Tiger build fix
[WebKit-https.git] / JavaScriptCore / ChangeLog
1 2008-12-29  Oliver Hunt  <oliver@apple.com>
2
3         Reviewed by NOBODY (Build fix).
4
5         Tiger build fix.
6
7         * wtf/RandomNumber.cpp:
8
9 2008-12-29  Oliver Hunt  <oliver@apple.com>
10
11         Reviewed by Mark Rowe.
12
13         <rdar://problem/6358108> Insecure randomness in Math.random() leads to user tracking
14
15         Switch to arc4random on PLATFORM(DARWIN), this is ~1.5x slower than random(), but the
16         it is still so fast that there is no fathomable way it could be a bottleneck for anything.
17
18         randomNumber is called in two places
19           * During form submission where it is called once per form
20           * Math.random in JSC.  For this difference to show up you have to be looping on
21             a cached local copy of random, for a large (>10000) calls.
22
23         No change in SunSpider.
24
25         * wtf/RandomNumber.cpp:
26         (WTF::randomNumber):
27         * wtf/RandomNumberSeed.h:
28         (WTF::initializeRandomNumberGenerator):
29
30 2008-12-29  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
31
32         Rubber-stamped by Sam Weinig.
33
34         Remove unused kjsyydebug #define.
35
36         * parser/Grammar.y:
37
38 2008-12-29  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
39
40         Reviewed by Oliver Hunt and Sam Weinig.
41
42         Bug 23029: REGRESSION (r39337): jsfunfuzz generates identical test files
43         <https://bugs.webkit.org/show_bug.cgi?id=23029>
44         <rdar://problem/6469185>
45
46         The unification of random number generation in r39337 resulted in random()
47         being initialized on Darwin, but rand() actually being used. Fix this by
48         making randomNumber() use random() instead of rand() on Darwin.
49
50         * wtf/RandomNumber.cpp:
51         (WTF::randomNumber):
52
53 2008-12-29  Sam Weinig  <sam@webkit.org>
54
55         Fix buildbots.
56
57         * runtime/Structure.cpp:
58
59 2008-12-29  Sam Weinig  <sam@webkit.org>
60
61         Reviewed by Oliver Hunt.
62
63         Patch for https://bugs.webkit.org/show_bug.cgi?id=23026
64         Move the deleted offsets vector into the PropertyMap
65
66         Saves 3 words per Structure.
67
68         * runtime/PropertyMapHashTable.h:
69         * runtime/Structure.cpp:
70         (JSC::Structure::addPropertyTransition):
71         (JSC::Structure::changePrototypeTransition):
72         (JSC::Structure::getterSetterTransition):
73         (JSC::Structure::toDictionaryTransition):
74         (JSC::Structure::fromDictionaryTransition):
75         (JSC::Structure::copyPropertyTable):
76         (JSC::Structure::put):
77         (JSC::Structure::remove):
78         (JSC::Structure::rehashPropertyMapHashTable):
79         * runtime/Structure.h:
80         (JSC::Structure::propertyStorageSize):
81
82 2008-12-29  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
83
84         Reviewed by Oliver Hunt.
85
86         Change code using m_body.get() as a boolean to take advantage of the 
87         implicit conversion of RefPtr to boolean.
88
89         * runtime/JSFunction.cpp:
90         (JSC::JSFunction::~JSFunction):
91
92 2008-12-28  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
93
94         Reviewed by Oliver Hunt.
95
96         Bug 22840: REGRESSION (r38349): Gmail doesn't load with profiling enabled
97         <https://bugs.webkit.org/show_bug.cgi?id=22840>
98         <rdar://problem/6468077>
99
100         * bytecompiler/BytecodeGenerator.cpp:
101         (JSC::BytecodeGenerator::emitNewArray): Add an assertion that the range
102         of registers passed to op_new_array is sequential.
103         (JSC::BytecodeGenerator::emitCall): Correct the relocation of registers
104         when emitting profiler hooks so that registers aren't leaked. Also, add
105         an assertion that the 'this' register is always ref'd (because it is),
106         remove the needless protection of the 'this' register when relocating,
107         and add an assertion that the range of registers passed to op_call for
108         function call arguments is sequential.
109         (JSC::BytecodeGenerator::emitConstruct): Correct the relocation of
110         registers when emitting profiler hooks so that registers aren't leaked.
111         Also, add an assertion that the range of registers passed to op_construct
112         for function call arguments is sequential.
113
114 2008-12-26  Mark Rowe  <mrowe@apple.com>
115
116         Reviewed by Alexey Proskuryakov.
117
118         <rdar://problem/6467376> Race condition in WTF::currentThread can lead to a thread using two different identifiers during its lifetime
119
120         If a newly-created thread calls WTF::currentThread() before WTF::createThread calls establishIdentifierForPthreadHandle
121         then more than one identifier will be used for the same thread.  We can avoid this by adding some extra synchronization
122         during thread creation that delays the execution of the thread function until the thread identifier has been set up, and
123         an assertion to catch this problem should it reappear in the future.
124
125         * wtf/Threading.cpp: Added.
126         (WTF::NewThreadContext::NewThreadContext):
127         (WTF::threadEntryPoint):
128         (WTF::createThread): Add cross-platform createThread function that delays the execution of the thread function until
129         after the thread identifier has been set up.
130         * wtf/Threading.h:
131         * wtf/ThreadingGtk.cpp:
132         (WTF::establishIdentifierForThread):
133         (WTF::createThreadInternal):
134         * wtf/ThreadingNone.cpp:
135         (WTF::createThreadInternal):
136         * wtf/ThreadingPthreads.cpp:
137         (WTF::establishIdentifierForPthreadHandle):
138         (WTF::createThreadInternal):
139         * wtf/ThreadingQt.cpp:
140         (WTF::identifierByQthreadHandle):
141         (WTF::establishIdentifierForThread):
142         (WTF::createThreadInternal):
143         * wtf/ThreadingWin.cpp:
144         (WTF::storeThreadHandleByIdentifier):
145         (WTF::createThreadInternal):
146
147         Add Threading.cpp to the build.
148
149         * GNUmakefile.am:
150         * JavaScriptCore.pri:
151         * JavaScriptCore.scons:
152         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
153         * JavaScriptCore.xcodeproj/project.pbxproj:
154         * JavaScriptCoreSources.bkl:
155
156 2008-12-26  Sam Weinig  <sam@webkit.org>
157
158         Reviewed by Alexey Proskuryakov.
159
160         Remove unused method.
161
162         * runtime/Structure.h: Remove mutableTypeInfo.
163
164 2008-12-22  Gavin Barraclough  <barraclough@apple.com>
165
166         Reviewed by Oliver Hunt.
167
168         Fix rounding / bounds / signed comparison bug in ExecutableAllocator.
169
170         ExecutableAllocator::alloc assumed that m_freePtr would be aligned.  This was
171         not always true, since the first allocation from an additional pool would not
172         be rounded up.  Subsequent allocations would be unaligned, and too much memory
173         could be erroneously allocated from the pool, when the size requested was
174         available, but the size rounded up to word granularity was not available in the
175         pool.  This may result in the value of m_freePtr being greater than m_end.
176
177         Under these circumstances, the unsigned check for space will always pass,
178         resulting in pointers to memory outside of the arena being returned, and
179         ultimately segfaulty goodness when attempting to memcpy the hot freshly jitted
180         code from the AssemblerBuffer.
181
182         https://bugs.webkit.org/show_bug.cgi?id=22974
183         ... and probably many, many more.
184
185         * jit/ExecutableAllocator.h:
186         (JSC::ExecutablePool::alloc):
187         (JSC::ExecutablePool::roundUpAllocationSize):
188         (JSC::ExecutablePool::ExecutablePool):
189         (JSC::ExecutablePool::poolAllocate):
190
191 2008-12-22  Sam Weinig  <sam@webkit.org>
192
193         Reviewed by Gavin Barraclough.
194
195         Rename all uses of the term "repatch" to "patch".
196
197         * assembler/MacroAssembler.h:
198         (JSC::MacroAssembler::DataLabelPtr::patch):
199         (JSC::MacroAssembler::DataLabel32::patch):
200         (JSC::MacroAssembler::Jump::patch):
201         (JSC::MacroAssembler::PatchBuffer::PatchBuffer):
202         (JSC::MacroAssembler::PatchBuffer::setPtr):
203         (JSC::MacroAssembler::loadPtrWithAddressOffsetPatch):
204         (JSC::MacroAssembler::storePtrWithAddressOffsetPatch):
205         (JSC::MacroAssembler::storePtrWithPatch):
206         (JSC::MacroAssembler::jnePtrWithPatch):
207         * assembler/X86Assembler.h:
208         (JSC::X86Assembler::patchAddress):
209         (JSC::X86Assembler::patchImmediate):
210         (JSC::X86Assembler::patchPointer):
211         (JSC::X86Assembler::patchBranchOffset):
212         * interpreter/Interpreter.cpp:
213         (JSC::Interpreter::tryCTICachePutByID):
214         (JSC::Interpreter::tryCTICacheGetByID):
215         (JSC::Interpreter::cti_op_put_by_id):
216         (JSC::Interpreter::cti_op_get_by_id):
217         (JSC::Interpreter::cti_op_get_by_id_self_fail):
218         (JSC::Interpreter::cti_op_get_by_id_proto_list):
219         (JSC::Interpreter::cti_vm_dontLazyLinkCall):
220         * jit/JIT.cpp:
221         (JSC::ctiPatchCallByReturnAddress):
222         (JSC::JIT::privateCompileMainPass):
223         (JSC::JIT::privateCompile):
224         (JSC::JIT::privateCompileCTIMachineTrampolines):
225         * jit/JIT.h:
226         * jit/JITCall.cpp:
227         (JSC::JIT::unlinkCall):
228         (JSC::JIT::linkCall):
229         (JSC::JIT::compileOpCall):
230         * jit/JITPropertyAccess.cpp:
231         (JSC::JIT::compileGetByIdHotPath):
232         (JSC::JIT::compilePutByIdHotPath):
233         (JSC::JIT::compileGetByIdSlowCase):
234         (JSC::JIT::compilePutByIdSlowCase):
235         (JSC::JIT::privateCompilePutByIdTransition):
236         (JSC::JIT::patchGetByIdSelf):
237         (JSC::JIT::patchPutByIdReplace):
238         (JSC::JIT::privateCompilePatchGetArrayLength):
239         (JSC::JIT::privateCompileGetByIdSelf):
240         (JSC::JIT::privateCompileGetByIdProto):
241         (JSC::JIT::privateCompileGetByIdSelfList):
242         (JSC::JIT::privateCompileGetByIdProtoList):
243         (JSC::JIT::privateCompileGetByIdChainList):
244         (JSC::JIT::privateCompileGetByIdChain):
245         (JSC::JIT::privateCompilePutByIdReplace):
246
247 2008-12-22  Adam Roben  <aroben@apple.com>
248
249         Build fix after r39428
250
251         * jit/JITCall.cpp:
252         (JSC::JIT::compileOpCallSlowCase): Added a missing MacroAssembler::
253
254 2008-12-22  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
255
256         Rubber-stamped by George Staikos.
257
258         Unify all TorchMobile copyright lines. Consolidate in a single line, as requested by Mark Rowe, some time ago.
259
260         * wtf/RandomNumber.cpp:
261         * wtf/RandomNumber.h:
262         * wtf/RandomNumberSeed.h:
263
264 2008-12-21  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
265
266         Rubber-stamped by George Staikos.
267
268         Fix copyright of the new RandomNumber* files.
269
270         * wtf/RandomNumber.cpp:
271         * wtf/RandomNumber.h:
272         * wtf/RandomNumberSeed.h:
273
274 2008-12-21  Gavin Barraclough  <barraclough@apple.com>
275
276         Reviewed by Oliver Hunt & Cameron Zwarich.
277
278         Add support for call and property access repatching on x86-64.
279
280         No change in performance on current configurations (2x impovement on v8-tests with JIT enabled on x86-64).
281
282         * assembler/MacroAssembler.h:
283         (JSC::MacroAssembler::DataLabelPtr::repatch):
284         (JSC::MacroAssembler::DataLabelPtr::operator X86Assembler::JmpDst):
285         (JSC::MacroAssembler::DataLabel32::repatch):
286         (JSC::MacroAssembler::RepatchBuffer::addressOf):
287         (JSC::MacroAssembler::add32):
288         (JSC::MacroAssembler::sub32):
289         (JSC::MacroAssembler::loadPtrWithAddressOffsetRepatch):
290         (JSC::MacroAssembler::storePtrWithAddressOffsetRepatch):
291         (JSC::MacroAssembler::jePtr):
292         (JSC::MacroAssembler::jnePtr):
293         (JSC::MacroAssembler::jnePtrWithRepatch):
294         (JSC::MacroAssembler::differenceBetween):
295         * assembler/X86Assembler.h:
296         (JSC::X86Assembler::addl_im):
297         (JSC::X86Assembler::subl_im):
298         (JSC::X86Assembler::cmpl_rm):
299         (JSC::X86Assembler::movq_rm_disp32):
300         (JSC::X86Assembler::movq_mr_disp32):
301         (JSC::X86Assembler::repatchPointer):
302         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp64_disp32):
303         * jit/JIT.cpp:
304         (JSC::JIT::privateCompile):
305         (JSC::JIT::privateCompileCTIMachineTrampolines):
306         * jit/JIT.h:
307         * jit/JITCall.cpp:
308         (JSC::JIT::unlinkCall):
309         (JSC::JIT::linkCall):
310         (JSC::JIT::compileOpCall):
311         (JSC::JIT::compileOpCallSlowCase):
312         * jit/JITInlineMethods.h:
313         (JSC::JIT::restoreArgumentReferenceForTrampoline):
314         * jit/JITPropertyAccess.cpp:
315         (JSC::JIT::compileGetByIdHotPath):
316         (JSC::JIT::compileGetByIdSlowCase):
317         (JSC::JIT::compilePutByIdHotPath):
318         (JSC::JIT::compilePutByIdSlowCase):
319         (JSC::resizePropertyStorage):
320         (JSC::JIT::privateCompilePutByIdTransition):
321         (JSC::JIT::privateCompileGetByIdProto):
322         (JSC::JIT::privateCompileGetByIdProtoList):
323         (JSC::JIT::privateCompileGetByIdChainList):
324         (JSC::JIT::privateCompileGetByIdChain):
325         * wtf/Platform.h:
326
327 2008-12-20  Gavin Barraclough  <barraclough@apple.com>
328
329         Reviewed by Oliver Hunt.
330
331         Port optimized property access generation to the MacroAssembler.
332
333         * assembler/MacroAssembler.h:
334         (JSC::MacroAssembler::AbsoluteAddress::AbsoluteAddress):
335         (JSC::MacroAssembler::DataLabelPtr::repatch):
336         (JSC::MacroAssembler::DataLabel32::DataLabel32):
337         (JSC::MacroAssembler::DataLabel32::repatch):
338         (JSC::MacroAssembler::Label::operator X86Assembler::JmpDst):
339         (JSC::MacroAssembler::Jump::repatch):
340         (JSC::MacroAssembler::JumpList::empty):
341         (JSC::MacroAssembler::RepatchBuffer::link):
342         (JSC::MacroAssembler::add32):
343         (JSC::MacroAssembler::and32):
344         (JSC::MacroAssembler::sub32):
345         (JSC::MacroAssembler::loadPtrWithAddressRepatch):
346         (JSC::MacroAssembler::storePtrWithAddressRepatch):
347         (JSC::MacroAssembler::push):
348         (JSC::MacroAssembler::ja32):
349         (JSC::MacroAssembler::jePtr):
350         (JSC::MacroAssembler::jnePtr):
351         (JSC::MacroAssembler::jnePtrWithRepatch):
352         (JSC::MacroAssembler::align):
353         (JSC::MacroAssembler::differenceBetween):
354         * assembler/X86Assembler.h:
355         (JSC::X86Assembler::movl_rm_disp32):
356         (JSC::X86Assembler::movl_mr_disp32):
357         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp_disp32):
358         (JSC::X86Assembler::X86InstructionFormatter::memoryModRM):
359         * jit/JIT.cpp:
360         (JSC::ctiRepatchCallByReturnAddress):
361         (JSC::JIT::privateCompileMainPass):
362         (JSC::JIT::privateCompile):
363         (JSC::JIT::privateCompileCTIMachineTrampolines):
364         * jit/JIT.h:
365         * jit/JITPropertyAccess.cpp:
366         (JSC::JIT::compileGetByIdHotPath):
367         (JSC::JIT::compileGetByIdSlowCase):
368         (JSC::JIT::compilePutByIdHotPath):
369         (JSC::JIT::compilePutByIdSlowCase):
370         (JSC::resizePropertyStorage):
371         (JSC::JIT::privateCompilePutByIdTransition):
372         (JSC::JIT::patchGetByIdSelf):
373         (JSC::JIT::patchPutByIdReplace):
374         (JSC::JIT::privateCompilePatchGetArrayLength):
375         (JSC::JIT::privateCompileGetByIdSelf):
376         (JSC::JIT::privateCompileGetByIdProto):
377         (JSC::JIT::privateCompileGetByIdSelfList):
378         (JSC::JIT::privateCompileGetByIdProtoList):
379         (JSC::JIT::privateCompileGetByIdChainList):
380         (JSC::JIT::privateCompileGetByIdChain):
381         (JSC::JIT::privateCompilePutByIdReplace):
382         * wtf/RefCounted.h:
383         (WTF::RefCountedBase::addressOfCount):
384
385 2008-12-19  Gustavo Noronha Silva  <gns@gnome.org>
386
387         Reviewed by Holger Freyther.
388
389         https://bugs.webkit.org/show_bug.cgi?id=22686
390
391         Added file which was missing to the javascriptcore_sources
392         variable, so that it shows up in the tarball created by `make
393         dist'.
394
395         * GNUmakefile.am:
396
397 2008-12-19  Holger Hans Peter Freyther  <zecke@selfish.org>
398
399         Reviewed by Antti Koivisto.
400
401         Build fix when building JS API tests with a c89 c compiler
402
403         Do not use C++ style comments and convert them to C comments.
404
405         * wtf/Platform.h:
406
407 2008-12-18  Gavin Barraclough  <barraclough@apple.com>
408
409         Reviewed by Sam Weinig.
410
411         Same as last revision, adding cases for pre & post inc & dec.
412
413         https://bugs.webkit.org/show_bug.cgi?id=22928
414
415         * jit/JIT.cpp:
416         (JSC::JIT::privateCompileMainPass):
417
418 2008-12-18  Gavin Barraclough  <barraclough@apple.com>
419
420         Reviewed by Sam Weinig.
421
422         Fixes for the JIT's handling of JSImmediate values on x86-64.
423         On 64-bit systems, the code in JSImmediate.h relies on the upper
424         bits of a JSImmediate being a sign extension of the low 32-bits.
425         This was not being enforced by the JIT, since a number of inline
426         operations were being performed on 32-bit values in registers, and
427         when a 32-bit result is written to a register on x86-64 the value
428         is zero-extended to 64-bits.
429         
430         This fix honors previous behavoir.  A better fix in the long run
431         (when the JIT is enabled by default) may be to change JSImmediate.h
432         so it no longer relies on the upper bits of the pointer,... though
433         if we're going to change JSImmediate.h for 64-bit, we probably may
434         as well change the format so that the full range of 32-bit ints can
435         be stored, rather than just 31-bits.
436
437         https://bugs.webkit.org/show_bug.cgi?id=22925
438
439         * assembler/MacroAssembler.h:
440         (JSC::MacroAssembler::addPtr):
441         (JSC::MacroAssembler::andPtr):
442         (JSC::MacroAssembler::orPtr):
443         (JSC::MacroAssembler::or32):
444         (JSC::MacroAssembler::xor32):
445         (JSC::MacroAssembler::xorPtr):
446         (JSC::MacroAssembler::signExtend32ToPtr):
447         * assembler/X86Assembler.h:
448         (JSC::X86Assembler::):
449         (JSC::X86Assembler::andq_rr):
450         (JSC::X86Assembler::andq_ir):
451         (JSC::X86Assembler::orq_rr):
452         (JSC::X86Assembler::xorq_ir):
453         (JSC::X86Assembler::movsxd_rr):
454         * jit/JIT.cpp:
455         (JSC::JIT::privateCompileMainPass):
456         * jit/JITInlineMethods.h:
457         (JSC::JIT::emitFastArithReTagImmediate):
458         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
459         (JSC::JIT::emitFastArithImmToInt):
460
461 2008-12-18  Gavin Barraclough  <barraclough@apple.com>
462
463         Reviewed by Sam Weinig.
464
465         Just a tidy up - rename & refactor some the #defines configuring the JIT.
466
467         * interpreter/Interpreter.cpp:
468         (JSC::Interpreter::cti_op_convert_this):
469         (JSC::Interpreter::cti_op_end):
470         (JSC::Interpreter::cti_op_add):
471         (JSC::Interpreter::cti_op_pre_inc):
472         (JSC::Interpreter::cti_timeout_check):
473         (JSC::Interpreter::cti_register_file_check):
474         (JSC::Interpreter::cti_op_loop_if_less):
475         (JSC::Interpreter::cti_op_loop_if_lesseq):
476         (JSC::Interpreter::cti_op_new_object):
477         (JSC::Interpreter::cti_op_put_by_id_generic):
478         (JSC::Interpreter::cti_op_get_by_id_generic):
479         (JSC::Interpreter::cti_op_put_by_id):
480         (JSC::Interpreter::cti_op_put_by_id_second):
481         (JSC::Interpreter::cti_op_put_by_id_fail):
482         (JSC::Interpreter::cti_op_get_by_id):
483         (JSC::Interpreter::cti_op_get_by_id_second):
484         (JSC::Interpreter::cti_op_get_by_id_self_fail):
485         (JSC::Interpreter::cti_op_get_by_id_proto_list):
486         (JSC::Interpreter::cti_op_get_by_id_proto_list_full):
487         (JSC::Interpreter::cti_op_get_by_id_proto_fail):
488         (JSC::Interpreter::cti_op_get_by_id_array_fail):
489         (JSC::Interpreter::cti_op_get_by_id_string_fail):
490         (JSC::Interpreter::cti_op_instanceof):
491         (JSC::Interpreter::cti_op_del_by_id):
492         (JSC::Interpreter::cti_op_mul):
493         (JSC::Interpreter::cti_op_new_func):
494         (JSC::Interpreter::cti_op_call_JSFunction):
495         (JSC::Interpreter::cti_op_call_arityCheck):
496         (JSC::Interpreter::cti_vm_dontLazyLinkCall):
497         (JSC::Interpreter::cti_vm_lazyLinkCall):
498         (JSC::Interpreter::cti_op_push_activation):
499         (JSC::Interpreter::cti_op_call_NotJSFunction):
500         (JSC::Interpreter::cti_op_create_arguments):
501         (JSC::Interpreter::cti_op_create_arguments_no_params):
502         (JSC::Interpreter::cti_op_tear_off_activation):
503         (JSC::Interpreter::cti_op_tear_off_arguments):
504         (JSC::Interpreter::cti_op_profile_will_call):
505         (JSC::Interpreter::cti_op_profile_did_call):
506         (JSC::Interpreter::cti_op_ret_scopeChain):
507         (JSC::Interpreter::cti_op_new_array):
508         (JSC::Interpreter::cti_op_resolve):
509         (JSC::Interpreter::cti_op_construct_JSConstruct):
510         (JSC::Interpreter::cti_op_construct_NotJSConstruct):
511         (JSC::Interpreter::cti_op_get_by_val):
512         (JSC::Interpreter::cti_op_resolve_func):
513         (JSC::Interpreter::cti_op_sub):
514         (JSC::Interpreter::cti_op_put_by_val):
515         (JSC::Interpreter::cti_op_put_by_val_array):
516         (JSC::Interpreter::cti_op_lesseq):
517         (JSC::Interpreter::cti_op_loop_if_true):
518         (JSC::Interpreter::cti_op_negate):
519         (JSC::Interpreter::cti_op_resolve_base):
520         (JSC::Interpreter::cti_op_resolve_skip):
521         (JSC::Interpreter::cti_op_resolve_global):
522         (JSC::Interpreter::cti_op_div):
523         (JSC::Interpreter::cti_op_pre_dec):
524         (JSC::Interpreter::cti_op_jless):
525         (JSC::Interpreter::cti_op_not):
526         (JSC::Interpreter::cti_op_jtrue):
527         (JSC::Interpreter::cti_op_post_inc):
528         (JSC::Interpreter::cti_op_eq):
529         (JSC::Interpreter::cti_op_lshift):
530         (JSC::Interpreter::cti_op_bitand):
531         (JSC::Interpreter::cti_op_rshift):
532         (JSC::Interpreter::cti_op_bitnot):
533         (JSC::Interpreter::cti_op_resolve_with_base):
534         (JSC::Interpreter::cti_op_new_func_exp):
535         (JSC::Interpreter::cti_op_mod):
536         (JSC::Interpreter::cti_op_less):
537         (JSC::Interpreter::cti_op_neq):
538         (JSC::Interpreter::cti_op_post_dec):
539         (JSC::Interpreter::cti_op_urshift):
540         (JSC::Interpreter::cti_op_bitxor):
541         (JSC::Interpreter::cti_op_new_regexp):
542         (JSC::Interpreter::cti_op_bitor):
543         (JSC::Interpreter::cti_op_call_eval):
544         (JSC::Interpreter::cti_op_throw):
545         (JSC::Interpreter::cti_op_get_pnames):
546         (JSC::Interpreter::cti_op_next_pname):
547         (JSC::Interpreter::cti_op_push_scope):
548         (JSC::Interpreter::cti_op_pop_scope):
549         (JSC::Interpreter::cti_op_typeof):
550         (JSC::Interpreter::cti_op_is_undefined):
551         (JSC::Interpreter::cti_op_is_boolean):
552         (JSC::Interpreter::cti_op_is_number):
553         (JSC::Interpreter::cti_op_is_string):
554         (JSC::Interpreter::cti_op_is_object):
555         (JSC::Interpreter::cti_op_is_function):
556         (JSC::Interpreter::cti_op_stricteq):
557         (JSC::Interpreter::cti_op_nstricteq):
558         (JSC::Interpreter::cti_op_to_jsnumber):
559         (JSC::Interpreter::cti_op_in):
560         (JSC::Interpreter::cti_op_push_new_scope):
561         (JSC::Interpreter::cti_op_jmp_scopes):
562         (JSC::Interpreter::cti_op_put_by_index):
563         (JSC::Interpreter::cti_op_switch_imm):
564         (JSC::Interpreter::cti_op_switch_char):
565         (JSC::Interpreter::cti_op_switch_string):
566         (JSC::Interpreter::cti_op_del_by_val):
567         (JSC::Interpreter::cti_op_put_getter):
568         (JSC::Interpreter::cti_op_put_setter):
569         (JSC::Interpreter::cti_op_new_error):
570         (JSC::Interpreter::cti_op_debug):
571         (JSC::Interpreter::cti_vm_throw):
572         * interpreter/Interpreter.h:
573         * jit/JIT.cpp:
574         (JSC::):
575         (JSC::JIT::privateCompileMainPass):
576         (JSC::JIT::privateCompile):
577         * jit/JIT.h:
578         * jit/JITInlineMethods.h:
579         (JSC::JIT::restoreArgumentReference):
580         (JSC::JIT::restoreArgumentReferenceForTrampoline):
581         * wtf/Platform.h:
582
583 2008-12-18  Cameron Zwarich  <zwarich@apple.com>
584
585         Reviewed by Geoff Garen.
586
587         Bug 21855: REGRESSION (r37323): Gmail complains about popup blocking when opening a link
588         <https://bugs.webkit.org/show_bug.cgi?id=21855>
589         <rdar://problem/6278244>
590
591         Move DynamicGlobalObjectScope to JSGlobalObject.h so that it can be used
592         from WebCore.
593
594         * interpreter/Interpreter.cpp:
595         * runtime/JSGlobalObject.h:
596         (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope):
597         (JSC::DynamicGlobalObjectScope::~DynamicGlobalObjectScope):
598
599 2008-12-17  Geoffrey Garen  <ggaren@apple.com>
600
601         Reviewed by Gavin Barraclough.
602         
603         Fixed https://bugs.webkit.org/show_bug.cgi?id=22393
604         Segfault when caching property accesses to primitive cells.
605         
606         Changed some asObject casts to asCell casts in cases where a primitive
607         value may be a cell and not an object.
608         
609         Re-enabled property caching for primitives in cases where it had been
610         disabled because of this bug.
611         
612         Updated a comment to better explain something Darin thought needed
613         explaining in an old patch review.
614
615         * interpreter/Interpreter.cpp:
616         (JSC::countPrototypeChainEntriesAndCheckForProxies):
617         (JSC::Interpreter::tryCacheGetByID):
618         (JSC::Interpreter::tryCTICacheGetByID):
619         (JSC::Interpreter::cti_op_get_by_id_self_fail):
620         (JSC::Interpreter::cti_op_get_by_id_proto_list):
621
622 2008-12-17  Gavin Barraclough  <barraclough@apple.com>
623
624         Reviewed by Cameron Zwarich.
625
626         Fixes for Sunspider failures with the JIT enabled on x86-64.
627
628         * assembler/MacroAssembler.h:
629             Switch the order of the RegisterID & Address form of je32, to keep it consistent with jne32.
630         * jit/JIT.cpp:
631         * jit/JIT.h:
632         * jit/JITInlineMethods.h:
633             Port the m_ctiVirtualCall tramopline generation to use the MacroAssembler interface.
634         * jit/JITCall.cpp:
635             Fix bug in the non-optimizing code path, vptr check should have been to the memory address pointer
636             to by the register, not to the register itself.
637         * wrec/WRECGenerator.cpp:
638             See assembler/MacroAssembler.h, above.
639
640 2008-12-17  Gavin Barraclough  <barraclough@apple.com>
641
642         Reviewed by Sam Weinig.
643
644         print("Hello, 64-bit jitted world!");
645         Get hello-world working through the JIT, on x86-64.
646
647         * assembler/X86Assembler.h:
648             Fix encoding of opcode + RegisterID format instructions for 64-bit.
649         * interpreter/Interpreter.cpp:
650         * interpreter/Interpreter.h:
651             Make VoidPtrPair actually be a pair of void*s.
652             (Possibly should make this change for 32-bit Mac platforms, too - but won't change 32-bit behaviour in this patch).
653         * jit/JIT.cpp:
654         * jit/JIT.h:
655             Provide names for the timeoutCheckRegister & callFrameRegister on x86-64,
656             force x86-64 ctiTrampoline arguments onto the stack,
657             implement the asm trampolines for x86-64,
658             implement the restoreArgumentReference methods for x86-64 calling conventions.
659         * jit/JITCall.cpp:
660         * jit/JITInlineMethods.h:
661         * wtf/Platform.h:
662             Add switch settings to ENABLE(JIT), on PLATFORM(X86_64) (currently still disabled).
663
664 2008-12-17  Sam Weinig  <sam@webkit.org>
665
666         Reviewed by Gavin Barraclough.
667
668         Add more CodeBlock statistics.
669
670         * bytecode/CodeBlock.cpp:
671         (JSC::CodeBlock::dumpStatistics):
672
673 2008-12-17  Sam Weinig  <sam@webkit.org>
674
675         Reviewed by Darin Adler.
676
677         Fix for https://bugs.webkit.org/show_bug.cgi?id=22897
678         <rdar://problem/6428342>
679         Look into feasibility of discarding bytecode after native codegen
680
681         Clear the bytecode Instruction vector at the end JIT generation.
682
683         Saves 4.8 MB on Membuster head.
684
685         * bytecode/CodeBlock.cpp:
686         (JSC::CodeBlock::dump): Add logging for the case that someone tries
687         to dump the instructions of a CodeBlock that has had its bytecode
688         vector cleared.
689         (JSC::CodeBlock::CodeBlock): Initialize the instructionCount
690         (JSC::CodeBlock::handlerForBytecodeOffset): Use instructionCount instead
691         of the size of the instruction vector in the assertion.
692         (JSC::CodeBlock::lineNumberForBytecodeOffset): Ditto.
693         (JSC::CodeBlock::expressionRangeForBytecodeOffset): Ditto.
694         (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset): Ditto.
695         (JSC::CodeBlock::functionRegisterForBytecodeOffset): Ditto.
696         * bytecode/CodeBlock.h:
697         (JSC::CodeBlock::setInstructionCount): Store the instruction vector size
698         in debug builds for assertions.
699         * bytecompiler/BytecodeGenerator.cpp:
700         (JSC::BytecodeGenerator::generate):
701         * jit/JIT.cpp:
702         (JSC::JIT::privateCompile): Clear the bytecode vector unless we
703         have compiled with Opcode sampling where we will continue to require it
704
705 2008-12-17  Cary Clark  <caryclark@google.com>
706
707         Reviewed by Darin Adler.
708         Landed by Adam Barth.
709
710         Add ENABLE_TEXT_CARET to permit the ANDROID platform
711         to invalidate and draw the caret in a separate thread.
712
713         * wtf/Platform.h:
714         Default ENABLE_TEXT_CARET to 1.
715
716 2008-12-17  Alexey Proskuryakov  <ap@webkit.org>
717
718         Reviewed by Darin Adler.
719
720         Don't use unique context group in JSGlobalContextCreate() on Tiger or Leopard, take two.
721
722         * API/JSContextRef.cpp: The previous patch that claimed to do this was making Tiger and
723         Leopard always use unique context group instead.
724
725 2008-12-16  Sam Weinig  <sam@webkit.org>
726
727         Reviewed by Geoffrey Garen.
728
729         Fix for https://bugs.webkit.org/show_bug.cgi?id=22838
730         Remove dependency on the bytecode Instruction buffer in Interpreter::throwException
731         Part of <rdar://problem/6428342>
732
733         * bytecode/CodeBlock.cpp:
734         (JSC::CodeBlock::functionRegisterForBytecodeOffset): Added. Function to get
735         a function Register index in a callFrame for a bytecode offset.
736         (JSC::CodeBlock::shrinkToFit): Shrink m_getByIdExceptionInfo and m_functionRegisterInfos.
737         * bytecode/CodeBlock.h:
738         (JSC::FunctionRegisterInfo::FunctionRegisterInfo): Added.
739         (JSC::CodeBlock::addFunctionRegisterInfo):
740         * bytecompiler/BytecodeGenerator.cpp:
741         (JSC::BytecodeGenerator::emitCall):
742         * interpreter/Interpreter.cpp:
743         (JSC::Interpreter::throwException): Use functionRegisterForBytecodeOffset in JIT
744         mode.
745
746 2008-12-16  Sam Weinig  <sam@webkit.org>
747
748         Reviewed by Gavin Barraclough.
749
750         Fix for https://bugs.webkit.org/show_bug.cgi?id=22837
751         Remove dependency on the bytecode Instruction buffer in Interpreter::cti_op_call_NotJSFunction
752         Part of <rdar://problem/6428342>
753
754         * interpreter/CallFrame.h: Added comment regarding returnPC storing a void*.
755         * interpreter/Interpreter.cpp:
756         (JSC::bytecodeOffsetForPC): We no longer have any cases of the PC
757         being in the instruction stream for JIT, so we can remove the check.
758         (JSC::Interpreter::cti_op_call_NotJSFunction): Use the CTI_RETURN_ADDRESS
759         as the call frame returnPC as it is only necessary for looking up when
760         throwing an exception.
761         * interpreter/RegisterFile.h:
762         (JSC::RegisterFile::): Added comment regarding returnPC storing a void*.
763         * jit/JIT.h: Remove ARG_instr4.
764         * jit/JITCall.cpp:
765         (JSC::JIT::compileOpCallSetupArgs): Don't pass the instruction pointer.
766
767 2008-12-16  Darin Adler  <darin@apple.com>
768
769         Reviewed and landed by Cameron Zwarich.
770
771         Preparatory work for fixing
772
773         Bug 22887: Make UString::Rep use RefCounted rather than implementing its own ref counting
774         <https://bugs.webkit.org/show_bug.cgi?id=22887>
775
776         Change the various string translators used by Identifier:add() so that
777         they never zero the ref count of a newly created UString::Rep.
778
779         * runtime/Identifier.cpp:
780         (JSC::CStringTranslator::translate):
781         (JSC::Identifier::add):
782         (JSC::UCharBufferTranslator::translate):
783
784 2008-12-16  Gavin Barraclough  <barraclough@apple.com>
785
786         Build fix for 'doze.
787
788         * assembler/AssemblerBuffer.h:
789
790 2008-12-16  Gavin Barraclough  <barraclough@apple.com>
791
792         Reviewed by Cameron Zwarich.
793
794         Make the JIT compile on x86-64.
795         This largely involves populting the missing calls in MacroAssembler.h.
796         In addition some reinterpret_casts need removing from the JIT, and the
797         repatching property access code will need to be fully compiled out for
798         now.  The changes in interpret.cpp are to reorder the functions so that
799         the _generic forms come before all other property access methods, and
800         then to place all property access methods other than the generic forms
801         under control of the ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS macro.
802
803         No performance impact.
804
805         * assembler/AssemblerBuffer.h:
806         (JSC::AssemblerBuffer::putInt64Unchecked):
807         * assembler/MacroAssembler.h:
808         (JSC::MacroAssembler::loadPtr):
809         (JSC::MacroAssembler::load32):
810         (JSC::MacroAssembler::storePtr):
811         (JSC::MacroAssembler::storePtrWithRepatch):
812         (JSC::MacroAssembler::store32):
813         (JSC::MacroAssembler::poke):
814         (JSC::MacroAssembler::move):
815         (JSC::MacroAssembler::testImm64):
816         (JSC::MacroAssembler::jePtr):
817         (JSC::MacroAssembler::jnePtr):
818         (JSC::MacroAssembler::jnzPtr):
819         (JSC::MacroAssembler::jzPtr):
820         * assembler/X86Assembler.h:
821         (JSC::X86Assembler::):
822         (JSC::X86Assembler::cmpq_rr):
823         (JSC::X86Assembler::cmpq_rm):
824         (JSC::X86Assembler::cmpq_im):
825         (JSC::X86Assembler::testq_i32m):
826         (JSC::X86Assembler::movl_mEAX):
827         (JSC::X86Assembler::movl_i32r):
828         (JSC::X86Assembler::movl_EAXm):
829         (JSC::X86Assembler::movq_rm):
830         (JSC::X86Assembler::movq_mEAX):
831         (JSC::X86Assembler::movq_mr):
832         (JSC::X86Assembler::movq_i64r):
833         (JSC::X86Assembler::movl_mr):
834         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp64):
835         (JSC::X86Assembler::X86InstructionFormatter::immediate64):
836         * interpreter/Interpreter.cpp:
837         (JSC::Interpreter::cti_op_put_by_id_generic):
838         (JSC::Interpreter::cti_op_get_by_id_generic):
839         (JSC::Interpreter::cti_op_put_by_id):
840         (JSC::Interpreter::cti_op_put_by_id_second):
841         * jit/JIT.cpp:
842         (JSC::JIT::privateCompileMainPass):
843         (JSC::JIT::privateCompile):
844         (JSC::JIT::privateCompileCTIMachineTrampolines):
845         * jit/JITCall.cpp:
846         (JSC::JIT::compileOpCallSetupArgs):
847         (JSC::JIT::compileOpCall):
848         * jit/JITPropertyAccess.cpp:
849         (JSC::JIT::compileGetByIdHotPath):
850         (JSC::JIT::compilePutByIdHotPath):
851         * runtime/JSImmediate.h:
852         (JSC::JSImmediate::makeInt):
853
854 2008-12-16  Cameron Zwarich  <zwarich@apple.com>
855
856         Reviewed by Darin Adler.
857
858         Bug 22869: REGRESSION (r38407): http://news.cnet.com/8301-13579_3-9953533-37.html crashes
859         <https://bugs.webkit.org/show_bug.cgi?id=22869>
860         <rdar://problem/6402499>
861
862         Before r38407, Structure::m_nameInPrevious was ref'd due to it being
863         stored in a PropertyMap. However, PropertyMaps are created lazily after
864         r38407, so Structure::m_nameInPrevious is not necessarily ref'd while
865         it is being used. Making it a RefPtr instead of a raw pointer fixes
866         the problem.
867
868         Unfortunately, the crash in the bug is rather intermittent, and it is
869         impossible to add an assertion in UString::Ref::ref() to catch this bug
870         because some users of UString::Rep deliberately zero out the reference
871         count. Therefore, there is no layout test accompanying this bug fix.
872
873         * runtime/Structure.cpp:
874         (JSC::Structure::~Structure): Use get().
875         (JSC::Structure::materializePropertyMap): Use get().
876         (JSC::Structure::addPropertyTransitionToExistingStructure): Use get().
877         (JSC::Structure::addPropertyTransition): Use get().
878         * runtime/Structure.h: Make Structure::m_nameInPrevious a RefPtr instead
879         of a raw pointer.
880
881 2008-12-16  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
882
883         Not reviewed. Attempt to fix win build. No 'using namespace WTF' in this file, needs manual WTF:: prefix.
884         Not sure why the build works as is here.
885
886         * runtime/MathObject.cpp:
887         (JSC::mathProtoFuncRandom):
888
889 2008-12-16  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
890
891         Reviewed by Darin Adler.
892
893         Fixes: https://bugs.webkit.org/show_bug.cgi?id=22876
894
895         Unify random number generation in JavaScriptCore & WebCore, by introducing
896         wtf/RandomNumber.h and moving wtf_random/wtf_random_init out of MathExtras.h.
897
898         wtf_random_init() has been renamed to initializeRandomNumberGenerator() and
899         lives in it's own private header: wtf/RandomNumberSeed.h, only intended to
900         be used from within JavaScriptCore.
901
902         wtf_random() has been renamed to randomNumber() and lives in a public header
903         wtf/RandomNumber.h, usable from within JavaScriptCore & WebCore. It encapsulates
904         the code taking care of initializing the random number generator (only when
905         building without ENABLE(JSC_MULTIPLE_THREADS), otherwhise initializeThreading()
906         already took care of that).
907
908         Functional change on darwin: Use random() instead of rand(), as it got a larger
909         period (more randomness). HTMLFormElement already contains this implementation
910         and I just moved it in randomNumber(), as  special case for PLATFORM(DARWIN).
911
912         * GNUmakefile.am: Add RandomNumber.(cpp/h) / RandomNumberSeed.h.
913         * JavaScriptCore.exp: Ditto.
914         * JavaScriptCore.pri: Ditto.
915         * JavaScriptCore.scons: Ditto.
916         * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
917         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
918         * JavaScriptCoreSources.bkl: Ditto.
919         * runtime/MathObject.cpp: Use new WTF::randomNumber() functionality.
920         (JSC::mathProtoFuncRandom):
921         * wtf/MathExtras.h: Move wtf_random / wtf_random_init to new files.
922         * wtf/RandomNumber.cpp: Added.
923         (WTF::randomNumber):
924         * wtf/RandomNumber.h: Added.
925         * wtf/RandomNumberSeed.h: Added. Internal usage within JSC only.
926         (WTF::initializeRandomNumberGenerator):
927         * wtf/ThreadingGtk.cpp: Rename wtf_random_init() to initializeRandomNumberGenerator().
928         (WTF::initializeThreading):
929         * wtf/ThreadingPthreads.cpp: Ditto.
930         (WTF::initializeThreading):
931         * wtf/ThreadingQt.cpp: Ditto.
932         (WTF::initializeThreading):
933         * wtf/ThreadingWin.cpp: Ditto.
934         (WTF::initializeThreading):
935
936 2008-12-16 Yael Aharon <yael.aharon@nokia.com>
937
938         Reviewed by Tor Arne Vestbø.
939
940         Qt/Win build fix
941
942         * JavaScriptCore.pri:
943
944 2008-12-15  Mark Rowe  <mrowe@apple.com>
945
946         Reviewed by Cameron Zwarich.
947
948         Fix the build with GCC 4.0.
949
950         * Configurations/JavaScriptCore.xcconfig:  GCC 4.0 appears to have a bug when compiling with -funwind-tables on,
951         so don't use it with that compiler version.
952
953 2008-12-15  Mark Rowe  <mrowe@apple.com>
954
955         Rubber-stamped by Cameron Zwarich.
956
957         <rdar://problem/6289933> Change WebKit-related projects to build with GCC 4.2 on Leopard.
958
959         * Configurations/Base.xcconfig:
960         * Configurations/DebugRelease.xcconfig:
961
962 2008-12-15  Alexey Proskuryakov  <ap@webkit.org>
963
964         Reviewed by Darin Adler.
965
966         Don't use unique context group in JSGlobalContextCreate() on Tiger or Leopard.
967
968         * API/JSContextRef.cpp: (JSGlobalContextCreate):
969
970 2008-12-15  Alexey Proskuryakov  <ap@webkit.org>
971
972         Reviewed by Darin Adler.
973
974         <rdar://problem/6445089> Mach ports leak from worker threads
975
976         * interpreter/Interpreter.cpp: (JSC::getCPUTime):
977         Deallocate the thread self port.
978
979 2008-12-15  Gavin Barraclough  <barraclough@apple.com>
980
981         Reviewed by Mark Rowe.
982
983         Construct stack frames in JIT code, so that backtracing can still work.
984         <rdar://problem/6447870> JIT should play nice with attempts to take stack traces
985
986         * jit/JIT.cpp:
987         (JSC::):
988         (JSC::JIT::privateCompileMainPass):
989
990 2008-12-15  Mark Rowe  <mrowe@apple.com>
991
992         Reviewed by Gavin Barraclough.
993
994         <rdar://problem/6402262> JavaScriptCore needs exception handling tables in order to get stack traces without frame pointers
995
996         * Configurations/JavaScriptCore.xcconfig:
997
998 2008-12-15  Gavin Barraclough  <barraclough@apple.com>
999
1000         Rubber stamped by Mark Rowe.
1001
1002         Revert r39226 / Bug 22818: Unify JIT callback argument access OS X / Windows
1003         This causes Acid3 failures – reverting for now & will revisit later.
1004         https://bugs.webkit.org/show_bug.cgi?id=22873
1005
1006         * interpreter/Interpreter.h:
1007         * jit/JIT.cpp:
1008         (JSC::JIT::privateCompileCTIMachineTrampolines):
1009         * jit/JIT.h:
1010         * jit/JITInlineMethods.h:
1011         (JSC::JIT::restoreArgumentReference):
1012         (JSC::JIT::restoreArgumentReferenceForTrampoline):
1013         (JSC::JIT::emitCTICall_internal):
1014         * jit/JITPropertyAccess.cpp:
1015         (JSC::JIT::privateCompilePutByIdTransition):
1016         * wtf/Platform.h:
1017
1018 2008-12-15  Darin Adler  <darin@apple.com>
1019
1020         Reviewed by Sam Weinig.
1021
1022         - fix <rdar://problem/6427048> crash due to infinite recursion after setting window.__proto__ = window
1023
1024         Replaced toGlobalObject with the more generally useful unwrappedObject and used it to
1025         fix the cycle detection code in put(__proto__).
1026
1027         * JavaScriptCore.exp: Updated.
1028
1029         * runtime/JSGlobalObject.cpp: Removed toGlobalObject. We now use unwrappedObject instead.
1030         * runtime/JSGlobalObject.h:
1031         (JSC::JSGlobalObject::isGlobalObject): Ditto.
1032
1033         * runtime/JSGlobalObjectFunctions.cpp:
1034         (JSC::globalFuncEval): Use unwrappedObject and isGlobalObject here rather than toGlobalObject.
1035
1036         * runtime/JSObject.cpp:
1037         (JSC::JSObject::put): Rewrote prototype cycle checking loop. Use unwrappedObject in the loop now.
1038         (JSC::JSObject::unwrappedObject): Replaced toGlobalObject with this new function.
1039         * runtime/JSObject.h: More of the same.
1040
1041 2008-12-15  Steve Falkenburg  <sfalken@apple.com>
1042
1043         Windows build fix.
1044         
1045         Visual Studio requires visibility of forward declarations to match class declaration.
1046
1047         * assembler/X86Assembler.h:
1048
1049 2008-12-15  Gustavo Noronha Silva  <kov@kov.eti.br>
1050
1051         Reviewed by Mark Rowe.
1052
1053         https://bugs.webkit.org/show_bug.cgi?id=22686
1054
1055         GTK+ build fix.
1056
1057         * GNUmakefile.am:
1058
1059 2008-12-15  Gavin Barraclough  <barraclough@apple.com>
1060
1061         Reviewed by Geoff Garen.
1062
1063         Add support to X86Assembler emitting instructions that access all 16 registers on x86-64.
1064         Add a new formating class, that is reponsible for both emitting the opcode bytes and the
1065         ModRm  bytes of an instruction in a single call; this can insert the REX byte as necessary
1066         before the opcode, but has access to the register numbers to build the REX.
1067
1068         * assembler/AssemblerBuffer.h:
1069         (JSC::AssemblerBuffer::isAligned):
1070         (JSC::AssemblerBuffer::data):
1071         * assembler/MacroAssembler.h:
1072         (JSC::MacroAssembler::addPtr):
1073         (JSC::MacroAssembler::add32):
1074         (JSC::MacroAssembler::and32):
1075         (JSC::MacroAssembler::or32):
1076         (JSC::MacroAssembler::sub32):
1077         (JSC::MacroAssembler::xor32):
1078         (JSC::MacroAssembler::loadPtr):
1079         (JSC::MacroAssembler::load32):
1080         (JSC::MacroAssembler::load16):
1081         (JSC::MacroAssembler::storePtr):
1082         (JSC::MacroAssembler::storePtrWithRepatch):
1083         (JSC::MacroAssembler::store32):
1084         (JSC::MacroAssembler::pop):
1085         (JSC::MacroAssembler::push):
1086         (JSC::MacroAssembler::compareImm32ForBranch):
1087         (JSC::MacroAssembler::compareImm32ForBranchEquality):
1088         (JSC::MacroAssembler::testImm32):
1089         (JSC::MacroAssembler::jae32):
1090         (JSC::MacroAssembler::jb32):
1091         (JSC::MacroAssembler::je16):
1092         (JSC::MacroAssembler::jg32):
1093         (JSC::MacroAssembler::jnePtr):
1094         (JSC::MacroAssembler::jne32):
1095         (JSC::MacroAssembler::jump):
1096         * assembler/X86Assembler.h:
1097         (JSC::X86::):
1098         (JSC::X86Assembler::):
1099         (JSC::X86Assembler::size):
1100         (JSC::X86Assembler::push_r):
1101         (JSC::X86Assembler::pop_r):
1102         (JSC::X86Assembler::push_i32):
1103         (JSC::X86Assembler::push_m):
1104         (JSC::X86Assembler::pop_m):
1105         (JSC::X86Assembler::addl_rr):
1106         (JSC::X86Assembler::addl_mr):
1107         (JSC::X86Assembler::addl_ir):
1108         (JSC::X86Assembler::addq_ir):
1109         (JSC::X86Assembler::addl_im):
1110         (JSC::X86Assembler::andl_rr):
1111         (JSC::X86Assembler::andl_ir):
1112         (JSC::X86Assembler::orl_rr):
1113         (JSC::X86Assembler::orl_mr):
1114         (JSC::X86Assembler::orl_ir):
1115         (JSC::X86Assembler::subl_rr):
1116         (JSC::X86Assembler::subl_mr):
1117         (JSC::X86Assembler::subl_ir):
1118         (JSC::X86Assembler::subl_im):
1119         (JSC::X86Assembler::xorl_rr):
1120         (JSC::X86Assembler::xorl_ir):
1121         (JSC::X86Assembler::sarl_i8r):
1122         (JSC::X86Assembler::sarl_CLr):
1123         (JSC::X86Assembler::shll_i8r):
1124         (JSC::X86Assembler::shll_CLr):
1125         (JSC::X86Assembler::imull_rr):
1126         (JSC::X86Assembler::imull_i32r):
1127         (JSC::X86Assembler::idivl_r):
1128         (JSC::X86Assembler::cmpl_rr):
1129         (JSC::X86Assembler::cmpl_rm):
1130         (JSC::X86Assembler::cmpl_mr):
1131         (JSC::X86Assembler::cmpl_ir):
1132         (JSC::X86Assembler::cmpl_ir_force32):
1133         (JSC::X86Assembler::cmpl_im):
1134         (JSC::X86Assembler::cmpl_im_force32):
1135         (JSC::X86Assembler::cmpw_rm):
1136         (JSC::X86Assembler::testl_rr):
1137         (JSC::X86Assembler::testl_i32r):
1138         (JSC::X86Assembler::testl_i32m):
1139         (JSC::X86Assembler::testq_rr):
1140         (JSC::X86Assembler::testq_i32r):
1141         (JSC::X86Assembler::testb_i8r):
1142         (JSC::X86Assembler::sete_r):
1143         (JSC::X86Assembler::setz_r):
1144         (JSC::X86Assembler::setne_r):
1145         (JSC::X86Assembler::setnz_r):
1146         (JSC::X86Assembler::cdq):
1147         (JSC::X86Assembler::xchgl_rr):
1148         (JSC::X86Assembler::movl_rr):
1149         (JSC::X86Assembler::movl_rm):
1150         (JSC::X86Assembler::movl_mr):
1151         (JSC::X86Assembler::movl_i32r):
1152         (JSC::X86Assembler::movl_i32m):
1153         (JSC::X86Assembler::movq_rr):
1154         (JSC::X86Assembler::movq_rm):
1155         (JSC::X86Assembler::movq_mr):
1156         (JSC::X86Assembler::movzwl_mr):
1157         (JSC::X86Assembler::movzbl_rr):
1158         (JSC::X86Assembler::leal_mr):
1159         (JSC::X86Assembler::call):
1160         (JSC::X86Assembler::jmp):
1161         (JSC::X86Assembler::jmp_r):
1162         (JSC::X86Assembler::jmp_m):
1163         (JSC::X86Assembler::jne):
1164         (JSC::X86Assembler::jnz):
1165         (JSC::X86Assembler::je):
1166         (JSC::X86Assembler::jl):
1167         (JSC::X86Assembler::jb):
1168         (JSC::X86Assembler::jle):
1169         (JSC::X86Assembler::jbe):
1170         (JSC::X86Assembler::jge):
1171         (JSC::X86Assembler::jg):
1172         (JSC::X86Assembler::ja):
1173         (JSC::X86Assembler::jae):
1174         (JSC::X86Assembler::jo):
1175         (JSC::X86Assembler::jp):
1176         (JSC::X86Assembler::js):
1177         (JSC::X86Assembler::addsd_rr):
1178         (JSC::X86Assembler::addsd_mr):
1179         (JSC::X86Assembler::cvtsi2sd_rr):
1180         (JSC::X86Assembler::cvttsd2si_rr):
1181         (JSC::X86Assembler::movd_rr):
1182         (JSC::X86Assembler::movsd_rm):
1183         (JSC::X86Assembler::movsd_mr):
1184         (JSC::X86Assembler::mulsd_rr):
1185         (JSC::X86Assembler::mulsd_mr):
1186         (JSC::X86Assembler::pextrw_irr):
1187         (JSC::X86Assembler::subsd_rr):
1188         (JSC::X86Assembler::subsd_mr):
1189         (JSC::X86Assembler::ucomis_rr):
1190         (JSC::X86Assembler::int3):
1191         (JSC::X86Assembler::ret):
1192         (JSC::X86Assembler::predictNotTaken):
1193         (JSC::X86Assembler::label):
1194         (JSC::X86Assembler::align):
1195         (JSC::X86Assembler::link):
1196         (JSC::X86Assembler::executableCopy):
1197         (JSC::X86Assembler::X86InstructionFormater::prefix):
1198         (JSC::X86Assembler::X86InstructionFormater::oneByteOp):
1199         (JSC::X86Assembler::X86InstructionFormater::twoByteOp):
1200         (JSC::X86Assembler::X86InstructionFormater::oneByteOp64):
1201         (JSC::X86Assembler::X86InstructionFormater::oneByteOp8):
1202         (JSC::X86Assembler::X86InstructionFormater::twoByteOp8):
1203         (JSC::X86Assembler::X86InstructionFormater::instructionImmediate8):
1204         (JSC::X86Assembler::X86InstructionFormater::instructionImmediate32):
1205         (JSC::X86Assembler::X86InstructionFormater::instructionRel32):
1206         (JSC::X86Assembler::X86InstructionFormater::size):
1207         (JSC::X86Assembler::X86InstructionFormater::isAligned):
1208         (JSC::X86Assembler::X86InstructionFormater::data):
1209         (JSC::X86Assembler::X86InstructionFormater::executableCopy):
1210         (JSC::X86Assembler::X86InstructionFormater::registerModRM):
1211         (JSC::X86Assembler::X86InstructionFormater::memoryModRM):
1212         * jit/JIT.cpp:
1213         (JSC::JIT::privateCompileMainPass):
1214         (JSC::JIT::privateCompile):
1215         (JSC::JIT::privateCompileCTIMachineTrampolines):
1216         * jit/JITArithmetic.cpp:
1217         (JSC::JIT::putDoubleResultToJSNumberCellOrJSImmediate):
1218         (JSC::JIT::compileBinaryArithOp):
1219         * jit/JITCall.cpp:
1220         (JSC::JIT::compileOpCall):
1221         (JSC::JIT::compileOpCallSlowCase):
1222         * jit/JITPropertyAccess.cpp:
1223         (JSC::JIT::compileGetByIdHotPath):
1224         (JSC::JIT::compilePutByIdHotPath):
1225         (JSC::JIT::privateCompilePutByIdTransition):
1226         (JSC::JIT::privateCompilePatchGetArrayLength):
1227         (JSC::JIT::privateCompileGetByIdProto):
1228         (JSC::JIT::privateCompileGetByIdProtoList):
1229         (JSC::JIT::privateCompileGetByIdChainList):
1230         (JSC::JIT::privateCompileGetByIdChain):
1231
1232 2008-12-15  Darin Adler  <darin@apple.com>
1233
1234         * interpreter/RegisterFile.h: Tweak include formatting.
1235
1236 2008-12-15  Holger Hans Peter Freyther  <zecke@selfish.org>
1237
1238         Build fix for Gtk+.
1239
1240         * interpreter/RegisterFile.h: Include stdio.h for fprintf
1241
1242 2008-12-15  Alexey Proskuryakov  <ap@webkit.org>
1243
1244         Reviewed by Oliver Hunt.
1245
1246         <rdar://problem/6444455> Worker Thread crash running multiple workers for a moderate amount of time
1247
1248         * interpreter/RegisterFile.h: (JSC::RegisterFile::RegisterFile):
1249         Improve error handling: if mmap fails, crash immediately, and print out the reason.
1250
1251 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1252
1253         Reviewed by Cameron Zwarich.
1254
1255         Re-enable WREC on 64-bit.
1256         Implements one of the MacroAssembler::jnzPtr methods, previously only implemented for 32-bit x86.
1257
1258         https://bugs.webkit.org/show_bug.cgi?id=22849
1259
1260         * assembler/MacroAssembler.h:
1261         (JSC::MacroAssembler::testImm64):
1262         (JSC::MacroAssembler::jnzPtr):
1263         * assembler/X86Assembler.h:
1264         (JSC::X86Assembler::testq_i32r):
1265         (JSC::X86Assembler::testq_rr):
1266         * wtf/Platform.h:
1267
1268 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1269
1270         Fix PPC builds.
1271
1272         * assembler/MacroAssembler.h:
1273
1274 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1275
1276         Build fix only, no review.
1277
1278         * bytecode/CodeBlock.h:
1279
1280 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1281
1282         Reviewed by Cameron Zwarich.
1283
1284         Port the remainder of the JIT, bar calling convention related code, and code
1285         implementing optimizations which can be disabled, to use the MacroAssembler.
1286
1287         * assembler/MacroAssembler.h:
1288         (JSC::MacroAssembler::DataLabelPtr::DataLabelPtr):
1289         (JSC::MacroAssembler::RepatchBuffer::RepatchBuffer):
1290         (JSC::MacroAssembler::RepatchBuffer::link):
1291         (JSC::MacroAssembler::RepatchBuffer::addressOf):
1292         (JSC::MacroAssembler::RepatchBuffer::setPtr):
1293         (JSC::MacroAssembler::addPtr):
1294         (JSC::MacroAssembler::lshift32):
1295         (JSC::MacroAssembler::mod32):
1296         (JSC::MacroAssembler::rshift32):
1297         (JSC::MacroAssembler::storePtrWithRepatch):
1298         (JSC::MacroAssembler::jnzPtr):
1299         (JSC::MacroAssembler::jzPtr):
1300         (JSC::MacroAssembler::jump):
1301         (JSC::MacroAssembler::label):
1302         * assembler/X86Assembler.h:
1303         (JSC::X86Assembler::):
1304         (JSC::X86Assembler::xchgl_rr):
1305         (JSC::X86Assembler::jmp_m):
1306         (JSC::X86Assembler::repatchAddress):
1307         (JSC::X86Assembler::getRelocatedAddress):
1308         * bytecode/CodeBlock.cpp:
1309         (JSC::CodeBlock::CodeBlock):
1310         * bytecode/CodeBlock.h:
1311         (JSC::JITCodeRef::JITCodeRef):
1312         (JSC::CodeBlock::setJITCode):
1313         (JSC::CodeBlock::jitCode):
1314         (JSC::CodeBlock::executablePool):
1315         * jit/JIT.cpp:
1316         (JSC::JIT::privateCompileMainPass):
1317         (JSC::JIT::privateCompileLinkPass):
1318         (JSC::JIT::privateCompile):
1319         (JSC::JIT::privateCompileCTIMachineTrampolines):
1320         * jit/JIT.h:
1321         (JSC::CallRecord::CallRecord):
1322         (JSC::JumpTable::JumpTable):
1323         (JSC::JIT::emitCTICall):
1324         (JSC::JIT::JSRInfo::JSRInfo):
1325         * jit/JITArithmetic.cpp:
1326         * jit/JITCall.cpp:
1327         * jit/JITInlineMethods.h:
1328         (JSC::JIT::emitNakedCall):
1329         (JSC::JIT::emitCTICall_internal):
1330         (JSC::JIT::checkStructure):
1331         (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
1332         (JSC::JIT::addSlowCase):
1333         (JSC::JIT::addJump):
1334         (JSC::JIT::emitJumpSlowToHot):
1335         * jit/JITPropertyAccess.cpp:
1336         (JSC::JIT::privateCompileGetByIdChainList):
1337         (JSC::JIT::privateCompileGetByIdChain):
1338
1339 2008-12-12  Cameron Zwarich  <zwarich@apple.com>
1340
1341         Reviewed by Sam Weinig.
1342
1343         Fix the failures of the following layout tests, which regressed in
1344         r39255:
1345
1346         fast/dom/StyleSheet/ownerNode-lifetime-2.html
1347         fast/xsl/transform-xhr-doc.xhtml
1348
1349         The binary search in CodeBlock::getByIdExceptionInfoForBytecodeOffset()
1350         doesn't guarantee that it actually finds a match, so add an explicit check
1351         for this.
1352
1353         * bytecode/CodeBlock.cpp:
1354         (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
1355
1356 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1357
1358         Reviewed by Cameron Zwarich.
1359
1360         Replace emitPutCallArg methods with emitPutJITStubArg methods.  Primarily to make the argument numbering
1361         more sensible (1-based incrementing by 1, rather than 0-based incrementing by 4).  The CTI name also seems
1362         to be being deprecated from the code generally.
1363
1364         * jit/JIT.cpp:
1365         (JSC::JIT::privateCompileMainPass):
1366         (JSC::JIT::privateCompileSlowCases):
1367         (JSC::JIT::privateCompileCTIMachineTrampolines):
1368         * jit/JIT.h:
1369         * jit/JITArithmetic.cpp:
1370         (JSC::JIT::compileBinaryArithOp):
1371         (JSC::JIT::compileBinaryArithOpSlowCase):
1372         * jit/JITCall.cpp:
1373         (JSC::JIT::compileOpCallSetupArgs):
1374         (JSC::JIT::compileOpCallEvalSetupArgs):
1375         (JSC::JIT::compileOpConstructSetupArgs):
1376         (JSC::JIT::compileOpCall):
1377         * jit/JITInlineMethods.h:
1378         (JSC::JIT::emitPutJITStubArg):
1379         (JSC::JIT::emitPutJITStubArgConstant):
1380         (JSC::JIT::emitGetJITStubArg):
1381         (JSC::JIT::emitPutJITStubArgFromVirtualRegister):
1382         * jit/JITPropertyAccess.cpp:
1383         (JSC::JIT::compileGetByIdHotPath):
1384         (JSC::JIT::compilePutByIdHotPath):
1385         (JSC::JIT::compileGetByIdSlowCase):
1386         (JSC::JIT::compilePutByIdSlowCase):
1387
1388 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1389
1390         Fix windows builds.
1391
1392         * jit/JIT.cpp:
1393         (JSC::JIT::privateCompileMainPass):
1394         (JSC::JIT::privateCompileSlowCases):
1395         (JSC::JIT::privateCompile):
1396
1397 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1398
1399         Reviewed by Geoff Garen.
1400
1401         Remove loop counter 'i' from the JIT generation passes, replace with a member m_bytecodeIndex.
1402
1403         No impact on performance.
1404
1405         * jit/JIT.cpp:
1406         (JSC::JIT::compileOpStrictEq):
1407         (JSC::JIT::emitSlowScriptCheck):
1408         (JSC::JIT::privateCompileMainPass):
1409         (JSC::JIT::privateCompileSlowCases):
1410         (JSC::JIT::privateCompile):
1411         * jit/JIT.h:
1412         (JSC::CallRecord::CallRecord):
1413         (JSC::JmpTable::JmpTable):
1414         (JSC::JIT::emitCTICall):
1415         * jit/JITArithmetic.cpp:
1416         (JSC::JIT::compileBinaryArithOp):
1417         (JSC::JIT::compileBinaryArithOpSlowCase):
1418         * jit/JITCall.cpp:
1419         (JSC::JIT::compileOpCall):
1420         (JSC::JIT::compileOpCallSlowCase):
1421         * jit/JITInlineMethods.h:
1422         (JSC::JIT::emitGetVirtualRegister):
1423         (JSC::JIT::emitGetVirtualRegisters):
1424         (JSC::JIT::emitNakedCall):
1425         (JSC::JIT::emitCTICall_internal):
1426         (JSC::JIT::emitJumpSlowCaseIfJSCell):
1427         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
1428         (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
1429         (JSC::JIT::emitJumpSlowCaseIfNotImmNums):
1430         (JSC::JIT::emitFastArithIntToImmOrSlowCase):
1431         (JSC::JIT::addSlowCase):
1432         (JSC::JIT::addJump):
1433         (JSC::JIT::emitJumpSlowToHot):
1434         * jit/JITPropertyAccess.cpp:
1435         (JSC::JIT::compileGetByIdHotPath):
1436         (JSC::JIT::compileGetByIdSlowCase):
1437         (JSC::JIT::compilePutByIdHotPath):
1438         (JSC::JIT::compilePutByIdSlowCase):
1439
1440 2008-12-12  Sam Weinig  <sam@webkit.org>
1441
1442         Reviewed by Cameron Zwarich.
1443
1444         <rdar://problem/6428342> Look into feasibility of discarding bytecode after native codegen
1445
1446         Move more JIT functionality to using offsets into the Instruction buffer
1447         instead of raw pointers. Two to go!
1448
1449         * interpreter/Interpreter.cpp:
1450         (JSC::bytecodeOffsetForPC): Rename from vPCForPC.
1451         (JSC::Interpreter::resolve): Pass offset to exception helper.
1452         (JSC::Interpreter::resolveSkip): Ditto.
1453         (JSC::Interpreter::resolveGlobal): Ditto.
1454         (JSC::Interpreter::resolveBaseAndProperty): Ditto.
1455         (JSC::Interpreter::resolveBaseAndFunc): Ditto.
1456         (JSC::isNotObject): Ditto.
1457         (JSC::Interpreter::unwindCallFrame): Call bytecodeOffsetForPC.
1458         (JSC::Interpreter::throwException): Use offsets instead of vPCs.
1459         (JSC::Interpreter::privateExecute): Pass offset to exception helper.
1460         (JSC::Interpreter::retrieveLastCaller): Ditto.
1461         (JSC::Interpreter::cti_op_instanceof): Ditto.
1462         (JSC::Interpreter::cti_op_call_NotJSFunction): Ditto.
1463         (JSC::Interpreter::cti_op_resolve): Pass offset to exception helper.
1464         (JSC::Interpreter::cti_op_construct_NotJSConstruct): Ditto.
1465         (JSC::Interpreter::cti_op_resolve_func): Ditto.
1466         (JSC::Interpreter::cti_op_resolve_skip): Ditto.
1467         (JSC::Interpreter::cti_op_resolve_global): Ditto.
1468         (JSC::Interpreter::cti_op_resolve_with_base): Ditto.
1469         (JSC::Interpreter::cti_op_throw): Ditto.
1470         (JSC::Interpreter::cti_op_in): Ditto.
1471         (JSC::Interpreter::cti_vm_throw): Ditto.
1472         * interpreter/Interpreter.h:
1473
1474         * jit/JIT.cpp:
1475         (JSC::JIT::privateCompileMainPass): Don't pass unnecessary vPC to stub.
1476         * jit/JIT.h: Remove ARG_instr1 - ARG_instr3 and ARG_instr5 - ARG_instr6.
1477         * jit/JITCall.cpp:
1478         (JSC::JIT::compileOpCallEvalSetupArgs): Don't pass unnecessary vPC to stub..
1479         (JSC::JIT::compileOpConstructSetupArgs): Ditto.
1480
1481         * runtime/ExceptionHelpers.cpp:
1482         (JSC::createUndefinedVariableError): Take an offset instead of vPC.
1483         (JSC::createInvalidParamError): Ditto.
1484         (JSC::createNotAConstructorError): Ditto.
1485         (JSC::createNotAFunctionError): Ditto.
1486         (JSC::createNotAnObjectError): Ditto.
1487         * runtime/ExceptionHelpers.h:
1488
1489 2008-12-12  Cameron Zwarich  <zwarich@apple.com>
1490
1491         Reviewed by Oliver Hunt.
1492
1493         Bug 22835: Crash during bytecode generation when comparing to null
1494         <https://bugs.webkit.org/show_bug.cgi?id=22835>
1495         <rdar://problem/6286749>
1496
1497         Change the special cases in bytecode generation for comparison to null
1498         to use tempDestination().
1499
1500         * parser/Nodes.cpp:
1501         (JSC::BinaryOpNode::emitBytecode):
1502         (JSC::EqualNode::emitBytecode):
1503
1504 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1505
1506         Reviewed by Geoff Garen.
1507
1508         Move slow-cases of JIT code generation over to the MacroAssembler interface.
1509
1510         * assembler/MacroAssembler.h:
1511         (JSC::MacroAssembler::Label::Label):
1512         (JSC::MacroAssembler::jae32):
1513         (JSC::MacroAssembler::jg32):
1514         (JSC::MacroAssembler::jzPtr):
1515         * jit/JIT.cpp:
1516         (JSC::JIT::privateCompileSlowCases):
1517         (JSC::JIT::privateCompile):
1518         (JSC::JIT::emitGetVariableObjectRegister):
1519         (JSC::JIT::emitPutVariableObjectRegister):
1520         * jit/JIT.h:
1521         (JSC::SlowCaseEntry::SlowCaseEntry):
1522         (JSC::JIT::getSlowCase):
1523         (JSC::JIT::linkSlowCase):
1524         * jit/JITArithmetic.cpp:
1525         (JSC::JIT::compileBinaryArithOpSlowCase):
1526         * jit/JITCall.cpp:
1527         (JSC::JIT::compileOpCallInitializeCallFrame):
1528         (JSC::JIT::compileOpCall):
1529         (JSC::JIT::compileOpCallSlowCase):
1530         * jit/JITInlineMethods.h:
1531         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
1532         (JSC::JIT::linkSlowCaseIfNotJSCell):
1533         * jit/JITPropertyAccess.cpp:
1534         (JSC::JIT::compileGetByIdHotPath):
1535         (JSC::JIT::compilePutByIdHotPath):
1536         (JSC::JIT::compileGetByIdSlowCase):
1537         (JSC::JIT::compilePutByIdSlowCase):
1538
1539 2008-12-12  Cameron Zwarich  <zwarich@apple.com>
1540
1541         Reviewed by Sam Weinig.
1542
1543         Bug 22828: Do not inspect bytecode instruction stream for op_get_by_id exception information
1544         <https://bugs.webkit.org/show_bug.cgi?id=22828>
1545
1546         In order to remove the bytecode instruction stream after generating
1547         native code, all inspection of bytecode instructions at runtime must
1548         be removed. One particular instance of this is the special handling of
1549         exceptions thrown by the op_get_by_id emitted directly before an
1550         op_construct or an op_instanceof. This patch moves that information to
1551         an auxiliary data structure in CodeBlock.
1552
1553         * bytecode/CodeBlock.cpp:
1554         (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
1555         * bytecode/CodeBlock.h:
1556         (JSC::CodeBlock::addGetByIdExceptionInfo):
1557         * bytecompiler/BytecodeGenerator.cpp:
1558         (JSC::BytecodeGenerator::emitConstruct):
1559         * bytecompiler/BytecodeGenerator.h:
1560         (JSC::BytecodeGenerator::emitGetByIdExceptionInfo):
1561         * parser/Nodes.cpp:
1562         (JSC::InstanceOfNode::emitBytecode):
1563         * runtime/ExceptionHelpers.cpp:
1564         (JSC::createNotAnObjectError):
1565
1566 2008-12-12  Sam Weinig  <sam@webkit.org>
1567
1568         Reviewed by Geoffrey Garen.
1569
1570         Change exception information accessors to take offsets into the bytecode
1571         instruction buffer instead of pointers so that they can work even even
1572         if the bytecode buffer is purged.
1573
1574         * bytecode/CodeBlock.cpp:
1575         (JSC::instructionOffsetForNth):
1576         (JSC::CodeBlock::handlerForBytecodeOffset):
1577         (JSC::CodeBlock::lineNumberForBytecodeOffset):
1578         (JSC::CodeBlock::expressionRangeForBytecodeOffset):
1579         * bytecode/CodeBlock.h:
1580         * bytecode/SamplingTool.cpp:
1581         (JSC::SamplingTool::dump):
1582         * interpreter/Interpreter.cpp:
1583         (JSC::Interpreter::throwException):
1584         (JSC::Interpreter::privateExecute):
1585         (JSC::Interpreter::retrieveLastCaller):
1586         * jit/JIT.cpp:
1587         (JSC::JIT::privateCompileMainPass):
1588         * runtime/ExceptionHelpers.cpp:
1589         (JSC::createUndefinedVariableError):
1590         (JSC::createInvalidParamError):
1591         (JSC::createNotAConstructorError):
1592         (JSC::createNotAFunctionError):
1593         (JSC::createNotAnObjectError):
1594
1595 2008-12-12  Geoffrey Garen  <ggaren@apple.com>
1596
1597         Reviewed by Cameron Zwarich.
1598         
1599         Tiny bit of refactoring in quantifier generation.
1600
1601         * wrec/WRECGenerator.cpp:
1602         (JSC::WREC::Generator::generateNonGreedyQuantifier):
1603         (JSC::WREC::Generator::generateGreedyQuantifier):
1604
1605 2008-12-11  Sam Weinig  <sam@webkit.org>
1606
1607         Reviewed by Geoffrey Garen.
1608
1609         Remove dependancy on having the Instruction buffer in order to
1610         deref Structures used for property access and global resolves.
1611         Instead, we put references to the necessary Structures in auxiliary
1612         data structures on the CodeBlock. This is not an ideal solution,
1613         as we still pay for having the Structures in two places and we
1614         would like to eventually just hold on to offsets into the machine
1615         code buffer.
1616
1617         - Also removes CodeBlock bloat in non-JIT by #ifdefing the JIT
1618           only data structures.
1619
1620         * GNUmakefile.am:
1621         * JavaScriptCore.pri:
1622         * JavaScriptCore.scons:
1623         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1624         * JavaScriptCore.xcodeproj/project.pbxproj:
1625         * JavaScriptCoreSources.bkl:
1626         * bytecode/CodeBlock.cpp:
1627         (JSC::isGlobalResolve):
1628         (JSC::isPropertyAccess):
1629         (JSC::instructionOffsetForNth):
1630         (JSC::printGlobalResolveInfo):
1631         (JSC::printStructureStubInfo):
1632         (JSC::CodeBlock::printStructures):
1633         (JSC::CodeBlock::dump):
1634         (JSC::CodeBlock::~CodeBlock):
1635         (JSC::CodeBlock::shrinkToFit):
1636         * bytecode/CodeBlock.h:
1637         (JSC::GlobalResolveInfo::GlobalResolveInfo):
1638         (JSC::getNativePC):
1639         (JSC::CodeBlock::instructions):
1640         (JSC::CodeBlock::getStubInfo):
1641         (JSC::CodeBlock::getBytecodeIndex):
1642         (JSC::CodeBlock::addPropertyAccessInstruction):
1643         (JSC::CodeBlock::addGlobalResolveInstruction):
1644         (JSC::CodeBlock::numberOfStructureStubInfos):
1645         (JSC::CodeBlock::addStructureStubInfo):
1646         (JSC::CodeBlock::structureStubInfo):
1647         (JSC::CodeBlock::addGlobalResolveInfo):
1648         (JSC::CodeBlock::globalResolveInfo):
1649         (JSC::CodeBlock::numberOfCallLinkInfos):
1650         (JSC::CodeBlock::addCallLinkInfo):
1651         (JSC::CodeBlock::callLinkInfo):
1652         * bytecode/Instruction.h:
1653         (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
1654         (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
1655         * bytecode/Opcode.h:
1656         (JSC::):
1657         * bytecode/StructureStubInfo.cpp: Copied from bytecode/CodeBlock.cpp.
1658         (JSC::StructureStubInfo::deref):
1659         * bytecode/StructureStubInfo.h: Copied from bytecode/CodeBlock.h.
1660         (JSC::StructureStubInfo::StructureStubInfo):
1661         (JSC::StructureStubInfo::initGetByIdSelf):
1662         (JSC::StructureStubInfo::initGetByIdProto):
1663         (JSC::StructureStubInfo::initGetByIdChain):
1664         (JSC::StructureStubInfo::initGetByIdSelfList):
1665         (JSC::StructureStubInfo::initGetByIdProtoList):
1666         (JSC::StructureStubInfo::initPutByIdTransition):
1667         (JSC::StructureStubInfo::initPutByIdReplace):
1668         (JSC::StructureStubInfo::):
1669         * bytecompiler/BytecodeGenerator.cpp:
1670         (JSC::BytecodeGenerator::emitResolve):
1671         (JSC::BytecodeGenerator::emitGetById):
1672         (JSC::BytecodeGenerator::emitPutById):
1673         (JSC::BytecodeGenerator::emitCall):
1674         (JSC::BytecodeGenerator::emitConstruct):
1675         (JSC::BytecodeGenerator::emitCatch):
1676         * interpreter/Interpreter.cpp:
1677         (JSC::Interpreter::tryCTICachePutByID):
1678         (JSC::Interpreter::tryCTICacheGetByID):
1679         (JSC::Interpreter::cti_op_get_by_id_self_fail):
1680         (JSC::getPolymorphicAccessStructureListSlot):
1681         (JSC::Interpreter::cti_op_get_by_id_proto_list):
1682         (JSC::Interpreter::cti_op_resolve_global):
1683         * jit/JIT.cpp:
1684         (JSC::JIT::JIT):
1685         (JSC::JIT::privateCompileMainPass):
1686         (JSC::JIT::privateCompileSlowCases):
1687         (JSC::JIT::privateCompile):
1688         * jit/JITPropertyAccess.cpp:
1689         (JSC::JIT::compileGetByIdHotPath):
1690         (JSC::JIT::compilePutByIdHotPath):
1691         (JSC::JIT::compileGetByIdSlowCase):
1692         (JSC::JIT::compilePutByIdSlowCase):
1693         (JSC::JIT::privateCompileGetByIdSelfList):
1694         (JSC::JIT::privateCompileGetByIdProtoList):
1695         (JSC::JIT::privateCompileGetByIdChainList):
1696
1697 2008-12-11  Gavin Barraclough  <barraclough@apple.com>
1698
1699         Reviewed by Oliver Hunt.
1700
1701         Remove CTI_ARGUMENTS mode, use va_start implementation on Windows,
1702         unifying JIT callback (cti_*) argument access on OS X & Windows
1703
1704         No performance impact.
1705
1706         * interpreter/Interpreter.h:
1707         * jit/JIT.cpp:
1708         (JSC::JIT::privateCompileCTIMachineTrampolines):
1709         * jit/JIT.h:
1710         * jit/JITInlineMethods.h:
1711         (JSC::JIT::emitCTICall):
1712         * jit/JITPropertyAccess.cpp:
1713         (JSC::JIT::privateCompilePutByIdTransition):
1714         * wtf/Platform.h:
1715
1716 2008-12-11  Holger Freyther  <zecke@selfish.org>
1717
1718         Reviewed by Simon Hausmann.
1719
1720         https://bugs.webkit.org/show_bug.cgi?id=20953
1721
1722         For Qt it is not pratical to have a FontCache and GlyphPageTreeNode
1723         implementation. This is one of the reasons why the Qt port is currently not
1724         using WebCore/platform/graphics/Font.cpp. By allowing to not use
1725         the simple/fast-path the Qt port will be able to use it.
1726
1727         Introduce USE(FONT_FAST_PATH) and define it for every port but the
1728         Qt one.
1729
1730         * wtf/Platform.h: Enable USE(FONT_FAST_PATH)
1731
1732 2008-12-11  Gabor Loki  <loki@inf.u-szeged.hu>
1733
1734         Reviewed by Darin Adler and landed by Holger Freyther.
1735
1736         <https://bugs.webkit.org/show_bug.cgi?id=22648>
1737         Fix threading on Qt-port and Gtk-port for Sampling tool.
1738
1739         * wtf/ThreadingGtk.cpp:
1740         (WTF::waitForThreadCompletion):
1741         * wtf/ThreadingQt.cpp:
1742         (WTF::waitForThreadCompletion):
1743
1744 2008-12-10  Cameron Zwarich  <zwarich@apple.com>
1745
1746         Reviewed by Oliver Hunt.
1747
1748         Bug 22734: Debugger crashes when stepping into a function call in a return statement
1749         <https://bugs.webkit.org/show_bug.cgi?id=22734>
1750         <rdar://problem/6426796>
1751
1752         * bytecompiler/BytecodeGenerator.cpp:
1753         (JSC::BytecodeGenerator::BytecodeGenerator): The DebuggerCallFrame uses
1754         the 'this' value stored in a callFrame, so op_convert_this should be
1755         emitted at the beginning of a function body when generating bytecode
1756         with debug hooks.
1757         * debugger/DebuggerCallFrame.cpp:
1758         (JSC::DebuggerCallFrame::thisObject): The assertion inherent in the call
1759         to asObject() here is valid, because any 'this' value should have been
1760         converted to a JSObject*.
1761
1762 2008-12-10  Gavin Barraclough  <barraclough@apple.com>
1763
1764         Reviewed by Geoff Garen.
1765
1766         Port more of the JIT to use the MacroAssembler interface.
1767         
1768         Everything in the main pass, bar a few corner cases (operations with required
1769         registers, or calling convention code).  Slightly refactors array creation,
1770         moving the offset calculation into the callFrame into C code (reducing code
1771         planted).
1772
1773         Overall this appears to be a 1% win on v8-tests, due to the smaller immediates
1774         being planted (in jfalse in particular).
1775
1776         * interpreter/Interpreter.cpp:
1777         (JSC::Interpreter::cti_op_new_array):
1778         * jit/JIT.cpp:
1779         (JSC::JIT::privateCompileMainPass):
1780         (JSC::JIT::privateCompileSlowCases):
1781         * jit/JIT.h:
1782         * wrec/WRECGenerator.cpp:
1783         (JSC::WREC::Generator::generateEnter):
1784
1785 2008-12-10  Sam Weinig  <sam@webkit.org>
1786
1787         Fix non-JIT builds.
1788
1789         * bytecode/CodeBlock.h:
1790
1791 2008-12-10  Sam Weinig  <sam@webkit.org>
1792
1793         Reviewed by Geoffrey Garen.
1794
1795         <rdar://problem/6428332> Remove the CTI return address table from CodeBlock
1796
1797         Step 2:
1798
1799         Convert the return address table from a HashMap to a sorted Vector.  This
1800         reduces the size of the data structure by ~4.5MB on Membuster head.
1801
1802         SunSpider reports a 0.5% progression.
1803
1804         * bytecode/CodeBlock.cpp:
1805         (JSC::sizeInBytes): Generic method to get the cost of a Vector.
1806         (JSC::CodeBlock::dumpStatistics): Add dumping of member sizes.
1807         * bytecode/CodeBlock.h:
1808         (JSC::PC::PC): Struct representing NativePC -> VirtualPC mappings.
1809         (JSC::getNativePC): Helper for binary chop.
1810         (JSC::CodeBlock::getBytecodeIndex): Used to get the VirtualPC from a
1811         NativePC using a binary chop of the pcVector.
1812         (JSC::CodeBlock::pcVector): Accessor.
1813
1814         * interpreter/Interpreter.cpp:
1815         (JSC::vPCForPC): Use getBytecodeIndex instead of jitReturnAddressVPCMap().get().
1816         (JSC::Interpreter::cti_op_instanceof): Ditto.
1817         (JSC::Interpreter::cti_op_resolve): Ditto.
1818         (JSC::Interpreter::cti_op_resolve_func): Ditto.
1819         (JSC::Interpreter::cti_op_resolve_skip): Ditto.
1820         (JSC::Interpreter::cti_op_resolve_with_base): Ditto.
1821         (JSC::Interpreter::cti_op_throw): Ditto.
1822         (JSC::Interpreter::cti_op_in): Ditto.
1823         (JSC::Interpreter::cti_vm_throw): Ditto.
1824
1825         * jit/JIT.cpp:
1826         (JSC::JIT::privateCompile): Reserve exact capacity and fill the pcVector.
1827
1828 2008-12-09  Geoffrey Garen  <ggaren@apple.com>
1829
1830         Reviewed by Oliver Hunt.
1831
1832         Added WREC support for an assertion followed by a quantifier. Fixed
1833         PCRE to match.
1834
1835         * wrec/WRECParser.cpp:
1836         (JSC::WREC::Parser::parseParentheses): Throw away the quantifier, since
1837         it's meaningless. (Firefox does the same.)
1838
1839         * pcre/pcre_compile.cpp:
1840         (compileBranch): ditto.
1841
1842 2008-12-09  Geoffrey Garen  <ggaren@apple.com>
1843
1844         Reviewed by Cameron Zwarich.
1845
1846         In preparation for compiling WREC without PCRE:
1847         
1848         Further relaxed WREC's parsing to be more web-compatible. Fixed PCRE to
1849         match in cases where it didn't already.
1850         
1851         Changed JavaScriptCore to report syntax errors detected by WREC, rather
1852         than falling back on PCRE any time WREC sees an error.
1853         
1854         * pcre/pcre_compile.cpp:
1855         (checkEscape): Relaxed parsing of \c and \N escapes to be more
1856         web-compatible.
1857         
1858         * runtime/RegExp.cpp:
1859         (JSC::RegExp::RegExp): Only fall back on PCRE if WREC has not reported
1860         a syntax error.
1861
1862         * wrec/WREC.cpp:
1863         (JSC::WREC::Generator::compileRegExp): Fixed some error reporting to
1864         match PCRE.
1865
1866         * wrec/WRECParser.cpp: Added error messages that match PCRE.
1867
1868         (JSC::WREC::Parser::consumeGreedyQuantifier):
1869         (JSC::WREC::Parser::parseParentheses):
1870         (JSC::WREC::Parser::parseCharacterClass):
1871         (JSC::WREC::Parser::parseNonCharacterEscape): Updated the above functions to
1872         use the new setError API.
1873
1874         (JSC::WREC::Parser::consumeEscape): Relaxed parsing of \c \N \u \x \B
1875         to be more web-compatible.
1876
1877         (JSC::WREC::Parser::parseAlternative): Distinguish between a malformed
1878         quantifier and a quantifier with no prefix, like PCRE does.
1879
1880         (JSC::WREC::Parser::consumeParenthesesType): Updated to use the new setError API.
1881
1882         * wrec/WRECParser.h:
1883         (JSC::WREC::Parser::error):
1884         (JSC::WREC::Parser::syntaxError):
1885         (JSC::WREC::Parser::parsePattern):
1886         (JSC::WREC::Parser::reset):
1887         (JSC::WREC::Parser::setError): Store error messages instead of error codes,
1888         to provide for exception messages. Use a setter for reporting errors, so
1889         errors detected early are not overwritten by errors detected later.
1890
1891 2008-12-09  Gavin Barraclough  <barraclough@apple.com>
1892
1893         Reviewed by Oliver Hunt.
1894
1895         Use va_args to access cti function arguments.
1896         https://bugs.webkit.org/show_bug.cgi?id=22774
1897
1898         This may be a minor regression, but we'll take the hit if so to reduce fragility.
1899
1900         * interpreter/Interpreter.cpp:
1901         * interpreter/Interpreter.h:
1902
1903 2008-12-09  Sam Weinig  <sam@webkit.org>
1904
1905         Reviewed twice by Cameron Zwarich.
1906
1907         Fix for https://bugs.webkit.org/show_bug.cgi?id=22752
1908         Clear SymbolTable after codegen for Function codeblocks that
1909         don't require an activation
1910
1911         This is a ~1.5MB improvement on Membuster-head.
1912
1913         * bytecode/CodeBlock.cpp:
1914         (JSC::CodeBlock::dumpStatistics): Add logging of non-empty symbol tables
1915         and total size used by symbol tables.
1916         * bytecompiler/BytecodeGenerator.cpp:
1917         (JSC::BytecodeGenerator::generate): Clear the symbol table here.
1918
1919 2008-12-09  Sam Weinig  <sam@webkit.org>
1920
1921         Reviewed by Geoffrey Garen.
1922
1923         Remove unnecessary extra lookup when throwing an exception.
1924         We used to first lookup the target offset using getHandlerForVPC
1925         and then we would lookup the native code stub using 
1926         nativeExceptionCodeForHandlerVPC.  Instead, we can just pass around
1927         the HandlerInfo.
1928
1929         * bytecode/CodeBlock.cpp:
1930         (JSC::CodeBlock::handlerForVPC): Return the HandlerInfo.
1931         * bytecode/CodeBlock.h: Remove nativeExceptionCodeForHandlerVPC.
1932
1933         * interpreter/Interpreter.cpp:
1934         (JSC::Interpreter::throwException): Return a HandlerInfo instead of
1935         and Instruction offset.
1936         (JSC::Interpreter::privateExecute): Get the offset from HandlerInfo.
1937         (JSC::Interpreter::cti_op_throw): Get the native code from the HandleInfo.
1938         (JSC::Interpreter::cti_vm_throw): Ditto.
1939         * interpreter/Interpreter.h:
1940
1941 2008-12-09  Eric Seidel  <eric@webkit.org>
1942
1943         Build fix only, no review.
1944
1945         Speculative fix for the Chromium-Windows bot.
1946         Add JavaScriptCore/os-win32 to the include path (for stdint.h)
1947         Strangely it builds fine on my local windows box (or at least doesn't hit this error)
1948
1949         * JavaScriptCore.scons:
1950
1951 2008-12-09  Eric Seidel  <eric@webkit.org>
1952
1953         No review, build fix only.
1954         
1955         Add ExecutableAllocator files missing from Scons build.
1956
1957         * JavaScriptCore.scons:
1958
1959 2008-12-09  Dimitri Glazkov  <dglazkov@chromium.org>
1960
1961         Reviewed by Timothy Hatcher.
1962
1963         https://bugs.webkit.org/show_bug.cgi?id=22631
1964         Allow ScriptCallFrame query names of functions in the call stack.
1965
1966         * JavaScriptCore.exp: added InternalFunction::name and
1967         UString operator==() as exported symbol
1968
1969 2008-12-08  Judit Jasz  <jasy@inf.u-szeged.hu>
1970
1971         Reviewed and tweaked by Cameron Zwarich.
1972
1973         Bug 22352: Annotate opcodes with their length
1974         <https://bugs.webkit.org/show_bug.cgi?id=22352>
1975
1976         * bytecode/Opcode.cpp:
1977         * bytecode/Opcode.h:
1978         * interpreter/Interpreter.cpp:
1979         (JSC::Interpreter::privateExecute):
1980         * jit/JIT.cpp:
1981         (JSC::JIT::privateCompileMainPass):
1982         (JSC::JIT::privateCompileSlowCases):
1983
1984 2008-12-08  Geoffrey Garen  <ggaren@apple.com>
1985
1986         Reviewed by Oliver Hunt.
1987         
1988         Implemented more of the relaxed and somewhat weird rules for deciding
1989         how to interpret a non-pattern-character.
1990         
1991         * wrec/Escapes.h:
1992         (JSC::WREC::Escape::):
1993         (JSC::WREC::Escape::Escape): Eliminated Escape::None because it was
1994         unused. If you see an '\\', it's either a valid escape or an error.
1995
1996         * wrec/Quantifier.h:
1997         (JSC::WREC::Quantifier::Quantifier):
1998         * wrec/WRECGenerator.cpp:
1999         (JSC::WREC::Generator::generateNonGreedyQuantifier):
2000         (JSC::WREC::Generator::generateGreedyQuantifier): Renamed "noMaxSpecified"
2001         to "Infinity", since that's what it means.
2002
2003         * wrec/WRECParser.cpp:
2004         (JSC::WREC::Parser::consumeGreedyQuantifier): Re-wrote {n,m} parsing rules
2005         because they were too strict before. Added support for backtracking
2006         in the case where the {n,m} fails to parse as a quantifier, and yet is
2007         not a syntax error.
2008
2009         (JSC::WREC::Parser::parseCharacterClass):
2010         (JSC::WREC::Parser::parseNonCharacterEscape): Eliminated Escape::None,
2011         as above.
2012
2013         (JSC::WREC::Parser::consumeEscape): Don't treat ASCII and _ escapes
2014         as syntax errors. See fast/regex/non-pattern-characters.html.
2015         
2016         * wrec/WRECParser.h:
2017         (JSC::WREC::Parser::SavedState::SavedState):
2018         (JSC::WREC::Parser::SavedState::restore): Added a state backtracker,
2019         since parsing {n,m} forms requires backtracking if the form turns out
2020         not to be a quantifier.
2021
2022 2008-12-08  Geoffrey Garen  <ggaren@apple.com>
2023
2024         Reviewed by Oliver Hunt.
2025         
2026         Refactored WREC parsing so that only one piece of code needs to know
2027         the relaxed and somewhat weird rules for deciding how to interpret a
2028         non-pattern-character, in preparation for implementing those rules.
2029         
2030         Also, implemented the relaxed and somewhat weird rules for '}' and ']'.
2031
2032         * wrec/WREC.cpp: Reduced the regular expression size limit. Now that
2033         WREC handles ']' properly, it compiles fast/js/regexp-charclass-crash.html,
2034         which makes it hang at the old limit. (The old limit was based on the
2035         misimpression that the same value in PCRE limited the regular expression
2036         pattern size; in reality, it limited the expected compiled regular
2037         expression size. WREC doesn't have a way to calculate an expected
2038         compiled regular expression size, but this should be good enough.)
2039
2040         * wrec/WRECParser.cpp:
2041         (JSC::WREC::parsePatternCharacterSequence): Nixed this function because
2042         it contained a second copy of the logic for handling non-pattern-characters,
2043         which is about to get a lot more complicated.
2044
2045         (JSC::WREC::PatternCharacterSequence::PatternCharacterSequence): 
2046         (JSC::WREC::PatternCharacterSequence::size):
2047         (JSC::WREC::PatternCharacterSequence::append):
2048         (JSC::WREC::PatternCharacterSequence::flush): Helper object for generating
2049         an optimized sequence of pattern characters.
2050
2051         (JSC::WREC::Parser::parseNonCharacterEscape): Renamed to reflect the fact
2052         that the main parseAlternative loop handles character escapes.
2053
2054         (JSC::WREC::Parser::parseAlternative): Moved pattern character sequence
2055         logic from parsePatternCharacterSequence to here, using
2056         PatternCharacterSequence to help with the details.
2057
2058         * wrec/WRECParser.h: Updated for renames.
2059
2060 2008-12-08  Alexey Proskuryakov  <ap@webkit.org>
2061
2062         Reviewed by Geoff Garen.
2063
2064         <rdar://problem/6166088> Give JSGlobalContextCreate a behavior that is concurrency aware,
2065         and un-deprecate it
2066
2067         * API/JSContextRef.cpp: (JSGlobalContextCreate):
2068         * API/JSContextRef.h:
2069         Use a unique context group for the context, unless the application was linked against old
2070         JavaScriptCore.
2071
2072 2008-12-08  Sam Weinig  <sam@webkit.org>
2073
2074         Reviewed by Cameron Zwarich.
2075
2076         Fix for <rdar://problem/6428332> Remove the CTI return address table from CodeBlock
2077
2078         Step 1:
2079
2080         Remove use of jitReturnAddressVPCMap when looking for vPC to store Structures
2081         in for cached lookup.  Instead, use the offset in the StructureStubInfo that is
2082         already required.
2083
2084         * bytecode/CodeBlock.cpp:
2085         (JSC::CodeBlock::dumpStatistics): Fix extraneous semicolon.
2086         * interpreter/Interpreter.cpp:
2087         (JSC::Interpreter::tryCTICachePutByID):
2088         (JSC::Interpreter::tryCTICacheGetByID):
2089         (JSC::Interpreter::cti_op_get_by_id_self_fail):
2090         (JSC::Interpreter::cti_op_get_by_id_proto_list):
2091         * jit/JIT.h:
2092         (JSC::JIT::compileGetByIdSelf):
2093         (JSC::JIT::compileGetByIdProto):
2094         (JSC::JIT::compileGetByIdChain):
2095         (JSC::JIT::compilePutByIdReplace):
2096         (JSC::JIT::compilePutByIdTransition):
2097         * jit/JITPropertyAccess.cpp:
2098         (JSC::JIT::privateCompilePutByIdTransition):
2099         (JSC::JIT::patchGetByIdSelf):
2100         (JSC::JIT::patchPutByIdReplace):
2101         (JSC::JIT::privateCompilePatchGetArrayLength): Remove extra call to getStubInfo.
2102         (JSC::JIT::privateCompileGetByIdSelf):
2103         (JSC::JIT::privateCompileGetByIdProto):
2104         (JSC::JIT::privateCompileGetByIdChain):
2105         (JSC::JIT::privateCompilePutByIdReplace):
2106
2107 2008-12-08  Gavin Barraclough  <barraclough@apple.com>
2108
2109         Reviewed by Oliver Hunt.
2110
2111         Port the op_j?n?eq_null JIT code generation to use the MacroAssembler,
2112         and clean up slightly at the same time.  The 'j' forms currently compare,
2113         then set a register, then compare again, then branch.  Branch directly on
2114         the result of the first compare.
2115
2116         Around a 1% progression on deltablue, crypto & early boyer, for about 1/2%
2117         overall on v8-tests.
2118
2119         * jit/JIT.cpp:
2120         (JSC::JIT::privateCompileMainPass):
2121         * jit/JITPropertyAccess.cpp:
2122         (JSC::JIT::compileGetByIdSlowCase):
2123
2124 2008-12-08  Gavin Barraclough  <barraclough@apple.com>
2125
2126         Reviewed by Geoff Garen.
2127
2128         Expand MacroAssembler to support more operations, required by the JIT.
2129
2130         Generally adds more operations and permutations of operands to the existing
2131         interface.  Rename 'jset' to 'jnz' and 'jnset' to 'jz', which seem clearer,
2132         and require that immediate pointer operands (though not pointer addresses to
2133         load and store instructions) are wrapped in a ImmPtr() type, akin to Imm32().
2134
2135         No performance impact.
2136
2137         * assembler/MacroAssembler.h:
2138         (JSC::MacroAssembler::):
2139         (JSC::MacroAssembler::ImmPtr::ImmPtr):
2140         (JSC::MacroAssembler::add32):
2141         (JSC::MacroAssembler::and32):
2142         (JSC::MacroAssembler::or32):
2143         (JSC::MacroAssembler::sub32):
2144         (JSC::MacroAssembler::xor32):
2145         (JSC::MacroAssembler::loadPtr):
2146         (JSC::MacroAssembler::load32):
2147         (JSC::MacroAssembler::storePtr):
2148         (JSC::MacroAssembler::store32):
2149         (JSC::MacroAssembler::poke):
2150         (JSC::MacroAssembler::move):
2151         (JSC::MacroAssembler::testImm32):
2152         (JSC::MacroAssembler::jae32):
2153         (JSC::MacroAssembler::jb32):
2154         (JSC::MacroAssembler::jePtr):
2155         (JSC::MacroAssembler::je32):
2156         (JSC::MacroAssembler::jnePtr):
2157         (JSC::MacroAssembler::jne32):
2158         (JSC::MacroAssembler::jnzPtr):
2159         (JSC::MacroAssembler::jnz32):
2160         (JSC::MacroAssembler::jzPtr):
2161         (JSC::MacroAssembler::jz32):
2162         (JSC::MacroAssembler::joSub32):
2163         (JSC::MacroAssembler::jump):
2164         (JSC::MacroAssembler::sete32):
2165         (JSC::MacroAssembler::setne32):
2166         (JSC::MacroAssembler::setnz32):
2167         (JSC::MacroAssembler::setz32):
2168         * assembler/X86Assembler.h:
2169         (JSC::X86Assembler::addl_mr):
2170         (JSC::X86Assembler::andl_i8r):
2171         (JSC::X86Assembler::cmpl_rm):
2172         (JSC::X86Assembler::cmpl_mr):
2173         (JSC::X86Assembler::cmpl_i8m):
2174         (JSC::X86Assembler::subl_mr):
2175         (JSC::X86Assembler::testl_i32m):
2176         (JSC::X86Assembler::xorl_i32r):
2177         (JSC::X86Assembler::movl_rm):
2178         (JSC::X86Assembler::modRm_opmsib):
2179         * jit/JIT.cpp:
2180         (JSC::JIT::privateCompileMainPass):
2181         * jit/JITInlineMethods.h:
2182         (JSC::JIT::emitGetVirtualRegister):
2183         (JSC::JIT::emitPutCTIArgConstant):
2184         (JSC::JIT::emitPutCTIParam):
2185         (JSC::JIT::emitPutImmediateToCallFrameHeader):
2186         (JSC::JIT::emitInitRegister):
2187         (JSC::JIT::checkStructure):
2188         (JSC::JIT::emitJumpIfJSCell):
2189         (JSC::JIT::emitJumpIfNotJSCell):
2190         (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
2191
2192 2008-12-08  Geoffrey Garen  <ggaren@apple.com>
2193
2194         Reviewed by Sam Weinig.
2195         
2196         Fixed a bug where WREC would allow a quantifier whose minimum was
2197         greater than its maximum.
2198         
2199         * wrec/Quantifier.h:
2200         (JSC::WREC::Quantifier::Quantifier): ASSERT that the quantifier is not
2201         backwards.
2202         
2203         * wrec/WRECParser.cpp:
2204         (JSC::WREC::Parser::consumeGreedyQuantifier): Verify that the minimum
2205         is not greater than the maximum.
2206
2207 2008-12-08  Eric Seidel  <eric@webkit.org>
2208         
2209         Build fix only, no review.
2210
2211         * JavaScriptCore.scons: add bytecode/JumpTable.cpp
2212
2213 2008-12-08  Sam Weinig  <sam@webkit.org>
2214
2215         Reviewed by Geoffrey Garen.
2216
2217         Patch for https://bugs.webkit.org/show_bug.cgi?id=22716
2218         <rdar://problem/6428315>
2219         Add RareData structure to CodeBlock for infrequently used auxiliary data
2220         members.
2221
2222         Reduces memory on Membuster-head by ~.5MB 
2223
2224         * bytecode/CodeBlock.cpp:
2225         (JSC::CodeBlock::dump):
2226         (JSC::CodeBlock::dumpStatistics):
2227         (JSC::CodeBlock::mark):
2228         (JSC::CodeBlock::getHandlerForVPC):
2229         (JSC::CodeBlock::nativeExceptionCodeForHandlerVPC):
2230         (JSC::CodeBlock::shrinkToFit):
2231         * bytecode/CodeBlock.h:
2232         (JSC::CodeBlock::numberOfExceptionHandlers):
2233         (JSC::CodeBlock::addExceptionHandler):
2234         (JSC::CodeBlock::exceptionHandler):
2235         (JSC::CodeBlock::addFunction):
2236         (JSC::CodeBlock::function):
2237         (JSC::CodeBlock::addUnexpectedConstant):
2238         (JSC::CodeBlock::unexpectedConstant):
2239         (JSC::CodeBlock::addRegExp):
2240         (JSC::CodeBlock::regexp):
2241         (JSC::CodeBlock::numberOfImmediateSwitchJumpTables):
2242         (JSC::CodeBlock::addImmediateSwitchJumpTable):
2243         (JSC::CodeBlock::immediateSwitchJumpTable):
2244         (JSC::CodeBlock::numberOfCharacterSwitchJumpTables):
2245         (JSC::CodeBlock::addCharacterSwitchJumpTable):
2246         (JSC::CodeBlock::characterSwitchJumpTable):
2247         (JSC::CodeBlock::numberOfStringSwitchJumpTables):
2248         (JSC::CodeBlock::addStringSwitchJumpTable):
2249         (JSC::CodeBlock::stringSwitchJumpTable):
2250         (JSC::CodeBlock::evalCodeCache):
2251         (JSC::CodeBlock::createRareDataIfNecessary):
2252
2253 2008-11-26  Peter Kasting  <pkasting@google.com>
2254
2255         Reviewed by Anders Carlsson.
2256
2257         https://bugs.webkit.org/show_bug.cgi?id=16814
2258         Allow ports to disable ActiveX->NPAPI conversion for Media Player.
2259         Improve handling of miscellaneous ActiveX objects.
2260
2261         * wtf/Platform.h: Add another ENABLE(...).
2262
2263 2008-12-08  Sam Weinig  <sam@webkit.org>
2264
2265         Reviewed by Mark Rowe.
2266
2267         Add dumping of CodeBlock member structure usage.
2268
2269         * bytecode/CodeBlock.cpp:
2270         (JSC::CodeBlock::dumpStatistics):
2271         * bytecode/EvalCodeCache.h:
2272         (JSC::EvalCodeCache::isEmpty):
2273
2274 2008-12-08  David Kilzer  <ddkilzer@apple.com>
2275
2276         Bug 22555: Sort "children" sections in Xcode project files
2277
2278         <https://bugs.webkit.org/show_bug.cgi?id=22555>
2279
2280         Reviewed by Eric Seidel.
2281
2282         * JavaScriptCore.xcodeproj/project.pbxproj: Sorted.
2283
2284 2008-12-08  Tony Chang  <tony@chromium.org>
2285
2286         Reviewed by Eric Seidel.
2287
2288         Enable Pan scrolling only when building on PLATFORM(WIN_OS)
2289         Previously platforms like Apple Windows WebKit, Cairo Windows WebKit,
2290         Wx and Chromium were enabling it explicitly, now we just turn it on
2291         for all WIN_OS, later platforms can turn it off as needed on Windows
2292         (or turn it on under Linux, etc.)
2293         https://bugs.webkit.org/show_bug.cgi?id=22698
2294
2295         * wtf/Platform.h:
2296
2297 2008-12-08  Sam Weinig  <sam@webkit.org>
2298
2299         Reviewed by Cameron Zwarich.
2300
2301         Add basic memory statistics dumping for CodeBlock.
2302
2303         * bytecode/CodeBlock.cpp:
2304         (JSC::CodeBlock::dumpStatistics):
2305         (JSC::CodeBlock::CodeBlock):
2306         (JSC::CodeBlock::~CodeBlock):
2307         * bytecode/CodeBlock.h:
2308
2309 2008-12-08  Simon Hausmann  <simon.hausmann@nokia.com>
2310
2311         Fix the Linux build with newer gcc/glibc.
2312
2313         * jit/ExecutableAllocatorPosix.cpp: Include unistd.h for
2314         getpagesize(), according to
2315         http://opengroup.org/onlinepubs/007908775/xsh/getpagesize.html
2316
2317 2008-12-08  Simon Hausmann  <simon.hausmann@nokia.com>
2318
2319         Fix the build with Qt on Windows.
2320
2321         * JavaScriptCore.pri: Compile ExecutableAllocatorWin.cpp on Windows.
2322
2323 2008-12-07  Oliver Hunt  <oliver@apple.com>
2324
2325         Reviewed by NOBODY (Buildfix).
2326
2327         Fix non-WREC builds
2328
2329         * runtime/RegExp.cpp:
2330         (JSC::RegExp::RegExp):
2331
2332 2008-12-07  Oliver Hunt  <oliver@apple.com>
2333
2334         Reviewed by NOBODY (Build fix).
2335
2336         Put ENABLE(ASSEMBLER) guards around use of ExecutableAllocator in global data
2337
2338         Correct Qt and Gtk project files
2339
2340         * GNUmakefile.am:
2341         * JavaScriptCore.pri:
2342         * runtime/JSGlobalData.h:
2343
2344 2008-12-07  Oliver Hunt  <oliver@apple.com>
2345
2346         Reviewed by NOBODY (Build fix).
2347
2348         Add new files to other projects.
2349
2350         * GNUmakefile.am:
2351         * JavaScriptCore.pri:
2352         * JavaScriptCore.pro:
2353
2354 2008-12-07  Oliver Hunt  <oliver@apple.com>
2355
2356         Rubber stamped by Mark Rowe.
2357
2358         Rename ExecutableAllocatorMMAP to the more sensible ExecutableAllocatorPosix
2359
2360         * JavaScriptCore.xcodeproj/project.pbxproj:
2361         * jit/ExecutableAllocator.h:
2362         * jit/ExecutableAllocatorPosix.cpp: Renamed from JavaScriptCore/jit/ExecutableAllocatorMMAP.cpp.
2363         (JSC::ExecutableAllocator::intializePageSize):
2364         (JSC::ExecutablePool::systemAlloc):
2365         (JSC::ExecutablePool::systemRelease):
2366
2367 2008-12-07  Oliver Hunt  <oliver@apple.com>
2368
2369         Reviewed by Cameron Zwarich and Sam Weinig
2370
2371         <rdar://problem/6309878> Need more granular control over allocation of executable memory (21783)
2372         <https://bugs.webkit.org/show_bug.cgi?id=21783>
2373
2374         Add a new allocator for use by the JIT that provides executable pages, so
2375         we can get rid of the current hack that makes the entire heap executable.
2376
2377         1-2% progression on SunSpider-v8, 1% on SunSpider.  Reduces memory usage as well!
2378
2379         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2380         * JavaScriptCore.vcproj/jsc/jsc.vcproj:
2381         * JavaScriptCore.xcodeproj/project.pbxproj:
2382         * assembler/AssemblerBuffer.h:
2383         (JSC::AssemblerBuffer::size):
2384         (JSC::AssemblerBuffer::executableCopy):
2385         * assembler/MacroAssembler.h:
2386         (JSC::MacroAssembler::size):
2387         (JSC::MacroAssembler::copyCode):
2388         * assembler/X86Assembler.h:
2389         (JSC::X86Assembler::size):
2390         (JSC::X86Assembler::executableCopy):
2391         * bytecode/CodeBlock.cpp:
2392         (JSC::CodeBlock::~CodeBlock):
2393         * bytecode/CodeBlock.h:
2394         (JSC::CodeBlock::executablePool):
2395         (JSC::CodeBlock::setExecutablePool):
2396         * bytecode/Instruction.h:
2397         (JSC::PolymorphicAccessStructureList::derefStructures):
2398         * interpreter/Interpreter.cpp:
2399         (JSC::Interpreter::~Interpreter):
2400         * interpreter/Interpreter.h:
2401         * jit/ExecutableAllocator.cpp: Added.
2402         * jit/ExecutableAllocator.h: Added.
2403         (JSC::ExecutablePool::create):
2404         (JSC::ExecutablePool::alloc):
2405         (JSC::ExecutablePool::~ExecutablePool):
2406         (JSC::ExecutablePool::available):
2407         (JSC::ExecutablePool::ExecutablePool):
2408         (JSC::ExecutablePool::poolAllocate):
2409         (JSC::ExecutableAllocator::ExecutableAllocator):
2410         (JSC::ExecutableAllocator::poolForSize):
2411         (JSC::ExecutablePool::sizeForAllocation):
2412         * jit/ExecutableAllocatorMMAP.cpp: Added.
2413         (JSC::ExecutableAllocator::intializePageSize):
2414         (JSC::ExecutablePool::systemAlloc):
2415         (JSC::ExecutablePool::systemRelease):
2416         * jit/ExecutableAllocatorWin.cpp: Added.
2417         (JSC::ExecutableAllocator::intializePageSize):
2418         (JSC::ExecutablePool::systemAlloc):
2419         (JSC::ExecutablePool::systemRelease):
2420         * jit/JIT.cpp:
2421         (JSC::JIT::privateCompile):
2422         (JSC::JIT::privateCompileCTIMachineTrampolines):
2423         * jit/JIT.h:
2424         (JSC::JIT::compileCTIMachineTrampolines):
2425         * jit/JITPropertyAccess.cpp:
2426         (JSC::JIT::privateCompilePutByIdTransition):
2427         (JSC::JIT::privateCompilePatchGetArrayLength):
2428         (JSC::JIT::privateCompileGetByIdSelf):
2429         (JSC::JIT::privateCompileGetByIdProto):
2430         (JSC::JIT::privateCompileGetByIdSelfList):
2431         (JSC::JIT::privateCompileGetByIdProtoList):
2432         (JSC::JIT::privateCompileGetByIdChainList):
2433         (JSC::JIT::privateCompileGetByIdChain):
2434         (JSC::JIT::privateCompilePutByIdReplace):
2435         * parser/Nodes.cpp:
2436         (JSC::RegExpNode::emitBytecode):
2437         * runtime/JSGlobalData.h:
2438         (JSC::JSGlobalData::poolForSize):
2439         * runtime/RegExp.cpp:
2440         (JSC::RegExp::RegExp):
2441         (JSC::RegExp::create):
2442         (JSC::RegExp::~RegExp):
2443         * runtime/RegExp.h:
2444         * runtime/RegExpConstructor.cpp:
2445         (JSC::constructRegExp):
2446         * runtime/RegExpPrototype.cpp:
2447         (JSC::regExpProtoFuncCompile):
2448         * runtime/StringPrototype.cpp:
2449         (JSC::stringProtoFuncMatch):
2450         (JSC::stringProtoFuncSearch):
2451         * wrec/WREC.cpp:
2452         (JSC::WREC::Generator::compileRegExp):
2453         * wrec/WRECGenerator.h:
2454         * wtf/FastMalloc.cpp:
2455         * wtf/FastMalloc.h:
2456         * wtf/TCSystemAlloc.cpp:
2457         (TryMmap):
2458         (TryVirtualAlloc):
2459         (TryDevMem):
2460         (TCMalloc_SystemRelease):
2461
2462 2008-12-06  Sam Weinig  <sam@webkit.org>
2463
2464         Fix the Gtk build.
2465
2466         * jit/JITPropertyAccess.cpp:
2467         (JSC::JIT::compileGetByIdHotPath):
2468         (JSC::JIT::compilePutByIdHotPath):
2469
2470 2008-12-06  Sam Weinig  <sam@webkit.org>
2471
2472         Reviewed by Cameron Zwarich,
2473
2474         Move CodeBlock constructor into the .cpp file.
2475
2476         Sunspider reports a .7% progression, but I can only assume this
2477         is noise.
2478
2479         * bytecode/CodeBlock.cpp:
2480         (JSC::CodeBlock::CodeBlock):
2481         * bytecode/CodeBlock.h:
2482
2483 2008-12-06  Sam Weinig  <sam@webkit.org>
2484
2485         Reviewed by Cameron Zwarich.
2486
2487         Split JumpTable code into its own file.
2488
2489         * GNUmakefile.am:
2490         * JavaScriptCore.pri:
2491         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2492         * JavaScriptCore.xcodeproj/project.pbxproj:
2493         * JavaScriptCoreSources.bkl:
2494         * bytecode/CodeBlock.cpp:
2495         * bytecode/CodeBlock.h:
2496         * bytecode/JumpTable.cpp: Copied from bytecode/CodeBlock.cpp.
2497         * bytecode/JumpTable.h: Copied from bytecode/CodeBlock.h.
2498
2499 2008-12-05  Sam Weinig  <sam@webkit.org>
2500
2501         Reviewed by Cameron Zwarich.
2502
2503         Fix for https://bugs.webkit.org/show_bug.cgi?id=22715
2504         Encapsulate more CodeBlock members in preparation
2505         of moving some of them to a rare data structure.
2506
2507         * bytecode/CodeBlock.cpp:
2508         (JSC::locationForOffset):
2509         (JSC::printConditionalJump):
2510         (JSC::printGetByIdOp):
2511         (JSC::printPutByIdOp):
2512         (JSC::CodeBlock::printStructure):
2513         (JSC::CodeBlock::printStructures):
2514         (JSC::CodeBlock::dump):
2515         (JSC::CodeBlock::~CodeBlock):
2516         (JSC::CodeBlock::unlinkCallers):
2517         (JSC::CodeBlock::derefStructures):
2518         (JSC::CodeBlock::refStructures):
2519         (JSC::CodeBlock::mark):
2520         (JSC::CodeBlock::getHandlerForVPC):
2521         (JSC::CodeBlock::nativeExceptionCodeForHandlerVPC):
2522         (JSC::CodeBlock::lineNumberForVPC):
2523         (JSC::CodeBlock::expressionRangeForVPC):
2524         (JSC::CodeBlock::shrinkToFit):
2525         * bytecode/CodeBlock.h:
2526         (JSC::CodeBlock::CodeBlock):
2527         (JSC::CodeBlock::addCaller):
2528         (JSC::CodeBlock::removeCaller):
2529         (JSC::CodeBlock::isKnownNotImmediate):
2530         (JSC::CodeBlock::isConstantRegisterIndex):
2531         (JSC::CodeBlock::getConstant):
2532         (JSC::CodeBlock::isTemporaryRegisterIndex):
2533         (JSC::CodeBlock::getStubInfo):
2534         (JSC::CodeBlock::getCallLinkInfo):
2535         (JSC::CodeBlock::instructions):
2536         (JSC::CodeBlock::setJITCode):
2537         (JSC::CodeBlock::jitCode):
2538         (JSC::CodeBlock::ownerNode):
2539         (JSC::CodeBlock::setGlobalData):
2540         (JSC::CodeBlock::setThisRegister):
2541         (JSC::CodeBlock::thisRegister):
2542         (JSC::CodeBlock::setNeedsFullScopeChain):
2543         (JSC::CodeBlock::needsFullScopeChain):
2544         (JSC::CodeBlock::setUsesEval):
2545         (JSC::CodeBlock::usesEval):
2546         (JSC::CodeBlock::setUsesArguments):
2547         (JSC::CodeBlock::usesArguments):
2548         (JSC::CodeBlock::codeType):
2549         (JSC::CodeBlock::source):
2550         (JSC::CodeBlock::sourceOffset):
2551         (JSC::CodeBlock::addGlobalResolveInstruction):
2552         (JSC::CodeBlock::numberOfPropertyAccessInstructions):
2553         (JSC::CodeBlock::addPropertyAccessInstruction):
2554         (JSC::CodeBlock::propertyAccessInstruction):
2555         (JSC::CodeBlock::numberOfCallLinkInfos):
2556         (JSC::CodeBlock::addCallLinkInfo):
2557         (JSC::CodeBlock::callLinkInfo):
2558         (JSC::CodeBlock::numberOfJumpTargets):
2559         (JSC::CodeBlock::addJumpTarget):
2560         (JSC::CodeBlock::jumpTarget):
2561         (JSC::CodeBlock::lastJumpTarget):
2562         (JSC::CodeBlock::numberOfExceptionHandlers):
2563         (JSC::CodeBlock::addExceptionHandler):
2564         (JSC::CodeBlock::exceptionHandler):
2565         (JSC::CodeBlock::addExpressionInfo):
2566         (JSC::CodeBlock::numberOfLineInfos):
2567         (JSC::CodeBlock::addLineInfo):
2568         (JSC::CodeBlock::lastLineInfo):
2569         (JSC::CodeBlock::jitReturnAddressVPCMap):
2570         (JSC::CodeBlock::numberOfIdentifiers):
2571         (JSC::CodeBlock::addIdentifier):
2572         (JSC::CodeBlock::identifier):
2573         (JSC::CodeBlock::numberOfConstantRegisters):
2574         (JSC::CodeBlock::addConstantRegister):
2575         (JSC::CodeBlock::constantRegister):
2576         (JSC::CodeBlock::addFunction):
2577         (JSC::CodeBlock::function):
2578         (JSC::CodeBlock::addFunctionExpression):
2579         (JSC::CodeBlock::functionExpression):
2580         (JSC::CodeBlock::addUnexpectedConstant):
2581         (JSC::CodeBlock::unexpectedConstant):
2582         (JSC::CodeBlock::addRegExp):
2583         (JSC::CodeBlock::regexp):
2584         (JSC::CodeBlock::symbolTable):
2585         (JSC::CodeBlock::evalCodeCache):
2586         New inline setters/getters.
2587
2588         (JSC::ProgramCodeBlock::ProgramCodeBlock):
2589         (JSC::ProgramCodeBlock::~ProgramCodeBlock):
2590         (JSC::ProgramCodeBlock::clearGlobalObject):
2591         * bytecode/SamplingTool.cpp:
2592         (JSC::ScopeSampleRecord::sample):
2593         (JSC::SamplingTool::dump):
2594         * bytecompiler/BytecodeGenerator.cpp:
2595         * bytecompiler/BytecodeGenerator.h:
2596         * bytecompiler/Label.h:
2597         * interpreter/CallFrame.cpp:
2598         * interpreter/Interpreter.cpp:
2599         * jit/JIT.cpp:
2600         * jit/JITCall.cpp:
2601         * jit/JITInlineMethods.h:
2602         * jit/JITPropertyAccess.cpp:
2603         * parser/Nodes.cpp:
2604         * runtime/Arguments.h:
2605         * runtime/ExceptionHelpers.cpp:
2606         * runtime/JSActivation.cpp:
2607         * runtime/JSActivation.h:
2608         * runtime/JSGlobalObject.cpp:
2609         Change direct access to use new getter/setters.
2610
2611 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2612
2613         Reviewed by Oliver Hunt.
2614
2615         Prevent GCC4.2 from hanging when trying to compile Interpreter.cpp.
2616         Added "-fno-var-tracking" compiler flag.
2617
2618         https://bugs.webkit.org/show_bug.cgi?id=22704
2619
2620         * JavaScriptCore.xcodeproj/project.pbxproj:
2621
2622 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2623
2624         Reviewed by Oliver Hunt.
2625
2626         Ordering of branch operands in MacroAssembler in unnecessarily  inconsistent.
2627
2628         je, jg etc take an immediate operand as the second argument, but for the
2629         equality branches (je, jne) the immediate operand was the first argument.  This
2630         was unnecessarily inconsistent.  Change je, jne methods to take the immediate
2631         as the second argument.
2632
2633         https://bugs.webkit.org/show_bug.cgi?id=22703
2634
2635         * assembler/MacroAssembler.h:
2636         (JSC::MacroAssembler::je32):
2637         (JSC::MacroAssembler::jne32):
2638         * jit/JIT.cpp:
2639         (JSC::JIT::compileOpStrictEq):
2640         * wrec/WRECGenerator.cpp:
2641         (JSC::WREC::Generator::generateEnter):
2642         (JSC::WREC::Generator::generateNonGreedyQuantifier):
2643         (JSC::WREC::Generator::generateGreedyQuantifier):
2644         (JSC::WREC::Generator::generatePatternCharacterPair):
2645         (JSC::WREC::Generator::generatePatternCharacter):
2646         (JSC::WREC::Generator::generateCharacterClassInvertedRange):
2647         (JSC::WREC::Generator::generateCharacterClassInverted):
2648         (JSC::WREC::Generator::generateAssertionBOL):
2649         (JSC::WREC::Generator::generateAssertionWordBoundary):
2650
2651 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2652
2653         Reviewed by Geoff Garen.
2654
2655         Second tranche of porting JIT.cpp to MacroAssembler interface.
2656
2657         * assembler/MacroAssembler.h:
2658         (JSC::MacroAssembler::mul32):
2659         (JSC::MacroAssembler::jl32):
2660         (JSC::MacroAssembler::jnzSub32):
2661         (JSC::MacroAssembler::joAdd32):
2662         (JSC::MacroAssembler::joMul32):
2663         (JSC::MacroAssembler::jzSub32):
2664         * jit/JIT.cpp:
2665         (JSC::JIT::emitSlowScriptCheck):
2666         (JSC::JIT::privateCompileMainPass):
2667         (JSC::JIT::privateCompileSlowCases):
2668         (JSC::JIT::privateCompileCTIMachineTrampolines):
2669         * jit/JIT.h:
2670         * jit/JITInlineMethods.h:
2671         (JSC::JIT::emitJumpIfNotJSCell):
2672         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
2673
2674 2008-12-05  David Kilzer  <ddkilzer@apple.com>
2675
2676         Bug 22609: Provide a build-time choice when generating hash tables for properties of built-in DOM objects
2677
2678         <https://bugs.webkit.org/show_bug.cgi?id=22609>
2679         <rdar://problem/6331749>
2680
2681         Reviewed by Darin Adler.
2682
2683         Initial patch by Yosen Lin.  Adapted for ToT WebKit by David Kilzer.
2684
2685         Added back the code that generates a "compact" hash (instead of a
2686         perfect hash) as a build-time option using the
2687         ENABLE(PERFECT_HASH_SIZE) macro as defined in Lookup.h.
2688
2689         * create_hash_table: Rename variables to differentiate perfect hash
2690         values from compact hash values.  Added back code to compute compact
2691         hash tables.  Generate both hash table sizes and emit
2692         conditionalized code based on ENABLE(PERFECT_HASH_SIZE).
2693         * runtime/Lookup.cpp:
2694         (JSC::HashTable::createTable): Added version of createTable() for
2695         use with compact hash tables.
2696         (JSC::HashTable::deleteTable): Updated to work with compact hash
2697         tables.
2698         * runtime/Lookup.h: Defined ENABLE(PERFECT_HASH_SIZE) macro here.
2699         (JSC::HashEntry::initialize): Set m_next to zero when using compact
2700         hash tables.
2701         (JSC::HashEntry::setNext): Added for compact hash tables.
2702         (JSC::HashEntry::next): Added for compact hash tables.
2703         (JSC::HashTable::entry): Added version of entry() for use with
2704         compact hash tables.
2705         * runtime/Structure.cpp:
2706         (JSC::Structure::getEnumerablePropertyNames): Updated to work with
2707         compact hash tables.
2708
2709 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2710
2711         Reviewed by Geoff Garen.
2712
2713         Remove redundant calls to JIT::emitSlowScriptCheck.
2714         This is checked in the hot path, so is not needed on the slow path - and the code
2715         was being planted before the start of the slow case, so was completely unreachable!
2716
2717         * jit/JIT.cpp:
2718         (JSC::JIT::privateCompileSlowCases):
2719
2720 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2721
2722         Reviewed by Geoff Garen.
2723
2724         Move JIT::compileOpStrictEq to MacroAssembler interface.
2725
2726         The rewrite also looks like a small (<1%) performance progression.
2727
2728         https://bugs.webkit.org/show_bug.cgi?id=22697
2729
2730         * jit/JIT.cpp:
2731         (JSC::JIT::compileOpStrictEq):
2732         (JSC::JIT::privateCompileSlowCases):
2733         * jit/JIT.h:
2734         * jit/JITInlineMethods.h:
2735         (JSC::JIT::emitJumpIfJSCell):
2736         (JSC::JIT::emitJumpSlowCaseIfJSCell):
2737
2738 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2739
2740         Reviewed by Geoff Garen.
2741
2742         Remove m_assembler from MacroAssembler::Jump.
2743         Keeping a pointer allowed for some syntactic sugar - "link()" looks nicer
2744         than "link(this)".  But maintaining this doubles the size of Jump, which
2745         is even more unfortunate for the JIT, since there are many large structures
2746         holding JmpSrcs.  Probably best to remove it.
2747
2748         https://bugs.webkit.org/show_bug.cgi?id=22693
2749
2750         * assembler/MacroAssembler.h:
2751         (JSC::MacroAssembler::Jump::Jump):
2752         (JSC::MacroAssembler::Jump::link):
2753         (JSC::MacroAssembler::Jump::linkTo):
2754         (JSC::MacroAssembler::JumpList::link):
2755         (JSC::MacroAssembler::JumpList::linkTo):
2756         (JSC::MacroAssembler::jae32):
2757         (JSC::MacroAssembler::je32):
2758         (JSC::MacroAssembler::je16):
2759         (JSC::MacroAssembler::jg32):
2760         (JSC::MacroAssembler::jge32):
2761         (JSC::MacroAssembler::jl32):
2762         (JSC::MacroAssembler::jle32):
2763         (JSC::MacroAssembler::jnePtr):
2764         (JSC::MacroAssembler::jne32):
2765         (JSC::MacroAssembler::jnset32):
2766         (JSC::MacroAssembler::jset32):
2767         (JSC::MacroAssembler::jump):
2768         (JSC::MacroAssembler::jzSub32):
2769         (JSC::MacroAssembler::joAdd32):
2770         (JSC::MacroAssembler::call):
2771         * wrec/WREC.cpp:
2772         (JSC::WREC::Generator::compileRegExp):
2773         * wrec/WRECGenerator.cpp:
2774         (JSC::WREC::Generator::generateEnter):
2775         (JSC::WREC::Generator::generateBackreferenceQuantifier):
2776         (JSC::WREC::Generator::generateNonGreedyQuantifier):
2777         (JSC::WREC::Generator::generateGreedyQuantifier):
2778         (JSC::WREC::Generator::generatePatternCharacter):
2779         (JSC::WREC::Generator::generateCharacterClassInvertedRange):
2780         (JSC::WREC::Generator::generateCharacterClassInverted):
2781         (JSC::WREC::Generator::generateCharacterClass):
2782         (JSC::WREC::Generator::generateParenthesesAssertion):
2783         (JSC::WREC::Generator::generateParenthesesInvertedAssertion):
2784         (JSC::WREC::Generator::generateParenthesesNonGreedy):
2785         (JSC::WREC::Generator::generateParenthesesResetTrampoline):
2786         (JSC::WREC::Generator::generateAssertionBOL):
2787         (JSC::WREC::Generator::generateAssertionEOL):
2788         (JSC::WREC::Generator::generateAssertionWordBoundary):
2789         (JSC::WREC::Generator::generateBackreference):
2790         (JSC::WREC::Generator::terminateAlternative):
2791         (JSC::WREC::Generator::terminateDisjunction):
2792         * wrec/WRECParser.h:
2793
2794 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2795
2796         Reviewed by Geoffrey Garen.
2797
2798         Simplify JIT generated checks for timeout code, by moving more work into the C function.
2799         https://bugs.webkit.org/show_bug.cgi?id=22688
2800
2801         * interpreter/Interpreter.cpp:
2802         (JSC::Interpreter::cti_timeout_check):
2803         * interpreter/Interpreter.h:
2804         * jit/JIT.cpp:
2805         (JSC::JIT::emitSlowScriptCheck):
2806
2807 2008-12-05  Sam Weinig  <sam@webkit.org>
2808
2809         Reviewed by Geoffrey Garen.
2810
2811         Encapsulate access to jump tables in the CodeBlock in preparation
2812         of moving them to a rare data structure.
2813
2814         * bytecode/CodeBlock.cpp:
2815         (JSC::CodeBlock::dump):
2816         (JSC::CodeBlock::shrinkToFit):
2817         * bytecode/CodeBlock.h:
2818         (JSC::CodeBlock::numberOfImmediateSwitchJumpTables):
2819         (JSC::CodeBlock::addImmediateSwitchJumpTable):
2820         (JSC::CodeBlock::immediateSwitchJumpTable):
2821         (JSC::CodeBlock::numberOfCharacterSwitchJumpTables):
2822         (JSC::CodeBlock::addCharacterSwitchJumpTable):
2823         (JSC::CodeBlock::characterSwitchJumpTable):
2824         (JSC::CodeBlock::numberOfStringSwitchJumpTables):
2825         (JSC::CodeBlock::addStringSwitchJumpTable):
2826         (JSC::CodeBlock::stringSwitchJumpTable):
2827         * bytecompiler/BytecodeGenerator.cpp:
2828         (JSC::BytecodeGenerator::generate):
2829         (JSC::BytecodeGenerator::endSwitch):
2830         * interpreter/Interpreter.cpp:
2831         (JSC::Interpreter::privateExecute):
2832         (JSC::Interpreter::cti_op_switch_imm):
2833         (JSC::Interpreter::cti_op_switch_char):
2834         (JSC::Interpreter::cti_op_switch_string):
2835         * jit/JIT.cpp:
2836         (JSC::JIT::privateCompileMainPass):
2837
2838 2008-12-05  Adam Roben  <aroben@apple.com>
2839
2840         Windows build fix after r39020
2841
2842         * jit/JITInlineMethods.h:
2843         (JSC::JIT::restoreArgumentReference):
2844         (JSC::JIT::restoreArgumentReferenceForTrampoline):
2845         Add some apparently-missing __.
2846
2847 2008-12-04  Geoffrey Garen  <ggaren@apple.com>
2848
2849         Reviewed by Darin Adler.
2850         
2851         https://bugs.webkit.org/show_bug.cgi?id=22673
2852         
2853         Added support for the assertion (?=) and inverted assertion (?!) atoms
2854         in WREC.
2855
2856         * wrec/WRECGenerator.cpp:
2857         (JSC::WREC::Generator::generateParenthesesAssertion):
2858         (JSC::WREC::Generator::generateParenthesesInvertedAssertion): Split the
2859         old (unused) generateParentheses into these two functions, with more
2860         limited capabilities.
2861         
2862         * wrec/WRECGenerator.h:
2863         (JSC::WREC::Generator::): Moved an enum to the top of the class definition,
2864         to match the WebKit style, and removed a defunct comment.
2865
2866         * wrec/WRECParser.cpp:
2867         (JSC::WREC::Parser::parseParentheses):
2868         (JSC::WREC::Parser::consumeParenthesesType):
2869         * wrec/WRECParser.h:
2870         (JSC::WREC::Parser::): Added support for parsing (?=) and (?!).
2871
2872 2008-12-05  Simon Hausmann  <simon.hausmann@nokia.com>
2873
2874         Rubber-stamped by Tor Arne Vestbø.
2875
2876         Disable the JIT for the Qt build alltogether again, after observing
2877         more miscompilations in a wider range of newer gcc versions.
2878
2879         * JavaScriptCore.pri:
2880
2881 2008-12-05  Simon Hausmann  <simon.hausmann@nokia.com>
2882
2883         Reviewed by Tor Arne Vestbø.
2884
2885         Disable the JIT for the Qt build on Linux unless gcc is >= 4.2,
2886         due to miscompilations.
2887
2888         * JavaScriptCore.pri:
2889
2890 2008-12-04  Gavin Barraclough  <barraclough@apple.com>
2891
2892         Reviewed by Geoff Garen.
2893
2894         Start porting the JIT to use the MacroAssembler.
2895
2896         https://bugs.webkit.org/show_bug.cgi?id=22671
2897         No change in performance.
2898
2899         * assembler/MacroAssembler.h:
2900         (JSC::MacroAssembler::Jump::operator X86Assembler::JmpSrc):
2901         (JSC::MacroAssembler::add32):
2902         (JSC::MacroAssembler::and32):
2903         (JSC::MacroAssembler::lshift32):
2904         (JSC::MacroAssembler::rshift32):
2905         (JSC::MacroAssembler::storePtr):
2906         (JSC::MacroAssembler::store32):
2907         (JSC::MacroAssembler::poke):
2908         (JSC::MacroAssembler::move):
2909         (JSC::MacroAssembler::compareImm32ForBranchEquality):
2910         (JSC::MacroAssembler::jnePtr):
2911         (JSC::MacroAssembler::jnset32):
2912         (JSC::MacroAssembler::jset32):
2913         (JSC::MacroAssembler::jzeroSub32):
2914         (JSC::MacroAssembler::joverAdd32):
2915         (JSC::MacroAssembler::call):
2916         * assembler/X86Assembler.h:
2917         (JSC::X86Assembler::shll_i8r):
2918         * jit/JIT.cpp:
2919         (JSC::JIT::privateCompileMainPass):
2920         (JSC::JIT::privateCompile):
2921         (JSC::JIT::privateCompileCTIMachineTrampolines):
2922         * jit/JIT.h:
2923         * jit/JITArithmetic.cpp:
2924         (JSC::JIT::compileBinaryArithOp):
2925         * jit/JITInlineMethods.h:
2926         (JSC::JIT::emitGetVirtualRegister):
2927         (JSC::JIT::emitPutCTIArg):
2928         (JSC::JIT::emitPutCTIArgConstant):
2929         (JSC::JIT::emitGetCTIArg):
2930         (JSC::JIT::emitPutCTIArgFromVirtualRegister):
2931         (JSC::JIT::emitPutCTIParam):
2932         (JSC::JIT::emitGetCTIParam):
2933         (JSC::JIT::emitPutToCallFrameHeader):
2934         (JSC::JIT::emitPutImmediateToCallFrameHeader):
2935         (JSC::JIT::emitGetFromCallFrameHeader):
2936         (JSC::JIT::emitPutVirtualRegister):
2937         (JSC::JIT::emitInitRegister):
2938         (JSC::JIT::emitNakedCall):
2939         (JSC::JIT::restoreArgumentReference):
2940         (JSC::JIT::restoreArgumentReferenceForTrampoline):
2941         (JSC::JIT::emitCTICall):
2942         (JSC::JIT::checkStructure):
2943         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
2944         (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
2945         (JSC::JIT::emitJumpSlowCaseIfNotImmNums):
2946         (JSC::JIT::emitFastArithDeTagImmediate):
2947         (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
2948         (JSC::JIT::emitFastArithReTagImmediate):
2949         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
2950         (JSC::JIT::emitFastArithImmToInt):
2951         (JSC::JIT::emitFastArithIntToImmOrSlowCase):
2952         (JSC::JIT::emitFastArithIntToImmNoCheck):
2953         (JSC::JIT::emitTagAsBoolImmediate):
2954         * jit/JITPropertyAccess.cpp:
2955         (JSC::JIT::privateCompilePutByIdTransition):
2956
2957 2008-12-04  Geoffrey Garen  <ggaren@apple.com>
2958
2959         Reviewed by Oliver Hunt.
2960         
2961         Some refactoring for generateGreedyQuantifier.
2962         
2963         SunSpider reports no change (possibly a 0.3% speedup).
2964
2965         * wrec/WRECGenerator.cpp:
2966         (JSC::WREC::Generator::generateGreedyQuantifier): Clarified label
2967         meanings and unified some logic to simplify things.
2968
2969         * wrec/WRECParser.h:
2970         (JSC::WREC::Parser::parseAlternative): Added a version of parseAlternative
2971         that can jump to a Label, instead of a JumpList, upon failure. (Eventually,
2972         when we have a true Label class, this will be redundant.) This makes
2973         things easier for generateGreedyQuantifier, because it can avoid
2974         explicitly linking things.
2975
2976 2008-12-04  Simon Hausmann  <simon.hausmann@nokia.com>
2977
2978         Reviewed by Holger Freyther.
2979
2980         Fix crashes in the Qt build on Linux/i386 with non-executable memory
2981         by enabling TCSystemAlloc and the PROT_EXEC flag for mmap.
2982
2983         * JavaScriptCore.pri: Enable the use of TCSystemAlloc if the JIT is
2984         enabled.
2985         * wtf/TCSystemAlloc.cpp: Extend the PROT_EXEC permissions to
2986         PLATFORM(QT).
2987
2988 2008-12-04  Simon Hausmann  <simon.hausmann@nokia.com>
2989
2990         Reviewed by Tor Arne Vestbø.
2991
2992         Enable ENABLE_JIT_OPTIMIZE_CALL, ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS
2993         and ENABLE_JIT_OPTIMIZE_ARITHMETIC, as suggested by Niko.
2994
2995         * JavaScriptCore.pri: 
2996
2997 2008-12-04  Kent Hansen  <khansen@trolltech.com>
2998
2999         Reviewed by Simon Hausmann.
3000
3001         Enable the JSC jit for the Qt build by default for release builds on
3002         linux-g++ and win32-msvc.
3003
3004         * JavaScriptCore.pri:
3005
3006 2008-12-04  Gavin Barraclough  <barraclough@apple.com>
3007
3008         Reviewed by Oliver Hunt.
3009
3010         Allow JIT to function without property access repatching and arithmetic optimizations.
3011         Controlled by ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS and ENABLE_JIT_OPTIMIZE_ARITHMETIC switches.
3012
3013         https://bugs.webkit.org/show_bug.cgi?id=22643
3014
3015         * JavaScriptCore.xcodeproj/project.pbxproj:
3016         * jit/JIT.cpp:
3017         (JSC::JIT::privateCompileMainPass):
3018         (JSC::JIT::privateCompileSlowCases):
3019         * jit/JIT.h:
3020         * jit/JITArithmetic.cpp: Copied from jit/JIT.cpp.
3021         (JSC::JIT::compileBinaryArithOp):
3022         (JSC::JIT::compileBinaryArithOpSlowCase):
3023         * jit/JITPropertyAccess.cpp: Copied from jit/JIT.cpp.
3024         (JSC::JIT::compileGetByIdHotPath):
3025         (JSC::JIT::compileGetByIdSlowCase):
3026         (JSC::JIT::compilePutByIdHotPath):
3027         (JSC::JIT::compilePutByIdSlowCase):
3028         (JSC::resizePropertyStorage):
3029         (JSC::transitionWillNeedStorageRealloc):
3030         (JSC::JIT::privateCompilePutByIdTransition):
3031         (JSC::JIT::patchGetByIdSelf):
3032         (JSC::JIT::patchPutByIdReplace):
3033         (JSC::JIT::privateCompilePatchGetArrayLength):
3034         * wtf/Platform.h:
3035
3036 2008-12-03  Geoffrey Garen  <ggaren@apple.com>
3037
3038         Reviewed by Oliver Hunt.
3039         
3040         Optimized sequences of characters in regular expressions by comparing
3041         two characters at a time.
3042         
3043         1-2% speedup on SunSpider, 19-25% speedup on regexp-dna.
3044
3045         * assembler/MacroAssembler.h:
3046         (JSC::MacroAssembler::load32):
3047         (JSC::MacroAssembler::jge32): Filled out a few more macro methods.
3048
3049         * assembler/X86Assembler.h:
3050         (JSC::X86Assembler::movl_mr): Added a verion of movl_mr that operates
3051         without an offset, to allow the macro assembler to optmize for that case.
3052         
3053         * wrec/WREC.cpp:
3054         (JSC::WREC::Generator::compileRegExp): Test the saved value of index
3055         instead of the index register when checking for "end of input." The
3056         index register doesn't increment by 1 in an orderly fashion, so testing
3057         it for == "end of input" is not valid.
3058         
3059         Also, jump all the way to "return failure" upon reaching "end of input,"
3060         instead of executing the next alternative. This is more logical, and
3061         it's a slight optimization in the case of an expression with many alternatives.
3062
3063         * wrec/WRECGenerator.cpp:
3064         (JSC::WREC::Generator::generateIncrementIndex): Added support for
3065         jumping to a failure label in the case where the index has reached "end
3066         of input."
3067
3068         (JSC::WREC::Generator::generatePatternCharacterSequence):
3069         (JSC::WREC::Generator::generatePatternCharacterPair): This is the
3070         optmization. It's basically like generatePatternCharacter, but it runs two
3071         characters at a time.
3072         
3073         (JSC::WREC::Generator::generatePatternCharacter): Changed to use isASCII,
3074         since it's clearer than comparing to a magic hex value.
3075         
3076         * wrec/WRECGenerator.h:
3077
3078 2008-12-03  Gavin Barraclough  <barraclough@apple.com>
3079
3080         Reviewed by Cameron Zwarich.
3081
3082         Allow JIT to operate without the call-repatching optimization.
3083         Controlled by ENABLE(JIT_OPTIMIZE_CALL), defaults on, disabling
3084         this leads to significant performance regression.
3085
3086         https://bugs.webkit.org/show_bug.cgi?id=22639
3087
3088         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3089         * JavaScriptCore.xcodeproj/project.pbxproj:
3090         * jit/JIT.cpp:
3091         (JSC::JIT::privateCompileSlowCases):
3092         * jit/JIT.h:
3093         * jit/JITCall.cpp: Copied from jit/JIT.cpp.
3094         (JSC::JIT::compileOpCallInitializeCallFrame):
3095         (JSC::JIT::compileOpCallSetupArgs):
3096         (JSC::JIT::compileOpCallEvalSetupArgs):
3097         (JSC::JIT::compileOpConstructSetupArgs):
3098         (JSC::JIT::compileOpCall):
3099         (JSC::JIT::compileOpCallSlowCase):
3100         (JSC::unreachable):
3101         * jit/JITInlineMethods.h: Copied from jit/JIT.cpp.
3102         (JSC::JIT::checkStructure):
3103         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
3104         (JSC::JIT::emitTagAsBoolImmediate):
3105         * wtf/Platform.h:
3106
3107 2008-12-03  Eric Seidel  <eric@webkit.org>
3108
3109         Rubber-stamped by David Hyatt.
3110
3111         Make HAVE_ACCESSIBILITY only define if !defined
3112
3113         * wtf/Platform.h:
3114
3115 2008-12-03  Sam Weinig  <sam@webkit.org>
3116
3117         Fix build.
3118
3119         * assembler/X86Assembler.h:
3120         (JSC::X86Assembler::orl_i32r):
3121
3122 2008-12-03  Sam Weinig  <sam@webkit.org>
3123
3124         Reviewed by Geoffrey Garen.
3125
3126         Remove shared AssemblerBuffer 1MB buffer and instead give AssemblerBuffer
3127         an 256 byte inline capacity.
3128
3129         1% progression on Sunspider.
3130
3131         * assembler/AssemblerBuffer.h:
3132         (JSC::AssemblerBuffer::AssemblerBuffer):
3133         (JSC::AssemblerBuffer::~AssemblerBuffer):
3134         (JSC::AssemblerBuffer::grow):
3135         * assembler/MacroAssembler.h:
3136         (JSC::MacroAssembler::MacroAssembler):
3137         * assembler/X86Assembler.h:
3138         (JSC::X86Assembler::X86Assembler):
3139         * interpreter/Interpreter.cpp:
3140         (JSC::Interpreter::Interpreter):
3141         * interpreter/Interpreter.h:
3142         * jit/JIT.cpp:
3143         (JSC::JIT::JIT):
3144         * parser/Nodes.cpp:
3145         (JSC::RegExpNode::emitBytecode):
3146         * runtime/RegExp.cpp:
3147         (JSC::RegExp::RegExp):
3148         (JSC::RegExp::create):
3149         * runtime/RegExp.h:
3150         * runtime/RegExpConstructor.cpp:
3151         (JSC::constructRegExp):
3152         * runtime/RegExpPrototype.cpp:
3153         (JSC::regExpProtoFuncCompile):
3154         * runtime/StringPrototype.cpp:
3155         (JSC::stringProtoFuncMatch):
3156         (JSC::stringProtoFuncSearch):
3157         * wrec/WREC.cpp:
3158         (JSC::WREC::Generator::compileRegExp):
3159         * wrec/WRECGenerator.h:
3160         (JSC::WREC::Generator::Generator):
3161         * wrec/WRECParser.h:
3162         (JSC::WREC::Parser::Parser):
3163
3164 2008-12-03  Geoffrey Garen  <ggaren@apple.com>
3165
3166         Reviewed by Oliver Hunt, with help from Gavin Barraclough.
3167         
3168         orl_i32r was actually coded as an 8bit OR. So, I renamed orl_i32r to
3169         orl_i8r, changed all orl_i32r clients to use orl_i8r, and then added
3170         a new orl_i32r that actually does a 32bit OR.
3171         
3172         (32bit OR is currently unused, but a patch I'm working on uses it.)
3173
3174         * assembler/MacroAssembler.h:
3175         (JSC::MacroAssembler::or32): Updated to choose between 8bit and 32bit OR.
3176
3177         * assembler/X86Assembler.h:
3178         (JSC::X86Assembler::orl_i8r): The old orl_i32r.
3179         (JSC::X86Assembler::orl_i32r): The new orl_i32r.
3180         
3181         * jit/JIT.cpp:
3182         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
3183         (JSC::JIT::emitTagAsBoolImmediate): Use orl_i8r, since we're ORing 8bit
3184         values.
3185
3186 2008-12-03  Dean Jackson  <dino@apple.com>
3187
3188         Reviewed by Dan Bernstein.
3189
3190         Helper functions for turn -> degrees.
3191         https://bugs.webkit.org/show_bug.cgi?id=22497
3192
3193         * wtf/MathExtras.h:
3194         (turn2deg):
3195         (deg2turn):
3196
3197 2008-12-02  Cameron Zwarich  <zwarich@apple.com>
3198
3199         Reviewed by Geoff Garen.
3200
3201         Bug 22504: Crashes during code generation occur due to refing of ignoredResult()
3202         <https://bugs.webkit.org/show_bug.cgi?id=22504>
3203
3204         Since ignoredResult() was implemented by casting 1 to a RegisterID*, any
3205         attempt to ref ignoredResult() results in a crash. This will occur in
3206         code generation of a function body where a node emits another node with
3207         the dst that was passed to it, and then refs the returned RegisterID*.
3208
3209         To fix this problem, make ignoredResult() a member function of
3210         BytecodeGenerator that simply returns a pointe to a fixed RegisterID
3211         member of BytecodeGenerator.
3212
3213         * bytecompiler/BytecodeGenerator.h:
3214         (JSC::BytecodeGenerator::ignoredResult):
3215         * bytecompiler/RegisterID.h:
3216         * parser/Nodes.cpp:
3217         (JSC::NullNode::emitBytecode):
3218         (JSC::BooleanNode::emitBytecode):
3219         (JSC::NumberNode::emitBytecode):
3220         (JSC::StringNode::emitBytecode):
3221         (JSC::RegExpNode::emitBytecode):
3222         (JSC::ThisNode::emitBytecode):
3223         (JSC::ResolveNode::emitBytecode):
3224         (JSC::ObjectLiteralNode::emitBytecode):
3225         (JSC::PostfixResolveNode::emitBytecode):
3226         (JSC::PostfixBracketNode::emitBytecode):
3227         (JSC::PostfixDotNode::emitBytecode):
3228         (JSC::DeleteValueNode::emitBytecode):
3229         (JSC::VoidNode::emitBytecode):
3230         (JSC::TypeOfResolveNode::emitBytecode):
3231         (JSC::TypeOfValueNode::emitBytecode):
3232         (JSC::PrefixResolveNode::emitBytecode):
3233         (JSC::AssignResolveNode::emitBytecode):
3234         (JSC::CommaNode::emitBytecode):
3235         (JSC::ForNode::emitBytecode):
3236         (JSC::ForInNode::emitBytecode):
3237         (JSC::ReturnNode::emitBytecode):
3238         (JSC::ThrowNode::emitBytecode):
3239         (JSC::FunctionBodyNode::emitBytecode):
3240         (JSC::FuncDeclNode::emitBytecode):
3241
3242 2008-12-02  Geoffrey Garen  <ggaren@apple.com>
3243
3244         Reviewed by Cameron Zwarich.
3245         
3246         Fixed https://bugs.webkit.org/show_bug.cgi?id=22537
3247         REGRESSION (r38745): Assertion failure in jsSubstring() at ge.com
3248
3249         The bug was that index would become greater than length, so our
3250         "end of input" checks, which all check "index == length", would fail.
3251         
3252         The solution is to check for end of input before incrementing index,
3253         to ensure that index is always <= length.
3254         
3255         As a side benefit, generateJumpIfEndOfInput can now use je instead of
3256         jg, which should be slightly faster.
3257
3258         * wrec/WREC.cpp:
3259         (JSC::WREC::Generator::compileRegExp):
3260         * wrec/WRECGenerator.cpp:
3261         (JSC::WREC::Generator::generateJumpIfEndOfInput):
3262
3263 2008-12-02  Gavin Barraclough  <barraclough@apple.com>
3264
3265         Reviewed by Geoffrey Garen.
3266
3267         Plant shift right immediate instructions, which are awesome.
3268         https://bugs.webkit.org/show_bug.cgi?id=22610
3269         ~5% on the v8-crypto test.
3270
3271         * jit/JIT.cpp:
3272         (JSC::JIT::privateCompileMainPass):
3273         (JSC::JIT::privateCompileSlowCases):
3274
3275 2008-12-02  Geoffrey Garen  <ggaren@apple.com>
3276
3277         Reviewed by Sam Weinig.
3278         
3279         Cleaned up SegmentedVector by abstracting segment access into helper
3280         functions.
3281         
3282         SunSpider reports no change.
3283
3284         * bytecompiler/SegmentedVector.h:
3285         (JSC::SegmentedVector::SegmentedVector):
3286         (JSC::SegmentedVector::~SegmentedVector):
3287         (JSC::SegmentedVector::size):
3288         (JSC::SegmentedVector::at):
3289         (JSC::SegmentedVector::operator[]):
3290         (JSC::SegmentedVector::last):
3291         (JSC::SegmentedVector::append):
3292         (JSC::SegmentedVector::removeLast):
3293         (JSC::SegmentedVector::grow):
3294         (JSC::SegmentedVector::clear):
3295         (JSC::SegmentedVector::deleteAllSegments):
3296         (JSC::SegmentedVector::segmentFor):
3297         (JSC::SegmentedVector::subscriptFor):
3298         (JSC::SegmentedVector::ensureSegmentsFor):
3299         (JSC::SegmentedVector::ensureSegment):
3300
3301 2008-12-02  Geoffrey Garen  <ggaren@apple.com>
3302
3303         Reviewed by Geoffrey Garen. (Patch by Cameron Zwarich <zwarich@apple.com>.)
3304         
3305         Fixed https://bugs.webkit.org/show_bug.cgi?id=22482
3306         REGRESSION (r37991): Occasionally see "Scene rendered incorrectly"
3307         message when running the V8 Raytrace benchmark
3308         
3309         Rolled out r37991. It didn't properly save xmm0, which is caller-save,
3310         before calling helper functions.
3311         
3312         SunSpider and v8 benchmarks show little change -- possibly a .2%
3313         SunSpider regression, possibly a .2% v8 benchmark speedup.
3314
3315         * assembler/X86Assembler.h:
3316         (JSC::X86Assembler::):
3317         * bytecode/CodeBlock.cpp:
3318         (JSC::CodeBlock::dump):
3319         * bytecode/Instruction.h:
3320         (JSC::Instruction::):
3321         * bytecompiler/BytecodeGenerator.cpp:
3322         (JSC::BytecodeGenerator::emitUnaryOp):
3323         * bytecompiler/BytecodeGenerator.h:
3324         (JSC::BytecodeGenerator::emitToJSNumber):
3325         (JSC::BytecodeGenerator::emitTypeOf):
3326         (JSC::BytecodeGenerator::emitGetPropertyNames):
3327         * interpreter/Interpreter.cpp:
3328         (JSC::Interpreter::privateExecute):
3329         * interpreter/Interpreter.h:
3330         * jit/JIT.cpp:
3331         (JSC::JIT::privateCompileMainPass):
3332         (JSC::JIT::privateCompileSlowCases):
3333         * jit/JIT.h:
3334         * parser/Nodes.cpp:
3335         (JSC::UnaryOpNode::emitBytecode):
3336         (JSC::BinaryOpNode::emitBytecode):
3337         (JSC::EqualNode::emitBytecode):
3338         * parser/ResultType.h:
3339         (JSC::ResultType::isReusable):
3340         (JSC::ResultType::mightBeNumber):
3341         * runtime/JSNumberCell.h:
3342
3343 2008-12-01  Gavin Barraclough  <barraclough@apple.com>
3344
3345         Reviewed by Geoffrey Garen.
3346
3347         Remove unused (sampling only, and derivable) argument to JIT::emitCTICall.
3348         https://bugs.webkit.org/show_bug.cgi?id=22587
3349
3350         * jit/JIT.cpp:
3351         (JSC::JIT::emitCTICall):
3352         (JSC::JIT::compileOpCall):
3353         (JSC::JIT::emitSlowScriptCheck):
3354         (JSC::JIT::compileBinaryArithOpSlowCase):
3355         (JSC::JIT::privateCompileMainPass):
3356         (JSC::JIT::privateCompileSlowCases):
3357         (JSC::JIT::privateCompile):
3358         * jit/JIT.h:
3359
3360 2008-12-02  Dimitri Glazkov  <dglazkov@chromium.org>
3361
3362         Reviewed by Eric Seidel.
3363         
3364         Fix the inheritance chain for JSFunction.
3365
3366         * runtime/JSFunction.cpp:
3367         (JSC::JSFunction::info): Add InternalFunction::info as parent class
3368
3369 2008-12-02  Simon Hausmann  <hausmann@webkit.org>
3370
3371         Reviewed by Tor Arne Vestbø.
3372
3373         Fix ability to include JavaScriptCore.pri from other .pro files.
3374
3375         * JavaScriptCore.pri: Moved -O3 setting into the .pro files.
3376         * JavaScriptCore.pro:
3377         * jsc.pro:
3378
3379 2008-12-01  Geoffrey Garen  <ggaren@apple.com>
3380
3381         Reviewed by Cameron Zwarich, with help from Gavin Barraclough.
3382         
3383         Fixed https://bugs.webkit.org/show_bug.cgi?id=22583.
3384
3385         Refactored regular expression parsing to parse sequences of characters
3386         as a single unit, in preparation for optimizing sequences of characters.
3387         
3388         SunSpider reports no change.
3389
3390         * JavaScriptCore.xcodeproj/project.pbxproj:
3391         * wrec/Escapes.h: Added. Set of classes for representing an escaped
3392         token in a pattern.
3393
3394         * wrec/Quantifier.h:
3395         (JSC::WREC::Quantifier::Quantifier): Simplified this constructor slightly,
3396         to match the new Escape constructor.
3397
3398         * wrec/WRECGenerator.cpp:
3399         (JSC::WREC::Generator::generatePatternCharacterSequence):
3400         * wrec/WRECGenerator.h: Added an interface for generating a sequence
3401         of pattern characters at a time. It doesn't do anything special yet.
3402
3403         * wrec/WRECParser.cpp:
3404         (JSC::WREC::Parser::consumeGreedyQuantifier):
3405         (JSC::WREC::Parser::consumeQuantifier): Renamed "parse" to "consume" in
3406         these functions, to match "consumeEscape."
3407
3408         (JSC::WREC::Parser::parsePatternCharacterSequence): New function for
3409         iteratively aggregating a sequence of characters in a pattern.
3410
3411         (JSC::WREC::Parser::parseCharacterClassQuantifier):
3412         (JSC::WREC::Parser::parseBackreferenceQuantifier): Renamed "parse" to
3413         "consume" in these functions, to match "consumeEscape."
3414
3415         (JSC::WREC::Parser::parseCharacterClass): Refactored to use the common
3416         escape processing code in consumeEscape.
3417
3418         (JSC::WREC::Parser::parseEscape): Refactored to use the common
3419         escape processing code in consumeEscape.
3420
3421         (JSC::WREC::Parser::consumeEscape): Factored escaped token processing
3422         into a common function, since we were doing this in a few places.
3423
3424         (JSC::WREC::Parser::parseTerm): Refactored to use the common
3425         escape processing code in consumeEscape.
3426
3427         * wrec/WRECParser.h:
3428         (JSC::WREC::Parser::consumeOctal): Refactored to use a helper function
3429         for reading a digit.
3430
3431 2008-12-01  Cameron Zwarich  <zwarich@apple.com>
3432
3433         Reviewed by Oliver Hunt.
3434
3435         Bug 20340: SegmentedVector segment allocations can lead to unsafe use of temporary registers
3436         <https://bugs.webkit.org/show_bug.cgi?id=20340>
3437
3438         SegmentedVector currently frees segments and reallocates them when used
3439         as a stack. This can lead to unsafe use of pointers into freed segments.
3440
3441         In order to fix this problem, SegmentedVector will be changed to only
3442         grow and never shrink. Also, rename the reserveCapacity() member
3443         function to grow() to match the actual usage in BytecodeGenerator, where
3444         this function is used to allocate a group of registers at once, rather
3445         than merely saving space for them.
3446
3447         * bytecompiler/BytecodeGenerator.cpp:
3448         (JSC::BytecodeGenerator::BytecodeGenerator): Use grow() instead of 
3449         reserveCapacity().
3450         * bytecompiler/SegmentedVector.h:
3451         (JSC::SegmentedVector::SegmentedVector):
3452         (JSC::SegmentedVector::last):
3453         (JSC::SegmentedVector::append):
3454         (JSC::SegmentedVector::removeLast):
3455         (JSC::SegmentedVector::grow): Renamed from reserveCapacity().
3456         (JSC::SegmentedVector::clear):
3457
3458 2008-12-01  Mark Rowe  <mrowe@apple.com>
3459
3460         Rubber-stamped by Anders Carlsson.
3461
3462         Disable WREC for x86_64 since memory allocated by the system allocator is not marked executable,
3463         which causes 64-bit debug builds to crash.  Once we have a dedicated allocator for executable
3464         memory we can turn this back on.
3465
3466         * wtf/Platform.h:
3467
3468 2008-12-01  Antti Koivisto  <antti@apple.com>
3469
3470         Reviewed by Maciej Stachowiak.
3471         
3472         Restore inline buffer after vector is shrunk back below its inline capacity.
3473
3474         * wtf/Vector.h:
3475         (WTF::):
3476         (WTF::VectorBuffer::restoreInlineBufferIfNeeded):
3477         (WTF::::shrinkCapacity):
3478
3479 2008-11-30  Antti Koivisto  <antti@apple.com>
3480
3481         Reviewed by Mark Rowe.
3482         
3483         Try to return free pages in the current thread cache too.
3484
3485         * wtf/FastMalloc.cpp:
3486         (WTF::TCMallocStats::releaseFastMallocFreeMemory):
3487
3488 2008-12-01  David Levin  <levin@chromium.org>
3489
3490         Reviewed by Alexey Proskuryakov.
3491
3492         https://bugs.webkit.org/show_bug.cgi?id=22567
3493         Make HashTable work as expected with respect to threads. Specifically, it has class-level
3494         thread safety and constant methods work on constant objects without synchronization.
3495         
3496         No observable change in behavior, so no test. This only affects debug builds.
3497
3498         * wtf/HashTable.cpp:
3499         (WTF::hashTableStatsMutex):
3500         (WTF::HashTableStats::~HashTableStats):
3501         (WTF::HashTableStats::recordCollisionAtCount):
3502         Guarded variable access with a mutex.
3503
3504         * wtf/HashTable.h:
3505         (WTF::::lookup):
3506         (WTF::::lookupForWriting):
3507         (WTF::::fullLookupForWriting):
3508         (WTF::::add):
3509         (WTF::::reinsert):
3510         (WTF::::remove):
3511         (WTF::::rehash):
3512         Changed increments of static variables to use atomicIncrement.
3513
3514         (WTF::::invalidateIterators):
3515         (WTF::addIterator):
3516         (WTF::removeIterator):
3517         Guarded mutable access with a mutex.
3518
3519 2008-11-29  Gavin Barraclough  <barraclough@apple.com>
3520
3521         Reviewed by Cameron Zwarich.
3522
3523         Enable WREC on PLATFORM(X86_64).  This change predominantly requires changes to the
3524         WREC::Generator::generateEnter method to support the x86-64 ABI, and addition of
3525         support for a limited number of quadword operations in the X86Assembler.
3526
3527         This patch will cause the JS heap to be allocated with RWX permissions on 64-bit Mac
3528         platforms.  This is a regression with respect to previous 64-bit behaviour, but is no
3529         more permissive than on 32-bit builds.  This issue should be addressed at some point.
3530         (This is tracked by bug #21783.)
3531
3532         https://bugs.webkit.org/show_bug.cgi?id=22554
3533         Greater than 4x speedup on regexp-dna, on x86-64.
3534
3535         * assembler/MacroAssembler.h:
3536         (JSC::MacroAssembler::addPtr):
3537         (JSC::MacroAssembler::loadPtr):
3538         (JSC::MacroAssembler::storePtr):
3539         (JSC::MacroAssembler::pop):