diff --git a/.gitignore b/.gitignore
index 631e89bc3fd6..d4a068b7606d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -66,5 +66,3 @@ __cmake_systeminformation/
# Local overrides configuration files
LocalOverrides.xcconfig
-
-/BenchmarkTemp
diff --git a/JSTests/microbenchmarks/array-prototype-indexOf-contiguous-always-slow-put.js b/JSTests/microbenchmarks/array-prototype-indexOf-contiguous-always-slow-put.js
deleted file mode 100644
index 9bb6d0788816..000000000000
--- a/JSTests/microbenchmarks/array-prototype-indexOf-contiguous-always-slow-put.js
+++ /dev/null
@@ -1,15 +0,0 @@
-const length = 100;
-
-var target = $vm.createAlwaysSlowPutContiguousObjectWithOverrides(length);
-for (var i = 0; i < length; i++)
- target[i] = {index: i};
-
-(function() {
- var {indexOf} = Array.prototype;
- var searchElement = target[50];
-
- for (var j = 0; j < 1e6; j++) {
- if (indexOf.call(target, searchElement) !== 50)
- throw new Error(`Bad assert: ${j}!`);
- }
-})();
diff --git a/JSTests/microbenchmarks/array-prototype-indexOf-contiguous.js b/JSTests/microbenchmarks/array-prototype-indexOf-contiguous.js
deleted file mode 100644
index 21d602e62fe3..000000000000
--- a/JSTests/microbenchmarks/array-prototype-indexOf-contiguous.js
+++ /dev/null
@@ -1,15 +0,0 @@
-const length = 100;
-
-var target = new Array(100);
-for (var i = 0; i < length; i++)
- target[i] = {index: i};
-
-(function() {
- var {indexOf} = Array.prototype;
- var searchElement = target[50];
-
- for (var j = 0; j < 1e6; j++) {
- if (indexOf.call(target, searchElement) !== 50)
- throw new Error(`Bad assert: ${j}!`);
- }
-})();
diff --git a/JSTests/microbenchmarks/array-prototype-slice-contiguous-always-slow-put.js b/JSTests/microbenchmarks/array-prototype-slice-contiguous-always-slow-put.js
deleted file mode 100644
index c46731ede3dc..000000000000
--- a/JSTests/microbenchmarks/array-prototype-slice-contiguous-always-slow-put.js
+++ /dev/null
@@ -1,16 +0,0 @@
-const length = 100;
-
-var target = $vm.createAlwaysSlowPutContiguousObjectWithOverrides(length);
-for (var i = 0; i < length; i++)
- target[i] = {index: i};
-
-(function() {
- var {slice} = Array.prototype;
- var lastSlice;
-
- for (var j = 0; j < 1e7; j++)
- lastSlice = slice.call(target);
-
- if (lastSlice.pop().index !== 99)
- throw new Error(`Bad assert!`);
-})();
diff --git a/JSTests/microbenchmarks/array-prototype-slice-contiguous.js b/JSTests/microbenchmarks/array-prototype-slice-contiguous.js
deleted file mode 100644
index 1222f4aee138..000000000000
--- a/JSTests/microbenchmarks/array-prototype-slice-contiguous.js
+++ /dev/null
@@ -1,16 +0,0 @@
-const length = 100;
-
-var target = new Array(length);
-for (var i = 0; i < length; i++)
- target[i] = {index: i};
-
-(function() {
- var {slice} = Array.prototype;
- var lastSlice;
-
- for (var j = 0; j < 1e7; j++)
- lastSlice = slice.call(target);
-
- if (lastSlice.pop().index !== 99)
- throw new Error(`Bad assert!`);
-})();
diff --git a/JSTests/microbenchmarks/get-by-val-contiguous-always-slow-put.js b/JSTests/microbenchmarks/get-by-val-contiguous-always-slow-put.js
deleted file mode 100644
index e7d8fc412013..000000000000
--- a/JSTests/microbenchmarks/get-by-val-contiguous-always-slow-put.js
+++ /dev/null
@@ -1,17 +0,0 @@
-const length = 100;
-
-var target = $vm.createAlwaysSlowPutContiguousObjectWithOverrides(length);
-for (var i = 0; i < length; i++)
- target[i] = {index: i};
-
-(function() {
- var el;
-
- for (var j = 0; j < 1e6; j++) {
- for (var i = 0; i < length / 2; i++)
- el = target[i];
- }
-
- if (el.index + 1 !== length / 2)
- throw new Error(`Bad assert!`);
-})();
diff --git a/JSTests/microbenchmarks/get-by-val-contiguous.js b/JSTests/microbenchmarks/get-by-val-contiguous.js
deleted file mode 100644
index e5ba0b9208eb..000000000000
--- a/JSTests/microbenchmarks/get-by-val-contiguous.js
+++ /dev/null
@@ -1,17 +0,0 @@
-const length = 100;
-
-var target = new Array(100);
-for (var i = 0; i < length; i++)
- target[i] = {index: i};
-
-(function() {
- var el;
-
- for (var j = 0; j < 1e6; j++) {
- for (var i = 0; i < length / 2; i++)
- el = target[i];
- }
-
- if (el.index + 1 !== length / 2)
- throw new Error(`Bad assert!`);
-})();
diff --git a/JSTests/stress/always-slow-put-contiguous-to-array-storage-1.js b/JSTests/stress/always-slow-put-contiguous-to-array-storage-1.js
deleted file mode 100644
index 296fb4768e04..000000000000
--- a/JSTests/stress/always-slow-put-contiguous-to-array-storage-1.js
+++ /dev/null
@@ -1,25 +0,0 @@
-function assert(x) { if (!x) throw new Error(`Bad assertion: ${x}!`); }
-
-function putByVal(target, index) { "use strict"; target[index] = {index}; }
-noInline(putByVal);
-
-const runs = 1e5;
-const length = 100;
-
-var target = $vm.createAlwaysSlowPutContiguousObjectWithOverrides(length);
-for (var i = 0; i < length; i++)
- target[i] = {index: i};
-
-(function() {
- for (var i = 0; i < runs; i++) {
- if (i === runs - 1)
- target[10000001] = 1;
-
- for (var j = 0; j < length; j++)
- putByVal(target, j);
- }
-
- assert(target.putByIndexCalls === length + (length * runs) + 1);
- assert($vm.indexingMode(target) === "NonArrayWithSlowPutArrayStorage");
- assert($vm.hasSparseModeArrayStorage(target));
-})();
diff --git a/JSTests/stress/always-slow-put-contiguous-to-array-storage-2.js b/JSTests/stress/always-slow-put-contiguous-to-array-storage-2.js
deleted file mode 100644
index 9f612576aabd..000000000000
--- a/JSTests/stress/always-slow-put-contiguous-to-array-storage-2.js
+++ /dev/null
@@ -1,25 +0,0 @@
-function assert(x) { if (!x) throw new Error(`Bad assertion: ${x}!`); }
-
-function putByVal(target, index) { "use strict"; target[index] = {index}; }
-noInline(putByVal);
-
-const runs = 1e5;
-const length = 100;
-
-var target = $vm.createAlwaysSlowPutContiguousObjectWithOverrides(length);
-for (var i = 0; i < length; i++)
- target[i] = {index: i};
-
-(function() {
- for (var i = 0; i < runs; i++) {
- if (i === runs - 1)
- Object.setPrototypeOf(target, { get 42() {}, set 42(_v) {} });
-
- for (var j = 0; j < length; j++)
- putByVal(target, j);
- }
-
- assert(target.putByIndexCalls === length + (length * runs));
- assert($vm.indexingMode(target) === "NonArrayWithSlowPutArrayStorage");
- assert($vm.hasSparseModeArrayStorage(target));
-})();
diff --git a/JSTests/stress/always-slow-put-contiguous-to-array-storage-3.js b/JSTests/stress/always-slow-put-contiguous-to-array-storage-3.js
deleted file mode 100644
index 19bd95f0491e..000000000000
--- a/JSTests/stress/always-slow-put-contiguous-to-array-storage-3.js
+++ /dev/null
@@ -1,25 +0,0 @@
-function assert(x) { if (!x) throw new Error(`Bad assertion: ${x}!`); }
-
-function putByVal(target, index) { "use strict"; target[index] = {index}; }
-noInline(putByVal);
-
-const runs = 1e5;
-const length = 100;
-
-var target = $vm.createAlwaysSlowPutContiguousObjectWithOverrides(length);
-for (var i = 0; i < length; i++)
- target[i] = {index: i};
-
-(function() {
- for (var i = 0; i < runs; i++) {
- if (i === runs - 1)
- Object.defineProperty(target, 10000001, { get() {}, set() {} });
-
- for (var j = 0; j < length; j++)
- putByVal(target, j);
- }
-
- assert(target.putByIndexCalls === length + (length * runs));
- assert($vm.indexingMode(target) === "NonArrayWithSlowPutArrayStorage");
- assert($vm.hasSparseModeArrayStorage(target));
-})();
diff --git a/JSTests/stress/always-slow-put-contiguous-to-array-storage-4.js b/JSTests/stress/always-slow-put-contiguous-to-array-storage-4.js
deleted file mode 100644
index 9a626b1aa6a6..000000000000
--- a/JSTests/stress/always-slow-put-contiguous-to-array-storage-4.js
+++ /dev/null
@@ -1,25 +0,0 @@
-function assert(x) { if (!x) throw new Error(`Bad assertion: ${x}!`); }
-
-function putByVal(target, index) { "use strict"; target[index] = {index}; }
-noInline(putByVal);
-
-const runs = 1e5;
-const length = 100;
-
-var target = $vm.createAlwaysSlowPutContiguousObjectWithOverrides(length);
-for (var i = 0; i < length; i++)
- target[i] = {index: i};
-
-(function() {
- for (var i = 0; i < runs; i++) {
- if (i === runs - 1)
- Object.defineProperty(Object.prototype, 10000001, { get() {}, set() {} });
-
- for (var j = 0; j < length; j++)
- putByVal(target, j);
- }
-
- assert(target.putByIndexCalls === length + (length * runs));
- assert($vm.indexingMode(target) === "NonArrayWithSlowPutArrayStorage");
- assert($vm.hasSparseModeArrayStorage(target));
-})();
diff --git a/JSTests/stress/array-reverse-contiguous-always-slow-put.js b/JSTests/stress/array-reverse-contiguous-always-slow-put.js
deleted file mode 100644
index e7156a338290..000000000000
--- a/JSTests/stress/array-reverse-contiguous-always-slow-put.js
+++ /dev/null
@@ -1,9 +0,0 @@
-const length = 100;
-
-var target = $vm.createAlwaysSlowPutContiguousObjectWithOverrides(length);
-for (var i = 0; i < length; i++)
- target[i] = {index: i};
-
-var reversed = Array.prototype.reverse.call(target);
-if (reversed.putByIndexCalls !== length * 2)
- throw new Error(`Bad value: ${reversed.putByIndexCalls}!`);
diff --git a/JSTests/stress/delete-by-val-always-slow-put-contiguous-tricky.js b/JSTests/stress/delete-by-val-always-slow-put-contiguous-tricky.js
deleted file mode 100644
index fa30f9cde37c..000000000000
--- a/JSTests/stress/delete-by-val-always-slow-put-contiguous-tricky.js
+++ /dev/null
@@ -1,21 +0,0 @@
-function assert(x) { if (!x) throw new Error(`Bad assertion: ${x}!`); }
-
-function deleteByVal(target, index) { "use strict"; delete target[index]; }
-noInline(deleteByVal);
-
-const runs = 1e6;
-const length = 100;
-
-var jsArrayContiguous = new Array(length);
-var alwaysSlowPutContiguous = $vm.createAlwaysSlowPutContiguousObjectWithOverrides(length);
-for (var i = 0; i < length; i++)
- jsArrayContiguous[i] = alwaysSlowPutContiguous[i] = {index: i};
-
-(function() {
- for (var i = 0; i < runs; i++) {
- for (var j = 0; j < length; j++)
- deleteByVal(i === runs - 100 ? alwaysSlowPutContiguous : jsArrayContiguous, j);
- }
-
- assert(alwaysSlowPutContiguous.deleteByIndexCalls === length);
-})();
diff --git a/JSTests/stress/for-in-always-slow-put-contiguous.js b/JSTests/stress/for-in-always-slow-put-contiguous.js
deleted file mode 100644
index 179b7ad53125..000000000000
--- a/JSTests/stress/for-in-always-slow-put-contiguous.js
+++ /dev/null
@@ -1,15 +0,0 @@
-function assert(x) { if (!x) throw new Error(`Bad assertion: ${x}!`); }
-
-const runs = 1e6;
-const length = 100;
-
-var alwaysSlowPutContiguous = $vm.createAlwaysSlowPutContiguousObjectWithOverrides(length);
-for (var i = 0; i < length; i++)
- alwaysSlowPutContiguous[i] = {index: i};
-
-(function() {
- for (var i = 0; i < runs; i++) {
- for (var j in alwaysSlowPutContiguous)
- assert(alwaysSlowPutContiguous[j].index === +j);
- }
-})();
diff --git a/JSTests/stress/get-by-val-always-slow-put-contiguous-tricky.js b/JSTests/stress/get-by-val-always-slow-put-contiguous-tricky.js
deleted file mode 100644
index 9e646d3ef5bd..000000000000
--- a/JSTests/stress/get-by-val-always-slow-put-contiguous-tricky.js
+++ /dev/null
@@ -1,19 +0,0 @@
-function assert(x) { if (!x) throw new Error(`Bad assertion: ${x}!`); }
-
-function getByVal(target, index) { return target[index]; }
-noInline(getByVal);
-
-const runs = 1e6;
-const length = 100;
-
-var jsArrayContiguous = new Array(length);
-var alwaysSlowPutContiguous = $vm.createAlwaysSlowPutContiguousObjectWithOverrides(length);
-for (var i = 0; i < length; i++)
- jsArrayContiguous[i] = alwaysSlowPutContiguous[i] = {index: i};
-
-(function() {
- for (var i = 0; i < runs; i++) {
- for (var j = 0; j < length; j++)
- assert(getByVal(i === runs - 100 ? alwaysSlowPutContiguous : jsArrayContiguous, j).index === j);
- }
-})();
diff --git a/JSTests/stress/put-by-val-always-slow-put-contiguous-tricky.js b/JSTests/stress/put-by-val-always-slow-put-contiguous-tricky.js
deleted file mode 100644
index d57d9b9629a4..000000000000
--- a/JSTests/stress/put-by-val-always-slow-put-contiguous-tricky.js
+++ /dev/null
@@ -1,21 +0,0 @@
-function assert(x) { if (!x) throw new Error(`Bad assertion: ${x}!`); }
-
-function putByVal(target, index) { "use strict"; target[index] = {index}; }
-noInline(putByVal);
-
-const runs = 1e6;
-const length = 100;
-
-var jsArrayContiguous = new Array(length);
-var alwaysSlowPutContiguous = $vm.createAlwaysSlowPutContiguousObjectWithOverrides(length);
-for (var i = 0; i < length; i++)
- jsArrayContiguous[i] = alwaysSlowPutContiguous[i] = {index: i};
-
-(function() {
- for (var i = 0; i < runs; i++) {
- for (var j = 0; j < length; j++)
- putByVal(i === runs - 100 ? alwaysSlowPutContiguous : jsArrayContiguous, j);
- }
-
- assert(alwaysSlowPutContiguous.putByIndexCalls === 2 * length);
-})();
diff --git a/LayoutTests/fast/dom/NodeList/nodelist-static-having-a-bad-time-expected.txt b/LayoutTests/fast/dom/NodeList/nodelist-static-having-a-bad-time-expected.txt
deleted file mode 100644
index 94a982211b86..000000000000
--- a/LayoutTests/fast/dom/NodeList/nodelist-static-having-a-bad-time-expected.txt
+++ /dev/null
@@ -1,10 +0,0 @@
-This tests that static NodeList is created with appropriate indexing type when global object is having a bad time.
-
-On success, you will see a series of "PASS" messages, followed by "TEST COMPLETE".
-
-
-PASS setterCalls is 1
-PASS successfullyParsed is true
-
-TEST COMPLETE
-
diff --git a/LayoutTests/fast/dom/NodeList/nodelist-static-having-a-bad-time.html b/LayoutTests/fast/dom/NodeList/nodelist-static-having-a-bad-time.html
deleted file mode 100644
index 41ea5a19df6d..000000000000
--- a/LayoutTests/fast/dom/NodeList/nodelist-static-having-a-bad-time.html
+++ /dev/null
@@ -1,23 +0,0 @@
-
-
-
-
-
-
-
-
-
diff --git a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-1-expected.txt b/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-1-expected.txt
deleted file mode 100644
index d9f24a25db70..000000000000
--- a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-1-expected.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-
-PASS NodeList (static collection) "length" getter tampered
-
diff --git a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-1.html b/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-1.html
deleted file mode 100644
index a47c40945aaa..000000000000
--- a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-1.html
+++ /dev/null
@@ -1,21 +0,0 @@
-
-
-NodeList (static collection) "length" getter tampered
-
-
-
-
-
-
-
diff --git a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-2-expected.txt b/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-2-expected.txt
deleted file mode 100644
index d9f24a25db70..000000000000
--- a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-2-expected.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-
-PASS NodeList (static collection) "length" getter tampered
-
diff --git a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-2.html b/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-2.html
deleted file mode 100644
index 81931a304c34..000000000000
--- a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-2.html
+++ /dev/null
@@ -1,21 +0,0 @@
-
-
-NodeList (static collection) "length" getter tampered
-
-
-
-
-
-
-
diff --git a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-3-expected.txt b/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-3-expected.txt
deleted file mode 100644
index d9f24a25db70..000000000000
--- a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-3-expected.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-
-PASS NodeList (static collection) "length" getter tampered
-
diff --git a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-3.html b/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-3.html
deleted file mode 100644
index c8407419c7bf..000000000000
--- a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-3.html
+++ /dev/null
@@ -1,21 +0,0 @@
-
-
-NodeList (static collection) "length" getter tampered
-
-
-
-
-
-
-
diff --git a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-1-expected.txt b/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-1-expected.txt
deleted file mode 100644
index 085aa797b181..000000000000
--- a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-1-expected.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-
-PASS NodeList (static collection) "length" getter tampered (Array.prototype.indexOf)
-
diff --git a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-1.html b/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-1.html
deleted file mode 100644
index fb5067b79d4c..000000000000
--- a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-1.html
+++ /dev/null
@@ -1,21 +0,0 @@
-
-
-NodeList (static collection) "length" getter tampered (Array.prototype.indexOf)
-
-
-
-
-
-
-
diff --git a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-2-expected.txt b/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-2-expected.txt
deleted file mode 100644
index 085aa797b181..000000000000
--- a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-2-expected.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-
-PASS NodeList (static collection) "length" getter tampered (Array.prototype.indexOf)
-
diff --git a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-2.html b/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-2.html
deleted file mode 100644
index 38f6f9be30d9..000000000000
--- a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-2.html
+++ /dev/null
@@ -1,21 +0,0 @@
-
-
-NodeList (static collection) "length" getter tampered (Array.prototype.indexOf)
-
-
-
-
-
-
-
diff --git a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-3-expected.txt b/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-3-expected.txt
deleted file mode 100644
index 085aa797b181..000000000000
--- a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-3-expected.txt
+++ /dev/null
@@ -1,3 +0,0 @@
-
-PASS NodeList (static collection) "length" getter tampered (Array.prototype.indexOf)
-
diff --git a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-3.html b/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-3.html
deleted file mode 100644
index f45d903a665d..000000000000
--- a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/NodeList-static-length-getter-tampered-indexOf-3.html
+++ /dev/null
@@ -1,21 +0,0 @@
-
-
-NodeList (static collection) "length" getter tampered (Array.prototype.indexOf)
-
-
-
-
-
-
-
diff --git a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/support/NodeList-static-length-tampered.js b/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/support/NodeList-static-length-tampered.js
deleted file mode 100644
index 51167e2ddcc9..000000000000
--- a/LayoutTests/imported/w3c/web-platform-tests/dom/nodes/support/NodeList-static-length-tampered.js
+++ /dev/null
@@ -1,46 +0,0 @@
-"use strict";
-
-function makeStaticNodeList(length) {
- const fooRoot = document.createElement("div");
-
- for (var i = 0; i < length; i++) {
- const el = document.createElement("span");
- el.className = "foo";
- fooRoot.append(el);
- }
-
- document.body.append(fooRoot);
- return fooRoot.querySelectorAll(".foo");
-}
-
-const indexOfNodeList = new Function("nodeList", `
- const __cacheBust = ${Math.random()};
-
- const el = nodeList[50];
-
- let index = -1;
-
- for (var i = 0; i < 1e5 / 2; i++) {
- for (var j = 0; j < nodeList.length; j++) {
- if (nodeList[j] === el) {
- index = j;
- break;
- }
- }
- }
-
- return index;
-`);
-
-const arrayIndexOfNodeList = new Function("nodeList", `
- const __cacheBust = ${Math.random()};
-
- const el = nodeList[50];
- const {indexOf} = Array.prototype;
-
- for (var i = 0; i < 1e5; i++) {
- var index = indexOf.call(nodeList, el);
- }
-
- return index;
-`);
diff --git a/Source/JavaScriptCore/CMakeLists.txt b/Source/JavaScriptCore/CMakeLists.txt
index b6f5d1fd5820..c2e1cda64b28 100644
--- a/Source/JavaScriptCore/CMakeLists.txt
+++ b/Source/JavaScriptCore/CMakeLists.txt
@@ -618,7 +618,6 @@ set(JavaScriptCore_PRIVATE_FRAMEWORK_HEADERS
builtins/BuiltinNames.h
builtins/BuiltinUtils.h
- bytecode/AdaptiveInferredPropertyValueWatchpointBase.h
bytecode/ArithProfile.h
bytecode/ArrayAllocationProfile.h
bytecode/ArrayProfile.h
@@ -1133,7 +1132,6 @@ set(JavaScriptCore_PRIVATE_FRAMEWORK_HEADERS
runtime/NumericStrings.h
runtime/ObjectConstructor.h
runtime/ObjectInitializationScope.h
- runtime/ObjectPropertyChangeAdaptiveWatchpoint.h
runtime/ObjectPrototype.h
runtime/Operations.h
runtime/Options.h
diff --git a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj b/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
index d36c96adbc7d..b257bd8dc697 100644
--- a/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
+++ b/Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
@@ -1090,7 +1090,7 @@
536B319C1F735E7D0037FC33 /* UnifiedSource134.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 536B31971F735E5B0037FC33 /* UnifiedSource134.cpp */; };
536B319D1F735E7D0037FC33 /* UnifiedSource135.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 536B31991F735E5D0037FC33 /* UnifiedSource135.cpp */; };
5370806B1FE232DF00299E44 /* JSArrayBufferView.h in Headers */ = {isa = PBXBuildFile; fileRef = 0F2B66BB17B6B5AB00A7AE3F /* JSArrayBufferView.h */; };
- 5370B4F61BF26205005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.h in Headers */ = {isa = PBXBuildFile; fileRef = 5370B4F41BF25EA2005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.h */; settings = {ATTRIBUTES = (Private, ); }; };
+ 5370B4F61BF26205005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.h in Headers */ = {isa = PBXBuildFile; fileRef = 5370B4F41BF25EA2005C40FC /* AdaptiveInferredPropertyValueWatchpointBase.h */; };
537FEEC92742BDA300C9EFEE /* StructureID.h in Headers */ = {isa = PBXBuildFile; fileRef = 537FEEC82742BDA300C9EFEE /* StructureID.h */; settings = {ATTRIBUTES = (Private, ); }; };
537FEED02742BDE100C9EFEE /* StructureAlignedMemoryAllocator.h in Headers */ = {isa = PBXBuildFile; fileRef = 537FEECC2742BDE000C9EFEE /* StructureAlignedMemoryAllocator.h */; };
5381B9391E60E97D0090F794 /* WasmFaultSignalHandler.h in Headers */ = {isa = PBXBuildFile; fileRef = 5381B9381E60E97D0090F794 /* WasmFaultSignalHandler.h */; settings = {ATTRIBUTES = (Private, ); }; };
@@ -2011,7 +2011,7 @@
E3BF3C532390D205008BC752 /* WebAssemblyGlobalConstructor.h in Headers */ = {isa = PBXBuildFile; fileRef = E3BF3C512390D1FC008BC752 /* WebAssemblyGlobalConstructor.h */; };
E3BFA5D021E853A1009C0EBA /* DFGDesiredGlobalProperty.h in Headers */ = {isa = PBXBuildFile; fileRef = E3BFA5CD21E853A1009C0EBA /* DFGDesiredGlobalProperty.h */; };
E3BFD0BC1DAF808E0065DEA2 /* AccessCaseSnippetParams.h in Headers */ = {isa = PBXBuildFile; fileRef = E3BFD0BA1DAF807C0065DEA2 /* AccessCaseSnippetParams.h */; };
- E3C295DD1ED2CBDA00D3016F /* ObjectPropertyChangeAdaptiveWatchpoint.h in Headers */ = {isa = PBXBuildFile; fileRef = E3C295DC1ED2CBAA00D3016F /* ObjectPropertyChangeAdaptiveWatchpoint.h */; settings = {ATTRIBUTES = (Private, ); }; };
+ E3C295DD1ED2CBDA00D3016F /* ObjectPropertyChangeAdaptiveWatchpoint.h in Headers */ = {isa = PBXBuildFile; fileRef = E3C295DC1ED2CBAA00D3016F /* ObjectPropertyChangeAdaptiveWatchpoint.h */; };
E3C4131D289E08EA001150F8 /* SyntheticModuleRecord.h in Headers */ = {isa = PBXBuildFile; fileRef = E3C4131C289E08E5001150F8 /* SyntheticModuleRecord.h */; settings = {ATTRIBUTES = (Private, ); }; };
E3C694B323026877006FBE42 /* WasmOSREntryData.h in Headers */ = {isa = PBXBuildFile; fileRef = E3C694B123026873006FBE42 /* WasmOSREntryData.h */; settings = {ATTRIBUTES = (Private, ); }; };
E3C73A9125BFA73B00EFE303 /* WasmStreamingPlan.h in Headers */ = {isa = PBXBuildFile; fileRef = E3C73A9025BFA73400EFE303 /* WasmStreamingPlan.h */; };
diff --git a/Source/JavaScriptCore/bytecode/AccessCase.cpp b/Source/JavaScriptCore/bytecode/AccessCase.cpp
index 4344c517d5c1..b141ec72cf42 100644
--- a/Source/JavaScriptCore/bytecode/AccessCase.cpp
+++ b/Source/JavaScriptCore/bytecode/AccessCase.cpp
@@ -86,7 +86,6 @@ Ref AccessCase::create(VM& vm, JSCell* owner, AccessType type, Cache
case IndexedInt32Load:
case IndexedDoubleLoad:
case IndexedContiguousLoad:
- case IndexedAlwaysSlowPutContiguousLoad:
case IndexedArrayStorageLoad:
case IndexedScopedArgumentsLoad:
case IndexedDirectArgumentsLoad:
@@ -308,7 +307,6 @@ bool AccessCase::guardedByStructureCheckSkippingConstantIdentifierCheck() const
case IndexedInt32Load:
case IndexedDoubleLoad:
case IndexedContiguousLoad:
- case IndexedAlwaysSlowPutContiguousLoad:
case IndexedArrayStorageLoad:
case IndexedScopedArgumentsLoad:
case IndexedDirectArgumentsLoad:
@@ -377,7 +375,6 @@ bool AccessCase::requiresIdentifierNameMatch() const
case IndexedInt32Load:
case IndexedDoubleLoad:
case IndexedContiguousLoad:
- case IndexedAlwaysSlowPutContiguousLoad:
case IndexedArrayStorageLoad:
case IndexedScopedArgumentsLoad:
case IndexedDirectArgumentsLoad:
@@ -444,7 +441,6 @@ bool AccessCase::requiresInt32PropertyCheck() const
case IndexedInt32Load:
case IndexedDoubleLoad:
case IndexedContiguousLoad:
- case IndexedAlwaysSlowPutContiguousLoad:
case IndexedArrayStorageLoad:
case IndexedScopedArgumentsLoad:
case IndexedDirectArgumentsLoad:
@@ -508,7 +504,6 @@ bool AccessCase::needsScratchFPR() const
case InstanceOfGeneric:
case IndexedInt32Load:
case IndexedContiguousLoad:
- case IndexedAlwaysSlowPutContiguousLoad:
case IndexedArrayStorageLoad:
case IndexedScopedArgumentsLoad:
case IndexedDirectArgumentsLoad:
@@ -612,7 +607,6 @@ void AccessCase::forEachDependentCell(VM&, const Functor& functor) const
case IndexedInt32Load:
case IndexedDoubleLoad:
case IndexedContiguousLoad:
- case IndexedAlwaysSlowPutContiguousLoad:
case IndexedArrayStorageLoad:
case IndexedScopedArgumentsLoad:
case IndexedDirectArgumentsLoad:
@@ -681,7 +675,6 @@ bool AccessCase::doesCalls(VM& vm, Vector* cellsToMarkIfDoesCalls) cons
case IndexedInt32Load:
case IndexedDoubleLoad:
case IndexedContiguousLoad:
- case IndexedAlwaysSlowPutContiguousLoad:
case IndexedArrayStorageLoad:
case IndexedScopedArgumentsLoad:
case IndexedDirectArgumentsLoad:
@@ -773,7 +766,6 @@ bool AccessCase::canReplace(const AccessCase& other) const
case IndexedInt32Load:
case IndexedDoubleLoad:
case IndexedContiguousLoad:
- case IndexedAlwaysSlowPutContiguousLoad:
case IndexedArrayStorageLoad:
case ArrayLength:
case StringLength:
@@ -1348,7 +1340,6 @@ void AccessCase::generateWithGuard(
case IndexedInt32Load:
case IndexedDoubleLoad:
case IndexedContiguousLoad:
- case IndexedAlwaysSlowPutContiguousLoad:
case IndexedArrayStorageLoad: {
ASSERT(!viaProxy());
// This code is written such that the result could alias with the base or the property.
@@ -1403,9 +1394,6 @@ void AccessCase::generateWithGuard(
case IndexedContiguousLoad:
expectedShape = ContiguousShape;
break;
- case IndexedAlwaysSlowPutContiguousLoad:
- expectedShape = AlwaysSlowPutContiguousShape;
- break;
default:
RELEASE_ASSERT_NOT_REACHED();
break;
@@ -2549,7 +2537,6 @@ void AccessCase::generateImpl(AccessGenerationState& state)
case IndexedInt32Load:
case IndexedDoubleLoad:
case IndexedContiguousLoad:
- case IndexedAlwaysSlowPutContiguousLoad:
case IndexedArrayStorageLoad:
case IndexedScopedArgumentsLoad:
case IndexedDirectArgumentsLoad:
@@ -2675,7 +2662,6 @@ bool AccessCase::canBeShared(const AccessCase& lhs, const AccessCase& rhs)
case IndexedInt32Load:
case IndexedDoubleLoad:
case IndexedContiguousLoad:
- case IndexedAlwaysSlowPutContiguousLoad:
case IndexedArrayStorageLoad:
case IndexedScopedArgumentsLoad:
case IndexedDirectArgumentsLoad:
diff --git a/Source/JavaScriptCore/bytecode/AccessCase.h b/Source/JavaScriptCore/bytecode/AccessCase.h
index c00001782e4c..4c16ab75d85b 100644
--- a/Source/JavaScriptCore/bytecode/AccessCase.h
+++ b/Source/JavaScriptCore/bytecode/AccessCase.h
@@ -116,7 +116,6 @@ class AccessCase : public ThreadSafeRefCounted {
IndexedInt32Load,
IndexedDoubleLoad,
IndexedContiguousLoad,
- IndexedAlwaysSlowPutContiguousLoad,
IndexedArrayStorageLoad,
IndexedScopedArgumentsLoad,
IndexedDirectArgumentsLoad,
diff --git a/Source/JavaScriptCore/bytecode/AdaptiveInferredPropertyValueWatchpointBase.cpp b/Source/JavaScriptCore/bytecode/AdaptiveInferredPropertyValueWatchpointBase.cpp
index b4509d355801..b53edfb178ee 100644
--- a/Source/JavaScriptCore/bytecode/AdaptiveInferredPropertyValueWatchpointBase.cpp
+++ b/Source/JavaScriptCore/bytecode/AdaptiveInferredPropertyValueWatchpointBase.cpp
@@ -36,8 +36,6 @@ AdaptiveInferredPropertyValueWatchpointBase::AdaptiveInferredPropertyValueWatchp
RELEASE_ASSERT(key.kind() == PropertyCondition::Equivalence);
}
-AdaptiveInferredPropertyValueWatchpointBase::~AdaptiveInferredPropertyValueWatchpointBase() = default;
-
void AdaptiveInferredPropertyValueWatchpointBase::initialize(const ObjectPropertyCondition& key)
{
m_key = key;
diff --git a/Source/JavaScriptCore/bytecode/AdaptiveInferredPropertyValueWatchpointBase.h b/Source/JavaScriptCore/bytecode/AdaptiveInferredPropertyValueWatchpointBase.h
index 34ea32065306..0a9ebad8d964 100644
--- a/Source/JavaScriptCore/bytecode/AdaptiveInferredPropertyValueWatchpointBase.h
+++ b/Source/JavaScriptCore/bytecode/AdaptiveInferredPropertyValueWatchpointBase.h
@@ -34,7 +34,7 @@ namespace JSC {
// FIXME: This isn't actually a Watchpoint. We should probably have a name which better reflects that:
// https://bugs.webkit.org/show_bug.cgi?id=202381
-class JS_EXPORT_PRIVATE AdaptiveInferredPropertyValueWatchpointBase {
+class AdaptiveInferredPropertyValueWatchpointBase {
WTF_MAKE_NONCOPYABLE(AdaptiveInferredPropertyValueWatchpointBase);
WTF_MAKE_FAST_ALLOCATED;
@@ -47,7 +47,7 @@ class JS_EXPORT_PRIVATE AdaptiveInferredPropertyValueWatchpointBase {
void initialize(const ObjectPropertyCondition&);
void install(VM&);
- virtual ~AdaptiveInferredPropertyValueWatchpointBase();
+ virtual ~AdaptiveInferredPropertyValueWatchpointBase() = default;
class StructureWatchpoint final : public Watchpoint {
public:
diff --git a/Source/JavaScriptCore/bytecode/ArrayProfile.cpp b/Source/JavaScriptCore/bytecode/ArrayProfile.cpp
index 8c7ddb351954..53e1c06b790c 100644
--- a/Source/JavaScriptCore/bytecode/ArrayProfile.cpp
+++ b/Source/JavaScriptCore/bytecode/ArrayProfile.cpp
@@ -69,8 +69,6 @@ void dumpArrayModes(PrintStream& out, ArrayModes arrayModes)
out.print(comma, "NonArrayWithDouble");
if (arrayModes & asArrayModesIgnoringTypedArrays(NonArrayWithContiguous))
out.print(comma, "NonArrayWithContiguous");
- if (arrayModes & asArrayModesIgnoringTypedArrays(NonArrayWithAlwaysSlowPutContiguous))
- out.print(comma, "NonArrayWithAlwaysSlowPutContiguous");
if (arrayModes & asArrayModesIgnoringTypedArrays(NonArrayWithArrayStorage))
out.print(comma, "NonArrayWithArrayStorage");
if (arrayModes & asArrayModesIgnoringTypedArrays(NonArrayWithSlowPutArrayStorage))
@@ -144,8 +142,7 @@ void ArrayProfile::computeUpdatedPrediction(const ConcurrentJSLocker&, CodeBlock
lastSeenStructure->typeInfo().interceptsGetOwnPropertySlotByIndexEvenWhenLengthIsNotZero();
JSGlobalObject* globalObject = codeBlock->globalObject();
if (!globalObject->isOriginalArrayStructure(lastSeenStructure)
- && !globalObject->isOriginalTypedArrayStructure(lastSeenStructure)
- && !(hasAlwaysSlowPutContiguous(lastSeenStructure->indexingMode()) && globalObject->isOriginalSlowPutContigiousStructure(lastSeenStructure)))
+ && !globalObject->isOriginalTypedArrayStructure(lastSeenStructure))
m_usesOriginalArrayStructures = false;
}
diff --git a/Source/JavaScriptCore/bytecode/ArrayProfile.h b/Source/JavaScriptCore/bytecode/ArrayProfile.h
index c6422af322c6..a556c22f379f 100644
--- a/Source/JavaScriptCore/bytecode/ArrayProfile.h
+++ b/Source/JavaScriptCore/bytecode/ArrayProfile.h
@@ -86,7 +86,6 @@ constexpr ArrayModes asArrayModesIgnoringTypedArrays(IndexingType indexingMode)
| asArrayModesIgnoringTypedArrays(NonArrayWithInt32) \
| asArrayModesIgnoringTypedArrays(NonArrayWithDouble) \
| asArrayModesIgnoringTypedArrays(NonArrayWithContiguous) \
- | asArrayModesIgnoringTypedArrays(NonArrayWithAlwaysSlowPutContiguous) \
| asArrayModesIgnoringTypedArrays(NonArrayWithArrayStorage) \
| asArrayModesIgnoringTypedArrays(NonArrayWithSlowPutArrayStorage) \
| ALL_TYPED_ARRAY_MODES)
@@ -165,11 +164,6 @@ inline bool shouldUseContiguous(ArrayModes arrayModes)
return arrayModesIncludeIgnoringTypedArrays(arrayModes, ContiguousShape);
}
-inline bool shouldUseAlwaysSlowPutContiguous(ArrayModes arrayModes)
-{
- return arrayModesIncludeIgnoringTypedArrays(arrayModes, AlwaysSlowPutContiguousShape);
-}
-
inline bool shouldUseDouble(ArrayModes arrayModes)
{
return arrayModesIncludeIgnoringTypedArrays(arrayModes, DoubleShape);
diff --git a/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp b/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp
index bafbb96fc8e1..3776d6c06f41 100644
--- a/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp
+++ b/Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp
@@ -984,9 +984,6 @@ void printInternal(PrintStream& out, AccessCase::AccessType type)
case AccessCase::IndexedContiguousLoad:
out.print("IndexedContiguousLoad");
return;
- case AccessCase::IndexedAlwaysSlowPutContiguousLoad:
- out.print("IndexedAlwaysSlowPutContiguousLoad");
- return;
case AccessCase::IndexedArrayStorageLoad:
out.print("IndexedArrayStorageLoad");
return;
diff --git a/Source/JavaScriptCore/bytecode/Repatch.cpp b/Source/JavaScriptCore/bytecode/Repatch.cpp
index e096b8ab39ae..28a387f408c0 100644
--- a/Source/JavaScriptCore/bytecode/Repatch.cpp
+++ b/Source/JavaScriptCore/bytecode/Repatch.cpp
@@ -664,9 +664,6 @@ static InlineCacheAction tryCacheArrayGetByVal(JSGlobalObject* globalObject, Cod
case ContiguousShape:
accessType = AccessCase::IndexedContiguousLoad;
break;
- case AlwaysSlowPutContiguousShape:
- accessType = AccessCase::IndexedAlwaysSlowPutContiguousLoad;
- break;
case ArrayStorageShape:
accessType = AccessCase::IndexedArrayStorageLoad;
break;
diff --git a/Source/JavaScriptCore/bytecode/Watchpoint.cpp b/Source/JavaScriptCore/bytecode/Watchpoint.cpp
index 26b142f3b86b..01e0a76a7a84 100644
--- a/Source/JavaScriptCore/bytecode/Watchpoint.cpp
+++ b/Source/JavaScriptCore/bytecode/Watchpoint.cpp
@@ -43,8 +43,6 @@ namespace JSC {
DEFINE_ALLOCATOR_WITH_HEAP_IDENTIFIER(Watchpoint);
DEFINE_ALLOCATOR_WITH_HEAP_IDENTIFIER(WatchpointSet);
-FireDetail::~FireDetail() = default;
-
void StringFireDetail::dump(PrintStream& out) const
{
out.print(m_string);
diff --git a/Source/JavaScriptCore/bytecode/Watchpoint.h b/Source/JavaScriptCore/bytecode/Watchpoint.h
index 54c811398e8e..352680dcabc9 100644
--- a/Source/JavaScriptCore/bytecode/Watchpoint.h
+++ b/Source/JavaScriptCore/bytecode/Watchpoint.h
@@ -42,16 +42,16 @@ struct ArrayBufferViewWatchpointAdaptor;
class VM;
-class JS_EXPORT_PRIVATE FireDetail {
+class FireDetail {
void* operator new(size_t) = delete;
public:
FireDetail() = default;
- virtual ~FireDetail();
+ virtual ~FireDetail() = default;
virtual void dump(PrintStream&) const = 0;
};
-class JS_EXPORT_PRIVATE StringFireDetail final : public FireDetail {
+class StringFireDetail final : public FireDetail {
public:
StringFireDetail(const char* string)
: m_string(string)
@@ -153,7 +153,7 @@ class Watchpoint : public PackedRawSentinelNode {
{ }
protected:
- JS_EXPORT_PRIVATE ~Watchpoint();
+ ~Watchpoint();
private:
friend class WatchpointSet;
diff --git a/Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h b/Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h
index f7a91b971531..a10ac094af13 100644
--- a/Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h
+++ b/Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h
@@ -2316,7 +2316,6 @@ bool AbstractInterpreter::executeEffects(unsigned clobberLimi
case Array::Int32:
case Array::Double:
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
case Array::ArrayStorage:
case Array::SlowPutArrayStorage:
if (foldGetByValOnConstantProperty(m_graph.child(node, 0), m_graph.child(node, 1))) {
@@ -2446,7 +2445,6 @@ bool AbstractInterpreter::executeEffects(unsigned clobberLimi
setNonCellTypeForNode(node, SpecDoubleReal);
break;
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
case Array::ArrayStorage:
case Array::SlowPutArrayStorage:
if (node->arrayMode().isEffectfulOutOfBounds())
@@ -3702,7 +3700,6 @@ bool AbstractInterpreter::executeEffects(unsigned clobberLimi
case Array::Int32:
case Array::Double:
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
case Array::Undecided:
case Array::ArrayStorage:
case Array::SlowPutArrayStorage:
@@ -4302,7 +4299,6 @@ bool AbstractInterpreter::executeEffects(unsigned clobberLimi
case Array::Int32:
case Array::Double:
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
case Array::ArrayStorage: {
if (mode.isInBounds())
break;
@@ -4334,7 +4330,6 @@ bool AbstractInterpreter::executeEffects(unsigned clobberLimi
case Array::Int32:
case Array::Double:
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
case Array::ArrayStorage: {
if (arrayMode.isInBounds())
break;
diff --git a/Source/JavaScriptCore/dfg/DFGArrayMode.cpp b/Source/JavaScriptCore/dfg/DFGArrayMode.cpp
index 33917a63b918..961ca4446e0a 100644
--- a/Source/JavaScriptCore/dfg/DFGArrayMode.cpp
+++ b/Source/JavaScriptCore/dfg/DFGArrayMode.cpp
@@ -112,9 +112,6 @@ ArrayMode ArrayMode::fromObserved(const ConcurrentJSLocker& locker, ArrayProfile
case asArrayModesIgnoringTypedArrays(NonArrayWithContiguous) | asArrayModesIgnoringTypedArrays(ArrayWithContiguous) | asArrayModesIgnoringTypedArrays(CopyOnWriteArrayWithContiguous):
return handleContiguousModes(Array::Contiguous, observed);
- case asArrayModesIgnoringTypedArrays(NonArrayWithAlwaysSlowPutContiguous):
- return handleContiguousModes(Array::AlwaysSlowPutContiguous, observed);
-
case asArrayModesIgnoringTypedArrays(NonArrayWithArrayStorage):
return ArrayMode(Array::ArrayStorage, nonArray, Array::AsIs, action).withProfile(locker, profile, makeSafe);
case asArrayModesIgnoringTypedArrays(NonArrayWithSlowPutArrayStorage):
@@ -174,8 +171,6 @@ ArrayMode ArrayMode::fromObserved(const ConcurrentJSLocker& locker, ArrayProfile
type = Array::Double;
else if (shouldUseInt32(observed))
type = Array::Int32;
- else if (shouldUseAlwaysSlowPutContiguous(observed))
- type = Array::AlwaysSlowPutContiguous;
else
type = Array::SelectUsingArguments;
@@ -384,7 +379,7 @@ ArrayMode ArrayMode::refine(
}
}
-StructureSet ArrayMode::originalArrayStructureSet(Graph& graph, const CodeOrigin& codeOrigin) const
+Structure* ArrayMode::originalArrayStructure(Graph& graph, const CodeOrigin& codeOrigin) const
{
JSGlobalObject* globalObject = graph.globalObjectFor(codeOrigin);
@@ -400,7 +395,7 @@ StructureSet ArrayMode::originalArrayStructureSet(Graph& graph, const CodeOrigin
return globalObject->originalArrayStructureForIndexingType(CopyOnWriteArrayWithContiguous);
default:
CRASH();
- return { };
+ return nullptr;
}
}
FALLTHROUGH;
@@ -420,30 +415,26 @@ StructureSet ArrayMode::originalArrayStructureSet(Graph& graph, const CodeOrigin
return globalObject->originalArrayStructureForIndexingType(ArrayWithArrayStorage);
default:
CRASH();
- return { };
+ return nullptr;
}
}
case Array::OriginalNonArray: {
TypedArrayType type = typedArrayType();
- if (type == NotTypedArray) {
- if (this->type() == Array::AlwaysSlowPutContiguous)
- return globalObject->originalAlwaysSlowPutContiguousStructureSet();
-
- return { };
- }
+ if (type == NotTypedArray)
+ return nullptr;
return globalObject->typedArrayStructureConcurrently(type);
}
default:
- return { };
+ return nullptr;
}
}
-StructureSet ArrayMode::originalArrayStructureSet(Graph& graph, Node* node) const
+Structure* ArrayMode::originalArrayStructure(Graph& graph, Node* node) const
{
- return originalArrayStructureSet(graph, node->origin.semantic);
+ return originalArrayStructure(graph, node->origin.semantic);
}
bool ArrayMode::alreadyChecked(Graph& graph, Node* node, const AbstractValue& value, IndexingType shape) const
@@ -470,17 +461,7 @@ bool ArrayMode::alreadyChecked(Graph& graph, Node* node, const AbstractValue& va
// Array::OriginalNonArray can be shown when the value is a TypedArray with original structure.
// But here, we already filtered TypedArrays. So, just handle it like a NonArray.
- case Array::OriginalNonArray: {
- if (type() == Array::AlwaysSlowPutContiguous) {
- if (!value.m_structure.isFinite())
- return false;
- JSGlobalObject* globalObject = graph.globalObjectFor(node->origin.semantic);
- return value.m_structure.toStructureSet().isSubsetOf(globalObject->originalAlwaysSlowPutContiguousStructureSet());
- }
-
- FALLTHROUGH;
- }
-
+ case Array::OriginalNonArray:
case Array::NonArray: {
if (arrayModesAlreadyChecked(value.m_arrayModes, asArrayModesIgnoringTypedArrays(shape)))
return true;
@@ -513,7 +494,10 @@ bool ArrayMode::alreadyChecked(Graph& graph, Node* node, const AbstractValue& va
case Array::OriginalCopyOnWriteArray: {
if (!value.m_structure.isFinite())
return false;
- return value.m_structure.toStructureSet().isSubsetOf(originalArrayStructureSet(graph, node));
+ Structure* originalStructure = originalArrayStructure(graph, node);
+ if (value.m_structure.size() != 1)
+ return false;
+ return value.m_structure.onlyStructure().get() == originalStructure;
}
}
return false;
@@ -539,9 +523,6 @@ bool ArrayMode::alreadyChecked(Graph& graph, Node* node, const AbstractValue& va
case Array::Contiguous:
return alreadyChecked(graph, node, value, ContiguousShape);
-
- case Array::AlwaysSlowPutContiguous:
- return alreadyChecked(graph, node, value, AlwaysSlowPutContiguousShape);
case Array::ArrayStorage:
return alreadyChecked(graph, node, value, ArrayStorageShape);
@@ -693,8 +674,6 @@ const char* arrayTypeToString(Array::Type type)
return "Double";
case Array::Contiguous:
return "Contiguous";
- case Array::AlwaysSlowPutContiguous:
- return "AlwaysSlowPutContiguous";
case Array::ArrayStorage:
return "ArrayStorage";
case Array::SlowPutArrayStorage:
@@ -795,8 +774,6 @@ IndexingType toIndexingShape(Array::Type type)
return DoubleShape;
case Array::Contiguous:
return ContiguousShape;
- case Array::AlwaysSlowPutContiguous:
- return AlwaysSlowPutContiguousShape;
case Array::Undecided:
return UndecidedShape;
case Array::ArrayStorage:
@@ -890,7 +867,6 @@ bool permitsBoundsCheckLowering(Array::Type type)
case Array::Int32:
case Array::Double:
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
case Array::ArrayStorage:
case Array::SlowPutArrayStorage:
case Array::Int8Array:
diff --git a/Source/JavaScriptCore/dfg/DFGArrayMode.h b/Source/JavaScriptCore/dfg/DFGArrayMode.h
index 9af2df6bcc75..df75c7890d64 100644
--- a/Source/JavaScriptCore/dfg/DFGArrayMode.h
+++ b/Source/JavaScriptCore/dfg/DFGArrayMode.h
@@ -29,7 +29,6 @@
#include "ArrayProfile.h"
#include "SpeculatedType.h"
-#include "StructureSet.h"
namespace JSC {
@@ -62,7 +61,6 @@ enum Type : uint8_t {
Int32,
Double,
Contiguous,
- AlwaysSlowPutContiguous,
ArrayStorage,
SlowPutArrayStorage,
@@ -266,7 +264,6 @@ class ArrayMode {
case Array::Int32:
case Array::Double:
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
case Array::ArrayStorage:
case Array::SlowPutArrayStorage:
return true;
@@ -335,12 +332,7 @@ class ArrayMode {
bool isSlowPut() const
{
- return type() == Array::SlowPutArrayStorage || type() == Array::AlwaysSlowPutContiguous;
- }
-
- bool isAnyKindOfContiguous() const
- {
- return type() == Array::Contiguous || type() == Array::AlwaysSlowPutContiguous;
+ return type() == Array::SlowPutArrayStorage;
}
bool canCSEStorage() const
@@ -367,7 +359,6 @@ class ArrayMode {
case Array::Int32:
case Array::Double:
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
case Array::ArrayStorage:
case Array::SlowPutArrayStorage:
return true;
@@ -382,7 +373,6 @@ class ArrayMode {
case Array::String:
case Array::DirectArguments:
case Array::ScopedArguments:
- case Array::AlwaysSlowPutContiguous:
return ArrayMode(Array::Generic);
default:
return *this;
@@ -410,7 +400,6 @@ class ArrayMode {
case Array::Unprofiled:
case Array::ForceExit:
case Array::Generic:
- case Array::AlwaysSlowPutContiguous:
// TypedArrays do not have a self length property as of ES6.
case Array::Int8Array:
case Array::Int16Array:
@@ -451,9 +440,9 @@ class ArrayMode {
}
}
- // Returns empty set if this is not original array.
- StructureSet originalArrayStructureSet(Graph&, const CodeOrigin&) const;
- StructureSet originalArrayStructureSet(Graph&, Node*) const;
+ // Returns 0 if this is not OriginalArray.
+ Structure* originalArrayStructure(Graph&, const CodeOrigin&) const;
+ Structure* originalArrayStructure(Graph&, Node*) const;
bool doesConversion() const
{
@@ -482,9 +471,6 @@ class ArrayMode {
case Array::Contiguous:
result = arrayModesWithIndexingShapes(ContiguousShape);
break;
- case Array::AlwaysSlowPutContiguous:
- result = arrayModesWithIndexingShapes(AlwaysSlowPutContiguousShape);
- break;
case Array::ArrayStorage:
return arrayModesWithIndexingShapes(ArrayStorageShape);
case Array::SlowPutArrayStorage:
diff --git a/Source/JavaScriptCore/dfg/DFGArrayifySlowPathGenerator.h b/Source/JavaScriptCore/dfg/DFGArrayifySlowPathGenerator.h
index a1f5ad98705c..60f390b14049 100644
--- a/Source/JavaScriptCore/dfg/DFGArrayifySlowPathGenerator.h
+++ b/Source/JavaScriptCore/dfg/DFGArrayifySlowPathGenerator.h
@@ -80,7 +80,6 @@ class ArrayifySlowPathGenerator final : public JumpingSlowPathGeneratorm_jit.branch32(
MacroAssembler::AboveOrEqual, m_propertyGPR,
MacroAssembler::TrustedImm32(MIN_SPARSE_ARRAY_INDEX)));
@@ -101,7 +100,6 @@ class ArrayifySlowPathGenerator final : public JumpingSlowPathGeneratorcallOperation(operationEnsureDouble, m_tempGPR, SpeculativeJIT::TrustedImmPtr(&vm), m_baseGPR);
break;
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
jit->callOperation(operationEnsureContiguous, m_tempGPR, SpeculativeJIT::TrustedImmPtr(&vm), m_baseGPR);
break;
case Array::ArrayStorage:
diff --git a/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp b/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
index 3f14b8a70d9e..9d9c2152d4ba 100644
--- a/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
+++ b/Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
@@ -2516,6 +2516,9 @@ bool ByteCodeParser::handleIntrinsicCall(Node* callee, Operand result, Intrinsic
return false;
ArrayMode arrayMode = getArrayMode(Array::Read);
+ if (!arrayMode.isJSArray())
+ return false;
+
if (!arrayMode.isJSArrayWithOriginalStructure())
return false;
@@ -2602,32 +2605,21 @@ bool ByteCodeParser::handleIntrinsicCall(Node* callee, Operand result, Intrinsic
return false;
ArrayMode arrayMode = getArrayMode(Array::Read);
- // We do not want to convert arrays into one type just to perform indexOf.
- if (arrayMode.doesConversion())
+ if (!arrayMode.isJSArray())
return false;
- auto addToGraphAndSetResult = [&] {
- insertChecks();
-
- Node* array = get(virtualRegisterForArgumentIncludingThis(0, registerOffset));
- addVarArgChild(array);
- addVarArgChild(get(virtualRegisterForArgumentIncludingThis(1, registerOffset))); // Search element.
- if (argumentCountIncludingThis >= 3)
- addVarArgChild(get(virtualRegisterForArgumentIncludingThis(2, registerOffset))); // Start index.
- addVarArgChild(nullptr);
-
- Node* node = addToGraph(Node::VarArg, ArrayIndexOf, OpInfo(arrayMode.asWord()), OpInfo());
- setResult(node);
- };
+ if (!arrayMode.isJSArrayWithOriginalStructure())
+ return false;
- JSGlobalObject* globalObject = m_graph.globalObjectFor(currentNodeOrigin().semantic);
+ // We do not want to convert arrays into one type just to perform indexOf.
+ if (arrayMode.doesConversion())
+ return false;
switch (arrayMode.type()) {
case Array::Double:
case Array::Int32:
case Array::Contiguous: {
- if (!arrayMode.isJSArrayWithOriginalStructure())
- return false;
+ JSGlobalObject* globalObject = m_graph.globalObjectFor(currentNodeOrigin().semantic);
Structure* arrayPrototypeStructure = globalObject->arrayPrototype()->structure();
Structure* objectPrototypeStructure = globalObject->objectPrototype()->structure();
@@ -2641,27 +2633,17 @@ bool ByteCodeParser::handleIntrinsicCall(Node* callee, Operand result, Intrinsic
m_graph.registerAndWatchStructureTransition(arrayPrototypeStructure);
m_graph.registerAndWatchStructureTransition(objectPrototypeStructure);
- addToGraphAndSetResult();
- return true;
- }
-
- return false;
- }
-
- case Array::AlwaysSlowPutContiguous: {
- if (arrayMode.arrayClass() != Array::OriginalNonArray)
- return false;
-
- Structure* objectPrototypeStructure = globalObject->objectPrototype()->structure();
-
- if (globalObject->alwaysSlowPutContiguousPrototypesAreSaneWatchpointSet().isStillValid()
- && objectPrototypeStructure->transitionWatchpointSetIsStillValid()
- && globalObject->objectPrototypeIsSaneConcurrently(objectPrototypeStructure)) {
+ insertChecks();
- m_graph.watchpoints().addLazily(globalObject->alwaysSlowPutContiguousPrototypesAreSaneWatchpointSet());
- m_graph.registerAndWatchStructureTransition(objectPrototypeStructure);
+ Node* array = get(virtualRegisterForArgumentIncludingThis(0, registerOffset));
+ addVarArgChild(array);
+ addVarArgChild(get(virtualRegisterForArgumentIncludingThis(1, registerOffset))); // Search element.
+ if (argumentCountIncludingThis >= 3)
+ addVarArgChild(get(virtualRegisterForArgumentIncludingThis(2, registerOffset))); // Start index.
+ addVarArgChild(nullptr);
- addToGraphAndSetResult();
+ Node* node = addToGraph(Node::VarArg, ArrayIndexOf, OpInfo(arrayMode.asWord()), OpInfo());
+ setResult(node);
return true;
}
diff --git a/Source/JavaScriptCore/dfg/DFGClobberize.h b/Source/JavaScriptCore/dfg/DFGClobberize.h
index 1c0ddb5f7f55..b8ac3e52d76a 100644
--- a/Source/JavaScriptCore/dfg/DFGClobberize.h
+++ b/Source/JavaScriptCore/dfg/DFGClobberize.h
@@ -396,8 +396,7 @@ void clobberize(Graph& graph, Node* node, const ReadFunctor& read, const WriteFu
break;
}
- case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous: {
+ case Array::Contiguous: {
if (mode.isInBounds()) {
read(Butterfly_publicLength);
read(IndexedContiguousProperties);
@@ -668,7 +667,6 @@ void clobberize(Graph& graph, Node* node, const ReadFunctor& read, const WriteFu
read(IndexedInt32Properties);
return;
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
read(IndexedContiguousProperties);
return;
default:
@@ -1018,7 +1016,6 @@ void clobberize(Graph& graph, Node* node, const ReadFunctor& read, const WriteFu
return;
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
if (mode.isInBounds() || mode.isOutOfBoundsSaneChain()) {
read(Butterfly_publicLength);
read(IndexedContiguousProperties);
@@ -1189,7 +1186,6 @@ void clobberize(Graph& graph, Node* node, const ReadFunctor& read, const WriteFu
case Array::String:
case Array::DirectArguments:
case Array::ScopedArguments:
- case Array::AlwaysSlowPutContiguous:
DFG_CRASH(graph, node, "impossible array mode for put");
return;
}
@@ -1437,7 +1433,6 @@ void clobberize(Graph& graph, Node* node, const ReadFunctor& read, const WriteFu
case Array::Int32:
case Array::Double:
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
case Array::ArrayStorage:
case Array::SlowPutArrayStorage:
read(Butterfly_publicLength);
diff --git a/Source/JavaScriptCore/dfg/DFGFixupPhase.cpp b/Source/JavaScriptCore/dfg/DFGFixupPhase.cpp
index f39f7c29be2e..dc7c75982123 100644
--- a/Source/JavaScriptCore/dfg/DFGFixupPhase.cpp
+++ b/Source/JavaScriptCore/dfg/DFGFixupPhase.cpp
@@ -3681,25 +3681,25 @@ class FixupPhase : public Phase {
} else {
// Note that we only need to be using a structure check if we opt for InBoundsSaneChain, since
// that needs to protect against JSArray's __proto__ being changed.
- StructureSet structureSet = arrayMode.originalArrayStructureSet(m_graph, origin.semantic);
+ Structure* structure = arrayMode.originalArrayStructure(m_graph, origin.semantic);
Edge indexEdge = index ? Edge(index, Int32Use) : Edge();
if (arrayMode.doesConversion()) {
- if (!structureSet.isEmpty()) {
+ if (structure) {
m_insertionSet.insertNode(
m_indexInBlock, SpecNone, ArrayifyToStructure, origin,
- OpInfo(m_graph.registerStructure(structureSet.onlyStructure())), OpInfo(arrayMode.asWord()), Edge(array, CellUse), indexEdge);
+ OpInfo(m_graph.registerStructure(structure)), OpInfo(arrayMode.asWord()), Edge(array, CellUse), indexEdge);
} else {
m_insertionSet.insertNode(
m_indexInBlock, SpecNone, Arrayify, origin,
OpInfo(arrayMode.asWord()), Edge(array, CellUse), indexEdge);
}
} else {
- if (!structureSet.isEmpty()) {
+ if (structure) {
m_insertionSet.insertNode(
m_indexInBlock, SpecNone, CheckStructure, origin,
- OpInfo(m_graph.addStructureSet(structureSet)), Edge(array, CellUse));
+ OpInfo(m_graph.addStructureSet(structure)), Edge(array, CellUse));
} else {
m_insertionSet.insertNode(
m_indexInBlock, SpecNone, CheckArray, origin,
@@ -4121,39 +4121,13 @@ class FixupPhase : public Phase {
attemptToForceStringArrayModeByToStringConversion(arrayMode, node);
}
- if (!arrayMode.supportsSelfLength()) {
- if (arrayMode.type() == Array::AlwaysSlowPutContiguous)
- return attemptToMakeGetArrayLengthForAlwaysSlowPutContiguous(node, arrayMode);
-
+ if (!arrayMode.supportsSelfLength())
return false;
- }
convertToGetArrayLength(node, arrayMode);
return true;
}
- bool attemptToMakeGetArrayLengthForAlwaysSlowPutContiguous(Node* node, ArrayMode arrayMode)
- {
- if (arrayMode.arrayClass() != Array::OriginalNonArray)
- return false;
-
- JSGlobalObject* globalObject = m_graph.globalObjectFor(node->origin.semantic);
- Structure* objectPrototypeStructure = globalObject->objectPrototype()->structure();
-
- if (globalObject->alwaysSlowPutContiguousPrototypesAreSaneWatchpointSet().isStillValid()
- && objectPrototypeStructure->transitionWatchpointSetIsStillValid()
- && globalObject->objectPrototypeIsSaneConcurrently(objectPrototypeStructure)) {
-
- m_graph.watchpoints().addLazily(globalObject->alwaysSlowPutContiguousPrototypesAreSaneWatchpointSet());
- m_graph.registerAndWatchStructureTransition(objectPrototypeStructure);
-
- convertToGetArrayLength(node, arrayMode);
- return true;
- }
-
- return false;
- }
-
void convertToGetArrayLength(Node* node, ArrayMode arrayMode)
{
node->setOp(GetArrayLength);
@@ -4383,8 +4357,7 @@ class FixupPhase : public Phase {
fixEdge(searchElement);
return;
}
- case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous: {
+ case Array::Contiguous: {
if (searchElement->shouldSpeculateString())
fixEdge(searchElement);
else if (searchElement->shouldSpeculateSymbol())
diff --git a/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp b/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
index c9d639336c58..328fecccf41e 100644
--- a/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
+++ b/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
@@ -780,7 +780,6 @@ JITCompiler::JumpList SpeculativeJIT::jumpSlowForUnwantedArrayMode(GPRReg tempGP
case Array::Int32:
case Array::Double:
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
case Array::Undecided:
case Array::ArrayStorage: {
IndexingType shape = arrayMode.shapeMask();
@@ -879,7 +878,6 @@ void SpeculativeJIT::checkArray(Node* node)
case Array::Int32:
case Array::Double:
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
case Array::Undecided:
case Array::ArrayStorage:
case Array::SlowPutArrayStorage: {
@@ -907,11 +905,9 @@ void SpeculativeJIT::checkArray(Node* node)
case Array::Int32:
case Array::Double:
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
case Array::Undecided:
case Array::ArrayStorage:
case Array::SlowPutArrayStorage: {
- ASSERT(tempGPR.has_value());
m_jit.load8(MacroAssembler::Address(baseReg, JSCell::indexingTypeAndMiscOffset()), tempGPR.value());
speculationCheck(
BadIndexingType, JSValueSource::unboxedCell(baseReg), nullptr,
@@ -2681,7 +2677,6 @@ void SpeculativeJIT::compilePutByVal(Node* node)
case Array::String:
case Array::DirectArguments:
case Array::ScopedArguments:
- case Array::AlwaysSlowPutContiguous:
case Array::Undecided:
#if USE(JSVALUE32_64)
case Array::BigInt64Array:
@@ -8649,8 +8644,7 @@ void SpeculativeJIT::compileGetArrayLength(Node* node)
case Array::Undecided:
case Array::Int32:
case Array::Double:
- case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous: {
+ case Array::Contiguous: {
StorageOperand storage(this, node->child2());
GPRTemporary result(this, Reuse, storage);
GPRReg storageReg = storage.gpr();
@@ -10155,7 +10149,7 @@ void SpeculativeJIT::compileArrayIndexOf(Node* node)
}
if (searchElementEdge.useKind() == OtherUse) {
- ASSERT(node->arrayMode().isAnyKindOfContiguous());
+ ASSERT(node->arrayMode().type() == Array::Contiguous);
JSValueOperand searchElement(this, searchElementEdge, ManualOperandSpeculation);
GPRTemporary temp(this);
@@ -10175,7 +10169,7 @@ void SpeculativeJIT::compileArrayIndexOf(Node* node)
return;
}
- ASSERT(node->arrayMode().isAnyKindOfContiguous());
+ ASSERT(node->arrayMode().type() == Array::Contiguous);
SpeculateCellOperand searchElement(this, searchElementEdge);
GPRReg searchElementGPR = searchElement.gpr();
@@ -10235,7 +10229,7 @@ void SpeculativeJIT::compileArrayIndexOf(Node* node)
}
case StringUse: {
- ASSERT(node->arrayMode().isAnyKindOfContiguous());
+ ASSERT(node->arrayMode().type() == Array::Contiguous);
SpeculateCellOperand searchElement(this, searchElementEdge);
GPRReg searchElementGPR = searchElement.gpr();
diff --git a/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp b/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp
index 3aa24496852a..a9805d4c810c 100644
--- a/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp
+++ b/Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp
@@ -1873,8 +1873,7 @@ void SpeculativeJIT::compileGetByVal(Node* node, const ScopedLambdaarrayMode().isInBounds()) {
SpeculateStrictInt32Operand property(this, m_graph.varArgChild(node, 1));
StorageOperand storage(this, m_graph.varArgChild(node, 2));
diff --git a/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp b/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
index d3bd97eb0b46..61668848648b 100644
--- a/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
+++ b/Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
@@ -2514,8 +2514,7 @@ void SpeculativeJIT::compileGetByVal(Node* node, const ScopedLambdaarrayMode().isInBounds()) {
SpeculateStrictInt32Operand property(this, m_graph.varArgChild(node, 1));
StorageOperand storage(this, m_graph.varArgChild(node, 2));
@@ -2535,7 +2534,7 @@ void SpeculativeJIT::compileGetByVal(Node* node, const ScopedLambdaarrayMode().isInBoundsSaneChain()) {
- ASSERT(node->arrayMode().isAnyKindOfContiguous());
+ ASSERT(node->arrayMode().type() == Array::Contiguous);
JITCompiler::Jump notHole = m_jit.branchIfNotEmpty(result);
m_jit.move(TrustedImm64(JSValue::encode(jsUndefined())), result);
notHole.link(&m_jit);
diff --git a/Source/JavaScriptCore/ftl/FTLAbstractHeapRepository.h b/Source/JavaScriptCore/ftl/FTLAbstractHeapRepository.h
index 46982cac6468..b28de622b233 100644
--- a/Source/JavaScriptCore/ftl/FTLAbstractHeapRepository.h
+++ b/Source/JavaScriptCore/ftl/FTLAbstractHeapRepository.h
@@ -254,7 +254,6 @@ class AbstractHeapRepository {
case DFG::Array::Double:
return indexedDoubleProperties;
case DFG::Array::Contiguous:
- case DFG::Array::AlwaysSlowPutContiguous:
return indexedContiguousProperties;
case DFG::Array::ArrayStorage:
case DFG::Array::SlowPutArrayStorage:
diff --git a/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp b/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
index 2228cbd2bc99..a70ae46c6d6e 100644
--- a/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
+++ b/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
@@ -3858,7 +3858,6 @@ class LowerDFGToB3 {
case Array::Int32:
case Array::Double:
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
speculate(
Uncountable, noValue(), nullptr,
m_out.aboveOrEqual(property, m_out.constInt32(MIN_SPARSE_ARRAY_INDEX)));
@@ -3876,7 +3875,6 @@ class LowerDFGToB3 {
vmCall(Void, operationEnsureDouble, m_vmValue, cell);
break;
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
vmCall(Void, operationEnsureContiguous, m_vmValue, cell);
break;
case Array::ArrayStorage:
@@ -5056,8 +5054,7 @@ IGNORE_CLANG_WARNINGS_END
case Array::Undecided:
case Array::Int32:
case Array::Double:
- case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous: {
+ case Array::Contiguous: {
setInt32(m_out.load32NonNegative(lowStorage(m_node->child2()), m_heaps.Butterfly_publicLength));
return;
}
@@ -5203,8 +5200,7 @@ IGNORE_CLANG_WARNINGS_END
JSGlobalObject* globalObject = m_graph.globalObjectFor(m_origin.semantic);
switch (m_node->arrayMode().type()) {
case Array::Int32:
- case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous: {
+ case Array::Contiguous: {
LValue index = lowInt32(m_graph.varArgChild(m_node, 1));
LValue storage = lowStorage(m_graph.varArgChild(m_node, 2));
@@ -5218,13 +5214,13 @@ IGNORE_CLANG_WARNINGS_END
LValue isHole = m_out.isZero64(result);
if (m_node->arrayMode().isInBoundsSaneChain()) {
DFG_ASSERT(
- m_graph, m_node, m_node->arrayMode().isAnyKindOfContiguous(), m_node->arrayMode().type());
+ m_graph, m_node, m_node->arrayMode().type() == Array::Contiguous, m_node->arrayMode().type());
result = m_out.select(
isHole, m_out.constInt64(JSValue::encode(jsUndefined())), result);
} else
speculate(LoadFromHole, noValue(), nullptr, isHole);
// We have to keep base alive to keep content in storage alive.
- if (m_node->arrayMode().isAnyKindOfContiguous())
+ if (m_node->arrayMode().type() == Array::Contiguous)
ensureStillAliveHere(base);
return result;
}
@@ -5256,7 +5252,7 @@ IGNORE_CLANG_WARNINGS_END
m_out.appendTo(continuation, lastNext);
// We have to keep base alive to keep content in storage alive.
- if (m_node->arrayMode().isAnyKindOfContiguous())
+ if (m_node->arrayMode().type() == Array::Contiguous)
ensureStillAliveHere(base);
return m_out.phi(Int64, fastResult, slowResult);
}
@@ -6136,7 +6132,6 @@ IGNORE_CLANG_WARNINGS_END
case Array::ForceExit:
case Array::Generic:
case Array::ScopedArguments:
- case Array::AlwaysSlowPutContiguous:
case Array::SelectUsingArguments:
case Array::SelectUsingPredictions:
case Array::Undecided:
@@ -6728,15 +6723,15 @@ IGNORE_CLANG_WARNINGS_END
searchElement = lowJSValue(searchElementEdge, ManualOperandSpeculation);
break;
case ObjectUse:
- ASSERT(m_node->arrayMode().isAnyKindOfContiguous());
+ ASSERT(m_node->arrayMode().type() == Array::Contiguous);
searchElement = lowObject(searchElementEdge);
break;
case SymbolUse:
- ASSERT(m_node->arrayMode().isAnyKindOfContiguous());
+ ASSERT(m_node->arrayMode().type() == Array::Contiguous);
searchElement = lowSymbol(searchElementEdge);
break;
case OtherUse:
- ASSERT(m_node->arrayMode().isAnyKindOfContiguous());
+ ASSERT(m_node->arrayMode().type() == Array::Contiguous);
speculate(searchElementEdge);
searchElement = lowJSValue(searchElementEdge, ManualOperandSpeculation);
break;
@@ -6804,7 +6799,7 @@ IGNORE_CLANG_WARNINGS_END
}
case StringUse:
- ASSERT(m_node->arrayMode().isAnyKindOfContiguous());
+ ASSERT(m_node->arrayMode().type() == Array::Contiguous);
// We have to keep base alive since that keeps storage alive.
ensureStillAliveHere(base);
setInt32(m_out.castToInt32(vmCall(Int64, operationArrayIndexOfString, weakPointer(globalObject), storage, lowString(searchElementEdge), startIndex)));
@@ -6816,7 +6811,6 @@ IGNORE_CLANG_WARNINGS_END
setInt32(m_out.castToInt32(vmCall(Int64, operationArrayIndexOfValueDouble, weakPointer(globalObject), storage, lowJSValue(searchElementEdge), startIndex)));
return;
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
// We have to keep base alive since that keeps content of storage alive.
ensureStillAliveHere(base);
FALLTHROUGH;
@@ -19768,7 +19762,6 @@ IGNORE_CLANG_WARNINGS_END
case Array::Int32:
case Array::Double:
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
case Array::Undecided:
case Array::ArrayStorage: {
IndexingType indexingModeMask = IsArray | IndexingShapeMask;
@@ -19864,7 +19857,6 @@ IGNORE_CLANG_WARNINGS_END
case Array::Int32:
case Array::Double:
case Array::Contiguous:
- case Array::AlwaysSlowPutContiguous:
case Array::Undecided:
case Array::ArrayStorage:
case Array::SlowPutArrayStorage:
diff --git a/Source/JavaScriptCore/heap/HeapCell.h b/Source/JavaScriptCore/heap/HeapCell.h
index cef872fa42fb..b26736686c9a 100644
--- a/Source/JavaScriptCore/heap/HeapCell.h
+++ b/Source/JavaScriptCore/heap/HeapCell.h
@@ -60,7 +60,7 @@ class HeapCell {
}
bool isZapped() const { return !*bitwise_cast(this); }
- JS_EXPORT_PRIVATE bool isLive();
+ bool isLive();
bool isPreciseAllocation() const;
CellContainer cellContainer() const;
diff --git a/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp b/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp
index 34097b1a53ea..1855d0704227 100644
--- a/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp
+++ b/Source/JavaScriptCore/llint/LLIntSlowPaths.cpp
@@ -863,13 +863,6 @@ static JSValue performLLIntGetByID(BytecodeIndex bytecodeIndex, CodeBlock* codeB
if (!(--metadata.hitCountForLLIntCaching))
setupGetByIdPrototypeCache(globalObject, vm, codeBlock, bytecodeIndex, metadata, baseCell, slot, ident);
- } else if (hasAlwaysSlowPutContiguous(baseCell->indexingMode()) && ident == vm.propertyNames->length) {
- {
- ConcurrentJSLocker locker(codeBlock->m_lock);
- metadata.setArrayLengthMode();
- metadata.arrayLengthMode.arrayProfile.observeStructure(structure);
- }
- vm.writeBarrier(codeBlock);
}
} else if (Options::useLLIntICs() && isJSArray(baseValue) && ident == vm.propertyNames->length) {
{
diff --git a/Source/JavaScriptCore/llint/LowLevelInterpreter.asm b/Source/JavaScriptCore/llint/LowLevelInterpreter.asm
index c663d197661b..58d71ab99c85 100644
--- a/Source/JavaScriptCore/llint/LowLevelInterpreter.asm
+++ b/Source/JavaScriptCore/llint/LowLevelInterpreter.asm
@@ -552,17 +552,17 @@ const TagOffset = constexpr TagOffset
const PayloadOffset = constexpr PayloadOffset
# Constant for reasoning about butterflies.
-const IsArray = constexpr IsArray
-const IndexingShapeMask = constexpr IndexingShapeMask
-const IndexingTypeMask = constexpr IndexingTypeMask
-const NoIndexingShape = constexpr NoIndexingShape
-const Int32Shape = constexpr Int32Shape
-const DoubleShape = constexpr DoubleShape
-const ContiguousShape = constexpr ContiguousShape
-const AlwaysSlowPutContiguousShape = constexpr AlwaysSlowPutContiguousShape
-const ArrayStorageShape = constexpr ArrayStorageShape
-const CopyOnWrite = constexpr CopyOnWrite
-const ArrayWithUndecided = constexpr ArrayWithUndecided
+const IsArray = constexpr IsArray
+const IndexingShapeMask = constexpr IndexingShapeMask
+const IndexingTypeMask = constexpr IndexingTypeMask
+const NoIndexingShape = constexpr NoIndexingShape
+const Int32Shape = constexpr Int32Shape
+const DoubleShape = constexpr DoubleShape
+const ContiguousShape = constexpr ContiguousShape
+const ArrayStorageShape = constexpr ArrayStorageShape
+const SlowPutArrayStorageShape = constexpr SlowPutArrayStorageShape
+const CopyOnWrite = constexpr CopyOnWrite
+const ArrayWithUndecided = constexpr ArrayWithUndecided
# Type constants.
const StructureType = constexpr StructureType
diff --git a/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm b/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm
index 0627d2da2ba4..067c9003f75f 100644
--- a/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm
+++ b/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm
@@ -1771,8 +1771,8 @@ llintOpWithMetadata(op_get_by_val, OpGetByVal, macro (size, get, dispatch, metad
jmp .opGetByValNotEmpty
.opGetByValNotDouble:
- bieq t2, AlwaysSlowPutContiguousShape, .opGetByValIsContiguous
- bilt t2, ArrayStorageShape, .opGetByValNotIndexedStorage
+ subi ArrayStorageShape, t2
+ bia t2, SlowPutArrayStorageShape - ArrayStorageShape, .opGetByValNotIndexedStorage
biaeq t1, -sizeof IndexingHeader + IndexingHeader::u.lengths.vectorLength[t3], .opGetByValSlow
loadi ArrayStorage::m_vector + TagOffset[t3, t1, 8], t2
loadi ArrayStorage::m_vector + PayloadOffset[t3, t1, 8], t1
diff --git a/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm b/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm
index 9e705673c954..df955bc87f3a 100644
--- a/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm
+++ b/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm
@@ -1910,8 +1910,8 @@ llintOpWithMetadata(op_get_by_val, OpGetByVal, macro (size, get, dispatch, metad
jmp .opGetByValDone
.opGetByValNotDouble:
- bieq t2, AlwaysSlowPutContiguousShape, .opGetByValIsContiguous
- bilt t2, ArrayStorageShape, .opGetByValNotIndexedStorage
+ subi ArrayStorageShape, t2
+ bia t2, SlowPutArrayStorageShape - ArrayStorageShape, .opGetByValNotIndexedStorage
biaeq t1, -sizeof IndexingHeader + IndexingHeader::u.lengths.vectorLength[t3], .opGetByValSlow
get(m_dst, t0)
loadq ArrayStorage::m_vector[t3, t1, 8], t2
diff --git a/Source/JavaScriptCore/runtime/ArrayPrototype.cpp b/Source/JavaScriptCore/runtime/ArrayPrototype.cpp
index f14ab7ba2819..e63e34386513 100644
--- a/Source/JavaScriptCore/runtime/ArrayPrototype.cpp
+++ b/Source/JavaScriptCore/runtime/ArrayPrototype.cpp
@@ -1012,7 +1012,7 @@ JSC_DEFINE_HOST_FUNCTION(arrayProtoFuncReverse, (JSGlobalObject* globalObject, C
thisObject->ensureWritable(vm);
switch (thisObject->indexingType()) {
- case ALL_FAST_PUT_CONTIGUOUS_INDEXING_TYPES:
+ case ALL_CONTIGUOUS_INDEXING_TYPES:
case ALL_INT32_INDEXING_TYPES: {
auto& butterfly = *thisObject->butterfly();
if (length > butterfly.publicLength())
@@ -1322,7 +1322,7 @@ JSC_DEFINE_HOST_FUNCTION(arrayProtoFuncUnShift, (JSGlobalObject* globalObject, C
enum class IndexOfDirection { Forward, Backward };
template
-ALWAYS_INLINE JSValue tryFastIndexOf(JSGlobalObject* globalObject, VM& vm, JSObject* array, uint64_t length64, JSValue searchElement, uint64_t index64)
+ALWAYS_INLINE JSValue fastIndexOf(JSGlobalObject* globalObject, VM& vm, JSArray* array, uint64_t length64, JSValue searchElement, uint64_t index64)
{
auto scope = DECLARE_THROW_SCOPE(vm);
@@ -1444,10 +1444,12 @@ JSC_DEFINE_HOST_FUNCTION(arrayProtoFuncIndexOf, (JSGlobalObject* globalObject, C
RETURN_IF_EXCEPTION(scope, { });
JSValue searchElement = callFrame->argument(0);
- JSValue result = tryFastIndexOf(globalObject, vm, thisObject, length, searchElement, index);
- RETURN_IF_EXCEPTION(scope, { });
- if (result)
- return JSValue::encode(result);
+ if (isJSArray(thisObject)) {
+ JSValue result = fastIndexOf(globalObject, vm, asArray(thisObject), length, searchElement, index);
+ RETURN_IF_EXCEPTION(scope, { });
+ if (result)
+ return JSValue::encode(result);
+ }
for (; index < length; ++index) {
JSValue e = getProperty(globalObject, thisObject, index);
@@ -1494,10 +1496,12 @@ JSC_DEFINE_HOST_FUNCTION(arrayProtoFuncLastIndexOf, (JSGlobalObject* globalObjec
JSValue searchElement = callFrame->argument(0);
- JSValue result = tryFastIndexOf(globalObject, vm, thisObject, length, searchElement, index);
- RETURN_IF_EXCEPTION(scope, { });
- if (result)
- return JSValue::encode(result);
+ if (isJSArray(thisObject)) {
+ JSValue result = fastIndexOf(globalObject, vm, asArray(thisObject), length, searchElement, index);
+ RETURN_IF_EXCEPTION(scope, { });
+ if (result)
+ return JSValue::encode(result);
+ }
do {
ASSERT(index < length);
diff --git a/Source/JavaScriptCore/runtime/IndexingType.cpp b/Source/JavaScriptCore/runtime/IndexingType.cpp
index ff52893de6b9..64fcd81d6dce 100644
--- a/Source/JavaScriptCore/runtime/IndexingType.cpp
+++ b/Source/JavaScriptCore/runtime/IndexingType.cpp
@@ -88,9 +88,6 @@ void dumpIndexingType(PrintStream& out, IndexingType indexingType)
case NonArrayWithContiguous:
basicName = "NonArrayWithContiguous";
break;
- case NonArrayWithAlwaysSlowPutContiguous:
- basicName = "NonArrayWithAlwaysSlowPutContiguous";
- break;
case NonArrayWithArrayStorage:
basicName = "NonArrayWithArrayStorage";
break;
diff --git a/Source/JavaScriptCore/runtime/IndexingType.h b/Source/JavaScriptCore/runtime/IndexingType.h
index a5ea37f48ece..0de450c90c44 100644
--- a/Source/JavaScriptCore/runtime/IndexingType.h
+++ b/Source/JavaScriptCore/runtime/IndexingType.h
@@ -68,13 +68,12 @@ static const IndexingType UndecidedShape = 0x02; // Only useful
static const IndexingType Int32Shape = 0x04;
static const IndexingType DoubleShape = 0x06;
static const IndexingType ContiguousShape = 0x08;
-static const IndexingType AlwaysSlowPutContiguousShape = 0x0A;
-static const IndexingType ArrayStorageShape = 0x0C;
-static const IndexingType SlowPutArrayStorageShape = 0x0E;
+static const IndexingType ArrayStorageShape = 0x0A;
+static const IndexingType SlowPutArrayStorageShape = 0x0C;
static const IndexingType IndexingShapeMask = 0x0E;
static const IndexingType IndexingShapeShift = 1;
-static const IndexingType NumberOfIndexingShapes = 8;
+static const IndexingType NumberOfIndexingShapes = 7;
static const IndexingType IndexingTypeMask = IndexingShapeMask | IsArray;
// Whether or not the butterfly is copy on write. If it is copy on write then the butterfly is actually a JSImmutableButterfly. This should only ever be set if there are no named properties.
@@ -96,23 +95,22 @@ static const IndexingType IndexingTypeLockIsHeld = 0x40;
static const IndexingType IndexingTypeLockHasParked = 0x80;
// List of acceptable array types.
-static const IndexingType NonArray = 0x0;
-static const IndexingType NonArrayWithInt32 = Int32Shape;
-static const IndexingType NonArrayWithDouble = DoubleShape;
-static const IndexingType NonArrayWithContiguous = ContiguousShape;
-static const IndexingType NonArrayWithAlwaysSlowPutContiguous = AlwaysSlowPutContiguousShape;
-static const IndexingType NonArrayWithArrayStorage = ArrayStorageShape;
-static const IndexingType NonArrayWithSlowPutArrayStorage = SlowPutArrayStorageShape;
-static const IndexingType ArrayClass = IsArray; // I'd want to call this "Array" but this would lead to disastrous namespace pollution.
-static const IndexingType ArrayWithUndecided = IsArray | UndecidedShape;
-static const IndexingType ArrayWithInt32 = IsArray | Int32Shape;
-static const IndexingType ArrayWithDouble = IsArray | DoubleShape;
-static const IndexingType ArrayWithContiguous = IsArray | ContiguousShape;
-static const IndexingType ArrayWithArrayStorage = IsArray | ArrayStorageShape;
-static const IndexingType ArrayWithSlowPutArrayStorage = IsArray | SlowPutArrayStorageShape;
-static const IndexingType CopyOnWriteArrayWithInt32 = IsArray | Int32Shape | CopyOnWrite;
-static const IndexingType CopyOnWriteArrayWithDouble = IsArray | DoubleShape | CopyOnWrite;
-static const IndexingType CopyOnWriteArrayWithContiguous = IsArray | ContiguousShape | CopyOnWrite;
+static const IndexingType NonArray = 0x0;
+static const IndexingType NonArrayWithInt32 = Int32Shape;
+static const IndexingType NonArrayWithDouble = DoubleShape;
+static const IndexingType NonArrayWithContiguous = ContiguousShape;
+static const IndexingType NonArrayWithArrayStorage = ArrayStorageShape;
+static const IndexingType NonArrayWithSlowPutArrayStorage = SlowPutArrayStorageShape;
+static const IndexingType ArrayClass = IsArray; // I'd want to call this "Array" but this would lead to disastrous namespace pollution.
+static const IndexingType ArrayWithUndecided = IsArray | UndecidedShape;
+static const IndexingType ArrayWithInt32 = IsArray | Int32Shape;
+static const IndexingType ArrayWithDouble = IsArray | DoubleShape;
+static const IndexingType ArrayWithContiguous = IsArray | ContiguousShape;
+static const IndexingType ArrayWithArrayStorage = IsArray | ArrayStorageShape;
+static const IndexingType ArrayWithSlowPutArrayStorage = IsArray | SlowPutArrayStorageShape;
+static const IndexingType CopyOnWriteArrayWithInt32 = IsArray | Int32Shape | CopyOnWrite;
+static const IndexingType CopyOnWriteArrayWithDouble = IsArray | DoubleShape | CopyOnWrite;
+static const IndexingType CopyOnWriteArrayWithContiguous = IsArray | ContiguousShape | CopyOnWrite;
#define ALL_BLANK_INDEXING_TYPES \
NonArray: \
@@ -137,22 +135,14 @@ static const IndexingType CopyOnWriteArrayWithContiguous = IsArray | Contig
ALL_WRITABLE_DOUBLE_INDEXING_TYPES: \
case CopyOnWriteArrayWithDouble
-#define ALL_WRITABLE_FAST_PUT_CONTIGUOUS_INDEXING_TYPES \
+#define ALL_WRITABLE_CONTIGUOUS_INDEXING_TYPES \
NonArrayWithContiguous: \
case ArrayWithContiguous \
-#define ALL_WRITABLE_CONTIGUOUS_INDEXING_TYPES \
- ALL_WRITABLE_FAST_PUT_CONTIGUOUS_INDEXING_TYPES: \
- case NonArrayWithAlwaysSlowPutContiguous
-
-#define ALL_FAST_PUT_CONTIGUOUS_INDEXING_TYPES \
- ALL_WRITABLE_FAST_PUT_CONTIGUOUS_INDEXING_TYPES: \
+#define ALL_CONTIGUOUS_INDEXING_TYPES \
+ ALL_WRITABLE_CONTIGUOUS_INDEXING_TYPES: \
case CopyOnWriteArrayWithContiguous
-#define ALL_CONTIGUOUS_INDEXING_TYPES \
- ALL_FAST_PUT_CONTIGUOUS_INDEXING_TYPES: \
- case NonArrayWithAlwaysSlowPutContiguous
-
#define ARRAY_WITH_ARRAY_STORAGE_INDEXING_TYPES \
ArrayWithArrayStorage: \
case ArrayWithSlowPutArrayStorage
@@ -187,16 +177,6 @@ inline bool hasContiguous(IndexingType indexingType)
return (indexingType & IndexingShapeMask) == ContiguousShape;
}
-inline bool hasAlwaysSlowPutContiguous(IndexingType indexingType)
-{
- return (indexingType & IndexingShapeMask) == AlwaysSlowPutContiguousShape;
-}
-
-inline bool hasAnyContiguous(IndexingType indexingType)
-{
- return hasContiguous(indexingType) || hasAlwaysSlowPutContiguous(indexingType);
-}
-
inline bool hasArrayStorage(IndexingType indexingType)
{
return (indexingType & IndexingShapeMask) == ArrayStorageShape;
@@ -212,11 +192,6 @@ inline bool hasSlowPutArrayStorage(IndexingType indexingType)
return (indexingType & IndexingShapeMask) == SlowPutArrayStorageShape;
}
-inline bool hasAnySlowPutIndexingType(IndexingType indexingType)
-{
- return hasAlwaysSlowPutContiguous(indexingType) || hasSlowPutArrayStorage(indexingType);
-}
-
inline bool shouldUseSlowPut(IndexingType indexingType)
{
return hasSlowPutArrayStorage(indexingType);
diff --git a/Source/JavaScriptCore/runtime/JSArray.cpp b/Source/JavaScriptCore/runtime/JSArray.cpp
index 7b07a57a05f8..5803e2564be4 100644
--- a/Source/JavaScriptCore/runtime/JSArray.cpp
+++ b/Source/JavaScriptCore/runtime/JSArray.cpp
@@ -730,16 +730,16 @@ JSArray* JSArray::fastSlice(JSGlobalObject* globalObject, JSObject* source, uint
{
VM& vm = globalObject->vm();
- if (!source->canDoFastIndexedAccess())
+ Structure* sourceStructure = source->structure();
+ if (sourceStructure->typeInfo().interceptsGetOwnPropertySlotByIndexEvenWhenLengthIsNotZero())
return nullptr;
- auto sourceIndexingType = source->indexingType();
- auto arrayType = sourceIndexingType == NonArrayWithAlwaysSlowPutContiguous ? ArrayWithContiguous : sourceIndexingType | IsArray;
+ auto arrayType = source->indexingType() | IsArray;
switch (arrayType) {
case ArrayWithDouble:
case ArrayWithInt32:
case ArrayWithContiguous: {
- if (count >= MIN_SPARSE_ARRAY_INDEX)
+ if (count >= MIN_SPARSE_ARRAY_INDEX || sourceStructure->holesMustForwardToPrototype(source))
return nullptr;
if (startIndex + count > source->butterfly()->vectorLength())
diff --git a/Source/JavaScriptCore/runtime/JSGlobalObject.cpp b/Source/JavaScriptCore/runtime/JSGlobalObject.cpp
index 16dcfa01e573..e47060ca2a10 100644
--- a/Source/JavaScriptCore/runtime/JSGlobalObject.cpp
+++ b/Source/JavaScriptCore/runtime/JSGlobalObject.cpp
@@ -950,7 +950,6 @@ void JSGlobalObject::init(VM& vm)
m_originalArrayStructureForIndexingShape[arrayIndexFromIndexingType(Int32Shape)].set(vm, this, JSArray::createStructure(vm, this, m_arrayPrototype.get(), ArrayWithInt32));
m_originalArrayStructureForIndexingShape[arrayIndexFromIndexingType(DoubleShape)].set(vm, this, JSArray::createStructure(vm, this, m_arrayPrototype.get(), ArrayWithDouble));
m_originalArrayStructureForIndexingShape[arrayIndexFromIndexingType(ContiguousShape)].set(vm, this, JSArray::createStructure(vm, this, m_arrayPrototype.get(), ArrayWithContiguous));
- m_originalArrayStructureForIndexingShape[arrayIndexFromIndexingType(AlwaysSlowPutContiguousShape)].setMayBeNull(vm, this, nullptr);
m_originalArrayStructureForIndexingShape[arrayIndexFromIndexingType(ArrayStorageShape)].set(vm, this, JSArray::createStructure(vm, this, m_arrayPrototype.get(), ArrayWithArrayStorage));
m_originalArrayStructureForIndexingShape[arrayIndexFromIndexingType(SlowPutArrayStorageShape)].set(vm, this, JSArray::createStructure(vm, this, m_arrayPrototype.get(), ArrayWithSlowPutArrayStorage));
m_originalArrayStructureForIndexingShape[arrayIndexFromIndexingType(CopyOnWriteArrayWithInt32)].set(vm, this, JSArray::createStructure(vm, this, m_arrayPrototype.get(), CopyOnWriteArrayWithInt32));
@@ -2416,9 +2415,6 @@ void JSGlobalObject::visitChildrenImpl(JSCell* cell, Visitor& visitor)
thisObject->m_typedArrayProto.visit(visitor);
thisObject->m_typedArraySuperConstructor.visit(visitor);
thisObject->m_regExpGlobalData.visitAggregate(visitor);
-
- for (Structure* structure : thisObject->m_originalAlwaysSlowPutContiguousStructureSet)
- visitor.appendUnbarriered(structure);
}
DEFINE_VISIT_CHILDREN_WITH_MODIFIER(JS_EXPORT_PRIVATE, JSGlobalObject);
@@ -2822,12 +2818,6 @@ JSGlobalObject* JSGlobalObject::createWithCustomMethodTable(VM& vm, Structure* s
return globalObject;
}
-void JSGlobalObject::recordOriginalAlwaysSlowPutContiguousStructure(Structure* structure)
-{
- ASSERT(structure->globalObject() == this);
- m_originalAlwaysSlowPutContiguousStructureSet.add(structure);
-}
-
void JSGlobalObject::finishCreation(VM& vm)
{
DeferTermination deferTermination(vm);
diff --git a/Source/JavaScriptCore/runtime/JSGlobalObject.h b/Source/JavaScriptCore/runtime/JSGlobalObject.h
index 2176997ce1fb..6695c20eef5f 100644
--- a/Source/JavaScriptCore/runtime/JSGlobalObject.h
+++ b/Source/JavaScriptCore/runtime/JSGlobalObject.h
@@ -534,9 +534,6 @@ class JSGlobalObject : public JSSegmentedVariableObject {
InlineWatchpointSet m_sharedArrayBufferSpeciesWatchpointSet { ClearWatchpoint };
InlineWatchpointSet m_typedArrayConstructorSpeciesWatchpointSet { IsWatched };
InlineWatchpointSet m_typedArrayPrototypeIteratorProtocolWatchpointSet { IsWatched };
-
- // Current this is being set up in JSDOMWindowBase and watches only NodeList.prototype.length getter to be original.
- InlineWatchpointSet m_alwaysSlowPutContiguousPrototypesAreSaneWatchpointSet { ClearWatchpoint };
#define DECLARE_TYPED_ARRAY_TYPE_SPECIES_WATCHPOINT_SET(name) \
InlineWatchpointSet m_typedArray ## name ## SpeciesWatchpointSet { ClearWatchpoint }; \
InlineWatchpointSet m_typedArray ## name ## IteratorProtocolWatchpointSet { ClearWatchpoint };
@@ -667,7 +664,6 @@ class JSGlobalObject : public JSSegmentedVariableObject {
}
InlineWatchpointSet& typedArrayConstructorSpeciesWatchpointSet() { return m_typedArrayConstructorSpeciesWatchpointSet; }
InlineWatchpointSet& typedArrayPrototypeIteratorProtocolWatchpointSet() { return m_typedArrayPrototypeIteratorProtocolWatchpointSet; }
- InlineWatchpointSet& alwaysSlowPutContiguousPrototypesAreSaneWatchpointSet() { return m_alwaysSlowPutContiguousPrototypesAreSaneWatchpointSet; }
bool isArrayPrototypeIteratorProtocolFastAndNonObservable();
bool isTypedArrayPrototypeIteratorProtocolFastAndNonObservable(TypedArrayType);
@@ -888,14 +884,6 @@ class JSGlobalObject : public JSSegmentedVariableObject {
{
return originalArrayStructureForIndexingType(structure->indexingMode() | IsArray) == structure;
}
-
- bool isOriginalSlowPutContigiousStructure(Structure* structure)
- {
- ASSERT(hasAlwaysSlowPutContiguous(structure->indexingMode()));
- return m_originalAlwaysSlowPutContiguousStructureSet.contains(structure);
- }
-
- const StructureSet& originalAlwaysSlowPutContiguousStructureSet() const { return m_originalAlwaysSlowPutContiguousStructureSet; }
Structure* booleanObjectStructure() const { return m_booleanObjectStructure.get(this); }
Structure* callbackConstructorStructure() const { return m_callbackConstructorStructure.get(this); }
@@ -1332,8 +1320,6 @@ class JSGlobalObject : public JSSegmentedVariableObject {
void setNeedsSiteSpecificQuirks(bool needQuirks) { m_needsSiteSpecificQuirks = needQuirks; }
- JS_EXPORT_PRIVATE void recordOriginalAlwaysSlowPutContiguousStructure(Structure*);
-
private:
friend class LLIntOffsetsExtractor;
@@ -1357,8 +1343,6 @@ class JSGlobalObject : public JSSegmentedVariableObject {
#ifdef JSC_GLIB_API_ENABLED
std::unique_ptr m_wrapperMap;
#endif
-
- StructureSet m_originalAlwaysSlowPutContiguousStructureSet;
};
inline JSArray* constructEmptyArray(JSGlobalObject* globalObject, ArrayAllocationProfile* profile, unsigned initialLength = 0, JSValue newTarget = JSValue())
diff --git a/Source/JavaScriptCore/runtime/JSObject.cpp b/Source/JavaScriptCore/runtime/JSObject.cpp
index 9f071e072366..2415d597483d 100644
--- a/Source/JavaScriptCore/runtime/JSObject.cpp
+++ b/Source/JavaScriptCore/runtime/JSObject.cpp
@@ -572,8 +572,6 @@ bool JSObject::getOwnPropertySlotByIndex(JSObject* thisObject, JSGlobalObject* g
if (i > MAX_ARRAY_INDEX)
return thisObject->methodTable()->getOwnPropertySlot(thisObject, globalObject, Identifier::from(vm, i), slot);
-
- unsigned attributes = hasAnySlowPutIndexingType(thisObject->indexingType()) && thisObject->structure()->typeInfo().slowPutArrayStorageVectorPropertiesAreReadOnly() ? static_cast(PropertyAttribute::ReadOnly) : static_cast(PropertyAttribute::None);
switch (thisObject->indexingType()) {
case ALL_BLANK_INDEXING_TYPES:
@@ -588,7 +586,7 @@ bool JSObject::getOwnPropertySlotByIndex(JSObject* thisObject, JSGlobalObject* g
JSValue value = butterfly->contiguous().at(thisObject, i).get();
if (value) {
- slot.setValue(thisObject, attributes, value);
+ slot.setValue(thisObject, static_cast(PropertyAttribute::None), value);
return true;
}
@@ -602,7 +600,7 @@ bool JSObject::getOwnPropertySlotByIndex(JSObject* thisObject, JSGlobalObject* g
double value = butterfly->contiguousDouble().at(thisObject, i);
if (value == value) {
- slot.setValue(thisObject, attributes, JSValue(JSValue::EncodeAsDouble, value));
+ slot.setValue(thisObject, static_cast(PropertyAttribute::None), JSValue(JSValue::EncodeAsDouble, value));
return true;
}
@@ -617,7 +615,7 @@ bool JSObject::getOwnPropertySlotByIndex(JSObject* thisObject, JSGlobalObject* g
if (i < storage->vectorLength()) {
JSValue value = storage->m_vector[i].get();
if (value) {
- slot.setValue(thisObject, attributes, value);
+ slot.setValue(thisObject, static_cast(PropertyAttribute::None), value);
return true;
}
} else if (SparseArrayValueMap* map = storage->m_sparseMap.get()) {
@@ -1460,7 +1458,7 @@ ArrayStorage* JSObject::convertDoubleToArrayStorage(VM& vm)
ArrayStorage* JSObject::convertContiguousToArrayStorage(VM& vm, TransitionKind transition)
{
DeferGC deferGC(vm);
- ASSERT(hasAnyContiguous(indexingType()));
+ ASSERT(hasContiguous(indexingType()));
unsigned vectorLength = m_butterfly->vectorLength();
ArrayStorage* newStorage = constructConvertedArrayStorageWithoutCopyingElements(vm, vectorLength);
@@ -1750,7 +1748,6 @@ ContiguousJSValues JSObject::tryMakeWritableContiguousSlow(VM& vm)
return convertDoubleToContiguous(vm);
case ALL_ARRAY_STORAGE_INDEXING_TYPES:
- case NonArrayWithAlwaysSlowPutContiguous:
return ContiguousJSValues();
default:
@@ -1821,14 +1818,11 @@ ArrayStorage* JSObject::ensureArrayStorageExistsAndEnterDictionaryIndexingMode(V
case ALL_DOUBLE_INDEXING_TYPES:
return enterDictionaryIndexingModeWhenArrayStorageAlreadyExists(vm, convertDoubleToArrayStorage(vm));
- case ALL_FAST_PUT_CONTIGUOUS_INDEXING_TYPES:
+ case ALL_CONTIGUOUS_INDEXING_TYPES:
return enterDictionaryIndexingModeWhenArrayStorageAlreadyExists(vm, convertContiguousToArrayStorage(vm));
case ALL_ARRAY_STORAGE_INDEXING_TYPES:
return enterDictionaryIndexingModeWhenArrayStorageAlreadyExists(vm, m_butterfly->arrayStorage());
-
- case NonArrayWithAlwaysSlowPutContiguous:
- return enterDictionaryIndexingModeWhenArrayStorageAlreadyExists(vm, convertContiguousToArrayStorage(vm, TransitionKind::AllocateSlowPutArrayStorage));
default:
CRASH();
@@ -1861,13 +1855,9 @@ void JSObject::switchToSlowPutArrayStorage(VM& vm)
convertDoubleToArrayStorage(vm, TransitionKind::AllocateSlowPutArrayStorage);
break;
- case ALL_FAST_PUT_CONTIGUOUS_INDEXING_TYPES:
+ case ALL_CONTIGUOUS_INDEXING_TYPES:
convertContiguousToArrayStorage(vm, TransitionKind::AllocateSlowPutArrayStorage);
break;
-
- case NonArrayWithAlwaysSlowPutContiguous:
- enterDictionaryIndexingMode(vm);
- break;
case NonArrayWithArrayStorage:
case ArrayWithArrayStorage: {
@@ -2978,9 +2968,8 @@ bool JSObject::putByIndexBeyondVectorLengthWithoutAttributes(JSGlobalObject* glo
|| (i >= MIN_SPARSE_ARRAY_INDEX && !isDenseEnoughForVector(i, countElements(butterfly)))
|| indexIsSufficientlyBeyondLengthForSparseMap(i, butterfly->vectorLength())) {
ASSERT(i <= MAX_ARRAY_INDEX);
- bool needsDictionaryIndexingMode = hasAlwaysSlowPutContiguous(indexingType());
- ArrayStorage* storage = ensureArrayStorageSlow(vm);
- SparseArrayValueMap* map = needsDictionaryIndexingMode ? enterDictionaryIndexingModeWhenArrayStorageAlreadyExists(vm, storage)->m_sparseMap.get() : allocateSparseIndexMap(vm);
+ ensureArrayStorageSlow(vm);
+ SparseArrayValueMap* map = allocateSparseIndexMap(vm);
bool result = map->putEntry(globalObject, this, i, value, false);
RETURN_IF_EXCEPTION(scope, false);
ASSERT(i >= arrayStorage()->length());
diff --git a/Source/JavaScriptCore/runtime/JSObject.h b/Source/JavaScriptCore/runtime/JSObject.h
index 9b4adba2b31f..6ffee48b3e01 100644
--- a/Source/JavaScriptCore/runtime/JSObject.h
+++ b/Source/JavaScriptCore/runtime/JSObject.h
@@ -436,7 +436,7 @@ class JSObject : public JSCell {
}
FALLTHROUGH;
}
- case ALL_WRITABLE_FAST_PUT_CONTIGUOUS_INDEXING_TYPES: {
+ case ALL_WRITABLE_CONTIGUOUS_INDEXING_TYPES: {
if (i >= butterfly->vectorLength())
return false;
butterfly->contiguous().at(this, i).setWithoutWriteBarrier(v);
@@ -474,8 +474,6 @@ class JSObject : public JSCell {
return false;
setIndexQuicklyForArrayStorageIndexingType(vm, i, v);
return true;
- case NonArrayWithAlwaysSlowPutContiguous:
- return false;
default:
RELEASE_ASSERT(isCopyOnWrite(indexingMode()));
return false;
@@ -495,7 +493,7 @@ class JSObject : public JSCell {
}
FALLTHROUGH;
}
- case ALL_FAST_PUT_CONTIGUOUS_INDEXING_TYPES: {
+ case ALL_CONTIGUOUS_INDEXING_TYPES: {
ASSERT(i < butterfly->vectorLength());
butterfly->contiguous().at(this, i).setWithoutWriteBarrier(v);
if (i >= butterfly->publicLength())
@@ -862,7 +860,7 @@ class JSObject : public JSCell {
bool isFrozen(VM& vm) { return structure()->isFrozen(vm); }
JS_EXPORT_PRIVATE bool anyObjectInChainMayInterceptIndexedAccesses() const;
- JS_EXPORT_PRIVATE bool needsSlowPutIndexing() const;
+ bool needsSlowPutIndexing() const;
private:
TransitionKind suggestedArrayStorageTransition() const;
@@ -989,7 +987,6 @@ class JSObject : public JSCell {
JS_EXPORT_PRIVATE JSValue getMethod(JSGlobalObject*, CallData&, const Identifier&, const String& errorMessage);
- bool canDoFastIndexedAccess();
bool canPerformFastPutInline(VM&, PropertyName);
bool canPerformFastPutInlineExcludingProto();
@@ -1084,7 +1081,7 @@ class JSObject : public JSCell {
ArrayStorage* convertContiguousToArrayStorage(VM&);
- JS_EXPORT_PRIVATE ArrayStorage* ensureArrayStorageExistsAndEnterDictionaryIndexingMode(VM&);
+ ArrayStorage* ensureArrayStorageExistsAndEnterDictionaryIndexingMode(VM&);
bool defineOwnNonIndexProperty(JSGlobalObject*, PropertyName, const PropertyDescriptor&, bool throwException);
diff --git a/Source/JavaScriptCore/runtime/JSObjectInlines.h b/Source/JavaScriptCore/runtime/JSObjectInlines.h
index a2ac2cbd3b29..27b3995db37c 100644
--- a/Source/JavaScriptCore/runtime/JSObjectInlines.h
+++ b/Source/JavaScriptCore/runtime/JSObjectInlines.h
@@ -487,21 +487,6 @@ inline bool JSObject::canGetIndexQuicklyForTypedArray(unsigned i) const
}
}
-inline bool JSObject::canDoFastIndexedAccess()
-{
- if (LIKELY(isJSArray(this)))
- return asArray(this)->canDoFastIndexedAccess();
-
- Structure* structure = this->structure();
- if (structure->typeInfo().interceptsGetOwnPropertySlotByIndexEvenWhenLengthIsNotZero())
- return false;
-
- if (structure->holesMustForwardToPrototype(this))
- return false;
-
- return true;
-}
-
inline JSValue JSObject::getIndexQuicklyForTypedArray(unsigned i, ArrayProfile* arrayProfile) const
{
#if USE(LARGE_TYPED_ARRAYS)
diff --git a/Source/JavaScriptCore/runtime/JSTypeInfo.h b/Source/JavaScriptCore/runtime/JSTypeInfo.h
index 547c10739fca..a77d7c513224 100644
--- a/Source/JavaScriptCore/runtime/JSTypeInfo.h
+++ b/Source/JavaScriptCore/runtime/JSTypeInfo.h
@@ -60,7 +60,6 @@ static constexpr unsigned StructureIsImmortal = 1 << 17;
static constexpr unsigned OverridesPut = 1 << 18;
static constexpr unsigned OverridesGetPrototype = 1 << 19;
static constexpr unsigned GetOwnPropertySlotMayBeWrongAboutDontEnum = 1 << 20;
-static constexpr unsigned SlowPutArrayStorageVectorPropertiesAreReadOnly = 1 << 21;
static constexpr unsigned numberOfInlineBits = 8;
static constexpr unsigned OverridesGetPrototypeOutOfLine = OverridesGetPrototype >> numberOfInlineBits;
@@ -110,7 +109,6 @@ class TypeInfo {
bool getOwnPropertySlotIsImpure() const { return isSetOnFlags2(); }
bool getOwnPropertySlotIsImpureForPropertyAbsence() const { return isSetOnFlags2(); }
bool getOwnPropertySlotMayBeWrongAboutDontEnum() const { return isSetOnFlags2(); }
- bool slowPutArrayStorageVectorPropertiesAreReadOnly() const { return isSetOnFlags2(); }
bool newImpurePropertyFiresWatchpoints() const { return isSetOnFlags2(); }
bool isImmutablePrototypeExoticObject() const { return isSetOnFlags2(); }
bool interceptsGetOwnPropertySlotByIndexEvenWhenLengthIsNotZero() const { return isSetOnFlags2(); }
diff --git a/Source/JavaScriptCore/runtime/ObjectPropertyChangeAdaptiveWatchpoint.h b/Source/JavaScriptCore/runtime/ObjectPropertyChangeAdaptiveWatchpoint.h
index d1a83e1638c7..90715107e386 100644
--- a/Source/JavaScriptCore/runtime/ObjectPropertyChangeAdaptiveWatchpoint.h
+++ b/Source/JavaScriptCore/runtime/ObjectPropertyChangeAdaptiveWatchpoint.h
@@ -30,7 +30,7 @@
namespace JSC {
template
-class JS_EXPORT_PRIVATE ObjectPropertyChangeAdaptiveWatchpoint final : public AdaptiveInferredPropertyValueWatchpointBase {
+class ObjectPropertyChangeAdaptiveWatchpoint final : public AdaptiveInferredPropertyValueWatchpointBase {
public:
using Base = AdaptiveInferredPropertyValueWatchpointBase;
ObjectPropertyChangeAdaptiveWatchpoint(JSCell* owner, const ObjectPropertyCondition& condition, WatchpointSet& watchpointSet)
diff --git a/Source/JavaScriptCore/runtime/Structure.h b/Source/JavaScriptCore/runtime/Structure.h
index 5f7b8baea1c8..260c6884524d 100644
--- a/Source/JavaScriptCore/runtime/Structure.h
+++ b/Source/JavaScriptCore/runtime/Structure.h
@@ -750,7 +750,7 @@ class Structure : public JSCell {
return m_transitionWatchpointSet;
}
- JS_EXPORT_PRIVATE WatchpointSet* ensurePropertyReplacementWatchpointSet(VM&, PropertyOffset);
+ WatchpointSet* ensurePropertyReplacementWatchpointSet(VM&, PropertyOffset);
void startWatchingPropertyForReplacements(VM& vm, PropertyOffset offset)
{
ensurePropertyReplacementWatchpointSet(vm, offset);
diff --git a/Source/JavaScriptCore/runtime/StructureTransitionTable.h b/Source/JavaScriptCore/runtime/StructureTransitionTable.h
index 9422f92c6ec8..8062c2c787c3 100644
--- a/Source/JavaScriptCore/runtime/StructureTransitionTable.h
+++ b/Source/JavaScriptCore/runtime/StructureTransitionTable.h
@@ -99,7 +99,7 @@ inline IndexingType newIndexingType(IndexingType oldType, TransitionKind transit
ASSERT(!hasIndexedProperties(oldType) || hasUndecided(oldType) || hasInt32(oldType) || hasDouble(oldType) || hasContiguous(oldType));
return (oldType & ~IndexingShapeAndWritabilityMask) | ArrayStorageShape;
case TransitionKind::AllocateSlowPutArrayStorage:
- ASSERT(!hasIndexedProperties(oldType) || hasUndecided(oldType) || hasInt32(oldType) || hasDouble(oldType) || hasAnyContiguous(oldType));
+ ASSERT(!hasIndexedProperties(oldType) || hasUndecided(oldType) || hasInt32(oldType) || hasDouble(oldType) || hasContiguous(oldType));
return (oldType & ~IndexingShapeAndWritabilityMask) | SlowPutArrayStorageShape;
case TransitionKind::SwitchToSlowPutArrayStorage:
ASSERT(hasArrayStorage(oldType));
diff --git a/Source/JavaScriptCore/tools/JSDollarVM.cpp b/Source/JavaScriptCore/tools/JSDollarVM.cpp
index ad1147535373..86e295e6581d 100644
--- a/Source/JavaScriptCore/tools/JSDollarVM.cpp
+++ b/Source/JavaScriptCore/tools/JSDollarVM.cpp
@@ -996,126 +996,6 @@ class ObjectDoingSideEffectPutWithoutCorrectSlotStatus : public JSNonFinalObject
}
};
-class AlwaysSlowPutContiguousObject : public JSDestructibleObject {
-public:
- using Base = JSDestructibleObject;
- static constexpr unsigned StructureFlags = Base::StructureFlags;
-
- AlwaysSlowPutContiguousObject(VM& vm, Structure* structure, Butterfly* butterfly)
- : Base(vm, structure, butterfly)
- {
- DollarVMAssertScope assertScope;
- }
-
- template
- static CompleteSubspace* subspaceFor(VM& vm)
- {
- return &vm.cellSpace();
- }
-
- DECLARE_INFO;
-
- static Structure* createStructure(VM& vm, JSGlobalObject* globalObject)
- {
- DollarVMAssertScope assertScope;
- return Structure::create(vm, globalObject, globalObject->objectPrototype(), TypeInfo(ObjectType, StructureFlags), info(), NonArrayWithAlwaysSlowPutContiguous);
- }
-
- static AlwaysSlowPutContiguousObject* create(VM& vm, Structure* structure, Butterfly* butterfly)
- {
- DollarVMAssertScope assertScope;
- AlwaysSlowPutContiguousObject* result = new (NotNull, allocateCell(vm)) AlwaysSlowPutContiguousObject(vm, structure, butterfly);
- result->finishCreation(vm);
- return result;
- }
-};
-
-class AlwaysSlowPutContiguousObjectWithOverrides : public JSDestructibleObject {
-public:
- using Base = JSDestructibleObject;
- static constexpr unsigned StructureFlags = Base::StructureFlags | OverridesPut;
-
- AlwaysSlowPutContiguousObjectWithOverrides(VM& vm, Structure* structure, Butterfly* butterfly)
- : Base(vm, structure, butterfly)
- {
- DollarVMAssertScope assertScope;
- }
-
- template
- static CompleteSubspace* subspaceFor(VM& vm)
- {
- return &vm.cellSpace();
- }
-
- DECLARE_INFO;
-
- static Structure* createStructure(VM& vm, JSGlobalObject* globalObject)
- {
- DollarVMAssertScope assertScope;
- return Structure::create(vm, globalObject, globalObject->objectPrototype(), TypeInfo(ObjectType, StructureFlags), info(), NonArrayWithAlwaysSlowPutContiguous | MayHaveIndexedAccessors);
- }
-
- static AlwaysSlowPutContiguousObjectWithOverrides* create(VM& vm, Structure* structure, Butterfly* butterfly)
- {
- DollarVMAssertScope assertScope;
- AlwaysSlowPutContiguousObjectWithOverrides* result = new (NotNull, allocateCell(vm)) AlwaysSlowPutContiguousObjectWithOverrides(vm, structure, butterfly);
- result->finishCreation(vm);
- return result;
- }
-
- static bool put(JSCell* cell, JSGlobalObject* globalObject, PropertyName propertyName, JSValue value, PutPropertySlot& slot)
- {
- DollarVMAssertScope assertScope;
- auto* thisObject = jsCast(cell);
- if (std::optional index = parseIndex(propertyName))
- return thisObject->methodTable()->putByIndex(thisObject, globalObject, index.value(), value, slot.isStrictMode());
-
- return Base::put(cell, globalObject, propertyName, value, slot);
- }
-
- static bool putByIndex(JSCell* cell, JSGlobalObject* globalObject, unsigned propertyName, JSValue value, bool shouldThrow)
- {
- DollarVMAssertScope assertScope;
- VM& vm = globalObject->vm();
- auto* thisObject = jsCast(cell);
- thisObject->increment(vm, Identifier::fromString(vm, "putByIndexCalls"_s));
- return Base::putByIndex(cell, globalObject, propertyName, value, shouldThrow);
- }
-
- static bool deleteProperty(JSCell* cell, JSGlobalObject* globalObject, PropertyName propertyName, DeletePropertySlot& slot)
- {
- DollarVMAssertScope assertScope;
- auto* thisObject = jsCast(cell);
- if (std::optional index = parseIndex(propertyName))
- return thisObject->methodTable()->deletePropertyByIndex(thisObject, globalObject, index.value());
- return Base::deleteProperty(cell, globalObject, propertyName, slot);
- }
-
- static bool deletePropertyByIndex(JSCell* cell, JSGlobalObject* globalObject, unsigned propertyName)
- {
- DollarVMAssertScope assertScope;
- VM& vm = globalObject->vm();
- auto* thisObject = jsCast(cell);
- thisObject->increment(vm, Identifier::fromString(vm, "deleteByIndexCalls"_s));
- return Base::deletePropertyByIndex(cell, globalObject, propertyName);
- }
-
- void finishCreation(VM& vm)
- {
- DollarVMAssertScope assertScope;
- Base::finishCreation(vm);
- putDirect(vm, Identifier::fromString(vm, "putByIndexCalls"_s), jsNumber(0), static_cast(PropertyAttribute::DontEnum));
- putDirect(vm, Identifier::fromString(vm, "deleteByIndexCalls"_s), jsNumber(0), static_cast(PropertyAttribute::DontEnum));
- }
-
- void increment(VM& vm, const Identifier& identifier)
- {
- DollarVMAssertScope assertScope;
- uint32_t calls = getDirect(vm, identifier).asUInt32();
- putDirect(vm, identifier, jsNumber(calls + 1), static_cast(PropertyAttribute::DontEnum));
- }
-};
-
class DOMJITNode : public JSNonFinalObject {
public:
DOMJITNode(VM& vm, Structure* structure)
@@ -1991,8 +1871,6 @@ const ClassInfo StaticCustomAccessor::s_info = { "StaticCustomAccessor"_s, &Base
const ClassInfo StaticCustomValue::s_info = { "StaticCustomValue"_s, &Base::s_info, &staticCustomValueTable, nullptr, CREATE_METHOD_TABLE(StaticCustomValue) };
const ClassInfo StaticDontDeleteDontEnum::s_info = { "StaticDontDeleteDontEnum"_s, &Base::s_info, &staticDontDeleteDontEnumTable, nullptr, CREATE_METHOD_TABLE(StaticDontDeleteDontEnum) };
const ClassInfo ObjectDoingSideEffectPutWithoutCorrectSlotStatus::s_info = { "ObjectDoingSideEffectPutWithoutCorrectSlotStatus"_s, &Base::s_info, &staticCustomAccessorTable, nullptr, CREATE_METHOD_TABLE(ObjectDoingSideEffectPutWithoutCorrectSlotStatus) };
-const ClassInfo AlwaysSlowPutContiguousObject::s_info = { "AlwaysSlowPutContiguousObject"_s, &Base::s_info, nullptr, nullptr, CREATE_METHOD_TABLE(AlwaysSlowPutContiguousObject) };
-const ClassInfo AlwaysSlowPutContiguousObjectWithOverrides::s_info = { "AlwaysSlowPutContiguousObjectWithOverrides"_s, &Base::s_info, nullptr, nullptr, CREATE_METHOD_TABLE(AlwaysSlowPutContiguousObjectWithOverrides) };
ElementHandleOwner* Element::handleOwner()
{
@@ -2270,8 +2148,6 @@ static JSC_DECLARE_HOST_FUNCTION(functionCreateStaticCustomAccessor);
static JSC_DECLARE_HOST_FUNCTION(functionCreateStaticCustomValue);
static JSC_DECLARE_HOST_FUNCTION(functionCreateStaticDontDeleteDontEnum);
static JSC_DECLARE_HOST_FUNCTION(functionCreateObjectDoingSideEffectPutWithoutCorrectSlotStatus);
-static JSC_DECLARE_HOST_FUNCTION(functionCreateAlwaysSlowPutContiguousObject);
-static JSC_DECLARE_HOST_FUNCTION(functionCreateAlwaysSlowPutContiguousObjectWithOverrides);
static JSC_DECLARE_HOST_FUNCTION(functionCreateEmptyFunctionWithName);
static JSC_DECLARE_HOST_FUNCTION(functionSetImpureGetterDelegate);
static JSC_DECLARE_HOST_FUNCTION(functionCreateBuiltin);
@@ -2332,7 +2208,6 @@ static JSC_DECLARE_HOST_FUNCTION(functionResetJITSizeStatistics);
#endif
static JSC_DECLARE_HOST_FUNCTION(functionEnsureArrayStorage);
-static JSC_DECLARE_HOST_FUNCTION(functionHasSparseModeArrayStorage);
#if PLATFORM(COCOA)
static JSC_DECLARE_HOST_FUNCTION(functionSetCrashLogMessage);;
#endif
@@ -3300,43 +3175,6 @@ JSC_DEFINE_HOST_FUNCTION(functionCreateObjectDoingSideEffectPutWithoutCorrectSlo
return JSValue::encode(result);
}
-template
-static JSValue createAlwaysSlowPutContiguousObject(JSGlobalObject* globalObject, CallFrame* callFrame)
-{
- VM& vm = globalObject->vm();
- JSLockHolder lock(vm);
-
- uint32_t length = callFrame->argument(0).asUInt32();
-
- Structure* structure = T::createStructure(vm, globalObject);
-
- IndexingHeader indexingHeader;
- indexingHeader.setVectorLength(length);
- indexingHeader.setPublicLength(length);
- Butterfly* butterfly = Butterfly::tryCreate(vm, nullptr, 0, structure->outOfLineCapacity(), true, indexingHeader, length * sizeof(EncodedJSValue));
- if (!butterfly)
- return jsUndefined();
-
- for (uint32_t i = length; i--;)
- butterfly->contiguous().atUnsafe(i).clear();
-
- T* result = T::create(vm, structure, butterfly);
- result->putDirect(vm, vm.propertyNames->length, jsNumber(length), static_cast(PropertyAttribute::DontEnum));
- return result;
-}
-
-JSC_DEFINE_HOST_FUNCTION(functionCreateAlwaysSlowPutContiguousObject, (JSGlobalObject* globalObject, CallFrame* callFrame))
-{
- DollarVMAssertScope assertScope;
- return JSValue::encode(createAlwaysSlowPutContiguousObject(globalObject, callFrame));
-}
-
-JSC_DEFINE_HOST_FUNCTION(functionCreateAlwaysSlowPutContiguousObjectWithOverrides, (JSGlobalObject* globalObject, CallFrame* callFrame))
-{
- DollarVMAssertScope assertScope;
- return JSValue::encode(createAlwaysSlowPutContiguousObject(globalObject, callFrame));
-}
-
JSC_DEFINE_HOST_FUNCTION(functionCreateEmptyFunctionWithName, (JSGlobalObject* globalObject, CallFrame* callFrame))
{
DollarVMAssertScope assertScope;
@@ -4088,17 +3926,6 @@ JSC_DEFINE_HOST_FUNCTION(functionEnsureArrayStorage, (JSGlobalObject* globalObje
return JSValue::encode(jsUndefined());
}
-JSC_DEFINE_HOST_FUNCTION(functionHasSparseModeArrayStorage, (JSGlobalObject*, CallFrame* callFrame))
-{
- DollarVMAssertScope assertScope;
-
- if (JSObject* object = callFrame->argument(0).getObject()) {
- if (hasAnyArrayStorage(object->indexingMode()))
- return JSValue::encode(jsBoolean(object->butterfly()->arrayStorage()->inSparseMode()));
- }
-
- return JSValue::encode(jsBoolean(false));
-}
#if PLATFORM(COCOA)
JSC_DEFINE_HOST_FUNCTION(functionSetCrashLogMessage, (JSGlobalObject* globalObject, CallFrame* callFrame))
@@ -4207,8 +4034,6 @@ void JSDollarVM::finishCreation(VM& vm)
addFunction(vm, "createStaticCustomValue"_s, functionCreateStaticCustomValue, 0);
addFunction(vm, "createStaticDontDeleteDontEnum"_s, functionCreateStaticDontDeleteDontEnum, 0);
addFunction(vm, "createObjectDoingSideEffectPutWithoutCorrectSlotStatus"_s, functionCreateObjectDoingSideEffectPutWithoutCorrectSlotStatus, 0);
- addFunction(vm, "createAlwaysSlowPutContiguousObject"_s, functionCreateAlwaysSlowPutContiguousObject, 0);
- addFunction(vm, "createAlwaysSlowPutContiguousObjectWithOverrides"_s, functionCreateAlwaysSlowPutContiguousObjectWithOverrides, 0);
addFunction(vm, "createEmptyFunctionWithName"_s, functionCreateEmptyFunctionWithName, 1);
addFunction(vm, "getPrivateProperty"_s, functionGetPrivateProperty, 2);
addFunction(vm, "setImpureGetterDelegate"_s, functionSetImpureGetterDelegate, 2);
@@ -4292,7 +4117,6 @@ void JSDollarVM::finishCreation(VM& vm)
#endif
addFunction(vm, "ensureArrayStorage"_s, functionEnsureArrayStorage, 1);
- addFunction(vm, "hasSparseModeArrayStorage"_s, functionHasSparseModeArrayStorage, 1);
#if PLATFORM(COCOA)
addFunction(vm, "setCrashLogMessage"_s, functionSetCrashLogMessage, 1);
diff --git a/Source/WebCore/WebCore.xcodeproj/project.pbxproj b/Source/WebCore/WebCore.xcodeproj/project.pbxproj
index 2daabe4994cd..c716b27bec8f 100644
--- a/Source/WebCore/WebCore.xcodeproj/project.pbxproj
+++ b/Source/WebCore/WebCore.xcodeproj/project.pbxproj
@@ -4306,7 +4306,7 @@
BC779E171BB227CA00CAA8BF /* StyleCustomPropertyData.h in Headers */ = {isa = PBXBuildFile; fileRef = BC779E151BB226A200CAA8BF /* StyleCustomPropertyData.h */; settings = {ATTRIBUTES = (Private, ); }; };
BC7F44A80B9E324E00A9D081 /* ImageObserver.h in Headers */ = {isa = PBXBuildFile; fileRef = BC7F44A70B9E324E00A9D081 /* ImageObserver.h */; settings = {ATTRIBUTES = (Private, ); }; };
BC7FA6210D1F0CBD00DB22A9 /* LiveNodeList.h in Headers */ = {isa = PBXBuildFile; fileRef = BC7FA61F0D1F0CBD00DB22A9 /* LiveNodeList.h */; settings = {ATTRIBUTES = (Private, ); }; };
- BC7FA62D0D1F0EFF00DB22A9 /* StaticNodeList.h in Headers */ = {isa = PBXBuildFile; fileRef = BC7FA62B0D1F0EFF00DB22A9 /* StaticNodeList.h */; settings = {ATTRIBUTES = (Private, ); }; };
+ BC7FA62D0D1F0EFF00DB22A9 /* StaticNodeList.h in Headers */ = {isa = PBXBuildFile; fileRef = BC7FA62B0D1F0EFF00DB22A9 /* StaticNodeList.h */; };
BC80C9880CD294EE00A0B7B3 /* CSSTimingFunctionValue.h in Headers */ = {isa = PBXBuildFile; fileRef = BC80C9860CD294EE00A0B7B3 /* CSSTimingFunctionValue.h */; };
BC8243290D0CE8A200460C8F /* JSSQLError.h in Headers */ = {isa = PBXBuildFile; fileRef = BC8243250D0CE8A200460C8F /* JSSQLError.h */; };
BC82432A0D0CE8A200460C8F /* JSSQLTransaction.h in Headers */ = {isa = PBXBuildFile; fileRef = BC8243260D0CE8A200460C8F /* JSSQLTransaction.h */; };
diff --git a/Source/WebCore/bindings/js/JSDOMWindowBase.cpp b/Source/WebCore/bindings/js/JSDOMWindowBase.cpp
index 88d177bfbdfc..00e595712337 100644
--- a/Source/WebCore/bindings/js/JSDOMWindowBase.cpp
+++ b/Source/WebCore/bindings/js/JSDOMWindowBase.cpp
@@ -42,7 +42,6 @@
#include "JSFetchResponse.h"
#include "JSMicrotaskCallback.h"
#include "JSNode.h"
-#include "JSNodeList.h"
#include "Logging.h"
#include "Page.h"
#include "RejectedPromiseTracker.h"
@@ -136,37 +135,6 @@ void JSDOMWindowBase::finishCreation(VM& vm, JSWindowProxy* proxy)
if (m_wrapped && m_wrapped->frame() && m_wrapped->frame()->settings().showModalDialogEnabled())
putDirectCustomAccessor(vm, builtinNames(vm).showModalDialogPublicName(), CustomGetterSetter::create(vm, showModalDialogGetter, nullptr), static_cast(PropertyAttribute::CustomValue));
-
- installAlwaysSlowPutContiguousPrototypesAreSaneWatchpoint(vm);
-}
-
-void JSDOMWindowBase::installAlwaysSlowPutContiguousPrototypesAreSaneWatchpoint(VM& vm)
-{
- DeferTerminationForAWhile deferScope(vm);
-
- auto* staticNodeListStructure = getDOMStructure(vm, *this);
- ASSERT(!staticNodeListStructure->isDictionary());
-
- auto* staticNodeListPrototype = staticNodeListStructure->storedPrototypeObject();
- auto* staticNodeListPrototypeStructure = staticNodeListPrototype->structure();
-
- if (staticNodeListPrototypeStructure->isDictionary())
- staticNodeListPrototypeStructure = staticNodeListPrototypeStructure->flattenDictionaryStructure(vm, staticNodeListPrototype);
-
- PropertyOffset lengthOffset = staticNodeListPrototype->getDirectOffset(vm, vm.propertyNames->length);
- JSValue lengthAccessor = staticNodeListPrototype->getDirect(lengthOffset);
- ASSERT(lengthAccessor.isCustomGetterSetter());
-
- staticNodeListPrototypeStructure->startWatchingPropertyForReplacements(vm, lengthOffset);
-
- m_alwaysSlowPutContiguousPrototypesAreSaneWatchpointSet.startWatching();
-
- ObjectPropertyCondition prototypeLengthCondition = ObjectPropertyCondition::equivalence(vm, staticNodeListPrototype, staticNodeListPrototype, vm.propertyNames->length.impl(), lengthAccessor);
-
- m_staticNodeListPrototypeLengthWatchpoint = makeUnique>(this, prototypeLengthCondition, m_alwaysSlowPutContiguousPrototypesAreSaneWatchpointSet);
- m_staticNodeListPrototypeLengthWatchpoint->install(vm);
-
- recordOriginalAlwaysSlowPutContiguousStructure(staticNodeListStructure);
}
void JSDOMWindowBase::destroy(JSCell* cell)
diff --git a/Source/WebCore/bindings/js/JSDOMWindowBase.h b/Source/WebCore/bindings/js/JSDOMWindowBase.h
index a05ff3b4b047..0d8e2817649c 100644
--- a/Source/WebCore/bindings/js/JSDOMWindowBase.h
+++ b/Source/WebCore/bindings/js/JSDOMWindowBase.h
@@ -30,10 +30,8 @@
#include
#include
#include
-#include
#include
#include
-#include
#include
#include
#include
@@ -106,10 +104,6 @@ class WEBCORE_EXPORT JSDOMWindowBase : public JSDOMGlobalObject {
RefPtr m_wrapped;
RefPtr m_currentEvent;
-
- void installAlwaysSlowPutContiguousPrototypesAreSaneWatchpoint(JSC::VM&);
-
- std::unique_ptr> m_staticNodeListPrototypeLengthWatchpoint;
};
WEBCORE_EXPORT JSC::JSValue toJS(JSC::JSGlobalObject*, DOMWindow&);
diff --git a/Source/WebCore/bindings/js/JSNodeListCustom.cpp b/Source/WebCore/bindings/js/JSNodeListCustom.cpp
index 6c69f5d12501..18703ecd1845 100644
--- a/Source/WebCore/bindings/js/JSNodeListCustom.cpp
+++ b/Source/WebCore/bindings/js/JSNodeListCustom.cpp
@@ -37,84 +37,6 @@
namespace WebCore {
using namespace JSC;
-// FIXME: Instead of handpicking methods from JSNodeList / JSObject, extract JSNodeListBase and make
-// JSStaticNodeList / JSLiveNodeList extend it (which would require massive changes to CodeGeneratorJS.pm though).
-const ClassInfo JSStaticNodeList::s_info = {
- "NodeList"_s,
- &Base::s_info,
- nullptr,
- nullptr,
- std::nullopt, {
- &JSStaticNodeList::destroy,
- &JSStaticNodeList::getCallData,
- &JSStaticNodeList::getConstructData,
- &JSStaticNodeList::put,
- &JSStaticNodeList::putByIndex,
- &JSStaticNodeList::deleteProperty,
- &JSStaticNodeList::deletePropertyByIndex,
- &Base::Base::getOwnPropertySlot,
- &Base::Base::getOwnPropertySlotByIndex,
- &JSStaticNodeList::toThis,
- &Base::Base::getOwnPropertyNames,
- &Base::Base::getOwnSpecialPropertyNames,
- &JSStaticNodeList::customHasInstance,
- &JSStaticNodeList::defineOwnProperty,
- &JSStaticNodeList::preventExtensions,
- &JSStaticNodeList::isExtensible,
- &JSStaticNodeList::setPrototype,
- &JSStaticNodeList::getPrototype,
- &JSStaticNodeList::dumpToStream,
- &JSStaticNodeList::analyzeHeap,
- &JSStaticNodeList::estimatedSize,
- &JSStaticNodeList::visitChildren,
- &JSStaticNodeList::visitChildren,
- &JSStaticNodeList::visitOutputConstraints,
- &JSStaticNodeList::visitOutputConstraints,
- },
- sizeof(JSStaticNodeList),
-};
-
-JSObject* JSStaticNodeList::createPrototype(VM& vm, JSDOMGlobalObject& globalObject)
-{
- return Base::prototype(vm, globalObject);
-}
-
-JSStaticNodeList::JSStaticNodeList(Structure* structure, JSDOMGlobalObject& globalObject, Ref&& impl)
- : Base(structure, globalObject, WTFMove(impl))
-{
-}
-
-void JSStaticNodeList::finishCreation(VM& vm)
-{
- Base::finishCreation(vm);
-
- auto& nodeList = wrapped();
- unsigned length = nodeList.length();
-
- IndexingHeader indexingHeader;
- indexingHeader.setVectorLength(length);
- indexingHeader.setPublicLength(length);
- auto* butterfly = Butterfly::tryCreate(vm, nullptr, 0, structure()->outOfLineCapacity(), true, indexingHeader, sizeof(EncodedJSValue) * length);
- if (UNLIKELY(!butterfly))
- return;
-
- auto* globalObject = this->globalObject();
- auto contiguousValues = butterfly->contiguous();
-
- for (unsigned i = 0; i < length; ++i)
- contiguousValues.atUnsafe(i).clear();
-
- setButterfly(vm, butterfly);
-
- for (unsigned i = 0; i < length; ++i) {
- auto jsNode = toJS(globalObject, globalObject, *nodeList.item(i));
- contiguousValues.atUnsafe(i).set(vm, this, jsNode);
- }
-
- if (UNLIKELY(needsSlowPutIndexing()))
- ensureArrayStorageExistsAndEnterDictionaryIndexingMode(vm);
-}
-
bool JSNodeListOwner::isReachableFromOpaqueRoots(JSC::Handle handle, void*, AbstractSlotVisitor& visitor, const char** reason)
{
JSNodeList* jsNodeList = jsCast(handle.slot()->asCell());
@@ -146,8 +68,6 @@ bool JSNodeListOwner::isReachableFromOpaqueRoots(JSC::Handle handl
JSC::JSValue createWrapper(JSDOMGlobalObject& globalObject, Ref&& nodeList)
{
- if (nodeList->isStaticNodeList())
- return createWrapper(&globalObject, WTFMove(nodeList));
// FIXME: Adopt reportExtraMemoryVisited, and switch to reportExtraMemoryAllocated.
// https://bugs.webkit.org/show_bug.cgi?id=142595
globalObject.vm().heap.deprecatedReportExtraMemory(nodeList->memoryCost());
diff --git a/Source/WebCore/bindings/js/JSNodeListCustom.h b/Source/WebCore/bindings/js/JSNodeListCustom.h
index b72d9c053641..5954e5c75414 100644
--- a/Source/WebCore/bindings/js/JSNodeListCustom.h
+++ b/Source/WebCore/bindings/js/JSNodeListCustom.h
@@ -26,40 +26,9 @@
#pragma once
#include "JSDOMBinding.h"
-#include "JSNodeList.h"
-#include "StaticNodeList.h"
namespace WebCore {
-class JSStaticNodeList final : public JSNodeList {
-public:
- using Base = JSNodeList;
- static constexpr unsigned StructureFlags = Base::Base::StructureFlags | JSC::SlowPutArrayStorageVectorPropertiesAreReadOnly;
- static JSStaticNodeList* create(JSC::Structure* structure, JSDOMGlobalObject* globalObject, Ref&& impl)
- {
- JSStaticNodeList* ptr = new (NotNull, JSC::allocateCell(globalObject->vm())) JSStaticNodeList(structure, *globalObject, WTFMove(impl));
- ptr->finishCreation(globalObject->vm());
- return ptr;
- }
-
- DECLARE_INFO;
-
- static JSC::JSObject* createPrototype(JSC::VM&, JSDOMGlobalObject&);
- static JSC::Structure* createStructure(JSC::VM& vm, JSC::JSGlobalObject* globalObject, JSC::JSValue prototype)
- {
- return JSC::Structure::create(vm, globalObject, prototype, JSC::TypeInfo(JSC::ObjectType, StructureFlags), info(), JSC::NonArrayWithAlwaysSlowPutContiguous);
- }
-protected:
- JSStaticNodeList(JSC::Structure*, JSDOMGlobalObject&, Ref&&);
-
- void finishCreation(JSC::VM&);
-};
-
-template<> struct JSDOMWrapperConverterTraits {
- using WrapperClass = JSStaticNodeList;
- using ToWrappedReturnType = StaticNodeList*;
-};
-
WEBCORE_EXPORT JSC::JSValue createWrapper(JSDOMGlobalObject&, Ref&&);
ALWAYS_INLINE JSC::JSValue toJS(JSC::JSGlobalObject*, JSDOMGlobalObject* globalObject, NodeList& nodeList)
diff --git a/Source/WebCore/dom/NodeList.h b/Source/WebCore/dom/NodeList.h
index da5bfa3d69f7..4cafdbbd4d8a 100644
--- a/Source/WebCore/dom/NodeList.h
+++ b/Source/WebCore/dom/NodeList.h
@@ -56,7 +56,6 @@ class NodeList : public ScriptWrappable, public RefCounted {
virtual bool isLiveNodeList() const { return false; }
virtual bool isChildNodeList() const { return false; }
virtual bool isEmptyNodeList() const { return false; }
- virtual bool isStaticNodeList() const { return false; }
virtual size_t memoryCost() const { return 0; }
};
diff --git a/Source/WebCore/dom/StaticNodeList.cpp b/Source/WebCore/dom/StaticNodeList.cpp
index 2c2f02107e07..f7f523db54f5 100644
--- a/Source/WebCore/dom/StaticNodeList.cpp
+++ b/Source/WebCore/dom/StaticNodeList.cpp
@@ -36,11 +36,6 @@ namespace WebCore {
WTF_MAKE_ISO_ALLOCATED_IMPL(StaticNodeList);
WTF_MAKE_ISO_ALLOCATED_IMPL(StaticElementList);
-bool StaticNodeList::isStaticNodeList() const
-{
- return true;
-}
-
unsigned StaticNodeList::length() const
{
return m_nodes.size();
@@ -53,11 +48,6 @@ Node* StaticNodeList::item(unsigned index) const
return nullptr;
}
-bool StaticElementList::isStaticNodeList() const
-{
- return true;
-}
-
unsigned StaticElementList::length() const
{
return m_elements.size();
diff --git a/Source/WebCore/dom/StaticNodeList.h b/Source/WebCore/dom/StaticNodeList.h
index a4a26ced0b7b..d983ae5014fb 100644
--- a/Source/WebCore/dom/StaticNodeList.h
+++ b/Source/WebCore/dom/StaticNodeList.h
@@ -45,8 +45,6 @@ class WEBCORE_EXPORT StaticNodeList final : public NodeList {
unsigned length() const override;
Node* item(unsigned index) const override;
- bool isStaticNodeList() const final;
-
private:
StaticNodeList(Vector>&& nodes)
: m_nodes(WTFMove(nodes))
@@ -66,8 +64,6 @@ class StaticElementList final : public NodeList {
unsigned length() const override;
Element* item(unsigned index) const override;
- bool isStaticNodeList() const final;
-
private:
StaticElementList(Vector>&& elements)
: m_elements(WTFMove(elements))