_tail_call_varargs): (JSC::JIT::emitSlow_op_tail_call_forward_arguments): (JSC::JIT::emitSlow_op_construct_varargs): (JSC::JIT::emitSlow_op_construct): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::JITDisassembler): * jit/JITExceptions.cpp: (JSC::genericUnwind): * jit/JITInlines.h: (JSC::JIT::emitDoubleGetByVal): (JSC::JIT::emitLoadForArrayMode): (JSC::JIT::emitContiguousGetByVal): (JSC::JIT::emitArrayStorageGetByVal): (JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile): (JSC::JIT::sampleInstruction): (JSC::JIT::emitValueProfilingSiteIfProfiledOpcode): (JSC::JIT::emitValueProfilingSite): (JSC::JIT::jumpTarget): (JSC::JIT::copiedGetPutInfo): (JSC::JIT::copiedArithProfile): * jit/JITMathIC.h: (JSC::isProfileEmpty): (JSC::JITBinaryMathIC::JITBinaryMathIC): (JSC::JITUnaryMathIC::JITUnaryMathIC): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_mov): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_jmp): (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_overrides_has_instance): (JSC::JIT::emit_op_instanceof): (JSC::JIT::emitSlow_op_instanceof): (JSC::JIT::emit_op_instanceof_custom): (JSC::JIT::emit_op_is_empty): (JSC::JIT::emit_op_is_undefined): (JSC::JIT::emit_op_is_boolean): (JSC::JIT::emit_op_is_number): (JSC::JIT::emit_op_is_cell_with_type): (JSC::JIT::emit_op_is_object): (JSC::JIT::emit_op_ret): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emit_op_set_function_name): (JSC::JIT::emit_op_not): (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jeq_null): (JSC::JIT::emit_op_jneq_null): (JSC::JIT::emit_op_jneq_ptr): (JSC::JIT::emit_op_eq): (JSC::JIT::emit_op_jeq): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_neq): (JSC::JIT::emit_op_jneq): (JSC::JIT::emit_op_throw): (JSC::JIT::compileOpStrictEq): (JSC::JIT::emit_op_stricteq): (JSC::JIT::emit_op_nstricteq): (JSC::JIT::compileOpStrictEqJump): (JSC::JIT::emit_op_jstricteq): (JSC::JIT::emit_op_jnstricteq): (JSC::JIT::emitSlow_op_jstricteq): (JSC::JIT::emitSlow_op_jnstricteq): (JSC::JIT::emit_op_to_number): (JSC::JIT::emit_op_to_string): (JSC::JIT::emit_op_to_object): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_identity_with_profile): (JSC::JIT::emit_op_get_parent_scope): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_debug): (JSC::JIT::emit_op_eq_null): (JSC::JIT::emit_op_neq_null): (JSC::JIT::emit_op_enter): (JSC::JIT::emit_op_get_scope): (JSC::JIT::emit_op_to_this): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_check_tdz): (JSC::JIT::emitSlow_op_eq): (JSC::JIT::emitSlow_op_neq): (JSC::JIT::emitSlow_op_jeq): (JSC::JIT::emitSlow_op_jneq): (JSC::JIT::emitSlow_op_instanceof_custom): (JSC::JIT::emit_op_loop_hint): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_check_traps): (JSC::JIT::emit_op_nop): (JSC::JIT::emit_op_super_sampler_begin): (JSC::JIT::emit_op_super_sampler_end): (JSC::JIT::emitSlow_op_check_traps): (JSC::JIT::emit_op_new_regexp): (JSC::JIT::emitNewFuncCommon): (JSC::JIT::emit_op_new_func): (JSC::JIT::emit_op_new_generator_func): (JSC::JIT::emit_op_new_async_generator_func): (JSC::JIT::emit_op_new_async_func): (JSC::JIT::emitNewFuncExprCommon): (JSC::JIT::emit_op_new_func_exp): (JSC::JIT::emit_op_new_generator_func_exp): (JSC::JIT::emit_op_new_async_func_exp): (JSC::JIT::emit_op_new_async_generator_func_exp): (JSC::JIT::emit_op_new_array): (JSC::JIT::emit_op_new_array_with_size): (JSC::JIT::emit_op_has_structure_property): (JSC::JIT::privateCompileHasIndexedProperty): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emitSlow_op_has_indexed_property): (JSC::JIT::emit_op_get_direct_pname): (JSC::JIT::emit_op_enumerator_structure_pname): (JSC::JIT::emit_op_enumerator_generic_pname): (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): (JSC::JIT::emit_op_profile_control_flow): (JSC::JIT::emit_op_argument_count): (JSC::JIT::emit_op_get_rest_length): (JSC::JIT::emit_op_get_argument): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_to_this): * jit/JITOperations.cpp: * jit/JITOperations.h: * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val_direct): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::emit_op_put_getter_by_id): (JSC::JIT::emit_op_put_setter_by_id): (JSC::JIT::emit_op_put_getter_setter_by_id): (JSC::JIT::emit_op_put_getter_by_val): (JSC::JIT::emit_op_put_setter_by_val): (JSC::JIT::emit_op_del_by_id): (JSC::JIT::emit_op_del_by_val): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emitSlow_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emitSlow_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emitSlow_op_get_by_id): (JSC::JIT::emitSlow_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emitSlow_op_put_by_id): (JSC::JIT::emit_op_in_by_id): (JSC::JIT::emitSlow_op_in_by_id): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emitSlow_op_put_to_scope): (JSC::JIT::emit_op_get_from_arguments): (JSC::JIT::emit_op_put_to_arguments): (JSC::JIT::privateCompileGetByVal): (JSC::JIT::privateCompileGetByValWithCachedId): (JSC::JIT::privateCompilePutByVal): (JSC::JIT::privateCompilePutByValWithCachedId): (JSC::JIT::emitDoubleLoad): (JSC::JIT::emitContiguousLoad): (JSC::JIT::emitArrayStorageLoad): (JSC::JIT::emitDirectArgumentsGetByVal): (JSC::JIT::emitScopedArgumentsGetByVal): (JSC::JIT::emitIntTypedArrayGetByVal): (JSC::JIT::emitFloatTypedArrayGetByVal): (JSC::JIT::emitIntTypedArrayPutByVal): (JSC::JIT::emitFloatTypedArrayPutByVal): * jit/RegisterSet.cpp: (JSC::RegisterSet::llintBaselineCalleeSaveRegisters): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::JITSlowPathCall): * llint/LLIntData.cpp: (JSC::LLInt::initialize): (JSC::LLInt::Data::performAssertions): * llint/LLIntData.h: (JSC::LLInt::exceptionInstructions): (JSC::LLInt::opcodeMap): (JSC::LLInt::opcodeMapWide): (JSC::LLInt::getOpcode): (JSC::LLInt::getOpcodeWide): (JSC::LLInt::getWideCodePtr): * llint/LLIntOffsetsExtractor.cpp: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::llint_trace_operand): (JSC::LLInt::llint_trace_value): (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::entryOSR): (JSC::LLInt::setupGetByIdPrototypeCache): (JSC::LLInt::getByVal): (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall): (JSC::LLInt::genericCall): (JSC::LLInt::varargsSetup): (JSC::LLInt::commonCallEval): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter.cpp: (JSC::CLoopRegister::operator const Instruction*): (JSC::CLoop::execute): * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * offlineasm/arm64.rb: * offlineasm/asm.rb: * offlineasm/ast.rb: * offlineasm/cloop.rb: * offlineasm/generate_offset_extractor.rb: * offlineasm/instructions.rb: * offlineasm/offsets.rb: * offlineasm/parser.rb: * offlineasm/transform.rb: * offlineasm/x86.rb: * parser/ResultType.h: (JSC::ResultType::dump const): (JSC::OperandTypes::first const): (JSC::OperandTypes::second const): (JSC::OperandTypes::dump const): * profiler/ProfilerBytecodeSequence.cpp: (JSC::Profiler::BytecodeSequence::BytecodeSequence): * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): (JSC::updateArithProfileForUnaryArithOp): (JSC::updateArithProfileForBinaryArithOp): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::tryCachePutToScopeGlobal): (JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal): * runtime/ExceptionFuzz.cpp: (JSC::doExceptionFuzzing): * runtime/ExceptionFuzz.h: (JSC::doExceptionFuzzingIfEnabled): * runtime/GetPutInfo.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::GetPutInfo::dump const): (WTF::printInternal): * runtime/GetPutInfo.h: (JSC::GetPutInfo::operand const): * runtime/JSCPoison.h: * runtime/JSType.cpp: Added. (WTF::printInternal): * runtime/JSType.h: * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::StackFrame::displayName): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::UnprocessedStackFrame::UnprocessedStackFrame): * runtime/SlowPathReturnType.h: (JSC::encodeResult): (JSC::decodeResult): * runtime/VM.h: * runtime/Watchdog.h: * tools/HeapVerifier.cpp: Source/WTF: * wtf/Forward.h: Fix WTF_LAZY_FOR_EACH_TERM on MSVC and add WTF_LAZY_HAS_REST to check whether a macro was passed multiple arguments * wtf/Platform.h: Force ENABLE_JIT=false on all 32-bit platforms * wtf/Vector.h: (WTF::minCapacity>::insertVector): Allow vectors with different overflow handlers to be passed to insertVector Tools: Do not force ENABLE_JIT=true when $forceCLoop is false. * Scripts/build-jsc: LayoutTests: Don't use recursion on `equal` to avoid premature stack overflows when testing deep arrays. * fast/dom/Window/resources/postmessage-test.js: Canonical link: https://commits.webkit.org/205839@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237547 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-10-29 13:16:03 +00:00
dataLogF(" [%zu] pc %u @ line %u col %u : %s%s\n", index, instructionOffset, line, column, instruction->name(), event);
Adding UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn().. https://bugs.webkit.org/show_bug.cgi?id=127127. Reviewed by Geoffrey Garen. In order to implement bytecode level breakpoints, we need a mechanism for computing the best fit op_debug bytecode offset for any valid given line and column value in the source. The "best fit" op_debug bytecode in this case is defined below in the comment for UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn(). * GNUmakefile.list.am: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Convert the line and column to unlinked line and column values and pass them to UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn() to do the real work. * bytecode/CodeBlock.h: * bytecode/LineColumnInfo.h: Added. (JSC::LineColumnInfo::operator <): (JSC::LineColumnInfo::LineColumnPair::LineColumnPair): (JSC::LineColumnInfo::operator ==): (JSC::LineColumnInfo::operator !=): (JSC::LineColumnInfo::operator <=): (JSC::LineColumnInfo::operator >): (JSC::LineColumnInfo::operator >=): * bytecode/LineInfo.h: Removed. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::decodeExpressionRangeLineAndColumn): - Factored this out of expressionRangeForBytecodeOffset() so that it can be called from multiple places. (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::dumpExpressionRangeInfo): (JSC::UnlinkedCodeBlock::dumpOpDebugLineColumnInfoList): - Some dumpers for debugging use only. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): (JSC::UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Finds the earliest op_debug bytecode whose line and column matches the specified line and column values. If an exact match is not found, then finds the nearest op_debug bytecode that precedes the specified line and column values. If there are more than one op_debug at that preceding line and column value, then the earliest of those op_debug bytecodes will be be selected. The offset of the selected bytecode will be returned. We want the earliest one because when we have multiple op_debug bytecodes that map to a given line and column, a debugger user would expect to break on the first one and step through the rest thereafter if needed. (JSC::compareLineColumnInfo): (JSC::UnlinkedCodeBlock::opDebugLineColumnInfoList): - Creates the sorted opDebugLineColumnInfoList on demand. This list is stored in the UnlinkedCodeBlock's rareData. * bytecode/UnlinkedCodeBlock.h: Canonical link: https://commits.webkit.org/145215@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@162256 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2014-01-18 17:55:07 +00:00
}
void UnlinkedCodeBlock::dumpExpressionRangeInfo()
{
[WTF] Introduce FixedVector and use it for FixedOperands https://bugs.webkit.org/show_bug.cgi?id=224171 Reviewed by Mark Lam. Source/JavaScriptCore: Define FixedOperands<T> which uses FixedVector for its storage. We use FixedOperands in FTL::OSRExitDescriptor. We also replace RefCountedArray<T> with FixedVector<T> if they are not requiring RefCountedArray<T>'s ref-counting semantics. * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::run): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::setConstantRegisters): (JSC::CodeBlock::setNumParameters): (JSC::CodeBlock::setRareCaseProfiles): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: * bytecode/Operands.h: (JSC::Operands::Operands): * bytecode/OperandsInlines.h: (JSC::U>::dumpInContext const): (JSC::U>::dump const): (JSC::Operands<T>::dumpInContext const): Deleted. (JSC::Operands<T>::dump const): Deleted. * bytecode/PolyProtoAccessChain.h: * bytecode/PolymorphicAccess.cpp: (JSC::PolymorphicAccess::regenerate): * bytecode/PolymorphicAccess.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::dumpExpressionRangeInfo): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeIndex const): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::expressionInfo): (JSC::UnlinkedCodeBlock::identifiers const): (JSC::UnlinkedCodeBlock::constantRegisters): (JSC::UnlinkedCodeBlock::constantsSourceCodeRepresentation): (JSC::UnlinkedCodeBlock::constantIdentifierSets): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const): * bytecode/UnlinkedFunctionExecutable.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::prepareJumpTableForSwitch): * dfg/DFGJITCode.h: * dfg/DFGPlan.h: (JSC::DFG::Plan::tierUpInLoopHierarchy): * ftl/FTLOSRExit.h: * jit/GCAwareJITStubRoutine.h: * jit/JIT.cpp: (JSC::JIT::privateCompileSlowCases): * jit/PolymorphicCallStubRoutine.h: * llint/LLIntOffsetsExtractor.cpp: * llint/LowLevelInterpreter.asm: * parser/Parser.cpp: (JSC::Parser<LexerType>::parseInner): (JSC::Parser<LexerType>::parseClassFieldInitializerSourceElements): * parser/Parser.h: (JSC::Parser<LexerType>::parse): (JSC::parse): * runtime/CachedTypes.cpp: (JSC::CachedVector::encode): (JSC::CachedVector::decode const): * wasm/js/JSWebAssemblyInstance.h: Source/WTF: This FixedVector<T> is a wrapper around RefCountedArray<T>, but this offers Vector-like copy / move semantics, so that we can use this FixedVector<T> as a drop-in-replacement for fixed-sized Vector fields. The purpose of that is saving memory by removing unnecessary storage (FixedVector is fixed-sized allocated) and putting size into the allocated memory. * WTF.xcodeproj/project.pbxproj: * wtf/CMakeLists.txt: * wtf/FastBitVector.h: (WTF::FastBitVector::FastBitVector): * wtf/FixedVector.h: Added. (WTF::FixedVector::FixedVector): (WTF::FixedVector::operator=): (WTF::FixedVector::size const): (WTF::FixedVector::isEmpty const): (WTF::FixedVector::byteSize const): (WTF::FixedVector::data): (WTF::FixedVector::begin): (WTF::FixedVector::end): (WTF::FixedVector::data const): (WTF::FixedVector::begin const): (WTF::FixedVector::end const): (WTF::FixedVector::rbegin): (WTF::FixedVector::rend): (WTF::FixedVector::rbegin const): (WTF::FixedVector::rend const): (WTF::FixedVector::at): (WTF::FixedVector::at const): (WTF::FixedVector::operator[]): (WTF::FixedVector::operator[] const): (WTF::FixedVector::first): (WTF::FixedVector::first const): (WTF::FixedVector::last): (WTF::FixedVector::last const): (WTF::FixedVector::fill): (WTF::FixedVector::operator== const): (WTF::FixedVector::swap): (WTF::swap): * wtf/RefCountedArray.h: (WTF::RefCountedArray::RefCountedArray): (WTF::RefCountedArray::fill): (WTF::RefCountedArray::swap): Tools: * TestWebKitAPI/CMakeLists.txt: * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj: * TestWebKitAPI/Tests/WTF/FixedVector.cpp: Added. (TestWebKitAPI::TEST): (TestWebKitAPI::DestructorObserver::DestructorObserver): (TestWebKitAPI::DestructorObserver::~DestructorObserver): (TestWebKitAPI::DestructorObserver::operator=): Canonical link: https://commits.webkit.org/236198@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@275542 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-04-06 19:47:47 +00:00
FixedVector<ExpressionRangeInfo>& expressionInfo = m_expressionInfo;
Adding UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn().. https://bugs.webkit.org/show_bug.cgi?id=127127. Reviewed by Geoffrey Garen. In order to implement bytecode level breakpoints, we need a mechanism for computing the best fit op_debug bytecode offset for any valid given line and column value in the source. The "best fit" op_debug bytecode in this case is defined below in the comment for UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn(). * GNUmakefile.list.am: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Convert the line and column to unlinked line and column values and pass them to UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn() to do the real work. * bytecode/CodeBlock.h: * bytecode/LineColumnInfo.h: Added. (JSC::LineColumnInfo::operator <): (JSC::LineColumnInfo::LineColumnPair::LineColumnPair): (JSC::LineColumnInfo::operator ==): (JSC::LineColumnInfo::operator !=): (JSC::LineColumnInfo::operator <=): (JSC::LineColumnInfo::operator >): (JSC::LineColumnInfo::operator >=): * bytecode/LineInfo.h: Removed. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::decodeExpressionRangeLineAndColumn): - Factored this out of expressionRangeForBytecodeOffset() so that it can be called from multiple places. (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::dumpExpressionRangeInfo): (JSC::UnlinkedCodeBlock::dumpOpDebugLineColumnInfoList): - Some dumpers for debugging use only. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): (JSC::UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Finds the earliest op_debug bytecode whose line and column matches the specified line and column values. If an exact match is not found, then finds the nearest op_debug bytecode that precedes the specified line and column values. If there are more than one op_debug at that preceding line and column value, then the earliest of those op_debug bytecodes will be be selected. The offset of the selected bytecode will be returned. We want the earliest one because when we have multiple op_debug bytecodes that map to a given line and column, a debugger user would expect to break on the first one and step through the rest thereafter if needed. (JSC::compareLineColumnInfo): (JSC::UnlinkedCodeBlock::opDebugLineColumnInfoList): - Creates the sorted opDebugLineColumnInfoList on demand. This list is stored in the UnlinkedCodeBlock's rareData. * bytecode/UnlinkedCodeBlock.h: Canonical link: https://commits.webkit.org/145215@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@162256 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2014-01-18 17:55:07 +00:00
size_t size = m_expressionInfo.size();
dataLogF("UnlinkedCodeBlock %p expressionRangeInfo[%zu] {\n", this, size);
for (size_t i = 0; i < size; i++) {
ExpressionRangeInfo& info = expressionInfo[i];
unsigned line;
unsigned column;
getLineAndColumn(info, line, column);
dumpLineColumnEntry(i, instructions(), info.instructionOffset, line, column);
}
dataLog("}\n");
}
#endif
BytecodeIndex should be a proper C++ class https://bugs.webkit.org/show_bug.cgi?id=203276 Reviewed by Mark Lam. This patch makes a change to how we refer to the bytecode index in a bytecode stream. Previously we just used an unsigned number to represent the index, this patch changes most of the code to use a BytecodeIndex class instead. The only places where this patch does not change this is for jump and switch targets / deltas. Additionally, this patch attempts to canonicalize the terminology around how we refer to bytecode indices. Now we use the word index to refer to the bytecode index class and offset to refer to the unsigned byte offset into the instruction stream. * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * bytecode/ByValInfo.h: (JSC::ByValInfo::ByValInfo): (JSC::getByValInfoBytecodeIndex): * bytecode/BytecodeBasicBlock.cpp: (JSC::BytecodeBasicBlock::computeImpl): * bytecode/BytecodeGeneratorification.cpp: (JSC::GeneratorLivenessAnalysis::run): * bytecode/BytecodeIndex.cpp: Added. (JSC::BytecodeIndex::dump const): * bytecode/BytecodeIndex.h: Added. (JSC::BytecodeIndex::BytecodeIndex): (JSC::BytecodeIndex::offset const): (JSC::BytecodeIndex::asBits const): (JSC::BytecodeIndex::hash const): (JSC::BytecodeIndex::deletedValue): (JSC::BytecodeIndex::isHashTableDeletedValue const): (JSC::BytecodeIndex::operator bool const): (JSC::BytecodeIndex::operator == const): (JSC::BytecodeIndex::operator != const): (JSC::BytecodeIndex::operator < const): (JSC::BytecodeIndex::operator > const): (JSC::BytecodeIndex::operator <= const): (JSC::BytecodeIndex::operator >= const): (JSC::BytecodeIndex::fromBits): (JSC::BytecodeIndexHash::hash): (JSC::BytecodeIndexHash::equal): * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeIndex): (JSC::BytecodeLivenessAnalysis::computeFullLiveness): (JSC::BytecodeLivenessAnalysis::computeKills): (JSC::BytecodeLivenessAnalysis::dumpResults): (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset): Deleted. * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::BytecodeLivenessPropagation::stepOverInstruction): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeIndex): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBlock): (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeIndex): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeOffset): Deleted. (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeOffset): Deleted. * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeIndex): (JSC::computeDefsForBytecodeIndex): (JSC::computeUsesForBytecodeOffset): Deleted. (JSC::computeDefsForBytecodeOffset): Deleted. * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): (JSC::CallLinkStatus::computeFor): (JSC::CallLinkStatus::computeExitSiteData): * bytecode/CallLinkStatus.h: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::getCallLinkInfoForBytecodeIndex): (JSC::CodeBlock::addRareCaseProfile): (JSC::CodeBlock::rareCaseProfileForBytecodeIndex): (JSC::CodeBlock::rareCaseProfileCountForBytecodeIndex): (JSC::CodeBlock::handlerForBytecodeIndex): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndex): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndexSlow): (JSC::CodeBlock::lineNumberForBytecodeIndex): (JSC::CodeBlock::columnNumberForBytecodeIndex): (JSC::CodeBlock::expressionRangeForBytecodeIndex const): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::tryGetValueProfileForBytecodeIndex): (JSC::CodeBlock::valueProfilePredictionForBytecodeIndex): (JSC::CodeBlock::valueProfileForBytecodeIndex): (JSC::CodeBlock::validate): (JSC::CodeBlock::arithProfileForBytecodeIndex): (JSC::CodeBlock::couldTakeSpecialArithFastCase): (JSC::CodeBlock::bytecodeIndexFromCallSiteIndex): (JSC::CodeBlock::rareCaseProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::rareCaseProfileCountForBytecodeOffset): Deleted. (JSC::CodeBlock::handlerForBytecodeOffset): Deleted. (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): Deleted. (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): Deleted. (JSC::CodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::CodeBlock::columnNumberForBytecodeOffset): Deleted. (JSC::CodeBlock::expressionRangeForBytecodeOffset const): Deleted. (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): Deleted. (JSC::CodeBlock::valueProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::arithProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::couldTakeSpecialFastCase): Deleted. (JSC::CodeBlock::bytecodeOffsetFromCallSiteIndex): Deleted. * bytecode/CodeBlock.h: (JSC::CodeBlock::likelyToTakeSlowCase): (JSC::CodeBlock::couldTakeSlowCase): (JSC::CodeBlock::bytecodeIndex): * bytecode/CodeOrigin.cpp: (JSC::CodeOrigin::approximateHash const): (JSC::CodeOrigin::dump const): * bytecode/CodeOrigin.h: (JSC::CodeOrigin::CodeOrigin): (JSC::CodeOrigin::isSet const): (JSC::CodeOrigin::isHashTableDeletedValue const): (JSC::CodeOrigin::bytecodeIndex const): (JSC::CodeOrigin::OutOfLineCodeOrigin::OutOfLineCodeOrigin): (JSC::CodeOrigin::buildCompositeValue): (JSC::CodeOrigin::hash const): * bytecode/DFGExitProfile.cpp: (JSC::DFG::FrequentExitSite::dump const): (JSC::DFG::ExitProfile::exitSitesFor): * bytecode/DFGExitProfile.h: (JSC::DFG::FrequentExitSite::FrequentExitSite): (JSC::DFG::FrequentExitSite::operator== const): (JSC::DFG::FrequentExitSite::subsumes const): (JSC::DFG::FrequentExitSite::hash const): (JSC::DFG::FrequentExitSite::bytecodeIndex const): (JSC::DFG::FrequentExitSite::isHashTableDeletedValue const): (JSC::DFG::QueryableExitProfile::hasExitSite const): (JSC::DFG::FrequentExitSite::bytecodeOffset const): Deleted. * bytecode/DeferredSourceDump.cpp: (JSC::DeferredSourceDump::DeferredSourceDump): (JSC::DeferredSourceDump::dump): * bytecode/DeferredSourceDump.h: (): Deleted. * bytecode/FullBytecodeLiveness.h: (JSC::FullBytecodeLiveness::getLiveness const): (JSC::FullBytecodeLiveness::operandIsLive const): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): (JSC::GetByIdStatus::computeFor): (JSC::GetByIdStatus::computeForStubInfo): * bytecode/GetByIdStatus.h: * bytecode/ICStatusUtils.cpp: (JSC::hasBadCacheExitSite): * bytecode/ICStatusUtils.h: * bytecode/InByIdStatus.cpp: (JSC::InByIdStatus::computeFor): * bytecode/InByIdStatus.h: * bytecode/InlineCallFrame.cpp: (JSC::InlineCallFrame::dumpInContext const): * bytecode/InstanceOfStatus.cpp: (JSC::InstanceOfStatus::computeFor): * bytecode/InstanceOfStatus.h: * bytecode/InstructionStream.h: (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::index const): (JSC::InstructionStream::at const): * bytecode/LazyOperandValueProfile.h: (JSC::LazyOperandValueProfileKey::LazyOperandValueProfileKey): (JSC::LazyOperandValueProfileKey::operator== const): (JSC::LazyOperandValueProfileKey::hash const): (JSC::LazyOperandValueProfileKey::bytecodeIndex const): (JSC::LazyOperandValueProfileKey::isHashTableDeletedValue const): (JSC::LazyOperandValueProfileKey::bytecodeOffset const): Deleted. * bytecode/MethodOfGettingAValueProfile.cpp: (JSC::MethodOfGettingAValueProfile::fromLazyOperand): * bytecode/MethodOfGettingAValueProfile.h: * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): (JSC::PutByIdStatus::computeFor): * bytecode/PutByIdStatus.h: * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::StructureStubInfo): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::lineNumberForBytecodeIndex): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeIndex const): (JSC::UnlinkedCodeBlock::handlerForBytecodeIndex): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): Deleted. (JSC::UnlinkedCodeBlock::handlerForBytecodeOffset): Deleted. * bytecode/UnlinkedCodeBlock.h: * bytecode/ValueProfile.h: (JSC::RareCaseProfile::RareCaseProfile): (JSC::getRareCaseProfileBytecodeIndex): (JSC::getRareCaseProfileBytecodeOffset): Deleted. * bytecompiler/BytecodeGenerator.cpp: (JSC::ForInContext::finalize): * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::currentPosition): * dfg/DFGBasicBlock.cpp: (JSC::DFG::BasicBlock::BasicBlock): * dfg/DFGBasicBlock.h: (JSC::DFG::getBytecodeBeginForBlock): (JSC::DFG::blockForBytecodeIndex): (JSC::DFG::blockForBytecodeOffset): Deleted. * dfg/DFGBlockInsertionSet.cpp: (JSC::DFG::BlockInsertionSet::insert): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::flushForTerminalImpl): (JSC::DFG::ByteCodeParser::flushIfTerminal): (JSC::DFG::ByteCodeParser::branchData): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getPrediction): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::makeSafe): (JSC::DFG::ByteCodeParser::makeDivSafe): (JSC::DFG::ByteCodeParser::allocateTargetableBlock): (JSC::DFG::ByteCodeParser::allocateUntargetableBlock): (JSC::DFG::ByteCodeParser::makeBlockTargetable): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::linkBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCommonData.cpp: (JSC::DFG::CommonData::addCodeOrigin): (JSC::DFG::CommonData::addUniqueCallSiteIndex): (JSC::DFG::CommonData::lastCallSite const): * dfg/DFGCommonData.h: (JSC::DFG::CommonData::catchOSREntryDataForBytecodeIndex): (JSC::DFG::CommonData::appendCatchEntrypoint): * dfg/DFGDriver.cpp: (JSC::DFG::compileImpl): (JSC::DFG::compile): * dfg/DFGDriver.h: * dfg/DFGGraph.cpp: (JSC::DFG::Graph::dump): (JSC::DFG::Graph::methodOfGettingAValueProfileFor): (JSC::DFG::Graph::willCatchExceptionInMachineFrame): * dfg/DFGGraph.h: * dfg/DFGJITCode.cpp: (JSC::DFG::JITCode::clearOSREntryBlockAndResetThresholds): * dfg/DFGJITCode.h: (JSC::DFG::JITCode::appendOSREntryData): (JSC::DFG::JITCode::osrEntryDataForBytecodeIndex): * dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::JITCompiler): (JSC::DFG::JITCompiler::compile): (JSC::DFG::JITCompiler::compileFunction): * dfg/DFGJITCompiler.h: (JSC::DFG::JITCompiler::setStartOfCode): * dfg/DFGLiveCatchVariablePreservationPhase.cpp: (JSC::DFG::LiveCatchVariablePreservationPhase::handleBlockForTryCatch): * dfg/DFGOSREntry.cpp: (JSC::DFG::OSREntryData::dumpInContext const): (JSC::DFG::prepareOSREntry): (JSC::DFG::prepareCatchOSREntry): * dfg/DFGOSREntry.h: (JSC::DFG::getOSREntryDataBytecodeIndex): (JSC::DFG::prepareOSREntry): * dfg/DFGOSREntrypointCreationPhase.cpp: (JSC::DFG::OSREntrypointCreationPhase::run): * dfg/DFGOSRExit.cpp: (JSC::DFG::OSRExit::executeOSRExit): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): (JSC::DFG::printOSRExit): (JSC::DFG::OSRExit::compileExit): (JSC::DFG::OSRExit::debugOperationPrintSpeculationFailure): * dfg/DFGOSRExit.h: * dfg/DFGOSRExitCompilerCommon.cpp: (JSC::DFG::callerReturnPC): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): * dfg/DFGOSRExitCompilerCommon.h: * dfg/DFGOperations.cpp: * dfg/DFGOperations.h: * dfg/DFGPlan.cpp: (JSC::DFG::Plan::Plan): (JSC::DFG::Plan::compileInThreadImpl): (JSC::DFG::Plan::cleanMustHandleValuesIfNecessary): * dfg/DFGPlan.h: (JSC::DFG::Plan::osrEntryBytecodeIndex const): (JSC::DFG::Plan::tierUpInLoopHierarchy): (JSC::DFG::Plan::tierUpAndOSREnterBytecodes): * dfg/DFGSSAConversionPhase.cpp: (JSC::DFG::SSAConversionPhase::run): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileCurrentBlock): (JSC::DFG::SpeculativeJIT::checkArgumentTypes): (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileValueMul): (JSC::DFG::SpeculativeJIT::emitSwitchCharStringJump): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGTierUpCheckInjectionPhase.cpp: (JSC::DFG::TierUpCheckInjectionPhase::run): (JSC::DFG::TierUpCheckInjectionPhase::buildNaturalLoopToLoopHintMap): * dfg/DFGToFTLForOSREntryDeferredCompilationCallback.cpp: (JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::compilationDidComplete): * dfg/DFGValidate.cpp: * ftl/FTLCompile.cpp: (JSC::FTL::compile): * ftl/FTLForOSREntryJITCode.h: (JSC::FTL::ForOSREntryJITCode::setBytecodeIndex): (JSC::FTL::ForOSREntryJITCode::bytecodeIndex const): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::lower): (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileValueMul): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOSREntry.cpp: (JSC::FTL::prepareOSREntry): * ftl/FTLOSREntry.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::callSiteIndex const): (JSC::CallFrame::unsafeCallSiteIndex const): (JSC::CallFrame::setCurrentVPC): (JSC::CallFrame::bytecodeIndex): (JSC::CallFrame::codeOrigin): (JSC::CallFrame::dump): (JSC::CallFrame::bytecodeOffset): Deleted. * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::CallSiteIndex::operator bool const): (JSC::CallSiteIndex::operator== const): (JSC::CallSiteIndex::bits const): (JSC::CallSiteIndex::bytecodeIndex const): (JSC::DisposableCallSiteIndex::DisposableCallSiteIndex): (): Deleted. * interpreter/Interpreter.cpp: (JSC::GetStackTraceFunctor::operator() const): (JSC::findExceptionHandler): * interpreter/ShadowChicken.cpp: (JSC::ShadowChicken::update): * interpreter/StackVisitor.cpp: (JSC::StackVisitor::readNonInlinedFrame): (JSC::StackVisitor::readInlinedFrame): (JSC::StackVisitor::Frame::retrieveExpressionInfo const): (JSC::StackVisitor::Frame::dump const): * interpreter/StackVisitor.h: (JSC::StackVisitor::Frame::bytecodeIndex const): (JSC::StackVisitor::Frame::bytecodeOffset const): Deleted. * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitEnterOptimizationCheck): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): (JSC::JIT::privateCompileExceptionHandlers): * jit/JIT.h: (JSC::CallRecord::CallRecord): (JSC::SlowCaseEntry::SlowCaseEntry): (JSC::SwitchRecord::SwitchRecord): (JSC::ByValCompilationInfo::ByValCompilationInfo): * jit/JITCall.cpp: (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileOpCall): * jit/JITCodeMap.h: (JSC::JITCodeMap::Entry::Entry): (JSC::JITCodeMap::Entry::bytecodeIndex const): (JSC::JITCodeMap::append): (JSC::JITCodeMap::find const): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::dumpVectorForInstructions): (JSC::JITDisassembler::reportInstructions): * jit/JITDisassembler.h: * jit/JITInlines.h: (JSC::JIT::emitNakedCall): (JSC::JIT::emitNakedTailCall): (JSC::JIT::updateTopCallFrame): (JSC::JIT::linkAllSlowCasesForBytecodeIndex): (JSC::JIT::addSlowCase): (JSC::JIT::addJump): (JSC::JIT::emitJumpSlowToHot): (JSC::JIT::emitGetVirtualRegister): (JSC::JIT::linkAllSlowCasesForBytecodeOffset): Deleted. * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_instanceof): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emit_op_log_shadow_chicken_tail): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_instanceof): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_has_indexed_property): * jit/JITOperations.cpp: (JSC::getByVal): (JSC::tryGetByValOptimize): * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emit_op_in_by_id): * jit/JITWorklist.cpp: (JSC::JITWorklist::Plan::Plan): (JSC::JITWorklist::Plan::compileNow): (JSC::JITWorklist::compileLater): (JSC::JITWorklist::compileNow): * jit/JITWorklist.h: * jit/PCToCodeOriginMap.cpp: (JSC::PCToCodeOriginMap::PCToCodeOriginMap): (JSC::PCToCodeOriginMap::findPC const): * jit/PCToCodeOriginMap.h: (JSC::PCToCodeOriginMapBuilder::defaultCodeOrigin): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::call): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::jitCompileAndSetHeuristics): (JSC::LLInt::LLINT_SLOW_PATH_DECL): * profiler/ProfilerOrigin.cpp: (JSC::Profiler::Origin::Origin): (JSC::Profiler::Origin::dump const): (JSC::Profiler::Origin::toJS const): * profiler/ProfilerOrigin.h: (JSC::Profiler::Origin::Origin): (JSC::Profiler::Origin::operator! const): (JSC::Profiler::Origin::bytecodeIndex const): (JSC::Profiler::Origin::hash const): (JSC::Profiler::Origin::isHashTableDeletedValue const): * runtime/Error.cpp: (JSC::getBytecodeIndex): (JSC::getBytecodeOffset): Deleted. * runtime/Error.h: * runtime/ErrorInstance.cpp: (JSC::appendSourceToError): (JSC::ErrorInstance::finishCreation): * runtime/SamplingProfiler.cpp: (JSC::tryGetBytecodeIndex): (JSC::SamplingProfiler::processUnverifiedStackTraces): (JSC::SamplingProfiler::reportTopBytecodes): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::StackFrame::CodeLocation::hasBytecodeIndex const): * runtime/StackFrame.cpp: (JSC::StackFrame::StackFrame): (JSC::StackFrame::computeLineAndColumn const): * runtime/StackFrame.h: (JSC::StackFrame::hasBytecodeIndex const): (JSC::StackFrame::bytecodeIndex): (JSC::StackFrame::hasBytecodeOffset const): Deleted. (JSC::StackFrame::bytecodeOffset): Deleted. * tools/VMInspector.cpp: (JSC::VMInspector::dumpRegisters): Canonical link: https://commits.webkit.org/216705@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@251468 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-10-23 00:55:38 +00:00
void UnlinkedCodeBlock::expressionRangeForBytecodeIndex(BytecodeIndex bytecodeIndex,
Make some methods const. https://bugs.webkit.org/show_bug.cgi?id=158594 Reviewed by Benjamin Poulain. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::columnNumberForBytecodeOffset): (JSC::CodeBlock::expressionRangeForBytecodeOffset): * bytecode/CodeBlock.h: * bytecode/ExpressionRangeInfo.h: (JSC::ExpressionRangeInfo::encodeFatColumnMode): (JSC::ExpressionRangeInfo::decodeFatLineMode): (JSC::ExpressionRangeInfo::decodeFatColumnMode): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::UnlinkedCodeBlock::getLineAndColumn): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::createRareDataIfNecessary): * interpreter/Interpreter.cpp: (JSC::Interpreter::isOpcode): (JSC::StackFrame::computeLineAndColumn): (JSC::StackFrame::toString): * interpreter/Interpreter.h: (JSC::StackFrame::isNative): Canonical link: https://commits.webkit.org/176678@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201896 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2016-06-10 00:42:19 +00:00
int& divot, int& startOffset, int& endOffset, unsigned& line, unsigned& column) const
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
{
BytecodeIndex should be a proper C++ class https://bugs.webkit.org/show_bug.cgi?id=203276 Reviewed by Mark Lam. This patch makes a change to how we refer to the bytecode index in a bytecode stream. Previously we just used an unsigned number to represent the index, this patch changes most of the code to use a BytecodeIndex class instead. The only places where this patch does not change this is for jump and switch targets / deltas. Additionally, this patch attempts to canonicalize the terminology around how we refer to bytecode indices. Now we use the word index to refer to the bytecode index class and offset to refer to the unsigned byte offset into the instruction stream. * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * bytecode/ByValInfo.h: (JSC::ByValInfo::ByValInfo): (JSC::getByValInfoBytecodeIndex): * bytecode/BytecodeBasicBlock.cpp: (JSC::BytecodeBasicBlock::computeImpl): * bytecode/BytecodeGeneratorification.cpp: (JSC::GeneratorLivenessAnalysis::run): * bytecode/BytecodeIndex.cpp: Added. (JSC::BytecodeIndex::dump const): * bytecode/BytecodeIndex.h: Added. (JSC::BytecodeIndex::BytecodeIndex): (JSC::BytecodeIndex::offset const): (JSC::BytecodeIndex::asBits const): (JSC::BytecodeIndex::hash const): (JSC::BytecodeIndex::deletedValue): (JSC::BytecodeIndex::isHashTableDeletedValue const): (JSC::BytecodeIndex::operator bool const): (JSC::BytecodeIndex::operator == const): (JSC::BytecodeIndex::operator != const): (JSC::BytecodeIndex::operator < const): (JSC::BytecodeIndex::operator > const): (JSC::BytecodeIndex::operator <= const): (JSC::BytecodeIndex::operator >= const): (JSC::BytecodeIndex::fromBits): (JSC::BytecodeIndexHash::hash): (JSC::BytecodeIndexHash::equal): * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeIndex): (JSC::BytecodeLivenessAnalysis::computeFullLiveness): (JSC::BytecodeLivenessAnalysis::computeKills): (JSC::BytecodeLivenessAnalysis::dumpResults): (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset): Deleted. * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::BytecodeLivenessPropagation::stepOverInstruction): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeIndex): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBlock): (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeIndex): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeOffset): Deleted. (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeOffset): Deleted. * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeIndex): (JSC::computeDefsForBytecodeIndex): (JSC::computeUsesForBytecodeOffset): Deleted. (JSC::computeDefsForBytecodeOffset): Deleted. * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): (JSC::CallLinkStatus::computeFor): (JSC::CallLinkStatus::computeExitSiteData): * bytecode/CallLinkStatus.h: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::getCallLinkInfoForBytecodeIndex): (JSC::CodeBlock::addRareCaseProfile): (JSC::CodeBlock::rareCaseProfileForBytecodeIndex): (JSC::CodeBlock::rareCaseProfileCountForBytecodeIndex): (JSC::CodeBlock::handlerForBytecodeIndex): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndex): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndexSlow): (JSC::CodeBlock::lineNumberForBytecodeIndex): (JSC::CodeBlock::columnNumberForBytecodeIndex): (JSC::CodeBlock::expressionRangeForBytecodeIndex const): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::tryGetValueProfileForBytecodeIndex): (JSC::CodeBlock::valueProfilePredictionForBytecodeIndex): (JSC::CodeBlock::valueProfileForBytecodeIndex): (JSC::CodeBlock::validate): (JSC::CodeBlock::arithProfileForBytecodeIndex): (JSC::CodeBlock::couldTakeSpecialArithFastCase): (JSC::CodeBlock::bytecodeIndexFromCallSiteIndex): (JSC::CodeBlock::rareCaseProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::rareCaseProfileCountForBytecodeOffset): Deleted. (JSC::CodeBlock::handlerForBytecodeOffset): Deleted. (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): Deleted. (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): Deleted. (JSC::CodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::CodeBlock::columnNumberForBytecodeOffset): Deleted. (JSC::CodeBlock::expressionRangeForBytecodeOffset const): Deleted. (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): Deleted. (JSC::CodeBlock::valueProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::arithProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::couldTakeSpecialFastCase): Deleted. (JSC::CodeBlock::bytecodeOffsetFromCallSiteIndex): Deleted. * bytecode/CodeBlock.h: (JSC::CodeBlock::likelyToTakeSlowCase): (JSC::CodeBlock::couldTakeSlowCase): (JSC::CodeBlock::bytecodeIndex): * bytecode/CodeOrigin.cpp: (JSC::CodeOrigin::approximateHash const): (JSC::CodeOrigin::dump const): * bytecode/CodeOrigin.h: (JSC::CodeOrigin::CodeOrigin): (JSC::CodeOrigin::isSet const): (JSC::CodeOrigin::isHashTableDeletedValue const): (JSC::CodeOrigin::bytecodeIndex const): (JSC::CodeOrigin::OutOfLineCodeOrigin::OutOfLineCodeOrigin): (JSC::CodeOrigin::buildCompositeValue): (JSC::CodeOrigin::hash const): * bytecode/DFGExitProfile.cpp: (JSC::DFG::FrequentExitSite::dump const): (JSC::DFG::ExitProfile::exitSitesFor): * bytecode/DFGExitProfile.h: (JSC::DFG::FrequentExitSite::FrequentExitSite): (JSC::DFG::FrequentExitSite::operator== const): (JSC::DFG::FrequentExitSite::subsumes const): (JSC::DFG::FrequentExitSite::hash const): (JSC::DFG::FrequentExitSite::bytecodeIndex const): (JSC::DFG::FrequentExitSite::isHashTableDeletedValue const): (JSC::DFG::QueryableExitProfile::hasExitSite const): (JSC::DFG::FrequentExitSite::bytecodeOffset const): Deleted. * bytecode/DeferredSourceDump.cpp: (JSC::DeferredSourceDump::DeferredSourceDump): (JSC::DeferredSourceDump::dump): * bytecode/DeferredSourceDump.h: (): Deleted. * bytecode/FullBytecodeLiveness.h: (JSC::FullBytecodeLiveness::getLiveness const): (JSC::FullBytecodeLiveness::operandIsLive const): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): (JSC::GetByIdStatus::computeFor): (JSC::GetByIdStatus::computeForStubInfo): * bytecode/GetByIdStatus.h: * bytecode/ICStatusUtils.cpp: (JSC::hasBadCacheExitSite): * bytecode/ICStatusUtils.h: * bytecode/InByIdStatus.cpp: (JSC::InByIdStatus::computeFor): * bytecode/InByIdStatus.h: * bytecode/InlineCallFrame.cpp: (JSC::InlineCallFrame::dumpInContext const): * bytecode/InstanceOfStatus.cpp: (JSC::InstanceOfStatus::computeFor): * bytecode/InstanceOfStatus.h: * bytecode/InstructionStream.h: (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::index const): (JSC::InstructionStream::at const): * bytecode/LazyOperandValueProfile.h: (JSC::LazyOperandValueProfileKey::LazyOperandValueProfileKey): (JSC::LazyOperandValueProfileKey::operator== const): (JSC::LazyOperandValueProfileKey::hash const): (JSC::LazyOperandValueProfileKey::bytecodeIndex const): (JSC::LazyOperandValueProfileKey::isHashTableDeletedValue const): (JSC::LazyOperandValueProfileKey::bytecodeOffset const): Deleted. * bytecode/MethodOfGettingAValueProfile.cpp: (JSC::MethodOfGettingAValueProfile::fromLazyOperand): * bytecode/MethodOfGettingAValueProfile.h: * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): (JSC::PutByIdStatus::computeFor): * bytecode/PutByIdStatus.h: * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::StructureStubInfo): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::lineNumberForBytecodeIndex): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeIndex const): (JSC::UnlinkedCodeBlock::handlerForBytecodeIndex): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): Deleted. (JSC::UnlinkedCodeBlock::handlerForBytecodeOffset): Deleted. * bytecode/UnlinkedCodeBlock.h: * bytecode/ValueProfile.h: (JSC::RareCaseProfile::RareCaseProfile): (JSC::getRareCaseProfileBytecodeIndex): (JSC::getRareCaseProfileBytecodeOffset): Deleted. * bytecompiler/BytecodeGenerator.cpp: (JSC::ForInContext::finalize): * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::currentPosition): * dfg/DFGBasicBlock.cpp: (JSC::DFG::BasicBlock::BasicBlock): * dfg/DFGBasicBlock.h: (JSC::DFG::getBytecodeBeginForBlock): (JSC::DFG::blockForBytecodeIndex): (JSC::DFG::blockForBytecodeOffset): Deleted. * dfg/DFGBlockInsertionSet.cpp: (JSC::DFG::BlockInsertionSet::insert): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::flushForTerminalImpl): (JSC::DFG::ByteCodeParser::flushIfTerminal): (JSC::DFG::ByteCodeParser::branchData): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getPrediction): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::makeSafe): (JSC::DFG::ByteCodeParser::makeDivSafe): (JSC::DFG::ByteCodeParser::allocateTargetableBlock): (JSC::DFG::ByteCodeParser::allocateUntargetableBlock): (JSC::DFG::ByteCodeParser::makeBlockTargetable): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::linkBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCommonData.cpp: (JSC::DFG::CommonData::addCodeOrigin): (JSC::DFG::CommonData::addUniqueCallSiteIndex): (JSC::DFG::CommonData::lastCallSite const): * dfg/DFGCommonData.h: (JSC::DFG::CommonData::catchOSREntryDataForBytecodeIndex): (JSC::DFG::CommonData::appendCatchEntrypoint): * dfg/DFGDriver.cpp: (JSC::DFG::compileImpl): (JSC::DFG::compile): * dfg/DFGDriver.h: * dfg/DFGGraph.cpp: (JSC::DFG::Graph::dump): (JSC::DFG::Graph::methodOfGettingAValueProfileFor): (JSC::DFG::Graph::willCatchExceptionInMachineFrame): * dfg/DFGGraph.h: * dfg/DFGJITCode.cpp: (JSC::DFG::JITCode::clearOSREntryBlockAndResetThresholds): * dfg/DFGJITCode.h: (JSC::DFG::JITCode::appendOSREntryData): (JSC::DFG::JITCode::osrEntryDataForBytecodeIndex): * dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::JITCompiler): (JSC::DFG::JITCompiler::compile): (JSC::DFG::JITCompiler::compileFunction): * dfg/DFGJITCompiler.h: (JSC::DFG::JITCompiler::setStartOfCode): * dfg/DFGLiveCatchVariablePreservationPhase.cpp: (JSC::DFG::LiveCatchVariablePreservationPhase::handleBlockForTryCatch): * dfg/DFGOSREntry.cpp: (JSC::DFG::OSREntryData::dumpInContext const): (JSC::DFG::prepareOSREntry): (JSC::DFG::prepareCatchOSREntry): * dfg/DFGOSREntry.h: (JSC::DFG::getOSREntryDataBytecodeIndex): (JSC::DFG::prepareOSREntry): * dfg/DFGOSREntrypointCreationPhase.cpp: (JSC::DFG::OSREntrypointCreationPhase::run): * dfg/DFGOSRExit.cpp: (JSC::DFG::OSRExit::executeOSRExit): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): (JSC::DFG::printOSRExit): (JSC::DFG::OSRExit::compileExit): (JSC::DFG::OSRExit::debugOperationPrintSpeculationFailure): * dfg/DFGOSRExit.h: * dfg/DFGOSRExitCompilerCommon.cpp: (JSC::DFG::callerReturnPC): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): * dfg/DFGOSRExitCompilerCommon.h: * dfg/DFGOperations.cpp: * dfg/DFGOperations.h: * dfg/DFGPlan.cpp: (JSC::DFG::Plan::Plan): (JSC::DFG::Plan::compileInThreadImpl): (JSC::DFG::Plan::cleanMustHandleValuesIfNecessary): * dfg/DFGPlan.h: (JSC::DFG::Plan::osrEntryBytecodeIndex const): (JSC::DFG::Plan::tierUpInLoopHierarchy): (JSC::DFG::Plan::tierUpAndOSREnterBytecodes): * dfg/DFGSSAConversionPhase.cpp: (JSC::DFG::SSAConversionPhase::run): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileCurrentBlock): (JSC::DFG::SpeculativeJIT::checkArgumentTypes): (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileValueMul): (JSC::DFG::SpeculativeJIT::emitSwitchCharStringJump): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGTierUpCheckInjectionPhase.cpp: (JSC::DFG::TierUpCheckInjectionPhase::run): (JSC::DFG::TierUpCheckInjectionPhase::buildNaturalLoopToLoopHintMap): * dfg/DFGToFTLForOSREntryDeferredCompilationCallback.cpp: (JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::compilationDidComplete): * dfg/DFGValidate.cpp: * ftl/FTLCompile.cpp: (JSC::FTL::compile): * ftl/FTLForOSREntryJITCode.h: (JSC::FTL::ForOSREntryJITCode::setBytecodeIndex): (JSC::FTL::ForOSREntryJITCode::bytecodeIndex const): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::lower): (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileValueMul): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOSREntry.cpp: (JSC::FTL::prepareOSREntry): * ftl/FTLOSREntry.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::callSiteIndex const): (JSC::CallFrame::unsafeCallSiteIndex const): (JSC::CallFrame::setCurrentVPC): (JSC::CallFrame::bytecodeIndex): (JSC::CallFrame::codeOrigin): (JSC::CallFrame::dump): (JSC::CallFrame::bytecodeOffset): Deleted. * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::CallSiteIndex::operator bool const): (JSC::CallSiteIndex::operator== const): (JSC::CallSiteIndex::bits const): (JSC::CallSiteIndex::bytecodeIndex const): (JSC::DisposableCallSiteIndex::DisposableCallSiteIndex): (): Deleted. * interpreter/Interpreter.cpp: (JSC::GetStackTraceFunctor::operator() const): (JSC::findExceptionHandler): * interpreter/ShadowChicken.cpp: (JSC::ShadowChicken::update): * interpreter/StackVisitor.cpp: (JSC::StackVisitor::readNonInlinedFrame): (JSC::StackVisitor::readInlinedFrame): (JSC::StackVisitor::Frame::retrieveExpressionInfo const): (JSC::StackVisitor::Frame::dump const): * interpreter/StackVisitor.h: (JSC::StackVisitor::Frame::bytecodeIndex const): (JSC::StackVisitor::Frame::bytecodeOffset const): Deleted. * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitEnterOptimizationCheck): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): (JSC::JIT::privateCompileExceptionHandlers): * jit/JIT.h: (JSC::CallRecord::CallRecord): (JSC::SlowCaseEntry::SlowCaseEntry): (JSC::SwitchRecord::SwitchRecord): (JSC::ByValCompilationInfo::ByValCompilationInfo): * jit/JITCall.cpp: (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileOpCall): * jit/JITCodeMap.h: (JSC::JITCodeMap::Entry::Entry): (JSC::JITCodeMap::Entry::bytecodeIndex const): (JSC::JITCodeMap::append): (JSC::JITCodeMap::find const): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::dumpVectorForInstructions): (JSC::JITDisassembler::reportInstructions): * jit/JITDisassembler.h: * jit/JITInlines.h: (JSC::JIT::emitNakedCall): (JSC::JIT::emitNakedTailCall): (JSC::JIT::updateTopCallFrame): (JSC::JIT::linkAllSlowCasesForBytecodeIndex): (JSC::JIT::addSlowCase): (JSC::JIT::addJump): (JSC::JIT::emitJumpSlowToHot): (JSC::JIT::emitGetVirtualRegister): (JSC::JIT::linkAllSlowCasesForBytecodeOffset): Deleted. * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_instanceof): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emit_op_log_shadow_chicken_tail): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_instanceof): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_has_indexed_property): * jit/JITOperations.cpp: (JSC::getByVal): (JSC::tryGetByValOptimize): * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emit_op_in_by_id): * jit/JITWorklist.cpp: (JSC::JITWorklist::Plan::Plan): (JSC::JITWorklist::Plan::compileNow): (JSC::JITWorklist::compileLater): (JSC::JITWorklist::compileNow): * jit/JITWorklist.h: * jit/PCToCodeOriginMap.cpp: (JSC::PCToCodeOriginMap::PCToCodeOriginMap): (JSC::PCToCodeOriginMap::findPC const): * jit/PCToCodeOriginMap.h: (JSC::PCToCodeOriginMapBuilder::defaultCodeOrigin): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::call): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::jitCompileAndSetHeuristics): (JSC::LLInt::LLINT_SLOW_PATH_DECL): * profiler/ProfilerOrigin.cpp: (JSC::Profiler::Origin::Origin): (JSC::Profiler::Origin::dump const): (JSC::Profiler::Origin::toJS const): * profiler/ProfilerOrigin.h: (JSC::Profiler::Origin::Origin): (JSC::Profiler::Origin::operator! const): (JSC::Profiler::Origin::bytecodeIndex const): (JSC::Profiler::Origin::hash const): (JSC::Profiler::Origin::isHashTableDeletedValue const): * runtime/Error.cpp: (JSC::getBytecodeIndex): (JSC::getBytecodeOffset): Deleted. * runtime/Error.h: * runtime/ErrorInstance.cpp: (JSC::appendSourceToError): (JSC::ErrorInstance::finishCreation): * runtime/SamplingProfiler.cpp: (JSC::tryGetBytecodeIndex): (JSC::SamplingProfiler::processUnverifiedStackTraces): (JSC::SamplingProfiler::reportTopBytecodes): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::StackFrame::CodeLocation::hasBytecodeIndex const): * runtime/StackFrame.cpp: (JSC::StackFrame::StackFrame): (JSC::StackFrame::computeLineAndColumn const): * runtime/StackFrame.h: (JSC::StackFrame::hasBytecodeIndex const): (JSC::StackFrame::bytecodeIndex): (JSC::StackFrame::hasBytecodeOffset const): Deleted. (JSC::StackFrame::bytecodeOffset): Deleted. * tools/VMInspector.cpp: (JSC::VMInspector::dumpRegisters): Canonical link: https://commits.webkit.org/216705@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@251468 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-10-23 00:55:38 +00:00
ASSERT(bytecodeIndex.offset() < instructions().size());
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
if (!m_expressionInfo.size()) {
startOffset = 0;
endOffset = 0;
divot = 0;
Fix 30% JSBench regression (caused by adding column numbers to stack traces). https://bugs.webkit.org/show_bug.cgi?id=118481. Reviewed by Mark Hahnenberg and Geoffrey Garen. Source/JavaScriptCore: Previously, we already capture ExpressionRangeInfo that provides a divot for each bytecode that can potentially throw an exception (and therefore generate a stack trace). On first attempt to compute column numbers, we then do a walk of the source string to record all line start positions in a table associated with the SourceProvider. The column number can then be computed as divot - lineStartFor(bytecodeOffset). The computation of this lineStarts table is the source of the 30% JSBench performance regression. The new code now records lineStarts as the lexer and parser scans the source code. These lineStarts are then used to compute the column number for the given divot, and stored in the ExpressionRangeInfo. Similarly, we also capture the line number at the divot point and store that in the ExpressionRangeInfo. Hence, to look up line and column numbers, we now lookup the ExpressionRangeInfo for the bytecodeOffset, and then compute the line and column from the values stored in the expression info. The strategy: 1. We want to minimize perturbations to the lexer and parser. Specifically, the changes added should not change how it scans code, and generate bytecode. 2. We regard the divot as the source character position we are interested in. As such, we'll capture line and lineStart (for column) at the point when we capture the divot information. This ensures that the 3 values are consistent. How the change is done: 1. Change the lexer to track lineStarts. 2. Change the parser to capture line and lineStarts at the point of capturing divots. 3. Change the parser and associated code to plumb these values all the way to the point that the correspoinding ExpressionRangeInfo is emitted. 4. Propagate and record SourceCode firstLine and firstLineColumnOffset to the the necessary places so that we can add them as needed when reifying UnlinkedCodeBlocks into CodeBlocks. 5. Compress the line and column number values in the ExpressionRangeInfo. In practice, we seldom have both large line and column numbers. Hence, we can encode both in an uint32_t most of the time. For the times when we encounter both large line and column numbers, we have a fallback to store the "fat" position info. 6. Emit an ExpressionRangeInfo for UnaryOp nodes to get more line and column number coverage. 7. Change the interpreter to use the new way of computing line and column. 8. Delete old line and column computation code that is now unused. Misc details: - the old lexer was tracking both a startOffset and charPosition where charPosition equals startOffset - SourceCode.startOffset. We now use startOffset exclusively throughout the system for consistency. All offset values (including lineStart) are relative to the start of the SourceProvider string. These values will only be converted to be relative to the SourceCode.startOffset at the very last minute i.e. when the divot is stored into the ExpressionRangeInfo. This change to use the same offset system everywhere reduces confusion from having to convert back and forth between the 2 systems. It also enables a lot of assertions to be used. - Also fixed some bugs in the choice of divot positions to use. For example, both Eval and Function expressions previously used column numbers from the start of the expression but used the line number at the end of the expression. This is now fixed to use either the start or end positions as appropriate, but not a mix of line and columns from both. - Why use ints instead of unsigneds for offsets and lineStarts inside the lexer and parser? Some tests (e.g. fast/js/call-base-resolution.html and fast/js/eval-cross-window.html) has shown that lineStart offsets can be prior to the SourceCode.startOffset. Keeping the lexer offsets as ints simplifies computations and makes it easier to maintain the assertions that (startOffset >= lineStartOffset). However, column and line numbers are always unsigned when we publish them to the ExpressionRangeInfo. The ints are only used inside the lexer and parser ... well, and bytecode generator. - For all cases, lineStart is always captured where the divot is captured. However, some sputnik conformance tests have shown that we cannot honor line breaks for assignment statements like the following: eval("x\u000A*=\u000A-1;"); In this case, the lineStart is expected to be captured at the start of the assignment expression instead of at the divot point in the middle. The assignment expression is the only special case for this. This patch has been tested against the full layout tests both with release and debug builds with no regression. * API/JSContextRef.cpp: (JSContextCreateBacktrace): - Updated to use the new StackFrame::computeLineAndColumn(). * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): - Added m_firstLineColumnOffset initialization. - Plumbed the firstLineColumnOffset into the SourceCode. - Initialized column for op_debug using the new way. (JSC::CodeBlock::lineNumberForBytecodeOffset): - Changed to compute line number using the ExpressionRangeInfo. (JSC::CodeBlock::columnNumberForBytecodeOffset): Added - Changed to compute column number using the ExpressionRangeInfo. (JSC::CodeBlock::expressionRangeForBytecodeOffset): * bytecode/CodeBlock.h: (JSC::CodeBlock::firstLineColumnOffset): (JSC::GlobalCodeBlock::GlobalCodeBlock): - Plumbed firstLineColumnOffset through to the super class. (JSC::ProgramCodeBlock::ProgramCodeBlock): - Plumbed firstLineColumnOffset through to the super class. (JSC::EvalCodeBlock::EvalCodeBlock): - Plumbed firstLineColumnOffset through to the super class. But for EvalCodeBlocks, the firstLineColumnOffset is always 1 because we're starting with a new source string with no start offset. (JSC::FunctionCodeBlock::FunctionCodeBlock): - Plumbed firstLineColumnOffset through to the super class. * bytecode/ExpressionRangeInfo.h: - Added modes for encoding line and column into a single 30-bit unsigned. The encoding is in 1 of 3 modes: 1. FatLineMode: 22-bit line, 8-bit column 2. FatColumnMode: 8-bit line, 22-bit column 3. FatLineAndColumnMode: 32-bit line, 32-bit column (JSC::ExpressionRangeInfo::encodeFatLineMode): Added. - Encodes line and column into the 30-bit position using FatLine mode. (JSC::ExpressionRangeInfo::encodeFatColumnMode): Added. - Encodes line and column into the 30-bit position using FatColumn mode. (JSC::ExpressionRangeInfo::decodeFatLineMode): Added. - Decodes the FatLine mode 30-bit position into line and column. (JSC::ExpressionRangeInfo::decodeFatColumnMode): Added. - Decodes the FatColumn mode 30-bit position into line and column. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): - Plumbed startColumn through. (JSC::UnlinkedFunctionExecutable::link): - Plumbed startColumn through. (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): - Computes a line number using the new way. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): - Added decoding of line and column. - Added handling of the case when we do not find a fitting expression range info for a specified bytecodeOffset. This only happens if the bytecodeOffset is below the first expression range info. In that case, we'll use the first expression range info entry. (JSC::UnlinkedCodeBlock::addExpressionInfo): - Added encoding of line and column. * bytecode/UnlinkedCodeBlock.h: - Added m_expressionInfoFatPositions in RareData. (JSC::UnlinkedFunctionExecutable::functionStartColumn): (JSC::UnlinkedCodeBlock::shrinkToFit): - Removed obsoleted m_lineInfo. * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitCall): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitCallEval): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitCallVarargs): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitConstruct): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitDebugHook): Plumbed lineStart through. * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::emitNode): (JSC::BytecodeGenerator::emitNodeInConditionContext): - Removed obsoleted m_lineInfo. (JSC::BytecodeGenerator::emitExpressionInfo): - Plumbed line and lineStart through. - Compute the line and column to be added to the expression range info. * bytecompiler/NodesCodegen.cpp: (JSC::ThrowableExpressionData::emitThrowReferenceError): (JSC::ResolveNode::emitBytecode): (JSC::ArrayNode::toArgumentList): (JSC::BracketAccessorNode::emitBytecode): (JSC::DotAccessorNode::emitBytecode): (JSC::NewExprNode::emitBytecode): (JSC::EvalFunctionCallNode::emitBytecode): (JSC::FunctionCallValueNode::emitBytecode): (JSC::FunctionCallResolveNode::emitBytecode): (JSC::FunctionCallBracketNode::emitBytecode): (JSC::FunctionCallDotNode::emitBytecode): (JSC::CallFunctionCallDotNode::emitBytecode): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::PostfixNode::emitResolve): (JSC::PostfixNode::emitBracket): (JSC::PostfixNode::emitDot): (JSC::DeleteResolveNode::emitBytecode): (JSC::DeleteBracketNode::emitBytecode): (JSC::DeleteDotNode::emitBytecode): (JSC::PrefixNode::emitResolve): (JSC::PrefixNode::emitBracket): (JSC::PrefixNode::emitDot): - Plumbed line and lineStart through the above as needed. (JSC::UnaryOpNode::emitBytecode): - Added emission of an ExpressionRangeInfo for the UnaryOp node. (JSC::BinaryOpNode::emitStrcat): (JSC::ThrowableBinaryOpNode::emitBytecode): (JSC::InstanceOfNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ReadModifyResolveNode::emitBytecode): (JSC::AssignResolveNode::emitBytecode): (JSC::AssignDotNode::emitBytecode): (JSC::ReadModifyDotNode::emitBytecode): (JSC::AssignBracketNode::emitBytecode): (JSC::ReadModifyBracketNode::emitBytecode): - Plumbed line and lineStart through the above as needed. (JSC::ConstStatementNode::emitBytecode): (JSC::EmptyStatementNode::emitBytecode): (JSC::DebuggerStatementNode::emitBytecode): (JSC::ExprStatementNode::emitBytecode): (JSC::VarStatementNode::emitBytecode): (JSC::IfElseNode::emitBytecode): (JSC::DoWhileNode::emitBytecode): (JSC::WhileNode::emitBytecode): (JSC::ForNode::emitBytecode): (JSC::ForInNode::emitBytecode): (JSC::ContinueNode::emitBytecode): (JSC::BreakNode::emitBytecode): (JSC::ReturnNode::emitBytecode): (JSC::WithNode::emitBytecode): (JSC::SwitchNode::emitBytecode): (JSC::LabelNode::emitBytecode): (JSC::ThrowNode::emitBytecode): (JSC::TryNode::emitBytecode): (JSC::ProgramNode::emitBytecode): (JSC::EvalNode::emitBytecode): (JSC::FunctionBodyNode::emitBytecode): - Plumbed line and lineStart through the above as needed. * interpreter/Interpreter.cpp: (JSC::appendSourceToError): - Added line and column arguments for expressionRangeForBytecodeOffset(). (JSC::StackFrame::computeLineAndColumn): - Replaces StackFrame::line() and StackFrame::column(). (JSC::StackFrame::expressionInfo): - Added line and column arguments. (JSC::StackFrame::toString): - Changed to use the new StackFrame::computeLineAndColumn(). (JSC::Interpreter::getStackTrace): - Added the needed firstLineColumnOffset arg for the StackFrame. * interpreter/Interpreter.h: * parser/ASTBuilder.h: (JSC::ASTBuilder::BinaryOpInfo::BinaryOpInfo): (JSC::ASTBuilder::AssignmentInfo::AssignmentInfo): (JSC::ASTBuilder::createResolve): (JSC::ASTBuilder::createBracketAccess): (JSC::ASTBuilder::createDotAccess): (JSC::ASTBuilder::createRegExp): (JSC::ASTBuilder::createNewExpr): (JSC::ASTBuilder::createAssignResolve): (JSC::ASTBuilder::createFunctionExpr): (JSC::ASTBuilder::createFunctionBody): (JSC::ASTBuilder::createGetterOrSetterProperty): (JSC::ASTBuilder::createFuncDeclStatement): (JSC::ASTBuilder::createBlockStatement): (JSC::ASTBuilder::createExprStatement): (JSC::ASTBuilder::createIfStatement): (JSC::ASTBuilder::createForLoop): (JSC::ASTBuilder::createForInLoop): (JSC::ASTBuilder::createVarStatement): (JSC::ASTBuilder::createReturnStatement): (JSC::ASTBuilder::createBreakStatement): (JSC::ASTBuilder::createContinueStatement): (JSC::ASTBuilder::createTryStatement): (JSC::ASTBuilder::createSwitchStatement): (JSC::ASTBuilder::createWhileStatement): (JSC::ASTBuilder::createDoWhileStatement): (JSC::ASTBuilder::createLabelStatement): (JSC::ASTBuilder::createWithStatement): (JSC::ASTBuilder::createThrowStatement): (JSC::ASTBuilder::createDebugger): (JSC::ASTBuilder::createConstStatement): (JSC::ASTBuilder::appendBinaryExpressionInfo): (JSC::ASTBuilder::appendUnaryToken): (JSC::ASTBuilder::unaryTokenStackLastStart): (JSC::ASTBuilder::unaryTokenStackLastLineStartPosition): Added. (JSC::ASTBuilder::assignmentStackAppend): (JSC::ASTBuilder::createAssignment): (JSC::ASTBuilder::setExceptionLocation): (JSC::ASTBuilder::makeDeleteNode): (JSC::ASTBuilder::makeFunctionCallNode): (JSC::ASTBuilder::makeBinaryNode): (JSC::ASTBuilder::makeAssignNode): (JSC::ASTBuilder::makePrefixNode): (JSC::ASTBuilder::makePostfixNode):. - Plumbed line, lineStart, and startColumn through the above as needed. * parser/Lexer.cpp: (JSC::::currentSourcePtr): (JSC::::setCode): - Added tracking for sourceoffset and lineStart. (JSC::::internalShift): (JSC::::parseIdentifier): - Added tracking for lineStart. (JSC::::parseIdentifierSlowCase): (JSC::::parseString): - Added tracking for lineStart. (JSC::::parseStringSlowCase): (JSC::::lex): - Added tracking for sourceoffset. (JSC::::sourceCode): * parser/Lexer.h: (JSC::Lexer::currentOffset): (JSC::Lexer::currentLineStartOffset): (JSC::Lexer::setOffset): - Added tracking for lineStart. (JSC::Lexer::offsetFromSourcePtr): Added. conversion function. (JSC::Lexer::sourcePtrFromOffset): Added. conversion function. (JSC::Lexer::setOffsetFromSourcePtr): (JSC::::lexExpectIdentifier): - Added tracking for sourceoffset and lineStart. * parser/NodeConstructors.h: (JSC::Node::Node): (JSC::ResolveNode::ResolveNode): (JSC::EvalFunctionCallNode::EvalFunctionCallNode): (JSC::FunctionCallValueNode::FunctionCallValueNode): (JSC::FunctionCallResolveNode::FunctionCallResolveNode): (JSC::FunctionCallBracketNode::FunctionCallBracketNode): (JSC::FunctionCallDotNode::FunctionCallDotNode): (JSC::CallFunctionCallDotNode::CallFunctionCallDotNode): (JSC::ApplyFunctionCallDotNode::ApplyFunctionCallDotNode): (JSC::PostfixNode::PostfixNode): (JSC::DeleteResolveNode::DeleteResolveNode): (JSC::DeleteBracketNode::DeleteBracketNode): (JSC::DeleteDotNode::DeleteDotNode): (JSC::PrefixNode::PrefixNode): (JSC::ReadModifyResolveNode::ReadModifyResolveNode): (JSC::ReadModifyBracketNode::ReadModifyBracketNode): (JSC::AssignBracketNode::AssignBracketNode): (JSC::AssignDotNode::AssignDotNode): (JSC::ReadModifyDotNode::ReadModifyDotNode): (JSC::AssignErrorNode::AssignErrorNode): (JSC::WithNode::WithNode): (JSC::ForInNode::ForInNode): - Plumbed line and lineStart through the above as needed. * parser/Nodes.cpp: (JSC::StatementNode::setLoc): Plumbed lineStart. (JSC::ScopeNode::ScopeNode): Plumbed lineStart. (JSC::ProgramNode::ProgramNode): Plumbed startColumn. (JSC::ProgramNode::create): Plumbed startColumn. (JSC::EvalNode::create): (JSC::FunctionBodyNode::FunctionBodyNode): Plumbed startColumn. (JSC::FunctionBodyNode::create): Plumbed startColumn. * parser/Nodes.h: (JSC::Node::startOffset): (JSC::Node::lineStartOffset): Added. (JSC::StatementNode::firstLine): (JSC::StatementNode::lastLine): (JSC::ThrowableExpressionData::ThrowableExpressionData): (JSC::ThrowableExpressionData::setExceptionSourceCode): (JSC::ThrowableExpressionData::divotStartOffset): (JSC::ThrowableExpressionData::divotEndOffset): (JSC::ThrowableExpressionData::divotLine): (JSC::ThrowableExpressionData::divotLineStart): (JSC::ThrowableSubExpressionData::ThrowableSubExpressionData): (JSC::ThrowableSubExpressionData::setSubexpressionInfo): (JSC::ThrowableSubExpressionData::subexpressionDivot): (JSC::ThrowableSubExpressionData::subexpressionStartOffset): (JSC::ThrowableSubExpressionData::subexpressionEndOffset): (JSC::ThrowableSubExpressionData::subexpressionLine): (JSC::ThrowableSubExpressionData::subexpressionLineStart): (JSC::ThrowablePrefixedSubExpressionData::ThrowablePrefixedSubExpressionData): (JSC::ThrowablePrefixedSubExpressionData::setSubexpressionInfo): (JSC::ThrowablePrefixedSubExpressionData::subexpressionDivot): (JSC::ThrowablePrefixedSubExpressionData::subexpressionStartOffset): (JSC::ThrowablePrefixedSubExpressionData::subexpressionEndOffset): (JSC::ThrowablePrefixedSubExpressionData::subexpressionLine): (JSC::ThrowablePrefixedSubExpressionData::subexpressionLineStart): (JSC::ScopeNode::startStartOffset): (JSC::ScopeNode::startLineStartOffset): (JSC::ProgramNode::startColumn): (JSC::EvalNode::startColumn): (JSC::FunctionBodyNode::startColumn): - Plumbed line and lineStart through the above as needed. * parser/Parser.cpp: (JSC::::Parser): (JSC::::parseSourceElements): (JSC::::parseVarDeclarationList): (JSC::::parseConstDeclarationList): (JSC::::parseForStatement): (JSC::::parseBreakStatement): (JSC::::parseContinueStatement): (JSC::::parseReturnStatement): (JSC::::parseThrowStatement): (JSC::::parseWithStatement): - Plumbed line and lineStart through the above as needed. (JSC::::parseFunctionBody): - Plumbed startColumn. (JSC::::parseFunctionInfo): (JSC::::parseFunctionDeclaration): (JSC::LabelInfo::LabelInfo): (JSC::::parseExpressionOrLabelStatement): (JSC::::parseAssignmentExpression): (JSC::::parseBinaryExpression): (JSC::::parseProperty): (JSC::::parseObjectLiteral): (JSC::::parsePrimaryExpression): (JSC::::parseMemberExpression): (JSC::::parseUnaryExpression): - Plumbed line, lineStart, startColumn through the above as needed. * parser/Parser.h: (JSC::Parser::next): (JSC::Parser::nextExpectIdentifier): (JSC::Parser::tokenStart): (JSC::Parser::tokenColumn): (JSC::Parser::tokenEnd): (JSC::Parser::tokenLineStart): (JSC::Parser::lastTokenLine): (JSC::Parser::lastTokenLineStart): (JSC::::parse): * parser/ParserTokens.h: (JSC::JSTokenLocation::JSTokenLocation): - Plumbed lineStart. (JSC::JSTokenLocation::lineStartPosition): (JSC::JSTokenLocation::startPosition): (JSC::JSTokenLocation::endPosition): * parser/SourceCode.h: (JSC::SourceCode::SourceCode): (JSC::SourceCode::startColumn): (JSC::makeSource): (JSC::SourceCode::subExpression): * parser/SourceProvider.cpp: delete old code. * parser/SourceProvider.h: delete old code. * parser/SourceProviderCacheItem.h: (JSC::SourceProviderCacheItem::closeBraceToken): (JSC::SourceProviderCacheItem::SourceProviderCacheItem): - Plumbed lineStart. * parser/SyntaxChecker.h: (JSC::SyntaxChecker::makeFunctionCallNode): (JSC::SyntaxChecker::makeAssignNode): (JSC::SyntaxChecker::makePrefixNode): (JSC::SyntaxChecker::makePostfixNode): (JSC::SyntaxChecker::makeDeleteNode): (JSC::SyntaxChecker::createResolve): (JSC::SyntaxChecker::createBracketAccess): (JSC::SyntaxChecker::createDotAccess): (JSC::SyntaxChecker::createRegExp): (JSC::SyntaxChecker::createNewExpr): (JSC::SyntaxChecker::createAssignResolve): (JSC::SyntaxChecker::createFunctionExpr): (JSC::SyntaxChecker::createFunctionBody): (JSC::SyntaxChecker::createFuncDeclStatement): (JSC::SyntaxChecker::createForInLoop): (JSC::SyntaxChecker::createReturnStatement): (JSC::SyntaxChecker::createBreakStatement): (JSC::SyntaxChecker::createContinueStatement): (JSC::SyntaxChecker::createWithStatement): (JSC::SyntaxChecker::createLabelStatement): (JSC::SyntaxChecker::createThrowStatement): (JSC::SyntaxChecker::createGetterOrSetterProperty): (JSC::SyntaxChecker::appendBinaryExpressionInfo): (JSC::SyntaxChecker::operatorStackPop): - Made SyntaxChecker prototype changes to match ASTBuilder due to new args added for plumbing line, lineStart, and startColumn. * runtime/CodeCache.cpp: (JSC::CodeCache::generateBytecode): (JSC::CodeCache::getCodeBlock): - Plumbed startColumn. * runtime/Executable.cpp: (JSC::FunctionExecutable::FunctionExecutable): (JSC::ProgramExecutable::compileInternal): (JSC::FunctionExecutable::produceCodeBlockFor): (JSC::FunctionExecutable::fromGlobalCode): - Plumbed startColumn. * runtime/Executable.h: (JSC::ScriptExecutable::startColumn): (JSC::ScriptExecutable::recordParse): (JSC::FunctionExecutable::create): - Plumbed startColumn. Source/WebCore: Test: fast/js/line-column-numbers.html Updated the bindings to use StackFrame::computeLineAndColumn(). The old StackFrame::line() and StackFrame::column() has been removed. The new algorithm always computes the 2 values together anyway. Hence it is more efficient to return them as a pair instead of doing the same computation twice for each half of the result. * bindings/js/ScriptCallStackFactory.cpp: (WebCore::createScriptCallStack): (WebCore::createScriptCallStackFromException): * bindings/js/ScriptSourceCode.h: (WebCore::ScriptSourceCode::ScriptSourceCode): LayoutTests: The fix now computes line and column numbers more accurately. As a result, some of the test results need to be re-baselined. Among other fixes, one major source of difference is that the old code was incorrectly computing 0-based column numbers. This has now been fixed to be 1-based. Note: line numbers were always 1-based. Also added a new test: fast/js/line-column-numbers.html, which tests line and column numbers for source code in various configurations. * editing/execCommand/outdent-blockquote-test1-expected.txt: * editing/execCommand/outdent-blockquote-test2-expected.txt: * editing/execCommand/outdent-blockquote-test3-expected.txt: * editing/execCommand/outdent-blockquote-test4-expected.txt: * editing/pasteboard/copy-paste-float-expected.txt: * editing/pasteboard/paste-blockquote-before-blockquote-expected.txt: * editing/pasteboard/paste-double-nested-blockquote-before-blockquote-expected.txt: * fast/dom/Window/window-resize-contents-expected.txt: * fast/events/remove-target-with-shadow-in-drag-expected.txt: * fast/js/line-column-numbers-expected.txt: Added. * fast/js/line-column-numbers.html: Added. * fast/js/script-tests/line-column-numbers.js: Added. (try.doThrow4b): (doThrow5b.try.innerFunc): (doThrow5b): (doThrow6b.try.innerFunc): (doThrow6b): (catch): (try.doThrow11b): (try.doThrow14b): * fast/js/stack-trace-expected.txt: * inspector/console/console-url-line-column-expected.txt: Canonical link: https://commits.webkit.org/136467@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@152494 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2013-07-09 16:15:12 +00:00
line = 0;
column = 0;
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
return;
}
[WTF] Introduce FixedVector and use it for FixedOperands https://bugs.webkit.org/show_bug.cgi?id=224171 Reviewed by Mark Lam. Source/JavaScriptCore: Define FixedOperands<T> which uses FixedVector for its storage. We use FixedOperands in FTL::OSRExitDescriptor. We also replace RefCountedArray<T> with FixedVector<T> if they are not requiring RefCountedArray<T>'s ref-counting semantics. * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::run): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::setConstantRegisters): (JSC::CodeBlock::setNumParameters): (JSC::CodeBlock::setRareCaseProfiles): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: * bytecode/Operands.h: (JSC::Operands::Operands): * bytecode/OperandsInlines.h: (JSC::U>::dumpInContext const): (JSC::U>::dump const): (JSC::Operands<T>::dumpInContext const): Deleted. (JSC::Operands<T>::dump const): Deleted. * bytecode/PolyProtoAccessChain.h: * bytecode/PolymorphicAccess.cpp: (JSC::PolymorphicAccess::regenerate): * bytecode/PolymorphicAccess.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::dumpExpressionRangeInfo): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeIndex const): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::expressionInfo): (JSC::UnlinkedCodeBlock::identifiers const): (JSC::UnlinkedCodeBlock::constantRegisters): (JSC::UnlinkedCodeBlock::constantsSourceCodeRepresentation): (JSC::UnlinkedCodeBlock::constantIdentifierSets): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const): * bytecode/UnlinkedFunctionExecutable.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::prepareJumpTableForSwitch): * dfg/DFGJITCode.h: * dfg/DFGPlan.h: (JSC::DFG::Plan::tierUpInLoopHierarchy): * ftl/FTLOSRExit.h: * jit/GCAwareJITStubRoutine.h: * jit/JIT.cpp: (JSC::JIT::privateCompileSlowCases): * jit/PolymorphicCallStubRoutine.h: * llint/LLIntOffsetsExtractor.cpp: * llint/LowLevelInterpreter.asm: * parser/Parser.cpp: (JSC::Parser<LexerType>::parseInner): (JSC::Parser<LexerType>::parseClassFieldInitializerSourceElements): * parser/Parser.h: (JSC::Parser<LexerType>::parse): (JSC::parse): * runtime/CachedTypes.cpp: (JSC::CachedVector::encode): (JSC::CachedVector::decode const): * wasm/js/JSWebAssemblyInstance.h: Source/WTF: This FixedVector<T> is a wrapper around RefCountedArray<T>, but this offers Vector-like copy / move semantics, so that we can use this FixedVector<T> as a drop-in-replacement for fixed-sized Vector fields. The purpose of that is saving memory by removing unnecessary storage (FixedVector is fixed-sized allocated) and putting size into the allocated memory. * WTF.xcodeproj/project.pbxproj: * wtf/CMakeLists.txt: * wtf/FastBitVector.h: (WTF::FastBitVector::FastBitVector): * wtf/FixedVector.h: Added. (WTF::FixedVector::FixedVector): (WTF::FixedVector::operator=): (WTF::FixedVector::size const): (WTF::FixedVector::isEmpty const): (WTF::FixedVector::byteSize const): (WTF::FixedVector::data): (WTF::FixedVector::begin): (WTF::FixedVector::end): (WTF::FixedVector::data const): (WTF::FixedVector::begin const): (WTF::FixedVector::end const): (WTF::FixedVector::rbegin): (WTF::FixedVector::rend): (WTF::FixedVector::rbegin const): (WTF::FixedVector::rend const): (WTF::FixedVector::at): (WTF::FixedVector::at const): (WTF::FixedVector::operator[]): (WTF::FixedVector::operator[] const): (WTF::FixedVector::first): (WTF::FixedVector::first const): (WTF::FixedVector::last): (WTF::FixedVector::last const): (WTF::FixedVector::fill): (WTF::FixedVector::operator== const): (WTF::FixedVector::swap): (WTF::swap): * wtf/RefCountedArray.h: (WTF::RefCountedArray::RefCountedArray): (WTF::RefCountedArray::fill): (WTF::RefCountedArray::swap): Tools: * TestWebKitAPI/CMakeLists.txt: * TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj: * TestWebKitAPI/Tests/WTF/FixedVector.cpp: Added. (TestWebKitAPI::TEST): (TestWebKitAPI::DestructorObserver::DestructorObserver): (TestWebKitAPI::DestructorObserver::~DestructorObserver): (TestWebKitAPI::DestructorObserver::operator=): Canonical link: https://commits.webkit.org/236198@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@275542 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2021-04-06 19:47:47 +00:00
const FixedVector<ExpressionRangeInfo>& expressionInfo = m_expressionInfo;
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
int low = 0;
int high = expressionInfo.size();
while (low < high) {
int mid = low + (high - low) / 2;
BytecodeIndex should be a proper C++ class https://bugs.webkit.org/show_bug.cgi?id=203276 Reviewed by Mark Lam. This patch makes a change to how we refer to the bytecode index in a bytecode stream. Previously we just used an unsigned number to represent the index, this patch changes most of the code to use a BytecodeIndex class instead. The only places where this patch does not change this is for jump and switch targets / deltas. Additionally, this patch attempts to canonicalize the terminology around how we refer to bytecode indices. Now we use the word index to refer to the bytecode index class and offset to refer to the unsigned byte offset into the instruction stream. * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * bytecode/ByValInfo.h: (JSC::ByValInfo::ByValInfo): (JSC::getByValInfoBytecodeIndex): * bytecode/BytecodeBasicBlock.cpp: (JSC::BytecodeBasicBlock::computeImpl): * bytecode/BytecodeGeneratorification.cpp: (JSC::GeneratorLivenessAnalysis::run): * bytecode/BytecodeIndex.cpp: Added. (JSC::BytecodeIndex::dump const): * bytecode/BytecodeIndex.h: Added. (JSC::BytecodeIndex::BytecodeIndex): (JSC::BytecodeIndex::offset const): (JSC::BytecodeIndex::asBits const): (JSC::BytecodeIndex::hash const): (JSC::BytecodeIndex::deletedValue): (JSC::BytecodeIndex::isHashTableDeletedValue const): (JSC::BytecodeIndex::operator bool const): (JSC::BytecodeIndex::operator == const): (JSC::BytecodeIndex::operator != const): (JSC::BytecodeIndex::operator < const): (JSC::BytecodeIndex::operator > const): (JSC::BytecodeIndex::operator <= const): (JSC::BytecodeIndex::operator >= const): (JSC::BytecodeIndex::fromBits): (JSC::BytecodeIndexHash::hash): (JSC::BytecodeIndexHash::equal): * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeIndex): (JSC::BytecodeLivenessAnalysis::computeFullLiveness): (JSC::BytecodeLivenessAnalysis::computeKills): (JSC::BytecodeLivenessAnalysis::dumpResults): (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset): Deleted. * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::BytecodeLivenessPropagation::stepOverInstruction): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeIndex): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBlock): (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeIndex): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeOffset): Deleted. (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeOffset): Deleted. * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeIndex): (JSC::computeDefsForBytecodeIndex): (JSC::computeUsesForBytecodeOffset): Deleted. (JSC::computeDefsForBytecodeOffset): Deleted. * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): (JSC::CallLinkStatus::computeFor): (JSC::CallLinkStatus::computeExitSiteData): * bytecode/CallLinkStatus.h: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::getCallLinkInfoForBytecodeIndex): (JSC::CodeBlock::addRareCaseProfile): (JSC::CodeBlock::rareCaseProfileForBytecodeIndex): (JSC::CodeBlock::rareCaseProfileCountForBytecodeIndex): (JSC::CodeBlock::handlerForBytecodeIndex): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndex): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndexSlow): (JSC::CodeBlock::lineNumberForBytecodeIndex): (JSC::CodeBlock::columnNumberForBytecodeIndex): (JSC::CodeBlock::expressionRangeForBytecodeIndex const): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::tryGetValueProfileForBytecodeIndex): (JSC::CodeBlock::valueProfilePredictionForBytecodeIndex): (JSC::CodeBlock::valueProfileForBytecodeIndex): (JSC::CodeBlock::validate): (JSC::CodeBlock::arithProfileForBytecodeIndex): (JSC::CodeBlock::couldTakeSpecialArithFastCase): (JSC::CodeBlock::bytecodeIndexFromCallSiteIndex): (JSC::CodeBlock::rareCaseProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::rareCaseProfileCountForBytecodeOffset): Deleted. (JSC::CodeBlock::handlerForBytecodeOffset): Deleted. (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): Deleted. (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): Deleted. (JSC::CodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::CodeBlock::columnNumberForBytecodeOffset): Deleted. (JSC::CodeBlock::expressionRangeForBytecodeOffset const): Deleted. (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): Deleted. (JSC::CodeBlock::valueProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::arithProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::couldTakeSpecialFastCase): Deleted. (JSC::CodeBlock::bytecodeOffsetFromCallSiteIndex): Deleted. * bytecode/CodeBlock.h: (JSC::CodeBlock::likelyToTakeSlowCase): (JSC::CodeBlock::couldTakeSlowCase): (JSC::CodeBlock::bytecodeIndex): * bytecode/CodeOrigin.cpp: (JSC::CodeOrigin::approximateHash const): (JSC::CodeOrigin::dump const): * bytecode/CodeOrigin.h: (JSC::CodeOrigin::CodeOrigin): (JSC::CodeOrigin::isSet const): (JSC::CodeOrigin::isHashTableDeletedValue const): (JSC::CodeOrigin::bytecodeIndex const): (JSC::CodeOrigin::OutOfLineCodeOrigin::OutOfLineCodeOrigin): (JSC::CodeOrigin::buildCompositeValue): (JSC::CodeOrigin::hash const): * bytecode/DFGExitProfile.cpp: (JSC::DFG::FrequentExitSite::dump const): (JSC::DFG::ExitProfile::exitSitesFor): * bytecode/DFGExitProfile.h: (JSC::DFG::FrequentExitSite::FrequentExitSite): (JSC::DFG::FrequentExitSite::operator== const): (JSC::DFG::FrequentExitSite::subsumes const): (JSC::DFG::FrequentExitSite::hash const): (JSC::DFG::FrequentExitSite::bytecodeIndex const): (JSC::DFG::FrequentExitSite::isHashTableDeletedValue const): (JSC::DFG::QueryableExitProfile::hasExitSite const): (JSC::DFG::FrequentExitSite::bytecodeOffset const): Deleted. * bytecode/DeferredSourceDump.cpp: (JSC::DeferredSourceDump::DeferredSourceDump): (JSC::DeferredSourceDump::dump): * bytecode/DeferredSourceDump.h: (): Deleted. * bytecode/FullBytecodeLiveness.h: (JSC::FullBytecodeLiveness::getLiveness const): (JSC::FullBytecodeLiveness::operandIsLive const): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): (JSC::GetByIdStatus::computeFor): (JSC::GetByIdStatus::computeForStubInfo): * bytecode/GetByIdStatus.h: * bytecode/ICStatusUtils.cpp: (JSC::hasBadCacheExitSite): * bytecode/ICStatusUtils.h: * bytecode/InByIdStatus.cpp: (JSC::InByIdStatus::computeFor): * bytecode/InByIdStatus.h: * bytecode/InlineCallFrame.cpp: (JSC::InlineCallFrame::dumpInContext const): * bytecode/InstanceOfStatus.cpp: (JSC::InstanceOfStatus::computeFor): * bytecode/InstanceOfStatus.h: * bytecode/InstructionStream.h: (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::index const): (JSC::InstructionStream::at const): * bytecode/LazyOperandValueProfile.h: (JSC::LazyOperandValueProfileKey::LazyOperandValueProfileKey): (JSC::LazyOperandValueProfileKey::operator== const): (JSC::LazyOperandValueProfileKey::hash const): (JSC::LazyOperandValueProfileKey::bytecodeIndex const): (JSC::LazyOperandValueProfileKey::isHashTableDeletedValue const): (JSC::LazyOperandValueProfileKey::bytecodeOffset const): Deleted. * bytecode/MethodOfGettingAValueProfile.cpp: (JSC::MethodOfGettingAValueProfile::fromLazyOperand): * bytecode/MethodOfGettingAValueProfile.h: * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): (JSC::PutByIdStatus::computeFor): * bytecode/PutByIdStatus.h: * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::StructureStubInfo): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::lineNumberForBytecodeIndex): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeIndex const): (JSC::UnlinkedCodeBlock::handlerForBytecodeIndex): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): Deleted. (JSC::UnlinkedCodeBlock::handlerForBytecodeOffset): Deleted. * bytecode/UnlinkedCodeBlock.h: * bytecode/ValueProfile.h: (JSC::RareCaseProfile::RareCaseProfile): (JSC::getRareCaseProfileBytecodeIndex): (JSC::getRareCaseProfileBytecodeOffset): Deleted. * bytecompiler/BytecodeGenerator.cpp: (JSC::ForInContext::finalize): * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::currentPosition): * dfg/DFGBasicBlock.cpp: (JSC::DFG::BasicBlock::BasicBlock): * dfg/DFGBasicBlock.h: (JSC::DFG::getBytecodeBeginForBlock): (JSC::DFG::blockForBytecodeIndex): (JSC::DFG::blockForBytecodeOffset): Deleted. * dfg/DFGBlockInsertionSet.cpp: (JSC::DFG::BlockInsertionSet::insert): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::flushForTerminalImpl): (JSC::DFG::ByteCodeParser::flushIfTerminal): (JSC::DFG::ByteCodeParser::branchData): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getPrediction): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::makeSafe): (JSC::DFG::ByteCodeParser::makeDivSafe): (JSC::DFG::ByteCodeParser::allocateTargetableBlock): (JSC::DFG::ByteCodeParser::allocateUntargetableBlock): (JSC::DFG::ByteCodeParser::makeBlockTargetable): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::linkBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCommonData.cpp: (JSC::DFG::CommonData::addCodeOrigin): (JSC::DFG::CommonData::addUniqueCallSiteIndex): (JSC::DFG::CommonData::lastCallSite const): * dfg/DFGCommonData.h: (JSC::DFG::CommonData::catchOSREntryDataForBytecodeIndex): (JSC::DFG::CommonData::appendCatchEntrypoint): * dfg/DFGDriver.cpp: (JSC::DFG::compileImpl): (JSC::DFG::compile): * dfg/DFGDriver.h: * dfg/DFGGraph.cpp: (JSC::DFG::Graph::dump): (JSC::DFG::Graph::methodOfGettingAValueProfileFor): (JSC::DFG::Graph::willCatchExceptionInMachineFrame): * dfg/DFGGraph.h: * dfg/DFGJITCode.cpp: (JSC::DFG::JITCode::clearOSREntryBlockAndResetThresholds): * dfg/DFGJITCode.h: (JSC::DFG::JITCode::appendOSREntryData): (JSC::DFG::JITCode::osrEntryDataForBytecodeIndex): * dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::JITCompiler): (JSC::DFG::JITCompiler::compile): (JSC::DFG::JITCompiler::compileFunction): * dfg/DFGJITCompiler.h: (JSC::DFG::JITCompiler::setStartOfCode): * dfg/DFGLiveCatchVariablePreservationPhase.cpp: (JSC::DFG::LiveCatchVariablePreservationPhase::handleBlockForTryCatch): * dfg/DFGOSREntry.cpp: (JSC::DFG::OSREntryData::dumpInContext const): (JSC::DFG::prepareOSREntry): (JSC::DFG::prepareCatchOSREntry): * dfg/DFGOSREntry.h: (JSC::DFG::getOSREntryDataBytecodeIndex): (JSC::DFG::prepareOSREntry): * dfg/DFGOSREntrypointCreationPhase.cpp: (JSC::DFG::OSREntrypointCreationPhase::run): * dfg/DFGOSRExit.cpp: (JSC::DFG::OSRExit::executeOSRExit): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): (JSC::DFG::printOSRExit): (JSC::DFG::OSRExit::compileExit): (JSC::DFG::OSRExit::debugOperationPrintSpeculationFailure): * dfg/DFGOSRExit.h: * dfg/DFGOSRExitCompilerCommon.cpp: (JSC::DFG::callerReturnPC): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): * dfg/DFGOSRExitCompilerCommon.h: * dfg/DFGOperations.cpp: * dfg/DFGOperations.h: * dfg/DFGPlan.cpp: (JSC::DFG::Plan::Plan): (JSC::DFG::Plan::compileInThreadImpl): (JSC::DFG::Plan::cleanMustHandleValuesIfNecessary): * dfg/DFGPlan.h: (JSC::DFG::Plan::osrEntryBytecodeIndex const): (JSC::DFG::Plan::tierUpInLoopHierarchy): (JSC::DFG::Plan::tierUpAndOSREnterBytecodes): * dfg/DFGSSAConversionPhase.cpp: (JSC::DFG::SSAConversionPhase::run): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileCurrentBlock): (JSC::DFG::SpeculativeJIT::checkArgumentTypes): (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileValueMul): (JSC::DFG::SpeculativeJIT::emitSwitchCharStringJump): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGTierUpCheckInjectionPhase.cpp: (JSC::DFG::TierUpCheckInjectionPhase::run): (JSC::DFG::TierUpCheckInjectionPhase::buildNaturalLoopToLoopHintMap): * dfg/DFGToFTLForOSREntryDeferredCompilationCallback.cpp: (JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::compilationDidComplete): * dfg/DFGValidate.cpp: * ftl/FTLCompile.cpp: (JSC::FTL::compile): * ftl/FTLForOSREntryJITCode.h: (JSC::FTL::ForOSREntryJITCode::setBytecodeIndex): (JSC::FTL::ForOSREntryJITCode::bytecodeIndex const): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::lower): (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileValueMul): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOSREntry.cpp: (JSC::FTL::prepareOSREntry): * ftl/FTLOSREntry.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::callSiteIndex const): (JSC::CallFrame::unsafeCallSiteIndex const): (JSC::CallFrame::setCurrentVPC): (JSC::CallFrame::bytecodeIndex): (JSC::CallFrame::codeOrigin): (JSC::CallFrame::dump): (JSC::CallFrame::bytecodeOffset): Deleted. * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::CallSiteIndex::operator bool const): (JSC::CallSiteIndex::operator== const): (JSC::CallSiteIndex::bits const): (JSC::CallSiteIndex::bytecodeIndex const): (JSC::DisposableCallSiteIndex::DisposableCallSiteIndex): (): Deleted. * interpreter/Interpreter.cpp: (JSC::GetStackTraceFunctor::operator() const): (JSC::findExceptionHandler): * interpreter/ShadowChicken.cpp: (JSC::ShadowChicken::update): * interpreter/StackVisitor.cpp: (JSC::StackVisitor::readNonInlinedFrame): (JSC::StackVisitor::readInlinedFrame): (JSC::StackVisitor::Frame::retrieveExpressionInfo const): (JSC::StackVisitor::Frame::dump const): * interpreter/StackVisitor.h: (JSC::StackVisitor::Frame::bytecodeIndex const): (JSC::StackVisitor::Frame::bytecodeOffset const): Deleted. * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitEnterOptimizationCheck): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): (JSC::JIT::privateCompileExceptionHandlers): * jit/JIT.h: (JSC::CallRecord::CallRecord): (JSC::SlowCaseEntry::SlowCaseEntry): (JSC::SwitchRecord::SwitchRecord): (JSC::ByValCompilationInfo::ByValCompilationInfo): * jit/JITCall.cpp: (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileOpCall): * jit/JITCodeMap.h: (JSC::JITCodeMap::Entry::Entry): (JSC::JITCodeMap::Entry::bytecodeIndex const): (JSC::JITCodeMap::append): (JSC::JITCodeMap::find const): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::dumpVectorForInstructions): (JSC::JITDisassembler::reportInstructions): * jit/JITDisassembler.h: * jit/JITInlines.h: (JSC::JIT::emitNakedCall): (JSC::JIT::emitNakedTailCall): (JSC::JIT::updateTopCallFrame): (JSC::JIT::linkAllSlowCasesForBytecodeIndex): (JSC::JIT::addSlowCase): (JSC::JIT::addJump): (JSC::JIT::emitJumpSlowToHot): (JSC::JIT::emitGetVirtualRegister): (JSC::JIT::linkAllSlowCasesForBytecodeOffset): Deleted. * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_instanceof): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emit_op_log_shadow_chicken_tail): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_instanceof): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_has_indexed_property): * jit/JITOperations.cpp: (JSC::getByVal): (JSC::tryGetByValOptimize): * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emit_op_in_by_id): * jit/JITWorklist.cpp: (JSC::JITWorklist::Plan::Plan): (JSC::JITWorklist::Plan::compileNow): (JSC::JITWorklist::compileLater): (JSC::JITWorklist::compileNow): * jit/JITWorklist.h: * jit/PCToCodeOriginMap.cpp: (JSC::PCToCodeOriginMap::PCToCodeOriginMap): (JSC::PCToCodeOriginMap::findPC const): * jit/PCToCodeOriginMap.h: (JSC::PCToCodeOriginMapBuilder::defaultCodeOrigin): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::call): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::jitCompileAndSetHeuristics): (JSC::LLInt::LLINT_SLOW_PATH_DECL): * profiler/ProfilerOrigin.cpp: (JSC::Profiler::Origin::Origin): (JSC::Profiler::Origin::dump const): (JSC::Profiler::Origin::toJS const): * profiler/ProfilerOrigin.h: (JSC::Profiler::Origin::Origin): (JSC::Profiler::Origin::operator! const): (JSC::Profiler::Origin::bytecodeIndex const): (JSC::Profiler::Origin::hash const): (JSC::Profiler::Origin::isHashTableDeletedValue const): * runtime/Error.cpp: (JSC::getBytecodeIndex): (JSC::getBytecodeOffset): Deleted. * runtime/Error.h: * runtime/ErrorInstance.cpp: (JSC::appendSourceToError): (JSC::ErrorInstance::finishCreation): * runtime/SamplingProfiler.cpp: (JSC::tryGetBytecodeIndex): (JSC::SamplingProfiler::processUnverifiedStackTraces): (JSC::SamplingProfiler::reportTopBytecodes): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::StackFrame::CodeLocation::hasBytecodeIndex const): * runtime/StackFrame.cpp: (JSC::StackFrame::StackFrame): (JSC::StackFrame::computeLineAndColumn const): * runtime/StackFrame.h: (JSC::StackFrame::hasBytecodeIndex const): (JSC::StackFrame::bytecodeIndex): (JSC::StackFrame::hasBytecodeOffset const): Deleted. (JSC::StackFrame::bytecodeOffset): Deleted. * tools/VMInspector.cpp: (JSC::VMInspector::dumpRegisters): Canonical link: https://commits.webkit.org/216705@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@251468 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-10-23 00:55:38 +00:00
if (expressionInfo[mid].instructionOffset <= bytecodeIndex.offset())
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
low = mid + 1;
else
high = mid;
}
Fix 30% JSBench regression (caused by adding column numbers to stack traces). https://bugs.webkit.org/show_bug.cgi?id=118481. Reviewed by Mark Hahnenberg and Geoffrey Garen. Source/JavaScriptCore: Previously, we already capture ExpressionRangeInfo that provides a divot for each bytecode that can potentially throw an exception (and therefore generate a stack trace). On first attempt to compute column numbers, we then do a walk of the source string to record all line start positions in a table associated with the SourceProvider. The column number can then be computed as divot - lineStartFor(bytecodeOffset). The computation of this lineStarts table is the source of the 30% JSBench performance regression. The new code now records lineStarts as the lexer and parser scans the source code. These lineStarts are then used to compute the column number for the given divot, and stored in the ExpressionRangeInfo. Similarly, we also capture the line number at the divot point and store that in the ExpressionRangeInfo. Hence, to look up line and column numbers, we now lookup the ExpressionRangeInfo for the bytecodeOffset, and then compute the line and column from the values stored in the expression info. The strategy: 1. We want to minimize perturbations to the lexer and parser. Specifically, the changes added should not change how it scans code, and generate bytecode. 2. We regard the divot as the source character position we are interested in. As such, we'll capture line and lineStart (for column) at the point when we capture the divot information. This ensures that the 3 values are consistent. How the change is done: 1. Change the lexer to track lineStarts. 2. Change the parser to capture line and lineStarts at the point of capturing divots. 3. Change the parser and associated code to plumb these values all the way to the point that the correspoinding ExpressionRangeInfo is emitted. 4. Propagate and record SourceCode firstLine and firstLineColumnOffset to the the necessary places so that we can add them as needed when reifying UnlinkedCodeBlocks into CodeBlocks. 5. Compress the line and column number values in the ExpressionRangeInfo. In practice, we seldom have both large line and column numbers. Hence, we can encode both in an uint32_t most of the time. For the times when we encounter both large line and column numbers, we have a fallback to store the "fat" position info. 6. Emit an ExpressionRangeInfo for UnaryOp nodes to get more line and column number coverage. 7. Change the interpreter to use the new way of computing line and column. 8. Delete old line and column computation code that is now unused. Misc details: - the old lexer was tracking both a startOffset and charPosition where charPosition equals startOffset - SourceCode.startOffset. We now use startOffset exclusively throughout the system for consistency. All offset values (including lineStart) are relative to the start of the SourceProvider string. These values will only be converted to be relative to the SourceCode.startOffset at the very last minute i.e. when the divot is stored into the ExpressionRangeInfo. This change to use the same offset system everywhere reduces confusion from having to convert back and forth between the 2 systems. It also enables a lot of assertions to be used. - Also fixed some bugs in the choice of divot positions to use. For example, both Eval and Function expressions previously used column numbers from the start of the expression but used the line number at the end of the expression. This is now fixed to use either the start or end positions as appropriate, but not a mix of line and columns from both. - Why use ints instead of unsigneds for offsets and lineStarts inside the lexer and parser? Some tests (e.g. fast/js/call-base-resolution.html and fast/js/eval-cross-window.html) has shown that lineStart offsets can be prior to the SourceCode.startOffset. Keeping the lexer offsets as ints simplifies computations and makes it easier to maintain the assertions that (startOffset >= lineStartOffset). However, column and line numbers are always unsigned when we publish them to the ExpressionRangeInfo. The ints are only used inside the lexer and parser ... well, and bytecode generator. - For all cases, lineStart is always captured where the divot is captured. However, some sputnik conformance tests have shown that we cannot honor line breaks for assignment statements like the following: eval("x\u000A*=\u000A-1;"); In this case, the lineStart is expected to be captured at the start of the assignment expression instead of at the divot point in the middle. The assignment expression is the only special case for this. This patch has been tested against the full layout tests both with release and debug builds with no regression. * API/JSContextRef.cpp: (JSContextCreateBacktrace): - Updated to use the new StackFrame::computeLineAndColumn(). * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): - Added m_firstLineColumnOffset initialization. - Plumbed the firstLineColumnOffset into the SourceCode. - Initialized column for op_debug using the new way. (JSC::CodeBlock::lineNumberForBytecodeOffset): - Changed to compute line number using the ExpressionRangeInfo. (JSC::CodeBlock::columnNumberForBytecodeOffset): Added - Changed to compute column number using the ExpressionRangeInfo. (JSC::CodeBlock::expressionRangeForBytecodeOffset): * bytecode/CodeBlock.h: (JSC::CodeBlock::firstLineColumnOffset): (JSC::GlobalCodeBlock::GlobalCodeBlock): - Plumbed firstLineColumnOffset through to the super class. (JSC::ProgramCodeBlock::ProgramCodeBlock): - Plumbed firstLineColumnOffset through to the super class. (JSC::EvalCodeBlock::EvalCodeBlock): - Plumbed firstLineColumnOffset through to the super class. But for EvalCodeBlocks, the firstLineColumnOffset is always 1 because we're starting with a new source string with no start offset. (JSC::FunctionCodeBlock::FunctionCodeBlock): - Plumbed firstLineColumnOffset through to the super class. * bytecode/ExpressionRangeInfo.h: - Added modes for encoding line and column into a single 30-bit unsigned. The encoding is in 1 of 3 modes: 1. FatLineMode: 22-bit line, 8-bit column 2. FatColumnMode: 8-bit line, 22-bit column 3. FatLineAndColumnMode: 32-bit line, 32-bit column (JSC::ExpressionRangeInfo::encodeFatLineMode): Added. - Encodes line and column into the 30-bit position using FatLine mode. (JSC::ExpressionRangeInfo::encodeFatColumnMode): Added. - Encodes line and column into the 30-bit position using FatColumn mode. (JSC::ExpressionRangeInfo::decodeFatLineMode): Added. - Decodes the FatLine mode 30-bit position into line and column. (JSC::ExpressionRangeInfo::decodeFatColumnMode): Added. - Decodes the FatColumn mode 30-bit position into line and column. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): - Plumbed startColumn through. (JSC::UnlinkedFunctionExecutable::link): - Plumbed startColumn through. (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): - Computes a line number using the new way. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): - Added decoding of line and column. - Added handling of the case when we do not find a fitting expression range info for a specified bytecodeOffset. This only happens if the bytecodeOffset is below the first expression range info. In that case, we'll use the first expression range info entry. (JSC::UnlinkedCodeBlock::addExpressionInfo): - Added encoding of line and column. * bytecode/UnlinkedCodeBlock.h: - Added m_expressionInfoFatPositions in RareData. (JSC::UnlinkedFunctionExecutable::functionStartColumn): (JSC::UnlinkedCodeBlock::shrinkToFit): - Removed obsoleted m_lineInfo. * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitCall): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitCallEval): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitCallVarargs): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitConstruct): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitDebugHook): Plumbed lineStart through. * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::emitNode): (JSC::BytecodeGenerator::emitNodeInConditionContext): - Removed obsoleted m_lineInfo. (JSC::BytecodeGenerator::emitExpressionInfo): - Plumbed line and lineStart through. - Compute the line and column to be added to the expression range info. * bytecompiler/NodesCodegen.cpp: (JSC::ThrowableExpressionData::emitThrowReferenceError): (JSC::ResolveNode::emitBytecode): (JSC::ArrayNode::toArgumentList): (JSC::BracketAccessorNode::emitBytecode): (JSC::DotAccessorNode::emitBytecode): (JSC::NewExprNode::emitBytecode): (JSC::EvalFunctionCallNode::emitBytecode): (JSC::FunctionCallValueNode::emitBytecode): (JSC::FunctionCallResolveNode::emitBytecode): (JSC::FunctionCallBracketNode::emitBytecode): (JSC::FunctionCallDotNode::emitBytecode): (JSC::CallFunctionCallDotNode::emitBytecode): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::PostfixNode::emitResolve): (JSC::PostfixNode::emitBracket): (JSC::PostfixNode::emitDot): (JSC::DeleteResolveNode::emitBytecode): (JSC::DeleteBracketNode::emitBytecode): (JSC::DeleteDotNode::emitBytecode): (JSC::PrefixNode::emitResolve): (JSC::PrefixNode::emitBracket): (JSC::PrefixNode::emitDot): - Plumbed line and lineStart through the above as needed. (JSC::UnaryOpNode::emitBytecode): - Added emission of an ExpressionRangeInfo for the UnaryOp node. (JSC::BinaryOpNode::emitStrcat): (JSC::ThrowableBinaryOpNode::emitBytecode): (JSC::InstanceOfNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ReadModifyResolveNode::emitBytecode): (JSC::AssignResolveNode::emitBytecode): (JSC::AssignDotNode::emitBytecode): (JSC::ReadModifyDotNode::emitBytecode): (JSC::AssignBracketNode::emitBytecode): (JSC::ReadModifyBracketNode::emitBytecode): - Plumbed line and lineStart through the above as needed. (JSC::ConstStatementNode::emitBytecode): (JSC::EmptyStatementNode::emitBytecode): (JSC::DebuggerStatementNode::emitBytecode): (JSC::ExprStatementNode::emitBytecode): (JSC::VarStatementNode::emitBytecode): (JSC::IfElseNode::emitBytecode): (JSC::DoWhileNode::emitBytecode): (JSC::WhileNode::emitBytecode): (JSC::ForNode::emitBytecode): (JSC::ForInNode::emitBytecode): (JSC::ContinueNode::emitBytecode): (JSC::BreakNode::emitBytecode): (JSC::ReturnNode::emitBytecode): (JSC::WithNode::emitBytecode): (JSC::SwitchNode::emitBytecode): (JSC::LabelNode::emitBytecode): (JSC::ThrowNode::emitBytecode): (JSC::TryNode::emitBytecode): (JSC::ProgramNode::emitBytecode): (JSC::EvalNode::emitBytecode): (JSC::FunctionBodyNode::emitBytecode): - Plumbed line and lineStart through the above as needed. * interpreter/Interpreter.cpp: (JSC::appendSourceToError): - Added line and column arguments for expressionRangeForBytecodeOffset(). (JSC::StackFrame::computeLineAndColumn): - Replaces StackFrame::line() and StackFrame::column(). (JSC::StackFrame::expressionInfo): - Added line and column arguments. (JSC::StackFrame::toString): - Changed to use the new StackFrame::computeLineAndColumn(). (JSC::Interpreter::getStackTrace): - Added the needed firstLineColumnOffset arg for the StackFrame. * interpreter/Interpreter.h: * parser/ASTBuilder.h: (JSC::ASTBuilder::BinaryOpInfo::BinaryOpInfo): (JSC::ASTBuilder::AssignmentInfo::AssignmentInfo): (JSC::ASTBuilder::createResolve): (JSC::ASTBuilder::createBracketAccess): (JSC::ASTBuilder::createDotAccess): (JSC::ASTBuilder::createRegExp): (JSC::ASTBuilder::createNewExpr): (JSC::ASTBuilder::createAssignResolve): (JSC::ASTBuilder::createFunctionExpr): (JSC::ASTBuilder::createFunctionBody): (JSC::ASTBuilder::createGetterOrSetterProperty): (JSC::ASTBuilder::createFuncDeclStatement): (JSC::ASTBuilder::createBlockStatement): (JSC::ASTBuilder::createExprStatement): (JSC::ASTBuilder::createIfStatement): (JSC::ASTBuilder::createForLoop): (JSC::ASTBuilder::createForInLoop): (JSC::ASTBuilder::createVarStatement): (JSC::ASTBuilder::createReturnStatement): (JSC::ASTBuilder::createBreakStatement): (JSC::ASTBuilder::createContinueStatement): (JSC::ASTBuilder::createTryStatement): (JSC::ASTBuilder::createSwitchStatement): (JSC::ASTBuilder::createWhileStatement): (JSC::ASTBuilder::createDoWhileStatement): (JSC::ASTBuilder::createLabelStatement): (JSC::ASTBuilder::createWithStatement): (JSC::ASTBuilder::createThrowStatement): (JSC::ASTBuilder::createDebugger): (JSC::ASTBuilder::createConstStatement): (JSC::ASTBuilder::appendBinaryExpressionInfo): (JSC::ASTBuilder::appendUnaryToken): (JSC::ASTBuilder::unaryTokenStackLastStart): (JSC::ASTBuilder::unaryTokenStackLastLineStartPosition): Added. (JSC::ASTBuilder::assignmentStackAppend): (JSC::ASTBuilder::createAssignment): (JSC::ASTBuilder::setExceptionLocation): (JSC::ASTBuilder::makeDeleteNode): (JSC::ASTBuilder::makeFunctionCallNode): (JSC::ASTBuilder::makeBinaryNode): (JSC::ASTBuilder::makeAssignNode): (JSC::ASTBuilder::makePrefixNode): (JSC::ASTBuilder::makePostfixNode):. - Plumbed line, lineStart, and startColumn through the above as needed. * parser/Lexer.cpp: (JSC::::currentSourcePtr): (JSC::::setCode): - Added tracking for sourceoffset and lineStart. (JSC::::internalShift): (JSC::::parseIdentifier): - Added tracking for lineStart. (JSC::::parseIdentifierSlowCase): (JSC::::parseString): - Added tracking for lineStart. (JSC::::parseStringSlowCase): (JSC::::lex): - Added tracking for sourceoffset. (JSC::::sourceCode): * parser/Lexer.h: (JSC::Lexer::currentOffset): (JSC::Lexer::currentLineStartOffset): (JSC::Lexer::setOffset): - Added tracking for lineStart. (JSC::Lexer::offsetFromSourcePtr): Added. conversion function. (JSC::Lexer::sourcePtrFromOffset): Added. conversion function. (JSC::Lexer::setOffsetFromSourcePtr): (JSC::::lexExpectIdentifier): - Added tracking for sourceoffset and lineStart. * parser/NodeConstructors.h: (JSC::Node::Node): (JSC::ResolveNode::ResolveNode): (JSC::EvalFunctionCallNode::EvalFunctionCallNode): (JSC::FunctionCallValueNode::FunctionCallValueNode): (JSC::FunctionCallResolveNode::FunctionCallResolveNode): (JSC::FunctionCallBracketNode::FunctionCallBracketNode): (JSC::FunctionCallDotNode::FunctionCallDotNode): (JSC::CallFunctionCallDotNode::CallFunctionCallDotNode): (JSC::ApplyFunctionCallDotNode::ApplyFunctionCallDotNode): (JSC::PostfixNode::PostfixNode): (JSC::DeleteResolveNode::DeleteResolveNode): (JSC::DeleteBracketNode::DeleteBracketNode): (JSC::DeleteDotNode::DeleteDotNode): (JSC::PrefixNode::PrefixNode): (JSC::ReadModifyResolveNode::ReadModifyResolveNode): (JSC::ReadModifyBracketNode::ReadModifyBracketNode): (JSC::AssignBracketNode::AssignBracketNode): (JSC::AssignDotNode::AssignDotNode): (JSC::ReadModifyDotNode::ReadModifyDotNode): (JSC::AssignErrorNode::AssignErrorNode): (JSC::WithNode::WithNode): (JSC::ForInNode::ForInNode): - Plumbed line and lineStart through the above as needed. * parser/Nodes.cpp: (JSC::StatementNode::setLoc): Plumbed lineStart. (JSC::ScopeNode::ScopeNode): Plumbed lineStart. (JSC::ProgramNode::ProgramNode): Plumbed startColumn. (JSC::ProgramNode::create): Plumbed startColumn. (JSC::EvalNode::create): (JSC::FunctionBodyNode::FunctionBodyNode): Plumbed startColumn. (JSC::FunctionBodyNode::create): Plumbed startColumn. * parser/Nodes.h: (JSC::Node::startOffset): (JSC::Node::lineStartOffset): Added. (JSC::StatementNode::firstLine): (JSC::StatementNode::lastLine): (JSC::ThrowableExpressionData::ThrowableExpressionData): (JSC::ThrowableExpressionData::setExceptionSourceCode): (JSC::ThrowableExpressionData::divotStartOffset): (JSC::ThrowableExpressionData::divotEndOffset): (JSC::ThrowableExpressionData::divotLine): (JSC::ThrowableExpressionData::divotLineStart): (JSC::ThrowableSubExpressionData::ThrowableSubExpressionData): (JSC::ThrowableSubExpressionData::setSubexpressionInfo): (JSC::ThrowableSubExpressionData::subexpressionDivot): (JSC::ThrowableSubExpressionData::subexpressionStartOffset): (JSC::ThrowableSubExpressionData::subexpressionEndOffset): (JSC::ThrowableSubExpressionData::subexpressionLine): (JSC::ThrowableSubExpressionData::subexpressionLineStart): (JSC::ThrowablePrefixedSubExpressionData::ThrowablePrefixedSubExpressionData): (JSC::ThrowablePrefixedSubExpressionData::setSubexpressionInfo): (JSC::ThrowablePrefixedSubExpressionData::subexpressionDivot): (JSC::ThrowablePrefixedSubExpressionData::subexpressionStartOffset): (JSC::ThrowablePrefixedSubExpressionData::subexpressionEndOffset): (JSC::ThrowablePrefixedSubExpressionData::subexpressionLine): (JSC::ThrowablePrefixedSubExpressionData::subexpressionLineStart): (JSC::ScopeNode::startStartOffset): (JSC::ScopeNode::startLineStartOffset): (JSC::ProgramNode::startColumn): (JSC::EvalNode::startColumn): (JSC::FunctionBodyNode::startColumn): - Plumbed line and lineStart through the above as needed. * parser/Parser.cpp: (JSC::::Parser): (JSC::::parseSourceElements): (JSC::::parseVarDeclarationList): (JSC::::parseConstDeclarationList): (JSC::::parseForStatement): (JSC::::parseBreakStatement): (JSC::::parseContinueStatement): (JSC::::parseReturnStatement): (JSC::::parseThrowStatement): (JSC::::parseWithStatement): - Plumbed line and lineStart through the above as needed. (JSC::::parseFunctionBody): - Plumbed startColumn. (JSC::::parseFunctionInfo): (JSC::::parseFunctionDeclaration): (JSC::LabelInfo::LabelInfo): (JSC::::parseExpressionOrLabelStatement): (JSC::::parseAssignmentExpression): (JSC::::parseBinaryExpression): (JSC::::parseProperty): (JSC::::parseObjectLiteral): (JSC::::parsePrimaryExpression): (JSC::::parseMemberExpression): (JSC::::parseUnaryExpression): - Plumbed line, lineStart, startColumn through the above as needed. * parser/Parser.h: (JSC::Parser::next): (JSC::Parser::nextExpectIdentifier): (JSC::Parser::tokenStart): (JSC::Parser::tokenColumn): (JSC::Parser::tokenEnd): (JSC::Parser::tokenLineStart): (JSC::Parser::lastTokenLine): (JSC::Parser::lastTokenLineStart): (JSC::::parse): * parser/ParserTokens.h: (JSC::JSTokenLocation::JSTokenLocation): - Plumbed lineStart. (JSC::JSTokenLocation::lineStartPosition): (JSC::JSTokenLocation::startPosition): (JSC::JSTokenLocation::endPosition): * parser/SourceCode.h: (JSC::SourceCode::SourceCode): (JSC::SourceCode::startColumn): (JSC::makeSource): (JSC::SourceCode::subExpression): * parser/SourceProvider.cpp: delete old code. * parser/SourceProvider.h: delete old code. * parser/SourceProviderCacheItem.h: (JSC::SourceProviderCacheItem::closeBraceToken): (JSC::SourceProviderCacheItem::SourceProviderCacheItem): - Plumbed lineStart. * parser/SyntaxChecker.h: (JSC::SyntaxChecker::makeFunctionCallNode): (JSC::SyntaxChecker::makeAssignNode): (JSC::SyntaxChecker::makePrefixNode): (JSC::SyntaxChecker::makePostfixNode): (JSC::SyntaxChecker::makeDeleteNode): (JSC::SyntaxChecker::createResolve): (JSC::SyntaxChecker::createBracketAccess): (JSC::SyntaxChecker::createDotAccess): (JSC::SyntaxChecker::createRegExp): (JSC::SyntaxChecker::createNewExpr): (JSC::SyntaxChecker::createAssignResolve): (JSC::SyntaxChecker::createFunctionExpr): (JSC::SyntaxChecker::createFunctionBody): (JSC::SyntaxChecker::createFuncDeclStatement): (JSC::SyntaxChecker::createForInLoop): (JSC::SyntaxChecker::createReturnStatement): (JSC::SyntaxChecker::createBreakStatement): (JSC::SyntaxChecker::createContinueStatement): (JSC::SyntaxChecker::createWithStatement): (JSC::SyntaxChecker::createLabelStatement): (JSC::SyntaxChecker::createThrowStatement): (JSC::SyntaxChecker::createGetterOrSetterProperty): (JSC::SyntaxChecker::appendBinaryExpressionInfo): (JSC::SyntaxChecker::operatorStackPop): - Made SyntaxChecker prototype changes to match ASTBuilder due to new args added for plumbing line, lineStart, and startColumn. * runtime/CodeCache.cpp: (JSC::CodeCache::generateBytecode): (JSC::CodeCache::getCodeBlock): - Plumbed startColumn. * runtime/Executable.cpp: (JSC::FunctionExecutable::FunctionExecutable): (JSC::ProgramExecutable::compileInternal): (JSC::FunctionExecutable::produceCodeBlockFor): (JSC::FunctionExecutable::fromGlobalCode): - Plumbed startColumn. * runtime/Executable.h: (JSC::ScriptExecutable::startColumn): (JSC::ScriptExecutable::recordParse): (JSC::FunctionExecutable::create): - Plumbed startColumn. Source/WebCore: Test: fast/js/line-column-numbers.html Updated the bindings to use StackFrame::computeLineAndColumn(). The old StackFrame::line() and StackFrame::column() has been removed. The new algorithm always computes the 2 values together anyway. Hence it is more efficient to return them as a pair instead of doing the same computation twice for each half of the result. * bindings/js/ScriptCallStackFactory.cpp: (WebCore::createScriptCallStack): (WebCore::createScriptCallStackFromException): * bindings/js/ScriptSourceCode.h: (WebCore::ScriptSourceCode::ScriptSourceCode): LayoutTests: The fix now computes line and column numbers more accurately. As a result, some of the test results need to be re-baselined. Among other fixes, one major source of difference is that the old code was incorrectly computing 0-based column numbers. This has now been fixed to be 1-based. Note: line numbers were always 1-based. Also added a new test: fast/js/line-column-numbers.html, which tests line and column numbers for source code in various configurations. * editing/execCommand/outdent-blockquote-test1-expected.txt: * editing/execCommand/outdent-blockquote-test2-expected.txt: * editing/execCommand/outdent-blockquote-test3-expected.txt: * editing/execCommand/outdent-blockquote-test4-expected.txt: * editing/pasteboard/copy-paste-float-expected.txt: * editing/pasteboard/paste-blockquote-before-blockquote-expected.txt: * editing/pasteboard/paste-double-nested-blockquote-before-blockquote-expected.txt: * fast/dom/Window/window-resize-contents-expected.txt: * fast/events/remove-target-with-shadow-in-drag-expected.txt: * fast/js/line-column-numbers-expected.txt: Added. * fast/js/line-column-numbers.html: Added. * fast/js/script-tests/line-column-numbers.js: Added. (try.doThrow4b): (doThrow5b.try.innerFunc): (doThrow5b): (doThrow6b.try.innerFunc): (doThrow6b): (catch): (try.doThrow11b): (try.doThrow14b): * fast/js/stack-trace-expected.txt: * inspector/console/console-url-line-column-expected.txt: Canonical link: https://commits.webkit.org/136467@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@152494 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2013-07-09 16:15:12 +00:00
if (!low)
low = 1;
Make some methods const. https://bugs.webkit.org/show_bug.cgi?id=158594 Reviewed by Benjamin Poulain. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::columnNumberForBytecodeOffset): (JSC::CodeBlock::expressionRangeForBytecodeOffset): * bytecode/CodeBlock.h: * bytecode/ExpressionRangeInfo.h: (JSC::ExpressionRangeInfo::encodeFatColumnMode): (JSC::ExpressionRangeInfo::decodeFatLineMode): (JSC::ExpressionRangeInfo::decodeFatColumnMode): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::UnlinkedCodeBlock::getLineAndColumn): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::createRareDataIfNecessary): * interpreter/Interpreter.cpp: (JSC::Interpreter::isOpcode): (JSC::StackFrame::computeLineAndColumn): (JSC::StackFrame::toString): * interpreter/Interpreter.h: (JSC::StackFrame::isNative): Canonical link: https://commits.webkit.org/176678@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@201896 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2016-06-10 00:42:19 +00:00
const ExpressionRangeInfo& info = expressionInfo[low - 1];
Fix 30% JSBench regression (caused by adding column numbers to stack traces). https://bugs.webkit.org/show_bug.cgi?id=118481. Reviewed by Mark Hahnenberg and Geoffrey Garen. Source/JavaScriptCore: Previously, we already capture ExpressionRangeInfo that provides a divot for each bytecode that can potentially throw an exception (and therefore generate a stack trace). On first attempt to compute column numbers, we then do a walk of the source string to record all line start positions in a table associated with the SourceProvider. The column number can then be computed as divot - lineStartFor(bytecodeOffset). The computation of this lineStarts table is the source of the 30% JSBench performance regression. The new code now records lineStarts as the lexer and parser scans the source code. These lineStarts are then used to compute the column number for the given divot, and stored in the ExpressionRangeInfo. Similarly, we also capture the line number at the divot point and store that in the ExpressionRangeInfo. Hence, to look up line and column numbers, we now lookup the ExpressionRangeInfo for the bytecodeOffset, and then compute the line and column from the values stored in the expression info. The strategy: 1. We want to minimize perturbations to the lexer and parser. Specifically, the changes added should not change how it scans code, and generate bytecode. 2. We regard the divot as the source character position we are interested in. As such, we'll capture line and lineStart (for column) at the point when we capture the divot information. This ensures that the 3 values are consistent. How the change is done: 1. Change the lexer to track lineStarts. 2. Change the parser to capture line and lineStarts at the point of capturing divots. 3. Change the parser and associated code to plumb these values all the way to the point that the correspoinding ExpressionRangeInfo is emitted. 4. Propagate and record SourceCode firstLine and firstLineColumnOffset to the the necessary places so that we can add them as needed when reifying UnlinkedCodeBlocks into CodeBlocks. 5. Compress the line and column number values in the ExpressionRangeInfo. In practice, we seldom have both large line and column numbers. Hence, we can encode both in an uint32_t most of the time. For the times when we encounter both large line and column numbers, we have a fallback to store the "fat" position info. 6. Emit an ExpressionRangeInfo for UnaryOp nodes to get more line and column number coverage. 7. Change the interpreter to use the new way of computing line and column. 8. Delete old line and column computation code that is now unused. Misc details: - the old lexer was tracking both a startOffset and charPosition where charPosition equals startOffset - SourceCode.startOffset. We now use startOffset exclusively throughout the system for consistency. All offset values (including lineStart) are relative to the start of the SourceProvider string. These values will only be converted to be relative to the SourceCode.startOffset at the very last minute i.e. when the divot is stored into the ExpressionRangeInfo. This change to use the same offset system everywhere reduces confusion from having to convert back and forth between the 2 systems. It also enables a lot of assertions to be used. - Also fixed some bugs in the choice of divot positions to use. For example, both Eval and Function expressions previously used column numbers from the start of the expression but used the line number at the end of the expression. This is now fixed to use either the start or end positions as appropriate, but not a mix of line and columns from both. - Why use ints instead of unsigneds for offsets and lineStarts inside the lexer and parser? Some tests (e.g. fast/js/call-base-resolution.html and fast/js/eval-cross-window.html) has shown that lineStart offsets can be prior to the SourceCode.startOffset. Keeping the lexer offsets as ints simplifies computations and makes it easier to maintain the assertions that (startOffset >= lineStartOffset). However, column and line numbers are always unsigned when we publish them to the ExpressionRangeInfo. The ints are only used inside the lexer and parser ... well, and bytecode generator. - For all cases, lineStart is always captured where the divot is captured. However, some sputnik conformance tests have shown that we cannot honor line breaks for assignment statements like the following: eval("x\u000A*=\u000A-1;"); In this case, the lineStart is expected to be captured at the start of the assignment expression instead of at the divot point in the middle. The assignment expression is the only special case for this. This patch has been tested against the full layout tests both with release and debug builds with no regression. * API/JSContextRef.cpp: (JSContextCreateBacktrace): - Updated to use the new StackFrame::computeLineAndColumn(). * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): - Added m_firstLineColumnOffset initialization. - Plumbed the firstLineColumnOffset into the SourceCode. - Initialized column for op_debug using the new way. (JSC::CodeBlock::lineNumberForBytecodeOffset): - Changed to compute line number using the ExpressionRangeInfo. (JSC::CodeBlock::columnNumberForBytecodeOffset): Added - Changed to compute column number using the ExpressionRangeInfo. (JSC::CodeBlock::expressionRangeForBytecodeOffset): * bytecode/CodeBlock.h: (JSC::CodeBlock::firstLineColumnOffset): (JSC::GlobalCodeBlock::GlobalCodeBlock): - Plumbed firstLineColumnOffset through to the super class. (JSC::ProgramCodeBlock::ProgramCodeBlock): - Plumbed firstLineColumnOffset through to the super class. (JSC::EvalCodeBlock::EvalCodeBlock): - Plumbed firstLineColumnOffset through to the super class. But for EvalCodeBlocks, the firstLineColumnOffset is always 1 because we're starting with a new source string with no start offset. (JSC::FunctionCodeBlock::FunctionCodeBlock): - Plumbed firstLineColumnOffset through to the super class. * bytecode/ExpressionRangeInfo.h: - Added modes for encoding line and column into a single 30-bit unsigned. The encoding is in 1 of 3 modes: 1. FatLineMode: 22-bit line, 8-bit column 2. FatColumnMode: 8-bit line, 22-bit column 3. FatLineAndColumnMode: 32-bit line, 32-bit column (JSC::ExpressionRangeInfo::encodeFatLineMode): Added. - Encodes line and column into the 30-bit position using FatLine mode. (JSC::ExpressionRangeInfo::encodeFatColumnMode): Added. - Encodes line and column into the 30-bit position using FatColumn mode. (JSC::ExpressionRangeInfo::decodeFatLineMode): Added. - Decodes the FatLine mode 30-bit position into line and column. (JSC::ExpressionRangeInfo::decodeFatColumnMode): Added. - Decodes the FatColumn mode 30-bit position into line and column. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): - Plumbed startColumn through. (JSC::UnlinkedFunctionExecutable::link): - Plumbed startColumn through. (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): - Computes a line number using the new way. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): - Added decoding of line and column. - Added handling of the case when we do not find a fitting expression range info for a specified bytecodeOffset. This only happens if the bytecodeOffset is below the first expression range info. In that case, we'll use the first expression range info entry. (JSC::UnlinkedCodeBlock::addExpressionInfo): - Added encoding of line and column. * bytecode/UnlinkedCodeBlock.h: - Added m_expressionInfoFatPositions in RareData. (JSC::UnlinkedFunctionExecutable::functionStartColumn): (JSC::UnlinkedCodeBlock::shrinkToFit): - Removed obsoleted m_lineInfo. * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitCall): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitCallEval): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitCallVarargs): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitConstruct): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitDebugHook): Plumbed lineStart through. * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::emitNode): (JSC::BytecodeGenerator::emitNodeInConditionContext): - Removed obsoleted m_lineInfo. (JSC::BytecodeGenerator::emitExpressionInfo): - Plumbed line and lineStart through. - Compute the line and column to be added to the expression range info. * bytecompiler/NodesCodegen.cpp: (JSC::ThrowableExpressionData::emitThrowReferenceError): (JSC::ResolveNode::emitBytecode): (JSC::ArrayNode::toArgumentList): (JSC::BracketAccessorNode::emitBytecode): (JSC::DotAccessorNode::emitBytecode): (JSC::NewExprNode::emitBytecode): (JSC::EvalFunctionCallNode::emitBytecode): (JSC::FunctionCallValueNode::emitBytecode): (JSC::FunctionCallResolveNode::emitBytecode): (JSC::FunctionCallBracketNode::emitBytecode): (JSC::FunctionCallDotNode::emitBytecode): (JSC::CallFunctionCallDotNode::emitBytecode): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::PostfixNode::emitResolve): (JSC::PostfixNode::emitBracket): (JSC::PostfixNode::emitDot): (JSC::DeleteResolveNode::emitBytecode): (JSC::DeleteBracketNode::emitBytecode): (JSC::DeleteDotNode::emitBytecode): (JSC::PrefixNode::emitResolve): (JSC::PrefixNode::emitBracket): (JSC::PrefixNode::emitDot): - Plumbed line and lineStart through the above as needed. (JSC::UnaryOpNode::emitBytecode): - Added emission of an ExpressionRangeInfo for the UnaryOp node. (JSC::BinaryOpNode::emitStrcat): (JSC::ThrowableBinaryOpNode::emitBytecode): (JSC::InstanceOfNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ReadModifyResolveNode::emitBytecode): (JSC::AssignResolveNode::emitBytecode): (JSC::AssignDotNode::emitBytecode): (JSC::ReadModifyDotNode::emitBytecode): (JSC::AssignBracketNode::emitBytecode): (JSC::ReadModifyBracketNode::emitBytecode): - Plumbed line and lineStart through the above as needed. (JSC::ConstStatementNode::emitBytecode): (JSC::EmptyStatementNode::emitBytecode): (JSC::DebuggerStatementNode::emitBytecode): (JSC::ExprStatementNode::emitBytecode): (JSC::VarStatementNode::emitBytecode): (JSC::IfElseNode::emitBytecode): (JSC::DoWhileNode::emitBytecode): (JSC::WhileNode::emitBytecode): (JSC::ForNode::emitBytecode): (JSC::ForInNode::emitBytecode): (JSC::ContinueNode::emitBytecode): (JSC::BreakNode::emitBytecode): (JSC::ReturnNode::emitBytecode): (JSC::WithNode::emitBytecode): (JSC::SwitchNode::emitBytecode): (JSC::LabelNode::emitBytecode): (JSC::ThrowNode::emitBytecode): (JSC::TryNode::emitBytecode): (JSC::ProgramNode::emitBytecode): (JSC::EvalNode::emitBytecode): (JSC::FunctionBodyNode::emitBytecode): - Plumbed line and lineStart through the above as needed. * interpreter/Interpreter.cpp: (JSC::appendSourceToError): - Added line and column arguments for expressionRangeForBytecodeOffset(). (JSC::StackFrame::computeLineAndColumn): - Replaces StackFrame::line() and StackFrame::column(). (JSC::StackFrame::expressionInfo): - Added line and column arguments. (JSC::StackFrame::toString): - Changed to use the new StackFrame::computeLineAndColumn(). (JSC::Interpreter::getStackTrace): - Added the needed firstLineColumnOffset arg for the StackFrame. * interpreter/Interpreter.h: * parser/ASTBuilder.h: (JSC::ASTBuilder::BinaryOpInfo::BinaryOpInfo): (JSC::ASTBuilder::AssignmentInfo::AssignmentInfo): (JSC::ASTBuilder::createResolve): (JSC::ASTBuilder::createBracketAccess): (JSC::ASTBuilder::createDotAccess): (JSC::ASTBuilder::createRegExp): (JSC::ASTBuilder::createNewExpr): (JSC::ASTBuilder::createAssignResolve): (JSC::ASTBuilder::createFunctionExpr): (JSC::ASTBuilder::createFunctionBody): (JSC::ASTBuilder::createGetterOrSetterProperty): (JSC::ASTBuilder::createFuncDeclStatement): (JSC::ASTBuilder::createBlockStatement): (JSC::ASTBuilder::createExprStatement): (JSC::ASTBuilder::createIfStatement): (JSC::ASTBuilder::createForLoop): (JSC::ASTBuilder::createForInLoop): (JSC::ASTBuilder::createVarStatement): (JSC::ASTBuilder::createReturnStatement): (JSC::ASTBuilder::createBreakStatement): (JSC::ASTBuilder::createContinueStatement): (JSC::ASTBuilder::createTryStatement): (JSC::ASTBuilder::createSwitchStatement): (JSC::ASTBuilder::createWhileStatement): (JSC::ASTBuilder::createDoWhileStatement): (JSC::ASTBuilder::createLabelStatement): (JSC::ASTBuilder::createWithStatement): (JSC::ASTBuilder::createThrowStatement): (JSC::ASTBuilder::createDebugger): (JSC::ASTBuilder::createConstStatement): (JSC::ASTBuilder::appendBinaryExpressionInfo): (JSC::ASTBuilder::appendUnaryToken): (JSC::ASTBuilder::unaryTokenStackLastStart): (JSC::ASTBuilder::unaryTokenStackLastLineStartPosition): Added. (JSC::ASTBuilder::assignmentStackAppend): (JSC::ASTBuilder::createAssignment): (JSC::ASTBuilder::setExceptionLocation): (JSC::ASTBuilder::makeDeleteNode): (JSC::ASTBuilder::makeFunctionCallNode): (JSC::ASTBuilder::makeBinaryNode): (JSC::ASTBuilder::makeAssignNode): (JSC::ASTBuilder::makePrefixNode): (JSC::ASTBuilder::makePostfixNode):. - Plumbed line, lineStart, and startColumn through the above as needed. * parser/Lexer.cpp: (JSC::::currentSourcePtr): (JSC::::setCode): - Added tracking for sourceoffset and lineStart. (JSC::::internalShift): (JSC::::parseIdentifier): - Added tracking for lineStart. (JSC::::parseIdentifierSlowCase): (JSC::::parseString): - Added tracking for lineStart. (JSC::::parseStringSlowCase): (JSC::::lex): - Added tracking for sourceoffset. (JSC::::sourceCode): * parser/Lexer.h: (JSC::Lexer::currentOffset): (JSC::Lexer::currentLineStartOffset): (JSC::Lexer::setOffset): - Added tracking for lineStart. (JSC::Lexer::offsetFromSourcePtr): Added. conversion function. (JSC::Lexer::sourcePtrFromOffset): Added. conversion function. (JSC::Lexer::setOffsetFromSourcePtr): (JSC::::lexExpectIdentifier): - Added tracking for sourceoffset and lineStart. * parser/NodeConstructors.h: (JSC::Node::Node): (JSC::ResolveNode::ResolveNode): (JSC::EvalFunctionCallNode::EvalFunctionCallNode): (JSC::FunctionCallValueNode::FunctionCallValueNode): (JSC::FunctionCallResolveNode::FunctionCallResolveNode): (JSC::FunctionCallBracketNode::FunctionCallBracketNode): (JSC::FunctionCallDotNode::FunctionCallDotNode): (JSC::CallFunctionCallDotNode::CallFunctionCallDotNode): (JSC::ApplyFunctionCallDotNode::ApplyFunctionCallDotNode): (JSC::PostfixNode::PostfixNode): (JSC::DeleteResolveNode::DeleteResolveNode): (JSC::DeleteBracketNode::DeleteBracketNode): (JSC::DeleteDotNode::DeleteDotNode): (JSC::PrefixNode::PrefixNode): (JSC::ReadModifyResolveNode::ReadModifyResolveNode): (JSC::ReadModifyBracketNode::ReadModifyBracketNode): (JSC::AssignBracketNode::AssignBracketNode): (JSC::AssignDotNode::AssignDotNode): (JSC::ReadModifyDotNode::ReadModifyDotNode): (JSC::AssignErrorNode::AssignErrorNode): (JSC::WithNode::WithNode): (JSC::ForInNode::ForInNode): - Plumbed line and lineStart through the above as needed. * parser/Nodes.cpp: (JSC::StatementNode::setLoc): Plumbed lineStart. (JSC::ScopeNode::ScopeNode): Plumbed lineStart. (JSC::ProgramNode::ProgramNode): Plumbed startColumn. (JSC::ProgramNode::create): Plumbed startColumn. (JSC::EvalNode::create): (JSC::FunctionBodyNode::FunctionBodyNode): Plumbed startColumn. (JSC::FunctionBodyNode::create): Plumbed startColumn. * parser/Nodes.h: (JSC::Node::startOffset): (JSC::Node::lineStartOffset): Added. (JSC::StatementNode::firstLine): (JSC::StatementNode::lastLine): (JSC::ThrowableExpressionData::ThrowableExpressionData): (JSC::ThrowableExpressionData::setExceptionSourceCode): (JSC::ThrowableExpressionData::divotStartOffset): (JSC::ThrowableExpressionData::divotEndOffset): (JSC::ThrowableExpressionData::divotLine): (JSC::ThrowableExpressionData::divotLineStart): (JSC::ThrowableSubExpressionData::ThrowableSubExpressionData): (JSC::ThrowableSubExpressionData::setSubexpressionInfo): (JSC::ThrowableSubExpressionData::subexpressionDivot): (JSC::ThrowableSubExpressionData::subexpressionStartOffset): (JSC::ThrowableSubExpressionData::subexpressionEndOffset): (JSC::ThrowableSubExpressionData::subexpressionLine): (JSC::ThrowableSubExpressionData::subexpressionLineStart): (JSC::ThrowablePrefixedSubExpressionData::ThrowablePrefixedSubExpressionData): (JSC::ThrowablePrefixedSubExpressionData::setSubexpressionInfo): (JSC::ThrowablePrefixedSubExpressionData::subexpressionDivot): (JSC::ThrowablePrefixedSubExpressionData::subexpressionStartOffset): (JSC::ThrowablePrefixedSubExpressionData::subexpressionEndOffset): (JSC::ThrowablePrefixedSubExpressionData::subexpressionLine): (JSC::ThrowablePrefixedSubExpressionData::subexpressionLineStart): (JSC::ScopeNode::startStartOffset): (JSC::ScopeNode::startLineStartOffset): (JSC::ProgramNode::startColumn): (JSC::EvalNode::startColumn): (JSC::FunctionBodyNode::startColumn): - Plumbed line and lineStart through the above as needed. * parser/Parser.cpp: (JSC::::Parser): (JSC::::parseSourceElements): (JSC::::parseVarDeclarationList): (JSC::::parseConstDeclarationList): (JSC::::parseForStatement): (JSC::::parseBreakStatement): (JSC::::parseContinueStatement): (JSC::::parseReturnStatement): (JSC::::parseThrowStatement): (JSC::::parseWithStatement): - Plumbed line and lineStart through the above as needed. (JSC::::parseFunctionBody): - Plumbed startColumn. (JSC::::parseFunctionInfo): (JSC::::parseFunctionDeclaration): (JSC::LabelInfo::LabelInfo): (JSC::::parseExpressionOrLabelStatement): (JSC::::parseAssignmentExpression): (JSC::::parseBinaryExpression): (JSC::::parseProperty): (JSC::::parseObjectLiteral): (JSC::::parsePrimaryExpression): (JSC::::parseMemberExpression): (JSC::::parseUnaryExpression): - Plumbed line, lineStart, startColumn through the above as needed. * parser/Parser.h: (JSC::Parser::next): (JSC::Parser::nextExpectIdentifier): (JSC::Parser::tokenStart): (JSC::Parser::tokenColumn): (JSC::Parser::tokenEnd): (JSC::Parser::tokenLineStart): (JSC::Parser::lastTokenLine): (JSC::Parser::lastTokenLineStart): (JSC::::parse): * parser/ParserTokens.h: (JSC::JSTokenLocation::JSTokenLocation): - Plumbed lineStart. (JSC::JSTokenLocation::lineStartPosition): (JSC::JSTokenLocation::startPosition): (JSC::JSTokenLocation::endPosition): * parser/SourceCode.h: (JSC::SourceCode::SourceCode): (JSC::SourceCode::startColumn): (JSC::makeSource): (JSC::SourceCode::subExpression): * parser/SourceProvider.cpp: delete old code. * parser/SourceProvider.h: delete old code. * parser/SourceProviderCacheItem.h: (JSC::SourceProviderCacheItem::closeBraceToken): (JSC::SourceProviderCacheItem::SourceProviderCacheItem): - Plumbed lineStart. * parser/SyntaxChecker.h: (JSC::SyntaxChecker::makeFunctionCallNode): (JSC::SyntaxChecker::makeAssignNode): (JSC::SyntaxChecker::makePrefixNode): (JSC::SyntaxChecker::makePostfixNode): (JSC::SyntaxChecker::makeDeleteNode): (JSC::SyntaxChecker::createResolve): (JSC::SyntaxChecker::createBracketAccess): (JSC::SyntaxChecker::createDotAccess): (JSC::SyntaxChecker::createRegExp): (JSC::SyntaxChecker::createNewExpr): (JSC::SyntaxChecker::createAssignResolve): (JSC::SyntaxChecker::createFunctionExpr): (JSC::SyntaxChecker::createFunctionBody): (JSC::SyntaxChecker::createFuncDeclStatement): (JSC::SyntaxChecker::createForInLoop): (JSC::SyntaxChecker::createReturnStatement): (JSC::SyntaxChecker::createBreakStatement): (JSC::SyntaxChecker::createContinueStatement): (JSC::SyntaxChecker::createWithStatement): (JSC::SyntaxChecker::createLabelStatement): (JSC::SyntaxChecker::createThrowStatement): (JSC::SyntaxChecker::createGetterOrSetterProperty): (JSC::SyntaxChecker::appendBinaryExpressionInfo): (JSC::SyntaxChecker::operatorStackPop): - Made SyntaxChecker prototype changes to match ASTBuilder due to new args added for plumbing line, lineStart, and startColumn. * runtime/CodeCache.cpp: (JSC::CodeCache::generateBytecode): (JSC::CodeCache::getCodeBlock): - Plumbed startColumn. * runtime/Executable.cpp: (JSC::FunctionExecutable::FunctionExecutable): (JSC::ProgramExecutable::compileInternal): (JSC::FunctionExecutable::produceCodeBlockFor): (JSC::FunctionExecutable::fromGlobalCode): - Plumbed startColumn. * runtime/Executable.h: (JSC::ScriptExecutable::startColumn): (JSC::ScriptExecutable::recordParse): (JSC::FunctionExecutable::create): - Plumbed startColumn. Source/WebCore: Test: fast/js/line-column-numbers.html Updated the bindings to use StackFrame::computeLineAndColumn(). The old StackFrame::line() and StackFrame::column() has been removed. The new algorithm always computes the 2 values together anyway. Hence it is more efficient to return them as a pair instead of doing the same computation twice for each half of the result. * bindings/js/ScriptCallStackFactory.cpp: (WebCore::createScriptCallStack): (WebCore::createScriptCallStackFromException): * bindings/js/ScriptSourceCode.h: (WebCore::ScriptSourceCode::ScriptSourceCode): LayoutTests: The fix now computes line and column numbers more accurately. As a result, some of the test results need to be re-baselined. Among other fixes, one major source of difference is that the old code was incorrectly computing 0-based column numbers. This has now been fixed to be 1-based. Note: line numbers were always 1-based. Also added a new test: fast/js/line-column-numbers.html, which tests line and column numbers for source code in various configurations. * editing/execCommand/outdent-blockquote-test1-expected.txt: * editing/execCommand/outdent-blockquote-test2-expected.txt: * editing/execCommand/outdent-blockquote-test3-expected.txt: * editing/execCommand/outdent-blockquote-test4-expected.txt: * editing/pasteboard/copy-paste-float-expected.txt: * editing/pasteboard/paste-blockquote-before-blockquote-expected.txt: * editing/pasteboard/paste-double-nested-blockquote-before-blockquote-expected.txt: * fast/dom/Window/window-resize-contents-expected.txt: * fast/events/remove-target-with-shadow-in-drag-expected.txt: * fast/js/line-column-numbers-expected.txt: Added. * fast/js/line-column-numbers.html: Added. * fast/js/script-tests/line-column-numbers.js: Added. (try.doThrow4b): (doThrow5b.try.innerFunc): (doThrow5b): (doThrow6b.try.innerFunc): (doThrow6b): (catch): (try.doThrow11b): (try.doThrow14b): * fast/js/stack-trace-expected.txt: * inspector/console/console-url-line-column-expected.txt: Canonical link: https://commits.webkit.org/136467@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@152494 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2013-07-09 16:15:12 +00:00
startOffset = info.startOffset;
endOffset = info.endOffset;
divot = info.divotPoint;
Adding UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn().. https://bugs.webkit.org/show_bug.cgi?id=127127. Reviewed by Geoffrey Garen. In order to implement bytecode level breakpoints, we need a mechanism for computing the best fit op_debug bytecode offset for any valid given line and column value in the source. The "best fit" op_debug bytecode in this case is defined below in the comment for UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn(). * GNUmakefile.list.am: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Convert the line and column to unlinked line and column values and pass them to UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn() to do the real work. * bytecode/CodeBlock.h: * bytecode/LineColumnInfo.h: Added. (JSC::LineColumnInfo::operator <): (JSC::LineColumnInfo::LineColumnPair::LineColumnPair): (JSC::LineColumnInfo::operator ==): (JSC::LineColumnInfo::operator !=): (JSC::LineColumnInfo::operator <=): (JSC::LineColumnInfo::operator >): (JSC::LineColumnInfo::operator >=): * bytecode/LineInfo.h: Removed. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::decodeExpressionRangeLineAndColumn): - Factored this out of expressionRangeForBytecodeOffset() so that it can be called from multiple places. (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::dumpExpressionRangeInfo): (JSC::UnlinkedCodeBlock::dumpOpDebugLineColumnInfoList): - Some dumpers for debugging use only. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): (JSC::UnlinkedCodeBlock::opDebugBytecodeOffsetForLineAndColumn): - Finds the earliest op_debug bytecode whose line and column matches the specified line and column values. If an exact match is not found, then finds the nearest op_debug bytecode that precedes the specified line and column values. If there are more than one op_debug at that preceding line and column value, then the earliest of those op_debug bytecodes will be be selected. The offset of the selected bytecode will be returned. We want the earliest one because when we have multiple op_debug bytecodes that map to a given line and column, a debugger user would expect to break on the first one and step through the rest thereafter if needed. (JSC::compareLineColumnInfo): (JSC::UnlinkedCodeBlock::opDebugLineColumnInfoList): - Creates the sorted opDebugLineColumnInfoList on demand. This list is stored in the UnlinkedCodeBlock's rareData. * bytecode/UnlinkedCodeBlock.h: Canonical link: https://commits.webkit.org/145215@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@162256 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2014-01-18 17:55:07 +00:00
getLineAndColumn(info, line, column);
}
Fix 30% JSBench regression (caused by adding column numbers to stack traces). https://bugs.webkit.org/show_bug.cgi?id=118481. Reviewed by Mark Hahnenberg and Geoffrey Garen. Source/JavaScriptCore: Previously, we already capture ExpressionRangeInfo that provides a divot for each bytecode that can potentially throw an exception (and therefore generate a stack trace). On first attempt to compute column numbers, we then do a walk of the source string to record all line start positions in a table associated with the SourceProvider. The column number can then be computed as divot - lineStartFor(bytecodeOffset). The computation of this lineStarts table is the source of the 30% JSBench performance regression. The new code now records lineStarts as the lexer and parser scans the source code. These lineStarts are then used to compute the column number for the given divot, and stored in the ExpressionRangeInfo. Similarly, we also capture the line number at the divot point and store that in the ExpressionRangeInfo. Hence, to look up line and column numbers, we now lookup the ExpressionRangeInfo for the bytecodeOffset, and then compute the line and column from the values stored in the expression info. The strategy: 1. We want to minimize perturbations to the lexer and parser. Specifically, the changes added should not change how it scans code, and generate bytecode. 2. We regard the divot as the source character position we are interested in. As such, we'll capture line and lineStart (for column) at the point when we capture the divot information. This ensures that the 3 values are consistent. How the change is done: 1. Change the lexer to track lineStarts. 2. Change the parser to capture line and lineStarts at the point of capturing divots. 3. Change the parser and associated code to plumb these values all the way to the point that the correspoinding ExpressionRangeInfo is emitted. 4. Propagate and record SourceCode firstLine and firstLineColumnOffset to the the necessary places so that we can add them as needed when reifying UnlinkedCodeBlocks into CodeBlocks. 5. Compress the line and column number values in the ExpressionRangeInfo. In practice, we seldom have both large line and column numbers. Hence, we can encode both in an uint32_t most of the time. For the times when we encounter both large line and column numbers, we have a fallback to store the "fat" position info. 6. Emit an ExpressionRangeInfo for UnaryOp nodes to get more line and column number coverage. 7. Change the interpreter to use the new way of computing line and column. 8. Delete old line and column computation code that is now unused. Misc details: - the old lexer was tracking both a startOffset and charPosition where charPosition equals startOffset - SourceCode.startOffset. We now use startOffset exclusively throughout the system for consistency. All offset values (including lineStart) are relative to the start of the SourceProvider string. These values will only be converted to be relative to the SourceCode.startOffset at the very last minute i.e. when the divot is stored into the ExpressionRangeInfo. This change to use the same offset system everywhere reduces confusion from having to convert back and forth between the 2 systems. It also enables a lot of assertions to be used. - Also fixed some bugs in the choice of divot positions to use. For example, both Eval and Function expressions previously used column numbers from the start of the expression but used the line number at the end of the expression. This is now fixed to use either the start or end positions as appropriate, but not a mix of line and columns from both. - Why use ints instead of unsigneds for offsets and lineStarts inside the lexer and parser? Some tests (e.g. fast/js/call-base-resolution.html and fast/js/eval-cross-window.html) has shown that lineStart offsets can be prior to the SourceCode.startOffset. Keeping the lexer offsets as ints simplifies computations and makes it easier to maintain the assertions that (startOffset >= lineStartOffset). However, column and line numbers are always unsigned when we publish them to the ExpressionRangeInfo. The ints are only used inside the lexer and parser ... well, and bytecode generator. - For all cases, lineStart is always captured where the divot is captured. However, some sputnik conformance tests have shown that we cannot honor line breaks for assignment statements like the following: eval("x\u000A*=\u000A-1;"); In this case, the lineStart is expected to be captured at the start of the assignment expression instead of at the divot point in the middle. The assignment expression is the only special case for this. This patch has been tested against the full layout tests both with release and debug builds with no regression. * API/JSContextRef.cpp: (JSContextCreateBacktrace): - Updated to use the new StackFrame::computeLineAndColumn(). * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): - Added m_firstLineColumnOffset initialization. - Plumbed the firstLineColumnOffset into the SourceCode. - Initialized column for op_debug using the new way. (JSC::CodeBlock::lineNumberForBytecodeOffset): - Changed to compute line number using the ExpressionRangeInfo. (JSC::CodeBlock::columnNumberForBytecodeOffset): Added - Changed to compute column number using the ExpressionRangeInfo. (JSC::CodeBlock::expressionRangeForBytecodeOffset): * bytecode/CodeBlock.h: (JSC::CodeBlock::firstLineColumnOffset): (JSC::GlobalCodeBlock::GlobalCodeBlock): - Plumbed firstLineColumnOffset through to the super class. (JSC::ProgramCodeBlock::ProgramCodeBlock): - Plumbed firstLineColumnOffset through to the super class. (JSC::EvalCodeBlock::EvalCodeBlock): - Plumbed firstLineColumnOffset through to the super class. But for EvalCodeBlocks, the firstLineColumnOffset is always 1 because we're starting with a new source string with no start offset. (JSC::FunctionCodeBlock::FunctionCodeBlock): - Plumbed firstLineColumnOffset through to the super class. * bytecode/ExpressionRangeInfo.h: - Added modes for encoding line and column into a single 30-bit unsigned. The encoding is in 1 of 3 modes: 1. FatLineMode: 22-bit line, 8-bit column 2. FatColumnMode: 8-bit line, 22-bit column 3. FatLineAndColumnMode: 32-bit line, 32-bit column (JSC::ExpressionRangeInfo::encodeFatLineMode): Added. - Encodes line and column into the 30-bit position using FatLine mode. (JSC::ExpressionRangeInfo::encodeFatColumnMode): Added. - Encodes line and column into the 30-bit position using FatColumn mode. (JSC::ExpressionRangeInfo::decodeFatLineMode): Added. - Decodes the FatLine mode 30-bit position into line and column. (JSC::ExpressionRangeInfo::decodeFatColumnMode): Added. - Decodes the FatColumn mode 30-bit position into line and column. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): - Plumbed startColumn through. (JSC::UnlinkedFunctionExecutable::link): - Plumbed startColumn through. (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): - Computes a line number using the new way. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): - Added decoding of line and column. - Added handling of the case when we do not find a fitting expression range info for a specified bytecodeOffset. This only happens if the bytecodeOffset is below the first expression range info. In that case, we'll use the first expression range info entry. (JSC::UnlinkedCodeBlock::addExpressionInfo): - Added encoding of line and column. * bytecode/UnlinkedCodeBlock.h: - Added m_expressionInfoFatPositions in RareData. (JSC::UnlinkedFunctionExecutable::functionStartColumn): (JSC::UnlinkedCodeBlock::shrinkToFit): - Removed obsoleted m_lineInfo. * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitCall): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitCallEval): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitCallVarargs): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitConstruct): Plumbed line and lineStart through. (JSC::BytecodeGenerator::emitDebugHook): Plumbed lineStart through. * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::emitNode): (JSC::BytecodeGenerator::emitNodeInConditionContext): - Removed obsoleted m_lineInfo. (JSC::BytecodeGenerator::emitExpressionInfo): - Plumbed line and lineStart through. - Compute the line and column to be added to the expression range info. * bytecompiler/NodesCodegen.cpp: (JSC::ThrowableExpressionData::emitThrowReferenceError): (JSC::ResolveNode::emitBytecode): (JSC::ArrayNode::toArgumentList): (JSC::BracketAccessorNode::emitBytecode): (JSC::DotAccessorNode::emitBytecode): (JSC::NewExprNode::emitBytecode): (JSC::EvalFunctionCallNode::emitBytecode): (JSC::FunctionCallValueNode::emitBytecode): (JSC::FunctionCallResolveNode::emitBytecode): (JSC::FunctionCallBracketNode::emitBytecode): (JSC::FunctionCallDotNode::emitBytecode): (JSC::CallFunctionCallDotNode::emitBytecode): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::PostfixNode::emitResolve): (JSC::PostfixNode::emitBracket): (JSC::PostfixNode::emitDot): (JSC::DeleteResolveNode::emitBytecode): (JSC::DeleteBracketNode::emitBytecode): (JSC::DeleteDotNode::emitBytecode): (JSC::PrefixNode::emitResolve): (JSC::PrefixNode::emitBracket): (JSC::PrefixNode::emitDot): - Plumbed line and lineStart through the above as needed. (JSC::UnaryOpNode::emitBytecode): - Added emission of an ExpressionRangeInfo for the UnaryOp node. (JSC::BinaryOpNode::emitStrcat): (JSC::ThrowableBinaryOpNode::emitBytecode): (JSC::InstanceOfNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ReadModifyResolveNode::emitBytecode): (JSC::AssignResolveNode::emitBytecode): (JSC::AssignDotNode::emitBytecode): (JSC::ReadModifyDotNode::emitBytecode): (JSC::AssignBracketNode::emitBytecode): (JSC::ReadModifyBracketNode::emitBytecode): - Plumbed line and lineStart through the above as needed. (JSC::ConstStatementNode::emitBytecode): (JSC::EmptyStatementNode::emitBytecode): (JSC::DebuggerStatementNode::emitBytecode): (JSC::ExprStatementNode::emitBytecode): (JSC::VarStatementNode::emitBytecode): (JSC::IfElseNode::emitBytecode): (JSC::DoWhileNode::emitBytecode): (JSC::WhileNode::emitBytecode): (JSC::ForNode::emitBytecode): (JSC::ForInNode::emitBytecode): (JSC::ContinueNode::emitBytecode): (JSC::BreakNode::emitBytecode): (JSC::ReturnNode::emitBytecode): (JSC::WithNode::emitBytecode): (JSC::SwitchNode::emitBytecode): (JSC::LabelNode::emitBytecode): (JSC::ThrowNode::emitBytecode): (JSC::TryNode::emitBytecode): (JSC::ProgramNode::emitBytecode): (JSC::EvalNode::emitBytecode): (JSC::FunctionBodyNode::emitBytecode): - Plumbed line and lineStart through the above as needed. * interpreter/Interpreter.cpp: (JSC::appendSourceToError): - Added line and column arguments for expressionRangeForBytecodeOffset(). (JSC::StackFrame::computeLineAndColumn): - Replaces StackFrame::line() and StackFrame::column(). (JSC::StackFrame::expressionInfo): - Added line and column arguments. (JSC::StackFrame::toString): - Changed to use the new StackFrame::computeLineAndColumn(). (JSC::Interpreter::getStackTrace): - Added the needed firstLineColumnOffset arg for the StackFrame. * interpreter/Interpreter.h: * parser/ASTBuilder.h: (JSC::ASTBuilder::BinaryOpInfo::BinaryOpInfo): (JSC::ASTBuilder::AssignmentInfo::AssignmentInfo): (JSC::ASTBuilder::createResolve): (JSC::ASTBuilder::createBracketAccess): (JSC::ASTBuilder::createDotAccess): (JSC::ASTBuilder::createRegExp): (JSC::ASTBuilder::createNewExpr): (JSC::ASTBuilder::createAssignResolve): (JSC::ASTBuilder::createFunctionExpr): (JSC::ASTBuilder::createFunctionBody): (JSC::ASTBuilder::createGetterOrSetterProperty): (JSC::ASTBuilder::createFuncDeclStatement): (JSC::ASTBuilder::createBlockStatement): (JSC::ASTBuilder::createExprStatement): (JSC::ASTBuilder::createIfStatement): (JSC::ASTBuilder::createForLoop): (JSC::ASTBuilder::createForInLoop): (JSC::ASTBuilder::createVarStatement): (JSC::ASTBuilder::createReturnStatement): (JSC::ASTBuilder::createBreakStatement): (JSC::ASTBuilder::createContinueStatement): (JSC::ASTBuilder::createTryStatement): (JSC::ASTBuilder::createSwitchStatement): (JSC::ASTBuilder::createWhileStatement): (JSC::ASTBuilder::createDoWhileStatement): (JSC::ASTBuilder::createLabelStatement): (JSC::ASTBuilder::createWithStatement): (JSC::ASTBuilder::createThrowStatement): (JSC::ASTBuilder::createDebugger): (JSC::ASTBuilder::createConstStatement): (JSC::ASTBuilder::appendBinaryExpressionInfo): (JSC::ASTBuilder::appendUnaryToken): (JSC::ASTBuilder::unaryTokenStackLastStart): (JSC::ASTBuilder::unaryTokenStackLastLineStartPosition): Added. (JSC::ASTBuilder::assignmentStackAppend): (JSC::ASTBuilder::createAssignment): (JSC::ASTBuilder::setExceptionLocation): (JSC::ASTBuilder::makeDeleteNode): (JSC::ASTBuilder::makeFunctionCallNode): (JSC::ASTBuilder::makeBinaryNode): (JSC::ASTBuilder::makeAssignNode): (JSC::ASTBuilder::makePrefixNode): (JSC::ASTBuilder::makePostfixNode):. - Plumbed line, lineStart, and startColumn through the above as needed. * parser/Lexer.cpp: (JSC::::currentSourcePtr): (JSC::::setCode): - Added tracking for sourceoffset and lineStart. (JSC::::internalShift): (JSC::::parseIdentifier): - Added tracking for lineStart. (JSC::::parseIdentifierSlowCase): (JSC::::parseString): - Added tracking for lineStart. (JSC::::parseStringSlowCase): (JSC::::lex): - Added tracking for sourceoffset. (JSC::::sourceCode): * parser/Lexer.h: (JSC::Lexer::currentOffset): (JSC::Lexer::currentLineStartOffset): (JSC::Lexer::setOffset): - Added tracking for lineStart. (JSC::Lexer::offsetFromSourcePtr): Added. conversion function. (JSC::Lexer::sourcePtrFromOffset): Added. conversion function. (JSC::Lexer::setOffsetFromSourcePtr): (JSC::::lexExpectIdentifier): - Added tracking for sourceoffset and lineStart. * parser/NodeConstructors.h: (JSC::Node::Node): (JSC::ResolveNode::ResolveNode): (JSC::EvalFunctionCallNode::EvalFunctionCallNode): (JSC::FunctionCallValueNode::FunctionCallValueNode): (JSC::FunctionCallResolveNode::FunctionCallResolveNode): (JSC::FunctionCallBracketNode::FunctionCallBracketNode): (JSC::FunctionCallDotNode::FunctionCallDotNode): (JSC::CallFunctionCallDotNode::CallFunctionCallDotNode): (JSC::ApplyFunctionCallDotNode::ApplyFunctionCallDotNode): (JSC::PostfixNode::PostfixNode): (JSC::DeleteResolveNode::DeleteResolveNode): (JSC::DeleteBracketNode::DeleteBracketNode): (JSC::DeleteDotNode::DeleteDotNode): (JSC::PrefixNode::PrefixNode): (JSC::ReadModifyResolveNode::ReadModifyResolveNode): (JSC::ReadModifyBracketNode::ReadModifyBracketNode): (JSC::AssignBracketNode::AssignBracketNode): (JSC::AssignDotNode::AssignDotNode): (JSC::ReadModifyDotNode::ReadModifyDotNode): (JSC::AssignErrorNode::AssignErrorNode): (JSC::WithNode::WithNode): (JSC::ForInNode::ForInNode): - Plumbed line and lineStart through the above as needed. * parser/Nodes.cpp: (JSC::StatementNode::setLoc): Plumbed lineStart. (JSC::ScopeNode::ScopeNode): Plumbed lineStart. (JSC::ProgramNode::ProgramNode): Plumbed startColumn. (JSC::ProgramNode::create): Plumbed startColumn. (JSC::EvalNode::create): (JSC::FunctionBodyNode::FunctionBodyNode): Plumbed startColumn. (JSC::FunctionBodyNode::create): Plumbed startColumn. * parser/Nodes.h: (JSC::Node::startOffset): (JSC::Node::lineStartOffset): Added. (JSC::StatementNode::firstLine): (JSC::StatementNode::lastLine): (JSC::ThrowableExpressionData::ThrowableExpressionData): (JSC::ThrowableExpressionData::setExceptionSourceCode): (JSC::ThrowableExpressionData::divotStartOffset): (JSC::ThrowableExpressionData::divotEndOffset): (JSC::ThrowableExpressionData::divotLine): (JSC::ThrowableExpressionData::divotLineStart): (JSC::ThrowableSubExpressionData::ThrowableSubExpressionData): (JSC::ThrowableSubExpressionData::setSubexpressionInfo): (JSC::ThrowableSubExpressionData::subexpressionDivot): (JSC::ThrowableSubExpressionData::subexpressionStartOffset): (JSC::ThrowableSubExpressionData::subexpressionEndOffset): (JSC::ThrowableSubExpressionData::subexpressionLine): (JSC::ThrowableSubExpressionData::subexpressionLineStart): (JSC::ThrowablePrefixedSubExpressionData::ThrowablePrefixedSubExpressionData): (JSC::ThrowablePrefixedSubExpressionData::setSubexpressionInfo): (JSC::ThrowablePrefixedSubExpressionData::subexpressionDivot): (JSC::ThrowablePrefixedSubExpressionData::subexpressionStartOffset): (JSC::ThrowablePrefixedSubExpressionData::subexpressionEndOffset): (JSC::ThrowablePrefixedSubExpressionData::subexpressionLine): (JSC::ThrowablePrefixedSubExpressionData::subexpressionLineStart): (JSC::ScopeNode::startStartOffset): (JSC::ScopeNode::startLineStartOffset): (JSC::ProgramNode::startColumn): (JSC::EvalNode::startColumn): (JSC::FunctionBodyNode::startColumn): - Plumbed line and lineStart through the above as needed. * parser/Parser.cpp: (JSC::::Parser): (JSC::::parseSourceElements): (JSC::::parseVarDeclarationList): (JSC::::parseConstDeclarationList): (JSC::::parseForStatement): (JSC::::parseBreakStatement): (JSC::::parseContinueStatement): (JSC::::parseReturnStatement): (JSC::::parseThrowStatement): (JSC::::parseWithStatement): - Plumbed line and lineStart through the above as needed. (JSC::::parseFunctionBody): - Plumbed startColumn. (JSC::::parseFunctionInfo): (JSC::::parseFunctionDeclaration): (JSC::LabelInfo::LabelInfo): (JSC::::parseExpressionOrLabelStatement): (JSC::::parseAssignmentExpression): (JSC::::parseBinaryExpression): (JSC::::parseProperty): (JSC::::parseObjectLiteral): (JSC::::parsePrimaryExpression): (JSC::::parseMemberExpression): (JSC::::parseUnaryExpression): - Plumbed line, lineStart, startColumn through the above as needed. * parser/Parser.h: (JSC::Parser::next): (JSC::Parser::nextExpectIdentifier): (JSC::Parser::tokenStart): (JSC::Parser::tokenColumn): (JSC::Parser::tokenEnd): (JSC::Parser::tokenLineStart): (JSC::Parser::lastTokenLine): (JSC::Parser::lastTokenLineStart): (JSC::::parse): * parser/ParserTokens.h: (JSC::JSTokenLocation::JSTokenLocation): - Plumbed lineStart. (JSC::JSTokenLocation::lineStartPosition): (JSC::JSTokenLocation::startPosition): (JSC::JSTokenLocation::endPosition): * parser/SourceCode.h: (JSC::SourceCode::SourceCode): (JSC::SourceCode::startColumn): (JSC::makeSource): (JSC::SourceCode::subExpression): * parser/SourceProvider.cpp: delete old code. * parser/SourceProvider.h: delete old code. * parser/SourceProviderCacheItem.h: (JSC::SourceProviderCacheItem::closeBraceToken): (JSC::SourceProviderCacheItem::SourceProviderCacheItem): - Plumbed lineStart. * parser/SyntaxChecker.h: (JSC::SyntaxChecker::makeFunctionCallNode): (JSC::SyntaxChecker::makeAssignNode): (JSC::SyntaxChecker::makePrefixNode): (JSC::SyntaxChecker::makePostfixNode): (JSC::SyntaxChecker::makeDeleteNode): (JSC::SyntaxChecker::createResolve): (JSC::SyntaxChecker::createBracketAccess): (JSC::SyntaxChecker::createDotAccess): (JSC::SyntaxChecker::createRegExp): (JSC::SyntaxChecker::createNewExpr): (JSC::SyntaxChecker::createAssignResolve): (JSC::SyntaxChecker::createFunctionExpr): (JSC::SyntaxChecker::createFunctionBody): (JSC::SyntaxChecker::createFuncDeclStatement): (JSC::SyntaxChecker::createForInLoop): (JSC::SyntaxChecker::createReturnStatement): (JSC::SyntaxChecker::createBreakStatement): (JSC::SyntaxChecker::createContinueStatement): (JSC::SyntaxChecker::createWithStatement): (JSC::SyntaxChecker::createLabelStatement): (JSC::SyntaxChecker::createThrowStatement): (JSC::SyntaxChecker::createGetterOrSetterProperty): (JSC::SyntaxChecker::appendBinaryExpressionInfo): (JSC::SyntaxChecker::operatorStackPop): - Made SyntaxChecker prototype changes to match ASTBuilder due to new args added for plumbing line, lineStart, and startColumn. * runtime/CodeCache.cpp: (JSC::CodeCache::generateBytecode): (JSC::CodeCache::getCodeBlock): - Plumbed startColumn. * runtime/Executable.cpp: (JSC::FunctionExecutable::FunctionExecutable): (JSC::ProgramExecutable::compileInternal): (JSC::FunctionExecutable::produceCodeBlockFor): (JSC::FunctionExecutable::fromGlobalCode): - Plumbed startColumn. * runtime/Executable.h: (JSC::ScriptExecutable::startColumn): (JSC::ScriptExecutable::recordParse): (JSC::FunctionExecutable::create): - Plumbed startColumn. Source/WebCore: Test: fast/js/line-column-numbers.html Updated the bindings to use StackFrame::computeLineAndColumn(). The old StackFrame::line() and StackFrame::column() has been removed. The new algorithm always computes the 2 values together anyway. Hence it is more efficient to return them as a pair instead of doing the same computation twice for each half of the result. * bindings/js/ScriptCallStackFactory.cpp: (WebCore::createScriptCallStack): (WebCore::createScriptCallStackFromException): * bindings/js/ScriptSourceCode.h: (WebCore::ScriptSourceCode::ScriptSourceCode): LayoutTests: The fix now computes line and column numbers more accurately. As a result, some of the test results need to be re-baselined. Among other fixes, one major source of difference is that the old code was incorrectly computing 0-based column numbers. This has now been fixed to be 1-based. Note: line numbers were always 1-based. Also added a new test: fast/js/line-column-numbers.html, which tests line and column numbers for source code in various configurations. * editing/execCommand/outdent-blockquote-test1-expected.txt: * editing/execCommand/outdent-blockquote-test2-expected.txt: * editing/execCommand/outdent-blockquote-test3-expected.txt: * editing/execCommand/outdent-blockquote-test4-expected.txt: * editing/pasteboard/copy-paste-float-expected.txt: * editing/pasteboard/paste-blockquote-before-blockquote-expected.txt: * editing/pasteboard/paste-double-nested-blockquote-before-blockquote-expected.txt: * fast/dom/Window/window-resize-contents-expected.txt: * fast/events/remove-target-with-shadow-in-drag-expected.txt: * fast/js/line-column-numbers-expected.txt: Added. * fast/js/line-column-numbers.html: Added. * fast/js/script-tests/line-column-numbers.js: Added. (try.doThrow4b): (doThrow5b.try.innerFunc): (doThrow5b): (doThrow6b.try.innerFunc): (doThrow6b): (catch): (try.doThrow11b): (try.doThrow14b): * fast/js/stack-trace-expected.txt: * inspector/console/console-url-line-column-expected.txt: Canonical link: https://commits.webkit.org/136467@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@152494 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2013-07-09 16:15:12 +00:00
Rename HighFidelityTypeProfiling variables for more clarity https://bugs.webkit.org/show_bug.cgi?id=135899 Patch by Saam Barati <sbarati@apple.com> on 2014-08-20 Reviewed by Geoffrey Garen. Source/JavaScriptCore: Many names that are used in the type profiling infrastructure prefix themselves with "HighFidelity" or include the words "high" and/or "fidelity" in some way. But the words "high" and "fidelity" don't add anything descriptive to the names surrounding type profiling. So this patch removes all uses of "HighFidelity" and its variants. Most renamings change "HighFidelity*" to "TypeProfiler*" or simply drop the prefix "HighFidelity" all together. Now, almost all names in relation to type profiling contain in them "TypeProfiler" or "TypeProfiling" or some combination of the words "type" and "profile". This patch also changes how we check if type profiling is enabled: We no longer call vm::isProfilingTypesWithHighFidelity. We now just check that vm::typeProfiler is not null. This patch also changes all calls to TypeProfilerLog::processLogEntries to use ASCIILiteral to form WTFStrings instead of vanilla C string literals. * CMakeLists.txt: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj.filters: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/BytecodeList.json: * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): * bytecode/TypeLocation.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable): (JSC::UnlinkedCodeBlock::typeProfilerExpressionInfoForBytecodeOffset): (JSC::UnlinkedCodeBlock::addTypeProfilerExpressionInfo): (JSC::UnlinkedCodeBlock::highFidelityTypeProfileExpressionInfoForBytecodeOffset): Deleted. (JSC::UnlinkedCodeBlock::addHighFidelityTypeProfileExpressionInfo): Deleted. * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedFunctionExecutable::typeProfilingStartOffset): (JSC::UnlinkedFunctionExecutable::typeProfilingEndOffset): (JSC::UnlinkedFunctionExecutable::highFidelityTypeProfilingStartOffset): Deleted. (JSC::UnlinkedFunctionExecutable::highFidelityTypeProfilingEndOffset): Deleted. * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitTypeProfilerExpressionInfo): (JSC::BytecodeGenerator::emitProfileType): (JSC::BytecodeGenerator::emitHighFidelityTypeProfilingExpressionInfo): Deleted. (JSC::BytecodeGenerator::emitProfileTypesWithHighFidelity): Deleted. * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::isProfilingTypesWithHighFidelity): Deleted. * bytecompiler/NodesCodegen.cpp: (JSC::ThisNode::emitBytecode): (JSC::ResolveNode::emitBytecode): (JSC::BracketAccessorNode::emitBytecode): (JSC::DotAccessorNode::emitBytecode): (JSC::FunctionCallValueNode::emitBytecode): (JSC::FunctionCallResolveNode::emitBytecode): (JSC::FunctionCallBracketNode::emitBytecode): (JSC::FunctionCallDotNode::emitBytecode): (JSC::CallFunctionCallDotNode::emitBytecode): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::PostfixNode::emitResolve): (JSC::PostfixNode::emitBracket): (JSC::PostfixNode::emitDot): (JSC::PrefixNode::emitResolve): (JSC::PrefixNode::emitBracket): (JSC::PrefixNode::emitDot): (JSC::ReadModifyResolveNode::emitBytecode): (JSC::AssignResolveNode::emitBytecode): (JSC::AssignDotNode::emitBytecode): (JSC::ReadModifyDotNode::emitBytecode): (JSC::AssignBracketNode::emitBytecode): (JSC::ReadModifyBracketNode::emitBytecode): (JSC::ConstDeclNode::emitCodeSingle): (JSC::EmptyVarExpression::emitBytecode): (JSC::ReturnNode::emitBytecode): (JSC::FunctionBodyNode::emitBytecode): * heap/Heap.cpp: (JSC::Heap::collect): * inspector/agents/InspectorRuntimeAgent.cpp: (Inspector::InspectorRuntimeAgent::getRuntimeTypesForVariablesAtOffsets): (Inspector::recompileAllJSFunctionsForTypeProfiling): (Inspector::InspectorRuntimeAgent::willDestroyFrontendAndBackend): (Inspector::InspectorRuntimeAgent::enableTypeProfiler): (Inspector::InspectorRuntimeAgent::disableTypeProfiler): (Inspector::InspectorRuntimeAgent::setTypeProfilerEnabledState): (Inspector::InspectorRuntimeAgent::enableHighFidelityTypeProfiling): Deleted. (Inspector::InspectorRuntimeAgent::disableHighFidelityTypeProfiling): Deleted. (Inspector::InspectorRuntimeAgent::setHighFidelityTypeProfilingEnabledState): Deleted. * inspector/agents/InspectorRuntimeAgent.h: * inspector/protocol/Runtime.json: * jit/JIT.cpp: (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompile): * jit/JIT.h: * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_profile_types_with_high_fidelity): Deleted. * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_profile_types_with_high_fidelity): Deleted. * jit/JITOperations.cpp: * jsc.cpp: (functionDumpTypesForAllVariables): * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * runtime/CodeCache.cpp: (JSC::CodeCache::getGlobalCodeBlock): * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): * runtime/CommonSlowPaths.h: * runtime/Executable.cpp: (JSC::ScriptExecutable::ScriptExecutable): (JSC::ProgramExecutable::ProgramExecutable): (JSC::FunctionExecutable::FunctionExecutable): (JSC::ProgramExecutable::initializeGlobalProperties): * runtime/Executable.h: (JSC::ScriptExecutable::typeProfilingStartOffset): (JSC::ScriptExecutable::typeProfilingEndOffset): (JSC::ScriptExecutable::highFidelityTypeProfilingStartOffset): Deleted. (JSC::ScriptExecutable::highFidelityTypeProfilingEndOffset): Deleted. * runtime/HighFidelityLog.cpp: Removed. * runtime/HighFidelityLog.h: Removed. * runtime/HighFidelityTypeProfiler.cpp: Removed. * runtime/HighFidelityTypeProfiler.h: Removed. * runtime/Options.h: * runtime/SymbolTable.cpp: (JSC::SymbolTable::prepareForTypeProfiling): (JSC::SymbolTable::uniqueIDForVariable): (JSC::SymbolTable::uniqueIDForRegister): (JSC::SymbolTable::prepareForHighFidelityTypeProfiling): Deleted. * runtime/SymbolTable.h: * runtime/TypeProfiler.cpp: Added. (JSC::TypeProfiler::logTypesForTypeLocation): (JSC::TypeProfiler::insertNewLocation): (JSC::TypeProfiler::getTypesForVariableAtOffsetForInspector): (JSC::descriptorMatchesTypeLocation): (JSC::TypeProfiler::findLocation): * runtime/TypeProfiler.h: Added. (JSC::QueryKey::QueryKey): (JSC::QueryKey::isHashTableDeletedValue): (JSC::QueryKey::operator==): (JSC::QueryKey::hash): (JSC::QueryKeyHash::hash): (JSC::QueryKeyHash::equal): (JSC::TypeProfiler::functionHasExecutedCache): (JSC::TypeProfiler::typeLocationCache): * runtime/TypeProfilerLog.cpp: Added. (JSC::TypeProfilerLog::initializeLog): (JSC::TypeProfilerLog::~TypeProfilerLog): (JSC::TypeProfilerLog::processLogEntries): * runtime/TypeProfilerLog.h: Added. (JSC::TypeProfilerLog::LogEntry::structureIDOffset): (JSC::TypeProfilerLog::LogEntry::valueOffset): (JSC::TypeProfilerLog::LogEntry::locationOffset): (JSC::TypeProfilerLog::TypeProfilerLog): (JSC::TypeProfilerLog::recordTypeInformationForLocation): (JSC::TypeProfilerLog::logEndPtr): (JSC::TypeProfilerLog::logStartOffset): (JSC::TypeProfilerLog::currentLogEntryOffset): * runtime/VM.cpp: (JSC::VM::VM): (JSC::VM::enableTypeProfiler): (JSC::VM::disableTypeProfiler): (JSC::VM::dumpTypeProfilerData): (JSC::VM::enableHighFidelityTypeProfiling): Deleted. (JSC::VM::disableHighFidelityTypeProfiling): Deleted. (JSC::VM::dumpHighFidelityProfilingTypes): Deleted. * runtime/VM.h: (JSC::VM::typeProfilerLog): (JSC::VM::typeProfiler): (JSC::VM::isProfilingTypesWithHighFidelity): Deleted. (JSC::VM::highFidelityLog): Deleted. (JSC::VM::highFidelityTypeProfiler): Deleted. Source/WebInspectorUI: Change a reference in a comment to a JavaScriptCore file to its newly renamed variant. * UserInterface/Models/ScriptSyntaxTree.js: Canonical link: https://commits.webkit.org/153959@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@172820 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2014-08-21 01:03:20 +00:00
bool UnlinkedCodeBlock::typeProfilerExpressionInfoForBytecodeOffset(unsigned bytecodeOffset, unsigned& startDivot, unsigned& endDivot)
Merge r170564, r170571, r170604, r170628, r170672, r170680, r170724, r170728, r170729, r170819, r170821, r170836, r170855, r170860, r170890, r170907, r170929, r171052, r171106, r171152, r171153, r171214 from ftlopt. Source/JavaScriptCore: This part of the merge delivers roughly a 2% across-the-board performance improvement, mostly due to immutable property inference and DFG-side GCSE. It also almost completely resolves accessor performance issues; in the common case the DFG will compile a getter/setter access into code that is just as efficient as a normal property access. Another major highlight of this part of the merge is the work to add a type profiler to the inspector. This work is still on-going but this greatly increases coverage. Note that this merge fixes a minor bug in the GetterSetter refactoring from http://trac.webkit.org/changeset/170729 (https://bugs.webkit.org/show_bug.cgi?id=134518). It also adds a new tests to tests/stress to cover that bug. That bug was previously only covered by layout tests. 2014-07-17 Filip Pizlo <fpizlo@apple.com> [ftlopt] DFG Flush(SetLocal) store elimination is overzealous for captured variables in the presence of nodes that have no effects but may throw (merge trunk r171190) https://bugs.webkit.org/show_bug.cgi?id=135019 Reviewed by Oliver Hunt. Behaviorally, this is just a merge of trunk r171190, except that the relevant functionality has moved to StrengthReductionPhase and is written in a different style. Same algorithm, different code. * dfg/DFGNodeType.h: * dfg/DFGStrengthReductionPhase.cpp: (JSC::DFG::StrengthReductionPhase::handleNode): * tests/stress/capture-escape-and-throw.js: Added. (foo.f): (foo): * tests/stress/new-array-with-size-throw-exception-and-tear-off-arguments.js: Added. (foo): (bar): 2014-07-15 Filip Pizlo <fpizlo@apple.com> [ftlopt] Constant fold GetGetter and GetSetter if the GetterSetter is a constant https://bugs.webkit.org/show_bug.cgi?id=134962 Reviewed by Oliver Hunt. This removes yet another steady-state-throughput implication of using getters and setters: if your accessor call is monomorphic then you'll just get a structure check, nothing more. No more loads to get to the GetterSetter object or the accessor function object. * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): * runtime/GetterSetter.h: (JSC::GetterSetter::getterConcurrently): (JSC::GetterSetter::setGetter): (JSC::GetterSetter::setterConcurrently): (JSC::GetterSetter::setSetter): 2014-07-15 Filip Pizlo <fpizlo@apple.com> [ftlopt] Identity replacement in CSE shouldn't create a Phantom over the Identity's children https://bugs.webkit.org/show_bug.cgi?id=134893 Reviewed by Oliver Hunt. Replace Identity with Check instead of Phantom. Phantom means that the child of the Identity should be unconditionally live. The liveness semantics of Identity are such that if the parents of Identity are live then the child is live. Removing the Identity entirely preserves such liveness semantics. So, the only thing that should be left behind is the type check on the child, which is what Check means: do the check but don't keep the child alive if the check isn't needed. * dfg/DFGCSEPhase.cpp: * dfg/DFGNode.h: (JSC::DFG::Node::convertToCheck): 2014-07-13 Filip Pizlo <fpizlo@apple.com> [ftlopt] DFG should be able to do GCSE in SSA and this should be unified with the CSE in CPS, and both of these things should use abstract heaps for reasoning about effects https://bugs.webkit.org/show_bug.cgi?id=134677 Reviewed by Sam Weinig. This removes the old local CSE phase, which was based on manually written backward-search rules for all of the different kinds of things we cared about, and adds a new local/global CSE (local for CPS and global for SSA) that leaves the node semantics almost entirely up to clobberize(). Thus, the CSE phase itself just worries about the algorithms and data structures used for storing sets of available values. This results in a large reduction in code size in CSEPhase.cpp while greatly increasing the phase's power (since it now does global CSE) and reducing compile time (since local CSE is now rewritten to use smarter data structures). Even though LLVM was already running GVN, the extra GCSE at DFG IR level means that this is a significant (~0.7%) throughput improvement. This work is based on the concept of "def" to clobberize(). If clobberize() calls def(), it means that the node being analyzed makes available some value in some DFG node, and that future attempts to compute that value can simply use that node. In other words, it establishes an available value mapping of the form value=>node. There are two kinds of values that can be passed to def(): PureValue. This captures everything needed to determine whether two pure nodes - nodes that neither read nor write, and produce a value that is a CSE candidate - are identical. It carries the NodeType, an AdjacencyList, and one word of meta-data. The meta-data is usually used for things like the arithmetic mode or constant pointer. Passing a PureValue to def() means that the node produces a value that is valid anywhere that the node dominates. HeapLocation. This describes a location in the heap that could be written to or read from. Both stores and loads can def() a HeapLocation. HeapLocation carries around an abstract heap that both serves as part of the "name" of the heap location (together with the other fields of HeapLocation) and also tells us what write()'s to watch for. If someone write()'s to an abstract heap that overlaps the heap associated with the HeapLocation, then it means that the values for that location are no longer available. This approach is sufficiently clever that the CSEPhase itself can focus on the mechanism of tracking the PureValue=>node and HeapLocation=>node maps, without having to worry about interpreting the semantics of different DFG node types - that is now almost entirely in clobberize(). The only things we special-case inside CSEPhase are the Identity node, which CSE is traditionally responsible for eliminating even though it has nothing to do with CSE, and the LocalCSE rule for turning PutByVal into PutByValAlias. This is a slight Octane, SunSpider, and Kraken speed-up - all somewhere arond 0.7% . It's not a bigger win because LLVM was already giving us most of what we needed in its GVN. Also, the SunSpider speed-up isn't from GCSE as much as it's a clean-up of local CSE - that is no longer O(n^2). Basically this is purely good: it reduces the amount of LLVM IR we generate, it removes the old CSE's heap modeling (which was a constant source of bugs), and it improves both the quality of the code we generate and the speed with which we generate it. Also, any future optimizations that depend on GCSE will now be easier to implement. During the development of this patch I also rationalized some other stuff, like Graph's ordered traversals - we now have preorder and postorder rather than just "depth first". * CMakeLists.txt: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.xcodeproj/project.pbxproj: * dfg/DFGAbstractHeap.h: * dfg/DFGAdjacencyList.h: (JSC::DFG::AdjacencyList::hash): (JSC::DFG::AdjacencyList::operator==): * dfg/DFGBasicBlock.h: * dfg/DFGCSEPhase.cpp: (JSC::DFG::performLocalCSE): (JSC::DFG::performGlobalCSE): (JSC::DFG::CSEPhase::CSEPhase): Deleted. (JSC::DFG::CSEPhase::run): Deleted. (JSC::DFG::CSEPhase::endIndexForPureCSE): Deleted. (JSC::DFG::CSEPhase::pureCSE): Deleted. (JSC::DFG::CSEPhase::constantCSE): Deleted. (JSC::DFG::CSEPhase::constantStoragePointerCSE): Deleted. (JSC::DFG::CSEPhase::getCalleeLoadElimination): Deleted. (JSC::DFG::CSEPhase::getArrayLengthElimination): Deleted. (JSC::DFG::CSEPhase::globalVarLoadElimination): Deleted. (JSC::DFG::CSEPhase::scopedVarLoadElimination): Deleted. (JSC::DFG::CSEPhase::varInjectionWatchpointElimination): Deleted. (JSC::DFG::CSEPhase::getByValLoadElimination): Deleted. (JSC::DFG::CSEPhase::checkFunctionElimination): Deleted. (JSC::DFG::CSEPhase::checkExecutableElimination): Deleted. (JSC::DFG::CSEPhase::checkStructureElimination): Deleted. (JSC::DFG::CSEPhase::structureTransitionWatchpointElimination): Deleted. (JSC::DFG::CSEPhase::getByOffsetLoadElimination): Deleted. (JSC::DFG::CSEPhase::getGetterSetterByOffsetLoadElimination): Deleted. (JSC::DFG::CSEPhase::getPropertyStorageLoadElimination): Deleted. (JSC::DFG::CSEPhase::checkArrayElimination): Deleted. (JSC::DFG::CSEPhase::getIndexedPropertyStorageLoadElimination): Deleted. (JSC::DFG::CSEPhase::getInternalFieldLoadElimination): Deleted. (JSC::DFG::CSEPhase::getMyScopeLoadElimination): Deleted. (JSC::DFG::CSEPhase::getLocalLoadElimination): Deleted. (JSC::DFG::CSEPhase::invalidationPointElimination): Deleted. (JSC::DFG::CSEPhase::setReplacement): Deleted. (JSC::DFG::CSEPhase::eliminate): Deleted. (JSC::DFG::CSEPhase::performNodeCSE): Deleted. (JSC::DFG::CSEPhase::performBlockCSE): Deleted. (JSC::DFG::performCSE): Deleted. * dfg/DFGCSEPhase.h: * dfg/DFGClobberSet.cpp: (JSC::DFG::addReads): (JSC::DFG::addWrites): (JSC::DFG::addReadsAndWrites): (JSC::DFG::readsOverlap): (JSC::DFG::writesOverlap): * dfg/DFGClobberize.cpp: (JSC::DFG::doesWrites): (JSC::DFG::accessesOverlap): (JSC::DFG::writesOverlap): * dfg/DFGClobberize.h: (JSC::DFG::clobberize): (JSC::DFG::NoOpClobberize::operator()): (JSC::DFG::CheckClobberize::operator()): (JSC::DFG::ReadMethodClobberize::ReadMethodClobberize): (JSC::DFG::ReadMethodClobberize::operator()): (JSC::DFG::WriteMethodClobberize::WriteMethodClobberize): (JSC::DFG::WriteMethodClobberize::operator()): (JSC::DFG::DefMethodClobberize::DefMethodClobberize): (JSC::DFG::DefMethodClobberize::operator()): * dfg/DFGDCEPhase.cpp: (JSC::DFG::DCEPhase::run): (JSC::DFG::DCEPhase::fixupBlock): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::getBlocksInPreOrder): (JSC::DFG::Graph::getBlocksInPostOrder): (JSC::DFG::Graph::addForDepthFirstSort): Deleted. (JSC::DFG::Graph::getBlocksInDepthFirstOrder): Deleted. * dfg/DFGGraph.h: * dfg/DFGHeapLocation.cpp: Added. (JSC::DFG::HeapLocation::dump): (WTF::printInternal): * dfg/DFGHeapLocation.h: Added. (JSC::DFG::HeapLocation::HeapLocation): (JSC::DFG::HeapLocation::operator!): (JSC::DFG::HeapLocation::kind): (JSC::DFG::HeapLocation::heap): (JSC::DFG::HeapLocation::base): (JSC::DFG::HeapLocation::index): (JSC::DFG::HeapLocation::hash): (JSC::DFG::HeapLocation::operator==): (JSC::DFG::HeapLocation::isHashTableDeletedValue): (JSC::DFG::HeapLocationHash::hash): (JSC::DFG::HeapLocationHash::equal): * dfg/DFGLICMPhase.cpp: (JSC::DFG::LICMPhase::run): * dfg/DFGNode.h: (JSC::DFG::Node::replaceWith): (JSC::DFG::Node::convertToPhantomUnchecked): Deleted. * dfg/DFGPlan.cpp: (JSC::DFG::Plan::compileInThreadImpl): * dfg/DFGPureValue.cpp: Added. (JSC::DFG::PureValue::dump): * dfg/DFGPureValue.h: Added. (JSC::DFG::PureValue::PureValue): (JSC::DFG::PureValue::operator!): (JSC::DFG::PureValue::op): (JSC::DFG::PureValue::children): (JSC::DFG::PureValue::info): (JSC::DFG::PureValue::hash): (JSC::DFG::PureValue::operator==): (JSC::DFG::PureValue::isHashTableDeletedValue): (JSC::DFG::PureValueHash::hash): (JSC::DFG::PureValueHash::equal): * dfg/DFGSSAConversionPhase.cpp: (JSC::DFG::SSAConversionPhase::run): * ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::LowerDFGToLLVM::lower): 2014-07-13 Filip Pizlo <fpizlo@apple.com> Unreviewed, revert unintended change in r171051. * dfg/DFGCSEPhase.cpp: 2014-07-08 Filip Pizlo <fpizlo@apple.com> [ftlopt] Move Flush(SetLocal) store elimination to StrengthReductionPhase https://bugs.webkit.org/show_bug.cgi?id=134739 Reviewed by Mark Hahnenberg. I'm going to streamline CSE around clobberize() as part of https://bugs.webkit.org/show_bug.cgi?id=134677, and so Flush(SetLocal) store elimination wouldn't belong in CSE anymore. It doesn't quite belong anywhere, which means that it belongs in StrengthReductionPhase, since that's intended to be our dumping ground. To do this I had to add some missing smarts to clobberize(). Previously clobberize() could play a bit loose with reads of Variables because it wasn't used for store elimination. The main client of read() was LICM, but it would only use it to determine hoistability and anything that did a write() was not hoistable - so, we had benign (but still wrong) missing read() calls in places that did write()s. This fixes a bunch of those cases. * dfg/DFGCSEPhase.cpp: (JSC::DFG::CSEPhase::performNodeCSE): (JSC::DFG::CSEPhase::setLocalStoreElimination): Deleted. * dfg/DFGClobberize.cpp: (JSC::DFG::accessesOverlap): * dfg/DFGClobberize.h: (JSC::DFG::clobberize): Make clobberize() smart enough for detecting when this store elimination would be sound. * dfg/DFGStrengthReductionPhase.cpp: (JSC::DFG::StrengthReductionPhase::handleNode): Implement the store elimination in terms of clobberize(). 2014-07-08 Filip Pizlo <fpizlo@apple.com> [ftlopt] Phantom simplification should be in its own phase https://bugs.webkit.org/show_bug.cgi?id=134742 Reviewed by Geoffrey Garen. This moves Phantom simplification out of CSE, which greatly simplifies CSE and gives it more focus. Also this finally adds a phase that removes empty Phantoms. We sort of had this in CPSRethreading, but that phase runs too infrequently and doesn't run at all for SSA. * CMakeLists.txt: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.xcodeproj/project.pbxproj: * dfg/DFGAdjacencyList.h: * dfg/DFGCSEPhase.cpp: (JSC::DFG::CSEPhase::run): (JSC::DFG::CSEPhase::setReplacement): (JSC::DFG::CSEPhase::eliminate): (JSC::DFG::CSEPhase::performNodeCSE): (JSC::DFG::CSEPhase::eliminateIrrelevantPhantomChildren): Deleted. * dfg/DFGPhantomRemovalPhase.cpp: Added. (JSC::DFG::PhantomRemovalPhase::PhantomRemovalPhase): (JSC::DFG::PhantomRemovalPhase::run): (JSC::DFG::performCleanUp): * dfg/DFGPhantomRemovalPhase.h: Added. * dfg/DFGPlan.cpp: (JSC::DFG::Plan::compileInThreadImpl): 2014-07-08 Filip Pizlo <fpizlo@apple.com> [ftlopt] Get rid of Node::misc by moving the fields out of the union so that you can use replacement and owner simultaneously https://bugs.webkit.org/show_bug.cgi?id=134730 Reviewed by Mark Lam. This will allow for a better GCSE implementation. * dfg/DFGCPSRethreadingPhase.cpp: (JSC::DFG::CPSRethreadingPhase::canonicalizeGetLocalFor): * dfg/DFGCSEPhase.cpp: (JSC::DFG::CSEPhase::setReplacement): * dfg/DFGEdgeDominates.h: (JSC::DFG::EdgeDominates::operator()): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::clearReplacements): (JSC::DFG::Graph::initializeNodeOwners): * dfg/DFGGraph.h: (JSC::DFG::Graph::performSubstitutionForEdge): * dfg/DFGLICMPhase.cpp: (JSC::DFG::LICMPhase::attemptHoist): * dfg/DFGNode.h: (JSC::DFG::Node::Node): * dfg/DFGSSAConversionPhase.cpp: (JSC::DFG::SSAConversionPhase::run): 2014-07-04 Filip Pizlo <fpizlo@apple.com> [ftlopt] Infer immutable object properties https://bugs.webkit.org/show_bug.cgi?id=134567 Reviewed by Mark Hahnenberg. This introduces a new way of inferring immutable object properties. A property is said to be immutable if after its creation (i.e. the transition that creates it), we never overwrite it (i.e. replace it) or delete it. Immutability is a property of an "own property" - so if we say that "f" is immutable at "o" then we are implying that "o" has "f" directly and not on a prototype. More specifically, the immutability inference will prove that a property on some structure is immutable. This means that, for example, we may have a structure S1 with property "f" where we claim that "f" at S1 is immutable, but S1 has a transition to S2 that adds a new property "g" and we may claim that "f" at S2 is actually mutable. This is mainly for convenience; it allows us to decouple immutability logic from transition logic. Immutability can be used to constant-fold accesses to objects at DFG-time. The DFG needs to prove the following to constant-fold the access: - The base of the access must be a constant object pointer. We prove that a property at a structure is immutable, but that says nothing of its value; each actual instance of that property may have a different value. So, a constant object pointer is needed to get an actual constant instance of the immutable value. - A check (or watchpoint) must have been emitted proving that the object has a structure that allows loading the property in question. - The replacement watchpoint set of the property in the structure that we've proven the object to have is still valid and we add a watchpoint to it lazily. The replacement watchpoint set is the key new mechanism that this change adds. It's possible that we have proven that the object has one of many structures, in which case each of those structures needs a valid replacement watchpoint set. The replacement watchpoint set is created the first time that any access to the property is cached. A put replace cache will create, and immediately invalidate, the watchpoint set. A get cache will create the watchpoint set and make it start watching. Any non-cached put access will invalidate the watchpoint set if one had been created; the underlying algorithm ensures that checking for the existence of a replacement watchpoint set is very fast in the common case. This algorithm ensures that no cached access needs to ever do any work to invalidate, or check the validity of, any replacement watchpoint sets. It also has some other nice properties: - It's very robust in its definition of immutability. The strictest that it will ever be is that for any instance of the object, the property must be written to only once, specifically at the time that the property is created. But it's looser than this in practice. For example, the property may be written to any number of times before we add the final property that the object will have before anyone reads the property; this works since for optimization purposes we only care if we detect immutability on the structure that the object will have when it is most frequently read from, not any previous structure that the object had. Also, we may write to the property any number of times before anyone caches accesses to it. - It is mostly orthogonal to structure transitions. No new structures need to be created to track the immutability of a property. Hence, there is no risk from this feature causing more polymorphism. This is different from the previous "specificValue" constant inference, which did cause additional structures to be created and sometimes those structures led to fake polymorphism. This feature does leverage existing transitions to do some of the watchpointing: property deletions don't fire the replacement watchpoint set because that would cause a new structure and so the mandatory structure check would fail. Also, this feature is guaranteed to never kick in for uncacheable dictionaries because those wouldn't allow for cacheable accesses - and it takes a cacheable access for this feature to be enabled. - No memory overhead is incurred except when accesses to the property are cached. Dictionary properties will typically have no meta-data for immutability. The number of replacement watchpoint sets we allocate is proportional to the number of inline caches in the program, which is typically must smaller than the number of structures or even the number of objects. This inference is far more powerful than the previous "specificValue" inference, so this change also removes all of that code. It's interesting that the amount of code that is changed to remove that feature is almost as big as the amount of code added to support the new inference - and that's if you include the new tests in the tally. Without new tests, it appears that the new feature actually touches less code! There is one corner case where the previous "specificValue" inference was more powerful. You can imagine someone creating objects with functions as self properties on those objects, such that each object instance had the same function pointers - essentially, someone might be trying to create a vtable but failing at the whole "one vtable for many instances" concept. The "specificValue" inference would do very well for such programs, because a structure check would be sufficient to prove a constant value for all of the function properties. This new inference will fail because it doesn't track the constant values of constant properties; instead it detects the immutability of otherwise variable properties (in the sense that each instance of the property may have a different value). So, the new inference requires having a particular object instance to actually get the constant value. I think it's OK to lose this antifeature. It took a lot of code to support and was a constant source of grief in our transition logic, and there doesn't appear to be any real evidence that programs benefited from that particular kind of inference since usually it's the singleton prototype instance that has all of the functions. This change is a speed-up on everything. date-format-xparb and both SunSpider/raytrace and V8/raytrace seem to be the biggest winners among the macrobenchmarks; they see >5% speed-ups. Many of our microbenchmarks see very large performance improvements, even 80% in one case. * bytecode/ComplexGetStatus.cpp: (JSC::ComplexGetStatus::computeFor): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): (JSC::GetByIdStatus::computeForStubInfo): (JSC::GetByIdStatus::computeFor): * bytecode/GetByIdVariant.cpp: (JSC::GetByIdVariant::GetByIdVariant): (JSC::GetByIdVariant::operator=): (JSC::GetByIdVariant::attemptToMerge): (JSC::GetByIdVariant::dumpInContext): * bytecode/GetByIdVariant.h: (JSC::GetByIdVariant::alternateBase): (JSC::GetByIdVariant::specificValue): Deleted. * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeForStubInfo): (JSC::PutByIdStatus::computeFor): * bytecode/PutByIdVariant.cpp: (JSC::PutByIdVariant::operator=): (JSC::PutByIdVariant::setter): (JSC::PutByIdVariant::dumpInContext): * bytecode/PutByIdVariant.h: (JSC::PutByIdVariant::specificValue): Deleted. * bytecode/Watchpoint.cpp: (JSC::WatchpointSet::fireAllSlow): (JSC::WatchpointSet::fireAll): Deleted. * bytecode/Watchpoint.h: (JSC::WatchpointSet::fireAll): * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleGetByOffset): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseBlock): * dfg/DFGConstantFoldingPhase.cpp: (JSC::DFG::ConstantFoldingPhase::emitGetByOffset): * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::isStringPrototypeMethodSane): (JSC::DFG::FixupPhase::canOptimizeStringObjectAccess): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::tryGetConstantProperty): (JSC::DFG::Graph::visitChildren): * dfg/DFGGraph.h: * dfg/DFGWatchableStructureWatchingPhase.cpp: (JSC::DFG::WatchableStructureWatchingPhase::run): * ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::LowerDFGToLLVM::compileMultiGetByOffset): * jit/JITOperations.cpp: * jit/Repatch.cpp: (JSC::repatchByIdSelfAccess): (JSC::generateByIdStub): (JSC::tryCacheGetByID): (JSC::tryCachePutByID): (JSC::tryBuildPutByIdList): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::putToScopeCommon): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::tryCachePutToScopeGlobal): * runtime/IntendedStructureChain.cpp: (JSC::IntendedStructureChain::mayInterceptStoreTo): * runtime/JSCJSValue.cpp: (JSC::JSValue::putToPrimitive): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::reset): * runtime/JSObject.cpp: (JSC::JSObject::put): (JSC::JSObject::putDirectNonIndexAccessor): (JSC::JSObject::deleteProperty): (JSC::JSObject::defaultValue): (JSC::getCallableObjectSlow): Deleted. (JSC::JSObject::getPropertySpecificValue): Deleted. * runtime/JSObject.h: (JSC::JSObject::getDirect): (JSC::JSObject::getDirectOffset): (JSC::JSObject::inlineGetOwnPropertySlot): (JSC::JSObject::putDirectInternal): (JSC::JSObject::putOwnDataProperty): (JSC::JSObject::putDirect): (JSC::JSObject::putDirectWithoutTransition): (JSC::getCallableObject): Deleted. * runtime/JSScope.cpp: (JSC::abstractAccess): * runtime/PropertyMapHashTable.h: (JSC::PropertyMapEntry::PropertyMapEntry): (JSC::PropertyTable::copy): * runtime/PropertyTable.cpp: (JSC::PropertyTable::clone): (JSC::PropertyTable::PropertyTable): (JSC::PropertyTable::visitChildren): Deleted. * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::materializePropertyMap): (JSC::Structure::addPropertyTransitionToExistingStructureImpl): (JSC::Structure::addPropertyTransitionToExistingStructure): (JSC::Structure::addPropertyTransitionToExistingStructureConcurrently): (JSC::Structure::addPropertyTransition): (JSC::Structure::changePrototypeTransition): (JSC::Structure::attributeChangeTransition): (JSC::Structure::toDictionaryTransition): (JSC::Structure::preventExtensionsTransition): (JSC::Structure::takePropertyTableOrCloneIfPinned): (JSC::Structure::nonPropertyTransition): (JSC::Structure::addPropertyWithoutTransition): (JSC::Structure::allocateRareData): (JSC::Structure::ensurePropertyReplacementWatchpointSet): (JSC::Structure::startWatchingPropertyForReplacements): (JSC::Structure::didCachePropertyReplacement): (JSC::Structure::startWatchingInternalProperties): (JSC::Structure::copyPropertyTable): (JSC::Structure::copyPropertyTableForPinning): (JSC::Structure::getConcurrently): (JSC::Structure::get): (JSC::Structure::add): (JSC::Structure::visitChildren): (JSC::Structure::prototypeChainMayInterceptStoreTo): (JSC::Structure::dump): (JSC::Structure::despecifyDictionaryFunction): Deleted. (JSC::Structure::despecifyFunctionTransition): Deleted. (JSC::Structure::despecifyFunction): Deleted. (JSC::Structure::despecifyAllFunctions): Deleted. (JSC::Structure::putSpecificValue): Deleted. * runtime/Structure.h: (JSC::Structure::startWatchingPropertyForReplacements): (JSC::Structure::startWatchingInternalPropertiesIfNecessary): (JSC::Structure::startWatchingInternalPropertiesIfNecessaryForEntireChain): (JSC::Structure::transitionDidInvolveSpecificValue): Deleted. (JSC::Structure::disableSpecificFunctionTracking): Deleted. * runtime/StructureInlines.h: (JSC::Structure::getConcurrently): (JSC::Structure::didReplaceProperty): (JSC::Structure::propertyReplacementWatchpointSet): * runtime/StructureRareData.cpp: (JSC::StructureRareData::destroy): * runtime/StructureRareData.h: * tests/stress/infer-constant-global-property.js: Added. (foo.Math.sin): (foo): * tests/stress/infer-constant-property.js: Added. (foo): * tests/stress/jit-cache-poly-replace-then-cache-get-and-fold-then-invalidate.js: Added. (foo): (bar): * tests/stress/jit-cache-replace-then-cache-get-and-fold-then-invalidate.js: Added. (foo): (bar): * tests/stress/jit-put-to-scope-global-cache-watchpoint-invalidate.js: Added. (foo): (bar): * tests/stress/llint-cache-replace-then-cache-get-and-fold-then-invalidate.js: Added. (foo): (bar): * tests/stress/llint-put-to-scope-global-cache-watchpoint-invalidate.js: Added. (foo): (bar): * tests/stress/repeat-put-to-scope-global-with-same-value-watchpoint-invalidate.js: Added. (foo): (bar): 2014-07-03 Saam Barati <sbarati@apple.com> Add more coverage for the profile_types_with_high_fidelity op code. https://bugs.webkit.org/show_bug.cgi?id=134616 Reviewed by Filip Pizlo. More operations are now being recorded by the profile_types_with_high_fidelity opcode. Specifically: function parameters, function return values, function 'this' value, get_by_id, get_by_value, resolve nodes, function return values at the call site. Added more flags to the profile_types_with_high_fidelity opcode so more focused tasks can take place when the instruction is being linked in CodeBlock. Re-worked the type profiler to search through character offset ranges when asked for the type of an expression at a given offset. Removed redundant calls to Structure::toStructureShape in HighFidelityLog and TypeSet by caching calls based on StructureID. * bytecode/BytecodeList.json: * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finalizeUnconditionally): (JSC::CodeBlock::scopeDependentProfile): * bytecode/CodeBlock.h: (JSC::CodeBlock::returnStatementTypeSet): * bytecode/TypeLocation.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::highFidelityTypeProfileExpressionInfoForBytecodeOffset): (JSC::UnlinkedCodeBlock::addHighFidelityTypeProfileExpressionInfo): * bytecode/UnlinkedCodeBlock.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitProfileTypesWithHighFidelity): (JSC::BytecodeGenerator::emitGetFromScopeWithProfile): (JSC::BytecodeGenerator::emitPutToScope): (JSC::BytecodeGenerator::emitPutToScopeWithProfile): (JSC::BytecodeGenerator::emitPutById): (JSC::BytecodeGenerator::emitPutByVal): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::emitHighFidelityTypeProfilingExpressionInfo): * bytecompiler/NodesCodegen.cpp: (JSC::ResolveNode::emitBytecode): (JSC::BracketAccessorNode::emitBytecode): (JSC::DotAccessorNode::emitBytecode): (JSC::FunctionCallValueNode::emitBytecode): (JSC::FunctionCallResolveNode::emitBytecode): (JSC::FunctionCallBracketNode::emitBytecode): (JSC::FunctionCallDotNode::emitBytecode): (JSC::CallFunctionCallDotNode::emitBytecode): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::PostfixNode::emitResolve): (JSC::PostfixNode::emitBracket): (JSC::PostfixNode::emitDot): (JSC::PrefixNode::emitResolve): (JSC::PrefixNode::emitBracket): (JSC::PrefixNode::emitDot): (JSC::ReadModifyResolveNode::emitBytecode): (JSC::AssignResolveNode::emitBytecode): (JSC::AssignDotNode::emitBytecode): (JSC::ReadModifyDotNode::emitBytecode): (JSC::AssignBracketNode::emitBytecode): (JSC::ReadModifyBracketNode::emitBytecode): (JSC::ReturnNode::emitBytecode): (JSC::FunctionBodyNode::emitBytecode): * inspector/agents/InspectorRuntimeAgent.cpp: (Inspector::InspectorRuntimeAgent::getRuntimeTypeForVariableAtOffset): (Inspector::InspectorRuntimeAgent::getRuntimeTypeForVariableInTextRange): Deleted. * inspector/agents/InspectorRuntimeAgent.h: * inspector/protocol/Runtime.json: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::getFromScopeCommon): (JSC::LLInt::LLINT_SLOW_PATH_DECL): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * runtime/HighFidelityLog.cpp: (JSC::HighFidelityLog::processHighFidelityLog): (JSC::HighFidelityLog::actuallyProcessLogThreadFunction): (JSC::HighFidelityLog::recordTypeInformationForLocation): Deleted. * runtime/HighFidelityLog.h: (JSC::HighFidelityLog::recordTypeInformationForLocation): * runtime/HighFidelityTypeProfiler.cpp: (JSC::HighFidelityTypeProfiler::getTypesForVariableInAtOffset): (JSC::HighFidelityTypeProfiler::getGlobalTypesForVariableAtOffset): (JSC::HighFidelityTypeProfiler::getLocalTypesForVariableAtOffset): (JSC::HighFidelityTypeProfiler::insertNewLocation): (JSC::HighFidelityTypeProfiler::findLocation): (JSC::HighFidelityTypeProfiler::getTypesForVariableInRange): Deleted. (JSC::HighFidelityTypeProfiler::getGlobalTypesForVariableInRange): Deleted. (JSC::HighFidelityTypeProfiler::getLocalTypesForVariableInRange): Deleted. (JSC::HighFidelityTypeProfiler::getLocationBasedHash): Deleted. * runtime/HighFidelityTypeProfiler.h: (JSC::LocationKey::LocationKey): Deleted. (JSC::LocationKey::hash): Deleted. (JSC::LocationKey::operator==): Deleted. * runtime/Structure.cpp: (JSC::Structure::toStructureShape): * runtime/Structure.h: * runtime/TypeSet.cpp: (JSC::TypeSet::TypeSet): (JSC::TypeSet::addTypeForValue): (JSC::TypeSet::seenTypes): (JSC::TypeSet::removeDuplicatesInStructureHistory): Deleted. * runtime/TypeSet.h: (JSC::StructureShape::setConstructorName): * runtime/VM.cpp: (JSC::VM::getTypesForVariableAtOffset): (JSC::VM::dumpHighFidelityProfilingTypes): (JSC::VM::getTypesForVariableInRange): Deleted. * runtime/VM.h: 2014-07-04 Filip Pizlo <fpizlo@apple.com> [ftlopt][REGRESSION] debug tests fail because PutByIdDirect is now implemented in terms of In https://bugs.webkit.org/show_bug.cgi?id=134642 Rubber stamped by Andreas Kling. * ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::LowerDFGToLLVM::compileNode): 2014-07-01 Filip Pizlo <fpizlo@apple.com> [ftlopt] Allocate a new GetterSetter if we change the value of any of its entries other than when they were previously null, so that if we constant-infer an accessor slot then we immediately get the function constant for free https://bugs.webkit.org/show_bug.cgi?id=134518 Reviewed by Mark Hahnenberg. This has no real effect right now, particularly since almost all uses of setSetter/setGetter were already allocating a branch new GetterSetter. But once we start doing more aggressive constant property inference, this change will allow us to remove all runtime checks from getter/setter calls. * runtime/GetterSetter.cpp: (JSC::GetterSetter::withGetter): (JSC::GetterSetter::withSetter): * runtime/GetterSetter.h: (JSC::GetterSetter::setGetter): (JSC::GetterSetter::setSetter): * runtime/JSObject.cpp: (JSC::JSObject::defineOwnNonIndexProperty): 2014-07-02 Filip Pizlo <fpizlo@apple.com> [ftlopt] Rename notifyTransitionFromThisStructure to didTransitionFromThisStructure Rubber stamped by Mark Hahnenberg. * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::nonPropertyTransition): (JSC::Structure::didTransitionFromThisStructure): (JSC::Structure::notifyTransitionFromThisStructure): Deleted. * runtime/Structure.h: 2014-07-02 Filip Pizlo <fpizlo@apple.com> [ftlopt] Remove the functionality for cloning StructureRareData since we never do that anymore. Rubber stamped by Mark Hahnenberg. * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::cloneRareDataFrom): Deleted. * runtime/Structure.h: * runtime/StructureRareData.cpp: (JSC::StructureRareData::clone): Deleted. (JSC::StructureRareData::StructureRareData): Deleted. * runtime/StructureRareData.h: (JSC::StructureRareData::needsCloning): Deleted. 2014-07-01 Mark Lam <mark.lam@apple.com> [ftlopt] DebuggerCallFrame::scope() should return a DebuggerScope. <https://webkit.org/b/134420> Reviewed by Geoffrey Garen. Previously, DebuggerCallFrame::scope() returns a JSActivation (and relevant peers) which the WebInspector will use to introspect CallFrame variables. Instead, we should be returning a DebuggerScope as an abstraction layer that provides the introspection functionality that the WebInspector needs. This is the first step towards not forcing every frame to have a JSActivation object just because the debugger is enabled. 1. Instantiate the debuggerScopeStructure as a member of the JSGlobalObject instead of the VM. This allows JSObject::globalObject() to be able to return the global object for the DebuggerScope. 2. On the DebuggerScope's life-cycle management: The DebuggerCallFrame is designed to be "valid" only during a debugging session (while the debugger is broken) through the use of a DebuggerCallFrameScope in Debugger::pauseIfNeeded(). Once the debugger resumes from the break, the DebuggerCallFrameScope destructs, and the DebuggerCallFrame will be invalidated. We can't guarantee (from this code alone) that the Inspector code isn't still holding a ref to the DebuggerCallFrame (though they shouldn't), but by contract, the frame will be invalidated, and any attempt to query it will return null values. This is pre-existing behavior. Now, we're adding the DebuggerScope into the picture. While a single debugger pause session is in progress, the Inspector may request the scope from the DebuggerCallFrame. While the DebuggerCallFrame is still valid, we want DebuggerCallFrame::scope() to always return the same DebuggerScope object. This is why we hold on to the DebuggerScope with a strong ref. If we use a weak ref instead, the following cooky behavior can manifest: 1. The Inspector calls Debugger::scope() to get the top scope. 2. The Inspector iterates down the scope chain and is now only holding a reference to a parent scope. It is no longer referencing the top scope. 3. A GC occurs, and the DebuggerCallFrame's weak m_scope ref to the top scope gets cleared. 4. The Inspector calls DebuggerCallFrame::scope() to get the top scope again but gets a different DebuggerScope instance. 5. The Inspector iterates down the scope chain but never sees the parent scope instance that retained a ref to in step 2 above. This is because when iterating this new DebuggerScope instance (which has no knowledge of the previous parent DebuggerScope instance), a new DebuggerScope instance will get created for the same parent scope. Since the DebuggerScope is a JSObject, it's liveness is determined by its reachability. However, it's "validity" is determined by the life-cycle of its owner DebuggerCallFrame. When the owner DebuggerCallFrame gets invalidated, its debugger scope chain (if instantiated) will also get invalidated. This is why we need the DebuggerScope::invalidateChain() method. The Inspector should not be using the DebuggerScope instance after its owner DebuggerCallFrame is invalidated. If it does, those methods will do nothing or returned a failed status. * debugger/Debugger.h: * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::scope): (JSC::DebuggerCallFrame::evaluate): (JSC::DebuggerCallFrame::invalidate): (JSC::DebuggerCallFrame::vm): (JSC::DebuggerCallFrame::lexicalGlobalObject): * debugger/DebuggerCallFrame.h: * debugger/DebuggerScope.cpp: (JSC::DebuggerScope::DebuggerScope): (JSC::DebuggerScope::finishCreation): (JSC::DebuggerScope::visitChildren): (JSC::DebuggerScope::className): (JSC::DebuggerScope::getOwnPropertySlot): (JSC::DebuggerScope::put): (JSC::DebuggerScope::deleteProperty): (JSC::DebuggerScope::getOwnPropertyNames): (JSC::DebuggerScope::defineOwnProperty): (JSC::DebuggerScope::next): (JSC::DebuggerScope::invalidateChain): (JSC::DebuggerScope::isWithScope): (JSC::DebuggerScope::isGlobalScope): (JSC::DebuggerScope::isFunctionScope): * debugger/DebuggerScope.h: (JSC::DebuggerScope::create): (JSC::DebuggerScope::Iterator::Iterator): (JSC::DebuggerScope::Iterator::get): (JSC::DebuggerScope::Iterator::operator++): (JSC::DebuggerScope::Iterator::operator==): (JSC::DebuggerScope::Iterator::operator!=): (JSC::DebuggerScope::isValid): (JSC::DebuggerScope::jsScope): (JSC::DebuggerScope::begin): (JSC::DebuggerScope::end): * inspector/JSJavaScriptCallFrame.cpp: (Inspector::JSJavaScriptCallFrame::scopeType): (Inspector::JSJavaScriptCallFrame::scopeChain): * inspector/JavaScriptCallFrame.h: (Inspector::JavaScriptCallFrame::scopeChain): * inspector/ScriptDebugServer.cpp: * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::reset): (JSC::JSGlobalObject::visitChildren): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::debuggerScopeStructure): * runtime/JSObject.h: (JSC::JSObject::isWithScope): * runtime/JSScope.h: * runtime/VM.cpp: (JSC::VM::VM): * runtime/VM.h: 2014-07-01 Filip Pizlo <fpizlo@apple.com> [ftlopt] DFG bytecode parser should turn PutById with nothing but a Setter stub as stuff+handleCall, and handleCall should be allowed to inline if it wants to https://bugs.webkit.org/show_bug.cgi?id=130756 Reviewed by Oliver Hunt. The enables exposing the call to setters in the DFG, and then inlining it. Previously we already supproted inlined-cached calls to setters from within put_by_id inline caches, and the DFG could certainly emit such IC's. Now, if an IC had a setter call, then the DFG will either emit the GetGetterSetterByOffset/GetSetter/Call combo, or it will do one better and inline the call. A lot of the core functionality was already available from the previous work to inline getters. So, there are some refactorings in this patch that move preexisting functionality around. For example, the work to figure out how the DFG should go about getting to what we call the "loaded value" - i.e. the GetterSetter object reference in the case of accessors - is now shared in ComplexGetStatus, and both GetByIdStatus and PutByIdStatus use it. This means that we can keep the safety checks common. This patch also does additional refactorings in DFG::ByteCodeParser so that we can continue to reuse handleCall() for all of the various kinds of calls we can now emit. 83% speed-up on getter-richards, 2% speed-up on box2d. * CMakeLists.txt: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/ComplexGetStatus.cpp: Added. (JSC::ComplexGetStatus::computeFor): * bytecode/ComplexGetStatus.h: Added. (JSC::ComplexGetStatus::ComplexGetStatus): (JSC::ComplexGetStatus::skip): (JSC::ComplexGetStatus::takesSlowPath): (JSC::ComplexGetStatus::kind): (JSC::ComplexGetStatus::attributes): (JSC::ComplexGetStatus::specificValue): (JSC::ComplexGetStatus::offset): (JSC::ComplexGetStatus::chain): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeForStubInfo): * bytecode/GetByIdVariant.cpp: (JSC::GetByIdVariant::GetByIdVariant): * bytecode/PolymorphicPutByIdList.h: (JSC::PutByIdAccess::PutByIdAccess): (JSC::PutByIdAccess::setter): (JSC::PutByIdAccess::structure): (JSC::PutByIdAccess::chainCount): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): (JSC::PutByIdStatus::computeFor): (JSC::PutByIdStatus::computeForStubInfo): (JSC::PutByIdStatus::makesCalls): * bytecode/PutByIdStatus.h: (JSC::PutByIdStatus::makesCalls): Deleted. * bytecode/PutByIdVariant.cpp: (JSC::PutByIdVariant::PutByIdVariant): (JSC::PutByIdVariant::operator=): (JSC::PutByIdVariant::replace): (JSC::PutByIdVariant::transition): (JSC::PutByIdVariant::setter): (JSC::PutByIdVariant::writesStructures): (JSC::PutByIdVariant::reallocatesStorage): (JSC::PutByIdVariant::makesCalls): (JSC::PutByIdVariant::dumpInContext): * bytecode/PutByIdVariant.h: (JSC::PutByIdVariant::PutByIdVariant): (JSC::PutByIdVariant::structure): (JSC::PutByIdVariant::oldStructure): (JSC::PutByIdVariant::alternateBase): (JSC::PutByIdVariant::specificValue): (JSC::PutByIdVariant::callLinkStatus): (JSC::PutByIdVariant::replace): Deleted. (JSC::PutByIdVariant::transition): Deleted. * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::addCallWithoutSettingResult): (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseBlock): * jit/Repatch.cpp: (JSC::tryCachePutByID): (JSC::tryBuildPutByIdList): * runtime/IntendedStructureChain.cpp: (JSC::IntendedStructureChain::takesSlowPathInDFGForImpureProperty): * runtime/IntendedStructureChain.h: * tests/stress/exit-from-setter.js: Added. * tests/stress/poly-chain-setter.js: Added. (Cons): (foo): (test): * tests/stress/poly-chain-then-setter.js: Added. (Cons1): (Cons2): (foo): (test): * tests/stress/poly-setter-combo.js: Added. (Cons1): (Cons2): (foo): (test): (.test): * tests/stress/poly-setter-then-self.js: Added. (foo): (test): (.test): * tests/stress/weird-setter-counter.js: Added. (foo): (test): * tests/stress/weird-setter-counter-syntactic.js: Added. (foo): (test): 2014-07-01 Matthew Mirman <mmirman@apple.com> Added an implementation of the "in" check to FTL. https://bugs.webkit.org/show_bug.cgi?id=134508 Reviewed by Filip Pizlo. * ftl/FTLCapabilities.cpp: enabled compilation for "in" (JSC::FTL::canCompile): ditto * ftl/FTLCompile.cpp: (JSC::FTL::generateCheckInICFastPath): added. (JSC::FTL::fixFunctionBasedOnStackMaps): added case for CheckIn descriptors. * ftl/FTLInlineCacheDescriptor.h: (JSC::FTL::CheckInGenerator::CheckInGenerator): added. (JSC::FTL::CheckInDescriptor::CheckInDescriptor): added. * ftl/FTLInlineCacheSize.cpp: (JSC::FTL::sizeOfCheckIn): added. Currently larger than necessary. * ftl/FTLInlineCacheSize.h: ditto * ftl/FTLIntrinsicRepository.h: Added function type for operationInGeneric * ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::LowerDFGToLLVM::compileNode): added case for In. (JSC::FTL::LowerDFGToLLVM::compileIn): added. * ftl/FTLSlowPathCall.cpp: Added a callOperation for operationIn (JSC::FTL::callOperation): ditto * ftl/FTLSlowPathCall.h: ditto * ftl/FTLState.h: Added a vector to hold CheckIn descriptors. * jit/JITOperations.h: made operationIns internal. * tests/stress/ftl-checkin.js: Added. * tests/stress/ftl-checkin-variable.js: Added. 2014-06-30 Mark Hahnenberg <mhahnenberg@apple.com> CodeBlock::stronglyVisitWeakReferences should mark DFG::CommonData::weakStructureReferences https://bugs.webkit.org/show_bug.cgi?id=134455 Reviewed by Geoffrey Garen. Otherwise we get hanging pointers which can cause us to die later. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::stronglyVisitWeakReferences): 2014-06-27 Filip Pizlo <fpizlo@apple.com> [ftlopt] Reduce the GC's influence on optimization decisions https://bugs.webkit.org/show_bug.cgi?id=134427 Reviewed by Oliver Hunt. This is a slight speed-up on some platforms, that arises from a bunch of fixes that I made while trying to make the GC keep more structures alive (https://bugs.webkit.org/show_bug.cgi?id=128072). The fixes are, roughly: - If the GC clears an inline cache, then this no longer causes the IC to be forever polymorphic. - If we exit in inlined code into a function that tries to OSR enter, then we jettison sooner. - Some variables being uninitialized led to rage-recompilations. This is a pretty strong step in the direction of keeping more Structures alive and not blowing away code just because a Structure died. But, it seems like there is still a slight speed-up to be had from blowing away code that references dead Structures. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpAssumingJITType): (JSC::shouldMarkTransition): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::determineLiveness): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeForStubInfo): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeForStubInfo): * dfg/DFGCapabilities.cpp: (JSC::DFG::isSupportedForInlining): (JSC::DFG::mightInlineFunctionForCall): (JSC::DFG::mightInlineFunctionForClosureCall): (JSC::DFG::mightInlineFunctionForConstruct): * dfg/DFGCapabilities.h: * dfg/DFGCommonData.h: * dfg/DFGDesiredWeakReferences.cpp: (JSC::DFG::DesiredWeakReferences::reallyAdd): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareOSREntry): * dfg/DFGOSRExitCompilerCommon.cpp: (JSC::DFG::handleExitCounts): * dfg/DFGOperations.cpp: * dfg/DFGOperations.h: * ftl/FTLForOSREntryJITCode.cpp: (JSC::FTL::ForOSREntryJITCode::ForOSREntryJITCode): These variables being uninitialized is benign in terms of correctness but can sometimes cause rage-recompilations. For some reason it took this patch to reveal this. * ftl/FTLOSREntry.cpp: (JSC::FTL::prepareOSREntry): * runtime/Executable.cpp: (JSC::ExecutableBase::destroy): (JSC::NativeExecutable::destroy): (JSC::ScriptExecutable::ScriptExecutable): (JSC::ScriptExecutable::destroy): (JSC::ScriptExecutable::installCode): (JSC::EvalExecutable::EvalExecutable): (JSC::ProgramExecutable::ProgramExecutable): * runtime/Executable.h: (JSC::ScriptExecutable::setDidTryToEnterInLoop): (JSC::ScriptExecutable::didTryToEnterInLoop): (JSC::ScriptExecutable::addressOfDidTryToEnterInLoop): (JSC::ScriptExecutable::ScriptExecutable): Deleted. * runtime/StructureInlines.h: (JSC::Structure::storedPrototypeObject): (JSC::Structure::storedPrototypeStructure): 2014-06-25 Filip Pizlo <fpizlo@apple.com> [ftlopt] If a CodeBlock is jettisoned due to a watchpoint then it should be possible to figure out something about that watchpoint https://bugs.webkit.org/show_bug.cgi?id=134333 Reviewed by Geoffrey Garen. This is engineered to provide loads of information to the profiler without incurring any costs when the profiler is disabled. It's the oldest trick in the book: the thing that fires the watchpoint doesn't actually create anything to describe the reason why it was fired; instead it creates a stack-allocated FireDetail subclass instance. Only if the FireDetail::dump() virtual method is called does anything happen. Currently we use this to produce very fine-grained data for Structure watchpoints and some cases of variable watchpoints. For all other situations, the given reason is just a string constant, by using StringFireDetail. If we find a situation where that string constant is insufficient to diagnose an issue then we can change it to provide more fine-grained information. * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::jettison): * bytecode/CodeBlock.h: * bytecode/CodeBlockJettisoningWatchpoint.cpp: (JSC::CodeBlockJettisoningWatchpoint::fireInternal): * bytecode/CodeBlockJettisoningWatchpoint.h: * bytecode/ProfiledCodeBlockJettisoningWatchpoint.cpp: Removed. * bytecode/ProfiledCodeBlockJettisoningWatchpoint.h: Removed. * bytecode/StructureStubClearingWatchpoint.cpp: (JSC::StructureStubClearingWatchpoint::fireInternal): * bytecode/StructureStubClearingWatchpoint.h: * bytecode/VariableWatchpointSet.h: (JSC::VariableWatchpointSet::invalidate): (JSC::VariableWatchpointSet::finalizeUnconditionally): * bytecode/VariableWatchpointSetInlines.h: (JSC::VariableWatchpointSet::notifyWrite): * bytecode/Watchpoint.cpp: (JSC::StringFireDetail::dump): (JSC::WatchpointSet::fireAll): (JSC::WatchpointSet::fireAllSlow): (JSC::WatchpointSet::fireAllWatchpoints): (JSC::InlineWatchpointSet::fireAll): * bytecode/Watchpoint.h: (JSC::FireDetail::FireDetail): (JSC::FireDetail::~FireDetail): (JSC::StringFireDetail::StringFireDetail): (JSC::Watchpoint::fire): (JSC::WatchpointSet::fireAll): (JSC::WatchpointSet::touch): (JSC::WatchpointSet::invalidate): (JSC::InlineWatchpointSet::fireAll): (JSC::InlineWatchpointSet::touch): * dfg/DFGCommonData.h: * dfg/DFGOperations.cpp: * interpreter/Interpreter.cpp: (JSC::Interpreter::execute): * jsc.cpp: (WTF::Masquerader::create): * profiler/ProfilerCompilation.cpp: (JSC::Profiler::Compilation::setJettisonReason): (JSC::Profiler::Compilation::toJS): * profiler/ProfilerCompilation.h: (JSC::Profiler::Compilation::setJettisonReason): Deleted. * runtime/ArrayBuffer.cpp: (JSC::ArrayBuffer::transfer): * runtime/ArrayBufferNeuteringWatchpoint.cpp: (JSC::ArrayBufferNeuteringWatchpoint::fireAll): * runtime/ArrayBufferNeuteringWatchpoint.h: * runtime/CommonIdentifiers.h: * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): * runtime/Identifier.cpp: (JSC::Identifier::dump): * runtime/Identifier.h: * runtime/JSFunction.cpp: (JSC::JSFunction::put): (JSC::JSFunction::defineOwnProperty): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::addFunction): (JSC::JSGlobalObject::haveABadTime): * runtime/JSSymbolTableObject.cpp: (JSC::VariableWriteFireDetail::dump): * runtime/JSSymbolTableObject.h: (JSC::VariableWriteFireDetail::VariableWriteFireDetail): (JSC::symbolTablePut): (JSC::symbolTablePutWithAttributes): * runtime/PropertyName.h: (JSC::PropertyName::dump): * runtime/Structure.cpp: (JSC::Structure::notifyTransitionFromThisStructure): * runtime/Structure.h: (JSC::Structure::notifyTransitionFromThisStructure): Deleted. * runtime/SymbolTable.cpp: (JSC::SymbolTableEntry::notifyWriteSlow): (JSC::SymbolTable::WatchpointCleanup::finalizeUnconditionally): * runtime/SymbolTable.h: (JSC::SymbolTableEntry::notifyWrite): * runtime/VM.cpp: (JSC::VM::addImpureProperty): Source/WebCore: 2014-07-01 Mark Lam <mark.lam@apple.com> [ftlopt] DebuggerCallFrame::scope() should return a DebuggerScope. <https://webkit.org/b/134420> Reviewed by Geoffrey Garen. No new tests. * ForwardingHeaders/debugger/DebuggerCallFrame.h: Removed. - This is not in use. Hence, we can remove it. * bindings/js/ScriptController.cpp: (WebCore::ScriptController::attachDebugger): - We should acquire the JSLock before modifying a JS global object. 2014-06-25 Filip Pizlo <fpizlo@apple.com> [ftlopt] If a CodeBlock is jettisoned due to a watchpoint then it should be possible to figure out something about that watchpoint https://bugs.webkit.org/show_bug.cgi?id=134333 Reviewed by Geoffrey Garen. No new tests because no change in behavior. * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): Tools: 2014-06-25 Filip Pizlo <fpizlo@apple.com> [ftlopt] If a CodeBlock is jettisoned due to a watchpoint then it should be possible to figure out something about that watchpoint https://bugs.webkit.org/show_bug.cgi?id=134333 Reviewed by Geoffrey Garen. * Scripts/display-profiler-output: LayoutTests: 2014-07-16 Mark Hahnenberg <mhahnenberg@apple.com> sputnik/Implementation_Diagnostics/S12.6.4_D1.html depends on undefined behavior https://bugs.webkit.org/show_bug.cgi?id=135007 Reviewed by Filip Pizlo. EcmaScript 5.1 specifies that during for-in enumeration newly added properties may or may not be visited during the current enumeration. Specifically, in section 12.6.4 the spec states: "If new properties are added to the object being enumerated during enumeration, the newly added properties are not guaranteed to be visited in the active enumeration." The sputnik/Implementation_Diagnostics/S12.6.4_D1.html layout test is from before sputnik was added to the test262 suite. I believe it has since been removed, so it would probably be okay to remove it from our layout test suite. * sputnik/Implementation_Diagnostics/S12.6.4_D1-expected.txt: Removed. * sputnik/Implementation_Diagnostics/S12.6.4_D1.html: Removed. 2014-07-13 Filip Pizlo <fpizlo@apple.com> [ftlopt] DFG should be able to do GCSE in SSA and this should be unified with the CSE in CPS, and both of these things should use abstract heaps for reasoning about effects https://bugs.webkit.org/show_bug.cgi?id=134677 Reviewed by Sam Weinig. * js/regress/gcse-expected.txt: Added. * js/regress/gcse-poly-get-expected.txt: Added. * js/regress/gcse-poly-get-less-obvious-expected.txt: Added. * js/regress/gcse-poly-get-less-obvious.html: Added. * js/regress/gcse-poly-get.html: Added. * js/regress/gcse.html: Added. * js/regress/script-tests/gcse-poly-get-less-obvious.js: Added. * js/regress/script-tests/gcse-poly-get.js: Added. * js/regress/script-tests/gcse.js: Added. 2014-07-04 Filip Pizlo <fpizlo@apple.com> [ftlopt] Infer immutable object properties https://bugs.webkit.org/show_bug.cgi?id=134567 Reviewed by Mark Hahnenberg. * js/regress/infer-constant-global-property-expected.txt: Added. * js/regress/infer-constant-global-property.html: Added. * js/regress/infer-constant-property-expected.txt: Added. * js/regress/infer-constant-property.html: Added. * js/regress/script-tests/infer-constant-global-property.js: Added. * js/regress/script-tests/infer-constant-property.js: Added. Canonical link: https://commits.webkit.org/153499@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@172129 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2014-08-06 05:27:46 +00:00
{
Use constexpr instead of const in symbol definitions that are obviously constexpr. https://bugs.webkit.org/show_bug.cgi?id=201879 Rubber-stamped by Joseph Pecoraro. Source/bmalloc: * bmalloc/AvailableMemory.cpp: * bmalloc/IsoTLS.h: * bmalloc/Map.h: * bmalloc/Mutex.cpp: (bmalloc::Mutex::lockSlowCase): * bmalloc/PerThread.h: * bmalloc/Vector.h: * bmalloc/Zone.h: Source/JavaScriptCore: const may require external storage (at the compiler's whim) though these currently do not. constexpr makes it clear that the value is a literal constant that can be inlined. In most cases in the code, when we say static const, we actually mean static constexpr. I'm changing the code to reflect this. * API/JSAPIValueWrapper.h: * API/JSCallbackConstructor.h: * API/JSCallbackObject.h: * API/JSContextRef.cpp: * API/JSWrapperMap.mm: * API/tests/CompareAndSwapTest.cpp: * API/tests/TypedArrayCTest.cpp: * API/tests/testapi.mm: (testObjectiveCAPIMain): * KeywordLookupGenerator.py: (Trie.printAsC): * assembler/ARMv7Assembler.h: * assembler/AssemblerBuffer.h: * assembler/AssemblerCommon.h: * assembler/MacroAssembler.h: * assembler/MacroAssemblerARM64.h: * assembler/MacroAssemblerARM64E.h: * assembler/MacroAssemblerARMv7.h: * assembler/MacroAssemblerCodeRef.h: * assembler/MacroAssemblerMIPS.h: * assembler/MacroAssemblerX86.h: * assembler/MacroAssemblerX86Common.h: (JSC::MacroAssemblerX86Common::absDouble): (JSC::MacroAssemblerX86Common::negateDouble): * assembler/MacroAssemblerX86_64.h: * assembler/X86Assembler.h: * b3/B3Bank.h: * b3/B3CheckSpecial.h: * b3/B3DuplicateTails.cpp: * b3/B3EliminateCommonSubexpressions.cpp: * b3/B3FixSSA.cpp: * b3/B3FoldPathConstants.cpp: * b3/B3InferSwitches.cpp: * b3/B3Kind.h: * b3/B3LowerToAir.cpp: * b3/B3NativeTraits.h: * b3/B3ReduceDoubleToFloat.cpp: * b3/B3ReduceLoopStrength.cpp: * b3/B3ReduceStrength.cpp: * b3/B3ValueKey.h: * b3/air/AirAllocateRegistersByGraphColoring.cpp: * b3/air/AirAllocateStackByGraphColoring.cpp: * b3/air/AirArg.h: * b3/air/AirCCallSpecial.h: * b3/air/AirEmitShuffle.cpp: * b3/air/AirFixObviousSpills.cpp: * b3/air/AirFormTable.h: * b3/air/AirLowerAfterRegAlloc.cpp: * b3/air/AirPrintSpecial.h: * b3/air/AirStackAllocation.cpp: * b3/air/AirTmp.h: * b3/testb3_6.cpp: (testInterpreter): * bytecode/AccessCase.cpp: * bytecode/CallLinkStatus.cpp: * bytecode/CallVariant.h: * bytecode/CodeBlock.h: * bytecode/CodeOrigin.h: * bytecode/DFGExitProfile.h: * bytecode/DirectEvalCodeCache.h: * bytecode/ExecutableToCodeBlockEdge.h: * bytecode/GetterSetterAccessCase.cpp: * bytecode/LazyOperandValueProfile.h: * bytecode/ObjectPropertyCondition.h: * bytecode/ObjectPropertyConditionSet.cpp: * bytecode/PolymorphicAccess.cpp: * bytecode/PropertyCondition.h: * bytecode/SpeculatedType.h: * bytecode/StructureStubInfo.cpp: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::typeProfilerExpressionInfoForBytecodeOffset): * bytecode/UnlinkedCodeBlock.h: * bytecode/UnlinkedEvalCodeBlock.h: * bytecode/UnlinkedFunctionCodeBlock.h: * bytecode/UnlinkedFunctionExecutable.h: * bytecode/UnlinkedModuleProgramCodeBlock.h: * bytecode/UnlinkedProgramCodeBlock.h: * bytecode/ValueProfile.h: * bytecode/VirtualRegister.h: * bytecode/Watchpoint.h: * bytecompiler/BytecodeGenerator.h: * bytecompiler/Label.h: * bytecompiler/NodesCodegen.cpp: (JSC::ThisNode::emitBytecode): * bytecompiler/RegisterID.h: * debugger/Breakpoint.h: * debugger/DebuggerParseData.cpp: * debugger/DebuggerPrimitives.h: * debugger/DebuggerScope.h: * dfg/DFGAbstractHeap.h: * dfg/DFGAbstractValue.h: * dfg/DFGArgumentsEliminationPhase.cpp: * dfg/DFGByteCodeParser.cpp: * dfg/DFGCSEPhase.cpp: * dfg/DFGCommon.h: * dfg/DFGCompilationKey.h: * dfg/DFGDesiredGlobalProperty.h: * dfg/DFGEdgeDominates.h: * dfg/DFGEpoch.h: * dfg/DFGForAllKills.h: (JSC::DFG::forAllKilledNodesAtNodeIndex): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::isLiveInBytecode): * dfg/DFGHeapLocation.h: * dfg/DFGInPlaceAbstractState.cpp: * dfg/DFGIntegerCheckCombiningPhase.cpp: * dfg/DFGIntegerRangeOptimizationPhase.cpp: * dfg/DFGInvalidationPointInjectionPhase.cpp: * dfg/DFGLICMPhase.cpp: * dfg/DFGLazyNode.h: * dfg/DFGMinifiedID.h: * dfg/DFGMovHintRemovalPhase.cpp: * dfg/DFGNodeFlowProjection.h: * dfg/DFGNodeType.h: * dfg/DFGObjectAllocationSinkingPhase.cpp: * dfg/DFGPhantomInsertionPhase.cpp: * dfg/DFGPromotedHeapLocation.h: * dfg/DFGPropertyTypeKey.h: * dfg/DFGPureValue.h: * dfg/DFGPutStackSinkingPhase.cpp: * dfg/DFGRegisterBank.h: * dfg/DFGSSAConversionPhase.cpp: * dfg/DFGSSALoweringPhase.cpp: * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileDoubleRep): (JSC::DFG::compileClampDoubleToByte): (JSC::DFG::SpeculativeJIT::compileArithRounding): (JSC::DFG::compileArithPowIntegerFastPath): (JSC::DFG::SpeculativeJIT::compileArithPow): (JSC::DFG::SpeculativeJIT::emitBinarySwitchStringRecurse): * dfg/DFGStackLayoutPhase.cpp: * dfg/DFGStoreBarrierInsertionPhase.cpp: * dfg/DFGStrengthReductionPhase.cpp: * dfg/DFGStructureAbstractValue.h: * dfg/DFGVarargsForwardingPhase.cpp: * dfg/DFGVariableEventStream.cpp: (JSC::DFG::VariableEventStream::reconstruct const): * dfg/DFGWatchpointCollectionPhase.cpp: * disassembler/ARM64/A64DOpcode.h: * ftl/FTLLocation.h: * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileArithRandom): * ftl/FTLSlowPathCall.cpp: * ftl/FTLSlowPathCallKey.h: * heap/CellContainer.h: * heap/CellState.h: * heap/ConservativeRoots.h: * heap/GCSegmentedArray.h: * heap/HandleBlock.h: * heap/Heap.cpp: (JSC::Heap::updateAllocationLimits): * heap/Heap.h: * heap/HeapSnapshot.h: * heap/HeapUtil.h: (JSC::HeapUtil::findGCObjectPointersForMarking): * heap/IncrementalSweeper.cpp: * heap/LargeAllocation.h: * heap/MarkedBlock.cpp: * heap/Strong.h: * heap/VisitRaceKey.h: * heap/Weak.h: * heap/WeakBlock.h: * inspector/JSInjectedScriptHost.h: * inspector/JSInjectedScriptHostPrototype.h: * inspector/JSJavaScriptCallFrame.h: * inspector/JSJavaScriptCallFramePrototype.h: * inspector/agents/InspectorConsoleAgent.cpp: * inspector/agents/InspectorRuntimeAgent.cpp: (Inspector::InspectorRuntimeAgent::getRuntimeTypesForVariablesAtOffsets): * inspector/scripts/codegen/generate_cpp_protocol_types_header.py: (CppProtocolTypesHeaderGenerator._generate_versions): * inspector/scripts/tests/generic/expected/version.json-result: * interpreter/Interpreter.h: * interpreter/ShadowChicken.cpp: * jit/BinarySwitch.cpp: * jit/CallFrameShuffler.h: * jit/ExecutableAllocator.h: * jit/FPRInfo.h: * jit/GPRInfo.h: * jit/ICStats.h: * jit/JITThunks.h: * jit/Reg.h: * jit/RegisterSet.h: * jit/TempRegisterSet.h: * jsc.cpp: * parser/ASTBuilder.h: * parser/Nodes.h: * parser/SourceCodeKey.h: * parser/SyntaxChecker.h: * parser/VariableEnvironment.h: * profiler/ProfilerOrigin.h: * profiler/ProfilerOriginStack.h: * profiler/ProfilerUID.h: * runtime/AbstractModuleRecord.cpp: * runtime/ArrayBufferNeuteringWatchpointSet.h: * runtime/ArrayConstructor.h: * runtime/ArrayConventions.h: * runtime/ArrayIteratorPrototype.h: * runtime/ArrayPrototype.cpp: (JSC::setLength): * runtime/AsyncFromSyncIteratorPrototype.h: * runtime/AsyncGeneratorFunctionPrototype.h: * runtime/AsyncGeneratorPrototype.h: * runtime/AsyncIteratorPrototype.h: * runtime/AtomicsObject.cpp: * runtime/BigIntConstructor.h: * runtime/BigIntPrototype.h: * runtime/BooleanPrototype.h: * runtime/ClonedArguments.h: * runtime/CodeCache.h: * runtime/ControlFlowProfiler.h: * runtime/CustomGetterSetter.h: * runtime/DateConstructor.h: * runtime/DatePrototype.h: * runtime/DefinePropertyAttributes.h: * runtime/ErrorPrototype.h: * runtime/EvalExecutable.h: * runtime/Exception.h: * runtime/ExceptionHelpers.cpp: (JSC::invalidParameterInSourceAppender): (JSC::invalidParameterInstanceofSourceAppender): * runtime/ExceptionHelpers.h: * runtime/ExecutableBase.h: * runtime/FunctionExecutable.h: * runtime/FunctionRareData.h: * runtime/GeneratorPrototype.h: * runtime/GenericArguments.h: * runtime/GenericOffset.h: * runtime/GetPutInfo.h: * runtime/GetterSetter.h: * runtime/GlobalExecutable.h: * runtime/Identifier.h: * runtime/InspectorInstrumentationObject.h: * runtime/InternalFunction.h: * runtime/IntlCollatorConstructor.h: * runtime/IntlCollatorPrototype.h: * runtime/IntlDateTimeFormatConstructor.h: * runtime/IntlDateTimeFormatPrototype.h: * runtime/IntlNumberFormatConstructor.h: * runtime/IntlNumberFormatPrototype.h: * runtime/IntlObject.h: * runtime/IntlPluralRulesConstructor.h: * runtime/IntlPluralRulesPrototype.h: * runtime/IteratorPrototype.h: * runtime/JSArray.cpp: (JSC::JSArray::tryCreateUninitializedRestricted): * runtime/JSArray.h: * runtime/JSArrayBuffer.h: * runtime/JSArrayBufferView.h: * runtime/JSBigInt.h: * runtime/JSCJSValue.h: * runtime/JSCell.h: * runtime/JSCustomGetterSetterFunction.h: * runtime/JSDataView.h: * runtime/JSDataViewPrototype.h: * runtime/JSDestructibleObject.h: * runtime/JSFixedArray.h: * runtime/JSGenericTypedArrayView.h: * runtime/JSGlobalLexicalEnvironment.h: * runtime/JSGlobalObject.h: * runtime/JSImmutableButterfly.h: * runtime/JSInternalPromiseConstructor.h: * runtime/JSInternalPromiseDeferred.h: * runtime/JSInternalPromisePrototype.h: * runtime/JSLexicalEnvironment.h: * runtime/JSModuleEnvironment.h: * runtime/JSModuleLoader.h: * runtime/JSModuleNamespaceObject.h: * runtime/JSNonDestructibleProxy.h: * runtime/JSONObject.cpp: * runtime/JSONObject.h: * runtime/JSObject.h: * runtime/JSPromiseConstructor.h: * runtime/JSPromiseDeferred.h: * runtime/JSPromisePrototype.h: * runtime/JSPropertyNameEnumerator.h: * runtime/JSProxy.h: * runtime/JSScope.h: * runtime/JSScriptFetchParameters.h: * runtime/JSScriptFetcher.h: * runtime/JSSegmentedVariableObject.h: * runtime/JSSourceCode.h: * runtime/JSString.cpp: * runtime/JSString.h: * runtime/JSSymbolTableObject.h: * runtime/JSTemplateObjectDescriptor.h: * runtime/JSTypeInfo.h: * runtime/MapPrototype.h: * runtime/MinimumReservedZoneSize.h: * runtime/ModuleProgramExecutable.h: * runtime/NativeExecutable.h: * runtime/NativeFunction.h: * runtime/NativeStdFunctionCell.h: * runtime/NumberConstructor.h: * runtime/NumberPrototype.h: * runtime/ObjectConstructor.h: * runtime/ObjectPrototype.h: * runtime/ProgramExecutable.h: * runtime/PromiseDeferredTimer.cpp: * runtime/PropertyMapHashTable.h: * runtime/PropertyNameArray.h: (JSC::PropertyNameArray::add): * runtime/PrototypeKey.h: * runtime/ProxyConstructor.h: * runtime/ProxyObject.cpp: (JSC::ProxyObject::performGetOwnPropertyNames): * runtime/ProxyRevoke.h: * runtime/ReflectObject.h: * runtime/RegExp.h: * runtime/RegExpCache.h: * runtime/RegExpConstructor.h: * runtime/RegExpKey.h: * runtime/RegExpObject.h: * runtime/RegExpPrototype.h: * runtime/RegExpStringIteratorPrototype.h: * runtime/SamplingProfiler.cpp: * runtime/ScopedArgumentsTable.h: * runtime/ScriptExecutable.h: * runtime/SetPrototype.h: * runtime/SmallStrings.h: * runtime/SparseArrayValueMap.h: * runtime/StringConstructor.h: * runtime/StringIteratorPrototype.h: * runtime/StringObject.h: * runtime/StringPrototype.h: * runtime/Structure.h: * runtime/StructureChain.h: * runtime/StructureRareData.h: * runtime/StructureTransitionTable.h: * runtime/Symbol.h: * runtime/SymbolConstructor.h: * runtime/SymbolPrototype.h: * runtime/SymbolTable.h: * runtime/TemplateObjectDescriptor.h: * runtime/TypeProfiler.cpp: * runtime/TypeProfiler.h: * runtime/TypeProfilerLog.cpp: * runtime/VarOffset.h: * testRegExp.cpp: * tools/HeapVerifier.cpp: (JSC::HeapVerifier::checkIfRecorded): * tools/JSDollarVM.cpp: * wasm/WasmB3IRGenerator.cpp: * wasm/WasmBBQPlan.cpp: * wasm/WasmFaultSignalHandler.cpp: * wasm/WasmFunctionParser.h: * wasm/WasmOMGForOSREntryPlan.cpp: * wasm/WasmOMGPlan.cpp: * wasm/WasmPlan.cpp: * wasm/WasmSignature.cpp: * wasm/WasmSignature.h: * wasm/WasmWorklist.cpp: * wasm/js/JSWebAssembly.h: * wasm/js/JSWebAssemblyCodeBlock.h: * wasm/js/WebAssemblyCompileErrorConstructor.h: * wasm/js/WebAssemblyCompileErrorPrototype.h: * wasm/js/WebAssemblyFunction.h: * wasm/js/WebAssemblyInstanceConstructor.h: * wasm/js/WebAssemblyInstancePrototype.h: * wasm/js/WebAssemblyLinkErrorConstructor.h: * wasm/js/WebAssemblyLinkErrorPrototype.h: * wasm/js/WebAssemblyMemoryConstructor.h: * wasm/js/WebAssemblyMemoryPrototype.h: * wasm/js/WebAssemblyModuleConstructor.h: * wasm/js/WebAssemblyModulePrototype.h: * wasm/js/WebAssemblyRuntimeErrorConstructor.h: * wasm/js/WebAssemblyRuntimeErrorPrototype.h: * wasm/js/WebAssemblyTableConstructor.h: * wasm/js/WebAssemblyTablePrototype.h: * wasm/js/WebAssemblyToJSCallee.h: * yarr/Yarr.h: * yarr/YarrParser.h: * yarr/generateYarrCanonicalizeUnicode: Source/WebCore: No new tests. Covered by existing tests. * bindings/js/JSDOMConstructorBase.h: * bindings/js/JSDOMWindowProperties.h: * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): (GeneratePrototypeDeclaration): * bindings/scripts/test/JS/JSTestActiveDOMObject.h: * bindings/scripts/test/JS/JSTestEnabledBySetting.h: * bindings/scripts/test/JS/JSTestEnabledForContext.h: * bindings/scripts/test/JS/JSTestEventTarget.h: * bindings/scripts/test/JS/JSTestGlobalObject.h: * bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.h: * bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.h: * bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.h: * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.h: * bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.h: * bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.h: * bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.h: * bindings/scripts/test/JS/JSTestNamedGetterCallWith.h: * bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.h: * bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.h: * bindings/scripts/test/JS/JSTestNamedSetterThrowingException.h: * bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.h: * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.h: * bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.h: * bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.h: * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.h: * bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.h: * bindings/scripts/test/JS/JSTestObj.h: * bindings/scripts/test/JS/JSTestOverrideBuiltins.h: * bindings/scripts/test/JS/JSTestPluginInterface.h: * bindings/scripts/test/JS/JSTestTypedefs.h: * bridge/objc/objc_runtime.h: * bridge/runtime_array.h: * bridge/runtime_method.h: * bridge/runtime_object.h: Source/WebKit: * WebProcess/Plugins/Netscape/JSNPObject.h: Source/WTF: * wtf/Assertions.cpp: * wtf/AutomaticThread.cpp: * wtf/BitVector.h: * wtf/Bitmap.h: * wtf/BloomFilter.h: * wtf/Brigand.h: * wtf/CheckedArithmetic.h: * wtf/CrossThreadCopier.h: * wtf/CurrentTime.cpp: * wtf/DataLog.cpp: * wtf/DateMath.cpp: (WTF::daysFrom1970ToYear): * wtf/DeferrableRefCounted.h: * wtf/GetPtr.h: * wtf/HashFunctions.h: * wtf/HashMap.h: * wtf/HashTable.h: * wtf/HashTraits.h: * wtf/JSONValues.cpp: * wtf/JSONValues.h: * wtf/ListHashSet.h: * wtf/Lock.h: * wtf/LockAlgorithm.h: * wtf/LockAlgorithmInlines.h: (WTF::Hooks>::lockSlow): * wtf/Logger.h: * wtf/LoggerHelper.h: (WTF::LoggerHelper::childLogIdentifier const): * wtf/MainThread.cpp: * wtf/MetaAllocatorPtr.h: * wtf/MonotonicTime.h: * wtf/NaturalLoops.h: (WTF::NaturalLoops::NaturalLoops): * wtf/ObjectIdentifier.h: * wtf/RAMSize.cpp: * wtf/Ref.h: * wtf/RefPtr.h: * wtf/RetainPtr.h: * wtf/SchedulePair.h: * wtf/StackShot.h: * wtf/StdLibExtras.h: * wtf/TinyPtrSet.h: * wtf/URL.cpp: * wtf/URLHash.h: * wtf/URLParser.cpp: (WTF::URLParser::defaultPortForProtocol): * wtf/Vector.h: * wtf/VectorTraits.h: * wtf/WallTime.h: * wtf/WeakHashSet.h: * wtf/WordLock.h: * wtf/cocoa/CPUTimeCocoa.cpp: * wtf/cocoa/MemoryPressureHandlerCocoa.mm: * wtf/persistence/PersistentDecoder.h: * wtf/persistence/PersistentEncoder.h: * wtf/text/AtomStringHash.h: * wtf/text/CString.h: * wtf/text/StringBuilder.cpp: (WTF::expandedCapacity): * wtf/text/StringHash.h: * wtf/text/StringImpl.h: * wtf/text/StringToIntegerConversion.h: (WTF::toIntegralType): * wtf/text/SymbolRegistry.h: * wtf/text/TextStream.cpp: (WTF::hasFractions): * wtf/text/WTFString.h: * wtf/text/cocoa/TextBreakIteratorInternalICUCocoa.cpp: Canonical link: https://commits.webkit.org/215538@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250005 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-09-18 00:36:19 +00:00
static constexpr bool verbose = false;
REGRESSION(r197303): 4 jsc tests failing on bots. Unreviewed follow-up fix. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::typeProfilerExpressionInfoForBytecodeOffset): This function can still get called with !m_rareData, in case the type profiler is active but this particular code block doesn't have type profiler data. Handle it gracefully. Canonical link: https://commits.webkit.org/172903@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197305 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2016-02-29 01:44:26 +00:00
if (!m_rareData) {
if (verbose)
dataLogF("Don't have assignment info for offset:%u\n", bytecodeOffset);
startDivot = UINT_MAX;
endDivot = UINT_MAX;
return false;
}
Shrink UnlinkedCodeBlock a bit. <https://webkit.org/b/154797> Reviewed by Anders Carlsson. Move profiler-related members of UnlinkedCodeBlock into its RareData structure, saving 40 bytes, and then reorder the other members of UnlinkedCodeBlock to save another 24 bytes, netting a nice total 64. The VM member was removed entirely since UnlinkedCodeBlock is a cell and can retrieve its VM through MarkedBlock header lookup. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::vm): (JSC::UnlinkedCodeBlock::typeProfilerExpressionInfoForBytecodeOffset): (JSC::UnlinkedCodeBlock::addTypeProfilerExpressionInfo): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): Deleted. * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::addRegExp): (JSC::UnlinkedCodeBlock::addConstant): (JSC::UnlinkedCodeBlock::addFunctionDecl): (JSC::UnlinkedCodeBlock::addFunctionExpr): (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets): (JSC::UnlinkedCodeBlock::vm): Deleted. Canonical link: https://commits.webkit.org/172901@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197303 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2016-02-28 22:21:54 +00:00
auto iter = m_rareData->m_typeProfilerInfoMap.find(bytecodeOffset);
if (iter == m_rareData->m_typeProfilerInfoMap.end()) {
Merge r170564, r170571, r170604, r170628, r170672, r170680, r170724, r170728, r170729, r170819, r170821, r170836, r170855, r170860, r170890, r170907, r170929, r171052, r171106, r171152, r171153, r171214 from ftlopt. Source/JavaScriptCore: This part of the merge delivers roughly a 2% across-the-board performance improvement, mostly due to immutable property inference and DFG-side GCSE. It also almost completely resolves accessor performance issues; in the common case the DFG will compile a getter/setter access into code that is just as efficient as a normal property access. Another major highlight of this part of the merge is the work to add a type profiler to the inspector. This work is still on-going but this greatly increases coverage. Note that this merge fixes a minor bug in the GetterSetter refactoring from http://trac.webkit.org/changeset/170729 (https://bugs.webkit.org/show_bug.cgi?id=134518). It also adds a new tests to tests/stress to cover that bug. That bug was previously only covered by layout tests. 2014-07-17 Filip Pizlo <fpizlo@apple.com> [ftlopt] DFG Flush(SetLocal) store elimination is overzealous for captured variables in the presence of nodes that have no effects but may throw (merge trunk r171190) https://bugs.webkit.org/show_bug.cgi?id=135019 Reviewed by Oliver Hunt. Behaviorally, this is just a merge of trunk r171190, except that the relevant functionality has moved to StrengthReductionPhase and is written in a different style. Same algorithm, different code. * dfg/DFGNodeType.h: * dfg/DFGStrengthReductionPhase.cpp: (JSC::DFG::StrengthReductionPhase::handleNode): * tests/stress/capture-escape-and-throw.js: Added. (foo.f): (foo): * tests/stress/new-array-with-size-throw-exception-and-tear-off-arguments.js: Added. (foo): (bar): 2014-07-15 Filip Pizlo <fpizlo@apple.com> [ftlopt] Constant fold GetGetter and GetSetter if the GetterSetter is a constant https://bugs.webkit.org/show_bug.cgi?id=134962 Reviewed by Oliver Hunt. This removes yet another steady-state-throughput implication of using getters and setters: if your accessor call is monomorphic then you'll just get a structure check, nothing more. No more loads to get to the GetterSetter object or the accessor function object. * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): * runtime/GetterSetter.h: (JSC::GetterSetter::getterConcurrently): (JSC::GetterSetter::setGetter): (JSC::GetterSetter::setterConcurrently): (JSC::GetterSetter::setSetter): 2014-07-15 Filip Pizlo <fpizlo@apple.com> [ftlopt] Identity replacement in CSE shouldn't create a Phantom over the Identity's children https://bugs.webkit.org/show_bug.cgi?id=134893 Reviewed by Oliver Hunt. Replace Identity with Check instead of Phantom. Phantom means that the child of the Identity should be unconditionally live. The liveness semantics of Identity are such that if the parents of Identity are live then the child is live. Removing the Identity entirely preserves such liveness semantics. So, the only thing that should be left behind is the type check on the child, which is what Check means: do the check but don't keep the child alive if the check isn't needed. * dfg/DFGCSEPhase.cpp: * dfg/DFGNode.h: (JSC::DFG::Node::convertToCheck): 2014-07-13 Filip Pizlo <fpizlo@apple.com> [ftlopt] DFG should be able to do GCSE in SSA and this should be unified with the CSE in CPS, and both of these things should use abstract heaps for reasoning about effects https://bugs.webkit.org/show_bug.cgi?id=134677 Reviewed by Sam Weinig. This removes the old local CSE phase, which was based on manually written backward-search rules for all of the different kinds of things we cared about, and adds a new local/global CSE (local for CPS and global for SSA) that leaves the node semantics almost entirely up to clobberize(). Thus, the CSE phase itself just worries about the algorithms and data structures used for storing sets of available values. This results in a large reduction in code size in CSEPhase.cpp while greatly increasing the phase's power (since it now does global CSE) and reducing compile time (since local CSE is now rewritten to use smarter data structures). Even though LLVM was already running GVN, the extra GCSE at DFG IR level means that this is a significant (~0.7%) throughput improvement. This work is based on the concept of "def" to clobberize(). If clobberize() calls def(), it means that the node being analyzed makes available some value in some DFG node, and that future attempts to compute that value can simply use that node. In other words, it establishes an available value mapping of the form value=>node. There are two kinds of values that can be passed to def(): PureValue. This captures everything needed to determine whether two pure nodes - nodes that neither read nor write, and produce a value that is a CSE candidate - are identical. It carries the NodeType, an AdjacencyList, and one word of meta-data. The meta-data is usually used for things like the arithmetic mode or constant pointer. Passing a PureValue to def() means that the node produces a value that is valid anywhere that the node dominates. HeapLocation. This describes a location in the heap that could be written to or read from. Both stores and loads can def() a HeapLocation. HeapLocation carries around an abstract heap that both serves as part of the "name" of the heap location (together with the other fields of HeapLocation) and also tells us what write()'s to watch for. If someone write()'s to an abstract heap that overlaps the heap associated with the HeapLocation, then it means that the values for that location are no longer available. This approach is sufficiently clever that the CSEPhase itself can focus on the mechanism of tracking the PureValue=>node and HeapLocation=>node maps, without having to worry about interpreting the semantics of different DFG node types - that is now almost entirely in clobberize(). The only things we special-case inside CSEPhase are the Identity node, which CSE is traditionally responsible for eliminating even though it has nothing to do with CSE, and the LocalCSE rule for turning PutByVal into PutByValAlias. This is a slight Octane, SunSpider, and Kraken speed-up - all somewhere arond 0.7% . It's not a bigger win because LLVM was already giving us most of what we needed in its GVN. Also, the SunSpider speed-up isn't from GCSE as much as it's a clean-up of local CSE - that is no longer O(n^2). Basically this is purely good: it reduces the amount of LLVM IR we generate, it removes the old CSE's heap modeling (which was a constant source of bugs), and it improves both the quality of the code we generate and the speed with which we generate it. Also, any future optimizations that depend on GCSE will now be easier to implement. During the development of this patch I also rationalized some other stuff, like Graph's ordered traversals - we now have preorder and postorder rather than just "depth first". * CMakeLists.txt: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.xcodeproj/project.pbxproj: * dfg/DFGAbstractHeap.h: * dfg/DFGAdjacencyList.h: (JSC::DFG::AdjacencyList::hash): (JSC::DFG::AdjacencyList::operator==): * dfg/DFGBasicBlock.h: * dfg/DFGCSEPhase.cpp: (JSC::DFG::performLocalCSE): (JSC::DFG::performGlobalCSE): (JSC::DFG::CSEPhase::CSEPhase): Deleted. (JSC::DFG::CSEPhase::run): Deleted. (JSC::DFG::CSEPhase::endIndexForPureCSE): Deleted. (JSC::DFG::CSEPhase::pureCSE): Deleted. (JSC::DFG::CSEPhase::constantCSE): Deleted. (JSC::DFG::CSEPhase::constantStoragePointerCSE): Deleted. (JSC::DFG::CSEPhase::getCalleeLoadElimination): Deleted. (JSC::DFG::CSEPhase::getArrayLengthElimination): Deleted. (JSC::DFG::CSEPhase::globalVarLoadElimination): Deleted. (JSC::DFG::CSEPhase::scopedVarLoadElimination): Deleted. (JSC::DFG::CSEPhase::varInjectionWatchpointElimination): Deleted. (JSC::DFG::CSEPhase::getByValLoadElimination): Deleted. (JSC::DFG::CSEPhase::checkFunctionElimination): Deleted. (JSC::DFG::CSEPhase::checkExecutableElimination): Deleted. (JSC::DFG::CSEPhase::checkStructureElimination): Deleted. (JSC::DFG::CSEPhase::structureTransitionWatchpointElimination): Deleted. (JSC::DFG::CSEPhase::getByOffsetLoadElimination): Deleted. (JSC::DFG::CSEPhase::getGetterSetterByOffsetLoadElimination): Deleted. (JSC::DFG::CSEPhase::getPropertyStorageLoadElimination): Deleted. (JSC::DFG::CSEPhase::checkArrayElimination): Deleted. (JSC::DFG::CSEPhase::getIndexedPropertyStorageLoadElimination): Deleted. (JSC::DFG::CSEPhase::getInternalFieldLoadElimination): Deleted. (JSC::DFG::CSEPhase::getMyScopeLoadElimination): Deleted. (JSC::DFG::CSEPhase::getLocalLoadElimination): Deleted. (JSC::DFG::CSEPhase::invalidationPointElimination): Deleted. (JSC::DFG::CSEPhase::setReplacement): Deleted. (JSC::DFG::CSEPhase::eliminate): Deleted. (JSC::DFG::CSEPhase::performNodeCSE): Deleted. (JSC::DFG::CSEPhase::performBlockCSE): Deleted. (JSC::DFG::performCSE): Deleted. * dfg/DFGCSEPhase.h: * dfg/DFGClobberSet.cpp: (JSC::DFG::addReads): (JSC::DFG::addWrites): (JSC::DFG::addReadsAndWrites): (JSC::DFG::readsOverlap): (JSC::DFG::writesOverlap): * dfg/DFGClobberize.cpp: (JSC::DFG::doesWrites): (JSC::DFG::accessesOverlap): (JSC::DFG::writesOverlap): * dfg/DFGClobberize.h: (JSC::DFG::clobberize): (JSC::DFG::NoOpClobberize::operator()): (JSC::DFG::CheckClobberize::operator()): (JSC::DFG::ReadMethodClobberize::ReadMethodClobberize): (JSC::DFG::ReadMethodClobberize::operator()): (JSC::DFG::WriteMethodClobberize::WriteMethodClobberize): (JSC::DFG::WriteMethodClobberize::operator()): (JSC::DFG::DefMethodClobberize::DefMethodClobberize): (JSC::DFG::DefMethodClobberize::operator()): * dfg/DFGDCEPhase.cpp: (JSC::DFG::DCEPhase::run): (JSC::DFG::DCEPhase::fixupBlock): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::getBlocksInPreOrder): (JSC::DFG::Graph::getBlocksInPostOrder): (JSC::DFG::Graph::addForDepthFirstSort): Deleted. (JSC::DFG::Graph::getBlocksInDepthFirstOrder): Deleted. * dfg/DFGGraph.h: * dfg/DFGHeapLocation.cpp: Added. (JSC::DFG::HeapLocation::dump): (WTF::printInternal): * dfg/DFGHeapLocation.h: Added. (JSC::DFG::HeapLocation::HeapLocation): (JSC::DFG::HeapLocation::operator!): (JSC::DFG::HeapLocation::kind): (JSC::DFG::HeapLocation::heap): (JSC::DFG::HeapLocation::base): (JSC::DFG::HeapLocation::index): (JSC::DFG::HeapLocation::hash): (JSC::DFG::HeapLocation::operator==): (JSC::DFG::HeapLocation::isHashTableDeletedValue): (JSC::DFG::HeapLocationHash::hash): (JSC::DFG::HeapLocationHash::equal): * dfg/DFGLICMPhase.cpp: (JSC::DFG::LICMPhase::run): * dfg/DFGNode.h: (JSC::DFG::Node::replaceWith): (JSC::DFG::Node::convertToPhantomUnchecked): Deleted. * dfg/DFGPlan.cpp: (JSC::DFG::Plan::compileInThreadImpl): * dfg/DFGPureValue.cpp: Added. (JSC::DFG::PureValue::dump): * dfg/DFGPureValue.h: Added. (JSC::DFG::PureValue::PureValue): (JSC::DFG::PureValue::operator!): (JSC::DFG::PureValue::op): (JSC::DFG::PureValue::children): (JSC::DFG::PureValue::info): (JSC::DFG::PureValue::hash): (JSC::DFG::PureValue::operator==): (JSC::DFG::PureValue::isHashTableDeletedValue): (JSC::DFG::PureValueHash::hash): (JSC::DFG::PureValueHash::equal): * dfg/DFGSSAConversionPhase.cpp: (JSC::DFG::SSAConversionPhase::run): * ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::LowerDFGToLLVM::lower): 2014-07-13 Filip Pizlo <fpizlo@apple.com> Unreviewed, revert unintended change in r171051. * dfg/DFGCSEPhase.cpp: 2014-07-08 Filip Pizlo <fpizlo@apple.com> [ftlopt] Move Flush(SetLocal) store elimination to StrengthReductionPhase https://bugs.webkit.org/show_bug.cgi?id=134739 Reviewed by Mark Hahnenberg. I'm going to streamline CSE around clobberize() as part of https://bugs.webkit.org/show_bug.cgi?id=134677, and so Flush(SetLocal) store elimination wouldn't belong in CSE anymore. It doesn't quite belong anywhere, which means that it belongs in StrengthReductionPhase, since that's intended to be our dumping ground. To do this I had to add some missing smarts to clobberize(). Previously clobberize() could play a bit loose with reads of Variables because it wasn't used for store elimination. The main client of read() was LICM, but it would only use it to determine hoistability and anything that did a write() was not hoistable - so, we had benign (but still wrong) missing read() calls in places that did write()s. This fixes a bunch of those cases. * dfg/DFGCSEPhase.cpp: (JSC::DFG::CSEPhase::performNodeCSE): (JSC::DFG::CSEPhase::setLocalStoreElimination): Deleted. * dfg/DFGClobberize.cpp: (JSC::DFG::accessesOverlap): * dfg/DFGClobberize.h: (JSC::DFG::clobberize): Make clobberize() smart enough for detecting when this store elimination would be sound. * dfg/DFGStrengthReductionPhase.cpp: (JSC::DFG::StrengthReductionPhase::handleNode): Implement the store elimination in terms of clobberize(). 2014-07-08 Filip Pizlo <fpizlo@apple.com> [ftlopt] Phantom simplification should be in its own phase https://bugs.webkit.org/show_bug.cgi?id=134742 Reviewed by Geoffrey Garen. This moves Phantom simplification out of CSE, which greatly simplifies CSE and gives it more focus. Also this finally adds a phase that removes empty Phantoms. We sort of had this in CPSRethreading, but that phase runs too infrequently and doesn't run at all for SSA. * CMakeLists.txt: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.xcodeproj/project.pbxproj: * dfg/DFGAdjacencyList.h: * dfg/DFGCSEPhase.cpp: (JSC::DFG::CSEPhase::run): (JSC::DFG::CSEPhase::setReplacement): (JSC::DFG::CSEPhase::eliminate): (JSC::DFG::CSEPhase::performNodeCSE): (JSC::DFG::CSEPhase::eliminateIrrelevantPhantomChildren): Deleted. * dfg/DFGPhantomRemovalPhase.cpp: Added. (JSC::DFG::PhantomRemovalPhase::PhantomRemovalPhase): (JSC::DFG::PhantomRemovalPhase::run): (JSC::DFG::performCleanUp): * dfg/DFGPhantomRemovalPhase.h: Added. * dfg/DFGPlan.cpp: (JSC::DFG::Plan::compileInThreadImpl): 2014-07-08 Filip Pizlo <fpizlo@apple.com> [ftlopt] Get rid of Node::misc by moving the fields out of the union so that you can use replacement and owner simultaneously https://bugs.webkit.org/show_bug.cgi?id=134730 Reviewed by Mark Lam. This will allow for a better GCSE implementation. * dfg/DFGCPSRethreadingPhase.cpp: (JSC::DFG::CPSRethreadingPhase::canonicalizeGetLocalFor): * dfg/DFGCSEPhase.cpp: (JSC::DFG::CSEPhase::setReplacement): * dfg/DFGEdgeDominates.h: (JSC::DFG::EdgeDominates::operator()): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::clearReplacements): (JSC::DFG::Graph::initializeNodeOwners): * dfg/DFGGraph.h: (JSC::DFG::Graph::performSubstitutionForEdge): * dfg/DFGLICMPhase.cpp: (JSC::DFG::LICMPhase::attemptHoist): * dfg/DFGNode.h: (JSC::DFG::Node::Node): * dfg/DFGSSAConversionPhase.cpp: (JSC::DFG::SSAConversionPhase::run): 2014-07-04 Filip Pizlo <fpizlo@apple.com> [ftlopt] Infer immutable object properties https://bugs.webkit.org/show_bug.cgi?id=134567 Reviewed by Mark Hahnenberg. This introduces a new way of inferring immutable object properties. A property is said to be immutable if after its creation (i.e. the transition that creates it), we never overwrite it (i.e. replace it) or delete it. Immutability is a property of an "own property" - so if we say that "f" is immutable at "o" then we are implying that "o" has "f" directly and not on a prototype. More specifically, the immutability inference will prove that a property on some structure is immutable. This means that, for example, we may have a structure S1 with property "f" where we claim that "f" at S1 is immutable, but S1 has a transition to S2 that adds a new property "g" and we may claim that "f" at S2 is actually mutable. This is mainly for convenience; it allows us to decouple immutability logic from transition logic. Immutability can be used to constant-fold accesses to objects at DFG-time. The DFG needs to prove the following to constant-fold the access: - The base of the access must be a constant object pointer. We prove that a property at a structure is immutable, but that says nothing of its value; each actual instance of that property may have a different value. So, a constant object pointer is needed to get an actual constant instance of the immutable value. - A check (or watchpoint) must have been emitted proving that the object has a structure that allows loading the property in question. - The replacement watchpoint set of the property in the structure that we've proven the object to have is still valid and we add a watchpoint to it lazily. The replacement watchpoint set is the key new mechanism that this change adds. It's possible that we have proven that the object has one of many structures, in which case each of those structures needs a valid replacement watchpoint set. The replacement watchpoint set is created the first time that any access to the property is cached. A put replace cache will create, and immediately invalidate, the watchpoint set. A get cache will create the watchpoint set and make it start watching. Any non-cached put access will invalidate the watchpoint set if one had been created; the underlying algorithm ensures that checking for the existence of a replacement watchpoint set is very fast in the common case. This algorithm ensures that no cached access needs to ever do any work to invalidate, or check the validity of, any replacement watchpoint sets. It also has some other nice properties: - It's very robust in its definition of immutability. The strictest that it will ever be is that for any instance of the object, the property must be written to only once, specifically at the time that the property is created. But it's looser than this in practice. For example, the property may be written to any number of times before we add the final property that the object will have before anyone reads the property; this works since for optimization purposes we only care if we detect immutability on the structure that the object will have when it is most frequently read from, not any previous structure that the object had. Also, we may write to the property any number of times before anyone caches accesses to it. - It is mostly orthogonal to structure transitions. No new structures need to be created to track the immutability of a property. Hence, there is no risk from this feature causing more polymorphism. This is different from the previous "specificValue" constant inference, which did cause additional structures to be created and sometimes those structures led to fake polymorphism. This feature does leverage existing transitions to do some of the watchpointing: property deletions don't fire the replacement watchpoint set because that would cause a new structure and so the mandatory structure check would fail. Also, this feature is guaranteed to never kick in for uncacheable dictionaries because those wouldn't allow for cacheable accesses - and it takes a cacheable access for this feature to be enabled. - No memory overhead is incurred except when accesses to the property are cached. Dictionary properties will typically have no meta-data for immutability. The number of replacement watchpoint sets we allocate is proportional to the number of inline caches in the program, which is typically must smaller than the number of structures or even the number of objects. This inference is far more powerful than the previous "specificValue" inference, so this change also removes all of that code. It's interesting that the amount of code that is changed to remove that feature is almost as big as the amount of code added to support the new inference - and that's if you include the new tests in the tally. Without new tests, it appears that the new feature actually touches less code! There is one corner case where the previous "specificValue" inference was more powerful. You can imagine someone creating objects with functions as self properties on those objects, such that each object instance had the same function pointers - essentially, someone might be trying to create a vtable but failing at the whole "one vtable for many instances" concept. The "specificValue" inference would do very well for such programs, because a structure check would be sufficient to prove a constant value for all of the function properties. This new inference will fail because it doesn't track the constant values of constant properties; instead it detects the immutability of otherwise variable properties (in the sense that each instance of the property may have a different value). So, the new inference requires having a particular object instance to actually get the constant value. I think it's OK to lose this antifeature. It took a lot of code to support and was a constant source of grief in our transition logic, and there doesn't appear to be any real evidence that programs benefited from that particular kind of inference since usually it's the singleton prototype instance that has all of the functions. This change is a speed-up on everything. date-format-xparb and both SunSpider/raytrace and V8/raytrace seem to be the biggest winners among the macrobenchmarks; they see >5% speed-ups. Many of our microbenchmarks see very large performance improvements, even 80% in one case. * bytecode/ComplexGetStatus.cpp: (JSC::ComplexGetStatus::computeFor): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): (JSC::GetByIdStatus::computeForStubInfo): (JSC::GetByIdStatus::computeFor): * bytecode/GetByIdVariant.cpp: (JSC::GetByIdVariant::GetByIdVariant): (JSC::GetByIdVariant::operator=): (JSC::GetByIdVariant::attemptToMerge): (JSC::GetByIdVariant::dumpInContext): * bytecode/GetByIdVariant.h: (JSC::GetByIdVariant::alternateBase): (JSC::GetByIdVariant::specificValue): Deleted. * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeForStubInfo): (JSC::PutByIdStatus::computeFor): * bytecode/PutByIdVariant.cpp: (JSC::PutByIdVariant::operator=): (JSC::PutByIdVariant::setter): (JSC::PutByIdVariant::dumpInContext): * bytecode/PutByIdVariant.h: (JSC::PutByIdVariant::specificValue): Deleted. * bytecode/Watchpoint.cpp: (JSC::WatchpointSet::fireAllSlow): (JSC::WatchpointSet::fireAll): Deleted. * bytecode/Watchpoint.h: (JSC::WatchpointSet::fireAll): * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleGetByOffset): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseBlock): * dfg/DFGConstantFoldingPhase.cpp: (JSC::DFG::ConstantFoldingPhase::emitGetByOffset): * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::isStringPrototypeMethodSane): (JSC::DFG::FixupPhase::canOptimizeStringObjectAccess): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::tryGetConstantProperty): (JSC::DFG::Graph::visitChildren): * dfg/DFGGraph.h: * dfg/DFGWatchableStructureWatchingPhase.cpp: (JSC::DFG::WatchableStructureWatchingPhase::run): * ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::LowerDFGToLLVM::compileMultiGetByOffset): * jit/JITOperations.cpp: * jit/Repatch.cpp: (JSC::repatchByIdSelfAccess): (JSC::generateByIdStub): (JSC::tryCacheGetByID): (JSC::tryCachePutByID): (JSC::tryBuildPutByIdList): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::putToScopeCommon): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::tryCachePutToScopeGlobal): * runtime/IntendedStructureChain.cpp: (JSC::IntendedStructureChain::mayInterceptStoreTo): * runtime/JSCJSValue.cpp: (JSC::JSValue::putToPrimitive): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::reset): * runtime/JSObject.cpp: (JSC::JSObject::put): (JSC::JSObject::putDirectNonIndexAccessor): (JSC::JSObject::deleteProperty): (JSC::JSObject::defaultValue): (JSC::getCallableObjectSlow): Deleted. (JSC::JSObject::getPropertySpecificValue): Deleted. * runtime/JSObject.h: (JSC::JSObject::getDirect): (JSC::JSObject::getDirectOffset): (JSC::JSObject::inlineGetOwnPropertySlot): (JSC::JSObject::putDirectInternal): (JSC::JSObject::putOwnDataProperty): (JSC::JSObject::putDirect): (JSC::JSObject::putDirectWithoutTransition): (JSC::getCallableObject): Deleted. * runtime/JSScope.cpp: (JSC::abstractAccess): * runtime/PropertyMapHashTable.h: (JSC::PropertyMapEntry::PropertyMapEntry): (JSC::PropertyTable::copy): * runtime/PropertyTable.cpp: (JSC::PropertyTable::clone): (JSC::PropertyTable::PropertyTable): (JSC::PropertyTable::visitChildren): Deleted. * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::materializePropertyMap): (JSC::Structure::addPropertyTransitionToExistingStructureImpl): (JSC::Structure::addPropertyTransitionToExistingStructure): (JSC::Structure::addPropertyTransitionToExistingStructureConcurrently): (JSC::Structure::addPropertyTransition): (JSC::Structure::changePrototypeTransition): (JSC::Structure::attributeChangeTransition): (JSC::Structure::toDictionaryTransition): (JSC::Structure::preventExtensionsTransition): (JSC::Structure::takePropertyTableOrCloneIfPinned): (JSC::Structure::nonPropertyTransition): (JSC::Structure::addPropertyWithoutTransition): (JSC::Structure::allocateRareData): (JSC::Structure::ensurePropertyReplacementWatchpointSet): (JSC::Structure::startWatchingPropertyForReplacements): (JSC::Structure::didCachePropertyReplacement): (JSC::Structure::startWatchingInternalProperties): (JSC::Structure::copyPropertyTable): (JSC::Structure::copyPropertyTableForPinning): (JSC::Structure::getConcurrently): (JSC::Structure::get): (JSC::Structure::add): (JSC::Structure::visitChildren): (JSC::Structure::prototypeChainMayInterceptStoreTo): (JSC::Structure::dump): (JSC::Structure::despecifyDictionaryFunction): Deleted. (JSC::Structure::despecifyFunctionTransition): Deleted. (JSC::Structure::despecifyFunction): Deleted. (JSC::Structure::despecifyAllFunctions): Deleted. (JSC::Structure::putSpecificValue): Deleted. * runtime/Structure.h: (JSC::Structure::startWatchingPropertyForReplacements): (JSC::Structure::startWatchingInternalPropertiesIfNecessary): (JSC::Structure::startWatchingInternalPropertiesIfNecessaryForEntireChain): (JSC::Structure::transitionDidInvolveSpecificValue): Deleted. (JSC::Structure::disableSpecificFunctionTracking): Deleted. * runtime/StructureInlines.h: (JSC::Structure::getConcurrently): (JSC::Structure::didReplaceProperty): (JSC::Structure::propertyReplacementWatchpointSet): * runtime/StructureRareData.cpp: (JSC::StructureRareData::destroy): * runtime/StructureRareData.h: * tests/stress/infer-constant-global-property.js: Added. (foo.Math.sin): (foo): * tests/stress/infer-constant-property.js: Added. (foo): * tests/stress/jit-cache-poly-replace-then-cache-get-and-fold-then-invalidate.js: Added. (foo): (bar): * tests/stress/jit-cache-replace-then-cache-get-and-fold-then-invalidate.js: Added. (foo): (bar): * tests/stress/jit-put-to-scope-global-cache-watchpoint-invalidate.js: Added. (foo): (bar): * tests/stress/llint-cache-replace-then-cache-get-and-fold-then-invalidate.js: Added. (foo): (bar): * tests/stress/llint-put-to-scope-global-cache-watchpoint-invalidate.js: Added. (foo): (bar): * tests/stress/repeat-put-to-scope-global-with-same-value-watchpoint-invalidate.js: Added. (foo): (bar): 2014-07-03 Saam Barati <sbarati@apple.com> Add more coverage for the profile_types_with_high_fidelity op code. https://bugs.webkit.org/show_bug.cgi?id=134616 Reviewed by Filip Pizlo. More operations are now being recorded by the profile_types_with_high_fidelity opcode. Specifically: function parameters, function return values, function 'this' value, get_by_id, get_by_value, resolve nodes, function return values at the call site. Added more flags to the profile_types_with_high_fidelity opcode so more focused tasks can take place when the instruction is being linked in CodeBlock. Re-worked the type profiler to search through character offset ranges when asked for the type of an expression at a given offset. Removed redundant calls to Structure::toStructureShape in HighFidelityLog and TypeSet by caching calls based on StructureID. * bytecode/BytecodeList.json: * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finalizeUnconditionally): (JSC::CodeBlock::scopeDependentProfile): * bytecode/CodeBlock.h: (JSC::CodeBlock::returnStatementTypeSet): * bytecode/TypeLocation.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::highFidelityTypeProfileExpressionInfoForBytecodeOffset): (JSC::UnlinkedCodeBlock::addHighFidelityTypeProfileExpressionInfo): * bytecode/UnlinkedCodeBlock.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitProfileTypesWithHighFidelity): (JSC::BytecodeGenerator::emitGetFromScopeWithProfile): (JSC::BytecodeGenerator::emitPutToScope): (JSC::BytecodeGenerator::emitPutToScopeWithProfile): (JSC::BytecodeGenerator::emitPutById): (JSC::BytecodeGenerator::emitPutByVal): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::emitHighFidelityTypeProfilingExpressionInfo): * bytecompiler/NodesCodegen.cpp: (JSC::ResolveNode::emitBytecode): (JSC::BracketAccessorNode::emitBytecode): (JSC::DotAccessorNode::emitBytecode): (JSC::FunctionCallValueNode::emitBytecode): (JSC::FunctionCallResolveNode::emitBytecode): (JSC::FunctionCallBracketNode::emitBytecode): (JSC::FunctionCallDotNode::emitBytecode): (JSC::CallFunctionCallDotNode::emitBytecode): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::PostfixNode::emitResolve): (JSC::PostfixNode::emitBracket): (JSC::PostfixNode::emitDot): (JSC::PrefixNode::emitResolve): (JSC::PrefixNode::emitBracket): (JSC::PrefixNode::emitDot): (JSC::ReadModifyResolveNode::emitBytecode): (JSC::AssignResolveNode::emitBytecode): (JSC::AssignDotNode::emitBytecode): (JSC::ReadModifyDotNode::emitBytecode): (JSC::AssignBracketNode::emitBytecode): (JSC::ReadModifyBracketNode::emitBytecode): (JSC::ReturnNode::emitBytecode): (JSC::FunctionBodyNode::emitBytecode): * inspector/agents/InspectorRuntimeAgent.cpp: (Inspector::InspectorRuntimeAgent::getRuntimeTypeForVariableAtOffset): (Inspector::InspectorRuntimeAgent::getRuntimeTypeForVariableInTextRange): Deleted. * inspector/agents/InspectorRuntimeAgent.h: * inspector/protocol/Runtime.json: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::getFromScopeCommon): (JSC::LLInt::LLINT_SLOW_PATH_DECL): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * runtime/HighFidelityLog.cpp: (JSC::HighFidelityLog::processHighFidelityLog): (JSC::HighFidelityLog::actuallyProcessLogThreadFunction): (JSC::HighFidelityLog::recordTypeInformationForLocation): Deleted. * runtime/HighFidelityLog.h: (JSC::HighFidelityLog::recordTypeInformationForLocation): * runtime/HighFidelityTypeProfiler.cpp: (JSC::HighFidelityTypeProfiler::getTypesForVariableInAtOffset): (JSC::HighFidelityTypeProfiler::getGlobalTypesForVariableAtOffset): (JSC::HighFidelityTypeProfiler::getLocalTypesForVariableAtOffset): (JSC::HighFidelityTypeProfiler::insertNewLocation): (JSC::HighFidelityTypeProfiler::findLocation): (JSC::HighFidelityTypeProfiler::getTypesForVariableInRange): Deleted. (JSC::HighFidelityTypeProfiler::getGlobalTypesForVariableInRange): Deleted. (JSC::HighFidelityTypeProfiler::getLocalTypesForVariableInRange): Deleted. (JSC::HighFidelityTypeProfiler::getLocationBasedHash): Deleted. * runtime/HighFidelityTypeProfiler.h: (JSC::LocationKey::LocationKey): Deleted. (JSC::LocationKey::hash): Deleted. (JSC::LocationKey::operator==): Deleted. * runtime/Structure.cpp: (JSC::Structure::toStructureShape): * runtime/Structure.h: * runtime/TypeSet.cpp: (JSC::TypeSet::TypeSet): (JSC::TypeSet::addTypeForValue): (JSC::TypeSet::seenTypes): (JSC::TypeSet::removeDuplicatesInStructureHistory): Deleted. * runtime/TypeSet.h: (JSC::StructureShape::setConstructorName): * runtime/VM.cpp: (JSC::VM::getTypesForVariableAtOffset): (JSC::VM::dumpHighFidelityProfilingTypes): (JSC::VM::getTypesForVariableInRange): Deleted. * runtime/VM.h: 2014-07-04 Filip Pizlo <fpizlo@apple.com> [ftlopt][REGRESSION] debug tests fail because PutByIdDirect is now implemented in terms of In https://bugs.webkit.org/show_bug.cgi?id=134642 Rubber stamped by Andreas Kling. * ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::LowerDFGToLLVM::compileNode): 2014-07-01 Filip Pizlo <fpizlo@apple.com> [ftlopt] Allocate a new GetterSetter if we change the value of any of its entries other than when they were previously null, so that if we constant-infer an accessor slot then we immediately get the function constant for free https://bugs.webkit.org/show_bug.cgi?id=134518 Reviewed by Mark Hahnenberg. This has no real effect right now, particularly since almost all uses of setSetter/setGetter were already allocating a branch new GetterSetter. But once we start doing more aggressive constant property inference, this change will allow us to remove all runtime checks from getter/setter calls. * runtime/GetterSetter.cpp: (JSC::GetterSetter::withGetter): (JSC::GetterSetter::withSetter): * runtime/GetterSetter.h: (JSC::GetterSetter::setGetter): (JSC::GetterSetter::setSetter): * runtime/JSObject.cpp: (JSC::JSObject::defineOwnNonIndexProperty): 2014-07-02 Filip Pizlo <fpizlo@apple.com> [ftlopt] Rename notifyTransitionFromThisStructure to didTransitionFromThisStructure Rubber stamped by Mark Hahnenberg. * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::nonPropertyTransition): (JSC::Structure::didTransitionFromThisStructure): (JSC::Structure::notifyTransitionFromThisStructure): Deleted. * runtime/Structure.h: 2014-07-02 Filip Pizlo <fpizlo@apple.com> [ftlopt] Remove the functionality for cloning StructureRareData since we never do that anymore. Rubber stamped by Mark Hahnenberg. * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::cloneRareDataFrom): Deleted. * runtime/Structure.h: * runtime/StructureRareData.cpp: (JSC::StructureRareData::clone): Deleted. (JSC::StructureRareData::StructureRareData): Deleted. * runtime/StructureRareData.h: (JSC::StructureRareData::needsCloning): Deleted. 2014-07-01 Mark Lam <mark.lam@apple.com> [ftlopt] DebuggerCallFrame::scope() should return a DebuggerScope. <https://webkit.org/b/134420> Reviewed by Geoffrey Garen. Previously, DebuggerCallFrame::scope() returns a JSActivation (and relevant peers) which the WebInspector will use to introspect CallFrame variables. Instead, we should be returning a DebuggerScope as an abstraction layer that provides the introspection functionality that the WebInspector needs. This is the first step towards not forcing every frame to have a JSActivation object just because the debugger is enabled. 1. Instantiate the debuggerScopeStructure as a member of the JSGlobalObject instead of the VM. This allows JSObject::globalObject() to be able to return the global object for the DebuggerScope. 2. On the DebuggerScope's life-cycle management: The DebuggerCallFrame is designed to be "valid" only during a debugging session (while the debugger is broken) through the use of a DebuggerCallFrameScope in Debugger::pauseIfNeeded(). Once the debugger resumes from the break, the DebuggerCallFrameScope destructs, and the DebuggerCallFrame will be invalidated. We can't guarantee (from this code alone) that the Inspector code isn't still holding a ref to the DebuggerCallFrame (though they shouldn't), but by contract, the frame will be invalidated, and any attempt to query it will return null values. This is pre-existing behavior. Now, we're adding the DebuggerScope into the picture. While a single debugger pause session is in progress, the Inspector may request the scope from the DebuggerCallFrame. While the DebuggerCallFrame is still valid, we want DebuggerCallFrame::scope() to always return the same DebuggerScope object. This is why we hold on to the DebuggerScope with a strong ref. If we use a weak ref instead, the following cooky behavior can manifest: 1. The Inspector calls Debugger::scope() to get the top scope. 2. The Inspector iterates down the scope chain and is now only holding a reference to a parent scope. It is no longer referencing the top scope. 3. A GC occurs, and the DebuggerCallFrame's weak m_scope ref to the top scope gets cleared. 4. The Inspector calls DebuggerCallFrame::scope() to get the top scope again but gets a different DebuggerScope instance. 5. The Inspector iterates down the scope chain but never sees the parent scope instance that retained a ref to in step 2 above. This is because when iterating this new DebuggerScope instance (which has no knowledge of the previous parent DebuggerScope instance), a new DebuggerScope instance will get created for the same parent scope. Since the DebuggerScope is a JSObject, it's liveness is determined by its reachability. However, it's "validity" is determined by the life-cycle of its owner DebuggerCallFrame. When the owner DebuggerCallFrame gets invalidated, its debugger scope chain (if instantiated) will also get invalidated. This is why we need the DebuggerScope::invalidateChain() method. The Inspector should not be using the DebuggerScope instance after its owner DebuggerCallFrame is invalidated. If it does, those methods will do nothing or returned a failed status. * debugger/Debugger.h: * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::scope): (JSC::DebuggerCallFrame::evaluate): (JSC::DebuggerCallFrame::invalidate): (JSC::DebuggerCallFrame::vm): (JSC::DebuggerCallFrame::lexicalGlobalObject): * debugger/DebuggerCallFrame.h: * debugger/DebuggerScope.cpp: (JSC::DebuggerScope::DebuggerScope): (JSC::DebuggerScope::finishCreation): (JSC::DebuggerScope::visitChildren): (JSC::DebuggerScope::className): (JSC::DebuggerScope::getOwnPropertySlot): (JSC::DebuggerScope::put): (JSC::DebuggerScope::deleteProperty): (JSC::DebuggerScope::getOwnPropertyNames): (JSC::DebuggerScope::defineOwnProperty): (JSC::DebuggerScope::next): (JSC::DebuggerScope::invalidateChain): (JSC::DebuggerScope::isWithScope): (JSC::DebuggerScope::isGlobalScope): (JSC::DebuggerScope::isFunctionScope): * debugger/DebuggerScope.h: (JSC::DebuggerScope::create): (JSC::DebuggerScope::Iterator::Iterator): (JSC::DebuggerScope::Iterator::get): (JSC::DebuggerScope::Iterator::operator++): (JSC::DebuggerScope::Iterator::operator==): (JSC::DebuggerScope::Iterator::operator!=): (JSC::DebuggerScope::isValid): (JSC::DebuggerScope::jsScope): (JSC::DebuggerScope::begin): (JSC::DebuggerScope::end): * inspector/JSJavaScriptCallFrame.cpp: (Inspector::JSJavaScriptCallFrame::scopeType): (Inspector::JSJavaScriptCallFrame::scopeChain): * inspector/JavaScriptCallFrame.h: (Inspector::JavaScriptCallFrame::scopeChain): * inspector/ScriptDebugServer.cpp: * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::reset): (JSC::JSGlobalObject::visitChildren): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::debuggerScopeStructure): * runtime/JSObject.h: (JSC::JSObject::isWithScope): * runtime/JSScope.h: * runtime/VM.cpp: (JSC::VM::VM): * runtime/VM.h: 2014-07-01 Filip Pizlo <fpizlo@apple.com> [ftlopt] DFG bytecode parser should turn PutById with nothing but a Setter stub as stuff+handleCall, and handleCall should be allowed to inline if it wants to https://bugs.webkit.org/show_bug.cgi?id=130756 Reviewed by Oliver Hunt. The enables exposing the call to setters in the DFG, and then inlining it. Previously we already supproted inlined-cached calls to setters from within put_by_id inline caches, and the DFG could certainly emit such IC's. Now, if an IC had a setter call, then the DFG will either emit the GetGetterSetterByOffset/GetSetter/Call combo, or it will do one better and inline the call. A lot of the core functionality was already available from the previous work to inline getters. So, there are some refactorings in this patch that move preexisting functionality around. For example, the work to figure out how the DFG should go about getting to what we call the "loaded value" - i.e. the GetterSetter object reference in the case of accessors - is now shared in ComplexGetStatus, and both GetByIdStatus and PutByIdStatus use it. This means that we can keep the safety checks common. This patch also does additional refactorings in DFG::ByteCodeParser so that we can continue to reuse handleCall() for all of the various kinds of calls we can now emit. 83% speed-up on getter-richards, 2% speed-up on box2d. * CMakeLists.txt: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/ComplexGetStatus.cpp: Added. (JSC::ComplexGetStatus::computeFor): * bytecode/ComplexGetStatus.h: Added. (JSC::ComplexGetStatus::ComplexGetStatus): (JSC::ComplexGetStatus::skip): (JSC::ComplexGetStatus::takesSlowPath): (JSC::ComplexGetStatus::kind): (JSC::ComplexGetStatus::attributes): (JSC::ComplexGetStatus::specificValue): (JSC::ComplexGetStatus::offset): (JSC::ComplexGetStatus::chain): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeForStubInfo): * bytecode/GetByIdVariant.cpp: (JSC::GetByIdVariant::GetByIdVariant): * bytecode/PolymorphicPutByIdList.h: (JSC::PutByIdAccess::PutByIdAccess): (JSC::PutByIdAccess::setter): (JSC::PutByIdAccess::structure): (JSC::PutByIdAccess::chainCount): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): (JSC::PutByIdStatus::computeFor): (JSC::PutByIdStatus::computeForStubInfo): (JSC::PutByIdStatus::makesCalls): * bytecode/PutByIdStatus.h: (JSC::PutByIdStatus::makesCalls): Deleted. * bytecode/PutByIdVariant.cpp: (JSC::PutByIdVariant::PutByIdVariant): (JSC::PutByIdVariant::operator=): (JSC::PutByIdVariant::replace): (JSC::PutByIdVariant::transition): (JSC::PutByIdVariant::setter): (JSC::PutByIdVariant::writesStructures): (JSC::PutByIdVariant::reallocatesStorage): (JSC::PutByIdVariant::makesCalls): (JSC::PutByIdVariant::dumpInContext): * bytecode/PutByIdVariant.h: (JSC::PutByIdVariant::PutByIdVariant): (JSC::PutByIdVariant::structure): (JSC::PutByIdVariant::oldStructure): (JSC::PutByIdVariant::alternateBase): (JSC::PutByIdVariant::specificValue): (JSC::PutByIdVariant::callLinkStatus): (JSC::PutByIdVariant::replace): Deleted. (JSC::PutByIdVariant::transition): Deleted. * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::addCallWithoutSettingResult): (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseBlock): * jit/Repatch.cpp: (JSC::tryCachePutByID): (JSC::tryBuildPutByIdList): * runtime/IntendedStructureChain.cpp: (JSC::IntendedStructureChain::takesSlowPathInDFGForImpureProperty): * runtime/IntendedStructureChain.h: * tests/stress/exit-from-setter.js: Added. * tests/stress/poly-chain-setter.js: Added. (Cons): (foo): (test): * tests/stress/poly-chain-then-setter.js: Added. (Cons1): (Cons2): (foo): (test): * tests/stress/poly-setter-combo.js: Added. (Cons1): (Cons2): (foo): (test): (.test): * tests/stress/poly-setter-then-self.js: Added. (foo): (test): (.test): * tests/stress/weird-setter-counter.js: Added. (foo): (test): * tests/stress/weird-setter-counter-syntactic.js: Added. (foo): (test): 2014-07-01 Matthew Mirman <mmirman@apple.com> Added an implementation of the "in" check to FTL. https://bugs.webkit.org/show_bug.cgi?id=134508 Reviewed by Filip Pizlo. * ftl/FTLCapabilities.cpp: enabled compilation for "in" (JSC::FTL::canCompile): ditto * ftl/FTLCompile.cpp: (JSC::FTL::generateCheckInICFastPath): added. (JSC::FTL::fixFunctionBasedOnStackMaps): added case for CheckIn descriptors. * ftl/FTLInlineCacheDescriptor.h: (JSC::FTL::CheckInGenerator::CheckInGenerator): added. (JSC::FTL::CheckInDescriptor::CheckInDescriptor): added. * ftl/FTLInlineCacheSize.cpp: (JSC::FTL::sizeOfCheckIn): added. Currently larger than necessary. * ftl/FTLInlineCacheSize.h: ditto * ftl/FTLIntrinsicRepository.h: Added function type for operationInGeneric * ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::LowerDFGToLLVM::compileNode): added case for In. (JSC::FTL::LowerDFGToLLVM::compileIn): added. * ftl/FTLSlowPathCall.cpp: Added a callOperation for operationIn (JSC::FTL::callOperation): ditto * ftl/FTLSlowPathCall.h: ditto * ftl/FTLState.h: Added a vector to hold CheckIn descriptors. * jit/JITOperations.h: made operationIns internal. * tests/stress/ftl-checkin.js: Added. * tests/stress/ftl-checkin-variable.js: Added. 2014-06-30 Mark Hahnenberg <mhahnenberg@apple.com> CodeBlock::stronglyVisitWeakReferences should mark DFG::CommonData::weakStructureReferences https://bugs.webkit.org/show_bug.cgi?id=134455 Reviewed by Geoffrey Garen. Otherwise we get hanging pointers which can cause us to die later. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::stronglyVisitWeakReferences): 2014-06-27 Filip Pizlo <fpizlo@apple.com> [ftlopt] Reduce the GC's influence on optimization decisions https://bugs.webkit.org/show_bug.cgi?id=134427 Reviewed by Oliver Hunt. This is a slight speed-up on some platforms, that arises from a bunch of fixes that I made while trying to make the GC keep more structures alive (https://bugs.webkit.org/show_bug.cgi?id=128072). The fixes are, roughly: - If the GC clears an inline cache, then this no longer causes the IC to be forever polymorphic. - If we exit in inlined code into a function that tries to OSR enter, then we jettison sooner. - Some variables being uninitialized led to rage-recompilations. This is a pretty strong step in the direction of keeping more Structures alive and not blowing away code just because a Structure died. But, it seems like there is still a slight speed-up to be had from blowing away code that references dead Structures. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpAssumingJITType): (JSC::shouldMarkTransition): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::determineLiveness): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeForStubInfo): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeForStubInfo): * dfg/DFGCapabilities.cpp: (JSC::DFG::isSupportedForInlining): (JSC::DFG::mightInlineFunctionForCall): (JSC::DFG::mightInlineFunctionForClosureCall): (JSC::DFG::mightInlineFunctionForConstruct): * dfg/DFGCapabilities.h: * dfg/DFGCommonData.h: * dfg/DFGDesiredWeakReferences.cpp: (JSC::DFG::DesiredWeakReferences::reallyAdd): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareOSREntry): * dfg/DFGOSRExitCompilerCommon.cpp: (JSC::DFG::handleExitCounts): * dfg/DFGOperations.cpp: * dfg/DFGOperations.h: * ftl/FTLForOSREntryJITCode.cpp: (JSC::FTL::ForOSREntryJITCode::ForOSREntryJITCode): These variables being uninitialized is benign in terms of correctness but can sometimes cause rage-recompilations. For some reason it took this patch to reveal this. * ftl/FTLOSREntry.cpp: (JSC::FTL::prepareOSREntry): * runtime/Executable.cpp: (JSC::ExecutableBase::destroy): (JSC::NativeExecutable::destroy): (JSC::ScriptExecutable::ScriptExecutable): (JSC::ScriptExecutable::destroy): (JSC::ScriptExecutable::installCode): (JSC::EvalExecutable::EvalExecutable): (JSC::ProgramExecutable::ProgramExecutable): * runtime/Executable.h: (JSC::ScriptExecutable::setDidTryToEnterInLoop): (JSC::ScriptExecutable::didTryToEnterInLoop): (JSC::ScriptExecutable::addressOfDidTryToEnterInLoop): (JSC::ScriptExecutable::ScriptExecutable): Deleted. * runtime/StructureInlines.h: (JSC::Structure::storedPrototypeObject): (JSC::Structure::storedPrototypeStructure): 2014-06-25 Filip Pizlo <fpizlo@apple.com> [ftlopt] If a CodeBlock is jettisoned due to a watchpoint then it should be possible to figure out something about that watchpoint https://bugs.webkit.org/show_bug.cgi?id=134333 Reviewed by Geoffrey Garen. This is engineered to provide loads of information to the profiler without incurring any costs when the profiler is disabled. It's the oldest trick in the book: the thing that fires the watchpoint doesn't actually create anything to describe the reason why it was fired; instead it creates a stack-allocated FireDetail subclass instance. Only if the FireDetail::dump() virtual method is called does anything happen. Currently we use this to produce very fine-grained data for Structure watchpoints and some cases of variable watchpoints. For all other situations, the given reason is just a string constant, by using StringFireDetail. If we find a situation where that string constant is insufficient to diagnose an issue then we can change it to provide more fine-grained information. * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::jettison): * bytecode/CodeBlock.h: * bytecode/CodeBlockJettisoningWatchpoint.cpp: (JSC::CodeBlockJettisoningWatchpoint::fireInternal): * bytecode/CodeBlockJettisoningWatchpoint.h: * bytecode/ProfiledCodeBlockJettisoningWatchpoint.cpp: Removed. * bytecode/ProfiledCodeBlockJettisoningWatchpoint.h: Removed. * bytecode/StructureStubClearingWatchpoint.cpp: (JSC::StructureStubClearingWatchpoint::fireInternal): * bytecode/StructureStubClearingWatchpoint.h: * bytecode/VariableWatchpointSet.h: (JSC::VariableWatchpointSet::invalidate): (JSC::VariableWatchpointSet::finalizeUnconditionally): * bytecode/VariableWatchpointSetInlines.h: (JSC::VariableWatchpointSet::notifyWrite): * bytecode/Watchpoint.cpp: (JSC::StringFireDetail::dump): (JSC::WatchpointSet::fireAll): (JSC::WatchpointSet::fireAllSlow): (JSC::WatchpointSet::fireAllWatchpoints): (JSC::InlineWatchpointSet::fireAll): * bytecode/Watchpoint.h: (JSC::FireDetail::FireDetail): (JSC::FireDetail::~FireDetail): (JSC::StringFireDetail::StringFireDetail): (JSC::Watchpoint::fire): (JSC::WatchpointSet::fireAll): (JSC::WatchpointSet::touch): (JSC::WatchpointSet::invalidate): (JSC::InlineWatchpointSet::fireAll): (JSC::InlineWatchpointSet::touch): * dfg/DFGCommonData.h: * dfg/DFGOperations.cpp: * interpreter/Interpreter.cpp: (JSC::Interpreter::execute): * jsc.cpp: (WTF::Masquerader::create): * profiler/ProfilerCompilation.cpp: (JSC::Profiler::Compilation::setJettisonReason): (JSC::Profiler::Compilation::toJS): * profiler/ProfilerCompilation.h: (JSC::Profiler::Compilation::setJettisonReason): Deleted. * runtime/ArrayBuffer.cpp: (JSC::ArrayBuffer::transfer): * runtime/ArrayBufferNeuteringWatchpoint.cpp: (JSC::ArrayBufferNeuteringWatchpoint::fireAll): * runtime/ArrayBufferNeuteringWatchpoint.h: * runtime/CommonIdentifiers.h: * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): * runtime/Identifier.cpp: (JSC::Identifier::dump): * runtime/Identifier.h: * runtime/JSFunction.cpp: (JSC::JSFunction::put): (JSC::JSFunction::defineOwnProperty): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::addFunction): (JSC::JSGlobalObject::haveABadTime): * runtime/JSSymbolTableObject.cpp: (JSC::VariableWriteFireDetail::dump): * runtime/JSSymbolTableObject.h: (JSC::VariableWriteFireDetail::VariableWriteFireDetail): (JSC::symbolTablePut): (JSC::symbolTablePutWithAttributes): * runtime/PropertyName.h: (JSC::PropertyName::dump): * runtime/Structure.cpp: (JSC::Structure::notifyTransitionFromThisStructure): * runtime/Structure.h: (JSC::Structure::notifyTransitionFromThisStructure): Deleted. * runtime/SymbolTable.cpp: (JSC::SymbolTableEntry::notifyWriteSlow): (JSC::SymbolTable::WatchpointCleanup::finalizeUnconditionally): * runtime/SymbolTable.h: (JSC::SymbolTableEntry::notifyWrite): * runtime/VM.cpp: (JSC::VM::addImpureProperty): Source/WebCore: 2014-07-01 Mark Lam <mark.lam@apple.com> [ftlopt] DebuggerCallFrame::scope() should return a DebuggerScope. <https://webkit.org/b/134420> Reviewed by Geoffrey Garen. No new tests. * ForwardingHeaders/debugger/DebuggerCallFrame.h: Removed. - This is not in use. Hence, we can remove it. * bindings/js/ScriptController.cpp: (WebCore::ScriptController::attachDebugger): - We should acquire the JSLock before modifying a JS global object. 2014-06-25 Filip Pizlo <fpizlo@apple.com> [ftlopt] If a CodeBlock is jettisoned due to a watchpoint then it should be possible to figure out something about that watchpoint https://bugs.webkit.org/show_bug.cgi?id=134333 Reviewed by Geoffrey Garen. No new tests because no change in behavior. * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): Tools: 2014-06-25 Filip Pizlo <fpizlo@apple.com> [ftlopt] If a CodeBlock is jettisoned due to a watchpoint then it should be possible to figure out something about that watchpoint https://bugs.webkit.org/show_bug.cgi?id=134333 Reviewed by Geoffrey Garen. * Scripts/display-profiler-output: LayoutTests: 2014-07-16 Mark Hahnenberg <mhahnenberg@apple.com> sputnik/Implementation_Diagnostics/S12.6.4_D1.html depends on undefined behavior https://bugs.webkit.org/show_bug.cgi?id=135007 Reviewed by Filip Pizlo. EcmaScript 5.1 specifies that during for-in enumeration newly added properties may or may not be visited during the current enumeration. Specifically, in section 12.6.4 the spec states: "If new properties are added to the object being enumerated during enumeration, the newly added properties are not guaranteed to be visited in the active enumeration." The sputnik/Implementation_Diagnostics/S12.6.4_D1.html layout test is from before sputnik was added to the test262 suite. I believe it has since been removed, so it would probably be okay to remove it from our layout test suite. * sputnik/Implementation_Diagnostics/S12.6.4_D1-expected.txt: Removed. * sputnik/Implementation_Diagnostics/S12.6.4_D1.html: Removed. 2014-07-13 Filip Pizlo <fpizlo@apple.com> [ftlopt] DFG should be able to do GCSE in SSA and this should be unified with the CSE in CPS, and both of these things should use abstract heaps for reasoning about effects https://bugs.webkit.org/show_bug.cgi?id=134677 Reviewed by Sam Weinig. * js/regress/gcse-expected.txt: Added. * js/regress/gcse-poly-get-expected.txt: Added. * js/regress/gcse-poly-get-less-obvious-expected.txt: Added. * js/regress/gcse-poly-get-less-obvious.html: Added. * js/regress/gcse-poly-get.html: Added. * js/regress/gcse.html: Added. * js/regress/script-tests/gcse-poly-get-less-obvious.js: Added. * js/regress/script-tests/gcse-poly-get.js: Added. * js/regress/script-tests/gcse.js: Added. 2014-07-04 Filip Pizlo <fpizlo@apple.com> [ftlopt] Infer immutable object properties https://bugs.webkit.org/show_bug.cgi?id=134567 Reviewed by Mark Hahnenberg. * js/regress/infer-constant-global-property-expected.txt: Added. * js/regress/infer-constant-global-property.html: Added. * js/regress/infer-constant-property-expected.txt: Added. * js/regress/infer-constant-property.html: Added. * js/regress/script-tests/infer-constant-global-property.js: Added. * js/regress/script-tests/infer-constant-property.js: Added. Canonical link: https://commits.webkit.org/153499@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@172129 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2014-08-06 05:27:46 +00:00
if (verbose)
dataLogF("Don't have assignment info for offset:%u\n", bytecodeOffset);
startDivot = UINT_MAX;
endDivot = UINT_MAX;
return false;
}
Shrink UnlinkedCodeBlock a bit. <https://webkit.org/b/154797> Reviewed by Anders Carlsson. Move profiler-related members of UnlinkedCodeBlock into its RareData structure, saving 40 bytes, and then reorder the other members of UnlinkedCodeBlock to save another 24 bytes, netting a nice total 64. The VM member was removed entirely since UnlinkedCodeBlock is a cell and can retrieve its VM through MarkedBlock header lookup. * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::vm): (JSC::UnlinkedCodeBlock::typeProfilerExpressionInfoForBytecodeOffset): (JSC::UnlinkedCodeBlock::addTypeProfilerExpressionInfo): (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): Deleted. * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::addRegExp): (JSC::UnlinkedCodeBlock::addConstant): (JSC::UnlinkedCodeBlock::addFunctionDecl): (JSC::UnlinkedCodeBlock::addFunctionExpr): (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets): (JSC::UnlinkedCodeBlock::vm): Deleted. Canonical link: https://commits.webkit.org/172901@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@197303 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2016-02-28 22:21:54 +00:00
RareData::TypeProfilerExpressionRange& range = iter->value;
Merge r170564, r170571, r170604, r170628, r170672, r170680, r170724, r170728, r170729, r170819, r170821, r170836, r170855, r170860, r170890, r170907, r170929, r171052, r171106, r171152, r171153, r171214 from ftlopt. Source/JavaScriptCore: This part of the merge delivers roughly a 2% across-the-board performance improvement, mostly due to immutable property inference and DFG-side GCSE. It also almost completely resolves accessor performance issues; in the common case the DFG will compile a getter/setter access into code that is just as efficient as a normal property access. Another major highlight of this part of the merge is the work to add a type profiler to the inspector. This work is still on-going but this greatly increases coverage. Note that this merge fixes a minor bug in the GetterSetter refactoring from http://trac.webkit.org/changeset/170729 (https://bugs.webkit.org/show_bug.cgi?id=134518). It also adds a new tests to tests/stress to cover that bug. That bug was previously only covered by layout tests. 2014-07-17 Filip Pizlo <fpizlo@apple.com> [ftlopt] DFG Flush(SetLocal) store elimination is overzealous for captured variables in the presence of nodes that have no effects but may throw (merge trunk r171190) https://bugs.webkit.org/show_bug.cgi?id=135019 Reviewed by Oliver Hunt. Behaviorally, this is just a merge of trunk r171190, except that the relevant functionality has moved to StrengthReductionPhase and is written in a different style. Same algorithm, different code. * dfg/DFGNodeType.h: * dfg/DFGStrengthReductionPhase.cpp: (JSC::DFG::StrengthReductionPhase::handleNode): * tests/stress/capture-escape-and-throw.js: Added. (foo.f): (foo): * tests/stress/new-array-with-size-throw-exception-and-tear-off-arguments.js: Added. (foo): (bar): 2014-07-15 Filip Pizlo <fpizlo@apple.com> [ftlopt] Constant fold GetGetter and GetSetter if the GetterSetter is a constant https://bugs.webkit.org/show_bug.cgi?id=134962 Reviewed by Oliver Hunt. This removes yet another steady-state-throughput implication of using getters and setters: if your accessor call is monomorphic then you'll just get a structure check, nothing more. No more loads to get to the GetterSetter object or the accessor function object. * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): * runtime/GetterSetter.h: (JSC::GetterSetter::getterConcurrently): (JSC::GetterSetter::setGetter): (JSC::GetterSetter::setterConcurrently): (JSC::GetterSetter::setSetter): 2014-07-15 Filip Pizlo <fpizlo@apple.com> [ftlopt] Identity replacement in CSE shouldn't create a Phantom over the Identity's children https://bugs.webkit.org/show_bug.cgi?id=134893 Reviewed by Oliver Hunt. Replace Identity with Check instead of Phantom. Phantom means that the child of the Identity should be unconditionally live. The liveness semantics of Identity are such that if the parents of Identity are live then the child is live. Removing the Identity entirely preserves such liveness semantics. So, the only thing that should be left behind is the type check on the child, which is what Check means: do the check but don't keep the child alive if the check isn't needed. * dfg/DFGCSEPhase.cpp: * dfg/DFGNode.h: (JSC::DFG::Node::convertToCheck): 2014-07-13 Filip Pizlo <fpizlo@apple.com> [ftlopt] DFG should be able to do GCSE in SSA and this should be unified with the CSE in CPS, and both of these things should use abstract heaps for reasoning about effects https://bugs.webkit.org/show_bug.cgi?id=134677 Reviewed by Sam Weinig. This removes the old local CSE phase, which was based on manually written backward-search rules for all of the different kinds of things we cared about, and adds a new local/global CSE (local for CPS and global for SSA) that leaves the node semantics almost entirely up to clobberize(). Thus, the CSE phase itself just worries about the algorithms and data structures used for storing sets of available values. This results in a large reduction in code size in CSEPhase.cpp while greatly increasing the phase's power (since it now does global CSE) and reducing compile time (since local CSE is now rewritten to use smarter data structures). Even though LLVM was already running GVN, the extra GCSE at DFG IR level means that this is a significant (~0.7%) throughput improvement. This work is based on the concept of "def" to clobberize(). If clobberize() calls def(), it means that the node being analyzed makes available some value in some DFG node, and that future attempts to compute that value can simply use that node. In other words, it establishes an available value mapping of the form value=>node. There are two kinds of values that can be passed to def(): PureValue. This captures everything needed to determine whether two pure nodes - nodes that neither read nor write, and produce a value that is a CSE candidate - are identical. It carries the NodeType, an AdjacencyList, and one word of meta-data. The meta-data is usually used for things like the arithmetic mode or constant pointer. Passing a PureValue to def() means that the node produces a value that is valid anywhere that the node dominates. HeapLocation. This describes a location in the heap that could be written to or read from. Both stores and loads can def() a HeapLocation. HeapLocation carries around an abstract heap that both serves as part of the "name" of the heap location (together with the other fields of HeapLocation) and also tells us what write()'s to watch for. If someone write()'s to an abstract heap that overlaps the heap associated with the HeapLocation, then it means that the values for that location are no longer available. This approach is sufficiently clever that the CSEPhase itself can focus on the mechanism of tracking the PureValue=>node and HeapLocation=>node maps, without having to worry about interpreting the semantics of different DFG node types - that is now almost entirely in clobberize(). The only things we special-case inside CSEPhase are the Identity node, which CSE is traditionally responsible for eliminating even though it has nothing to do with CSE, and the LocalCSE rule for turning PutByVal into PutByValAlias. This is a slight Octane, SunSpider, and Kraken speed-up - all somewhere arond 0.7% . It's not a bigger win because LLVM was already giving us most of what we needed in its GVN. Also, the SunSpider speed-up isn't from GCSE as much as it's a clean-up of local CSE - that is no longer O(n^2). Basically this is purely good: it reduces the amount of LLVM IR we generate, it removes the old CSE's heap modeling (which was a constant source of bugs), and it improves both the quality of the code we generate and the speed with which we generate it. Also, any future optimizations that depend on GCSE will now be easier to implement. During the development of this patch I also rationalized some other stuff, like Graph's ordered traversals - we now have preorder and postorder rather than just "depth first". * CMakeLists.txt: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.xcodeproj/project.pbxproj: * dfg/DFGAbstractHeap.h: * dfg/DFGAdjacencyList.h: (JSC::DFG::AdjacencyList::hash): (JSC::DFG::AdjacencyList::operator==): * dfg/DFGBasicBlock.h: * dfg/DFGCSEPhase.cpp: (JSC::DFG::performLocalCSE): (JSC::DFG::performGlobalCSE): (JSC::DFG::CSEPhase::CSEPhase): Deleted. (JSC::DFG::CSEPhase::run): Deleted. (JSC::DFG::CSEPhase::endIndexForPureCSE): Deleted. (JSC::DFG::CSEPhase::pureCSE): Deleted. (JSC::DFG::CSEPhase::constantCSE): Deleted. (JSC::DFG::CSEPhase::constantStoragePointerCSE): Deleted. (JSC::DFG::CSEPhase::getCalleeLoadElimination): Deleted. (JSC::DFG::CSEPhase::getArrayLengthElimination): Deleted. (JSC::DFG::CSEPhase::globalVarLoadElimination): Deleted. (JSC::DFG::CSEPhase::scopedVarLoadElimination): Deleted. (JSC::DFG::CSEPhase::varInjectionWatchpointElimination): Deleted. (JSC::DFG::CSEPhase::getByValLoadElimination): Deleted. (JSC::DFG::CSEPhase::checkFunctionElimination): Deleted. (JSC::DFG::CSEPhase::checkExecutableElimination): Deleted. (JSC::DFG::CSEPhase::checkStructureElimination): Deleted. (JSC::DFG::CSEPhase::structureTransitionWatchpointElimination): Deleted. (JSC::DFG::CSEPhase::getByOffsetLoadElimination): Deleted. (JSC::DFG::CSEPhase::getGetterSetterByOffsetLoadElimination): Deleted. (JSC::DFG::CSEPhase::getPropertyStorageLoadElimination): Deleted. (JSC::DFG::CSEPhase::checkArrayElimination): Deleted. (JSC::DFG::CSEPhase::getIndexedPropertyStorageLoadElimination): Deleted. (JSC::DFG::CSEPhase::getInternalFieldLoadElimination): Deleted. (JSC::DFG::CSEPhase::getMyScopeLoadElimination): Deleted. (JSC::DFG::CSEPhase::getLocalLoadElimination): Deleted. (JSC::DFG::CSEPhase::invalidationPointElimination): Deleted. (JSC::DFG::CSEPhase::setReplacement): Deleted. (JSC::DFG::CSEPhase::eliminate): Deleted. (JSC::DFG::CSEPhase::performNodeCSE): Deleted. (JSC::DFG::CSEPhase::performBlockCSE): Deleted. (JSC::DFG::performCSE): Deleted. * dfg/DFGCSEPhase.h: * dfg/DFGClobberSet.cpp: (JSC::DFG::addReads): (JSC::DFG::addWrites): (JSC::DFG::addReadsAndWrites): (JSC::DFG::readsOverlap): (JSC::DFG::writesOverlap): * dfg/DFGClobberize.cpp: (JSC::DFG::doesWrites): (JSC::DFG::accessesOverlap): (JSC::DFG::writesOverlap): * dfg/DFGClobberize.h: (JSC::DFG::clobberize): (JSC::DFG::NoOpClobberize::operator()): (JSC::DFG::CheckClobberize::operator()): (JSC::DFG::ReadMethodClobberize::ReadMethodClobberize): (JSC::DFG::ReadMethodClobberize::operator()): (JSC::DFG::WriteMethodClobberize::WriteMethodClobberize): (JSC::DFG::WriteMethodClobberize::operator()): (JSC::DFG::DefMethodClobberize::DefMethodClobberize): (JSC::DFG::DefMethodClobberize::operator()): * dfg/DFGDCEPhase.cpp: (JSC::DFG::DCEPhase::run): (JSC::DFG::DCEPhase::fixupBlock): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::getBlocksInPreOrder): (JSC::DFG::Graph::getBlocksInPostOrder): (JSC::DFG::Graph::addForDepthFirstSort): Deleted. (JSC::DFG::Graph::getBlocksInDepthFirstOrder): Deleted. * dfg/DFGGraph.h: * dfg/DFGHeapLocation.cpp: Added. (JSC::DFG::HeapLocation::dump): (WTF::printInternal): * dfg/DFGHeapLocation.h: Added. (JSC::DFG::HeapLocation::HeapLocation): (JSC::DFG::HeapLocation::operator!): (JSC::DFG::HeapLocation::kind): (JSC::DFG::HeapLocation::heap): (JSC::DFG::HeapLocation::base): (JSC::DFG::HeapLocation::index): (JSC::DFG::HeapLocation::hash): (JSC::DFG::HeapLocation::operator==): (JSC::DFG::HeapLocation::isHashTableDeletedValue): (JSC::DFG::HeapLocationHash::hash): (JSC::DFG::HeapLocationHash::equal): * dfg/DFGLICMPhase.cpp: (JSC::DFG::LICMPhase::run): * dfg/DFGNode.h: (JSC::DFG::Node::replaceWith): (JSC::DFG::Node::convertToPhantomUnchecked): Deleted. * dfg/DFGPlan.cpp: (JSC::DFG::Plan::compileInThreadImpl): * dfg/DFGPureValue.cpp: Added. (JSC::DFG::PureValue::dump): * dfg/DFGPureValue.h: Added. (JSC::DFG::PureValue::PureValue): (JSC::DFG::PureValue::operator!): (JSC::DFG::PureValue::op): (JSC::DFG::PureValue::children): (JSC::DFG::PureValue::info): (JSC::DFG::PureValue::hash): (JSC::DFG::PureValue::operator==): (JSC::DFG::PureValue::isHashTableDeletedValue): (JSC::DFG::PureValueHash::hash): (JSC::DFG::PureValueHash::equal): * dfg/DFGSSAConversionPhase.cpp: (JSC::DFG::SSAConversionPhase::run): * ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::LowerDFGToLLVM::lower): 2014-07-13 Filip Pizlo <fpizlo@apple.com> Unreviewed, revert unintended change in r171051. * dfg/DFGCSEPhase.cpp: 2014-07-08 Filip Pizlo <fpizlo@apple.com> [ftlopt] Move Flush(SetLocal) store elimination to StrengthReductionPhase https://bugs.webkit.org/show_bug.cgi?id=134739 Reviewed by Mark Hahnenberg. I'm going to streamline CSE around clobberize() as part of https://bugs.webkit.org/show_bug.cgi?id=134677, and so Flush(SetLocal) store elimination wouldn't belong in CSE anymore. It doesn't quite belong anywhere, which means that it belongs in StrengthReductionPhase, since that's intended to be our dumping ground. To do this I had to add some missing smarts to clobberize(). Previously clobberize() could play a bit loose with reads of Variables because it wasn't used for store elimination. The main client of read() was LICM, but it would only use it to determine hoistability and anything that did a write() was not hoistable - so, we had benign (but still wrong) missing read() calls in places that did write()s. This fixes a bunch of those cases. * dfg/DFGCSEPhase.cpp: (JSC::DFG::CSEPhase::performNodeCSE): (JSC::DFG::CSEPhase::setLocalStoreElimination): Deleted. * dfg/DFGClobberize.cpp: (JSC::DFG::accessesOverlap): * dfg/DFGClobberize.h: (JSC::DFG::clobberize): Make clobberize() smart enough for detecting when this store elimination would be sound. * dfg/DFGStrengthReductionPhase.cpp: (JSC::DFG::StrengthReductionPhase::handleNode): Implement the store elimination in terms of clobberize(). 2014-07-08 Filip Pizlo <fpizlo@apple.com> [ftlopt] Phantom simplification should be in its own phase https://bugs.webkit.org/show_bug.cgi?id=134742 Reviewed by Geoffrey Garen. This moves Phantom simplification out of CSE, which greatly simplifies CSE and gives it more focus. Also this finally adds a phase that removes empty Phantoms. We sort of had this in CPSRethreading, but that phase runs too infrequently and doesn't run at all for SSA. * CMakeLists.txt: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.xcodeproj/project.pbxproj: * dfg/DFGAdjacencyList.h: * dfg/DFGCSEPhase.cpp: (JSC::DFG::CSEPhase::run): (JSC::DFG::CSEPhase::setReplacement): (JSC::DFG::CSEPhase::eliminate): (JSC::DFG::CSEPhase::performNodeCSE): (JSC::DFG::CSEPhase::eliminateIrrelevantPhantomChildren): Deleted. * dfg/DFGPhantomRemovalPhase.cpp: Added. (JSC::DFG::PhantomRemovalPhase::PhantomRemovalPhase): (JSC::DFG::PhantomRemovalPhase::run): (JSC::DFG::performCleanUp): * dfg/DFGPhantomRemovalPhase.h: Added. * dfg/DFGPlan.cpp: (JSC::DFG::Plan::compileInThreadImpl): 2014-07-08 Filip Pizlo <fpizlo@apple.com> [ftlopt] Get rid of Node::misc by moving the fields out of the union so that you can use replacement and owner simultaneously https://bugs.webkit.org/show_bug.cgi?id=134730 Reviewed by Mark Lam. This will allow for a better GCSE implementation. * dfg/DFGCPSRethreadingPhase.cpp: (JSC::DFG::CPSRethreadingPhase::canonicalizeGetLocalFor): * dfg/DFGCSEPhase.cpp: (JSC::DFG::CSEPhase::setReplacement): * dfg/DFGEdgeDominates.h: (JSC::DFG::EdgeDominates::operator()): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::clearReplacements): (JSC::DFG::Graph::initializeNodeOwners): * dfg/DFGGraph.h: (JSC::DFG::Graph::performSubstitutionForEdge): * dfg/DFGLICMPhase.cpp: (JSC::DFG::LICMPhase::attemptHoist): * dfg/DFGNode.h: (JSC::DFG::Node::Node): * dfg/DFGSSAConversionPhase.cpp: (JSC::DFG::SSAConversionPhase::run): 2014-07-04 Filip Pizlo <fpizlo@apple.com> [ftlopt] Infer immutable object properties https://bugs.webkit.org/show_bug.cgi?id=134567 Reviewed by Mark Hahnenberg. This introduces a new way of inferring immutable object properties. A property is said to be immutable if after its creation (i.e. the transition that creates it), we never overwrite it (i.e. replace it) or delete it. Immutability is a property of an "own property" - so if we say that "f" is immutable at "o" then we are implying that "o" has "f" directly and not on a prototype. More specifically, the immutability inference will prove that a property on some structure is immutable. This means that, for example, we may have a structure S1 with property "f" where we claim that "f" at S1 is immutable, but S1 has a transition to S2 that adds a new property "g" and we may claim that "f" at S2 is actually mutable. This is mainly for convenience; it allows us to decouple immutability logic from transition logic. Immutability can be used to constant-fold accesses to objects at DFG-time. The DFG needs to prove the following to constant-fold the access: - The base of the access must be a constant object pointer. We prove that a property at a structure is immutable, but that says nothing of its value; each actual instance of that property may have a different value. So, a constant object pointer is needed to get an actual constant instance of the immutable value. - A check (or watchpoint) must have been emitted proving that the object has a structure that allows loading the property in question. - The replacement watchpoint set of the property in the structure that we've proven the object to have is still valid and we add a watchpoint to it lazily. The replacement watchpoint set is the key new mechanism that this change adds. It's possible that we have proven that the object has one of many structures, in which case each of those structures needs a valid replacement watchpoint set. The replacement watchpoint set is created the first time that any access to the property is cached. A put replace cache will create, and immediately invalidate, the watchpoint set. A get cache will create the watchpoint set and make it start watching. Any non-cached put access will invalidate the watchpoint set if one had been created; the underlying algorithm ensures that checking for the existence of a replacement watchpoint set is very fast in the common case. This algorithm ensures that no cached access needs to ever do any work to invalidate, or check the validity of, any replacement watchpoint sets. It also has some other nice properties: - It's very robust in its definition of immutability. The strictest that it will ever be is that for any instance of the object, the property must be written to only once, specifically at the time that the property is created. But it's looser than this in practice. For example, the property may be written to any number of times before we add the final property that the object will have before anyone reads the property; this works since for optimization purposes we only care if we detect immutability on the structure that the object will have when it is most frequently read from, not any previous structure that the object had. Also, we may write to the property any number of times before anyone caches accesses to it. - It is mostly orthogonal to structure transitions. No new structures need to be created to track the immutability of a property. Hence, there is no risk from this feature causing more polymorphism. This is different from the previous "specificValue" constant inference, which did cause additional structures to be created and sometimes those structures led to fake polymorphism. This feature does leverage existing transitions to do some of the watchpointing: property deletions don't fire the replacement watchpoint set because that would cause a new structure and so the mandatory structure check would fail. Also, this feature is guaranteed to never kick in for uncacheable dictionaries because those wouldn't allow for cacheable accesses - and it takes a cacheable access for this feature to be enabled. - No memory overhead is incurred except when accesses to the property are cached. Dictionary properties will typically have no meta-data for immutability. The number of replacement watchpoint sets we allocate is proportional to the number of inline caches in the program, which is typically must smaller than the number of structures or even the number of objects. This inference is far more powerful than the previous "specificValue" inference, so this change also removes all of that code. It's interesting that the amount of code that is changed to remove that feature is almost as big as the amount of code added to support the new inference - and that's if you include the new tests in the tally. Without new tests, it appears that the new feature actually touches less code! There is one corner case where the previous "specificValue" inference was more powerful. You can imagine someone creating objects with functions as self properties on those objects, such that each object instance had the same function pointers - essentially, someone might be trying to create a vtable but failing at the whole "one vtable for many instances" concept. The "specificValue" inference would do very well for such programs, because a structure check would be sufficient to prove a constant value for all of the function properties. This new inference will fail because it doesn't track the constant values of constant properties; instead it detects the immutability of otherwise variable properties (in the sense that each instance of the property may have a different value). So, the new inference requires having a particular object instance to actually get the constant value. I think it's OK to lose this antifeature. It took a lot of code to support and was a constant source of grief in our transition logic, and there doesn't appear to be any real evidence that programs benefited from that particular kind of inference since usually it's the singleton prototype instance that has all of the functions. This change is a speed-up on everything. date-format-xparb and both SunSpider/raytrace and V8/raytrace seem to be the biggest winners among the macrobenchmarks; they see >5% speed-ups. Many of our microbenchmarks see very large performance improvements, even 80% in one case. * bytecode/ComplexGetStatus.cpp: (JSC::ComplexGetStatus::computeFor): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): (JSC::GetByIdStatus::computeForStubInfo): (JSC::GetByIdStatus::computeFor): * bytecode/GetByIdVariant.cpp: (JSC::GetByIdVariant::GetByIdVariant): (JSC::GetByIdVariant::operator=): (JSC::GetByIdVariant::attemptToMerge): (JSC::GetByIdVariant::dumpInContext): * bytecode/GetByIdVariant.h: (JSC::GetByIdVariant::alternateBase): (JSC::GetByIdVariant::specificValue): Deleted. * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeForStubInfo): (JSC::PutByIdStatus::computeFor): * bytecode/PutByIdVariant.cpp: (JSC::PutByIdVariant::operator=): (JSC::PutByIdVariant::setter): (JSC::PutByIdVariant::dumpInContext): * bytecode/PutByIdVariant.h: (JSC::PutByIdVariant::specificValue): Deleted. * bytecode/Watchpoint.cpp: (JSC::WatchpointSet::fireAllSlow): (JSC::WatchpointSet::fireAll): Deleted. * bytecode/Watchpoint.h: (JSC::WatchpointSet::fireAll): * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleGetByOffset): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseBlock): * dfg/DFGConstantFoldingPhase.cpp: (JSC::DFG::ConstantFoldingPhase::emitGetByOffset): * dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::isStringPrototypeMethodSane): (JSC::DFG::FixupPhase::canOptimizeStringObjectAccess): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::tryGetConstantProperty): (JSC::DFG::Graph::visitChildren): * dfg/DFGGraph.h: * dfg/DFGWatchableStructureWatchingPhase.cpp: (JSC::DFG::WatchableStructureWatchingPhase::run): * ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::LowerDFGToLLVM::compileMultiGetByOffset): * jit/JITOperations.cpp: * jit/Repatch.cpp: (JSC::repatchByIdSelfAccess): (JSC::generateByIdStub): (JSC::tryCacheGetByID): (JSC::tryCachePutByID): (JSC::tryBuildPutByIdList): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::putToScopeCommon): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::tryCachePutToScopeGlobal): * runtime/IntendedStructureChain.cpp: (JSC::IntendedStructureChain::mayInterceptStoreTo): * runtime/JSCJSValue.cpp: (JSC::JSValue::putToPrimitive): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::reset): * runtime/JSObject.cpp: (JSC::JSObject::put): (JSC::JSObject::putDirectNonIndexAccessor): (JSC::JSObject::deleteProperty): (JSC::JSObject::defaultValue): (JSC::getCallableObjectSlow): Deleted. (JSC::JSObject::getPropertySpecificValue): Deleted. * runtime/JSObject.h: (JSC::JSObject::getDirect): (JSC::JSObject::getDirectOffset): (JSC::JSObject::inlineGetOwnPropertySlot): (JSC::JSObject::putDirectInternal): (JSC::JSObject::putOwnDataProperty): (JSC::JSObject::putDirect): (JSC::JSObject::putDirectWithoutTransition): (JSC::getCallableObject): Deleted. * runtime/JSScope.cpp: (JSC::abstractAccess): * runtime/PropertyMapHashTable.h: (JSC::PropertyMapEntry::PropertyMapEntry): (JSC::PropertyTable::copy): * runtime/PropertyTable.cpp: (JSC::PropertyTable::clone): (JSC::PropertyTable::PropertyTable): (JSC::PropertyTable::visitChildren): Deleted. * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::materializePropertyMap): (JSC::Structure::addPropertyTransitionToExistingStructureImpl): (JSC::Structure::addPropertyTransitionToExistingStructure): (JSC::Structure::addPropertyTransitionToExistingStructureConcurrently): (JSC::Structure::addPropertyTransition): (JSC::Structure::changePrototypeTransition): (JSC::Structure::attributeChangeTransition): (JSC::Structure::toDictionaryTransition): (JSC::Structure::preventExtensionsTransition): (JSC::Structure::takePropertyTableOrCloneIfPinned): (JSC::Structure::nonPropertyTransition): (JSC::Structure::addPropertyWithoutTransition): (JSC::Structure::allocateRareData): (JSC::Structure::ensurePropertyReplacementWatchpointSet): (JSC::Structure::startWatchingPropertyForReplacements): (JSC::Structure::didCachePropertyReplacement): (JSC::Structure::startWatchingInternalProperties): (JSC::Structure::copyPropertyTable): (JSC::Structure::copyPropertyTableForPinning): (JSC::Structure::getConcurrently): (JSC::Structure::get): (JSC::Structure::add): (JSC::Structure::visitChildren): (JSC::Structure::prototypeChainMayInterceptStoreTo): (JSC::Structure::dump): (JSC::Structure::despecifyDictionaryFunction): Deleted. (JSC::Structure::despecifyFunctionTransition): Deleted. (JSC::Structure::despecifyFunction): Deleted. (JSC::Structure::despecifyAllFunctions): Deleted. (JSC::Structure::putSpecificValue): Deleted. * runtime/Structure.h: (JSC::Structure::startWatchingPropertyForReplacements): (JSC::Structure::startWatchingInternalPropertiesIfNecessary): (JSC::Structure::startWatchingInternalPropertiesIfNecessaryForEntireChain): (JSC::Structure::transitionDidInvolveSpecificValue): Deleted. (JSC::Structure::disableSpecificFunctionTracking): Deleted. * runtime/StructureInlines.h: (JSC::Structure::getConcurrently): (JSC::Structure::didReplaceProperty): (JSC::Structure::propertyReplacementWatchpointSet): * runtime/StructureRareData.cpp: (JSC::StructureRareData::destroy): * runtime/StructureRareData.h: * tests/stress/infer-constant-global-property.js: Added. (foo.Math.sin): (foo): * tests/stress/infer-constant-property.js: Added. (foo): * tests/stress/jit-cache-poly-replace-then-cache-get-and-fold-then-invalidate.js: Added. (foo): (bar): * tests/stress/jit-cache-replace-then-cache-get-and-fold-then-invalidate.js: Added. (foo): (bar): * tests/stress/jit-put-to-scope-global-cache-watchpoint-invalidate.js: Added. (foo): (bar): * tests/stress/llint-cache-replace-then-cache-get-and-fold-then-invalidate.js: Added. (foo): (bar): * tests/stress/llint-put-to-scope-global-cache-watchpoint-invalidate.js: Added. (foo): (bar): * tests/stress/repeat-put-to-scope-global-with-same-value-watchpoint-invalidate.js: Added. (foo): (bar): 2014-07-03 Saam Barati <sbarati@apple.com> Add more coverage for the profile_types_with_high_fidelity op code. https://bugs.webkit.org/show_bug.cgi?id=134616 Reviewed by Filip Pizlo. More operations are now being recorded by the profile_types_with_high_fidelity opcode. Specifically: function parameters, function return values, function 'this' value, get_by_id, get_by_value, resolve nodes, function return values at the call site. Added more flags to the profile_types_with_high_fidelity opcode so more focused tasks can take place when the instruction is being linked in CodeBlock. Re-worked the type profiler to search through character offset ranges when asked for the type of an expression at a given offset. Removed redundant calls to Structure::toStructureShape in HighFidelityLog and TypeSet by caching calls based on StructureID. * bytecode/BytecodeList.json: * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finalizeUnconditionally): (JSC::CodeBlock::scopeDependentProfile): * bytecode/CodeBlock.h: (JSC::CodeBlock::returnStatementTypeSet): * bytecode/TypeLocation.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::highFidelityTypeProfileExpressionInfoForBytecodeOffset): (JSC::UnlinkedCodeBlock::addHighFidelityTypeProfileExpressionInfo): * bytecode/UnlinkedCodeBlock.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitProfileTypesWithHighFidelity): (JSC::BytecodeGenerator::emitGetFromScopeWithProfile): (JSC::BytecodeGenerator::emitPutToScope): (JSC::BytecodeGenerator::emitPutToScopeWithProfile): (JSC::BytecodeGenerator::emitPutById): (JSC::BytecodeGenerator::emitPutByVal): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::emitHighFidelityTypeProfilingExpressionInfo): * bytecompiler/NodesCodegen.cpp: (JSC::ResolveNode::emitBytecode): (JSC::BracketAccessorNode::emitBytecode): (JSC::DotAccessorNode::emitBytecode): (JSC::FunctionCallValueNode::emitBytecode): (JSC::FunctionCallResolveNode::emitBytecode): (JSC::FunctionCallBracketNode::emitBytecode): (JSC::FunctionCallDotNode::emitBytecode): (JSC::CallFunctionCallDotNode::emitBytecode): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::PostfixNode::emitResolve): (JSC::PostfixNode::emitBracket): (JSC::PostfixNode::emitDot): (JSC::PrefixNode::emitResolve): (JSC::PrefixNode::emitBracket): (JSC::PrefixNode::emitDot): (JSC::ReadModifyResolveNode::emitBytecode): (JSC::AssignResolveNode::emitBytecode): (JSC::AssignDotNode::emitBytecode): (JSC::ReadModifyDotNode::emitBytecode): (JSC::AssignBracketNode::emitBytecode): (JSC::ReadModifyBracketNode::emitBytecode): (JSC::ReturnNode::emitBytecode): (JSC::FunctionBodyNode::emitBytecode): * inspector/agents/InspectorRuntimeAgent.cpp: (Inspector::InspectorRuntimeAgent::getRuntimeTypeForVariableAtOffset): (Inspector::InspectorRuntimeAgent::getRuntimeTypeForVariableInTextRange): Deleted. * inspector/agents/InspectorRuntimeAgent.h: * inspector/protocol/Runtime.json: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::getFromScopeCommon): (JSC::LLInt::LLINT_SLOW_PATH_DECL): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * runtime/HighFidelityLog.cpp: (JSC::HighFidelityLog::processHighFidelityLog): (JSC::HighFidelityLog::actuallyProcessLogThreadFunction): (JSC::HighFidelityLog::recordTypeInformationForLocation): Deleted. * runtime/HighFidelityLog.h: (JSC::HighFidelityLog::recordTypeInformationForLocation): * runtime/HighFidelityTypeProfiler.cpp: (JSC::HighFidelityTypeProfiler::getTypesForVariableInAtOffset): (JSC::HighFidelityTypeProfiler::getGlobalTypesForVariableAtOffset): (JSC::HighFidelityTypeProfiler::getLocalTypesForVariableAtOffset): (JSC::HighFidelityTypeProfiler::insertNewLocation): (JSC::HighFidelityTypeProfiler::findLocation): (JSC::HighFidelityTypeProfiler::getTypesForVariableInRange): Deleted. (JSC::HighFidelityTypeProfiler::getGlobalTypesForVariableInRange): Deleted. (JSC::HighFidelityTypeProfiler::getLocalTypesForVariableInRange): Deleted. (JSC::HighFidelityTypeProfiler::getLocationBasedHash): Deleted. * runtime/HighFidelityTypeProfiler.h: (JSC::LocationKey::LocationKey): Deleted. (JSC::LocationKey::hash): Deleted. (JSC::LocationKey::operator==): Deleted. * runtime/Structure.cpp: (JSC::Structure::toStructureShape): * runtime/Structure.h: * runtime/TypeSet.cpp: (JSC::TypeSet::TypeSet): (JSC::TypeSet::addTypeForValue): (JSC::TypeSet::seenTypes): (JSC::TypeSet::removeDuplicatesInStructureHistory): Deleted. * runtime/TypeSet.h: (JSC::StructureShape::setConstructorName): * runtime/VM.cpp: (JSC::VM::getTypesForVariableAtOffset): (JSC::VM::dumpHighFidelityProfilingTypes): (JSC::VM::getTypesForVariableInRange): Deleted. * runtime/VM.h: 2014-07-04 Filip Pizlo <fpizlo@apple.com> [ftlopt][REGRESSION] debug tests fail because PutByIdDirect is now implemented in terms of In https://bugs.webkit.org/show_bug.cgi?id=134642 Rubber stamped by Andreas Kling. * ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::LowerDFGToLLVM::compileNode): 2014-07-01 Filip Pizlo <fpizlo@apple.com> [ftlopt] Allocate a new GetterSetter if we change the value of any of its entries other than when they were previously null, so that if we constant-infer an accessor slot then we immediately get the function constant for free https://bugs.webkit.org/show_bug.cgi?id=134518 Reviewed by Mark Hahnenberg. This has no real effect right now, particularly since almost all uses of setSetter/setGetter were already allocating a branch new GetterSetter. But once we start doing more aggressive constant property inference, this change will allow us to remove all runtime checks from getter/setter calls. * runtime/GetterSetter.cpp: (JSC::GetterSetter::withGetter): (JSC::GetterSetter::withSetter): * runtime/GetterSetter.h: (JSC::GetterSetter::setGetter): (JSC::GetterSetter::setSetter): * runtime/JSObject.cpp: (JSC::JSObject::defineOwnNonIndexProperty): 2014-07-02 Filip Pizlo <fpizlo@apple.com> [ftlopt] Rename notifyTransitionFromThisStructure to didTransitionFromThisStructure Rubber stamped by Mark Hahnenberg. * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::nonPropertyTransition): (JSC::Structure::didTransitionFromThisStructure): (JSC::Structure::notifyTransitionFromThisStructure): Deleted. * runtime/Structure.h: 2014-07-02 Filip Pizlo <fpizlo@apple.com> [ftlopt] Remove the functionality for cloning StructureRareData since we never do that anymore. Rubber stamped by Mark Hahnenberg. * runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::cloneRareDataFrom): Deleted. * runtime/Structure.h: * runtime/StructureRareData.cpp: (JSC::StructureRareData::clone): Deleted. (JSC::StructureRareData::StructureRareData): Deleted. * runtime/StructureRareData.h: (JSC::StructureRareData::needsCloning): Deleted. 2014-07-01 Mark Lam <mark.lam@apple.com> [ftlopt] DebuggerCallFrame::scope() should return a DebuggerScope. <https://webkit.org/b/134420> Reviewed by Geoffrey Garen. Previously, DebuggerCallFrame::scope() returns a JSActivation (and relevant peers) which the WebInspector will use to introspect CallFrame variables. Instead, we should be returning a DebuggerScope as an abstraction layer that provides the introspection functionality that the WebInspector needs. This is the first step towards not forcing every frame to have a JSActivation object just because the debugger is enabled. 1. Instantiate the debuggerScopeStructure as a member of the JSGlobalObject instead of the VM. This allows JSObject::globalObject() to be able to return the global object for the DebuggerScope. 2. On the DebuggerScope's life-cycle management: The DebuggerCallFrame is designed to be "valid" only during a debugging session (while the debugger is broken) through the use of a DebuggerCallFrameScope in Debugger::pauseIfNeeded(). Once the debugger resumes from the break, the DebuggerCallFrameScope destructs, and the DebuggerCallFrame will be invalidated. We can't guarantee (from this code alone) that the Inspector code isn't still holding a ref to the DebuggerCallFrame (though they shouldn't), but by contract, the frame will be invalidated, and any attempt to query it will return null values. This is pre-existing behavior. Now, we're adding the DebuggerScope into the picture. While a single debugger pause session is in progress, the Inspector may request the scope from the DebuggerCallFrame. While the DebuggerCallFrame is still valid, we want DebuggerCallFrame::scope() to always return the same DebuggerScope object. This is why we hold on to the DebuggerScope with a strong ref. If we use a weak ref instead, the following cooky behavior can manifest: 1. The Inspector calls Debugger::scope() to get the top scope. 2. The Inspector iterates down the scope chain and is now only holding a reference to a parent scope. It is no longer referencing the top scope. 3. A GC occurs, and the DebuggerCallFrame's weak m_scope ref to the top scope gets cleared. 4. The Inspector calls DebuggerCallFrame::scope() to get the top scope again but gets a different DebuggerScope instance. 5. The Inspector iterates down the scope chain but never sees the parent scope instance that retained a ref to in step 2 above. This is because when iterating this new DebuggerScope instance (which has no knowledge of the previous parent DebuggerScope instance), a new DebuggerScope instance will get created for the same parent scope. Since the DebuggerScope is a JSObject, it's liveness is determined by its reachability. However, it's "validity" is determined by the life-cycle of its owner DebuggerCallFrame. When the owner DebuggerCallFrame gets invalidated, its debugger scope chain (if instantiated) will also get invalidated. This is why we need the DebuggerScope::invalidateChain() method. The Inspector should not be using the DebuggerScope instance after its owner DebuggerCallFrame is invalidated. If it does, those methods will do nothing or returned a failed status. * debugger/Debugger.h: * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::scope): (JSC::DebuggerCallFrame::evaluate): (JSC::DebuggerCallFrame::invalidate): (JSC::DebuggerCallFrame::vm): (JSC::DebuggerCallFrame::lexicalGlobalObject): * debugger/DebuggerCallFrame.h: * debugger/DebuggerScope.cpp: (JSC::DebuggerScope::DebuggerScope): (JSC::DebuggerScope::finishCreation): (JSC::DebuggerScope::visitChildren): (JSC::DebuggerScope::className): (JSC::DebuggerScope::getOwnPropertySlot): (JSC::DebuggerScope::put): (JSC::DebuggerScope::deleteProperty): (JSC::DebuggerScope::getOwnPropertyNames): (JSC::DebuggerScope::defineOwnProperty): (JSC::DebuggerScope::next): (JSC::DebuggerScope::invalidateChain): (JSC::DebuggerScope::isWithScope): (JSC::DebuggerScope::isGlobalScope): (JSC::DebuggerScope::isFunctionScope): * debugger/DebuggerScope.h: (JSC::DebuggerScope::create): (JSC::DebuggerScope::Iterator::Iterator): (JSC::DebuggerScope::Iterator::get): (JSC::DebuggerScope::Iterator::operator++): (JSC::DebuggerScope::Iterator::operator==): (JSC::DebuggerScope::Iterator::operator!=): (JSC::DebuggerScope::isValid): (JSC::DebuggerScope::jsScope): (JSC::DebuggerScope::begin): (JSC::DebuggerScope::end): * inspector/JSJavaScriptCallFrame.cpp: (Inspector::JSJavaScriptCallFrame::scopeType): (Inspector::JSJavaScriptCallFrame::scopeChain): * inspector/JavaScriptCallFrame.h: (Inspector::JavaScriptCallFrame::scopeChain): * inspector/ScriptDebugServer.cpp: * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::reset): (JSC::JSGlobalObject::visitChildren): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::debuggerScopeStructure): * runtime/JSObject.h: (JSC::JSObject::isWithScope): * runtime/JSScope.h: * runtime/VM.cpp: (JSC::VM::VM): * runtime/VM.h: 2014-07-01 Filip Pizlo <fpizlo@apple.com> [ftlopt] DFG bytecode parser should turn PutById with nothing but a Setter stub as stuff+handleCall, and handleCall should be allowed to inline if it wants to https://bugs.webkit.org/show_bug.cgi?id=130756 Reviewed by Oliver Hunt. The enables exposing the call to setters in the DFG, and then inlining it. Previously we already supproted inlined-cached calls to setters from within put_by_id inline caches, and the DFG could certainly emit such IC's. Now, if an IC had a setter call, then the DFG will either emit the GetGetterSetterByOffset/GetSetter/Call combo, or it will do one better and inline the call. A lot of the core functionality was already available from the previous work to inline getters. So, there are some refactorings in this patch that move preexisting functionality around. For example, the work to figure out how the DFG should go about getting to what we call the "loaded value" - i.e. the GetterSetter object reference in the case of accessors - is now shared in ComplexGetStatus, and both GetByIdStatus and PutByIdStatus use it. This means that we can keep the safety checks common. This patch also does additional refactorings in DFG::ByteCodeParser so that we can continue to reuse handleCall() for all of the various kinds of calls we can now emit. 83% speed-up on getter-richards, 2% speed-up on box2d. * CMakeLists.txt: * JavaScriptCore.vcxproj/JavaScriptCore.vcxproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/ComplexGetStatus.cpp: Added. (JSC::ComplexGetStatus::computeFor): * bytecode/ComplexGetStatus.h: Added. (JSC::ComplexGetStatus::ComplexGetStatus): (JSC::ComplexGetStatus::skip): (JSC::ComplexGetStatus::takesSlowPath): (JSC::ComplexGetStatus::kind): (JSC::ComplexGetStatus::attributes): (JSC::ComplexGetStatus::specificValue): (JSC::ComplexGetStatus::offset): (JSC::ComplexGetStatus::chain): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeForStubInfo): * bytecode/GetByIdVariant.cpp: (JSC::GetByIdVariant::GetByIdVariant): * bytecode/PolymorphicPutByIdList.h: (JSC::PutByIdAccess::PutByIdAccess): (JSC::PutByIdAccess::setter): (JSC::PutByIdAccess::structure): (JSC::PutByIdAccess::chainCount): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): (JSC::PutByIdStatus::computeFor): (JSC::PutByIdStatus::computeForStubInfo): (JSC::PutByIdStatus::makesCalls): * bytecode/PutByIdStatus.h: (JSC::PutByIdStatus::makesCalls): Deleted. * bytecode/PutByIdVariant.cpp: (JSC::PutByIdVariant::PutByIdVariant): (JSC::PutByIdVariant::operator=): (JSC::PutByIdVariant::replace): (JSC::PutByIdVariant::transition): (JSC::PutByIdVariant::setter): (JSC::PutByIdVariant::writesStructures): (JSC::PutByIdVariant::reallocatesStorage): (JSC::PutByIdVariant::makesCalls): (JSC::PutByIdVariant::dumpInContext): * bytecode/PutByIdVariant.h: (JSC::PutByIdVariant::PutByIdVariant): (JSC::PutByIdVariant::structure): (JSC::PutByIdVariant::oldStructure): (JSC::PutByIdVariant::alternateBase): (JSC::PutByIdVariant::specificValue): (JSC::PutByIdVariant::callLinkStatus): (JSC::PutByIdVariant::replace): Deleted. (JSC::PutByIdVariant::transition): Deleted. * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::addCallWithoutSettingResult): (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseBlock): * jit/Repatch.cpp: (JSC::tryCachePutByID): (JSC::tryBuildPutByIdList): * runtime/IntendedStructureChain.cpp: (JSC::IntendedStructureChain::takesSlowPathInDFGForImpureProperty): * runtime/IntendedStructureChain.h: * tests/stress/exit-from-setter.js: Added. * tests/stress/poly-chain-setter.js: Added. (Cons): (foo): (test): * tests/stress/poly-chain-then-setter.js: Added. (Cons1): (Cons2): (foo): (test): * tests/stress/poly-setter-combo.js: Added. (Cons1): (Cons2): (foo): (test): (.test): * tests/stress/poly-setter-then-self.js: Added. (foo): (test): (.test): * tests/stress/weird-setter-counter.js: Added. (foo): (test): * tests/stress/weird-setter-counter-syntactic.js: Added. (foo): (test): 2014-07-01 Matthew Mirman <mmirman@apple.com> Added an implementation of the "in" check to FTL. https://bugs.webkit.org/show_bug.cgi?id=134508 Reviewed by Filip Pizlo. * ftl/FTLCapabilities.cpp: enabled compilation for "in" (JSC::FTL::canCompile): ditto * ftl/FTLCompile.cpp: (JSC::FTL::generateCheckInICFastPath): added. (JSC::FTL::fixFunctionBasedOnStackMaps): added case for CheckIn descriptors. * ftl/FTLInlineCacheDescriptor.h: (JSC::FTL::CheckInGenerator::CheckInGenerator): added. (JSC::FTL::CheckInDescriptor::CheckInDescriptor): added. * ftl/FTLInlineCacheSize.cpp: (JSC::FTL::sizeOfCheckIn): added. Currently larger than necessary. * ftl/FTLInlineCacheSize.h: ditto * ftl/FTLIntrinsicRepository.h: Added function type for operationInGeneric * ftl/FTLLowerDFGToLLVM.cpp: (JSC::FTL::LowerDFGToLLVM::compileNode): added case for In. (JSC::FTL::LowerDFGToLLVM::compileIn): added. * ftl/FTLSlowPathCall.cpp: Added a callOperation for operationIn (JSC::FTL::callOperation): ditto * ftl/FTLSlowPathCall.h: ditto * ftl/FTLState.h: Added a vector to hold CheckIn descriptors. * jit/JITOperations.h: made operationIns internal. * tests/stress/ftl-checkin.js: Added. * tests/stress/ftl-checkin-variable.js: Added. 2014-06-30 Mark Hahnenberg <mhahnenberg@apple.com> CodeBlock::stronglyVisitWeakReferences should mark DFG::CommonData::weakStructureReferences https://bugs.webkit.org/show_bug.cgi?id=134455 Reviewed by Geoffrey Garen. Otherwise we get hanging pointers which can cause us to die later. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::stronglyVisitWeakReferences): 2014-06-27 Filip Pizlo <fpizlo@apple.com> [ftlopt] Reduce the GC's influence on optimization decisions https://bugs.webkit.org/show_bug.cgi?id=134427 Reviewed by Oliver Hunt. This is a slight speed-up on some platforms, that arises from a bunch of fixes that I made while trying to make the GC keep more structures alive (https://bugs.webkit.org/show_bug.cgi?id=128072). The fixes are, roughly: - If the GC clears an inline cache, then this no longer causes the IC to be forever polymorphic. - If we exit in inlined code into a function that tries to OSR enter, then we jettison sooner. - Some variables being uninitialized led to rage-recompilations. This is a pretty strong step in the direction of keeping more Structures alive and not blowing away code just because a Structure died. But, it seems like there is still a slight speed-up to be had from blowing away code that references dead Structures. * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpAssumingJITType): (JSC::shouldMarkTransition): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::determineLiveness): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeForStubInfo): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeForStubInfo): * dfg/DFGCapabilities.cpp: (JSC::DFG::isSupportedForInlining): (JSC::DFG::mightInlineFunctionForCall): (JSC::DFG::mightInlineFunctionForClosureCall): (JSC::DFG::mightInlineFunctionForConstruct): * dfg/DFGCapabilities.h: * dfg/DFGCommonData.h: * dfg/DFGDesiredWeakReferences.cpp: (JSC::DFG::DesiredWeakReferences::reallyAdd): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareOSREntry): * dfg/DFGOSRExitCompilerCommon.cpp: (JSC::DFG::handleExitCounts): * dfg/DFGOperations.cpp: * dfg/DFGOperations.h: * ftl/FTLForOSREntryJITCode.cpp: (JSC::FTL::ForOSREntryJITCode::ForOSREntryJITCode): These variables being uninitialized is benign in terms of correctness but can sometimes cause rage-recompilations. For some reason it took this patch to reveal this. * ftl/FTLOSREntry.cpp: (JSC::FTL::prepareOSREntry): * runtime/Executable.cpp: (JSC::ExecutableBase::destroy): (JSC::NativeExecutable::destroy): (JSC::ScriptExecutable::ScriptExecutable): (JSC::ScriptExecutable::destroy): (JSC::ScriptExecutable::installCode): (JSC::EvalExecutable::EvalExecutable): (JSC::ProgramExecutable::ProgramExecutable): * runtime/Executable.h: (JSC::ScriptExecutable::setDidTryToEnterInLoop): (JSC::ScriptExecutable::didTryToEnterInLoop): (JSC::ScriptExecutable::addressOfDidTryToEnterInLoop): (JSC::ScriptExecutable::ScriptExecutable): Deleted. * runtime/StructureInlines.h: (JSC::Structure::storedPrototypeObject): (JSC::Structure::storedPrototypeStructure): 2014-06-25 Filip Pizlo <fpizlo@apple.com> [ftlopt] If a CodeBlock is jettisoned due to a watchpoint then it should be possible to figure out something about that watchpoint https://bugs.webkit.org/show_bug.cgi?id=134333 Reviewed by Geoffrey Garen. This is engineered to provide loads of information to the profiler without incurring any costs when the profiler is disabled. It's the oldest trick in the book: the thing that fires the watchpoint doesn't actually create anything to describe the reason why it was fired; instead it creates a stack-allocated FireDetail subclass instance. Only if the FireDetail::dump() virtual method is called does anything happen. Currently we use this to produce very fine-grained data for Structure watchpoints and some cases of variable watchpoints. For all other situations, the given reason is just a string constant, by using StringFireDetail. If we find a situation where that string constant is insufficient to diagnose an issue then we can change it to provide more fine-grained information. * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::jettison): * bytecode/CodeBlock.h: * bytecode/CodeBlockJettisoningWatchpoint.cpp: (JSC::CodeBlockJettisoningWatchpoint::fireInternal): * bytecode/CodeBlockJettisoningWatchpoint.h: * bytecode/ProfiledCodeBlockJettisoningWatchpoint.cpp: Removed. * bytecode/ProfiledCodeBlockJettisoningWatchpoint.h: Removed. * bytecode/StructureStubClearingWatchpoint.cpp: (JSC::StructureStubClearingWatchpoint::fireInternal): * bytecode/StructureStubClearingWatchpoint.h: * bytecode/VariableWatchpointSet.h: (JSC::VariableWatchpointSet::invalidate): (JSC::VariableWatchpointSet::finalizeUnconditionally): * bytecode/VariableWatchpointSetInlines.h: (JSC::VariableWatchpointSet::notifyWrite): * bytecode/Watchpoint.cpp: (JSC::StringFireDetail::dump): (JSC::WatchpointSet::fireAll): (JSC::WatchpointSet::fireAllSlow): (JSC::WatchpointSet::fireAllWatchpoints): (JSC::InlineWatchpointSet::fireAll): * bytecode/Watchpoint.h: (JSC::FireDetail::FireDetail): (JSC::FireDetail::~FireDetail): (JSC::StringFireDetail::StringFireDetail): (JSC::Watchpoint::fire): (JSC::WatchpointSet::fireAll): (JSC::WatchpointSet::touch): (JSC::WatchpointSet::invalidate): (JSC::InlineWatchpointSet::fireAll): (JSC::InlineWatchpointSet::touch): * dfg/DFGCommonData.h: * dfg/DFGOperations.cpp: * interpreter/Interpreter.cpp: (JSC::Interpreter::execute): * jsc.cpp: (WTF::Masquerader::create): * profiler/ProfilerCompilation.cpp: (JSC::Profiler::Compilation::setJettisonReason): (JSC::Profiler::Compilation::toJS): * profiler/ProfilerCompilation.h: (JSC::Profiler::Compilation::setJettisonReason): Deleted. * runtime/ArrayBuffer.cpp: (JSC::ArrayBuffer::transfer): * runtime/ArrayBufferNeuteringWatchpoint.cpp: (JSC::ArrayBufferNeuteringWatchpoint::fireAll): * runtime/ArrayBufferNeuteringWatchpoint.h: * runtime/CommonIdentifiers.h: * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): * runtime/Identifier.cpp: (JSC::Identifier::dump): * runtime/Identifier.h: * runtime/JSFunction.cpp: (JSC::JSFunction::put): (JSC::JSFunction::defineOwnProperty): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::addFunction): (JSC::JSGlobalObject::haveABadTime): * runtime/JSSymbolTableObject.cpp: (JSC::VariableWriteFireDetail::dump): * runtime/JSSymbolTableObject.h: (JSC::VariableWriteFireDetail::VariableWriteFireDetail): (JSC::symbolTablePut): (JSC::symbolTablePutWithAttributes): * runtime/PropertyName.h: (JSC::PropertyName::dump): * runtime/Structure.cpp: (JSC::Structure::notifyTransitionFromThisStructure): * runtime/Structure.h: (JSC::Structure::notifyTransitionFromThisStructure): Deleted. * runtime/SymbolTable.cpp: (JSC::SymbolTableEntry::notifyWriteSlow): (JSC::SymbolTable::WatchpointCleanup::finalizeUnconditionally): * runtime/SymbolTable.h: (JSC::SymbolTableEntry::notifyWrite): * runtime/VM.cpp: (JSC::VM::addImpureProperty): Source/WebCore: 2014-07-01 Mark Lam <mark.lam@apple.com> [ftlopt] DebuggerCallFrame::scope() should return a DebuggerScope. <https://webkit.org/b/134420> Reviewed by Geoffrey Garen. No new tests. * ForwardingHeaders/debugger/DebuggerCallFrame.h: Removed. - This is not in use. Hence, we can remove it. * bindings/js/ScriptController.cpp: (WebCore::ScriptController::attachDebugger): - We should acquire the JSLock before modifying a JS global object. 2014-06-25 Filip Pizlo <fpizlo@apple.com> [ftlopt] If a CodeBlock is jettisoned due to a watchpoint then it should be possible to figure out something about that watchpoint https://bugs.webkit.org/show_bug.cgi?id=134333 Reviewed by Geoffrey Garen. No new tests because no change in behavior. * bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader): Tools: 2014-06-25 Filip Pizlo <fpizlo@apple.com> [ftlopt] If a CodeBlock is jettisoned due to a watchpoint then it should be possible to figure out something about that watchpoint https://bugs.webkit.org/show_bug.cgi?id=134333 Reviewed by Geoffrey Garen. * Scripts/display-profiler-output: LayoutTests: 2014-07-16 Mark Hahnenberg <mhahnenberg@apple.com> sputnik/Implementation_Diagnostics/S12.6.4_D1.html depends on undefined behavior https://bugs.webkit.org/show_bug.cgi?id=135007 Reviewed by Filip Pizlo. EcmaScript 5.1 specifies that during for-in enumeration newly added properties may or may not be visited during the current enumeration. Specifically, in section 12.6.4 the spec states: "If new properties are added to the object being enumerated during enumeration, the newly added properties are not guaranteed to be visited in the active enumeration." The sputnik/Implementation_Diagnostics/S12.6.4_D1.html layout test is from before sputnik was added to the test262 suite. I believe it has since been removed, so it would probably be okay to remove it from our layout test suite. * sputnik/Implementation_Diagnostics/S12.6.4_D1-expected.txt: Removed. * sputnik/Implementation_Diagnostics/S12.6.4_D1.html: Removed. 2014-07-13 Filip Pizlo <fpizlo@apple.com> [ftlopt] DFG should be able to do GCSE in SSA and this should be unified with the CSE in CPS, and both of these things should use abstract heaps for reasoning about effects https://bugs.webkit.org/show_bug.cgi?id=134677 Reviewed by Sam Weinig. * js/regress/gcse-expected.txt: Added. * js/regress/gcse-poly-get-expected.txt: Added. * js/regress/gcse-poly-get-less-obvious-expected.txt: Added. * js/regress/gcse-poly-get-less-obvious.html: Added. * js/regress/gcse-poly-get.html: Added. * js/regress/gcse.html: Added. * js/regress/script-tests/gcse-poly-get-less-obvious.js: Added. * js/regress/script-tests/gcse-poly-get.js: Added. * js/regress/script-tests/gcse.js: Added. 2014-07-04 Filip Pizlo <fpizlo@apple.com> [ftlopt] Infer immutable object properties https://bugs.webkit.org/show_bug.cgi?id=134567 Reviewed by Mark Hahnenberg. * js/regress/infer-constant-global-property-expected.txt: Added. * js/regress/infer-constant-global-property.html: Added. * js/regress/infer-constant-property-expected.txt: Added. * js/regress/infer-constant-property.html: Added. * js/regress/script-tests/infer-constant-global-property.js: Added. * js/regress/script-tests/infer-constant-property.js: Added. Canonical link: https://commits.webkit.org/153499@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@172129 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2014-08-06 05:27:46 +00:00
startDivot = range.m_startDivot;
endDivot = range.m_endDivot;
return true;
}
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
UnlinkedCodeBlock::~UnlinkedCodeBlock()
{
}
New bytecode format for JSC https://bugs.webkit.org/show_bug.cgi?id=187373 <rdar://problem/44186758> Reviewed by Filip Pizlo. .: Disable JIT by default on 32-bit platforms * Source/cmake/WebKitFeatures.cmake: JSTests: Add tests to ensure that the inferred inline capacity for a narrow op_new_object will be capped at 255. * stress/maximum-inline-capacity.js: Added. (test1): (test3.Foo): (test3): Source/JavaScriptCore: Replace unlinked and linked bytecode with a new immutable bytecode that does not embed any addresses. Instructions can be encoded as narrow (1-byte operands) or wide (4-byte operands) and might contain an extra operand, the metadataID. The metadataID is used to access the instruction's mutable data in a side table in the CodeBlock (the MetadataTable). Bytecodes now must be structs declared in the new BytecodeList.rb. All bytecodes give names and types to all its operands. Additionally, reading a bytecode from the instruction stream requires decoding the whole bytecode, i.e. it's no longer possible to access arbitrary operands directly from the stream. * CMakeLists.txt: * DerivedSources.make: * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * assembler/MacroAssemblerCodeRef.h: (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): * bytecode/ArithProfile.h: (JSC::ArithProfile::ArithProfile): * bytecode/ArrayAllocationProfile.h: (JSC::ArrayAllocationProfile::ArrayAllocationProfile): * bytecode/ArrayProfile.h: * bytecode/BytecodeBasicBlock.cpp: (JSC::isJumpTarget): (JSC::BytecodeBasicBlock::computeImpl): (JSC::BytecodeBasicBlock::compute): * bytecode/BytecodeBasicBlock.h: (JSC::BytecodeBasicBlock::leaderOffset const): (JSC::BytecodeBasicBlock::totalLength const): (JSC::BytecodeBasicBlock::offsets const): (JSC::BytecodeBasicBlock::BytecodeBasicBlock): (JSC::BytecodeBasicBlock::addLength): * bytecode/BytecodeDumper.cpp: (JSC::BytecodeDumper<Block>::printLocationAndOp): (JSC::BytecodeDumper<Block>::dumpBytecode): (JSC::BytecodeDumper<Block>::dumpIdentifiers): (JSC::BytecodeDumper<Block>::dumpConstants): (JSC::BytecodeDumper<Block>::dumpExceptionHandlers): (JSC::BytecodeDumper<Block>::dumpSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpStringSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpBlock): * bytecode/BytecodeDumper.h: (JSC::BytecodeDumper::dumpOperand): (JSC::BytecodeDumper::dumpValue): (JSC::BytecodeDumper::BytecodeDumper): (JSC::BytecodeDumper::block const): * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::enterPoint const): (JSC::BytecodeGeneratorification::instructions const): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): (JSC::performGeneratorification): * bytecode/BytecodeGeneratorification.h: * bytecode/BytecodeGraph.h: (JSC::BytecodeGraph::blockContainsBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockForBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockWithLeaderOffset): (JSC::BytecodeGraph::BytecodeGraph): * bytecode/BytecodeKills.h: * bytecode/BytecodeList.json: Removed. * bytecode/BytecodeList.rb: Added. * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::dumpResults): * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::isValidRegisterForLiveness): (JSC::BytecodeLivenessPropagation::stepOverInstruction): * bytecode/BytecodeRewriter.cpp: (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): (JSC::BytecodeRewriter::insertImpl): (JSC::BytecodeRewriter::adjustJumpTarget): (JSC::BytecodeRewriter::adjustJumpTargets): * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::InsertionPoint::InsertionPoint): (JSC::BytecodeRewriter::Fragment::Fragment): (JSC::BytecodeRewriter::Fragment::appendInstruction): (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::insertFragmentBefore): (JSC::BytecodeRewriter::insertFragmentAfter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::adjustAbsoluteOffset): (JSC::BytecodeRewriter::adjustJumpTarget): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::estimatedSize): (JSC::CodeBlock::visitChildren): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::finalizeLLIntInlineCaches): (JSC::CodeBlock::addJITAddIC): (JSC::CodeBlock::addJITMulIC): (JSC::CodeBlock::addJITSubIC): (JSC::CodeBlock::addJITNegIC): (JSC::CodeBlock::stronglyVisitStrongReferences): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::updateAllArrayPredictions): (JSC::CodeBlock::predictedMachineCodeSize): (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): (JSC::CodeBlock::valueProfileForBytecodeOffset): (JSC::CodeBlock::validate): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::outOfLineJumpTarget): (JSC::CodeBlock::arithProfileForBytecodeOffset): (JSC::CodeBlock::arithProfileForPC): (JSC::CodeBlock::couldTakeSpecialFastCase): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: (JSC::CodeBlock::addMathIC): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::bytecodeOffset): (JSC::CodeBlock::instructions const): (JSC::CodeBlock::instructionCount const): (JSC::CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters): (JSC::CodeBlock::metadata): (JSC::CodeBlock::metadataSizeInBytes): (JSC::CodeBlock::numberOfNonArgumentValueProfiles): (JSC::CodeBlock::totalNumberOfValueProfiles): * bytecode/CodeBlockInlines.h: Added. (JSC::CodeBlock::forEachValueProfile): (JSC::CodeBlock::forEachArrayProfile): (JSC::CodeBlock::forEachArrayAllocationProfile): (JSC::CodeBlock::forEachObjectAllocationProfile): (JSC::CodeBlock::forEachLLIntCallLinkInfo): * bytecode/Fits.h: Added. * bytecode/GetByIdMetadata.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): * bytecode/Instruction.h: (JSC::Instruction::Instruction): (JSC::Instruction::Impl::opcodeID const): (JSC::Instruction::opcodeID const): (JSC::Instruction::name const): (JSC::Instruction::isWide const): (JSC::Instruction::size const): (JSC::Instruction::is const): (JSC::Instruction::as const): (JSC::Instruction::cast): (JSC::Instruction::cast const): (JSC::Instruction::narrow const): (JSC::Instruction::wide const): * bytecode/InstructionStream.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::InstructionStream::InstructionStream): (JSC::InstructionStream::sizeInBytes const): * bytecode/InstructionStream.h: Added. (JSC::InstructionStream::BaseRef::BaseRef): (JSC::InstructionStream::BaseRef::operator=): (JSC::InstructionStream::BaseRef::operator-> const): (JSC::InstructionStream::BaseRef::ptr const): (JSC::InstructionStream::BaseRef::operator!= const): (JSC::InstructionStream::BaseRef::next const): (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::isValid const): (JSC::InstructionStream::BaseRef::unwrap const): (JSC::InstructionStream::MutableRef::freeze const): (JSC::InstructionStream::MutableRef::operator->): (JSC::InstructionStream::MutableRef::ptr): (JSC::InstructionStream::MutableRef::operator Ref): (JSC::InstructionStream::MutableRef::unwrap): (JSC::InstructionStream::iterator::operator*): (JSC::InstructionStream::iterator::operator++): (JSC::InstructionStream::begin const): (JSC::InstructionStream::end const): (JSC::InstructionStream::at const): (JSC::InstructionStream::size const): (JSC::InstructionStreamWriter::InstructionStreamWriter): (JSC::InstructionStreamWriter::ref): (JSC::InstructionStreamWriter::seek): (JSC::InstructionStreamWriter::position): (JSC::InstructionStreamWriter::write): (JSC::InstructionStreamWriter::rewind): (JSC::InstructionStreamWriter::finalize): (JSC::InstructionStreamWriter::swap): (JSC::InstructionStreamWriter::iterator::operator*): (JSC::InstructionStreamWriter::iterator::operator++): (JSC::InstructionStreamWriter::begin): (JSC::InstructionStreamWriter::end): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp: (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::LLIntPrototypeLoadAdaptiveStructureWatchpoint): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::clearLLIntGetByIdCache): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h: * bytecode/MetadataTable.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::MetadataTable::MetadataTable): (JSC::DeallocTable::withOpcodeType): (JSC::MetadataTable::~MetadataTable): (JSC::MetadataTable::sizeInBytes): * bytecode/MetadataTable.h: Copied from Source/JavaScriptCore/runtime/Watchdog.h. (JSC::MetadataTable::get): (JSC::MetadataTable::forEach): (JSC::MetadataTable::getImpl): * bytecode/Opcode.cpp: (JSC::metadataSize): * bytecode/Opcode.h: (JSC::padOpcodeName): * bytecode/OpcodeInlines.h: (JSC::isOpcodeShape): (JSC::getOpcodeType): * bytecode/OpcodeSize.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecode/PreciseJumpTargets.cpp: (JSC::getJumpTargetsForInstruction): (JSC::computePreciseJumpTargetsInternal): (JSC::computePreciseJumpTargets): (JSC::recomputePreciseJumpTargets): (JSC::findJumpTargetsForInstruction): * bytecode/PreciseJumpTargets.h: * bytecode/PreciseJumpTargetsInlines.h: (JSC::jumpTargetForInstruction): (JSC::extractStoredJumpTargetsForInstruction): (JSC::updateStoredJumpTargetsForInstruction): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): * bytecode/SpecialPointer.cpp: (WTF::printInternal): * bytecode/SpecialPointer.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::estimatedSize): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): (JSC::UnlinkedCodeBlock::setInstructions): (JSC::UnlinkedCodeBlock::instructions const): (JSC::UnlinkedCodeBlock::applyModification): (JSC::UnlinkedCodeBlock::addOutOfLineJumpTarget): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::addPropertyAccessInstruction): (JSC::UnlinkedCodeBlock::propertyAccessInstructions const): (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const): (JSC::UnlinkedCodeBlock::metadata): (JSC::UnlinkedCodeBlock::metadataSizeInBytes): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): (JSC::UnlinkedCodeBlock::replaceOutOfLineJumpTargets): * bytecode/UnlinkedInstructionStream.cpp: Removed. * bytecode/UnlinkedInstructionStream.h: Removed. * bytecode/UnlinkedMetadataTable.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/UnlinkedMetadataTableInlines.h: Added. (JSC::UnlinkedMetadataTable::UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::~UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::addEntry): (JSC::UnlinkedMetadataTable::sizeInBytes): (JSC::UnlinkedMetadataTable::finalize): (JSC::UnlinkedMetadataTable::link): (JSC::UnlinkedMetadataTable::unlink): * bytecode/VirtualRegister.cpp: (JSC::VirtualRegister::VirtualRegister): * bytecode/VirtualRegister.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::Label::setLocation): (JSC::Label::bind): (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeVarLexicalEnvironment): (JSC::BytecodeGenerator::emitEnter): (JSC::BytecodeGenerator::emitLoopHint): (JSC::BytecodeGenerator::emitJump): (JSC::BytecodeGenerator::emitCheckTraps): (JSC::BytecodeGenerator::rewind): (JSC::BytecodeGenerator::fuseCompareAndJump): (JSC::BytecodeGenerator::fuseTestAndJmp): (JSC::BytecodeGenerator::emitJumpIfTrue): (JSC::BytecodeGenerator::emitJumpIfFalse): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::moveLinkTimeConstant): (JSC::BytecodeGenerator::moveEmptyValue): (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::emitBinaryOp): (JSC::BytecodeGenerator::emitToObject): (JSC::BytecodeGenerator::emitToNumber): (JSC::BytecodeGenerator::emitToString): (JSC::BytecodeGenerator::emitTypeOf): (JSC::BytecodeGenerator::emitInc): (JSC::BytecodeGenerator::emitDec): (JSC::BytecodeGenerator::emitEqualityOp): (JSC::BytecodeGenerator::emitProfileType): (JSC::BytecodeGenerator::emitProfileControlFlow): (JSC::BytecodeGenerator::pushLexicalScopeInternal): (JSC::BytecodeGenerator::emitResolveScopeForHoistingFuncDeclInEval): (JSC::BytecodeGenerator::prepareLexicalScopeForNextForLoopIteration): (JSC::BytecodeGenerator::emitOverridesHasInstance): (JSC::BytecodeGenerator::emitResolveScope): (JSC::BytecodeGenerator::emitGetFromScope): (JSC::BytecodeGenerator::emitPutToScope): (JSC::BytecodeGenerator::emitInstanceOf): (JSC::BytecodeGenerator::emitInstanceOfCustom): (JSC::BytecodeGenerator::emitInByVal): (JSC::BytecodeGenerator::emitInById): (JSC::BytecodeGenerator::emitTryGetById): (JSC::BytecodeGenerator::emitGetById): (JSC::BytecodeGenerator::emitDirectGetById): (JSC::BytecodeGenerator::emitPutById): (JSC::BytecodeGenerator::emitDirectPutById): (JSC::BytecodeGenerator::emitPutGetterById): (JSC::BytecodeGenerator::emitPutSetterById): (JSC::BytecodeGenerator::emitPutGetterSetter): (JSC::BytecodeGenerator::emitPutGetterByVal): (JSC::BytecodeGenerator::emitPutSetterByVal): (JSC::BytecodeGenerator::emitDeleteById): (JSC::BytecodeGenerator::emitGetByVal): (JSC::BytecodeGenerator::emitPutByVal): (JSC::BytecodeGenerator::emitDirectPutByVal): (JSC::BytecodeGenerator::emitDeleteByVal): (JSC::BytecodeGenerator::emitSuperSamplerBegin): (JSC::BytecodeGenerator::emitSuperSamplerEnd): (JSC::BytecodeGenerator::emitIdWithProfile): (JSC::BytecodeGenerator::emitUnreachable): (JSC::BytecodeGenerator::emitGetArgument): (JSC::BytecodeGenerator::emitCreateThis): (JSC::BytecodeGenerator::emitTDZCheck): (JSC::BytecodeGenerator::emitNewObject): (JSC::BytecodeGenerator::emitNewArrayBuffer): (JSC::BytecodeGenerator::emitNewArray): (JSC::BytecodeGenerator::emitNewArrayWithSpread): (JSC::BytecodeGenerator::emitNewArrayWithSize): (JSC::BytecodeGenerator::emitNewRegExp): (JSC::BytecodeGenerator::emitNewFunctionExpressionCommon): (JSC::BytecodeGenerator::emitNewDefaultConstructor): (JSC::BytecodeGenerator::emitNewFunction): (JSC::BytecodeGenerator::emitSetFunctionNameIfNeeded): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitCallInTailPosition): (JSC::BytecodeGenerator::emitCallEval): (JSC::BytecodeGenerator::emitExpectedFunctionSnippet): (JSC::BytecodeGenerator::emitCallVarargs): (JSC::BytecodeGenerator::emitCallVarargsInTailPosition): (JSC::BytecodeGenerator::emitConstructVarargs): (JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition): (JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary): (JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary): (JSC::BytecodeGenerator::emitCallDefineProperty): (JSC::BytecodeGenerator::emitReturn): (JSC::BytecodeGenerator::emitEnd): (JSC::BytecodeGenerator::emitConstruct): (JSC::BytecodeGenerator::emitStrcat): (JSC::BytecodeGenerator::emitToPrimitive): (JSC::BytecodeGenerator::emitGetScope): (JSC::BytecodeGenerator::emitPushWithScope): (JSC::BytecodeGenerator::emitGetParentScope): (JSC::BytecodeGenerator::emitDebugHook): (JSC::BytecodeGenerator::emitCatch): (JSC::BytecodeGenerator::emitThrow): (JSC::BytecodeGenerator::emitArgumentCount): (JSC::BytecodeGenerator::emitThrowStaticError): (JSC::BytecodeGenerator::beginSwitch): (JSC::prepareJumpTableForSwitch): (JSC::prepareJumpTableForStringSwitch): (JSC::BytecodeGenerator::endSwitch): (JSC::BytecodeGenerator::emitGetEnumerableLength): (JSC::BytecodeGenerator::emitHasGenericProperty): (JSC::BytecodeGenerator::emitHasIndexedProperty): (JSC::BytecodeGenerator::emitHasStructureProperty): (JSC::BytecodeGenerator::emitGetPropertyEnumerator): (JSC::BytecodeGenerator::emitEnumeratorStructurePropertyName): (JSC::BytecodeGenerator::emitEnumeratorGenericPropertyName): (JSC::BytecodeGenerator::emitToIndexString): (JSC::BytecodeGenerator::emitIsCellWithType): (JSC::BytecodeGenerator::emitIsObject): (JSC::BytecodeGenerator::emitIsNumber): (JSC::BytecodeGenerator::emitIsUndefined): (JSC::BytecodeGenerator::emitIsEmpty): (JSC::BytecodeGenerator::emitRestParameter): (JSC::BytecodeGenerator::emitRequireObjectCoercible): (JSC::BytecodeGenerator::emitYieldPoint): (JSC::BytecodeGenerator::emitYield): (JSC::BytecodeGenerator::emitGetAsyncIterator): (JSC::BytecodeGenerator::emitDelegateYield): (JSC::BytecodeGenerator::emitFinallyCompletion): (JSC::BytecodeGenerator::emitJumpIf): (JSC::ForInContext::finalize): (JSC::StructureForInContext::finalize): (JSC::IndexedForInContext::finalize): (JSC::StaticPropertyAnalysis::record): (JSC::BytecodeGenerator::emitToThis): * bytecompiler/BytecodeGenerator.h: (JSC::StructureForInContext::addGetInst): (JSC::BytecodeGenerator::recordOpcode): (JSC::BytecodeGenerator::addMetadataFor): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::kill): (JSC::BytecodeGenerator::instructions const): (JSC::BytecodeGenerator::write): (JSC::BytecodeGenerator::withWriter): * bytecompiler/Label.h: (JSC::Label::Label): (JSC::Label::bind): * bytecompiler/NodesCodegen.cpp: (JSC::ArrayNode::emitBytecode): (JSC::BytecodeIntrinsicNode::emit_intrinsic_argumentCount): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::BitwiseNotNode::emitBytecode): (JSC::BinaryOpNode::emitBytecode): (JSC::EqualNode::emitBytecode): (JSC::StrictEqualNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ForInNode::emitBytecode): (JSC::CaseBlockNode::emitBytecodeForBlock): (JSC::FunctionNode::emitBytecode): (JSC::ClassExprNode::emitBytecode): * bytecompiler/ProfileTypeBytecodeFlag.cpp: Copied from Source/JavaScriptCore/bytecode/VirtualRegister.cpp. (WTF::printInternal): * bytecompiler/ProfileTypeBytecodeFlag.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecompiler/RegisterID.h: * bytecompiler/StaticPropertyAnalysis.h: (JSC::StaticPropertyAnalysis::create): (JSC::StaticPropertyAnalysis::StaticPropertyAnalysis): * bytecompiler/StaticPropertyAnalyzer.h: (JSC::StaticPropertyAnalyzer::createThis): (JSC::StaticPropertyAnalyzer::newObject): (JSC::StaticPropertyAnalyzer::putById): (JSC::StaticPropertyAnalyzer::mov): (JSC::StaticPropertyAnalyzer::kill): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleVarargsCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleVarargsInlining): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::handleMinMax): (JSC::DFG::ByteCodeParser::handleIntrinsicCall): (JSC::DFG::ByteCodeParser::handleDOMJITCall): (JSC::DFG::ByteCodeParser::handleIntrinsicGetter): (JSC::DFG::ByteCodeParser::handleDOMJITGetter): (JSC::DFG::ByteCodeParser::handleModuleNamespaceLoad): (JSC::DFG::ByteCodeParser::handleTypedArrayConstructor): (JSC::DFG::ByteCodeParser::handleConstantInternalFunction): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseGetById): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::handlePutByVal): (JSC::DFG::ByteCodeParser::handlePutAccessorById): (JSC::DFG::ByteCodeParser::handlePutAccessorByVal): (JSC::DFG::ByteCodeParser::handleNewFunc): (JSC::DFG::ByteCodeParser::handleNewFuncExp): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCapabilities.cpp: (JSC::DFG::capabilityLevel): * dfg/DFGCapabilities.h: (JSC::DFG::capabilityLevel): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareCatchOSREntry): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileArithMul): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileUnaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileBinaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileArithMul): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOperations.cpp: (JSC::FTL::operationMaterializeObjectInOSR): * generate-bytecode-files: Removed. * generator/Argument.rb: Added. * generator/Assertion.rb: Added. * generator/DSL.rb: Added. * generator/Fits.rb: Added. * generator/GeneratedFile.rb: Added. * generator/Metadata.rb: Added. * generator/Opcode.rb: Added. * generator/OpcodeGroup.rb: Added. * generator/Options.rb: Added. * generator/Section.rb: Added. * generator/Template.rb: Added. * generator/Type.rb: Added. * generator/main.rb: Added. * interpreter/AbstractPC.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::currentVPC const): (JSC::CallFrame::setCurrentVPC): * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::ExecState::setReturnPC): * interpreter/Interpreter.cpp: (WTF::printInternal): * interpreter/Interpreter.h: * interpreter/InterpreterInlines.h: * interpreter/StackVisitor.cpp: (JSC::StackVisitor::Frame::dump const): * interpreter/VMEntryRecord.h: * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitSlowCaseCall): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): * jit/JIT.h: * jit/JITArithmetic.cpp: (JSC::JIT::emit_op_jless): (JSC::JIT::emit_op_jlesseq): (JSC::JIT::emit_op_jgreater): (JSC::JIT::emit_op_jgreatereq): (JSC::JIT::emit_op_jnless): (JSC::JIT::emit_op_jnlesseq): (JSC::JIT::emit_op_jngreater): (JSC::JIT::emit_op_jngreatereq): (JSC::JIT::emitSlow_op_jless): (JSC::JIT::emitSlow_op_jlesseq): (JSC::JIT::emitSlow_op_jgreater): (JSC::JIT::emitSlow_op_jgreatereq): (JSC::JIT::emitSlow_op_jnless): (JSC::JIT::emitSlow_op_jnlesseq): (JSC::JIT::emitSlow_op_jngreater): (JSC::JIT::emitSlow_op_jngreatereq): (JSC::JIT::emit_op_below): (JSC::JIT::emit_op_beloweq): (JSC::JIT::emit_op_jbelow): (JSC::JIT::emit_op_jbeloweq): (JSC::JIT::emit_op_unsigned): (JSC::JIT::emit_compareAndJump): (JSC::JIT::emit_compareUnsignedAndJump): (JSC::JIT::emit_compareUnsigned): (JSC::JIT::emit_compareAndJumpSlow): (JSC::JIT::emit_op_inc): (JSC::JIT::emit_op_dec): (JSC::JIT::emit_op_mod): (JSC::JIT::emitSlow_op_mod): (JSC::JIT::emit_op_negate): (JSC::JIT::emitSlow_op_negate): (JSC::JIT::emitBitBinaryOpFastPath): (JSC::JIT::emit_op_bitand): (JSC::JIT::emit_op_bitor): (JSC::JIT::emit_op_bitxor): (JSC::JIT::emit_op_lshift): (JSC::JIT::emitRightShiftFastPath): (JSC::JIT::emit_op_rshift): (JSC::JIT::emit_op_urshift): (JSC::getOperandTypes): (JSC::JIT::emit_op_add): (JSC::JIT::emitSlow_op_add): (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow): (JSC::JIT::emit_op_div): (JSC::JIT::emit_op_mul): (JSC::JIT::emitSlow_op_mul): (JSC::JIT::emit_op_sub): (JSC::JIT::emitSlow_op_sub): * jit/JITCall.cpp: (JSC::JIT::emitPutCallResult): (JSC::JIT::compileSetupFrame): (JSC::JIT::compileCallEval): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileTailCall): (JSC::JIT::compileOpCall): (JSC::JIT::compileOpCallSlowCase): (JSC::JIT::emit_op_call): (JSC::JIT::emit_op_tail_call): (JSC::JIT::emit_op_call_eval): (JSC::JIT::emit_op_call_varargs): (JSC::JIT::emit_op_tail_call_varargs): (JSC::JIT::emit_op_tail_call_forward_arguments): (JSC::JIT::emit_op_construct_varargs): (JSC::JIT::emit_op_construct): (JSC::JIT::emitSlow_op_call): (JSC::JIT::emitSlow_op_tail_call): (JSC::JIT::emitSlow_op_call_eval): (JSC::JIT::emitSlow_op_call_varargs): (JSC::JIT::emitSlow_op_tail_call_varargs): (JSC::JIT::emitSlow_op_tail_call_forward_arguments): (JSC::JIT::emitSlow_op_construct_varargs): (JSC::JIT::emitSlow_op_construct): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::JITDisassembler): * jit/JITExceptions.cpp: (JSC::genericUnwind): * jit/JITInlines.h: (JSC::JIT::emitDoubleGetByVal): (JSC::JIT::emitLoadForArrayMode): (JSC::JIT::emitContiguousGetByVal): (JSC::JIT::emitArrayStorageGetByVal): (JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile): (JSC::JIT::sampleInstruction): (JSC::JIT::emitValueProfilingSiteIfProfiledOpcode): (JSC::JIT::emitValueProfilingSite): (JSC::JIT::jumpTarget): (JSC::JIT::copiedGetPutInfo): (JSC::JIT::copiedArithProfile): * jit/JITMathIC.h: (JSC::isProfileEmpty): (JSC::JITBinaryMathIC::JITBinaryMathIC): (JSC::JITUnaryMathIC::JITUnaryMathIC): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_mov): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_jmp): (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_overrides_has_instance): (JSC::JIT::emit_op_instanceof): (JSC::JIT::emitSlow_op_instanceof): (JSC::JIT::emit_op_instanceof_custom): (JSC::JIT::emit_op_is_empty): (JSC::JIT::emit_op_is_undefined): (JSC::JIT::emit_op_is_boolean): (JSC::JIT::emit_op_is_number): (JSC::JIT::emit_op_is_cell_with_type): (JSC::JIT::emit_op_is_object): (JSC::JIT::emit_op_ret): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emit_op_set_function_name): (JSC::JIT::emit_op_not): (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jeq_null): (JSC::JIT::emit_op_jneq_null): (JSC::JIT::emit_op_jneq_ptr): (JSC::JIT::emit_op_eq): (JSC::JIT::emit_op_jeq): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_neq): (JSC::JIT::emit_op_jneq): (JSC::JIT::emit_op_throw): (JSC::JIT::compileOpStrictEq): (JSC::JIT::emit_op_stricteq): (JSC::JIT::emit_op_nstricteq): (JSC::JIT::compileOpStrictEqJump): (JSC::JIT::emit_op_jstricteq): (JSC::JIT::emit_op_jnstricteq): (JSC::JIT::emitSlow_op_jstricteq): (JSC::JIT::emitSlow_op_jnstricteq): (JSC::JIT::emit_op_to_number): (JSC::JIT::emit_op_to_string): (JSC::JIT::emit_op_to_object): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_identity_with_profile): (JSC::JIT::emit_op_get_parent_scope): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_debug): (JSC::JIT::emit_op_eq_null): (JSC::JIT::emit_op_neq_null): (JSC::JIT::emit_op_enter): (JSC::JIT::emit_op_get_scope): (JSC::JIT::emit_op_to_this): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_check_tdz): (JSC::JIT::emitSlow_op_eq): (JSC::JIT::emitSlow_op_neq): (JSC::JIT::emitSlow_op_jeq): (JSC::JIT::emitSlow_op_jneq): (JSC::JIT::emitSlow_op_instanceof_custom): (JSC::JIT::emit_op_loop_hint): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_check_traps): (JSC::JIT::emit_op_nop): (JSC::JIT::emit_op_super_sampler_begin): (JSC::JIT::emit_op_super_sampler_end): (JSC::JIT::emitSlow_op_check_traps): (JSC::JIT::emit_op_new_regexp): (JSC::JIT::emitNewFuncCommon): (JSC::JIT::emit_op_new_func): (JSC::JIT::emit_op_new_generator_func): (JSC::JIT::emit_op_new_async_generator_func): (JSC::JIT::emit_op_new_async_func): (JSC::JIT::emitNewFuncExprCommon): (JSC::JIT::emit_op_new_func_exp): (JSC::JIT::emit_op_new_generator_func_exp): (JSC::JIT::emit_op_new_async_func_exp): (JSC::JIT::emit_op_new_async_generator_func_exp): (JSC::JIT::emit_op_new_array): (JSC::JIT::emit_op_new_array_with_size): (JSC::JIT::emit_op_has_structure_property): (JSC::JIT::privateCompileHasIndexedProperty): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emitSlow_op_has_indexed_property): (JSC::JIT::emit_op_get_direct_pname): (JSC::JIT::emit_op_enumerator_structure_pname): (JSC::JIT::emit_op_enumerator_generic_pname): (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): (JSC::JIT::emit_op_profile_control_flow): (JSC::JIT::emit_op_argument_count): (JSC::JIT::emit_op_get_rest_length): (JSC::JIT::emit_op_get_argument): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_to_this): * jit/JITOperations.cpp: * jit/JITOperations.h: * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val_direct): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::emit_op_put_getter_by_id): (JSC::JIT::emit_op_put_setter_by_id): (JSC::JIT::emit_op_put_getter_setter_by_id): (JSC::JIT::emit_op_put_getter_by_val): (JSC::JIT::emit_op_put_setter_by_val): (JSC::JIT::emit_op_del_by_id): (JSC::JIT::emit_op_del_by_val): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emitSlow_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emitSlow_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emitSlow_op_get_by_id): (JSC::JIT::emitSlow_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emitSlow_op_put_by_id): (JSC::JIT::emit_op_in_by_id): (JSC::JIT::emitSlow_op_in_by_id): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emitSlow_op_put_to_scope): (JSC::JIT::emit_op_get_from_arguments): (JSC::JIT::emit_op_put_to_arguments): (JSC::JIT::privateCompileGetByVal): (JSC::JIT::privateCompileGetByValWithCachedId): (JSC::JIT::privateCompilePutByVal): (JSC::JIT::privateCompilePutByValWithCachedId): (JSC::JIT::emitDoubleLoad): (JSC::JIT::emitContiguousLoad): (JSC::JIT::emitArrayStorageLoad): (JSC::JIT::emitDirectArgumentsGetByVal): (JSC::JIT::emitScopedArgumentsGetByVal): (JSC::JIT::emitIntTypedArrayGetByVal): (JSC::JIT::emitFloatTypedArrayGetByVal): (JSC::JIT::emitIntTypedArrayPutByVal): (JSC::JIT::emitFloatTypedArrayPutByVal): * jit/RegisterSet.cpp: (JSC::RegisterSet::llintBaselineCalleeSaveRegisters): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::JITSlowPathCall): * llint/LLIntData.cpp: (JSC::LLInt::initialize): (JSC::LLInt::Data::performAssertions): * llint/LLIntData.h: (JSC::LLInt::exceptionInstructions): (JSC::LLInt::opcodeMap): (JSC::LLInt::opcodeMapWide): (JSC::LLInt::getOpcode): (JSC::LLInt::getOpcodeWide): (JSC::LLInt::getWideCodePtr): * llint/LLIntOffsetsExtractor.cpp: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::llint_trace_operand): (JSC::LLInt::llint_trace_value): (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::entryOSR): (JSC::LLInt::setupGetByIdPrototypeCache): (JSC::LLInt::getByVal): (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall): (JSC::LLInt::genericCall): (JSC::LLInt::varargsSetup): (JSC::LLInt::commonCallEval): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter.cpp: (JSC::CLoopRegister::operator const Instruction*): (JSC::CLoop::execute): * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * offlineasm/arm64.rb: * offlineasm/asm.rb: * offlineasm/ast.rb: * offlineasm/cloop.rb: * offlineasm/generate_offset_extractor.rb: * offlineasm/instructions.rb: * offlineasm/offsets.rb: * offlineasm/parser.rb: * offlineasm/transform.rb: * offlineasm/x86.rb: * parser/ResultType.h: (JSC::ResultType::dump const): (JSC::OperandTypes::first const): (JSC::OperandTypes::second const): (JSC::OperandTypes::dump const): * profiler/ProfilerBytecodeSequence.cpp: (JSC::Profiler::BytecodeSequence::BytecodeSequence): * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): (JSC::updateArithProfileForUnaryArithOp): (JSC::updateArithProfileForBinaryArithOp): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::tryCachePutToScopeGlobal): (JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal): * runtime/ExceptionFuzz.cpp: (JSC::doExceptionFuzzing): * runtime/ExceptionFuzz.h: (JSC::doExceptionFuzzingIfEnabled): * runtime/GetPutInfo.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::GetPutInfo::dump const): (WTF::printInternal): * runtime/GetPutInfo.h: (JSC::GetPutInfo::operand const): * runtime/JSCPoison.h: * runtime/JSType.cpp: Added. (WTF::printInternal): * runtime/JSType.h: * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::StackFrame::displayName): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::UnprocessedStackFrame::UnprocessedStackFrame): * runtime/SlowPathReturnType.h: (JSC::encodeResult): (JSC::decodeResult): * runtime/VM.h: * runtime/Watchdog.h: * tools/HeapVerifier.cpp: Source/WTF: * wtf/Forward.h: Fix WTF_LAZY_FOR_EACH_TERM on MSVC and add WTF_LAZY_HAS_REST to check whether a macro was passed multiple arguments * wtf/Platform.h: Force ENABLE_JIT=false on all 32-bit platforms * wtf/Vector.h: (WTF::minCapacity>::insertVector): Allow vectors with different overflow handlers to be passed to insertVector Tools: Do not force ENABLE_JIT=true when $forceCLoop is false. * Scripts/build-jsc: LayoutTests: Don't use recursion on `equal` to avoid premature stack overflows when testing deep arrays. * fast/dom/Window/resources/postmessage-test.js: Canonical link: https://commits.webkit.org/205839@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237547 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-10-29 13:16:03 +00:00
const InstructionStream& UnlinkedCodeBlock::instructions() const
JSC: Pack unlinked instructions harder. <https://webkit.org/b/127660> Store UnlinkedCodeBlock's instructions in a variable-length stream to reduce memory usage. Compression rate ends up around 60-61%. The format is very simple. Every instruction starts with a 1 byte opcode. It's followed by an opcode-dependent number of argument values, each encoded separately for maximum packing. There are 7 packed value formats: 5-bit positive integer 5-bit negative integer 13-bit positive integer 13-bit positive integer 5-bit constant register index 13-bit constant register index 32-bit value (fallback) 27.5 MB progression on Membuster3. (~2% of total memory.) Reviewed by Filip Pizlo. * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/UnlinkedInstructionStream.h: Added. (JSC::UnlinkedInstructionStream::count): (JSC::UnlinkedInstructionStream::Reader::atEnd): * bytecode/UnlinkedInstructionStream.cpp: Added. (JSC::UnlinkedInstructionStream::Reader::Reader): (JSC::UnlinkedInstructionStream::Reader::read8): (JSC::UnlinkedInstructionStream::Reader::read32): (JSC::UnlinkedInstructionStream::Reader::next): (JSC::append8): (JSC::append32): (JSC::UnlinkedInstructionStream::UnlinkedInstructionStream): (JSC::UnlinkedInstructionStream::unpackForDebugging): * bytecompiler/BytecodeGenerator.cpp: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): (JSC::UnlinkedCodeBlock::setInstructions): (JSC::UnlinkedCodeBlock::instructions): * bytecode/UnlinkedCodeBlock.h: (JSC::BytecodeGenerator::generate): Canonical link: https://commits.webkit.org/145687@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@162825 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2014-01-27 05:45:30 +00:00
{
New bytecode format for JSC https://bugs.webkit.org/show_bug.cgi?id=187373 <rdar://problem/44186758> Reviewed by Filip Pizlo. .: Disable JIT by default on 32-bit platforms * Source/cmake/WebKitFeatures.cmake: JSTests: Add tests to ensure that the inferred inline capacity for a narrow op_new_object will be capped at 255. * stress/maximum-inline-capacity.js: Added. (test1): (test3.Foo): (test3): Source/JavaScriptCore: Replace unlinked and linked bytecode with a new immutable bytecode that does not embed any addresses. Instructions can be encoded as narrow (1-byte operands) or wide (4-byte operands) and might contain an extra operand, the metadataID. The metadataID is used to access the instruction's mutable data in a side table in the CodeBlock (the MetadataTable). Bytecodes now must be structs declared in the new BytecodeList.rb. All bytecodes give names and types to all its operands. Additionally, reading a bytecode from the instruction stream requires decoding the whole bytecode, i.e. it's no longer possible to access arbitrary operands directly from the stream. * CMakeLists.txt: * DerivedSources.make: * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * assembler/MacroAssemblerCodeRef.h: (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): * bytecode/ArithProfile.h: (JSC::ArithProfile::ArithProfile): * bytecode/ArrayAllocationProfile.h: (JSC::ArrayAllocationProfile::ArrayAllocationProfile): * bytecode/ArrayProfile.h: * bytecode/BytecodeBasicBlock.cpp: (JSC::isJumpTarget): (JSC::BytecodeBasicBlock::computeImpl): (JSC::BytecodeBasicBlock::compute): * bytecode/BytecodeBasicBlock.h: (JSC::BytecodeBasicBlock::leaderOffset const): (JSC::BytecodeBasicBlock::totalLength const): (JSC::BytecodeBasicBlock::offsets const): (JSC::BytecodeBasicBlock::BytecodeBasicBlock): (JSC::BytecodeBasicBlock::addLength): * bytecode/BytecodeDumper.cpp: (JSC::BytecodeDumper<Block>::printLocationAndOp): (JSC::BytecodeDumper<Block>::dumpBytecode): (JSC::BytecodeDumper<Block>::dumpIdentifiers): (JSC::BytecodeDumper<Block>::dumpConstants): (JSC::BytecodeDumper<Block>::dumpExceptionHandlers): (JSC::BytecodeDumper<Block>::dumpSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpStringSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpBlock): * bytecode/BytecodeDumper.h: (JSC::BytecodeDumper::dumpOperand): (JSC::BytecodeDumper::dumpValue): (JSC::BytecodeDumper::BytecodeDumper): (JSC::BytecodeDumper::block const): * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::enterPoint const): (JSC::BytecodeGeneratorification::instructions const): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): (JSC::performGeneratorification): * bytecode/BytecodeGeneratorification.h: * bytecode/BytecodeGraph.h: (JSC::BytecodeGraph::blockContainsBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockForBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockWithLeaderOffset): (JSC::BytecodeGraph::BytecodeGraph): * bytecode/BytecodeKills.h: * bytecode/BytecodeList.json: Removed. * bytecode/BytecodeList.rb: Added. * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::dumpResults): * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::isValidRegisterForLiveness): (JSC::BytecodeLivenessPropagation::stepOverInstruction): * bytecode/BytecodeRewriter.cpp: (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): (JSC::BytecodeRewriter::insertImpl): (JSC::BytecodeRewriter::adjustJumpTarget): (JSC::BytecodeRewriter::adjustJumpTargets): * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::InsertionPoint::InsertionPoint): (JSC::BytecodeRewriter::Fragment::Fragment): (JSC::BytecodeRewriter::Fragment::appendInstruction): (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::insertFragmentBefore): (JSC::BytecodeRewriter::insertFragmentAfter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::adjustAbsoluteOffset): (JSC::BytecodeRewriter::adjustJumpTarget): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::estimatedSize): (JSC::CodeBlock::visitChildren): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::finalizeLLIntInlineCaches): (JSC::CodeBlock::addJITAddIC): (JSC::CodeBlock::addJITMulIC): (JSC::CodeBlock::addJITSubIC): (JSC::CodeBlock::addJITNegIC): (JSC::CodeBlock::stronglyVisitStrongReferences): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::updateAllArrayPredictions): (JSC::CodeBlock::predictedMachineCodeSize): (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): (JSC::CodeBlock::valueProfileForBytecodeOffset): (JSC::CodeBlock::validate): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::outOfLineJumpTarget): (JSC::CodeBlock::arithProfileForBytecodeOffset): (JSC::CodeBlock::arithProfileForPC): (JSC::CodeBlock::couldTakeSpecialFastCase): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: (JSC::CodeBlock::addMathIC): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::bytecodeOffset): (JSC::CodeBlock::instructions const): (JSC::CodeBlock::instructionCount const): (JSC::CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters): (JSC::CodeBlock::metadata): (JSC::CodeBlock::metadataSizeInBytes): (JSC::CodeBlock::numberOfNonArgumentValueProfiles): (JSC::CodeBlock::totalNumberOfValueProfiles): * bytecode/CodeBlockInlines.h: Added. (JSC::CodeBlock::forEachValueProfile): (JSC::CodeBlock::forEachArrayProfile): (JSC::CodeBlock::forEachArrayAllocationProfile): (JSC::CodeBlock::forEachObjectAllocationProfile): (JSC::CodeBlock::forEachLLIntCallLinkInfo): * bytecode/Fits.h: Added. * bytecode/GetByIdMetadata.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): * bytecode/Instruction.h: (JSC::Instruction::Instruction): (JSC::Instruction::Impl::opcodeID const): (JSC::Instruction::opcodeID const): (JSC::Instruction::name const): (JSC::Instruction::isWide const): (JSC::Instruction::size const): (JSC::Instruction::is const): (JSC::Instruction::as const): (JSC::Instruction::cast): (JSC::Instruction::cast const): (JSC::Instruction::narrow const): (JSC::Instruction::wide const): * bytecode/InstructionStream.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::InstructionStream::InstructionStream): (JSC::InstructionStream::sizeInBytes const): * bytecode/InstructionStream.h: Added. (JSC::InstructionStream::BaseRef::BaseRef): (JSC::InstructionStream::BaseRef::operator=): (JSC::InstructionStream::BaseRef::operator-> const): (JSC::InstructionStream::BaseRef::ptr const): (JSC::InstructionStream::BaseRef::operator!= const): (JSC::InstructionStream::BaseRef::next const): (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::isValid const): (JSC::InstructionStream::BaseRef::unwrap const): (JSC::InstructionStream::MutableRef::freeze const): (JSC::InstructionStream::MutableRef::operator->): (JSC::InstructionStream::MutableRef::ptr): (JSC::InstructionStream::MutableRef::operator Ref): (JSC::InstructionStream::MutableRef::unwrap): (JSC::InstructionStream::iterator::operator*): (JSC::InstructionStream::iterator::operator++): (JSC::InstructionStream::begin const): (JSC::InstructionStream::end const): (JSC::InstructionStream::at const): (JSC::InstructionStream::size const): (JSC::InstructionStreamWriter::InstructionStreamWriter): (JSC::InstructionStreamWriter::ref): (JSC::InstructionStreamWriter::seek): (JSC::InstructionStreamWriter::position): (JSC::InstructionStreamWriter::write): (JSC::InstructionStreamWriter::rewind): (JSC::InstructionStreamWriter::finalize): (JSC::InstructionStreamWriter::swap): (JSC::InstructionStreamWriter::iterator::operator*): (JSC::InstructionStreamWriter::iterator::operator++): (JSC::InstructionStreamWriter::begin): (JSC::InstructionStreamWriter::end): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp: (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::LLIntPrototypeLoadAdaptiveStructureWatchpoint): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::clearLLIntGetByIdCache): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h: * bytecode/MetadataTable.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::MetadataTable::MetadataTable): (JSC::DeallocTable::withOpcodeType): (JSC::MetadataTable::~MetadataTable): (JSC::MetadataTable::sizeInBytes): * bytecode/MetadataTable.h: Copied from Source/JavaScriptCore/runtime/Watchdog.h. (JSC::MetadataTable::get): (JSC::MetadataTable::forEach): (JSC::MetadataTable::getImpl): * bytecode/Opcode.cpp: (JSC::metadataSize): * bytecode/Opcode.h: (JSC::padOpcodeName): * bytecode/OpcodeInlines.h: (JSC::isOpcodeShape): (JSC::getOpcodeType): * bytecode/OpcodeSize.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecode/PreciseJumpTargets.cpp: (JSC::getJumpTargetsForInstruction): (JSC::computePreciseJumpTargetsInternal): (JSC::computePreciseJumpTargets): (JSC::recomputePreciseJumpTargets): (JSC::findJumpTargetsForInstruction): * bytecode/PreciseJumpTargets.h: * bytecode/PreciseJumpTargetsInlines.h: (JSC::jumpTargetForInstruction): (JSC::extractStoredJumpTargetsForInstruction): (JSC::updateStoredJumpTargetsForInstruction): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): * bytecode/SpecialPointer.cpp: (WTF::printInternal): * bytecode/SpecialPointer.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::estimatedSize): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): (JSC::UnlinkedCodeBlock::setInstructions): (JSC::UnlinkedCodeBlock::instructions const): (JSC::UnlinkedCodeBlock::applyModification): (JSC::UnlinkedCodeBlock::addOutOfLineJumpTarget): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::addPropertyAccessInstruction): (JSC::UnlinkedCodeBlock::propertyAccessInstructions const): (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const): (JSC::UnlinkedCodeBlock::metadata): (JSC::UnlinkedCodeBlock::metadataSizeInBytes): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): (JSC::UnlinkedCodeBlock::replaceOutOfLineJumpTargets): * bytecode/UnlinkedInstructionStream.cpp: Removed. * bytecode/UnlinkedInstructionStream.h: Removed. * bytecode/UnlinkedMetadataTable.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/UnlinkedMetadataTableInlines.h: Added. (JSC::UnlinkedMetadataTable::UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::~UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::addEntry): (JSC::UnlinkedMetadataTable::sizeInBytes): (JSC::UnlinkedMetadataTable::finalize): (JSC::UnlinkedMetadataTable::link): (JSC::UnlinkedMetadataTable::unlink): * bytecode/VirtualRegister.cpp: (JSC::VirtualRegister::VirtualRegister): * bytecode/VirtualRegister.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::Label::setLocation): (JSC::Label::bind): (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeVarLexicalEnvironment): (JSC::BytecodeGenerator::emitEnter): (JSC::BytecodeGenerator::emitLoopHint): (JSC::BytecodeGenerator::emitJump): (JSC::BytecodeGenerator::emitCheckTraps): (JSC::BytecodeGenerator::rewind): (JSC::BytecodeGenerator::fuseCompareAndJump): (JSC::BytecodeGenerator::fuseTestAndJmp): (JSC::BytecodeGenerator::emitJumpIfTrue): (JSC::BytecodeGenerator::emitJumpIfFalse): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::moveLinkTimeConstant): (JSC::BytecodeGenerator::moveEmptyValue): (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::emitBinaryOp): (JSC::BytecodeGenerator::emitToObject): (JSC::BytecodeGenerator::emitToNumber): (JSC::BytecodeGenerator::emitToString): (JSC::BytecodeGenerator::emitTypeOf): (JSC::BytecodeGenerator::emitInc): (JSC::BytecodeGenerator::emitDec): (JSC::BytecodeGenerator::emitEqualityOp): (JSC::BytecodeGenerator::emitProfileType): (JSC::BytecodeGenerator::emitProfileControlFlow): (JSC::BytecodeGenerator::pushLexicalScopeInternal): (JSC::BytecodeGenerator::emitResolveScopeForHoistingFuncDeclInEval): (JSC::BytecodeGenerator::prepareLexicalScopeForNextForLoopIteration): (JSC::BytecodeGenerator::emitOverridesHasInstance): (JSC::BytecodeGenerator::emitResolveScope): (JSC::BytecodeGenerator::emitGetFromScope): (JSC::BytecodeGenerator::emitPutToScope): (JSC::BytecodeGenerator::emitInstanceOf): (JSC::BytecodeGenerator::emitInstanceOfCustom): (JSC::BytecodeGenerator::emitInByVal): (JSC::BytecodeGenerator::emitInById): (JSC::BytecodeGenerator::emitTryGetById): (JSC::BytecodeGenerator::emitGetById): (JSC::BytecodeGenerator::emitDirectGetById): (JSC::BytecodeGenerator::emitPutById): (JSC::BytecodeGenerator::emitDirectPutById): (JSC::BytecodeGenerator::emitPutGetterById): (JSC::BytecodeGenerator::emitPutSetterById): (JSC::BytecodeGenerator::emitPutGetterSetter): (JSC::BytecodeGenerator::emitPutGetterByVal): (JSC::BytecodeGenerator::emitPutSetterByVal): (JSC::BytecodeGenerator::emitDeleteById): (JSC::BytecodeGenerator::emitGetByVal): (JSC::BytecodeGenerator::emitPutByVal): (JSC::BytecodeGenerator::emitDirectPutByVal): (JSC::BytecodeGenerator::emitDeleteByVal): (JSC::BytecodeGenerator::emitSuperSamplerBegin): (JSC::BytecodeGenerator::emitSuperSamplerEnd): (JSC::BytecodeGenerator::emitIdWithProfile): (JSC::BytecodeGenerator::emitUnreachable): (JSC::BytecodeGenerator::emitGetArgument): (JSC::BytecodeGenerator::emitCreateThis): (JSC::BytecodeGenerator::emitTDZCheck): (JSC::BytecodeGenerator::emitNewObject): (JSC::BytecodeGenerator::emitNewArrayBuffer): (JSC::BytecodeGenerator::emitNewArray): (JSC::BytecodeGenerator::emitNewArrayWithSpread): (JSC::BytecodeGenerator::emitNewArrayWithSize): (JSC::BytecodeGenerator::emitNewRegExp): (JSC::BytecodeGenerator::emitNewFunctionExpressionCommon): (JSC::BytecodeGenerator::emitNewDefaultConstructor): (JSC::BytecodeGenerator::emitNewFunction): (JSC::BytecodeGenerator::emitSetFunctionNameIfNeeded): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitCallInTailPosition): (JSC::BytecodeGenerator::emitCallEval): (JSC::BytecodeGenerator::emitExpectedFunctionSnippet): (JSC::BytecodeGenerator::emitCallVarargs): (JSC::BytecodeGenerator::emitCallVarargsInTailPosition): (JSC::BytecodeGenerator::emitConstructVarargs): (JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition): (JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary): (JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary): (JSC::BytecodeGenerator::emitCallDefineProperty): (JSC::BytecodeGenerator::emitReturn): (JSC::BytecodeGenerator::emitEnd): (JSC::BytecodeGenerator::emitConstruct): (JSC::BytecodeGenerator::emitStrcat): (JSC::BytecodeGenerator::emitToPrimitive): (JSC::BytecodeGenerator::emitGetScope): (JSC::BytecodeGenerator::emitPushWithScope): (JSC::BytecodeGenerator::emitGetParentScope): (JSC::BytecodeGenerator::emitDebugHook): (JSC::BytecodeGenerator::emitCatch): (JSC::BytecodeGenerator::emitThrow): (JSC::BytecodeGenerator::emitArgumentCount): (JSC::BytecodeGenerator::emitThrowStaticError): (JSC::BytecodeGenerator::beginSwitch): (JSC::prepareJumpTableForSwitch): (JSC::prepareJumpTableForStringSwitch): (JSC::BytecodeGenerator::endSwitch): (JSC::BytecodeGenerator::emitGetEnumerableLength): (JSC::BytecodeGenerator::emitHasGenericProperty): (JSC::BytecodeGenerator::emitHasIndexedProperty): (JSC::BytecodeGenerator::emitHasStructureProperty): (JSC::BytecodeGenerator::emitGetPropertyEnumerator): (JSC::BytecodeGenerator::emitEnumeratorStructurePropertyName): (JSC::BytecodeGenerator::emitEnumeratorGenericPropertyName): (JSC::BytecodeGenerator::emitToIndexString): (JSC::BytecodeGenerator::emitIsCellWithType): (JSC::BytecodeGenerator::emitIsObject): (JSC::BytecodeGenerator::emitIsNumber): (JSC::BytecodeGenerator::emitIsUndefined): (JSC::BytecodeGenerator::emitIsEmpty): (JSC::BytecodeGenerator::emitRestParameter): (JSC::BytecodeGenerator::emitRequireObjectCoercible): (JSC::BytecodeGenerator::emitYieldPoint): (JSC::BytecodeGenerator::emitYield): (JSC::BytecodeGenerator::emitGetAsyncIterator): (JSC::BytecodeGenerator::emitDelegateYield): (JSC::BytecodeGenerator::emitFinallyCompletion): (JSC::BytecodeGenerator::emitJumpIf): (JSC::ForInContext::finalize): (JSC::StructureForInContext::finalize): (JSC::IndexedForInContext::finalize): (JSC::StaticPropertyAnalysis::record): (JSC::BytecodeGenerator::emitToThis): * bytecompiler/BytecodeGenerator.h: (JSC::StructureForInContext::addGetInst): (JSC::BytecodeGenerator::recordOpcode): (JSC::BytecodeGenerator::addMetadataFor): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::kill): (JSC::BytecodeGenerator::instructions const): (JSC::BytecodeGenerator::write): (JSC::BytecodeGenerator::withWriter): * bytecompiler/Label.h: (JSC::Label::Label): (JSC::Label::bind): * bytecompiler/NodesCodegen.cpp: (JSC::ArrayNode::emitBytecode): (JSC::BytecodeIntrinsicNode::emit_intrinsic_argumentCount): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::BitwiseNotNode::emitBytecode): (JSC::BinaryOpNode::emitBytecode): (JSC::EqualNode::emitBytecode): (JSC::StrictEqualNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ForInNode::emitBytecode): (JSC::CaseBlockNode::emitBytecodeForBlock): (JSC::FunctionNode::emitBytecode): (JSC::ClassExprNode::emitBytecode): * bytecompiler/ProfileTypeBytecodeFlag.cpp: Copied from Source/JavaScriptCore/bytecode/VirtualRegister.cpp. (WTF::printInternal): * bytecompiler/ProfileTypeBytecodeFlag.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecompiler/RegisterID.h: * bytecompiler/StaticPropertyAnalysis.h: (JSC::StaticPropertyAnalysis::create): (JSC::StaticPropertyAnalysis::StaticPropertyAnalysis): * bytecompiler/StaticPropertyAnalyzer.h: (JSC::StaticPropertyAnalyzer::createThis): (JSC::StaticPropertyAnalyzer::newObject): (JSC::StaticPropertyAnalyzer::putById): (JSC::StaticPropertyAnalyzer::mov): (JSC::StaticPropertyAnalyzer::kill): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleVarargsCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleVarargsInlining): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::handleMinMax): (JSC::DFG::ByteCodeParser::handleIntrinsicCall): (JSC::DFG::ByteCodeParser::handleDOMJITCall): (JSC::DFG::ByteCodeParser::handleIntrinsicGetter): (JSC::DFG::ByteCodeParser::handleDOMJITGetter): (JSC::DFG::ByteCodeParser::handleModuleNamespaceLoad): (JSC::DFG::ByteCodeParser::handleTypedArrayConstructor): (JSC::DFG::ByteCodeParser::handleConstantInternalFunction): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseGetById): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::handlePutByVal): (JSC::DFG::ByteCodeParser::handlePutAccessorById): (JSC::DFG::ByteCodeParser::handlePutAccessorByVal): (JSC::DFG::ByteCodeParser::handleNewFunc): (JSC::DFG::ByteCodeParser::handleNewFuncExp): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCapabilities.cpp: (JSC::DFG::capabilityLevel): * dfg/DFGCapabilities.h: (JSC::DFG::capabilityLevel): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareCatchOSREntry): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileArithMul): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileUnaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileBinaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileArithMul): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOperations.cpp: (JSC::FTL::operationMaterializeObjectInOSR): * generate-bytecode-files: Removed. * generator/Argument.rb: Added. * generator/Assertion.rb: Added. * generator/DSL.rb: Added. * generator/Fits.rb: Added. * generator/GeneratedFile.rb: Added. * generator/Metadata.rb: Added. * generator/Opcode.rb: Added. * generator/OpcodeGroup.rb: Added. * generator/Options.rb: Added. * generator/Section.rb: Added. * generator/Template.rb: Added. * generator/Type.rb: Added. * generator/main.rb: Added. * interpreter/AbstractPC.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::currentVPC const): (JSC::CallFrame::setCurrentVPC): * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::ExecState::setReturnPC): * interpreter/Interpreter.cpp: (WTF::printInternal): * interpreter/Interpreter.h: * interpreter/InterpreterInlines.h: * interpreter/StackVisitor.cpp: (JSC::StackVisitor::Frame::dump const): * interpreter/VMEntryRecord.h: * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitSlowCaseCall): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): * jit/JIT.h: * jit/JITArithmetic.cpp: (JSC::JIT::emit_op_jless): (JSC::JIT::emit_op_jlesseq): (JSC::JIT::emit_op_jgreater): (JSC::JIT::emit_op_jgreatereq): (JSC::JIT::emit_op_jnless): (JSC::JIT::emit_op_jnlesseq): (JSC::JIT::emit_op_jngreater): (JSC::JIT::emit_op_jngreatereq): (JSC::JIT::emitSlow_op_jless): (JSC::JIT::emitSlow_op_jlesseq): (JSC::JIT::emitSlow_op_jgreater): (JSC::JIT::emitSlow_op_jgreatereq): (JSC::JIT::emitSlow_op_jnless): (JSC::JIT::emitSlow_op_jnlesseq): (JSC::JIT::emitSlow_op_jngreater): (JSC::JIT::emitSlow_op_jngreatereq): (JSC::JIT::emit_op_below): (JSC::JIT::emit_op_beloweq): (JSC::JIT::emit_op_jbelow): (JSC::JIT::emit_op_jbeloweq): (JSC::JIT::emit_op_unsigned): (JSC::JIT::emit_compareAndJump): (JSC::JIT::emit_compareUnsignedAndJump): (JSC::JIT::emit_compareUnsigned): (JSC::JIT::emit_compareAndJumpSlow): (JSC::JIT::emit_op_inc): (JSC::JIT::emit_op_dec): (JSC::JIT::emit_op_mod): (JSC::JIT::emitSlow_op_mod): (JSC::JIT::emit_op_negate): (JSC::JIT::emitSlow_op_negate): (JSC::JIT::emitBitBinaryOpFastPath): (JSC::JIT::emit_op_bitand): (JSC::JIT::emit_op_bitor): (JSC::JIT::emit_op_bitxor): (JSC::JIT::emit_op_lshift): (JSC::JIT::emitRightShiftFastPath): (JSC::JIT::emit_op_rshift): (JSC::JIT::emit_op_urshift): (JSC::getOperandTypes): (JSC::JIT::emit_op_add): (JSC::JIT::emitSlow_op_add): (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow): (JSC::JIT::emit_op_div): (JSC::JIT::emit_op_mul): (JSC::JIT::emitSlow_op_mul): (JSC::JIT::emit_op_sub): (JSC::JIT::emitSlow_op_sub): * jit/JITCall.cpp: (JSC::JIT::emitPutCallResult): (JSC::JIT::compileSetupFrame): (JSC::JIT::compileCallEval): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileTailCall): (JSC::JIT::compileOpCall): (JSC::JIT::compileOpCallSlowCase): (JSC::JIT::emit_op_call): (JSC::JIT::emit_op_tail_call): (JSC::JIT::emit_op_call_eval): (JSC::JIT::emit_op_call_varargs): (JSC::JIT::emit_op_tail_call_varargs): (JSC::JIT::emit_op_tail_call_forward_arguments): (JSC::JIT::emit_op_construct_varargs): (JSC::JIT::emit_op_construct): (JSC::JIT::emitSlow_op_call): (JSC::JIT::emitSlow_op_tail_call): (JSC::JIT::emitSlow_op_call_eval): (JSC::JIT::emitSlow_op_call_varargs): (JSC::JIT::emitSlow_op_tail_call_varargs): (JSC::JIT::emitSlow_op_tail_call_forward_arguments): (JSC::JIT::emitSlow_op_construct_varargs): (JSC::JIT::emitSlow_op_construct): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::JITDisassembler): * jit/JITExceptions.cpp: (JSC::genericUnwind): * jit/JITInlines.h: (JSC::JIT::emitDoubleGetByVal): (JSC::JIT::emitLoadForArrayMode): (JSC::JIT::emitContiguousGetByVal): (JSC::JIT::emitArrayStorageGetByVal): (JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile): (JSC::JIT::sampleInstruction): (JSC::JIT::emitValueProfilingSiteIfProfiledOpcode): (JSC::JIT::emitValueProfilingSite): (JSC::JIT::jumpTarget): (JSC::JIT::copiedGetPutInfo): (JSC::JIT::copiedArithProfile): * jit/JITMathIC.h: (JSC::isProfileEmpty): (JSC::JITBinaryMathIC::JITBinaryMathIC): (JSC::JITUnaryMathIC::JITUnaryMathIC): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_mov): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_jmp): (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_overrides_has_instance): (JSC::JIT::emit_op_instanceof): (JSC::JIT::emitSlow_op_instanceof): (JSC::JIT::emit_op_instanceof_custom): (JSC::JIT::emit_op_is_empty): (JSC::JIT::emit_op_is_undefined): (JSC::JIT::emit_op_is_boolean): (JSC::JIT::emit_op_is_number): (JSC::JIT::emit_op_is_cell_with_type): (JSC::JIT::emit_op_is_object): (JSC::JIT::emit_op_ret): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emit_op_set_function_name): (JSC::JIT::emit_op_not): (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jeq_null): (JSC::JIT::emit_op_jneq_null): (JSC::JIT::emit_op_jneq_ptr): (JSC::JIT::emit_op_eq): (JSC::JIT::emit_op_jeq): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_neq): (JSC::JIT::emit_op_jneq): (JSC::JIT::emit_op_throw): (JSC::JIT::compileOpStrictEq): (JSC::JIT::emit_op_stricteq): (JSC::JIT::emit_op_nstricteq): (JSC::JIT::compileOpStrictEqJump): (JSC::JIT::emit_op_jstricteq): (JSC::JIT::emit_op_jnstricteq): (JSC::JIT::emitSlow_op_jstricteq): (JSC::JIT::emitSlow_op_jnstricteq): (JSC::JIT::emit_op_to_number): (JSC::JIT::emit_op_to_string): (JSC::JIT::emit_op_to_object): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_identity_with_profile): (JSC::JIT::emit_op_get_parent_scope): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_debug): (JSC::JIT::emit_op_eq_null): (JSC::JIT::emit_op_neq_null): (JSC::JIT::emit_op_enter): (JSC::JIT::emit_op_get_scope): (JSC::JIT::emit_op_to_this): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_check_tdz): (JSC::JIT::emitSlow_op_eq): (JSC::JIT::emitSlow_op_neq): (JSC::JIT::emitSlow_op_jeq): (JSC::JIT::emitSlow_op_jneq): (JSC::JIT::emitSlow_op_instanceof_custom): (JSC::JIT::emit_op_loop_hint): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_check_traps): (JSC::JIT::emit_op_nop): (JSC::JIT::emit_op_super_sampler_begin): (JSC::JIT::emit_op_super_sampler_end): (JSC::JIT::emitSlow_op_check_traps): (JSC::JIT::emit_op_new_regexp): (JSC::JIT::emitNewFuncCommon): (JSC::JIT::emit_op_new_func): (JSC::JIT::emit_op_new_generator_func): (JSC::JIT::emit_op_new_async_generator_func): (JSC::JIT::emit_op_new_async_func): (JSC::JIT::emitNewFuncExprCommon): (JSC::JIT::emit_op_new_func_exp): (JSC::JIT::emit_op_new_generator_func_exp): (JSC::JIT::emit_op_new_async_func_exp): (JSC::JIT::emit_op_new_async_generator_func_exp): (JSC::JIT::emit_op_new_array): (JSC::JIT::emit_op_new_array_with_size): (JSC::JIT::emit_op_has_structure_property): (JSC::JIT::privateCompileHasIndexedProperty): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emitSlow_op_has_indexed_property): (JSC::JIT::emit_op_get_direct_pname): (JSC::JIT::emit_op_enumerator_structure_pname): (JSC::JIT::emit_op_enumerator_generic_pname): (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): (JSC::JIT::emit_op_profile_control_flow): (JSC::JIT::emit_op_argument_count): (JSC::JIT::emit_op_get_rest_length): (JSC::JIT::emit_op_get_argument): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_to_this): * jit/JITOperations.cpp: * jit/JITOperations.h: * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val_direct): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::emit_op_put_getter_by_id): (JSC::JIT::emit_op_put_setter_by_id): (JSC::JIT::emit_op_put_getter_setter_by_id): (JSC::JIT::emit_op_put_getter_by_val): (JSC::JIT::emit_op_put_setter_by_val): (JSC::JIT::emit_op_del_by_id): (JSC::JIT::emit_op_del_by_val): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emitSlow_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emitSlow_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emitSlow_op_get_by_id): (JSC::JIT::emitSlow_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emitSlow_op_put_by_id): (JSC::JIT::emit_op_in_by_id): (JSC::JIT::emitSlow_op_in_by_id): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emitSlow_op_put_to_scope): (JSC::JIT::emit_op_get_from_arguments): (JSC::JIT::emit_op_put_to_arguments): (JSC::JIT::privateCompileGetByVal): (JSC::JIT::privateCompileGetByValWithCachedId): (JSC::JIT::privateCompilePutByVal): (JSC::JIT::privateCompilePutByValWithCachedId): (JSC::JIT::emitDoubleLoad): (JSC::JIT::emitContiguousLoad): (JSC::JIT::emitArrayStorageLoad): (JSC::JIT::emitDirectArgumentsGetByVal): (JSC::JIT::emitScopedArgumentsGetByVal): (JSC::JIT::emitIntTypedArrayGetByVal): (JSC::JIT::emitFloatTypedArrayGetByVal): (JSC::JIT::emitIntTypedArrayPutByVal): (JSC::JIT::emitFloatTypedArrayPutByVal): * jit/RegisterSet.cpp: (JSC::RegisterSet::llintBaselineCalleeSaveRegisters): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::JITSlowPathCall): * llint/LLIntData.cpp: (JSC::LLInt::initialize): (JSC::LLInt::Data::performAssertions): * llint/LLIntData.h: (JSC::LLInt::exceptionInstructions): (JSC::LLInt::opcodeMap): (JSC::LLInt::opcodeMapWide): (JSC::LLInt::getOpcode): (JSC::LLInt::getOpcodeWide): (JSC::LLInt::getWideCodePtr): * llint/LLIntOffsetsExtractor.cpp: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::llint_trace_operand): (JSC::LLInt::llint_trace_value): (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::entryOSR): (JSC::LLInt::setupGetByIdPrototypeCache): (JSC::LLInt::getByVal): (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall): (JSC::LLInt::genericCall): (JSC::LLInt::varargsSetup): (JSC::LLInt::commonCallEval): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter.cpp: (JSC::CLoopRegister::operator const Instruction*): (JSC::CLoop::execute): * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * offlineasm/arm64.rb: * offlineasm/asm.rb: * offlineasm/ast.rb: * offlineasm/cloop.rb: * offlineasm/generate_offset_extractor.rb: * offlineasm/instructions.rb: * offlineasm/offsets.rb: * offlineasm/parser.rb: * offlineasm/transform.rb: * offlineasm/x86.rb: * parser/ResultType.h: (JSC::ResultType::dump const): (JSC::OperandTypes::first const): (JSC::OperandTypes::second const): (JSC::OperandTypes::dump const): * profiler/ProfilerBytecodeSequence.cpp: (JSC::Profiler::BytecodeSequence::BytecodeSequence): * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): (JSC::updateArithProfileForUnaryArithOp): (JSC::updateArithProfileForBinaryArithOp): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::tryCachePutToScopeGlobal): (JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal): * runtime/ExceptionFuzz.cpp: (JSC::doExceptionFuzzing): * runtime/ExceptionFuzz.h: (JSC::doExceptionFuzzingIfEnabled): * runtime/GetPutInfo.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::GetPutInfo::dump const): (WTF::printInternal): * runtime/GetPutInfo.h: (JSC::GetPutInfo::operand const): * runtime/JSCPoison.h: * runtime/JSType.cpp: Added. (WTF::printInternal): * runtime/JSType.h: * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::StackFrame::displayName): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::UnprocessedStackFrame::UnprocessedStackFrame): * runtime/SlowPathReturnType.h: (JSC::encodeResult): (JSC::decodeResult): * runtime/VM.h: * runtime/Watchdog.h: * tools/HeapVerifier.cpp: Source/WTF: * wtf/Forward.h: Fix WTF_LAZY_FOR_EACH_TERM on MSVC and add WTF_LAZY_HAS_REST to check whether a macro was passed multiple arguments * wtf/Platform.h: Force ENABLE_JIT=false on all 32-bit platforms * wtf/Vector.h: (WTF::minCapacity>::insertVector): Allow vectors with different overflow handlers to be passed to insertVector Tools: Do not force ENABLE_JIT=true when $forceCLoop is false. * Scripts/build-jsc: LayoutTests: Don't use recursion on `equal` to avoid premature stack overflows when testing deep arrays. * fast/dom/Window/resources/postmessage-test.js: Canonical link: https://commits.webkit.org/205839@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237547 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-10-29 13:16:03 +00:00
ASSERT(m_instructions.get());
return *m_instructions;
JSC: Pack unlinked instructions harder. <https://webkit.org/b/127660> Store UnlinkedCodeBlock's instructions in a variable-length stream to reduce memory usage. Compression rate ends up around 60-61%. The format is very simple. Every instruction starts with a 1 byte opcode. It's followed by an opcode-dependent number of argument values, each encoded separately for maximum packing. There are 7 packed value formats: 5-bit positive integer 5-bit negative integer 13-bit positive integer 13-bit positive integer 5-bit constant register index 13-bit constant register index 32-bit value (fallback) 27.5 MB progression on Membuster3. (~2% of total memory.) Reviewed by Filip Pizlo. * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/UnlinkedInstructionStream.h: Added. (JSC::UnlinkedInstructionStream::count): (JSC::UnlinkedInstructionStream::Reader::atEnd): * bytecode/UnlinkedInstructionStream.cpp: Added. (JSC::UnlinkedInstructionStream::Reader::Reader): (JSC::UnlinkedInstructionStream::Reader::read8): (JSC::UnlinkedInstructionStream::Reader::read32): (JSC::UnlinkedInstructionStream::Reader::next): (JSC::append8): (JSC::append32): (JSC::UnlinkedInstructionStream::UnlinkedInstructionStream): (JSC::UnlinkedInstructionStream::unpackForDebugging): * bytecompiler/BytecodeGenerator.cpp: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset): (JSC::UnlinkedCodeBlock::setInstructions): (JSC::UnlinkedCodeBlock::instructions): * bytecode/UnlinkedCodeBlock.h: (JSC::BytecodeGenerator::generate): Canonical link: https://commits.webkit.org/145687@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@162825 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2014-01-27 05:45:30 +00:00
}
BytecodeIndex should be a proper C++ class https://bugs.webkit.org/show_bug.cgi?id=203276 Reviewed by Mark Lam. This patch makes a change to how we refer to the bytecode index in a bytecode stream. Previously we just used an unsigned number to represent the index, this patch changes most of the code to use a BytecodeIndex class instead. The only places where this patch does not change this is for jump and switch targets / deltas. Additionally, this patch attempts to canonicalize the terminology around how we refer to bytecode indices. Now we use the word index to refer to the bytecode index class and offset to refer to the unsigned byte offset into the instruction stream. * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * bytecode/ByValInfo.h: (JSC::ByValInfo::ByValInfo): (JSC::getByValInfoBytecodeIndex): * bytecode/BytecodeBasicBlock.cpp: (JSC::BytecodeBasicBlock::computeImpl): * bytecode/BytecodeGeneratorification.cpp: (JSC::GeneratorLivenessAnalysis::run): * bytecode/BytecodeIndex.cpp: Added. (JSC::BytecodeIndex::dump const): * bytecode/BytecodeIndex.h: Added. (JSC::BytecodeIndex::BytecodeIndex): (JSC::BytecodeIndex::offset const): (JSC::BytecodeIndex::asBits const): (JSC::BytecodeIndex::hash const): (JSC::BytecodeIndex::deletedValue): (JSC::BytecodeIndex::isHashTableDeletedValue const): (JSC::BytecodeIndex::operator bool const): (JSC::BytecodeIndex::operator == const): (JSC::BytecodeIndex::operator != const): (JSC::BytecodeIndex::operator < const): (JSC::BytecodeIndex::operator > const): (JSC::BytecodeIndex::operator <= const): (JSC::BytecodeIndex::operator >= const): (JSC::BytecodeIndex::fromBits): (JSC::BytecodeIndexHash::hash): (JSC::BytecodeIndexHash::equal): * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeIndex): (JSC::BytecodeLivenessAnalysis::computeFullLiveness): (JSC::BytecodeLivenessAnalysis::computeKills): (JSC::BytecodeLivenessAnalysis::dumpResults): (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset): Deleted. * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::BytecodeLivenessPropagation::stepOverInstruction): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeIndex): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBlock): (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeIndex): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeOffset): Deleted. (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeOffset): Deleted. * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeIndex): (JSC::computeDefsForBytecodeIndex): (JSC::computeUsesForBytecodeOffset): Deleted. (JSC::computeDefsForBytecodeOffset): Deleted. * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): (JSC::CallLinkStatus::computeFor): (JSC::CallLinkStatus::computeExitSiteData): * bytecode/CallLinkStatus.h: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::getCallLinkInfoForBytecodeIndex): (JSC::CodeBlock::addRareCaseProfile): (JSC::CodeBlock::rareCaseProfileForBytecodeIndex): (JSC::CodeBlock::rareCaseProfileCountForBytecodeIndex): (JSC::CodeBlock::handlerForBytecodeIndex): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndex): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndexSlow): (JSC::CodeBlock::lineNumberForBytecodeIndex): (JSC::CodeBlock::columnNumberForBytecodeIndex): (JSC::CodeBlock::expressionRangeForBytecodeIndex const): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::tryGetValueProfileForBytecodeIndex): (JSC::CodeBlock::valueProfilePredictionForBytecodeIndex): (JSC::CodeBlock::valueProfileForBytecodeIndex): (JSC::CodeBlock::validate): (JSC::CodeBlock::arithProfileForBytecodeIndex): (JSC::CodeBlock::couldTakeSpecialArithFastCase): (JSC::CodeBlock::bytecodeIndexFromCallSiteIndex): (JSC::CodeBlock::rareCaseProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::rareCaseProfileCountForBytecodeOffset): Deleted. (JSC::CodeBlock::handlerForBytecodeOffset): Deleted. (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): Deleted. (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): Deleted. (JSC::CodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::CodeBlock::columnNumberForBytecodeOffset): Deleted. (JSC::CodeBlock::expressionRangeForBytecodeOffset const): Deleted. (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): Deleted. (JSC::CodeBlock::valueProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::arithProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::couldTakeSpecialFastCase): Deleted. (JSC::CodeBlock::bytecodeOffsetFromCallSiteIndex): Deleted. * bytecode/CodeBlock.h: (JSC::CodeBlock::likelyToTakeSlowCase): (JSC::CodeBlock::couldTakeSlowCase): (JSC::CodeBlock::bytecodeIndex): * bytecode/CodeOrigin.cpp: (JSC::CodeOrigin::approximateHash const): (JSC::CodeOrigin::dump const): * bytecode/CodeOrigin.h: (JSC::CodeOrigin::CodeOrigin): (JSC::CodeOrigin::isSet const): (JSC::CodeOrigin::isHashTableDeletedValue const): (JSC::CodeOrigin::bytecodeIndex const): (JSC::CodeOrigin::OutOfLineCodeOrigin::OutOfLineCodeOrigin): (JSC::CodeOrigin::buildCompositeValue): (JSC::CodeOrigin::hash const): * bytecode/DFGExitProfile.cpp: (JSC::DFG::FrequentExitSite::dump const): (JSC::DFG::ExitProfile::exitSitesFor): * bytecode/DFGExitProfile.h: (JSC::DFG::FrequentExitSite::FrequentExitSite): (JSC::DFG::FrequentExitSite::operator== const): (JSC::DFG::FrequentExitSite::subsumes const): (JSC::DFG::FrequentExitSite::hash const): (JSC::DFG::FrequentExitSite::bytecodeIndex const): (JSC::DFG::FrequentExitSite::isHashTableDeletedValue const): (JSC::DFG::QueryableExitProfile::hasExitSite const): (JSC::DFG::FrequentExitSite::bytecodeOffset const): Deleted. * bytecode/DeferredSourceDump.cpp: (JSC::DeferredSourceDump::DeferredSourceDump): (JSC::DeferredSourceDump::dump): * bytecode/DeferredSourceDump.h: (): Deleted. * bytecode/FullBytecodeLiveness.h: (JSC::FullBytecodeLiveness::getLiveness const): (JSC::FullBytecodeLiveness::operandIsLive const): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): (JSC::GetByIdStatus::computeFor): (JSC::GetByIdStatus::computeForStubInfo): * bytecode/GetByIdStatus.h: * bytecode/ICStatusUtils.cpp: (JSC::hasBadCacheExitSite): * bytecode/ICStatusUtils.h: * bytecode/InByIdStatus.cpp: (JSC::InByIdStatus::computeFor): * bytecode/InByIdStatus.h: * bytecode/InlineCallFrame.cpp: (JSC::InlineCallFrame::dumpInContext const): * bytecode/InstanceOfStatus.cpp: (JSC::InstanceOfStatus::computeFor): * bytecode/InstanceOfStatus.h: * bytecode/InstructionStream.h: (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::index const): (JSC::InstructionStream::at const): * bytecode/LazyOperandValueProfile.h: (JSC::LazyOperandValueProfileKey::LazyOperandValueProfileKey): (JSC::LazyOperandValueProfileKey::operator== const): (JSC::LazyOperandValueProfileKey::hash const): (JSC::LazyOperandValueProfileKey::bytecodeIndex const): (JSC::LazyOperandValueProfileKey::isHashTableDeletedValue const): (JSC::LazyOperandValueProfileKey::bytecodeOffset const): Deleted. * bytecode/MethodOfGettingAValueProfile.cpp: (JSC::MethodOfGettingAValueProfile::fromLazyOperand): * bytecode/MethodOfGettingAValueProfile.h: * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): (JSC::PutByIdStatus::computeFor): * bytecode/PutByIdStatus.h: * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::StructureStubInfo): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::lineNumberForBytecodeIndex): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeIndex const): (JSC::UnlinkedCodeBlock::handlerForBytecodeIndex): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): Deleted. (JSC::UnlinkedCodeBlock::handlerForBytecodeOffset): Deleted. * bytecode/UnlinkedCodeBlock.h: * bytecode/ValueProfile.h: (JSC::RareCaseProfile::RareCaseProfile): (JSC::getRareCaseProfileBytecodeIndex): (JSC::getRareCaseProfileBytecodeOffset): Deleted. * bytecompiler/BytecodeGenerator.cpp: (JSC::ForInContext::finalize): * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::currentPosition): * dfg/DFGBasicBlock.cpp: (JSC::DFG::BasicBlock::BasicBlock): * dfg/DFGBasicBlock.h: (JSC::DFG::getBytecodeBeginForBlock): (JSC::DFG::blockForBytecodeIndex): (JSC::DFG::blockForBytecodeOffset): Deleted. * dfg/DFGBlockInsertionSet.cpp: (JSC::DFG::BlockInsertionSet::insert): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::flushForTerminalImpl): (JSC::DFG::ByteCodeParser::flushIfTerminal): (JSC::DFG::ByteCodeParser::branchData): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getPrediction): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::makeSafe): (JSC::DFG::ByteCodeParser::makeDivSafe): (JSC::DFG::ByteCodeParser::allocateTargetableBlock): (JSC::DFG::ByteCodeParser::allocateUntargetableBlock): (JSC::DFG::ByteCodeParser::makeBlockTargetable): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::linkBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCommonData.cpp: (JSC::DFG::CommonData::addCodeOrigin): (JSC::DFG::CommonData::addUniqueCallSiteIndex): (JSC::DFG::CommonData::lastCallSite const): * dfg/DFGCommonData.h: (JSC::DFG::CommonData::catchOSREntryDataForBytecodeIndex): (JSC::DFG::CommonData::appendCatchEntrypoint): * dfg/DFGDriver.cpp: (JSC::DFG::compileImpl): (JSC::DFG::compile): * dfg/DFGDriver.h: * dfg/DFGGraph.cpp: (JSC::DFG::Graph::dump): (JSC::DFG::Graph::methodOfGettingAValueProfileFor): (JSC::DFG::Graph::willCatchExceptionInMachineFrame): * dfg/DFGGraph.h: * dfg/DFGJITCode.cpp: (JSC::DFG::JITCode::clearOSREntryBlockAndResetThresholds): * dfg/DFGJITCode.h: (JSC::DFG::JITCode::appendOSREntryData): (JSC::DFG::JITCode::osrEntryDataForBytecodeIndex): * dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::JITCompiler): (JSC::DFG::JITCompiler::compile): (JSC::DFG::JITCompiler::compileFunction): * dfg/DFGJITCompiler.h: (JSC::DFG::JITCompiler::setStartOfCode): * dfg/DFGLiveCatchVariablePreservationPhase.cpp: (JSC::DFG::LiveCatchVariablePreservationPhase::handleBlockForTryCatch): * dfg/DFGOSREntry.cpp: (JSC::DFG::OSREntryData::dumpInContext const): (JSC::DFG::prepareOSREntry): (JSC::DFG::prepareCatchOSREntry): * dfg/DFGOSREntry.h: (JSC::DFG::getOSREntryDataBytecodeIndex): (JSC::DFG::prepareOSREntry): * dfg/DFGOSREntrypointCreationPhase.cpp: (JSC::DFG::OSREntrypointCreationPhase::run): * dfg/DFGOSRExit.cpp: (JSC::DFG::OSRExit::executeOSRExit): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): (JSC::DFG::printOSRExit): (JSC::DFG::OSRExit::compileExit): (JSC::DFG::OSRExit::debugOperationPrintSpeculationFailure): * dfg/DFGOSRExit.h: * dfg/DFGOSRExitCompilerCommon.cpp: (JSC::DFG::callerReturnPC): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): * dfg/DFGOSRExitCompilerCommon.h: * dfg/DFGOperations.cpp: * dfg/DFGOperations.h: * dfg/DFGPlan.cpp: (JSC::DFG::Plan::Plan): (JSC::DFG::Plan::compileInThreadImpl): (JSC::DFG::Plan::cleanMustHandleValuesIfNecessary): * dfg/DFGPlan.h: (JSC::DFG::Plan::osrEntryBytecodeIndex const): (JSC::DFG::Plan::tierUpInLoopHierarchy): (JSC::DFG::Plan::tierUpAndOSREnterBytecodes): * dfg/DFGSSAConversionPhase.cpp: (JSC::DFG::SSAConversionPhase::run): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileCurrentBlock): (JSC::DFG::SpeculativeJIT::checkArgumentTypes): (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileValueMul): (JSC::DFG::SpeculativeJIT::emitSwitchCharStringJump): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGTierUpCheckInjectionPhase.cpp: (JSC::DFG::TierUpCheckInjectionPhase::run): (JSC::DFG::TierUpCheckInjectionPhase::buildNaturalLoopToLoopHintMap): * dfg/DFGToFTLForOSREntryDeferredCompilationCallback.cpp: (JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::compilationDidComplete): * dfg/DFGValidate.cpp: * ftl/FTLCompile.cpp: (JSC::FTL::compile): * ftl/FTLForOSREntryJITCode.h: (JSC::FTL::ForOSREntryJITCode::setBytecodeIndex): (JSC::FTL::ForOSREntryJITCode::bytecodeIndex const): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::lower): (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileValueMul): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOSREntry.cpp: (JSC::FTL::prepareOSREntry): * ftl/FTLOSREntry.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::callSiteIndex const): (JSC::CallFrame::unsafeCallSiteIndex const): (JSC::CallFrame::setCurrentVPC): (JSC::CallFrame::bytecodeIndex): (JSC::CallFrame::codeOrigin): (JSC::CallFrame::dump): (JSC::CallFrame::bytecodeOffset): Deleted. * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::CallSiteIndex::operator bool const): (JSC::CallSiteIndex::operator== const): (JSC::CallSiteIndex::bits const): (JSC::CallSiteIndex::bytecodeIndex const): (JSC::DisposableCallSiteIndex::DisposableCallSiteIndex): (): Deleted. * interpreter/Interpreter.cpp: (JSC::GetStackTraceFunctor::operator() const): (JSC::findExceptionHandler): * interpreter/ShadowChicken.cpp: (JSC::ShadowChicken::update): * interpreter/StackVisitor.cpp: (JSC::StackVisitor::readNonInlinedFrame): (JSC::StackVisitor::readInlinedFrame): (JSC::StackVisitor::Frame::retrieveExpressionInfo const): (JSC::StackVisitor::Frame::dump const): * interpreter/StackVisitor.h: (JSC::StackVisitor::Frame::bytecodeIndex const): (JSC::StackVisitor::Frame::bytecodeOffset const): Deleted. * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitEnterOptimizationCheck): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): (JSC::JIT::privateCompileExceptionHandlers): * jit/JIT.h: (JSC::CallRecord::CallRecord): (JSC::SlowCaseEntry::SlowCaseEntry): (JSC::SwitchRecord::SwitchRecord): (JSC::ByValCompilationInfo::ByValCompilationInfo): * jit/JITCall.cpp: (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileOpCall): * jit/JITCodeMap.h: (JSC::JITCodeMap::Entry::Entry): (JSC::JITCodeMap::Entry::bytecodeIndex const): (JSC::JITCodeMap::append): (JSC::JITCodeMap::find const): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::dumpVectorForInstructions): (JSC::JITDisassembler::reportInstructions): * jit/JITDisassembler.h: * jit/JITInlines.h: (JSC::JIT::emitNakedCall): (JSC::JIT::emitNakedTailCall): (JSC::JIT::updateTopCallFrame): (JSC::JIT::linkAllSlowCasesForBytecodeIndex): (JSC::JIT::addSlowCase): (JSC::JIT::addJump): (JSC::JIT::emitJumpSlowToHot): (JSC::JIT::emitGetVirtualRegister): (JSC::JIT::linkAllSlowCasesForBytecodeOffset): Deleted. * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_instanceof): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emit_op_log_shadow_chicken_tail): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_instanceof): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_has_indexed_property): * jit/JITOperations.cpp: (JSC::getByVal): (JSC::tryGetByValOptimize): * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emit_op_in_by_id): * jit/JITWorklist.cpp: (JSC::JITWorklist::Plan::Plan): (JSC::JITWorklist::Plan::compileNow): (JSC::JITWorklist::compileLater): (JSC::JITWorklist::compileNow): * jit/JITWorklist.h: * jit/PCToCodeOriginMap.cpp: (JSC::PCToCodeOriginMap::PCToCodeOriginMap): (JSC::PCToCodeOriginMap::findPC const): * jit/PCToCodeOriginMap.h: (JSC::PCToCodeOriginMapBuilder::defaultCodeOrigin): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::call): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::jitCompileAndSetHeuristics): (JSC::LLInt::LLINT_SLOW_PATH_DECL): * profiler/ProfilerOrigin.cpp: (JSC::Profiler::Origin::Origin): (JSC::Profiler::Origin::dump const): (JSC::Profiler::Origin::toJS const): * profiler/ProfilerOrigin.h: (JSC::Profiler::Origin::Origin): (JSC::Profiler::Origin::operator! const): (JSC::Profiler::Origin::bytecodeIndex const): (JSC::Profiler::Origin::hash const): (JSC::Profiler::Origin::isHashTableDeletedValue const): * runtime/Error.cpp: (JSC::getBytecodeIndex): (JSC::getBytecodeOffset): Deleted. * runtime/Error.h: * runtime/ErrorInstance.cpp: (JSC::appendSourceToError): (JSC::ErrorInstance::finishCreation): * runtime/SamplingProfiler.cpp: (JSC::tryGetBytecodeIndex): (JSC::SamplingProfiler::processUnverifiedStackTraces): (JSC::SamplingProfiler::reportTopBytecodes): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::StackFrame::CodeLocation::hasBytecodeIndex const): * runtime/StackFrame.cpp: (JSC::StackFrame::StackFrame): (JSC::StackFrame::computeLineAndColumn const): * runtime/StackFrame.h: (JSC::StackFrame::hasBytecodeIndex const): (JSC::StackFrame::bytecodeIndex): (JSC::StackFrame::hasBytecodeOffset const): Deleted. (JSC::StackFrame::bytecodeOffset): Deleted. * tools/VMInspector.cpp: (JSC::VMInspector::dumpRegisters): Canonical link: https://commits.webkit.org/216705@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@251468 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-10-23 00:55:38 +00:00
UnlinkedHandlerInfo* UnlinkedCodeBlock::handlerForBytecodeIndex(BytecodeIndex bytecodeIndex, RequiredHandler requiredHandler)
[DFG][FTL] Implement ES6 Generators in DFG / FTL https://bugs.webkit.org/show_bug.cgi?id=152723 Reviewed by Filip Pizlo. JSTests: * stress/generator-fib-ftl-and-array.js: Added. (fib): * stress/generator-fib-ftl-and-object.js: Added. (fib): * stress/generator-fib-ftl-and-string.js: Added. (fib): * stress/generator-fib-ftl.js: Added. (fib): * stress/generator-frame-empty.js: Added. (shouldThrow): (shouldThrow.fib): * stress/generator-reduced-save-point-put-to-scope.js: Added. (shouldBe): (gen): * stress/generator-transfer-register-beyond-mutiple-yields.js: Added. (shouldBe): (gen): Source/JavaScriptCore: This patch introduces DFG and FTL support for ES6 generators. ES6 generator is compiled by the BytecodeGenerator. But at the last phase, BytecodeGenerator performs "generatorification" onto the unlinked code. In BytecodeGenerator phase, we just emit op_yield for each yield point. And we don't emit any generator related switch, save, and resume sequences here. Those are emitted by the generatorification phase. So the graph is super simple! Before the generatorification, the graph looks like this. op_enter -> ...... -> op_yield -> ..... -> op_yield -> ... Roughly speaking, in the generatorification phase, we turn out which variables should be saved and resumed at each op_yield. This is done by liveness analysis. After that, we convert op_yield to the sequence of "op_put_to_scope", "op_ret", and "op_get_from_scope". op_put_to_scope and op_get_from_scope sequences are corresponding to the save and resume sequences. We set up the scope for the generator frame and perform op_put_to_scope and op_get_from_scope onto it. The live registers are saved and resumed over the generator's next() calls by using this special generator frame scope. And we also set up the global switch for the generator. In the generatorification phase, 1. We construct the BytecodeGraph from the unlinked instructions. This constructs the basic blocks, and it is used in the subsequent analysis. 2. We perform the analysis onto the unlinked code. We extract the live variables at each op_yield. 3. We insert the get_from_scope and put_to_scope at each op_yield. Which registers should be saved and resumed is offered by (2). Then, clip the op_yield themselves. And we also insert the switch_imm. The jump targets of this switch are just after this op_switch_imm and each op_yield point. One interesting point is the try-range. We split the try-range at the op_yield point in BytecodeGenerator phase. This drops the hacky thing that is introduced in [1]. If the try-range covers the resume sequences, the exception handler's use-registers are incorrectly transferred to the entry block. For example, handler uses r2 try-range label:(entry block can jump here) ^ r1 = get_from_scope # resume sequence starts | use r2 is transferred to the entry block! r2 = get_from_scope | starts usual sequences | ... | Handler's r2 use should be considered at the `r1 = get_from_scope` point. Previously, we handle this edge case by treating op_resume specially in the liveness analysis[1]. To drop this workaround, we split the try-range not to cover this resume sequence. handler uses r2 try-range label:(entry block can jump here) r1 = get_from_scope # resume sequence starts r2 = get_from_scope starts usual sequences ^ try-range should start from here. ... | OK. Let's show the detailed example. 1. First, there is the normal bytecode sequence. Here, | represents the offsets, and [] represents the bytecodes. bytecodes | [ ] | [ ] | [ ] | [ ] | [ ] | [ ] | try-range <-----------------------------------> 2. When we emit the op_yield in the bytecode generator, we carefully split the try-range. bytecodes | [ ] | [ ] | [op_yield] | [ ] | [ ] | [ ] | try-range <-----------> <-----------------> 3. And in the generatorification phase, we insert the switch's jump target and save & resume sequences. And we also drop op_yield. Insert save seq Insert resume seq before op_yield. after op_yield's point. v v bytecodes | [ ] | [ ] | [op_yield] | [ ] | [ ] | [ ] | try-range <-----------> ^ <-----------------> ^ | Jump to here. Drop this op_yield. 4. The final layout is the following. bytecodes | [ ] | [ ][save seq][op_ret] | [resume seq] | [ ] | [ ] | [ ] | try-range <-----------------------------> <----------------> ^ Jump to here. The rewriting done by the BytecodeRewriter is executed in a batch manner. Since these modification changes the basic blocks and size of unlinked instructions, BytecodeRewriter also performs the offset adjustment for UnlinkedCodeBlock. So, this rewriting is performed onto the BytecodeGraph rather than BytecodeBasicBlock. The reason why we take this design is simple: we don't want to newly create the basic blocks and opcodes for this early phase like DFG. Instead, we perform the modification and adjustment to the unlinked instructions and UnlinkedCodeBlock in a in-place manner. Bytecode rewriting functionality is offered by BytecodeRewriter. BytecodeRewriter allows us to insert any bytecodes to any places in a in-place manner. BytecodeRewriter handles the original bytecode offsets as labels. And you can insert bytecodes before and after these labels. You can also insert any jumps to any places. When you insert jumps, you need to specify jump target with this labels. These labels (original bytecode offsets) are automatically converted to the appropriate offsets by BytecodeRewriter. After that phase, the data flow of the generator-saved-and-resumed-registers are explicitly represented by the get_from_scope and put_to_scope. And the switch is inserted to represent the actual control flow for the generator. And op_yield is removed. Since we use the existing bytecodes (op_switch_imm, op_put_to_scope op_ret, and op_get_from_scope), DFG and FTL changes are not necessary. This patch also drops data structures and implementations for the old generator, op_resume, op_save implementations and GeneratorFrame. Note that this patch does not leverage the recent multi entrypoints support in B3. After this patch is introduced, we will submit a new patch that leverages the multi entrypoints for generator's resume and sees the performance gain. Microbenchmarks related to generators show up to 2.9x improvements. Baseline Patched generator-fib 102.0116+-3.2880 ^ 34.9670+-0.2221 ^ definitely 2.9174x faster generator-sunspider-access-nsieve 5.8596+-0.0371 ^ 4.9051+-0.0720 ^ definitely 1.1946x faster generator-with-several-types 332.1478+-4.2425 ^ 124.6642+-2.4826 ^ definitely 2.6643x faster <geometric> 58.2998+-0.7758 ^ 27.7425+-0.2577 ^ definitely 2.1015x faster In ES6SampleBench's Basic, we can observe 41% improvement (Macbook Pro). Baseline: Geometric Mean Result: 133.55 ms +- 4.49 ms Benchmark First Iteration Worst 2% Steady State Air 54.03 ms +- 7.51 ms 29.06 ms +- 3.13 ms 2276.59 ms +- 61.17 ms Basic 30.18 ms +- 1.86 ms 18.85 ms +- 0.45 ms 2851.16 ms +- 41.87 ms Patched: Geometric Mean Result: 121.78 ms +- 3.96 ms Benchmark First Iteration Worst 2% Steady State Air 52.09 ms +- 6.89 ms 29.59 ms +- 3.16 ms 2239.90 ms +- 54.60 ms Basic 29.28 ms +- 1.46 ms 16.26 ms +- 0.66 ms 2025.15 ms +- 38.56 ms [1]: https://bugs.webkit.org/show_bug.cgi?id=159281 * CMakeLists.txt: * JavaScriptCore.xcodeproj/project.pbxproj: * builtins/GeneratorPrototype.js: (globalPrivate.generatorResume): * bytecode/BytecodeBasicBlock.cpp: (JSC::BytecodeBasicBlock::shrinkToFit): (JSC::BytecodeBasicBlock::computeImpl): (JSC::BytecodeBasicBlock::compute): (JSC::isBranch): Deleted. (JSC::isUnconditionalBranch): Deleted. (JSC::isTerminal): Deleted. (JSC::isThrow): Deleted. (JSC::linkBlocks): Deleted. (JSC::computeBytecodeBasicBlocks): Deleted. * bytecode/BytecodeBasicBlock.h: (JSC::BytecodeBasicBlock::isEntryBlock): (JSC::BytecodeBasicBlock::isExitBlock): (JSC::BytecodeBasicBlock::leaderOffset): (JSC::BytecodeBasicBlock::totalLength): (JSC::BytecodeBasicBlock::offsets): (JSC::BytecodeBasicBlock::successors): (JSC::BytecodeBasicBlock::index): (JSC::BytecodeBasicBlock::addSuccessor): (JSC::BytecodeBasicBlock::BytecodeBasicBlock): (JSC::BytecodeBasicBlock::addLength): (JSC::BytecodeBasicBlock::leaderBytecodeOffset): Deleted. (JSC::BytecodeBasicBlock::totalBytecodeLength): Deleted. (JSC::BytecodeBasicBlock::bytecodeOffsets): Deleted. (JSC::BytecodeBasicBlock::addBytecodeLength): Deleted. * bytecode/BytecodeGeneratorification.cpp: Added. (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::graph): (JSC::BytecodeGeneratorification::yields): (JSC::BytecodeGeneratorification::enterPoint): (JSC::BytecodeGeneratorification::storageForGeneratorLocal): (JSC::GeneratorLivenessAnalysis::GeneratorLivenessAnalysis): (JSC::GeneratorLivenessAnalysis::computeDefsForBytecodeOffset): (JSC::GeneratorLivenessAnalysis::computeUsesForBytecodeOffset): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): (JSC::performGeneratorification): * bytecode/BytecodeGeneratorification.h: Copied from Source/JavaScriptCore/bytecode/BytecodeLivenessAnalysisInlines.h. * bytecode/BytecodeGraph.h: Added. (JSC::BytecodeGraph::codeBlock): (JSC::BytecodeGraph::instructions): (JSC::BytecodeGraph::basicBlocksInReverseOrder): (JSC::BytecodeGraph::blockContainsBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockForBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockWithLeaderOffset): (JSC::BytecodeGraph::size): (JSC::BytecodeGraph::at): (JSC::BytecodeGraph::operator[]): (JSC::BytecodeGraph::begin): (JSC::BytecodeGraph::end): (JSC::BytecodeGraph::first): (JSC::BytecodeGraph::last): (JSC::BytecodeGraph<Block>::BytecodeGraph): * bytecode/BytecodeList.json: * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::BytecodeLivenessAnalysis): (JSC::BytecodeLivenessAnalysis::computeDefsForBytecodeOffset): (JSC::BytecodeLivenessAnalysis::computeUsesForBytecodeOffset): (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset): (JSC::BytecodeLivenessAnalysis::computeFullLiveness): (JSC::BytecodeLivenessAnalysis::computeKills): (JSC::BytecodeLivenessAnalysis::dumpResults): (JSC::BytecodeLivenessAnalysis::compute): (JSC::isValidRegisterForLiveness): Deleted. (JSC::getLeaderOffsetForBasicBlock): Deleted. (JSC::findBasicBlockWithLeaderOffset): Deleted. (JSC::blockContainsBytecodeOffset): Deleted. (JSC::findBasicBlockForBytecodeOffset): Deleted. (JSC::stepOverInstruction): Deleted. (JSC::computeLocalLivenessForBytecodeOffset): Deleted. (JSC::computeLocalLivenessForBlock): Deleted. (JSC::BytecodeLivenessAnalysis::runLivenessFixpoint): Deleted. * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::isValidRegisterForLiveness): (JSC::BytecodeLivenessPropagation<DerivedAnalysis>::stepOverInstruction): (JSC::BytecodeLivenessPropagation<DerivedAnalysis>::computeLocalLivenessForBytecodeOffset): (JSC::BytecodeLivenessPropagation<DerivedAnalysis>::computeLocalLivenessForBlock): (JSC::BytecodeLivenessPropagation<DerivedAnalysis>::getLivenessInfoAtBytecodeOffset): (JSC::BytecodeLivenessPropagation<DerivedAnalysis>::runLivenessFixpoint): * bytecode/BytecodeRewriter.cpp: Added. (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): (JSC::BytecodeRewriter::insertImpl): (JSC::BytecodeRewriter::adjustJumpTarget): * bytecode/BytecodeRewriter.h: Added. (JSC::BytecodeRewriter::InsertionPoint::InsertionPoint): (JSC::BytecodeRewriter::InsertionPoint::operator<): (JSC::BytecodeRewriter::InsertionPoint::operator==): (JSC::BytecodeRewriter::Insertion::length): (JSC::BytecodeRewriter::Fragment::Fragment): (JSC::BytecodeRewriter::Fragment::appendInstruction): (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::insertFragmentBefore): (JSC::BytecodeRewriter::insertFragmentAfter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::graph): (JSC::BytecodeRewriter::adjustAbsoluteOffset): (JSC::BytecodeRewriter::adjustJumpTarget): (JSC::BytecodeRewriter::calculateDifference): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::handlerForIndex): (JSC::CodeBlock::shrinkToFit): (JSC::CodeBlock::valueProfileForBytecodeOffset): (JSC::CodeBlock::livenessAnalysisSlow): * bytecode/CodeBlock.h: (JSC::CodeBlock::isConstantRegisterIndex): (JSC::CodeBlock::livenessAnalysis): (JSC::CodeBlock::liveCalleeLocalsAtYield): Deleted. * bytecode/HandlerInfo.h: (JSC::HandlerInfoBase::handlerForIndex): * bytecode/Opcode.h: (JSC::isBranch): (JSC::isUnconditionalBranch): (JSC::isTerminal): (JSC::isThrow): * bytecode/PreciseJumpTargets.cpp: (JSC::getJumpTargetsForBytecodeOffset): (JSC::computePreciseJumpTargetsInternal): (JSC::computePreciseJumpTargets): (JSC::recomputePreciseJumpTargets): (JSC::findJumpTargetsForBytecodeOffset): * bytecode/PreciseJumpTargets.h: * bytecode/PreciseJumpTargetsInlines.h: Added. (JSC::extractStoredJumpTargetsForBytecodeOffset): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::handlerForBytecodeOffset): (JSC::UnlinkedCodeBlock::handlerForIndex): (JSC::UnlinkedCodeBlock::applyModification): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedStringJumpTable::offsetForValue): (JSC::UnlinkedCodeBlock::numCalleeLocals): * bytecode/VirtualRegister.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::emitComplexPopScopes): (JSC::prepareJumpTableForStringSwitch): (JSC::BytecodeGenerator::emitYieldPoint): (JSC::BytecodeGenerator::emitSave): Deleted. (JSC::BytecodeGenerator::emitResume): Deleted. (JSC::BytecodeGenerator::emitGeneratorStateLabel): Deleted. (JSC::BytecodeGenerator::beginGenerator): Deleted. (JSC::BytecodeGenerator::endGenerator): Deleted. * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::generatorStateRegister): (JSC::BytecodeGenerator::generatorValueRegister): (JSC::BytecodeGenerator::generatorResumeModeRegister): (JSC::BytecodeGenerator::generatorFrameRegister): * bytecompiler/NodesCodegen.cpp: (JSC::FunctionNode::emitBytecode): * dfg/DFGOperations.cpp: * interpreter/Interpreter.cpp: (JSC::findExceptionHandler): (JSC::GetCatchHandlerFunctor::operator()): (JSC::UnwindFunctor::operator()): * interpreter/Interpreter.h: * interpreter/InterpreterInlines.h: Copied from Source/JavaScriptCore/bytecode/PreciseJumpTargets.h. (JSC::Interpreter::getOpcodeID): * jit/JIT.cpp: (JSC::JIT::privateCompileMainPass): * jit/JIT.h: * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_save): Deleted. (JSC::JIT::emit_op_resume): Deleted. * llint/LowLevelInterpreter.asm: * parser/Parser.cpp: (JSC::Parser<LexerType>::parseInner): (JSC::Parser<LexerType>::parseGeneratorFunctionSourceElements): (JSC::Parser<LexerType>::createGeneratorParameters): * parser/Parser.h: * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): Deleted. * runtime/CommonSlowPaths.h: * runtime/GeneratorFrame.cpp: Removed. (JSC::GeneratorFrame::GeneratorFrame): Deleted. (JSC::GeneratorFrame::finishCreation): Deleted. (JSC::GeneratorFrame::createStructure): Deleted. (JSC::GeneratorFrame::create): Deleted. (JSC::GeneratorFrame::save): Deleted. (JSC::GeneratorFrame::resume): Deleted. (JSC::GeneratorFrame::visitChildren): Deleted. * runtime/GeneratorFrame.h: Removed. (JSC::GeneratorFrame::locals): Deleted. (JSC::GeneratorFrame::localAt): Deleted. (JSC::GeneratorFrame::offsetOfLocals): Deleted. (JSC::GeneratorFrame::allocationSizeForLocals): Deleted. * runtime/JSGeneratorFunction.h: * runtime/VM.cpp: (JSC::VM::VM): * runtime/VM.h: Source/WTF: * wtf/FastBitVector.h: (WTF::FastBitVector::FastBitVector): Canonical link: https://commits.webkit.org/179373@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@204994 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2016-08-25 22:55:10 +00:00
{
BytecodeIndex should be a proper C++ class https://bugs.webkit.org/show_bug.cgi?id=203276 Reviewed by Mark Lam. This patch makes a change to how we refer to the bytecode index in a bytecode stream. Previously we just used an unsigned number to represent the index, this patch changes most of the code to use a BytecodeIndex class instead. The only places where this patch does not change this is for jump and switch targets / deltas. Additionally, this patch attempts to canonicalize the terminology around how we refer to bytecode indices. Now we use the word index to refer to the bytecode index class and offset to refer to the unsigned byte offset into the instruction stream. * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * bytecode/ByValInfo.h: (JSC::ByValInfo::ByValInfo): (JSC::getByValInfoBytecodeIndex): * bytecode/BytecodeBasicBlock.cpp: (JSC::BytecodeBasicBlock::computeImpl): * bytecode/BytecodeGeneratorification.cpp: (JSC::GeneratorLivenessAnalysis::run): * bytecode/BytecodeIndex.cpp: Added. (JSC::BytecodeIndex::dump const): * bytecode/BytecodeIndex.h: Added. (JSC::BytecodeIndex::BytecodeIndex): (JSC::BytecodeIndex::offset const): (JSC::BytecodeIndex::asBits const): (JSC::BytecodeIndex::hash const): (JSC::BytecodeIndex::deletedValue): (JSC::BytecodeIndex::isHashTableDeletedValue const): (JSC::BytecodeIndex::operator bool const): (JSC::BytecodeIndex::operator == const): (JSC::BytecodeIndex::operator != const): (JSC::BytecodeIndex::operator < const): (JSC::BytecodeIndex::operator > const): (JSC::BytecodeIndex::operator <= const): (JSC::BytecodeIndex::operator >= const): (JSC::BytecodeIndex::fromBits): (JSC::BytecodeIndexHash::hash): (JSC::BytecodeIndexHash::equal): * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeIndex): (JSC::BytecodeLivenessAnalysis::computeFullLiveness): (JSC::BytecodeLivenessAnalysis::computeKills): (JSC::BytecodeLivenessAnalysis::dumpResults): (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset): Deleted. * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::BytecodeLivenessPropagation::stepOverInstruction): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeIndex): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBlock): (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeIndex): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeOffset): Deleted. (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeOffset): Deleted. * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeIndex): (JSC::computeDefsForBytecodeIndex): (JSC::computeUsesForBytecodeOffset): Deleted. (JSC::computeDefsForBytecodeOffset): Deleted. * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): (JSC::CallLinkStatus::computeFor): (JSC::CallLinkStatus::computeExitSiteData): * bytecode/CallLinkStatus.h: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::getCallLinkInfoForBytecodeIndex): (JSC::CodeBlock::addRareCaseProfile): (JSC::CodeBlock::rareCaseProfileForBytecodeIndex): (JSC::CodeBlock::rareCaseProfileCountForBytecodeIndex): (JSC::CodeBlock::handlerForBytecodeIndex): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndex): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndexSlow): (JSC::CodeBlock::lineNumberForBytecodeIndex): (JSC::CodeBlock::columnNumberForBytecodeIndex): (JSC::CodeBlock::expressionRangeForBytecodeIndex const): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::tryGetValueProfileForBytecodeIndex): (JSC::CodeBlock::valueProfilePredictionForBytecodeIndex): (JSC::CodeBlock::valueProfileForBytecodeIndex): (JSC::CodeBlock::validate): (JSC::CodeBlock::arithProfileForBytecodeIndex): (JSC::CodeBlock::couldTakeSpecialArithFastCase): (JSC::CodeBlock::bytecodeIndexFromCallSiteIndex): (JSC::CodeBlock::rareCaseProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::rareCaseProfileCountForBytecodeOffset): Deleted. (JSC::CodeBlock::handlerForBytecodeOffset): Deleted. (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): Deleted. (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): Deleted. (JSC::CodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::CodeBlock::columnNumberForBytecodeOffset): Deleted. (JSC::CodeBlock::expressionRangeForBytecodeOffset const): Deleted. (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): Deleted. (JSC::CodeBlock::valueProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::arithProfileForBytecodeOffset): Deleted. (JSC::CodeBlock::couldTakeSpecialFastCase): Deleted. (JSC::CodeBlock::bytecodeOffsetFromCallSiteIndex): Deleted. * bytecode/CodeBlock.h: (JSC::CodeBlock::likelyToTakeSlowCase): (JSC::CodeBlock::couldTakeSlowCase): (JSC::CodeBlock::bytecodeIndex): * bytecode/CodeOrigin.cpp: (JSC::CodeOrigin::approximateHash const): (JSC::CodeOrigin::dump const): * bytecode/CodeOrigin.h: (JSC::CodeOrigin::CodeOrigin): (JSC::CodeOrigin::isSet const): (JSC::CodeOrigin::isHashTableDeletedValue const): (JSC::CodeOrigin::bytecodeIndex const): (JSC::CodeOrigin::OutOfLineCodeOrigin::OutOfLineCodeOrigin): (JSC::CodeOrigin::buildCompositeValue): (JSC::CodeOrigin::hash const): * bytecode/DFGExitProfile.cpp: (JSC::DFG::FrequentExitSite::dump const): (JSC::DFG::ExitProfile::exitSitesFor): * bytecode/DFGExitProfile.h: (JSC::DFG::FrequentExitSite::FrequentExitSite): (JSC::DFG::FrequentExitSite::operator== const): (JSC::DFG::FrequentExitSite::subsumes const): (JSC::DFG::FrequentExitSite::hash const): (JSC::DFG::FrequentExitSite::bytecodeIndex const): (JSC::DFG::FrequentExitSite::isHashTableDeletedValue const): (JSC::DFG::QueryableExitProfile::hasExitSite const): (JSC::DFG::FrequentExitSite::bytecodeOffset const): Deleted. * bytecode/DeferredSourceDump.cpp: (JSC::DeferredSourceDump::DeferredSourceDump): (JSC::DeferredSourceDump::dump): * bytecode/DeferredSourceDump.h: (): Deleted. * bytecode/FullBytecodeLiveness.h: (JSC::FullBytecodeLiveness::getLiveness const): (JSC::FullBytecodeLiveness::operandIsLive const): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): (JSC::GetByIdStatus::computeFor): (JSC::GetByIdStatus::computeForStubInfo): * bytecode/GetByIdStatus.h: * bytecode/ICStatusUtils.cpp: (JSC::hasBadCacheExitSite): * bytecode/ICStatusUtils.h: * bytecode/InByIdStatus.cpp: (JSC::InByIdStatus::computeFor): * bytecode/InByIdStatus.h: * bytecode/InlineCallFrame.cpp: (JSC::InlineCallFrame::dumpInContext const): * bytecode/InstanceOfStatus.cpp: (JSC::InstanceOfStatus::computeFor): * bytecode/InstanceOfStatus.h: * bytecode/InstructionStream.h: (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::index const): (JSC::InstructionStream::at const): * bytecode/LazyOperandValueProfile.h: (JSC::LazyOperandValueProfileKey::LazyOperandValueProfileKey): (JSC::LazyOperandValueProfileKey::operator== const): (JSC::LazyOperandValueProfileKey::hash const): (JSC::LazyOperandValueProfileKey::bytecodeIndex const): (JSC::LazyOperandValueProfileKey::isHashTableDeletedValue const): (JSC::LazyOperandValueProfileKey::bytecodeOffset const): Deleted. * bytecode/MethodOfGettingAValueProfile.cpp: (JSC::MethodOfGettingAValueProfile::fromLazyOperand): * bytecode/MethodOfGettingAValueProfile.h: * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): (JSC::PutByIdStatus::computeFor): * bytecode/PutByIdStatus.h: * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::StructureStubInfo): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::lineNumberForBytecodeIndex): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeIndex const): (JSC::UnlinkedCodeBlock::handlerForBytecodeIndex): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): Deleted. (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): Deleted. (JSC::UnlinkedCodeBlock::handlerForBytecodeOffset): Deleted. * bytecode/UnlinkedCodeBlock.h: * bytecode/ValueProfile.h: (JSC::RareCaseProfile::RareCaseProfile): (JSC::getRareCaseProfileBytecodeIndex): (JSC::getRareCaseProfileBytecodeOffset): Deleted. * bytecompiler/BytecodeGenerator.cpp: (JSC::ForInContext::finalize): * debugger/DebuggerCallFrame.cpp: (JSC::DebuggerCallFrame::currentPosition): * dfg/DFGBasicBlock.cpp: (JSC::DFG::BasicBlock::BasicBlock): * dfg/DFGBasicBlock.h: (JSC::DFG::getBytecodeBeginForBlock): (JSC::DFG::blockForBytecodeIndex): (JSC::DFG::blockForBytecodeOffset): Deleted. * dfg/DFGBlockInsertionSet.cpp: (JSC::DFG::BlockInsertionSet::insert): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::flushForTerminalImpl): (JSC::DFG::ByteCodeParser::flushIfTerminal): (JSC::DFG::ByteCodeParser::branchData): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getPrediction): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::makeSafe): (JSC::DFG::ByteCodeParser::makeDivSafe): (JSC::DFG::ByteCodeParser::allocateTargetableBlock): (JSC::DFG::ByteCodeParser::allocateUntargetableBlock): (JSC::DFG::ByteCodeParser::makeBlockTargetable): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::linkBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCommonData.cpp: (JSC::DFG::CommonData::addCodeOrigin): (JSC::DFG::CommonData::addUniqueCallSiteIndex): (JSC::DFG::CommonData::lastCallSite const): * dfg/DFGCommonData.h: (JSC::DFG::CommonData::catchOSREntryDataForBytecodeIndex): (JSC::DFG::CommonData::appendCatchEntrypoint): * dfg/DFGDriver.cpp: (JSC::DFG::compileImpl): (JSC::DFG::compile): * dfg/DFGDriver.h: * dfg/DFGGraph.cpp: (JSC::DFG::Graph::dump): (JSC::DFG::Graph::methodOfGettingAValueProfileFor): (JSC::DFG::Graph::willCatchExceptionInMachineFrame): * dfg/DFGGraph.h: * dfg/DFGJITCode.cpp: (JSC::DFG::JITCode::clearOSREntryBlockAndResetThresholds): * dfg/DFGJITCode.h: (JSC::DFG::JITCode::appendOSREntryData): (JSC::DFG::JITCode::osrEntryDataForBytecodeIndex): * dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::JITCompiler): (JSC::DFG::JITCompiler::compile): (JSC::DFG::JITCompiler::compileFunction): * dfg/DFGJITCompiler.h: (JSC::DFG::JITCompiler::setStartOfCode): * dfg/DFGLiveCatchVariablePreservationPhase.cpp: (JSC::DFG::LiveCatchVariablePreservationPhase::handleBlockForTryCatch): * dfg/DFGOSREntry.cpp: (JSC::DFG::OSREntryData::dumpInContext const): (JSC::DFG::prepareOSREntry): (JSC::DFG::prepareCatchOSREntry): * dfg/DFGOSREntry.h: (JSC::DFG::getOSREntryDataBytecodeIndex): (JSC::DFG::prepareOSREntry): * dfg/DFGOSREntrypointCreationPhase.cpp: (JSC::DFG::OSREntrypointCreationPhase::run): * dfg/DFGOSRExit.cpp: (JSC::DFG::OSRExit::executeOSRExit): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): (JSC::DFG::printOSRExit): (JSC::DFG::OSRExit::compileExit): (JSC::DFG::OSRExit::debugOperationPrintSpeculationFailure): * dfg/DFGOSRExit.h: * dfg/DFGOSRExitCompilerCommon.cpp: (JSC::DFG::callerReturnPC): (JSC::DFG::reifyInlinedCallFrames): (JSC::DFG::adjustAndJumpToTarget): * dfg/DFGOSRExitCompilerCommon.h: * dfg/DFGOperations.cpp: * dfg/DFGOperations.h: * dfg/DFGPlan.cpp: (JSC::DFG::Plan::Plan): (JSC::DFG::Plan::compileInThreadImpl): (JSC::DFG::Plan::cleanMustHandleValuesIfNecessary): * dfg/DFGPlan.h: (JSC::DFG::Plan::osrEntryBytecodeIndex const): (JSC::DFG::Plan::tierUpInLoopHierarchy): (JSC::DFG::Plan::tierUpAndOSREnterBytecodes): * dfg/DFGSSAConversionPhase.cpp: (JSC::DFG::SSAConversionPhase::run): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileCurrentBlock): (JSC::DFG::SpeculativeJIT::checkArgumentTypes): (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileValueMul): (JSC::DFG::SpeculativeJIT::emitSwitchCharStringJump): * dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): * dfg/DFGTierUpCheckInjectionPhase.cpp: (JSC::DFG::TierUpCheckInjectionPhase::run): (JSC::DFG::TierUpCheckInjectionPhase::buildNaturalLoopToLoopHintMap): * dfg/DFGToFTLForOSREntryDeferredCompilationCallback.cpp: (JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::compilationDidComplete): * dfg/DFGValidate.cpp: * ftl/FTLCompile.cpp: (JSC::FTL::compile): * ftl/FTLForOSREntryJITCode.h: (JSC::FTL::ForOSREntryJITCode::setBytecodeIndex): (JSC::FTL::ForOSREntryJITCode::bytecodeIndex const): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::lower): (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileValueMul): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOSREntry.cpp: (JSC::FTL::prepareOSREntry): * ftl/FTLOSREntry.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::callSiteIndex const): (JSC::CallFrame::unsafeCallSiteIndex const): (JSC::CallFrame::setCurrentVPC): (JSC::CallFrame::bytecodeIndex): (JSC::CallFrame::codeOrigin): (JSC::CallFrame::dump): (JSC::CallFrame::bytecodeOffset): Deleted. * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::CallSiteIndex::operator bool const): (JSC::CallSiteIndex::operator== const): (JSC::CallSiteIndex::bits const): (JSC::CallSiteIndex::bytecodeIndex const): (JSC::DisposableCallSiteIndex::DisposableCallSiteIndex): (): Deleted. * interpreter/Interpreter.cpp: (JSC::GetStackTraceFunctor::operator() const): (JSC::findExceptionHandler): * interpreter/ShadowChicken.cpp: (JSC::ShadowChicken::update): * interpreter/StackVisitor.cpp: (JSC::StackVisitor::readNonInlinedFrame): (JSC::StackVisitor::readInlinedFrame): (JSC::StackVisitor::Frame::retrieveExpressionInfo const): (JSC::StackVisitor::Frame::dump const): * interpreter/StackVisitor.h: (JSC::StackVisitor::Frame::bytecodeIndex const): (JSC::StackVisitor::Frame::bytecodeOffset const): Deleted. * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitEnterOptimizationCheck): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): (JSC::JIT::privateCompileExceptionHandlers): * jit/JIT.h: (JSC::CallRecord::CallRecord): (JSC::SlowCaseEntry::SlowCaseEntry): (JSC::SwitchRecord::SwitchRecord): (JSC::ByValCompilationInfo::ByValCompilationInfo): * jit/JITCall.cpp: (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileOpCall): * jit/JITCodeMap.h: (JSC::JITCodeMap::Entry::Entry): (JSC::JITCodeMap::Entry::bytecodeIndex const): (JSC::JITCodeMap::append): (JSC::JITCodeMap::find const): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::dumpVectorForInstructions): (JSC::JITDisassembler::reportInstructions): * jit/JITDisassembler.h: * jit/JITInlines.h: (JSC::JIT::emitNakedCall): (JSC::JIT::emitNakedTailCall): (JSC::JIT::updateTopCallFrame): (JSC::JIT::linkAllSlowCasesForBytecodeIndex): (JSC::JIT::addSlowCase): (JSC::JIT::addJump): (JSC::JIT::emitJumpSlowToHot): (JSC::JIT::emitGetVirtualRegister): (JSC::JIT::linkAllSlowCasesForBytecodeOffset): Deleted. * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_instanceof): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emit_op_log_shadow_chicken_tail): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_instanceof): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_has_indexed_property): * jit/JITOperations.cpp: (JSC::getByVal): (JSC::tryGetByValOptimize): * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emit_op_in_by_id): * jit/JITWorklist.cpp: (JSC::JITWorklist::Plan::Plan): (JSC::JITWorklist::Plan::compileNow): (JSC::JITWorklist::compileLater): (JSC::JITWorklist::compileNow): * jit/JITWorklist.h: * jit/PCToCodeOriginMap.cpp: (JSC::PCToCodeOriginMap::PCToCodeOriginMap): (JSC::PCToCodeOriginMap::findPC const): * jit/PCToCodeOriginMap.h: (JSC::PCToCodeOriginMapBuilder::defaultCodeOrigin): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::call): * llint/LLIntSlowPaths.cpp: (JSC::LLInt::jitCompileAndSetHeuristics): (JSC::LLInt::LLINT_SLOW_PATH_DECL): * profiler/ProfilerOrigin.cpp: (JSC::Profiler::Origin::Origin): (JSC::Profiler::Origin::dump const): (JSC::Profiler::Origin::toJS const): * profiler/ProfilerOrigin.h: (JSC::Profiler::Origin::Origin): (JSC::Profiler::Origin::operator! const): (JSC::Profiler::Origin::bytecodeIndex const): (JSC::Profiler::Origin::hash const): (JSC::Profiler::Origin::isHashTableDeletedValue const): * runtime/Error.cpp: (JSC::getBytecodeIndex): (JSC::getBytecodeOffset): Deleted. * runtime/Error.h: * runtime/ErrorInstance.cpp: (JSC::appendSourceToError): (JSC::ErrorInstance::finishCreation): * runtime/SamplingProfiler.cpp: (JSC::tryGetBytecodeIndex): (JSC::SamplingProfiler::processUnverifiedStackTraces): (JSC::SamplingProfiler::reportTopBytecodes): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::StackFrame::CodeLocation::hasBytecodeIndex const): * runtime/StackFrame.cpp: (JSC::StackFrame::StackFrame): (JSC::StackFrame::computeLineAndColumn const): * runtime/StackFrame.h: (JSC::StackFrame::hasBytecodeIndex const): (JSC::StackFrame::bytecodeIndex): (JSC::StackFrame::hasBytecodeOffset const): Deleted. (JSC::StackFrame::bytecodeOffset): Deleted. * tools/VMInspector.cpp: (JSC::VMInspector::dumpRegisters): Canonical link: https://commits.webkit.org/216705@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@251468 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-10-23 00:55:38 +00:00
return handlerForIndex(bytecodeIndex.offset(), requiredHandler);
[DFG][FTL] Implement ES6 Generators in DFG / FTL https://bugs.webkit.org/show_bug.cgi?id=152723 Reviewed by Filip Pizlo. JSTests: * stress/generator-fib-ftl-and-array.js: Added. (fib): * stress/generator-fib-ftl-and-object.js: Added. (fib): * stress/generator-fib-ftl-and-string.js: Added. (fib): * stress/generator-fib-ftl.js: Added. (fib): * stress/generator-frame-empty.js: Added. (shouldThrow): (shouldThrow.fib): * stress/generator-reduced-save-point-put-to-scope.js: Added. (shouldBe): (gen): * stress/generator-transfer-register-beyond-mutiple-yields.js: Added. (shouldBe): (gen): Source/JavaScriptCore: This patch introduces DFG and FTL support for ES6 generators. ES6 generator is compiled by the BytecodeGenerator. But at the last phase, BytecodeGenerator performs "generatorification" onto the unlinked code. In BytecodeGenerator phase, we just emit op_yield for each yield point. And we don't emit any generator related switch, save, and resume sequences here. Those are emitted by the generatorification phase. So the graph is super simple! Before the generatorification, the graph looks like this. op_enter -> ...... -> op_yield -> ..... -> op_yield -> ... Roughly speaking, in the generatorification phase, we turn out which variables should be saved and resumed at each op_yield. This is done by liveness analysis. After that, we convert op_yield to the sequence of "op_put_to_scope", "op_ret", and "op_get_from_scope". op_put_to_scope and op_get_from_scope sequences are corresponding to the save and resume sequences. We set up the scope for the generator frame and perform op_put_to_scope and op_get_from_scope onto it. The live registers are saved and resumed over the generator's next() calls by using this special generator frame scope. And we also set up the global switch for the generator. In the generatorification phase, 1. We construct the BytecodeGraph from the unlinked instructions. This constructs the basic blocks, and it is used in the subsequent analysis. 2. We perform the analysis onto the unlinked code. We extract the live variables at each op_yield. 3. We insert the get_from_scope and put_to_scope at each op_yield. Which registers should be saved and resumed is offered by (2). Then, clip the op_yield themselves. And we also insert the switch_imm. The jump targets of this switch are just after this op_switch_imm and each op_yield point. One interesting point is the try-range. We split the try-range at the op_yield point in BytecodeGenerator phase. This drops the hacky thing that is introduced in [1]. If the try-range covers the resume sequences, the exception handler's use-registers are incorrectly transferred to the entry block. For example, handler uses r2 try-range label:(entry block can jump here) ^ r1 = get_from_scope # resume sequence starts | use r2 is transferred to the entry block! r2 = get_from_scope | starts usual sequences | ... | Handler's r2 use should be considered at the `r1 = get_from_scope` point. Previously, we handle this edge case by treating op_resume specially in the liveness analysis[1]. To drop this workaround, we split the try-range not to cover this resume sequence. handler uses r2 try-range label:(entry block can jump here) r1 = get_from_scope # resume sequence starts r2 = get_from_scope starts usual sequences ^ try-range should start from here. ... | OK. Let's show the detailed example. 1. First, there is the normal bytecode sequence. Here, | represents the offsets, and [] represents the bytecodes. bytecodes | [ ] | [ ] | [ ] | [ ] | [ ] | [ ] | try-range <-----------------------------------> 2. When we emit the op_yield in the bytecode generator, we carefully split the try-range. bytecodes | [ ] | [ ] | [op_yield] | [ ] | [ ] | [ ] | try-range <-----------> <-----------------> 3. And in the generatorification phase, we insert the switch's jump target and save & resume sequences. And we also drop op_yield. Insert save seq Insert resume seq before op_yield. after op_yield's point. v v bytecodes | [ ] | [ ] | [op_yield] | [ ] | [ ] | [ ] | try-range <-----------> ^ <-----------------> ^ | Jump to here. Drop this op_yield. 4. The final layout is the following. bytecodes | [ ] | [ ][save seq][op_ret] | [resume seq] | [ ] | [ ] | [ ] | try-range <-----------------------------> <----------------> ^ Jump to here. The rewriting done by the BytecodeRewriter is executed in a batch manner. Since these modification changes the basic blocks and size of unlinked instructions, BytecodeRewriter also performs the offset adjustment for UnlinkedCodeBlock. So, this rewriting is performed onto the BytecodeGraph rather than BytecodeBasicBlock. The reason why we take this design is simple: we don't want to newly create the basic blocks and opcodes for this early phase like DFG. Instead, we perform the modification and adjustment to the unlinked instructions and UnlinkedCodeBlock in a in-place manner. Bytecode rewriting functionality is offered by BytecodeRewriter. BytecodeRewriter allows us to insert any bytecodes to any places in a in-place manner. BytecodeRewriter handles the original bytecode offsets as labels. And you can insert bytecodes before and after these labels. You can also insert any jumps to any places. When you insert jumps, you need to specify jump target with this labels. These labels (original bytecode offsets) are automatically converted to the appropriate offsets by BytecodeRewriter. After that phase, the data flow of the generator-saved-and-resumed-registers are explicitly represented by the get_from_scope and put_to_scope. And the switch is inserted to represent the actual control flow for the generator. And op_yield is removed. Since we use the existing bytecodes (op_switch_imm, op_put_to_scope op_ret, and op_get_from_scope), DFG and FTL changes are not necessary. This patch also drops data structures and implementations for the old generator, op_resume, op_save implementations and GeneratorFrame. Note that this patch does not leverage the recent multi entrypoints support in B3. After this patch is introduced, we will submit a new patch that leverages the multi entrypoints for generator's resume and sees the performance gain. Microbenchmarks related to generators show up to 2.9x improvements. Baseline Patched generator-fib 102.0116+-3.2880 ^ 34.9670+-0.2221 ^ definitely 2.9174x faster generator-sunspider-access-nsieve 5.8596+-0.0371 ^ 4.9051+-0.0720 ^ definitely 1.1946x faster generator-with-several-types 332.1478+-4.2425 ^ 124.6642+-2.4826 ^ definitely 2.6643x faster <geometric> 58.2998+-0.7758 ^ 27.7425+-0.2577 ^ definitely 2.1015x faster In ES6SampleBench's Basic, we can observe 41% improvement (Macbook Pro). Baseline: Geometric Mean Result: 133.55 ms +- 4.49 ms Benchmark First Iteration Worst 2% Steady State Air 54.03 ms +- 7.51 ms 29.06 ms +- 3.13 ms 2276.59 ms +- 61.17 ms Basic 30.18 ms +- 1.86 ms 18.85 ms +- 0.45 ms 2851.16 ms +- 41.87 ms Patched: Geometric Mean Result: 121.78 ms +- 3.96 ms Benchmark First Iteration Worst 2% Steady State Air 52.09 ms +- 6.89 ms 29.59 ms +- 3.16 ms 2239.90 ms +- 54.60 ms Basic 29.28 ms +- 1.46 ms 16.26 ms +- 0.66 ms 2025.15 ms +- 38.56 ms [1]: https://bugs.webkit.org/show_bug.cgi?id=159281 * CMakeLists.txt: * JavaScriptCore.xcodeproj/project.pbxproj: * builtins/GeneratorPrototype.js: (globalPrivate.generatorResume): * bytecode/BytecodeBasicBlock.cpp: (JSC::BytecodeBasicBlock::shrinkToFit): (JSC::BytecodeBasicBlock::computeImpl): (JSC::BytecodeBasicBlock::compute): (JSC::isBranch): Deleted. (JSC::isUnconditionalBranch): Deleted. (JSC::isTerminal): Deleted. (JSC::isThrow): Deleted. (JSC::linkBlocks): Deleted. (JSC::computeBytecodeBasicBlocks): Deleted. * bytecode/BytecodeBasicBlock.h: (JSC::BytecodeBasicBlock::isEntryBlock): (JSC::BytecodeBasicBlock::isExitBlock): (JSC::BytecodeBasicBlock::leaderOffset): (JSC::BytecodeBasicBlock::totalLength): (JSC::BytecodeBasicBlock::offsets): (JSC::BytecodeBasicBlock::successors): (JSC::BytecodeBasicBlock::index): (JSC::BytecodeBasicBlock::addSuccessor): (JSC::BytecodeBasicBlock::BytecodeBasicBlock): (JSC::BytecodeBasicBlock::addLength): (JSC::BytecodeBasicBlock::leaderBytecodeOffset): Deleted. (JSC::BytecodeBasicBlock::totalBytecodeLength): Deleted. (JSC::BytecodeBasicBlock::bytecodeOffsets): Deleted. (JSC::BytecodeBasicBlock::addBytecodeLength): Deleted. * bytecode/BytecodeGeneratorification.cpp: Added. (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::graph): (JSC::BytecodeGeneratorification::yields): (JSC::BytecodeGeneratorification::enterPoint): (JSC::BytecodeGeneratorification::storageForGeneratorLocal): (JSC::GeneratorLivenessAnalysis::GeneratorLivenessAnalysis): (JSC::GeneratorLivenessAnalysis::computeDefsForBytecodeOffset): (JSC::GeneratorLivenessAnalysis::computeUsesForBytecodeOffset): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): (JSC::performGeneratorification): * bytecode/BytecodeGeneratorification.h: Copied from Source/JavaScriptCore/bytecode/BytecodeLivenessAnalysisInlines.h. * bytecode/BytecodeGraph.h: Added. (JSC::BytecodeGraph::codeBlock): (JSC::BytecodeGraph::instructions): (JSC::BytecodeGraph::basicBlocksInReverseOrder): (JSC::BytecodeGraph::blockContainsBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockForBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockWithLeaderOffset): (JSC::BytecodeGraph::size): (JSC::BytecodeGraph::at): (JSC::BytecodeGraph::operator[]): (JSC::BytecodeGraph::begin): (JSC::BytecodeGraph::end): (JSC::BytecodeGraph::first): (JSC::BytecodeGraph::last): (JSC::BytecodeGraph<Block>::BytecodeGraph): * bytecode/BytecodeList.json: * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::BytecodeLivenessAnalysis): (JSC::BytecodeLivenessAnalysis::computeDefsForBytecodeOffset): (JSC::BytecodeLivenessAnalysis::computeUsesForBytecodeOffset): (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset): (JSC::BytecodeLivenessAnalysis::computeFullLiveness): (JSC::BytecodeLivenessAnalysis::computeKills): (JSC::BytecodeLivenessAnalysis::dumpResults): (JSC::BytecodeLivenessAnalysis::compute): (JSC::isValidRegisterForLiveness): Deleted. (JSC::getLeaderOffsetForBasicBlock): Deleted. (JSC::findBasicBlockWithLeaderOffset): Deleted. (JSC::blockContainsBytecodeOffset): Deleted. (JSC::findBasicBlockForBytecodeOffset): Deleted. (JSC::stepOverInstruction): Deleted. (JSC::computeLocalLivenessForBytecodeOffset): Deleted. (JSC::computeLocalLivenessForBlock): Deleted. (JSC::BytecodeLivenessAnalysis::runLivenessFixpoint): Deleted. * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::isValidRegisterForLiveness): (JSC::BytecodeLivenessPropagation<DerivedAnalysis>::stepOverInstruction): (JSC::BytecodeLivenessPropagation<DerivedAnalysis>::computeLocalLivenessForBytecodeOffset): (JSC::BytecodeLivenessPropagation<DerivedAnalysis>::computeLocalLivenessForBlock): (JSC::BytecodeLivenessPropagation<DerivedAnalysis>::getLivenessInfoAtBytecodeOffset): (JSC::BytecodeLivenessPropagation<DerivedAnalysis>::runLivenessFixpoint): * bytecode/BytecodeRewriter.cpp: Added. (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): (JSC::BytecodeRewriter::insertImpl): (JSC::BytecodeRewriter::adjustJumpTarget): * bytecode/BytecodeRewriter.h: Added. (JSC::BytecodeRewriter::InsertionPoint::InsertionPoint): (JSC::BytecodeRewriter::InsertionPoint::operator<): (JSC::BytecodeRewriter::InsertionPoint::operator==): (JSC::BytecodeRewriter::Insertion::length): (JSC::BytecodeRewriter::Fragment::Fragment): (JSC::BytecodeRewriter::Fragment::appendInstruction): (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::insertFragmentBefore): (JSC::BytecodeRewriter::insertFragmentAfter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::graph): (JSC::BytecodeRewriter::adjustAbsoluteOffset): (JSC::BytecodeRewriter::adjustJumpTarget): (JSC::BytecodeRewriter::calculateDifference): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::handlerForIndex): (JSC::CodeBlock::shrinkToFit): (JSC::CodeBlock::valueProfileForBytecodeOffset): (JSC::CodeBlock::livenessAnalysisSlow): * bytecode/CodeBlock.h: (JSC::CodeBlock::isConstantRegisterIndex): (JSC::CodeBlock::livenessAnalysis): (JSC::CodeBlock::liveCalleeLocalsAtYield): Deleted. * bytecode/HandlerInfo.h: (JSC::HandlerInfoBase::handlerForIndex): * bytecode/Opcode.h: (JSC::isBranch): (JSC::isUnconditionalBranch): (JSC::isTerminal): (JSC::isThrow): * bytecode/PreciseJumpTargets.cpp: (JSC::getJumpTargetsForBytecodeOffset): (JSC::computePreciseJumpTargetsInternal): (JSC::computePreciseJumpTargets): (JSC::recomputePreciseJumpTargets): (JSC::findJumpTargetsForBytecodeOffset): * bytecode/PreciseJumpTargets.h: * bytecode/PreciseJumpTargetsInlines.h: Added. (JSC::extractStoredJumpTargetsForBytecodeOffset): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::handlerForBytecodeOffset): (JSC::UnlinkedCodeBlock::handlerForIndex): (JSC::UnlinkedCodeBlock::applyModification): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedStringJumpTable::offsetForValue): (JSC::UnlinkedCodeBlock::numCalleeLocals): * bytecode/VirtualRegister.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::emitComplexPopScopes): (JSC::prepareJumpTableForStringSwitch): (JSC::BytecodeGenerator::emitYieldPoint): (JSC::BytecodeGenerator::emitSave): Deleted. (JSC::BytecodeGenerator::emitResume): Deleted. (JSC::BytecodeGenerator::emitGeneratorStateLabel): Deleted. (JSC::BytecodeGenerator::beginGenerator): Deleted. (JSC::BytecodeGenerator::endGenerator): Deleted. * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::generatorStateRegister): (JSC::BytecodeGenerator::generatorValueRegister): (JSC::BytecodeGenerator::generatorResumeModeRegister): (JSC::BytecodeGenerator::generatorFrameRegister): * bytecompiler/NodesCodegen.cpp: (JSC::FunctionNode::emitBytecode): * dfg/DFGOperations.cpp: * interpreter/Interpreter.cpp: (JSC::findExceptionHandler): (JSC::GetCatchHandlerFunctor::operator()): (JSC::UnwindFunctor::operator()): * interpreter/Interpreter.h: * interpreter/InterpreterInlines.h: Copied from Source/JavaScriptCore/bytecode/PreciseJumpTargets.h. (JSC::Interpreter::getOpcodeID): * jit/JIT.cpp: (JSC::JIT::privateCompileMainPass): * jit/JIT.h: * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_save): Deleted. (JSC::JIT::emit_op_resume): Deleted. * llint/LowLevelInterpreter.asm: * parser/Parser.cpp: (JSC::Parser<LexerType>::parseInner): (JSC::Parser<LexerType>::parseGeneratorFunctionSourceElements): (JSC::Parser<LexerType>::createGeneratorParameters): * parser/Parser.h: * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): Deleted. * runtime/CommonSlowPaths.h: * runtime/GeneratorFrame.cpp: Removed. (JSC::GeneratorFrame::GeneratorFrame): Deleted. (JSC::GeneratorFrame::finishCreation): Deleted. (JSC::GeneratorFrame::createStructure): Deleted. (JSC::GeneratorFrame::create): Deleted. (JSC::GeneratorFrame::save): Deleted. (JSC::GeneratorFrame::resume): Deleted. (JSC::GeneratorFrame::visitChildren): Deleted. * runtime/GeneratorFrame.h: Removed. (JSC::GeneratorFrame::locals): Deleted. (JSC::GeneratorFrame::localAt): Deleted. (JSC::GeneratorFrame::offsetOfLocals): Deleted. (JSC::GeneratorFrame::allocationSizeForLocals): Deleted. * runtime/JSGeneratorFunction.h: * runtime/VM.cpp: (JSC::VM::VM): * runtime/VM.h: Source/WTF: * wtf/FastBitVector.h: (WTF::FastBitVector::FastBitVector): Canonical link: https://commits.webkit.org/179373@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@204994 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2016-08-25 22:55:10 +00:00
}
UnlinkedHandlerInfo* UnlinkedCodeBlock::handlerForIndex(unsigned index, RequiredHandler requiredHandler)
{
if (!m_rareData)
return nullptr;
[JSC] Introduce UnlinkedCodeBlockGenerator and reduce sizeof(UnlinkedCodeBlock) https://bugs.webkit.org/show_bug.cgi?id=207087 Reviewed by Tadeu Zagallo. Source/JavaScriptCore: While UnlinkedCodeBlock is immutable once it is created from BytecodeGenerator, it has many mutable Vectors. This is because we are using UnlinkedCodeBlock as a builder of UnlinkedCodeBlock itself too in BytecodeGenerator. Since Vector takes 16 bytes to allow efficient expansions, it is nice if we can use RefCountedArray instead when we know this Vector is immutable. In this patch, we introduce UnlinkedCodeBlockGenerator wrapper. BytecodeGenerator, BytecodeRewriter, BytecodeDumper, and BytecodeGeneratorification interact with UnlinkedCodeBlockGenerator instead of UnlinkedCodeBlock. And UnlinkedCodeBlockGenerator will generate the finalized UnlinkedCodeBlock. This design allows us to use RefCountedArray for data in UnlinkedCodeBlock, which is (1) smaller and (2) doing shrinkToFit operation when creating it from Vector. This patch reduces sizeof(UnlinkedCodeBlock) from 256 to 168, 88 bytes reduction. * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * bytecode/BytecodeBasicBlock.cpp: (JSC::BytecodeBasicBlock::compute): * bytecode/BytecodeBasicBlock.h: * bytecode/BytecodeDumper.cpp: * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): (JSC::performGeneratorification): * bytecode/BytecodeGeneratorification.h: * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::BytecodeRewriter): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::setConstantIdentifierSetRegisters): (JSC::CodeBlock::setConstantRegisters): (JSC::CodeBlock::handlerForIndex): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: (JSC::CodeBlock::numberOfSwitchJumpTables const): (JSC::CodeBlock::numberOfStringSwitchJumpTables const): (JSC::CodeBlock::addSwitchJumpTable): Deleted. (JSC::CodeBlock::addStringSwitchJumpTable): Deleted. * bytecode/HandlerInfo.h: (JSC::HandlerInfoBase::handlerForIndex): * bytecode/JumpTable.h: (JSC::SimpleJumpTable::add): Deleted. * bytecode/PreciseJumpTargets.cpp: (JSC::computePreciseJumpTargets): (JSC::recomputePreciseJumpTargets): (JSC::findJumpTargetsForInstruction): * bytecode/PreciseJumpTargets.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::dumpExpressionRangeInfo): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeIndex const): (JSC::UnlinkedCodeBlock::handlerForIndex): (JSC::UnlinkedCodeBlock::addExpressionInfo): Deleted. (JSC::UnlinkedCodeBlock::addTypeProfilerExpressionInfo): Deleted. (JSC::UnlinkedCodeBlock::setInstructions): Deleted. (JSC::UnlinkedCodeBlock::applyModification): Deleted. (JSC::UnlinkedCodeBlock::shrinkToFit): Deleted. (JSC::UnlinkedCodeBlock::addOutOfLineJumpTarget): Deleted. * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::expressionInfo): (JSC::UnlinkedCodeBlock::setNumParameters): (JSC::UnlinkedCodeBlock::numberOfIdentifiers const): (JSC::UnlinkedCodeBlock::identifiers const): (JSC::UnlinkedCodeBlock::bitVector): (JSC::UnlinkedCodeBlock::constantRegisters): (JSC::UnlinkedCodeBlock::constantsSourceCodeRepresentation): (JSC::UnlinkedCodeBlock::constantIdentifierSets): (JSC::UnlinkedCodeBlock::numberOfJumpTargets const): (JSC::UnlinkedCodeBlock::numberOfSwitchJumpTables const): (JSC::UnlinkedCodeBlock::numberOfStringSwitchJumpTables const): (JSC::UnlinkedCodeBlock::numberOfFunctionDecls): (JSC::UnlinkedCodeBlock::numberOfExceptionHandlers const): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const): (JSC::UnlinkedCodeBlock::createRareDataIfNecessary): (JSC::UnlinkedCodeBlock::addParameter): Deleted. (JSC::UnlinkedCodeBlock::addIdentifier): Deleted. (JSC::UnlinkedCodeBlock::addBitVector): Deleted. (JSC::UnlinkedCodeBlock::addSetConstant): Deleted. (JSC::UnlinkedCodeBlock::addConstant): Deleted. (JSC::UnlinkedCodeBlock::addJumpTarget): Deleted. (JSC::UnlinkedCodeBlock::addSwitchJumpTable): Deleted. (JSC::UnlinkedCodeBlock::addStringSwitchJumpTable): Deleted. (JSC::UnlinkedCodeBlock::addFunctionDecl): Deleted. (JSC::UnlinkedCodeBlock::addFunctionExpr): Deleted. (JSC::UnlinkedCodeBlock::addExceptionHandler): Deleted. (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): Deleted. (JSC::UnlinkedCodeBlock::replaceOutOfLineJumpTargets): Deleted. * bytecode/UnlinkedCodeBlockGenerator.cpp: Added. (JSC::UnlinkedCodeBlockGenerator::getLineAndColumn const): (JSC::UnlinkedCodeBlockGenerator::addExpressionInfo): (JSC::UnlinkedCodeBlockGenerator::addTypeProfilerExpressionInfo): (JSC::UnlinkedCodeBlockGenerator::finalize): (JSC::UnlinkedCodeBlockGenerator::handlerForBytecodeIndex): (JSC::UnlinkedCodeBlockGenerator::handlerForIndex): (JSC::UnlinkedCodeBlockGenerator::applyModification): (JSC::UnlinkedCodeBlockGenerator::addOutOfLineJumpTarget): (JSC::UnlinkedCodeBlockGenerator::outOfLineJumpOffset): (JSC::UnlinkedCodeBlockGenerator::dump const): * bytecode/UnlinkedCodeBlockGenerator.h: Added. (JSC::UnlinkedCodeBlockGenerator::UnlinkedCodeBlockGenerator): (JSC::UnlinkedCodeBlockGenerator::vm): (JSC::UnlinkedCodeBlockGenerator::isConstructor const): (JSC::UnlinkedCodeBlockGenerator::constructorKind const): (JSC::UnlinkedCodeBlockGenerator::superBinding const): (JSC::UnlinkedCodeBlockGenerator::scriptMode const): (JSC::UnlinkedCodeBlockGenerator::needsClassFieldInitializer const): (JSC::UnlinkedCodeBlockGenerator::isStrictMode const): (JSC::UnlinkedCodeBlockGenerator::usesEval const): (JSC::UnlinkedCodeBlockGenerator::parseMode const): (JSC::UnlinkedCodeBlockGenerator::isArrowFunction): (JSC::UnlinkedCodeBlockGenerator::derivedContextType const): (JSC::UnlinkedCodeBlockGenerator::evalContextType const): (JSC::UnlinkedCodeBlockGenerator::isArrowFunctionContext const): (JSC::UnlinkedCodeBlockGenerator::isClassContext const): (JSC::UnlinkedCodeBlockGenerator::numCalleeLocals const): (JSC::UnlinkedCodeBlockGenerator::numVars const): (JSC::UnlinkedCodeBlockGenerator::numParameters const): (JSC::UnlinkedCodeBlockGenerator::thisRegister const): (JSC::UnlinkedCodeBlockGenerator::scopeRegister const): (JSC::UnlinkedCodeBlockGenerator::wasCompiledWithDebuggingOpcodes const): (JSC::UnlinkedCodeBlockGenerator::hasCheckpoints const): (JSC::UnlinkedCodeBlockGenerator::hasTailCalls const): (JSC::UnlinkedCodeBlockGenerator::setHasCheckpoints): (JSC::UnlinkedCodeBlockGenerator::setHasTailCalls): (JSC::UnlinkedCodeBlockGenerator::setNumCalleeLocals): (JSC::UnlinkedCodeBlockGenerator::setNumVars): (JSC::UnlinkedCodeBlockGenerator::setThisRegister): (JSC::UnlinkedCodeBlockGenerator::setScopeRegister): (JSC::UnlinkedCodeBlockGenerator::setNumParameters): (JSC::UnlinkedCodeBlockGenerator::metadata): (JSC::UnlinkedCodeBlockGenerator::addOpProfileControlFlowBytecodeOffset): (JSC::UnlinkedCodeBlockGenerator::numberOfJumpTargets const): (JSC::UnlinkedCodeBlockGenerator::addJumpTarget): (JSC::UnlinkedCodeBlockGenerator::jumpTarget const): (JSC::UnlinkedCodeBlockGenerator::lastJumpTarget const): (JSC::UnlinkedCodeBlockGenerator::numberOfSwitchJumpTables const): (JSC::UnlinkedCodeBlockGenerator::addSwitchJumpTable): (JSC::UnlinkedCodeBlockGenerator::switchJumpTable): (JSC::UnlinkedCodeBlockGenerator::numberOfStringSwitchJumpTables const): (JSC::UnlinkedCodeBlockGenerator::addStringSwitchJumpTable): (JSC::UnlinkedCodeBlockGenerator::stringSwitchJumpTable): (JSC::UnlinkedCodeBlockGenerator::numberOfExceptionHandlers const): (JSC::UnlinkedCodeBlockGenerator::exceptionHandler): (JSC::UnlinkedCodeBlockGenerator::addExceptionHandler): (JSC::UnlinkedCodeBlockGenerator::bitVector): (JSC::UnlinkedCodeBlockGenerator::addBitVector): (JSC::UnlinkedCodeBlockGenerator::numberOfConstantIdentifierSets const): (JSC::UnlinkedCodeBlockGenerator::constantIdentifierSets): (JSC::UnlinkedCodeBlockGenerator::addSetConstant): (JSC::UnlinkedCodeBlockGenerator::constantRegister const): (JSC::UnlinkedCodeBlockGenerator::constantRegisters): (JSC::UnlinkedCodeBlockGenerator::getConstant const): (JSC::UnlinkedCodeBlockGenerator::constantsSourceCodeRepresentation): (JSC::UnlinkedCodeBlockGenerator::addConstant): (JSC::UnlinkedCodeBlockGenerator::addFunctionDecl): (JSC::UnlinkedCodeBlockGenerator::addFunctionExpr): (JSC::UnlinkedCodeBlockGenerator::numberOfIdentifiers const): (JSC::UnlinkedCodeBlockGenerator::identifier const): (JSC::UnlinkedCodeBlockGenerator::addIdentifier): (JSC::UnlinkedCodeBlockGenerator::outOfLineJumpOffset): (JSC::UnlinkedCodeBlockGenerator::replaceOutOfLineJumpTargets): (JSC::UnlinkedCodeBlockGenerator::metadataSizeInBytes): * bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeNextParameter): (JSC::BytecodeGenerator::emitPushFunctionNameScope): (JSC::prepareJumpTableForSwitch): (JSC::ForInContext::finalize): (JSC::StructureForInContext::finalize): (JSC::IndexedForInContext::finalize): * bytecompiler/BytecodeGenerator.h: * bytecompiler/BytecodeGeneratorBaseInlines.h: (JSC::BytecodeGeneratorBase<Traits>::newRegister): (JSC::BytecodeGeneratorBase<Traits>::addVar): * runtime/CachedTypes.cpp: (JSC::CachedVector::encode): (JSC::CachedVector::decode const): * wasm/WasmFunctionCodeBlock.h: (JSC::Wasm::FunctionCodeBlock::setNumVars): (JSC::Wasm::FunctionCodeBlock::setNumCalleeLocals): Source/WTF: Add more useful methods for RefCountedArray. * wtf/RefCountedArray.h: (WTF::RefCountedArray::operator=): (WTF::RefCountedArray::isEmpty const): (WTF::RefCountedArray::front): (WTF::RefCountedArray::front const): (WTF::RefCountedArray::last): (WTF::RefCountedArray::last const): Canonical link: https://commits.webkit.org/220203@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255687 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2020-02-04 19:05:17 +00:00
return UnlinkedHandlerInfo::handlerForIndex<UnlinkedHandlerInfo>(m_rareData->m_exceptionHandlers, index, requiredHandler);
Reduce parser overhead in JSC https://bugs.webkit.org/show_bug.cgi?id=101127 Reviewed by Filip Pizlo. An exciting journey into the world of architecture in which our hero adds yet another layer to JSC codegeneration. This patch adds a marginally more compact form of bytecode that is free from any data specific to a given execution context, and that does store any data structures necessary for execution. To actually execute this UnlinkedBytecode we still need to instantiate a real CodeBlock, but this is a much faster linear time operation than any of the earlier parsing or code generation passes. As the unlinked code is context free we can then simply use a cache from source to unlinked code mapping to completely avoid all of the old parser overhead. The cache is currently very simple and memory heavy, using the complete source text as a key (rather than SourceCode or equivalent), and a random eviction policy. This seems to produce a substantial win when loading identical content in different contexts. * API/tests/testapi.c: (main): * CMakeLists.txt: * GNUmakefile.list.am: * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: * bytecode/CodeBlock.h: Moved a number of fields, and a bunch of logic to UnlinkedCodeBlock.h/cpp * bytecode/Opcode.h: Added a global const init no op instruction needed to get correct behaviour without any associated semantics. * bytecode/UnlinkedCodeBlock.cpp: Added. * bytecode/UnlinkedCodeBlock.h: Added. A fairly shallow, GC allocated version of the old CodeBlock classes with a 32bit instruction size, and just metadata size tracking. * bytecompiler/BytecodeGenerator.cpp: * bytecompiler/BytecodeGenerator.h: Replace direct access to m_symbolTable with access through symbolTable(). ProgramCode no longer has a symbol table at all so some previously unconditional (and pointless) uses of symbolTable get null checks. A few other changes to deal with type changes due to us generating unlinked code (eg. pointer free, so profile indices rather than pointers). * dfg/DFGByteCodeParser.cpp: * dfg/DFGCapabilities.h: Support global_init_nop * interpreter/Interpreter.cpp: Now get the ProgramExecutable to initialise new global properties before starting execution. * jit/JIT.cpp: * jit/JITDriver.h: * jit/JITStubs.cpp: * llint/LLIntData.cpp: * llint/LLIntSlowPaths.cpp: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: Adding init_global_const_nop everywhere else * parser/Parser.h: * parser/ParserModes.h: Added. * parser/ParserTokens.h: Parser no longer needs a global object or callframe to function * runtime/CodeCache.cpp: Added. * runtime/CodeCache.h: Added. A simple, random eviction, Source->UnlinkedCode cache * runtime/Executable.cpp: * runtime/Executable.h: Executables now reference their unlinked counterparts, and request code specifically for the target global object. * runtime/JSGlobalData.cpp: * runtime/JSGlobalData.h: GlobalData now owns a CodeCache and a set of new structures for the unlinked code types. * runtime/JSGlobalObject.cpp: * runtime/JSGlobalObject.h: Utility functions used by executables to perform compilation * runtime/JSType.h: Add new JSTypes for unlinked code Canonical link: https://commits.webkit.org/119498@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@133688 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2012-11-07 00:13:54 +00:00
}
PerformanceTests: Concurrent GC should be stable enough to land enabled https://bugs.webkit.org/show_bug.cgi?id=164990 Reviewed by Geoffrey Garen. Made CDjs more configurable and refined the "large.js" configuration. I was using that one and the new "long.js" configuration to tune concurrent eden GCs. Added a new way of running Splay in browser, which using chartjs to plot the execution times of 2000 iterations. This includes the minified chartjs. * JetStream/Octane2/splay-detail.html: Added. * JetStream/cdjs/benchmark.js: (benchmarkImpl): (benchmark): * JetStream/cdjs/long.js: Added. Source/JavaScriptCore: Concurrent GC should be stable enough to land enabled on X86_64 https://bugs.webkit.org/show_bug.cgi?id=164990 Reviewed by Geoffrey Garen. This fixes a ton of performance and correctness bugs revealed by getting the concurrent GC to be stable enough to land enabled. I had to redo the JSObject::visitChildren concurrency protocol again. This time I think it's even more correct than ever! This is an enormous win on JetStream/splay-latency and Octane/SplayLatency. It looks to be mostly neutral on everything else, though Speedometer is showing statistically weak signs of a slight regression. * API/JSAPIWrapperObject.mm: Added locking. (JSC::JSAPIWrapperObject::visitChildren): * API/JSCallbackObject.h: Added locking. (JSC::JSCallbackObjectData::visitChildren): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::deletePrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::visitChildren): * CMakeLists.txt: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::UnconditionalFinalizer::finalizeUnconditionally): This had a TOCTOU race on shouldJettisonDueToOldAge. (JSC::EvalCodeCache::visitAggregate): Moved to EvalCodeCache.cpp. * bytecode/DirectEvalCodeCache.cpp: Added. Outlined some functions and made them use locks. (JSC::DirectEvalCodeCache::setSlow): (JSC::DirectEvalCodeCache::clear): (JSC::DirectEvalCodeCache::visitAggregate): * bytecode/DirectEvalCodeCache.h: (JSC::DirectEvalCodeCache::set): (JSC::DirectEvalCodeCache::clear): Deleted. * bytecode/UnlinkedCodeBlock.cpp: Added locking. (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::setInstructions): (JSC::UnlinkedCodeBlock::shrinkToFit): * bytecode/UnlinkedCodeBlock.h: Added locking. (JSC::UnlinkedCodeBlock::addRegExp): (JSC::UnlinkedCodeBlock::addConstant): (JSC::UnlinkedCodeBlock::addFunctionDecl): (JSC::UnlinkedCodeBlock::addFunctionExpr): (JSC::UnlinkedCodeBlock::createRareDataIfNecessary): (JSC::UnlinkedCodeBlock::shrinkToFit): Deleted. * debugger/Debugger.cpp: Use the right delete API. (JSC::Debugger::recompileAllJSFunctions): * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): Fix a pre-existing bug in ToFunction constant folding. * dfg/DFGClobberize.h: Add support for nuking. (JSC::DFG::clobberize): * dfg/DFGClobbersExitState.cpp: Add support for nuking. (JSC::DFG::clobbersExitState): * dfg/DFGFixupPhase.cpp: Add support for nuking. (JSC::DFG::FixupPhase::fixupNode): (JSC::DFG::FixupPhase::indexForChecks): (JSC::DFG::FixupPhase::originForCheck): (JSC::DFG::FixupPhase::speculateForBarrier): (JSC::DFG::FixupPhase::insertCheck): (JSC::DFG::FixupPhase::fixupChecksInBlock): * dfg/DFGSpeculativeJIT.cpp: Add support for nuking. (JSC::DFG::SpeculativeJIT::compileAllocatePropertyStorage): (JSC::DFG::SpeculativeJIT::compileReallocatePropertyStorage): * ftl/FTLLowerDFGToB3.cpp: Add support for nuking. (JSC::FTL::DFG::LowerDFGToB3::allocatePropertyStorage): (JSC::FTL::DFG::LowerDFGToB3::reallocatePropertyStorage): (JSC::FTL::DFG::LowerDFGToB3::mutatorFence): (JSC::FTL::DFG::LowerDFGToB3::nukeStructureAndSetButterfly): (JSC::FTL::DFG::LowerDFGToB3::setButterfly): Deleted. * heap/CodeBlockSet.cpp: We need to be more careful about the CodeBlockSet workflow during GC, since we will allocate CodeBlocks in eden while collecting. (JSC::CodeBlockSet::clearMarksForFullCollection): (JSC::CodeBlockSet::deleteUnmarkedAndUnreferenced): * heap/Heap.cpp: Added code to measure max pauses. Added a better collectContinuously mode. (JSC::Heap::lastChanceToFinalize): Stop the collectContinuously thread. (JSC::Heap::harvestWeakReferences): Inline SlotVisitor::harvestWeakReferences. (JSC::Heap::finalizeUnconditionalFinalizers): Inline SlotVisitor::finalizeUnconditionalReferences. (JSC::Heap::markToFixpoint): We need to do some MarkedSpace stuff before every conservative scan, rather than just at the start of marking, so we now call prepareForConservativeScan() before each conservative scan. Also call a less-parallel version of drainInParallel when the mutator is running. (JSC::Heap::collectInThread): Inline Heap::prepareForAllocation(). (JSC::Heap::stopIfNecessarySlow): We need to be more careful about ensuring that we run finalization before and after stopping. Also, we should sanitize stack when stopping the world. (JSC::Heap::acquireAccessSlow): Add some optional debug prints. (JSC::Heap::handleNeedFinalize): Assert that we are running this when the world is not stopped. (JSC::Heap::finalize): Remove the old collectContinuously code. (JSC::Heap::requestCollection): We don't need to sanitize stack here anymore. (JSC::Heap::notifyIsSafeToCollect): Start the collectContinuously thread. It will request collection 1 KHz. (JSC::Heap::prepareForAllocation): Deleted. (JSC::Heap::preventCollection): Prevent any new concurrent GCs from being initiated. (JSC::Heap::allowCollection): (JSC::Heap::forEachSlotVisitor): Allows us to safely iterate slot visitors. * heap/Heap.h: * heap/HeapInlines.h: (JSC::Heap::writeBarrier): If the 'to' cell is not NewWhite then it could be AnthraciteOrBlack. During a full collection, objects may be AnthraciteOrBlack from a previous GC. Turns out, we don't benefit from this optimization so we can just kill it. * heap/HeapSnapshotBuilder.cpp: (JSC::HeapSnapshotBuilder::buildSnapshot): This needs to use PreventCollectionScope to ensure snapshot soundness. * heap/ListableHandler.h: (JSC::ListableHandler::isOnList): Useful helper. * heap/LockDuringMarking.h: (JSC::lockDuringMarking): It's a locker that only locks while we're marking. * heap/MarkedAllocator.cpp: (JSC::MarkedAllocator::addBlock): Hold the bitvector lock while resizing. * heap/MarkedBlock.cpp: Hold the bitvector lock while accessing the bitvectors while the mutator is running. * heap/MarkedSpace.cpp: (JSC::MarkedSpace::prepareForConservativeScan): We used to do this in prepareForMarking, but we need to do it before each conservative scan not just before marking. (JSC::MarkedSpace::prepareForMarking): Remove the logic moved to prepareForConservativeScan. * heap/MarkedSpace.h: * heap/PreventCollectionScope.h: Added. * heap/SlotVisitor.cpp: Refactored drainFromShared so that we can write a similar function called drainInParallelPassively. (JSC::SlotVisitor::updateMutatorIsStopped): Update whether we can use "fast" scanning. (JSC::SlotVisitor::mutatorIsStoppedIsUpToDate): (JSC::SlotVisitor::didReachTermination): (JSC::SlotVisitor::hasWork): (JSC::SlotVisitor::drain): This now uses the rightToRun lock to allow the main GC thread to safepoint the workers. (JSC::SlotVisitor::drainFromShared): (JSC::SlotVisitor::drainInParallelPassively): This runs marking with one fewer threads than normal. It's useful for when we have resumed the mutator, since then the mutator has a better chance of getting on a core. (JSC::SlotVisitor::addWeakReferenceHarvester): (JSC::SlotVisitor::addUnconditionalFinalizer): (JSC::SlotVisitor::harvestWeakReferences): Deleted. (JSC::SlotVisitor::finalizeUnconditionalFinalizers): Deleted. * heap/SlotVisitor.h: * heap/SlotVisitorInlines.h: Outline stuff. (JSC::SlotVisitor::addWeakReferenceHarvester): Deleted. (JSC::SlotVisitor::addUnconditionalFinalizer): Deleted. * runtime/InferredType.cpp: This needed thread safety. (JSC::InferredType::visitChildren): This needs to keep its structure finalizer alive until it runs. (JSC::InferredType::set): (JSC::InferredType::InferredStructureFinalizer::finalizeUnconditionally): * runtime/InferredType.h: * runtime/InferredValue.cpp: This needed thread safety. (JSC::InferredValue::visitChildren): (JSC::InferredValue::ValueCleanup::finalizeUnconditionally): * runtime/JSArray.cpp: (JSC::JSArray::unshiftCountSlowCase): Update to use new butterfly API. (JSC::JSArray::unshiftCountWithArrayStorage): Update to use new butterfly API. * runtime/JSArrayBufferView.cpp: (JSC::JSArrayBufferView::visitChildren): Thread safety. * runtime/JSCell.h: (JSC::JSCell::setStructureIDDirectly): This is used for nuking the structure. (JSC::JSCell::InternalLocker::InternalLocker): Deleted. The cell is now the lock. (JSC::JSCell::InternalLocker::~InternalLocker): Deleted. The cell is now the lock. * runtime/JSCellInlines.h: (JSC::JSCell::structure): Clean this up. (JSC::JSCell::lock): The cell is now the lock. (JSC::JSCell::tryLock): (JSC::JSCell::unlock): (JSC::JSCell::isLocked): (JSC::JSCell::lockInternalLock): Deleted. (JSC::JSCell::unlockInternalLock): Deleted. * runtime/JSFunction.cpp: (JSC::JSFunction::visitChildren): Thread safety. * runtime/JSGenericTypedArrayViewInlines.h: (JSC::JSGenericTypedArrayView<Adaptor>::visitChildren): Thread safety. (JSC::JSGenericTypedArrayView<Adaptor>::slowDownAndWasteMemory): Thread safety. * runtime/JSObject.cpp: (JSC::JSObject::markAuxiliaryAndVisitOutOfLineProperties): Factor out this "easy" step of butterfly visiting. (JSC::JSObject::visitButterfly): Make this achieve 100% precision about structure-butterfly relationships. This relies on the mutator "nuking" the structure prior to "locked" structure-butterfly transitions. (JSC::JSObject::visitChildren): Use the new, nicer API. (JSC::JSFinalObject::visitChildren): Use the new, nicer API. (JSC::JSObject::enterDictionaryIndexingModeWhenArrayStorageAlreadyExists): Use the new butterfly API. (JSC::JSObject::createInitialUndecided): Use the new butterfly API. (JSC::JSObject::createInitialInt32): Use the new butterfly API. (JSC::JSObject::createInitialDouble): Use the new butterfly API. (JSC::JSObject::createInitialContiguous): Use the new butterfly API. (JSC::JSObject::createArrayStorage): Use the new butterfly API. (JSC::JSObject::convertUndecidedToContiguous): Use the new butterfly API. (JSC::JSObject::convertUndecidedToArrayStorage): Use the new butterfly API. (JSC::JSObject::convertInt32ToArrayStorage): Use the new butterfly API. (JSC::JSObject::convertDoubleToContiguous): Use the new butterfly API. (JSC::JSObject::convertDoubleToArrayStorage): Use the new butterfly API. (JSC::JSObject::convertContiguousToArrayStorage): Use the new butterfly API. (JSC::JSObject::increaseVectorLength): Use the new butterfly API. (JSC::JSObject::shiftButterflyAfterFlattening): Use the new butterfly API. * runtime/JSObject.h: (JSC::JSObject::setButterfly): This now does all of the fences. Only use this when you are not also transitioning the structure or the structure's lastOffset. (JSC::JSObject::nukeStructureAndSetButterfly): Use this when doing locked structure-butterfly transitions. * runtime/JSObjectInlines.h: (JSC::JSObject::putDirectWithoutTransition): Use the newly factored out API. (JSC::JSObject::prepareToPutDirectWithoutTransition): Factor this out! (JSC::JSObject::putDirectInternal): Use the newly factored out API. * runtime/JSPropertyNameEnumerator.cpp: (JSC::JSPropertyNameEnumerator::finishCreation): Locks! (JSC::JSPropertyNameEnumerator::visitChildren): Locks! * runtime/JSSegmentedVariableObject.cpp: (JSC::JSSegmentedVariableObject::visitChildren): Locks! * runtime/JSString.cpp: (JSC::JSString::visitChildren): Thread safety. * runtime/ModuleProgramExecutable.cpp: (JSC::ModuleProgramExecutable::visitChildren): Thread safety. * runtime/Options.cpp: For now we disable concurrent GC on not-X86_64. (JSC::recomputeDependentOptions): * runtime/Options.h: Change the default max GC parallelism to 8. I don't know why it was still 7. * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::stackTracesAsJSON): This needs to defer GC before grabbing its lock. * runtime/SparseArrayValueMap.cpp: This needed thread safety. (JSC::SparseArrayValueMap::add): (JSC::SparseArrayValueMap::remove): (JSC::SparseArrayValueMap::visitChildren): * runtime/SparseArrayValueMap.h: * runtime/Structure.cpp: This had a race between addNewPropertyTransition and visitChildren. (JSC::Structure::Structure): (JSC::Structure::materializePropertyTable): (JSC::Structure::addNewPropertyTransition): (JSC::Structure::flattenDictionaryStructure): (JSC::Structure::add): Help out with nuking support - the m_offset needs to play along. (JSC::Structure::visitChildren): * runtime/Structure.h: Make some useful things public - like the notion of a lastOffset. * runtime/StructureChain.cpp: (JSC::StructureChain::visitChildren): Thread safety! * runtime/StructureChain.h: Thread safety! * runtime/StructureIDTable.cpp: (JSC::StructureIDTable::allocateID): Ensure that we don't get nuked IDs. * runtime/StructureIDTable.h: Add the notion of a nuked ID! It's a bit that the runtime never sees except during specific shady actions like locked structure-butterfly transitions. "Nuking" tells the GC to steer clear and rescan once we fire the barrier. (JSC::nukedStructureIDBit): (JSC::nuke): (JSC::isNuked): (JSC::decontaminate): * runtime/StructureInlines.h: (JSC::Structure::hasIndexingHeader): Better API. (JSC::Structure::add): * runtime/VM.cpp: Better GC interaction. (JSC::VM::ensureWatchdog): (JSC::VM::deleteAllLinkedCode): (JSC::VM::deleteAllCode): * runtime/VM.h: (JSC::VM::getStructure): Why wasn't this always an API! * runtime/WebAssemblyExecutable.cpp: (JSC::WebAssemblyExecutable::visitChildren): Thread safety. Source/WebCore: Concurrent GC should be stable enough to land enabled on X86_64 https://bugs.webkit.org/show_bug.cgi?id=164990 Reviewed by Geoffrey Garen. Made WebCore down with concurrent marking by adding some locking and adapting to some new API. This has new test modes in run-sjc-stress-tests. Also, the way that LayoutTests run is already a fantastic GC test. * ForwardingHeaders/heap/DeleteAllCodeEffort.h: Added. * ForwardingHeaders/heap/LockDuringMarking.h: Added. * bindings/js/GCController.cpp: (WebCore::GCController::deleteAllCode): (WebCore::GCController::deleteAllLinkedCode): * bindings/js/GCController.h: * bindings/js/JSDOMBinding.cpp: (WebCore::getCachedDOMStructure): (WebCore::cacheDOMStructure): * bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::addBuiltinGlobals): (WebCore::JSDOMGlobalObject::visitChildren): * bindings/js/JSDOMGlobalObject.h: (WebCore::getDOMConstructor): * bindings/js/JSDOMPromise.cpp: (WebCore::DeferredPromise::DeferredPromise): (WebCore::DeferredPromise::clear): * bindings/js/JSXPathResultCustom.cpp: (WebCore::JSXPathResult::visitAdditionalChildren): * dom/EventListenerMap.cpp: (WebCore::EventListenerMap::clear): (WebCore::EventListenerMap::replace): (WebCore::EventListenerMap::add): (WebCore::EventListenerMap::remove): (WebCore::EventListenerMap::find): (WebCore::EventListenerMap::removeFirstEventListenerCreatedFromMarkup): (WebCore::EventListenerMap::copyEventListenersNotCreatedFromMarkupToTarget): (WebCore::EventListenerIterator::EventListenerIterator): * dom/EventListenerMap.h: (WebCore::EventListenerMap::lock): * dom/EventTarget.cpp: (WebCore::EventTarget::visitJSEventListeners): * dom/EventTarget.h: (WebCore::EventTarget::visitJSEventListeners): Deleted. * dom/Node.cpp: (WebCore::Node::eventTargetDataConcurrently): (WebCore::Node::ensureEventTargetData): (WebCore::Node::clearEventTargetData): * dom/Node.h: * page/MemoryRelease.cpp: (WebCore::releaseCriticalMemory): * page/cocoa/MemoryReleaseCocoa.mm: (WebCore::jettisonExpensiveObjectsOnTopLevelNavigation): (WebCore::registerMemoryReleaseNotifyCallbacks): Source/WTF: Concurrent GC should be stable enough to land enabled on X86_64 https://bugs.webkit.org/show_bug.cgi?id=164990 Reviewed by Geoffrey Garen. Adds the ability to say: auto locker = holdLock(any type of lock) Instead of having to say: Locker<LockType> locker(locks of type LockType) I think that we should use "auto locker = holdLock(lock)" as the default way that we acquire locks unless we need to use a special locker type. This also adds the ability to safepoint a lock. Safepointing a lock is basically a super fast way of unlocking it fairly and then immediately relocking it - i.e. letting anyone who is waiting to run without losing steam of there is noone waiting. * wtf/Lock.cpp: (WTF::LockBase::safepointSlow): * wtf/Lock.h: (WTF::LockBase::safepoint): * wtf/LockAlgorithm.h: (WTF::LockAlgorithm::safepointFast): (WTF::LockAlgorithm::safepoint): (WTF::LockAlgorithm::safepointSlow): * wtf/Locker.h: (WTF::AbstractLocker::AbstractLocker): (WTF::Locker::tryLock): (WTF::Locker::operator bool): (WTF::Locker::Locker): (WTF::Locker::operator=): (WTF::holdLock): (WTF::tryHoldLock): Tools: Concurrent GC should be stable enough to land enabled https://bugs.webkit.org/show_bug.cgi?id=164990 Reviewed by Geoffrey Garen. Add a new mode that runs GC continuously. Also made eager modes run GC continuously. It's clear that this works just fine in release, but I'm still trying to figure out if it's safe for debug. It might be too slow for debug. * Scripts/run-jsc-stress-tests: Canonical link: https://commits.webkit.org/183229@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209570 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2016-12-08 22:14:50 +00:00
[JSC] Allow UnlinkedCodeBlock to dump its bytecode sequence https://bugs.webkit.org/show_bug.cgi?id=168968 Reviewed by Saam Barati. This patch decouples dumping bytecode sequence from CodeBlock. This change allows UnlinkedCodeBlock to dump its bytecode sequence. It is useful because we now have complex phase between UnlinkedCodeBlock and CodeBlock, called Generatorification. We introduce BytecodeDumper<Block>. Both CodeBlock and UnlinkedCodeBlock can use this class to dump bytecode sequence. And this patch also adds Option::dumpBytecodesBeforeGeneratorification, which dumps unlinked bytecode sequence before generatorification if it is enabled. * CMakeLists.txt: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/BytecodeDumper.cpp: Added. (JSC::getStructureID): (JSC::getSpecialPointer): (JSC::getPutByIdFlags): (JSC::getToThisStatus): (JSC::getPointer): (JSC::getStructureChain): (JSC::getStructure): (JSC::getCallLinkInfo): (JSC::getBasicBlockLocation): (JSC::BytecodeDumper<Block>::actualPointerFor): (JSC::BytecodeDumper<CodeBlock>::actualPointerFor): (JSC::beginDumpProfiling): (JSC::BytecodeDumper<Block>::dumpValueProfiling): (JSC::BytecodeDumper<CodeBlock>::dumpValueProfiling): (JSC::BytecodeDumper<Block>::dumpArrayProfiling): (JSC::BytecodeDumper<CodeBlock>::dumpArrayProfiling): (JSC::BytecodeDumper<Block>::dumpProfilesForBytecodeOffset): (JSC::dumpRareCaseProfile): (JSC::dumpArithProfile): (JSC::BytecodeDumper<CodeBlock>::dumpProfilesForBytecodeOffset): (JSC::BytecodeDumper<Block>::vm): (JSC::BytecodeDumper<Block>::identifier): (JSC::regexpToSourceString): (JSC::regexpName): (JSC::printLocationAndOp): (JSC::isConstantRegisterIndex): (JSC::debugHookName): (JSC::BytecodeDumper<Block>::registerName): (JSC::idName): (JSC::BytecodeDumper<Block>::constantName): (JSC::BytecodeDumper<Block>::printUnaryOp): (JSC::BytecodeDumper<Block>::printBinaryOp): (JSC::BytecodeDumper<Block>::printConditionalJump): (JSC::BytecodeDumper<Block>::printGetByIdOp): (JSC::dumpStructure): (JSC::dumpChain): (JSC::BytecodeDumper<Block>::printGetByIdCacheStatus): (JSC::BytecodeDumper<Block>::printPutByIdCacheStatus): (JSC::BytecodeDumper<Block>::dumpCallLinkStatus): (JSC::BytecodeDumper<CodeBlock>::dumpCallLinkStatus): (JSC::BytecodeDumper<Block>::printCallOp): (JSC::BytecodeDumper<Block>::printPutByIdOp): (JSC::BytecodeDumper<Block>::printLocationOpAndRegisterOperand): (JSC::BytecodeDumper<Block>::dumpBytecode): (JSC::BytecodeDumper<Block>::dumpIdentifiers): (JSC::BytecodeDumper<Block>::dumpConstants): (JSC::BytecodeDumper<Block>::dumpRegExps): (JSC::BytecodeDumper<Block>::dumpExceptionHandlers): (JSC::BytecodeDumper<Block>::dumpSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpStringSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpBlock): * bytecode/BytecodeDumper.h: Added. (JSC::BytecodeDumper::BytecodeDumper): (JSC::BytecodeDumper::block): (JSC::BytecodeDumper::instructionsBegin): * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::performGeneratorification): * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::dumpResults): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::finalizeLLIntInlineCaches): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::usesOpcode): (JSC::CodeBlock::valueProfileForBytecodeOffset): (JSC::CodeBlock::arithProfileForPC): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): (JSC::idName): Deleted. (JSC::CodeBlock::registerName): Deleted. (JSC::CodeBlock::constantName): Deleted. (JSC::regexpToSourceString): Deleted. (JSC::regexpName): Deleted. (JSC::debugHookName): Deleted. (JSC::CodeBlock::printUnaryOp): Deleted. (JSC::CodeBlock::printBinaryOp): Deleted. (JSC::CodeBlock::printConditionalJump): Deleted. (JSC::CodeBlock::printGetByIdOp): Deleted. (JSC::dumpStructure): Deleted. (JSC::dumpChain): Deleted. (JSC::CodeBlock::printGetByIdCacheStatus): Deleted. (JSC::CodeBlock::printPutByIdCacheStatus): Deleted. (JSC::CodeBlock::printCallOp): Deleted. (JSC::CodeBlock::printPutByIdOp): Deleted. (JSC::CodeBlock::dumpExceptionHandlers): Deleted. (JSC::CodeBlock::beginDumpProfiling): Deleted. (JSC::CodeBlock::dumpValueProfiling): Deleted. (JSC::CodeBlock::dumpArrayProfiling): Deleted. (JSC::CodeBlock::dumpRareCaseProfile): Deleted. (JSC::CodeBlock::dumpArithProfile): Deleted. (JSC::CodeBlock::printLocationAndOp): Deleted. (JSC::CodeBlock::printLocationOpAndRegisterOperand): Deleted. * bytecode/CodeBlock.h: (JSC::CodeBlock::constantRegisters): (JSC::CodeBlock::numberOfRegExps): (JSC::CodeBlock::bitVectors): (JSC::CodeBlock::bitVector): * bytecode/HandlerInfo.h: (JSC::HandlerInfoBase::typeName): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::dump): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::getConstant): * bytecode/UnlinkedInstructionStream.cpp: (JSC::UnlinkedInstructionStream::UnlinkedInstructionStream): * bytecode/UnlinkedInstructionStream.h: (JSC::UnlinkedInstructionStream::Reader::next): * runtime/Options.h: Canonical link: https://commits.webkit.org/186009@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@213209 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2017-03-01 08:15:45 +00:00
void UnlinkedCodeBlock::dump(PrintStream&) const
{
}
Bytecode liveness should live on UnlinkedCodeBlock so it can be shared amongst CodeBlocks https://bugs.webkit.org/show_bug.cgi?id=178949 Reviewed by Keith Miller. This patch stores BytecodeLiveness on UnlinkedCodeBlock instead of CodeBlock so that we don't need to recompute liveness for the same UnlinkedCodeBlock more than once. To do this, this patch solidifies the invariant that CodeBlock linking can't do anything that would change the result of liveness. For example, it can't introduce new locals. This invariant was met my JSC before, because we didn't do anything in bytecode linking that would change liveness. However, it is now a correctness requirement that we don't do anything that would change the result of running liveness. To support this change, I've refactored BytecodeGraph to not be tied to a CodeBlockType*. Things that perform liveness will pass in CodeBlockType* and the instruction stream as needed. This means that we may compute liveness with one CodeBlock*'s instruction stream, and then perform queries on that analysis with a different CodeBlock*'s instruction stream. This seems to be a 2% JSBench progression. * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::graph): (JSC::BytecodeGeneratorification::storageForGeneratorLocal): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): * bytecode/BytecodeGraph.h: (JSC::BytecodeGraph::BytecodeGraph): (JSC::BytecodeGraph::codeBlock const): Deleted. (JSC::BytecodeGraph::instructions): Deleted. (JSC::BytecodeGraph<Block>::BytecodeGraph): Deleted. * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::BytecodeLivenessAnalysis): (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset): (JSC::BytecodeLivenessAnalysis::computeFullLiveness): (JSC::BytecodeLivenessAnalysis::computeKills): (JSC::BytecodeLivenessAnalysis::dumpResults): (JSC::BytecodeLivenessAnalysis::operandIsLiveAtBytecodeOffset): Deleted. (JSC::BytecodeLivenessAnalysis::compute): Deleted. * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::BytecodeLivenessPropagation::stepOverInstruction): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeOffset): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBlock): (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeOffset): (JSC::BytecodeLivenessPropagation::runLivenessFixpoint): * bytecode/BytecodeRewriter.cpp: (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::graph): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::validate): (JSC::CodeBlock::livenessAnalysisSlow): Deleted. * bytecode/CodeBlock.h: (JSC::CodeBlock::livenessAnalysis): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::applyModification): (JSC::UnlinkedCodeBlock::livenessAnalysisSlow): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::livenessAnalysis): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::livenessFor): (JSC::DFG::Graph::killsFor): * dfg/DFGPlan.cpp: (JSC::DFG::Plan::cleanMustHandleValuesIfNecessary): * jit/JIT.cpp: (JSC::JIT::privateCompileMainPass): Canonical link: https://commits.webkit.org/195109@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@224138 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2017-10-28 01:03:22 +00:00
BytecodeLivenessAnalysis& UnlinkedCodeBlock::livenessAnalysisSlow(CodeBlock* codeBlock)
{
RELEASE_ASSERT(codeBlock->unlinkedCodeBlock() == this);
{
Move ExitProfile to UnlinkedCodeBlock so it can be shared amongst CodeBlocks backed by the same UnlinkedCodeBlock https://bugs.webkit.org/show_bug.cgi?id=181545 Reviewed by Michael Saboff. This patch follows the theme of putting optimization profiling information on UnlinkedCodeBlock. This allows the unlinked code cache to remember OSR exit data. This often leads to the first compile of a CodeBlock, backed by an UnlinkedCodeBlock pulled from the code cache, making better compilation decisions, usually resulting in fewer exits, and fewer recompilations. This is a 1% Speedometer progression in my testing. * bytecode/BytecodeDumper.cpp: (JSC::BytecodeDumper<CodeBlock>::dumpProfilesForBytecodeOffset): * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): (JSC::CallLinkStatus::computeFor): (JSC::CallLinkStatus::computeExitSiteData): (JSC::CallLinkStatus::computeDFGStatuses): * bytecode/CallLinkStatus.h: * bytecode/CodeBlock.h: (JSC::CodeBlock::addFrequentExitSite): Deleted. (JSC::CodeBlock::hasExitSite const): Deleted. (JSC::CodeBlock::exitProfile): Deleted. * bytecode/DFGExitProfile.cpp: (JSC::DFG::ExitProfile::add): (JSC::DFG::QueryableExitProfile::initialize): * bytecode/DFGExitProfile.h: (JSC::DFG::ExitProfile::hasExitSite const): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::hasExitSite): (JSC::GetByIdStatus::computeFor): (JSC::GetByIdStatus::computeForStubInfo): * bytecode/GetByIdStatus.h: * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::hasExitSite): (JSC::PutByIdStatus::computeFor): (JSC::PutByIdStatus::computeForStubInfo): * bytecode/PutByIdStatus.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::livenessAnalysisSlow): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::hasExitSite const): (JSC::UnlinkedCodeBlock::hasExitSite): (JSC::UnlinkedCodeBlock::exitProfile): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry): * dfg/DFGGraph.h: (JSC::DFG::Graph::hasGlobalExitSite): (JSC::DFG::Graph::hasExitSite): * dfg/DFGLICMPhase.cpp: (JSC::DFG::LICMPhase::attemptHoist): * dfg/DFGOSRExitBase.cpp: (JSC::DFG::OSRExitBase::considerAddingAsFrequentExitSiteSlow): Canonical link: https://commits.webkit.org/197480@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226928 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-01-13 00:36:37 +00:00
ConcurrentJSLocker locker(m_lock);
Bytecode liveness should live on UnlinkedCodeBlock so it can be shared amongst CodeBlocks https://bugs.webkit.org/show_bug.cgi?id=178949 Reviewed by Keith Miller. This patch stores BytecodeLiveness on UnlinkedCodeBlock instead of CodeBlock so that we don't need to recompute liveness for the same UnlinkedCodeBlock more than once. To do this, this patch solidifies the invariant that CodeBlock linking can't do anything that would change the result of liveness. For example, it can't introduce new locals. This invariant was met my JSC before, because we didn't do anything in bytecode linking that would change liveness. However, it is now a correctness requirement that we don't do anything that would change the result of running liveness. To support this change, I've refactored BytecodeGraph to not be tied to a CodeBlockType*. Things that perform liveness will pass in CodeBlockType* and the instruction stream as needed. This means that we may compute liveness with one CodeBlock*'s instruction stream, and then perform queries on that analysis with a different CodeBlock*'s instruction stream. This seems to be a 2% JSBench progression. * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::graph): (JSC::BytecodeGeneratorification::storageForGeneratorLocal): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): * bytecode/BytecodeGraph.h: (JSC::BytecodeGraph::BytecodeGraph): (JSC::BytecodeGraph::codeBlock const): Deleted. (JSC::BytecodeGraph::instructions): Deleted. (JSC::BytecodeGraph<Block>::BytecodeGraph): Deleted. * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::BytecodeLivenessAnalysis): (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset): (JSC::BytecodeLivenessAnalysis::computeFullLiveness): (JSC::BytecodeLivenessAnalysis::computeKills): (JSC::BytecodeLivenessAnalysis::dumpResults): (JSC::BytecodeLivenessAnalysis::operandIsLiveAtBytecodeOffset): Deleted. (JSC::BytecodeLivenessAnalysis::compute): Deleted. * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::BytecodeLivenessPropagation::stepOverInstruction): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeOffset): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBlock): (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeOffset): (JSC::BytecodeLivenessPropagation::runLivenessFixpoint): * bytecode/BytecodeRewriter.cpp: (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::graph): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::validate): (JSC::CodeBlock::livenessAnalysisSlow): Deleted. * bytecode/CodeBlock.h: (JSC::CodeBlock::livenessAnalysis): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::applyModification): (JSC::UnlinkedCodeBlock::livenessAnalysisSlow): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::livenessAnalysis): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::livenessFor): (JSC::DFG::Graph::killsFor): * dfg/DFGPlan.cpp: (JSC::DFG::Plan::cleanMustHandleValuesIfNecessary): * jit/JIT.cpp: (JSC::JIT::privateCompileMainPass): Canonical link: https://commits.webkit.org/195109@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@224138 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2017-10-28 01:03:22 +00:00
if (!m_liveness) {
// There is a chance two compiler threads raced to the slow path.
Move ExitProfile to UnlinkedCodeBlock so it can be shared amongst CodeBlocks backed by the same UnlinkedCodeBlock https://bugs.webkit.org/show_bug.cgi?id=181545 Reviewed by Michael Saboff. This patch follows the theme of putting optimization profiling information on UnlinkedCodeBlock. This allows the unlinked code cache to remember OSR exit data. This often leads to the first compile of a CodeBlock, backed by an UnlinkedCodeBlock pulled from the code cache, making better compilation decisions, usually resulting in fewer exits, and fewer recompilations. This is a 1% Speedometer progression in my testing. * bytecode/BytecodeDumper.cpp: (JSC::BytecodeDumper<CodeBlock>::dumpProfilesForBytecodeOffset): * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): (JSC::CallLinkStatus::computeFor): (JSC::CallLinkStatus::computeExitSiteData): (JSC::CallLinkStatus::computeDFGStatuses): * bytecode/CallLinkStatus.h: * bytecode/CodeBlock.h: (JSC::CodeBlock::addFrequentExitSite): Deleted. (JSC::CodeBlock::hasExitSite const): Deleted. (JSC::CodeBlock::exitProfile): Deleted. * bytecode/DFGExitProfile.cpp: (JSC::DFG::ExitProfile::add): (JSC::DFG::QueryableExitProfile::initialize): * bytecode/DFGExitProfile.h: (JSC::DFG::ExitProfile::hasExitSite const): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::hasExitSite): (JSC::GetByIdStatus::computeFor): (JSC::GetByIdStatus::computeForStubInfo): * bytecode/GetByIdStatus.h: * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::hasExitSite): (JSC::PutByIdStatus::computeFor): (JSC::PutByIdStatus::computeForStubInfo): * bytecode/PutByIdStatus.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::livenessAnalysisSlow): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::hasExitSite const): (JSC::UnlinkedCodeBlock::hasExitSite): (JSC::UnlinkedCodeBlock::exitProfile): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry): * dfg/DFGGraph.h: (JSC::DFG::Graph::hasGlobalExitSite): (JSC::DFG::Graph::hasExitSite): * dfg/DFGLICMPhase.cpp: (JSC::DFG::LICMPhase::attemptHoist): * dfg/DFGOSRExitBase.cpp: (JSC::DFG::OSRExitBase::considerAddingAsFrequentExitSiteSlow): Canonical link: https://commits.webkit.org/197480@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@226928 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-01-13 00:36:37 +00:00
// Grabbing the lock above defends against computing liveness twice.
[WTF] Add makeUnique<T>, which ensures T is fast-allocated, makeUnique / makeUniqueWithoutFastMallocCheck part https://bugs.webkit.org/show_bug.cgi?id=200620 Source/JavaScriptCore: Reviewed by Geoff Garen. * API/JSCallbackObject.h: (JSC::JSCallbackObjectData::setPrivateProperty): * API/JSCallbackObjectFunctions.h: (JSC::JSCallbackObject<Parent>::JSCallbackObject): * API/JSClassRef.cpp: (OpaqueJSClassContextData::OpaqueJSClassContextData): (OpaqueJSClass::contextData): * API/JSMarkingConstraintPrivate.cpp: (JSContextGroupAddMarkingConstraint): * API/JSWrapperMap.mm: (-[JSWrapperMap initWithGlobalContextRef:]): * API/ObjCCallbackFunction.mm: (ArgumentTypeDelegate::typeInteger): (ArgumentTypeDelegate::typeDouble): (ArgumentTypeDelegate::typeBool): (ArgumentTypeDelegate::typeId): (ArgumentTypeDelegate::typeOfClass): (ArgumentTypeDelegate::typeStruct): (ResultTypeDelegate::typeInteger): (ResultTypeDelegate::typeDouble): (ResultTypeDelegate::typeBool): (ResultTypeDelegate::typeVoid): (ResultTypeDelegate::typeId): (ResultTypeDelegate::typeOfClass): (ResultTypeDelegate::typeBlock): (ResultTypeDelegate::typeStruct): (objCCallbackFunctionForInvocation): * API/glib/JSCContext.cpp: (jscContextSetVirtualMachine): * API/glib/JSCWrapperMap.cpp: (JSC::WrapperMap::WrapperMap): * assembler/ProbeStack.cpp: (JSC::Probe::Stack::ensurePageFor): * b3/B3LowerToAir.cpp: * b3/B3Procedure.cpp: (JSC::B3::Procedure::Procedure): (JSC::B3::Procedure::dominators): (JSC::B3::Procedure::naturalLoops): (JSC::B3::Procedure::backwardsCFG): (JSC::B3::Procedure::backwardsDominators): (JSC::B3::Procedure::addDataSection): * b3/air/AirCode.cpp: (JSC::B3::Air::Code::cCallSpecial): * b3/air/AirGenerate.cpp: (JSC::B3::Air::prepareForGeneration): * b3/air/testair.cpp: * b3/testb3.h: (compileProc): * bytecode/AccessCase.cpp: (JSC::AccessCase::generateImpl): * bytecode/AccessCaseSnippetParams.cpp: * bytecode/BytecodeBasicBlock.cpp: (JSC::BytecodeBasicBlock::computeImpl): * bytecode/CallLinkInfo.cpp: (JSC::CallLinkInfo::setFrameShuffleData): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::ensureJITDataSlow): (JSC::CodeBlock::setCalleeSaveRegisters): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): * bytecode/CodeBlock.h: (JSC::CodeBlock::createRareDataIfNecessary): * bytecode/DFGExitProfile.cpp: (JSC::DFG::ExitProfile::add): * bytecode/DeferredCompilationCallback.cpp: (JSC::DeferredCompilationCallback::ensureDeferredSourceDump): * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeForStubInfoWithoutExitSiteFeedback): * bytecode/GetByIdVariant.cpp: (JSC::GetByIdVariant::operator=): * bytecode/LazyOperandValueProfile.cpp: (JSC::CompressedLazyOperandValueProfileHolder::add): * bytecode/PolyProtoAccessChain.h: (JSC::PolyProtoAccessChain::clone): * bytecode/PolymorphicAccess.cpp: (JSC::PolymorphicAccess::regenerate): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeForStubInfo): * bytecode/PutByIdVariant.cpp: (JSC::PutByIdVariant::operator=): * bytecode/RecordedStatuses.cpp: (JSC::RecordedStatuses::addCallLinkStatus): (JSC::RecordedStatuses::addGetByIdStatus): (JSC::RecordedStatuses::addPutByIdStatus): (JSC::RecordedStatuses::addInByIdStatus): * bytecode/StructureStubClearingWatchpoint.cpp: (JSC::WatchpointsOnStructureStubInfo::ensureReferenceAndAddWatchpoint): * bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::addAccessCase): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::livenessAnalysisSlow): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::createRareDataIfNecessary): * bytecode/UnlinkedFunctionExecutable.cpp: (JSC::UnlinkedFunctionExecutable::ensureRareDataSlow): * bytecompiler/BytecodeGenerator.h: (JSC::BytecodeGenerator::generate): * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::AbstractInterpreter): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::Graph): (JSC::DFG::Graph::livenessFor): (JSC::DFG::Graph::killsFor): (JSC::DFG::Graph::ensureCPSCFG): (JSC::DFG::Graph::ensureCPSDominators): (JSC::DFG::Graph::ensureSSADominators): (JSC::DFG::Graph::ensureCPSNaturalLoops): (JSC::DFG::Graph::ensureSSANaturalLoops): (JSC::DFG::Graph::ensureBackwardsCFG): (JSC::DFG::Graph::ensureBackwardsDominators): (JSC::DFG::Graph::ensureControlEquivalenceAnalysis): * dfg/DFGJITCompiler.cpp: (JSC::DFG::JITCompiler::JITCompiler): (JSC::DFG::JITCompiler::link): (JSC::DFG::JITCompiler::compile): (JSC::DFG::JITCompiler::compileFunction): (JSC::DFG::JITCompiler::addressOfDoubleConstant): * dfg/DFGLivenessAnalysisPhase.cpp: * dfg/DFGPlan.cpp: (JSC::DFG::Plan::compileInThreadImpl): * dfg/DFGSSAConversionPhase.cpp: (JSC::DFG::SSAConversionPhase::run): * dfg/DFGSlowPathGenerator.h: (JSC::DFG::slowPathCall): (JSC::DFG::slowPathMove): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::emitAllocateRawObject): (JSC::DFG::SpeculativeJIT::arrayify): (JSC::DFG::SpeculativeJIT::compileGetByValOnString): (JSC::DFG::SpeculativeJIT::compileCreateDirectArguments): (JSC::DFG::SpeculativeJIT::compileArraySlice): (JSC::DFG::SpeculativeJIT::emitStructureCheck): (JSC::DFG::SpeculativeJIT::compileAllocateNewArrayWithSize): * dfg/DFGStoreBarrierInsertionPhase.cpp: * dfg/DFGWorklist.cpp: (JSC::DFG::Worklist::createNewThread): * disassembler/Disassembler.cpp: (JSC::disassembleAsynchronously): * ftl/FTLAbstractHeap.cpp: (JSC::FTL::IndexedAbstractHeap::atSlow): * ftl/FTLCompile.cpp: (JSC::FTL::compile): * ftl/FTLFail.cpp: (JSC::FTL::fail): * ftl/FTLLink.cpp: (JSC::FTL::link): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::lazySlowPath): * ftl/FTLState.cpp: (JSC::FTL::State::State): * heap/CompleteSubspace.cpp: (JSC::CompleteSubspace::allocatorForSlow): * heap/Heap.cpp: (JSC::Heap::Heap): (JSC::Heap::protectedObjectTypeCounts): (JSC::Heap::objectTypeCounts): (JSC::Heap::addCoreConstraints): * heap/HeapInlines.h: * heap/HeapSnapshotBuilder.cpp: (JSC::HeapSnapshotBuilder::buildSnapshot): * heap/IsoCellSet.cpp: (JSC::IsoCellSet::addSlow): * heap/IsoSubspace.cpp: (JSC::IsoSubspace::IsoSubspace): * heap/MarkingConstraintSet.cpp: (JSC::MarkingConstraintSet::add): * inspector/JSGlobalObjectConsoleClient.cpp: (Inspector::JSGlobalObjectConsoleClient::messageWithTypeAndLevel): (Inspector::JSGlobalObjectConsoleClient::profile): (Inspector::JSGlobalObjectConsoleClient::profileEnd): (Inspector::JSGlobalObjectConsoleClient::warnUnimplemented): * inspector/JSGlobalObjectInspectorController.cpp: (Inspector::JSGlobalObjectInspectorController::JSGlobalObjectInspectorController): (Inspector::JSGlobalObjectInspectorController::reportAPIException): (Inspector::JSGlobalObjectInspectorController::ensureInspectorAgent): (Inspector::JSGlobalObjectInspectorController::ensureDebuggerAgent): (Inspector::JSGlobalObjectInspectorController::createLazyAgents): * inspector/agents/InspectorAgent.cpp: (Inspector::InspectorAgent::InspectorAgent): * inspector/agents/InspectorConsoleAgent.cpp: (Inspector::InspectorConsoleAgent::InspectorConsoleAgent): (Inspector::InspectorConsoleAgent::startTiming): (Inspector::InspectorConsoleAgent::logTiming): (Inspector::InspectorConsoleAgent::stopTiming): (Inspector::InspectorConsoleAgent::count): (Inspector::InspectorConsoleAgent::countReset): * inspector/agents/InspectorDebuggerAgent.cpp: (Inspector::InspectorDebuggerAgent::InspectorDebuggerAgent): * inspector/agents/InspectorHeapAgent.cpp: (Inspector::InspectorHeapAgent::InspectorHeapAgent): * inspector/agents/InspectorScriptProfilerAgent.cpp: (Inspector::InspectorScriptProfilerAgent::InspectorScriptProfilerAgent): * inspector/agents/InspectorTargetAgent.cpp: (Inspector::InspectorTargetAgent::InspectorTargetAgent): * inspector/agents/JSGlobalObjectDebuggerAgent.cpp: (Inspector::JSGlobalObjectDebuggerAgent::breakpointActionLog): * inspector/agents/JSGlobalObjectRuntimeAgent.cpp: (Inspector::JSGlobalObjectRuntimeAgent::JSGlobalObjectRuntimeAgent): * inspector/remote/socket/RemoteInspectorSocketEndpoint.cpp: (Inspector::RemoteInspectorSocketEndpoint::createClient): * inspector/remote/socket/RemoteInspectorSocketEndpoint.h: * inspector/scripts/codegen/objc_generator_templates.py: * inspector/scripts/tests/all/expected/definitions-with-mac-platform.json-result: * inspector/scripts/tests/generic/expected/commands-with-async-attribute.json-result: * inspector/scripts/tests/generic/expected/commands-with-optional-call-return-parameters.json-result: * inspector/scripts/tests/generic/expected/domain-availability.json-result: * inspector/scripts/tests/generic/expected/domains-with-varying-command-sizes.json-result: * inspector/scripts/tests/generic/expected/enum-values.json-result: * inspector/scripts/tests/generic/expected/generate-domains-with-feature-guards.json-result: * inspector/scripts/tests/mac/expected/definitions-with-mac-platform.json-result: * jit/JIT.cpp: (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): * jit/JITThunks.cpp: (JSC::JITThunks::JITThunks): * jit/Repatch.cpp: (JSC::linkPolymorphicCall): * jsc.cpp: (runJSC): * parser/Parser.cpp: (JSC::Parser<LexerType>::Parser): * parser/Parser.h: (JSC::Scope::pushLabel): (JSC::Parser<LexerType>::parse): * parser/ParserArena.h: (JSC::ParserArena::identifierArena): * profiler/ProfilerCompilation.cpp: (JSC::Profiler::Compilation::executionCounterFor): * runtime/Error.cpp: (JSC::getStackTrace): * runtime/FunctionExecutable.cpp: (JSC::FunctionExecutable::ensureRareDataSlow): * runtime/FunctionRareData.h: (JSC::FunctionRareData::createAllocationProfileClearingWatchpoint): * runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::init): (JSC::JSGlobalObject::tryInstallArraySpeciesWatchpoint): * runtime/JSGlobalObject.h: (JSC::JSGlobalObject::createRareDataIfNeeded): * runtime/JSRunLoopTimer.cpp: (JSC::JSRunLoopTimer::Manager::PerVMData::PerVMData): (JSC::JSRunLoopTimer::Manager::registerVM): * runtime/PropertyMapHashTable.h: (JSC::PropertyTable::addDeletedOffset): * runtime/PropertyTable.cpp: (JSC::PropertyTable::PropertyTable): * runtime/RegExp.cpp: (JSC::RegExp::finishCreation): * runtime/RegExp.h: * runtime/ScriptExecutable.cpp: (JSC::ScriptExecutable::ensureTemplateObjectMapImpl): * runtime/Structure.cpp: (JSC::Structure::ensurePropertyReplacementWatchpointSet): * runtime/StructureRareData.cpp: (JSC::StructureRareData::setObjectToStringValue): * runtime/SymbolTable.cpp: (JSC::SymbolTable::localToEntry): (JSC::SymbolTable::cloneScopePart): (JSC::SymbolTable::prepareForTypeProfiling): (JSC::SymbolTable::setRareDataCodeBlock): * runtime/TypeSet.cpp: (JSC::StructureShape::propertyHash): * runtime/VM.cpp: (JSC::VM::VM): (JSC::VM::ensureHeapProfiler): (JSC::VM::enableTypeProfiler): (JSC::VM::enableControlFlowProfiler): (JSC::VM::queueMicrotask): (JSC::VM::ensureShadowChicken): * wasm/WasmAirIRGenerator.cpp: (JSC::Wasm::AirIRGenerator::emitPatchpoint): (JSC::Wasm::AirIRGenerator::emitCheck): (JSC::Wasm::parseAndCompileAir): * wasm/WasmB3IRGenerator.cpp: (JSC::Wasm::parseAndCompile): * wasm/WasmBBQPlan.cpp: (JSC::Wasm::BBQPlan::complete): * wasm/WasmOMGPlan.cpp: (JSC::Wasm::OMGPlan::work): * wasm/WasmWorklist.cpp: (JSC::Wasm::Worklist::Worklist): * wasm/js/JSToWasm.cpp: (JSC::Wasm::createJSToWasmWrapper): * yarr/YarrInterpreter.cpp: (JSC::Yarr::ByteCompiler::compile): (JSC::Yarr::ByteCompiler::atomParenthesesSubpatternEnd): (JSC::Yarr::ByteCompiler::regexBegin): * yarr/YarrJIT.cpp: (JSC::Yarr::YarrGenerator::compile): * yarr/YarrPattern.cpp: (JSC::Yarr::CharacterClassConstructor::charClass): (JSC::Yarr::YarrPatternConstructor::YarrPatternConstructor): (JSC::Yarr::YarrPatternConstructor::resetForReparsing): (JSC::Yarr::YarrPatternConstructor::atomParenthesesSubpatternBegin): (JSC::Yarr::YarrPatternConstructor::atomParentheticalAssertionBegin): (JSC::Yarr::YarrPatternConstructor::copyDisjunction): (JSC::Yarr::anycharCreate): * yarr/YarrPattern.h: (JSC::Yarr::PatternDisjunction::addNewAlternative): * yarr/create_regex_tables: * yarr/generateYarrUnicodePropertyTables.py: Source/WebCore: Reviewed by Geoff Garen. * Modules/applicationmanifest/ApplicationManifestParser.cpp: (WebCore::ApplicationManifestParser::logDeveloperWarning): * Modules/beacon/NavigatorBeacon.cpp: (WebCore::NavigatorBeacon::from): * Modules/cache/DOMWindowCaches.cpp: (WebCore::DOMWindowCaches::from): * Modules/cache/WorkerGlobalScopeCaches.cpp: (WebCore::WorkerGlobalScopeCaches::from): * Modules/credentialmanagement/NavigatorCredentials.cpp: (WebCore::NavigatorCredentials::from): * Modules/encryptedmedia/InitDataRegistry.cpp: (WebCore::InitDataRegistry::extractPsshBoxesFromCenc): * Modules/encryptedmedia/legacy/LegacyCDM.cpp: (WebCore::LegacyCDM::create): * Modules/encryptedmedia/legacy/LegacyCDMPrivateClearKey.cpp: (WebCore::LegacyCDMPrivateClearKey::createSession): * Modules/fetch/FetchBodyOwner.cpp: (WebCore::FetchBodyOwner::loadBlob): * Modules/fetch/FetchResponse.cpp: (WebCore::FetchResponse::fetch): (WebCore::FetchResponse::BodyLoader::start): * Modules/gamepad/NavigatorGamepad.cpp: (WebCore::NavigatorGamepad::from): * Modules/geolocation/GeolocationController.cpp: (WebCore::provideGeolocationTo): * Modules/geolocation/NavigatorGeolocation.cpp: (WebCore::NavigatorGeolocation::from): * Modules/indexeddb/DOMWindowIndexedDatabase.cpp: (WebCore::DOMWindowIndexedDatabase::from): * Modules/indexeddb/IDBObjectStore.cpp: (WebCore::IDBObjectStore::index): * Modules/indexeddb/IDBTransaction.cpp: (WebCore::IDBTransaction::objectStore): (WebCore::IDBTransaction::createObjectStore): (WebCore::IDBTransaction::createIndex): * Modules/indexeddb/WorkerGlobalScopeIndexedDatabase.cpp: (WebCore::WorkerGlobalScopeIndexedDatabase::from): * Modules/indexeddb/client/IDBConnectionToServer.cpp: (WebCore::IDBClient::IDBConnectionToServer::IDBConnectionToServer): * Modules/indexeddb/client/TransactionOperation.cpp: (WebCore::IDBClient::TransactionOperation::TransactionOperation): * Modules/indexeddb/server/IDBServer.cpp: (WebCore::IDBServer::IDBServer::getOrCreateUniqueIDBDatabase): (WebCore::IDBServer::IDBServer::createBackingStore): (WebCore::IDBServer::IDBServer::ensureQuotaUser): * Modules/indexeddb/server/IndexValueStore.cpp: (WebCore::IDBServer::IndexValueStore::addRecord): * Modules/indexeddb/server/MemoryBackingStoreTransaction.cpp: (WebCore::IDBServer::MemoryBackingStoreTransaction::create): (WebCore::IDBServer::MemoryBackingStoreTransaction::MemoryBackingStoreTransaction): (WebCore::IDBServer::MemoryBackingStoreTransaction::recordValueChanged): * Modules/indexeddb/server/MemoryIDBBackingStore.cpp: (WebCore::IDBServer::MemoryIDBBackingStore::create): (WebCore::IDBServer::MemoryIDBBackingStore::getOrEstablishDatabaseInfo): (WebCore::IDBServer::MemoryIDBBackingStore::setDatabaseInfo): * Modules/indexeddb/server/MemoryIndex.cpp: (WebCore::IDBServer::MemoryIndex::putIndexKey): (WebCore::IDBServer::MemoryIndex::maybeOpenCursor): * Modules/indexeddb/server/MemoryObjectStore.cpp: (WebCore::IDBServer::MemoryObjectStore::addRecord): (WebCore::IDBServer::MemoryObjectStore::maybeOpenCursor): * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp: (WebCore::IDBServer::SQLiteIDBBackingStore::createAndPopulateInitialDatabaseInfo): (WebCore::IDBServer::SQLiteIDBBackingStore::extractExistingDatabaseInfo): (WebCore::IDBServer::SQLiteIDBBackingStore::getOrEstablishDatabaseInfo): (WebCore::IDBServer::SQLiteIDBBackingStore::beginTransaction): (WebCore::IDBServer::SQLiteIDBBackingStore::cachedStatement): * Modules/indexeddb/server/SQLiteIDBCursor.cpp: (WebCore::IDBServer::SQLiteIDBCursor::maybeCreate): (WebCore::IDBServer::SQLiteIDBCursor::maybeCreateBackingStoreCursor): (WebCore::IDBServer::SQLiteIDBCursor::createSQLiteStatement): (WebCore::IDBServer::SQLiteIDBCursor::internalFetchNextRecord): * Modules/indexeddb/server/SQLiteIDBTransaction.cpp: (WebCore::IDBServer::SQLiteIDBTransaction::begin): * Modules/indexeddb/server/UniqueIDBDatabase.cpp: (WebCore::IDBServer::UniqueIDBDatabase::didDeleteBackingStore): (WebCore::IDBServer::UniqueIDBDatabase::didOpenBackingStore): (WebCore::IDBServer::UniqueIDBDatabase::didPerformAbortTransaction): * Modules/indexeddb/server/UniqueIDBDatabaseTransaction.cpp: (WebCore::IDBServer::UniqueIDBDatabaseTransaction::UniqueIDBDatabaseTransaction): * Modules/indexeddb/shared/IDBRequestData.cpp: (WebCore::IDBRequestData::IDBRequestData): (WebCore::IDBRequestData::isolatedCopy): * Modules/indexeddb/shared/IDBRequestData.h: (WebCore::IDBRequestData::decode): * Modules/indexeddb/shared/IDBResultData.cpp: (WebCore::IDBResultData::IDBResultData): (WebCore::IDBResultData::isolatedCopy): (WebCore::IDBResultData::openDatabaseSuccess): (WebCore::IDBResultData::openDatabaseUpgradeNeeded): (WebCore::IDBResultData::deleteDatabaseSuccess): (WebCore::IDBResultData::putOrAddSuccess): (WebCore::IDBResultData::getRecordSuccess): (WebCore::IDBResultData::getAllRecordsSuccess): (WebCore::IDBResultData::openCursorSuccess): (WebCore::IDBResultData::iterateCursorSuccess): * Modules/indexeddb/shared/IDBResultData.h: (WebCore::IDBResultData::decode): * Modules/indexeddb/shared/IDBTransactionInfo.cpp: (WebCore::IDBTransactionInfo::versionChange): (WebCore::IDBTransactionInfo::IDBTransactionInfo): (WebCore::IDBTransactionInfo::isolatedCopy): * Modules/indexeddb/shared/IDBTransactionInfo.h: (WebCore::IDBTransactionInfo::decode): * Modules/indexeddb/shared/InProcessIDBServer.cpp: (WebCore::InProcessIDBServer::quotaManager): * Modules/mediacapabilities/NavigatorMediaCapabilities.cpp: (WebCore::NavigatorMediaCapabilities::from): * Modules/mediasession/WebMediaSessionManager.cpp: (WebCore::WebMediaSessionManager::mockPicker): (WebCore::WebMediaSessionManager::addPlaybackTargetPickerClient): * Modules/mediasource/MediaSource.cpp: (WebCore::MediaSource::buffered const): (WebCore::MediaSource::setLiveSeekableRange): * Modules/mediastream/NavigatorMediaDevices.cpp: (WebCore::NavigatorMediaDevices::from): * Modules/mediastream/UserMediaController.cpp: (WebCore::provideUserMediaTo): * Modules/mediastream/libwebrtc/LibWebRTCDataChannelHandler.cpp: (WebCore::LibWebRTCDataChannelHandler::channelEvent): * Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp: (WebCore::LibWebRTCMediaEndpoint::addRemoteTrack): (WebCore::LibWebRTCMediaEndpoint::collectTransceivers): (WebCore::LibWebRTCMediaEndpoint::newTransceiver): (WebCore::LibWebRTCMediaEndpoint::createTransceiverBackends): (WebCore::LibWebRTCMediaEndpoint::transceiverBackendFromSender): (WebCore::LibWebRTCMediaEndpoint::createDataChannel): * Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp: (WebCore::createLibWebRTCPeerConnectionBackend): (WebCore::LibWebRTCPeerConnectionBackend::videoReceiver): (WebCore::LibWebRTCPeerConnectionBackend::audioReceiver): (WebCore::LibWebRTCPeerConnectionBackend::addTrack): (WebCore::LibWebRTCPeerConnectionBackend::addTransceiver): * Modules/mediastream/libwebrtc/LibWebRTCRtpSenderBackend.cpp: (WebCore::LibWebRTCRtpSenderBackend::createDTMFBackend): * Modules/mediastream/libwebrtc/LibWebRTCRtpTransceiverBackend.cpp: (WebCore::LibWebRTCRtpTransceiverBackend::createReceiverBackend): (WebCore::LibWebRTCRtpTransceiverBackend::createSenderBackend): * Modules/notifications/Notification.cpp: (WebCore::Notification::Notification): * Modules/notifications/NotificationController.cpp: (WebCore::provideNotification): * Modules/quota/DOMWindowQuota.cpp: (WebCore::DOMWindowQuota::from): * Modules/quota/NavigatorStorageQuota.cpp: (WebCore::NavigatorStorageQuota::from): * Modules/quota/WorkerNavigatorStorageQuota.cpp: (WebCore::WorkerNavigatorStorageQuota::from): * Modules/speech/DOMWindowSpeechSynthesis.cpp: (WebCore::DOMWindowSpeechSynthesis::from): * Modules/speech/SpeechSynthesis.cpp: (WebCore::SpeechSynthesis::ensurePlatformSpeechSynthesizer): * Modules/webaudio/AsyncAudioDecoder.cpp: (WebCore::AsyncAudioDecoder::decodeAsync): * Modules/webaudio/AudioBasicInspectorNode.cpp: (WebCore::AudioBasicInspectorNode::AudioBasicInspectorNode): * Modules/webaudio/AudioBasicProcessorNode.cpp: (WebCore::AudioBasicProcessorNode::AudioBasicProcessorNode): * Modules/webaudio/AudioBufferSourceNode.cpp: (WebCore::AudioBufferSourceNode::AudioBufferSourceNode): * Modules/webaudio/AudioContext.cpp: (WebCore::AudioContext::AudioContext): (WebCore::AudioContext::decodeAudioData): * Modules/webaudio/AudioDestinationNode.cpp: (WebCore::AudioDestinationNode::AudioDestinationNode): * Modules/webaudio/BiquadFilterNode.cpp: (WebCore::BiquadFilterNode::BiquadFilterNode): * Modules/webaudio/BiquadProcessor.cpp: (WebCore::BiquadProcessor::createKernel): (WebCore::BiquadProcessor::getFrequencyResponse): * Modules/webaudio/ChannelMergerNode.cpp: (WebCore::ChannelMergerNode::ChannelMergerNode): * Modules/webaudio/ChannelSplitterNode.cpp: (WebCore::ChannelSplitterNode::ChannelSplitterNode): * Modules/webaudio/ConvolverNode.cpp: (WebCore::ConvolverNode::ConvolverNode): (WebCore::ConvolverNode::setBuffer): * Modules/webaudio/DelayNode.cpp: (WebCore::DelayNode::DelayNode): * Modules/webaudio/DelayProcessor.cpp: (WebCore::DelayProcessor::createKernel): * Modules/webaudio/DynamicsCompressorNode.cpp: (WebCore::DynamicsCompressorNode::DynamicsCompressorNode): (WebCore::DynamicsCompressorNode::initialize): * Modules/webaudio/GainNode.cpp: (WebCore::GainNode::GainNode): * Modules/webaudio/MediaElementAudioSourceNode.cpp: (WebCore::MediaElementAudioSourceNode::MediaElementAudioSourceNode): (WebCore::MediaElementAudioSourceNode::setFormat): * Modules/webaudio/MediaStreamAudioSourceNode.cpp: (WebCore::MediaStreamAudioSourceNode::MediaStreamAudioSourceNode): (WebCore::MediaStreamAudioSourceNode::setFormat): * Modules/webaudio/OscillatorNode.cpp: (WebCore::OscillatorNode::OscillatorNode): * Modules/webaudio/PannerNode.cpp: (WebCore::PannerNode::PannerNode): * Modules/webaudio/PeriodicWave.cpp: (WebCore::PeriodicWave::createBandLimitedTables): * Modules/webaudio/RealtimeAnalyser.cpp: (WebCore::RealtimeAnalyser::RealtimeAnalyser): (WebCore::RealtimeAnalyser::setFftSize): * Modules/webaudio/ScriptProcessorNode.cpp: (WebCore::ScriptProcessorNode::ScriptProcessorNode): * Modules/webaudio/WaveShaperDSPKernel.cpp: (WebCore::WaveShaperDSPKernel::lazyInitializeOversampling): * Modules/webaudio/WaveShaperNode.cpp: (WebCore::WaveShaperNode::WaveShaperNode): * Modules/webaudio/WaveShaperProcessor.cpp: (WebCore::WaveShaperProcessor::createKernel): * Modules/webauthn/fido/FidoHidMessage.cpp: (fido::FidoHidMessage::FidoHidMessage): * Modules/webauthn/fido/FidoHidPacket.cpp: (fido::FidoHidInitPacket::createFromSerializedData): (fido::FidoHidContinuationPacket::createFromSerializedData): * Modules/webdatabase/Database.cpp: (WebCore::Database::openAndVerifyVersion): (WebCore::Database::close): (WebCore::Database::scheduleTransaction): (WebCore::Database::scheduleTransactionStep): (WebCore::Database::tableNames): * Modules/webdatabase/DatabaseThread.cpp: (WebCore::DatabaseThread::DatabaseThread): * Modules/webdatabase/DatabaseTracker.cpp: (WebCore::DatabaseTracker::addOpenDatabase): (WebCore::DatabaseTracker::recordCreatingDatabase): (WebCore::DatabaseTracker::recordDeletingDatabase): * Modules/webdatabase/SQLTransaction.cpp: (WebCore::SQLTransaction::executeSql): (WebCore::SQLTransaction::openTransactionAndPreflight): * Modules/webdriver/NavigatorWebDriver.cpp: (WebCore::NavigatorWebDriver::from): * Modules/webgpu/NavigatorGPU.cpp: (WebCore::NavigatorGPU::from): * Modules/webgpu/WHLSL/AST/WHLSLEnumerationDefinition.h: * Modules/webgpu/WHLSL/AST/WHLSLVariableDeclaration.h: * Modules/webgpu/WHLSL/Metal/WHLSLFunctionWriter.cpp: (WebCore::WHLSL::Metal::RenderFunctionDefinitionWriter::createEntryPointScaffolding): (WebCore::WHLSL::Metal::ComputeFunctionDefinitionWriter::createEntryPointScaffolding): * Modules/webgpu/WHLSL/Metal/WHLSLTypeNamer.cpp: (WebCore::WHLSL::Metal::TypeNamer::createNameNode): * Modules/webgpu/WHLSL/WHLSLChecker.cpp: (WebCore::WHLSL::Checker::assignConcreteType): (WebCore::WHLSL::Checker::assignType): (WebCore::WHLSL::Checker::forwardType): * Modules/webgpu/WHLSL/WHLSLParser.cpp: (WebCore::WHLSL::Parser::parseSemantic): * Modules/webgpu/WorkerNavigatorGPU.cpp: (WebCore::WorkerNavigatorGPU::from): * Modules/websockets/ThreadableWebSocketChannelClientWrapper.cpp: (WebCore::ThreadableWebSocketChannelClientWrapper::didConnect): (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveMessage): (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveBinaryData): (WebCore::ThreadableWebSocketChannelClientWrapper::didUpdateBufferedAmount): (WebCore::ThreadableWebSocketChannelClientWrapper::didStartClosingHandshake): (WebCore::ThreadableWebSocketChannelClientWrapper::didClose): (WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveMessageError): (WebCore::ThreadableWebSocketChannelClientWrapper::didUpgradeURL): * Modules/websockets/WebSocketChannel.cpp: (WebCore::WebSocketChannel::connect): (WebCore::WebSocketChannel::enqueueTextFrame): (WebCore::WebSocketChannel::enqueueRawFrame): (WebCore::WebSocketChannel::enqueueBlobFrame): (WebCore::WebSocketChannel::processOutgoingFrameQueue): * Modules/websockets/WebSocketDeflateFramer.cpp: (WebCore::WebSocketDeflateFramer::createExtensionProcessor): (WebCore::WebSocketDeflateFramer::enableDeflate): (WebCore::WebSocketDeflateFramer::deflate): (WebCore::WebSocketDeflateFramer::inflate): * Modules/websockets/WebSocketDeflater.cpp: (WebCore::WebSocketDeflater::WebSocketDeflater): (WebCore::WebSocketInflater::WebSocketInflater): * Modules/websockets/WorkerThreadableWebSocketChannel.cpp: (WebCore::WorkerThreadableWebSocketChannel::Bridge::mainThreadInitialize): * Modules/webvr/NavigatorWebVR.cpp: (WebCore::NavigatorWebVR::from): * accessibility/AXObjectCache.cpp: (WebCore::AXObjectCache::startCachingComputedObjectAttributesUntilTreeMutates): * animation/WebAnimation.cpp: (WebCore::WebAnimation::updateFinishedState): * bindings/js/JSDOMWindowBase.cpp: (WebCore::JSDOMWindowBase::queueTaskToEventLoop): * bindings/js/JSEventTargetCustom.cpp: (WebCore::jsEventTargetCast): * bindings/js/JSWorkerGlobalScopeBase.cpp: (WebCore::JSWorkerGlobalScopeBase::queueTaskToEventLoop): * bindings/js/SerializedScriptValue.cpp: (WebCore::transferArrayBuffers): (WebCore::SerializedScriptValue::create): * bindings/js/SerializedScriptValue.h: (WebCore::SerializedScriptValue::decode): * bindings/js/WebCoreJSClientData.cpp: (WebCore::JSVMClientData::initNormalWorld): * bindings/js/WorkerScriptController.cpp: (WebCore::WorkerScriptController::initScript): * bridge/c/c_class.cpp: (JSC::Bindings::CClass::methodNamed const): (JSC::Bindings::CClass::fieldNamed const): * bridge/objc/objc_class.mm: (JSC::Bindings::ObjcClass::methodNamed const): (JSC::Bindings::ObjcClass::fieldNamed const): * bridge/objc/objc_runtime.mm: (JSC::Bindings::callObjCFallbackObject): * contentextensions/CombinedURLFilters.cpp: (WebCore::ContentExtensions::CombinedURLFilters::CombinedURLFilters): (WebCore::ContentExtensions::CombinedURLFilters::addPattern): * crypto/SubtleCrypto.cpp: (WebCore::normalizeCryptoAlgorithmParameters): (WebCore::crossThreadCopyImportParams): * css/CSSCalculationValue.cpp: (WebCore::determineCategory): * css/CSSDefaultStyleSheets.cpp: (WebCore::CSSDefaultStyleSheets::loadFullDefaultStyle): (WebCore::CSSDefaultStyleSheets::loadSimpleDefaultStyle): * css/CSSFontFace.cpp: (WebCore::CSSFontFace::appendSources): * css/CSSFontFaceSet.cpp: (WebCore::CSSFontFaceSet::ensureLocalFontFacesForFamilyRegistered): * css/CSSGroupingRule.cpp: (WebCore::CSSGroupingRule::cssRules const): * css/CSSImageGeneratorValue.cpp: (WebCore::CSSImageGeneratorValue::saveCachedImageForSize): * css/CSSKeyframesRule.cpp: (WebCore::CSSKeyframesRule::cssRules): * css/CSSStyleSheet.cpp: (WebCore::CSSStyleSheet::cssRules): * css/DOMCSSPaintWorklet.cpp: (WebCore::DOMCSSPaintWorklet::from): * css/DOMCSSRegisterCustomProperty.cpp: (WebCore::DOMCSSRegisterCustomProperty::from): * css/DocumentRuleSets.cpp: (WebCore::DocumentRuleSets::DocumentRuleSets): (WebCore::DocumentRuleSets::updateUserAgentMediaQueryStyleIfNeeded const): (WebCore::DocumentRuleSets::initializeUserStyle): (WebCore::makeRuleSet): (WebCore::DocumentRuleSets::resetAuthorStyle): (WebCore::ensureInvalidationRuleSets): * css/ElementRuleCollector.cpp: (WebCore::ElementRuleCollector::collectSlottedPseudoElementRulesForSlot): * css/FontFace.cpp: (WebCore::populateFontFaceWithArrayBuffer): * css/PropertySetCSSStyleDeclaration.cpp: (WebCore::PropertySetCSSStyleDeclaration::wrapForDeprecatedCSSOM): * css/RuleFeature.cpp: (WebCore::RuleFeatureSet::collectFeatures): (WebCore::RuleFeatureSet::add): * css/RuleSet.cpp: (WebCore::RuleSet::addToRuleSet): * css/StyleBuilderConverter.h: (WebCore::StyleBuilderConverter::convertTo100PercentMinusLength): * css/StyleBuilderCustom.h: (WebCore::StyleBuilderCustom::applyTextOrBoxShadowValue): (WebCore::StyleBuilderCustom::applyInheritTextShadow): (WebCore::StyleBuilderCustom::applyInheritBoxShadow): (WebCore::StyleBuilderCustom::applyValueContent): * css/StyleProperties.cpp: (WebCore::MutableStyleProperties::ensureCSSStyleDeclaration): (WebCore::MutableStyleProperties::ensureInlineCSSStyleDeclaration): * css/StyleResolver.cpp: (WebCore::StyleResolver::cascadedPropertiesForRollback): * css/makeprop.pl: (generateFillLayerPropertyInheritValueSetter): (generateFillLayerPropertyValueSetter): * css/parser/CSSParserImpl.cpp: (WebCore::CSSParserImpl::CSSParserImpl): (WebCore::CSSParserImpl::parsePageSelector): (WebCore::CSSParserImpl::consumeMediaRule): (WebCore::CSSParserImpl::consumeSupportsRule): (WebCore::CSSParserImpl::consumeKeyframesRule): * css/parser/CSSParserSelector.cpp: (WebCore::CSSParserSelector::parsePagePseudoSelector): (WebCore::CSSParserSelector::parsePseudoElementSelector): (WebCore::CSSParserSelector::parsePseudoClassSelector): (WebCore::CSSParserSelector::CSSParserSelector): (WebCore::CSSParserSelector::adoptSelectorVector): (WebCore::CSSParserSelector::prependTagSelector): * css/parser/CSSPropertyParser.cpp: (WebCore::consumeBasicShapePath): * css/parser/CSSSelectorParser.cpp: (WebCore::CSSSelectorParser::consumePseudo): * dom/CustomElementReactionQueue.cpp: (WebCore::CustomElementReactionQueue::ensureBackupQueue): * dom/DataTransfer.cpp: (WebCore::DataTransfer::items): (WebCore::DataTransfer::createForInputEvent): (WebCore::DataTransfer::createForDragStartEvent): (WebCore::DataTransfer::setDragImage): * dom/DeviceOrientationController.cpp: (WebCore::provideDeviceOrientationTo): * dom/Document.cpp: (WebCore::Document::Document): (WebCore::Document::buildAccessKeyCache): (WebCore::Document::implementation): (WebCore::Document::formController): (WebCore::Document::updateTextRenderer): (WebCore::Document::userAgentShadowTreeStyleResolver): (WebCore::Document::axObjectCache const): (WebCore::Document::setParsing): (WebCore::Document::accessSVGExtensions): (WebCore::Document::initSecurityContext): (WebCore::Document::textAutoSizing): (WebCore::Document::didAddWheelEventHandler): (WebCore::Document::didAddTouchEventHandler): (WebCore::Document::didLogMessage): (WebCore::Document::registerCSSProperty): (WebCore::Document::deviceOrientationAndMotionAccessController): (WebCore::Document::contentChangeObserver): (WebCore::Document::domTimerHoldingTank): * dom/Document.h: (WebCore::Document::createParserYieldToken): * dom/DocumentEventQueue.cpp: (WebCore::DocumentEventQueue::DocumentEventQueue): * dom/DocumentMarkerController.cpp: (WebCore::DocumentMarkerController::addMarker): * dom/DocumentStorageAccess.cpp: (WebCore::DocumentStorageAccess::from): (WebCore::DocumentStorageAccess::requestStorageAccess): (WebCore::DocumentStorageAccess::enableTemporaryTimeUserGesture): * dom/Element.cpp: (WebCore::Element::attributes const): (WebCore::Element::setIsDefinedCustomElement): (WebCore::Element::enqueueToUpgrade): (WebCore::Element::classList): (WebCore::Element::dataset): (WebCore::Element::ensureIntersectionObserverData): (WebCore::Element::ensureResizeObserverData): * dom/EventListenerMap.cpp: (WebCore::EventListenerMap::add): * dom/EventNames.h: * dom/EventPath.cpp: (WebCore::EventPath::buildPath): (WebCore::EventPath::EventPath): * dom/IdTargetObserverRegistry.cpp: (WebCore::IdTargetObserverRegistry::addObserver): * dom/KeyboardEvent.cpp: (WebCore::KeyboardEvent::KeyboardEvent): * dom/MutationObserver.cpp: (WebCore::queueMutationObserverCompoundMicrotask): * dom/MutationObserverInterestGroup.cpp: (WebCore::MutationObserverInterestGroup::createIfNeeded): * dom/MutationObserverRegistration.cpp: (WebCore::MutationObserverRegistration::observedSubtreeNodeWillDetach): * dom/Node.cpp: (WebCore::Node::materializeRareData): (WebCore::Node::ensureEventTargetData): (WebCore::Node::registerMutationObserver): * dom/NodeRareData.h: (WebCore::NodeRareData::ensureNodeLists): (WebCore::NodeRareData::ensureMutationObserverData): * dom/RadioButtonGroups.cpp: (WebCore::RadioButtonGroups::addButton): * dom/ScriptExecutionContext.cpp: (WebCore::ScriptExecutionContext::reportException): (WebCore::ScriptExecutionContext::reportUnhandledPromiseRejection): (WebCore::ScriptExecutionContext::ensureRejectedPromiseTrackerSlow): * dom/SelectorQuery.cpp: * dom/ShadowRoot.cpp: (WebCore::ShadowRoot::ShadowRoot): (WebCore::ShadowRoot::moveShadowRootToNewDocument): (WebCore::ShadowRoot::addSlotElementByName): * dom/SlotAssignment.cpp: (WebCore::SlotAssignment::addSlotElementByName): (WebCore::SlotAssignment::assignToSlot): * dom/TreeScope.cpp: (WebCore::TreeScope::TreeScope): (WebCore::TreeScope::addElementById): (WebCore::TreeScope::addElementByName): (WebCore::TreeScope::addImageMap): (WebCore::TreeScope::addImageElementByUsemap): (WebCore::TreeScope::labelElementForId): * editing/Editor.cpp: (WebCore::createDataTransferForClipboardEvent): (WebCore::Editor::Editor): * editing/ReplaceSelectionCommand.cpp: (WebCore::ReplaceSelectionCommand::ensureReplacementFragment): * editing/SelectionRectGatherer.cpp: (WebCore::SelectionRectGatherer::clearAndCreateNotifier): * editing/TextIterator.cpp: (WebCore::TextIterator::handleTextNode): * editing/cocoa/HTMLConverter.mm: (HTMLConverter::HTMLConverter): (HTMLConverterCaches::computedStylePropertyForElement): * editing/markup.cpp: (WebCore::createPageForSanitizingWebContent): * fileapi/AsyncFileStream.cpp: (WebCore::callOnFileThread): (WebCore::AsyncFileStream::AsyncFileStream): * fileapi/FileReader.cpp: (WebCore::FileReader::readInternal): * history/CachedFrame.cpp: (WebCore::CachedFrame::CachedFrame): * history/CachedPage.cpp: (WebCore::CachedPage::CachedPage): * history/PageCache.cpp: (WebCore::PageCache::addIfCacheable): * html/FileInputType.cpp: (WebCore::FileInputType::requestIcon): * html/FormAssociatedElement.cpp: (WebCore::FormAssociatedElement::resetFormAttributeTargetObserver): * html/FormController.cpp: (WebCore::SavedFormState::deserialize): (WebCore::FormController::createSavedFormStateMap): (WebCore::FormController::takeStateForFormElement): * html/HTMLAnchorElement.cpp: (WebCore::HTMLAnchorElement::relList const): * html/HTMLAreaElement.cpp: (WebCore::HTMLAreaElement::mapMouseEvent): * html/HTMLCanvasElement.cpp: (WebCore::HTMLCanvasElement::setImageBuffer const): * html/HTMLCollection.cpp: (WebCore::HTMLCollection::updateNamedElementCache const): * html/HTMLDetailsElement.cpp: (WebCore::HTMLDetailsElement::create): * html/HTMLFormControlElement.cpp: (WebCore::HTMLFormControlElement::updateVisibleValidationMessage): * html/HTMLFormControlsCollection.cpp: (WebCore::HTMLFormControlsCollection::updateNamedElementCache const): * html/HTMLFormElement.cpp: (WebCore::HTMLFormElement::addToPastNamesMap): * html/HTMLIFrameElement.cpp: (WebCore::HTMLIFrameElement::sandbox): * html/HTMLInputElement.cpp: (WebCore::HTMLInputElement::ensureImageLoader): (WebCore::HTMLInputElement::resetListAttributeTargetObserver): * html/HTMLLinkElement.cpp: (WebCore::HTMLLinkElement::sizes): (WebCore::HTMLLinkElement::relList): * html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::finishInitialization): (WebCore::HTMLMediaElement::seekWithTolerance): * html/HTMLOutputElement.cpp: (WebCore::HTMLOutputElement::htmlFor): * html/HTMLPlugInImageElement.cpp: (WebCore::HTMLPlugInImageElement::updateAfterStyleResolution): * html/HTMLSummaryElement.cpp: (WebCore::HTMLSummaryElement::create): * html/HTMLVideoElement.cpp: (WebCore::HTMLVideoElement::didAttachRenderers): (WebCore::HTMLVideoElement::parseAttribute): * html/PublicURLManager.cpp: (WebCore::PublicURLManager::create): * html/ValidationMessage.cpp: (WebCore::ValidationMessage::setMessage): (WebCore::ValidationMessage::setMessageDOMAndStartTimer): (WebCore::ValidationMessage::requestToHideMessage): * html/canvas/CanvasRenderingContext2DBase.cpp: (WebCore::DisplayListDrawingContext::DisplayListDrawingContext): (WebCore::CanvasRenderingContext2DBase::drawingContext const): * html/canvas/WebGL2RenderingContext.cpp: (WebCore::WebGL2RenderingContext::getExtension): * html/canvas/WebGLRenderingContext.cpp: (WebCore::WebGLRenderingContext::getExtension): * html/canvas/WebGLRenderingContextBase.cpp: (WebCore::WebGLRenderingContextBase::initializeNewContext): (WebCore::WebGLRenderingContextBase::compileShader): (WebCore::WebGLRenderingContextBase::printToConsole): * html/parser/CSSPreloadScanner.cpp: (WebCore::CSSPreloadScanner::emitRule): * html/parser/HTMLConstructionSite.cpp: (WebCore::HTMLConstructionSite::insertHTMLElementOrFindCustomElementInterface): * html/parser/HTMLDocumentParser.cpp: (WebCore::HTMLDocumentParser::HTMLDocumentParser): (WebCore::HTMLDocumentParser::pumpTokenizer): (WebCore::HTMLDocumentParser::insert): * html/parser/HTMLElementStack.cpp: (WebCore::HTMLElementStack::insertAbove): (WebCore::HTMLElementStack::pushCommon): * html/parser/HTMLPreloadScanner.cpp: (WebCore::TokenPreloadScanner::StartTagScanner::createPreloadRequest): * html/parser/HTMLToken.h: (WebCore::HTMLToken::beginDOCTYPE): * html/parser/XSSAuditor.cpp: (WebCore::XSSAuditor::filterToken): (WebCore::XSSAuditor::decodedHTTPBodySuffixTree): * html/shadow/TextControlInnerElements.cpp: (WebCore::TextControlInnerTextElement::resolveCustomStyle): * html/track/InbandGenericTextTrack.cpp: (WebCore::InbandGenericTextTrack::parser): * html/track/InbandWebVTTTextTrack.cpp: (WebCore::InbandWebVTTTextTrack::parser): * html/track/LoadableTextTrack.cpp: (WebCore::LoadableTextTrack::loadTimerFired): * inspector/CommandLineAPIHost.cpp: (WebCore::CommandLineAPIHost::CommandLineAPIHost): (WebCore::CommandLineAPIHost::clearAllWrappers): * inspector/DOMEditor.cpp: (WebCore::DOMEditor::insertBefore): (WebCore::DOMEditor::removeChild): (WebCore::DOMEditor::setAttribute): (WebCore::DOMEditor::removeAttribute): (WebCore::DOMEditor::setOuterHTML): (WebCore::DOMEditor::insertAdjacentHTML): (WebCore::DOMEditor::replaceWholeText): (WebCore::DOMEditor::replaceChild): (WebCore::DOMEditor::setNodeValue): * inspector/DOMPatchSupport.cpp: (WebCore::DOMPatchSupport::createDigest): * inspector/InspectorController.cpp: (WebCore::InspectorController::InspectorController): (WebCore::InspectorController::createLazyAgents): (WebCore::InspectorController::ensureInspectorAgent): (WebCore::InspectorController::ensureDOMAgent): (WebCore::InspectorController::ensurePageAgent): * inspector/InspectorHistory.cpp: (WebCore::InspectorHistory::markUndoableState): * inspector/InspectorStyleSheet.cpp: (ParsedStyleSheet::setSourceData): (WebCore::InspectorStyleSheet::ensureSourceData): * inspector/NetworkResourcesData.cpp: (WebCore::NetworkResourcesData::resourceCreated): * inspector/WorkerInspectorController.cpp: (WebCore::WorkerInspectorController::WorkerInspectorController): (WebCore::WorkerInspectorController::connectFrontend): (WebCore::WorkerInspectorController::createLazyAgents): * inspector/agents/InspectorApplicationCacheAgent.cpp: (WebCore::InspectorApplicationCacheAgent::InspectorApplicationCacheAgent): * inspector/agents/InspectorCPUProfilerAgent.cpp: (WebCore::InspectorCPUProfilerAgent::InspectorCPUProfilerAgent): * inspector/agents/InspectorCSSAgent.cpp: (WebCore::InspectorCSSAgent::InspectorCSSAgent): (WebCore::InspectorCSSAgent::setStyleSheetText): (WebCore::InspectorCSSAgent::setStyleText): (WebCore::InspectorCSSAgent::setRuleSelector): (WebCore::InspectorCSSAgent::addRule): * inspector/agents/InspectorCanvasAgent.cpp: (WebCore::InspectorCanvasAgent::InspectorCanvasAgent): (WebCore::InspectorCanvasAgent::recordCanvasAction): * inspector/agents/InspectorDOMAgent.cpp: (WebCore::InspectorDOMAgent::InspectorDOMAgent): (WebCore::InspectorDOMAgent::didCreateFrontendAndBackend): (WebCore::InspectorDOMAgent::pushNodePathToFrontend): (WebCore::InspectorDOMAgent::highlightConfigFromInspectorObject): (WebCore::InspectorDOMAgent::highlightRect): (WebCore::InspectorDOMAgent::highlightQuad): (WebCore::InspectorDOMAgent::innerHighlightQuad): (WebCore::InspectorDOMAgent::highlightFrame): (WebCore::InspectorDOMAgent::setInspectedNode): (WebCore::InspectorDOMAgent::didInvalidateStyleAttr): * inspector/agents/InspectorDOMStorageAgent.cpp: (WebCore::InspectorDOMStorageAgent::InspectorDOMStorageAgent): * inspector/agents/InspectorDatabaseAgent.cpp: (WebCore::InspectorDatabaseAgent::InspectorDatabaseAgent): * inspector/agents/InspectorLayerTreeAgent.cpp: (WebCore::InspectorLayerTreeAgent::InspectorLayerTreeAgent): * inspector/agents/InspectorMemoryAgent.cpp: (WebCore::InspectorMemoryAgent::InspectorMemoryAgent): * inspector/agents/InspectorNetworkAgent.cpp: (WebCore::InspectorNetworkAgent::InspectorNetworkAgent): * inspector/agents/InspectorPageAgent.cpp: (WebCore::InspectorPageAgent::InspectorPageAgent): * inspector/agents/InspectorTimelineAgent.cpp: (WebCore::InspectorTimelineAgent::InspectorTimelineAgent): (WebCore::InspectorTimelineAgent::internalStart): (WebCore::InspectorTimelineAgent::startFromConsole): (WebCore::InspectorTimelineAgent::stopFromConsole): * inspector/agents/InspectorWorkerAgent.cpp: (WebCore::InspectorWorkerAgent::InspectorWorkerAgent): * inspector/agents/WebConsoleAgent.cpp: (WebCore::WebConsoleAgent::didReceiveResponse): (WebCore::WebConsoleAgent::didFailLoading): * inspector/agents/WebHeapAgent.cpp: (WebCore::WebHeapAgent::WebHeapAgent): * inspector/agents/page/PageRuntimeAgent.cpp: (WebCore::PageRuntimeAgent::PageRuntimeAgent): * inspector/agents/worker/WorkerDebuggerAgent.cpp: (WebCore::WorkerDebuggerAgent::breakpointActionLog): * layout/LayoutState.cpp: (WebCore::Layout::LayoutState::displayBoxForLayoutBox const): (WebCore::Layout::LayoutState::createFormattingStateForFormattingRootIfNeeded): (WebCore::Layout::LayoutState::createFormattingContext): * layout/inlineformatting/InlineFormattingContext.cpp: (WebCore::Layout::InlineFormattingContext::collectInlineContent const): * layout/inlineformatting/InlineFormattingContextLineLayout.cpp: (WebCore::Layout::InlineFormattingContext::InlineLayout::createDisplayRuns const): * layout/inlineformatting/InlineLine.cpp: (WebCore::Layout::Line::Line): (WebCore::Layout::Line::appendNonBreakableSpace): (WebCore::Layout::Line::appendTextContent): (WebCore::Layout::Line::appendNonReplacedInlineBox): (WebCore::Layout::Line::appendHardLineBreak): * layout/inlineformatting/InlineTextItem.cpp: (WebCore::Layout::InlineTextItem::createAndAppendTextItems): (WebCore::Layout::InlineTextItem::split const): * layout/layouttree/LayoutBox.cpp: (WebCore::Layout::Box::Box): (WebCore::Layout::Box::ensureRareData): * layout/layouttree/LayoutTreeBuilder.cpp: (WebCore::Layout::TreeBuilder::createLayoutBox): (WebCore::Layout::TreeBuilder::createTableStructure): (WebCore::Layout::printLayoutTreeForLiveDocuments): * layout/tableformatting/TableGrid.cpp: (WebCore::Layout::TableGrid::appendCell): * loader/ContentFilter.cpp: (WebCore::ContentFilter::create): * loader/CrossOriginAccessControl.cpp: (WebCore::validatePreflightResponse): * loader/DocumentLoader.cpp: (WebCore::DocumentLoader::DocumentLoader): (WebCore::DocumentLoader::loadApplicationManifest): (WebCore::DocumentLoader::addAllArchiveResources): (WebCore::DocumentLoader::addArchiveResource): (WebCore::DocumentLoader::loadMainResource): (WebCore::DocumentLoader::didGetLoadDecisionForIcon): * loader/EmptyClients.cpp: (WebCore::pageConfigurationWithEmptyClients): * loader/FrameLoader.cpp: (WebCore::FrameLoader::FrameLoader): (WebCore::FrameLoader::init): (WebCore::FrameLoader::initForSynthesizedDocument): (WebCore::FrameLoader::detachChildren): * loader/LinkLoader.cpp: (WebCore::createLinkPreloadResourceClient): * loader/NavigationScheduler.cpp: (WebCore::NavigationScheduler::scheduleRedirect): (WebCore::NavigationScheduler::scheduleLocationChange): (WebCore::NavigationScheduler::scheduleFormSubmission): (WebCore::NavigationScheduler::scheduleRefresh): (WebCore::NavigationScheduler::scheduleHistoryNavigation): (WebCore::NavigationScheduler::schedulePageBlock): * loader/ProgressTracker.cpp: (WebCore::ProgressTracker::incrementProgress): * loader/TextResourceDecoder.cpp: (WebCore::TextResourceDecoder::checkForHeadCharset): * loader/TextTrackLoader.cpp: (WebCore::TextTrackLoader::processNewCueData): * loader/WorkerThreadableLoader.cpp: (WebCore::WorkerThreadableLoader::MainThreadBridge::MainThreadBridge): * loader/archive/cf/LegacyWebArchive.cpp: (WebCore::LegacyWebArchive::create): * loader/cache/CachedImage.cpp: (WebCore::CachedImage::setBodyDataFrom): (WebCore::CachedImage::createImage): * loader/cache/CachedRawResource.cpp: (WebCore::CachedRawResource::redirectReceived): * loader/cache/CachedResource.cpp: (WebCore::CachedResource::addClientToSet): * loader/cache/CachedResourceLoader.cpp: (WebCore::CachedResourceLoader::requestResource): (WebCore::CachedResourceLoader::preload): (WebCore::CachedResourceLoader::clearPreloads): * loader/cache/MemoryCache.cpp: (WebCore::MemoryCache::ensureSessionResourceMap): (WebCore::MemoryCache::addImageToCache): (WebCore::MemoryCache::lruListFor): * loader/ios/PreviewLoader.mm: (-[WebPreviewLoader initWithResourceLoader:resourceResponse:]): (-[WebPreviewLoader connection:didFailWithError:]): (WebCore::PreviewLoader::create): * page/ContextMenuController.cpp: (WebCore::ContextMenuController::maybeCreateContextMenu): * page/DebugPageOverlays.cpp: (WebCore::MouseWheelRegionOverlay::updateRegion): * page/EventHandler.cpp: (WebCore::EventHandler::EventHandler): * page/FrameView.cpp: (WebCore::FrameView::addEmbeddedObjectToUpdate): (WebCore::FrameView::addSlowRepaintObject): (WebCore::FrameView::addViewportConstrainedObject): (WebCore::FrameView::addScrollableArea): * page/FrameViewLayoutContext.cpp: (WebCore::FrameViewLayoutContext::pushLayoutState): (WebCore::FrameViewLayoutContext::pushLayoutStateForPaginationIfNeeded): * page/NavigatorBase.cpp: (WebCore::NavigatorBase::serviceWorker): * page/Page.cpp: (WebCore::Page::Page): (WebCore::Page::initGroup): (WebCore::Page::setResourceUsageOverlayVisible): * page/PageConsoleClient.cpp: (WebCore::PageConsoleClient::addMessage): (WebCore::PageConsoleClient::messageWithTypeAndLevel): (WebCore::PageConsoleClient::screenshot): * page/PageGroup.cpp: (WebCore::PageGroup::captionPreferences): * page/Performance.cpp: (WebCore::Performance::mark): (WebCore::Performance::clearMarks): (WebCore::Performance::measure): (WebCore::Performance::clearMeasures): * page/PrintContext.cpp: (WebCore::PrintContext::outputLinkedDestinations): * page/RenderingUpdateScheduler.cpp: (WebCore::RenderingUpdateScheduler::startTimer): * page/RenderingUpdateScheduler.h: (WebCore::RenderingUpdateScheduler::create): * page/SecurityPolicy.cpp: (WebCore::SecurityPolicy::addOriginAccessWhitelistEntry): * page/SettingsBase.cpp: (WebCore::SettingsBase::SettingsBase): * page/UserContentController.cpp: (WebCore::UserContentController::addUserScript): (WebCore::UserContentController::addUserStyleSheet): * page/WheelEventDeltaFilter.cpp: (WebCore::WheelEventDeltaFilter::create): * page/animation/CSSAnimationController.cpp: (WebCore::CSSAnimationController::CSSAnimationController): * page/animation/CSSPropertyAnimation.cpp: (WebCore::blendFunc): (WebCore::PropertyWrapperVisitedAffectedColor::PropertyWrapperVisitedAffectedColor): (WebCore::FillLayersPropertyWrapper::FillLayersPropertyWrapper): (WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap): * page/csp/ContentSecurityPolicy.cpp: (WebCore::ContentSecurityPolicy::updateSourceSelf): * page/csp/ContentSecurityPolicyDirectiveList.cpp: (WebCore::ContentSecurityPolicyDirectiveList::create): (WebCore::ContentSecurityPolicyDirectiveList::setCSPDirective): * page/linux/ResourceUsageOverlayLinux.cpp: (WebCore::ResourceUsageOverlay::platformInitialize): * page/mac/PageMac.mm: (WebCore::Page::addSchedulePair): * page/scrolling/AsyncScrollingCoordinator.cpp: (WebCore::AsyncScrollingCoordinator::AsyncScrollingCoordinator): * page/scrolling/ScrollingMomentumCalculator.cpp: (WebCore::ScrollingMomentumCalculator::create): * page/scrolling/ScrollingStateNode.cpp: (WebCore::ScrollingStateNode::appendChild): (WebCore::ScrollingStateNode::insertChild): * page/scrolling/ScrollingStateTree.cpp: (WebCore::ScrollingStateTree::commit): * page/scrolling/ScrollingTreeNode.cpp: (WebCore::ScrollingTreeNode::appendChild): * page/scrolling/mac/ScrollingMomentumCalculatorMac.mm: (WebCore::ScrollingMomentumCalculator::create): * platform/Length.cpp: (WebCore::convertTo100PercentMinusLength): (WebCore::blendMixedTypes): * platform/RemoteCommandListener.cpp: (WebCore::RemoteCommandListener::create): * platform/ScrollAnimator.cpp: (WebCore::ScrollAnimator::create): * platform/ScrollableArea.cpp: (WebCore::ScrollableArea::scrollAnimator const): (WebCore::ScrollableArea::ensureSnapOffsetsInfo): * platform/ThreadGlobalData.cpp: (WebCore::ThreadGlobalData::ThreadGlobalData): * platform/audio/AudioBus.cpp: (WebCore::AudioBus::AudioBus): (WebCore::AudioBus::copyWithGainFrom): * platform/audio/AudioChannel.h: * platform/audio/AudioResampler.cpp: (WebCore::AudioResampler::AudioResampler): (WebCore::AudioResampler::configureChannels): * platform/audio/DynamicsCompressor.cpp: (WebCore::DynamicsCompressor::setNumberOfChannels): * platform/audio/DynamicsCompressorKernel.cpp: (WebCore::DynamicsCompressorKernel::setNumberOfChannels): * platform/audio/FFTFrame.cpp: (WebCore::FFTFrame::createInterpolatedFrame): * platform/audio/HRTFDatabaseLoader.cpp: (WebCore::HRTFDatabaseLoader::load): * platform/audio/HRTFElevation.cpp: (WebCore::HRTFElevation::createForSubject): (WebCore::HRTFElevation::createByInterpolatingSlices): * platform/audio/HRTFKernel.cpp: (WebCore::HRTFKernel::HRTFKernel): (WebCore::HRTFKernel::createImpulseResponse): * platform/audio/MultiChannelResampler.cpp: (WebCore::MultiChannelResampler::MultiChannelResampler): * platform/audio/Panner.cpp: (WebCore::Panner::create): * platform/audio/PlatformMediaSession.cpp: (WebCore::PlatformMediaSession::create): * platform/audio/Reverb.cpp: (WebCore::Reverb::initialize): * platform/audio/ReverbConvolver.cpp: (WebCore::ReverbConvolver::ReverbConvolver): * platform/audio/ReverbConvolverStage.cpp: (WebCore::ReverbConvolverStage::ReverbConvolverStage): * platform/audio/gstreamer/AudioDestinationGStreamer.cpp: (WebCore::AudioDestination::create): * platform/audio/ios/AudioDestinationIOS.cpp: (WebCore::AudioDestination::create): * platform/audio/ios/AudioSessionIOS.mm: (WebCore::AudioSession::AudioSession): * platform/audio/mac/AudioDestinationMac.cpp: (WebCore::AudioDestination::create): * platform/audio/mac/AudioSampleDataSource.mm: (WebCore::AudioSampleDataSource::setInputFormat): (WebCore::AudioSampleDataSource::setOutputFormat): * platform/audio/mac/AudioSessionMac.cpp: (WebCore::AudioSession::AudioSession): * platform/cf/KeyedDecoderCF.cpp: (WebCore::KeyedDecoder::decoder): * platform/cf/KeyedEncoderCF.cpp: (WebCore::KeyedEncoder::encoder): * platform/cf/MainThreadSharedTimerCF.cpp: (WebCore::setupPowerObserver): * platform/cocoa/NetworkExtensionContentFilter.mm: (WebCore::NetworkExtensionContentFilter::create): * platform/cocoa/ParentalControlsContentFilter.mm: (WebCore::ParentalControlsContentFilter::create): * platform/cocoa/ScrollController.mm: (WebCore::ScrollController::updateScrollSnapPoints): * platform/encryptedmedia/clearkey/CDMClearKey.cpp: (WebCore::CDMFactoryClearKey::createCDM): * platform/gamepad/cocoa/GameControllerGamepadProvider.mm: (WebCore::GameControllerGamepadProvider::controllerDidConnect): * platform/gamepad/mac/HIDGamepadProvider.cpp: (WebCore::HIDGamepadProvider::deviceAdded): * platform/generic/KeyedDecoderGeneric.cpp: (WebCore::KeyedDecoderGeneric::Dictionary::add): (WebCore::KeyedDecoder::decoder): (WebCore::KeyedDecoderGeneric::KeyedDecoderGeneric): * platform/generic/KeyedEncoderGeneric.cpp: (WebCore::KeyedEncoder::encoder): * platform/generic/ScrollAnimatorGeneric.cpp: (WebCore::ScrollAnimator::create): (WebCore::ScrollAnimatorGeneric::ScrollAnimatorGeneric): (WebCore::ScrollAnimatorGeneric::ensureSmoothScrollingAnimation): * platform/glib/KeyedDecoderGlib.cpp: (WebCore::KeyedDecoder::decoder): * platform/glib/KeyedEncoderGlib.cpp: (WebCore::KeyedEncoder::encoder): * platform/graphics/BitmapImage.cpp: (WebCore::BitmapImage::startTimer): (WebCore::BitmapImage::decode): * platform/graphics/ComplexTextController.cpp: (WebCore::TextLayout::TextLayout): * platform/graphics/Font.cpp: (WebCore::Font::ensureDerivedFontData const): * platform/graphics/Font.h: (WebCore::Font::boundsForGlyph const): * platform/graphics/FontCache.cpp: (WebCore::FontCache::getCachedFontPlatformData): * platform/graphics/FontCascade.cpp: (WebCore::retrieveOrAddCachedFonts): (WebCore::FontCascade::displayListForTextRun const): * platform/graphics/FontCascadeFonts.cpp: (WebCore::FontCascadeFonts::GlyphPageCacheEntry::setGlyphDataForCharacter): * platform/graphics/GlyphMetricsMap.h: (WebCore::GlyphMetricsMap<T>::locatePageSlowCase): * platform/graphics/GraphicsLayer.cpp: (WebCore::GraphicsLayer::setTransform): (WebCore::GraphicsLayer::setChildrenTransform): * platform/graphics/GraphicsLayer.h: * platform/graphics/Image.cpp: (WebCore::Image::startAnimationAsynchronously): * platform/graphics/MediaPlayer.cpp: (WebCore::MediaPlayer::MediaPlayer): (WebCore::MediaPlayer::loadWithNextMediaEngine): * platform/graphics/MediaPlayerPrivate.h: (WebCore::MediaPlayerPrivateInterface::seekable const): * platform/graphics/PathUtilities.cpp: (WebCore::FloatPointGraph::findOrCreateNode): * platform/graphics/Region.cpp: (WebCore::Region::setShape): * platform/graphics/Region.h: (WebCore::Region::copyShape const): (WebCore::Region::decode): * platform/graphics/TextTrackRepresentation.cpp: (WebCore::TextTrackRepresentation::create): * platform/graphics/angle/GraphicsContext3DANGLE.cpp: (WebCore::GraphicsContext3D::getExtensions): * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm: (WebCore::AudioSourceProviderAVFObjC::prepare): * platform/graphics/avfoundation/CDMFairPlayStreaming.cpp: (WebCore::CDMFactoryFairPlayStreaming::createCDM): * platform/graphics/avfoundation/CDMPrivateMediaSourceAVFObjC.mm: (WebCore::CDMPrivateMediaSourceAVFObjC::createSession): * platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp: (WebCore::MediaPlayerPrivateAVFoundation::buffered const): * platform/graphics/avfoundation/WebMediaSessionManagerMac.cpp: (WebCore::WebMediaSessionManagerMac::platformPicker): * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp: (WebCore::MediaPlayerPrivateAVFoundationCF::registerMediaEngine): (WebCore::MediaPlayerPrivateAVFoundationCF::platformBufferedTimeRanges const): (WebCore::MediaPlayerPrivateAVFoundationCF::createSession): (WebCore::AVFWrapper::notificationCallback): (WebCore::AVFWrapper::legibleOutputCallback): (WebCore::AVFWrapper::resourceLoaderShouldWaitForLoadingOfRequestedResource): (WebCore::AVFWrapper::platformLayer): * platform/graphics/avfoundation/objc/AudioTrackPrivateAVFObjC.mm: (WebCore::AudioTrackPrivateAVFObjC::AudioTrackPrivateAVFObjC): (WebCore::AudioTrackPrivateAVFObjC::setPlayerItemTrack): (WebCore::AudioTrackPrivateAVFObjC::setAssetTrack): (WebCore::AudioTrackPrivateAVFObjC::setMediaSelectionOption): * platform/graphics/avfoundation/objc/AudioTrackPrivateMediaSourceAVFObjC.cpp: (WebCore::AudioTrackPrivateMediaSourceAVFObjC::AudioTrackPrivateMediaSourceAVFObjC): (WebCore::AudioTrackPrivateMediaSourceAVFObjC::setAssetTrack): * platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.mm: (WebCore::ImageDecoderAVFObjC::readTrackMetadata): * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::MediaPlayerPrivateAVFoundationObjC::registerMediaEngine): (WebCore::MediaPlayerPrivateAVFoundationObjC::MediaPlayerPrivateAVFoundationObjC): (WebCore::MediaPlayerPrivateAVFoundationObjC::platformBufferedTimeRanges const): (WebCore::MediaPlayerPrivateAVFoundationObjC::updateRotationSession): (WebCore::MediaPlayerPrivateAVFoundationObjC::updateLastImage): (WebCore::MediaPlayerPrivateAVFoundationObjC::copyVideoTextureToPlatformTexture): (WebCore::MediaPlayerPrivateAVFoundationObjC::createSession): * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm: (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC): (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::registerMediaEngine): (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekWithTolerance): (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekable const): (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::buffered const): (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::updateLastImage): (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::copyVideoTextureToPlatformTexture): * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC): (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::registerMediaEngine): (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::seekable const): (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::buffered const): (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateCurrentFrameImage): * platform/graphics/avfoundation/objc/VideoTrackPrivateAVFObjC.cpp: (WebCore::VideoTrackPrivateAVFObjC::VideoTrackPrivateAVFObjC): (WebCore::VideoTrackPrivateAVFObjC::setPlayerItemTrack): (WebCore::VideoTrackPrivateAVFObjC::setAssetTrack): (WebCore::VideoTrackPrivateAVFObjC::setMediaSelectonOption): * platform/graphics/avfoundation/objc/VideoTrackPrivateMediaSourceAVFObjC.mm: (WebCore::VideoTrackPrivateMediaSourceAVFObjC::VideoTrackPrivateMediaSourceAVFObjC): (WebCore::VideoTrackPrivateMediaSourceAVFObjC::setAssetTrack): * platform/graphics/ca/GraphicsLayerCA.cpp: (WebCore::GraphicsLayerCA::recursiveCommitChanges): (WebCore::GraphicsLayerCA::ensureLayerAnimations): (WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes): * platform/graphics/ca/TileController.cpp: (WebCore::TileController::TileController): (WebCore::TileController::setContentsScale): (WebCore::TileController::adjustTileCoverageRectForScrolling): (WebCore::TileController::tiledScrollingIndicatorLayer): * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm: (WebCore::PlatformCALayerCocoa::commonInit): (WebCore::PlatformCALayerCocoa::setShapeRoundedRect): * platform/graphics/ca/cocoa/WebTiledBackingLayer.mm: (-[WebTiledBackingLayer createTileController:]): * platform/graphics/ca/win/PlatformCALayerWin.cpp: (PlatformCALayerWin::PlatformCALayerWin): * platform/graphics/ca/win/WebTiledBackingLayerWin.cpp: (WebTiledBackingLayerWin::createTileController): * platform/graphics/cairo/GraphicsContextImplCairo.cpp: (WebCore::GraphicsContextImplCairo::createFactory): (WebCore::m_private): * platform/graphics/cairo/ImageBufferCairo.cpp: (WebCore::ImageBufferData::swapBuffersIfNeeded): (WebCore::ImageBuffer::ImageBuffer): * platform/graphics/cg/ImageBufferCG.cpp: (WebCore::ImageBuffer::ImageBuffer): * platform/graphics/cocoa/FontCacheCoreText.cpp: (WebCore::FontCache::createFontPlatformData): * platform/graphics/cocoa/FontFamilySpecificationCoreText.cpp: (WebCore::FontFamilySpecificationCoreText::fontRanges const): * platform/graphics/cocoa/GraphicsContext3DCocoa.mm: (WebCore::GraphicsContext3D::GraphicsContext3D): * platform/graphics/cocoa/IOSurface.mm: (WebCore::IOSurface::ensureGraphicsContext): * platform/graphics/cocoa/TextTrackRepresentationCocoa.mm: (TextTrackRepresentation::create): * platform/graphics/cv/TextureCacheCV.mm: (WebCore::TextureCacheCV::create): * platform/graphics/displaylists/DisplayListReplayer.cpp: (WebCore::DisplayList::Replayer::replay): * platform/graphics/filters/FilterOperation.cpp: (WebCore::ReferenceFilterOperation::loadExternalDocumentIfNeeded): * platform/graphics/freetype/FontCacheFreeType.cpp: (WebCore::FontCache::createFontPlatformData): * platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp: (WebCore::createFontCustomPlatformData): * platform/graphics/gpu/Texture.cpp: (WebCore::Texture::create): * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp: (WebCore::MediaPlayerPrivateGStreamer::registerMediaEngine): (WebCore::MediaPlayerPrivateGStreamer::buffered const): (WebCore::MediaPlayerPrivateGStreamer::ensureAudioSourceProvider): * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp: (WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor): (WebCore::MediaPlayerPrivateGStreamerBase::copyVideoTextureToPlatformTexture): (WebCore::MediaPlayerPrivateGStreamerBase::nativeImageForCurrentTime): (WebCore::MediaPlayerPrivateGStreamerBase::pushNextHolePunchBuffer): * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp: (webKitWebSrcMakeRequest): * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp: (WebCore::MediaPlayerPrivateGStreamerMSE::registerMediaEngine): (WebCore::MediaPlayerPrivateGStreamerMSE::buffered const): * platform/graphics/holepunch/MediaPlayerPrivateHolePunch.cpp: (WebCore::MediaPlayerPrivateHolePunch::pushNextHolePunchBuffer): (WebCore::MediaPlayerPrivateHolePunch::registerMediaEngine): * platform/graphics/holepunch/MediaPlayerPrivateHolePunch.h: * platform/graphics/iso/ISOProtectionSchemeInfoBox.cpp: (WebCore::ISOProtectionSchemeInfoBox::parse): * platform/graphics/iso/ISOSchemeInformationBox.cpp: (WebCore::ISOSchemeInformationBox::parse): * platform/graphics/mac/FontCustomPlatformData.cpp: (WebCore::createFontCustomPlatformData): * platform/graphics/nicosia/NicosiaSceneIntegration.cpp: (Nicosia::SceneIntegration::createUpdateScope): * platform/graphics/nicosia/cairo/NicosiaCairoOperationRecorder.cpp: (Nicosia::createCommand): * platform/graphics/nicosia/cairo/NicosiaPaintingContextCairo.cpp: (Nicosia::PaintingContextCairo::ForPainting::ForPainting): (Nicosia::PaintingContextCairo::ForRecording::ForRecording): * platform/graphics/nicosia/texmap/NicosiaBackingStoreTextureMapperImpl.cpp: (Nicosia::BackingStoreTextureMapperImpl::createFactory): * platform/graphics/nicosia/texmap/NicosiaCompositionLayerTextureMapperImpl.cpp: (Nicosia::CompositionLayerTextureMapperImpl::createFactory): * platform/graphics/nicosia/texmap/NicosiaContentLayerTextureMapperImpl.cpp: (Nicosia::ContentLayerTextureMapperImpl::createFactory): * platform/graphics/nicosia/texmap/NicosiaGC3DLayer.cpp: (Nicosia::GC3DLayer::swapBuffersIfNeeded): * platform/graphics/nicosia/texmap/NicosiaImageBackingTextureMapperImpl.cpp: (Nicosia::ImageBackingTextureMapperImpl::createFactory): * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp: (WebCore::GraphicsContext3D::getExtensions): * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp: (WebCore::GraphicsContext3D::compileShader): (WebCore::GraphicsContext3D::mappedSymbolName): * platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp: (WebCore::GraphicsContext3D::getExtensions): (WebCore::GraphicsContext3D::GraphicsContext3D): * platform/graphics/texmap/GraphicsContext3DTextureMapper.cpp: (WebCore::GraphicsContext3D::GraphicsContext3D): (WebCore::GraphicsContext3D::getExtensions): * platform/graphics/texmap/TextureMapperGC3DPlatformLayer.cpp: (WebCore::TextureMapperGC3DPlatformLayer::swapBuffersIfNeeded): * platform/graphics/texmap/TextureMapperGL.cpp: (WebCore::TextureMapperGL::TextureMapperGL): (WebCore::TextureMapper::platformCreateAccelerated): * platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp: (WebCore::TextureMapperPlatformLayerBuffer::clone): * platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp: (WebCore::TextureMapperPlatformLayerProxy::activateOnCompositingThread): * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp: (WebCore::CoordinatedGraphicsLayer::updateContentBuffers): * platform/graphics/texmap/coordinated/TiledBackingStore.cpp: (WebCore::TiledBackingStore::createTiles): * platform/graphics/transforms/TransformState.cpp: (WebCore::TransformState::operator=): (WebCore::TransformState::applyTransform): (WebCore::TransformState::setLastPlanarSecondaryQuad): * platform/graphics/transforms/TransformState.h: (WebCore::TransformState::setSecondaryQuad): * platform/graphics/win/FontCacheWin.cpp: (WebCore::FontCache::createFontPlatformData): * platform/graphics/win/FontCustomPlatformData.cpp: (WebCore::createFontCustomPlatformData): * platform/graphics/win/FontCustomPlatformDataCairo.cpp: (WebCore::createFontCustomPlatformData): * platform/graphics/win/FullScreenController.cpp: (WebCore::FullScreenController::FullScreenController): (WebCore::FullScreenController::enterFullScreen): * platform/graphics/win/GraphicsContextCairoWin.cpp: (WebCore::GraphicsContext::platformInit): * platform/graphics/win/GraphicsContextDirect2D.cpp: (WebCore::GraphicsContext::GraphicsContext): (WebCore::GraphicsContext::platformInit): * platform/graphics/win/GraphicsContextImplDirect2D.cpp: (WebCore::GraphicsContextImplDirect2D::createFactory): (WebCore::m_private): * platform/graphics/win/GraphicsContextWin.cpp: (WebCore::GraphicsContext::createWindowsBitmap): * platform/graphics/win/ImageBufferDirect2D.cpp: (WebCore::ImageBuffer::ImageBuffer): * platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp: (WebCore::MediaPlayerPrivateMediaFoundation::registerMediaEngine): (WebCore::MediaPlayerPrivateMediaFoundation::buffered const): (WebCore::MediaPlayerPrivateMediaFoundation::CustomVideoPresenter::CustomVideoPresenter): * platform/graphics/win/WKCAImageQueue.cpp: (WebCore::WKCAImageQueue::WKCAImageQueue): * platform/gtk/PasteboardGtk.cpp: (WebCore::Pasteboard::createForCopyAndPaste): (WebCore::Pasteboard::createForGlobalSelection): (WebCore::Pasteboard::createForDragAndDrop): * platform/gtk/PasteboardHelper.cpp: (WebCore::PasteboardHelper::writeClipboardContents): * platform/gtk/RenderThemeGadget.cpp: (WebCore::RenderThemeGadget::create): * platform/gtk/RenderThemeWidget.cpp: (WebCore::RenderThemeWidget::getOrCreate): (WebCore::RenderThemeScrollbar::RenderThemeScrollbar): (WebCore::RenderThemeComboBox::RenderThemeComboBox): * platform/image-decoders/bmp/BMPImageDecoder.cpp: (WebCore::BMPImageDecoder::decodeHelper): * platform/image-decoders/gif/GIFImageDecoder.cpp: (WebCore::GIFImageDecoder::decode): * platform/image-decoders/gif/GIFImageReader.cpp: (GIFFrameContext::decode): (GIFImageReader::addFrameIfNecessary): * platform/image-decoders/ico/ICOImageDecoder.cpp: (WebCore::ICOImageDecoder::decodeAtIndex): * platform/image-decoders/jpeg/JPEGImageDecoder.cpp: (WebCore::JPEGImageDecoder::decode): * platform/image-decoders/png/PNGImageDecoder.cpp: (WebCore::PNGImageDecoder::decode): * platform/ios/LegacyTileCache.mm: (WebCore::LegacyTileCache::LegacyTileCache): (WebCore::LegacyTileCache::commitScaleChange): * platform/ios/PasteboardIOS.mm: (WebCore::Pasteboard::createForDragAndDrop): (WebCore::Pasteboard::createForCopyAndPaste): * platform/ios/QuickLook.mm: (WebCore::registerQLPreviewConverterIfNeeded): * platform/ios/RemoteCommandListenerIOS.mm: (WebCore::RemoteCommandListener::create): * platform/ios/ScrollAnimatorIOS.mm: (WebCore::ScrollAnimator::create): * platform/libwpe/PasteboardLibWPE.cpp: (WebCore::Pasteboard::createForCopyAndPaste): * platform/mac/PasteboardMac.mm: (WebCore::Pasteboard::createForCopyAndPaste): (WebCore::Pasteboard::createForDragAndDrop): * platform/mac/RemoteCommandListenerMac.mm: (WebCore::RemoteCommandListener::create): * platform/mac/ScrollAnimatorMac.mm: (WebCore::ScrollAnimator::create): * platform/mediarecorder/MediaRecorderPrivateAVFImpl.cpp: (WebCore::MediaRecorderPrivateAVFImpl::create): * platform/mediastream/gstreamer/GStreamerAudioCaptureSource.cpp: (WebCore::m_capturer): (WebCore::GStreamerAudioCaptureSource::GStreamerAudioCaptureSource): * platform/mediastream/gstreamer/GStreamerMediaStreamSource.cpp: (WebCore::webkit_media_stream_src_init): * platform/mediastream/gstreamer/GStreamerVideoCaptureSource.cpp: (WebCore::GStreamerVideoCaptureSource::GStreamerVideoCaptureSource): (WebCore::m_capturer): * platform/mediastream/libwebrtc/GStreamerVideoEncoderFactory.cpp: (WebCore::GStreamerVideoEncoderFactory::CreateVideoEncoder): * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp: (WebCore::BasicPacketSocketFactory::BasicPacketSocketFactory): (WebCore::initializePeerConnectionFactoryAndThreads): (WebCore::LibWebRTCProvider::createPeerConnection): (WebCore::LibWebRTCProvider::certificateGenerator): * platform/mediastream/libwebrtc/LibWebRTCProviderGStreamer.cpp: (WebCore::LibWebRTCProviderGStreamer::createDecoderFactory): (WebCore::LibWebRTCProviderGStreamer::createEncoderFactory): * platform/mediastream/mac/AudioTrackPrivateMediaStreamCocoa.cpp: (WebCore::AudioTrackPrivateMediaStreamCocoa::audioSamplesAvailable): * platform/mediastream/mac/MockRealtimeAudioSourceMac.mm: (WebCore::MockRealtimeAudioSourceMac::reconfigure): * platform/mediastream/mac/RealtimeOutgoingVideoSourceCocoa.mm: (WebCore::RealtimeOutgoingVideoSourceCocoa::convertToYUV): (WebCore::RealtimeOutgoingVideoSourceCocoa::rotatePixelBuffer): * platform/mock/RTCNotifiersMock.cpp: (WebCore::RemoteDataChannelNotifier::fire): * platform/mock/mediasource/MockMediaPlayerMediaSource.cpp: (WebCore::MockMediaPlayerMediaSource::registerMediaEngine): (WebCore::MockMediaPlayerMediaSource::buffered const): * platform/network/BlobResourceHandle.cpp: * platform/network/DataURLDecoder.cpp: (WebCore::DataURLDecoder::createDecodeTask): * platform/network/ResourceHandle.cpp: (WebCore::ResourceHandle::ResourceHandle): * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp: (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willSendRequest): (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveResponse): (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveData): (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didFinishLoading): (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didFail): (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willCacheResponse): (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didReceiveChallenge): (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::didSendBodyData): (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::canRespondToProtectionSpace): * platform/network/cocoa/WebCoreNSURLSession.mm: (-[WebCoreNSURLSessionDataTask _restart]): * platform/network/curl/CookieJarDB.cpp: (WebCore::CookieJarDB::searchCookies): (WebCore::CookieJarDB::createPrepareStatement): * platform/network/curl/CurlCacheManager.cpp: (WebCore::CurlCacheManager::loadIndex): (WebCore::CurlCacheManager::didReceiveResponse): * platform/network/curl/CurlContext.cpp: (WebCore::CurlContext::CurlContext): (WebCore::CurlHandle::willSetupSslCtx): * platform/network/curl/CurlFormDataStream.cpp: (WebCore::CurlFormDataStream::getPostData): * platform/network/curl/CurlMultipartHandle.cpp: (WebCore::CurlMultipartHandle::createIfNeeded): * platform/network/curl/CurlRequest.cpp: (WebCore::CurlRequest::runOnMainThread): (WebCore::CurlRequest::setupTransfer): * platform/network/curl/CurlRequestScheduler.cpp: (WebCore::CurlRequestScheduler::workerThread): * platform/network/curl/ResourceHandleCurl.cpp: (WebCore::ResourceHandle::delegate): * platform/network/curl/SocketStreamHandleImplCurl.cpp: (WebCore::SocketStreamHandleImpl::callOnWorkerThread): * platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm: (-[WebCoreResourceHandleAsOperationQueueDelegate callFunctionOnMainThread:]): * platform/network/soup/DNSResolveQueueSoup.cpp: (WebCore::DNSResolveQueueSoup::resolve): * platform/network/soup/NetworkStorageSessionSoup.cpp: (WebCore::NetworkStorageSession::getCredentialFromPersistentStorage): * platform/text/BidiResolver.h: (WebCore::DerivedClass>::appendRunInternal): * platform/text/LocaleICU.cpp: (WebCore::Locale::create): (WebCore::LocaleICU::createLabelVector): (WebCore::createFallbackMonthLabels): (WebCore::createFallbackAMPMLabels): * platform/text/LocaleNone.cpp: (WebCore::Locale::create): * platform/text/TextCodecICU.cpp: (WebCore::TextCodecICU::registerCodecs): * platform/text/TextCodecLatin1.cpp: (WebCore::TextCodecLatin1::registerCodecs): * platform/text/TextCodecReplacement.cpp: (WebCore::TextCodecReplacement::registerCodecs): * platform/text/TextCodecUTF16.cpp: (WebCore::TextCodecUTF16::registerCodecs): * platform/text/TextCodecUTF8.cpp: (WebCore::TextCodecUTF8::registerCodecs): * platform/text/TextCodecUserDefined.cpp: (WebCore::TextCodecUserDefined::registerCodecs): * platform/text/mac/LocaleMac.mm: (WebCore::Locale::create): * platform/text/win/LocaleWin.cpp: (WebCore::Locale::create): * platform/text/win/TextCodecWin.cpp: (WebCore::newTextCodecWin): * platform/vr/openvr/VRPlatformManagerOpenVR.cpp: (WebCore::VRPlatformManagerOpenVR::create): (WebCore::VRPlatformManagerOpenVR::getVRDisplays): * platform/win/PasteboardWin.cpp: (WebCore::Pasteboard::createForCopyAndPaste): (WebCore::Pasteboard::createForDragAndDrop): * platform/win/SearchPopupMenuDB.cpp: (WebCore::SearchPopupMenuDB::createPreparedStatement): * platform/win/WCDataObject.cpp: (WebCore::WCDataObject::SetData): * rendering/CSSFilter.cpp: (WebCore::CSSFilter::buildReferenceFilter): * rendering/ComplexLineLayout.cpp: (WebCore::createRun): (WebCore::ComplexLineLayout::createRootInlineBox): (WebCore::ComplexLineLayout::handleTrailingSpaces): (WebCore::ComplexLineLayout::linkToEndLineIfNeeded): * rendering/FloatingObjects.cpp: (WebCore::FloatingObject::create): (WebCore::FloatingObject::copyToNewContainer const): (WebCore::FloatingObject::cloneForNewParent const): (WebCore::FloatingObjects::computePlacedFloatsTree): * rendering/Grid.cpp: (WebCore::GridIterator::nextEmptyGridArea): * rendering/GridBaselineAlignment.cpp: (WebCore::GridBaselineAlignment::updateBaselineAlignmentContext): * rendering/GridTrackSizingAlgorithm.cpp: (WebCore::GridTrackSizingAlgorithm::computeFlexFactorUnitSize const): (WebCore::GridTrackSizingAlgorithm::setup): * rendering/HitTestResult.cpp: (WebCore::HitTestResult::HitTestResult): (WebCore::HitTestResult::operator=): (WebCore::HitTestResult::listBasedTestResult const): (WebCore::HitTestResult::mutableListBasedTestResult): * rendering/InlineIterator.h: (WebCore::addPlaceholderRunForIsolatedInline): * rendering/LayerOverlapMap.cpp: (WebCore::LayerOverlapMap::pushCompositingContainer): * rendering/RenderBlock.cpp: (WebCore::insertIntoTrackedRendererMaps): (WebCore::PositionedDescendantsMap::addDescendant): (WebCore::RenderBlock::beginUpdateScrollInfoAfterLayoutTransaction): (WebCore::ensureBlockRareData): * rendering/RenderBlockFlow.cpp: (WebCore::RenderBlockFlow::layoutInlineChildren): (WebCore::RenderBlockFlow::layoutLineGridBox): (WebCore::RenderBlockFlow::createFloatingObjects): (WebCore::RenderBlockFlow::ensureLineBoxes): (WebCore::RenderBlockFlow::materializeRareBlockFlowData): * rendering/RenderBox.cpp: (WebCore::controlStatesForRenderer): (WebCore::RenderBox::createInlineBox): * rendering/RenderBoxModelObject.cpp: (WebCore::RenderBoxModelObject::ensureContinuationChainNode): * rendering/RenderCounter.cpp: (WebCore::makeCounterNode): * rendering/RenderFragmentContainer.cpp: (WebCore::RenderFragmentContainer::setRenderBoxFragmentInfo): * rendering/RenderFragmentedFlow.cpp: (WebCore::RenderFragmentedFlow::containingFragmentMap): * rendering/RenderGeometryMap.cpp: (WebCore::RenderGeometryMap::push): (WebCore::RenderGeometryMap::pushView): * rendering/RenderGrid.cpp: (WebCore::RenderGrid::computeEmptyTracksForAutoRepeat const): (WebCore::RenderGrid::createEmptyGridAreaAtSpecifiedPositionsOutsideGrid const): * rendering/RenderImage.cpp: (WebCore::RenderImage::RenderImage): * rendering/RenderInline.cpp: (WebCore::RenderInline::createInlineFlowBox): * rendering/RenderLayer.cpp: (WebCore::RenderLayer::updateNormalFlowList): (WebCore::RenderLayer::collectLayers): (WebCore::RenderLayer::updateTransform): (WebCore::RenderLayer::updateClipRects): (WebCore::RenderLayer::calculateClipRects const): * rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::updateAncestorClippingStack): (WebCore::RenderLayerBacking::startAnimation): (WebCore::RenderLayerBacking::startTransition): * rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::RenderLayerCompositor): (WebCore::RenderLayerCompositor::notifyFlushBeforeDisplayRefresh): (WebCore::LegacyWebKitScrollingLayerCoordinator::registerAllViewportConstrainedLayers): * rendering/RenderLayerModelObject.cpp: (WebCore::RenderLayerModelObject::createLayer): * rendering/RenderLineBreak.cpp: (WebCore::RenderLineBreak::createInlineBox): * rendering/RenderMultiColumnFlow.cpp: (WebCore::RenderMultiColumnFlow::RenderMultiColumnFlow): * rendering/RenderObject.cpp: (WebCore::RenderObject::ensureRareData): * rendering/RenderSnapshottedPlugIn.cpp: (WebCore::RenderSnapshottedPlugIn::RenderSnapshottedPlugIn): * rendering/RenderTable.cpp: (WebCore::RenderTable::styleDidChange): * rendering/RenderText.cpp: (WebCore::RenderText::createTextBox): (WebCore::RenderText::momentarilyRevealLastTypedCharacter): * rendering/RenderView.cpp: (WebCore::RenderView::repaintViewRectangle const): (WebCore::RenderView::compositor): (WebCore::RenderView::imageQualityController): (WebCore::RenderView::RepaintRegionAccumulator::RepaintRegionAccumulator): * rendering/RootInlineBox.cpp: (WebCore::RootInlineBox::placeEllipsis): * rendering/RootInlineBox.h: (WebCore::RootInlineBox::appendFloat): * rendering/SelectionRangeData.cpp: (WebCore::collect): (WebCore::SelectionRangeData::collectBounds const): (WebCore::SelectionRangeData::apply): * rendering/SimpleLineLayout.cpp: (WebCore::SimpleLineLayout::Layout::runResolver const): * rendering/SimpleLineLayoutFunctions.cpp: (WebCore::SimpleLineLayout::paintFlow): (WebCore::SimpleLineLayout::generateLineBoxTree): * rendering/TextAutoSizing.cpp: (WebCore::TextAutoSizing::addTextNode): * rendering/line/LineBreaker.cpp: (WebCore::LineBreaker::skipLeadingWhitespace): * rendering/shapes/RasterShape.cpp: (WebCore::RasterShapeIntervals::computeShapeMarginIntervals const): * rendering/shapes/Shape.cpp: (WebCore::createInsetShape): (WebCore::createCircleShape): (WebCore::createEllipseShape): (WebCore::createPolygonShape): (WebCore::Shape::createShape): (WebCore::Shape::createRasterShape): (WebCore::Shape::createBoxShape): * rendering/shapes/ShapeOutsideInfo.h: * rendering/style/BasicShapes.cpp: (WebCore::BasicShapePath::blend const): * rendering/style/ContentData.h: * rendering/style/FillLayer.cpp: (WebCore::FillLayer::FillLayer): (WebCore::FillLayer::operator=): * rendering/style/RenderStyle.cpp: (WebCore::RenderStyle::clonePtr): (WebCore::RenderStyle::addCachedPseudoStyle): (WebCore::RenderStyle::addCustomPaintWatchProperty): (WebCore::RenderStyle::setContent): (WebCore::RenderStyle::accessCounterDirectives): (WebCore::RenderStyle::ensureAnimations): (WebCore::RenderStyle::ensureTransitions): * rendering/style/SVGRenderStyleDefs.cpp: (WebCore::StyleShadowSVGData::StyleShadowSVGData): * rendering/style/ShadowData.cpp: (WebCore::ShadowData::ShadowData): * rendering/style/StyleRareInheritedData.cpp: (WebCore::StyleRareInheritedData::StyleRareInheritedData): * rendering/style/StyleRareNonInheritedData.cpp: (WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData): * rendering/svg/RenderSVGImage.cpp: (WebCore::RenderSVGImage::RenderSVGImage): * rendering/svg/RenderSVGInline.cpp: (WebCore::RenderSVGInline::createInlineFlowBox): * rendering/svg/RenderSVGInlineText.cpp: (WebCore::RenderSVGInlineText::createTextBox): * rendering/svg/RenderSVGResourceFilter.cpp: (WebCore::RenderSVGResourceFilter::buildPrimitives const): (WebCore::RenderSVGResourceFilter::applyResource): * rendering/svg/RenderSVGResourceGradient.cpp: (WebCore::RenderSVGResourceGradient::applyResource): * rendering/svg/RenderSVGResourceMasker.cpp: (WebCore::RenderSVGResourceMasker::applyResource): * rendering/svg/RenderSVGResourcePattern.cpp: (WebCore::RenderSVGResourcePattern::buildPattern): * rendering/svg/RenderSVGShape.cpp: (WebCore::RenderSVGShape::updateShapeFromElement): * rendering/svg/SVGResources.cpp: (WebCore::SVGResources::setClipper): (WebCore::SVGResources::setFilter): (WebCore::SVGResources::setMarkerStart): (WebCore::SVGResources::setMarkerMid): (WebCore::SVGResources::setMarkerEnd): (WebCore::SVGResources::setMasker): (WebCore::SVGResources::setFill): (WebCore::SVGResources::setStroke): * rendering/svg/SVGResourcesCache.cpp: (WebCore::SVGResourcesCache::addResourcesFromRenderer): * rendering/svg/SVGTextMetricsBuilder.cpp: (WebCore::SVGTextMetricsBuilder::initializeMeasurementWithTextRenderer): * rendering/updating/RenderTreeBuilder.cpp: (WebCore::RenderTreeBuilder::RenderTreeBuilder): * rendering/updating/RenderTreeUpdater.cpp: (WebCore::RenderTreeUpdater::RenderTreeUpdater): * style/StyleInvalidator.cpp: (WebCore::Style::Invalidator::Invalidator): * style/StyleRelations.cpp: (WebCore::Style::commitRelationsToRenderStyle): * style/StyleScope.cpp: (WebCore::Style::Scope::resolver): (WebCore::Style::Scope::activeStyleSheetsContains const): * style/StyleTreeResolver.cpp: (WebCore::Style::TreeResolver::resolve): * svg/SVGDocumentExtensions.cpp: (WebCore::SVGDocumentExtensions::SVGDocumentExtensions): (WebCore::SVGDocumentExtensions::addPendingResource): (WebCore::SVGDocumentExtensions::addElementReferencingTarget): * svg/SVGElement.cpp: (WebCore::SVGElement::SVGElement): (WebCore::SVGElement::ensureSVGRareData): * svg/SVGGraphicsElement.cpp: (WebCore::SVGGraphicsElement::supplementalTransform): * svg/SVGPathByteStream.h: (WebCore::SVGPathByteStream::copy const): * svg/animation/SMILTimeContainer.cpp: (WebCore::SMILTimeContainer::schedule): * svg/graphics/SVGImage.cpp: (WebCore::SVGImage::dataChanged): * svg/properties/SVGAnimatedDecoratedProperty.h: (WebCore::SVGAnimatedDecoratedProperty::create): * svg/properties/SVGAnimatedPropertyAnimatorImpl.h: * svg/properties/SVGAnimatedPropertyPairAnimatorImpl.h: * svg/properties/SVGDecoratedEnumeration.h: (WebCore::SVGDecoratedEnumeration::create): * svg/properties/SVGPrimitivePropertyAnimator.h: (WebCore::SVGPrimitivePropertyAnimator::create): * svg/properties/SVGValuePropertyAnimatorImpl.h: * svg/properties/SVGValuePropertyListAnimatorImpl.h: * testing/InternalSettings.cpp: (WebCore::InternalSettings::from): * testing/Internals.cpp: (WebCore::InspectorStubFrontend::InspectorStubFrontend): (WebCore::Internals::Internals): (WebCore::Internals::enableMockSpeechSynthesizer): (WebCore::Internals::openDummyInspectorFrontend): (WebCore::Internals::setPrinting): (WebCore::Internals::initializeMockCDM): (WebCore::Internals::queueMicroTask): * testing/LegacyMockCDM.cpp: (WebCore::LegacyMockCDM::createSession): * testing/MockCDMFactory.cpp: (WebCore::MockCDMFactory::createCDM): * testing/MockContentFilter.cpp: (WebCore::MockContentFilter::create): * testing/MockGamepadProvider.cpp: (WebCore::MockGamepadProvider::setMockGamepadDetails): * workers/WorkerConsoleClient.cpp: (WebCore::WorkerConsoleClient::messageWithTypeAndLevel): * workers/WorkerEventQueue.cpp: (WebCore::WorkerEventQueue::enqueueEvent): * workers/WorkerGlobalScope.cpp: (WebCore::WorkerGlobalScope::WorkerGlobalScope): (WebCore::WorkerGlobalScope::addMessage): * workers/WorkerMessagingProxy.cpp: (WebCore::WorkerMessagingProxy::WorkerMessagingProxy): (WebCore::WorkerMessagingProxy::postMessageToWorkerGlobalScope): * workers/WorkerRunLoop.cpp: (WebCore::WorkerRunLoop::WorkerRunLoop): (WebCore::WorkerRunLoop::postTaskAndTerminate): (WebCore::WorkerRunLoop::postTaskForMode): * workers/WorkerScriptLoader.cpp: (WebCore::WorkerScriptLoader::loadAsynchronously): (WebCore::WorkerScriptLoader::createResourceRequest): * workers/WorkerThread.cpp: (WebCore::WorkerThread::WorkerThread): * workers/service/ServiceWorkerContainer.cpp: (WebCore::ServiceWorkerContainer::ready): (WebCore::ServiceWorkerContainer::addRegistration): (WebCore::ServiceWorkerContainer::removeRegistration): (WebCore::ServiceWorkerContainer::updateRegistration): (WebCore::ServiceWorkerContainer::getRegistration): (WebCore::ServiceWorkerContainer::getRegistrations): * workers/service/context/SWContextManager.cpp: (WebCore::SWContextManager::terminateWorker): * workers/service/context/ServiceWorkerThreadProxy.cpp: (WebCore::ServiceWorkerThreadProxy::ServiceWorkerThreadProxy): (WebCore::ServiceWorkerThreadProxy::createBlobLoader): * workers/service/server/RegistrationDatabase.cpp: (WebCore::RegistrationDatabase::openSQLiteDatabase): * workers/service/server/SWServer.cpp: (WebCore::SWServer::addRegistrationFromStore): (WebCore::SWServer::SWServer): (WebCore::SWServer::scheduleJob): (WebCore::SWServer::unregisterServiceWorkerClient): * workers/service/server/SWServerJobQueue.cpp: (WebCore::SWServerJobQueue::runRegisterJob): * worklets/PaintWorkletGlobalScope.cpp: (WebCore::PaintWorkletGlobalScope::registerPaint): * worklets/WorkletConsoleClient.cpp: (WebCore::WorkletConsoleClient::messageWithTypeAndLevel): * worklets/WorkletGlobalScope.cpp: (WebCore::WorkletGlobalScope::WorkletGlobalScope): (WebCore::WorkletGlobalScope::addConsoleMessage): * worklets/WorkletScriptController.cpp: (WebCore::WorkletScriptController::initScriptWithSubclass): * xml/XMLHttpRequest.cpp: (WebCore::XMLHttpRequest::upload): * xml/XPathFunctions.cpp: * xml/XPathPredicate.cpp: (WebCore::XPath::evaluatePredicate): * xml/XSLStyleSheetLibxslt.cpp: (WebCore::XSLStyleSheet::loadChildSheet): * xml/parser/XMLDocumentParser.cpp: (WebCore::XMLDocumentParser::handleError): * xml/parser/XMLDocumentParserLibxml2.cpp: (WebCore::PendingCallbacks::appendStartElementNSCallback): (WebCore::PendingCallbacks::appendEndElementNSCallback): (WebCore::PendingCallbacks::appendCharactersCallback): (WebCore::PendingCallbacks::appendProcessingInstructionCallback): (WebCore::PendingCallbacks::appendCDATABlockCallback): (WebCore::PendingCallbacks::appendCommentCallback): (WebCore::PendingCallbacks::appendInternalSubsetCallback): (WebCore::PendingCallbacks::appendErrorCallback): (WebCore::XMLDocumentParser::XMLDocumentParser): (WebCore::XMLDocumentParser::doEnd): Source/WebCore/PAL: Reviewed by Geoffrey Garen. * pal/crypto/openssl/CryptoDigestOpenSSL.cpp: (PAL::CryptoDigestContextImpl::create): * pal/system/ClockGeneric.cpp: (PAL::Clock::create): * pal/system/mac/ClockCM.mm: (Clock::create): Source/WebDriver: Reviewed by Geoffrey Garen. * WebDriverService.cpp: (WebDriver::WebDriverService::connectToBrowser): * glib/SessionHostGlib.cpp: (WebDriver::SessionHost::launchBrowser): (WebDriver::SessionHost::sendMessageToBackend): Source/WebKit: Reviewed by Geoffrey Garen. * NetworkProcess/Classifier/ResourceLoadStatisticsPersistentStorage.cpp: (WebKit::ResourceLoadStatisticsPersistentStorage::startMonitoringDisk): (WebKit::ResourceLoadStatisticsPersistentStorage::monitorDirectoryForNewStatistics): * NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp: (WebKit::WebResourceLoadStatisticsStore::WebResourceLoadStatisticsStore): * NetworkProcess/CustomProtocols/soup/LegacyCustomProtocolManagerSoup.cpp: * NetworkProcess/Downloads/DownloadManager.cpp: (WebKit::DownloadManager::startDownload): (WebKit::DownloadManager::convertNetworkLoadToDownload): (WebKit::DownloadManager::resumeDownload): * NetworkProcess/Downloads/DownloadMap.cpp: (WebKit::DownloadMap::add): * NetworkProcess/Downloads/PendingDownload.cpp: (WebKit::PendingDownload::PendingDownload): * NetworkProcess/NetworkConnectionToWebProcess.cpp: (WebKit::NetworkConnectionToWebProcess::establishSWServerConnection): * NetworkProcess/NetworkContentRuleListManager.cpp: (WebKit::NetworkContentRuleListManager::addContentRuleLists): * NetworkProcess/NetworkDataTaskBlob.cpp: (WebKit::NetworkDataTaskBlob::NetworkDataTaskBlob): (WebKit::NetworkDataTaskBlob::download): * NetworkProcess/NetworkHTTPSUpgradeChecker.cpp: (WebKit::NetworkHTTPSUpgradeChecker::NetworkHTTPSUpgradeChecker): * NetworkProcess/NetworkLoad.cpp: (WebKit::NetworkLoad::didReceiveResponse): * NetworkProcess/NetworkLoadChecker.cpp: (WebKit::NetworkLoadChecker::checkCORSRequestWithPreflight): (WebKit::NetworkLoadChecker::contentSecurityPolicy): * NetworkProcess/NetworkProcess.cpp: (WebKit::NetworkProcess::switchToNewTestingSession): (WebKit::NetworkProcess::ensureSession): (WebKit::NetworkProcess::swServerForSession): (WebKit::NetworkProcess::initializeQuotaUsers): (WebKit::NetworkProcess::storageQuotaManager): * NetworkProcess/NetworkProcess.h: (WebKit::NetworkProcess::addSupplement): * NetworkProcess/NetworkResourceLoader.cpp: (WebKit::m_shouldCaptureExtraNetworkLoadMetrics): (WebKit::NetworkResourceLoader::startNetworkLoad): * NetworkProcess/NetworkSocketChannel.cpp: (WebKit::NetworkSocketChannel::create): * NetworkProcess/PreconnectTask.cpp: * NetworkProcess/WebStorage/LocalStorageDatabase.cpp: (WebKit::LocalStorageDatabase::scheduleDatabaseUpdate): * NetworkProcess/WebStorage/LocalStorageNamespace.cpp: (WebKit::LocalStorageNamespace::getOrCreateStorageArea): * NetworkProcess/WebStorage/SessionStorageNamespace.cpp: (WebKit::SessionStorageNamespace::getOrCreateStorageArea): * NetworkProcess/WebStorage/StorageArea.cpp: (WebKit::StorageArea::clone const): * NetworkProcess/WebStorage/StorageManager.cpp: (WebKit::StorageManager::createSessionStorageNamespace): (WebKit::StorageManager::getOrCreateLocalStorageNamespace): (WebKit::StorageManager::getOrCreateTransientLocalStorageNamespace): (WebKit::StorageManager::getOrCreateSessionStorageNamespace): * NetworkProcess/WebStorage/StorageManagerSet.cpp: (WebKit::StorageManagerSet::add): * NetworkProcess/WebStorage/TransientLocalStorageNamespace.cpp: (WebKit::TransientLocalStorageNamespace::getOrCreateStorageArea): * NetworkProcess/cache/NetworkCache.cpp: (WebKit::NetworkCache::Cache::Cache): (WebKit::NetworkCache::Cache::makeEntry): (WebKit::NetworkCache::Cache::makeRedirectEntry): (WebKit::NetworkCache::Cache::update): * NetworkProcess/cache/NetworkCacheEntry.cpp: (WebKit::NetworkCache::Entry::decodeStorageRecord): * NetworkProcess/cache/NetworkCacheSpeculativeLoad.cpp: (WebKit::NetworkCache::SpeculativeLoad::SpeculativeLoad): * NetworkProcess/cache/NetworkCacheSpeculativeLoadManager.cpp: (WebKit::NetworkCache::SpeculativeLoadManager::PendingFrameLoad::registerSubresourceLoad): (WebKit::NetworkCache::SpeculativeLoadManager::retrieve): (WebKit::NetworkCache::SpeculativeLoadManager::addPreloadedEntry): (WebKit::NetworkCache::SpeculativeLoadManager::satisfyPendingRequests): (WebKit::NetworkCache::SpeculativeLoadManager::revalidateSubresource): (WebKit::NetworkCache::SpeculativeLoadManager::startSpeculativeRevalidation): * NetworkProcess/cache/NetworkCacheStorage.cpp: (WebKit::NetworkCache::Storage::synchronize): (WebKit::NetworkCache::Storage::readRecord): (WebKit::NetworkCache::retrieveFromMemory): (WebKit::NetworkCache::Storage::retrieve): (WebKit::NetworkCache::Storage::store): (WebKit::NetworkCache::Storage::traverse): * NetworkProcess/cache/NetworkCacheSubresourcesEntry.cpp: (WebKit::NetworkCache::SubresourcesEntry::decodeStorageRecord): * NetworkProcess/cache/PrefetchCache.cpp: (WebKit::PrefetchCache::store): (WebKit::PrefetchCache::storeRedirect): * NetworkProcess/cocoa/NetworkProcessCocoa.mm: (WebKit::NetworkProcess::platformCreateDefaultStorageSession const): (WebKit::NetworkProcess::networkHTTPSUpgradeChecker): * NetworkProcess/cocoa/NetworkSessionCocoa.mm: (-[WKNetworkSessionDelegate URLSession:dataTask:didBecomeDownloadTask:]): (WebKit::NetworkSessionCocoa::create): (WebKit::NetworkSessionCocoa::createWebSocketTask): * NetworkProcess/curl/NetworkProcessCurl.cpp: (WebKit::NetworkProcess::platformCreateDefaultStorageSession const): * NetworkProcess/curl/NetworkSessionCurl.h: * NetworkProcess/ios/NetworkConnectionToWebProcessIOS.mm: (WebKit::NetworkConnectionToWebProcess::paymentCoordinator): (WebKit::NetworkConnectionToWebProcess::paymentCoordinatorAuthorizationPresenter): * NetworkProcess/soup/NetworkDataTaskSoup.cpp: (WebKit::NetworkDataTaskSoup::download): * NetworkProcess/soup/NetworkProcessSoup.cpp: (WebKit::NetworkProcess::platformCreateDefaultStorageSession const): * NetworkProcess/soup/NetworkSessionSoup.cpp: (WebKit::NetworkSessionSoup::NetworkSessionSoup): (WebKit::NetworkSessionSoup::createWebSocketTask): * NetworkProcess/soup/NetworkSessionSoup.h: * NetworkProcess/soup/WebKitSoupRequestInputStream.cpp: (webkitSoupRequestInputStreamReadAsync): * NetworkProcess/webrtc/NetworkMDNSRegister.cpp: (WebKit::NetworkMDNSRegister::registerMDNSName): * NetworkProcess/webrtc/NetworkRTCMonitor.cpp: (WebKit::NetworkRTCMonitor::startUpdating): * NetworkProcess/webrtc/NetworkRTCProvider.cpp: (WebKit::NetworkRTCProvider::NetworkRTCProvider): (WebKit::NetworkRTCProvider::createSocket): (WebKit::NetworkRTCProvider::wrapNewTCPConnection): * Platform/IPC/Connection.cpp: (IPC::Connection::dispatchWorkQueueMessageReceiverMessage): (IPC::Connection::createSyncMessageEncoder): (IPC::Connection::enableIncomingMessagesThrottling): (IPC::Connection::dispatchSyncMessage): * Platform/IPC/Connection.h: (IPC::Connection::send): (IPC::Connection::sendWithAsyncReply): * Platform/IPC/Decoder.cpp: (IPC::Decoder::unwrapForTesting): * Platform/IPC/HandleMessage.h: (IPC::handleMessageAsync): * Platform/IPC/MessageSender.h: * Platform/IPC/cocoa/ConnectionCocoa.mm: (IPC::ConnectionTerminationWatchdog::ConnectionTerminationWatchdog): (IPC::Connection::open): (IPC::createMessageDecoder): (IPC::Connection::receiveSourceEventHandler): * Platform/IPC/unix/ConnectionUnix.cpp: (IPC::Connection::processMessage): (IPC::Connection::sendOutputMessage): * Platform/IPC/win/ConnectionWin.cpp: (IPC::Connection::readEventHandler): * Platform/mac/LayerHostingContext.mm: (WebKit::LayerHostingContext::createForPort): (WebKit::LayerHostingContext::createForExternalHostingProcess): (WebKit::LayerHostingContext::createForExternalPluginHostingProcess): * PluginProcess/WebProcessConnection.cpp: (WebKit::WebProcessConnection::createPluginInternal): * Shared/API/APIURL.h: (API::URL::create): (API::URL::parseURLIfNecessary const): * Shared/API/Cocoa/RemoteObjectInvocation.mm: (WebKit::RemoteObjectInvocation::decode): * Shared/API/Cocoa/_WKRemoteObjectRegistry.mm: (-[_WKRemoteObjectRegistry _initWithWebPage:]): (-[_WKRemoteObjectRegistry _initWithWebPageProxy:]): (-[_WKRemoteObjectRegistry _sendInvocation:interface:]): * Shared/API/glib/WebKitContextMenuItem.cpp: (webkitContextMenuItemCreate): (webkit_context_menu_item_new): (webkit_context_menu_item_new_from_gaction): (webkit_context_menu_item_new_from_stock_action): (webkit_context_menu_item_new_from_stock_action_with_label): (webkit_context_menu_item_new_with_submenu): (webkit_context_menu_item_new_separator): * Shared/ApplePay/mac/WebPaymentCoordinatorProxyMac.mm: (WebKit::WebPaymentCoordinatorProxy::platformShowPaymentUI): * Shared/Cocoa/SandboxExtensionCocoa.mm: (WebKit::SandboxExtension::Handle::decode): * Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp: (WebKit::texmapLayer): (WebKit::CoordinatedGraphicsScene::ensureRootLayer): * Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp: (WebKit::ThreadedCompositor::ThreadedCompositor): * Shared/Plugins/NPRemoteObjectMap.cpp: (WebKit::NPRemoteObjectMap::registerNPObject): * Shared/Plugins/Netscape/NetscapePluginModule.cpp: (WebKit::NetscapePluginModule::tryLoad): * Shared/RemoteLayerTree/RemoteLayerTreeTransaction.mm: (WebKit::RemoteLayerTreeTransaction::LayerProperties::LayerProperties): (WebKit::RemoteLayerTreeTransaction::LayerProperties::decode): (WebKit::RemoteLayerTreeTransaction::decode): * Shared/RemoteLayerTree/RemoteScrollingCoordinatorTransaction.cpp: (WebKit::RemoteScrollingCoordinatorTransaction::decode): * Shared/cairo/ShareableBitmapCairo.cpp: (WebKit::ShareableBitmap::createGraphicsContext): * Shared/cg/ShareableBitmapCG.cpp: (WebKit::ShareableBitmap::createGraphicsContext): * Shared/win/ShareableBitmapDirect2D.cpp: (WebKit::ShareableBitmap::createGraphicsContext): * UIProcess/API/APIHTTPCookieStore.cpp: (API::HTTPCookieStore::registerObserver): * UIProcess/API/C/WKContext.cpp: (WKContextSetInjectedBundleClient): (WKContextSetHistoryClient): (WKContextSetDownloadClient): * UIProcess/API/C/WKGeolocationManager.cpp: (WKGeolocationManagerSetProvider): * UIProcess/API/C/WKNotificationManager.cpp: (WKNotificationManagerSetProvider): * UIProcess/API/C/WKPage.cpp: (WKPageSetPageContextMenuClient): (WKPageSetPageDiagnosticLoggingClient): (WKPageSetPageFindClient): (WKPageSetPageFindMatchesClient): (WKPageSetPageFormClient): (WKPageSetPageLoaderClient): (WKPageSetPagePolicyClient): (WKPageSetPageUIClient): (WKPageSetPageStateClient): * UIProcess/API/C/mac/WKPagePrivateMac.mm: (-[WKObservablePageState initWithPage:]): * UIProcess/API/C/wpe/WKView.cpp: (WKViewSetViewClient): * UIProcess/API/Cocoa/WKBrowsingContextController.mm: (-[WKBrowsingContextController _initWithPageRef:]): * UIProcess/API/Cocoa/WKHTTPCookieStore.mm: (-[WKHTTPCookieStore addObserver:]): * UIProcess/API/Cocoa/WKProcessPool.mm: (-[WKProcessPool _setDownloadDelegate:]): (-[WKProcessPool _setAutomationDelegate:]): * UIProcess/API/Cocoa/WKUserContentController.mm: (-[WKUserContentController addScriptMessageHandler:name:]): (-[WKUserContentController _addScriptMessageHandler:name:userContentWorld:]): * UIProcess/API/Cocoa/WKWebView.mm: (-[WKWebView _initializeWithConfiguration:]): (-[WKWebView setAllowsBackForwardNavigationGestures:]): (-[WKWebView _setInputDelegate:]): * UIProcess/API/Cocoa/_WKAutomationSession.mm: (-[_WKAutomationSession setDelegate:]): * UIProcess/API/Cocoa/_WKRemoteWebInspectorViewController.mm: (-[_WKRemoteWebInspectorViewController init]): * UIProcess/API/glib/IconDatabase.cpp: (WebKit::readySQLiteStatement): * UIProcess/API/glib/WebKitAutomationSession.cpp: (webkitAutomationSessionConstructed): * UIProcess/API/glib/WebKitContextMenuClient.cpp: (attachContextMenuClientToView): * UIProcess/API/glib/WebKitCustomProtocolManagerClient.cpp: (attachCustomProtocolManagerClientToContext): * UIProcess/API/glib/WebKitDownloadClient.cpp: (attachDownloadClientToContext): * UIProcess/API/glib/WebKitFaviconDatabase.cpp: (webkitFaviconDatabaseOpen): * UIProcess/API/glib/WebKitFindController.cpp: (webkitFindControllerConstructed): * UIProcess/API/glib/WebKitFormClient.cpp: (attachFormClientToView): * UIProcess/API/glib/WebKitGeolocationManager.cpp: (webkitGeolocationManagerCreate): * UIProcess/API/glib/WebKitIconLoadingClient.cpp: (attachIconLoadingClientToView): * UIProcess/API/glib/WebKitInjectedBundleClient.cpp: (attachInjectedBundleClientToContext): * UIProcess/API/glib/WebKitNotificationProvider.cpp: (WebKitNotificationProvider::WebKitNotificationProvider): * UIProcess/API/glib/WebKitUIClient.cpp: (attachUIClientToView): * UIProcess/API/glib/WebKitUserContentManager.cpp: (webkit_user_content_manager_register_script_message_handler): (webkit_user_content_manager_register_script_message_handler_in_world): * UIProcess/API/glib/WebKitWebContext.cpp: (webkitWebContextConstructed): (webkit_web_context_set_automation_allowed): * UIProcess/API/glib/WebKitWebView.cpp: (webkitWebViewConstructed): * UIProcess/API/gtk/PageClientImpl.cpp: (WebKit::PageClientImpl::createDrawingAreaProxy): * UIProcess/API/gtk/WebKitEmojiChooser.cpp: (webkitEmojiChooserSetupEmojiSections): * UIProcess/API/gtk/WebKitRemoteInspectorProtocolHandler.cpp: (WebKit::RemoteInspectorProtocolHandler::handleRequest): * UIProcess/API/gtk/WebKitWebInspector.cpp: (webkitWebInspectorCreate): * UIProcess/API/gtk/WebKitWebViewBase.cpp: (webkitWebViewBaseConstructed): (webkitWebViewBaseGestureController): (webkitWebViewBaseDragAndDropHandler): (webkitWebViewBaseDidRelaunchWebProcess): * UIProcess/API/mac/WKView.mm: (-[WKView maybeInstallIconLoadingClient]): (-[WKView initWithFrame:processPool:configuration:]): * UIProcess/API/wpe/PageClientImpl.cpp: (WebKit::PageClientImpl::PageClientImpl): (WebKit::PageClientImpl::createDrawingAreaProxy): * UIProcess/API/wpe/WPEView.cpp: (WKWPE::View::View): (WKWPE::View::setClient): * UIProcess/API/wpe/qt/WPEQtView.cpp: (WPEQtView::notifyLoadChangedCallback): (WPEQtView::notifyLoadFailedCallback): (WPEQtView::runJavaScript): * UIProcess/API/wpe/qt/WPEQtViewBackend.cpp: (WPEQtViewBackend::create): * UIProcess/Automation/WebAutomationSession.cpp: (WebKit::WebAutomationSession::WebAutomationSession): * UIProcess/AuxiliaryProcessProxy.h: (WebKit::AuxiliaryProcessProxy::send): * UIProcess/Cocoa/IconLoadingDelegate.mm: (WebKit::IconLoadingDelegate::createIconLoadingClient): * UIProcess/Cocoa/UIDelegate.mm: (WebKit::UIDelegate::createContextMenuClient): (WebKit::UIDelegate::createUIClient): * UIProcess/Cocoa/UserMediaCaptureManagerProxy.cpp: (WebKit::UserMediaCaptureManagerProxy::createMediaSourceForCaptureDeviceWithConstraints): * UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::platformInitialize): (WebKit::WebProcessPool::startDisplayLink): * UIProcess/Cocoa/WebProcessProxyCocoa.mm: (WebKit::WebProcessProxy::processWasUnexpectedlyUnsuspended): * UIProcess/Cocoa/WebViewImpl.mm: (WebKit::WebViewImpl::WebViewImpl): (WebKit::WebViewImpl::createDrawingAreaProxy): (WebKit::WebViewImpl::setTextIndicator): (WebKit::WebViewImpl::ensureGestureController): * UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.cpp: (WebKit::DrawingAreaProxyCoordinatedGraphics::incorporateUpdate): (WebKit::DrawingAreaProxyCoordinatedGraphics::dispatchAfterEnsuringDrawing): * UIProcess/DeviceIdHashSaltStorage.cpp: (WebKit::DeviceIdHashSaltStorage::getDataFromDecoder const): (WebKit::DeviceIdHashSaltStorage::completeDeviceIdHashSaltForOriginCall): * UIProcess/Downloads/DownloadProxyMap.cpp: (WebKit::DownloadProxyMap::createDownloadProxy): * UIProcess/Gamepad/UIGamepadProvider.cpp: (WebKit::UIGamepadProvider::setInitialConnectedGamepads): (WebKit::UIGamepadProvider::platformGamepadConnected): * UIProcess/Network/NetworkProcessProxy.cpp: (WebKit::NetworkProcessProxy::createDownloadProxy): (WebKit::NetworkProcessProxy::takeUploadAssertion): * UIProcess/Notifications/WebNotificationManagerProxy.cpp: (WebKit::WebNotificationManagerProxy::WebNotificationManagerProxy): (WebKit::WebNotificationManagerProxy::setProvider): * UIProcess/Plugins/unix/PluginProcessProxyUnix.cpp: (WebKit::pluginRequiresGtk2): * UIProcess/ProcessThrottler.cpp: (WebKit::ProcessThrottler::didConnectToProcess): * UIProcess/RemoteLayerTree/RemoteLayerTreeDrawingAreaProxy.mm: (WebKit::RemoteLayerTreeDrawingAreaProxy::RemoteLayerTreeDrawingAreaProxy): (WebKit::RemoteLayerTreeDrawingAreaProxy::initializeDebugIndicator): * UIProcess/RemoteLayerTree/RemoteLayerTreeHost.mm: (WebKit::RemoteLayerTreeHost::makeNode): * UIProcess/RemoteLayerTree/RemoteLayerTreeNode.mm: (WebKit::RemoteLayerTreeNode::createWithPlainLayer): * UIProcess/RemoteLayerTree/ios/RemoteLayerTreeHostIOS.mm: (WebKit::RemoteLayerTreeHost::makeNode): * UIProcess/RemoteLayerTree/ios/ScrollingTreeFrameScrollingNodeRemoteIOS.mm: (WebKit::ScrollingTreeFrameScrollingNodeRemoteIOS::commitStateBeforeChildren): * UIProcess/RemoteLayerTree/ios/ScrollingTreeOverflowScrollingNodeIOS.mm: (WebKit::ScrollingTreeOverflowScrollingNodeIOS::ScrollingTreeOverflowScrollingNodeIOS): * UIProcess/RemoteLayerTree/mac/ScrollingTreeFrameScrollingNodeRemoteMac.cpp: (WebKit::ScrollingTreeFrameScrollingNodeRemoteMac::ScrollingTreeFrameScrollingNodeRemoteMac): * UIProcess/RemoteLayerTree/mac/ScrollingTreeOverflowScrollingNodeRemoteMac.cpp: (WebKit::ScrollingTreeOverflowScrollingNodeRemoteMac::ScrollingTreeOverflowScrollingNodeRemoteMac): * UIProcess/WebAuthentication/Cocoa/HidService.mm: (WebKit::HidService::deviceAdded): * UIProcess/WebGeolocationManagerProxy.cpp: (WebKit::WebGeolocationManagerProxy::WebGeolocationManagerProxy): (WebKit::WebGeolocationManagerProxy::setProvider): * UIProcess/WebMediaSessionFocusManager.cpp: (WebKit::WebMediaSessionFocusManager::setFocusedMediaElement): * UIProcess/WebPageInspectorController.cpp: (WebKit::WebPageInspectorController::WebPageInspectorController): * UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::WebPageProxy): (WebKit::m_resetRecentCrashCountTimer): (WebKit::WebPageProxy::setFormClient): (WebKit::WebPageProxy::setUIClient): (WebKit::WebPageProxy::setIconLoadingClient): (WebKit::WebPageProxy::setFindClient): (WebKit::WebPageProxy::setFindMatchesClient): (WebKit::WebPageProxy::setContextMenuClient): (WebKit::WebPageProxy::setInjectedBundleClient): (WebKit::WebPageProxy::suspendCurrentPageIfPossible): (WebKit::WebPageProxy::didAttachToRunningProcess): (WebKit::WebPageProxy::setDrawingArea): (WebKit::WebPageProxy::close): (WebKit::WebPageProxy::loadData): (WebKit::WebPageProxy::handleWheelEvent): (WebKit::WebPageProxy::processNextQueuedWheelEvent): (WebKit::WebPageProxy::continueNavigationInNewProcess): (WebKit::WebPageProxy::setFullscreenClient): (WebKit::WebPageProxy::userMediaPermissionRequestManager): (WebKit::WebPageProxy::setScrollPerformanceDataCollectionEnabled): (WebKit::WebPageProxy::speechSynthesisData): * UIProcess/WebProcessCache.cpp: (WebKit::WebProcessCache::addProcessIfPossible): * UIProcess/WebProcessPool.cpp: (WebKit::WebProcessPool::WebProcessPool): (WebKit::WebProcessPool::setInjectedBundleClient): (WebKit::WebProcessPool::setHistoryClient): (WebKit::WebProcessPool::setDownloadClient): (WebKit::WebProcessPool::setAutomationClient): (WebKit::WebProcessPool::setLegacyCustomProtocolManagerClient): (WebKit::WebProcessPool::ensureNetworkProcess): (WebKit::WebProcessPool::didCollectPrewarmInformation): (WebKit::WebProcessPool::setWebProcessHasUploads): (WebKit::WebProcessPool::setWebProcessIsPlayingAudibleMedia): * UIProcess/WebProcessProxy.cpp: * UIProcess/cairo/BackingStoreCairo.cpp: (WebKit::BackingStore::createBackend): * UIProcess/glib/RemoteInspectorClient.cpp: (WebKit::RemoteInspectorClient::inspect): * UIProcess/gtk/AcceleratedBackingStoreWayland.cpp: (WebKit::AcceleratedBackingStoreWayland::checkRequirements): * UIProcess/gtk/DragAndDropHandler.cpp: (WebKit::DragAndDropHandler::dragDataSelection): * UIProcess/gtk/WaylandCompositor.cpp: (WebKit::WaylandCompositor::initializeEGL): * UIProcess/ios/EditableImageController.mm: (WebKit::EditableImageController::ensureEditableImage): * UIProcess/ios/WKApplicationStateTrackingView.mm: (-[WKApplicationStateTrackingView didMoveToWindow]): * UIProcess/ios/WKContentView.mm: (-[WKContentView _commonInitializationWithProcessPool:configuration:]): (-[WKContentView initWithFrame:processPool:configuration:webView:]): (-[WKContentView _createDrawingAreaProxy:]): * UIProcess/ios/WKContentViewInteraction.mm: (-[WKContentView setupInteraction]): (-[WKContentView becomeFirstResponderForWebView]): (-[WKContentView _elementDidFocus:userIsInteracting:blurPreviousNode:activityStateChanges:userObject:]): * UIProcess/ios/WebPageProxyIOS.mm: (WebKit::WebPageProxy::elementDidFocus): (WebKit::WebPageProxy::paymentCoordinatorAuthorizationPresenter): * UIProcess/mac/PageClientImplMac.mm: (WebKit::PageClientImpl::PageClientImpl): * UIProcess/mac/WKFullScreenWindowController.mm: (-[WKFullScreenWindowController initWithWindow:webView:page:]): * UIProcess/mac/WKTextFinderClient.mm: (-[WKTextFinderClient initWithPage:view:usePlatformFindUI:]): * UIProcess/socket/RemoteInspectorClient.cpp: (WebKit::RemoteInspectorClient::inspect): * UIProcess/socket/RemoteInspectorProtocolHandler.cpp: (WebKit::RemoteInspectorProtocolHandler::platformStartTask): * UIProcess/win/BackingStoreDirect2D.cpp: (WebKit::BackingStore::createBackend): * UIProcess/win/PageClientImpl.cpp: (WebKit::PageClientImpl::createDrawingAreaProxy): * UIProcess/win/WebView.cpp: (WebKit::WebView::WebView): * WebProcess/Gamepad/WebGamepadProvider.cpp: (WebKit::WebGamepadProvider::setInitialGamepads): (WebKit::WebGamepadProvider::gamepadConnected): * WebProcess/InjectedBundle/API/c/WKBundle.cpp: (WKBundleSetClient): * WebProcess/InjectedBundle/API/c/WKBundlePage.cpp: (WKBundlePageSetContextMenuClient): (WKBundlePageSetEditorClient): (WKBundlePageSetFormClient): (WKBundlePageSetPageLoaderClient): (WKBundlePageSetResourceLoadClient): (WKBundlePageSetUIClient): * WebProcess/InjectedBundle/API/c/WKBundlePageOverlay.cpp: (WKBundlePageOverlayCreate): * WebProcess/InjectedBundle/API/c/mac/WKBundlePageBannerMac.mm: (WKBundlePageBannerCreateBannerWithCALayer): * WebProcess/InjectedBundle/API/glib/DOM/DOMObjectCache.cpp: (WebKit::getOrCreateDOMObjectCacheFrameObserver): (WebKit::DOMObjectCache::put): * WebProcess/InjectedBundle/API/glib/WebKitExtensionManager.cpp: (WebKit::WebKitExtensionManager::initialize): * WebProcess/InjectedBundle/API/glib/WebKitWebEditor.cpp: (webkitWebEditorCreate): * WebProcess/InjectedBundle/API/glib/WebKitWebExtension.cpp: (webkitWebExtensionCreate): * WebProcess/InjectedBundle/API/glib/WebKitWebPage.cpp: (webkitFrameGetOrCreate): (webkitWebPageCreate): * WebProcess/InjectedBundle/API/mac/WKDOMTextIterator.mm: (-[WKDOMTextIterator initWithRange:]): * WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm: (-[WKWebProcessPlugInBrowserContextController _setFormDelegate:]): (-[WKWebProcessPlugInBrowserContextController _setEditingDelegate:]): * WebProcess/InjectedBundle/InjectedBundle.cpp: (WebKit::InjectedBundle::InjectedBundle): (WebKit::InjectedBundle::setClient): * WebProcess/Network/WebSocketChannel.cpp: (WebKit::PendingMessage::PendingMessage): (WebKit::WebSocketChannel::send): * WebProcess/Network/webrtc/LibWebRTCProvider.cpp: (WebKit::LibWebRTCProvider::createPeerConnection): (WebKit::LibWebRTCProvider::createSocketFactory): * WebProcess/Network/webrtc/LibWebRTCSocketFactory.cpp: (WebKit::LibWebRTCSocketFactory::createServerTcpSocket): (WebKit::LibWebRTCSocketFactory::createUdpSocket): (WebKit::LibWebRTCSocketFactory::createClientTcpSocket): (WebKit::LibWebRTCSocketFactory::createNewConnectionSocket): (WebKit::LibWebRTCSocketFactory::createAsyncResolver): * WebProcess/Plugins/Netscape/NetscapeBrowserFuncs.cpp: (WebKit::PluginDestructionProtector::PluginDestructionProtector): * WebProcess/Plugins/Netscape/NetscapePlugin.cpp: (WebKit::NetscapePlugin::scheduleTimer): * WebProcess/Plugins/Netscape/NetscapePluginStream.cpp: (WebKit::NetscapePluginStream::deliverData): * WebProcess/Plugins/Netscape/x11/NetscapePluginX11.cpp: (WebKit::NetscapePluginX11::create): * WebProcess/Plugins/PluginProxy.cpp: (WebKit::PluginProxy::initialize): * WebProcess/Plugins/PluginView.cpp: (WebKit::PluginView::createWebEvent const): * WebProcess/Storage/WebSWContextManagerConnection.cpp: (WebKit::WebSWContextManagerConnection::installServiceWorker): * WebProcess/WebCoreSupport/WebChromeClient.cpp: (WebKit::WebChromeClient::createColorChooser): (WebKit::WebChromeClient::createDataListSuggestionPicker): * WebProcess/WebCoreSupport/WebInspectorClient.cpp: (WebKit::WebInspectorClient::showPaintRect): * WebProcess/WebCoreSupport/WebPasteboardOverrides.cpp: (WebKit::WebPasteboardOverrides::addOverride): * WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp: (WebKit::DrawingAreaCoordinatedGraphics::enterAcceleratedCompositingMode): * WebProcess/WebPage/DrawingArea.cpp: (WebKit::DrawingArea::create): * WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemote.cpp: (WebKit::PlatformCALayerRemote::ensureBackingStore): (WebKit::PlatformCALayerRemote::setTransform): (WebKit::PlatformCALayerRemote::setSublayerTransform): (WebKit::PlatformCALayerRemote::setFilters): (WebKit::PlatformCALayerRemote::setShapeRoundedRect): * WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemoteTiledBacking.cpp: (WebKit::PlatformCALayerRemoteTiledBacking::PlatformCALayerRemoteTiledBacking): * WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.mm: (WebKit::RemoteLayerTreeDrawingArea::RemoteLayerTreeDrawingArea): (WebKit::RemoteLayerTreeDrawingArea::flushLayers): * WebProcess/WebPage/WebFrame.cpp: (WebKit::WebFrame::createSubframe): * WebProcess/WebPage/WebPage.cpp: (WebKit::m_textAutoSizingAdjustmentTimer): (WebKit::WebPage::setInjectedBundleContextMenuClient): (WebKit::WebPage::setInjectedBundleEditorClient): (WebKit::WebPage::setInjectedBundleFormClient): (WebKit::WebPage::setInjectedBundlePageLoaderClient): (WebKit::WebPage::setInjectedBundleResourceLoadClient): (WebKit::WebPage::setInjectedBundleUIClient): (WebKit::WebPage::close): (WebKit::WebPage::beginPrinting): * WebProcess/WebPage/gtk/WebPrintOperationGtk.cpp: (WebKit::WebPrintOperationGtk::print): * WebProcess/WebPage/ios/FindControllerIOS.mm: (WebKit::FindController::updateFindIndicator): * WebProcess/WebPage/mac/DrawingAreaMac.cpp: (WebKit::DisplayRefreshMonitorMac::requestRefreshCallback): * WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.mm: (WebKit::TiledCoreAnimationDrawingArea::TiledCoreAnimationDrawingArea): * WebProcess/WebProcess.cpp: (WebKit::WebProcess::markAllLayersVolatile): (WebKit::WebProcess::ensureAutomationSessionProxy): (WebKit::WebProcess::libWebRTCNetwork): (WebKit::WebProcess::establishWorkerContextConnectionToNetworkProcess): * WebProcess/WebProcess.h: (WebKit::WebProcess::addSupplement): * WebProcess/cocoa/UserMediaCaptureManager.cpp: (WebKit::UserMediaCaptureManager::Source::Source): * WebProcess/cocoa/WebProcessCocoa.mm: (WebKit::WebProcess::processTaskStateDidChange): (WebKit::WebProcess::updateCPUMonitorState): Source/WebKitLegacy: Reviewed by Geoffrey Garen. * Storage/StorageSyncManager.cpp: (WebCore::StorageSyncManager::StorageSyncManager): * Storage/StorageThread.cpp: (WebCore::StorageThread::dispatch): (WebCore::StorageThread::terminate): * Storage/StorageTracker.cpp: (WebKit::StorageTracker::StorageTracker): * WebCoreSupport/NetworkStorageSessionMap.cpp: (NetworkStorageSessionMap::defaultStorageSession): (NetworkStorageSessionMap::switchToNewTestingSession): (NetworkStorageSessionMap::ensureSession): Source/WebKitLegacy/cf: Reviewed by Geoffrey Garen. * WebCoreSupport/WebInspectorClientCF.cpp: (WebInspectorClient::createFrontendSettings): Source/WebKitLegacy/ios: Reviewed by Geoffrey Garen. * WebCoreSupport/WebFixedPositionContent.mm: (-[WebFixedPositionContent setViewportConstrainedLayers:stickyContainerMap:]): Source/WebKitLegacy/mac: Reviewed by Geoffrey Garen. * History/WebHistory.mm: (-[WebHistoryPrivate init]): * History/WebHistoryItem.mm: (-[WebHistoryItem initFromDictionaryRepresentation:]): * Plugins/Hosted/NetscapePluginHostProxy.mm: (WKPCGetScriptableNPObjectReply): (WKPCBooleanReply): (WKPCBooleanAndDataReply): (WKPCInstantiatePluginReply): * Plugins/Hosted/ProxyInstance.mm: (WebKit::ProxyInstance::methodNamed): (WebKit::ProxyInstance::fieldNamed): * Plugins/Hosted/WebHostedNetscapePluginView.mm: (-[WebHostedNetscapePluginView createPlugin]): * Plugins/WebNetscapePluginEventHandler.mm: (WebNetscapePluginEventHandler::create): * Plugins/WebNetscapePluginView.mm: (-[WebNetscapePluginView scheduleTimerWithInterval:repeat:timerFunc:]): * Storage/WebDatabaseManagerClient.mm: (DidModifyOriginData::dispatchToMainThread): * WebCoreSupport/WebFrameLoaderClient.mm: (addRedirectURL): (WebFrameLoaderClient::savePlatformDataToCachedFrame): * WebCoreSupport/WebInspectorClient.mm: (WebInspectorClient::openLocalFrontend): * WebView/WebDeviceOrientationProviderMock.mm: * WebView/WebFrame.mm: (-[WebFrame _attachScriptDebugger]): * WebView/WebMediaPlaybackTargetPicker.mm: (WebMediaPlaybackTargetPicker::create): * WebView/WebTextIterator.mm: (-[WebTextIterator initWithRange:]): * WebView/WebView.mm: (-[WebView _injectOutlookQuirksScript]): (-[WebView _commonInitializationWithFrameName:groupName:]): (+[WebView _addUserScriptToGroup:world:source:url:whitelist:blacklist:injectionTime:injectedFrames:]): (+[WebView _addUserStyleSheetToGroup:world:source:url:whitelist:blacklist:injectedFrames:]): (-[WebView _selectionServiceController]): (-[WebView _setTextIndicator:withLifetime:]): * WebView/WebViewData.mm: (WebViewLayerFlushScheduler::WebViewLayerFlushScheduler): (-[WebViewPrivate init]): Source/WebKitLegacy/win: Reviewed by Geoffrey Garen. * FullscreenVideoController.cpp: (FullscreenVideoController::FullscreenVideoController): * Plugins/PluginStream.cpp: (WebCore::PluginStream::didReceiveData): * Plugins/PluginView.cpp: (WebCore::PluginView::load): * Plugins/PluginViewWin.cpp: (WebCore::PluginView::wndProc): * WebCoreSupport/WebChromeClient.cpp: (WebChromeClient::WebChromeClient): * WebCoreSupport/WebFrameLoaderClient.cpp: (WebFrameLoaderClient::WebFrameLoaderClient): (WebFrameLoaderClient::savePlatformDataToCachedFrame): * WebCoreSupport/WebInspectorClient.cpp: (WebInspectorClient::openLocalFrontend): (WebInspectorClient::highlight): * WebElementPropertyBag.cpp: (WebElementPropertyBag::WebElementPropertyBag): * WebHistoryItem.cpp: (WebHistoryItem::initFromDictionaryRepresentation): * WebKitQuartzCoreAdditions/CAD3DRenderer.cpp: (WKQCA::CAD3DRenderer::createD3DPostProcessingContext): * WebNotificationCenter.cpp: (WebNotificationCenter::WebNotificationCenter): * WebView.cpp: (WebView::handleMouseEvent): (WebView::registerEmbeddedViewMIMEType): (WebView::enterVideoFullscreenForVideoElement): (WebView::addUserScriptToGroup): (WebView::addUserStyleSheetToGroup): (WebView::setAcceleratedCompositing): Source/WTF: Reviewed by Geoff Garen. This patch is second part of bug 200620 patch. I split I split it into three pieces to make roll-out easy. his part, we convert std::make_unique to WTF::makeUnique or WTF::makeUniqueWithoutFastMallocCheck. In the third patch, we will add a static_assert to makeUnique, which ensures the given class T is FastMalloced or IsoHeaped. This patch adds `WTF::makeUnique<T>` and `WTF::makeUniqueWithoutFastMallocCheck<T>` as drop-in replacement for `std::make_unique<T>`. `WTF::makeUnique<T>` has one additional `static_assert` check which ensures `T` FastMalloc / IsoHeap annotated. If it is not, the compile error happens. In this patch, I tried using this everywhere in WebKit as much as possible. And we found that surprisingly many classes are missing FastMalloc annotation and allocated from system-malloc. Using WTF::makeUnique enforces classes / structs to use FastMalloc. WTF::makeUniqueWithoutFastMallocCheck is offered for the corner cases. This is identical to std::make_unique. We use this for classes that are offered by non-WebKit code base, like, zlib. This clear name can make us easily find this allocation is intentionally done by system-malloc. We do not take the following direction, `WTF::makeUnique` automatically allocates FastMalloc even if FastMalloc annotation is not attached. Since default deleter is performing `delete` and this is not what we want for FastMalloced ones, we need to return std::unique_ptr<T, FastFreeDeleter> for T if T does not have FastMalloc-annotation. Automatically doing this sounds a bit dangerous. auto pointer = WTF::makeUnique<T>(); // Super dangerous, but sometimes it is required... auto* rawPointer = pointer.release(); // Passing rawPointer to somewhere, and delete rawPointer; The above one becomes invalid because pointer may start requiring non `delete` destroying function. In the above case, the correct way becomes the following. rawPointer->~T(); fastFree(rawPointer); This looks non-intuitive. And having two ways to destroying objects (`delete` or the above one) can be error-prone. If we have WTF_MAKE_FAST_ALLOCATED for T, we do not need to care about this. "new" and "delete" operators are defined, and C++ way works. The simple invariant, "makeUnique just does `new` internally. And `delete` operator does `delete`. default deleter is just doing `delete`", is kept. While we need to annotate many classes with WTF_MAKE_FAST_ALLOCATED, it is one time cost when we add a class. And, by introducing `WTF::makeUnique<>`, we no longer forget adding this. makeUnique(...) static_assert(T is FastMalloced or IsoHeaped); return make_unique<T>(...) * benchmarks/LockFairnessTest.cpp: * benchmarks/LockSpeedTest.cpp: * wtf/ConcurrentVector.h: * wtf/CrossThreadTaskHandler.cpp: (WTF::CrossThreadTaskHandler::taskRunLoop): * wtf/FilePrintStream.cpp: (WTF::FilePrintStream::open): * wtf/Function.h: (WTF::Function<Out): * wtf/HashTable.h: (WTF::KeyTraits>::HashTable): * wtf/MemoryPressureHandler.cpp: (WTF::MemoryPressureHandler::setShouldUsePeriodicMemoryMonitor): * wtf/StdLibExtras.h: (WTF::makeUnique): (WTF::makeUniqueWithoutFastMallocCheck): * wtf/StreamBuffer.h: (WTF::StreamBuffer::append): * wtf/UniqueRef.h: (WTF::makeUniqueRefWithoutFastMallocCheck): (WTF::makeUniqueRef): * wtf/glib/RunLoopGLib.cpp: (WTF::RunLoop::dispatchAfter): * wtf/text/StringView.cpp: (WTF::StringView::GraphemeClusters::Iterator::Iterator): Tools: Reviewed by Geoffrey Garen. * DumpRenderTree/TestRunner.cpp: (addURLToRedirectCallback): (setWillSendRequestClearHeaderCallback): (TestRunner::setAccummulateLogsForChannel): (TestRunner::runUIScript): (TestRunner::setOpenPanelFiles): * DumpRenderTree/mac/DumpRenderTree.mm: (dumpFramesAsText): * DumpRenderTree/mac/EventSendingController.mm: (eventPressedMouseButtonsSwizzlerForViewAndEvent): * DumpRenderTree/win/DRTDataObject.cpp: (DRTDataObject::SetData): * DumpRenderTree/win/FrameLoadDelegate.cpp: (FrameLoadDelegate::FrameLoadDelegate): * DumpRenderTree/win/UIDelegate.cpp: (DRTUndoManager::DRTUndoManager): (UIDelegate::UIDelegate): (UIDelegate::resetUndoManager): * TestWebKitAPI/JavaScriptTest.cpp: (TestWebKitAPI::runJSTest): * TestWebKitAPI/PlatformUtilities.cpp: (TestWebKitAPI::Util::toSTD): * TestWebKitAPI/Tests/WTF/Expected.cpp: (TestWebKitAPI::TEST): * TestWebKitAPI/Tests/WTF/HashCountedSet.cpp: (TestWebKitAPI::TEST): * TestWebKitAPI/Tests/WTF/HashMap.cpp: (TestWebKitAPI::TEST): (TestWebKitAPI::testMovingUsingEnsure): (TestWebKitAPI::testMovingUsingAdd): * TestWebKitAPI/Tests/WTF/HashSet.cpp: (TestWebKitAPI::TEST): * TestWebKitAPI/Tests/WTF/ListHashSet.cpp: (TestWebKitAPI::TEST): * TestWebKitAPI/Tests/WTF/Lock.cpp: (TestWebKitAPI::runLockTest): * TestWebKitAPI/Tests/WTF/ParkingLot.cpp: * TestWebKitAPI/Tests/WTF/RefCounter.cpp: (TestWebKitAPI::TEST): * TestWebKitAPI/Tests/WTF/ThreadGroup.cpp: (TestWebKitAPI::TEST): * TestWebKitAPI/Tests/WTF/Variant.cpp: (TestWebKitAPI::TEST): * TestWebKitAPI/Tests/WTF/WeakPtr.cpp: (TestWebKitAPI::TEST): * TestWebKitAPI/Tests/WebCore/CARingBuffer.cpp: (TestWebKitAPI::CARingBufferTest::SetUp): * TestWebKitAPI/Tests/WebCore/CalculationValue.cpp: (TestWebKitAPI::createTestValue): * TestWebKitAPI/Tests/WebCore/FidoHidMessageTest.cpp: (TestWebKitAPI::TEST): * TestWebKitAPI/Tests/WebCore/FileMonitor.cpp: (TestWebKitAPI::TEST_F): * TestWebKitAPI/Tests/WebCore/curl/Cookies.cpp: * TestWebKitAPI/Tests/WebKit/CloseFromWithinCreatePage.cpp: (TestWebKitAPI::createNewPage): * TestWebKitAPI/Tests/WebKit/ModalAlertsSPI.cpp: (TestWebKitAPI::createNewPage): * TestWebKitAPI/Tests/WebKit/TextFieldDidBeginAndEndEditing.cpp: * TestWebKitAPI/Tests/WebKit/UserMessage.cpp: (TestWebKitAPI::WebKit2UserMessageRoundTripTest::SetUp): * TestWebKitAPI/Tests/WebKit/WillLoad.cpp: (TestWebKitAPI::WebKit2WillLoadTest::SetUp): * TestWebKitAPI/Tests/WebKit/mac/ForceLightAppearanceInBundle_Bundle.mm: (TestWebKitAPI::ForceLightAppearanceInBundleTest::didReceiveMessage): * TestWebKitAPI/Tests/WebKitGLib/TestAuthentication.cpp: (serverCallback): (testWebViewAuthenticationProxyHTTPS): * TestWebKitAPI/Tests/WebKitGtk/DOMDOMWindowTest.cpp: (WebKitDOMDOMWindowTest::create): * TestWebKitAPI/cocoa/PlatformUtilitiesCocoa.mm: (TestWebKitAPI::Util::toSTD): * TestWebKitAPI/cocoa/TestWKWebView.mm: (applyWorkaroundToAllowWritingAttributedStringsToItemProviders): (-[TestWKWebView initWithFrame:configuration:addToWindow:]): * TestWebKitAPI/mac/TestFontOptions.mm: (-[TestFontOptions initWithFontOptions:]): * WebKitTestRunner/InjectedBundle/EventSendingController.cpp: (WTR::EventSendingController::callAfterScrollingCompletes): * WebKitTestRunner/InjectedBundle/InjectedBundle.cpp: (WTR::InjectedBundle::didCreatePage): * WebKitTestRunner/InjectedBundle/TestRunner.cpp: (WTR::TestRunner::setOpenPanelFiles): * WebKitTestRunner/InjectedBundle/atk/AccessibilityUIElementAtk.cpp: * WebKitTestRunner/StringFunctions.h: (WTR::toSTD): (WTR::toWTFString): * WebKitTestRunner/TestController.cpp: (WTR::TestController::initialize): (WTR::TestController::generatePageConfiguration): (WTR::TestController::resetStateToConsistentValues): (WTR::createTestURL): (WTR::TestController::runTest): (WTR::TestController::platformCreateWebView): * WebKitTestRunner/TestInvocation.cpp: (WTR::TestInvocation::runUISideScript): * WebKitTestRunner/cocoa/TestControllerCocoa.mm: (WTR::TestController::platformCreateWebView): (WTR::TestController::setDefaultCalendarType): * WebKitTestRunner/gtk/EventSenderProxyGtk.cpp: (WTR::getGDKKeySymForKeyRef): * WebKitTestRunner/ios/TestControllerIOS.mm: (WTR::TestController::platformResetStateToConsistentValues): (WTR::TestController::setKeyboardInputModeIdentifier): * WebKitTestRunner/mac/EventSenderProxy.mm: (WTR::EventSenderProxy::mouseDown): (WTR::EventSenderProxy::mouseUp): (WTR::EventSenderProxy::mouseMoveTo): * WebKitTestRunner/wpe/EventSenderProxyWPE.cpp: (WTR::wpeKeySymForKeyRef): Canonical link: https://commits.webkit.org/214609@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@248846 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2019-08-19 06:59:40 +00:00
m_liveness = makeUnique<BytecodeLivenessAnalysis>(codeBlock);
Bytecode liveness should live on UnlinkedCodeBlock so it can be shared amongst CodeBlocks https://bugs.webkit.org/show_bug.cgi?id=178949 Reviewed by Keith Miller. This patch stores BytecodeLiveness on UnlinkedCodeBlock instead of CodeBlock so that we don't need to recompute liveness for the same UnlinkedCodeBlock more than once. To do this, this patch solidifies the invariant that CodeBlock linking can't do anything that would change the result of liveness. For example, it can't introduce new locals. This invariant was met my JSC before, because we didn't do anything in bytecode linking that would change liveness. However, it is now a correctness requirement that we don't do anything that would change the result of running liveness. To support this change, I've refactored BytecodeGraph to not be tied to a CodeBlockType*. Things that perform liveness will pass in CodeBlockType* and the instruction stream as needed. This means that we may compute liveness with one CodeBlock*'s instruction stream, and then perform queries on that analysis with a different CodeBlock*'s instruction stream. This seems to be a 2% JSBench progression. * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::graph): (JSC::BytecodeGeneratorification::storageForGeneratorLocal): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): * bytecode/BytecodeGraph.h: (JSC::BytecodeGraph::BytecodeGraph): (JSC::BytecodeGraph::codeBlock const): Deleted. (JSC::BytecodeGraph::instructions): Deleted. (JSC::BytecodeGraph<Block>::BytecodeGraph): Deleted. * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::BytecodeLivenessAnalysis): (JSC::BytecodeLivenessAnalysis::getLivenessInfoAtBytecodeOffset): (JSC::BytecodeLivenessAnalysis::computeFullLiveness): (JSC::BytecodeLivenessAnalysis::computeKills): (JSC::BytecodeLivenessAnalysis::dumpResults): (JSC::BytecodeLivenessAnalysis::operandIsLiveAtBytecodeOffset): Deleted. (JSC::BytecodeLivenessAnalysis::compute): Deleted. * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::BytecodeLivenessPropagation::stepOverInstruction): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBytecodeOffset): (JSC::BytecodeLivenessPropagation::computeLocalLivenessForBlock): (JSC::BytecodeLivenessPropagation::getLivenessInfoAtBytecodeOffset): (JSC::BytecodeLivenessPropagation::runLivenessFixpoint): * bytecode/BytecodeRewriter.cpp: (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::graph): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::validate): (JSC::CodeBlock::livenessAnalysisSlow): Deleted. * bytecode/CodeBlock.h: (JSC::CodeBlock::livenessAnalysis): * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::applyModification): (JSC::UnlinkedCodeBlock::livenessAnalysisSlow): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::livenessAnalysis): * dfg/DFGGraph.cpp: (JSC::DFG::Graph::livenessFor): (JSC::DFG::Graph::killsFor): * dfg/DFGPlan.cpp: (JSC::DFG::Plan::cleanMustHandleValuesIfNecessary): * jit/JIT.cpp: (JSC::JIT::privateCompileMainPass): Canonical link: https://commits.webkit.org/195109@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@224138 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2017-10-28 01:03:22 +00:00
}
}
return *m_liveness;
}
New bytecode format for JSC https://bugs.webkit.org/show_bug.cgi?id=187373 <rdar://problem/44186758> Reviewed by Filip Pizlo. .: Disable JIT by default on 32-bit platforms * Source/cmake/WebKitFeatures.cmake: JSTests: Add tests to ensure that the inferred inline capacity for a narrow op_new_object will be capped at 255. * stress/maximum-inline-capacity.js: Added. (test1): (test3.Foo): (test3): Source/JavaScriptCore: Replace unlinked and linked bytecode with a new immutable bytecode that does not embed any addresses. Instructions can be encoded as narrow (1-byte operands) or wide (4-byte operands) and might contain an extra operand, the metadataID. The metadataID is used to access the instruction's mutable data in a side table in the CodeBlock (the MetadataTable). Bytecodes now must be structs declared in the new BytecodeList.rb. All bytecodes give names and types to all its operands. Additionally, reading a bytecode from the instruction stream requires decoding the whole bytecode, i.e. it's no longer possible to access arbitrary operands directly from the stream. * CMakeLists.txt: * DerivedSources.make: * JavaScriptCore.xcodeproj/project.pbxproj: * Sources.txt: * assembler/MacroAssemblerCodeRef.h: (JSC::ReturnAddressPtr::ReturnAddressPtr): (JSC::ReturnAddressPtr::value const): (JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr): (JSC::MacroAssemblerCodePtr::createFromExecutableAddress): * bytecode/ArithProfile.h: (JSC::ArithProfile::ArithProfile): * bytecode/ArrayAllocationProfile.h: (JSC::ArrayAllocationProfile::ArrayAllocationProfile): * bytecode/ArrayProfile.h: * bytecode/BytecodeBasicBlock.cpp: (JSC::isJumpTarget): (JSC::BytecodeBasicBlock::computeImpl): (JSC::BytecodeBasicBlock::compute): * bytecode/BytecodeBasicBlock.h: (JSC::BytecodeBasicBlock::leaderOffset const): (JSC::BytecodeBasicBlock::totalLength const): (JSC::BytecodeBasicBlock::offsets const): (JSC::BytecodeBasicBlock::BytecodeBasicBlock): (JSC::BytecodeBasicBlock::addLength): * bytecode/BytecodeDumper.cpp: (JSC::BytecodeDumper<Block>::printLocationAndOp): (JSC::BytecodeDumper<Block>::dumpBytecode): (JSC::BytecodeDumper<Block>::dumpIdentifiers): (JSC::BytecodeDumper<Block>::dumpConstants): (JSC::BytecodeDumper<Block>::dumpExceptionHandlers): (JSC::BytecodeDumper<Block>::dumpSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpStringSwitchJumpTables): (JSC::BytecodeDumper<Block>::dumpBlock): * bytecode/BytecodeDumper.h: (JSC::BytecodeDumper::dumpOperand): (JSC::BytecodeDumper::dumpValue): (JSC::BytecodeDumper::BytecodeDumper): (JSC::BytecodeDumper::block const): * bytecode/BytecodeGeneratorification.cpp: (JSC::BytecodeGeneratorification::BytecodeGeneratorification): (JSC::BytecodeGeneratorification::enterPoint const): (JSC::BytecodeGeneratorification::instructions const): (JSC::GeneratorLivenessAnalysis::run): (JSC::BytecodeGeneratorification::run): (JSC::performGeneratorification): * bytecode/BytecodeGeneratorification.h: * bytecode/BytecodeGraph.h: (JSC::BytecodeGraph::blockContainsBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockForBytecodeOffset): (JSC::BytecodeGraph::findBasicBlockWithLeaderOffset): (JSC::BytecodeGraph::BytecodeGraph): * bytecode/BytecodeKills.h: * bytecode/BytecodeList.json: Removed. * bytecode/BytecodeList.rb: Added. * bytecode/BytecodeLivenessAnalysis.cpp: (JSC::BytecodeLivenessAnalysis::dumpResults): * bytecode/BytecodeLivenessAnalysis.h: * bytecode/BytecodeLivenessAnalysisInlines.h: (JSC::isValidRegisterForLiveness): (JSC::BytecodeLivenessPropagation::stepOverInstruction): * bytecode/BytecodeRewriter.cpp: (JSC::BytecodeRewriter::applyModification): (JSC::BytecodeRewriter::execute): (JSC::BytecodeRewriter::adjustJumpTargetsInFragment): (JSC::BytecodeRewriter::insertImpl): (JSC::BytecodeRewriter::adjustJumpTarget): (JSC::BytecodeRewriter::adjustJumpTargets): * bytecode/BytecodeRewriter.h: (JSC::BytecodeRewriter::InsertionPoint::InsertionPoint): (JSC::BytecodeRewriter::Fragment::Fragment): (JSC::BytecodeRewriter::Fragment::appendInstruction): (JSC::BytecodeRewriter::BytecodeRewriter): (JSC::BytecodeRewriter::insertFragmentBefore): (JSC::BytecodeRewriter::insertFragmentAfter): (JSC::BytecodeRewriter::removeBytecode): (JSC::BytecodeRewriter::adjustAbsoluteOffset): (JSC::BytecodeRewriter::adjustJumpTarget): * bytecode/BytecodeUseDef.h: (JSC::computeUsesForBytecodeOffset): (JSC::computeDefsForBytecodeOffset): * bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFromLLInt): * bytecode/CodeBlock.cpp: (JSC::CodeBlock::dumpBytecode): (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::finishCreation): (JSC::CodeBlock::estimatedSize): (JSC::CodeBlock::visitChildren): (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::finalizeLLIntInlineCaches): (JSC::CodeBlock::addJITAddIC): (JSC::CodeBlock::addJITMulIC): (JSC::CodeBlock::addJITSubIC): (JSC::CodeBlock::addJITNegIC): (JSC::CodeBlock::stronglyVisitStrongReferences): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow): (JSC::CodeBlock::hasOpDebugForLineAndColumn): (JSC::CodeBlock::getArrayProfile): (JSC::CodeBlock::updateAllArrayPredictions): (JSC::CodeBlock::predictedMachineCodeSize): (JSC::CodeBlock::tryGetValueProfileForBytecodeOffset): (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset): (JSC::CodeBlock::valueProfileForBytecodeOffset): (JSC::CodeBlock::validate): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::outOfLineJumpTarget): (JSC::CodeBlock::arithProfileForBytecodeOffset): (JSC::CodeBlock::arithProfileForPC): (JSC::CodeBlock::couldTakeSpecialFastCase): (JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler): * bytecode/CodeBlock.h: (JSC::CodeBlock::addMathIC): (JSC::CodeBlock::outOfLineJumpOffset): (JSC::CodeBlock::bytecodeOffset): (JSC::CodeBlock::instructions const): (JSC::CodeBlock::instructionCount const): (JSC::CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters): (JSC::CodeBlock::metadata): (JSC::CodeBlock::metadataSizeInBytes): (JSC::CodeBlock::numberOfNonArgumentValueProfiles): (JSC::CodeBlock::totalNumberOfValueProfiles): * bytecode/CodeBlockInlines.h: Added. (JSC::CodeBlock::forEachValueProfile): (JSC::CodeBlock::forEachArrayProfile): (JSC::CodeBlock::forEachArrayAllocationProfile): (JSC::CodeBlock::forEachObjectAllocationProfile): (JSC::CodeBlock::forEachLLIntCallLinkInfo): * bytecode/Fits.h: Added. * bytecode/GetByIdMetadata.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/GetByIdStatus.cpp: (JSC::GetByIdStatus::computeFromLLInt): * bytecode/Instruction.h: (JSC::Instruction::Instruction): (JSC::Instruction::Impl::opcodeID const): (JSC::Instruction::opcodeID const): (JSC::Instruction::name const): (JSC::Instruction::isWide const): (JSC::Instruction::size const): (JSC::Instruction::is const): (JSC::Instruction::as const): (JSC::Instruction::cast): (JSC::Instruction::cast const): (JSC::Instruction::narrow const): (JSC::Instruction::wide const): * bytecode/InstructionStream.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::InstructionStream::InstructionStream): (JSC::InstructionStream::sizeInBytes const): * bytecode/InstructionStream.h: Added. (JSC::InstructionStream::BaseRef::BaseRef): (JSC::InstructionStream::BaseRef::operator=): (JSC::InstructionStream::BaseRef::operator-> const): (JSC::InstructionStream::BaseRef::ptr const): (JSC::InstructionStream::BaseRef::operator!= const): (JSC::InstructionStream::BaseRef::next const): (JSC::InstructionStream::BaseRef::offset const): (JSC::InstructionStream::BaseRef::isValid const): (JSC::InstructionStream::BaseRef::unwrap const): (JSC::InstructionStream::MutableRef::freeze const): (JSC::InstructionStream::MutableRef::operator->): (JSC::InstructionStream::MutableRef::ptr): (JSC::InstructionStream::MutableRef::operator Ref): (JSC::InstructionStream::MutableRef::unwrap): (JSC::InstructionStream::iterator::operator*): (JSC::InstructionStream::iterator::operator++): (JSC::InstructionStream::begin const): (JSC::InstructionStream::end const): (JSC::InstructionStream::at const): (JSC::InstructionStream::size const): (JSC::InstructionStreamWriter::InstructionStreamWriter): (JSC::InstructionStreamWriter::ref): (JSC::InstructionStreamWriter::seek): (JSC::InstructionStreamWriter::position): (JSC::InstructionStreamWriter::write): (JSC::InstructionStreamWriter::rewind): (JSC::InstructionStreamWriter::finalize): (JSC::InstructionStreamWriter::swap): (JSC::InstructionStreamWriter::iterator::operator*): (JSC::InstructionStreamWriter::iterator::operator++): (JSC::InstructionStreamWriter::begin): (JSC::InstructionStreamWriter::end): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp: (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::LLIntPrototypeLoadAdaptiveStructureWatchpoint): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal): (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::clearLLIntGetByIdCache): * bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h: * bytecode/MetadataTable.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::MetadataTable::MetadataTable): (JSC::DeallocTable::withOpcodeType): (JSC::MetadataTable::~MetadataTable): (JSC::MetadataTable::sizeInBytes): * bytecode/MetadataTable.h: Copied from Source/JavaScriptCore/runtime/Watchdog.h. (JSC::MetadataTable::get): (JSC::MetadataTable::forEach): (JSC::MetadataTable::getImpl): * bytecode/Opcode.cpp: (JSC::metadataSize): * bytecode/Opcode.h: (JSC::padOpcodeName): * bytecode/OpcodeInlines.h: (JSC::isOpcodeShape): (JSC::getOpcodeType): * bytecode/OpcodeSize.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecode/PreciseJumpTargets.cpp: (JSC::getJumpTargetsForInstruction): (JSC::computePreciseJumpTargetsInternal): (JSC::computePreciseJumpTargets): (JSC::recomputePreciseJumpTargets): (JSC::findJumpTargetsForInstruction): * bytecode/PreciseJumpTargets.h: * bytecode/PreciseJumpTargetsInlines.h: (JSC::jumpTargetForInstruction): (JSC::extractStoredJumpTargetsForInstruction): (JSC::updateStoredJumpTargetsForInstruction): * bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeFromLLInt): * bytecode/SpecialPointer.cpp: (WTF::printInternal): * bytecode/SpecialPointer.h: * bytecode/UnlinkedCodeBlock.cpp: (JSC::UnlinkedCodeBlock::UnlinkedCodeBlock): (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::estimatedSize): (JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset): (JSC::dumpLineColumnEntry): (JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const): (JSC::UnlinkedCodeBlock::setInstructions): (JSC::UnlinkedCodeBlock::instructions const): (JSC::UnlinkedCodeBlock::applyModification): (JSC::UnlinkedCodeBlock::addOutOfLineJumpTarget): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): * bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::addPropertyAccessInstruction): (JSC::UnlinkedCodeBlock::propertyAccessInstructions const): (JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset): (JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const): (JSC::UnlinkedCodeBlock::metadata): (JSC::UnlinkedCodeBlock::metadataSizeInBytes): (JSC::UnlinkedCodeBlock::outOfLineJumpOffset): (JSC::UnlinkedCodeBlock::replaceOutOfLineJumpTargets): * bytecode/UnlinkedInstructionStream.cpp: Removed. * bytecode/UnlinkedInstructionStream.h: Removed. * bytecode/UnlinkedMetadataTable.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h. * bytecode/UnlinkedMetadataTableInlines.h: Added. (JSC::UnlinkedMetadataTable::UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::~UnlinkedMetadataTable): (JSC::UnlinkedMetadataTable::addEntry): (JSC::UnlinkedMetadataTable::sizeInBytes): (JSC::UnlinkedMetadataTable::finalize): (JSC::UnlinkedMetadataTable::link): (JSC::UnlinkedMetadataTable::unlink): * bytecode/VirtualRegister.cpp: (JSC::VirtualRegister::VirtualRegister): * bytecode/VirtualRegister.h: * bytecompiler/BytecodeGenerator.cpp: (JSC::Label::setLocation): (JSC::Label::bind): (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::BytecodeGenerator): (JSC::BytecodeGenerator::initializeVarLexicalEnvironment): (JSC::BytecodeGenerator::emitEnter): (JSC::BytecodeGenerator::emitLoopHint): (JSC::BytecodeGenerator::emitJump): (JSC::BytecodeGenerator::emitCheckTraps): (JSC::BytecodeGenerator::rewind): (JSC::BytecodeGenerator::fuseCompareAndJump): (JSC::BytecodeGenerator::fuseTestAndJmp): (JSC::BytecodeGenerator::emitJumpIfTrue): (JSC::BytecodeGenerator::emitJumpIfFalse): (JSC::BytecodeGenerator::emitJumpIfNotFunctionCall): (JSC::BytecodeGenerator::emitJumpIfNotFunctionApply): (JSC::BytecodeGenerator::moveLinkTimeConstant): (JSC::BytecodeGenerator::moveEmptyValue): (JSC::BytecodeGenerator::emitMove): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::emitBinaryOp): (JSC::BytecodeGenerator::emitToObject): (JSC::BytecodeGenerator::emitToNumber): (JSC::BytecodeGenerator::emitToString): (JSC::BytecodeGenerator::emitTypeOf): (JSC::BytecodeGenerator::emitInc): (JSC::BytecodeGenerator::emitDec): (JSC::BytecodeGenerator::emitEqualityOp): (JSC::BytecodeGenerator::emitProfileType): (JSC::BytecodeGenerator::emitProfileControlFlow): (JSC::BytecodeGenerator::pushLexicalScopeInternal): (JSC::BytecodeGenerator::emitResolveScopeForHoistingFuncDeclInEval): (JSC::BytecodeGenerator::prepareLexicalScopeForNextForLoopIteration): (JSC::BytecodeGenerator::emitOverridesHasInstance): (JSC::BytecodeGenerator::emitResolveScope): (JSC::BytecodeGenerator::emitGetFromScope): (JSC::BytecodeGenerator::emitPutToScope): (JSC::BytecodeGenerator::emitInstanceOf): (JSC::BytecodeGenerator::emitInstanceOfCustom): (JSC::BytecodeGenerator::emitInByVal): (JSC::BytecodeGenerator::emitInById): (JSC::BytecodeGenerator::emitTryGetById): (JSC::BytecodeGenerator::emitGetById): (JSC::BytecodeGenerator::emitDirectGetById): (JSC::BytecodeGenerator::emitPutById): (JSC::BytecodeGenerator::emitDirectPutById): (JSC::BytecodeGenerator::emitPutGetterById): (JSC::BytecodeGenerator::emitPutSetterById): (JSC::BytecodeGenerator::emitPutGetterSetter): (JSC::BytecodeGenerator::emitPutGetterByVal): (JSC::BytecodeGenerator::emitPutSetterByVal): (JSC::BytecodeGenerator::emitDeleteById): (JSC::BytecodeGenerator::emitGetByVal): (JSC::BytecodeGenerator::emitPutByVal): (JSC::BytecodeGenerator::emitDirectPutByVal): (JSC::BytecodeGenerator::emitDeleteByVal): (JSC::BytecodeGenerator::emitSuperSamplerBegin): (JSC::BytecodeGenerator::emitSuperSamplerEnd): (JSC::BytecodeGenerator::emitIdWithProfile): (JSC::BytecodeGenerator::emitUnreachable): (JSC::BytecodeGenerator::emitGetArgument): (JSC::BytecodeGenerator::emitCreateThis): (JSC::BytecodeGenerator::emitTDZCheck): (JSC::BytecodeGenerator::emitNewObject): (JSC::BytecodeGenerator::emitNewArrayBuffer): (JSC::BytecodeGenerator::emitNewArray): (JSC::BytecodeGenerator::emitNewArrayWithSpread): (JSC::BytecodeGenerator::emitNewArrayWithSize): (JSC::BytecodeGenerator::emitNewRegExp): (JSC::BytecodeGenerator::emitNewFunctionExpressionCommon): (JSC::BytecodeGenerator::emitNewDefaultConstructor): (JSC::BytecodeGenerator::emitNewFunction): (JSC::BytecodeGenerator::emitSetFunctionNameIfNeeded): (JSC::BytecodeGenerator::emitCall): (JSC::BytecodeGenerator::emitCallInTailPosition): (JSC::BytecodeGenerator::emitCallEval): (JSC::BytecodeGenerator::emitExpectedFunctionSnippet): (JSC::BytecodeGenerator::emitCallVarargs): (JSC::BytecodeGenerator::emitCallVarargsInTailPosition): (JSC::BytecodeGenerator::emitConstructVarargs): (JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition): (JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary): (JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary): (JSC::BytecodeGenerator::emitCallDefineProperty): (JSC::BytecodeGenerator::emitReturn): (JSC::BytecodeGenerator::emitEnd): (JSC::BytecodeGenerator::emitConstruct): (JSC::BytecodeGenerator::emitStrcat): (JSC::BytecodeGenerator::emitToPrimitive): (JSC::BytecodeGenerator::emitGetScope): (JSC::BytecodeGenerator::emitPushWithScope): (JSC::BytecodeGenerator::emitGetParentScope): (JSC::BytecodeGenerator::emitDebugHook): (JSC::BytecodeGenerator::emitCatch): (JSC::BytecodeGenerator::emitThrow): (JSC::BytecodeGenerator::emitArgumentCount): (JSC::BytecodeGenerator::emitThrowStaticError): (JSC::BytecodeGenerator::beginSwitch): (JSC::prepareJumpTableForSwitch): (JSC::prepareJumpTableForStringSwitch): (JSC::BytecodeGenerator::endSwitch): (JSC::BytecodeGenerator::emitGetEnumerableLength): (JSC::BytecodeGenerator::emitHasGenericProperty): (JSC::BytecodeGenerator::emitHasIndexedProperty): (JSC::BytecodeGenerator::emitHasStructureProperty): (JSC::BytecodeGenerator::emitGetPropertyEnumerator): (JSC::BytecodeGenerator::emitEnumeratorStructurePropertyName): (JSC::BytecodeGenerator::emitEnumeratorGenericPropertyName): (JSC::BytecodeGenerator::emitToIndexString): (JSC::BytecodeGenerator::emitIsCellWithType): (JSC::BytecodeGenerator::emitIsObject): (JSC::BytecodeGenerator::emitIsNumber): (JSC::BytecodeGenerator::emitIsUndefined): (JSC::BytecodeGenerator::emitIsEmpty): (JSC::BytecodeGenerator::emitRestParameter): (JSC::BytecodeGenerator::emitRequireObjectCoercible): (JSC::BytecodeGenerator::emitYieldPoint): (JSC::BytecodeGenerator::emitYield): (JSC::BytecodeGenerator::emitGetAsyncIterator): (JSC::BytecodeGenerator::emitDelegateYield): (JSC::BytecodeGenerator::emitFinallyCompletion): (JSC::BytecodeGenerator::emitJumpIf): (JSC::ForInContext::finalize): (JSC::StructureForInContext::finalize): (JSC::IndexedForInContext::finalize): (JSC::StaticPropertyAnalysis::record): (JSC::BytecodeGenerator::emitToThis): * bytecompiler/BytecodeGenerator.h: (JSC::StructureForInContext::addGetInst): (JSC::BytecodeGenerator::recordOpcode): (JSC::BytecodeGenerator::addMetadataFor): (JSC::BytecodeGenerator::emitUnaryOp): (JSC::BytecodeGenerator::kill): (JSC::BytecodeGenerator::instructions const): (JSC::BytecodeGenerator::write): (JSC::BytecodeGenerator::withWriter): * bytecompiler/Label.h: (JSC::Label::Label): (JSC::Label::bind): * bytecompiler/NodesCodegen.cpp: (JSC::ArrayNode::emitBytecode): (JSC::BytecodeIntrinsicNode::emit_intrinsic_argumentCount): (JSC::ApplyFunctionCallDotNode::emitBytecode): (JSC::BitwiseNotNode::emitBytecode): (JSC::BinaryOpNode::emitBytecode): (JSC::EqualNode::emitBytecode): (JSC::StrictEqualNode::emitBytecode): (JSC::emitReadModifyAssignment): (JSC::ForInNode::emitBytecode): (JSC::CaseBlockNode::emitBytecodeForBlock): (JSC::FunctionNode::emitBytecode): (JSC::ClassExprNode::emitBytecode): * bytecompiler/ProfileTypeBytecodeFlag.cpp: Copied from Source/JavaScriptCore/bytecode/VirtualRegister.cpp. (WTF::printInternal): * bytecompiler/ProfileTypeBytecodeFlag.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. * bytecompiler/RegisterID.h: * bytecompiler/StaticPropertyAnalysis.h: (JSC::StaticPropertyAnalysis::create): (JSC::StaticPropertyAnalysis::StaticPropertyAnalysis): * bytecompiler/StaticPropertyAnalyzer.h: (JSC::StaticPropertyAnalyzer::createThis): (JSC::StaticPropertyAnalyzer::newObject): (JSC::StaticPropertyAnalyzer::putById): (JSC::StaticPropertyAnalyzer::mov): (JSC::StaticPropertyAnalyzer::kill): * dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::addCall): (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit): (JSC::DFG::ByteCodeParser::getArrayMode): (JSC::DFG::ByteCodeParser::handleCall): (JSC::DFG::ByteCodeParser::handleVarargsCall): (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inlineCall): (JSC::DFG::ByteCodeParser::handleCallVariant): (JSC::DFG::ByteCodeParser::handleVarargsInlining): (JSC::DFG::ByteCodeParser::handleInlining): (JSC::DFG::ByteCodeParser::handleMinMax): (JSC::DFG::ByteCodeParser::handleIntrinsicCall): (JSC::DFG::ByteCodeParser::handleDOMJITCall): (JSC::DFG::ByteCodeParser::handleIntrinsicGetter): (JSC::DFG::ByteCodeParser::handleDOMJITGetter): (JSC::DFG::ByteCodeParser::handleModuleNamespaceLoad): (JSC::DFG::ByteCodeParser::handleTypedArrayConstructor): (JSC::DFG::ByteCodeParser::handleConstantInternalFunction): (JSC::DFG::ByteCodeParser::handleGetById): (JSC::DFG::ByteCodeParser::handlePutById): (JSC::DFG::ByteCodeParser::parseGetById): (JSC::DFG::ByteCodeParser::parseBlock): (JSC::DFG::ByteCodeParser::parseCodeBlock): (JSC::DFG::ByteCodeParser::handlePutByVal): (JSC::DFG::ByteCodeParser::handlePutAccessorById): (JSC::DFG::ByteCodeParser::handlePutAccessorByVal): (JSC::DFG::ByteCodeParser::handleNewFunc): (JSC::DFG::ByteCodeParser::handleNewFuncExp): (JSC::DFG::ByteCodeParser::parse): * dfg/DFGCapabilities.cpp: (JSC::DFG::capabilityLevel): * dfg/DFGCapabilities.h: (JSC::DFG::capabilityLevel): * dfg/DFGOSREntry.cpp: (JSC::DFG::prepareCatchOSREntry): * dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileValueAdd): (JSC::DFG::SpeculativeJIT::compileValueSub): (JSC::DFG::SpeculativeJIT::compileValueNegate): (JSC::DFG::SpeculativeJIT::compileArithMul): * ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileValueAdd): (JSC::FTL::DFG::LowerDFGToB3::compileValueSub): (JSC::FTL::DFG::LowerDFGToB3::compileUnaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileBinaryMathIC): (JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub): (JSC::FTL::DFG::LowerDFGToB3::compileArithMul): (JSC::FTL::DFG::LowerDFGToB3::compileValueNegate): * ftl/FTLOperations.cpp: (JSC::FTL::operationMaterializeObjectInOSR): * generate-bytecode-files: Removed. * generator/Argument.rb: Added. * generator/Assertion.rb: Added. * generator/DSL.rb: Added. * generator/Fits.rb: Added. * generator/GeneratedFile.rb: Added. * generator/Metadata.rb: Added. * generator/Opcode.rb: Added. * generator/OpcodeGroup.rb: Added. * generator/Options.rb: Added. * generator/Section.rb: Added. * generator/Template.rb: Added. * generator/Type.rb: Added. * generator/main.rb: Added. * interpreter/AbstractPC.h: * interpreter/CallFrame.cpp: (JSC::CallFrame::currentVPC const): (JSC::CallFrame::setCurrentVPC): * interpreter/CallFrame.h: (JSC::CallSiteIndex::CallSiteIndex): (JSC::ExecState::setReturnPC): * interpreter/Interpreter.cpp: (WTF::printInternal): * interpreter/Interpreter.h: * interpreter/InterpreterInlines.h: * interpreter/StackVisitor.cpp: (JSC::StackVisitor::Frame::dump const): * interpreter/VMEntryRecord.h: * jit/JIT.cpp: (JSC::JIT::JIT): (JSC::JIT::emitSlowCaseCall): (JSC::JIT::privateCompileMainPass): (JSC::JIT::privateCompileSlowCases): (JSC::JIT::compileWithoutLinking): (JSC::JIT::link): * jit/JIT.h: * jit/JITArithmetic.cpp: (JSC::JIT::emit_op_jless): (JSC::JIT::emit_op_jlesseq): (JSC::JIT::emit_op_jgreater): (JSC::JIT::emit_op_jgreatereq): (JSC::JIT::emit_op_jnless): (JSC::JIT::emit_op_jnlesseq): (JSC::JIT::emit_op_jngreater): (JSC::JIT::emit_op_jngreatereq): (JSC::JIT::emitSlow_op_jless): (JSC::JIT::emitSlow_op_jlesseq): (JSC::JIT::emitSlow_op_jgreater): (JSC::JIT::emitSlow_op_jgreatereq): (JSC::JIT::emitSlow_op_jnless): (JSC::JIT::emitSlow_op_jnlesseq): (JSC::JIT::emitSlow_op_jngreater): (JSC::JIT::emitSlow_op_jngreatereq): (JSC::JIT::emit_op_below): (JSC::JIT::emit_op_beloweq): (JSC::JIT::emit_op_jbelow): (JSC::JIT::emit_op_jbeloweq): (JSC::JIT::emit_op_unsigned): (JSC::JIT::emit_compareAndJump): (JSC::JIT::emit_compareUnsignedAndJump): (JSC::JIT::emit_compareUnsigned): (JSC::JIT::emit_compareAndJumpSlow): (JSC::JIT::emit_op_inc): (JSC::JIT::emit_op_dec): (JSC::JIT::emit_op_mod): (JSC::JIT::emitSlow_op_mod): (JSC::JIT::emit_op_negate): (JSC::JIT::emitSlow_op_negate): (JSC::JIT::emitBitBinaryOpFastPath): (JSC::JIT::emit_op_bitand): (JSC::JIT::emit_op_bitor): (JSC::JIT::emit_op_bitxor): (JSC::JIT::emit_op_lshift): (JSC::JIT::emitRightShiftFastPath): (JSC::JIT::emit_op_rshift): (JSC::JIT::emit_op_urshift): (JSC::getOperandTypes): (JSC::JIT::emit_op_add): (JSC::JIT::emitSlow_op_add): (JSC::JIT::emitMathICFast): (JSC::JIT::emitMathICSlow): (JSC::JIT::emit_op_div): (JSC::JIT::emit_op_mul): (JSC::JIT::emitSlow_op_mul): (JSC::JIT::emit_op_sub): (JSC::JIT::emitSlow_op_sub): * jit/JITCall.cpp: (JSC::JIT::emitPutCallResult): (JSC::JIT::compileSetupFrame): (JSC::JIT::compileCallEval): (JSC::JIT::compileCallEvalSlowCase): (JSC::JIT::compileTailCall): (JSC::JIT::compileOpCall): (JSC::JIT::compileOpCallSlowCase): (JSC::JIT::emit_op_call): (JSC::JIT::emit_op_tail_call): (JSC::JIT::emit_op_call_eval): (JSC::JIT::emit_op_call_varargs): (JSC::JIT::emit_op_tail_call_varargs): (JSC::JIT::emit_op_tail_call_forward_arguments): (JSC::JIT::emit_op_construct_varargs): (JSC::JIT::emit_op_construct): (JSC::JIT::emitSlow_op_call): (JSC::JIT::emitSlow_op_tail_call): (JSC::JIT::emitSlow_op_call_eval): (JSC::JIT::emitSlow_op_call_varargs): (JSC::JIT::emitSlow_op_tail_call_varargs): (JSC::JIT::emitSlow_op_tail_call_forward_arguments): (JSC::JIT::emitSlow_op_construct_varargs): (JSC::JIT::emitSlow_op_construct): * jit/JITDisassembler.cpp: (JSC::JITDisassembler::JITDisassembler): * jit/JITExceptions.cpp: (JSC::genericUnwind): * jit/JITInlines.h: (JSC::JIT::emitDoubleGetByVal): (JSC::JIT::emitLoadForArrayMode): (JSC::JIT::emitContiguousGetByVal): (JSC::JIT::emitArrayStorageGetByVal): (JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile): (JSC::JIT::sampleInstruction): (JSC::JIT::emitValueProfilingSiteIfProfiledOpcode): (JSC::JIT::emitValueProfilingSite): (JSC::JIT::jumpTarget): (JSC::JIT::copiedGetPutInfo): (JSC::JIT::copiedArithProfile): * jit/JITMathIC.h: (JSC::isProfileEmpty): (JSC::JITBinaryMathIC::JITBinaryMathIC): (JSC::JITUnaryMathIC::JITUnaryMathIC): * jit/JITOpcodes.cpp: (JSC::JIT::emit_op_mov): (JSC::JIT::emit_op_end): (JSC::JIT::emit_op_jmp): (JSC::JIT::emit_op_new_object): (JSC::JIT::emitSlow_op_new_object): (JSC::JIT::emit_op_overrides_has_instance): (JSC::JIT::emit_op_instanceof): (JSC::JIT::emitSlow_op_instanceof): (JSC::JIT::emit_op_instanceof_custom): (JSC::JIT::emit_op_is_empty): (JSC::JIT::emit_op_is_undefined): (JSC::JIT::emit_op_is_boolean): (JSC::JIT::emit_op_is_number): (JSC::JIT::emit_op_is_cell_with_type): (JSC::JIT::emit_op_is_object): (JSC::JIT::emit_op_ret): (JSC::JIT::emit_op_to_primitive): (JSC::JIT::emit_op_set_function_name): (JSC::JIT::emit_op_not): (JSC::JIT::emit_op_jfalse): (JSC::JIT::emit_op_jeq_null): (JSC::JIT::emit_op_jneq_null): (JSC::JIT::emit_op_jneq_ptr): (JSC::JIT::emit_op_eq): (JSC::JIT::emit_op_jeq): (JSC::JIT::emit_op_jtrue): (JSC::JIT::emit_op_neq): (JSC::JIT::emit_op_jneq): (JSC::JIT::emit_op_throw): (JSC::JIT::compileOpStrictEq): (JSC::JIT::emit_op_stricteq): (JSC::JIT::emit_op_nstricteq): (JSC::JIT::compileOpStrictEqJump): (JSC::JIT::emit_op_jstricteq): (JSC::JIT::emit_op_jnstricteq): (JSC::JIT::emitSlow_op_jstricteq): (JSC::JIT::emitSlow_op_jnstricteq): (JSC::JIT::emit_op_to_number): (JSC::JIT::emit_op_to_string): (JSC::JIT::emit_op_to_object): (JSC::JIT::emit_op_catch): (JSC::JIT::emit_op_identity_with_profile): (JSC::JIT::emit_op_get_parent_scope): (JSC::JIT::emit_op_switch_imm): (JSC::JIT::emit_op_switch_char): (JSC::JIT::emit_op_switch_string): (JSC::JIT::emit_op_debug): (JSC::JIT::emit_op_eq_null): (JSC::JIT::emit_op_neq_null): (JSC::JIT::emit_op_enter): (JSC::JIT::emit_op_get_scope): (JSC::JIT::emit_op_to_this): (JSC::JIT::emit_op_create_this): (JSC::JIT::emit_op_check_tdz): (JSC::JIT::emitSlow_op_eq): (JSC::JIT::emitSlow_op_neq): (JSC::JIT::emitSlow_op_jeq): (JSC::JIT::emitSlow_op_jneq): (JSC::JIT::emitSlow_op_instanceof_custom): (JSC::JIT::emit_op_loop_hint): (JSC::JIT::emitSlow_op_loop_hint): (JSC::JIT::emit_op_check_traps): (JSC::JIT::emit_op_nop): (JSC::JIT::emit_op_super_sampler_begin): (JSC::JIT::emit_op_super_sampler_end): (JSC::JIT::emitSlow_op_check_traps): (JSC::JIT::emit_op_new_regexp): (JSC::JIT::emitNewFuncCommon): (JSC::JIT::emit_op_new_func): (JSC::JIT::emit_op_new_generator_func): (JSC::JIT::emit_op_new_async_generator_func): (JSC::JIT::emit_op_new_async_func): (JSC::JIT::emitNewFuncExprCommon): (JSC::JIT::emit_op_new_func_exp): (JSC::JIT::emit_op_new_generator_func_exp): (JSC::JIT::emit_op_new_async_func_exp): (JSC::JIT::emit_op_new_async_generator_func_exp): (JSC::JIT::emit_op_new_array): (JSC::JIT::emit_op_new_array_with_size): (JSC::JIT::emit_op_has_structure_property): (JSC::JIT::privateCompileHasIndexedProperty): (JSC::JIT::emit_op_has_indexed_property): (JSC::JIT::emitSlow_op_has_indexed_property): (JSC::JIT::emit_op_get_direct_pname): (JSC::JIT::emit_op_enumerator_structure_pname): (JSC::JIT::emit_op_enumerator_generic_pname): (JSC::JIT::emit_op_profile_type): (JSC::JIT::emit_op_log_shadow_chicken_prologue): (JSC::JIT::emit_op_log_shadow_chicken_tail): (JSC::JIT::emit_op_profile_control_flow): (JSC::JIT::emit_op_argument_count): (JSC::JIT::emit_op_get_rest_length): (JSC::JIT::emit_op_get_argument): * jit/JITOpcodes32_64.cpp: (JSC::JIT::emit_op_to_this): * jit/JITOperations.cpp: * jit/JITOperations.h: * jit/JITPropertyAccess.cpp: (JSC::JIT::emit_op_get_by_val): (JSC::JIT::emitGetByValWithCachedId): (JSC::JIT::emitSlow_op_get_by_val): (JSC::JIT::emit_op_put_by_val_direct): (JSC::JIT::emit_op_put_by_val): (JSC::JIT::emitGenericContiguousPutByVal): (JSC::JIT::emitArrayStoragePutByVal): (JSC::JIT::emitPutByValWithCachedId): (JSC::JIT::emitSlow_op_put_by_val): (JSC::JIT::emit_op_put_getter_by_id): (JSC::JIT::emit_op_put_setter_by_id): (JSC::JIT::emit_op_put_getter_setter_by_id): (JSC::JIT::emit_op_put_getter_by_val): (JSC::JIT::emit_op_put_setter_by_val): (JSC::JIT::emit_op_del_by_id): (JSC::JIT::emit_op_del_by_val): (JSC::JIT::emit_op_try_get_by_id): (JSC::JIT::emitSlow_op_try_get_by_id): (JSC::JIT::emit_op_get_by_id_direct): (JSC::JIT::emitSlow_op_get_by_id_direct): (JSC::JIT::emit_op_get_by_id): (JSC::JIT::emit_op_get_by_id_with_this): (JSC::JIT::emitSlow_op_get_by_id): (JSC::JIT::emitSlow_op_get_by_id_with_this): (JSC::JIT::emit_op_put_by_id): (JSC::JIT::emitSlow_op_put_by_id): (JSC::JIT::emit_op_in_by_id): (JSC::JIT::emitSlow_op_in_by_id): (JSC::JIT::emit_op_resolve_scope): (JSC::JIT::emit_op_get_from_scope): (JSC::JIT::emitSlow_op_get_from_scope): (JSC::JIT::emit_op_put_to_scope): (JSC::JIT::emitSlow_op_put_to_scope): (JSC::JIT::emit_op_get_from_arguments): (JSC::JIT::emit_op_put_to_arguments): (JSC::JIT::privateCompileGetByVal): (JSC::JIT::privateCompileGetByValWithCachedId): (JSC::JIT::privateCompilePutByVal): (JSC::JIT::privateCompilePutByValWithCachedId): (JSC::JIT::emitDoubleLoad): (JSC::JIT::emitContiguousLoad): (JSC::JIT::emitArrayStorageLoad): (JSC::JIT::emitDirectArgumentsGetByVal): (JSC::JIT::emitScopedArgumentsGetByVal): (JSC::JIT::emitIntTypedArrayGetByVal): (JSC::JIT::emitFloatTypedArrayGetByVal): (JSC::JIT::emitIntTypedArrayPutByVal): (JSC::JIT::emitFloatTypedArrayPutByVal): * jit/RegisterSet.cpp: (JSC::RegisterSet::llintBaselineCalleeSaveRegisters): * jit/SlowPathCall.h: (JSC::JITSlowPathCall::JITSlowPathCall): * llint/LLIntData.cpp: (JSC::LLInt::initialize): (JSC::LLInt::Data::performAssertions): * llint/LLIntData.h: (JSC::LLInt::exceptionInstructions): (JSC::LLInt::opcodeMap): (JSC::LLInt::opcodeMapWide): (JSC::LLInt::getOpcode): (JSC::LLInt::getOpcodeWide): (JSC::LLInt::getWideCodePtr): * llint/LLIntOffsetsExtractor.cpp: * llint/LLIntSlowPaths.cpp: (JSC::LLInt::llint_trace_operand): (JSC::LLInt::llint_trace_value): (JSC::LLInt::LLINT_SLOW_PATH_DECL): (JSC::LLInt::entryOSR): (JSC::LLInt::setupGetByIdPrototypeCache): (JSC::LLInt::getByVal): (JSC::LLInt::handleHostCall): (JSC::LLInt::setUpCall): (JSC::LLInt::genericCall): (JSC::LLInt::varargsSetup): (JSC::LLInt::commonCallEval): * llint/LLIntSlowPaths.h: * llint/LowLevelInterpreter.asm: * llint/LowLevelInterpreter.cpp: (JSC::CLoopRegister::operator const Instruction*): (JSC::CLoop::execute): * llint/LowLevelInterpreter32_64.asm: * llint/LowLevelInterpreter64.asm: * offlineasm/arm64.rb: * offlineasm/asm.rb: * offlineasm/ast.rb: * offlineasm/cloop.rb: * offlineasm/generate_offset_extractor.rb: * offlineasm/instructions.rb: * offlineasm/offsets.rb: * offlineasm/parser.rb: * offlineasm/transform.rb: * offlineasm/x86.rb: * parser/ResultType.h: (JSC::ResultType::dump const): (JSC::OperandTypes::first const): (JSC::OperandTypes::second const): (JSC::OperandTypes::dump const): * profiler/ProfilerBytecodeSequence.cpp: (JSC::Profiler::BytecodeSequence::BytecodeSequence): * runtime/CommonSlowPaths.cpp: (JSC::SLOW_PATH_DECL): (JSC::updateArithProfileForUnaryArithOp): (JSC::updateArithProfileForBinaryArithOp): * runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::tryCachePutToScopeGlobal): (JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal): * runtime/ExceptionFuzz.cpp: (JSC::doExceptionFuzzing): * runtime/ExceptionFuzz.h: (JSC::doExceptionFuzzingIfEnabled): * runtime/GetPutInfo.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp. (JSC::GetPutInfo::dump const): (WTF::printInternal): * runtime/GetPutInfo.h: (JSC::GetPutInfo::operand const): * runtime/JSCPoison.h: * runtime/JSType.cpp: Added. (WTF::printInternal): * runtime/JSType.h: * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::StackFrame::displayName): * runtime/SamplingProfiler.h: (JSC::SamplingProfiler::UnprocessedStackFrame::UnprocessedStackFrame): * runtime/SlowPathReturnType.h: (JSC::encodeResult): (JSC::decodeResult): * runtime/VM.h: * runtime/Watchdog.h: * tools/HeapVerifier.cpp: Source/WTF: * wtf/Forward.h: Fix WTF_LAZY_FOR_EACH_TERM on MSVC and add WTF_LAZY_HAS_REST to check whether a macro was passed multiple arguments * wtf/Platform.h: Force ENABLE_JIT=false on all 32-bit platforms * wtf/Vector.h: (WTF::minCapacity>::insertVector): Allow vectors with different overflow handlers to be passed to insertVector Tools: Do not force ENABLE_JIT=true when $forceCLoop is false. * Scripts/build-jsc: LayoutTests: Don't use recursion on `equal` to avoid premature stack overflows when testing deep arrays. * fast/dom/Window/resources/postmessage-test.js: Canonical link: https://commits.webkit.org/205839@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237547 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2018-10-29 13:16:03 +00:00
int UnlinkedCodeBlock::outOfLineJumpOffset(InstructionStream::Offset bytecodeOffset)
{
ASSERT(m_outOfLineJumpTargets.contains(bytecodeOffset));
return m_outOfLineJumpTargets.get(bytecodeOffset);
}
PerformanceTests: Concurrent GC should be stable enough to land enabled https://bugs.webkit.org/show_bug.cgi?id=164990 Reviewed by Geoffrey Garen. Made CDjs more configurable and refined the "large.js" configuration. I was using that one and the new "long.js" configuration to tune concurrent eden GCs. Added a new way of running Splay in browser, which using chartjs to plot the execution times of 2000 iterations. This includes the minified chartjs. * JetStream/Octane2/splay-detail.html: Added. * JetStream/cdjs/benchmark.js: (benchmarkImpl): (benchmark): * JetStream/cdjs/long.js: Added. Source/JavaScriptCore: Concurrent GC should be stable enough to land enabled on X86_64 https://bugs.webkit.org/show_bug.cgi?id=164990 Reviewed by Geoffrey Garen. This fixes a ton of performance and correctness bugs revealed by getting the concurrent GC to be stable enough to land enabled. I had to redo the JSObject::visitChildren concurrency protocol again. This time I think it's even more correct than ever! This is an enormous win on JetStream/splay-latency and Octane/SplayLatency. It looks to be mostly neutral on everything else, though Speedometer is showing statistically weak signs of a slight regression. * API/JSAPIWrapperObject.mm: Added locking. (JSC::JSAPIWrapperObject::visitChildren): * API/JSCallbackObject.h: Added locking. (JSC::JSCallbackObjectData::visitChildren): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::setPrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::deletePrivateProperty): (JSC::JSCallbackObjectData::JSPrivatePropertyMap::visitChildren): * CMakeLists.txt: * JavaScriptCore.xcodeproj/project.pbxproj: * bytecode/CodeBlock.cpp: (JSC::CodeBlock::UnconditionalFinalizer::finalizeUnconditionally): This had a TOCTOU race on shouldJettisonDueToOldAge. (JSC::EvalCodeCache::visitAggregate): Moved to EvalCodeCache.cpp. * bytecode/DirectEvalCodeCache.cpp: Added. Outlined some functions and made them use locks. (JSC::DirectEvalCodeCache::setSlow): (JSC::DirectEvalCodeCache::clear): (JSC::DirectEvalCodeCache::visitAggregate): * bytecode/DirectEvalCodeCache.h: (JSC::DirectEvalCodeCache::set): (JSC::DirectEvalCodeCache::clear): Deleted. * bytecode/UnlinkedCodeBlock.cpp: Added locking. (JSC::UnlinkedCodeBlock::visitChildren): (JSC::UnlinkedCodeBlock::setInstructions): (JSC::UnlinkedCodeBlock::shrinkToFit): * bytecode/UnlinkedCodeBlock.h: Added locking. (JSC::UnlinkedCodeBlock::addRegExp): (JSC::UnlinkedCodeBlock::addConstant): (JSC::UnlinkedCodeBlock::addFunctionDecl): (JSC::UnlinkedCodeBlock::addFunctionExpr): (JSC::UnlinkedCodeBlock::createRareDataIfNecessary): (JSC::UnlinkedCodeBlock::shrinkToFit): Deleted. * debugger/Debugger.cpp: Use the right delete API. (JSC::Debugger::recompileAllJSFunctions): * dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects): Fix a pre-existing bug in ToFunction constant folding. * dfg/DFGClobberize.h: Add support for nuking. (JSC::DFG::clobberize): * dfg/DFGClobbersExitState.cpp: Add support for nuking. (JSC::DFG::clobbersExitState): * dfg/DFGFixupPhase.cpp: Add support for nuking. (JSC::DFG::FixupPhase::fixupNode): (JSC::DFG::FixupPhase::indexForChecks): (JSC::DFG::FixupPhase::originForCheck): (JSC::DFG::FixupPhase::speculateForBarrier): (JSC::DFG::FixupPhase::insertCheck): (JSC::DFG::FixupPhase::fixupChecksInBlock): * dfg/DFGSpeculativeJIT.cpp: Add support for nuking. (JSC::DFG::SpeculativeJIT::compileAllocatePropertyStorage): (JSC::DFG::SpeculativeJIT::compileReallocatePropertyStorage): * ftl/FTLLowerDFGToB3.cpp: Add support for nuking. (JSC::FTL::DFG::LowerDFGToB3::allocatePropertyStorage): (JSC::FTL::DFG::LowerDFGToB3::reallocatePropertyStorage): (JSC::FTL::DFG::LowerDFGToB3::mutatorFence): (JSC::FTL::DFG::LowerDFGToB3::nukeStructureAndSetButterfly): (JSC::FTL::DFG::LowerDFGToB3::setButterfly): Deleted. * heap/CodeBlockSet.cpp: We need to be more careful about the CodeBlockSet workflow during GC, since we will allocate CodeBlocks in eden while collecting. (JSC::CodeBlockSet::clearMarksForFullCollection): (JSC::CodeBlockSet::deleteUnmarkedAndUnreferenced): * heap/Heap.cpp: Added code to measure max pauses. Added a better collectContinuously mode. (JSC::Heap::lastChanceToFinalize): Stop the collectContinuously thread. (JSC::Heap::harvestWeakReferences): Inline SlotVisitor::harvestWeakReferences. (JSC::Heap::finalizeUnconditionalFinalizers): Inline SlotVisitor::finalizeUnconditionalReferences. (JSC::Heap::markToFixpoint): We need to do some MarkedSpace stuff before every conservative scan, rather than just at the start of marking, so we now call prepareForConservativeScan() before each conservative scan. Also call a less-parallel version of drainInParallel when the mutator is running. (JSC::Heap::collectInThread): Inline Heap::prepareForAllocation(). (JSC::Heap::stopIfNecessarySlow): We need to be more careful about ensuring that we run finalization before and after stopping. Also, we should sanitize stack when stopping the world. (JSC::Heap::acquireAccessSlow): Add some optional debug prints. (JSC::Heap::handleNeedFinalize): Assert that we are running this when the world is not stopped. (JSC::Heap::finalize): Remove the old collectContinuously code. (JSC::Heap::requestCollection): We don't need to sanitize stack here anymore. (JSC::Heap::notifyIsSafeToCollect): Start the collectContinuously thread. It will request collection 1 KHz. (JSC::Heap::prepareForAllocation): Deleted. (JSC::Heap::preventCollection): Prevent any new concurrent GCs from being initiated. (JSC::Heap::allowCollection): (JSC::Heap::forEachSlotVisitor): Allows us to safely iterate slot visitors. * heap/Heap.h: * heap/HeapInlines.h: (JSC::Heap::writeBarrier): If the 'to' cell is not NewWhite then it could be AnthraciteOrBlack. During a full collection, objects may be AnthraciteOrBlack from a previous GC. Turns out, we don't benefit from this optimization so we can just kill it. * heap/HeapSnapshotBuilder.cpp: (JSC::HeapSnapshotBuilder::buildSnapshot): This needs to use PreventCollectionScope to ensure snapshot soundness. * heap/ListableHandler.h: (JSC::ListableHandler::isOnList): Useful helper. * heap/LockDuringMarking.h: (JSC::lockDuringMarking): It's a locker that only locks while we're marking. * heap/MarkedAllocator.cpp: (JSC::MarkedAllocator::addBlock): Hold the bitvector lock while resizing. * heap/MarkedBlock.cpp: Hold the bitvector lock while accessing the bitvectors while the mutator is running. * heap/MarkedSpace.cpp: (JSC::MarkedSpace::prepareForConservativeScan): We used to do this in prepareForMarking, but we need to do it before each conservative scan not just before marking. (JSC::MarkedSpace::prepareForMarking): Remove the logic moved to prepareForConservativeScan. * heap/MarkedSpace.h: * heap/PreventCollectionScope.h: Added. * heap/SlotVisitor.cpp: Refactored drainFromShared so that we can write a similar function called drainInParallelPassively. (JSC::SlotVisitor::updateMutatorIsStopped): Update whether we can use "fast" scanning. (JSC::SlotVisitor::mutatorIsStoppedIsUpToDate): (JSC::SlotVisitor::didReachTermination): (JSC::SlotVisitor::hasWork): (JSC::SlotVisitor::drain): This now uses the rightToRun lock to allow the main GC thread to safepoint the workers. (JSC::SlotVisitor::drainFromShared): (JSC::SlotVisitor::drainInParallelPassively): This runs marking with one fewer threads than normal. It's useful for when we have resumed the mutator, since then the mutator has a better chance of getting on a core. (JSC::SlotVisitor::addWeakReferenceHarvester): (JSC::SlotVisitor::addUnconditionalFinalizer): (JSC::SlotVisitor::harvestWeakReferences): Deleted. (JSC::SlotVisitor::finalizeUnconditionalFinalizers): Deleted. * heap/SlotVisitor.h: * heap/SlotVisitorInlines.h: Outline stuff. (JSC::SlotVisitor::addWeakReferenceHarvester): Deleted. (JSC::SlotVisitor::addUnconditionalFinalizer): Deleted. * runtime/InferredType.cpp: This needed thread safety. (JSC::InferredType::visitChildren): This needs to keep its structure finalizer alive until it runs. (JSC::InferredType::set): (JSC::InferredType::InferredStructureFinalizer::finalizeUnconditionally): * runtime/InferredType.h: * runtime/InferredValue.cpp: This needed thread safety. (JSC::InferredValue::visitChildren): (JSC::InferredValue::ValueCleanup::finalizeUnconditionally): * runtime/JSArray.cpp: (JSC::JSArray::unshiftCountSlowCase): Update to use new butterfly API. (JSC::JSArray::unshiftCountWithArrayStorage): Update to use new butterfly API. * runtime/JSArrayBufferView.cpp: (JSC::JSArrayBufferView::visitChildren): Thread safety. * runtime/JSCell.h: (JSC::JSCell::setStructureIDDirectly): This is used for nuking the structure. (JSC::JSCell::InternalLocker::InternalLocker): Deleted. The cell is now the lock. (JSC::JSCell::InternalLocker::~InternalLocker): Deleted. The cell is now the lock. * runtime/JSCellInlines.h: (JSC::JSCell::structure): Clean this up. (JSC::JSCell::lock): The cell is now the lock. (JSC::JSCell::tryLock): (JSC::JSCell::unlock): (JSC::JSCell::isLocked): (JSC::JSCell::lockInternalLock): Deleted. (JSC::JSCell::unlockInternalLock): Deleted. * runtime/JSFunction.cpp: (JSC::JSFunction::visitChildren): Thread safety. * runtime/JSGenericTypedArrayViewInlines.h: (JSC::JSGenericTypedArrayView<Adaptor>::visitChildren): Thread safety. (JSC::JSGenericTypedArrayView<Adaptor>::slowDownAndWasteMemory): Thread safety. * runtime/JSObject.cpp: (JSC::JSObject::markAuxiliaryAndVisitOutOfLineProperties): Factor out this "easy" step of butterfly visiting. (JSC::JSObject::visitButterfly): Make this achieve 100% precision about structure-butterfly relationships. This relies on the mutator "nuking" the structure prior to "locked" structure-butterfly transitions. (JSC::JSObject::visitChildren): Use the new, nicer API. (JSC::JSFinalObject::visitChildren): Use the new, nicer API. (JSC::JSObject::enterDictionaryIndexingModeWhenArrayStorageAlreadyExists): Use the new butterfly API. (JSC::JSObject::createInitialUndecided): Use the new butterfly API. (JSC::JSObject::createInitialInt32): Use the new butterfly API. (JSC::JSObject::createInitialDouble): Use the new butterfly API. (JSC::JSObject::createInitialContiguous): Use the new butterfly API. (JSC::JSObject::createArrayStorage): Use the new butterfly API. (JSC::JSObject::convertUndecidedToContiguous): Use the new butterfly API. (JSC::JSObject::convertUndecidedToArrayStorage): Use the new butterfly API. (JSC::JSObject::convertInt32ToArrayStorage): Use the new butterfly API. (JSC::JSObject::convertDoubleToContiguous): Use the new butterfly API. (JSC::JSObject::convertDoubleToArrayStorage): Use the new butterfly API. (JSC::JSObject::convertContiguousToArrayStorage): Use the new butterfly API. (JSC::JSObject::increaseVectorLength): Use the new butterfly API. (JSC::JSObject::shiftButterflyAfterFlattening): Use the new butterfly API. * runtime/JSObject.h: (JSC::JSObject::setButterfly): This now does all of the fences. Only use this when you are not also transitioning the structure or the structure's lastOffset. (JSC::JSObject::nukeStructureAndSetButterfly): Use this when doing locked structure-butterfly transitions. * runtime/JSObjectInlines.h: (JSC::JSObject::putDirectWithoutTransition): Use the newly factored out API. (JSC::JSObject::prepareToPutDirectWithoutTransition): Factor this out! (JSC::JSObject::putDirectInternal): Use the newly factored out API. * runtime/JSPropertyNameEnumerator.cpp: (JSC::JSPropertyNameEnumerator::finishCreation): Locks! (JSC::JSPropertyNameEnumerator::visitChildren): Locks! * runtime/JSSegmentedVariableObject.cpp: (JSC::JSSegmentedVariableObject::visitChildren): Locks! * runtime/JSString.cpp: (JSC::JSString::visitChildren): Thread safety. * runtime/ModuleProgramExecutable.cpp: (JSC::ModuleProgramExecutable::visitChildren): Thread safety. * runtime/Options.cpp: For now we disable concurrent GC on not-X86_64. (JSC::recomputeDependentOptions): * runtime/Options.h: Change the default max GC parallelism to 8. I don't know why it was still 7. * runtime/SamplingProfiler.cpp: (JSC::SamplingProfiler::stackTracesAsJSON): This needs to defer GC before grabbing its lock. * runtime/SparseArrayValueMap.cpp: This needed thread safety. (JSC::SparseArrayValueMap::add): (JSC::SparseArrayValueMap::remove): (JSC::SparseArrayValueMap::visitChildren): * runtime/SparseArrayValueMap.h: * runtime/Structure.cpp: This had a race between addNewPropertyTransition and visitChildren. (JSC::Structure::Structure): (JSC::Structure::materializePropertyTable): (JSC::Structure::addNewPropertyTransition): (JSC::Structure::flattenDictionaryStructure): (JSC::Structure::add): Help out with nuking support - the m_offset needs to play along. (JSC::Structure::visitChildren): * runtime/Structure.h: Make some useful things public - like the notion of a lastOffset. * runtime/StructureChain.cpp: (JSC::StructureChain::visitChildren): Thread safety! * runtime/StructureChain.h: Thread safety! * runtime/StructureIDTable.cpp: (JSC::StructureIDTable::allocateID): Ensure that we don't get nuked IDs. * runtime/StructureIDTable.h: Add the notion of a nuked ID! It's a bit that the runtime never sees except during specific shady actions like locked structure-butterfly transitions. "Nuking" tells the GC to steer clear and rescan once we fire the barrier. (JSC::nukedStructureIDBit): (JSC::nuke): (JSC::isNuked): (JSC::decontaminate): * runtime/StructureInlines.h: (JSC::Structure::hasIndexingHeader): Better API. (JSC::Structure::add): * runtime/VM.cpp: Better GC interaction. (JSC::VM::ensureWatchdog): (JSC::VM::deleteAllLinkedCode): (JSC::VM::deleteAllCode): * runtime/VM.h: (JSC::VM::getStructure): Why wasn't this always an API! * runtime/WebAssemblyExecutable.cpp: (JSC::WebAssemblyExecutable::visitChildren): Thread safety. Source/WebCore: Concurrent GC should be stable enough to land enabled on X86_64 https://bugs.webkit.org/show_bug.cgi?id=164990 Reviewed by Geoffrey Garen. Made WebCore down with concurrent marking by adding some locking and adapting to some new API. This has new test modes in run-sjc-stress-tests. Also, the way that LayoutTests run is already a fantastic GC test. * ForwardingHeaders/heap/DeleteAllCodeEffort.h: Added. * ForwardingHeaders/heap/LockDuringMarking.h: Added. * bindings/js/GCController.cpp: (WebCore::GCController::deleteAllCode): (WebCore::GCController::deleteAllLinkedCode): * bindings/js/GCController.h: * bindings/js/JSDOMBinding.cpp: (WebCore::getCachedDOMStructure): (WebCore::cacheDOMStructure): * bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::addBuiltinGlobals): (WebCore::JSDOMGlobalObject::visitChildren): * bindings/js/JSDOMGlobalObject.h: (WebCore::getDOMConstructor): * bindings/js/JSDOMPromise.cpp: (WebCore::DeferredPromise::DeferredPromise): (WebCore::DeferredPromise::clear): * bindings/js/JSXPathResultCustom.cpp: (WebCore::JSXPathResult::visitAdditionalChildren): * dom/EventListenerMap.cpp: (WebCore::EventListenerMap::clear): (WebCore::EventListenerMap::replace): (WebCore::EventListenerMap::add): (WebCore::EventListenerMap::remove): (WebCore::EventListenerMap::find): (WebCore::EventListenerMap::removeFirstEventListenerCreatedFromMarkup): (WebCore::EventListenerMap::copyEventListenersNotCreatedFromMarkupToTarget): (WebCore::EventListenerIterator::EventListenerIterator): * dom/EventListenerMap.h: (WebCore::EventListenerMap::lock): * dom/EventTarget.cpp: (WebCore::EventTarget::visitJSEventListeners): * dom/EventTarget.h: (WebCore::EventTarget::visitJSEventListeners): Deleted. * dom/Node.cpp: (WebCore::Node::eventTargetDataConcurrently): (WebCore::Node::ensureEventTargetData): (WebCore::Node::clearEventTargetData): * dom/Node.h: * page/MemoryRelease.cpp: (WebCore::releaseCriticalMemory): * page/cocoa/MemoryReleaseCocoa.mm: (WebCore::jettisonExpensiveObjectsOnTopLevelNavigation): (WebCore::registerMemoryReleaseNotifyCallbacks): Source/WTF: Concurrent GC should be stable enough to land enabled on X86_64 https://bugs.webkit.org/show_bug.cgi?id=164990 Reviewed by Geoffrey Garen. Adds the ability to say: auto locker = holdLock(any type of lock) Instead of having to say: Locker<LockType> locker(locks of type LockType) I think that we should use "auto locker = holdLock(lock)" as the default way that we acquire locks unless we need to use a special locker type. This also adds the ability to safepoint a lock. Safepointing a lock is basically a super fast way of unlocking it fairly and then immediately relocking it - i.e. letting anyone who is waiting to run without losing steam of there is noone waiting. * wtf/Lock.cpp: (WTF::LockBase::safepointSlow): * wtf/Lock.h: (WTF::LockBase::safepoint): * wtf/LockAlgorithm.h: (WTF::LockAlgorithm::safepointFast): (WTF::LockAlgorithm::safepoint): (WTF::LockAlgorithm::safepointSlow): * wtf/Locker.h: (WTF::AbstractLocker::AbstractLocker): (WTF::Locker::tryLock): (WTF::Locker::operator bool): (WTF::Locker::Locker): (WTF::Locker::operator=): (WTF::holdLock): (WTF::tryHoldLock): Tools: Concurrent GC should be stable enough to land enabled https://bugs.webkit.org/show_bug.cgi?id=164990 Reviewed by Geoffrey Garen. Add a new mode that runs GC continuously. Also made eager modes run GC continuously. It's clear that this works just fine in release, but I'm still trying to figure out if it's safe for debug. It might be too slow for debug. * Scripts/run-jsc-stress-tests: Canonical link: https://commits.webkit.org/183229@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209570 268f45cc-cd09-0410-ab3c-d52691b4dbfc
2016-12-08 22:14:50 +00:00
} // namespace JSC