[webkit-changes] [WebKit/WebKit] c602f3: Unreviewed, reland 264697 at main with fix

Yusuke Suzuki noreply at github.com
Wed May 31 17:45:41 PDT 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: c602f3ac37608f72f669567467708b0a97beb5c9
      https://github.com/WebKit/WebKit/commit/c602f3ac37608f72f669567467708b0a97beb5c9
  Author: Yusuke Suzuki <ysuzuki at apple.com>
  Date:   2023-05-31 (Wed, 31 May 2023)

  Changed paths:
    A JSTests/stress/global-is-nan-clobberize.js
    M Source/JavaScriptCore/builtins/DatePrototype.js
    M Source/JavaScriptCore/builtins/GlobalObject.js
    M Source/JavaScriptCore/builtins/NumberConstructor.js
    M Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h
    M Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
    M Source/JavaScriptCore/dfg/DFGClobberize.h
    M Source/JavaScriptCore/dfg/DFGDoesGC.cpp
    M Source/JavaScriptCore/dfg/DFGFixupPhase.cpp
    M Source/JavaScriptCore/dfg/DFGNodeType.h
    M Source/JavaScriptCore/dfg/DFGOperations.cpp
    M Source/JavaScriptCore/dfg/DFGOperations.h
    M Source/JavaScriptCore/dfg/DFGPredictionPropagationPhase.cpp
    M Source/JavaScriptCore/dfg/DFGSafeToExecute.h
    M Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
    M Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h
    M Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp
    M Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
    M Source/JavaScriptCore/ftl/FTLCapabilities.cpp
    M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
    M Source/JavaScriptCore/jit/ThunkGenerators.cpp
    M Source/JavaScriptCore/jit/ThunkGenerators.h
    M Source/JavaScriptCore/runtime/Intrinsic.h
    M Source/JavaScriptCore/runtime/JSGlobalObject.cpp
    M Source/JavaScriptCore/runtime/JSGlobalObjectFunctions.cpp
    M Source/JavaScriptCore/runtime/JSGlobalObjectFunctions.h
    M Source/JavaScriptCore/runtime/NumberConstructor.cpp
    M Source/JavaScriptCore/runtime/VM.cpp
    M Source/WebCore/Modules/streams/ReadableByteStreamInternals.js
    M Source/WebCore/Modules/streams/StreamInternals.js
    M Source/WebCore/Modules/streams/WritableStreamInternals.js

  Log Message:
  -----------
  Unreviewed, reland 264697 at main with fix
https://bugs.webkit.org/show_bug.cgi?id=257474
rdar://109996676

Only clobbering world when UseKind is non DoubleRepUse in AI.

* JSTests/stress/global-is-nan-clobberize.js: Added.
* Source/JavaScriptCore/builtins/DatePrototype.js:
(toLocaleString):
(toLocaleDateString):
(toLocaleTimeString):
* Source/JavaScriptCore/builtins/GlobalObject.js:
(linkTimeConstant.isFinite):
(linkTimeConstant.isNaN): Deleted.
* Source/JavaScriptCore/builtins/NumberConstructor.js:
(isFinite):
(isNaN): Deleted.
* Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
* Source/JavaScriptCore/dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* Source/JavaScriptCore/dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
* Source/JavaScriptCore/dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* Source/JavaScriptCore/dfg/DFGNodeType.h:
* Source/JavaScriptCore/dfg/DFGOperations.cpp:
(JSC::DFG::JSC_DEFINE_JIT_OPERATION):
* Source/JavaScriptCore/dfg/DFGOperations.h:
* Source/JavaScriptCore/dfg/DFGPredictionPropagationPhase.cpp:
* Source/JavaScriptCore/dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:
* Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h:
* Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* Source/JavaScriptCore/ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):
* Source/JavaScriptCore/jit/ThunkGenerators.cpp:
(JSC::globalIsNaNThunkGenerator):
(JSC::numberIsNaNThunkGenerator):
* Source/JavaScriptCore/jit/ThunkGenerators.h:
* Source/JavaScriptCore/runtime/Intrinsic.h:
* Source/JavaScriptCore/runtime/JSGlobalObject.cpp:
* Source/JavaScriptCore/runtime/JSGlobalObjectFunctions.cpp:
(JSC::JSC_DEFINE_HOST_FUNCTION):
* Source/JavaScriptCore/runtime/JSGlobalObjectFunctions.h:
* Source/JavaScriptCore/runtime/NumberConstructor.cpp:
(JSC::JSC_DEFINE_HOST_FUNCTION):
* Source/JavaScriptCore/runtime/VM.cpp:
(JSC::thunkGeneratorForIntrinsic):
* Source/WebCore/Modules/streams/ReadableByteStreamInternals.js:
(privateInitializeReadableByteStreamController):
(readableByteStreamControllerRespond):
* Source/WebCore/Modules/streams/StreamInternals.js:
(validateAndNormalizeQueuingStrategy):
(extractHighWaterMark):
* Source/WebCore/Modules/streams/WritableStreamInternals.js:
(createWritableStream):

Canonical link: https://commits.webkit.org/264768@main

More information about the webkit-changes mailing list