Changeset 269115 in webkit

Timestamp:

Oct 28, 2020 12:25:14 PM (3 years ago)

Author:

sbarati@apple.com

Message:

Better cache our serialization of the outer TDZ environment when creating FunctionExecutables during bytecode generation
​https://bugs.webkit.org/show_bug.cgi?id=199866
<rdar://problem/53333108>

Reviewed by Tadeu Zagallo.

JSTests:

• microbenchmarks/let-const-tdz-environment-parsing-and-hash-consing-speed.js: Added.

Source/JavaScriptCore:

This patch removes performance pathologies regarding programs with
many variables under TDZ (let/const). We had an algorithm for caching
the results of gathering all variables under TDZ, but that algorithm
wasn't nearly aggressive enough in its caching. This lead us to worst
case quadratic runtime, which could happens in practice for large functions.

There are a few fixes here:

• Instead of flattening the entire TDZ stack, and caching that result,

we now cache each stack entry individually. So as you push/pop to the
TDZ environment stack, we no longer invalidate everything. Instead, we
will just need to cache the newly pushed entry. We also no longer invalidate
the cache for lifting a TDZ check. The compromise here is we may emit
more runtime TDZ checks for closure variables. This is better than N^{2
bytecode compile time perf, since a well predicted branch for a TDZ
check is essentially free.}

• We no longer transform the CompactTDZEnvironment (formerly CompactVariableEnvironment)

from a Vector into a HashSet each time we generate code for an inner function. Instead,
CompactTDZEnvironment can be in two modes: compact and inflated. It starts life off in
compact mode (a vector), and will turn into an inflated mode if it's ever needed. Once
inflated, it'll stay this way until it's destructed. This improves our algorithm from being
O(EnvSize * NumFunctions) to O(EnvSize) at the cost of using more space in a HashTable versus a
Vector. In the future, we could consider just binary searching through this Vector, and never using
a hash table.

• bytecode/UnlinkedFunctionExecutable.cpp:

(JSC::generateUnlinkedFunctionCodeBlock):
(JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):

• bytecode/UnlinkedFunctionExecutable.h:
• bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::popLexicalScopeInternal):
(JSC::BytecodeGenerator::needsTDZCheck):
(JSC::BytecodeGenerator::liftTDZCheckIfPossible):
(JSC::BytecodeGenerator::pushTDZVariables):
(JSC::BytecodeGenerator::getVariablesUnderTDZ):
(JSC::BytecodeGenerator::preserveTDZStack):
(JSC::BytecodeGenerator::restoreTDZStack):
(JSC::BytecodeGenerator::emitNewInstanceFieldInitializerFunction):

• bytecompiler/BytecodeGenerator.h:

(JSC::BytecodeGenerator::generate):
(JSC::BytecodeGenerator::makeFunction):

• debugger/DebuggerCallFrame.cpp:

(JSC::DebuggerCallFrame::evaluateWithScopeExtension):

• interpreter/Interpreter.cpp:

(JSC::eval):

• parser/Parser.h:

(JSC::Parser<LexerType>::parse):
(JSC::parse):

• parser/VariableEnvironment.cpp:

(JSC::CompactTDZEnvironment::sortCompact):
(JSC::CompactTDZEnvironment::CompactTDZEnvironment):
(JSC::CompactTDZEnvironment::operator== const):
(JSC::CompactTDZEnvironment::toTDZEnvironmentSlow const):
(JSC::CompactTDZEnvironmentMap::get):
(JSC::CompactTDZEnvironmentMap::Handle::~Handle):
(JSC::CompactTDZEnvironmentMap::Handle::Handle):
(JSC::CompactVariableEnvironment::CompactVariableEnvironment): Deleted.
(JSC::CompactVariableEnvironment::operator== const): Deleted.
(JSC::CompactVariableEnvironment::toVariableEnvironment const): Deleted.
(JSC::CompactVariableMap::get): Deleted.
(JSC::CompactVariableMap::Handle::~Handle): Deleted.
(JSC::CompactVariableMap::Handle::Handle): Deleted.

• parser/VariableEnvironment.h:

(JSC::CompactTDZEnvironment::toTDZEnvironment const):
(JSC::CompactTDZEnvironmentKey::CompactTDZEnvironmentKey):
(JSC::CompactTDZEnvironmentKey::hash):
(JSC::CompactTDZEnvironmentKey::equal):
(JSC::CompactTDZEnvironmentKey::makeDeletedValue):
(JSC::CompactTDZEnvironmentKey::isHashTableDeletedValue const):
(JSC::CompactTDZEnvironmentKey::environment):
(WTF::HashTraits<JSC::CompactTDZEnvironmentKey>::emptyValue):
(WTF::HashTraits<JSC::CompactTDZEnvironmentKey>::isEmptyValue):
(WTF::HashTraits<JSC::CompactTDZEnvironmentKey>::constructDeletedValue):
(WTF::HashTraits<JSC::CompactTDZEnvironmentKey>::isDeletedValue):
(JSC::CompactTDZEnvironmentMap::Handle::environment const):
(JSC::CompactVariableEnvironment::hash const): Deleted.
(JSC::CompactVariableMapKey::CompactVariableMapKey): Deleted.
(JSC::CompactVariableMapKey::hash): Deleted.
(JSC::CompactVariableMapKey::equal): Deleted.
(JSC::CompactVariableMapKey::makeDeletedValue): Deleted.
(JSC::CompactVariableMapKey::isHashTableDeletedValue const): Deleted.
(JSC::CompactVariableMapKey::isHashTableEmptyValue const): Deleted.
(JSC::CompactVariableMapKey::environment): Deleted.
(WTF::HashTraits<JSC::CompactVariableMapKey>::emptyValue): Deleted.
(WTF::HashTraits<JSC::CompactVariableMapKey>::isEmptyValue): Deleted.
(WTF::HashTraits<JSC::CompactVariableMapKey>::constructDeletedValue): Deleted.
(WTF::HashTraits<JSC::CompactVariableMapKey>::isDeletedValue): Deleted.
(JSC::CompactVariableMap::Handle::Handle): Deleted.
(JSC::CompactVariableMap::Handle::operator=): Deleted.
(JSC::CompactVariableMap::Handle::operator bool const): Deleted.
(JSC::CompactVariableMap::Handle::environment const): Deleted.
(JSC::CompactVariableMap::Handle::swap): Deleted.

• runtime/CachedTypes.cpp:

(JSC::Decoder::handleForTDZEnvironment const):
(JSC::Decoder::setHandleForTDZEnvironment):
(JSC::CachedCompactTDZEnvironment::encode):
(JSC::CachedCompactTDZEnvironment::decode const):
(JSC::CachedCompactTDZEnvironmentMapHandle::encode):
(JSC::CachedCompactTDZEnvironmentMapHandle::decode const):
(JSC::CachedFunctionExecutableRareData::decode const):
(JSC::Decoder::handleForEnvironment const): Deleted.
(JSC::Decoder::setHandleForEnvironment): Deleted.
(JSC::CachedCompactVariableEnvironment::encode): Deleted.
(JSC::CachedCompactVariableEnvironment::decode const): Deleted.
(JSC::CachedCompactVariableMapHandle::encode): Deleted.
(JSC::CachedCompactVariableMapHandle::decode const): Deleted.

• runtime/CachedTypes.h:
• runtime/CodeCache.cpp:

(JSC::generateUnlinkedCodeBlockImpl):
(JSC::generateUnlinkedCodeBlock):
(JSC::generateUnlinkedCodeBlockForDirectEval):
(JSC::recursivelyGenerateUnlinkedCodeBlockForProgram):
(JSC::recursivelyGenerateUnlinkedCodeBlockForModuleProgram):
(JSC::CodeCache::getUnlinkedGlobalCodeBlock):

• runtime/CodeCache.h:
• runtime/Completion.cpp:

(JSC::generateProgramBytecode):
(JSC::generateModuleBytecode):

• runtime/DirectEvalExecutable.cpp:

(JSC::DirectEvalExecutable::create):

• runtime/DirectEvalExecutable.h:
• runtime/JSScope.cpp:

(JSC::JSScope::collectClosureVariablesUnderTDZ):

• runtime/JSScope.h:
• runtime/VM.cpp:

(JSC::VM::VM):

• runtime/VM.h:

Source/WTF:

• wtf/RefPtr.h:

(WTF::swap): Deleted.
This function is no longer necessary, and causes ADL (​https://en.cppreference.com/w/cpp/language/adl)
compile errors when not using DumbPtrTraits and calling sort on a vector of that type.

Location:

trunk

Files:

• JSTests/ChangeLog (modified) (1 diff)
• JSTests/microbenchmarks/let-const-tdz-environment-parsing-and-hash-consing-speed.js (added)
• Source/JavaScriptCore/ChangeLog (modified) (1 diff)
• Source/JavaScriptCore/bytecode/UnlinkedFunctionExecutable.cpp (modified) (2 diffs)
• Source/JavaScriptCore/bytecode/UnlinkedFunctionExecutable.h (modified) (4 diffs)
• Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp (modified) (20 diffs)
• Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h (modified) (8 diffs)
• Source/JavaScriptCore/debugger/DebuggerCallFrame.cpp (modified) (1 diff)
• Source/JavaScriptCore/interpreter/Interpreter.cpp (modified) (1 diff)
• Source/JavaScriptCore/parser/Parser.h (modified) (5 diffs)
• Source/JavaScriptCore/parser/VariableEnvironment.cpp (modified) (5 diffs)
• Source/JavaScriptCore/parser/VariableEnvironment.h (modified) (10 diffs)
• Source/JavaScriptCore/runtime/CachedTypes.cpp (modified) (7 diffs)
• Source/JavaScriptCore/runtime/CachedTypes.h (modified) (2 diffs)
• Source/JavaScriptCore/runtime/CodeCache.cpp (modified) (5 diffs)
• Source/JavaScriptCore/runtime/CodeCache.h (modified) (2 diffs)
• Source/JavaScriptCore/runtime/Completion.cpp (modified) (4 diffs)
• Source/JavaScriptCore/runtime/DirectEvalExecutable.cpp (modified) (2 diffs)
• Source/JavaScriptCore/runtime/DirectEvalExecutable.h (modified) (1 diff)
• Source/JavaScriptCore/runtime/JSScope.cpp (modified) (2 diffs)
• Source/JavaScriptCore/runtime/JSScope.h (modified) (2 diffs)
• Source/JavaScriptCore/runtime/VM.cpp (modified) (1 diff)
• Source/JavaScriptCore/runtime/VM.h (modified) (2 diffs)
• Source/WTF/ChangeLog (modified) (1 diff)
• Source/WTF/wtf/RefPtr.h (modified) (1 diff)

trunk/JSTests/ChangeLog

@@ +1 @@
+2020-10-28  Saam Barati  <sbarati@apple.com>
+
+        Better cache our serialization of the outer TDZ environment when creating FunctionExecutables during bytecode generation
+        https://bugs.webkit.org/show_bug.cgi?id=199866
+        <rdar://problem/53333108>
+
+        Reviewed by Tadeu Zagallo.
+
+        * microbenchmarks/let-const-tdz-environment-parsing-and-hash-consing-speed.js: Added.
+
 2020-10-28  Robin Morisset  <rmorisset@apple.com>
 

trunk/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2020-10-28  Saam Barati  <sbarati@apple.com>
+
+        Better cache our serialization of the outer TDZ environment when creating FunctionExecutables during bytecode generation
+        https://bugs.webkit.org/show_bug.cgi?id=199866
+        <rdar://problem/53333108>
+
+        Reviewed by Tadeu Zagallo.
+
+        This patch removes performance pathologies regarding programs with
+        many variables under TDZ (let/const). We had an algorithm for caching
+        the results of gathering all variables under TDZ, but that algorithm
+        wasn't nearly aggressive enough in its caching. This lead us to worst
+        case quadratic runtime, which could happens in practice for large functions.
+        
+        There are a few fixes here:
+        - Instead of flattening the entire TDZ stack, and caching that result,
+        we now cache each stack entry individually. So as you push/pop to the
+        TDZ environment stack, we no longer invalidate everything. Instead, we
+        will just need to cache the newly pushed entry. We also no longer invalidate
+        the cache for lifting a TDZ check. The compromise here is we may emit
+        more runtime TDZ checks for closure variables. This is better than N^2
+        bytecode compile time perf, since a well predicted branch for a TDZ
+        check is essentially free.
+        - We no longer transform the CompactTDZEnvironment (formerly CompactVariableEnvironment)
+        from a Vector into a HashSet each time we generate code for an inner function. Instead,
+        CompactTDZEnvironment can be in two modes: compact and inflated. It starts life off in
+        compact mode (a vector), and will turn into an inflated mode if it's ever needed. Once
+        inflated, it'll stay this way until it's destructed. This improves our algorithm from being 
+        O(EnvSize * NumFunctions) to O(EnvSize) at the cost of using more space in a HashTable versus a 
+        Vector. In the future, we could consider just binary searching through this Vector, and never using
+        a hash table.
+
+        * bytecode/UnlinkedFunctionExecutable.cpp:
+        (JSC::generateUnlinkedFunctionCodeBlock):
+        (JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):
+        * bytecode/UnlinkedFunctionExecutable.h:
+        * bytecompiler/BytecodeGenerator.cpp:
+        (JSC::BytecodeGenerator::BytecodeGenerator):
+        (JSC::BytecodeGenerator::popLexicalScopeInternal):
+        (JSC::BytecodeGenerator::needsTDZCheck):
+        (JSC::BytecodeGenerator::liftTDZCheckIfPossible):
+        (JSC::BytecodeGenerator::pushTDZVariables):
+        (JSC::BytecodeGenerator::getVariablesUnderTDZ):
+        (JSC::BytecodeGenerator::preserveTDZStack):
+        (JSC::BytecodeGenerator::restoreTDZStack):
+        (JSC::BytecodeGenerator::emitNewInstanceFieldInitializerFunction):
+        * bytecompiler/BytecodeGenerator.h:
+        (JSC::BytecodeGenerator::generate):
+        (JSC::BytecodeGenerator::makeFunction):
+        * debugger/DebuggerCallFrame.cpp:
+        (JSC::DebuggerCallFrame::evaluateWithScopeExtension):
+        * interpreter/Interpreter.cpp:
+        (JSC::eval):
+        * parser/Parser.h:
+        (JSC::Parser<LexerType>::parse):
+        (JSC::parse):
+        * parser/VariableEnvironment.cpp:
+        (JSC::CompactTDZEnvironment::sortCompact):
+        (JSC::CompactTDZEnvironment::CompactTDZEnvironment):
+        (JSC::CompactTDZEnvironment::operator== const):
+        (JSC::CompactTDZEnvironment::toTDZEnvironmentSlow const):
+        (JSC::CompactTDZEnvironmentMap::get):
+        (JSC::CompactTDZEnvironmentMap::Handle::~Handle):
+        (JSC::CompactTDZEnvironmentMap::Handle::Handle):
+        (JSC::CompactVariableEnvironment::CompactVariableEnvironment): Deleted.
+        (JSC::CompactVariableEnvironment::operator== const): Deleted.
+        (JSC::CompactVariableEnvironment::toVariableEnvironment const): Deleted.
+        (JSC::CompactVariableMap::get): Deleted.
+        (JSC::CompactVariableMap::Handle::~Handle): Deleted.
+        (JSC::CompactVariableMap::Handle::Handle): Deleted.
+        * parser/VariableEnvironment.h:
+        (JSC::CompactTDZEnvironment::toTDZEnvironment const):
+        (JSC::CompactTDZEnvironmentKey::CompactTDZEnvironmentKey):
+        (JSC::CompactTDZEnvironmentKey::hash):
+        (JSC::CompactTDZEnvironmentKey::equal):
+        (JSC::CompactTDZEnvironmentKey::makeDeletedValue):
+        (JSC::CompactTDZEnvironmentKey::isHashTableDeletedValue const):
+        (JSC::CompactTDZEnvironmentKey::environment):
+        (WTF::HashTraits<JSC::CompactTDZEnvironmentKey>::emptyValue):
+        (WTF::HashTraits<JSC::CompactTDZEnvironmentKey>::isEmptyValue):
+        (WTF::HashTraits<JSC::CompactTDZEnvironmentKey>::constructDeletedValue):
+        (WTF::HashTraits<JSC::CompactTDZEnvironmentKey>::isDeletedValue):
+        (JSC::CompactTDZEnvironmentMap::Handle::environment const):
+        (JSC::CompactVariableEnvironment::hash const): Deleted.
+        (JSC::CompactVariableMapKey::CompactVariableMapKey): Deleted.
+        (JSC::CompactVariableMapKey::hash): Deleted.
+        (JSC::CompactVariableMapKey::equal): Deleted.
+        (JSC::CompactVariableMapKey::makeDeletedValue): Deleted.
+        (JSC::CompactVariableMapKey::isHashTableDeletedValue const): Deleted.
+        (JSC::CompactVariableMapKey::isHashTableEmptyValue const): Deleted.
+        (JSC::CompactVariableMapKey::environment): Deleted.
+        (WTF::HashTraits<JSC::CompactVariableMapKey>::emptyValue): Deleted.
+        (WTF::HashTraits<JSC::CompactVariableMapKey>::isEmptyValue): Deleted.
+        (WTF::HashTraits<JSC::CompactVariableMapKey>::constructDeletedValue): Deleted.
+        (WTF::HashTraits<JSC::CompactVariableMapKey>::isDeletedValue): Deleted.
+        (JSC::CompactVariableMap::Handle::Handle): Deleted.
+        (JSC::CompactVariableMap::Handle::operator=): Deleted.
+        (JSC::CompactVariableMap::Handle::operator bool const): Deleted.
+        (JSC::CompactVariableMap::Handle::environment const): Deleted.
+        (JSC::CompactVariableMap::Handle::swap): Deleted.
+        * runtime/CachedTypes.cpp:
+        (JSC::Decoder::handleForTDZEnvironment const):
+        (JSC::Decoder::setHandleForTDZEnvironment):
+        (JSC::CachedCompactTDZEnvironment::encode):
+        (JSC::CachedCompactTDZEnvironment::decode const):
+        (JSC::CachedCompactTDZEnvironmentMapHandle::encode):
+        (JSC::CachedCompactTDZEnvironmentMapHandle::decode const):
+        (JSC::CachedFunctionExecutableRareData::decode const):
+        (JSC::Decoder::handleForEnvironment const): Deleted.
+        (JSC::Decoder::setHandleForEnvironment): Deleted.
+        (JSC::CachedCompactVariableEnvironment::encode): Deleted.
+        (JSC::CachedCompactVariableEnvironment::decode const): Deleted.
+        (JSC::CachedCompactVariableMapHandle::encode): Deleted.
+        (JSC::CachedCompactVariableMapHandle::decode const): Deleted.
+        * runtime/CachedTypes.h:
+        * runtime/CodeCache.cpp:
+        (JSC::generateUnlinkedCodeBlockImpl):
+        (JSC::generateUnlinkedCodeBlock):
+        (JSC::generateUnlinkedCodeBlockForDirectEval):
+        (JSC::recursivelyGenerateUnlinkedCodeBlockForProgram):
+        (JSC::recursivelyGenerateUnlinkedCodeBlockForModuleProgram):
+        (JSC::CodeCache::getUnlinkedGlobalCodeBlock):
+        * runtime/CodeCache.h:
+        * runtime/Completion.cpp:
+        (JSC::generateProgramBytecode):
+        (JSC::generateModuleBytecode):
+        * runtime/DirectEvalExecutable.cpp:
+        (JSC::DirectEvalExecutable::create):
+        * runtime/DirectEvalExecutable.h:
+        * runtime/JSScope.cpp:
+        (JSC::JSScope::collectClosureVariablesUnderTDZ):
+        * runtime/JSScope.h:
+        * runtime/VM.cpp:
+        (JSC::VM::VM):
+        * runtime/VM.h:
+
 2020-10-28  Robin Morisset  <rmorisset@apple.com>
 

trunk/Source/JavaScriptCore/bytecode/UnlinkedFunctionExecutable.cpp

@@ -73 +73 @@
     UnlinkedFunctionCodeBlock* result = UnlinkedFunctionCodeBlock::create(vm, FunctionCode, ExecutableInfo(function->usesEval(), kind == CodeForConstruct, functionKind == UnlinkedBuiltinFunction, executable->constructorKind(), scriptMode, executable->superBinding(), parseMode, executable->derivedContextType(), executable->needsClassFieldInitializer(), false, isClassContext, EvalContextType::FunctionEvalContext), codeGenerationMode);
 
-    VariableEnvironment parentScopeTDZVariables = executable->parentScopeTDZVariables();
+    auto parentScopeTDZVariables = executable->parentScopeTDZVariables();
     ECMAMode ecmaMode = executable->isInStrictContext() ? ECMAMode::strict() : ECMAMode::sloppy();
-    error = BytecodeGenerator::generate(vm, function.get(), source, result, codeGenerationMode, &parentScopeTDZVariables, ecmaMode);
+    error = BytecodeGenerator::generate(vm, function.get(), source, result, codeGenerationMode, parentScopeTDZVariables, ecmaMode);
 
     if (error.isValid())
@@ -83 +83 @@
 }
 
-UnlinkedFunctionExecutable::UnlinkedFunctionExecutable(VM& vm, Structure* structure, const SourceCode& parentSource, FunctionMetadataNode* node, UnlinkedFunctionKind kind, ConstructAbility constructAbility, JSParserScriptMode scriptMode, Optional<CompactVariableMap::Handle> parentScopeTDZVariables, DerivedContextType derivedContextType, NeedsClassFieldInitializer needsClassFieldInitializer, bool isBuiltinDefaultClassConstructor)
+UnlinkedFunctionExecutable::UnlinkedFunctionExecutable(VM& vm, Structure* structure, const SourceCode& parentSource, FunctionMetadataNode* node, UnlinkedFunctionKind kind, ConstructAbility constructAbility, JSParserScriptMode scriptMode, Optional<Vector<CompactTDZEnvironmentMap::Handle>> parentScopeTDZVariables, DerivedContextType derivedContextType, NeedsClassFieldInitializer needsClassFieldInitializer, bool isBuiltinDefaultClassConstructor)
     : Base(vm, structure)
     , m_firstLineOffset(node->firstLine() - parentSource.firstLine().oneBasedInt())

trunk/Source/JavaScriptCore/bytecode/UnlinkedFunctionExecutable.h

@@ -71 +71 @@
     }
 
-    static UnlinkedFunctionExecutable* create(VM& vm, const SourceCode& source, FunctionMetadataNode* node, UnlinkedFunctionKind unlinkedFunctionKind, ConstructAbility constructAbility, JSParserScriptMode scriptMode, Optional<CompactVariableMap::Handle> parentScopeTDZVariables, DerivedContextType derivedContextType, NeedsClassFieldInitializer needsClassFieldInitializer, bool isBuiltinDefaultClassConstructor = false)
+    static UnlinkedFunctionExecutable* create(VM& vm, const SourceCode& source, FunctionMetadataNode* node, UnlinkedFunctionKind unlinkedFunctionKind, ConstructAbility constructAbility, JSParserScriptMode scriptMode, Optional<Vector<CompactTDZEnvironmentMap::Handle>> parentScopeTDZVariables, DerivedContextType derivedContextType, NeedsClassFieldInitializer needsClassFieldInitializer, bool isBuiltinDefaultClassConstructor = false)
     {
         UnlinkedFunctionExecutable* instance = new (NotNull, allocateCell<UnlinkedFunctionExecutable>(vm.heap))
@@ -169 +169 @@
     }
 
-    VariableEnvironment parentScopeTDZVariables() const
-    {
-        if (!m_rareData || !m_rareData->m_parentScopeTDZVariables)
-            return VariableEnvironment();
-        return m_rareData->m_parentScopeTDZVariables.environment().toVariableEnvironment();
+    Vector<CompactTDZEnvironmentMap::Handle> parentScopeTDZVariables() const
+    {
+        if (!m_rareData || m_rareData->m_parentScopeTDZVariables.isEmpty())
+            return { };
+        return m_rareData->m_parentScopeTDZVariables;
     }
     
@@ -209 +209 @@
         String m_sourceURLDirective;
         String m_sourceMappingURLDirective;
-        CompactVariableMap::Handle m_parentScopeTDZVariables;
+        Vector<CompactTDZEnvironmentMap::Handle> m_parentScopeTDZVariables;
         Vector<JSTextPosition> m_instanceFieldLocations;
     };
@@ -230 +230 @@
 
 private:
-    UnlinkedFunctionExecutable(VM&, Structure*, const SourceCode&, FunctionMetadataNode*, UnlinkedFunctionKind, ConstructAbility, JSParserScriptMode, Optional<CompactVariableMap::Handle>,  JSC::DerivedContextType, JSC::NeedsClassFieldInitializer, bool isBuiltinDefaultClassConstructor);
+    UnlinkedFunctionExecutable(VM&, Structure*, const SourceCode&, FunctionMetadataNode*, UnlinkedFunctionKind, ConstructAbility, JSParserScriptMode, Optional<Vector<CompactTDZEnvironmentMap::Handle>>,  JSC::DerivedContextType, JSC::NeedsClassFieldInitializer, bool isBuiltinDefaultClassConstructor);
     UnlinkedFunctionExecutable(Decoder&, const CachedFunctionExecutable&);
 

trunk/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp

@@ -49 +49 @@
 #include "PrivateFieldPutKind.h"
 #include "StrongInlines.h"
+#include "SuperSampler.h"
 #include "UnlinkedCodeBlock.h"
 #include "UnlinkedEvalCodeBlock.h"
@@ -289 +290 @@
 }
 
-BytecodeGenerator::BytecodeGenerator(VM& vm, ProgramNode* programNode, UnlinkedProgramCodeBlock* codeBlock, OptionSet<CodeGenerationMode> codeGenerationMode, const VariableEnvironment* parentScopeTDZVariables, ECMAMode ecmaMode)
+BytecodeGenerator::BytecodeGenerator(VM& vm, ProgramNode* programNode, UnlinkedProgramCodeBlock* codeBlock, OptionSet<CodeGenerationMode> codeGenerationMode, const CachedTDZStack& parentScopeTDZVariables, ECMAMode ecmaMode)
     : BytecodeGeneratorBase(makeUnique<UnlinkedCodeBlockGenerator>(vm, codeBlock), CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters())
     , m_codeGenerationMode(codeGenerationMode)
@@ -301 +302 @@
     , m_usesNonStrictEval(false)
     , m_inTailPosition(false)
-    , m_hasCachedVariablesUnderTDZ(false)
     , m_needsToUpdateArrowFunctionContext(programNode->usesArrowFunction() || programNode->usesEval())
     , m_ecmaMode(ecmaMode)
 {
-    ASSERT_UNUSED(parentScopeTDZVariables, !parentScopeTDZVariables->size());
+    ASSERT_UNUSED(parentScopeTDZVariables, !parentScopeTDZVariables.size());
 
     m_codeBlock->setNumParameters(1); // Allocate space for "this"
@@ -337 +337 @@
 }
 
-BytecodeGenerator::BytecodeGenerator(VM& vm, FunctionNode* functionNode, UnlinkedFunctionCodeBlock* codeBlock, OptionSet<CodeGenerationMode> codeGenerationMode, const VariableEnvironment* parentScopeTDZVariables, ECMAMode ecmaMode)
+BytecodeGenerator::BytecodeGenerator(VM& vm, FunctionNode* functionNode, UnlinkedFunctionCodeBlock* codeBlock, OptionSet<CodeGenerationMode> codeGenerationMode, const CachedTDZStack& parentScopeTDZVariables, ECMAMode ecmaMode)
     : BytecodeGeneratorBase(makeUnique<UnlinkedCodeBlockGenerator>(vm, codeBlock), CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters())
     , m_codeGenerationMode(codeGenerationMode)
@@ -356 +356 @@
     // Note that we intentionally enable tail call for naked constructors since it does not have special code for "return".
     , m_inTailPosition(Options::useTailCalls() && !isConstructor() && constructorKind() == ConstructorKind::None && ecmaMode.isStrict())
-    , m_hasCachedVariablesUnderTDZ(false)
     , m_needsToUpdateArrowFunctionContext(functionNode->usesArrowFunction() || functionNode->usesEval())
     , m_ecmaMode(ecmaMode)
@@ -364 +363 @@
     functionSymbolTable->setUsesNonStrictEval(m_usesNonStrictEval);
     int symbolTableConstantIndex = 0;
+
+    m_parentScopeTDZStackSize = parentScopeTDZVariables.size();
+    m_cachedVariablesUnderTDZ = parentScopeTDZVariables;
 
     FunctionParameters& parameters = *functionNode->parameters(); 
@@ -771 +773 @@
     }
 
-    // All "addVar()"s needs to happen before "initializeDefaultParameterValuesAndSetupFunctionScopeStack()" is called
-    // because a function's default parameter ExpressionNodes will use temporary registers.
-    pushTDZVariables(*parentScopeTDZVariables, TDZCheckOptimization::DoNotOptimize, TDZRequirement::UnderTDZ);
-
     Ref<Label> catchLabel = newLabel();
     TryData* tryFormalParametersData = nullptr;
@@ -783 +781 @@
     }
 
+    // All "addVar()"s needs to happen before "initializeDefaultParameterValuesAndSetupFunctionScopeStack()" is called
+    // because a function's default parameter ExpressionNodes will use temporary registers.
     initializeDefaultParameterValuesAndSetupFunctionScopeStack(parameters, isSimpleParameterList, functionNode, functionSymbolTable, symbolTableConstantIndex, captures, shouldCreateArgumentsVariableInParameterScope);
 
@@ -841 +841 @@
 }
 
-BytecodeGenerator::BytecodeGenerator(VM& vm, EvalNode* evalNode, UnlinkedEvalCodeBlock* codeBlock, OptionSet<CodeGenerationMode> codeGenerationMode, const VariableEnvironment* parentScopeTDZVariables, ECMAMode ecmaMode)
+BytecodeGenerator::BytecodeGenerator(VM& vm, EvalNode* evalNode, UnlinkedEvalCodeBlock* codeBlock, OptionSet<CodeGenerationMode> codeGenerationMode, const CachedTDZStack& parentScopeTDZVariables, ECMAMode ecmaMode)
     : BytecodeGeneratorBase(makeUnique<UnlinkedCodeBlockGenerator>(vm, codeBlock), CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters())
     , m_codeGenerationMode(codeGenerationMode)
@@ -853 +853 @@
     , m_usesNonStrictEval(codeBlock->usesEval() && !ecmaMode.isStrict())
     , m_inTailPosition(false)
-    , m_hasCachedVariablesUnderTDZ(false)
     , m_needsToUpdateArrowFunctionContext(evalNode->usesArrowFunction() || evalNode->usesEval())
     , m_ecmaMode(ecmaMode)
@@ -860 +859 @@
     m_codeBlock->setNumParameters(1);
 
-    pushTDZVariables(*parentScopeTDZVariables, TDZCheckOptimization::DoNotOptimize, TDZRequirement::UnderTDZ);
+    m_parentScopeTDZStackSize = parentScopeTDZVariables.size();
+    m_cachedVariablesUnderTDZ = parentScopeTDZVariables;
 
     emitEnter();
@@ -905 +905 @@
 }
 
-BytecodeGenerator::BytecodeGenerator(VM& vm, ModuleProgramNode* moduleProgramNode, UnlinkedModuleProgramCodeBlock* codeBlock, OptionSet<CodeGenerationMode> codeGenerationMode, const VariableEnvironment* parentScopeTDZVariables, ECMAMode ecmaMode)
+BytecodeGenerator::BytecodeGenerator(VM& vm, ModuleProgramNode* moduleProgramNode, UnlinkedModuleProgramCodeBlock* codeBlock, OptionSet<CodeGenerationMode> codeGenerationMode, const CachedTDZStack& parentScopeTDZVariables, ECMAMode ecmaMode)
     : BytecodeGeneratorBase(makeUnique<UnlinkedCodeBlockGenerator>(vm, codeBlock), CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters())
     , m_codeGenerationMode(codeGenerationMode)
@@ -917 +917 @@
     , m_usesNonStrictEval(false)
     , m_inTailPosition(false)
-    , m_hasCachedVariablesUnderTDZ(false)
     , m_needsToUpdateArrowFunctionContext(moduleProgramNode->usesArrowFunction() || moduleProgramNode->usesEval())
     , m_ecmaMode(ecmaMode)
 {
-    ASSERT_UNUSED(parentScopeTDZVariables, !parentScopeTDZVariables->size());
+    ASSERT_UNUSED(parentScopeTDZVariables, !parentScopeTDZVariables.size());
 
     SymbolTable* moduleEnvironmentSymbolTable = SymbolTable::create(m_vm);
@@ -2171 +2170 @@
 
     m_TDZStack.removeLast();
-    m_cachedVariablesUnderTDZ = { };
+    m_cachedVariablesUnderTDZ.removeLast();
 }
 
@@ -2859 +2858 @@
     }
 
+    for (unsigned i = m_parentScopeTDZStackSize; i--;) {
+        if (m_cachedVariablesUnderTDZ[i].environment().toTDZEnvironment().contains(variable.ident().impl()))
+            return true;
+    }
+
     return false;
 }
@@ -2881 +2885 @@
         auto iter = m_TDZStack[i].find(identifier);
         if (iter != m_TDZStack[i].end()) {
-            if (iter->value == TDZNecessityLevel::Optimize) {
-                m_cachedVariablesUnderTDZ = { };
+            if (iter->value == TDZNecessityLevel::Optimize)
                 iter->value = TDZNecessityLevel::NotNeeded;
-            }
             break;
         }
@@ -2909 +2911 @@
 
     m_TDZStack.append(WTFMove(map));
-    m_cachedVariablesUnderTDZ = { };
-}
-
-Optional<CompactVariableMap::Handle> BytecodeGenerator::getVariablesUnderTDZ()
-{
-    if (m_cachedVariablesUnderTDZ) {
-        if (!m_hasCachedVariablesUnderTDZ) {
-            ASSERT(m_cachedVariablesUnderTDZ.environment().toVariableEnvironment().isEmpty());
-            return WTF::nullopt;
-        }
+    m_cachedVariablesUnderTDZ.append({ });
+}
+
+Optional<BytecodeGenerator::CachedTDZStack> BytecodeGenerator::getVariablesUnderTDZ()
+{
+    auto assertCacheIsCoherent = [&] {
+#if ASSERT_ENABLED
+        for (size_t i = 0; i < m_cachedVariablesUnderTDZ.size(); ++i)
+            ASSERT(!!m_cachedVariablesUnderTDZ[i]);
+#endif
+    };
+
+    RELEASE_ASSERT(m_TDZStack.size() + m_parentScopeTDZStackSize == m_cachedVariablesUnderTDZ.size());
+
+    if (m_cachedVariablesUnderTDZ.isEmpty())
+        return WTF::nullopt;
+
+    if (m_cachedVariablesUnderTDZ.last()) {
+        assertCacheIsCoherent();
         return m_cachedVariablesUnderTDZ;
     }
 
-    // We keep track of variablesThatDontNeedTDZ in this algorithm to prevent
-    // reporting that "x" is under TDZ if this function is called at "...".
-    //
-    //     {
-    //         {
-    //             let x;
-    //             ...
-    //         }
-    //         let x;
-    //     }
-    SmallPtrSet<UniquedStringImpl*, 16> variablesThatDontNeedTDZ;
-    VariableEnvironment environment;
-    for (unsigned i = m_TDZStack.size(); i--; ) {
+    for (size_t i = m_TDZStack.size(); i--;) {
+        if (m_cachedVariablesUnderTDZ[i + m_parentScopeTDZStackSize])
+            break;
+
         auto& map = m_TDZStack[i];
-        for (auto& entry : map)  {
-            if (entry.value != TDZNecessityLevel::NotNeeded) {
-                if (!variablesThatDontNeedTDZ.contains(entry.key.get()))
-                    environment.add(entry.key.get());
-            } else
-                variablesThatDontNeedTDZ.add(entry.key.get());
-        }
-    }
-
-    m_cachedVariablesUnderTDZ = m_vm.m_compactVariableMap->get(environment);
-    m_hasCachedVariablesUnderTDZ = !environment.isEmpty();
-    if (!m_hasCachedVariablesUnderTDZ)
-        return WTF::nullopt;
-
+        TDZEnvironment environment;
+        for (auto& entry : map) {
+            if (entry.value != TDZNecessityLevel::NotNeeded)
+                environment.add(entry.key.get());
+        }
+        m_cachedVariablesUnderTDZ[i + m_parentScopeTDZStackSize] = m_vm.m_compactVariableMap->get(environment);
+    }
+
+    assertCacheIsCoherent();
     return m_cachedVariablesUnderTDZ;
 }
@@ -2956 +2953 @@
 {
     preservedStack.m_preservedTDZStack = m_TDZStack;
+    preservedStack.m_cachedTDZStack = m_cachedVariablesUnderTDZ;
 }
 
@@ -2961 +2959 @@
 {
     m_TDZStack = preservedStack.m_preservedTDZStack;
-    m_cachedVariablesUnderTDZ = { };
+    m_cachedVariablesUnderTDZ = preservedStack.m_cachedTDZStack;
 }
 
@@ -3148 +3146 @@
     }
 
-    Optional<CompactVariableMap::Handle> variablesUnderTDZ = getVariablesUnderTDZ();
+    auto variablesUnderTDZ = getVariablesUnderTDZ();
     SourceParseMode parseMode = SourceParseMode::InstanceFieldInitializerMode;
     ConstructAbility constructAbility = ConstructAbility::CannotConstruct;

trunk/Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h

@@ -408 +408 @@
     public:
         typedef DeclarationStacks::FunctionStack FunctionStack;
-
-        BytecodeGenerator(VM&, ProgramNode*, UnlinkedProgramCodeBlock*, OptionSet<CodeGenerationMode>, const VariableEnvironment*, ECMAMode);
-        BytecodeGenerator(VM&, FunctionNode*, UnlinkedFunctionCodeBlock*, OptionSet<CodeGenerationMode>, const VariableEnvironment*, ECMAMode);
-        BytecodeGenerator(VM&, EvalNode*, UnlinkedEvalCodeBlock*, OptionSet<CodeGenerationMode>, const VariableEnvironment*, ECMAMode);
-        BytecodeGenerator(VM&, ModuleProgramNode*, UnlinkedModuleProgramCodeBlock*, OptionSet<CodeGenerationMode>, const VariableEnvironment*, ECMAMode);
+        using CachedTDZStack = Vector<CompactTDZEnvironmentMap::Handle>;
+
+        BytecodeGenerator(VM&, ProgramNode*, UnlinkedProgramCodeBlock*, OptionSet<CodeGenerationMode>, const CachedTDZStack&, ECMAMode);
+        BytecodeGenerator(VM&, FunctionNode*, UnlinkedFunctionCodeBlock*, OptionSet<CodeGenerationMode>, const CachedTDZStack&, ECMAMode);
+        BytecodeGenerator(VM&, EvalNode*, UnlinkedEvalCodeBlock*, OptionSet<CodeGenerationMode>, const CachedTDZStack&, ECMAMode);
+        BytecodeGenerator(VM&, ModuleProgramNode*, UnlinkedModuleProgramCodeBlock*, OptionSet<CodeGenerationMode>, const CachedTDZStack&, ECMAMode);
 
         ~BytecodeGenerator();
@@ -432 +433 @@
 
         template<typename Node, typename UnlinkedCodeBlock>
-        static ParserError generate(VM& vm, Node* node, const SourceCode& sourceCode, UnlinkedCodeBlock* unlinkedCodeBlock, OptionSet<CodeGenerationMode> codeGenerationMode, const VariableEnvironment* environment, ECMAMode ecmaMode)
+        static ParserError generate(VM& vm, Node* node, const SourceCode& sourceCode, UnlinkedCodeBlock* unlinkedCodeBlock, OptionSet<CodeGenerationMode> codeGenerationMode, const CachedTDZStack& parentScopeTDZVariables, ECMAMode ecmaMode)
         {
             MonotonicTime before;
@@ -439 +440 @@
 
             DeferGC deferGC(vm.heap);
-            auto bytecodeGenerator = makeUnique<BytecodeGenerator>(vm, node, unlinkedCodeBlock, codeGenerationMode, environment, ecmaMode);
+            auto bytecodeGenerator = makeUnique<BytecodeGenerator>(vm, node, unlinkedCodeBlock, codeGenerationMode, parentScopeTDZVariables, ecmaMode);
             auto result = bytecodeGenerator->generate();
 
@@ -1186 +1187 @@
             }
 
-            Optional<CompactVariableMap::Handle> optionalVariablesUnderTDZ = getVariablesUnderTDZ();
+            auto optionalVariablesUnderTDZ = getVariablesUnderTDZ();
 
             // FIXME: These flags, ParserModes and propagation to XXXCodeBlocks should be reorganized.
@@ -1198 +1199 @@
         }
 
-        Optional<CompactVariableMap::Handle> getVariablesUnderTDZ();
+        Optional<CachedTDZStack> getVariablesUnderTDZ();
 
         RegisterID* emitConstructVarargs(RegisterID* dst, RegisterID* func, RegisterID* thisRegister, RegisterID* arguments, RegisterID* firstFreeRegister, int32_t firstVarArgOffset, const JSTextPosition& divot, const JSTextPosition& divotStart, const JSTextPosition& divotEnd, DebuggableCall);
@@ -1232 +1233 @@
         private:
             Vector<TDZMap> m_preservedTDZStack;
+            CachedTDZStack m_cachedTDZStack;
             friend class BytecodeGenerator;
         };
@@ -1263 +1265 @@
         Vector<LexicalScopeStackEntry> m_lexicalScopeStack;
 
+        size_t m_parentScopeTDZStackSize { 0 };
         Vector<TDZMap> m_TDZStack;
+        CachedTDZStack m_cachedVariablesUnderTDZ;
         Optional<size_t> m_varScopeLexicalScopeStackIndex;
         void pushTDZVariables(const VariableEnvironment&, TDZCheckOptimization, TDZRequirement);
@@ -1345 +1349 @@
         bool m_usesNonStrictEval { false };
         bool m_inTailPosition { false };
-        bool m_hasCachedVariablesUnderTDZ { false };
         bool m_needsToUpdateArrowFunctionContext : 1;
         ECMAMode m_ecmaMode;
         DerivedContextType m_derivedContextType { DerivedContextType::None };
-
-        CompactVariableMap::Handle m_cachedVariablesUnderTDZ;
 
         struct CatchEntry {

trunk/Source/JavaScriptCore/debugger/DebuggerCallFrame.cpp

@@ -259 +259 @@
         evalContextType = EvalContextType::None;
 
-    VariableEnvironment variablesUnderTDZ;
-    JSScope::collectClosureVariablesUnderTDZ(scope()->jsScope(), variablesUnderTDZ);
+    TDZEnvironment variablesUnderTDZ;
+    VariableEnvironment privateNames;
+    JSScope::collectClosureVariablesUnderTDZ(scope()->jsScope(), variablesUnderTDZ, privateNames);
 
     ECMAMode ecmaMode = codeBlock->ownerExecutable()->isInStrictContext() ? ECMAMode::strict() : ECMAMode::sloppy();
-    auto* eval = DirectEvalExecutable::create(globalObject, makeSource(script, callFrame->callerSourceOrigin(vm)), codeBlock->unlinkedCodeBlock()->derivedContextType(), codeBlock->unlinkedCodeBlock()->needsClassFieldInitializer(), codeBlock->unlinkedCodeBlock()->isArrowFunction(), codeBlock->ownerExecutable()->isInsideOrdinaryFunction(), evalContextType, &variablesUnderTDZ, ecmaMode);
+    auto* eval = DirectEvalExecutable::create(globalObject, makeSource(script, callFrame->callerSourceOrigin(vm)), codeBlock->unlinkedCodeBlock()->derivedContextType(), codeBlock->unlinkedCodeBlock()->needsClassFieldInitializer(), codeBlock->unlinkedCodeBlock()->isArrowFunction(), codeBlock->ownerExecutable()->isInsideOrdinaryFunction(), evalContextType, &variablesUnderTDZ, &privateNames, ecmaMode);
     if (UNLIKELY(catchScope.exception())) {
         exception = catchScope.exception();

trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp

@@ -144 +144 @@
         }
         
-        VariableEnvironment variablesUnderTDZ;
-        JSScope::collectClosureVariablesUnderTDZ(callerScopeChain, variablesUnderTDZ);
-        eval = DirectEvalExecutable::create(globalObject, makeSource(programSource, callerCodeBlock->source().provider()->sourceOrigin()), derivedContextType, callerUnlinkedCodeBlock->needsClassFieldInitializer(), isArrowFunctionContext, callerCodeBlock->ownerExecutable()->isInsideOrdinaryFunction(), evalContextType, &variablesUnderTDZ, ecmaMode);
+        TDZEnvironment variablesUnderTDZ;
+        VariableEnvironment privateNames;
+        JSScope::collectClosureVariablesUnderTDZ(callerScopeChain, variablesUnderTDZ, privateNames);
+        eval = DirectEvalExecutable::create(globalObject, makeSource(programSource, callerCodeBlock->source().provider()->sourceOrigin()), derivedContextType, callerUnlinkedCodeBlock->needsClassFieldInitializer(), isArrowFunctionContext, callerCodeBlock->ownerExecutable()->isInsideOrdinaryFunction(), evalContextType, &variablesUnderTDZ, &privateNames, ecmaMode);
         EXCEPTION_ASSERT(!!scope.exception() == !eval);
         if (!eval)

trunk/Source/JavaScriptCore/parser/Parser.h

@@ -2054 +2054 @@
 template <typename LexerType>
 template <class ParsedNode>
-std::unique_ptr<ParsedNode> Parser<LexerType>::parse(ParserError& error, const Identifier& calleeName, SourceParseMode parseMode, ParsingContext parsingContext, Optional<int> functionConstructorParametersEndPosition, const VariableEnvironment* variablesUnderTDZ, const Vector<JSTextPosition>* instanceFieldLocations)
+std::unique_ptr<ParsedNode> Parser<LexerType>::parse(ParserError& error, const Identifier& calleeName, SourceParseMode parseMode, ParsingContext parsingContext, Optional<int> functionConstructorParametersEndPosition, const VariableEnvironment* parentScopePrivateNames, const Vector<JSTextPosition>* instanceFieldLocations)
 {
     int errLine;
@@ -2069 +2069 @@
     unsigned startColumn = m_source->startColumn().zeroBasedInt();
 
-    if (isEvalNode<ParsedNode>() && variablesUnderTDZ && variablesUnderTDZ->privateNamesSize()) {
+    if (isEvalNode<ParsedNode>() && parentScopePrivateNames && parentScopePrivateNames->privateNamesSize()) {
         currentScope()->setIsPrivateNameScope();
-        variablesUnderTDZ->copyPrivateNamesTo(currentScope()->lexicalVariables());
+        parentScopePrivateNames->copyPrivateNamesTo(currentScope()->lexicalVariables());
     }
 
@@ -2158 +2158 @@
     EvalContextType evalContextType = EvalContextType::None,
     DebuggerParseData* debuggerParseData = nullptr,
-    const VariableEnvironment* variablesUnderTDZ = nullptr,
+    const VariableEnvironment* parentScopePrivateNames = nullptr,
     const Vector<JSTextPosition>* instanceFieldLocations = nullptr,
     bool isInsideOrdinaryFunction = false)
@@ -2171 +2171 @@
     if (source.provider()->source().is8Bit()) {
         Parser<Lexer<LChar>> parser(vm, source, builtinMode, strictMode, scriptMode, parseMode, superBinding, defaultConstructorKindForTopLevelFunction, derivedContextType, isEvalNode<ParsedNode>(), evalContextType, debuggerParseData, isInsideOrdinaryFunction);
-        result = parser.parse<ParsedNode>(error, name, parseMode, isEvalNode<ParsedNode>() ? ParsingContext::Eval : ParsingContext::Program, WTF::nullopt, variablesUnderTDZ, instanceFieldLocations);
+        result = parser.parse<ParsedNode>(error, name, parseMode, isEvalNode<ParsedNode>() ? ParsingContext::Eval : ParsingContext::Program, WTF::nullopt, parentScopePrivateNames, instanceFieldLocations);
         if (positionBeforeLastNewline)
             *positionBeforeLastNewline = parser.positionBeforeLastNewline();
@@ -2184 +2184 @@
         ASSERT_WITH_MESSAGE(defaultConstructorKindForTopLevelFunction == ConstructorKind::None, "BuiltinExecutables's special constructors should always use a 8-bit string");
         Parser<Lexer<UChar>> parser(vm, source, builtinMode, strictMode, scriptMode, parseMode, superBinding, defaultConstructorKindForTopLevelFunction, derivedContextType, isEvalNode<ParsedNode>(), evalContextType, debuggerParseData, isInsideOrdinaryFunction);
-        result = parser.parse<ParsedNode>(error, name, parseMode, isEvalNode<ParsedNode>() ? ParsingContext::Eval : ParsingContext::Program, WTF::nullopt, variablesUnderTDZ, instanceFieldLocations);
+        result = parser.parse<ParsedNode>(error, name, parseMode, isEvalNode<ParsedNode>() ? ParsingContext::Eval : ParsingContext::Program, WTF::nullopt, parentScopePrivateNames, instanceFieldLocations);
         if (positionBeforeLastNewline)
             *positionBeforeLastNewline = parser.positionBeforeLastNewline();

trunk/Source/JavaScriptCore/parser/VariableEnvironment.cpp

@@ -105 +105 @@
 }
 
-CompactVariableEnvironment::CompactVariableEnvironment(const VariableEnvironment& env)
-    : m_isEverythingCaptured(env.isEverythingCaptured())
-{
-    Vector<std::pair<UniquedStringImpl*, VariableEnvironmentEntry>, 32> sortedEntries;
-    sortedEntries.reserveInitialCapacity(env.mapSize());
-    for (auto& pair : env)
-        sortedEntries.append({ pair.key.get(), pair.value });
-
-    std::sort(sortedEntries.begin(), sortedEntries.end(), [] (const auto& a, const auto& b) {
-        return a.first < b.first;
+
+void CompactTDZEnvironment::sortCompact(Compact& compact)
+{
+    std::sort(compact.begin(), compact.end(), [] (auto& a, auto& b) {
+        return a.get() < b.get();
     });
-
-    m_hash = 0;
-    m_variables.reserveInitialCapacity(sortedEntries.size());
-    m_variableMetadata.reserveInitialCapacity(sortedEntries.size());
-    for (const auto& pair : sortedEntries) {
-        m_variables.append(pair.first);
-        m_variableMetadata.append(pair.second);
-        m_hash ^= pair.first->hash();
-        m_hash += pair.second.bits();
-    }
-
-    if (m_isEverythingCaptured)
-        m_hash *= 2;
-}
-
-bool CompactVariableEnvironment::operator==(const CompactVariableEnvironment& other) const
+}
+
+CompactTDZEnvironment::CompactTDZEnvironment(const TDZEnvironment& env)
+{
+    Compact compactVariables;
+    compactVariables.reserveCapacity(env.size());
+
+    m_hash = 0; // Note: XOR is commutative so order doesn't matter here.
+    for (auto& key : env) {
+        compactVariables.append(key.get());
+        m_hash ^= key->hash();
+    }
+
+    sortCompact(compactVariables);
+    m_variables = WTFMove(compactVariables);
+}
+
+bool CompactTDZEnvironment::operator==(const CompactTDZEnvironment& other) const
 {
     if (this == &other)
         return true;
-    if (m_isEverythingCaptured != other.m_isEverythingCaptured)
+
+    if (m_hash != other.m_hash)
         return false;
-    if (m_variables != other.m_variables)
-        return false;
-    if (m_variableMetadata != other.m_variableMetadata)
-        return false;
-    return true;
-}
-
-VariableEnvironment CompactVariableEnvironment::toVariableEnvironment() const
-{
-    VariableEnvironment result;
-    ASSERT(m_variables.size() == m_variableMetadata.size());
-    for (size_t i = 0; i < m_variables.size(); ++i) {
-        auto addResult = result.add(m_variables[i]);
-        ASSERT(addResult.isNewEntry);
-        addResult.iterator->value = m_variableMetadata[i];
-    }
-
-    if (m_isEverythingCaptured)
-        result.markAllVariablesAsCaptured();
+
+    auto equal = [&] (const Compact& compact, const Inflated& inflated) {
+        if (compact.size() != inflated.size())
+            return false;
+        for (auto& ident : compact) {
+            if (!inflated.contains(ident))
+                return false;
+        }
+        return true;
+    };
+
+    bool result;
+    WTF::switchOn(m_variables,
+        [&] (const Compact& compact) {
+            WTF::switchOn(other.m_variables,
+                [&] (const Compact& otherCompact) {
+                    result = compact == otherCompact;
+                },
+                [&] (const Inflated& otherInflated) {
+                    result = equal(compact, otherInflated);
+                });
+        },
+        [&] (const Inflated& inflated) {
+            WTF::switchOn(other.m_variables,
+                [&] (const Compact& otherCompact) {
+                    result = equal(otherCompact, inflated);
+                },
+                [&] (const Inflated& otherInflated) {
+                    result = inflated == otherInflated;
+                });
+        });
 
     return result;
 }
 
-CompactVariableMap::Handle CompactVariableMap::get(const VariableEnvironment& env)
-{
-    auto* environment = new CompactVariableEnvironment(env);
+TDZEnvironment& CompactTDZEnvironment::toTDZEnvironmentSlow() const
+{
+    Inflated inflated;
+    {
+        auto& compact = WTF::get<Compact>(m_variables);
+        for (size_t i = 0; i < compact.size(); ++i) {
+            auto addResult = inflated.add(compact[i]);
+            ASSERT_UNUSED(addResult, addResult.isNewEntry);
+        }
+    }
+    m_variables = Variables(WTFMove(inflated));
+    return const_cast<Inflated&>(WTF::get<Inflated>(m_variables));
+}
+
+CompactTDZEnvironmentMap::Handle CompactTDZEnvironmentMap::get(const TDZEnvironment& env)
+{
+    auto* environment = new CompactTDZEnvironment(env);
     bool isNewEntry;
     auto handle = get(environment, isNewEntry);
@@ -170 +194 @@
 }
 
-CompactVariableMap::Handle CompactVariableMap::get(CompactVariableEnvironment* environment, bool& isNewEntry)
-{
-    CompactVariableMapKey key { *environment };
+CompactTDZEnvironmentMap::Handle CompactTDZEnvironmentMap::get(CompactTDZEnvironment* environment, bool& isNewEntry)
+{
+    CompactTDZEnvironmentKey key { *environment };
     auto addResult = m_map.add(key, 1);
     isNewEntry = addResult.isNewEntry;
     if (addResult.isNewEntry)
-        return CompactVariableMap::Handle(*environment, *this);
+        return CompactTDZEnvironmentMap::Handle(*environment, *this);
 
     ++addResult.iterator->value;
-    return CompactVariableMap::Handle(addResult.iterator->key.environment(), *this);
-}
-
-CompactVariableMap::Handle::~Handle()
+    return CompactTDZEnvironmentMap::Handle(addResult.iterator->key.environment(), *this);
+}
+
+CompactTDZEnvironmentMap::Handle::~Handle()
 {
     if (!m_map) {
@@ -191 +215 @@
 
     RELEASE_ASSERT(m_environment);
-    auto iter = m_map->m_map.find(CompactVariableMapKey { *m_environment });
+    auto iter = m_map->m_map.find(CompactTDZEnvironmentKey { *m_environment });
     RELEASE_ASSERT(iter != m_map->m_map.end());
     --iter->value;
@@ -201 +225 @@
 }
 
-CompactVariableMap::Handle::Handle(const CompactVariableMap::Handle& other)
+CompactTDZEnvironmentMap::Handle::Handle(const CompactTDZEnvironmentMap::Handle& other)
     : m_environment(other.m_environment)
     , m_map(other.m_map)
 {
     if (m_map) {
-        auto iter = m_map->m_map.find(CompactVariableMapKey { *m_environment });
+        auto iter = m_map->m_map.find(CompactTDZEnvironmentKey { *m_environment });
         RELEASE_ASSERT(iter != m_map->m_map.end());
         ++iter->value;
@@ -212 +236 @@
 }
 
-CompactVariableMap::Handle::Handle(CompactVariableEnvironment& environment, CompactVariableMap& map)
+CompactTDZEnvironmentMap::Handle::Handle(CompactTDZEnvironment& environment, CompactTDZEnvironmentMap& map)
     : m_environment(&environment)
     , m_map(&map)

trunk/Source/JavaScriptCore/parser/VariableEnvironment.h

@@ -30 +30 @@
 #include <wtf/HashSet.h>
 #include <wtf/IteratorRange.h>
+#include <wtf/Variant.h>
 
 namespace JSC {
@@ -120 +121 @@
 
 class VariableEnvironment {
+    WTF_MAKE_FAST_ALLOCATED;
 private:
     typedef HashMap<PackedRefPtr<UniquedStringImpl>, VariableEnvironmentEntry, IdentifierRepHash, HashTraits<RefPtr<UniquedStringImpl>>, VariableEnvironmentEntryHashTraits> Map;
@@ -263 +265 @@
 };
 
-class CompactVariableEnvironment {
+using TDZEnvironment = HashSet<RefPtr<UniquedStringImpl>, IdentifierRepHash>;
+
+class CompactTDZEnvironment {
     WTF_MAKE_FAST_ALLOCATED;
-    WTF_MAKE_NONCOPYABLE(CompactVariableEnvironment);
-
-    friend class CachedCompactVariableEnvironment;
+    WTF_MAKE_NONCOPYABLE(CompactTDZEnvironment);
+
+    friend class CachedCompactTDZEnvironment;
+
+    using Compact = Vector<PackedRefPtr<UniquedStringImpl>>;
+    using Inflated = TDZEnvironment;
+    using Variables = Variant<Compact, Inflated>;
 
 public:
-    CompactVariableEnvironment(const VariableEnvironment&);
-    VariableEnvironment toVariableEnvironment() const;
-
-    bool operator==(const CompactVariableEnvironment&) const;
+    CompactTDZEnvironment(const TDZEnvironment&);
+
+    bool operator==(const CompactTDZEnvironment&) const;
     unsigned hash() const { return m_hash; }
 
-private:
-    CompactVariableEnvironment() = default;
-
-    Vector<PackedRefPtr<UniquedStringImpl>> m_variables;
-    Vector<VariableEnvironmentEntry> m_variableMetadata;
+    static void sortCompact(Compact&);
+
+    TDZEnvironment& toTDZEnvironment() const
+    {
+        if (WTF::holds_alternative<Inflated>(m_variables))
+            return const_cast<TDZEnvironment&>(WTF::get<Inflated>(m_variables));
+        return toTDZEnvironmentSlow();
+    }
+
+private:
+    CompactTDZEnvironment() = default;
+    TDZEnvironment& toTDZEnvironmentSlow() const;
+
+    mutable Variables m_variables;
     unsigned m_hash;
-    bool m_isEverythingCaptured;
-};
-
-struct CompactVariableMapKey {
-    CompactVariableMapKey()
+};
+
+struct CompactTDZEnvironmentKey {
+    CompactTDZEnvironmentKey()
         : m_environment(nullptr)
     {
@@ -292 +307 @@
     }
 
-    CompactVariableMapKey(CompactVariableEnvironment& environment)
+    CompactTDZEnvironmentKey(CompactTDZEnvironment& environment)
         : m_environment(&environment)
     { }
 
-    static unsigned hash(const CompactVariableMapKey& key) { return key.m_environment->hash(); }
-    static bool equal(const CompactVariableMapKey& a, const CompactVariableMapKey& b) { return *a.m_environment == *b.m_environment; }
+    static unsigned hash(const CompactTDZEnvironmentKey& key) { return key.m_environment->hash(); }
+    static bool equal(const CompactTDZEnvironmentKey& a, const CompactTDZEnvironmentKey& b) { return *a.m_environment == *b.m_environment; }
     static constexpr bool safeToCompareToEmptyOrDeleted = false;
-    static void makeDeletedValue(CompactVariableMapKey& key)
-    {
-        key.m_environment = reinterpret_cast<CompactVariableEnvironment*>(1);
+    static void makeDeletedValue(CompactTDZEnvironmentKey& key)
+    {
+        key.m_environment = reinterpret_cast<CompactTDZEnvironment*>(1);
     }
     bool isHashTableDeletedValue() const
     {
-        return m_environment == reinterpret_cast<CompactVariableEnvironment*>(1);
+        return m_environment == reinterpret_cast<CompactTDZEnvironment*>(1);
     }
     bool isHashTableEmptyValue() const
@@ -312 +327 @@
     }
 
-    CompactVariableEnvironment& environment()
+    CompactTDZEnvironment& environment()
     {
         RELEASE_ASSERT(!isHashTableDeletedValue());
@@ -320 +335 @@
 
 private:
-    CompactVariableEnvironment* m_environment;
+    CompactTDZEnvironment* m_environment;
 };
 
@@ -328 +343 @@
 
 template<typename T> struct DefaultHash;
-template<> struct DefaultHash<JSC::CompactVariableMapKey> : JSC::CompactVariableMapKey { };
-
-template<> struct HashTraits<JSC::CompactVariableMapKey> : GenericHashTraits<JSC::CompactVariableMapKey> {
+template<> struct DefaultHash<JSC::CompactTDZEnvironmentKey> : JSC::CompactTDZEnvironmentKey { };
+
+template<> struct HashTraits<JSC::CompactTDZEnvironmentKey> : GenericHashTraits<JSC::CompactTDZEnvironmentKey> {
     static constexpr bool emptyValueIsZero = true;
-    static JSC::CompactVariableMapKey emptyValue() { return JSC::CompactVariableMapKey(); }
+    static JSC::CompactTDZEnvironmentKey emptyValue() { return JSC::CompactTDZEnvironmentKey(); }
 
     static constexpr bool hasIsEmptyValueFunction = true;
-    static bool isEmptyValue(JSC::CompactVariableMapKey key) { return key.isHashTableEmptyValue(); }
-
-    static void constructDeletedValue(JSC::CompactVariableMapKey& key) { JSC::CompactVariableMapKey::makeDeletedValue(key); }
-    static bool isDeletedValue(JSC::CompactVariableMapKey key) { return key.isHashTableDeletedValue(); }
+    static bool isEmptyValue(JSC::CompactTDZEnvironmentKey key) { return key.isHashTableEmptyValue(); }
+
+    static void constructDeletedValue(JSC::CompactTDZEnvironmentKey& key) { JSC::CompactTDZEnvironmentKey::makeDeletedValue(key); }
+    static bool isDeletedValue(JSC::CompactTDZEnvironmentKey key) { return key.isHashTableDeletedValue(); }
 };
 
@@ -345 +360 @@
 namespace JSC {
 
-class CompactVariableMap : public RefCounted<CompactVariableMap> {
+class CompactTDZEnvironmentMap : public RefCounted<CompactTDZEnvironmentMap> {
 public:
     class Handle {
-        friend class CachedCompactVariableMapHandle;
+        friend class CachedCompactTDZEnvironmentMapHandle;
 
     public:
         Handle() = default;
 
-        Handle(CompactVariableEnvironment&, CompactVariableMap&);
+        Handle(CompactTDZEnvironment&, CompactTDZEnvironmentMap&);
 
         Handle(Handle&& other)
@@ -378 +393 @@
         explicit operator bool() const { return !!m_map; }
 
-        const CompactVariableEnvironment& environment() const
+        const CompactTDZEnvironment& environment() const
         {
             return *m_environment;
@@ -390 +405 @@
         }
 
-        CompactVariableEnvironment* m_environment { nullptr };
-        RefPtr<CompactVariableMap> m_map;
+        CompactTDZEnvironment* m_environment { nullptr };
+        RefPtr<CompactTDZEnvironmentMap> m_map;
     };
 
-    Handle get(const VariableEnvironment&);
+    Handle get(const TDZEnvironment&);
 
 private:
     friend class Handle;
-    friend class CachedCompactVariableMapHandle;
-
-    Handle get(CompactVariableEnvironment*, bool& isNewEntry);
-
-    HashMap<CompactVariableMapKey, unsigned> m_map;
+    friend class CachedCompactTDZEnvironmentMapHandle;
+
+    Handle get(CompactTDZEnvironment*, bool& isNewEntry);
+
+    HashMap<CompactTDZEnvironmentKey, unsigned> m_map;
 };
 

trunk/Source/JavaScriptCore/runtime/CachedTypes.cpp

@@ -328 +328 @@
 }
 
-CompactVariableMap::Handle Decoder::handleForEnvironment(CompactVariableEnvironment* environment) const
+CompactTDZEnvironmentMap::Handle Decoder::handleForTDZEnvironment(CompactTDZEnvironment* environment) const
 {
     auto it = m_environmentToHandleMap.find(environment);
@@ -335 +335 @@
 }
 
-void Decoder::setHandleForEnvironment(CompactVariableEnvironment* environment, const CompactVariableMap::Handle& handle)
+void Decoder::setHandleForTDZEnvironment(CompactTDZEnvironment* environment, const CompactTDZEnvironmentMap::Handle& handle)
 {
     auto addResult = m_environmentToHandleMap.add(environment, handle);
@@ -1051 +1051 @@
 };
 
-class CachedCompactVariableEnvironment : public CachedObject<CompactVariableEnvironment> {
-public:
-    void encode(Encoder& encoder, const CompactVariableEnvironment& env)
-    {
-        m_variables.encode(encoder, env.m_variables);
-        m_variableMetadata.encode(encoder, env.m_variableMetadata);
+class CachedCompactTDZEnvironment : public CachedObject<CompactTDZEnvironment> {
+public:
+    void encode(Encoder& encoder, const CompactTDZEnvironment& env)
+    {
+        if (WTF::holds_alternative<CompactTDZEnvironment::Compact>(env.m_variables))
+            m_variables.encode(encoder, WTF::get<CompactTDZEnvironment::Compact>(env.m_variables));
+        else {
+            CompactTDZEnvironment::Compact compact;
+            for (auto& key : WTF::get<CompactTDZEnvironment::Inflated>(env.m_variables))
+                compact.append(key);
+            m_variables.encode(encoder, compact);
+        }
         m_hash = env.m_hash;
-        m_isEverythingCaptured = env.m_isEverythingCaptured;
-    }
-
-    void decode(Decoder& decoder, CompactVariableEnvironment& env) const
-    {
-        m_variables.decode(decoder, env.m_variables);
-        m_variableMetadata.decode(decoder, env.m_variableMetadata);
+    }
+
+    void decode(Decoder& decoder, CompactTDZEnvironment& env) const
+    {
+        {
+            CompactTDZEnvironment::Compact compact;
+            m_variables.decode(decoder, compact);
+            CompactTDZEnvironment::sortCompact(compact);
+            env.m_variables = CompactTDZEnvironment::Variables(WTFMove(compact));
+        }
         env.m_hash = m_hash;
-        env.m_isEverythingCaptured = m_isEverythingCaptured;
-    }
-
-    CompactVariableEnvironment* decode(Decoder& decoder) const
-    {
-        CompactVariableEnvironment* env = new CompactVariableEnvironment;
+    }
+
+    CompactTDZEnvironment* decode(Decoder& decoder) const
+    {
+        CompactTDZEnvironment* env = new CompactTDZEnvironment;
         decode(decoder, *env);
         return env;
@@ -1078 +1086 @@
 private:
     CachedVector<CachedRefPtr<CachedUniquedStringImpl, UniquedStringImpl, WTF::PackedPtrTraits<UniquedStringImpl>>> m_variables;
-    CachedVector<VariableEnvironmentEntry> m_variableMetadata;
     unsigned m_hash;
-    bool m_isEverythingCaptured;
-};
-
-class CachedCompactVariableMapHandle : public CachedObject<CompactVariableMap::Handle> {
-public:
-    void encode(Encoder& encoder, const CompactVariableMap::Handle& handle)
+};
+
+class CachedCompactTDZEnvironmentMapHandle : public CachedObject<CompactTDZEnvironmentMap::Handle> {
+public:
+    void encode(Encoder& encoder, const CompactTDZEnvironmentMap::Handle& handle)
     {
         m_environment.encode(encoder, handle.m_environment);
     }
 
-    CompactVariableMap::Handle decode(Decoder& decoder) const
+    CompactTDZEnvironmentMap::Handle decode(Decoder& decoder) const
     {
         bool isNewAllocation;
-        CompactVariableEnvironment* environment = m_environment.decode(decoder, isNewAllocation);
+        CompactTDZEnvironment* environment = m_environment.decode(decoder, isNewAllocation);
         if (!environment) {
             ASSERT(!isNewAllocation);
-            return CompactVariableMap::Handle();
+            return CompactTDZEnvironmentMap::Handle();
         }
 
         if (!isNewAllocation)
-            return decoder.handleForEnvironment(environment);
+            return decoder.handleForTDZEnvironment(environment);
         bool isNewEntry;
-        CompactVariableMap::Handle handle = decoder.vm().m_compactVariableMap->get(environment, isNewEntry);
+        CompactTDZEnvironmentMap::Handle handle = decoder.vm().m_compactVariableMap->get(environment, isNewEntry);
         if (!isNewEntry) {
             decoder.addFinalizer([=] {
@@ -1108 +1114 @@
             });
         }
-        decoder.setHandleForEnvironment(environment, handle);
+        decoder.setHandleForTDZEnvironment(environment, handle);
         return handle;
     }
 
-private:
-    CachedPtr<CachedCompactVariableEnvironment> m_environment;
+    void decode(Decoder& decoder, CompactTDZEnvironmentMap::Handle& handle) const
+    {
+        handle = decode(decoder);
+    }
+
+private:
+    CachedPtr<CachedCompactTDZEnvironment> m_environment;
 };
 
@@ -1752 +1763 @@
         UnlinkedFunctionExecutable::RareData* rareData = new UnlinkedFunctionExecutable::RareData { };
         m_classSource.decode(decoder, rareData->m_classSource);
-        auto parentScopeTDZVariables = m_parentScopeTDZVariables.decode(decoder);
-        rareData->m_parentScopeTDZVariables = WTFMove(parentScopeTDZVariables);
+        m_parentScopeTDZVariables.decode(decoder, rareData->m_parentScopeTDZVariables);
         return rareData;
     }
@@ -1759 +1769 @@
 private:
     CachedSourceCodeWithoutProvider m_classSource;
-    CachedCompactVariableMapHandle m_parentScopeTDZVariables;
+    CachedVector<CachedCompactTDZEnvironmentMapHandle> m_parentScopeTDZVariables;
 };
 

trunk/Source/JavaScriptCore/runtime/CachedTypes.h

@@ -91 +91 @@
     WTF::Optional<void*> cachedPtrForOffset(ptrdiff_t);
     const void* ptrForOffsetFromBase(ptrdiff_t);
-    CompactVariableMap::Handle handleForEnvironment(CompactVariableEnvironment*) const;
-    void setHandleForEnvironment(CompactVariableEnvironment*, const CompactVariableMap::Handle&);
+    CompactTDZEnvironmentMap::Handle handleForTDZEnvironment(CompactTDZEnvironment*) const;
+    void setHandleForTDZEnvironment(CompactTDZEnvironment*, const CompactTDZEnvironmentMap::Handle&);
     void addLeafExecutable(const UnlinkedFunctionExecutable*, ptrdiff_t);
     RefPtr<SourceProvider> provider() const;
@@ -106 +106 @@
     HashMap<ptrdiff_t, void*> m_offsetToPtrMap;
     Vector<std::function<void()>> m_finalizers;
-    HashMap<CompactVariableEnvironment*, CompactVariableMap::Handle> m_environmentToHandleMap;
+    HashMap<CompactTDZEnvironment*, CompactTDZEnvironmentMap::Handle> m_environmentToHandleMap;
     RefPtr<SourceProvider> m_provider;
 };

trunk/Source/JavaScriptCore/runtime/CodeCache.cpp

@@ -72 +72 @@
 
 template <class UnlinkedCodeBlockType, class ExecutableType = ScriptExecutable>
-UnlinkedCodeBlockType* generateUnlinkedCodeBlockImpl(VM& vm, const SourceCode& source, JSParserStrictMode strictMode, JSParserScriptMode scriptMode, OptionSet<CodeGenerationMode> codeGenerationMode, ParserError& error, EvalContextType evalContextType, DerivedContextType derivedContextType, bool isArrowFunctionContext, const VariableEnvironment* variablesUnderTDZ, ExecutableType* executable = nullptr)
+UnlinkedCodeBlockType* generateUnlinkedCodeBlockImpl(VM& vm, const SourceCode& source, JSParserStrictMode strictMode, JSParserScriptMode scriptMode, OptionSet<CodeGenerationMode> codeGenerationMode, ParserError& error, EvalContextType evalContextType, DerivedContextType derivedContextType, bool isArrowFunctionContext, const TDZEnvironment* variablesUnderTDZ = nullptr, const VariableEnvironment* parentScopePrivateNames = nullptr, ExecutableType* executable = nullptr)
 {
     typedef typename CacheTypes<UnlinkedCodeBlockType>::RootNode RootNode;
     bool isInsideOrdinaryFunction = executable && executable->isInsideOrdinaryFunction();
+
     std::unique_ptr<RootNode> rootNode = parse<RootNode>(
-        vm, source, Identifier(), JSParserBuiltinMode::NotBuiltin, strictMode, scriptMode, CacheTypes<UnlinkedCodeBlockType>::parseMode, SuperBinding::NotNeeded, error, nullptr, ConstructorKind::None, derivedContextType, evalContextType, nullptr, variablesUnderTDZ, nullptr, isInsideOrdinaryFunction);
+        vm, source, Identifier(), JSParserBuiltinMode::NotBuiltin, strictMode, scriptMode, CacheTypes<UnlinkedCodeBlockType>::parseMode, SuperBinding::NotNeeded, error, nullptr, ConstructorKind::None, derivedContextType, evalContextType, nullptr, parentScopePrivateNames, nullptr, isInsideOrdinaryFunction);
+
     if (!rootNode)
         return nullptr;
@@ -104 +106 @@
         unlinkedCodeBlock->setSourceMappingURLDirective(source.provider()->sourceMappingURLDirective());
 
-    error = BytecodeGenerator::generate(vm, rootNode.get(), source, unlinkedCodeBlock, codeGenerationMode, variablesUnderTDZ, ecmaMode);
+    Vector<CompactTDZEnvironmentMap::Handle> parentVariablesUnderTDZ;
+    if (variablesUnderTDZ)
+        parentVariablesUnderTDZ.append(vm.m_compactVariableMap->get(*variablesUnderTDZ));
+    error = BytecodeGenerator::generate(vm, rootNode.get(), source, unlinkedCodeBlock, codeGenerationMode, parentVariablesUnderTDZ, ecmaMode);
 
     if (error.isValid())
@@ -113 +118 @@
 
 template <class UnlinkedCodeBlockType, class ExecutableType>
-UnlinkedCodeBlockType* generateUnlinkedCodeBlock(VM& vm, ExecutableType* executable, const SourceCode& source, JSParserStrictMode strictMode, JSParserScriptMode scriptMode, OptionSet<CodeGenerationMode> codeGenerationMode, ParserError& error, EvalContextType evalContextType, const VariableEnvironment* variablesUnderTDZ)
-{
-    return generateUnlinkedCodeBlockImpl<UnlinkedCodeBlockType, ExecutableType>(vm, source, strictMode, scriptMode, codeGenerationMode, error, evalContextType, executable->derivedContextType(), executable->isArrowFunctionContext(), variablesUnderTDZ, executable);
-}
-
-UnlinkedEvalCodeBlock* generateUnlinkedCodeBlockForDirectEval(VM& vm, DirectEvalExecutable* executable, const SourceCode& source, JSParserStrictMode strictMode, JSParserScriptMode scriptMode, OptionSet<CodeGenerationMode> codeGenerationMode, ParserError& error, EvalContextType evalContextType, const VariableEnvironment* variablesUnderTDZ)
-{
-    return generateUnlinkedCodeBlock<UnlinkedEvalCodeBlock>(vm, executable, source, strictMode, scriptMode, codeGenerationMode, error, evalContextType, variablesUnderTDZ);
+UnlinkedCodeBlockType* generateUnlinkedCodeBlock(VM& vm, ExecutableType* executable, const SourceCode& source, JSParserStrictMode strictMode, JSParserScriptMode scriptMode, OptionSet<CodeGenerationMode> codeGenerationMode, ParserError& error, EvalContextType evalContextType, const TDZEnvironment* variablesUnderTDZ = nullptr, const VariableEnvironment* parentScopePrivateNames = nullptr)
+{
+    return generateUnlinkedCodeBlockImpl<UnlinkedCodeBlockType, ExecutableType>(vm, source, strictMode, scriptMode, codeGenerationMode, error, evalContextType, executable->derivedContextType(), executable->isArrowFunctionContext(), variablesUnderTDZ, parentScopePrivateNames, executable);
+}
+
+UnlinkedEvalCodeBlock* generateUnlinkedCodeBlockForDirectEval(VM& vm, DirectEvalExecutable* executable, const SourceCode& source, JSParserStrictMode strictMode, JSParserScriptMode scriptMode, OptionSet<CodeGenerationMode> codeGenerationMode, ParserError& error, EvalContextType evalContextType, const TDZEnvironment* variablesUnderTDZ, const VariableEnvironment* parentScopePrivateNames)
+{
+    return generateUnlinkedCodeBlock<UnlinkedEvalCodeBlock>(vm, executable, source, strictMode, scriptMode, codeGenerationMode, error, evalContextType, variablesUnderTDZ, parentScopePrivateNames);
 }
 
 template <class UnlinkedCodeBlockType>
 std::enable_if_t<!std::is_same<UnlinkedCodeBlockType, UnlinkedEvalCodeBlock>::value, UnlinkedCodeBlockType*>
-recursivelyGenerateUnlinkedCodeBlock(VM& vm, const SourceCode& source, JSParserStrictMode strictMode, JSParserScriptMode scriptMode, OptionSet<CodeGenerationMode> codeGenerationMode, ParserError& error, EvalContextType evalContextType, const VariableEnvironment* variablesUnderTDZ)
+recursivelyGenerateUnlinkedCodeBlock(VM& vm, const SourceCode& source, JSParserStrictMode strictMode, JSParserScriptMode scriptMode, OptionSet<CodeGenerationMode> codeGenerationMode, ParserError& error, EvalContextType evalContextType)
 {
     bool isArrowFunctionContext = false;
-    UnlinkedCodeBlockType* unlinkedCodeBlock = generateUnlinkedCodeBlockImpl<UnlinkedCodeBlockType>(vm, source, strictMode, scriptMode, codeGenerationMode, error, evalContextType, DerivedContextType::None, isArrowFunctionContext, variablesUnderTDZ);
+    UnlinkedCodeBlockType* unlinkedCodeBlock = generateUnlinkedCodeBlockImpl<UnlinkedCodeBlockType>(vm, source, strictMode, scriptMode, codeGenerationMode, error, evalContextType, DerivedContextType::None, isArrowFunctionContext);
     if (!unlinkedCodeBlock)
         return nullptr;
@@ -136 +141 @@
 }
 
-UnlinkedProgramCodeBlock* recursivelyGenerateUnlinkedCodeBlockForProgram(VM& vm, const SourceCode& source, JSParserStrictMode strictMode, JSParserScriptMode scriptMode, OptionSet<CodeGenerationMode> codeGenerationMode, ParserError& error, EvalContextType evalContextType, const VariableEnvironment* variablesUnderTDZ)
-{
-    return recursivelyGenerateUnlinkedCodeBlock<UnlinkedProgramCodeBlock>(vm, source, strictMode, scriptMode, codeGenerationMode, error, evalContextType, variablesUnderTDZ);
-}
-
-UnlinkedModuleProgramCodeBlock* recursivelyGenerateUnlinkedCodeBlockForModuleProgram(VM& vm, const SourceCode& source, JSParserStrictMode strictMode, JSParserScriptMode scriptMode, OptionSet<CodeGenerationMode> codeGenerationMode, ParserError& error, EvalContextType evalContextType, const VariableEnvironment* variablesUnderTDZ)
-{
-    return recursivelyGenerateUnlinkedCodeBlock<UnlinkedModuleProgramCodeBlock>(vm, source, strictMode, scriptMode, codeGenerationMode, error, evalContextType, variablesUnderTDZ);
+UnlinkedProgramCodeBlock* recursivelyGenerateUnlinkedCodeBlockForProgram(VM& vm, const SourceCode& source, JSParserStrictMode strictMode, JSParserScriptMode scriptMode, OptionSet<CodeGenerationMode> codeGenerationMode, ParserError& error, EvalContextType evalContextType)
+{
+    return recursivelyGenerateUnlinkedCodeBlock<UnlinkedProgramCodeBlock>(vm, source, strictMode, scriptMode, codeGenerationMode, error, evalContextType);
+}
+
+UnlinkedModuleProgramCodeBlock* recursivelyGenerateUnlinkedCodeBlockForModuleProgram(VM& vm, const SourceCode& source, JSParserStrictMode strictMode, JSParserScriptMode scriptMode, OptionSet<CodeGenerationMode> codeGenerationMode, ParserError& error, EvalContextType evalContextType)
+{
+    return recursivelyGenerateUnlinkedCodeBlock<UnlinkedModuleProgramCodeBlock>(vm, source, strictMode, scriptMode, codeGenerationMode, error, evalContextType);
 }
 
@@ -169 +174 @@
     }
 
-    VariableEnvironment variablesUnderTDZ;
-    unlinkedCodeBlock = generateUnlinkedCodeBlock<UnlinkedCodeBlockType, ExecutableType>(vm, executable, source, strictMode, scriptMode, codeGenerationMode, error, evalContextType, &variablesUnderTDZ);
+    unlinkedCodeBlock = generateUnlinkedCodeBlock<UnlinkedCodeBlockType, ExecutableType>(vm, executable, source, strictMode, scriptMode, codeGenerationMode, error, evalContextType);
 
     if (unlinkedCodeBlock && Options::useCodeCache()) {

trunk/Source/JavaScriptCore/runtime/CodeCache.h

@@ -51 +51 @@
 class SourceCode;
 class VM;
-class VariableEnvironment;
+
+using TDZEnvironment = HashSet<RefPtr<UniquedStringImpl>, IdentifierRepHash>;
 
 namespace CodeCacheInternal {
@@ -254 +255 @@
 };
 
-UnlinkedEvalCodeBlock* generateUnlinkedCodeBlockForDirectEval(VM&, DirectEvalExecutable*, const SourceCode&, JSParserStrictMode, JSParserScriptMode, OptionSet<CodeGenerationMode>, ParserError&, EvalContextType, const VariableEnvironment* variablesUnderTDZ);
-UnlinkedProgramCodeBlock* recursivelyGenerateUnlinkedCodeBlockForProgram(VM&, const SourceCode&, JSParserStrictMode, JSParserScriptMode, OptionSet<CodeGenerationMode>, ParserError&, EvalContextType, const VariableEnvironment* variablesUnderTDZ);
-UnlinkedModuleProgramCodeBlock* recursivelyGenerateUnlinkedCodeBlockForModuleProgram(VM&, const SourceCode&, JSParserStrictMode, JSParserScriptMode, OptionSet<CodeGenerationMode>, ParserError&, EvalContextType, const VariableEnvironment* variablesUnderTDZ);
+UnlinkedEvalCodeBlock* generateUnlinkedCodeBlockForDirectEval(VM&, DirectEvalExecutable*, const SourceCode&, JSParserStrictMode, JSParserScriptMode, OptionSet<CodeGenerationMode>, ParserError&, EvalContextType, const TDZEnvironment* variablesUnderTDZ, const VariableEnvironment* parentScopePrivateNames);
+UnlinkedProgramCodeBlock* recursivelyGenerateUnlinkedCodeBlockForProgram(VM&, const SourceCode&, JSParserStrictMode, JSParserScriptMode, OptionSet<CodeGenerationMode>, ParserError&, EvalContextType);
+UnlinkedModuleProgramCodeBlock* recursivelyGenerateUnlinkedCodeBlockForModuleProgram(VM&, const SourceCode&, JSParserStrictMode, JSParserScriptMode, OptionSet<CodeGenerationMode>, ParserError&, EvalContextType);
 
 void writeCodeBlock(VM&, const SourceCodeKey&, const SourceCodeValue&);

trunk/Source/JavaScriptCore/runtime/Completion.cpp

@@ -92 +92 @@
     RELEASE_ASSERT(vm.atomStringTable() == Thread::current().atomStringTable());
 
-    VariableEnvironment variablesUnderTDZ;
     JSParserStrictMode strictMode = JSParserStrictMode::NotStrict;
     JSParserScriptMode scriptMode = JSParserScriptMode::Classic;
@@ -98 +97 @@
 
     ParserError parserError;
-    UnlinkedCodeBlock* unlinkedCodeBlock = recursivelyGenerateUnlinkedCodeBlockForProgram(vm, source, strictMode, scriptMode, { }, parserError, evalContextType, &variablesUnderTDZ);
+    UnlinkedCodeBlock* unlinkedCodeBlock = recursivelyGenerateUnlinkedCodeBlockForProgram(vm, source, strictMode, scriptMode, { }, parserError, evalContextType);
     if (parserError.isValid())
         error = parserError;
@@ -112 +111 @@
     RELEASE_ASSERT(vm.atomStringTable() == Thread::current().atomStringTable());
 
-    VariableEnvironment variablesUnderTDZ;
     JSParserStrictMode strictMode = JSParserStrictMode::Strict;
     JSParserScriptMode scriptMode = JSParserScriptMode::Module;
@@ -118 +116 @@
 
     ParserError parserError;
-    UnlinkedCodeBlock* unlinkedCodeBlock = recursivelyGenerateUnlinkedCodeBlockForModuleProgram(vm, source, strictMode, scriptMode, { }, parserError, evalContextType, &variablesUnderTDZ);
+    UnlinkedCodeBlock* unlinkedCodeBlock = recursivelyGenerateUnlinkedCodeBlockForModuleProgram(vm, source, strictMode, scriptMode, { }, parserError, evalContextType);
     if (parserError.isValid())
         error = parserError;

trunk/Source/JavaScriptCore/runtime/DirectEvalExecutable.cpp

@@ -35 +35 @@
 namespace JSC {
 
-DirectEvalExecutable* DirectEvalExecutable::create(JSGlobalObject* globalObject, const SourceCode& source, DerivedContextType derivedContextType, NeedsClassFieldInitializer needsClassFieldInitializer, bool isArrowFunctionContext, bool isInsideOrdinaryFunction, EvalContextType evalContextType, const VariableEnvironment* variablesUnderTDZ, ECMAMode ecmaMode)
+DirectEvalExecutable* DirectEvalExecutable::create(JSGlobalObject* globalObject, const SourceCode& source, DerivedContextType derivedContextType, NeedsClassFieldInitializer needsClassFieldInitializer, bool isArrowFunctionContext, bool isInsideOrdinaryFunction, EvalContextType evalContextType, const TDZEnvironment* variablesUnderTDZ, const VariableEnvironment* privateNames, ECMAMode ecmaMode)
 {
     VM& vm = globalObject->vm();
@@ -53 +53 @@
 
     // We don't bother with CodeCache here because direct eval uses a specialized DirectEvalCodeCache.
-    UnlinkedEvalCodeBlock* unlinkedEvalCode = generateUnlinkedCodeBlockForDirectEval(vm, executable, executable->source(), strictMode, JSParserScriptMode::Classic, codeGenerationMode, error, evalContextType, variablesUnderTDZ);
+    UnlinkedEvalCodeBlock* unlinkedEvalCode = generateUnlinkedCodeBlockForDirectEval(vm, executable, executable->source(), strictMode, JSParserScriptMode::Classic, codeGenerationMode, error, evalContextType, variablesUnderTDZ, privateNames);
 
     if (globalObject->hasDebugger())

trunk/Source/JavaScriptCore/runtime/DirectEvalExecutable.h

@@ -32 +32 @@
 class DirectEvalExecutable final : public EvalExecutable {
 public:
-    static DirectEvalExecutable* create(JSGlobalObject*, const SourceCode&, DerivedContextType, NeedsClassFieldInitializer, bool isArrowFunctionContext, bool isInsideOrdinaryFunction, EvalContextType, const VariableEnvironment*, ECMAMode);
+    static DirectEvalExecutable* create(JSGlobalObject*, const SourceCode&, DerivedContextType, NeedsClassFieldInitializer, bool isArrowFunctionContext, bool isInsideOrdinaryFunction, EvalContextType, const TDZEnvironment* parentScopeTDZVariables, const VariableEnvironment* privateNames, ECMAMode);
 private:
     DirectEvalExecutable(JSGlobalObject*, const SourceCode&, bool inStrictContext, DerivedContextType, NeedsClassFieldInitializer, bool isArrowFunctionContext, bool isInsideOrdinaryFunction, EvalContextType);

trunk/Source/JavaScriptCore/runtime/JSScope.cpp

@@ -322 +322 @@
 }
 
-void JSScope::collectClosureVariablesUnderTDZ(JSScope* scope, VariableEnvironment& result)
+void JSScope::collectClosureVariablesUnderTDZ(JSScope* scope, TDZEnvironment& result, VariableEnvironment& privateNames)
 {
     for (; scope; scope = scope->next()) {
@@ -339 +339 @@
         for (auto end = symbolTable->end(locker), iter = symbolTable->begin(locker); iter != end; ++iter)
             result.add(iter->key);
+
         if (symbolTable->hasPrivateNames()) {
             for (auto name : symbolTable->privateNames())
-                result.usePrivateName(name);    
+                privateNames.usePrivateName(name);    
         }
     }

trunk/Source/JavaScriptCore/runtime/JSScope.h

@@ -36 +36 @@
 class WatchpointSet;
 
+using TDZEnvironment = HashSet<RefPtr<UniquedStringImpl>, IdentifierRepHash>;
+
 class JSScope : public JSNonFinalObject {
 public:
@@ -61 +63 @@
     static JSScope* constantScopeForCodeBlock(ResolveType, CodeBlock*);
 
-    static void collectClosureVariablesUnderTDZ(JSScope*, VariableEnvironment& result);
+    static void collectClosureVariablesUnderTDZ(JSScope*, TDZEnvironment& result, VariableEnvironment& privateNames);
 
     static void visitChildren(JSCell*, SlotVisitor&);

trunk/Source/JavaScriptCore/runtime/VM.cpp

@@ -393 +393 @@
     , entryScope(nullptr)
     , m_regExpCache(new RegExpCache(this))
-    , m_compactVariableMap(adoptRef(*(new CompactVariableMap)))
+    , m_compactVariableMap(adoptRef(*(new CompactTDZEnvironmentMap)))
 #if ENABLE(REGEXP_TRACING)
     , m_rtTraceList(new RTTraceList())

trunk/Source/JavaScriptCore/runtime/VM.h

@@ -109 +109 @@
 class CodeCache;
 class CommonIdentifiers;
-class CompactVariableMap;
+class CompactTDZEnvironmentMap;
 class ConservativeRoots;
 class ControlFlowProfiler;
@@ -1008 +1008 @@
 #endif
 
-    Ref<CompactVariableMap> m_compactVariableMap;
+    Ref<CompactTDZEnvironmentMap> m_compactVariableMap;
 
     std::unique_ptr<HasOwnPropertyCache> m_hasOwnPropertyCache;

trunk/Source/WTF/ChangeLog

@@ +1 @@
+2020-10-28  Saam Barati  <sbarati@apple.com>
+
+        Better cache our serialization of the outer TDZ environment when creating FunctionExecutables during bytecode generation
+        https://bugs.webkit.org/show_bug.cgi?id=199866
+        <rdar://problem/53333108>
+
+        Reviewed by Tadeu Zagallo.
+
+        * wtf/RefPtr.h:
+        (WTF::swap): Deleted.
+        This function is no longer necessary, and causes ADL (https://en.cppreference.com/w/cpp/language/adl)
+        compile errors when not using DumbPtrTraits and calling sort on a vector of that type.
+
 2020-10-28  Sam Weinig  <weinig@apple.com>
 

trunk/Source/WTF/wtf/RefPtr.h

@@ -194 +194 @@
 }
 
-template<typename T, typename U, typename V, typename X, typename Y, typename Z, typename = std::enable_if_t<!std::is_same<U, RawPtrTraits<T>>::value || !std::is_same<Y, RawPtrTraits<X>>::value>>
-inline void swap(RefPtr<T, U, V>& a, RefPtr<X, Y, Z>& b)
-{
-    a.swap(b);
-}
-
 template<typename T, typename U, typename V, typename X, typename Y, typename Z>
 inline bool operator==(const RefPtr<T, U, V>& a, const RefPtr<X, Y, Z>& b)