[webkit-changes] [160714] branches/jsCStack/Source/JavaScriptCore

Title: [160714] branches/jsCStack/Source/_javascript_Core Revision 160714 Author msab...@apple.com Date 2013-12-17 10:25:27 -0800 (Tue, 17 Dec 2013) Log Message CStack Branch: Fix callee frame access in virtualForThunkGenerator when we don't emit prologue code https://bugs.webkit.org/show

[webkit-changes] [160746] branches/jsCStack/Source/JavaScriptCore

Title: [160746] branches/jsCStack/Source/_javascript_Core Revision 160746 Author msab...@apple.com Date 2013-12-17 19:45:57 -0800 (Tue, 17 Dec 2013) Log Message CStack Branch: Fix varargs calls to work on C stack https://bugs.webkit.org/show_bug.cgi?id=125903 Reviewed by Filip Pizlo. Fi

[webkit-changes] [160783] branches/jsCStack/Source/JavaScriptCore

Title: [160783] branches/jsCStack/Source/_javascript_Core Revision 160783 Author msab...@apple.com Date 2013-12-18 11:46:24 -0800 (Wed, 18 Dec 2013) Log Message CStack Branch: Exceptions in LLIntSlowPaths shouldn't pop call frame https://bugs.webkit.org/show_bug.cgi?id=125932 Reviewed by

[webkit-changes] [160784] branches/jsCStack/Source/JavaScriptCore

Title: [160784] branches/jsCStack/Source/_javascript_Core Revision 160784 Author msab...@apple.com Date 2013-12-18 11:54:22 -0800 (Wed, 18 Dec 2013) Log Message CStack Branch: getHostCallReturnValue shouldn't pop the callFrame https://bugs.webkit.org/show_bug.cgi?id=125931 Reviewed by Ge

[webkit-changes] [160815] branches/jsCStack/Source/JavaScriptCore

Title: [160815] branches/jsCStack/Source/_javascript_Core Revision 160815 Author msab...@apple.com Date 2013-12-18 18:21:33 -0800 (Wed, 18 Dec 2013) Log Message CStack Branch: Stop threading callFrameRegister through LLIntSlowCalls https://bugs.webkit.org/show_bug.cgi?id=125964 Reviewed

[webkit-changes] [160831] branches/jsCStack/Source/JavaScriptCore

Title: [160831] branches/jsCStack/Source/_javascript_Core Revision 160831 Author msab...@apple.com Date 2013-12-19 07:48:36 -0800 (Thu, 19 Dec 2013) Log Message CStack Branch: Remove "AndAlloc" from sizeAndAllocFrameForVarargs and friends https://bugs.webkit.org/show_bug.cgi?id=125980 Re

[webkit-changes] [160867] branches/jsCStack/Source/JavaScriptCore

Title: [160867] branches/jsCStack/Source/_javascript_Core Revision 160867 Author msab...@apple.com Date 2013-12-19 15:37:45 -0800 (Thu, 19 Dec 2013) Log Message CStack Branch: Fix call eval in baseline JIT https://bugs.webkit.org/show_bug.cgi?id=126020 Reviewed by Geoffrey Garen. Added

[webkit-changes] [160871] branches/jsCStack/Source/JavaScriptCore

Title: [160871] branches/jsCStack/Source/_javascript_Core Revision 160871 Author msab...@apple.com Date 2013-12-19 16:22:22 -0800 (Thu, 19 Dec 2013) Log Message CStack Branch: Fix call operationStackCheck to check the proper stack https://bugs.webkit.org/show_bug.cgi?id=126026 Reviewed b

[webkit-changes] [160874] branches/jsCStack/Source/JavaScriptCore

Title: [160874] branches/jsCStack/Source/_javascript_Core Revision 160874 Author msab...@apple.com Date 2013-12-19 16:38:31 -0800 (Thu, 19 Dec 2013) Log Message CStack Branch: Fix call operationStackCheck to check the proper stack https://bugs.webkit.org/show_bug.cgi?id=126026 Unreviewed

[webkit-changes] [160929] branches/jsCStack/Source/JavaScriptCore

Title: [160929] branches/jsCStack/Source/_javascript_Core Revision 160929 Author msab...@apple.com Date 2013-12-20 14:59:46 -0800 (Fri, 20 Dec 2013) Log Message Unreviewed build fix for building without the FTL. * jit/RegisterPreservationWrapperGenerator.cpp: (JSC::generateRegisterPreser

[webkit-changes] [160931] branches/jsCStack/Source/JavaScriptCore

Title: [160931] branches/jsCStack/Source/_javascript_Core Revision 160931 Author msab...@apple.com Date 2013-12-20 15:04:25 -0800 (Fri, 20 Dec 2013) Log Message CStack Branch: CodeBlocks aren't being marked by garbage collector https://bugs.webkit.org/show_bug.cgi?id=126084 Reviewed by F

[webkit-changes] [160935] branches/jsCStack/PerformanceTests/SunSpider

Title: [160935] branches/jsCStack/PerformanceTests/SunSpider Revision 160935 Author msab...@apple.com Date 2013-12-20 15:30:20 -0800 (Fri, 20 Dec 2013) Log Message Unreviewed change. Restoring v8-crypto.js back to trunk. Removing print()'s that are no longer needed. * tests/v8-v6/v8-cr

[webkit-changes] [161057] branches/jsCStack/Source/JavaScriptCore

Title: [161057] branches/jsCStack/Source/_javascript_Core Revision 161057 Author msab...@apple.com Date 2013-12-24 07:32:19 -0800 (Tue, 24 Dec 2013) Log Message CStack Branch: throwExceptionFromCallSlowPathGenerator() shouldn't pop frame https://bugs.webkit.org/show_bug.cgi?id=126204 Rev

[webkit-changes] [161061] branches/jsCStack/Source/JavaScriptCore

Title: [161061] branches/jsCStack/Source/_javascript_Core Revision 161061 Author msab...@apple.com Date 2013-12-24 16:41:59 -0800 (Tue, 24 Dec 2013) Log Message CStack Branch: ecma/ExecutionContexts/10.1.4-2.js test fails https://bugs.webkit.org/show_bug.cgi?id=126213 Reviewed by Filip P

[webkit-changes] [161298] branches/jsCStack/Source/JavaScriptCore

Title: [161298] branches/jsCStack/Source/_javascript_Core Revision 161298 Author msab...@apple.com Date 2014-01-03 16:58:11 -0800 (Fri, 03 Jan 2014) Log Message CStack Branch: Make emitPutToCallFrameHeaderBeforePrologue and friends work for all platforms https://bugs.webkit.org/show_bug.c

[webkit-changes] [161300] branches/jsCStack/Source/JavaScriptCore

Title: [161300] branches/jsCStack/Source/_javascript_Core Revision 161300 Author msab...@apple.com Date 2014-01-03 17:27:01 -0800 (Fri, 03 Jan 2014) Log Message cstack Branch: ARM64 LLInt fails to compile due to instructions limitations with sp https://bugs.webkit.org/show_bug.cgi?id=1264

[webkit-changes] [161313] branches/jsCStack/Source/JavaScriptCore

Title: [161313] branches/jsCStack/Source/_javascript_Core Revision 161313 Author msab...@apple.com Date 2014-01-04 10:31:57 -0800 (Sat, 04 Jan 2014) Log Message CStack Branch: ARM64 add of stack pointer not valid as second source operand https://bugs.webkit.org/show_bug.cgi?id=126486 Rev

[webkit-changes] [161312] branches/jsCStack/Source/JavaScriptCore

Title: [161312] branches/jsCStack/Source/_javascript_Core Revision 161312 Author msab...@apple.com Date 2014-01-04 10:30:32 -0800 (Sat, 04 Jan 2014) Log Message CStack Branch: slowPathFor() should emit an epilogue instead of popping the callFrameRegister https://bugs.webkit.org/show_bug.c

[webkit-changes] [161318] branches/jsCStack/Source/JavaScriptCore

Title: [161318] branches/jsCStack/Source/_javascript_Core Revision 161318 Author msab...@apple.com Date 2014-01-04 23:29:27 -0800 (Sat, 04 Jan 2014) Log Message CStack Branch: ARM64 needs push/pop pair macro assembler instructions https://bugs.webkit.org/show_bug.cgi?id=126474 Reviewed b

[webkit-changes] [161326] branches/jsCStack/Source/JavaScriptCore

Title: [161326] branches/jsCStack/Source/_javascript_Core Revision 161326 Author msab...@apple.com Date 2014-01-05 17:29:24 -0800 (Sun, 05 Jan 2014) Log Message CStack Branch: ARM64 Fix other prologue and epilogue macros in LLInt https://bugs.webkit.org/show_bug.cgi?id=126507 Reviewed by

[webkit-changes] [161390] branches/jsCStack/Source/JavaScriptCore

Title: [161390] branches/jsCStack/Source/_javascript_Core Revision 161390 Author msab...@apple.com Date 2014-01-06 17:55:49 -0800 (Mon, 06 Jan 2014) Log Message CStack Branch: Disable JIT stack alignment check for ARM64 https://bugs.webkit.org/show_bug.cgi?id=126550 Reviewed by Mark Lam.

[webkit-changes] [161400] branches/jsCStack/Source/JavaScriptCore

Title: [161400] branches/jsCStack/Source/_javascript_Core Revision 161400 Author msab...@apple.com Date 2014-01-06 20:58:47 -0800 (Mon, 06 Jan 2014) Log Message Merge of trunk r160493 2013-12-11 Filip Pizlo ARM64: Hang running pdfjs test, suspect DFG generated code for "in" h

[webkit-changes] [161405] branches/jsCStack/Source/JavaScriptCore

Title: [161405] branches/jsCStack/Source/_javascript_Core Revision 161405 Author msab...@apple.com Date 2014-01-06 22:07:52 -0800 (Mon, 06 Jan 2014) Log Message CStack Branch: Fix nativeForGenerator() for non-X86 platforms https://bugs.webkit.org/show_bug.cgi?id=126551 Reviewed by Geoffr

[webkit-changes] [161407] branches/jsCStack/Source/JavaScriptCore

Title: [161407] branches/jsCStack/Source/_javascript_Core Revision 161407 Author msab...@apple.com Date 2014-01-06 22:09:59 -0800 (Mon, 06 Jan 2014) Log Message CStack Branch: ARM64 Crash in llint_function_for_call_arity_check running 3d-raytrace.js https://bugs.webkit.org/show_bug.cgi?id

[webkit-changes] [161431] branches/jsCStack/Source/JavaScriptCore

Title: [161431] branches/jsCStack/Source/_javascript_Core Revision 161431 Author msab...@apple.com Date 2014-01-07 09:57:17 -0800 (Tue, 07 Jan 2014) Log Message CStack Branch: Disable JIT stack alignment check for ARM64 https://bugs.webkit.org/show_bug.cgi?id=126550 Unreviewed comment on

[webkit-changes] [161439] branches/jsCStack/Source/JavaScriptCore

Title: [161439] branches/jsCStack/Source/_javascript_Core Revision 161439 Author msab...@apple.com Date 2014-01-07 11:30:34 -0800 (Tue, 07 Jan 2014) Log Message CStack Branch: ARM64 Crash running ecma/FunctionObjects/15.3.1.1-3.js https://bugs.webkit.org/show_bug.cgi?id=126585 Reviewed b

[webkit-changes] [161504] branches/jsCStack/Source/JavaScriptCore

Title: [161504] branches/jsCStack/Source/_javascript_Core Revision 161504 Author msab...@apple.com Date 2014-01-08 08:15:29 -0800 (Wed, 08 Jan 2014) Log Message CStack Branch: ARM64 DFG produces the wrong answer for X % 0 https://bugs.webkit.org/show_bug.cgi?id=126612 Reviewed by Geoffre

[webkit-changes] [161531] branches/jsCStack/Source/JavaScriptCore

Title: [161531] branches/jsCStack/Source/_javascript_Core Revision 161531 Author msab...@apple.com Date 2014-01-08 17:55:32 -0800 (Wed, 08 Jan 2014) Log Message CStack: stack frame gets unaligned before call to operationVMHandleException https://bugs.webkit.org/show_bug.cgi?id=126673 Rev

[webkit-changes] [161686] trunk/Source/JavaScriptCore

Title: [161686] trunk/Source/_javascript_Core Revision 161686 Author msab...@apple.com Date 2014-01-10 15:47:12 -0800 (Fri, 10 Jan 2014) Log Message REGRESSION(C stack work): stack traces no longer work in CrashTracer, lldb, and other tools https://bugs.webkit.org/show_bug.cgi?id=126764

[webkit-changes] [161913] branches/jsCStack/Source/JavaScriptCore

Title: [161913] branches/jsCStack/Source/_javascript_Core Revision 161913 Author msab...@apple.com Date 2014-01-13 15:23:52 -0800 (Mon, 13 Jan 2014) Log Message CStack Branch: Fix unwind on branch for X86-64 https://bugs.webkit.org/show_bug.cgi?id=126932 Reviewed by Geoffrey Garen. Adde

[webkit-changes] [162240] branches/jsCStack/Source/JavaScriptCore

Title: [162240] branches/jsCStack/Source/_javascript_Core Revision 162240 Author msab...@apple.com Date 2014-01-17 21:05:34 -0800 (Fri, 17 Jan 2014) Log Message CStack Branch: X86-32 Fix LLInt https://bugs.webkit.org/show_bug.cgi?id=127071 Reviewed by Filip Pizlo. This fixes X86-32 comp

[webkit-changes] [162242] branches/jsCStack/Source/JavaScriptCore

Title: [162242] branches/jsCStack/Source/_javascript_Core Revision 162242 Author msab...@apple.com Date 2014-01-17 21:10:15 -0800 (Fri, 17 Jan 2014) Log Message CStack Branch: Fix Baseline JIT for X86-32 https://bugs.webkit.org/show_bug.cgi?id=127201 Reviewed by Geoffrey Garen. Most of

[webkit-changes] [162520] branches/jsCStack/Source/JavaScriptCore

Title: [162520] branches/jsCStack/Source/_javascript_Core Revision 162520 Author msab...@apple.com Date 2014-01-22 08:52:51 -0800 (Wed, 22 Jan 2014) Log Message Unreviewed build fix for non FTL platforms. * ftl/FTLValueRange.cpp: Encapsulated code within #if ENABLE(FTL_JIT) / #endif Mod

[webkit-changes] [162521] branches/jsCStack/Source/JavaScriptCore

Title: [162521] branches/jsCStack/Source/_javascript_Core Revision 162521 Author msab...@apple.com Date 2014-01-22 09:19:17 -0800 (Wed, 22 Jan 2014) Log Message CStack Branch: Fix DFG for X86-32 https://bugs.webkit.org/show_bug.cgi?id=127407 Reviewed by Filip Pizlo. Made DFG calling con

[webkit-changes] [162539] branches/jsCStack/Source/WTF

Title: [162539] branches/jsCStack/Source/WTF Revision 162539 Author msab...@apple.com Date 2014-01-22 11:21:59 -0800 (Wed, 22 Jan 2014) Log Message Merge trunk r160838 2013-12-18 Daniel Bates WTF, _javascript_Core fails to build with trunk clang: operators new, new[], delete, delete[

[webkit-changes] [162701] trunk/Source/JavaScriptCore

Title: [162701] trunk/Source/_javascript_Core Revision 162701 Author msab...@apple.com Date 2014-01-24 08:34:24 -0800 (Fri, 24 Jan 2014) Log Message ARM Offline assembler temporary register allocator has duplicate register when building fat binaries https://bugs.webkit.org/show_bug.cgi?id

[webkit-changes] [162703] branches/jsCStack/Source/JavaScriptCore

Title: [162703] branches/jsCStack/Source/_javascript_Core Revision 162703 Author msab...@apple.com Date 2014-01-24 09:33:54 -0800 (Fri, 24 Jan 2014) Log Message Merge trunk change set r162701. Modified Paths branches/jsCStack/Source/_javascript_Core/ChangeLog branches/jsCStack/Source/_j

[webkit-changes] [162705] branches/jsCStack/Source/JavaScriptCore

Title: [162705] branches/jsCStack/Source/_javascript_Core Revision 162705 Author msab...@apple.com Date 2014-01-24 10:06:47 -0800 (Fri, 24 Jan 2014) Log Message CStack Branch: Get ARM working https://bugs.webkit.org/show_bug.cgi?id=127510 Reviewed by Geoffrey Garen. Fixed nativeCallTram

[webkit-changes] [162861] branches/jsCStack/Source/JavaScriptCore

Title: [162861] branches/jsCStack/Source/_javascript_Core Revision 162861 Author msab...@apple.com Date 2014-01-27 13:03:05 -0800 (Mon, 27 Jan 2014) Log Message CStack Branch: [X86-32] testapi crashes in gatherConservativeRoots() https://bugs.webkit.org/show_bug.cgi?id=127699 Reviewed by

[webkit-changes] [162900] branches/jsCStack/Source/WebKit/mac/postprocess-headers.sh

Title: [162900] branches/jsCStack/Source/WebKit/mac/postprocess-headers.sh Revision 162900 Author msab...@apple.com Date 2014-01-27 18:12:14 -0800 (Mon, 27 Jan 2014) Log Message Set exectueable property to match trunk. Property Changed branches/jsCStack/Source/WebKit/mac/postprocess-hea

[webkit-changes] [162934] branches/jsCStack/Source/JavaScriptCore

Title: [162934] branches/jsCStack/Source/_javascript_Core Revision 162934 Author msab...@apple.com Date 2014-01-28 09:07:38 -0800 (Tue, 28 Jan 2014) Log Message CStack Branch: Some LLInt symbols not declared extern "C" https://bugs.webkit.org/show_bug.cgi?id=127782 Reviewed by Geoffrey G

[webkit-changes] [148130] trunk

Title: [148130] trunk Revision 148130 Author msab...@apple.com Date 2013-04-10 13:01:14 -0700 (Wed, 10 Apr 2013) Log Message DFG: Negative size for new Array() interpreted as large unsigned int https://bugs.webkit.org/show_bug.cgi?id=114366 Reviewed by Oliver Hunt. Source/_javascript_Co

[webkit-changes] [148207] trunk/Source/JavaScriptCore

Title: [148207] trunk/Source/_javascript_Core Revision 148207 Author msab...@apple.com Date 2013-04-11 09:19:35 -0700 (Thu, 11 Apr 2013) Log Message Added UNLIKELY() suggested in https://bugs.webkit.org/show_bug.cgi?id=114366 after checking in the original change. Rubber-stamped by Jessi

[webkit-changes] [149128] trunk/Source/JavaScriptCore

Title: [149128] trunk/Source/_javascript_Core Revision 149128 Author msab...@apple.com Date 2013-04-25 11:35:04 -0700 (Thu, 25 Apr 2013) Log Message 32 Bit: Crash due to RegExpTest nodes not setting result type to Boolean https://bugs.webkit.org/show_bug.cgi?id=115188 Reviewed by Geoffre

[webkit-changes] [149216] trunk/Source/WebCore

Title: [149216] trunk/Source/WebCore Revision 149216 Author msab...@apple.com Date 2013-04-26 15:20:51 -0700 (Fri, 26 Apr 2013) Log Message WebCore ObjC bridge is missing support for bool type https://bugs.webkit.org/show_bug.cgi?id=115276 Reviewed by Geoffrey Garen. Added code to handl

[webkit-changes] [149472] trunk/Source/WTF

Title: [149472] trunk/Source/WTF Revision 149472 Author msab...@apple.com Date 2013-05-01 18:22:55 -0700 (Wed, 01 May 2013) Log Message FastMalloc.cpp should use system defined page size instead of literal constant https://bugs.webkit.org/show_bug.cgi?id=115502 Reviewed by Geoffrey Garen

[webkit-changes] [149552] trunk/Source/JavaScriptCore

Title: [149552] trunk/Source/_javascript_Core Revision 149552 Author msab...@apple.com Date 2013-05-04 00:30:35 -0700 (Sat, 04 May 2013) Log Message There should be a runtime option to constrain what functions get DFG compiled https://bugs.webkit.org/show_bug.cgi?id=115576 Reviewed by Ma

[webkit-changes] [226840] trunk/Source/JavaScriptCore

Title: [226840] trunk/Source/_javascript_Core Revision 226840 Author msab...@apple.com Date 2018-01-11 19:30:40 -0800 (Thu, 11 Jan 2018) Log Message REGRESSION(226788): AppStore Crashed @ _javascript_Core: JSC::MacroAssemblerARM64::pushToSaveImmediateWithoutTouchingRegisters https://bugs.

[webkit-changes] [227165] trunk/Source/JavaScriptCore

Title: [227165] trunk/Source/_javascript_Core Revision 227165 Author msab...@apple.com Date 2018-01-18 14:43:01 -0800 (Thu, 18 Jan 2018) Log Message 2018-01-18 Michael Saboff Unreviewed build fix for Windows * interpreter/FrameTracers.h: (JSC::assertStackPointerIsAligned): Can't use

[webkit-changes] [227341] trunk

Title: [227341] trunk Revision 227341 Author msab...@apple.com Date 2018-01-22 10:37:55 -0800 (Mon, 22 Jan 2018) Log Message DFG abstract interpreter needs to properly model effects of some Math ops https://bugs.webkit.org/show_bug.cgi?id=181886 Reviewed by Saam Barati. JSTests: New re

[webkit-changes] [227742] trunk

Title: [227742] trunk Revision 227742 Author msab...@apple.com Date 2018-01-29 11:13:45 -0800 (Mon, 29 Jan 2018) Log Message REGRESSION (r227341): DFG_ASSERT failure at JSC::DFG::AtTailAbstractState::forNode() https://bugs.webkit.org/show_bug.cgi?id=182249 Reviewed by Keith Miller. JSTe

[webkit-changes] [228481] trunk/Source

Title: [228481] trunk/Source Revision 228481 Author msab...@apple.com Date 2018-02-14 12:37:11 -0800 (Wed, 14 Feb 2018) Log Message REGRESSION(225695) : com.apple.WebKit.WebContent at com.apple._javascript_Core: JSC::RegExp::match + 630 :: stack overflow https://bugs.webkit.org/show_bug.c

[webkit-changes] [228491] trunk/Source/JavaScriptCore

Title: [228491] trunk/Source/_javascript_Core Revision 228491 Author msab...@apple.com Date 2018-02-14 15:31:50 -0800 (Wed, 14 Feb 2018) Log Message Crash: triggerOMGTierUpThunkGenerator() doesn't align the stack pointer before calling C++ code https://bugs.webkit.org/show_bug.cgi?id=1828

[webkit-changes] [224197] trunk/PerformanceTests

Title: [224197] trunk/PerformanceTests Revision 224197 Author msab...@apple.com Date 2017-10-30 13:00:18 -0700 (Mon, 30 Oct 2017) Log Message Eliminate Basic compiler test from RexBench https://bugs.webkit.org/show_bug.cgi?id=179025 Reviewed by Saam Barati. * RexBench/Basic: Removed. *

[webkit-changes] [224302] trunk

Title: [224302] trunk Revision 224302 Author msab...@apple.com Date 2017-11-01 15:35:56 -0700 (Wed, 01 Nov 2017) Log Message Integer overflow in code generated by LoadVarargs processing in DFG and FTL. https://bugs.webkit.org/show_bug.cgi?id=179140 Reviewed by Saam Barati. JSTests: New

[webkit-changes] [224366] trunk

Title: [224366] trunk Revision 224366 Author msab...@apple.com Date 2017-11-02 17:23:00 -0700 (Thu, 02 Nov 2017) Log Message DFG needs to handle code motion of code in for..in loop bodies https://bugs.webkit.org/show_bug.cgi?id=179212 Reviewed by Keith Miller. JSTests: New regression t

[webkit-changes] [224426] trunk/Source/JavaScriptCore

Title: [224426] trunk/Source/_javascript_Core Revision 224426 Author msab...@apple.com Date 2017-11-03 13:45:06 -0700 (Fri, 03 Nov 2017) Log Message The Abstract Interpreter needs to change similar to clobberize() in r224366 https://bugs.webkit.org/show_bug.cgi?id=179267 Reviewed by Saam

[webkit-changes] [224545] trunk/Source/WTF

Title: [224545] trunk/Source/WTF Revision 224545 Author msab...@apple.com Date 2017-11-07 13:19:33 -0800 (Tue, 07 Nov 2017) Log Message Add SPI function pointers qualifiers for CPU(ARM64E) https://bugs.webkit.org/show_bug.cgi?id=179383 Reviewed by Mark Lam. For ARM64E, use the appropria

[webkit-changes] [225333] trunk/Source/JavaScriptCore

Title: [225333] trunk/Source/_javascript_Core Revision 225333 Author msab...@apple.com Date 2017-11-30 11:12:01 -0800 (Thu, 30 Nov 2017) Log Message Allow JSC command line tool to accept UTF8 https://bugs.webkit.org/show_bug.cgi?id=180205 Reviewed by Keith Miller. This unifies the UTF8

[webkit-changes] [225413] trunk/Source/bmalloc

Title: [225413] trunk/Source/bmalloc Revision 225413 Author msab...@apple.com Date 2017-12-01 14:12:01 -0800 (Fri, 01 Dec 2017) Log Message Gigacage should not be enabled for ARM64_32 https://bugs.webkit.org/show_bug.cgi?id=180265 Reviewed by Saam Barati. Disabled Gigacage for ARM64_32.

[webkit-changes] [229301] trunk/Source/WTF

Title: [229301] trunk/Source/WTF Revision 229301 Author msab...@apple.com Date 2018-03-05 18:34:09 -0800 (Mon, 05 Mar 2018) Log Message Start using MAP_JIT for macOS https://bugs.webkit.org/show_bug.cgi?id=183353 Reviewed by Filip Pizlo. Unify setting this flag for both iOS and macOS.

[webkit-changes] [229444] trunk/Source/JavaScriptCore

Title: [229444] trunk/Source/_javascript_Core Revision 229444 Author msab...@apple.com Date 2018-03-08 17:38:57 -0800 (Thu, 08 Mar 2018) Log Message Emit code to zero the stack frame on function entry Nhttps://bugs.webkit.org/show_bug.cgi?id=183391 Reviewed by Mark Lam. Added code to ze

[webkit-changes] [229445] trunk/Source/JavaScriptCore/runtime/Options.h

Title: [229445] trunk/Source/_javascript_Core/runtime/Options.h Revision 229445 Author msab...@apple.com Date 2018-03-08 17:41:41 -0800 (Thu, 08 Mar 2018) Log Message Unreviewed fix. Meant to land the prior patch with Options::zeroStackFrame set to false. Modified Paths trunk/Source/_j

[webkit-changes] [229446] trunk/Source/JavaScriptCore

Title: [229446] trunk/Source/_javascript_Core Revision 229446 Author msab...@apple.com Date 2018-03-08 17:46:23 -0800 (Thu, 08 Mar 2018) Log Message testmasm crashes in testBranchTruncateDoubleToInt32() on ARM64 https://bugs.webkit.org/show_bug.cgi?id=183488 Reviewed by Mark Lam. Using

[webkit-changes] [229476] trunk/Source/JavaScriptCore

Title: [229476] trunk/Source/_javascript_Core Revision 229476 Author msab...@apple.com Date 2018-03-09 12:27:40 -0800 (Fri, 09 Mar 2018) Log Message Relanding "testmasm crashes in testBranchTruncateDoubleToInt32() on ARM64" https://bugs.webkit.org/show_bug.cgi?id=183488 It applied and bu

[webkit-changes] [229850] trunk

Title: [229850] trunk Revision 229850 Author msab...@apple.com Date 2018-03-22 08:12:44 -0700 (Thu, 22 Mar 2018) Log Message Race Condition in arrayProtoFuncReverse() causes wrong results or crash https://bugs.webkit.org/show_bug.cgi?id=183901 Reviewed by Keith Miller. JSTests: New tes

[webkit-changes] [231317] trunk/Source/JavaScriptCore

Title: [231317] trunk/Source/_javascript_Core Revision 231317 Author msab...@apple.com Date 2018-05-03 11:39:13 -0700 (Thu, 03 May 2018) Log Message WebContent crash loading page on seas.upenn.edu @ _javascript_Core: vmEntryToJavaScript https://bugs.webkit.org/show_bug.cgi?id=185231 Revi

[webkit-changes] [231343] trunk

Title: [231343] trunk Revision 231343 Author msab...@apple.com Date 2018-05-03 18:11:47 -0700 (Thu, 03 May 2018) Log Message OSR entry pruning of Program Bytecodes doesn't take into account try/catch https://bugs.webkit.org/show_bug.cgi?id=185281 Reviewed by Saam Barati. JSTests: New r

[webkit-changes] [231518] trunk/Source/JavaScriptCore

Title: [231518] trunk/Source/_javascript_Core Revision 231518 Author msab...@apple.com Date 2018-05-08 16:20:33 -0700 (Tue, 08 May 2018) Log Message Deferred firing of structure transition watchpoints is racy https://bugs.webkit.org/show_bug.cgi?id=185438 Reviewed by Saam Barati. Change

[webkit-changes] [231534] trunk/Source/JavaScriptCore

Title: [231534] trunk/Source/_javascript_Core Revision 231534 Author msab...@apple.com Date 2018-05-08 18:11:40 -0700 (Tue, 08 May 2018) Log Message Replace multiple Watchpoint Set fireAll() methods with templates https://bugs.webkit.org/show_bug.cgi?id=185456 Reviewed by Saam Barati. R

[webkit-changes] [231710] trunk

Title: [231710] trunk Revision 231710 Author msab...@apple.com Date 2018-05-11 11:39:06 -0700 (Fri, 11 May 2018) Log Message [DFG] Compiler uses incorrect output register for NumberIsInteger operation https://bugs.webkit.org/show_bug.cgi?id=185328 Reviewed by Keith Miller. JSTests: New

[webkit-changes] [231939] trunk

Title: [231939] trunk Revision 231939 Author msab...@apple.com Date 2018-05-17 19:59:31 -0700 (Thu, 17 May 2018) Log Message We don't throw SyntaxErrors for runtime generated regular expressions with errors https://bugs.webkit.org/show_bug.cgi?id=185755 Reviewed by Keith Miller. JSTests

[webkit-changes] [232122] trunk

Title: [232122] trunk Revision 232122 Author msab...@apple.com Date 2018-05-23 13:02:37 -0700 (Wed, 23 May 2018) Log Message Date.parse() doesn't properly handle input outside of ES Spec limits https://bugs.webkit.org/show_bug.cgi?id=185868 Reviewed by Mark Lam. JSTests: New test. * s

[webkit-changes] [232212] trunk/Source/WTF

Title: [232212] trunk/Source/WTF Revision 232212 Author msab...@apple.com Date 2018-05-25 16:26:42 -0700 (Fri, 25 May 2018) Log Message _javascript_Core: Disable 32-bit JIT on Windows https://bugs.webkit.org/show_bug.cgi?id=185989 Reviewed by Saam Barati. * wtf/Platform.h: Modified Pat

[webkit-changes] [232293] trunk/Source/JavaScriptCore

Title: [232293] trunk/Source/_javascript_Core Revision 232293 Author msab...@apple.com Date 2018-05-30 09:09:01 -0700 (Wed, 30 May 2018) Log Message REGRESSION(r232212): Broke Win32 Builds https://bugs.webkit.org/show_bug.cgi?id=186061 Reviewed by Yusuke Suzuki. Changed Windows builds w

[webkit-changes] [225552] trunk

Title: [225552] trunk Revision 225552 Author msab...@apple.com Date 2017-12-05 15:01:07 -0800 (Tue, 05 Dec 2017) Log Message Make WebKit build for ARM64_32 https://bugs.webkit.org/show_bug.cgi?id=180447 Reviewed by Mark Lam. Source/WebCore: No new test as this isn't a change to functio

[webkit-changes] [225683] trunk/Source/JavaScriptCore

Title: [225683] trunk/Source/_javascript_Core Revision 225683 Author msab...@apple.com Date 2017-12-08 10:27:18 -0800 (Fri, 08 Dec 2017) Log Message YARR: Coalesce constructed character classes https://bugs.webkit.org/show_bug.cgi?id=180537 Reviewed by JF Bastien. When adding characters

[webkit-changes] [225695] trunk/Source/JavaScriptCore

Title: [225695] trunk/Source/_javascript_Core Revision 225695 Author msab...@apple.com Date 2017-12-08 12:32:42 -0800 (Fri, 08 Dec 2017) Log Message YARR: JIT RegExps with greedy parenthesized sub patterns https://bugs.webkit.org/show_bug.cgi?id=180538 Reviewed by JF Bastien. This patch

[webkit-changes] [225771] trunk/Source/JavaScriptCore

Title: [225771] trunk/Source/_javascript_Core Revision 225771 Author msab...@apple.com Date 2017-12-11 21:47:18 -0800 (Mon, 11 Dec 2017) Log Message REGRESSION(r225683): Chakra test failure in es6/regex-unicode.js for 32bit builds https://bugs.webkit.org/show_bug.cgi?id=180685 Reviewed b

[webkit-changes] [225861] trunk/Source/JavaScriptCore

Title: [225861] trunk/Source/_javascript_Core Revision 225861 Author msab...@apple.com Date 2017-12-13 11:38:51 -0800 (Wed, 13 Dec 2017) Log Message Unreviewed rollout of r225695. Caused a crash on yahoo login page. That bug tracked in https://bugs.webkit.org/show_bug.cgi?id=180761. Mod

[webkit-changes] [225930] trunk

Title: [225930] trunk Revision 225930 Author msab...@apple.com Date 2017-12-14 14:16:38 -0800 (Thu, 14 Dec 2017) Log Message REGRESSION (r225695): Repro crash on yahoo login page https://bugs.webkit.org/show_bug.cgi?id=180761 Reviewed by JF Bastien. JSTests: New regression test. * str

[webkit-changes] [226381] trunk/Source/JavaScriptCore

Title: [226381] trunk/Source/_javascript_Core Revision 226381 Author msab...@apple.com Date 2018-01-03 16:47:15 -0800 (Wed, 03 Jan 2018) Log Message Remove unnecessary flushing of Butterfly pointer in functionCpuClflush() https://bugs.webkit.org/show_bug.cgi?id=181263 Reviewed by Mark La

[webkit-changes] [226384] trunk/Source/JavaScriptCore

Title: [226384] trunk/Source/_javascript_Core Revision 226384 Author msab...@apple.com Date 2018-01-03 16:55:41 -0800 (Wed, 03 Jan 2018) Log Message Add "noInline" to $vm https://bugs.webkit.org/show_bug.cgi?id=181265 Reviewed by Mark Lam. This would be useful for web based tests. * to

[webkit-changes] [226474] trunk/Source/JavaScriptCore

Title: [226474] trunk/Source/_javascript_Core Revision 226474 Author msab...@apple.com Date 2018-01-05 16:37:08 -0800 (Fri, 05 Jan 2018) Log Message Add ability to disable indexed property masking for testing https://bugs.webkit.org/show_bug.cgi?id=181350 Reviewed by Keith Miller. Made

[webkit-changes] [226600] trunk/Source

Title: [226600] trunk/Source Revision 226600 Author msab...@apple.com Date 2018-01-08 17:07:29 -0800 (Mon, 08 Jan 2018) Log Message Add a DOM gadget for Spectre testing https://bugs.webkit.org/show_bug.cgi?id=181351 Source/_javascript_Core: Reviewed by Michael Saboff. Added a new JSC::

[webkit-changes] [226778] trunk/Source

Title: [226778] trunk/Source Revision 226778 Author msab...@apple.com Date 2018-01-11 07:28:38 -0800 (Thu, 11 Jan 2018) Log Message Add a DOM gadget for Spectre testing https://bugs.webkit.org/show_bug.cgi?id=181351 Reviewed by Ryosuke Niwa. Source/_javascript_Core: * runtime/Options.h

[webkit-changes] [226788] trunk/Source/JavaScriptCore

Title: [226788] trunk/Source/_javascript_Core Revision 226788 Author msab...@apple.com Date 2018-01-11 11:13:28 -0800 (Thu, 11 Jan 2018) Log Message Ensure there are no unsafe uses of MacroAssemblerARM64::dataTempRegister https://bugs.webkit.org/show_bug.cgi?id=181512 Reviewed by Saam Ba

[webkit-changes] [221949] trunk

Title: [221949] trunk Revision 221949 Author msab...@apple.com Date 2017-09-12 17:20:36 -0700 (Tue, 12 Sep 2017) Log Message String.prototype.replace() puts extra '<' in result when a named capture reference is used without named captures in the RegExp https://bugs.webkit.org/show_bug.cgi

[webkit-changes] [222135] trunk

Title: [222135] trunk Revision 222135 Author msab...@apple.com Date 2017-09-17 08:39:02 -0700 (Sun, 17 Sep 2017) Log Message https://bugs.webkit.org/show_bug.cgi?id=177038 Add an option to run-jsc-stress-tests to limit tests variations to a basic set Reviewed by JF Bastien. JSTests: *

[webkit-changes] [222600] trunk

Title: [222600] trunk Revision 222600 Author msab...@apple.com Date 2017-09-27 21:48:51 -0700 (Wed, 27 Sep 2017) Log Message Heap out of bounds read in JSC::Yarr::Parser::peek() https://bugs.webkit.org/show_bug.cgi?id=177423 Reviewed by Mark Lam. JSTests: Updated regression test. * st

[webkit-changes] [222601] trunk

Title: [222601] trunk Revision 222601 Author msab...@apple.com Date 2017-09-27 22:15:50 -0700 (Wed, 27 Sep 2017) Log Message REGRESSION(210837): RegExp containing failed non-zero minimum greedy groups incorrectly match https://bugs.webkit.org/show_bug.cgi?id=177570 Reviewed by Filip Pizl

[webkit-changes] [222607] trunk/Source/JavaScriptCore/ChangeLog

Title: [222607] trunk/Source/_javascript_Core/ChangeLog Revision 222607 Author msab...@apple.com Date 2017-09-28 04:20:24 -0700 (Thu, 28 Sep 2017) Log Message Unreviewed fix of description in Changelog. Modified Paths trunk/Source/_javascript_Core/ChangeLog Diff Modified: trunk/Sou

[webkit-changes] [223010] trunk/Source/JavaScriptCore

Title: [223010] trunk/Source/_javascript_Core Revision 223010 Author msab...@apple.com Date 2017-10-06 16:21:48 -0700 (Fri, 06 Oct 2017) Log Message Enable RegExp JIT for match only Unicode RegExp's https://bugs.webkit.org/show_bug.cgi?id=178033 Reviewed by JF Bastien. I forgot to turn

[webkit-changes] [231189] trunk/Source/WebKit

Title: [231189] trunk/Source/WebKit Revision 231189 Author msab...@apple.com Date 2018-04-30 17:42:31 -0700 (Mon, 30 Apr 2018) Log Message Remove unused mac/CookieStorageShimLibrary https://bugs.webkit.org/show_bug.cgi?id=185146 Reviewed by Alex Christensen. * Shared/mac/CookieStorageSh

[webkit-changes] [231190] trunk/Source/WebKit

Title: [231190] trunk/Source/WebKit Revision 231190 Author msab...@apple.com Date 2018-04-30 18:19:16 -0700 (Mon, 30 Apr 2018) Log Message Eliminate WebProcessShim.dylib https://bugs.webkit.org/show_bug.cgi?id=185147 Reviewed by Ryosuke Niwa. * Configurations/WebContentService.xcconfig:

[webkit-changes] [232718] trunk/Source/JavaScriptCore

Title: [232718] trunk/Source/_javascript_Core Revision 232718 Author msab...@apple.com Date 2018-06-11 09:32:21 -0700 (Mon, 11 Jun 2018) Log Message Test js/regexp-zero-length-alternatives.html fails when RegExpJIT is disabled https://bugs.webkit.org/show_bug.cgi?id=186477 Reviewed by Fi

[webkit-changes] [232719] trunk

Title: [232719] trunk Revision 232719 Author msab...@apple.com Date 2018-06-11 09:39:49 -0700 (Mon, 11 Jun 2018) Log Message _javascript_Core: Disable 32-bit JIT on Windows https://bugs.webkit.org/show_bug.cgi?id=185989 Reviewed by Mark Lam. .: * Source/cmake/OptionsWin.cmake: Source/

[webkit-changes] [232856] trunk/Source/JavaScriptCore

Title: [232856] trunk/Source/_javascript_Core Revision 232856 Author msab...@apple.com Date 2018-06-14 14:48:02 -0700 (Thu, 14 Jun 2018) Log Message REGRESSION(232741): Crash running ARES-6 https://bugs.webkit.org/show_bug.cgi?id=186630 Reviewed by Saam Barati. The de-duplicating work i

[webkit-changes] [232998] trunk/Source/JavaScriptCore

Title: [232998] trunk/Source/_javascript_Core Revision 232998 Author msab...@apple.com Date 2018-06-19 17:45:06 -0700 (Tue, 19 Jun 2018) Log Message Crash in sanitizeStackForVMImpl sometimes when switching threads with same VM https://bugs.webkit.org/show_bug.cgi?id=186827 Reviewed by Sa

[webkit-changes] [233346] trunk/Source/JavaScriptCore

Title: [233346] trunk/Source/_javascript_Core Revision 233346 Author msab...@apple.com Date 2018-06-28 18:37:38 -0700 (Thu, 28 Jun 2018) Log Message IsoCellSet::sweepToFreeList() not safe when Full GC in process https://bugs.webkit.org/show_bug.cgi?id=187157 Reviewed by Mark Lam. * heap

<    3   4   5   6   7   8   9   10   >