[jsfunfuzz] Computed exception offset wrong when first instruction is attempt to...
[WebKit-https.git] / JavaScriptCore / ChangeLog
1 2008-12-31  Oliver Hunt  <oliver@apple.com>
2
3         Reviewed by Gavin Barraclough.
4
5         [jsfunfuzz] Computed exception offset wrong when first instruction is attempt to resolve deleted eval
6         <https://bugs.webkit.org/show_bug.cgi?id=23062>
7
8         This was caused by the expression information for the initial resolve of
9         eval not being emitted.  If this resolve was the first instruction that
10         could throw an exception the information search would fail leading to an
11         assertion failure.  If it was not the first throwable opcode the wrong
12         expression information would used.
13
14         Fix is simply to emit the expression info.
15
16         * parser/Nodes.cpp:
17         (JSC::EvalFunctionCallNode::emitBytecode):
18
19 2008-12-31  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
20
21         Reviewed by Oliver Hunt.
22
23         Bug 23054: Caching of global lookups occurs even when the global object has become a dictionary
24         <https://bugs.webkit.org/show_bug.cgi?id=23054>
25         <rdar://problem/6469905>
26
27         * interpreter/Interpreter.cpp:
28         (JSC::Interpreter::resolveGlobal): Do not cache lookup if the global
29         object has transitioned to a dictionary.
30         (JSC::Interpreter::cti_op_resolve_global): Do not cache lookup if the
31         global object has transitioned to a dictionary.
32
33 2008-12-30  Oliver Hunt  <oliver@apple.com>
34
35         Reviewed by Darin Adler.
36
37         <https://bugs.webkit.org/show_bug.cgi?id=23049> [jsfunfuzz] With blocks do not correctly protect their scope object
38         <rdar://problem/6469742> Crash in JSC::TypeInfo::hasStandardGetOwnPropertySlot() running jsfunfuzz
39
40         The problem that caused this was that with nodes were not correctly protecting
41         the final object that was placed in the scope chain.  We correct this by forcing
42         the use of a temporary register (which stops us relying on a local register
43         protecting the scope) and changing the behaviour of op_push_scope so that it
44         will store the final scope object.
45
46         * bytecompiler/BytecodeGenerator.cpp:
47         (JSC::BytecodeGenerator::emitPushScope):
48         * interpreter/Interpreter.cpp:
49         (JSC::Interpreter::privateExecute):
50         (JSC::Interpreter::cti_op_push_scope):
51         * interpreter/Interpreter.h:
52         * jit/JIT.cpp:
53         (JSC::JIT::privateCompileMainPass):
54         * parser/Nodes.cpp:
55         (JSC::WithNode::emitBytecode):
56
57 2008-12-30  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
58
59         Reviewed by Sam Weinig.
60
61         Bug 23037: Parsing and reparsing disagree on automatic semicolon insertion
62         <https://bugs.webkit.org/show_bug.cgi?id=23037>
63         <rdar://problem/6467124>
64
65         Parsing and reparsing disagree about automatic semicolon insertion, so that a
66         function like
67
68         function() { a = 1, }
69
70         is parsed as being syntactically valid but gets a syntax error upon reparsing.
71         This leads to an assertion failure in Parser::reparse(). It is not that big of
72         an issue in practice, because in a Release build such a function will return
73         'undefined' when called.
74
75         In this case, we are not following the spec and it should be a syntax error.
76         However, unless there is a newline separating the ',' and the '}', WebKit would
77         not treat it as a syntax error in the past either. It would be a bit of work to
78         make the automatic semicolon insertion match the spec exactly, so this patch
79         changes it to match our past behaviour.
80
81         The problem is that even during reparsing, the Lexer adds a semicolon at the
82         end of the input, which confuses allowAutomaticSemicolon(), because it is
83         expecting either a '}', the end of input, or a terminator like a newline.
84
85         * parser/Lexer.cpp:
86         (JSC::Lexer::Lexer): Initialize m_isReparsing to false.
87         (JSC::Lexer::lex): Do not perform automatic semicolon insertion in the Lexer if
88         we are in the middle of reparsing.
89         (JSC::Lexer::clear): Set m_isReparsing to false.
90         * parser/Lexer.h:
91         (JSC::Lexer::setIsReparsing): Added.
92         * parser/Parser.cpp:
93         (JSC::Parser::reparse): Call Lexer::setIsReparsing() to notify the Lexer of
94         reparsing.
95
96 2008-12-29  Oliver Hunt  <oliver@apple.com>
97
98         Reviewed by NOBODY (Build fix).
99
100         Yet another attempt to fix Tiger.
101
102         * wtf/RandomNumber.cpp:
103         (WTF::randomNumber):
104
105 2008-12-29  Oliver Hunt  <oliver@apple.com>
106
107         Reviewed by NOBODY (Build fix).
108
109         Tiger build fix (correct this time)
110
111         * wtf/RandomNumber.cpp:
112
113 2008-12-29  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
114
115         Rubber-stamped by Alexey Proskuryakov.
116
117         Revert r39509, because kjsyydebug is used in the generated code if YYDEBUG is 1.
118
119         * parser/Grammar.y:
120
121 2008-12-29  Oliver Hunt  <oliver@apple.com>
122
123         Reviewed by NOBODY (Build fix).
124
125         Tiger build fix.
126
127         * wtf/RandomNumber.cpp:
128
129 2008-12-29  Oliver Hunt  <oliver@apple.com>
130
131         Reviewed by Mark Rowe.
132
133         <rdar://problem/6358108> Insecure randomness in Math.random() leads to user tracking
134
135         Switch to arc4random on PLATFORM(DARWIN), this is ~1.5x slower than random(), but the
136         it is still so fast that there is no fathomable way it could be a bottleneck for anything.
137
138         randomNumber is called in two places
139           * During form submission where it is called once per form
140           * Math.random in JSC.  For this difference to show up you have to be looping on
141             a cached local copy of random, for a large (>10000) calls.
142
143         No change in SunSpider.
144
145         * wtf/RandomNumber.cpp:
146         (WTF::randomNumber):
147         * wtf/RandomNumberSeed.h:
148         (WTF::initializeRandomNumberGenerator):
149
150 2008-12-29  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
151
152         Rubber-stamped by Sam Weinig.
153
154         Remove unused kjsyydebug #define.
155
156         * parser/Grammar.y:
157
158 2008-12-29  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
159
160         Reviewed by Oliver Hunt and Sam Weinig.
161
162         Bug 23029: REGRESSION (r39337): jsfunfuzz generates identical test files
163         <https://bugs.webkit.org/show_bug.cgi?id=23029>
164         <rdar://problem/6469185>
165
166         The unification of random number generation in r39337 resulted in random()
167         being initialized on Darwin, but rand() actually being used. Fix this by
168         making randomNumber() use random() instead of rand() on Darwin.
169
170         * wtf/RandomNumber.cpp:
171         (WTF::randomNumber):
172
173 2008-12-29  Sam Weinig  <sam@webkit.org>
174
175         Fix buildbots.
176
177         * runtime/Structure.cpp:
178
179 2008-12-29  Sam Weinig  <sam@webkit.org>
180
181         Reviewed by Oliver Hunt.
182
183         Patch for https://bugs.webkit.org/show_bug.cgi?id=23026
184         Move the deleted offsets vector into the PropertyMap
185
186         Saves 3 words per Structure.
187
188         * runtime/PropertyMapHashTable.h:
189         * runtime/Structure.cpp:
190         (JSC::Structure::addPropertyTransition):
191         (JSC::Structure::changePrototypeTransition):
192         (JSC::Structure::getterSetterTransition):
193         (JSC::Structure::toDictionaryTransition):
194         (JSC::Structure::fromDictionaryTransition):
195         (JSC::Structure::copyPropertyTable):
196         (JSC::Structure::put):
197         (JSC::Structure::remove):
198         (JSC::Structure::rehashPropertyMapHashTable):
199         * runtime/Structure.h:
200         (JSC::Structure::propertyStorageSize):
201
202 2008-12-29  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
203
204         Reviewed by Oliver Hunt.
205
206         Change code using m_body.get() as a boolean to take advantage of the 
207         implicit conversion of RefPtr to boolean.
208
209         * runtime/JSFunction.cpp:
210         (JSC::JSFunction::~JSFunction):
211
212 2008-12-28  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
213
214         Reviewed by Oliver Hunt.
215
216         Bug 22840: REGRESSION (r38349): Gmail doesn't load with profiling enabled
217         <https://bugs.webkit.org/show_bug.cgi?id=22840>
218         <rdar://problem/6468077>
219
220         * bytecompiler/BytecodeGenerator.cpp:
221         (JSC::BytecodeGenerator::emitNewArray): Add an assertion that the range
222         of registers passed to op_new_array is sequential.
223         (JSC::BytecodeGenerator::emitCall): Correct the relocation of registers
224         when emitting profiler hooks so that registers aren't leaked. Also, add
225         an assertion that the 'this' register is always ref'd (because it is),
226         remove the needless protection of the 'this' register when relocating,
227         and add an assertion that the range of registers passed to op_call for
228         function call arguments is sequential.
229         (JSC::BytecodeGenerator::emitConstruct): Correct the relocation of
230         registers when emitting profiler hooks so that registers aren't leaked.
231         Also, add an assertion that the range of registers passed to op_construct
232         for function call arguments is sequential.
233
234 2008-12-26  Mark Rowe  <mrowe@apple.com>
235
236         Reviewed by Alexey Proskuryakov.
237
238         <rdar://problem/6467376> Race condition in WTF::currentThread can lead to a thread using two different identifiers during its lifetime
239
240         If a newly-created thread calls WTF::currentThread() before WTF::createThread calls establishIdentifierForPthreadHandle
241         then more than one identifier will be used for the same thread.  We can avoid this by adding some extra synchronization
242         during thread creation that delays the execution of the thread function until the thread identifier has been set up, and
243         an assertion to catch this problem should it reappear in the future.
244
245         * wtf/Threading.cpp: Added.
246         (WTF::NewThreadContext::NewThreadContext):
247         (WTF::threadEntryPoint):
248         (WTF::createThread): Add cross-platform createThread function that delays the execution of the thread function until
249         after the thread identifier has been set up.
250         * wtf/Threading.h:
251         * wtf/ThreadingGtk.cpp:
252         (WTF::establishIdentifierForThread):
253         (WTF::createThreadInternal):
254         * wtf/ThreadingNone.cpp:
255         (WTF::createThreadInternal):
256         * wtf/ThreadingPthreads.cpp:
257         (WTF::establishIdentifierForPthreadHandle):
258         (WTF::createThreadInternal):
259         * wtf/ThreadingQt.cpp:
260         (WTF::identifierByQthreadHandle):
261         (WTF::establishIdentifierForThread):
262         (WTF::createThreadInternal):
263         * wtf/ThreadingWin.cpp:
264         (WTF::storeThreadHandleByIdentifier):
265         (WTF::createThreadInternal):
266
267         Add Threading.cpp to the build.
268
269         * GNUmakefile.am:
270         * JavaScriptCore.pri:
271         * JavaScriptCore.scons:
272         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
273         * JavaScriptCore.xcodeproj/project.pbxproj:
274         * JavaScriptCoreSources.bkl:
275
276 2008-12-26  Sam Weinig  <sam@webkit.org>
277
278         Reviewed by Alexey Proskuryakov.
279
280         Remove unused method.
281
282         * runtime/Structure.h: Remove mutableTypeInfo.
283
284 2008-12-22  Gavin Barraclough  <barraclough@apple.com>
285
286         Reviewed by Oliver Hunt.
287
288         Fix rounding / bounds / signed comparison bug in ExecutableAllocator.
289
290         ExecutableAllocator::alloc assumed that m_freePtr would be aligned.  This was
291         not always true, since the first allocation from an additional pool would not
292         be rounded up.  Subsequent allocations would be unaligned, and too much memory
293         could be erroneously allocated from the pool, when the size requested was
294         available, but the size rounded up to word granularity was not available in the
295         pool.  This may result in the value of m_freePtr being greater than m_end.
296
297         Under these circumstances, the unsigned check for space will always pass,
298         resulting in pointers to memory outside of the arena being returned, and
299         ultimately segfaulty goodness when attempting to memcpy the hot freshly jitted
300         code from the AssemblerBuffer.
301
302         https://bugs.webkit.org/show_bug.cgi?id=22974
303         ... and probably many, many more.
304
305         * jit/ExecutableAllocator.h:
306         (JSC::ExecutablePool::alloc):
307         (JSC::ExecutablePool::roundUpAllocationSize):
308         (JSC::ExecutablePool::ExecutablePool):
309         (JSC::ExecutablePool::poolAllocate):
310
311 2008-12-22  Sam Weinig  <sam@webkit.org>
312
313         Reviewed by Gavin Barraclough.
314
315         Rename all uses of the term "repatch" to "patch".
316
317         * assembler/MacroAssembler.h:
318         (JSC::MacroAssembler::DataLabelPtr::patch):
319         (JSC::MacroAssembler::DataLabel32::patch):
320         (JSC::MacroAssembler::Jump::patch):
321         (JSC::MacroAssembler::PatchBuffer::PatchBuffer):
322         (JSC::MacroAssembler::PatchBuffer::setPtr):
323         (JSC::MacroAssembler::loadPtrWithAddressOffsetPatch):
324         (JSC::MacroAssembler::storePtrWithAddressOffsetPatch):
325         (JSC::MacroAssembler::storePtrWithPatch):
326         (JSC::MacroAssembler::jnePtrWithPatch):
327         * assembler/X86Assembler.h:
328         (JSC::X86Assembler::patchAddress):
329         (JSC::X86Assembler::patchImmediate):
330         (JSC::X86Assembler::patchPointer):
331         (JSC::X86Assembler::patchBranchOffset):
332         * interpreter/Interpreter.cpp:
333         (JSC::Interpreter::tryCTICachePutByID):
334         (JSC::Interpreter::tryCTICacheGetByID):
335         (JSC::Interpreter::cti_op_put_by_id):
336         (JSC::Interpreter::cti_op_get_by_id):
337         (JSC::Interpreter::cti_op_get_by_id_self_fail):
338         (JSC::Interpreter::cti_op_get_by_id_proto_list):
339         (JSC::Interpreter::cti_vm_dontLazyLinkCall):
340         * jit/JIT.cpp:
341         (JSC::ctiPatchCallByReturnAddress):
342         (JSC::JIT::privateCompileMainPass):
343         (JSC::JIT::privateCompile):
344         (JSC::JIT::privateCompileCTIMachineTrampolines):
345         * jit/JIT.h:
346         * jit/JITCall.cpp:
347         (JSC::JIT::unlinkCall):
348         (JSC::JIT::linkCall):
349         (JSC::JIT::compileOpCall):
350         * jit/JITPropertyAccess.cpp:
351         (JSC::JIT::compileGetByIdHotPath):
352         (JSC::JIT::compilePutByIdHotPath):
353         (JSC::JIT::compileGetByIdSlowCase):
354         (JSC::JIT::compilePutByIdSlowCase):
355         (JSC::JIT::privateCompilePutByIdTransition):
356         (JSC::JIT::patchGetByIdSelf):
357         (JSC::JIT::patchPutByIdReplace):
358         (JSC::JIT::privateCompilePatchGetArrayLength):
359         (JSC::JIT::privateCompileGetByIdSelf):
360         (JSC::JIT::privateCompileGetByIdProto):
361         (JSC::JIT::privateCompileGetByIdSelfList):
362         (JSC::JIT::privateCompileGetByIdProtoList):
363         (JSC::JIT::privateCompileGetByIdChainList):
364         (JSC::JIT::privateCompileGetByIdChain):
365         (JSC::JIT::privateCompilePutByIdReplace):
366
367 2008-12-22  Adam Roben  <aroben@apple.com>
368
369         Build fix after r39428
370
371         * jit/JITCall.cpp:
372         (JSC::JIT::compileOpCallSlowCase): Added a missing MacroAssembler::
373
374 2008-12-22  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
375
376         Rubber-stamped by George Staikos.
377
378         Unify all TorchMobile copyright lines. Consolidate in a single line, as requested by Mark Rowe, some time ago.
379
380         * wtf/RandomNumber.cpp:
381         * wtf/RandomNumber.h:
382         * wtf/RandomNumberSeed.h:
383
384 2008-12-21  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
385
386         Rubber-stamped by George Staikos.
387
388         Fix copyright of the new RandomNumber* files.
389
390         * wtf/RandomNumber.cpp:
391         * wtf/RandomNumber.h:
392         * wtf/RandomNumberSeed.h:
393
394 2008-12-21  Gavin Barraclough  <barraclough@apple.com>
395
396         Reviewed by Oliver Hunt & Cameron Zwarich.
397
398         Add support for call and property access repatching on x86-64.
399
400         No change in performance on current configurations (2x impovement on v8-tests with JIT enabled on x86-64).
401
402         * assembler/MacroAssembler.h:
403         (JSC::MacroAssembler::DataLabelPtr::repatch):
404         (JSC::MacroAssembler::DataLabelPtr::operator X86Assembler::JmpDst):
405         (JSC::MacroAssembler::DataLabel32::repatch):
406         (JSC::MacroAssembler::RepatchBuffer::addressOf):
407         (JSC::MacroAssembler::add32):
408         (JSC::MacroAssembler::sub32):
409         (JSC::MacroAssembler::loadPtrWithAddressOffsetRepatch):
410         (JSC::MacroAssembler::storePtrWithAddressOffsetRepatch):
411         (JSC::MacroAssembler::jePtr):
412         (JSC::MacroAssembler::jnePtr):
413         (JSC::MacroAssembler::jnePtrWithRepatch):
414         (JSC::MacroAssembler::differenceBetween):
415         * assembler/X86Assembler.h:
416         (JSC::X86Assembler::addl_im):
417         (JSC::X86Assembler::subl_im):
418         (JSC::X86Assembler::cmpl_rm):
419         (JSC::X86Assembler::movq_rm_disp32):
420         (JSC::X86Assembler::movq_mr_disp32):
421         (JSC::X86Assembler::repatchPointer):
422         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp64_disp32):
423         * jit/JIT.cpp:
424         (JSC::JIT::privateCompile):
425         (JSC::JIT::privateCompileCTIMachineTrampolines):
426         * jit/JIT.h:
427         * jit/JITCall.cpp:
428         (JSC::JIT::unlinkCall):
429         (JSC::JIT::linkCall):
430         (JSC::JIT::compileOpCall):
431         (JSC::JIT::compileOpCallSlowCase):
432         * jit/JITInlineMethods.h:
433         (JSC::JIT::restoreArgumentReferenceForTrampoline):
434         * jit/JITPropertyAccess.cpp:
435         (JSC::JIT::compileGetByIdHotPath):
436         (JSC::JIT::compileGetByIdSlowCase):
437         (JSC::JIT::compilePutByIdHotPath):
438         (JSC::JIT::compilePutByIdSlowCase):
439         (JSC::resizePropertyStorage):
440         (JSC::JIT::privateCompilePutByIdTransition):
441         (JSC::JIT::privateCompileGetByIdProto):
442         (JSC::JIT::privateCompileGetByIdProtoList):
443         (JSC::JIT::privateCompileGetByIdChainList):
444         (JSC::JIT::privateCompileGetByIdChain):
445         * wtf/Platform.h:
446
447 2008-12-20  Gavin Barraclough  <barraclough@apple.com>
448
449         Reviewed by Oliver Hunt.
450
451         Port optimized property access generation to the MacroAssembler.
452
453         * assembler/MacroAssembler.h:
454         (JSC::MacroAssembler::AbsoluteAddress::AbsoluteAddress):
455         (JSC::MacroAssembler::DataLabelPtr::repatch):
456         (JSC::MacroAssembler::DataLabel32::DataLabel32):
457         (JSC::MacroAssembler::DataLabel32::repatch):
458         (JSC::MacroAssembler::Label::operator X86Assembler::JmpDst):
459         (JSC::MacroAssembler::Jump::repatch):
460         (JSC::MacroAssembler::JumpList::empty):
461         (JSC::MacroAssembler::RepatchBuffer::link):
462         (JSC::MacroAssembler::add32):
463         (JSC::MacroAssembler::and32):
464         (JSC::MacroAssembler::sub32):
465         (JSC::MacroAssembler::loadPtrWithAddressRepatch):
466         (JSC::MacroAssembler::storePtrWithAddressRepatch):
467         (JSC::MacroAssembler::push):
468         (JSC::MacroAssembler::ja32):
469         (JSC::MacroAssembler::jePtr):
470         (JSC::MacroAssembler::jnePtr):
471         (JSC::MacroAssembler::jnePtrWithRepatch):
472         (JSC::MacroAssembler::align):
473         (JSC::MacroAssembler::differenceBetween):
474         * assembler/X86Assembler.h:
475         (JSC::X86Assembler::movl_rm_disp32):
476         (JSC::X86Assembler::movl_mr_disp32):
477         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp_disp32):
478         (JSC::X86Assembler::X86InstructionFormatter::memoryModRM):
479         * jit/JIT.cpp:
480         (JSC::ctiRepatchCallByReturnAddress):
481         (JSC::JIT::privateCompileMainPass):
482         (JSC::JIT::privateCompile):
483         (JSC::JIT::privateCompileCTIMachineTrampolines):
484         * jit/JIT.h:
485         * jit/JITPropertyAccess.cpp:
486         (JSC::JIT::compileGetByIdHotPath):
487         (JSC::JIT::compileGetByIdSlowCase):
488         (JSC::JIT::compilePutByIdHotPath):
489         (JSC::JIT::compilePutByIdSlowCase):
490         (JSC::resizePropertyStorage):
491         (JSC::JIT::privateCompilePutByIdTransition):
492         (JSC::JIT::patchGetByIdSelf):
493         (JSC::JIT::patchPutByIdReplace):
494         (JSC::JIT::privateCompilePatchGetArrayLength):
495         (JSC::JIT::privateCompileGetByIdSelf):
496         (JSC::JIT::privateCompileGetByIdProto):
497         (JSC::JIT::privateCompileGetByIdSelfList):
498         (JSC::JIT::privateCompileGetByIdProtoList):
499         (JSC::JIT::privateCompileGetByIdChainList):
500         (JSC::JIT::privateCompileGetByIdChain):
501         (JSC::JIT::privateCompilePutByIdReplace):
502         * wtf/RefCounted.h:
503         (WTF::RefCountedBase::addressOfCount):
504
505 2008-12-19  Gustavo Noronha Silva  <gns@gnome.org>
506
507         Reviewed by Holger Freyther.
508
509         https://bugs.webkit.org/show_bug.cgi?id=22686
510
511         Added file which was missing to the javascriptcore_sources
512         variable, so that it shows up in the tarball created by `make
513         dist'.
514
515         * GNUmakefile.am:
516
517 2008-12-19  Holger Hans Peter Freyther  <zecke@selfish.org>
518
519         Reviewed by Antti Koivisto.
520
521         Build fix when building JS API tests with a c89 c compiler
522
523         Do not use C++ style comments and convert them to C comments.
524
525         * wtf/Platform.h:
526
527 2008-12-18  Gavin Barraclough  <barraclough@apple.com>
528
529         Reviewed by Sam Weinig.
530
531         Same as last revision, adding cases for pre & post inc & dec.
532
533         https://bugs.webkit.org/show_bug.cgi?id=22928
534
535         * jit/JIT.cpp:
536         (JSC::JIT::privateCompileMainPass):
537
538 2008-12-18  Gavin Barraclough  <barraclough@apple.com>
539
540         Reviewed by Sam Weinig.
541
542         Fixes for the JIT's handling of JSImmediate values on x86-64.
543         On 64-bit systems, the code in JSImmediate.h relies on the upper
544         bits of a JSImmediate being a sign extension of the low 32-bits.
545         This was not being enforced by the JIT, since a number of inline
546         operations were being performed on 32-bit values in registers, and
547         when a 32-bit result is written to a register on x86-64 the value
548         is zero-extended to 64-bits.
549         
550         This fix honors previous behavoir.  A better fix in the long run
551         (when the JIT is enabled by default) may be to change JSImmediate.h
552         so it no longer relies on the upper bits of the pointer,... though
553         if we're going to change JSImmediate.h for 64-bit, we probably may
554         as well change the format so that the full range of 32-bit ints can
555         be stored, rather than just 31-bits.
556
557         https://bugs.webkit.org/show_bug.cgi?id=22925
558
559         * assembler/MacroAssembler.h:
560         (JSC::MacroAssembler::addPtr):
561         (JSC::MacroAssembler::andPtr):
562         (JSC::MacroAssembler::orPtr):
563         (JSC::MacroAssembler::or32):
564         (JSC::MacroAssembler::xor32):
565         (JSC::MacroAssembler::xorPtr):
566         (JSC::MacroAssembler::signExtend32ToPtr):
567         * assembler/X86Assembler.h:
568         (JSC::X86Assembler::):
569         (JSC::X86Assembler::andq_rr):
570         (JSC::X86Assembler::andq_ir):
571         (JSC::X86Assembler::orq_rr):
572         (JSC::X86Assembler::xorq_ir):
573         (JSC::X86Assembler::movsxd_rr):
574         * jit/JIT.cpp:
575         (JSC::JIT::privateCompileMainPass):
576         * jit/JITInlineMethods.h:
577         (JSC::JIT::emitFastArithReTagImmediate):
578         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
579         (JSC::JIT::emitFastArithImmToInt):
580
581 2008-12-18  Gavin Barraclough  <barraclough@apple.com>
582
583         Reviewed by Sam Weinig.
584
585         Just a tidy up - rename & refactor some the #defines configuring the JIT.
586
587         * interpreter/Interpreter.cpp:
588         (JSC::Interpreter::cti_op_convert_this):
589         (JSC::Interpreter::cti_op_end):
590         (JSC::Interpreter::cti_op_add):
591         (JSC::Interpreter::cti_op_pre_inc):
592         (JSC::Interpreter::cti_timeout_check):
593         (JSC::Interpreter::cti_register_file_check):
594         (JSC::Interpreter::cti_op_loop_if_less):
595         (JSC::Interpreter::cti_op_loop_if_lesseq):
596         (JSC::Interpreter::cti_op_new_object):
597         (JSC::Interpreter::cti_op_put_by_id_generic):
598         (JSC::Interpreter::cti_op_get_by_id_generic):
599         (JSC::Interpreter::cti_op_put_by_id):
600         (JSC::Interpreter::cti_op_put_by_id_second):
601         (JSC::Interpreter::cti_op_put_by_id_fail):
602         (JSC::Interpreter::cti_op_get_by_id):
603         (JSC::Interpreter::cti_op_get_by_id_second):
604         (JSC::Interpreter::cti_op_get_by_id_self_fail):
605         (JSC::Interpreter::cti_op_get_by_id_proto_list):
606         (JSC::Interpreter::cti_op_get_by_id_proto_list_full):
607         (JSC::Interpreter::cti_op_get_by_id_proto_fail):
608         (JSC::Interpreter::cti_op_get_by_id_array_fail):
609         (JSC::Interpreter::cti_op_get_by_id_string_fail):
610         (JSC::Interpreter::cti_op_instanceof):
611         (JSC::Interpreter::cti_op_del_by_id):
612         (JSC::Interpreter::cti_op_mul):
613         (JSC::Interpreter::cti_op_new_func):
614         (JSC::Interpreter::cti_op_call_JSFunction):
615         (JSC::Interpreter::cti_op_call_arityCheck):
616         (JSC::Interpreter::cti_vm_dontLazyLinkCall):
617         (JSC::Interpreter::cti_vm_lazyLinkCall):
618         (JSC::Interpreter::cti_op_push_activation):
619         (JSC::Interpreter::cti_op_call_NotJSFunction):
620         (JSC::Interpreter::cti_op_create_arguments):
621         (JSC::Interpreter::cti_op_create_arguments_no_params):
622         (JSC::Interpreter::cti_op_tear_off_activation):
623         (JSC::Interpreter::cti_op_tear_off_arguments):
624         (JSC::Interpreter::cti_op_profile_will_call):
625         (JSC::Interpreter::cti_op_profile_did_call):
626         (JSC::Interpreter::cti_op_ret_scopeChain):
627         (JSC::Interpreter::cti_op_new_array):
628         (JSC::Interpreter::cti_op_resolve):
629         (JSC::Interpreter::cti_op_construct_JSConstruct):
630         (JSC::Interpreter::cti_op_construct_NotJSConstruct):
631         (JSC::Interpreter::cti_op_get_by_val):
632         (JSC::Interpreter::cti_op_resolve_func):
633         (JSC::Interpreter::cti_op_sub):
634         (JSC::Interpreter::cti_op_put_by_val):
635         (JSC::Interpreter::cti_op_put_by_val_array):
636         (JSC::Interpreter::cti_op_lesseq):
637         (JSC::Interpreter::cti_op_loop_if_true):
638         (JSC::Interpreter::cti_op_negate):
639         (JSC::Interpreter::cti_op_resolve_base):
640         (JSC::Interpreter::cti_op_resolve_skip):
641         (JSC::Interpreter::cti_op_resolve_global):
642         (JSC::Interpreter::cti_op_div):
643         (JSC::Interpreter::cti_op_pre_dec):
644         (JSC::Interpreter::cti_op_jless):
645         (JSC::Interpreter::cti_op_not):
646         (JSC::Interpreter::cti_op_jtrue):
647         (JSC::Interpreter::cti_op_post_inc):
648         (JSC::Interpreter::cti_op_eq):
649         (JSC::Interpreter::cti_op_lshift):
650         (JSC::Interpreter::cti_op_bitand):
651         (JSC::Interpreter::cti_op_rshift):
652         (JSC::Interpreter::cti_op_bitnot):
653         (JSC::Interpreter::cti_op_resolve_with_base):
654         (JSC::Interpreter::cti_op_new_func_exp):
655         (JSC::Interpreter::cti_op_mod):
656         (JSC::Interpreter::cti_op_less):
657         (JSC::Interpreter::cti_op_neq):
658         (JSC::Interpreter::cti_op_post_dec):
659         (JSC::Interpreter::cti_op_urshift):
660         (JSC::Interpreter::cti_op_bitxor):
661         (JSC::Interpreter::cti_op_new_regexp):
662         (JSC::Interpreter::cti_op_bitor):
663         (JSC::Interpreter::cti_op_call_eval):
664         (JSC::Interpreter::cti_op_throw):
665         (JSC::Interpreter::cti_op_get_pnames):
666         (JSC::Interpreter::cti_op_next_pname):
667         (JSC::Interpreter::cti_op_push_scope):
668         (JSC::Interpreter::cti_op_pop_scope):
669         (JSC::Interpreter::cti_op_typeof):
670         (JSC::Interpreter::cti_op_is_undefined):
671         (JSC::Interpreter::cti_op_is_boolean):
672         (JSC::Interpreter::cti_op_is_number):
673         (JSC::Interpreter::cti_op_is_string):
674         (JSC::Interpreter::cti_op_is_object):
675         (JSC::Interpreter::cti_op_is_function):
676         (JSC::Interpreter::cti_op_stricteq):
677         (JSC::Interpreter::cti_op_nstricteq):
678         (JSC::Interpreter::cti_op_to_jsnumber):
679         (JSC::Interpreter::cti_op_in):
680         (JSC::Interpreter::cti_op_push_new_scope):
681         (JSC::Interpreter::cti_op_jmp_scopes):
682         (JSC::Interpreter::cti_op_put_by_index):
683         (JSC::Interpreter::cti_op_switch_imm):
684         (JSC::Interpreter::cti_op_switch_char):
685         (JSC::Interpreter::cti_op_switch_string):
686         (JSC::Interpreter::cti_op_del_by_val):
687         (JSC::Interpreter::cti_op_put_getter):
688         (JSC::Interpreter::cti_op_put_setter):
689         (JSC::Interpreter::cti_op_new_error):
690         (JSC::Interpreter::cti_op_debug):
691         (JSC::Interpreter::cti_vm_throw):
692         * interpreter/Interpreter.h:
693         * jit/JIT.cpp:
694         (JSC::):
695         (JSC::JIT::privateCompileMainPass):
696         (JSC::JIT::privateCompile):
697         * jit/JIT.h:
698         * jit/JITInlineMethods.h:
699         (JSC::JIT::restoreArgumentReference):
700         (JSC::JIT::restoreArgumentReferenceForTrampoline):
701         * wtf/Platform.h:
702
703 2008-12-18  Cameron Zwarich  <zwarich@apple.com>
704
705         Reviewed by Geoff Garen.
706
707         Bug 21855: REGRESSION (r37323): Gmail complains about popup blocking when opening a link
708         <https://bugs.webkit.org/show_bug.cgi?id=21855>
709         <rdar://problem/6278244>
710
711         Move DynamicGlobalObjectScope to JSGlobalObject.h so that it can be used
712         from WebCore.
713
714         * interpreter/Interpreter.cpp:
715         * runtime/JSGlobalObject.h:
716         (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope):
717         (JSC::DynamicGlobalObjectScope::~DynamicGlobalObjectScope):
718
719 2008-12-17  Geoffrey Garen  <ggaren@apple.com>
720
721         Reviewed by Gavin Barraclough.
722         
723         Fixed https://bugs.webkit.org/show_bug.cgi?id=22393
724         Segfault when caching property accesses to primitive cells.
725         
726         Changed some asObject casts to asCell casts in cases where a primitive
727         value may be a cell and not an object.
728         
729         Re-enabled property caching for primitives in cases where it had been
730         disabled because of this bug.
731         
732         Updated a comment to better explain something Darin thought needed
733         explaining in an old patch review.
734
735         * interpreter/Interpreter.cpp:
736         (JSC::countPrototypeChainEntriesAndCheckForProxies):
737         (JSC::Interpreter::tryCacheGetByID):
738         (JSC::Interpreter::tryCTICacheGetByID):
739         (JSC::Interpreter::cti_op_get_by_id_self_fail):
740         (JSC::Interpreter::cti_op_get_by_id_proto_list):
741
742 2008-12-17  Gavin Barraclough  <barraclough@apple.com>
743
744         Reviewed by Cameron Zwarich.
745
746         Fixes for Sunspider failures with the JIT enabled on x86-64.
747
748         * assembler/MacroAssembler.h:
749             Switch the order of the RegisterID & Address form of je32, to keep it consistent with jne32.
750         * jit/JIT.cpp:
751         * jit/JIT.h:
752         * jit/JITInlineMethods.h:
753             Port the m_ctiVirtualCall tramopline generation to use the MacroAssembler interface.
754         * jit/JITCall.cpp:
755             Fix bug in the non-optimizing code path, vptr check should have been to the memory address pointer
756             to by the register, not to the register itself.
757         * wrec/WRECGenerator.cpp:
758             See assembler/MacroAssembler.h, above.
759
760 2008-12-17  Gavin Barraclough  <barraclough@apple.com>
761
762         Reviewed by Sam Weinig.
763
764         print("Hello, 64-bit jitted world!");
765         Get hello-world working through the JIT, on x86-64.
766
767         * assembler/X86Assembler.h:
768             Fix encoding of opcode + RegisterID format instructions for 64-bit.
769         * interpreter/Interpreter.cpp:
770         * interpreter/Interpreter.h:
771             Make VoidPtrPair actually be a pair of void*s.
772             (Possibly should make this change for 32-bit Mac platforms, too - but won't change 32-bit behaviour in this patch).
773         * jit/JIT.cpp:
774         * jit/JIT.h:
775             Provide names for the timeoutCheckRegister & callFrameRegister on x86-64,
776             force x86-64 ctiTrampoline arguments onto the stack,
777             implement the asm trampolines for x86-64,
778             implement the restoreArgumentReference methods for x86-64 calling conventions.
779         * jit/JITCall.cpp:
780         * jit/JITInlineMethods.h:
781         * wtf/Platform.h:
782             Add switch settings to ENABLE(JIT), on PLATFORM(X86_64) (currently still disabled).
783
784 2008-12-17  Sam Weinig  <sam@webkit.org>
785
786         Reviewed by Gavin Barraclough.
787
788         Add more CodeBlock statistics.
789
790         * bytecode/CodeBlock.cpp:
791         (JSC::CodeBlock::dumpStatistics):
792
793 2008-12-17  Sam Weinig  <sam@webkit.org>
794
795         Reviewed by Darin Adler.
796
797         Fix for https://bugs.webkit.org/show_bug.cgi?id=22897
798         <rdar://problem/6428342>
799         Look into feasibility of discarding bytecode after native codegen
800
801         Clear the bytecode Instruction vector at the end JIT generation.
802
803         Saves 4.8 MB on Membuster head.
804
805         * bytecode/CodeBlock.cpp:
806         (JSC::CodeBlock::dump): Add logging for the case that someone tries
807         to dump the instructions of a CodeBlock that has had its bytecode
808         vector cleared.
809         (JSC::CodeBlock::CodeBlock): Initialize the instructionCount
810         (JSC::CodeBlock::handlerForBytecodeOffset): Use instructionCount instead
811         of the size of the instruction vector in the assertion.
812         (JSC::CodeBlock::lineNumberForBytecodeOffset): Ditto.
813         (JSC::CodeBlock::expressionRangeForBytecodeOffset): Ditto.
814         (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset): Ditto.
815         (JSC::CodeBlock::functionRegisterForBytecodeOffset): Ditto.
816         * bytecode/CodeBlock.h:
817         (JSC::CodeBlock::setInstructionCount): Store the instruction vector size
818         in debug builds for assertions.
819         * bytecompiler/BytecodeGenerator.cpp:
820         (JSC::BytecodeGenerator::generate):
821         * jit/JIT.cpp:
822         (JSC::JIT::privateCompile): Clear the bytecode vector unless we
823         have compiled with Opcode sampling where we will continue to require it
824
825 2008-12-17  Cary Clark  <caryclark@google.com>
826
827         Reviewed by Darin Adler.
828         Landed by Adam Barth.
829
830         Add ENABLE_TEXT_CARET to permit the ANDROID platform
831         to invalidate and draw the caret in a separate thread.
832
833         * wtf/Platform.h:
834         Default ENABLE_TEXT_CARET to 1.
835
836 2008-12-17  Alexey Proskuryakov  <ap@webkit.org>
837
838         Reviewed by Darin Adler.
839
840         Don't use unique context group in JSGlobalContextCreate() on Tiger or Leopard, take two.
841
842         * API/JSContextRef.cpp: The previous patch that claimed to do this was making Tiger and
843         Leopard always use unique context group instead.
844
845 2008-12-16  Sam Weinig  <sam@webkit.org>
846
847         Reviewed by Geoffrey Garen.
848
849         Fix for https://bugs.webkit.org/show_bug.cgi?id=22838
850         Remove dependency on the bytecode Instruction buffer in Interpreter::throwException
851         Part of <rdar://problem/6428342>
852
853         * bytecode/CodeBlock.cpp:
854         (JSC::CodeBlock::functionRegisterForBytecodeOffset): Added. Function to get
855         a function Register index in a callFrame for a bytecode offset.
856         (JSC::CodeBlock::shrinkToFit): Shrink m_getByIdExceptionInfo and m_functionRegisterInfos.
857         * bytecode/CodeBlock.h:
858         (JSC::FunctionRegisterInfo::FunctionRegisterInfo): Added.
859         (JSC::CodeBlock::addFunctionRegisterInfo):
860         * bytecompiler/BytecodeGenerator.cpp:
861         (JSC::BytecodeGenerator::emitCall):
862         * interpreter/Interpreter.cpp:
863         (JSC::Interpreter::throwException): Use functionRegisterForBytecodeOffset in JIT
864         mode.
865
866 2008-12-16  Sam Weinig  <sam@webkit.org>
867
868         Reviewed by Gavin Barraclough.
869
870         Fix for https://bugs.webkit.org/show_bug.cgi?id=22837
871         Remove dependency on the bytecode Instruction buffer in Interpreter::cti_op_call_NotJSFunction
872         Part of <rdar://problem/6428342>
873
874         * interpreter/CallFrame.h: Added comment regarding returnPC storing a void*.
875         * interpreter/Interpreter.cpp:
876         (JSC::bytecodeOffsetForPC): We no longer have any cases of the PC
877         being in the instruction stream for JIT, so we can remove the check.
878         (JSC::Interpreter::cti_op_call_NotJSFunction): Use the CTI_RETURN_ADDRESS
879         as the call frame returnPC as it is only necessary for looking up when
880         throwing an exception.
881         * interpreter/RegisterFile.h:
882         (JSC::RegisterFile::): Added comment regarding returnPC storing a void*.
883         * jit/JIT.h: Remove ARG_instr4.
884         * jit/JITCall.cpp:
885         (JSC::JIT::compileOpCallSetupArgs): Don't pass the instruction pointer.
886
887 2008-12-16  Darin Adler  <darin@apple.com>
888
889         Reviewed and landed by Cameron Zwarich.
890
891         Preparatory work for fixing
892
893         Bug 22887: Make UString::Rep use RefCounted rather than implementing its own ref counting
894         <https://bugs.webkit.org/show_bug.cgi?id=22887>
895
896         Change the various string translators used by Identifier:add() so that
897         they never zero the ref count of a newly created UString::Rep.
898
899         * runtime/Identifier.cpp:
900         (JSC::CStringTranslator::translate):
901         (JSC::Identifier::add):
902         (JSC::UCharBufferTranslator::translate):
903
904 2008-12-16  Gavin Barraclough  <barraclough@apple.com>
905
906         Build fix for 'doze.
907
908         * assembler/AssemblerBuffer.h:
909
910 2008-12-16  Gavin Barraclough  <barraclough@apple.com>
911
912         Reviewed by Cameron Zwarich.
913
914         Make the JIT compile on x86-64.
915         This largely involves populting the missing calls in MacroAssembler.h.
916         In addition some reinterpret_casts need removing from the JIT, and the
917         repatching property access code will need to be fully compiled out for
918         now.  The changes in interpret.cpp are to reorder the functions so that
919         the _generic forms come before all other property access methods, and
920         then to place all property access methods other than the generic forms
921         under control of the ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS macro.
922
923         No performance impact.
924
925         * assembler/AssemblerBuffer.h:
926         (JSC::AssemblerBuffer::putInt64Unchecked):
927         * assembler/MacroAssembler.h:
928         (JSC::MacroAssembler::loadPtr):
929         (JSC::MacroAssembler::load32):
930         (JSC::MacroAssembler::storePtr):
931         (JSC::MacroAssembler::storePtrWithRepatch):
932         (JSC::MacroAssembler::store32):
933         (JSC::MacroAssembler::poke):
934         (JSC::MacroAssembler::move):
935         (JSC::MacroAssembler::testImm64):
936         (JSC::MacroAssembler::jePtr):
937         (JSC::MacroAssembler::jnePtr):
938         (JSC::MacroAssembler::jnzPtr):
939         (JSC::MacroAssembler::jzPtr):
940         * assembler/X86Assembler.h:
941         (JSC::X86Assembler::):
942         (JSC::X86Assembler::cmpq_rr):
943         (JSC::X86Assembler::cmpq_rm):
944         (JSC::X86Assembler::cmpq_im):
945         (JSC::X86Assembler::testq_i32m):
946         (JSC::X86Assembler::movl_mEAX):
947         (JSC::X86Assembler::movl_i32r):
948         (JSC::X86Assembler::movl_EAXm):
949         (JSC::X86Assembler::movq_rm):
950         (JSC::X86Assembler::movq_mEAX):
951         (JSC::X86Assembler::movq_mr):
952         (JSC::X86Assembler::movq_i64r):
953         (JSC::X86Assembler::movl_mr):
954         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp64):
955         (JSC::X86Assembler::X86InstructionFormatter::immediate64):
956         * interpreter/Interpreter.cpp:
957         (JSC::Interpreter::cti_op_put_by_id_generic):
958         (JSC::Interpreter::cti_op_get_by_id_generic):
959         (JSC::Interpreter::cti_op_put_by_id):
960         (JSC::Interpreter::cti_op_put_by_id_second):
961         * jit/JIT.cpp:
962         (JSC::JIT::privateCompileMainPass):
963         (JSC::JIT::privateCompile):
964         (JSC::JIT::privateCompileCTIMachineTrampolines):
965         * jit/JITCall.cpp:
966         (JSC::JIT::compileOpCallSetupArgs):
967         (JSC::JIT::compileOpCall):
968         * jit/JITPropertyAccess.cpp:
969         (JSC::JIT::compileGetByIdHotPath):
970         (JSC::JIT::compilePutByIdHotPath):
971         * runtime/JSImmediate.h:
972         (JSC::JSImmediate::makeInt):
973
974 2008-12-16  Cameron Zwarich  <zwarich@apple.com>
975
976         Reviewed by Darin Adler.
977
978         Bug 22869: REGRESSION (r38407): http://news.cnet.com/8301-13579_3-9953533-37.html crashes
979         <https://bugs.webkit.org/show_bug.cgi?id=22869>
980         <rdar://problem/6402499>
981
982         Before r38407, Structure::m_nameInPrevious was ref'd due to it being
983         stored in a PropertyMap. However, PropertyMaps are created lazily after
984         r38407, so Structure::m_nameInPrevious is not necessarily ref'd while
985         it is being used. Making it a RefPtr instead of a raw pointer fixes
986         the problem.
987
988         Unfortunately, the crash in the bug is rather intermittent, and it is
989         impossible to add an assertion in UString::Ref::ref() to catch this bug
990         because some users of UString::Rep deliberately zero out the reference
991         count. Therefore, there is no layout test accompanying this bug fix.
992
993         * runtime/Structure.cpp:
994         (JSC::Structure::~Structure): Use get().
995         (JSC::Structure::materializePropertyMap): Use get().
996         (JSC::Structure::addPropertyTransitionToExistingStructure): Use get().
997         (JSC::Structure::addPropertyTransition): Use get().
998         * runtime/Structure.h: Make Structure::m_nameInPrevious a RefPtr instead
999         of a raw pointer.
1000
1001 2008-12-16  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
1002
1003         Not reviewed. Attempt to fix win build. No 'using namespace WTF' in this file, needs manual WTF:: prefix.
1004         Not sure why the build works as is here.
1005
1006         * runtime/MathObject.cpp:
1007         (JSC::mathProtoFuncRandom):
1008
1009 2008-12-16  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
1010
1011         Reviewed by Darin Adler.
1012
1013         Fixes: https://bugs.webkit.org/show_bug.cgi?id=22876
1014
1015         Unify random number generation in JavaScriptCore & WebCore, by introducing
1016         wtf/RandomNumber.h and moving wtf_random/wtf_random_init out of MathExtras.h.
1017
1018         wtf_random_init() has been renamed to initializeRandomNumberGenerator() and
1019         lives in it's own private header: wtf/RandomNumberSeed.h, only intended to
1020         be used from within JavaScriptCore.
1021
1022         wtf_random() has been renamed to randomNumber() and lives in a public header
1023         wtf/RandomNumber.h, usable from within JavaScriptCore & WebCore. It encapsulates
1024         the code taking care of initializing the random number generator (only when
1025         building without ENABLE(JSC_MULTIPLE_THREADS), otherwhise initializeThreading()
1026         already took care of that).
1027
1028         Functional change on darwin: Use random() instead of rand(), as it got a larger
1029         period (more randomness). HTMLFormElement already contains this implementation
1030         and I just moved it in randomNumber(), as  special case for PLATFORM(DARWIN).
1031
1032         * GNUmakefile.am: Add RandomNumber.(cpp/h) / RandomNumberSeed.h.
1033         * JavaScriptCore.exp: Ditto.
1034         * JavaScriptCore.pri: Ditto.
1035         * JavaScriptCore.scons: Ditto.
1036         * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
1037         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
1038         * JavaScriptCoreSources.bkl: Ditto.
1039         * runtime/MathObject.cpp: Use new WTF::randomNumber() functionality.
1040         (JSC::mathProtoFuncRandom):
1041         * wtf/MathExtras.h: Move wtf_random / wtf_random_init to new files.
1042         * wtf/RandomNumber.cpp: Added.
1043         (WTF::randomNumber):
1044         * wtf/RandomNumber.h: Added.
1045         * wtf/RandomNumberSeed.h: Added. Internal usage within JSC only.
1046         (WTF::initializeRandomNumberGenerator):
1047         * wtf/ThreadingGtk.cpp: Rename wtf_random_init() to initializeRandomNumberGenerator().
1048         (WTF::initializeThreading):
1049         * wtf/ThreadingPthreads.cpp: Ditto.
1050         (WTF::initializeThreading):
1051         * wtf/ThreadingQt.cpp: Ditto.
1052         (WTF::initializeThreading):
1053         * wtf/ThreadingWin.cpp: Ditto.
1054         (WTF::initializeThreading):
1055
1056 2008-12-16 Yael Aharon <yael.aharon@nokia.com>
1057
1058         Reviewed by Tor Arne Vestbø.
1059
1060         Qt/Win build fix
1061
1062         * JavaScriptCore.pri:
1063
1064 2008-12-15  Mark Rowe  <mrowe@apple.com>
1065
1066         Reviewed by Cameron Zwarich.
1067
1068         Fix the build with GCC 4.0.
1069
1070         * Configurations/JavaScriptCore.xcconfig:  GCC 4.0 appears to have a bug when compiling with -funwind-tables on,
1071         so don't use it with that compiler version.
1072
1073 2008-12-15  Mark Rowe  <mrowe@apple.com>
1074
1075         Rubber-stamped by Cameron Zwarich.
1076
1077         <rdar://problem/6289933> Change WebKit-related projects to build with GCC 4.2 on Leopard.
1078
1079         * Configurations/Base.xcconfig:
1080         * Configurations/DebugRelease.xcconfig:
1081
1082 2008-12-15  Alexey Proskuryakov  <ap@webkit.org>
1083
1084         Reviewed by Darin Adler.
1085
1086         Don't use unique context group in JSGlobalContextCreate() on Tiger or Leopard.
1087
1088         * API/JSContextRef.cpp: (JSGlobalContextCreate):
1089
1090 2008-12-15  Alexey Proskuryakov  <ap@webkit.org>
1091
1092         Reviewed by Darin Adler.
1093
1094         <rdar://problem/6445089> Mach ports leak from worker threads
1095
1096         * interpreter/Interpreter.cpp: (JSC::getCPUTime):
1097         Deallocate the thread self port.
1098
1099 2008-12-15  Gavin Barraclough  <barraclough@apple.com>
1100
1101         Reviewed by Mark Rowe.
1102
1103         Construct stack frames in JIT code, so that backtracing can still work.
1104         <rdar://problem/6447870> JIT should play nice with attempts to take stack traces
1105
1106         * jit/JIT.cpp:
1107         (JSC::):
1108         (JSC::JIT::privateCompileMainPass):
1109
1110 2008-12-15  Mark Rowe  <mrowe@apple.com>
1111
1112         Reviewed by Gavin Barraclough.
1113
1114         <rdar://problem/6402262> JavaScriptCore needs exception handling tables in order to get stack traces without frame pointers
1115
1116         * Configurations/JavaScriptCore.xcconfig:
1117
1118 2008-12-15  Gavin Barraclough  <barraclough@apple.com>
1119
1120         Rubber stamped by Mark Rowe.
1121
1122         Revert r39226 / Bug 22818: Unify JIT callback argument access OS X / Windows
1123         This causes Acid3 failures – reverting for now & will revisit later.
1124         https://bugs.webkit.org/show_bug.cgi?id=22873
1125
1126         * interpreter/Interpreter.h:
1127         * jit/JIT.cpp:
1128         (JSC::JIT::privateCompileCTIMachineTrampolines):
1129         * jit/JIT.h:
1130         * jit/JITInlineMethods.h:
1131         (JSC::JIT::restoreArgumentReference):
1132         (JSC::JIT::restoreArgumentReferenceForTrampoline):
1133         (JSC::JIT::emitCTICall_internal):
1134         * jit/JITPropertyAccess.cpp:
1135         (JSC::JIT::privateCompilePutByIdTransition):
1136         * wtf/Platform.h:
1137
1138 2008-12-15  Darin Adler  <darin@apple.com>
1139
1140         Reviewed by Sam Weinig.
1141
1142         - fix <rdar://problem/6427048> crash due to infinite recursion after setting window.__proto__ = window
1143
1144         Replaced toGlobalObject with the more generally useful unwrappedObject and used it to
1145         fix the cycle detection code in put(__proto__).
1146
1147         * JavaScriptCore.exp: Updated.
1148
1149         * runtime/JSGlobalObject.cpp: Removed toGlobalObject. We now use unwrappedObject instead.
1150         * runtime/JSGlobalObject.h:
1151         (JSC::JSGlobalObject::isGlobalObject): Ditto.
1152
1153         * runtime/JSGlobalObjectFunctions.cpp:
1154         (JSC::globalFuncEval): Use unwrappedObject and isGlobalObject here rather than toGlobalObject.
1155
1156         * runtime/JSObject.cpp:
1157         (JSC::JSObject::put): Rewrote prototype cycle checking loop. Use unwrappedObject in the loop now.
1158         (JSC::JSObject::unwrappedObject): Replaced toGlobalObject with this new function.
1159         * runtime/JSObject.h: More of the same.
1160
1161 2008-12-15  Steve Falkenburg  <sfalken@apple.com>
1162
1163         Windows build fix.
1164         
1165         Visual Studio requires visibility of forward declarations to match class declaration.
1166
1167         * assembler/X86Assembler.h:
1168
1169 2008-12-15  Gustavo Noronha Silva  <kov@kov.eti.br>
1170
1171         Reviewed by Mark Rowe.
1172
1173         https://bugs.webkit.org/show_bug.cgi?id=22686
1174
1175         GTK+ build fix.
1176
1177         * GNUmakefile.am:
1178
1179 2008-12-15  Gavin Barraclough  <barraclough@apple.com>
1180
1181         Reviewed by Geoff Garen.
1182
1183         Add support to X86Assembler emitting instructions that access all 16 registers on x86-64.
1184         Add a new formating class, that is reponsible for both emitting the opcode bytes and the
1185         ModRm  bytes of an instruction in a single call; this can insert the REX byte as necessary
1186         before the opcode, but has access to the register numbers to build the REX.
1187
1188         * assembler/AssemblerBuffer.h:
1189         (JSC::AssemblerBuffer::isAligned):
1190         (JSC::AssemblerBuffer::data):
1191         * assembler/MacroAssembler.h:
1192         (JSC::MacroAssembler::addPtr):
1193         (JSC::MacroAssembler::add32):
1194         (JSC::MacroAssembler::and32):
1195         (JSC::MacroAssembler::or32):
1196         (JSC::MacroAssembler::sub32):
1197         (JSC::MacroAssembler::xor32):
1198         (JSC::MacroAssembler::loadPtr):
1199         (JSC::MacroAssembler::load32):
1200         (JSC::MacroAssembler::load16):
1201         (JSC::MacroAssembler::storePtr):
1202         (JSC::MacroAssembler::storePtrWithRepatch):
1203         (JSC::MacroAssembler::store32):
1204         (JSC::MacroAssembler::pop):
1205         (JSC::MacroAssembler::push):
1206         (JSC::MacroAssembler::compareImm32ForBranch):
1207         (JSC::MacroAssembler::compareImm32ForBranchEquality):
1208         (JSC::MacroAssembler::testImm32):
1209         (JSC::MacroAssembler::jae32):
1210         (JSC::MacroAssembler::jb32):
1211         (JSC::MacroAssembler::je16):
1212         (JSC::MacroAssembler::jg32):
1213         (JSC::MacroAssembler::jnePtr):
1214         (JSC::MacroAssembler::jne32):
1215         (JSC::MacroAssembler::jump):
1216         * assembler/X86Assembler.h:
1217         (JSC::X86::):
1218         (JSC::X86Assembler::):
1219         (JSC::X86Assembler::size):
1220         (JSC::X86Assembler::push_r):
1221         (JSC::X86Assembler::pop_r):
1222         (JSC::X86Assembler::push_i32):
1223         (JSC::X86Assembler::push_m):
1224         (JSC::X86Assembler::pop_m):
1225         (JSC::X86Assembler::addl_rr):
1226         (JSC::X86Assembler::addl_mr):
1227         (JSC::X86Assembler::addl_ir):
1228         (JSC::X86Assembler::addq_ir):
1229         (JSC::X86Assembler::addl_im):
1230         (JSC::X86Assembler::andl_rr):
1231         (JSC::X86Assembler::andl_ir):
1232         (JSC::X86Assembler::orl_rr):
1233         (JSC::X86Assembler::orl_mr):
1234         (JSC::X86Assembler::orl_ir):
1235         (JSC::X86Assembler::subl_rr):
1236         (JSC::X86Assembler::subl_mr):
1237         (JSC::X86Assembler::subl_ir):
1238         (JSC::X86Assembler::subl_im):
1239         (JSC::X86Assembler::xorl_rr):
1240         (JSC::X86Assembler::xorl_ir):
1241         (JSC::X86Assembler::sarl_i8r):
1242         (JSC::X86Assembler::sarl_CLr):
1243         (JSC::X86Assembler::shll_i8r):
1244         (JSC::X86Assembler::shll_CLr):
1245         (JSC::X86Assembler::imull_rr):
1246         (JSC::X86Assembler::imull_i32r):
1247         (JSC::X86Assembler::idivl_r):
1248         (JSC::X86Assembler::cmpl_rr):
1249         (JSC::X86Assembler::cmpl_rm):
1250         (JSC::X86Assembler::cmpl_mr):
1251         (JSC::X86Assembler::cmpl_ir):
1252         (JSC::X86Assembler::cmpl_ir_force32):
1253         (JSC::X86Assembler::cmpl_im):
1254         (JSC::X86Assembler::cmpl_im_force32):
1255         (JSC::X86Assembler::cmpw_rm):
1256         (JSC::X86Assembler::testl_rr):
1257         (JSC::X86Assembler::testl_i32r):
1258         (JSC::X86Assembler::testl_i32m):
1259         (JSC::X86Assembler::testq_rr):
1260         (JSC::X86Assembler::testq_i32r):
1261         (JSC::X86Assembler::testb_i8r):
1262         (JSC::X86Assembler::sete_r):
1263         (JSC::X86Assembler::setz_r):
1264         (JSC::X86Assembler::setne_r):
1265         (JSC::X86Assembler::setnz_r):
1266         (JSC::X86Assembler::cdq):
1267         (JSC::X86Assembler::xchgl_rr):
1268         (JSC::X86Assembler::movl_rr):
1269         (JSC::X86Assembler::movl_rm):
1270         (JSC::X86Assembler::movl_mr):
1271         (JSC::X86Assembler::movl_i32r):
1272         (JSC::X86Assembler::movl_i32m):
1273         (JSC::X86Assembler::movq_rr):
1274         (JSC::X86Assembler::movq_rm):
1275         (JSC::X86Assembler::movq_mr):
1276         (JSC::X86Assembler::movzwl_mr):
1277         (JSC::X86Assembler::movzbl_rr):
1278         (JSC::X86Assembler::leal_mr):
1279         (JSC::X86Assembler::call):
1280         (JSC::X86Assembler::jmp):
1281         (JSC::X86Assembler::jmp_r):
1282         (JSC::X86Assembler::jmp_m):
1283         (JSC::X86Assembler::jne):
1284         (JSC::X86Assembler::jnz):
1285         (JSC::X86Assembler::je):
1286         (JSC::X86Assembler::jl):
1287         (JSC::X86Assembler::jb):
1288         (JSC::X86Assembler::jle):
1289         (JSC::X86Assembler::jbe):
1290         (JSC::X86Assembler::jge):
1291         (JSC::X86Assembler::jg):
1292         (JSC::X86Assembler::ja):
1293         (JSC::X86Assembler::jae):
1294         (JSC::X86Assembler::jo):
1295         (JSC::X86Assembler::jp):
1296         (JSC::X86Assembler::js):
1297         (JSC::X86Assembler::addsd_rr):
1298         (JSC::X86Assembler::addsd_mr):
1299         (JSC::X86Assembler::cvtsi2sd_rr):
1300         (JSC::X86Assembler::cvttsd2si_rr):
1301         (JSC::X86Assembler::movd_rr):
1302         (JSC::X86Assembler::movsd_rm):
1303         (JSC::X86Assembler::movsd_mr):
1304         (JSC::X86Assembler::mulsd_rr):
1305         (JSC::X86Assembler::mulsd_mr):
1306         (JSC::X86Assembler::pextrw_irr):
1307         (JSC::X86Assembler::subsd_rr):
1308         (JSC::X86Assembler::subsd_mr):
1309         (JSC::X86Assembler::ucomis_rr):
1310         (JSC::X86Assembler::int3):
1311         (JSC::X86Assembler::ret):
1312         (JSC::X86Assembler::predictNotTaken):
1313         (JSC::X86Assembler::label):
1314         (JSC::X86Assembler::align):
1315         (JSC::X86Assembler::link):
1316         (JSC::X86Assembler::executableCopy):
1317         (JSC::X86Assembler::X86InstructionFormater::prefix):
1318         (JSC::X86Assembler::X86InstructionFormater::oneByteOp):
1319         (JSC::X86Assembler::X86InstructionFormater::twoByteOp):
1320         (JSC::X86Assembler::X86InstructionFormater::oneByteOp64):
1321         (JSC::X86Assembler::X86InstructionFormater::oneByteOp8):
1322         (JSC::X86Assembler::X86InstructionFormater::twoByteOp8):
1323         (JSC::X86Assembler::X86InstructionFormater::instructionImmediate8):
1324         (JSC::X86Assembler::X86InstructionFormater::instructionImmediate32):
1325         (JSC::X86Assembler::X86InstructionFormater::instructionRel32):
1326         (JSC::X86Assembler::X86InstructionFormater::size):
1327         (JSC::X86Assembler::X86InstructionFormater::isAligned):
1328         (JSC::X86Assembler::X86InstructionFormater::data):
1329         (JSC::X86Assembler::X86InstructionFormater::executableCopy):
1330         (JSC::X86Assembler::X86InstructionFormater::registerModRM):
1331         (JSC::X86Assembler::X86InstructionFormater::memoryModRM):
1332         * jit/JIT.cpp:
1333         (JSC::JIT::privateCompileMainPass):
1334         (JSC::JIT::privateCompile):
1335         (JSC::JIT::privateCompileCTIMachineTrampolines):
1336         * jit/JITArithmetic.cpp:
1337         (JSC::JIT::putDoubleResultToJSNumberCellOrJSImmediate):
1338         (JSC::JIT::compileBinaryArithOp):
1339         * jit/JITCall.cpp:
1340         (JSC::JIT::compileOpCall):
1341         (JSC::JIT::compileOpCallSlowCase):
1342         * jit/JITPropertyAccess.cpp:
1343         (JSC::JIT::compileGetByIdHotPath):
1344         (JSC::JIT::compilePutByIdHotPath):
1345         (JSC::JIT::privateCompilePutByIdTransition):
1346         (JSC::JIT::privateCompilePatchGetArrayLength):
1347         (JSC::JIT::privateCompileGetByIdProto):
1348         (JSC::JIT::privateCompileGetByIdProtoList):
1349         (JSC::JIT::privateCompileGetByIdChainList):
1350         (JSC::JIT::privateCompileGetByIdChain):
1351
1352 2008-12-15  Darin Adler  <darin@apple.com>
1353
1354         * interpreter/RegisterFile.h: Tweak include formatting.
1355
1356 2008-12-15  Holger Hans Peter Freyther  <zecke@selfish.org>
1357
1358         Build fix for Gtk+.
1359
1360         * interpreter/RegisterFile.h: Include stdio.h for fprintf
1361
1362 2008-12-15  Alexey Proskuryakov  <ap@webkit.org>
1363
1364         Reviewed by Oliver Hunt.
1365
1366         <rdar://problem/6444455> Worker Thread crash running multiple workers for a moderate amount of time
1367
1368         * interpreter/RegisterFile.h: (JSC::RegisterFile::RegisterFile):
1369         Improve error handling: if mmap fails, crash immediately, and print out the reason.
1370
1371 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1372
1373         Reviewed by Cameron Zwarich.
1374
1375         Re-enable WREC on 64-bit.
1376         Implements one of the MacroAssembler::jnzPtr methods, previously only implemented for 32-bit x86.
1377
1378         https://bugs.webkit.org/show_bug.cgi?id=22849
1379
1380         * assembler/MacroAssembler.h:
1381         (JSC::MacroAssembler::testImm64):
1382         (JSC::MacroAssembler::jnzPtr):
1383         * assembler/X86Assembler.h:
1384         (JSC::X86Assembler::testq_i32r):
1385         (JSC::X86Assembler::testq_rr):
1386         * wtf/Platform.h:
1387
1388 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1389
1390         Fix PPC builds.
1391
1392         * assembler/MacroAssembler.h:
1393
1394 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1395
1396         Build fix only, no review.
1397
1398         * bytecode/CodeBlock.h:
1399
1400 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1401
1402         Reviewed by Cameron Zwarich.
1403
1404         Port the remainder of the JIT, bar calling convention related code, and code
1405         implementing optimizations which can be disabled, to use the MacroAssembler.
1406
1407         * assembler/MacroAssembler.h:
1408         (JSC::MacroAssembler::DataLabelPtr::DataLabelPtr):
1409         (JSC::MacroAssembler::RepatchBuffer::RepatchBuffer):
1410         (JSC::MacroAssembler::RepatchBuffer::link):
1411         (JSC::MacroAssembler::RepatchBuffer::addressOf):
1412         (JSC::MacroAssembler::RepatchBuffer::setPtr):
1413         (JSC::MacroAssembler::addPtr):
1414         (JSC::MacroAssembler::lshift32):
1415         (JSC::MacroAssembler::mod32):
1416         (JSC::MacroAssembler::rshift32):
1417         (JSC::MacroAssembler::storePtrWithRepatch):
1418         (JSC::MacroAssembler::jnzPtr):
1419         (JSC::MacroAssembler::jzPtr):
1420         (JSC::MacroAssembler::jump):
1421         (JSC::MacroAssembler::label):
1422         * assembler/X86Assembler.h:
1423         (JSC::X86Assembler::):
1424         (JSC::X86Assembler::xchgl_rr):
1425         (JSC::X86Assembler::jmp_m):
1426         (JSC::X86Assembler::repatchAddress):
1427         (JSC::X86Assembler::getRelocatedAddress):
1428         * bytecode/CodeBlock.cpp:
1429         (JSC::CodeBlock::CodeBlock):
1430         * bytecode/CodeBlock.h:
1431         (JSC::JITCodeRef::JITCodeRef):
1432         (JSC::CodeBlock::setJITCode):
1433         (JSC::CodeBlock::jitCode):
1434         (JSC::CodeBlock::executablePool):
1435         * jit/JIT.cpp:
1436         (JSC::JIT::privateCompileMainPass):
1437         (JSC::JIT::privateCompileLinkPass):
1438         (JSC::JIT::privateCompile):
1439         (JSC::JIT::privateCompileCTIMachineTrampolines):
1440         * jit/JIT.h:
1441         (JSC::CallRecord::CallRecord):
1442         (JSC::JumpTable::JumpTable):
1443         (JSC::JIT::emitCTICall):
1444         (JSC::JIT::JSRInfo::JSRInfo):
1445         * jit/JITArithmetic.cpp:
1446         * jit/JITCall.cpp:
1447         * jit/JITInlineMethods.h:
1448         (JSC::JIT::emitNakedCall):
1449         (JSC::JIT::emitCTICall_internal):
1450         (JSC::JIT::checkStructure):
1451         (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
1452         (JSC::JIT::addSlowCase):
1453         (JSC::JIT::addJump):
1454         (JSC::JIT::emitJumpSlowToHot):
1455         * jit/JITPropertyAccess.cpp:
1456         (JSC::JIT::privateCompileGetByIdChainList):
1457         (JSC::JIT::privateCompileGetByIdChain):
1458
1459 2008-12-12  Cameron Zwarich  <zwarich@apple.com>
1460
1461         Reviewed by Sam Weinig.
1462
1463         Fix the failures of the following layout tests, which regressed in
1464         r39255:
1465
1466         fast/dom/StyleSheet/ownerNode-lifetime-2.html
1467         fast/xsl/transform-xhr-doc.xhtml
1468
1469         The binary search in CodeBlock::getByIdExceptionInfoForBytecodeOffset()
1470         doesn't guarantee that it actually finds a match, so add an explicit check
1471         for this.
1472
1473         * bytecode/CodeBlock.cpp:
1474         (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
1475
1476 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1477
1478         Reviewed by Cameron Zwarich.
1479
1480         Replace emitPutCallArg methods with emitPutJITStubArg methods.  Primarily to make the argument numbering
1481         more sensible (1-based incrementing by 1, rather than 0-based incrementing by 4).  The CTI name also seems
1482         to be being deprecated from the code generally.
1483
1484         * jit/JIT.cpp:
1485         (JSC::JIT::privateCompileMainPass):
1486         (JSC::JIT::privateCompileSlowCases):
1487         (JSC::JIT::privateCompileCTIMachineTrampolines):
1488         * jit/JIT.h:
1489         * jit/JITArithmetic.cpp:
1490         (JSC::JIT::compileBinaryArithOp):
1491         (JSC::JIT::compileBinaryArithOpSlowCase):
1492         * jit/JITCall.cpp:
1493         (JSC::JIT::compileOpCallSetupArgs):
1494         (JSC::JIT::compileOpCallEvalSetupArgs):
1495         (JSC::JIT::compileOpConstructSetupArgs):
1496         (JSC::JIT::compileOpCall):
1497         * jit/JITInlineMethods.h:
1498         (JSC::JIT::emitPutJITStubArg):
1499         (JSC::JIT::emitPutJITStubArgConstant):
1500         (JSC::JIT::emitGetJITStubArg):
1501         (JSC::JIT::emitPutJITStubArgFromVirtualRegister):
1502         * jit/JITPropertyAccess.cpp:
1503         (JSC::JIT::compileGetByIdHotPath):
1504         (JSC::JIT::compilePutByIdHotPath):
1505         (JSC::JIT::compileGetByIdSlowCase):
1506         (JSC::JIT::compilePutByIdSlowCase):
1507
1508 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1509
1510         Fix windows builds.
1511
1512         * jit/JIT.cpp:
1513         (JSC::JIT::privateCompileMainPass):
1514         (JSC::JIT::privateCompileSlowCases):
1515         (JSC::JIT::privateCompile):
1516
1517 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1518
1519         Reviewed by Geoff Garen.
1520
1521         Remove loop counter 'i' from the JIT generation passes, replace with a member m_bytecodeIndex.
1522
1523         No impact on performance.
1524
1525         * jit/JIT.cpp:
1526         (JSC::JIT::compileOpStrictEq):
1527         (JSC::JIT::emitSlowScriptCheck):
1528         (JSC::JIT::privateCompileMainPass):
1529         (JSC::JIT::privateCompileSlowCases):
1530         (JSC::JIT::privateCompile):
1531         * jit/JIT.h:
1532         (JSC::CallRecord::CallRecord):
1533         (JSC::JmpTable::JmpTable):
1534         (JSC::JIT::emitCTICall):
1535         * jit/JITArithmetic.cpp:
1536         (JSC::JIT::compileBinaryArithOp):
1537         (JSC::JIT::compileBinaryArithOpSlowCase):
1538         * jit/JITCall.cpp:
1539         (JSC::JIT::compileOpCall):
1540         (JSC::JIT::compileOpCallSlowCase):
1541         * jit/JITInlineMethods.h:
1542         (JSC::JIT::emitGetVirtualRegister):
1543         (JSC::JIT::emitGetVirtualRegisters):
1544         (JSC::JIT::emitNakedCall):
1545         (JSC::JIT::emitCTICall_internal):
1546         (JSC::JIT::emitJumpSlowCaseIfJSCell):
1547         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
1548         (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
1549         (JSC::JIT::emitJumpSlowCaseIfNotImmNums):
1550         (JSC::JIT::emitFastArithIntToImmOrSlowCase):
1551         (JSC::JIT::addSlowCase):
1552         (JSC::JIT::addJump):
1553         (JSC::JIT::emitJumpSlowToHot):
1554         * jit/JITPropertyAccess.cpp:
1555         (JSC::JIT::compileGetByIdHotPath):
1556         (JSC::JIT::compileGetByIdSlowCase):
1557         (JSC::JIT::compilePutByIdHotPath):
1558         (JSC::JIT::compilePutByIdSlowCase):
1559
1560 2008-12-12  Sam Weinig  <sam@webkit.org>
1561
1562         Reviewed by Cameron Zwarich.
1563
1564         <rdar://problem/6428342> Look into feasibility of discarding bytecode after native codegen
1565
1566         Move more JIT functionality to using offsets into the Instruction buffer
1567         instead of raw pointers. Two to go!
1568
1569         * interpreter/Interpreter.cpp:
1570         (JSC::bytecodeOffsetForPC): Rename from vPCForPC.
1571         (JSC::Interpreter::resolve): Pass offset to exception helper.
1572         (JSC::Interpreter::resolveSkip): Ditto.
1573         (JSC::Interpreter::resolveGlobal): Ditto.
1574         (JSC::Interpreter::resolveBaseAndProperty): Ditto.
1575         (JSC::Interpreter::resolveBaseAndFunc): Ditto.
1576         (JSC::isNotObject): Ditto.
1577         (JSC::Interpreter::unwindCallFrame): Call bytecodeOffsetForPC.
1578         (JSC::Interpreter::throwException): Use offsets instead of vPCs.
1579         (JSC::Interpreter::privateExecute): Pass offset to exception helper.
1580         (JSC::Interpreter::retrieveLastCaller): Ditto.
1581         (JSC::Interpreter::cti_op_instanceof): Ditto.
1582         (JSC::Interpreter::cti_op_call_NotJSFunction): Ditto.
1583         (JSC::Interpreter::cti_op_resolve): Pass offset to exception helper.
1584         (JSC::Interpreter::cti_op_construct_NotJSConstruct): Ditto.
1585         (JSC::Interpreter::cti_op_resolve_func): Ditto.
1586         (JSC::Interpreter::cti_op_resolve_skip): Ditto.
1587         (JSC::Interpreter::cti_op_resolve_global): Ditto.
1588         (JSC::Interpreter::cti_op_resolve_with_base): Ditto.
1589         (JSC::Interpreter::cti_op_throw): Ditto.
1590         (JSC::Interpreter::cti_op_in): Ditto.
1591         (JSC::Interpreter::cti_vm_throw): Ditto.
1592         * interpreter/Interpreter.h:
1593
1594         * jit/JIT.cpp:
1595         (JSC::JIT::privateCompileMainPass): Don't pass unnecessary vPC to stub.
1596         * jit/JIT.h: Remove ARG_instr1 - ARG_instr3 and ARG_instr5 - ARG_instr6.
1597         * jit/JITCall.cpp:
1598         (JSC::JIT::compileOpCallEvalSetupArgs): Don't pass unnecessary vPC to stub..
1599         (JSC::JIT::compileOpConstructSetupArgs): Ditto.
1600
1601         * runtime/ExceptionHelpers.cpp:
1602         (JSC::createUndefinedVariableError): Take an offset instead of vPC.
1603         (JSC::createInvalidParamError): Ditto.
1604         (JSC::createNotAConstructorError): Ditto.
1605         (JSC::createNotAFunctionError): Ditto.
1606         (JSC::createNotAnObjectError): Ditto.
1607         * runtime/ExceptionHelpers.h:
1608
1609 2008-12-12  Cameron Zwarich  <zwarich@apple.com>
1610
1611         Reviewed by Oliver Hunt.
1612
1613         Bug 22835: Crash during bytecode generation when comparing to null
1614         <https://bugs.webkit.org/show_bug.cgi?id=22835>
1615         <rdar://problem/6286749>
1616
1617         Change the special cases in bytecode generation for comparison to null
1618         to use tempDestination().
1619
1620         * parser/Nodes.cpp:
1621         (JSC::BinaryOpNode::emitBytecode):
1622         (JSC::EqualNode::emitBytecode):
1623
1624 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1625
1626         Reviewed by Geoff Garen.
1627
1628         Move slow-cases of JIT code generation over to the MacroAssembler interface.
1629
1630         * assembler/MacroAssembler.h:
1631         (JSC::MacroAssembler::Label::Label):
1632         (JSC::MacroAssembler::jae32):
1633         (JSC::MacroAssembler::jg32):
1634         (JSC::MacroAssembler::jzPtr):
1635         * jit/JIT.cpp:
1636         (JSC::JIT::privateCompileSlowCases):
1637         (JSC::JIT::privateCompile):
1638         (JSC::JIT::emitGetVariableObjectRegister):
1639         (JSC::JIT::emitPutVariableObjectRegister):
1640         * jit/JIT.h:
1641         (JSC::SlowCaseEntry::SlowCaseEntry):
1642         (JSC::JIT::getSlowCase):
1643         (JSC::JIT::linkSlowCase):
1644         * jit/JITArithmetic.cpp:
1645         (JSC::JIT::compileBinaryArithOpSlowCase):
1646         * jit/JITCall.cpp:
1647         (JSC::JIT::compileOpCallInitializeCallFrame):
1648         (JSC::JIT::compileOpCall):
1649         (JSC::JIT::compileOpCallSlowCase):
1650         * jit/JITInlineMethods.h:
1651         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
1652         (JSC::JIT::linkSlowCaseIfNotJSCell):
1653         * jit/JITPropertyAccess.cpp:
1654         (JSC::JIT::compileGetByIdHotPath):
1655         (JSC::JIT::compilePutByIdHotPath):
1656         (JSC::JIT::compileGetByIdSlowCase):
1657         (JSC::JIT::compilePutByIdSlowCase):
1658
1659 2008-12-12  Cameron Zwarich  <zwarich@apple.com>
1660
1661         Reviewed by Sam Weinig.
1662
1663         Bug 22828: Do not inspect bytecode instruction stream for op_get_by_id exception information
1664         <https://bugs.webkit.org/show_bug.cgi?id=22828>
1665
1666         In order to remove the bytecode instruction stream after generating
1667         native code, all inspection of bytecode instructions at runtime must
1668         be removed. One particular instance of this is the special handling of
1669         exceptions thrown by the op_get_by_id emitted directly before an
1670         op_construct or an op_instanceof. This patch moves that information to
1671         an auxiliary data structure in CodeBlock.
1672
1673         * bytecode/CodeBlock.cpp:
1674         (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
1675         * bytecode/CodeBlock.h:
1676         (JSC::CodeBlock::addGetByIdExceptionInfo):
1677         * bytecompiler/BytecodeGenerator.cpp:
1678         (JSC::BytecodeGenerator::emitConstruct):
1679         * bytecompiler/BytecodeGenerator.h:
1680         (JSC::BytecodeGenerator::emitGetByIdExceptionInfo):
1681         * parser/Nodes.cpp:
1682         (JSC::InstanceOfNode::emitBytecode):
1683         * runtime/ExceptionHelpers.cpp:
1684         (JSC::createNotAnObjectError):
1685
1686 2008-12-12  Sam Weinig  <sam@webkit.org>
1687
1688         Reviewed by Geoffrey Garen.
1689
1690         Change exception information accessors to take offsets into the bytecode
1691         instruction buffer instead of pointers so that they can work even even
1692         if the bytecode buffer is purged.
1693
1694         * bytecode/CodeBlock.cpp:
1695         (JSC::instructionOffsetForNth):
1696         (JSC::CodeBlock::handlerForBytecodeOffset):
1697         (JSC::CodeBlock::lineNumberForBytecodeOffset):
1698         (JSC::CodeBlock::expressionRangeForBytecodeOffset):
1699         * bytecode/CodeBlock.h:
1700         * bytecode/SamplingTool.cpp:
1701         (JSC::SamplingTool::dump):
1702         * interpreter/Interpreter.cpp:
1703         (JSC::Interpreter::throwException):
1704         (JSC::Interpreter::privateExecute):
1705         (JSC::Interpreter::retrieveLastCaller):
1706         * jit/JIT.cpp:
1707         (JSC::JIT::privateCompileMainPass):
1708         * runtime/ExceptionHelpers.cpp:
1709         (JSC::createUndefinedVariableError):
1710         (JSC::createInvalidParamError):
1711         (JSC::createNotAConstructorError):
1712         (JSC::createNotAFunctionError):
1713         (JSC::createNotAnObjectError):
1714
1715 2008-12-12  Geoffrey Garen  <ggaren@apple.com>
1716
1717         Reviewed by Cameron Zwarich.
1718         
1719         Tiny bit of refactoring in quantifier generation.
1720
1721         * wrec/WRECGenerator.cpp:
1722         (JSC::WREC::Generator::generateNonGreedyQuantifier):
1723         (JSC::WREC::Generator::generateGreedyQuantifier):
1724
1725 2008-12-11  Sam Weinig  <sam@webkit.org>
1726
1727         Reviewed by Geoffrey Garen.
1728
1729         Remove dependancy on having the Instruction buffer in order to
1730         deref Structures used for property access and global resolves.
1731         Instead, we put references to the necessary Structures in auxiliary
1732         data structures on the CodeBlock. This is not an ideal solution,
1733         as we still pay for having the Structures in two places and we
1734         would like to eventually just hold on to offsets into the machine
1735         code buffer.
1736
1737         - Also removes CodeBlock bloat in non-JIT by #ifdefing the JIT
1738           only data structures.
1739
1740         * GNUmakefile.am:
1741         * JavaScriptCore.pri:
1742         * JavaScriptCore.scons:
1743         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1744         * JavaScriptCore.xcodeproj/project.pbxproj:
1745         * JavaScriptCoreSources.bkl:
1746         * bytecode/CodeBlock.cpp:
1747         (JSC::isGlobalResolve):
1748         (JSC::isPropertyAccess):
1749         (JSC::instructionOffsetForNth):
1750         (JSC::printGlobalResolveInfo):
1751         (JSC::printStructureStubInfo):
1752         (JSC::CodeBlock::printStructures):
1753         (JSC::CodeBlock::dump):
1754         (JSC::CodeBlock::~CodeBlock):
1755         (JSC::CodeBlock::shrinkToFit):
1756         * bytecode/CodeBlock.h:
1757         (JSC::GlobalResolveInfo::GlobalResolveInfo):
1758         (JSC::getNativePC):
1759         (JSC::CodeBlock::instructions):
1760         (JSC::CodeBlock::getStubInfo):
1761         (JSC::CodeBlock::getBytecodeIndex):
1762         (JSC::CodeBlock::addPropertyAccessInstruction):
1763         (JSC::CodeBlock::addGlobalResolveInstruction):
1764         (JSC::CodeBlock::numberOfStructureStubInfos):
1765         (JSC::CodeBlock::addStructureStubInfo):
1766         (JSC::CodeBlock::structureStubInfo):
1767         (JSC::CodeBlock::addGlobalResolveInfo):
1768         (JSC::CodeBlock::globalResolveInfo):
1769         (JSC::CodeBlock::numberOfCallLinkInfos):
1770         (JSC::CodeBlock::addCallLinkInfo):
1771         (JSC::CodeBlock::callLinkInfo):
1772         * bytecode/Instruction.h:
1773         (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
1774         (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
1775         * bytecode/Opcode.h:
1776         (JSC::):
1777         * bytecode/StructureStubInfo.cpp: Copied from bytecode/CodeBlock.cpp.
1778         (JSC::StructureStubInfo::deref):
1779         * bytecode/StructureStubInfo.h: Copied from bytecode/CodeBlock.h.
1780         (JSC::StructureStubInfo::StructureStubInfo):
1781         (JSC::StructureStubInfo::initGetByIdSelf):
1782         (JSC::StructureStubInfo::initGetByIdProto):
1783         (JSC::StructureStubInfo::initGetByIdChain):
1784         (JSC::StructureStubInfo::initGetByIdSelfList):
1785         (JSC::StructureStubInfo::initGetByIdProtoList):
1786         (JSC::StructureStubInfo::initPutByIdTransition):
1787         (JSC::StructureStubInfo::initPutByIdReplace):
1788         (JSC::StructureStubInfo::):
1789         * bytecompiler/BytecodeGenerator.cpp:
1790         (JSC::BytecodeGenerator::emitResolve):
1791         (JSC::BytecodeGenerator::emitGetById):
1792         (JSC::BytecodeGenerator::emitPutById):
1793         (JSC::BytecodeGenerator::emitCall):
1794         (JSC::BytecodeGenerator::emitConstruct):
1795         (JSC::BytecodeGenerator::emitCatch):
1796         * interpreter/Interpreter.cpp:
1797         (JSC::Interpreter::tryCTICachePutByID):
1798         (JSC::Interpreter::tryCTICacheGetByID):
1799         (JSC::Interpreter::cti_op_get_by_id_self_fail):
1800         (JSC::getPolymorphicAccessStructureListSlot):
1801         (JSC::Interpreter::cti_op_get_by_id_proto_list):
1802         (JSC::Interpreter::cti_op_resolve_global):
1803         * jit/JIT.cpp:
1804         (JSC::JIT::JIT):
1805         (JSC::JIT::privateCompileMainPass):
1806         (JSC::JIT::privateCompileSlowCases):
1807         (JSC::JIT::privateCompile):
1808         * jit/JITPropertyAccess.cpp:
1809         (JSC::JIT::compileGetByIdHotPath):
1810         (JSC::JIT::compilePutByIdHotPath):
1811         (JSC::JIT::compileGetByIdSlowCase):
1812         (JSC::JIT::compilePutByIdSlowCase):
1813         (JSC::JIT::privateCompileGetByIdSelfList):
1814         (JSC::JIT::privateCompileGetByIdProtoList):
1815         (JSC::JIT::privateCompileGetByIdChainList):
1816
1817 2008-12-11  Gavin Barraclough  <barraclough@apple.com>
1818
1819         Reviewed by Oliver Hunt.
1820
1821         Remove CTI_ARGUMENTS mode, use va_start implementation on Windows,
1822         unifying JIT callback (cti_*) argument access on OS X & Windows
1823
1824         No performance impact.
1825
1826         * interpreter/Interpreter.h:
1827         * jit/JIT.cpp:
1828         (JSC::JIT::privateCompileCTIMachineTrampolines):
1829         * jit/JIT.h:
1830         * jit/JITInlineMethods.h:
1831         (JSC::JIT::emitCTICall):
1832         * jit/JITPropertyAccess.cpp:
1833         (JSC::JIT::privateCompilePutByIdTransition):
1834         * wtf/Platform.h:
1835
1836 2008-12-11  Holger Freyther  <zecke@selfish.org>
1837
1838         Reviewed by Simon Hausmann.
1839
1840         https://bugs.webkit.org/show_bug.cgi?id=20953
1841
1842         For Qt it is not pratical to have a FontCache and GlyphPageTreeNode
1843         implementation. This is one of the reasons why the Qt port is currently not
1844         using WebCore/platform/graphics/Font.cpp. By allowing to not use
1845         the simple/fast-path the Qt port will be able to use it.
1846
1847         Introduce USE(FONT_FAST_PATH) and define it for every port but the
1848         Qt one.
1849
1850         * wtf/Platform.h: Enable USE(FONT_FAST_PATH)
1851
1852 2008-12-11  Gabor Loki  <loki@inf.u-szeged.hu>
1853
1854         Reviewed by Darin Adler and landed by Holger Freyther.
1855
1856         <https://bugs.webkit.org/show_bug.cgi?id=22648>
1857         Fix threading on Qt-port and Gtk-port for Sampling tool.
1858
1859         * wtf/ThreadingGtk.cpp:
1860         (WTF::waitForThreadCompletion):
1861         * wtf/ThreadingQt.cpp:
1862         (WTF::waitForThreadCompletion):
1863
1864 2008-12-10  Cameron Zwarich  <zwarich@apple.com>
1865
1866         Reviewed by Oliver Hunt.
1867
1868         Bug 22734: Debugger crashes when stepping into a function call in a return statement
1869         <https://bugs.webkit.org/show_bug.cgi?id=22734>
1870         <rdar://problem/6426796>
1871
1872         * bytecompiler/BytecodeGenerator.cpp:
1873         (JSC::BytecodeGenerator::BytecodeGenerator): The DebuggerCallFrame uses
1874         the 'this' value stored in a callFrame, so op_convert_this should be
1875         emitted at the beginning of a function body when generating bytecode
1876         with debug hooks.
1877         * debugger/DebuggerCallFrame.cpp:
1878         (JSC::DebuggerCallFrame::thisObject): The assertion inherent in the call
1879         to asObject() here is valid, because any 'this' value should have been
1880         converted to a JSObject*.
1881
1882 2008-12-10  Gavin Barraclough  <barraclough@apple.com>
1883
1884         Reviewed by Geoff Garen.
1885
1886         Port more of the JIT to use the MacroAssembler interface.
1887         
1888         Everything in the main pass, bar a few corner cases (operations with required
1889         registers, or calling convention code).  Slightly refactors array creation,
1890         moving the offset calculation into the callFrame into C code (reducing code
1891         planted).
1892
1893         Overall this appears to be a 1% win on v8-tests, due to the smaller immediates
1894         being planted (in jfalse in particular).
1895
1896         * interpreter/Interpreter.cpp:
1897         (JSC::Interpreter::cti_op_new_array):
1898         * jit/JIT.cpp:
1899         (JSC::JIT::privateCompileMainPass):
1900         (JSC::JIT::privateCompileSlowCases):
1901         * jit/JIT.h:
1902         * wrec/WRECGenerator.cpp:
1903         (JSC::WREC::Generator::generateEnter):
1904
1905 2008-12-10  Sam Weinig  <sam@webkit.org>
1906
1907         Fix non-JIT builds.
1908
1909         * bytecode/CodeBlock.h:
1910
1911 2008-12-10  Sam Weinig  <sam@webkit.org>
1912
1913         Reviewed by Geoffrey Garen.
1914
1915         <rdar://problem/6428332> Remove the CTI return address table from CodeBlock
1916
1917         Step 2:
1918
1919         Convert the return address table from a HashMap to a sorted Vector.  This
1920         reduces the size of the data structure by ~4.5MB on Membuster head.
1921
1922         SunSpider reports a 0.5% progression.
1923
1924         * bytecode/CodeBlock.cpp:
1925         (JSC::sizeInBytes): Generic method to get the cost of a Vector.
1926         (JSC::CodeBlock::dumpStatistics): Add dumping of member sizes.
1927         * bytecode/CodeBlock.h:
1928         (JSC::PC::PC): Struct representing NativePC -> VirtualPC mappings.
1929         (JSC::getNativePC): Helper for binary chop.
1930         (JSC::CodeBlock::getBytecodeIndex): Used to get the VirtualPC from a
1931         NativePC using a binary chop of the pcVector.
1932         (JSC::CodeBlock::pcVector): Accessor.
1933
1934         * interpreter/Interpreter.cpp:
1935         (JSC::vPCForPC): Use getBytecodeIndex instead of jitReturnAddressVPCMap().get().
1936         (JSC::Interpreter::cti_op_instanceof): Ditto.
1937         (JSC::Interpreter::cti_op_resolve): Ditto.
1938         (JSC::Interpreter::cti_op_resolve_func): Ditto.
1939         (JSC::Interpreter::cti_op_resolve_skip): Ditto.
1940         (JSC::Interpreter::cti_op_resolve_with_base): Ditto.
1941         (JSC::Interpreter::cti_op_throw): Ditto.
1942         (JSC::Interpreter::cti_op_in): Ditto.
1943         (JSC::Interpreter::cti_vm_throw): Ditto.
1944
1945         * jit/JIT.cpp:
1946         (JSC::JIT::privateCompile): Reserve exact capacity and fill the pcVector.
1947
1948 2008-12-09  Geoffrey Garen  <ggaren@apple.com>
1949
1950         Reviewed by Oliver Hunt.
1951
1952         Added WREC support for an assertion followed by a quantifier. Fixed
1953         PCRE to match.
1954
1955         * wrec/WRECParser.cpp:
1956         (JSC::WREC::Parser::parseParentheses): Throw away the quantifier, since
1957         it's meaningless. (Firefox does the same.)
1958
1959         * pcre/pcre_compile.cpp:
1960         (compileBranch): ditto.
1961
1962 2008-12-09  Geoffrey Garen  <ggaren@apple.com>
1963
1964         Reviewed by Cameron Zwarich.
1965
1966         In preparation for compiling WREC without PCRE:
1967         
1968         Further relaxed WREC's parsing to be more web-compatible. Fixed PCRE to
1969         match in cases where it didn't already.
1970         
1971         Changed JavaScriptCore to report syntax errors detected by WREC, rather
1972         than falling back on PCRE any time WREC sees an error.
1973         
1974         * pcre/pcre_compile.cpp:
1975         (checkEscape): Relaxed parsing of \c and \N escapes to be more
1976         web-compatible.
1977         
1978         * runtime/RegExp.cpp:
1979         (JSC::RegExp::RegExp): Only fall back on PCRE if WREC has not reported
1980         a syntax error.
1981
1982         * wrec/WREC.cpp:
1983         (JSC::WREC::Generator::compileRegExp): Fixed some error reporting to
1984         match PCRE.
1985
1986         * wrec/WRECParser.cpp: Added error messages that match PCRE.
1987
1988         (JSC::WREC::Parser::consumeGreedyQuantifier):
1989         (JSC::WREC::Parser::parseParentheses):
1990         (JSC::WREC::Parser::parseCharacterClass):
1991         (JSC::WREC::Parser::parseNonCharacterEscape): Updated the above functions to
1992         use the new setError API.
1993
1994         (JSC::WREC::Parser::consumeEscape): Relaxed parsing of \c \N \u \x \B
1995         to be more web-compatible.
1996
1997         (JSC::WREC::Parser::parseAlternative): Distinguish between a malformed
1998         quantifier and a quantifier with no prefix, like PCRE does.
1999
2000         (JSC::WREC::Parser::consumeParenthesesType): Updated to use the new setError API.
2001
2002         * wrec/WRECParser.h:
2003         (JSC::WREC::Parser::error):
2004         (JSC::WREC::Parser::syntaxError):
2005         (JSC::WREC::Parser::parsePattern):
2006         (JSC::WREC::Parser::reset):
2007         (JSC::WREC::Parser::setError): Store error messages instead of error codes,
2008         to provide for exception messages. Use a setter for reporting errors, so
2009         errors detected early are not overwritten by errors detected later.
2010
2011 2008-12-09  Gavin Barraclough  <barraclough@apple.com>
2012
2013         Reviewed by Oliver Hunt.
2014
2015         Use va_args to access cti function arguments.
2016         https://bugs.webkit.org/show_bug.cgi?id=22774
2017
2018         This may be a minor regression, but we'll take the hit if so to reduce fragility.
2019
2020         * interpreter/Interpreter.cpp:
2021         * interpreter/Interpreter.h:
2022
2023 2008-12-09  Sam Weinig  <sam@webkit.org>
2024
2025         Reviewed twice by Cameron Zwarich.
2026
2027         Fix for https://bugs.webkit.org/show_bug.cgi?id=22752
2028         Clear SymbolTable after codegen for Function codeblocks that
2029         don't require an activation
2030
2031         This is a ~1.5MB improvement on Membuster-head.
2032
2033         * bytecode/CodeBlock.cpp:
2034         (JSC::CodeBlock::dumpStatistics): Add logging of non-empty symbol tables
2035         and total size used by symbol tables.
2036         * bytecompiler/BytecodeGenerator.cpp:
2037         (JSC::BytecodeGenerator::generate): Clear the symbol table here.
2038
2039 2008-12-09  Sam Weinig  <sam@webkit.org>
2040
2041         Reviewed by Geoffrey Garen.
2042
2043         Remove unnecessary extra lookup when throwing an exception.
2044         We used to first lookup the target offset using getHandlerForVPC
2045         and then we would lookup the native code stub using 
2046         nativeExceptionCodeForHandlerVPC.  Instead, we can just pass around
2047         the HandlerInfo.
2048
2049         * bytecode/CodeBlock.cpp:
2050         (JSC::CodeBlock::handlerForVPC): Return the HandlerInfo.
2051         * bytecode/CodeBlock.h: Remove nativeExceptionCodeForHandlerVPC.
2052
2053         * interpreter/Interpreter.cpp:
2054         (JSC::Interpreter::throwException): Return a HandlerInfo instead of
2055         and Instruction offset.
2056         (JSC::Interpreter::privateExecute): Get the offset from HandlerInfo.
2057         (JSC::Interpreter::cti_op_throw): Get the native code from the HandleInfo.
2058         (JSC::Interpreter::cti_vm_throw): Ditto.
2059         * interpreter/Interpreter.h:
2060
2061 2008-12-09  Eric Seidel  <eric@webkit.org>
2062
2063         Build fix only, no review.
2064
2065         Speculative fix for the Chromium-Windows bot.
2066         Add JavaScriptCore/os-win32 to the include path (for stdint.h)
2067         Strangely it builds fine on my local windows box (or at least doesn't hit this error)
2068
2069         * JavaScriptCore.scons:
2070
2071 2008-12-09  Eric Seidel  <eric@webkit.org>
2072
2073         No review, build fix only.
2074         
2075         Add ExecutableAllocator files missing from Scons build.
2076
2077         * JavaScriptCore.scons:
2078
2079 2008-12-09  Dimitri Glazkov  <dglazkov@chromium.org>
2080
2081         Reviewed by Timothy Hatcher.
2082
2083         https://bugs.webkit.org/show_bug.cgi?id=22631
2084         Allow ScriptCallFrame query names of functions in the call stack.
2085
2086         * JavaScriptCore.exp: added InternalFunction::name and
2087         UString operator==() as exported symbol
2088
2089 2008-12-08  Judit Jasz  <jasy@inf.u-szeged.hu>
2090
2091         Reviewed and tweaked by Cameron Zwarich.
2092
2093         Bug 22352: Annotate opcodes with their length
2094         <https://bugs.webkit.org/show_bug.cgi?id=22352>
2095
2096         * bytecode/Opcode.cpp:
2097         * bytecode/Opcode.h:
2098         * interpreter/Interpreter.cpp:
2099         (JSC::Interpreter::privateExecute):
2100         * jit/JIT.cpp:
2101         (JSC::JIT::privateCompileMainPass):
2102         (JSC::JIT::privateCompileSlowCases):
2103
2104 2008-12-08  Geoffrey Garen  <ggaren@apple.com>
2105
2106         Reviewed by Oliver Hunt.
2107         
2108         Implemented more of the relaxed and somewhat weird rules for deciding
2109         how to interpret a non-pattern-character.
2110         
2111         * wrec/Escapes.h:
2112         (JSC::WREC::Escape::):
2113         (JSC::WREC::Escape::Escape): Eliminated Escape::None because it was
2114         unused. If you see an '\\', it's either a valid escape or an error.
2115
2116         * wrec/Quantifier.h:
2117         (JSC::WREC::Quantifier::Quantifier):
2118         * wrec/WRECGenerator.cpp:
2119         (JSC::WREC::Generator::generateNonGreedyQuantifier):
2120         (JSC::WREC::Generator::generateGreedyQuantifier): Renamed "noMaxSpecified"
2121         to "Infinity", since that's what it means.
2122
2123         * wrec/WRECParser.cpp:
2124         (JSC::WREC::Parser::consumeGreedyQuantifier): Re-wrote {n,m} parsing rules
2125         because they were too strict before. Added support for backtracking
2126         in the case where the {n,m} fails to parse as a quantifier, and yet is
2127         not a syntax error.
2128
2129         (JSC::WREC::Parser::parseCharacterClass):
2130         (JSC::WREC::Parser::parseNonCharacterEscape): Eliminated Escape::None,
2131         as above.
2132
2133         (JSC::WREC::Parser::consumeEscape): Don't treat ASCII and _ escapes
2134         as syntax errors. See fast/regex/non-pattern-characters.html.
2135         
2136         * wrec/WRECParser.h:
2137         (JSC::WREC::Parser::SavedState::SavedState):
2138         (JSC::WREC::Parser::SavedState::restore): Added a state backtracker,
2139         since parsing {n,m} forms requires backtracking if the form turns out
2140         not to be a quantifier.
2141
2142 2008-12-08  Geoffrey Garen  <ggaren@apple.com>
2143
2144         Reviewed by Oliver Hunt.
2145         
2146         Refactored WREC parsing so that only one piece of code needs to know
2147         the relaxed and somewhat weird rules for deciding how to interpret a
2148         non-pattern-character, in preparation for implementing those rules.
2149         
2150         Also, implemented the relaxed and somewhat weird rules for '}' and ']'.
2151
2152         * wrec/WREC.cpp: Reduced the regular expression size limit. Now that
2153         WREC handles ']' properly, it compiles fast/js/regexp-charclass-crash.html,
2154         which makes it hang at the old limit. (The old limit was based on the
2155         misimpression that the same value in PCRE limited the regular expression
2156         pattern size; in reality, it limited the expected compiled regular
2157         expression size. WREC doesn't have a way to calculate an expected
2158         compiled regular expression size, but this should be good enough.)
2159
2160         * wrec/WRECParser.cpp:
2161         (JSC::WREC::parsePatternCharacterSequence): Nixed this function because
2162         it contained a second copy of the logic for handling non-pattern-characters,
2163         which is about to get a lot more complicated.
2164
2165         (JSC::WREC::PatternCharacterSequence::PatternCharacterSequence): 
2166         (JSC::WREC::PatternCharacterSequence::size):
2167         (JSC::WREC::PatternCharacterSequence::append):
2168         (JSC::WREC::PatternCharacterSequence::flush): Helper object for generating
2169         an optimized sequence of pattern characters.
2170
2171         (JSC::WREC::Parser::parseNonCharacterEscape): Renamed to reflect the fact
2172         that the main parseAlternative loop handles character escapes.
2173
2174         (JSC::WREC::Parser::parseAlternative): Moved pattern character sequence
2175         logic from parsePatternCharacterSequence to here, using
2176         PatternCharacterSequence to help with the details.
2177
2178         * wrec/WRECParser.h: Updated for renames.
2179
2180 2008-12-08  Alexey Proskuryakov  <ap@webkit.org>
2181
2182         Reviewed by Geoff Garen.
2183
2184         <rdar://problem/6166088> Give JSGlobalContextCreate a behavior that is concurrency aware,
2185         and un-deprecate it
2186
2187         * API/JSContextRef.cpp: (JSGlobalContextCreate):
2188         * API/JSContextRef.h:
2189         Use a unique context group for the context, unless the application was linked against old
2190         JavaScriptCore.
2191
2192 2008-12-08  Sam Weinig  <sam@webkit.org>
2193
2194         Reviewed by Cameron Zwarich.
2195
2196         Fix for <rdar://problem/6428332> Remove the CTI return address table from CodeBlock
2197
2198         Step 1:
2199
2200         Remove use of jitReturnAddressVPCMap when looking for vPC to store Structures
2201         in for cached lookup.  Instead, use the offset in the StructureStubInfo that is
2202         already required.
2203
2204         * bytecode/CodeBlock.cpp:
2205         (JSC::CodeBlock::dumpStatistics): Fix extraneous semicolon.
2206         * interpreter/Interpreter.cpp:
2207         (JSC::Interpreter::tryCTICachePutByID):
2208         (JSC::Interpreter::tryCTICacheGetByID):
2209         (JSC::Interpreter::cti_op_get_by_id_self_fail):
2210         (JSC::Interpreter::cti_op_get_by_id_proto_list):
2211         * jit/JIT.h:
2212         (JSC::JIT::compileGetByIdSelf):
2213         (JSC::JIT::compileGetByIdProto):
2214         (JSC::JIT::compileGetByIdChain):
2215         (JSC::JIT::compilePutByIdReplace):
2216         (JSC::JIT::compilePutByIdTransition):
2217         * jit/JITPropertyAccess.cpp:
2218         (JSC::JIT::privateCompilePutByIdTransition):
2219         (JSC::JIT::patchGetByIdSelf):
2220         (JSC::JIT::patchPutByIdReplace):
2221         (JSC::JIT::privateCompilePatchGetArrayLength): Remove extra call to getStubInfo.
2222         (JSC::JIT::privateCompileGetByIdSelf):
2223         (JSC::JIT::privateCompileGetByIdProto):
2224         (JSC::JIT::privateCompileGetByIdChain):
2225         (JSC::JIT::privateCompilePutByIdReplace):
2226
2227 2008-12-08  Gavin Barraclough  <barraclough@apple.com>
2228
2229         Reviewed by Oliver Hunt.
2230
2231         Port the op_j?n?eq_null JIT code generation to use the MacroAssembler,
2232         and clean up slightly at the same time.  The 'j' forms currently compare,
2233         then set a register, then compare again, then branch.  Branch directly on
2234         the result of the first compare.
2235
2236         Around a 1% progression on deltablue, crypto & early boyer, for about 1/2%
2237         overall on v8-tests.
2238
2239         * jit/JIT.cpp:
2240         (JSC::JIT::privateCompileMainPass):
2241         * jit/JITPropertyAccess.cpp:
2242         (JSC::JIT::compileGetByIdSlowCase):
2243
2244 2008-12-08  Gavin Barraclough  <barraclough@apple.com>
2245
2246         Reviewed by Geoff Garen.
2247
2248         Expand MacroAssembler to support more operations, required by the JIT.
2249
2250         Generally adds more operations and permutations of operands to the existing
2251         interface.  Rename 'jset' to 'jnz' and 'jnset' to 'jz', which seem clearer,
2252         and require that immediate pointer operands (though not pointer addresses to
2253         load and store instructions) are wrapped in a ImmPtr() type, akin to Imm32().
2254
2255         No performance impact.
2256
2257         * assembler/MacroAssembler.h:
2258         (JSC::MacroAssembler::):
2259         (JSC::MacroAssembler::ImmPtr::ImmPtr):
2260         (JSC::MacroAssembler::add32):
2261         (JSC::MacroAssembler::and32):
2262         (JSC::MacroAssembler::or32):
2263         (JSC::MacroAssembler::sub32):
2264         (JSC::MacroAssembler::xor32):
2265         (JSC::MacroAssembler::loadPtr):
2266         (JSC::MacroAssembler::load32):
2267         (JSC::MacroAssembler::storePtr):
2268         (JSC::MacroAssembler::store32):
2269         (JSC::MacroAssembler::poke):
2270         (JSC::MacroAssembler::move):
2271         (JSC::MacroAssembler::testImm32):
2272         (JSC::MacroAssembler::jae32):
2273         (JSC::MacroAssembler::jb32):
2274         (JSC::MacroAssembler::jePtr):
2275         (JSC::MacroAssembler::je32):
2276         (JSC::MacroAssembler::jnePtr):
2277         (JSC::MacroAssembler::jne32):
2278         (JSC::MacroAssembler::jnzPtr):
2279         (JSC::MacroAssembler::jnz32):
2280         (JSC::MacroAssembler::jzPtr):
2281         (JSC::MacroAssembler::jz32):
2282         (JSC::MacroAssembler::joSub32):
2283         (JSC::MacroAssembler::jump):
2284         (JSC::MacroAssembler::sete32):
2285         (JSC::MacroAssembler::setne32):
2286         (JSC::MacroAssembler::setnz32):
2287         (JSC::MacroAssembler::setz32):
2288         * assembler/X86Assembler.h:
2289         (JSC::X86Assembler::addl_mr):
2290         (JSC::X86Assembler::andl_i8r):
2291         (JSC::X86Assembler::cmpl_rm):
2292         (JSC::X86Assembler::cmpl_mr):
2293         (JSC::X86Assembler::cmpl_i8m):
2294         (JSC::X86Assembler::subl_mr):
2295         (JSC::X86Assembler::testl_i32m):
2296         (JSC::X86Assembler::xorl_i32r):
2297         (JSC::X86Assembler::movl_rm):
2298         (JSC::X86Assembler::modRm_opmsib):
2299         * jit/JIT.cpp:
2300         (JSC::JIT::privateCompileMainPass):
2301         * jit/JITInlineMethods.h:
2302         (JSC::JIT::emitGetVirtualRegister):
2303         (JSC::JIT::emitPutCTIArgConstant):
2304         (JSC::JIT::emitPutCTIParam):
2305         (JSC::JIT::emitPutImmediateToCallFrameHeader):
2306         (JSC::JIT::emitInitRegister):
2307         (JSC::JIT::checkStructure):
2308         (JSC::JIT::emitJumpIfJSCell):
2309         (JSC::JIT::emitJumpIfNotJSCell):
2310         (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
2311
2312 2008-12-08  Geoffrey Garen  <ggaren@apple.com>
2313
2314         Reviewed by Sam Weinig.
2315         
2316         Fixed a bug where WREC would allow a quantifier whose minimum was
2317         greater than its maximum.
2318         
2319         * wrec/Quantifier.h:
2320         (JSC::WREC::Quantifier::Quantifier): ASSERT that the quantifier is not
2321         backwards.
2322         
2323         * wrec/WRECParser.cpp:
2324         (JSC::WREC::Parser::consumeGreedyQuantifier): Verify that the minimum
2325         is not greater than the maximum.
2326
2327 2008-12-08  Eric Seidel  <eric@webkit.org>
2328         
2329         Build fix only, no review.
2330
2331         * JavaScriptCore.scons: add bytecode/JumpTable.cpp
2332
2333 2008-12-08  Sam Weinig  <sam@webkit.org>
2334
2335         Reviewed by Geoffrey Garen.
2336
2337         Patch for https://bugs.webkit.org/show_bug.cgi?id=22716
2338         <rdar://problem/6428315>
2339         Add RareData structure to CodeBlock for infrequently used auxiliary data
2340         members.
2341
2342         Reduces memory on Membuster-head by ~.5MB 
2343
2344         * bytecode/CodeBlock.cpp:
2345         (JSC::CodeBlock::dump):
2346         (JSC::CodeBlock::dumpStatistics):
2347         (JSC::CodeBlock::mark):
2348         (JSC::CodeBlock::getHandlerForVPC):
2349         (JSC::CodeBlock::nativeExceptionCodeForHandlerVPC):
2350         (JSC::CodeBlock::shrinkToFit):
2351         * bytecode/CodeBlock.h:
2352         (JSC::CodeBlock::numberOfExceptionHandlers):
2353         (JSC::CodeBlock::addExceptionHandler):
2354         (JSC::CodeBlock::exceptionHandler):
2355         (JSC::CodeBlock::addFunction):
2356         (JSC::CodeBlock::function):
2357         (JSC::CodeBlock::addUnexpectedConstant):
2358         (JSC::CodeBlock::unexpectedConstant):
2359         (JSC::CodeBlock::addRegExp):
2360         (JSC::CodeBlock::regexp):
2361         (JSC::CodeBlock::numberOfImmediateSwitchJumpTables):
2362         (JSC::CodeBlock::addImmediateSwitchJumpTable):
2363         (JSC::CodeBlock::immediateSwitchJumpTable):
2364         (JSC::CodeBlock::numberOfCharacterSwitchJumpTables):
2365         (JSC::CodeBlock::addCharacterSwitchJumpTable):
2366         (JSC::CodeBlock::characterSwitchJumpTable):
2367         (JSC::CodeBlock::numberOfStringSwitchJumpTables):
2368         (JSC::CodeBlock::addStringSwitchJumpTable):
2369         (JSC::CodeBlock::stringSwitchJumpTable):
2370         (JSC::CodeBlock::evalCodeCache):
2371         (JSC::CodeBlock::createRareDataIfNecessary):
2372
2373 2008-11-26  Peter Kasting  <pkasting@google.com>
2374
2375         Reviewed by Anders Carlsson.
2376
2377         https://bugs.webkit.org/show_bug.cgi?id=16814
2378         Allow ports to disable ActiveX->NPAPI conversion for Media Player.
2379         Improve handling of miscellaneous ActiveX objects.
2380
2381         * wtf/Platform.h: Add another ENABLE(...).
2382
2383 2008-12-08  Sam Weinig  <sam@webkit.org>
2384
2385         Reviewed by Mark Rowe.
2386
2387         Add dumping of CodeBlock member structure usage.
2388
2389         * bytecode/CodeBlock.cpp:
2390         (JSC::CodeBlock::dumpStatistics):
2391         * bytecode/EvalCodeCache.h:
2392         (JSC::EvalCodeCache::isEmpty):
2393
2394 2008-12-08  David Kilzer  <ddkilzer@apple.com>
2395
2396         Bug 22555: Sort "children" sections in Xcode project files
2397
2398         <https://bugs.webkit.org/show_bug.cgi?id=22555>
2399
2400         Reviewed by Eric Seidel.
2401
2402         * JavaScriptCore.xcodeproj/project.pbxproj: Sorted.
2403
2404 2008-12-08  Tony Chang  <tony@chromium.org>
2405
2406         Reviewed by Eric Seidel.
2407
2408         Enable Pan scrolling only when building on PLATFORM(WIN_OS)
2409         Previously platforms like Apple Windows WebKit, Cairo Windows WebKit,
2410         Wx and Chromium were enabling it explicitly, now we just turn it on
2411         for all WIN_OS, later platforms can turn it off as needed on Windows
2412         (or turn it on under Linux, etc.)
2413         https://bugs.webkit.org/show_bug.cgi?id=22698
2414
2415         * wtf/Platform.h:
2416
2417 2008-12-08  Sam Weinig  <sam@webkit.org>
2418
2419         Reviewed by Cameron Zwarich.
2420
2421         Add basic memory statistics dumping for CodeBlock.
2422
2423         * bytecode/CodeBlock.cpp:
2424         (JSC::CodeBlock::dumpStatistics):
2425         (JSC::CodeBlock::CodeBlock):
2426         (JSC::CodeBlock::~CodeBlock):
2427         * bytecode/CodeBlock.h:
2428
2429 2008-12-08  Simon Hausmann  <simon.hausmann@nokia.com>
2430
2431         Fix the Linux build with newer gcc/glibc.
2432
2433         * jit/ExecutableAllocatorPosix.cpp: Include unistd.h for
2434         getpagesize(), according to
2435         http://opengroup.org/onlinepubs/007908775/xsh/getpagesize.html
2436
2437 2008-12-08  Simon Hausmann  <simon.hausmann@nokia.com>
2438
2439         Fix the build with Qt on Windows.
2440
2441         * JavaScriptCore.pri: Compile ExecutableAllocatorWin.cpp on Windows.
2442
2443 2008-12-07  Oliver Hunt  <oliver@apple.com>
2444
2445         Reviewed by NOBODY (Buildfix).
2446
2447         Fix non-WREC builds
2448
2449         * runtime/RegExp.cpp:
2450         (JSC::RegExp::RegExp):
2451
2452 2008-12-07  Oliver Hunt  <oliver@apple.com>
2453
2454         Reviewed by NOBODY (Build fix).
2455
2456         Put ENABLE(ASSEMBLER) guards around use of ExecutableAllocator in global data
2457
2458         Correct Qt and Gtk project files
2459
2460         * GNUmakefile.am:
2461         * JavaScriptCore.pri:
2462         * runtime/JSGlobalData.h:
2463
2464 2008-12-07  Oliver Hunt  <oliver@apple.com>
2465
2466         Reviewed by NOBODY (Build fix).
2467
2468         Add new files to other projects.
2469
2470         * GNUmakefile.am:
2471         * JavaScriptCore.pri:
2472         * JavaScriptCore.pro:
2473
2474 2008-12-07  Oliver Hunt  <oliver@apple.com>
2475
2476         Rubber stamped by Mark Rowe.
2477
2478         Rename ExecutableAllocatorMMAP to the more sensible ExecutableAllocatorPosix
2479
2480         * JavaScriptCore.xcodeproj/project.pbxproj:
2481         * jit/ExecutableAllocator.h:
2482         * jit/ExecutableAllocatorPosix.cpp: Renamed from JavaScriptCore/jit/ExecutableAllocatorMMAP.cpp.
2483         (JSC::ExecutableAllocator::intializePageSize):
2484         (JSC::ExecutablePool::systemAlloc):
2485         (JSC::ExecutablePool::systemRelease):
2486
2487 2008-12-07  Oliver Hunt  <oliver@apple.com>
2488
2489         Reviewed by Cameron Zwarich and Sam Weinig
2490
2491         <rdar://problem/6309878> Need more granular control over allocation of executable memory (21783)
2492         <https://bugs.webkit.org/show_bug.cgi?id=21783>
2493
2494         Add a new allocator for use by the JIT that provides executable pages, so
2495         we can get rid of the current hack that makes the entire heap executable.
2496
2497         1-2% progression on SunSpider-v8, 1% on SunSpider.  Reduces memory usage as well!
2498
2499         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2500         * JavaScriptCore.vcproj/jsc/jsc.vcproj:
2501         * JavaScriptCore.xcodeproj/project.pbxproj:
2502         * assembler/AssemblerBuffer.h:
2503         (JSC::AssemblerBuffer::size):
2504         (JSC::AssemblerBuffer::executableCopy):
2505         * assembler/MacroAssembler.h:
2506         (JSC::MacroAssembler::size):
2507         (JSC::MacroAssembler::copyCode):
2508         * assembler/X86Assembler.h:
2509         (JSC::X86Assembler::size):
2510         (JSC::X86Assembler::executableCopy):
2511         * bytecode/CodeBlock.cpp:
2512         (JSC::CodeBlock::~CodeBlock):
2513         * bytecode/CodeBlock.h:
2514         (JSC::CodeBlock::executablePool):
2515         (JSC::CodeBlock::setExecutablePool):
2516         * bytecode/Instruction.h:
2517         (JSC::PolymorphicAccessStructureList::derefStructures):
2518         * interpreter/Interpreter.cpp:
2519         (JSC::Interpreter::~Interpreter):
2520         * interpreter/Interpreter.h:
2521         * jit/ExecutableAllocator.cpp: Added.
2522         * jit/ExecutableAllocator.h: Added.
2523         (JSC::ExecutablePool::create):
2524         (JSC::ExecutablePool::alloc):
2525         (JSC::ExecutablePool::~ExecutablePool):
2526         (JSC::ExecutablePool::available):
2527         (JSC::ExecutablePool::ExecutablePool):
2528         (JSC::ExecutablePool::poolAllocate):
2529         (JSC::ExecutableAllocator::ExecutableAllocator):
2530         (JSC::ExecutableAllocator::poolForSize):
2531         (JSC::ExecutablePool::sizeForAllocation):
2532         * jit/ExecutableAllocatorMMAP.cpp: Added.
2533         (JSC::ExecutableAllocator::intializePageSize):
2534         (JSC::ExecutablePool::systemAlloc):
2535         (JSC::ExecutablePool::systemRelease):
2536         * jit/ExecutableAllocatorWin.cpp: Added.
2537         (JSC::ExecutableAllocator::intializePageSize):
2538         (JSC::ExecutablePool::systemAlloc):
2539         (JSC::ExecutablePool::systemRelease):
2540         * jit/JIT.cpp:
2541         (JSC::JIT::privateCompile):
2542         (JSC::JIT::privateCompileCTIMachineTrampolines):
2543         * jit/JIT.h:
2544         (JSC::JIT::compileCTIMachineTrampolines):
2545         * jit/JITPropertyAccess.cpp:
2546         (JSC::JIT::privateCompilePutByIdTransition):
2547         (JSC::JIT::privateCompilePatchGetArrayLength):
2548         (JSC::JIT::privateCompileGetByIdSelf):
2549         (JSC::JIT::privateCompileGetByIdProto):
2550         (JSC::JIT::privateCompileGetByIdSelfList):
2551         (JSC::JIT::privateCompileGetByIdProtoList):
2552         (JSC::JIT::privateCompileGetByIdChainList):
2553         (JSC::JIT::privateCompileGetByIdChain):
2554         (JSC::JIT::privateCompilePutByIdReplace):
2555         * parser/Nodes.cpp:
2556         (JSC::RegExpNode::emitBytecode):
2557         * runtime/JSGlobalData.h:
2558         (JSC::JSGlobalData::poolForSize):
2559         * runtime/RegExp.cpp:
2560         (JSC::RegExp::RegExp):
2561         (JSC::RegExp::create):
2562         (JSC::RegExp::~RegExp):
2563         * runtime/RegExp.h:
2564         * runtime/RegExpConstructor.cpp:
2565         (JSC::constructRegExp):
2566         * runtime/RegExpPrototype.cpp:
2567         (JSC::regExpProtoFuncCompile):
2568         * runtime/StringPrototype.cpp:
2569         (JSC::stringProtoFuncMatch):
2570         (JSC::stringProtoFuncSearch):
2571         * wrec/WREC.cpp:
2572         (JSC::WREC::Generator::compileRegExp):
2573         * wrec/WRECGenerator.h:
2574         * wtf/FastMalloc.cpp:
2575         * wtf/FastMalloc.h:
2576         * wtf/TCSystemAlloc.cpp:
2577         (TryMmap):
2578         (TryVirtualAlloc):
2579         (TryDevMem):
2580         (TCMalloc_SystemRelease):
2581
2582 2008-12-06  Sam Weinig  <sam@webkit.org>
2583
2584         Fix the Gtk build.
2585
2586         * jit/JITPropertyAccess.cpp:
2587         (JSC::JIT::compileGetByIdHotPath):
2588         (JSC::JIT::compilePutByIdHotPath):
2589
2590 2008-12-06  Sam Weinig  <sam@webkit.org>
2591
2592         Reviewed by Cameron Zwarich,
2593
2594         Move CodeBlock constructor into the .cpp file.
2595
2596         Sunspider reports a .7% progression, but I can only assume this
2597         is noise.
2598
2599         * bytecode/CodeBlock.cpp:
2600         (JSC::CodeBlock::CodeBlock):
2601         * bytecode/CodeBlock.h:
2602
2603 2008-12-06  Sam Weinig  <sam@webkit.org>
2604
2605         Reviewed by Cameron Zwarich.
2606
2607         Split JumpTable code into its own file.
2608
2609         * GNUmakefile.am:
2610         * JavaScriptCore.pri:
2611         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2612         * JavaScriptCore.xcodeproj/project.pbxproj:
2613         * JavaScriptCoreSources.bkl:
2614         * bytecode/CodeBlock.cpp:
2615         * bytecode/CodeBlock.h:
2616         * bytecode/JumpTable.cpp: Copied from bytecode/CodeBlock.cpp.
2617         * bytecode/JumpTable.h: Copied from bytecode/CodeBlock.h.
2618
2619 2008-12-05  Sam Weinig  <sam@webkit.org>
2620
2621         Reviewed by Cameron Zwarich.
2622
2623         Fix for https://bugs.webkit.org/show_bug.cgi?id=22715
2624         Encapsulate more CodeBlock members in preparation
2625         of moving some of them to a rare data structure.
2626
2627         * bytecode/CodeBlock.cpp:
2628         (JSC::locationForOffset):
2629         (JSC::printConditionalJump):
2630         (JSC::printGetByIdOp):
2631         (JSC::printPutByIdOp):
2632         (JSC::CodeBlock::printStructure):
2633         (JSC::CodeBlock::printStructures):
2634         (JSC::CodeBlock::dump):
2635         (JSC::CodeBlock::~CodeBlock):
2636         (JSC::CodeBlock::unlinkCallers):
2637         (JSC::CodeBlock::derefStructures):
2638         (JSC::CodeBlock::refStructures):
2639         (JSC::CodeBlock::mark):
2640         (JSC::CodeBlock::getHandlerForVPC):
2641         (JSC::CodeBlock::nativeExceptionCodeForHandlerVPC):
2642         (JSC::CodeBlock::lineNumberForVPC):
2643         (JSC::CodeBlock::expressionRangeForVPC):
2644         (JSC::CodeBlock::shrinkToFit):
2645         * bytecode/CodeBlock.h:
2646         (JSC::CodeBlock::CodeBlock):
2647         (JSC::CodeBlock::addCaller):
2648         (JSC::CodeBlock::removeCaller):
2649         (JSC::CodeBlock::isKnownNotImmediate):
2650         (JSC::CodeBlock::isConstantRegisterIndex):
2651         (JSC::CodeBlock::getConstant):
2652         (JSC::CodeBlock::isTemporaryRegisterIndex):
2653         (JSC::CodeBlock::getStubInfo):
2654         (JSC::CodeBlock::getCallLinkInfo):
2655         (JSC::CodeBlock::instructions):
2656         (JSC::CodeBlock::setJITCode):
2657         (JSC::CodeBlock::jitCode):
2658         (JSC::CodeBlock::ownerNode):
2659         (JSC::CodeBlock::setGlobalData):
2660         (JSC::CodeBlock::setThisRegister):
2661         (JSC::CodeBlock::thisRegister):
2662         (JSC::CodeBlock::setNeedsFullScopeChain):
2663         (JSC::CodeBlock::needsFullScopeChain):
2664         (JSC::CodeBlock::setUsesEval):
2665         (JSC::CodeBlock::usesEval):
2666         (JSC::CodeBlock::setUsesArguments):
2667         (JSC::CodeBlock::usesArguments):
2668         (JSC::CodeBlock::codeType):
2669         (JSC::CodeBlock::source):
2670         (JSC::CodeBlock::sourceOffset):
2671         (JSC::CodeBlock::addGlobalResolveInstruction):
2672         (JSC::CodeBlock::numberOfPropertyAccessInstructions):
2673         (JSC::CodeBlock::addPropertyAccessInstruction):
2674         (JSC::CodeBlock::propertyAccessInstruction):
2675         (JSC::CodeBlock::numberOfCallLinkInfos):
2676         (JSC::CodeBlock::addCallLinkInfo):
2677         (JSC::CodeBlock::callLinkInfo):
2678         (JSC::CodeBlock::numberOfJumpTargets):
2679         (JSC::CodeBlock::addJumpTarget):
2680         (JSC::CodeBlock::jumpTarget):
2681         (JSC::CodeBlock::lastJumpTarget):
2682         (JSC::CodeBlock::numberOfExceptionHandlers):
2683         (JSC::CodeBlock::addExceptionHandler):
2684         (JSC::CodeBlock::exceptionHandler):
2685         (JSC::CodeBlock::addExpressionInfo):
2686         (JSC::CodeBlock::numberOfLineInfos):
2687         (JSC::CodeBlock::addLineInfo):
2688         (JSC::CodeBlock::lastLineInfo):
2689         (JSC::CodeBlock::jitReturnAddressVPCMap):
2690         (JSC::CodeBlock::numberOfIdentifiers):
2691         (JSC::CodeBlock::addIdentifier):
2692         (JSC::CodeBlock::identifier):
2693         (JSC::CodeBlock::numberOfConstantRegisters):
2694         (JSC::CodeBlock::addConstantRegister):
2695         (JSC::CodeBlock::constantRegister):
2696         (JSC::CodeBlock::addFunction):
2697         (JSC::CodeBlock::function):
2698         (JSC::CodeBlock::addFunctionExpression):
2699         (JSC::CodeBlock::functionExpression):
2700         (JSC::CodeBlock::addUnexpectedConstant):
2701         (JSC::CodeBlock::unexpectedConstant):
2702         (JSC::CodeBlock::addRegExp):
2703         (JSC::CodeBlock::regexp):
2704         (JSC::CodeBlock::symbolTable):
2705         (JSC::CodeBlock::evalCodeCache):
2706         New inline setters/getters.
2707
2708         (JSC::ProgramCodeBlock::ProgramCodeBlock):
2709         (JSC::ProgramCodeBlock::~ProgramCodeBlock):
2710         (JSC::ProgramCodeBlock::clearGlobalObject):
2711         * bytecode/SamplingTool.cpp:
2712         (JSC::ScopeSampleRecord::sample):
2713         (JSC::SamplingTool::dump):
2714         * bytecompiler/BytecodeGenerator.cpp:
2715         * bytecompiler/BytecodeGenerator.h:
2716         * bytecompiler/Label.h:
2717         * interpreter/CallFrame.cpp:
2718         * interpreter/Interpreter.cpp:
2719         * jit/JIT.cpp:
2720         * jit/JITCall.cpp:
2721         * jit/JITInlineMethods.h:
2722         * jit/JITPropertyAccess.cpp:
2723         * parser/Nodes.cpp:
2724         * runtime/Arguments.h:
2725         * runtime/ExceptionHelpers.cpp:
2726         * runtime/JSActivation.cpp:
2727         * runtime/JSActivation.h:
2728         * runtime/JSGlobalObject.cpp:
2729         Change direct access to use new getter/setters.
2730
2731 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2732
2733         Reviewed by Oliver Hunt.
2734
2735         Prevent GCC4.2 from hanging when trying to compile Interpreter.cpp.
2736         Added "-fno-var-tracking" compiler flag.
2737
2738         https://bugs.webkit.org/show_bug.cgi?id=22704
2739
2740         * JavaScriptCore.xcodeproj/project.pbxproj:
2741
2742 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2743
2744         Reviewed by Oliver Hunt.
2745
2746         Ordering of branch operands in MacroAssembler in unnecessarily  inconsistent.
2747
2748         je, jg etc take an immediate operand as the second argument, but for the
2749         equality branches (je, jne) the immediate operand was the first argument.  This
2750         was unnecessarily inconsistent.  Change je, jne methods to take the immediate
2751         as the second argument.
2752
2753         https://bugs.webkit.org/show_bug.cgi?id=22703
2754
2755         * assembler/MacroAssembler.h:
2756         (JSC::MacroAssembler::je32):
2757         (JSC::MacroAssembler::jne32):
2758         * jit/JIT.cpp:
2759         (JSC::JIT::compileOpStrictEq):
2760         * wrec/WRECGenerator.cpp:
2761         (JSC::WREC::Generator::generateEnter):
2762         (JSC::WREC::Generator::generateNonGreedyQuantifier):
2763         (JSC::WREC::Generator::generateGreedyQuantifier):
2764         (JSC::WREC::Generator::generatePatternCharacterPair):
2765         (JSC::WREC::Generator::generatePatternCharacter):
2766         (JSC::WREC::Generator::generateCharacterClassInvertedRange):
2767         (JSC::WREC::Generator::generateCharacterClassInverted):
2768         (JSC::WREC::Generator::generateAssertionBOL):
2769         (JSC::WREC::Generator::generateAssertionWordBoundary):
2770
2771 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2772
2773         Reviewed by Geoff Garen.
2774
2775         Second tranche of porting JIT.cpp to MacroAssembler interface.
2776
2777         * assembler/MacroAssembler.h:
2778         (JSC::MacroAssembler::mul32):
2779         (JSC::MacroAssembler::jl32):
2780         (JSC::MacroAssembler::jnzSub32):
2781         (JSC::MacroAssembler::joAdd32):
2782         (JSC::MacroAssembler::joMul32):
2783         (JSC::MacroAssembler::jzSub32):
2784         * jit/JIT.cpp:
2785         (JSC::JIT::emitSlowScriptCheck):
2786         (JSC::JIT::privateCompileMainPass):
2787         (JSC::JIT::privateCompileSlowCases):
2788         (JSC::JIT::privateCompileCTIMachineTrampolines):
2789         * jit/JIT.h:
2790         * jit/JITInlineMethods.h:
2791         (JSC::JIT::emitJumpIfNotJSCell):
2792         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
2793
2794 2008-12-05  David Kilzer  <ddkilzer@apple.com>
2795
2796         Bug 22609: Provide a build-time choice when generating hash tables for properties of built-in DOM objects
2797
2798         <https://bugs.webkit.org/show_bug.cgi?id=22609>
2799         <rdar://problem/6331749>
2800
2801         Reviewed by Darin Adler.
2802
2803         Initial patch by Yosen Lin.  Adapted for ToT WebKit by David Kilzer.
2804
2805         Added back the code that generates a "compact" hash (instead of a
2806         perfect hash) as a build-time option using the
2807         ENABLE(PERFECT_HASH_SIZE) macro as defined in Lookup.h.
2808
2809         * create_hash_table: Rename variables to differentiate perfect hash
2810         values from compact hash values.  Added back code to compute compact
2811         hash tables.  Generate both hash table sizes and emit
2812         conditionalized code based on ENABLE(PERFECT_HASH_SIZE).
2813         * runtime/Lookup.cpp:
2814         (JSC::HashTable::createTable): Added version of createTable() for
2815         use with compact hash tables.
2816         (JSC::HashTable::deleteTable): Updated to work with compact hash
2817         tables.
2818         * runtime/Lookup.h: Defined ENABLE(PERFECT_HASH_SIZE) macro here.
2819         (JSC::HashEntry::initialize): Set m_next to zero when using compact
2820         hash tables.
2821         (JSC::HashEntry::setNext): Added for compact hash tables.
2822         (JSC::HashEntry::next): Added for compact hash tables.
2823         (JSC::HashTable::entry): Added version of entry() for use with
2824         compact hash tables.
2825         * runtime/Structure.cpp:
2826         (JSC::Structure::getEnumerablePropertyNames): Updated to work with
2827         compact hash tables.
2828
2829 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2830
2831         Reviewed by Geoff Garen.
2832
2833         Remove redundant calls to JIT::emitSlowScriptCheck.
2834         This is checked in the hot path, so is not needed on the slow path - and the code
2835         was being planted before the start of the slow case, so was completely unreachable!
2836
2837         * jit/JIT.cpp:
2838         (JSC::JIT::privateCompileSlowCases):
2839
2840 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2841
2842         Reviewed by Geoff Garen.
2843
2844         Move JIT::compileOpStrictEq to MacroAssembler interface.
2845
2846         The rewrite also looks like a small (<1%) performance progression.
2847
2848         https://bugs.webkit.org/show_bug.cgi?id=22697
2849
2850         * jit/JIT.cpp:
2851         (JSC::JIT::compileOpStrictEq):
2852         (JSC::JIT::privateCompileSlowCases):
2853         * jit/JIT.h:
2854         * jit/JITInlineMethods.h:
2855         (JSC::JIT::emitJumpIfJSCell):
2856         (JSC::JIT::emitJumpSlowCaseIfJSCell):
2857
2858 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2859
2860         Reviewed by Geoff Garen.
2861
2862         Remove m_assembler from MacroAssembler::Jump.
2863         Keeping a pointer allowed for some syntactic sugar - "link()" looks nicer
2864         than "link(this)".  But maintaining this doubles the size of Jump, which
2865         is even more unfortunate for the JIT, since there are many large structures
2866         holding JmpSrcs.  Probably best to remove it.
2867
2868         https://bugs.webkit.org/show_bug.cgi?id=22693
2869
2870         * assembler/MacroAssembler.h:
2871         (JSC::MacroAssembler::Jump::Jump):
2872         (JSC::MacroAssembler::Jump::link):
2873         (JSC::MacroAssembler::Jump::linkTo):
2874         (JSC::MacroAssembler::JumpList::link):
2875         (JSC::MacroAssembler::JumpList::linkTo):
2876         (JSC::MacroAssembler::jae32):
2877         (JSC::MacroAssembler::je32):
2878         (JSC::MacroAssembler::je16):
2879         (JSC::MacroAssembler::jg32):
2880         (JSC::MacroAssembler::jge32):
2881         (JSC::MacroAssembler::jl32):
2882         (JSC::MacroAssembler::jle32):
2883         (JSC::MacroAssembler::jnePtr):
2884         (JSC::MacroAssembler::jne32):
2885         (JSC::MacroAssembler::jnset32):
2886         (JSC::MacroAssembler::jset32):
2887         (JSC::MacroAssembler::jump):
2888         (JSC::MacroAssembler::jzSub32):
2889         (JSC::MacroAssembler::joAdd32):
2890         (JSC::MacroAssembler::call):
2891         * wrec/WREC.cpp:
2892         (JSC::WREC::Generator::compileRegExp):
2893         * wrec/WRECGenerator.cpp:
2894         (JSC::WREC::Generator::generateEnter):
2895         (JSC::WREC::Generator::generateBackreferenceQuantifier):
2896         (JSC::WREC::Generator::generateNonGreedyQuantifier):
2897         (JSC::WREC::Generator::generateGreedyQuantifier):
2898         (JSC::WREC::Generator::generatePatternCharacter):
2899         (JSC::WREC::Generator::generateCharacterClassInvertedRange):
2900         (JSC::WREC::Generator::generateCharacterClassInverted):
2901         (JSC::WREC::Generator::generateCharacterClass):
2902         (JSC::WREC::Generator::generateParenthesesAssertion):
2903         (JSC::WREC::Generator::generateParenthesesInvertedAssertion):
2904         (JSC::WREC::Generator::generateParenthesesNonGreedy):
2905         (JSC::WREC::Generator::generateParenthesesResetTrampoline):
2906         (JSC::WREC::Generator::generateAssertionBOL):
2907         (JSC::WREC::Generator::generateAssertionEOL):
2908         (JSC::WREC::Generator::generateAssertionWordBoundary):
2909         (JSC::WREC::Generator::generateBackreference):
2910         (JSC::WREC::Generator::terminateAlternative):
2911         (JSC::WREC::Generator::terminateDisjunction):
2912         * wrec/WRECParser.h:
2913
2914 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2915
2916         Reviewed by Geoffrey Garen.
2917
2918         Simplify JIT generated checks for timeout code, by moving more work into the C function.
2919         https://bugs.webkit.org/show_bug.cgi?id=22688
2920
2921         * interpreter/Interpreter.cpp:
2922         (JSC::Interpreter::cti_timeout_check):
2923         * interpreter/Interpreter.h:
2924         * jit/JIT.cpp:
2925         (JSC::JIT::emitSlowScriptCheck):
2926
2927 2008-12-05  Sam Weinig  <sam@webkit.org>
2928
2929         Reviewed by Geoffrey Garen.
2930
2931         Encapsulate access to jump tables in the CodeBlock in preparation
2932         of moving them to a rare data structure.
2933
2934         * bytecode/CodeBlock.cpp:
2935         (JSC::CodeBlock::dump):
2936         (JSC::CodeBlock::shrinkToFit):
2937         * bytecode/CodeBlock.h:
2938         (JSC::CodeBlock::numberOfImmediateSwitchJumpTables):
2939         (JSC::CodeBlock::addImmediateSwitchJumpTable):
2940         (JSC::CodeBlock::immediateSwitchJumpTable):
2941         (JSC::CodeBlock::numberOfCharacterSwitchJumpTables):
2942         (JSC::CodeBlock::addCharacterSwitchJumpTable):
2943         (JSC::CodeBlock::characterSwitchJumpTable):
2944         (JSC::CodeBlock::numberOfStringSwitchJumpTables):
2945         (JSC::CodeBlock::addStringSwitchJumpTable):
2946         (JSC::CodeBlock::stringSwitchJumpTable):
2947         * bytecompiler/BytecodeGenerator.cpp:
2948         (JSC::BytecodeGenerator::generate):
2949         (JSC::BytecodeGenerator::endSwitch):
2950         * interpreter/Interpreter.cpp:
2951         (JSC::Interpreter::privateExecute):
2952         (JSC::Interpreter::cti_op_switch_imm):
2953         (JSC::Interpreter::cti_op_switch_char):
2954         (JSC::Interpreter::cti_op_switch_string):
2955         * jit/JIT.cpp:
2956         (JSC::JIT::privateCompileMainPass):
2957
2958 2008-12-05  Adam Roben  <aroben@apple.com>
2959
2960         Windows build fix after r39020
2961
2962         * jit/JITInlineMethods.h:
2963         (JSC::JIT::restoreArgumentReference):
2964         (JSC::JIT::restoreArgumentReferenceForTrampoline):
2965         Add some apparently-missing __.
2966
2967 2008-12-04  Geoffrey Garen  <ggaren@apple.com>
2968
2969         Reviewed by Darin Adler.
2970         
2971         https://bugs.webkit.org/show_bug.cgi?id=22673
2972         
2973         Added support for the assertion (?=) and inverted assertion (?!) atoms
2974         in WREC.
2975
2976         * wrec/WRECGenerator.cpp:
2977         (JSC::WREC::Generator::generateParenthesesAssertion):
2978         (JSC::WREC::Generator::generateParenthesesInvertedAssertion): Split the
2979         old (unused) generateParentheses into these two functions, with more
2980         limited capabilities.
2981         
2982         * wrec/WRECGenerator.h:
2983         (JSC::WREC::Generator::): Moved an enum to the top of the class definition,
2984         to match the WebKit style, and removed a defunct comment.
2985
2986         * wrec/WRECParser.cpp:
2987         (JSC::WREC::Parser::parseParentheses):
2988         (JSC::WREC::Parser::consumeParenthesesType):
2989         * wrec/WRECParser.h:
2990         (JSC::WREC::Parser::): Added support for parsing (?=) and (?!).
2991
2992 2008-12-05  Simon Hausmann  <simon.hausmann@nokia.com>
2993
2994         Rubber-stamped by Tor Arne Vestbø.
2995
2996         Disable the JIT for the Qt build alltogether again, after observing
2997         more miscompilations in a wider range of newer gcc versions.
2998
2999         * JavaScriptCore.pri:
3000
3001 2008-12-05  Simon Hausmann  <simon.hausmann@nokia.com>
3002
3003         Reviewed by Tor Arne Vestbø.
3004
3005         Disable the JIT for the Qt build on Linux unless gcc is >= 4.2,
3006         due to miscompilations.
3007
3008         * JavaScriptCore.pri:
3009
3010 2008-12-04  Gavin Barraclough  <barraclough@apple.com>
3011
3012         Reviewed by Geoff Garen.
3013
3014         Start porting the JIT to use the MacroAssembler.
3015
3016         https://bugs.webkit.org/show_bug.cgi?id=22671
3017         No change in performance.
3018
3019         * assembler/MacroAssembler.h:
3020         (JSC::MacroAssembler::Jump::operator X86Assembler::JmpSrc):
3021         (JSC::MacroAssembler::add32):
3022         (JSC::MacroAssembler::and32):
3023         (JSC::MacroAssembler::lshift32):
3024         (JSC::MacroAssembler::rshift32):
3025         (JSC::MacroAssembler::storePtr):
3026         (JSC::MacroAssembler::store32):
3027         (JSC::MacroAssembler::poke):
3028         (JSC::MacroAssembler::move):
3029         (JSC::MacroAssembler::compareImm32ForBranchEquality):
3030         (JSC::MacroAssembler::jnePtr):
3031         (JSC::MacroAssembler::jnset32):
3032         (JSC::MacroAssembler::jset32):
3033         (JSC::MacroAssembler::jzeroSub32):
3034         (JSC::MacroAssembler::joverAdd32):
3035         (JSC::MacroAssembler::call):
3036         * assembler/X86Assembler.h:
3037         (JSC::X86Assembler::shll_i8r):
3038         * jit/JIT.cpp:
3039         (JSC::JIT::privateCompileMainPass):
3040         (JSC::JIT::privateCompile):
3041         (JSC::JIT::privateCompileCTIMachineTrampolines):
3042         * jit/JIT.h:
3043         * jit/JITArithmetic.cpp:
3044         (JSC::JIT::compileBinaryArithOp):
3045         * jit/JITInlineMethods.h:
3046         (JSC::JIT::emitGetVirtualRegister):
3047         (JSC::JIT::emitPutCTIArg):
3048         (JSC::JIT::emitPutCTIArgConstant):
3049         (JSC::JIT::emitGetCTIArg):
3050         (JSC::JIT::emitPutCTIArgFromVirtualRegister):
3051         (JSC::JIT::emitPutCTIParam):
3052         (JSC::JIT::emitGetCTIParam):
3053         (JSC::JIT::emitPutToCallFrameHeader):
3054         (JSC::JIT::emitPutImmediateToCallFrameHeader):
3055         (JSC::JIT::emitGetFromCallFrameHeader):
3056         (JSC::JIT::emitPutVirtualRegister):
3057         (JSC::JIT::emitInitRegister):
3058         (JSC::JIT::emitNakedCall):
3059         (JSC::JIT::restoreArgumentReference):
3060         (JSC::JIT::restoreArgumentReferenceForTrampoline):
3061         (JSC::JIT::emitCTICall):
3062         (JSC::JIT::checkStructure):
3063         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
3064         (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
3065         (JSC::JIT::emitJumpSlowCaseIfNotImmNums):
3066         (JSC::JIT::emitFastArithDeTagImmediate):
3067         (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
3068         (JSC::JIT::emitFastArithReTagImmediate):
3069         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
3070         (JSC::JIT::emitFastArithImmToInt):
3071         (JSC::JIT::emitFastArithIntToImmOrSlowCase):
3072         (JSC::JIT::emitFastArithIntToImmNoCheck):
3073         (JSC::JIT::emitTagAsBoolImmediate):
3074         * jit/JITPropertyAccess.cpp:
3075         (JSC::JIT::privateCompilePutByIdTransition):
3076
3077 2008-12-04  Geoffrey Garen  <ggaren@apple.com>
3078
3079         Reviewed by Oliver Hunt.
3080         
3081         Some refactoring for generateGreedyQuantifier.
3082         
3083         SunSpider reports no change (possibly a 0.3% speedup).
3084
3085         * wrec/WRECGenerator.cpp:
3086         (JSC::WREC::Generator::generateGreedyQuantifier): Clarified label
3087         meanings and unified some logic to simplify things.
3088
3089         * wrec/WRECParser.h:
3090         (JSC::WREC::Parser::parseAlternative): Added a version of parseAlternative
3091         that can jump to a Label, instead of a JumpList, upon failure. (Eventually,
3092         when we have a true Label class, this will be redundant.) This makes
3093         things easier for generateGreedyQuantifier, because it can avoid
3094         explicitly linking things.
3095
3096 2008-12-04  Simon Hausmann  <simon.hausmann@nokia.com>
3097
3098         Reviewed by Holger Freyther.
3099
3100         Fix crashes in the Qt build on Linux/i386 with non-executable memory
3101         by enabling TCSystemAlloc and the PROT_EXEC flag for mmap.
3102
3103         * JavaScriptCore.pri: Enable the use of TCSystemAlloc if the JIT is
3104         enabled.
3105         * wtf/TCSystemAlloc.cpp: Extend the PROT_EXEC permissions to
3106         PLATFORM(QT).
3107
3108 2008-12-04  Simon Hausmann  <simon.hausmann@nokia.com>
3109
3110         Reviewed by Tor Arne Vestbø.
3111
3112         Enable ENABLE_JIT_OPTIMIZE_CALL, ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS
3113         and ENABLE_JIT_OPTIMIZE_ARITHMETIC, as suggested by Niko.
3114
3115         * JavaScriptCore.pri: 
3116
3117 2008-12-04  Kent Hansen  <khansen@trolltech.com>
3118
3119         Reviewed by Simon Hausmann.
3120
3121         Enable the JSC jit for the Qt build by default for release builds on
3122         linux-g++ and win32-msvc.
3123
3124         * JavaScriptCore.pri:
3125
3126 2008-12-04  Gavin Barraclough  <barraclough@apple.com>
3127
3128         Reviewed by Oliver Hunt.
3129
3130         Allow JIT to function without property access repatching and arithmetic optimizations.
3131         Controlled by ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS and ENABLE_JIT_OPTIMIZE_ARITHMETIC switches.
3132
3133         https://bugs.webkit.org/show_bug.cgi?id=22643
3134
3135         * JavaScriptCore.xcodeproj/project.pbxproj:
3136         * jit/JIT.cpp:
3137         (JSC::JIT::privateCompileMainPass):
3138         (JSC::JIT::privateCompileSlowCases):
3139         * jit/JIT.h:
3140         * jit/JITArithmetic.cpp: Copied from jit/JIT.cpp.
3141         (JSC::JIT::compileBinaryArithOp):
3142         (JSC::JIT::compileBinaryArithOpSlowCase):
3143         * jit/JITPropertyAccess.cpp: Copied from jit/JIT.cpp.
3144         (JSC::JIT::compileGetByIdHotPath):
3145         (JSC::JIT::compileGetByIdSlowCase):
3146         (JSC::JIT::compilePutByIdHotPath):
3147         (JSC::JIT::compilePutByIdSlowCase):
3148         (JSC::resizePropertyStorage):
3149         (JSC::transitionWillNeedStorageRealloc):
3150         (JSC::JIT::privateCompilePutByIdTransition):
3151         (JSC::JIT::patchGetByIdSelf):
3152         (JSC::JIT::patchPutByIdReplace):
3153         (JSC::JIT::privateCompilePatchGetArrayLength):
3154         * wtf/Platform.h:
3155
3156 2008-12-03  Geoffrey Garen  <ggaren@apple.com>
3157
3158         Reviewed by Oliver Hunt.
3159         
3160         Optimized sequences of characters in regular expressions by comparing
3161         two characters at a time.
3162         
3163         1-2% speedup on SunSpider, 19-25% speedup on regexp-dna.
3164
3165         * assembler/MacroAssembler.h:
3166         (JSC::MacroAssembler::load32):
3167         (JSC::MacroAssembler::jge32): Filled out a few more macro methods.
3168
3169         * assembler/X86Assembler.h:
3170         (JSC::X86Assembler::movl_mr): Added a verion of movl_mr that operates
3171         without an offset, to allow the macro assembler to optmize for that case.
3172         
3173         * wrec/WREC.cpp:
3174         (JSC::WREC::Generator::compileRegExp): Test the saved value of index
3175         instead of the index register when checking for "end of input." The
3176         index register doesn't increment by 1 in an orderly fashion, so testing
3177         it for == "end of input" is not valid.
3178         
3179         Also, jump all the way to "return failure" upon reaching "end of input,"
3180         instead of executing the next alternative. This is more logical, and
3181         it's a slight optimization in the case of an expression with many alternatives.
3182
3183         * wrec/WRECGenerator.cpp:
3184         (JSC::WREC::Generator::generateIncrementIndex): Added support for
3185         jumping to a failure label in the case where the index has reached "end
3186         of input."
3187
3188         (JSC::WREC::Generator::generatePatternCharacterSequence):
3189         (JSC::WREC::Generator::generatePatternCharacterPair): This is the
3190         optmization. It's basically like generatePatternCharacter, but it runs two
3191         characters at a time.
3192         
3193         (JSC::WREC::Generator::generatePatternCharacter): Changed to use isASCII,
3194         since it's clearer than comparing to a magic hex value.
3195         
3196         * wrec/WRECGenerator.h:
3197
3198 2008-12-03  Gavin Barraclough  <barraclough@apple.com>
3199
3200         Reviewed by Cameron Zwarich.
3201
3202         Allow JIT to operate without the call-repatching optimization.
3203         Controlled by ENABLE(JIT_OPTIMIZE_CALL), defaults on, disabling
3204         this leads to significant performance regression.
3205
3206         https://bugs.webkit.org/show_bug.cgi?id=22639
3207
3208         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3209         * JavaScriptCore.xcodeproj/project.pbxproj:
3210         * jit/JIT.cpp:
3211         (JSC::JIT::privateCompileSlowCases):
3212         * jit/JIT.h:
3213         * jit/JITCall.cpp: Copied from jit/JIT.cpp.
3214         (JSC::JIT::compileOpCallInitializeCallFrame):
3215         (JSC::JIT::compileOpCallSetupArgs):
3216         (JSC::JIT::compileOpCallEvalSetupArgs):
3217         (JSC::JIT::compileOpConstructSetupArgs):
3218         (JSC::JIT::compileOpCall):
3219         (JSC::JIT::compileOpCallSlowCase):
3220         (JSC::unreachable):
3221         * jit/JITInlineMethods.h: Copied from jit/JIT.cpp.
3222         (JSC::JIT::checkStructure):
3223         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
3224         (JSC::JIT::emitTagAsBoolImmediate):
3225         * wtf/Platform.h:
3226
3227 2008-12-03  Eric Seidel  <eric@webkit.org>
3228
3229         Rubber-stamped by David Hyatt.
3230
3231         Make HAVE_ACCESSIBILITY only define if !defined
3232
3233         * wtf/Platform.h:
3234
3235 2008-12-03  Sam Weinig  <sam@webkit.org>
3236
3237         Fix build.
3238
3239         * assembler/X86Assembler.h:
3240         (JSC::X86Assembler::orl_i32r):
3241
3242 2008-12-03  Sam Weinig  <sam@webkit.org>
3243
3244         Reviewed by Geoffrey Garen.
3245
3246         Remove shared AssemblerBuffer 1MB buffer and instead give AssemblerBuffer
3247         an 256 byte inline capacity.
3248
3249         1% progression on Sunspider.
3250
3251         * assembler/AssemblerBuffer.h:
3252         (JSC::AssemblerBuffer::AssemblerBuffer):
3253         (JSC::AssemblerBuffer::~AssemblerBuffer):
3254         (JSC::AssemblerBuffer::grow):
3255         * assembler/MacroAssembler.h:
3256         (JSC::MacroAssembler::MacroAssembler):
3257         * assembler/X86Assembler.h:
3258         (JSC::X86Assembler::X86Assembler):
3259         * interpreter/Interpreter.cpp:
3260         (JSC::Interpreter::Interpreter):
3261         * interpreter/Interpreter.h:
3262         * jit/JIT.cpp:
3263         (JSC::JIT::JIT):
3264         * parser/Nodes.cpp:
3265         (JSC::RegExpNode::emitBytecode):
3266         * runtime/RegExp.cpp:
3267         (JSC::RegExp::RegExp):
3268         (JSC::RegExp::create):
3269         * runtime/RegExp.h:
3270         * runtime/RegExpConstructor.cpp:
3271         (JSC::constructRegExp):
3272         * runtime/RegExpPrototype.cpp:
3273         (JSC::regExpProtoFuncCompile):
3274         * runtime/StringPrototype.cpp:
3275         (JSC::stringProtoFuncMatch):
3276         (JSC::stringProtoFuncSearch):
3277         * wrec/WREC.cpp:
3278         (JSC::WREC::Generator::compileRegExp):
3279         * wrec/WRECGenerator.h:
3280         (JSC::WREC::Generator::Generator):
3281         * wrec/WRECParser.h:
3282         (JSC::WREC::Parser::Parser):
3283
3284 2008-12-03  Geoffrey Garen  <ggaren@apple.com>
3285
3286         Reviewed by Oliver Hunt, with help from Gavin Barraclough.
3287         
3288         orl_i32r was actually coded as an 8bit OR. So, I renamed orl_i32r to
3289         orl_i8r, changed all orl_i32r clients to use orl_i8r, and then added
3290         a new orl_i32r that actually does a 32bit OR.
3291         
3292         (32bit OR is currently unused, but a patch I'm working on uses it.)
3293
3294         * assembler/MacroAssembler.h:
3295         (JSC::MacroAssembler::or32): Updated to choose between 8bit and 32bit OR.
3296
3297         * assembler/X86Assembler.h:
3298         (JSC::X86Assembler::orl_i8r): The old orl_i32r.
3299         (JSC::X86Assembler::orl_i32r): The new orl_i32r.
3300         
3301         * jit/JIT.cpp:
3302         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
3303         (JSC::JIT::emitTagAsBoolImmediate): Use orl_i8r, since we're ORing 8bit
3304         values.
3305
3306 2008-12-03  Dean Jackson  <dino@apple.com>
3307
3308         Reviewed by Dan Bernstein.
3309
3310         Helper functions for turn -> degrees.
3311         https://bugs.webkit.org/show_bug.cgi?id=22497
3312
3313         * wtf/MathExtras.h:
3314         (turn2deg):
3315         (deg2turn):
3316
3317 2008-12-02  Cameron Zwarich  <zwarich@apple.com>
3318
3319         Reviewed by Geoff Garen.
3320
3321         Bug 22504: Crashes during code generation occur due to refing of ignoredResult()
3322         <https://bugs.webkit.org/show_bug.cgi?id=22504>
3323
3324         Since ignoredResult() was implemented by casting 1 to a RegisterID*, any
3325         attempt to ref ignoredResult() results in a crash. This will occur in
3326         code generation of a function body where a node emits another node with
3327         the dst that was passed to it, and then refs the returned RegisterID*.
3328
3329         To fix this problem, make ignoredResult() a member function of
3330         BytecodeGenerator that simply returns a pointe to a fixed RegisterID
3331         member of BytecodeGenerator.
3332
3333         * bytecompiler/BytecodeGenerator.h:
3334         (JSC::BytecodeGenerator::ignoredResult):
3335         * bytecompiler/RegisterID.h:
3336         * parser/Nodes.cpp:
3337         (JSC::NullNode::emitBytecode):
3338         (JSC::BooleanNode::emitBytecode):
3339         (JSC::NumberNode::emitBytecode):
3340         (JSC::StringNode::emitBytecode):
3341         (JSC::RegExpNode::emitBytecode):
3342         (JSC::ThisNode::emitBytecode):
3343         (JSC::ResolveNode::emitBytecode):
3344         (JSC::ObjectLiteralNode::emitBytecode):
3345         (JSC::PostfixResolveNode::emitBytecode):
3346         (JSC::PostfixBracketNode::emitBytecode):
3347         (JSC::PostfixDotNode::emitBytecode):
3348         (JSC::DeleteValueNode::emitBytecode):
3349         (JSC::VoidNode::emitBytecode):
3350         (JSC::TypeOfResolveNode::emitBytecode):
3351         (JSC::TypeOfValueNode::emitBytecode):
3352         (JSC::PrefixResolveNode::emitBytecode):
3353         (JSC::AssignResolveNode::emitBytecode):
3354         (JSC::CommaNode::emitBytecode):
3355         (JSC::ForNode::emitBytecode):
3356         (JSC::ForInNode::emitBytecode):
3357         (JSC::ReturnNode::emitBytecode):
3358         (JSC::ThrowNode::emitBytecode):
3359         (JSC::FunctionBodyNode::emitBytecode):
3360         (JSC::FuncDeclNode::emitBytecode):
3361
3362 2008-12-02  Geoffrey Garen  <ggaren@apple.com>
3363
3364         Reviewed by Cameron Zwarich.
3365         
3366         Fixed https://bugs.webkit.org/show_bug.cgi?id=22537
3367         REGRESSION (r38745): Assertion failure in jsSubstring() at ge.com
3368
3369         The bug was that index would become greater than length, so our
3370         "end of input" checks, which all check "index == length", would fail.
3371         
3372         The solution is to check for end of input before incrementing index,
3373         to ensure that index is always <= length.
3374         
3375         As a side benefit, generateJumpIfEndOfInput can now use je instead of
3376         jg, which should be slightly faster.
3377
3378         * wrec/WREC.cpp:
3379         (JSC::WREC::Generator::compileRegExp):
3380         * wrec/WRECGenerator.cpp:
3381         (JSC::WREC::Generator::generateJumpIfEndOfInput):
3382
3383 2008-12-02  Gavin Barraclough  <barraclough@apple.com>
3384
3385         Reviewed by Geoffrey Garen.
3386
3387         Plant shift right immediate instructions, which are awesome.
3388         https://bugs.webkit.org/show_bug.cgi?id=22610
3389         ~5% on the v8-crypto test.
3390
3391         * jit/JIT.cpp:
3392         (JSC::JIT::privateCompileMainPass):
3393         (JSC::JIT::privateCompileSlowCases):
3394
3395 2008-12-02  Geoffrey Garen  <ggaren@apple.com>
3396
3397         Reviewed by Sam Weinig.
3398         
3399         Cleaned up SegmentedVector by abstracting segment access into helper
3400         functions.
3401         
3402         SunSpider reports no change.
3403
3404         * bytecompiler/SegmentedVector.h:
3405         (JSC::SegmentedVector::SegmentedVector):
3406         (JSC::SegmentedVector::~SegmentedVector):
3407         (JSC::SegmentedVector::size):
3408         (JSC::SegmentedVector::at):
3409         (JSC::SegmentedVector::operator[]):
3410         (JSC::SegmentedVector::last):
3411         (JSC::SegmentedVector::append):
3412         (JSC::SegmentedVector::removeLast):
3413         (JSC::SegmentedVector::grow):
3414         (JSC::SegmentedVector::clear):
3415         (JSC::SegmentedVector::deleteAllSegments):
3416         (JSC::SegmentedVector::segmentFor):
3417         (JSC::SegmentedVector::subscriptFor):
3418         (JSC::SegmentedVector::ensureSegmentsFor):
3419         (JSC::SegmentedVector::ensureSegment):
3420
3421 2008-12-02  Geoffrey Garen  <ggaren@apple.com>
3422
3423         Reviewed by Geoffrey Garen. (Patch by Cameron Zwarich <zwarich@apple.com>.)
3424         
3425         Fixed https://bugs.webkit.org/show_bug.cgi?id=22482
3426         REGRESSION (r37991): Occasionally see "Scene rendered incorrectly"
3427         message when running the V8 Raytrace benchmark
3428         
3429         Rolled out r37991. It didn't properly save xmm0, which is caller-save,
3430         before calling helper functions.
3431         
3432         SunSpider and v8 benchmarks show little change -- possibly a .2%
3433         SunSpider regression, possibly a .2% v8 benchmark speedup.
3434
3435         * assembler/X86Assembler.h:
3436         (JSC::X86Assembler::):
3437         * bytecode/CodeBlock.cpp:
3438         (JSC::CodeBlock::dump):
3439         * bytecode/Instruction.h:
3440         (JSC::Instruction::):
3441         * bytecompiler/BytecodeGenerator.cpp:
3442         (JSC::BytecodeGenerator::emitUnaryOp):
3443         * bytecompiler/BytecodeGenerator.h:
3444         (JSC::BytecodeGenerator::emitToJSNumber):
3445         (JSC::BytecodeGenerator::emitTypeOf):
3446         (JSC::BytecodeGenerator::emitGetPropertyNames):
3447         * interpreter/Interpreter.cpp:
3448         (JSC::Interpreter::privateExecute):
3449         * interpreter/Interpreter.h:
3450         * jit/JIT.cpp:
3451         (JSC::JIT::privateCompileMainPass):
3452         (JSC::JIT::privateCompileSlowCases):
3453         * jit/JIT.h:
3454         * parser/Nodes.cpp:
3455         (JSC::UnaryOpNode::emitBytecode):
3456         (JSC::BinaryOpNode::emitBytecode):
3457         (JSC::EqualNode::emitBytecode):
3458         * parser/ResultType.h:
3459         (JSC::ResultType::isReusable):
3460         (JSC::ResultType::mightBeNumber):
3461         * runtime/JSNumberCell.h:
3462
3463 2008-12-01  Gavin Barraclough  <barraclough@apple.com>
3464
3465         Reviewed by Geoffrey Garen.
3466
3467         Remove unused (sampling only, and derivable) argument to JIT::emitCTICall.
3468         https://bugs.webkit.org/show_bug.cgi?id=22587
3469
3470         * jit/JIT.cpp:
3471         (JSC::JIT::emitCTICall):
3472         (JSC::JIT::compileOpCall):
3473         (JSC::JIT::emitSlowScriptCheck):
3474         (JSC::JIT::compileBinaryArithOpSlowCase):
3475         (JSC::JIT::privateCompileMainPass):
3476         (JSC::JIT::privateCompileSlowCases):
3477         (JSC::JIT::privateCompile):
3478         * jit/JIT.h:
3479
3480 2008-12-02  Dimitri Glazkov  <dglazkov@chromium.org>
3481
3482         Reviewed by Eric Seidel.
3483         
3484         Fix the inheritance chain for JSFunction.
3485
3486         * runtime/JSFunction.cpp:
3487         (JSC::JSFunction::info): Add InternalFunction::info as parent class
3488
3489 2008-12-02  Simon Hausmann  <hausmann@webkit.org>
3490
3491         Reviewed by Tor Arne Vestbø.
3492
3493         Fix ability to include JavaScriptCore.pri from other .pro files.
3494
3495         * JavaScriptCore.pri: Moved -O3 setting into the .pro files.
3496         * JavaScriptCore.pro:
3497         * jsc.pro:
3498
3499 2008-12-01  Geoffrey Garen  <ggaren@apple.com>
3500
3501         Reviewed by Cameron Zwarich, with help from Gavin Barraclough.
3502         
3503         Fixed https://bugs.webkit.org/show_bug.cgi?id=22583.
3504
3505         Refactored regular expression parsing to parse sequences of characters
3506         as a single unit, in preparation for optimizing sequences of characters.
3507         
3508         SunSpider reports no change.
3509
3510         * JavaScriptCore.xcodeproj/project.pbxproj:
3511         * wrec/Escapes.h: Added. Set of classes for representing an escaped
3512         token in a pattern.
3513
3514         * wrec/Quantifier.h:
3515         (JSC::WREC::Quantifier::Quantifier): Simplified this constructor slightly,
3516         to match the new Escape constructor.
3517
3518         * wrec/WRECGenerator.cpp:
3519         (JSC::WREC::Generator::generatePatternCharacterSequence):
3520         * wrec/WRECGenerator.h: Added an interface for generating a sequence
3521         of pattern characters at a time. It doesn't do anything special yet.
3522
3523         * wrec/WRECParser.cpp:
3524         (JSC::WREC::Parser::consumeGreedyQuantifier):
3525         (JSC::WREC::Parser::consumeQuantifier): Renamed "parse" to "consume" in
3526         these functions, to match "consumeEscape."
3527
3528         (JSC::WREC::Parser::parsePatternCharacterSequence): New function for
3529         iteratively aggregating a sequence of characters in a pattern.
3530
3531         (JSC::WREC::Parser::parseCharacterClassQuantifier):
3532         (JSC::WREC::Parser::parseBackreferenceQuantifier): Renamed "parse" to
3533         "consume" in these functions, to match "consumeEscape."
3534
3535         (JSC::WREC::Parser::parseCharacterClass): Refactored to use the common
3536         escape processing code in consumeEscape.
3537