55ee52b343049236924951d0076a89e73e1de9d2
[WebKit-https.git] / JavaScriptCore / ChangeLog
1 2008-12-30  Oliver Hunt  <oliver@apple.com>
2
3         Reviewed by Darin Adler.
4
5         <https://bugs.webkit.org/show_bug.cgi?id=23049> [jsfunfuzz] With blocks do not correctly protect their scope object
6         <rdar://problem/6469742> Crash in JSC::TypeInfo::hasStandardGetOwnPropertySlot() running jsfunfuzz
7
8         The problem that caused this was that with nodes were not correctly protecting
9         the final object that was placed in the scope chain.  We correct this by forcing
10         the use of a temporary register (which stops us relying on a local register
11         protecting the scope) and changing the behaviour of op_push_scope so that it
12         will store the final scope object.
13
14         * bytecompiler/BytecodeGenerator.cpp:
15         (JSC::BytecodeGenerator::emitPushScope):
16         * interpreter/Interpreter.cpp:
17         (JSC::Interpreter::privateExecute):
18         (JSC::Interpreter::cti_op_push_scope):
19         * interpreter/Interpreter.h:
20         * jit/JIT.cpp:
21         (JSC::JIT::privateCompileMainPass):
22         * parser/Nodes.cpp:
23         (JSC::WithNode::emitBytecode):
24
25 2008-12-30  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
26
27         Reviewed by Sam Weinig.
28
29         Bug 23037: Parsing and reparsing disagree on automatic semicolon insertion
30         <https://bugs.webkit.org/show_bug.cgi?id=23037>
31         <rdar://problem/6467124>
32
33         Parsing and reparsing disagree about automatic semicolon insertion, so that a
34         function like
35
36         function() { a = 1, }
37
38         is parsed as being syntactically valid but gets a syntax error upon reparsing.
39         This leads to an assertion failure in Parser::reparse(). It is not that big of
40         an issue in practice, because in a Release build such a function will return
41         'undefined' when called.
42
43         In this case, we are not following the spec and it should be a syntax error.
44         However, unless there is a newline separating the ',' and the '}', WebKit would
45         not treat it as a syntax error in the past either. It would be a bit of work to
46         make the automatic semicolon insertion match the spec exactly, so this patch
47         changes it to match our past behaviour.
48
49         The problem is that even during reparsing, the Lexer adds a semicolon at the
50         end of the input, which confuses allowAutomaticSemicolon(), because it is
51         expecting either a '}', the end of input, or a terminator like a newline.
52
53         * parser/Lexer.cpp:
54         (JSC::Lexer::Lexer): Initialize m_isReparsing to false.
55         (JSC::Lexer::lex): Do not perform automatic semicolon insertion in the Lexer if
56         we are in the middle of reparsing.
57         (JSC::Lexer::clear): Set m_isReparsing to false.
58         * parser/Lexer.h:
59         (JSC::Lexer::setIsReparsing): Added.
60         * parser/Parser.cpp:
61         (JSC::Parser::reparse): Call Lexer::setIsReparsing() to notify the Lexer of
62         reparsing.
63
64 2008-12-29  Oliver Hunt  <oliver@apple.com>
65
66         Reviewed by NOBODY (Build fix).
67
68         Yet another attempt to fix Tiger.
69
70         * wtf/RandomNumber.cpp:
71         (WTF::randomNumber):
72
73 2008-12-29  Oliver Hunt  <oliver@apple.com>
74
75         Reviewed by NOBODY (Build fix).
76
77         Tiger build fix (correct this time)
78
79         * wtf/RandomNumber.cpp:
80
81 2008-12-29  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
82
83         Rubber-stamped by Alexey Proskuryakov.
84
85         Revert r39509, because kjsyydebug is used in the generated code if YYDEBUG is 1.
86
87         * parser/Grammar.y:
88
89 2008-12-29  Oliver Hunt  <oliver@apple.com>
90
91         Reviewed by NOBODY (Build fix).
92
93         Tiger build fix.
94
95         * wtf/RandomNumber.cpp:
96
97 2008-12-29  Oliver Hunt  <oliver@apple.com>
98
99         Reviewed by Mark Rowe.
100
101         <rdar://problem/6358108> Insecure randomness in Math.random() leads to user tracking
102
103         Switch to arc4random on PLATFORM(DARWIN), this is ~1.5x slower than random(), but the
104         it is still so fast that there is no fathomable way it could be a bottleneck for anything.
105
106         randomNumber is called in two places
107           * During form submission where it is called once per form
108           * Math.random in JSC.  For this difference to show up you have to be looping on
109             a cached local copy of random, for a large (>10000) calls.
110
111         No change in SunSpider.
112
113         * wtf/RandomNumber.cpp:
114         (WTF::randomNumber):
115         * wtf/RandomNumberSeed.h:
116         (WTF::initializeRandomNumberGenerator):
117
118 2008-12-29  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
119
120         Rubber-stamped by Sam Weinig.
121
122         Remove unused kjsyydebug #define.
123
124         * parser/Grammar.y:
125
126 2008-12-29  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
127
128         Reviewed by Oliver Hunt and Sam Weinig.
129
130         Bug 23029: REGRESSION (r39337): jsfunfuzz generates identical test files
131         <https://bugs.webkit.org/show_bug.cgi?id=23029>
132         <rdar://problem/6469185>
133
134         The unification of random number generation in r39337 resulted in random()
135         being initialized on Darwin, but rand() actually being used. Fix this by
136         making randomNumber() use random() instead of rand() on Darwin.
137
138         * wtf/RandomNumber.cpp:
139         (WTF::randomNumber):
140
141 2008-12-29  Sam Weinig  <sam@webkit.org>
142
143         Fix buildbots.
144
145         * runtime/Structure.cpp:
146
147 2008-12-29  Sam Weinig  <sam@webkit.org>
148
149         Reviewed by Oliver Hunt.
150
151         Patch for https://bugs.webkit.org/show_bug.cgi?id=23026
152         Move the deleted offsets vector into the PropertyMap
153
154         Saves 3 words per Structure.
155
156         * runtime/PropertyMapHashTable.h:
157         * runtime/Structure.cpp:
158         (JSC::Structure::addPropertyTransition):
159         (JSC::Structure::changePrototypeTransition):
160         (JSC::Structure::getterSetterTransition):
161         (JSC::Structure::toDictionaryTransition):
162         (JSC::Structure::fromDictionaryTransition):
163         (JSC::Structure::copyPropertyTable):
164         (JSC::Structure::put):
165         (JSC::Structure::remove):
166         (JSC::Structure::rehashPropertyMapHashTable):
167         * runtime/Structure.h:
168         (JSC::Structure::propertyStorageSize):
169
170 2008-12-29  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
171
172         Reviewed by Oliver Hunt.
173
174         Change code using m_body.get() as a boolean to take advantage of the 
175         implicit conversion of RefPtr to boolean.
176
177         * runtime/JSFunction.cpp:
178         (JSC::JSFunction::~JSFunction):
179
180 2008-12-28  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
181
182         Reviewed by Oliver Hunt.
183
184         Bug 22840: REGRESSION (r38349): Gmail doesn't load with profiling enabled
185         <https://bugs.webkit.org/show_bug.cgi?id=22840>
186         <rdar://problem/6468077>
187
188         * bytecompiler/BytecodeGenerator.cpp:
189         (JSC::BytecodeGenerator::emitNewArray): Add an assertion that the range
190         of registers passed to op_new_array is sequential.
191         (JSC::BytecodeGenerator::emitCall): Correct the relocation of registers
192         when emitting profiler hooks so that registers aren't leaked. Also, add
193         an assertion that the 'this' register is always ref'd (because it is),
194         remove the needless protection of the 'this' register when relocating,
195         and add an assertion that the range of registers passed to op_call for
196         function call arguments is sequential.
197         (JSC::BytecodeGenerator::emitConstruct): Correct the relocation of
198         registers when emitting profiler hooks so that registers aren't leaked.
199         Also, add an assertion that the range of registers passed to op_construct
200         for function call arguments is sequential.
201
202 2008-12-26  Mark Rowe  <mrowe@apple.com>
203
204         Reviewed by Alexey Proskuryakov.
205
206         <rdar://problem/6467376> Race condition in WTF::currentThread can lead to a thread using two different identifiers during its lifetime
207
208         If a newly-created thread calls WTF::currentThread() before WTF::createThread calls establishIdentifierForPthreadHandle
209         then more than one identifier will be used for the same thread.  We can avoid this by adding some extra synchronization
210         during thread creation that delays the execution of the thread function until the thread identifier has been set up, and
211         an assertion to catch this problem should it reappear in the future.
212
213         * wtf/Threading.cpp: Added.
214         (WTF::NewThreadContext::NewThreadContext):
215         (WTF::threadEntryPoint):
216         (WTF::createThread): Add cross-platform createThread function that delays the execution of the thread function until
217         after the thread identifier has been set up.
218         * wtf/Threading.h:
219         * wtf/ThreadingGtk.cpp:
220         (WTF::establishIdentifierForThread):
221         (WTF::createThreadInternal):
222         * wtf/ThreadingNone.cpp:
223         (WTF::createThreadInternal):
224         * wtf/ThreadingPthreads.cpp:
225         (WTF::establishIdentifierForPthreadHandle):
226         (WTF::createThreadInternal):
227         * wtf/ThreadingQt.cpp:
228         (WTF::identifierByQthreadHandle):
229         (WTF::establishIdentifierForThread):
230         (WTF::createThreadInternal):
231         * wtf/ThreadingWin.cpp:
232         (WTF::storeThreadHandleByIdentifier):
233         (WTF::createThreadInternal):
234
235         Add Threading.cpp to the build.
236
237         * GNUmakefile.am:
238         * JavaScriptCore.pri:
239         * JavaScriptCore.scons:
240         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
241         * JavaScriptCore.xcodeproj/project.pbxproj:
242         * JavaScriptCoreSources.bkl:
243
244 2008-12-26  Sam Weinig  <sam@webkit.org>
245
246         Reviewed by Alexey Proskuryakov.
247
248         Remove unused method.
249
250         * runtime/Structure.h: Remove mutableTypeInfo.
251
252 2008-12-22  Gavin Barraclough  <barraclough@apple.com>
253
254         Reviewed by Oliver Hunt.
255
256         Fix rounding / bounds / signed comparison bug in ExecutableAllocator.
257
258         ExecutableAllocator::alloc assumed that m_freePtr would be aligned.  This was
259         not always true, since the first allocation from an additional pool would not
260         be rounded up.  Subsequent allocations would be unaligned, and too much memory
261         could be erroneously allocated from the pool, when the size requested was
262         available, but the size rounded up to word granularity was not available in the
263         pool.  This may result in the value of m_freePtr being greater than m_end.
264
265         Under these circumstances, the unsigned check for space will always pass,
266         resulting in pointers to memory outside of the arena being returned, and
267         ultimately segfaulty goodness when attempting to memcpy the hot freshly jitted
268         code from the AssemblerBuffer.
269
270         https://bugs.webkit.org/show_bug.cgi?id=22974
271         ... and probably many, many more.
272
273         * jit/ExecutableAllocator.h:
274         (JSC::ExecutablePool::alloc):
275         (JSC::ExecutablePool::roundUpAllocationSize):
276         (JSC::ExecutablePool::ExecutablePool):
277         (JSC::ExecutablePool::poolAllocate):
278
279 2008-12-22  Sam Weinig  <sam@webkit.org>
280
281         Reviewed by Gavin Barraclough.
282
283         Rename all uses of the term "repatch" to "patch".
284
285         * assembler/MacroAssembler.h:
286         (JSC::MacroAssembler::DataLabelPtr::patch):
287         (JSC::MacroAssembler::DataLabel32::patch):
288         (JSC::MacroAssembler::Jump::patch):
289         (JSC::MacroAssembler::PatchBuffer::PatchBuffer):
290         (JSC::MacroAssembler::PatchBuffer::setPtr):
291         (JSC::MacroAssembler::loadPtrWithAddressOffsetPatch):
292         (JSC::MacroAssembler::storePtrWithAddressOffsetPatch):
293         (JSC::MacroAssembler::storePtrWithPatch):
294         (JSC::MacroAssembler::jnePtrWithPatch):
295         * assembler/X86Assembler.h:
296         (JSC::X86Assembler::patchAddress):
297         (JSC::X86Assembler::patchImmediate):
298         (JSC::X86Assembler::patchPointer):
299         (JSC::X86Assembler::patchBranchOffset):
300         * interpreter/Interpreter.cpp:
301         (JSC::Interpreter::tryCTICachePutByID):
302         (JSC::Interpreter::tryCTICacheGetByID):
303         (JSC::Interpreter::cti_op_put_by_id):
304         (JSC::Interpreter::cti_op_get_by_id):
305         (JSC::Interpreter::cti_op_get_by_id_self_fail):
306         (JSC::Interpreter::cti_op_get_by_id_proto_list):
307         (JSC::Interpreter::cti_vm_dontLazyLinkCall):
308         * jit/JIT.cpp:
309         (JSC::ctiPatchCallByReturnAddress):
310         (JSC::JIT::privateCompileMainPass):
311         (JSC::JIT::privateCompile):
312         (JSC::JIT::privateCompileCTIMachineTrampolines):
313         * jit/JIT.h:
314         * jit/JITCall.cpp:
315         (JSC::JIT::unlinkCall):
316         (JSC::JIT::linkCall):
317         (JSC::JIT::compileOpCall):
318         * jit/JITPropertyAccess.cpp:
319         (JSC::JIT::compileGetByIdHotPath):
320         (JSC::JIT::compilePutByIdHotPath):
321         (JSC::JIT::compileGetByIdSlowCase):
322         (JSC::JIT::compilePutByIdSlowCase):
323         (JSC::JIT::privateCompilePutByIdTransition):
324         (JSC::JIT::patchGetByIdSelf):
325         (JSC::JIT::patchPutByIdReplace):
326         (JSC::JIT::privateCompilePatchGetArrayLength):
327         (JSC::JIT::privateCompileGetByIdSelf):
328         (JSC::JIT::privateCompileGetByIdProto):
329         (JSC::JIT::privateCompileGetByIdSelfList):
330         (JSC::JIT::privateCompileGetByIdProtoList):
331         (JSC::JIT::privateCompileGetByIdChainList):
332         (JSC::JIT::privateCompileGetByIdChain):
333         (JSC::JIT::privateCompilePutByIdReplace):
334
335 2008-12-22  Adam Roben  <aroben@apple.com>
336
337         Build fix after r39428
338
339         * jit/JITCall.cpp:
340         (JSC::JIT::compileOpCallSlowCase): Added a missing MacroAssembler::
341
342 2008-12-22  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
343
344         Rubber-stamped by George Staikos.
345
346         Unify all TorchMobile copyright lines. Consolidate in a single line, as requested by Mark Rowe, some time ago.
347
348         * wtf/RandomNumber.cpp:
349         * wtf/RandomNumber.h:
350         * wtf/RandomNumberSeed.h:
351
352 2008-12-21  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
353
354         Rubber-stamped by George Staikos.
355
356         Fix copyright of the new RandomNumber* files.
357
358         * wtf/RandomNumber.cpp:
359         * wtf/RandomNumber.h:
360         * wtf/RandomNumberSeed.h:
361
362 2008-12-21  Gavin Barraclough  <barraclough@apple.com>
363
364         Reviewed by Oliver Hunt & Cameron Zwarich.
365
366         Add support for call and property access repatching on x86-64.
367
368         No change in performance on current configurations (2x impovement on v8-tests with JIT enabled on x86-64).
369
370         * assembler/MacroAssembler.h:
371         (JSC::MacroAssembler::DataLabelPtr::repatch):
372         (JSC::MacroAssembler::DataLabelPtr::operator X86Assembler::JmpDst):
373         (JSC::MacroAssembler::DataLabel32::repatch):
374         (JSC::MacroAssembler::RepatchBuffer::addressOf):
375         (JSC::MacroAssembler::add32):
376         (JSC::MacroAssembler::sub32):
377         (JSC::MacroAssembler::loadPtrWithAddressOffsetRepatch):
378         (JSC::MacroAssembler::storePtrWithAddressOffsetRepatch):
379         (JSC::MacroAssembler::jePtr):
380         (JSC::MacroAssembler::jnePtr):
381         (JSC::MacroAssembler::jnePtrWithRepatch):
382         (JSC::MacroAssembler::differenceBetween):
383         * assembler/X86Assembler.h:
384         (JSC::X86Assembler::addl_im):
385         (JSC::X86Assembler::subl_im):
386         (JSC::X86Assembler::cmpl_rm):
387         (JSC::X86Assembler::movq_rm_disp32):
388         (JSC::X86Assembler::movq_mr_disp32):
389         (JSC::X86Assembler::repatchPointer):
390         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp64_disp32):
391         * jit/JIT.cpp:
392         (JSC::JIT::privateCompile):
393         (JSC::JIT::privateCompileCTIMachineTrampolines):
394         * jit/JIT.h:
395         * jit/JITCall.cpp:
396         (JSC::JIT::unlinkCall):
397         (JSC::JIT::linkCall):
398         (JSC::JIT::compileOpCall):
399         (JSC::JIT::compileOpCallSlowCase):
400         * jit/JITInlineMethods.h:
401         (JSC::JIT::restoreArgumentReferenceForTrampoline):
402         * jit/JITPropertyAccess.cpp:
403         (JSC::JIT::compileGetByIdHotPath):
404         (JSC::JIT::compileGetByIdSlowCase):
405         (JSC::JIT::compilePutByIdHotPath):
406         (JSC::JIT::compilePutByIdSlowCase):
407         (JSC::resizePropertyStorage):
408         (JSC::JIT::privateCompilePutByIdTransition):
409         (JSC::JIT::privateCompileGetByIdProto):
410         (JSC::JIT::privateCompileGetByIdProtoList):
411         (JSC::JIT::privateCompileGetByIdChainList):
412         (JSC::JIT::privateCompileGetByIdChain):
413         * wtf/Platform.h:
414
415 2008-12-20  Gavin Barraclough  <barraclough@apple.com>
416
417         Reviewed by Oliver Hunt.
418
419         Port optimized property access generation to the MacroAssembler.
420
421         * assembler/MacroAssembler.h:
422         (JSC::MacroAssembler::AbsoluteAddress::AbsoluteAddress):
423         (JSC::MacroAssembler::DataLabelPtr::repatch):
424         (JSC::MacroAssembler::DataLabel32::DataLabel32):
425         (JSC::MacroAssembler::DataLabel32::repatch):
426         (JSC::MacroAssembler::Label::operator X86Assembler::JmpDst):
427         (JSC::MacroAssembler::Jump::repatch):
428         (JSC::MacroAssembler::JumpList::empty):
429         (JSC::MacroAssembler::RepatchBuffer::link):
430         (JSC::MacroAssembler::add32):
431         (JSC::MacroAssembler::and32):
432         (JSC::MacroAssembler::sub32):
433         (JSC::MacroAssembler::loadPtrWithAddressRepatch):
434         (JSC::MacroAssembler::storePtrWithAddressRepatch):
435         (JSC::MacroAssembler::push):
436         (JSC::MacroAssembler::ja32):
437         (JSC::MacroAssembler::jePtr):
438         (JSC::MacroAssembler::jnePtr):
439         (JSC::MacroAssembler::jnePtrWithRepatch):
440         (JSC::MacroAssembler::align):
441         (JSC::MacroAssembler::differenceBetween):
442         * assembler/X86Assembler.h:
443         (JSC::X86Assembler::movl_rm_disp32):
444         (JSC::X86Assembler::movl_mr_disp32):
445         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp_disp32):
446         (JSC::X86Assembler::X86InstructionFormatter::memoryModRM):
447         * jit/JIT.cpp:
448         (JSC::ctiRepatchCallByReturnAddress):
449         (JSC::JIT::privateCompileMainPass):
450         (JSC::JIT::privateCompile):
451         (JSC::JIT::privateCompileCTIMachineTrampolines):
452         * jit/JIT.h:
453         * jit/JITPropertyAccess.cpp:
454         (JSC::JIT::compileGetByIdHotPath):
455         (JSC::JIT::compileGetByIdSlowCase):
456         (JSC::JIT::compilePutByIdHotPath):
457         (JSC::JIT::compilePutByIdSlowCase):
458         (JSC::resizePropertyStorage):
459         (JSC::JIT::privateCompilePutByIdTransition):
460         (JSC::JIT::patchGetByIdSelf):
461         (JSC::JIT::patchPutByIdReplace):
462         (JSC::JIT::privateCompilePatchGetArrayLength):
463         (JSC::JIT::privateCompileGetByIdSelf):
464         (JSC::JIT::privateCompileGetByIdProto):
465         (JSC::JIT::privateCompileGetByIdSelfList):
466         (JSC::JIT::privateCompileGetByIdProtoList):
467         (JSC::JIT::privateCompileGetByIdChainList):
468         (JSC::JIT::privateCompileGetByIdChain):
469         (JSC::JIT::privateCompilePutByIdReplace):
470         * wtf/RefCounted.h:
471         (WTF::RefCountedBase::addressOfCount):
472
473 2008-12-19  Gustavo Noronha Silva  <gns@gnome.org>
474
475         Reviewed by Holger Freyther.
476
477         https://bugs.webkit.org/show_bug.cgi?id=22686
478
479         Added file which was missing to the javascriptcore_sources
480         variable, so that it shows up in the tarball created by `make
481         dist'.
482
483         * GNUmakefile.am:
484
485 2008-12-19  Holger Hans Peter Freyther  <zecke@selfish.org>
486
487         Reviewed by Antti Koivisto.
488
489         Build fix when building JS API tests with a c89 c compiler
490
491         Do not use C++ style comments and convert them to C comments.
492
493         * wtf/Platform.h:
494
495 2008-12-18  Gavin Barraclough  <barraclough@apple.com>
496
497         Reviewed by Sam Weinig.
498
499         Same as last revision, adding cases for pre & post inc & dec.
500
501         https://bugs.webkit.org/show_bug.cgi?id=22928
502
503         * jit/JIT.cpp:
504         (JSC::JIT::privateCompileMainPass):
505
506 2008-12-18  Gavin Barraclough  <barraclough@apple.com>
507
508         Reviewed by Sam Weinig.
509
510         Fixes for the JIT's handling of JSImmediate values on x86-64.
511         On 64-bit systems, the code in JSImmediate.h relies on the upper
512         bits of a JSImmediate being a sign extension of the low 32-bits.
513         This was not being enforced by the JIT, since a number of inline
514         operations were being performed on 32-bit values in registers, and
515         when a 32-bit result is written to a register on x86-64 the value
516         is zero-extended to 64-bits.
517         
518         This fix honors previous behavoir.  A better fix in the long run
519         (when the JIT is enabled by default) may be to change JSImmediate.h
520         so it no longer relies on the upper bits of the pointer,... though
521         if we're going to change JSImmediate.h for 64-bit, we probably may
522         as well change the format so that the full range of 32-bit ints can
523         be stored, rather than just 31-bits.
524
525         https://bugs.webkit.org/show_bug.cgi?id=22925
526
527         * assembler/MacroAssembler.h:
528         (JSC::MacroAssembler::addPtr):
529         (JSC::MacroAssembler::andPtr):
530         (JSC::MacroAssembler::orPtr):
531         (JSC::MacroAssembler::or32):
532         (JSC::MacroAssembler::xor32):
533         (JSC::MacroAssembler::xorPtr):
534         (JSC::MacroAssembler::signExtend32ToPtr):
535         * assembler/X86Assembler.h:
536         (JSC::X86Assembler::):
537         (JSC::X86Assembler::andq_rr):
538         (JSC::X86Assembler::andq_ir):
539         (JSC::X86Assembler::orq_rr):
540         (JSC::X86Assembler::xorq_ir):
541         (JSC::X86Assembler::movsxd_rr):
542         * jit/JIT.cpp:
543         (JSC::JIT::privateCompileMainPass):
544         * jit/JITInlineMethods.h:
545         (JSC::JIT::emitFastArithReTagImmediate):
546         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
547         (JSC::JIT::emitFastArithImmToInt):
548
549 2008-12-18  Gavin Barraclough  <barraclough@apple.com>
550
551         Reviewed by Sam Weinig.
552
553         Just a tidy up - rename & refactor some the #defines configuring the JIT.
554
555         * interpreter/Interpreter.cpp:
556         (JSC::Interpreter::cti_op_convert_this):
557         (JSC::Interpreter::cti_op_end):
558         (JSC::Interpreter::cti_op_add):
559         (JSC::Interpreter::cti_op_pre_inc):
560         (JSC::Interpreter::cti_timeout_check):
561         (JSC::Interpreter::cti_register_file_check):
562         (JSC::Interpreter::cti_op_loop_if_less):
563         (JSC::Interpreter::cti_op_loop_if_lesseq):
564         (JSC::Interpreter::cti_op_new_object):
565         (JSC::Interpreter::cti_op_put_by_id_generic):
566         (JSC::Interpreter::cti_op_get_by_id_generic):
567         (JSC::Interpreter::cti_op_put_by_id):
568         (JSC::Interpreter::cti_op_put_by_id_second):
569         (JSC::Interpreter::cti_op_put_by_id_fail):
570         (JSC::Interpreter::cti_op_get_by_id):
571         (JSC::Interpreter::cti_op_get_by_id_second):
572         (JSC::Interpreter::cti_op_get_by_id_self_fail):
573         (JSC::Interpreter::cti_op_get_by_id_proto_list):
574         (JSC::Interpreter::cti_op_get_by_id_proto_list_full):
575         (JSC::Interpreter::cti_op_get_by_id_proto_fail):
576         (JSC::Interpreter::cti_op_get_by_id_array_fail):
577         (JSC::Interpreter::cti_op_get_by_id_string_fail):
578         (JSC::Interpreter::cti_op_instanceof):
579         (JSC::Interpreter::cti_op_del_by_id):
580         (JSC::Interpreter::cti_op_mul):
581         (JSC::Interpreter::cti_op_new_func):
582         (JSC::Interpreter::cti_op_call_JSFunction):
583         (JSC::Interpreter::cti_op_call_arityCheck):
584         (JSC::Interpreter::cti_vm_dontLazyLinkCall):
585         (JSC::Interpreter::cti_vm_lazyLinkCall):
586         (JSC::Interpreter::cti_op_push_activation):
587         (JSC::Interpreter::cti_op_call_NotJSFunction):
588         (JSC::Interpreter::cti_op_create_arguments):
589         (JSC::Interpreter::cti_op_create_arguments_no_params):
590         (JSC::Interpreter::cti_op_tear_off_activation):
591         (JSC::Interpreter::cti_op_tear_off_arguments):
592         (JSC::Interpreter::cti_op_profile_will_call):
593         (JSC::Interpreter::cti_op_profile_did_call):
594         (JSC::Interpreter::cti_op_ret_scopeChain):
595         (JSC::Interpreter::cti_op_new_array):
596         (JSC::Interpreter::cti_op_resolve):
597         (JSC::Interpreter::cti_op_construct_JSConstruct):
598         (JSC::Interpreter::cti_op_construct_NotJSConstruct):
599         (JSC::Interpreter::cti_op_get_by_val):
600         (JSC::Interpreter::cti_op_resolve_func):
601         (JSC::Interpreter::cti_op_sub):
602         (JSC::Interpreter::cti_op_put_by_val):
603         (JSC::Interpreter::cti_op_put_by_val_array):
604         (JSC::Interpreter::cti_op_lesseq):
605         (JSC::Interpreter::cti_op_loop_if_true):
606         (JSC::Interpreter::cti_op_negate):
607         (JSC::Interpreter::cti_op_resolve_base):
608         (JSC::Interpreter::cti_op_resolve_skip):
609         (JSC::Interpreter::cti_op_resolve_global):
610         (JSC::Interpreter::cti_op_div):
611         (JSC::Interpreter::cti_op_pre_dec):
612         (JSC::Interpreter::cti_op_jless):
613         (JSC::Interpreter::cti_op_not):
614         (JSC::Interpreter::cti_op_jtrue):
615         (JSC::Interpreter::cti_op_post_inc):
616         (JSC::Interpreter::cti_op_eq):
617         (JSC::Interpreter::cti_op_lshift):
618         (JSC::Interpreter::cti_op_bitand):
619         (JSC::Interpreter::cti_op_rshift):
620         (JSC::Interpreter::cti_op_bitnot):
621         (JSC::Interpreter::cti_op_resolve_with_base):
622         (JSC::Interpreter::cti_op_new_func_exp):
623         (JSC::Interpreter::cti_op_mod):
624         (JSC::Interpreter::cti_op_less):
625         (JSC::Interpreter::cti_op_neq):
626         (JSC::Interpreter::cti_op_post_dec):
627         (JSC::Interpreter::cti_op_urshift):
628         (JSC::Interpreter::cti_op_bitxor):
629         (JSC::Interpreter::cti_op_new_regexp):
630         (JSC::Interpreter::cti_op_bitor):
631         (JSC::Interpreter::cti_op_call_eval):
632         (JSC::Interpreter::cti_op_throw):
633         (JSC::Interpreter::cti_op_get_pnames):
634         (JSC::Interpreter::cti_op_next_pname):
635         (JSC::Interpreter::cti_op_push_scope):
636         (JSC::Interpreter::cti_op_pop_scope):
637         (JSC::Interpreter::cti_op_typeof):
638         (JSC::Interpreter::cti_op_is_undefined):
639         (JSC::Interpreter::cti_op_is_boolean):
640         (JSC::Interpreter::cti_op_is_number):
641         (JSC::Interpreter::cti_op_is_string):
642         (JSC::Interpreter::cti_op_is_object):
643         (JSC::Interpreter::cti_op_is_function):
644         (JSC::Interpreter::cti_op_stricteq):
645         (JSC::Interpreter::cti_op_nstricteq):
646         (JSC::Interpreter::cti_op_to_jsnumber):
647         (JSC::Interpreter::cti_op_in):
648         (JSC::Interpreter::cti_op_push_new_scope):
649         (JSC::Interpreter::cti_op_jmp_scopes):
650         (JSC::Interpreter::cti_op_put_by_index):
651         (JSC::Interpreter::cti_op_switch_imm):
652         (JSC::Interpreter::cti_op_switch_char):
653         (JSC::Interpreter::cti_op_switch_string):
654         (JSC::Interpreter::cti_op_del_by_val):
655         (JSC::Interpreter::cti_op_put_getter):
656         (JSC::Interpreter::cti_op_put_setter):
657         (JSC::Interpreter::cti_op_new_error):
658         (JSC::Interpreter::cti_op_debug):
659         (JSC::Interpreter::cti_vm_throw):
660         * interpreter/Interpreter.h:
661         * jit/JIT.cpp:
662         (JSC::):
663         (JSC::JIT::privateCompileMainPass):
664         (JSC::JIT::privateCompile):
665         * jit/JIT.h:
666         * jit/JITInlineMethods.h:
667         (JSC::JIT::restoreArgumentReference):
668         (JSC::JIT::restoreArgumentReferenceForTrampoline):
669         * wtf/Platform.h:
670
671 2008-12-18  Cameron Zwarich  <zwarich@apple.com>
672
673         Reviewed by Geoff Garen.
674
675         Bug 21855: REGRESSION (r37323): Gmail complains about popup blocking when opening a link
676         <https://bugs.webkit.org/show_bug.cgi?id=21855>
677         <rdar://problem/6278244>
678
679         Move DynamicGlobalObjectScope to JSGlobalObject.h so that it can be used
680         from WebCore.
681
682         * interpreter/Interpreter.cpp:
683         * runtime/JSGlobalObject.h:
684         (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope):
685         (JSC::DynamicGlobalObjectScope::~DynamicGlobalObjectScope):
686
687 2008-12-17  Geoffrey Garen  <ggaren@apple.com>
688
689         Reviewed by Gavin Barraclough.
690         
691         Fixed https://bugs.webkit.org/show_bug.cgi?id=22393
692         Segfault when caching property accesses to primitive cells.
693         
694         Changed some asObject casts to asCell casts in cases where a primitive
695         value may be a cell and not an object.
696         
697         Re-enabled property caching for primitives in cases where it had been
698         disabled because of this bug.
699         
700         Updated a comment to better explain something Darin thought needed
701         explaining in an old patch review.
702
703         * interpreter/Interpreter.cpp:
704         (JSC::countPrototypeChainEntriesAndCheckForProxies):
705         (JSC::Interpreter::tryCacheGetByID):
706         (JSC::Interpreter::tryCTICacheGetByID):
707         (JSC::Interpreter::cti_op_get_by_id_self_fail):
708         (JSC::Interpreter::cti_op_get_by_id_proto_list):
709
710 2008-12-17  Gavin Barraclough  <barraclough@apple.com>
711
712         Reviewed by Cameron Zwarich.
713
714         Fixes for Sunspider failures with the JIT enabled on x86-64.
715
716         * assembler/MacroAssembler.h:
717             Switch the order of the RegisterID & Address form of je32, to keep it consistent with jne32.
718         * jit/JIT.cpp:
719         * jit/JIT.h:
720         * jit/JITInlineMethods.h:
721             Port the m_ctiVirtualCall tramopline generation to use the MacroAssembler interface.
722         * jit/JITCall.cpp:
723             Fix bug in the non-optimizing code path, vptr check should have been to the memory address pointer
724             to by the register, not to the register itself.
725         * wrec/WRECGenerator.cpp:
726             See assembler/MacroAssembler.h, above.
727
728 2008-12-17  Gavin Barraclough  <barraclough@apple.com>
729
730         Reviewed by Sam Weinig.
731
732         print("Hello, 64-bit jitted world!");
733         Get hello-world working through the JIT, on x86-64.
734
735         * assembler/X86Assembler.h:
736             Fix encoding of opcode + RegisterID format instructions for 64-bit.
737         * interpreter/Interpreter.cpp:
738         * interpreter/Interpreter.h:
739             Make VoidPtrPair actually be a pair of void*s.
740             (Possibly should make this change for 32-bit Mac platforms, too - but won't change 32-bit behaviour in this patch).
741         * jit/JIT.cpp:
742         * jit/JIT.h:
743             Provide names for the timeoutCheckRegister & callFrameRegister on x86-64,
744             force x86-64 ctiTrampoline arguments onto the stack,
745             implement the asm trampolines for x86-64,
746             implement the restoreArgumentReference methods for x86-64 calling conventions.
747         * jit/JITCall.cpp:
748         * jit/JITInlineMethods.h:
749         * wtf/Platform.h:
750             Add switch settings to ENABLE(JIT), on PLATFORM(X86_64) (currently still disabled).
751
752 2008-12-17  Sam Weinig  <sam@webkit.org>
753
754         Reviewed by Gavin Barraclough.
755
756         Add more CodeBlock statistics.
757
758         * bytecode/CodeBlock.cpp:
759         (JSC::CodeBlock::dumpStatistics):
760
761 2008-12-17  Sam Weinig  <sam@webkit.org>
762
763         Reviewed by Darin Adler.
764
765         Fix for https://bugs.webkit.org/show_bug.cgi?id=22897
766         <rdar://problem/6428342>
767         Look into feasibility of discarding bytecode after native codegen
768
769         Clear the bytecode Instruction vector at the end JIT generation.
770
771         Saves 4.8 MB on Membuster head.
772
773         * bytecode/CodeBlock.cpp:
774         (JSC::CodeBlock::dump): Add logging for the case that someone tries
775         to dump the instructions of a CodeBlock that has had its bytecode
776         vector cleared.
777         (JSC::CodeBlock::CodeBlock): Initialize the instructionCount
778         (JSC::CodeBlock::handlerForBytecodeOffset): Use instructionCount instead
779         of the size of the instruction vector in the assertion.
780         (JSC::CodeBlock::lineNumberForBytecodeOffset): Ditto.
781         (JSC::CodeBlock::expressionRangeForBytecodeOffset): Ditto.
782         (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset): Ditto.
783         (JSC::CodeBlock::functionRegisterForBytecodeOffset): Ditto.
784         * bytecode/CodeBlock.h:
785         (JSC::CodeBlock::setInstructionCount): Store the instruction vector size
786         in debug builds for assertions.
787         * bytecompiler/BytecodeGenerator.cpp:
788         (JSC::BytecodeGenerator::generate):
789         * jit/JIT.cpp:
790         (JSC::JIT::privateCompile): Clear the bytecode vector unless we
791         have compiled with Opcode sampling where we will continue to require it
792
793 2008-12-17  Cary Clark  <caryclark@google.com>
794
795         Reviewed by Darin Adler.
796         Landed by Adam Barth.
797
798         Add ENABLE_TEXT_CARET to permit the ANDROID platform
799         to invalidate and draw the caret in a separate thread.
800
801         * wtf/Platform.h:
802         Default ENABLE_TEXT_CARET to 1.
803
804 2008-12-17  Alexey Proskuryakov  <ap@webkit.org>
805
806         Reviewed by Darin Adler.
807
808         Don't use unique context group in JSGlobalContextCreate() on Tiger or Leopard, take two.
809
810         * API/JSContextRef.cpp: The previous patch that claimed to do this was making Tiger and
811         Leopard always use unique context group instead.
812
813 2008-12-16  Sam Weinig  <sam@webkit.org>
814
815         Reviewed by Geoffrey Garen.
816
817         Fix for https://bugs.webkit.org/show_bug.cgi?id=22838
818         Remove dependency on the bytecode Instruction buffer in Interpreter::throwException
819         Part of <rdar://problem/6428342>
820
821         * bytecode/CodeBlock.cpp:
822         (JSC::CodeBlock::functionRegisterForBytecodeOffset): Added. Function to get
823         a function Register index in a callFrame for a bytecode offset.
824         (JSC::CodeBlock::shrinkToFit): Shrink m_getByIdExceptionInfo and m_functionRegisterInfos.
825         * bytecode/CodeBlock.h:
826         (JSC::FunctionRegisterInfo::FunctionRegisterInfo): Added.
827         (JSC::CodeBlock::addFunctionRegisterInfo):
828         * bytecompiler/BytecodeGenerator.cpp:
829         (JSC::BytecodeGenerator::emitCall):
830         * interpreter/Interpreter.cpp:
831         (JSC::Interpreter::throwException): Use functionRegisterForBytecodeOffset in JIT
832         mode.
833
834 2008-12-16  Sam Weinig  <sam@webkit.org>
835
836         Reviewed by Gavin Barraclough.
837
838         Fix for https://bugs.webkit.org/show_bug.cgi?id=22837
839         Remove dependency on the bytecode Instruction buffer in Interpreter::cti_op_call_NotJSFunction
840         Part of <rdar://problem/6428342>
841
842         * interpreter/CallFrame.h: Added comment regarding returnPC storing a void*.
843         * interpreter/Interpreter.cpp:
844         (JSC::bytecodeOffsetForPC): We no longer have any cases of the PC
845         being in the instruction stream for JIT, so we can remove the check.
846         (JSC::Interpreter::cti_op_call_NotJSFunction): Use the CTI_RETURN_ADDRESS
847         as the call frame returnPC as it is only necessary for looking up when
848         throwing an exception.
849         * interpreter/RegisterFile.h:
850         (JSC::RegisterFile::): Added comment regarding returnPC storing a void*.
851         * jit/JIT.h: Remove ARG_instr4.
852         * jit/JITCall.cpp:
853         (JSC::JIT::compileOpCallSetupArgs): Don't pass the instruction pointer.
854
855 2008-12-16  Darin Adler  <darin@apple.com>
856
857         Reviewed and landed by Cameron Zwarich.
858
859         Preparatory work for fixing
860
861         Bug 22887: Make UString::Rep use RefCounted rather than implementing its own ref counting
862         <https://bugs.webkit.org/show_bug.cgi?id=22887>
863
864         Change the various string translators used by Identifier:add() so that
865         they never zero the ref count of a newly created UString::Rep.
866
867         * runtime/Identifier.cpp:
868         (JSC::CStringTranslator::translate):
869         (JSC::Identifier::add):
870         (JSC::UCharBufferTranslator::translate):
871
872 2008-12-16  Gavin Barraclough  <barraclough@apple.com>
873
874         Build fix for 'doze.
875
876         * assembler/AssemblerBuffer.h:
877
878 2008-12-16  Gavin Barraclough  <barraclough@apple.com>
879
880         Reviewed by Cameron Zwarich.
881
882         Make the JIT compile on x86-64.
883         This largely involves populting the missing calls in MacroAssembler.h.
884         In addition some reinterpret_casts need removing from the JIT, and the
885         repatching property access code will need to be fully compiled out for
886         now.  The changes in interpret.cpp are to reorder the functions so that
887         the _generic forms come before all other property access methods, and
888         then to place all property access methods other than the generic forms
889         under control of the ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS macro.
890
891         No performance impact.
892
893         * assembler/AssemblerBuffer.h:
894         (JSC::AssemblerBuffer::putInt64Unchecked):
895         * assembler/MacroAssembler.h:
896         (JSC::MacroAssembler::loadPtr):
897         (JSC::MacroAssembler::load32):
898         (JSC::MacroAssembler::storePtr):
899         (JSC::MacroAssembler::storePtrWithRepatch):
900         (JSC::MacroAssembler::store32):
901         (JSC::MacroAssembler::poke):
902         (JSC::MacroAssembler::move):
903         (JSC::MacroAssembler::testImm64):
904         (JSC::MacroAssembler::jePtr):
905         (JSC::MacroAssembler::jnePtr):
906         (JSC::MacroAssembler::jnzPtr):
907         (JSC::MacroAssembler::jzPtr):
908         * assembler/X86Assembler.h:
909         (JSC::X86Assembler::):
910         (JSC::X86Assembler::cmpq_rr):
911         (JSC::X86Assembler::cmpq_rm):
912         (JSC::X86Assembler::cmpq_im):
913         (JSC::X86Assembler::testq_i32m):
914         (JSC::X86Assembler::movl_mEAX):
915         (JSC::X86Assembler::movl_i32r):
916         (JSC::X86Assembler::movl_EAXm):
917         (JSC::X86Assembler::movq_rm):
918         (JSC::X86Assembler::movq_mEAX):
919         (JSC::X86Assembler::movq_mr):
920         (JSC::X86Assembler::movq_i64r):
921         (JSC::X86Assembler::movl_mr):
922         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp64):
923         (JSC::X86Assembler::X86InstructionFormatter::immediate64):
924         * interpreter/Interpreter.cpp:
925         (JSC::Interpreter::cti_op_put_by_id_generic):
926         (JSC::Interpreter::cti_op_get_by_id_generic):
927         (JSC::Interpreter::cti_op_put_by_id):
928         (JSC::Interpreter::cti_op_put_by_id_second):
929         * jit/JIT.cpp:
930         (JSC::JIT::privateCompileMainPass):
931         (JSC::JIT::privateCompile):
932         (JSC::JIT::privateCompileCTIMachineTrampolines):
933         * jit/JITCall.cpp:
934         (JSC::JIT::compileOpCallSetupArgs):
935         (JSC::JIT::compileOpCall):
936         * jit/JITPropertyAccess.cpp:
937         (JSC::JIT::compileGetByIdHotPath):
938         (JSC::JIT::compilePutByIdHotPath):
939         * runtime/JSImmediate.h:
940         (JSC::JSImmediate::makeInt):
941
942 2008-12-16  Cameron Zwarich  <zwarich@apple.com>
943
944         Reviewed by Darin Adler.
945
946         Bug 22869: REGRESSION (r38407): http://news.cnet.com/8301-13579_3-9953533-37.html crashes
947         <https://bugs.webkit.org/show_bug.cgi?id=22869>
948         <rdar://problem/6402499>
949
950         Before r38407, Structure::m_nameInPrevious was ref'd due to it being
951         stored in a PropertyMap. However, PropertyMaps are created lazily after
952         r38407, so Structure::m_nameInPrevious is not necessarily ref'd while
953         it is being used. Making it a RefPtr instead of a raw pointer fixes
954         the problem.
955
956         Unfortunately, the crash in the bug is rather intermittent, and it is
957         impossible to add an assertion in UString::Ref::ref() to catch this bug
958         because some users of UString::Rep deliberately zero out the reference
959         count. Therefore, there is no layout test accompanying this bug fix.
960
961         * runtime/Structure.cpp:
962         (JSC::Structure::~Structure): Use get().
963         (JSC::Structure::materializePropertyMap): Use get().
964         (JSC::Structure::addPropertyTransitionToExistingStructure): Use get().
965         (JSC::Structure::addPropertyTransition): Use get().
966         * runtime/Structure.h: Make Structure::m_nameInPrevious a RefPtr instead
967         of a raw pointer.
968
969 2008-12-16  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
970
971         Not reviewed. Attempt to fix win build. No 'using namespace WTF' in this file, needs manual WTF:: prefix.
972         Not sure why the build works as is here.
973
974         * runtime/MathObject.cpp:
975         (JSC::mathProtoFuncRandom):
976
977 2008-12-16  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
978
979         Reviewed by Darin Adler.
980
981         Fixes: https://bugs.webkit.org/show_bug.cgi?id=22876
982
983         Unify random number generation in JavaScriptCore & WebCore, by introducing
984         wtf/RandomNumber.h and moving wtf_random/wtf_random_init out of MathExtras.h.
985
986         wtf_random_init() has been renamed to initializeRandomNumberGenerator() and
987         lives in it's own private header: wtf/RandomNumberSeed.h, only intended to
988         be used from within JavaScriptCore.
989
990         wtf_random() has been renamed to randomNumber() and lives in a public header
991         wtf/RandomNumber.h, usable from within JavaScriptCore & WebCore. It encapsulates
992         the code taking care of initializing the random number generator (only when
993         building without ENABLE(JSC_MULTIPLE_THREADS), otherwhise initializeThreading()
994         already took care of that).
995
996         Functional change on darwin: Use random() instead of rand(), as it got a larger
997         period (more randomness). HTMLFormElement already contains this implementation
998         and I just moved it in randomNumber(), as  special case for PLATFORM(DARWIN).
999
1000         * GNUmakefile.am: Add RandomNumber.(cpp/h) / RandomNumberSeed.h.
1001         * JavaScriptCore.exp: Ditto.
1002         * JavaScriptCore.pri: Ditto.
1003         * JavaScriptCore.scons: Ditto.
1004         * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
1005         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
1006         * JavaScriptCoreSources.bkl: Ditto.
1007         * runtime/MathObject.cpp: Use new WTF::randomNumber() functionality.
1008         (JSC::mathProtoFuncRandom):
1009         * wtf/MathExtras.h: Move wtf_random / wtf_random_init to new files.
1010         * wtf/RandomNumber.cpp: Added.
1011         (WTF::randomNumber):
1012         * wtf/RandomNumber.h: Added.
1013         * wtf/RandomNumberSeed.h: Added. Internal usage within JSC only.
1014         (WTF::initializeRandomNumberGenerator):
1015         * wtf/ThreadingGtk.cpp: Rename wtf_random_init() to initializeRandomNumberGenerator().
1016         (WTF::initializeThreading):
1017         * wtf/ThreadingPthreads.cpp: Ditto.
1018         (WTF::initializeThreading):
1019         * wtf/ThreadingQt.cpp: Ditto.
1020         (WTF::initializeThreading):
1021         * wtf/ThreadingWin.cpp: Ditto.
1022         (WTF::initializeThreading):
1023
1024 2008-12-16 Yael Aharon <yael.aharon@nokia.com>
1025
1026         Reviewed by Tor Arne Vestbø.
1027
1028         Qt/Win build fix
1029
1030         * JavaScriptCore.pri:
1031
1032 2008-12-15  Mark Rowe  <mrowe@apple.com>
1033
1034         Reviewed by Cameron Zwarich.
1035
1036         Fix the build with GCC 4.0.
1037
1038         * Configurations/JavaScriptCore.xcconfig:  GCC 4.0 appears to have a bug when compiling with -funwind-tables on,
1039         so don't use it with that compiler version.
1040
1041 2008-12-15  Mark Rowe  <mrowe@apple.com>
1042
1043         Rubber-stamped by Cameron Zwarich.
1044
1045         <rdar://problem/6289933> Change WebKit-related projects to build with GCC 4.2 on Leopard.
1046
1047         * Configurations/Base.xcconfig:
1048         * Configurations/DebugRelease.xcconfig:
1049
1050 2008-12-15  Alexey Proskuryakov  <ap@webkit.org>
1051
1052         Reviewed by Darin Adler.
1053
1054         Don't use unique context group in JSGlobalContextCreate() on Tiger or Leopard.
1055
1056         * API/JSContextRef.cpp: (JSGlobalContextCreate):
1057
1058 2008-12-15  Alexey Proskuryakov  <ap@webkit.org>
1059
1060         Reviewed by Darin Adler.
1061
1062         <rdar://problem/6445089> Mach ports leak from worker threads
1063
1064         * interpreter/Interpreter.cpp: (JSC::getCPUTime):
1065         Deallocate the thread self port.
1066
1067 2008-12-15  Gavin Barraclough  <barraclough@apple.com>
1068
1069         Reviewed by Mark Rowe.
1070
1071         Construct stack frames in JIT code, so that backtracing can still work.
1072         <rdar://problem/6447870> JIT should play nice with attempts to take stack traces
1073
1074         * jit/JIT.cpp:
1075         (JSC::):
1076         (JSC::JIT::privateCompileMainPass):
1077
1078 2008-12-15  Mark Rowe  <mrowe@apple.com>
1079
1080         Reviewed by Gavin Barraclough.
1081
1082         <rdar://problem/6402262> JavaScriptCore needs exception handling tables in order to get stack traces without frame pointers
1083
1084         * Configurations/JavaScriptCore.xcconfig:
1085
1086 2008-12-15  Gavin Barraclough  <barraclough@apple.com>
1087
1088         Rubber stamped by Mark Rowe.
1089
1090         Revert r39226 / Bug 22818: Unify JIT callback argument access OS X / Windows
1091         This causes Acid3 failures – reverting for now & will revisit later.
1092         https://bugs.webkit.org/show_bug.cgi?id=22873
1093
1094         * interpreter/Interpreter.h:
1095         * jit/JIT.cpp:
1096         (JSC::JIT::privateCompileCTIMachineTrampolines):
1097         * jit/JIT.h:
1098         * jit/JITInlineMethods.h:
1099         (JSC::JIT::restoreArgumentReference):
1100         (JSC::JIT::restoreArgumentReferenceForTrampoline):
1101         (JSC::JIT::emitCTICall_internal):
1102         * jit/JITPropertyAccess.cpp:
1103         (JSC::JIT::privateCompilePutByIdTransition):
1104         * wtf/Platform.h:
1105
1106 2008-12-15  Darin Adler  <darin@apple.com>
1107
1108         Reviewed by Sam Weinig.
1109
1110         - fix <rdar://problem/6427048> crash due to infinite recursion after setting window.__proto__ = window
1111
1112         Replaced toGlobalObject with the more generally useful unwrappedObject and used it to
1113         fix the cycle detection code in put(__proto__).
1114
1115         * JavaScriptCore.exp: Updated.
1116
1117         * runtime/JSGlobalObject.cpp: Removed toGlobalObject. We now use unwrappedObject instead.
1118         * runtime/JSGlobalObject.h:
1119         (JSC::JSGlobalObject::isGlobalObject): Ditto.
1120
1121         * runtime/JSGlobalObjectFunctions.cpp:
1122         (JSC::globalFuncEval): Use unwrappedObject and isGlobalObject here rather than toGlobalObject.
1123
1124         * runtime/JSObject.cpp:
1125         (JSC::JSObject::put): Rewrote prototype cycle checking loop. Use unwrappedObject in the loop now.
1126         (JSC::JSObject::unwrappedObject): Replaced toGlobalObject with this new function.
1127         * runtime/JSObject.h: More of the same.
1128
1129 2008-12-15  Steve Falkenburg  <sfalken@apple.com>
1130
1131         Windows build fix.
1132         
1133         Visual Studio requires visibility of forward declarations to match class declaration.
1134
1135         * assembler/X86Assembler.h:
1136
1137 2008-12-15  Gustavo Noronha Silva  <kov@kov.eti.br>
1138
1139         Reviewed by Mark Rowe.
1140
1141         https://bugs.webkit.org/show_bug.cgi?id=22686
1142
1143         GTK+ build fix.
1144
1145         * GNUmakefile.am:
1146
1147 2008-12-15  Gavin Barraclough  <barraclough@apple.com>
1148
1149         Reviewed by Geoff Garen.
1150
1151         Add support to X86Assembler emitting instructions that access all 16 registers on x86-64.
1152         Add a new formating class, that is reponsible for both emitting the opcode bytes and the
1153         ModRm  bytes of an instruction in a single call; this can insert the REX byte as necessary
1154         before the opcode, but has access to the register numbers to build the REX.
1155
1156         * assembler/AssemblerBuffer.h:
1157         (JSC::AssemblerBuffer::isAligned):
1158         (JSC::AssemblerBuffer::data):
1159         * assembler/MacroAssembler.h:
1160         (JSC::MacroAssembler::addPtr):
1161         (JSC::MacroAssembler::add32):
1162         (JSC::MacroAssembler::and32):
1163         (JSC::MacroAssembler::or32):
1164         (JSC::MacroAssembler::sub32):
1165         (JSC::MacroAssembler::xor32):
1166         (JSC::MacroAssembler::loadPtr):
1167         (JSC::MacroAssembler::load32):
1168         (JSC::MacroAssembler::load16):
1169         (JSC::MacroAssembler::storePtr):
1170         (JSC::MacroAssembler::storePtrWithRepatch):
1171         (JSC::MacroAssembler::store32):
1172         (JSC::MacroAssembler::pop):
1173         (JSC::MacroAssembler::push):
1174         (JSC::MacroAssembler::compareImm32ForBranch):
1175         (JSC::MacroAssembler::compareImm32ForBranchEquality):
1176         (JSC::MacroAssembler::testImm32):
1177         (JSC::MacroAssembler::jae32):
1178         (JSC::MacroAssembler::jb32):
1179         (JSC::MacroAssembler::je16):
1180         (JSC::MacroAssembler::jg32):
1181         (JSC::MacroAssembler::jnePtr):
1182         (JSC::MacroAssembler::jne32):
1183         (JSC::MacroAssembler::jump):
1184         * assembler/X86Assembler.h:
1185         (JSC::X86::):
1186         (JSC::X86Assembler::):
1187         (JSC::X86Assembler::size):
1188         (JSC::X86Assembler::push_r):
1189         (JSC::X86Assembler::pop_r):
1190         (JSC::X86Assembler::push_i32):
1191         (JSC::X86Assembler::push_m):
1192         (JSC::X86Assembler::pop_m):
1193         (JSC::X86Assembler::addl_rr):
1194         (JSC::X86Assembler::addl_mr):
1195         (JSC::X86Assembler::addl_ir):
1196         (JSC::X86Assembler::addq_ir):
1197         (JSC::X86Assembler::addl_im):
1198         (JSC::X86Assembler::andl_rr):
1199         (JSC::X86Assembler::andl_ir):
1200         (JSC::X86Assembler::orl_rr):
1201         (JSC::X86Assembler::orl_mr):
1202         (JSC::X86Assembler::orl_ir):
1203         (JSC::X86Assembler::subl_rr):
1204         (JSC::X86Assembler::subl_mr):
1205         (JSC::X86Assembler::subl_ir):
1206         (JSC::X86Assembler::subl_im):
1207         (JSC::X86Assembler::xorl_rr):
1208         (JSC::X86Assembler::xorl_ir):
1209         (JSC::X86Assembler::sarl_i8r):
1210         (JSC::X86Assembler::sarl_CLr):
1211         (JSC::X86Assembler::shll_i8r):
1212         (JSC::X86Assembler::shll_CLr):
1213         (JSC::X86Assembler::imull_rr):
1214         (JSC::X86Assembler::imull_i32r):
1215         (JSC::X86Assembler::idivl_r):
1216         (JSC::X86Assembler::cmpl_rr):
1217         (JSC::X86Assembler::cmpl_rm):
1218         (JSC::X86Assembler::cmpl_mr):
1219         (JSC::X86Assembler::cmpl_ir):
1220         (JSC::X86Assembler::cmpl_ir_force32):
1221         (JSC::X86Assembler::cmpl_im):
1222         (JSC::X86Assembler::cmpl_im_force32):
1223         (JSC::X86Assembler::cmpw_rm):
1224         (JSC::X86Assembler::testl_rr):
1225         (JSC::X86Assembler::testl_i32r):
1226         (JSC::X86Assembler::testl_i32m):
1227         (JSC::X86Assembler::testq_rr):
1228         (JSC::X86Assembler::testq_i32r):
1229         (JSC::X86Assembler::testb_i8r):
1230         (JSC::X86Assembler::sete_r):
1231         (JSC::X86Assembler::setz_r):
1232         (JSC::X86Assembler::setne_r):
1233         (JSC::X86Assembler::setnz_r):
1234         (JSC::X86Assembler::cdq):
1235         (JSC::X86Assembler::xchgl_rr):
1236         (JSC::X86Assembler::movl_rr):
1237         (JSC::X86Assembler::movl_rm):
1238         (JSC::X86Assembler::movl_mr):
1239         (JSC::X86Assembler::movl_i32r):
1240         (JSC::X86Assembler::movl_i32m):
1241         (JSC::X86Assembler::movq_rr):
1242         (JSC::X86Assembler::movq_rm):
1243         (JSC::X86Assembler::movq_mr):
1244         (JSC::X86Assembler::movzwl_mr):
1245         (JSC::X86Assembler::movzbl_rr):
1246         (JSC::X86Assembler::leal_mr):
1247         (JSC::X86Assembler::call):
1248         (JSC::X86Assembler::jmp):
1249         (JSC::X86Assembler::jmp_r):
1250         (JSC::X86Assembler::jmp_m):
1251         (JSC::X86Assembler::jne):
1252         (JSC::X86Assembler::jnz):
1253         (JSC::X86Assembler::je):
1254         (JSC::X86Assembler::jl):
1255         (JSC::X86Assembler::jb):
1256         (JSC::X86Assembler::jle):
1257         (JSC::X86Assembler::jbe):
1258         (JSC::X86Assembler::jge):
1259         (JSC::X86Assembler::jg):
1260         (JSC::X86Assembler::ja):
1261         (JSC::X86Assembler::jae):
1262         (JSC::X86Assembler::jo):
1263         (JSC::X86Assembler::jp):
1264         (JSC::X86Assembler::js):
1265         (JSC::X86Assembler::addsd_rr):
1266         (JSC::X86Assembler::addsd_mr):
1267         (JSC::X86Assembler::cvtsi2sd_rr):
1268         (JSC::X86Assembler::cvttsd2si_rr):
1269         (JSC::X86Assembler::movd_rr):
1270         (JSC::X86Assembler::movsd_rm):
1271         (JSC::X86Assembler::movsd_mr):
1272         (JSC::X86Assembler::mulsd_rr):
1273         (JSC::X86Assembler::mulsd_mr):
1274         (JSC::X86Assembler::pextrw_irr):
1275         (JSC::X86Assembler::subsd_rr):
1276         (JSC::X86Assembler::subsd_mr):
1277         (JSC::X86Assembler::ucomis_rr):
1278         (JSC::X86Assembler::int3):
1279         (JSC::X86Assembler::ret):
1280         (JSC::X86Assembler::predictNotTaken):
1281         (JSC::X86Assembler::label):
1282         (JSC::X86Assembler::align):
1283         (JSC::X86Assembler::link):
1284         (JSC::X86Assembler::executableCopy):
1285         (JSC::X86Assembler::X86InstructionFormater::prefix):
1286         (JSC::X86Assembler::X86InstructionFormater::oneByteOp):
1287         (JSC::X86Assembler::X86InstructionFormater::twoByteOp):
1288         (JSC::X86Assembler::X86InstructionFormater::oneByteOp64):
1289         (JSC::X86Assembler::X86InstructionFormater::oneByteOp8):
1290         (JSC::X86Assembler::X86InstructionFormater::twoByteOp8):
1291         (JSC::X86Assembler::X86InstructionFormater::instructionImmediate8):
1292         (JSC::X86Assembler::X86InstructionFormater::instructionImmediate32):
1293         (JSC::X86Assembler::X86InstructionFormater::instructionRel32):
1294         (JSC::X86Assembler::X86InstructionFormater::size):
1295         (JSC::X86Assembler::X86InstructionFormater::isAligned):
1296         (JSC::X86Assembler::X86InstructionFormater::data):
1297         (JSC::X86Assembler::X86InstructionFormater::executableCopy):
1298         (JSC::X86Assembler::X86InstructionFormater::registerModRM):
1299         (JSC::X86Assembler::X86InstructionFormater::memoryModRM):
1300         * jit/JIT.cpp:
1301         (JSC::JIT::privateCompileMainPass):
1302         (JSC::JIT::privateCompile):
1303         (JSC::JIT::privateCompileCTIMachineTrampolines):
1304         * jit/JITArithmetic.cpp:
1305         (JSC::JIT::putDoubleResultToJSNumberCellOrJSImmediate):
1306         (JSC::JIT::compileBinaryArithOp):
1307         * jit/JITCall.cpp:
1308         (JSC::JIT::compileOpCall):
1309         (JSC::JIT::compileOpCallSlowCase):
1310         * jit/JITPropertyAccess.cpp:
1311         (JSC::JIT::compileGetByIdHotPath):
1312         (JSC::JIT::compilePutByIdHotPath):
1313         (JSC::JIT::privateCompilePutByIdTransition):
1314         (JSC::JIT::privateCompilePatchGetArrayLength):
1315         (JSC::JIT::privateCompileGetByIdProto):
1316         (JSC::JIT::privateCompileGetByIdProtoList):
1317         (JSC::JIT::privateCompileGetByIdChainList):
1318         (JSC::JIT::privateCompileGetByIdChain):
1319
1320 2008-12-15  Darin Adler  <darin@apple.com>
1321
1322         * interpreter/RegisterFile.h: Tweak include formatting.
1323
1324 2008-12-15  Holger Hans Peter Freyther  <zecke@selfish.org>
1325
1326         Build fix for Gtk+.
1327
1328         * interpreter/RegisterFile.h: Include stdio.h for fprintf
1329
1330 2008-12-15  Alexey Proskuryakov  <ap@webkit.org>
1331
1332         Reviewed by Oliver Hunt.
1333
1334         <rdar://problem/6444455> Worker Thread crash running multiple workers for a moderate amount of time
1335
1336         * interpreter/RegisterFile.h: (JSC::RegisterFile::RegisterFile):
1337         Improve error handling: if mmap fails, crash immediately, and print out the reason.
1338
1339 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1340
1341         Reviewed by Cameron Zwarich.
1342
1343         Re-enable WREC on 64-bit.
1344         Implements one of the MacroAssembler::jnzPtr methods, previously only implemented for 32-bit x86.
1345
1346         https://bugs.webkit.org/show_bug.cgi?id=22849
1347
1348         * assembler/MacroAssembler.h:
1349         (JSC::MacroAssembler::testImm64):
1350         (JSC::MacroAssembler::jnzPtr):
1351         * assembler/X86Assembler.h:
1352         (JSC::X86Assembler::testq_i32r):
1353         (JSC::X86Assembler::testq_rr):
1354         * wtf/Platform.h:
1355
1356 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1357
1358         Fix PPC builds.
1359
1360         * assembler/MacroAssembler.h:
1361
1362 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1363
1364         Build fix only, no review.
1365
1366         * bytecode/CodeBlock.h:
1367
1368 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1369
1370         Reviewed by Cameron Zwarich.
1371
1372         Port the remainder of the JIT, bar calling convention related code, and code
1373         implementing optimizations which can be disabled, to use the MacroAssembler.
1374
1375         * assembler/MacroAssembler.h:
1376         (JSC::MacroAssembler::DataLabelPtr::DataLabelPtr):
1377         (JSC::MacroAssembler::RepatchBuffer::RepatchBuffer):
1378         (JSC::MacroAssembler::RepatchBuffer::link):
1379         (JSC::MacroAssembler::RepatchBuffer::addressOf):
1380         (JSC::MacroAssembler::RepatchBuffer::setPtr):
1381         (JSC::MacroAssembler::addPtr):
1382         (JSC::MacroAssembler::lshift32):
1383         (JSC::MacroAssembler::mod32):
1384         (JSC::MacroAssembler::rshift32):
1385         (JSC::MacroAssembler::storePtrWithRepatch):
1386         (JSC::MacroAssembler::jnzPtr):
1387         (JSC::MacroAssembler::jzPtr):
1388         (JSC::MacroAssembler::jump):
1389         (JSC::MacroAssembler::label):
1390         * assembler/X86Assembler.h:
1391         (JSC::X86Assembler::):
1392         (JSC::X86Assembler::xchgl_rr):
1393         (JSC::X86Assembler::jmp_m):
1394         (JSC::X86Assembler::repatchAddress):
1395         (JSC::X86Assembler::getRelocatedAddress):
1396         * bytecode/CodeBlock.cpp:
1397         (JSC::CodeBlock::CodeBlock):
1398         * bytecode/CodeBlock.h:
1399         (JSC::JITCodeRef::JITCodeRef):
1400         (JSC::CodeBlock::setJITCode):
1401         (JSC::CodeBlock::jitCode):
1402         (JSC::CodeBlock::executablePool):
1403         * jit/JIT.cpp:
1404         (JSC::JIT::privateCompileMainPass):
1405         (JSC::JIT::privateCompileLinkPass):
1406         (JSC::JIT::privateCompile):
1407         (JSC::JIT::privateCompileCTIMachineTrampolines):
1408         * jit/JIT.h:
1409         (JSC::CallRecord::CallRecord):
1410         (JSC::JumpTable::JumpTable):
1411         (JSC::JIT::emitCTICall):
1412         (JSC::JIT::JSRInfo::JSRInfo):
1413         * jit/JITArithmetic.cpp:
1414         * jit/JITCall.cpp:
1415         * jit/JITInlineMethods.h:
1416         (JSC::JIT::emitNakedCall):
1417         (JSC::JIT::emitCTICall_internal):
1418         (JSC::JIT::checkStructure):
1419         (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
1420         (JSC::JIT::addSlowCase):
1421         (JSC::JIT::addJump):
1422         (JSC::JIT::emitJumpSlowToHot):
1423         * jit/JITPropertyAccess.cpp:
1424         (JSC::JIT::privateCompileGetByIdChainList):
1425         (JSC::JIT::privateCompileGetByIdChain):
1426
1427 2008-12-12  Cameron Zwarich  <zwarich@apple.com>
1428
1429         Reviewed by Sam Weinig.
1430
1431         Fix the failures of the following layout tests, which regressed in
1432         r39255:
1433
1434         fast/dom/StyleSheet/ownerNode-lifetime-2.html
1435         fast/xsl/transform-xhr-doc.xhtml
1436
1437         The binary search in CodeBlock::getByIdExceptionInfoForBytecodeOffset()
1438         doesn't guarantee that it actually finds a match, so add an explicit check
1439         for this.
1440
1441         * bytecode/CodeBlock.cpp:
1442         (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
1443
1444 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1445
1446         Reviewed by Cameron Zwarich.
1447
1448         Replace emitPutCallArg methods with emitPutJITStubArg methods.  Primarily to make the argument numbering
1449         more sensible (1-based incrementing by 1, rather than 0-based incrementing by 4).  The CTI name also seems
1450         to be being deprecated from the code generally.
1451
1452         * jit/JIT.cpp:
1453         (JSC::JIT::privateCompileMainPass):
1454         (JSC::JIT::privateCompileSlowCases):
1455         (JSC::JIT::privateCompileCTIMachineTrampolines):
1456         * jit/JIT.h:
1457         * jit/JITArithmetic.cpp:
1458         (JSC::JIT::compileBinaryArithOp):
1459         (JSC::JIT::compileBinaryArithOpSlowCase):
1460         * jit/JITCall.cpp:
1461         (JSC::JIT::compileOpCallSetupArgs):
1462         (JSC::JIT::compileOpCallEvalSetupArgs):
1463         (JSC::JIT::compileOpConstructSetupArgs):
1464         (JSC::JIT::compileOpCall):
1465         * jit/JITInlineMethods.h:
1466         (JSC::JIT::emitPutJITStubArg):
1467         (JSC::JIT::emitPutJITStubArgConstant):
1468         (JSC::JIT::emitGetJITStubArg):
1469         (JSC::JIT::emitPutJITStubArgFromVirtualRegister):
1470         * jit/JITPropertyAccess.cpp:
1471         (JSC::JIT::compileGetByIdHotPath):
1472         (JSC::JIT::compilePutByIdHotPath):
1473         (JSC::JIT::compileGetByIdSlowCase):
1474         (JSC::JIT::compilePutByIdSlowCase):
1475
1476 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1477
1478         Fix windows builds.
1479
1480         * jit/JIT.cpp:
1481         (JSC::JIT::privateCompileMainPass):
1482         (JSC::JIT::privateCompileSlowCases):
1483         (JSC::JIT::privateCompile):
1484
1485 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1486
1487         Reviewed by Geoff Garen.
1488
1489         Remove loop counter 'i' from the JIT generation passes, replace with a member m_bytecodeIndex.
1490
1491         No impact on performance.
1492
1493         * jit/JIT.cpp:
1494         (JSC::JIT::compileOpStrictEq):
1495         (JSC::JIT::emitSlowScriptCheck):
1496         (JSC::JIT::privateCompileMainPass):
1497         (JSC::JIT::privateCompileSlowCases):
1498         (JSC::JIT::privateCompile):
1499         * jit/JIT.h:
1500         (JSC::CallRecord::CallRecord):
1501         (JSC::JmpTable::JmpTable):
1502         (JSC::JIT::emitCTICall):
1503         * jit/JITArithmetic.cpp:
1504         (JSC::JIT::compileBinaryArithOp):
1505         (JSC::JIT::compileBinaryArithOpSlowCase):
1506         * jit/JITCall.cpp:
1507         (JSC::JIT::compileOpCall):
1508         (JSC::JIT::compileOpCallSlowCase):
1509         * jit/JITInlineMethods.h:
1510         (JSC::JIT::emitGetVirtualRegister):
1511         (JSC::JIT::emitGetVirtualRegisters):
1512         (JSC::JIT::emitNakedCall):
1513         (JSC::JIT::emitCTICall_internal):
1514         (JSC::JIT::emitJumpSlowCaseIfJSCell):
1515         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
1516         (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
1517         (JSC::JIT::emitJumpSlowCaseIfNotImmNums):
1518         (JSC::JIT::emitFastArithIntToImmOrSlowCase):
1519         (JSC::JIT::addSlowCase):
1520         (JSC::JIT::addJump):
1521         (JSC::JIT::emitJumpSlowToHot):
1522         * jit/JITPropertyAccess.cpp:
1523         (JSC::JIT::compileGetByIdHotPath):
1524         (JSC::JIT::compileGetByIdSlowCase):
1525         (JSC::JIT::compilePutByIdHotPath):
1526         (JSC::JIT::compilePutByIdSlowCase):
1527
1528 2008-12-12  Sam Weinig  <sam@webkit.org>
1529
1530         Reviewed by Cameron Zwarich.
1531
1532         <rdar://problem/6428342> Look into feasibility of discarding bytecode after native codegen
1533
1534         Move more JIT functionality to using offsets into the Instruction buffer
1535         instead of raw pointers. Two to go!
1536
1537         * interpreter/Interpreter.cpp:
1538         (JSC::bytecodeOffsetForPC): Rename from vPCForPC.
1539         (JSC::Interpreter::resolve): Pass offset to exception helper.
1540         (JSC::Interpreter::resolveSkip): Ditto.
1541         (JSC::Interpreter::resolveGlobal): Ditto.
1542         (JSC::Interpreter::resolveBaseAndProperty): Ditto.
1543         (JSC::Interpreter::resolveBaseAndFunc): Ditto.
1544         (JSC::isNotObject): Ditto.
1545         (JSC::Interpreter::unwindCallFrame): Call bytecodeOffsetForPC.
1546         (JSC::Interpreter::throwException): Use offsets instead of vPCs.
1547         (JSC::Interpreter::privateExecute): Pass offset to exception helper.
1548         (JSC::Interpreter::retrieveLastCaller): Ditto.
1549         (JSC::Interpreter::cti_op_instanceof): Ditto.
1550         (JSC::Interpreter::cti_op_call_NotJSFunction): Ditto.
1551         (JSC::Interpreter::cti_op_resolve): Pass offset to exception helper.
1552         (JSC::Interpreter::cti_op_construct_NotJSConstruct): Ditto.
1553         (JSC::Interpreter::cti_op_resolve_func): Ditto.
1554         (JSC::Interpreter::cti_op_resolve_skip): Ditto.
1555         (JSC::Interpreter::cti_op_resolve_global): Ditto.
1556         (JSC::Interpreter::cti_op_resolve_with_base): Ditto.
1557         (JSC::Interpreter::cti_op_throw): Ditto.
1558         (JSC::Interpreter::cti_op_in): Ditto.
1559         (JSC::Interpreter::cti_vm_throw): Ditto.
1560         * interpreter/Interpreter.h:
1561
1562         * jit/JIT.cpp:
1563         (JSC::JIT::privateCompileMainPass): Don't pass unnecessary vPC to stub.
1564         * jit/JIT.h: Remove ARG_instr1 - ARG_instr3 and ARG_instr5 - ARG_instr6.
1565         * jit/JITCall.cpp:
1566         (JSC::JIT::compileOpCallEvalSetupArgs): Don't pass unnecessary vPC to stub..
1567         (JSC::JIT::compileOpConstructSetupArgs): Ditto.
1568
1569         * runtime/ExceptionHelpers.cpp:
1570         (JSC::createUndefinedVariableError): Take an offset instead of vPC.
1571         (JSC::createInvalidParamError): Ditto.
1572         (JSC::createNotAConstructorError): Ditto.
1573         (JSC::createNotAFunctionError): Ditto.
1574         (JSC::createNotAnObjectError): Ditto.
1575         * runtime/ExceptionHelpers.h:
1576
1577 2008-12-12  Cameron Zwarich  <zwarich@apple.com>
1578
1579         Reviewed by Oliver Hunt.
1580
1581         Bug 22835: Crash during bytecode generation when comparing to null
1582         <https://bugs.webkit.org/show_bug.cgi?id=22835>
1583         <rdar://problem/6286749>
1584
1585         Change the special cases in bytecode generation for comparison to null
1586         to use tempDestination().
1587
1588         * parser/Nodes.cpp:
1589         (JSC::BinaryOpNode::emitBytecode):
1590         (JSC::EqualNode::emitBytecode):
1591
1592 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1593
1594         Reviewed by Geoff Garen.
1595
1596         Move slow-cases of JIT code generation over to the MacroAssembler interface.
1597
1598         * assembler/MacroAssembler.h:
1599         (JSC::MacroAssembler::Label::Label):
1600         (JSC::MacroAssembler::jae32):
1601         (JSC::MacroAssembler::jg32):
1602         (JSC::MacroAssembler::jzPtr):
1603         * jit/JIT.cpp:
1604         (JSC::JIT::privateCompileSlowCases):
1605         (JSC::JIT::privateCompile):
1606         (JSC::JIT::emitGetVariableObjectRegister):
1607         (JSC::JIT::emitPutVariableObjectRegister):
1608         * jit/JIT.h:
1609         (JSC::SlowCaseEntry::SlowCaseEntry):
1610         (JSC::JIT::getSlowCase):
1611         (JSC::JIT::linkSlowCase):
1612         * jit/JITArithmetic.cpp:
1613         (JSC::JIT::compileBinaryArithOpSlowCase):
1614         * jit/JITCall.cpp:
1615         (JSC::JIT::compileOpCallInitializeCallFrame):
1616         (JSC::JIT::compileOpCall):
1617         (JSC::JIT::compileOpCallSlowCase):
1618         * jit/JITInlineMethods.h:
1619         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
1620         (JSC::JIT::linkSlowCaseIfNotJSCell):
1621         * jit/JITPropertyAccess.cpp:
1622         (JSC::JIT::compileGetByIdHotPath):
1623         (JSC::JIT::compilePutByIdHotPath):
1624         (JSC::JIT::compileGetByIdSlowCase):
1625         (JSC::JIT::compilePutByIdSlowCase):
1626
1627 2008-12-12  Cameron Zwarich  <zwarich@apple.com>
1628
1629         Reviewed by Sam Weinig.
1630
1631         Bug 22828: Do not inspect bytecode instruction stream for op_get_by_id exception information
1632         <https://bugs.webkit.org/show_bug.cgi?id=22828>
1633
1634         In order to remove the bytecode instruction stream after generating
1635         native code, all inspection of bytecode instructions at runtime must
1636         be removed. One particular instance of this is the special handling of
1637         exceptions thrown by the op_get_by_id emitted directly before an
1638         op_construct or an op_instanceof. This patch moves that information to
1639         an auxiliary data structure in CodeBlock.
1640
1641         * bytecode/CodeBlock.cpp:
1642         (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
1643         * bytecode/CodeBlock.h:
1644         (JSC::CodeBlock::addGetByIdExceptionInfo):
1645         * bytecompiler/BytecodeGenerator.cpp:
1646         (JSC::BytecodeGenerator::emitConstruct):
1647         * bytecompiler/BytecodeGenerator.h:
1648         (JSC::BytecodeGenerator::emitGetByIdExceptionInfo):
1649         * parser/Nodes.cpp:
1650         (JSC::InstanceOfNode::emitBytecode):
1651         * runtime/ExceptionHelpers.cpp:
1652         (JSC::createNotAnObjectError):
1653
1654 2008-12-12  Sam Weinig  <sam@webkit.org>
1655
1656         Reviewed by Geoffrey Garen.
1657
1658         Change exception information accessors to take offsets into the bytecode
1659         instruction buffer instead of pointers so that they can work even even
1660         if the bytecode buffer is purged.
1661
1662         * bytecode/CodeBlock.cpp:
1663         (JSC::instructionOffsetForNth):
1664         (JSC::CodeBlock::handlerForBytecodeOffset):
1665         (JSC::CodeBlock::lineNumberForBytecodeOffset):
1666         (JSC::CodeBlock::expressionRangeForBytecodeOffset):
1667         * bytecode/CodeBlock.h:
1668         * bytecode/SamplingTool.cpp:
1669         (JSC::SamplingTool::dump):
1670         * interpreter/Interpreter.cpp:
1671         (JSC::Interpreter::throwException):
1672         (JSC::Interpreter::privateExecute):
1673         (JSC::Interpreter::retrieveLastCaller):
1674         * jit/JIT.cpp:
1675         (JSC::JIT::privateCompileMainPass):
1676         * runtime/ExceptionHelpers.cpp:
1677         (JSC::createUndefinedVariableError):
1678         (JSC::createInvalidParamError):
1679         (JSC::createNotAConstructorError):
1680         (JSC::createNotAFunctionError):
1681         (JSC::createNotAnObjectError):
1682
1683 2008-12-12  Geoffrey Garen  <ggaren@apple.com>
1684
1685         Reviewed by Cameron Zwarich.
1686         
1687         Tiny bit of refactoring in quantifier generation.
1688
1689         * wrec/WRECGenerator.cpp:
1690         (JSC::WREC::Generator::generateNonGreedyQuantifier):
1691         (JSC::WREC::Generator::generateGreedyQuantifier):
1692
1693 2008-12-11  Sam Weinig  <sam@webkit.org>
1694
1695         Reviewed by Geoffrey Garen.
1696
1697         Remove dependancy on having the Instruction buffer in order to
1698         deref Structures used for property access and global resolves.
1699         Instead, we put references to the necessary Structures in auxiliary
1700         data structures on the CodeBlock. This is not an ideal solution,
1701         as we still pay for having the Structures in two places and we
1702         would like to eventually just hold on to offsets into the machine
1703         code buffer.
1704
1705         - Also removes CodeBlock bloat in non-JIT by #ifdefing the JIT
1706           only data structures.
1707
1708         * GNUmakefile.am:
1709         * JavaScriptCore.pri:
1710         * JavaScriptCore.scons:
1711         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1712         * JavaScriptCore.xcodeproj/project.pbxproj:
1713         * JavaScriptCoreSources.bkl:
1714         * bytecode/CodeBlock.cpp:
1715         (JSC::isGlobalResolve):
1716         (JSC::isPropertyAccess):
1717         (JSC::instructionOffsetForNth):
1718         (JSC::printGlobalResolveInfo):
1719         (JSC::printStructureStubInfo):
1720         (JSC::CodeBlock::printStructures):
1721         (JSC::CodeBlock::dump):
1722         (JSC::CodeBlock::~CodeBlock):
1723         (JSC::CodeBlock::shrinkToFit):
1724         * bytecode/CodeBlock.h:
1725         (JSC::GlobalResolveInfo::GlobalResolveInfo):
1726         (JSC::getNativePC):
1727         (JSC::CodeBlock::instructions):
1728         (JSC::CodeBlock::getStubInfo):
1729         (JSC::CodeBlock::getBytecodeIndex):
1730         (JSC::CodeBlock::addPropertyAccessInstruction):
1731         (JSC::CodeBlock::addGlobalResolveInstruction):
1732         (JSC::CodeBlock::numberOfStructureStubInfos):
1733         (JSC::CodeBlock::addStructureStubInfo):
1734         (JSC::CodeBlock::structureStubInfo):
1735         (JSC::CodeBlock::addGlobalResolveInfo):
1736         (JSC::CodeBlock::globalResolveInfo):
1737         (JSC::CodeBlock::numberOfCallLinkInfos):
1738         (JSC::CodeBlock::addCallLinkInfo):
1739         (JSC::CodeBlock::callLinkInfo):
1740         * bytecode/Instruction.h:
1741         (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
1742         (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
1743         * bytecode/Opcode.h:
1744         (JSC::):
1745         * bytecode/StructureStubInfo.cpp: Copied from bytecode/CodeBlock.cpp.
1746         (JSC::StructureStubInfo::deref):
1747         * bytecode/StructureStubInfo.h: Copied from bytecode/CodeBlock.h.
1748         (JSC::StructureStubInfo::StructureStubInfo):
1749         (JSC::StructureStubInfo::initGetByIdSelf):
1750         (JSC::StructureStubInfo::initGetByIdProto):
1751         (JSC::StructureStubInfo::initGetByIdChain):
1752         (JSC::StructureStubInfo::initGetByIdSelfList):
1753         (JSC::StructureStubInfo::initGetByIdProtoList):
1754         (JSC::StructureStubInfo::initPutByIdTransition):
1755         (JSC::StructureStubInfo::initPutByIdReplace):
1756         (JSC::StructureStubInfo::):
1757         * bytecompiler/BytecodeGenerator.cpp:
1758         (JSC::BytecodeGenerator::emitResolve):
1759         (JSC::BytecodeGenerator::emitGetById):
1760         (JSC::BytecodeGenerator::emitPutById):
1761         (JSC::BytecodeGenerator::emitCall):
1762         (JSC::BytecodeGenerator::emitConstruct):
1763         (JSC::BytecodeGenerator::emitCatch):
1764         * interpreter/Interpreter.cpp:
1765         (JSC::Interpreter::tryCTICachePutByID):
1766         (JSC::Interpreter::tryCTICacheGetByID):
1767         (JSC::Interpreter::cti_op_get_by_id_self_fail):
1768         (JSC::getPolymorphicAccessStructureListSlot):
1769         (JSC::Interpreter::cti_op_get_by_id_proto_list):
1770         (JSC::Interpreter::cti_op_resolve_global):
1771         * jit/JIT.cpp:
1772         (JSC::JIT::JIT):
1773         (JSC::JIT::privateCompileMainPass):
1774         (JSC::JIT::privateCompileSlowCases):
1775         (JSC::JIT::privateCompile):
1776         * jit/JITPropertyAccess.cpp:
1777         (JSC::JIT::compileGetByIdHotPath):
1778         (JSC::JIT::compilePutByIdHotPath):
1779         (JSC::JIT::compileGetByIdSlowCase):
1780         (JSC::JIT::compilePutByIdSlowCase):
1781         (JSC::JIT::privateCompileGetByIdSelfList):
1782         (JSC::JIT::privateCompileGetByIdProtoList):
1783         (JSC::JIT::privateCompileGetByIdChainList):
1784
1785 2008-12-11  Gavin Barraclough  <barraclough@apple.com>
1786
1787         Reviewed by Oliver Hunt.
1788
1789         Remove CTI_ARGUMENTS mode, use va_start implementation on Windows,
1790         unifying JIT callback (cti_*) argument access on OS X & Windows
1791
1792         No performance impact.
1793
1794         * interpreter/Interpreter.h:
1795         * jit/JIT.cpp:
1796         (JSC::JIT::privateCompileCTIMachineTrampolines):
1797         * jit/JIT.h:
1798         * jit/JITInlineMethods.h:
1799         (JSC::JIT::emitCTICall):
1800         * jit/JITPropertyAccess.cpp:
1801         (JSC::JIT::privateCompilePutByIdTransition):
1802         * wtf/Platform.h:
1803
1804 2008-12-11  Holger Freyther  <zecke@selfish.org>
1805
1806         Reviewed by Simon Hausmann.
1807
1808         https://bugs.webkit.org/show_bug.cgi?id=20953
1809
1810         For Qt it is not pratical to have a FontCache and GlyphPageTreeNode
1811         implementation. This is one of the reasons why the Qt port is currently not
1812         using WebCore/platform/graphics/Font.cpp. By allowing to not use
1813         the simple/fast-path the Qt port will be able to use it.
1814
1815         Introduce USE(FONT_FAST_PATH) and define it for every port but the
1816         Qt one.
1817
1818         * wtf/Platform.h: Enable USE(FONT_FAST_PATH)
1819
1820 2008-12-11  Gabor Loki  <loki@inf.u-szeged.hu>
1821
1822         Reviewed by Darin Adler and landed by Holger Freyther.
1823
1824         <https://bugs.webkit.org/show_bug.cgi?id=22648>
1825         Fix threading on Qt-port and Gtk-port for Sampling tool.
1826
1827         * wtf/ThreadingGtk.cpp:
1828         (WTF::waitForThreadCompletion):
1829         * wtf/ThreadingQt.cpp:
1830         (WTF::waitForThreadCompletion):
1831
1832 2008-12-10  Cameron Zwarich  <zwarich@apple.com>
1833
1834         Reviewed by Oliver Hunt.
1835
1836         Bug 22734: Debugger crashes when stepping into a function call in a return statement
1837         <https://bugs.webkit.org/show_bug.cgi?id=22734>
1838         <rdar://problem/6426796>
1839
1840         * bytecompiler/BytecodeGenerator.cpp:
1841         (JSC::BytecodeGenerator::BytecodeGenerator): The DebuggerCallFrame uses
1842         the 'this' value stored in a callFrame, so op_convert_this should be
1843         emitted at the beginning of a function body when generating bytecode
1844         with debug hooks.
1845         * debugger/DebuggerCallFrame.cpp:
1846         (JSC::DebuggerCallFrame::thisObject): The assertion inherent in the call
1847         to asObject() here is valid, because any 'this' value should have been
1848         converted to a JSObject*.
1849
1850 2008-12-10  Gavin Barraclough  <barraclough@apple.com>
1851
1852         Reviewed by Geoff Garen.
1853
1854         Port more of the JIT to use the MacroAssembler interface.
1855         
1856         Everything in the main pass, bar a few corner cases (operations with required
1857         registers, or calling convention code).  Slightly refactors array creation,
1858         moving the offset calculation into the callFrame into C code (reducing code
1859         planted).
1860
1861         Overall this appears to be a 1% win on v8-tests, due to the smaller immediates
1862         being planted (in jfalse in particular).
1863
1864         * interpreter/Interpreter.cpp:
1865         (JSC::Interpreter::cti_op_new_array):
1866         * jit/JIT.cpp:
1867         (JSC::JIT::privateCompileMainPass):
1868         (JSC::JIT::privateCompileSlowCases):
1869         * jit/JIT.h:
1870         * wrec/WRECGenerator.cpp:
1871         (JSC::WREC::Generator::generateEnter):
1872
1873 2008-12-10  Sam Weinig  <sam@webkit.org>
1874
1875         Fix non-JIT builds.
1876
1877         * bytecode/CodeBlock.h:
1878
1879 2008-12-10  Sam Weinig  <sam@webkit.org>
1880
1881         Reviewed by Geoffrey Garen.
1882
1883         <rdar://problem/6428332> Remove the CTI return address table from CodeBlock
1884
1885         Step 2:
1886
1887         Convert the return address table from a HashMap to a sorted Vector.  This
1888         reduces the size of the data structure by ~4.5MB on Membuster head.
1889
1890         SunSpider reports a 0.5% progression.
1891
1892         * bytecode/CodeBlock.cpp:
1893         (JSC::sizeInBytes): Generic method to get the cost of a Vector.
1894         (JSC::CodeBlock::dumpStatistics): Add dumping of member sizes.
1895         * bytecode/CodeBlock.h:
1896         (JSC::PC::PC): Struct representing NativePC -> VirtualPC mappings.
1897         (JSC::getNativePC): Helper for binary chop.
1898         (JSC::CodeBlock::getBytecodeIndex): Used to get the VirtualPC from a
1899         NativePC using a binary chop of the pcVector.
1900         (JSC::CodeBlock::pcVector): Accessor.
1901
1902         * interpreter/Interpreter.cpp:
1903         (JSC::vPCForPC): Use getBytecodeIndex instead of jitReturnAddressVPCMap().get().
1904         (JSC::Interpreter::cti_op_instanceof): Ditto.
1905         (JSC::Interpreter::cti_op_resolve): Ditto.
1906         (JSC::Interpreter::cti_op_resolve_func): Ditto.
1907         (JSC::Interpreter::cti_op_resolve_skip): Ditto.
1908         (JSC::Interpreter::cti_op_resolve_with_base): Ditto.
1909         (JSC::Interpreter::cti_op_throw): Ditto.
1910         (JSC::Interpreter::cti_op_in): Ditto.
1911         (JSC::Interpreter::cti_vm_throw): Ditto.
1912
1913         * jit/JIT.cpp:
1914         (JSC::JIT::privateCompile): Reserve exact capacity and fill the pcVector.
1915
1916 2008-12-09  Geoffrey Garen  <ggaren@apple.com>
1917
1918         Reviewed by Oliver Hunt.
1919
1920         Added WREC support for an assertion followed by a quantifier. Fixed
1921         PCRE to match.
1922
1923         * wrec/WRECParser.cpp:
1924         (JSC::WREC::Parser::parseParentheses): Throw away the quantifier, since
1925         it's meaningless. (Firefox does the same.)
1926
1927         * pcre/pcre_compile.cpp:
1928         (compileBranch): ditto.
1929
1930 2008-12-09  Geoffrey Garen  <ggaren@apple.com>
1931
1932         Reviewed by Cameron Zwarich.
1933
1934         In preparation for compiling WREC without PCRE:
1935         
1936         Further relaxed WREC's parsing to be more web-compatible. Fixed PCRE to
1937         match in cases where it didn't already.
1938         
1939         Changed JavaScriptCore to report syntax errors detected by WREC, rather
1940         than falling back on PCRE any time WREC sees an error.
1941         
1942         * pcre/pcre_compile.cpp:
1943         (checkEscape): Relaxed parsing of \c and \N escapes to be more
1944         web-compatible.
1945         
1946         * runtime/RegExp.cpp:
1947         (JSC::RegExp::RegExp): Only fall back on PCRE if WREC has not reported
1948         a syntax error.
1949
1950         * wrec/WREC.cpp:
1951         (JSC::WREC::Generator::compileRegExp): Fixed some error reporting to
1952         match PCRE.
1953
1954         * wrec/WRECParser.cpp: Added error messages that match PCRE.
1955
1956         (JSC::WREC::Parser::consumeGreedyQuantifier):
1957         (JSC::WREC::Parser::parseParentheses):
1958         (JSC::WREC::Parser::parseCharacterClass):
1959         (JSC::WREC::Parser::parseNonCharacterEscape): Updated the above functions to
1960         use the new setError API.
1961
1962         (JSC::WREC::Parser::consumeEscape): Relaxed parsing of \c \N \u \x \B
1963         to be more web-compatible.
1964
1965         (JSC::WREC::Parser::parseAlternative): Distinguish between a malformed
1966         quantifier and a quantifier with no prefix, like PCRE does.
1967
1968         (JSC::WREC::Parser::consumeParenthesesType): Updated to use the new setError API.
1969
1970         * wrec/WRECParser.h:
1971         (JSC::WREC::Parser::error):
1972         (JSC::WREC::Parser::syntaxError):
1973         (JSC::WREC::Parser::parsePattern):
1974         (JSC::WREC::Parser::reset):
1975         (JSC::WREC::Parser::setError): Store error messages instead of error codes,
1976         to provide for exception messages. Use a setter for reporting errors, so
1977         errors detected early are not overwritten by errors detected later.
1978
1979 2008-12-09  Gavin Barraclough  <barraclough@apple.com>
1980
1981         Reviewed by Oliver Hunt.
1982
1983         Use va_args to access cti function arguments.
1984         https://bugs.webkit.org/show_bug.cgi?id=22774
1985
1986         This may be a minor regression, but we'll take the hit if so to reduce fragility.
1987
1988         * interpreter/Interpreter.cpp:
1989         * interpreter/Interpreter.h:
1990
1991 2008-12-09  Sam Weinig  <sam@webkit.org>
1992
1993         Reviewed twice by Cameron Zwarich.
1994
1995         Fix for https://bugs.webkit.org/show_bug.cgi?id=22752
1996         Clear SymbolTable after codegen for Function codeblocks that
1997         don't require an activation
1998
1999         This is a ~1.5MB improvement on Membuster-head.
2000
2001         * bytecode/CodeBlock.cpp:
2002         (JSC::CodeBlock::dumpStatistics): Add logging of non-empty symbol tables
2003         and total size used by symbol tables.
2004         * bytecompiler/BytecodeGenerator.cpp:
2005         (JSC::BytecodeGenerator::generate): Clear the symbol table here.
2006
2007 2008-12-09  Sam Weinig  <sam@webkit.org>
2008
2009         Reviewed by Geoffrey Garen.
2010
2011         Remove unnecessary extra lookup when throwing an exception.
2012         We used to first lookup the target offset using getHandlerForVPC
2013         and then we would lookup the native code stub using 
2014         nativeExceptionCodeForHandlerVPC.  Instead, we can just pass around
2015         the HandlerInfo.
2016
2017         * bytecode/CodeBlock.cpp:
2018         (JSC::CodeBlock::handlerForVPC): Return the HandlerInfo.
2019         * bytecode/CodeBlock.h: Remove nativeExceptionCodeForHandlerVPC.
2020
2021         * interpreter/Interpreter.cpp:
2022         (JSC::Interpreter::throwException): Return a HandlerInfo instead of
2023         and Instruction offset.
2024         (JSC::Interpreter::privateExecute): Get the offset from HandlerInfo.
2025         (JSC::Interpreter::cti_op_throw): Get the native code from the HandleInfo.
2026         (JSC::Interpreter::cti_vm_throw): Ditto.
2027         * interpreter/Interpreter.h:
2028
2029 2008-12-09  Eric Seidel  <eric@webkit.org>
2030
2031         Build fix only, no review.
2032
2033         Speculative fix for the Chromium-Windows bot.
2034         Add JavaScriptCore/os-win32 to the include path (for stdint.h)
2035         Strangely it builds fine on my local windows box (or at least doesn't hit this error)
2036
2037         * JavaScriptCore.scons:
2038
2039 2008-12-09  Eric Seidel  <eric@webkit.org>
2040
2041         No review, build fix only.
2042         
2043         Add ExecutableAllocator files missing from Scons build.
2044
2045         * JavaScriptCore.scons:
2046
2047 2008-12-09  Dimitri Glazkov  <dglazkov@chromium.org>
2048
2049         Reviewed by Timothy Hatcher.
2050
2051         https://bugs.webkit.org/show_bug.cgi?id=22631
2052         Allow ScriptCallFrame query names of functions in the call stack.
2053
2054         * JavaScriptCore.exp: added InternalFunction::name and
2055         UString operator==() as exported symbol
2056
2057 2008-12-08  Judit Jasz  <jasy@inf.u-szeged.hu>
2058
2059         Reviewed and tweaked by Cameron Zwarich.
2060
2061         Bug 22352: Annotate opcodes with their length
2062         <https://bugs.webkit.org/show_bug.cgi?id=22352>
2063
2064         * bytecode/Opcode.cpp:
2065         * bytecode/Opcode.h:
2066         * interpreter/Interpreter.cpp:
2067         (JSC::Interpreter::privateExecute):
2068         * jit/JIT.cpp:
2069         (JSC::JIT::privateCompileMainPass):
2070         (JSC::JIT::privateCompileSlowCases):
2071
2072 2008-12-08  Geoffrey Garen  <ggaren@apple.com>
2073
2074         Reviewed by Oliver Hunt.
2075         
2076         Implemented more of the relaxed and somewhat weird rules for deciding
2077         how to interpret a non-pattern-character.
2078         
2079         * wrec/Escapes.h:
2080         (JSC::WREC::Escape::):
2081         (JSC::WREC::Escape::Escape): Eliminated Escape::None because it was
2082         unused. If you see an '\\', it's either a valid escape or an error.
2083
2084         * wrec/Quantifier.h:
2085         (JSC::WREC::Quantifier::Quantifier):
2086         * wrec/WRECGenerator.cpp:
2087         (JSC::WREC::Generator::generateNonGreedyQuantifier):
2088         (JSC::WREC::Generator::generateGreedyQuantifier): Renamed "noMaxSpecified"
2089         to "Infinity", since that's what it means.
2090
2091         * wrec/WRECParser.cpp:
2092         (JSC::WREC::Parser::consumeGreedyQuantifier): Re-wrote {n,m} parsing rules
2093         because they were too strict before. Added support for backtracking
2094         in the case where the {n,m} fails to parse as a quantifier, and yet is
2095         not a syntax error.
2096
2097         (JSC::WREC::Parser::parseCharacterClass):
2098         (JSC::WREC::Parser::parseNonCharacterEscape): Eliminated Escape::None,
2099         as above.
2100
2101         (JSC::WREC::Parser::consumeEscape): Don't treat ASCII and _ escapes
2102         as syntax errors. See fast/regex/non-pattern-characters.html.
2103         
2104         * wrec/WRECParser.h:
2105         (JSC::WREC::Parser::SavedState::SavedState):
2106         (JSC::WREC::Parser::SavedState::restore): Added a state backtracker,
2107         since parsing {n,m} forms requires backtracking if the form turns out
2108         not to be a quantifier.
2109
2110 2008-12-08  Geoffrey Garen  <ggaren@apple.com>
2111
2112         Reviewed by Oliver Hunt.
2113         
2114         Refactored WREC parsing so that only one piece of code needs to know
2115         the relaxed and somewhat weird rules for deciding how to interpret a
2116         non-pattern-character, in preparation for implementing those rules.
2117         
2118         Also, implemented the relaxed and somewhat weird rules for '}' and ']'.
2119
2120         * wrec/WREC.cpp: Reduced the regular expression size limit. Now that
2121         WREC handles ']' properly, it compiles fast/js/regexp-charclass-crash.html,
2122         which makes it hang at the old limit. (The old limit was based on the
2123         misimpression that the same value in PCRE limited the regular expression
2124         pattern size; in reality, it limited the expected compiled regular
2125         expression size. WREC doesn't have a way to calculate an expected
2126         compiled regular expression size, but this should be good enough.)
2127
2128         * wrec/WRECParser.cpp:
2129         (JSC::WREC::parsePatternCharacterSequence): Nixed this function because
2130         it contained a second copy of the logic for handling non-pattern-characters,
2131         which is about to get a lot more complicated.
2132
2133         (JSC::WREC::PatternCharacterSequence::PatternCharacterSequence): 
2134         (JSC::WREC::PatternCharacterSequence::size):
2135         (JSC::WREC::PatternCharacterSequence::append):
2136         (JSC::WREC::PatternCharacterSequence::flush): Helper object for generating
2137         an optimized sequence of pattern characters.
2138
2139         (JSC::WREC::Parser::parseNonCharacterEscape): Renamed to reflect the fact
2140         that the main parseAlternative loop handles character escapes.
2141
2142         (JSC::WREC::Parser::parseAlternative): Moved pattern character sequence
2143         logic from parsePatternCharacterSequence to here, using
2144         PatternCharacterSequence to help with the details.
2145
2146         * wrec/WRECParser.h: Updated for renames.
2147
2148 2008-12-08  Alexey Proskuryakov  <ap@webkit.org>
2149
2150         Reviewed by Geoff Garen.
2151
2152         <rdar://problem/6166088> Give JSGlobalContextCreate a behavior that is concurrency aware,
2153         and un-deprecate it
2154
2155         * API/JSContextRef.cpp: (JSGlobalContextCreate):
2156         * API/JSContextRef.h:
2157         Use a unique context group for the context, unless the application was linked against old
2158         JavaScriptCore.
2159
2160 2008-12-08  Sam Weinig  <sam@webkit.org>
2161
2162         Reviewed by Cameron Zwarich.
2163
2164         Fix for <rdar://problem/6428332> Remove the CTI return address table from CodeBlock
2165
2166         Step 1:
2167
2168         Remove use of jitReturnAddressVPCMap when looking for vPC to store Structures
2169         in for cached lookup.  Instead, use the offset in the StructureStubInfo that is
2170         already required.
2171
2172         * bytecode/CodeBlock.cpp:
2173         (JSC::CodeBlock::dumpStatistics): Fix extraneous semicolon.
2174         * interpreter/Interpreter.cpp:
2175         (JSC::Interpreter::tryCTICachePutByID):
2176         (JSC::Interpreter::tryCTICacheGetByID):
2177         (JSC::Interpreter::cti_op_get_by_id_self_fail):
2178         (JSC::Interpreter::cti_op_get_by_id_proto_list):
2179         * jit/JIT.h:
2180         (JSC::JIT::compileGetByIdSelf):
2181         (JSC::JIT::compileGetByIdProto):
2182         (JSC::JIT::compileGetByIdChain):
2183         (JSC::JIT::compilePutByIdReplace):
2184         (JSC::JIT::compilePutByIdTransition):
2185         * jit/JITPropertyAccess.cpp:
2186         (JSC::JIT::privateCompilePutByIdTransition):
2187         (JSC::JIT::patchGetByIdSelf):
2188         (JSC::JIT::patchPutByIdReplace):
2189         (JSC::JIT::privateCompilePatchGetArrayLength): Remove extra call to getStubInfo.
2190         (JSC::JIT::privateCompileGetByIdSelf):
2191         (JSC::JIT::privateCompileGetByIdProto):
2192         (JSC::JIT::privateCompileGetByIdChain):
2193         (JSC::JIT::privateCompilePutByIdReplace):
2194
2195 2008-12-08  Gavin Barraclough  <barraclough@apple.com>
2196
2197         Reviewed by Oliver Hunt.
2198
2199         Port the op_j?n?eq_null JIT code generation to use the MacroAssembler,
2200         and clean up slightly at the same time.  The 'j' forms currently compare,
2201         then set a register, then compare again, then branch.  Branch directly on
2202         the result of the first compare.
2203
2204         Around a 1% progression on deltablue, crypto & early boyer, for about 1/2%
2205         overall on v8-tests.
2206
2207         * jit/JIT.cpp:
2208         (JSC::JIT::privateCompileMainPass):
2209         * jit/JITPropertyAccess.cpp:
2210         (JSC::JIT::compileGetByIdSlowCase):
2211
2212 2008-12-08  Gavin Barraclough  <barraclough@apple.com>
2213
2214         Reviewed by Geoff Garen.
2215
2216         Expand MacroAssembler to support more operations, required by the JIT.
2217
2218         Generally adds more operations and permutations of operands to the existing
2219         interface.  Rename 'jset' to 'jnz' and 'jnset' to 'jz', which seem clearer,
2220         and require that immediate pointer operands (though not pointer addresses to
2221         load and store instructions) are wrapped in a ImmPtr() type, akin to Imm32().
2222
2223         No performance impact.
2224
2225         * assembler/MacroAssembler.h:
2226         (JSC::MacroAssembler::):
2227         (JSC::MacroAssembler::ImmPtr::ImmPtr):
2228         (JSC::MacroAssembler::add32):
2229         (JSC::MacroAssembler::and32):
2230         (JSC::MacroAssembler::or32):
2231         (JSC::MacroAssembler::sub32):
2232         (JSC::MacroAssembler::xor32):
2233         (JSC::MacroAssembler::loadPtr):
2234         (JSC::MacroAssembler::load32):
2235         (JSC::MacroAssembler::storePtr):
2236         (JSC::MacroAssembler::store32):
2237         (JSC::MacroAssembler::poke):
2238         (JSC::MacroAssembler::move):
2239         (JSC::MacroAssembler::testImm32):
2240         (JSC::MacroAssembler::jae32):
2241         (JSC::MacroAssembler::jb32):
2242         (JSC::MacroAssembler::jePtr):
2243         (JSC::MacroAssembler::je32):
2244         (JSC::MacroAssembler::jnePtr):
2245         (JSC::MacroAssembler::jne32):
2246         (JSC::MacroAssembler::jnzPtr):
2247         (JSC::MacroAssembler::jnz32):
2248         (JSC::MacroAssembler::jzPtr):
2249         (JSC::MacroAssembler::jz32):
2250         (JSC::MacroAssembler::joSub32):
2251         (JSC::MacroAssembler::jump):
2252         (JSC::MacroAssembler::sete32):
2253         (JSC::MacroAssembler::setne32):
2254         (JSC::MacroAssembler::setnz32):
2255         (JSC::MacroAssembler::setz32):
2256         * assembler/X86Assembler.h:
2257         (JSC::X86Assembler::addl_mr):
2258         (JSC::X86Assembler::andl_i8r):
2259         (JSC::X86Assembler::cmpl_rm):
2260         (JSC::X86Assembler::cmpl_mr):
2261         (JSC::X86Assembler::cmpl_i8m):
2262         (JSC::X86Assembler::subl_mr):
2263         (JSC::X86Assembler::testl_i32m):
2264         (JSC::X86Assembler::xorl_i32r):
2265         (JSC::X86Assembler::movl_rm):
2266         (JSC::X86Assembler::modRm_opmsib):
2267         * jit/JIT.cpp:
2268         (JSC::JIT::privateCompileMainPass):
2269         * jit/JITInlineMethods.h:
2270         (JSC::JIT::emitGetVirtualRegister):
2271         (JSC::JIT::emitPutCTIArgConstant):
2272         (JSC::JIT::emitPutCTIParam):
2273         (JSC::JIT::emitPutImmediateToCallFrameHeader):
2274         (JSC::JIT::emitInitRegister):
2275         (JSC::JIT::checkStructure):
2276         (JSC::JIT::emitJumpIfJSCell):
2277         (JSC::JIT::emitJumpIfNotJSCell):
2278         (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
2279
2280 2008-12-08  Geoffrey Garen  <ggaren@apple.com>
2281
2282         Reviewed by Sam Weinig.
2283         
2284         Fixed a bug where WREC would allow a quantifier whose minimum was
2285         greater than its maximum.
2286         
2287         * wrec/Quantifier.h:
2288         (JSC::WREC::Quantifier::Quantifier): ASSERT that the quantifier is not
2289         backwards.
2290         
2291         * wrec/WRECParser.cpp:
2292         (JSC::WREC::Parser::consumeGreedyQuantifier): Verify that the minimum
2293         is not greater than the maximum.
2294
2295 2008-12-08  Eric Seidel  <eric@webkit.org>
2296         
2297         Build fix only, no review.
2298
2299         * JavaScriptCore.scons: add bytecode/JumpTable.cpp
2300
2301 2008-12-08  Sam Weinig  <sam@webkit.org>
2302
2303         Reviewed by Geoffrey Garen.
2304
2305         Patch for https://bugs.webkit.org/show_bug.cgi?id=22716
2306         <rdar://problem/6428315>
2307         Add RareData structure to CodeBlock for infrequently used auxiliary data
2308         members.
2309
2310         Reduces memory on Membuster-head by ~.5MB 
2311
2312         * bytecode/CodeBlock.cpp:
2313         (JSC::CodeBlock::dump):
2314         (JSC::CodeBlock::dumpStatistics):
2315         (JSC::CodeBlock::mark):
2316         (JSC::CodeBlock::getHandlerForVPC):
2317         (JSC::CodeBlock::nativeExceptionCodeForHandlerVPC):
2318         (JSC::CodeBlock::shrinkToFit):
2319         * bytecode/CodeBlock.h:
2320         (JSC::CodeBlock::numberOfExceptionHandlers):
2321         (JSC::CodeBlock::addExceptionHandler):
2322         (JSC::CodeBlock::exceptionHandler):
2323         (JSC::CodeBlock::addFunction):
2324         (JSC::CodeBlock::function):
2325         (JSC::CodeBlock::addUnexpectedConstant):
2326         (JSC::CodeBlock::unexpectedConstant):
2327         (JSC::CodeBlock::addRegExp):
2328         (JSC::CodeBlock::regexp):
2329         (JSC::CodeBlock::numberOfImmediateSwitchJumpTables):
2330         (JSC::CodeBlock::addImmediateSwitchJumpTable):
2331         (JSC::CodeBlock::immediateSwitchJumpTable):
2332         (JSC::CodeBlock::numberOfCharacterSwitchJumpTables):
2333         (JSC::CodeBlock::addCharacterSwitchJumpTable):
2334         (JSC::CodeBlock::characterSwitchJumpTable):
2335         (JSC::CodeBlock::numberOfStringSwitchJumpTables):
2336         (JSC::CodeBlock::addStringSwitchJumpTable):
2337         (JSC::CodeBlock::stringSwitchJumpTable):
2338         (JSC::CodeBlock::evalCodeCache):
2339         (JSC::CodeBlock::createRareDataIfNecessary):
2340
2341 2008-11-26  Peter Kasting  <pkasting@google.com>
2342
2343         Reviewed by Anders Carlsson.
2344
2345         https://bugs.webkit.org/show_bug.cgi?id=16814
2346         Allow ports to disable ActiveX->NPAPI conversion for Media Player.
2347         Improve handling of miscellaneous ActiveX objects.
2348
2349         * wtf/Platform.h: Add another ENABLE(...).
2350
2351 2008-12-08  Sam Weinig  <sam@webkit.org>
2352
2353         Reviewed by Mark Rowe.
2354
2355         Add dumping of CodeBlock member structure usage.
2356
2357         * bytecode/CodeBlock.cpp:
2358         (JSC::CodeBlock::dumpStatistics):
2359         * bytecode/EvalCodeCache.h:
2360         (JSC::EvalCodeCache::isEmpty):
2361
2362 2008-12-08  David Kilzer  <ddkilzer@apple.com>
2363
2364         Bug 22555: Sort "children" sections in Xcode project files
2365
2366         <https://bugs.webkit.org/show_bug.cgi?id=22555>
2367
2368         Reviewed by Eric Seidel.
2369
2370         * JavaScriptCore.xcodeproj/project.pbxproj: Sorted.
2371
2372 2008-12-08  Tony Chang  <tony@chromium.org>
2373
2374         Reviewed by Eric Seidel.
2375
2376         Enable Pan scrolling only when building on PLATFORM(WIN_OS)
2377         Previously platforms like Apple Windows WebKit, Cairo Windows WebKit,
2378         Wx and Chromium were enabling it explicitly, now we just turn it on
2379         for all WIN_OS, later platforms can turn it off as needed on Windows
2380         (or turn it on under Linux, etc.)
2381         https://bugs.webkit.org/show_bug.cgi?id=22698
2382
2383         * wtf/Platform.h:
2384
2385 2008-12-08  Sam Weinig  <sam@webkit.org>
2386
2387         Reviewed by Cameron Zwarich.
2388
2389         Add basic memory statistics dumping for CodeBlock.
2390
2391         * bytecode/CodeBlock.cpp:
2392         (JSC::CodeBlock::dumpStatistics):
2393         (JSC::CodeBlock::CodeBlock):
2394         (JSC::CodeBlock::~CodeBlock):
2395         * bytecode/CodeBlock.h:
2396
2397 2008-12-08  Simon Hausmann  <simon.hausmann@nokia.com>
2398
2399         Fix the Linux build with newer gcc/glibc.
2400
2401         * jit/ExecutableAllocatorPosix.cpp: Include unistd.h for
2402         getpagesize(), according to
2403         http://opengroup.org/onlinepubs/007908775/xsh/getpagesize.html
2404
2405 2008-12-08  Simon Hausmann  <simon.hausmann@nokia.com>
2406
2407         Fix the build with Qt on Windows.
2408
2409         * JavaScriptCore.pri: Compile ExecutableAllocatorWin.cpp on Windows.
2410
2411 2008-12-07  Oliver Hunt  <oliver@apple.com>
2412
2413         Reviewed by NOBODY (Buildfix).
2414
2415         Fix non-WREC builds
2416
2417         * runtime/RegExp.cpp:
2418         (JSC::RegExp::RegExp):
2419
2420 2008-12-07  Oliver Hunt  <oliver@apple.com>
2421
2422         Reviewed by NOBODY (Build fix).
2423
2424         Put ENABLE(ASSEMBLER) guards around use of ExecutableAllocator in global data
2425
2426         Correct Qt and Gtk project files
2427
2428         * GNUmakefile.am:
2429         * JavaScriptCore.pri:
2430         * runtime/JSGlobalData.h:
2431
2432 2008-12-07  Oliver Hunt  <oliver@apple.com>
2433
2434         Reviewed by NOBODY (Build fix).
2435
2436         Add new files to other projects.
2437
2438         * GNUmakefile.am:
2439         * JavaScriptCore.pri:
2440         * JavaScriptCore.pro:
2441
2442 2008-12-07  Oliver Hunt  <oliver@apple.com>
2443
2444         Rubber stamped by Mark Rowe.
2445
2446         Rename ExecutableAllocatorMMAP to the more sensible ExecutableAllocatorPosix
2447
2448         * JavaScriptCore.xcodeproj/project.pbxproj:
2449         * jit/ExecutableAllocator.h:
2450         * jit/ExecutableAllocatorPosix.cpp: Renamed from JavaScriptCore/jit/ExecutableAllocatorMMAP.cpp.
2451         (JSC::ExecutableAllocator::intializePageSize):
2452         (JSC::ExecutablePool::systemAlloc):
2453         (JSC::ExecutablePool::systemRelease):
2454
2455 2008-12-07  Oliver Hunt  <oliver@apple.com>
2456
2457         Reviewed by Cameron Zwarich and Sam Weinig
2458
2459         <rdar://problem/6309878> Need more granular control over allocation of executable memory (21783)
2460         <https://bugs.webkit.org/show_bug.cgi?id=21783>
2461
2462         Add a new allocator for use by the JIT that provides executable pages, so
2463         we can get rid of the current hack that makes the entire heap executable.
2464
2465         1-2% progression on SunSpider-v8, 1% on SunSpider.  Reduces memory usage as well!
2466
2467         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2468         * JavaScriptCore.vcproj/jsc/jsc.vcproj:
2469         * JavaScriptCore.xcodeproj/project.pbxproj:
2470         * assembler/AssemblerBuffer.h:
2471         (JSC::AssemblerBuffer::size):
2472         (JSC::AssemblerBuffer::executableCopy):
2473         * assembler/MacroAssembler.h:
2474         (JSC::MacroAssembler::size):
2475         (JSC::MacroAssembler::copyCode):
2476         * assembler/X86Assembler.h:
2477         (JSC::X86Assembler::size):
2478         (JSC::X86Assembler::executableCopy):
2479         * bytecode/CodeBlock.cpp:
2480         (JSC::CodeBlock::~CodeBlock):
2481         * bytecode/CodeBlock.h:
2482         (JSC::CodeBlock::executablePool):
2483         (JSC::CodeBlock::setExecutablePool):
2484         * bytecode/Instruction.h:
2485         (JSC::PolymorphicAccessStructureList::derefStructures):
2486         * interpreter/Interpreter.cpp:
2487         (JSC::Interpreter::~Interpreter):
2488         * interpreter/Interpreter.h:
2489         * jit/ExecutableAllocator.cpp: Added.
2490         * jit/ExecutableAllocator.h: Added.
2491         (JSC::ExecutablePool::create):
2492         (JSC::ExecutablePool::alloc):
2493         (JSC::ExecutablePool::~ExecutablePool):
2494         (JSC::ExecutablePool::available):
2495         (JSC::ExecutablePool::ExecutablePool):
2496         (JSC::ExecutablePool::poolAllocate):
2497         (JSC::ExecutableAllocator::ExecutableAllocator):
2498         (JSC::ExecutableAllocator::poolForSize):
2499         (JSC::ExecutablePool::sizeForAllocation):
2500         * jit/ExecutableAllocatorMMAP.cpp: Added.
2501         (JSC::ExecutableAllocator::intializePageSize):
2502         (JSC::ExecutablePool::systemAlloc):
2503         (JSC::ExecutablePool::systemRelease):
2504         * jit/ExecutableAllocatorWin.cpp: Added.
2505         (JSC::ExecutableAllocator::intializePageSize):
2506         (JSC::ExecutablePool::systemAlloc):
2507         (JSC::ExecutablePool::systemRelease):
2508         * jit/JIT.cpp:
2509         (JSC::JIT::privateCompile):
2510         (JSC::JIT::privateCompileCTIMachineTrampolines):
2511         * jit/JIT.h:
2512         (JSC::JIT::compileCTIMachineTrampolines):
2513         * jit/JITPropertyAccess.cpp:
2514         (JSC::JIT::privateCompilePutByIdTransition):
2515         (JSC::JIT::privateCompilePatchGetArrayLength):
2516         (JSC::JIT::privateCompileGetByIdSelf):
2517         (JSC::JIT::privateCompileGetByIdProto):
2518         (JSC::JIT::privateCompileGetByIdSelfList):
2519         (JSC::JIT::privateCompileGetByIdProtoList):
2520         (JSC::JIT::privateCompileGetByIdChainList):
2521         (JSC::JIT::privateCompileGetByIdChain):
2522         (JSC::JIT::privateCompilePutByIdReplace):
2523         * parser/Nodes.cpp:
2524         (JSC::RegExpNode::emitBytecode):
2525         * runtime/JSGlobalData.h:
2526         (JSC::JSGlobalData::poolForSize):
2527         * runtime/RegExp.cpp:
2528         (JSC::RegExp::RegExp):
2529         (JSC::RegExp::create):
2530         (JSC::RegExp::~RegExp):
2531         * runtime/RegExp.h:
2532         * runtime/RegExpConstructor.cpp:
2533         (JSC::constructRegExp):
2534         * runtime/RegExpPrototype.cpp:
2535         (JSC::regExpProtoFuncCompile):
2536         * runtime/StringPrototype.cpp:
2537         (JSC::stringProtoFuncMatch):
2538         (JSC::stringProtoFuncSearch):
2539         * wrec/WREC.cpp:
2540         (JSC::WREC::Generator::compileRegExp):
2541         * wrec/WRECGenerator.h:
2542         * wtf/FastMalloc.cpp:
2543         * wtf/FastMalloc.h:
2544         * wtf/TCSystemAlloc.cpp:
2545         (TryMmap):
2546         (TryVirtualAlloc):
2547         (TryDevMem):
2548         (TCMalloc_SystemRelease):
2549
2550 2008-12-06  Sam Weinig  <sam@webkit.org>
2551
2552         Fix the Gtk build.
2553
2554         * jit/JITPropertyAccess.cpp:
2555         (JSC::JIT::compileGetByIdHotPath):
2556         (JSC::JIT::compilePutByIdHotPath):
2557
2558 2008-12-06  Sam Weinig  <sam@webkit.org>
2559
2560         Reviewed by Cameron Zwarich,
2561
2562         Move CodeBlock constructor into the .cpp file.
2563
2564         Sunspider reports a .7% progression, but I can only assume this
2565         is noise.
2566
2567         * bytecode/CodeBlock.cpp:
2568         (JSC::CodeBlock::CodeBlock):
2569         * bytecode/CodeBlock.h:
2570
2571 2008-12-06  Sam Weinig  <sam@webkit.org>
2572
2573         Reviewed by Cameron Zwarich.
2574
2575         Split JumpTable code into its own file.
2576
2577         * GNUmakefile.am:
2578         * JavaScriptCore.pri:
2579         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2580         * JavaScriptCore.xcodeproj/project.pbxproj:
2581         * JavaScriptCoreSources.bkl:
2582         * bytecode/CodeBlock.cpp:
2583         * bytecode/CodeBlock.h:
2584         * bytecode/JumpTable.cpp: Copied from bytecode/CodeBlock.cpp.
2585         * bytecode/JumpTable.h: Copied from bytecode/CodeBlock.h.
2586
2587 2008-12-05  Sam Weinig  <sam@webkit.org>
2588
2589         Reviewed by Cameron Zwarich.
2590
2591         Fix for https://bugs.webkit.org/show_bug.cgi?id=22715
2592         Encapsulate more CodeBlock members in preparation
2593         of moving some of them to a rare data structure.
2594
2595         * bytecode/CodeBlock.cpp:
2596         (JSC::locationForOffset):
2597         (JSC::printConditionalJump):
2598         (JSC::printGetByIdOp):
2599         (JSC::printPutByIdOp):
2600         (JSC::CodeBlock::printStructure):
2601         (JSC::CodeBlock::printStructures):
2602         (JSC::CodeBlock::dump):
2603         (JSC::CodeBlock::~CodeBlock):
2604         (JSC::CodeBlock::unlinkCallers):
2605         (JSC::CodeBlock::derefStructures):
2606         (JSC::CodeBlock::refStructures):
2607         (JSC::CodeBlock::mark):
2608         (JSC::CodeBlock::getHandlerForVPC):
2609         (JSC::CodeBlock::nativeExceptionCodeForHandlerVPC):
2610         (JSC::CodeBlock::lineNumberForVPC):
2611         (JSC::CodeBlock::expressionRangeForVPC):
2612         (JSC::CodeBlock::shrinkToFit):
2613         * bytecode/CodeBlock.h:
2614         (JSC::CodeBlock::CodeBlock):
2615         (JSC::CodeBlock::addCaller):
2616         (JSC::CodeBlock::removeCaller):
2617         (JSC::CodeBlock::isKnownNotImmediate):
2618         (JSC::CodeBlock::isConstantRegisterIndex):
2619         (JSC::CodeBlock::getConstant):
2620         (JSC::CodeBlock::isTemporaryRegisterIndex):
2621         (JSC::CodeBlock::getStubInfo):
2622         (JSC::CodeBlock::getCallLinkInfo):
2623         (JSC::CodeBlock::instructions):
2624         (JSC::CodeBlock::setJITCode):
2625         (JSC::CodeBlock::jitCode):
2626         (JSC::CodeBlock::ownerNode):
2627         (JSC::CodeBlock::setGlobalData):
2628         (JSC::CodeBlock::setThisRegister):
2629         (JSC::CodeBlock::thisRegister):
2630         (JSC::CodeBlock::setNeedsFullScopeChain):
2631         (JSC::CodeBlock::needsFullScopeChain):
2632         (JSC::CodeBlock::setUsesEval):
2633         (JSC::CodeBlock::usesEval):
2634         (JSC::CodeBlock::setUsesArguments):
2635         (JSC::CodeBlock::usesArguments):
2636         (JSC::CodeBlock::codeType):
2637         (JSC::CodeBlock::source):
2638         (JSC::CodeBlock::sourceOffset):
2639         (JSC::CodeBlock::addGlobalResolveInstruction):
2640         (JSC::CodeBlock::numberOfPropertyAccessInstructions):
2641         (JSC::CodeBlock::addPropertyAccessInstruction):
2642         (JSC::CodeBlock::propertyAccessInstruction):
2643         (JSC::CodeBlock::numberOfCallLinkInfos):
2644         (JSC::CodeBlock::addCallLinkInfo):
2645         (JSC::CodeBlock::callLinkInfo):
2646         (JSC::CodeBlock::numberOfJumpTargets):
2647         (JSC::CodeBlock::addJumpTarget):
2648         (JSC::CodeBlock::jumpTarget):
2649         (JSC::CodeBlock::lastJumpTarget):
2650         (JSC::CodeBlock::numberOfExceptionHandlers):
2651         (JSC::CodeBlock::addExceptionHandler):
2652         (JSC::CodeBlock::exceptionHandler):
2653         (JSC::CodeBlock::addExpressionInfo):
2654         (JSC::CodeBlock::numberOfLineInfos):
2655         (JSC::CodeBlock::addLineInfo):
2656         (JSC::CodeBlock::lastLineInfo):
2657         (JSC::CodeBlock::jitReturnAddressVPCMap):
2658         (JSC::CodeBlock::numberOfIdentifiers):
2659         (JSC::CodeBlock::addIdentifier):
2660         (JSC::CodeBlock::identifier):
2661         (JSC::CodeBlock::numberOfConstantRegisters):
2662         (JSC::CodeBlock::addConstantRegister):
2663         (JSC::CodeBlock::constantRegister):
2664         (JSC::CodeBlock::addFunction):
2665         (JSC::CodeBlock::function):
2666         (JSC::CodeBlock::addFunctionExpression):
2667         (JSC::CodeBlock::functionExpression):
2668         (JSC::CodeBlock::addUnexpectedConstant):
2669         (JSC::CodeBlock::unexpectedConstant):
2670         (JSC::CodeBlock::addRegExp):
2671         (JSC::CodeBlock::regexp):
2672         (JSC::CodeBlock::symbolTable):
2673         (JSC::CodeBlock::evalCodeCache):
2674         New inline setters/getters.
2675
2676         (JSC::ProgramCodeBlock::ProgramCodeBlock):
2677         (JSC::ProgramCodeBlock::~ProgramCodeBlock):
2678         (JSC::ProgramCodeBlock::clearGlobalObject):
2679         * bytecode/SamplingTool.cpp:
2680         (JSC::ScopeSampleRecord::sample):
2681         (JSC::SamplingTool::dump):
2682         * bytecompiler/BytecodeGenerator.cpp:
2683         * bytecompiler/BytecodeGenerator.h:
2684         * bytecompiler/Label.h:
2685         * interpreter/CallFrame.cpp:
2686         * interpreter/Interpreter.cpp:
2687         * jit/JIT.cpp:
2688         * jit/JITCall.cpp:
2689         * jit/JITInlineMethods.h:
2690         * jit/JITPropertyAccess.cpp:
2691         * parser/Nodes.cpp:
2692         * runtime/Arguments.h:
2693         * runtime/ExceptionHelpers.cpp:
2694         * runtime/JSActivation.cpp:
2695         * runtime/JSActivation.h:
2696         * runtime/JSGlobalObject.cpp:
2697         Change direct access to use new getter/setters.
2698
2699 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2700
2701         Reviewed by Oliver Hunt.
2702
2703         Prevent GCC4.2 from hanging when trying to compile Interpreter.cpp.
2704         Added "-fno-var-tracking" compiler flag.
2705
2706         https://bugs.webkit.org/show_bug.cgi?id=22704
2707
2708         * JavaScriptCore.xcodeproj/project.pbxproj:
2709
2710 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2711
2712         Reviewed by Oliver Hunt.
2713
2714         Ordering of branch operands in MacroAssembler in unnecessarily  inconsistent.
2715
2716         je, jg etc take an immediate operand as the second argument, but for the
2717         equality branches (je, jne) the immediate operand was the first argument.  This
2718         was unnecessarily inconsistent.  Change je, jne methods to take the immediate
2719         as the second argument.
2720
2721         https://bugs.webkit.org/show_bug.cgi?id=22703
2722
2723         * assembler/MacroAssembler.h:
2724         (JSC::MacroAssembler::je32):
2725         (JSC::MacroAssembler::jne32):
2726         * jit/JIT.cpp:
2727         (JSC::JIT::compileOpStrictEq):
2728         * wrec/WRECGenerator.cpp:
2729         (JSC::WREC::Generator::generateEnter):
2730         (JSC::WREC::Generator::generateNonGreedyQuantifier):
2731         (JSC::WREC::Generator::generateGreedyQuantifier):
2732         (JSC::WREC::Generator::generatePatternCharacterPair):
2733         (JSC::WREC::Generator::generatePatternCharacter):
2734         (JSC::WREC::Generator::generateCharacterClassInvertedRange):
2735         (JSC::WREC::Generator::generateCharacterClassInverted):
2736         (JSC::WREC::Generator::generateAssertionBOL):
2737         (JSC::WREC::Generator::generateAssertionWordBoundary):
2738
2739 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2740
2741         Reviewed by Geoff Garen.
2742
2743         Second tranche of porting JIT.cpp to MacroAssembler interface.
2744
2745         * assembler/MacroAssembler.h:
2746         (JSC::MacroAssembler::mul32):
2747         (JSC::MacroAssembler::jl32):
2748         (JSC::MacroAssembler::jnzSub32):
2749         (JSC::MacroAssembler::joAdd32):
2750         (JSC::MacroAssembler::joMul32):
2751         (JSC::MacroAssembler::jzSub32):
2752         * jit/JIT.cpp:
2753         (JSC::JIT::emitSlowScriptCheck):
2754         (JSC::JIT::privateCompileMainPass):
2755         (JSC::JIT::privateCompileSlowCases):
2756         (JSC::JIT::privateCompileCTIMachineTrampolines):
2757         * jit/JIT.h:
2758         * jit/JITInlineMethods.h:
2759         (JSC::JIT::emitJumpIfNotJSCell):
2760         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
2761
2762 2008-12-05  David Kilzer  <ddkilzer@apple.com>
2763
2764         Bug 22609: Provide a build-time choice when generating hash tables for properties of built-in DOM objects
2765
2766         <https://bugs.webkit.org/show_bug.cgi?id=22609>
2767         <rdar://problem/6331749>
2768
2769         Reviewed by Darin Adler.
2770
2771         Initial patch by Yosen Lin.  Adapted for ToT WebKit by David Kilzer.
2772
2773         Added back the code that generates a "compact" hash (instead of a
2774         perfect hash) as a build-time option using the
2775         ENABLE(PERFECT_HASH_SIZE) macro as defined in Lookup.h.
2776
2777         * create_hash_table: Rename variables to differentiate perfect hash
2778         values from compact hash values.  Added back code to compute compact
2779         hash tables.  Generate both hash table sizes and emit
2780         conditionalized code based on ENABLE(PERFECT_HASH_SIZE).
2781         * runtime/Lookup.cpp:
2782         (JSC::HashTable::createTable): Added version of createTable() for
2783         use with compact hash tables.
2784         (JSC::HashTable::deleteTable): Updated to work with compact hash
2785         tables.
2786         * runtime/Lookup.h: Defined ENABLE(PERFECT_HASH_SIZE) macro here.
2787         (JSC::HashEntry::initialize): Set m_next to zero when using compact
2788         hash tables.
2789         (JSC::HashEntry::setNext): Added for compact hash tables.
2790         (JSC::HashEntry::next): Added for compact hash tables.
2791         (JSC::HashTable::entry): Added version of entry() for use with
2792         compact hash tables.
2793         * runtime/Structure.cpp:
2794         (JSC::Structure::getEnumerablePropertyNames): Updated to work with
2795         compact hash tables.
2796
2797 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2798
2799         Reviewed by Geoff Garen.
2800
2801         Remove redundant calls to JIT::emitSlowScriptCheck.
2802         This is checked in the hot path, so is not needed on the slow path - and the code
2803         was being planted before the start of the slow case, so was completely unreachable!
2804
2805         * jit/JIT.cpp:
2806         (JSC::JIT::privateCompileSlowCases):
2807
2808 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2809
2810         Reviewed by Geoff Garen.
2811
2812         Move JIT::compileOpStrictEq to MacroAssembler interface.
2813
2814         The rewrite also looks like a small (<1%) performance progression.
2815
2816         https://bugs.webkit.org/show_bug.cgi?id=22697
2817
2818         * jit/JIT.cpp:
2819         (JSC::JIT::compileOpStrictEq):
2820         (JSC::JIT::privateCompileSlowCases):
2821         * jit/JIT.h:
2822         * jit/JITInlineMethods.h:
2823         (JSC::JIT::emitJumpIfJSCell):
2824         (JSC::JIT::emitJumpSlowCaseIfJSCell):
2825
2826 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2827
2828         Reviewed by Geoff Garen.
2829
2830         Remove m_assembler from MacroAssembler::Jump.
2831         Keeping a pointer allowed for some syntactic sugar - "link()" looks nicer
2832         than "link(this)".  But maintaining this doubles the size of Jump, which
2833         is even more unfortunate for the JIT, since there are many large structures
2834         holding JmpSrcs.  Probably best to remove it.
2835
2836         https://bugs.webkit.org/show_bug.cgi?id=22693
2837
2838         * assembler/MacroAssembler.h:
2839         (JSC::MacroAssembler::Jump::Jump):
2840         (JSC::MacroAssembler::Jump::link):
2841         (JSC::MacroAssembler::Jump::linkTo):
2842         (JSC::MacroAssembler::JumpList::link):
2843         (JSC::MacroAssembler::JumpList::linkTo):
2844         (JSC::MacroAssembler::jae32):
2845         (JSC::MacroAssembler::je32):
2846         (JSC::MacroAssembler::je16):
2847         (JSC::MacroAssembler::jg32):
2848         (JSC::MacroAssembler::jge32):
2849         (JSC::MacroAssembler::jl32):
2850         (JSC::MacroAssembler::jle32):
2851         (JSC::MacroAssembler::jnePtr):
2852         (JSC::MacroAssembler::jne32):
2853         (JSC::MacroAssembler::jnset32):
2854         (JSC::MacroAssembler::jset32):
2855         (JSC::MacroAssembler::jump):
2856         (JSC::MacroAssembler::jzSub32):
2857         (JSC::MacroAssembler::joAdd32):
2858         (JSC::MacroAssembler::call):
2859         * wrec/WREC.cpp:
2860         (JSC::WREC::Generator::compileRegExp):
2861         * wrec/WRECGenerator.cpp:
2862         (JSC::WREC::Generator::generateEnter):
2863         (JSC::WREC::Generator::generateBackreferenceQuantifier):
2864         (JSC::WREC::Generator::generateNonGreedyQuantifier):
2865         (JSC::WREC::Generator::generateGreedyQuantifier):
2866         (JSC::WREC::Generator::generatePatternCharacter):
2867         (JSC::WREC::Generator::generateCharacterClassInvertedRange):
2868         (JSC::WREC::Generator::generateCharacterClassInverted):
2869         (JSC::WREC::Generator::generateCharacterClass):
2870         (JSC::WREC::Generator::generateParenthesesAssertion):
2871         (JSC::WREC::Generator::generateParenthesesInvertedAssertion):
2872         (JSC::WREC::Generator::generateParenthesesNonGreedy):
2873         (JSC::WREC::Generator::generateParenthesesResetTrampoline):
2874         (JSC::WREC::Generator::generateAssertionBOL):
2875         (JSC::WREC::Generator::generateAssertionEOL):
2876         (JSC::WREC::Generator::generateAssertionWordBoundary):
2877         (JSC::WREC::Generator::generateBackreference):
2878         (JSC::WREC::Generator::terminateAlternative):
2879         (JSC::WREC::Generator::terminateDisjunction):
2880         * wrec/WRECParser.h:
2881
2882 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2883
2884         Reviewed by Geoffrey Garen.
2885
2886         Simplify JIT generated checks for timeout code, by moving more work into the C function.
2887         https://bugs.webkit.org/show_bug.cgi?id=22688
2888
2889         * interpreter/Interpreter.cpp:
2890         (JSC::Interpreter::cti_timeout_check):
2891         * interpreter/Interpreter.h:
2892         * jit/JIT.cpp:
2893         (JSC::JIT::emitSlowScriptCheck):
2894
2895 2008-12-05  Sam Weinig  <sam@webkit.org>
2896
2897         Reviewed by Geoffrey Garen.
2898
2899         Encapsulate access to jump tables in the CodeBlock in preparation
2900         of moving them to a rare data structure.
2901
2902         * bytecode/CodeBlock.cpp:
2903         (JSC::CodeBlock::dump):
2904         (JSC::CodeBlock::shrinkToFit):
2905         * bytecode/CodeBlock.h:
2906         (JSC::CodeBlock::numberOfImmediateSwitchJumpTables):
2907         (JSC::CodeBlock::addImmediateSwitchJumpTable):
2908         (JSC::CodeBlock::immediateSwitchJumpTable):
2909         (JSC::CodeBlock::numberOfCharacterSwitchJumpTables):
2910         (JSC::CodeBlock::addCharacterSwitchJumpTable):
2911         (JSC::CodeBlock::characterSwitchJumpTable):
2912         (JSC::CodeBlock::numberOfStringSwitchJumpTables):
2913         (JSC::CodeBlock::addStringSwitchJumpTable):
2914         (JSC::CodeBlock::stringSwitchJumpTable):
2915         * bytecompiler/BytecodeGenerator.cpp:
2916         (JSC::BytecodeGenerator::generate):
2917         (JSC::BytecodeGenerator::endSwitch):
2918         * interpreter/Interpreter.cpp:
2919         (JSC::Interpreter::privateExecute):
2920         (JSC::Interpreter::cti_op_switch_imm):
2921         (JSC::Interpreter::cti_op_switch_char):
2922         (JSC::Interpreter::cti_op_switch_string):
2923         * jit/JIT.cpp:
2924         (JSC::JIT::privateCompileMainPass):
2925
2926 2008-12-05  Adam Roben  <aroben@apple.com>
2927
2928         Windows build fix after r39020
2929
2930         * jit/JITInlineMethods.h:
2931         (JSC::JIT::restoreArgumentReference):
2932         (JSC::JIT::restoreArgumentReferenceForTrampoline):
2933         Add some apparently-missing __.
2934
2935 2008-12-04  Geoffrey Garen  <ggaren@apple.com>
2936
2937         Reviewed by Darin Adler.
2938         
2939         https://bugs.webkit.org/show_bug.cgi?id=22673
2940         
2941         Added support for the assertion (?=) and inverted assertion (?!) atoms
2942         in WREC.
2943
2944         * wrec/WRECGenerator.cpp:
2945         (JSC::WREC::Generator::generateParenthesesAssertion):
2946         (JSC::WREC::Generator::generateParenthesesInvertedAssertion): Split the
2947         old (unused) generateParentheses into these two functions, with more
2948         limited capabilities.
2949         
2950         * wrec/WRECGenerator.h:
2951         (JSC::WREC::Generator::): Moved an enum to the top of the class definition,
2952         to match the WebKit style, and removed a defunct comment.
2953
2954         * wrec/WRECParser.cpp:
2955         (JSC::WREC::Parser::parseParentheses):
2956         (JSC::WREC::Parser::consumeParenthesesType):
2957         * wrec/WRECParser.h:
2958         (JSC::WREC::Parser::): Added support for parsing (?=) and (?!).
2959
2960 2008-12-05  Simon Hausmann  <simon.hausmann@nokia.com>
2961
2962         Rubber-stamped by Tor Arne Vestbø.
2963
2964         Disable the JIT for the Qt build alltogether again, after observing
2965         more miscompilations in a wider range of newer gcc versions.
2966
2967         * JavaScriptCore.pri:
2968
2969 2008-12-05  Simon Hausmann  <simon.hausmann@nokia.com>
2970
2971         Reviewed by Tor Arne Vestbø.
2972
2973         Disable the JIT for the Qt build on Linux unless gcc is >= 4.2,
2974         due to miscompilations.
2975
2976         * JavaScriptCore.pri:
2977
2978 2008-12-04  Gavin Barraclough  <barraclough@apple.com>
2979
2980         Reviewed by Geoff Garen.
2981
2982         Start porting the JIT to use the MacroAssembler.
2983
2984         https://bugs.webkit.org/show_bug.cgi?id=22671
2985         No change in performance.
2986
2987         * assembler/MacroAssembler.h:
2988         (JSC::MacroAssembler::Jump::operator X86Assembler::JmpSrc):
2989         (JSC::MacroAssembler::add32):
2990         (JSC::MacroAssembler::and32):
2991         (JSC::MacroAssembler::lshift32):
2992         (JSC::MacroAssembler::rshift32):
2993         (JSC::MacroAssembler::storePtr):
2994         (JSC::MacroAssembler::store32):
2995         (JSC::MacroAssembler::poke):
2996         (JSC::MacroAssembler::move):
2997         (JSC::MacroAssembler::compareImm32ForBranchEquality):
2998         (JSC::MacroAssembler::jnePtr):
2999         (JSC::MacroAssembler::jnset32):
3000         (JSC::MacroAssembler::jset32):
3001         (JSC::MacroAssembler::jzeroSub32):
3002         (JSC::MacroAssembler::joverAdd32):
3003         (JSC::MacroAssembler::call):
3004         * assembler/X86Assembler.h:
3005         (JSC::X86Assembler::shll_i8r):
3006         * jit/JIT.cpp:
3007         (JSC::JIT::privateCompileMainPass):
3008         (JSC::JIT::privateCompile):
3009         (JSC::JIT::privateCompileCTIMachineTrampolines):
3010         * jit/JIT.h:
3011         * jit/JITArithmetic.cpp:
3012         (JSC::JIT::compileBinaryArithOp):
3013         * jit/JITInlineMethods.h:
3014         (JSC::JIT::emitGetVirtualRegister):
3015         (JSC::JIT::emitPutCTIArg):
3016         (JSC::JIT::emitPutCTIArgConstant):
3017         (JSC::JIT::emitGetCTIArg):
3018         (JSC::JIT::emitPutCTIArgFromVirtualRegister):
3019         (JSC::JIT::emitPutCTIParam):
3020         (JSC::JIT::emitGetCTIParam):
3021         (JSC::JIT::emitPutToCallFrameHeader):
3022         (JSC::JIT::emitPutImmediateToCallFrameHeader):
3023         (JSC::JIT::emitGetFromCallFrameHeader):
3024         (JSC::JIT::emitPutVirtualRegister):
3025         (JSC::JIT::emitInitRegister):
3026         (JSC::JIT::emitNakedCall):
3027         (JSC::JIT::restoreArgumentReference):
3028         (JSC::JIT::restoreArgumentReferenceForTrampoline):
3029         (JSC::JIT::emitCTICall):
3030         (JSC::JIT::checkStructure):
3031         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
3032         (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
3033         (JSC::JIT::emitJumpSlowCaseIfNotImmNums):
3034         (JSC::JIT::emitFastArithDeTagImmediate):
3035         (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
3036         (JSC::JIT::emitFastArithReTagImmediate):
3037         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
3038         (JSC::JIT::emitFastArithImmToInt):
3039         (JSC::JIT::emitFastArithIntToImmOrSlowCase):
3040         (JSC::JIT::emitFastArithIntToImmNoCheck):
3041         (JSC::JIT::emitTagAsBoolImmediate):
3042         * jit/JITPropertyAccess.cpp:
3043         (JSC::JIT::privateCompilePutByIdTransition):
3044
3045 2008-12-04  Geoffrey Garen  <ggaren@apple.com>
3046
3047         Reviewed by Oliver Hunt.
3048         
3049         Some refactoring for generateGreedyQuantifier.
3050         
3051         SunSpider reports no change (possibly a 0.3% speedup).
3052
3053         * wrec/WRECGenerator.cpp:
3054         (JSC::WREC::Generator::generateGreedyQuantifier): Clarified label
3055         meanings and unified some logic to simplify things.
3056
3057         * wrec/WRECParser.h:
3058         (JSC::WREC::Parser::parseAlternative): Added a version of parseAlternative
3059         that can jump to a Label, instead of a JumpList, upon failure. (Eventually,
3060         when we have a true Label class, this will be redundant.) This makes
3061         things easier for generateGreedyQuantifier, because it can avoid
3062         explicitly linking things.
3063
3064 2008-12-04  Simon Hausmann  <simon.hausmann@nokia.com>
3065
3066         Reviewed by Holger Freyther.
3067
3068         Fix crashes in the Qt build on Linux/i386 with non-executable memory
3069         by enabling TCSystemAlloc and the PROT_EXEC flag for mmap.
3070
3071         * JavaScriptCore.pri: Enable the use of TCSystemAlloc if the JIT is
3072         enabled.
3073         * wtf/TCSystemAlloc.cpp: Extend the PROT_EXEC permissions to
3074         PLATFORM(QT).
3075
3076 2008-12-04  Simon Hausmann  <simon.hausmann@nokia.com>
3077
3078         Reviewed by Tor Arne Vestbø.
3079
3080         Enable ENABLE_JIT_OPTIMIZE_CALL, ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS
3081         and ENABLE_JIT_OPTIMIZE_ARITHMETIC, as suggested by Niko.
3082
3083         * JavaScriptCore.pri: 
3084
3085 2008-12-04  Kent Hansen  <khansen@trolltech.com>
3086
3087         Reviewed by Simon Hausmann.
3088
3089         Enable the JSC jit for the Qt build by default for release builds on
3090         linux-g++ and win32-msvc.
3091
3092         * JavaScriptCore.pri:
3093
3094 2008-12-04  Gavin Barraclough  <barraclough@apple.com>
3095
3096         Reviewed by Oliver Hunt.
3097
3098         Allow JIT to function without property access repatching and arithmetic optimizations.
3099         Controlled by ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS and ENABLE_JIT_OPTIMIZE_ARITHMETIC switches.
3100
3101         https://bugs.webkit.org/show_bug.cgi?id=22643
3102
3103         * JavaScriptCore.xcodeproj/project.pbxproj:
3104         * jit/JIT.cpp:
3105         (JSC::JIT::privateCompileMainPass):
3106         (JSC::JIT::privateCompileSlowCases):
3107         * jit/JIT.h:
3108         * jit/JITArithmetic.cpp: Copied from jit/JIT.cpp.
3109         (JSC::JIT::compileBinaryArithOp):
3110         (JSC::JIT::compileBinaryArithOpSlowCase):
3111         * jit/JITPropertyAccess.cpp: Copied from jit/JIT.cpp.
3112         (JSC::JIT::compileGetByIdHotPath):
3113         (JSC::JIT::compileGetByIdSlowCase):
3114         (JSC::JIT::compilePutByIdHotPath):
3115         (JSC::JIT::compilePutByIdSlowCase):
3116         (JSC::resizePropertyStorage):
3117         (JSC::transitionWillNeedStorageRealloc):
3118         (JSC::JIT::privateCompilePutByIdTransition):
3119         (JSC::JIT::patchGetByIdSelf):
3120         (JSC::JIT::patchPutByIdReplace):
3121         (JSC::JIT::privateCompilePatchGetArrayLength):
3122         * wtf/Platform.h:
3123
3124 2008-12-03  Geoffrey Garen  <ggaren@apple.com>
3125
3126         Reviewed by Oliver Hunt.
3127         
3128         Optimized sequences of characters in regular expressions by comparing
3129         two characters at a time.
3130         
3131         1-2% speedup on SunSpider, 19-25% speedup on regexp-dna.
3132
3133         * assembler/MacroAssembler.h:
3134         (JSC::MacroAssembler::load32):
3135         (JSC::MacroAssembler::jge32): Filled out a few more macro methods.
3136
3137         * assembler/X86Assembler.h:
3138         (JSC::X86Assembler::movl_mr): Added a verion of movl_mr that operates
3139         without an offset, to allow the macro assembler to optmize for that case.
3140         
3141         * wrec/WREC.cpp:
3142         (JSC::WREC::Generator::compileRegExp): Test the saved value of index
3143         instead of the index register when checking for "end of input." The
3144         index register doesn't increment by 1 in an orderly fashion, so testing
3145         it for == "end of input" is not valid.
3146         
3147         Also, jump all the way to "return failure" upon reaching "end of input,"
3148         instead of executing the next alternative. This is more logical, and
3149         it's a slight optimization in the case of an expression with many alternatives.
3150
3151         * wrec/WRECGenerator.cpp:
3152         (JSC::WREC::Generator::generateIncrementIndex): Added support for
3153         jumping to a failure label in the case where the index has reached "end
3154         of input."
3155
3156         (JSC::WREC::Generator::generatePatternCharacterSequence):
3157         (JSC::WREC::Generator::generatePatternCharacterPair): This is the
3158         optmization. It's basically like generatePatternCharacter, but it runs two
3159         characters at a time.
3160         
3161         (JSC::WREC::Generator::generatePatternCharacter): Changed to use isASCII,
3162         since it's clearer than comparing to a magic hex value.
3163         
3164         * wrec/WRECGenerator.h:
3165
3166 2008-12-03  Gavin Barraclough  <barraclough@apple.com>
3167
3168         Reviewed by Cameron Zwarich.
3169
3170         Allow JIT to operate without the call-repatching optimization.
3171         Controlled by ENABLE(JIT_OPTIMIZE_CALL), defaults on, disabling
3172         this leads to significant performance regression.
3173
3174         https://bugs.webkit.org/show_bug.cgi?id=22639
3175
3176         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3177         * JavaScriptCore.xcodeproj/project.pbxproj:
3178         * jit/JIT.cpp:
3179         (JSC::JIT::privateCompileSlowCases):
3180         * jit/JIT.h:
3181         * jit/JITCall.cpp: Copied from jit/JIT.cpp.
3182         (JSC::JIT::compileOpCallInitializeCallFrame):
3183         (JSC::JIT::compileOpCallSetupArgs):
3184         (JSC::JIT::compileOpCallEvalSetupArgs):
3185         (JSC::JIT::compileOpConstructSetupArgs):
3186         (JSC::JIT::compileOpCall):
3187         (JSC::JIT::compileOpCallSlowCase):
3188         (JSC::unreachable):
3189         * jit/JITInlineMethods.h: Copied from jit/JIT.cpp.
3190         (JSC::JIT::checkStructure):
3191         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
3192         (JSC::JIT::emitTagAsBoolImmediate):
3193         * wtf/Platform.h:
3194
3195 2008-12-03  Eric Seidel  <eric@webkit.org>
3196
3197         Rubber-stamped by David Hyatt.
3198
3199         Make HAVE_ACCESSIBILITY only define if !defined
3200
3201         * wtf/Platform.h:
3202
3203 2008-12-03  Sam Weinig  <sam@webkit.org>
3204
3205         Fix build.
3206
3207         * assembler/X86Assembler.h:
3208         (JSC::X86Assembler::orl_i32r):
3209
3210 2008-12-03  Sam Weinig  <sam@webkit.org>
3211
3212         Reviewed by Geoffrey Garen.
3213
3214         Remove shared AssemblerBuffer 1MB buffer and instead give AssemblerBuffer
3215         an 256 byte inline capacity.
3216
3217         1% progression on Sunspider.
3218
3219         * assembler/AssemblerBuffer.h:
3220         (JSC::AssemblerBuffer::AssemblerBuffer):
3221         (JSC::AssemblerBuffer::~AssemblerBuffer):
3222         (JSC::AssemblerBuffer::grow):
3223         * assembler/MacroAssembler.h:
3224         (JSC::MacroAssembler::MacroAssembler):
3225         * assembler/X86Assembler.h:
3226         (JSC::X86Assembler::X86Assembler):
3227         * interpreter/Interpreter.cpp:
3228         (JSC::Interpreter::Interpreter):
3229         * interpreter/Interpreter.h:
3230         * jit/JIT.cpp:
3231         (JSC::JIT::JIT):
3232         * parser/Nodes.cpp:
3233         (JSC::RegExpNode::emitBytecode):
3234         * runtime/RegExp.cpp:
3235         (JSC::RegExp::RegExp):
3236         (JSC::RegExp::create):
3237         * runtime/RegExp.h:
3238         * runtime/RegExpConstructor.cpp:
3239         (JSC::constructRegExp):
3240         * runtime/RegExpPrototype.cpp:
3241         (JSC::regExpProtoFuncCompile):
3242         * runtime/StringPrototype.cpp:
3243         (JSC::stringProtoFuncMatch):
3244         (JSC::stringProtoFuncSearch):
3245         * wrec/WREC.cpp:
3246         (JSC::WREC::Generator::compileRegExp):
3247         * wrec/WRECGenerator.h:
3248         (JSC::WREC::Generator::Generator):
3249         * wrec/WRECParser.h:
3250         (JSC::WREC::Parser::Parser):
3251
3252 2008-12-03  Geoffrey Garen  <ggaren@apple.com>
3253
3254         Reviewed by Oliver Hunt, with help from Gavin Barraclough.
3255         
3256         orl_i32r was actually coded as an 8bit OR. So, I renamed orl_i32r to
3257         orl_i8r, changed all orl_i32r clients to use orl_i8r, and then added
3258         a new orl_i32r that actually does a 32bit OR.
3259         
3260         (32bit OR is currently unused, but a patch I'm working on uses it.)
3261
3262         * assembler/MacroAssembler.h:
3263         (JSC::MacroAssembler::or32): Updated to choose between 8bit and 32bit OR.
3264
3265         * assembler/X86Assembler.h:
3266         (JSC::X86Assembler::orl_i8r): The old orl_i32r.
3267         (JSC::X86Assembler::orl_i32r): The new orl_i32r.
3268         
3269         * jit/JIT.cpp:
3270         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
3271         (JSC::JIT::emitTagAsBoolImmediate): Use orl_i8r, since we're ORing 8bit
3272         values.
3273
3274 2008-12-03  Dean Jackson  <dino@apple.com>
3275
3276         Reviewed by Dan Bernstein.
3277
3278         Helper functions for turn -> degrees.
3279         https://bugs.webkit.org/show_bug.cgi?id=22497
3280
3281         * wtf/MathExtras.h:
3282         (turn2deg):
3283         (deg2turn):
3284
3285 2008-12-02  Cameron Zwarich  <zwarich@apple.com>
3286
3287         Reviewed by Geoff Garen.
3288
3289         Bug 22504: Crashes during code generation occur due to refing of ignoredResult()
3290         <https://bugs.webkit.org/show_bug.cgi?id=22504>
3291
3292         Since ignoredResult() was implemented by casting 1 to a RegisterID*, any
3293         attempt to ref ignoredResult() results in a crash. This will occur in
3294         code generation of a function body where a node emits another node with
3295         the dst that was passed to it, and then refs the returned RegisterID*.
3296
3297         To fix this problem, make ignoredResult() a member function of
3298         BytecodeGenerator that simply returns a pointe to a fixed RegisterID
3299         member of BytecodeGenerator.
3300
3301         * bytecompiler/BytecodeGenerator.h:
3302         (JSC::BytecodeGenerator::ignoredResult):
3303         * bytecompiler/RegisterID.h:
3304         * parser/Nodes.cpp:
3305         (JSC::NullNode::emitBytecode):
3306         (JSC::BooleanNode::emitBytecode):
3307         (JSC::NumberNode::emitBytecode):
3308         (JSC::StringNode::emitBytecode):
3309         (JSC::RegExpNode::emitBytecode):
3310         (JSC::ThisNode::emitBytecode):
3311         (JSC::ResolveNode::emitBytecode):
3312         (JSC::ObjectLiteralNode::emitBytecode):
3313         (JSC::PostfixResolveNode::emitBytecode):
3314         (JSC::PostfixBracketNode::emitBytecode):
3315         (JSC::PostfixDotNode::emitBytecode):
3316         (JSC::DeleteValueNode::emitBytecode):
3317         (JSC::VoidNode::emitBytecode):
3318         (JSC::TypeOfResolveNode::emitBytecode):
3319         (JSC::TypeOfValueNode::emitBytecode):
3320         (JSC::PrefixResolveNode::emitBytecode):
3321         (JSC::AssignResolveNode::emitBytecode):
3322         (JSC::CommaNode::emitBytecode):
3323         (JSC::ForNode::emitBytecode):
3324         (JSC::ForInNode::emitBytecode):
3325         (JSC::ReturnNode::emitBytecode):
3326         (JSC::ThrowNode::emitBytecode):
3327         (JSC::FunctionBodyNode::emitBytecode):
3328         (JSC::FuncDeclNode::emitBytecode):
3329
3330 2008-12-02  Geoffrey Garen  <ggaren@apple.com>
3331
3332         Reviewed by Cameron Zwarich.
3333         
3334         Fixed https://bugs.webkit.org/show_bug.cgi?id=22537
3335         REGRESSION (r38745): Assertion failure in jsSubstring() at ge.com
3336
3337         The bug was that index would become greater than length, so our
3338         "end of input" checks, which all check "index == length", would fail.
3339         
3340         The solution is to check for end of input before incrementing index,
3341         to ensure that index is always <= length.
3342         
3343         As a side benefit, generateJumpIfEndOfInput can now use je instead of
3344         jg, which should be slightly faster.
3345
3346         * wrec/WREC.cpp:
3347         (JSC::WREC::Generator::compileRegExp):
3348         * wrec/WRECGenerator.cpp:
3349         (JSC::WREC::Generator::generateJumpIfEndOfInput):
3350
3351 2008-12-02  Gavin Barraclough  <barraclough@apple.com>
3352
3353         Reviewed by Geoffrey Garen.
3354
3355         Plant shift right immediate instructions, which are awesome.
3356         https://bugs.webkit.org/show_bug.cgi?id=22610
3357         ~5% on the v8-crypto test.
3358
3359         * jit/JIT.cpp:
3360         (JSC::JIT::privateCompileMainPass):
3361         (JSC::JIT::privateCompileSlowCases):
3362
3363 2008-12-02  Geoffrey Garen  <ggaren@apple.com>
3364
3365         Reviewed by Sam Weinig.
3366         
3367         Cleaned up SegmentedVector by abstracting segment access into helper
3368         functions.
3369         
3370         SunSpider reports no change.
3371
3372         * bytecompiler/SegmentedVector.h:
3373         (JSC::SegmentedVector::SegmentedVector):
3374         (JSC::SegmentedVector::~SegmentedVector):
3375         (JSC::SegmentedVector::size):
3376         (JSC::SegmentedVector::at):
3377         (JSC::SegmentedVector::operator[]):
3378         (JSC::SegmentedVector::last):
3379         (JSC::SegmentedVector::append):
3380         (JSC::SegmentedVector::removeLast):
3381         (JSC::SegmentedVector::grow):
3382         (JSC::SegmentedVector::clear):
3383         (JSC::SegmentedVector::deleteAllSegments):
3384         (JSC::SegmentedVector::segmentFor):
3385         (JSC::SegmentedVector::subscriptFor):
3386         (JSC::SegmentedVector::ensureSegmentsFor):
3387         (JSC::SegmentedVector::ensureSegment):
3388
3389 2008-12-02  Geoffrey Garen  <ggaren@apple.com>
3390
3391         Reviewed by Geoffrey Garen. (Patch by Cameron Zwarich <zwarich@apple.com>.)
3392         
3393         Fixed https://bugs.webkit.org/show_bug.cgi?id=22482
3394         REGRESSION (r37991): Occasionally see "Scene rendered incorrectly"
3395         message when running the V8 Raytrace benchmark
3396         
3397         Rolled out r37991. It didn't properly save xmm0, which is caller-save,
3398         before calling helper functions.
3399         
3400         SunSpider and v8 benchmarks show little change -- possibly a .2%
3401         SunSpider regression, possibly a .2% v8 benchmark speedup.
3402
3403         * assembler/X86Assembler.h:
3404         (JSC::X86Assembler::):
3405         * bytecode/CodeBlock.cpp:
3406         (JSC::CodeBlock::dump):
3407         * bytecode/Instruction.h:
3408         (JSC::Instruction::):
3409         * bytecompiler/BytecodeGenerator.cpp:
3410         (JSC::BytecodeGenerator::emitUnaryOp):
3411         * bytecompiler/BytecodeGenerator.h:
3412         (JSC::BytecodeGenerator::emitToJSNumber):
3413         (JSC::BytecodeGenerator::emitTypeOf):
3414         (JSC::BytecodeGenerator::emitGetPropertyNames):
3415         * interpreter/Interpreter.cpp:
3416         (JSC::Interpreter::privateExecute):
3417         * interpreter/Interpreter.h:
3418         * jit/JIT.cpp:
3419         (JSC::JIT::privateCompileMainPass):
3420         (JSC::JIT::privateCompileSlowCases):
3421         * jit/JIT.h:
3422         * parser/Nodes.cpp:
3423         (JSC::UnaryOpNode::emitBytecode):
3424         (JSC::BinaryOpNode::emitBytecode):
3425         (JSC::EqualNode::emitBytecode):
3426         * parser/ResultType.h:
3427         (JSC::ResultType::isReusable):
3428         (JSC::ResultType::mightBeNumber):
3429         * runtime/JSNumberCell.h:
3430
3431 2008-12-01  Gavin Barraclough  <barraclough@apple.com>
3432
3433         Reviewed by Geoffrey Garen.
3434
3435         Remove unused (sampling only, and derivable) argument to JIT::emitCTICall.
3436         https://bugs.webkit.org/show_bug.cgi?id=22587
3437
3438         * jit/JIT.cpp:
3439         (JSC::JIT::emitCTICall):
3440         (JSC::JIT::compileOpCall):
3441         (JSC::JIT::emitSlowScriptCheck):
3442         (JSC::JIT::compileBinaryArithOpSlowCase):
3443         (JSC::JIT::privateCompileMainPass):
3444         (JSC::JIT::privateCompileSlowCases):
3445         (JSC::JIT::privateCompile):
3446         * jit/JIT.h:
3447
3448 2008-12-02  Dimitri Glazkov  <dglazkov@chromium.org>
3449
3450         Reviewed by Eric Seidel.
3451         
3452         Fix the inheritance chain for JSFunction.
3453
3454         * runtime/JSFunction.cpp:
3455         (JSC::JSFunction::info): Add InternalFunction::info as parent class
3456
3457 2008-12-02  Simon Hausmann  <hausmann@webkit.org>
3458
3459         Reviewed by Tor Arne Vestbø.
3460
3461         Fix ability to include JavaScriptCore.pri from other .pro files.
3462
3463         * JavaScriptCore.pri: Moved -O3 setting into the .pro files.
3464         * JavaScriptCore.pro:
3465         * jsc.pro:
3466
3467 2008-12-01  Geoffrey Garen  <ggaren@apple.com>
3468
3469         Reviewed by Cameron Zwarich, with help from Gavin Barraclough.
3470         
3471         Fixed https://bugs.webkit.org/show_bug.cgi?id=22583.
3472
3473         Refactored regular expression parsing to parse sequences of characters
3474         as a single unit, in preparation for optimizing sequences of characters.
3475         
3476         SunSpider reports no change.
3477
3478         * JavaScriptCore.xcodeproj/project.pbxproj:
3479         * wrec/Escapes.h: Added. Set of classes for representing an escaped
3480         token in a pattern.
3481
3482         * wrec/Quantifier.h:
3483         (JSC::WREC::Quantifier::Quantifier): Simplified this constructor slightly,
3484         to match the new Escape constructor.
3485
3486         * wrec/WRECGenerator.cpp:
3487         (JSC::WREC::Generator::generatePatternCharacterSequence):
3488         * wrec/WRECGenerator.h: Added an interface for generating a sequence
3489         of pattern characters at a time. It doesn't do anything special yet.
3490
3491         * wrec/WRECParser.cpp:
3492         (JSC::WREC::Parser::consumeGreedyQuantifier):
3493         (JSC::WREC::Parser::consumeQuantifier): Renamed "parse" to "consume" in
3494         these functions, to match "consumeEscape."
3495
3496         (JSC::WREC::Parser::parsePatternCharacterSequence): New function for
3497         iteratively aggregating a sequence of characters in a pattern.
3498
3499         (JSC::WREC::Parser::parseCharacterClassQuantifier):
3500         (JSC::WREC::Parser::parseBackreferenceQuantifier): Renamed "parse" to
3501         "consume" in these functions, to match "consumeEscape."
3502
3503         (JSC::WREC::Parser::parseCharacterClass): Refactored to use the common
3504         escape processing code in consumeEscape.
3505
3506         (JSC::WREC::Parser::parseEscape): Refactored to use the common
3507         escape processing code in consumeEscape.
3508
3509         (JSC::WREC::Parser::consumeEscape): Factored escaped token processing
3510         into a common function, since we were doing this in a few places.
3511
3512         (JSC::WREC::Parser::parseTerm): Refactored to use the common
3513         escape processing code in consumeEscape.
3514
3515         * wrec/WRECParser.h:
3516         (JSC::WREC::Parser::consumeOctal): Refactored to use a helper function
3517         for reading a digit.
3518
3519 2008-12-01  Cameron Zwarich  <zwarich@apple.com>
3520
3521         Reviewed by Oliver Hunt.
3522
3523         Bug 20340: SegmentedVector segment allocations can lead to unsafe use of temporary registers
3524         <https://bugs.webkit.org/show_bug.cgi?id=20340>
3525
3526         SegmentedVector currently frees segments and reallocates them when used
3527         as a stack. This can lead to unsafe use of pointers into freed segments.
3528
3529         In order to fix this problem, SegmentedVector will be changed to only
3530         grow and never shrink. Also, rename the reserveCapacity() member
3531         function to grow() to match the actual usage in BytecodeGenerator, where
3532         this function is used to allocate a group of registers at once, rather
3533         than merely saving space for them.
3534
3535         * bytecompiler/BytecodeGenerator.cpp:
3536         (JSC::BytecodeGenerator::BytecodeGenerator): Use grow() instead of 
3537         reserveCapacity().
3538         * bytecompiler/SegmentedVector.h:
3539         (JSC::SegmentedVector::SegmentedVector):
3540         (JSC::SegmentedVector::last):