<rdar://problem/6467376> Race condition in WTF::currentThread can lead to a thread...
[WebKit-https.git] / JavaScriptCore / ChangeLog
1 2008-12-26  Mark Rowe  <mrowe@apple.com>
2
3         Reviewed by Alexey Proskuryakov.
4
5         <rdar://problem/6467376> Race condition in WTF::currentThread can lead to a thread using two different identifiers during its lifetime
6
7         If a newly-created thread calls WTF::currentThread() before WTF::createThread calls establishIdentifierForPthreadHandle
8         then more than one identifier will be used for the same thread.  We can avoid this by adding some extra synchronization
9         during thread creation that delays the execution of the thread function until the thread identifier has been set up, and
10         an assertion to catch this problem should it reappear in the future.
11
12         * wtf/Threading.cpp: Added.
13         (WTF::NewThreadContext::NewThreadContext):
14         (WTF::threadEntryPoint):
15         (WTF::createThread): Add cross-platform createThread function that delays the execution of the thread function until
16         after the thread identifier has been set up.
17         * wtf/Threading.h:
18         * wtf/ThreadingGtk.cpp:
19         (WTF::establishIdentifierForThread):
20         (WTF::createThreadInternal):
21         * wtf/ThreadingNone.cpp:
22         (WTF::createThreadInternal):
23         * wtf/ThreadingPthreads.cpp:
24         (WTF::establishIdentifierForPthreadHandle):
25         (WTF::createThreadInternal):
26         * wtf/ThreadingQt.cpp:
27         (WTF::identifierByQthreadHandle):
28         (WTF::establishIdentifierForThread):
29         (WTF::createThreadInternal):
30         * wtf/ThreadingWin.cpp:
31         (WTF::storeThreadHandleByIdentifier):
32         (WTF::createThreadInternal):
33
34         Add Threading.cpp to the build.
35
36         * GNUmakefile.am:
37         * JavaScriptCore.pri:
38         * JavaScriptCore.scons:
39         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
40         * JavaScriptCore.xcodeproj/project.pbxproj:
41         * JavaScriptCoreSources.bkl:
42
43 2008-12-26  Sam Weinig  <sam@webkit.org>
44
45         Reviewed by Alexey Proskuryakov.
46
47         Remove unused method.
48
49         * runtime/Structure.h: Remove mutableTypeInfo.
50
51 2008-12-22  Gavin Barraclough  <barraclough@apple.com>
52
53         Reviewed by Oliver Hunt.
54
55         Fix rounding / bounds / signed comparison bug in ExecutableAllocator.
56
57         ExecutableAllocator::alloc assumed that m_freePtr would be aligned.  This was
58         not always true, since the first allocation from an additional pool would not
59         be rounded up.  Subsequent allocations would be unaligned, and too much memory
60         could be erroneously allocated from the pool, when the size requested was
61         available, but the size rounded up to word granularity was not available in the
62         pool.  This may result in the value of m_freePtr being greater than m_end.
63
64         Under these circumstances, the unsigned check for space will always pass,
65         resulting in pointers to memory outside of the arena being returned, and
66         ultimately segfaulty goodness when attempting to memcpy the hot freshly jitted
67         code from the AssemblerBuffer.
68
69         https://bugs.webkit.org/show_bug.cgi?id=22974
70         ... and probably many, many more.
71
72         * jit/ExecutableAllocator.h:
73         (JSC::ExecutablePool::alloc):
74         (JSC::ExecutablePool::roundUpAllocationSize):
75         (JSC::ExecutablePool::ExecutablePool):
76         (JSC::ExecutablePool::poolAllocate):
77
78 2008-12-22  Sam Weinig  <sam@webkit.org>
79
80         Reviewed by Gavin Barraclough.
81
82         Rename all uses of the term "repatch" to "patch".
83
84         * assembler/MacroAssembler.h:
85         (JSC::MacroAssembler::DataLabelPtr::patch):
86         (JSC::MacroAssembler::DataLabel32::patch):
87         (JSC::MacroAssembler::Jump::patch):
88         (JSC::MacroAssembler::PatchBuffer::PatchBuffer):
89         (JSC::MacroAssembler::PatchBuffer::setPtr):
90         (JSC::MacroAssembler::loadPtrWithAddressOffsetPatch):
91         (JSC::MacroAssembler::storePtrWithAddressOffsetPatch):
92         (JSC::MacroAssembler::storePtrWithPatch):
93         (JSC::MacroAssembler::jnePtrWithPatch):
94         * assembler/X86Assembler.h:
95         (JSC::X86Assembler::patchAddress):
96         (JSC::X86Assembler::patchImmediate):
97         (JSC::X86Assembler::patchPointer):
98         (JSC::X86Assembler::patchBranchOffset):
99         * interpreter/Interpreter.cpp:
100         (JSC::Interpreter::tryCTICachePutByID):
101         (JSC::Interpreter::tryCTICacheGetByID):
102         (JSC::Interpreter::cti_op_put_by_id):
103         (JSC::Interpreter::cti_op_get_by_id):
104         (JSC::Interpreter::cti_op_get_by_id_self_fail):
105         (JSC::Interpreter::cti_op_get_by_id_proto_list):
106         (JSC::Interpreter::cti_vm_dontLazyLinkCall):
107         * jit/JIT.cpp:
108         (JSC::ctiPatchCallByReturnAddress):
109         (JSC::JIT::privateCompileMainPass):
110         (JSC::JIT::privateCompile):
111         (JSC::JIT::privateCompileCTIMachineTrampolines):
112         * jit/JIT.h:
113         * jit/JITCall.cpp:
114         (JSC::JIT::unlinkCall):
115         (JSC::JIT::linkCall):
116         (JSC::JIT::compileOpCall):
117         * jit/JITPropertyAccess.cpp:
118         (JSC::JIT::compileGetByIdHotPath):
119         (JSC::JIT::compilePutByIdHotPath):
120         (JSC::JIT::compileGetByIdSlowCase):
121         (JSC::JIT::compilePutByIdSlowCase):
122         (JSC::JIT::privateCompilePutByIdTransition):
123         (JSC::JIT::patchGetByIdSelf):
124         (JSC::JIT::patchPutByIdReplace):
125         (JSC::JIT::privateCompilePatchGetArrayLength):
126         (JSC::JIT::privateCompileGetByIdSelf):
127         (JSC::JIT::privateCompileGetByIdProto):
128         (JSC::JIT::privateCompileGetByIdSelfList):
129         (JSC::JIT::privateCompileGetByIdProtoList):
130         (JSC::JIT::privateCompileGetByIdChainList):
131         (JSC::JIT::privateCompileGetByIdChain):
132         (JSC::JIT::privateCompilePutByIdReplace):
133
134 2008-12-22  Adam Roben  <aroben@apple.com>
135
136         Build fix after r39428
137
138         * jit/JITCall.cpp:
139         (JSC::JIT::compileOpCallSlowCase): Added a missing MacroAssembler::
140
141 2008-12-22  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
142
143         Rubber-stamped by George Staikos.
144
145         Unify all TorchMobile copyright lines. Consolidate in a single line, as requested by Mark Rowe, some time ago.
146
147         * wtf/RandomNumber.cpp:
148         * wtf/RandomNumber.h:
149         * wtf/RandomNumberSeed.h:
150
151 2008-12-21  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
152
153         Rubber-stamped by George Staikos.
154
155         Fix copyright of the new RandomNumber* files.
156
157         * wtf/RandomNumber.cpp:
158         * wtf/RandomNumber.h:
159         * wtf/RandomNumberSeed.h:
160
161 2008-12-21  Gavin Barraclough  <barraclough@apple.com>
162
163         Reviewed by Oliver Hunt & Cameron Zwarich.
164
165         Add support for call and property access repatching on x86-64.
166
167         No change in performance on current configurations (2x impovement on v8-tests with JIT enabled on x86-64).
168
169         * assembler/MacroAssembler.h:
170         (JSC::MacroAssembler::DataLabelPtr::repatch):
171         (JSC::MacroAssembler::DataLabelPtr::operator X86Assembler::JmpDst):
172         (JSC::MacroAssembler::DataLabel32::repatch):
173         (JSC::MacroAssembler::RepatchBuffer::addressOf):
174         (JSC::MacroAssembler::add32):
175         (JSC::MacroAssembler::sub32):
176         (JSC::MacroAssembler::loadPtrWithAddressOffsetRepatch):
177         (JSC::MacroAssembler::storePtrWithAddressOffsetRepatch):
178         (JSC::MacroAssembler::jePtr):
179         (JSC::MacroAssembler::jnePtr):
180         (JSC::MacroAssembler::jnePtrWithRepatch):
181         (JSC::MacroAssembler::differenceBetween):
182         * assembler/X86Assembler.h:
183         (JSC::X86Assembler::addl_im):
184         (JSC::X86Assembler::subl_im):
185         (JSC::X86Assembler::cmpl_rm):
186         (JSC::X86Assembler::movq_rm_disp32):
187         (JSC::X86Assembler::movq_mr_disp32):
188         (JSC::X86Assembler::repatchPointer):
189         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp64_disp32):
190         * jit/JIT.cpp:
191         (JSC::JIT::privateCompile):
192         (JSC::JIT::privateCompileCTIMachineTrampolines):
193         * jit/JIT.h:
194         * jit/JITCall.cpp:
195         (JSC::JIT::unlinkCall):
196         (JSC::JIT::linkCall):
197         (JSC::JIT::compileOpCall):
198         (JSC::JIT::compileOpCallSlowCase):
199         * jit/JITInlineMethods.h:
200         (JSC::JIT::restoreArgumentReferenceForTrampoline):
201         * jit/JITPropertyAccess.cpp:
202         (JSC::JIT::compileGetByIdHotPath):
203         (JSC::JIT::compileGetByIdSlowCase):
204         (JSC::JIT::compilePutByIdHotPath):
205         (JSC::JIT::compilePutByIdSlowCase):
206         (JSC::resizePropertyStorage):
207         (JSC::JIT::privateCompilePutByIdTransition):
208         (JSC::JIT::privateCompileGetByIdProto):
209         (JSC::JIT::privateCompileGetByIdProtoList):
210         (JSC::JIT::privateCompileGetByIdChainList):
211         (JSC::JIT::privateCompileGetByIdChain):
212         * wtf/Platform.h:
213
214 2008-12-20  Gavin Barraclough  <barraclough@apple.com>
215
216         Reviewed by Oliver Hunt.
217
218         Port optimized property access generation to the MacroAssembler.
219
220         * assembler/MacroAssembler.h:
221         (JSC::MacroAssembler::AbsoluteAddress::AbsoluteAddress):
222         (JSC::MacroAssembler::DataLabelPtr::repatch):
223         (JSC::MacroAssembler::DataLabel32::DataLabel32):
224         (JSC::MacroAssembler::DataLabel32::repatch):
225         (JSC::MacroAssembler::Label::operator X86Assembler::JmpDst):
226         (JSC::MacroAssembler::Jump::repatch):
227         (JSC::MacroAssembler::JumpList::empty):
228         (JSC::MacroAssembler::RepatchBuffer::link):
229         (JSC::MacroAssembler::add32):
230         (JSC::MacroAssembler::and32):
231         (JSC::MacroAssembler::sub32):
232         (JSC::MacroAssembler::loadPtrWithAddressRepatch):
233         (JSC::MacroAssembler::storePtrWithAddressRepatch):
234         (JSC::MacroAssembler::push):
235         (JSC::MacroAssembler::ja32):
236         (JSC::MacroAssembler::jePtr):
237         (JSC::MacroAssembler::jnePtr):
238         (JSC::MacroAssembler::jnePtrWithRepatch):
239         (JSC::MacroAssembler::align):
240         (JSC::MacroAssembler::differenceBetween):
241         * assembler/X86Assembler.h:
242         (JSC::X86Assembler::movl_rm_disp32):
243         (JSC::X86Assembler::movl_mr_disp32):
244         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp_disp32):
245         (JSC::X86Assembler::X86InstructionFormatter::memoryModRM):
246         * jit/JIT.cpp:
247         (JSC::ctiRepatchCallByReturnAddress):
248         (JSC::JIT::privateCompileMainPass):
249         (JSC::JIT::privateCompile):
250         (JSC::JIT::privateCompileCTIMachineTrampolines):
251         * jit/JIT.h:
252         * jit/JITPropertyAccess.cpp:
253         (JSC::JIT::compileGetByIdHotPath):
254         (JSC::JIT::compileGetByIdSlowCase):
255         (JSC::JIT::compilePutByIdHotPath):
256         (JSC::JIT::compilePutByIdSlowCase):
257         (JSC::resizePropertyStorage):
258         (JSC::JIT::privateCompilePutByIdTransition):
259         (JSC::JIT::patchGetByIdSelf):
260         (JSC::JIT::patchPutByIdReplace):
261         (JSC::JIT::privateCompilePatchGetArrayLength):
262         (JSC::JIT::privateCompileGetByIdSelf):
263         (JSC::JIT::privateCompileGetByIdProto):
264         (JSC::JIT::privateCompileGetByIdSelfList):
265         (JSC::JIT::privateCompileGetByIdProtoList):
266         (JSC::JIT::privateCompileGetByIdChainList):
267         (JSC::JIT::privateCompileGetByIdChain):
268         (JSC::JIT::privateCompilePutByIdReplace):
269         * wtf/RefCounted.h:
270         (WTF::RefCountedBase::addressOfCount):
271
272 2008-12-19  Gustavo Noronha Silva  <gns@gnome.org>
273
274         Reviewed by Holger Freyther.
275
276         https://bugs.webkit.org/show_bug.cgi?id=22686
277
278         Added file which was missing to the javascriptcore_sources
279         variable, so that it shows up in the tarball created by `make
280         dist'.
281
282         * GNUmakefile.am:
283
284 2008-12-19  Holger Hans Peter Freyther  <zecke@selfish.org>
285
286         Reviewed by Antti Koivisto.
287
288         Build fix when building JS API tests with a c89 c compiler
289
290         Do not use C++ style comments and convert them to C comments.
291
292         * wtf/Platform.h:
293
294 2008-12-18  Gavin Barraclough  <barraclough@apple.com>
295
296         Reviewed by Sam Weinig.
297
298         Same as last revision, adding cases for pre & post inc & dec.
299
300         https://bugs.webkit.org/show_bug.cgi?id=22928
301
302         * jit/JIT.cpp:
303         (JSC::JIT::privateCompileMainPass):
304
305 2008-12-18  Gavin Barraclough  <barraclough@apple.com>
306
307         Reviewed by Sam Weinig.
308
309         Fixes for the JIT's handling of JSImmediate values on x86-64.
310         On 64-bit systems, the code in JSImmediate.h relies on the upper
311         bits of a JSImmediate being a sign extension of the low 32-bits.
312         This was not being enforced by the JIT, since a number of inline
313         operations were being performed on 32-bit values in registers, and
314         when a 32-bit result is written to a register on x86-64 the value
315         is zero-extended to 64-bits.
316         
317         This fix honors previous behavoir.  A better fix in the long run
318         (when the JIT is enabled by default) may be to change JSImmediate.h
319         so it no longer relies on the upper bits of the pointer,... though
320         if we're going to change JSImmediate.h for 64-bit, we probably may
321         as well change the format so that the full range of 32-bit ints can
322         be stored, rather than just 31-bits.
323
324         https://bugs.webkit.org/show_bug.cgi?id=22925
325
326         * assembler/MacroAssembler.h:
327         (JSC::MacroAssembler::addPtr):
328         (JSC::MacroAssembler::andPtr):
329         (JSC::MacroAssembler::orPtr):
330         (JSC::MacroAssembler::or32):
331         (JSC::MacroAssembler::xor32):
332         (JSC::MacroAssembler::xorPtr):
333         (JSC::MacroAssembler::signExtend32ToPtr):
334         * assembler/X86Assembler.h:
335         (JSC::X86Assembler::):
336         (JSC::X86Assembler::andq_rr):
337         (JSC::X86Assembler::andq_ir):
338         (JSC::X86Assembler::orq_rr):
339         (JSC::X86Assembler::xorq_ir):
340         (JSC::X86Assembler::movsxd_rr):
341         * jit/JIT.cpp:
342         (JSC::JIT::privateCompileMainPass):
343         * jit/JITInlineMethods.h:
344         (JSC::JIT::emitFastArithReTagImmediate):
345         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
346         (JSC::JIT::emitFastArithImmToInt):
347
348 2008-12-18  Gavin Barraclough  <barraclough@apple.com>
349
350         Reviewed by Sam Weinig.
351
352         Just a tidy up - rename & refactor some the #defines configuring the JIT.
353
354         * interpreter/Interpreter.cpp:
355         (JSC::Interpreter::cti_op_convert_this):
356         (JSC::Interpreter::cti_op_end):
357         (JSC::Interpreter::cti_op_add):
358         (JSC::Interpreter::cti_op_pre_inc):
359         (JSC::Interpreter::cti_timeout_check):
360         (JSC::Interpreter::cti_register_file_check):
361         (JSC::Interpreter::cti_op_loop_if_less):
362         (JSC::Interpreter::cti_op_loop_if_lesseq):
363         (JSC::Interpreter::cti_op_new_object):
364         (JSC::Interpreter::cti_op_put_by_id_generic):
365         (JSC::Interpreter::cti_op_get_by_id_generic):
366         (JSC::Interpreter::cti_op_put_by_id):
367         (JSC::Interpreter::cti_op_put_by_id_second):
368         (JSC::Interpreter::cti_op_put_by_id_fail):
369         (JSC::Interpreter::cti_op_get_by_id):
370         (JSC::Interpreter::cti_op_get_by_id_second):
371         (JSC::Interpreter::cti_op_get_by_id_self_fail):
372         (JSC::Interpreter::cti_op_get_by_id_proto_list):
373         (JSC::Interpreter::cti_op_get_by_id_proto_list_full):
374         (JSC::Interpreter::cti_op_get_by_id_proto_fail):
375         (JSC::Interpreter::cti_op_get_by_id_array_fail):
376         (JSC::Interpreter::cti_op_get_by_id_string_fail):
377         (JSC::Interpreter::cti_op_instanceof):
378         (JSC::Interpreter::cti_op_del_by_id):
379         (JSC::Interpreter::cti_op_mul):
380         (JSC::Interpreter::cti_op_new_func):
381         (JSC::Interpreter::cti_op_call_JSFunction):
382         (JSC::Interpreter::cti_op_call_arityCheck):
383         (JSC::Interpreter::cti_vm_dontLazyLinkCall):
384         (JSC::Interpreter::cti_vm_lazyLinkCall):
385         (JSC::Interpreter::cti_op_push_activation):
386         (JSC::Interpreter::cti_op_call_NotJSFunction):
387         (JSC::Interpreter::cti_op_create_arguments):
388         (JSC::Interpreter::cti_op_create_arguments_no_params):
389         (JSC::Interpreter::cti_op_tear_off_activation):
390         (JSC::Interpreter::cti_op_tear_off_arguments):
391         (JSC::Interpreter::cti_op_profile_will_call):
392         (JSC::Interpreter::cti_op_profile_did_call):
393         (JSC::Interpreter::cti_op_ret_scopeChain):
394         (JSC::Interpreter::cti_op_new_array):
395         (JSC::Interpreter::cti_op_resolve):
396         (JSC::Interpreter::cti_op_construct_JSConstruct):
397         (JSC::Interpreter::cti_op_construct_NotJSConstruct):
398         (JSC::Interpreter::cti_op_get_by_val):
399         (JSC::Interpreter::cti_op_resolve_func):
400         (JSC::Interpreter::cti_op_sub):
401         (JSC::Interpreter::cti_op_put_by_val):
402         (JSC::Interpreter::cti_op_put_by_val_array):
403         (JSC::Interpreter::cti_op_lesseq):
404         (JSC::Interpreter::cti_op_loop_if_true):
405         (JSC::Interpreter::cti_op_negate):
406         (JSC::Interpreter::cti_op_resolve_base):
407         (JSC::Interpreter::cti_op_resolve_skip):
408         (JSC::Interpreter::cti_op_resolve_global):
409         (JSC::Interpreter::cti_op_div):
410         (JSC::Interpreter::cti_op_pre_dec):
411         (JSC::Interpreter::cti_op_jless):
412         (JSC::Interpreter::cti_op_not):
413         (JSC::Interpreter::cti_op_jtrue):
414         (JSC::Interpreter::cti_op_post_inc):
415         (JSC::Interpreter::cti_op_eq):
416         (JSC::Interpreter::cti_op_lshift):
417         (JSC::Interpreter::cti_op_bitand):
418         (JSC::Interpreter::cti_op_rshift):
419         (JSC::Interpreter::cti_op_bitnot):
420         (JSC::Interpreter::cti_op_resolve_with_base):
421         (JSC::Interpreter::cti_op_new_func_exp):
422         (JSC::Interpreter::cti_op_mod):
423         (JSC::Interpreter::cti_op_less):
424         (JSC::Interpreter::cti_op_neq):
425         (JSC::Interpreter::cti_op_post_dec):
426         (JSC::Interpreter::cti_op_urshift):
427         (JSC::Interpreter::cti_op_bitxor):
428         (JSC::Interpreter::cti_op_new_regexp):
429         (JSC::Interpreter::cti_op_bitor):
430         (JSC::Interpreter::cti_op_call_eval):
431         (JSC::Interpreter::cti_op_throw):
432         (JSC::Interpreter::cti_op_get_pnames):
433         (JSC::Interpreter::cti_op_next_pname):
434         (JSC::Interpreter::cti_op_push_scope):
435         (JSC::Interpreter::cti_op_pop_scope):
436         (JSC::Interpreter::cti_op_typeof):
437         (JSC::Interpreter::cti_op_is_undefined):
438         (JSC::Interpreter::cti_op_is_boolean):
439         (JSC::Interpreter::cti_op_is_number):
440         (JSC::Interpreter::cti_op_is_string):
441         (JSC::Interpreter::cti_op_is_object):
442         (JSC::Interpreter::cti_op_is_function):
443         (JSC::Interpreter::cti_op_stricteq):
444         (JSC::Interpreter::cti_op_nstricteq):
445         (JSC::Interpreter::cti_op_to_jsnumber):
446         (JSC::Interpreter::cti_op_in):
447         (JSC::Interpreter::cti_op_push_new_scope):
448         (JSC::Interpreter::cti_op_jmp_scopes):
449         (JSC::Interpreter::cti_op_put_by_index):
450         (JSC::Interpreter::cti_op_switch_imm):
451         (JSC::Interpreter::cti_op_switch_char):
452         (JSC::Interpreter::cti_op_switch_string):
453         (JSC::Interpreter::cti_op_del_by_val):
454         (JSC::Interpreter::cti_op_put_getter):
455         (JSC::Interpreter::cti_op_put_setter):
456         (JSC::Interpreter::cti_op_new_error):
457         (JSC::Interpreter::cti_op_debug):
458         (JSC::Interpreter::cti_vm_throw):
459         * interpreter/Interpreter.h:
460         * jit/JIT.cpp:
461         (JSC::):
462         (JSC::JIT::privateCompileMainPass):
463         (JSC::JIT::privateCompile):
464         * jit/JIT.h:
465         * jit/JITInlineMethods.h:
466         (JSC::JIT::restoreArgumentReference):
467         (JSC::JIT::restoreArgumentReferenceForTrampoline):
468         * wtf/Platform.h:
469
470 2008-12-18  Cameron Zwarich  <zwarich@apple.com>
471
472         Reviewed by Geoff Garen.
473
474         Bug 21855: REGRESSION (r37323): Gmail complains about popup blocking when opening a link
475         <https://bugs.webkit.org/show_bug.cgi?id=21855>
476         <rdar://problem/6278244>
477
478         Move DynamicGlobalObjectScope to JSGlobalObject.h so that it can be used
479         from WebCore.
480
481         * interpreter/Interpreter.cpp:
482         * runtime/JSGlobalObject.h:
483         (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope):
484         (JSC::DynamicGlobalObjectScope::~DynamicGlobalObjectScope):
485
486 2008-12-17  Geoffrey Garen  <ggaren@apple.com>
487
488         Reviewed by Gavin Barraclough.
489         
490         Fixed https://bugs.webkit.org/show_bug.cgi?id=22393
491         Segfault when caching property accesses to primitive cells.
492         
493         Changed some asObject casts to asCell casts in cases where a primitive
494         value may be a cell and not an object.
495         
496         Re-enabled property caching for primitives in cases where it had been
497         disabled because of this bug.
498         
499         Updated a comment to better explain something Darin thought needed
500         explaining in an old patch review.
501
502         * interpreter/Interpreter.cpp:
503         (JSC::countPrototypeChainEntriesAndCheckForProxies):
504         (JSC::Interpreter::tryCacheGetByID):
505         (JSC::Interpreter::tryCTICacheGetByID):
506         (JSC::Interpreter::cti_op_get_by_id_self_fail):
507         (JSC::Interpreter::cti_op_get_by_id_proto_list):
508
509 2008-12-17  Gavin Barraclough  <barraclough@apple.com>
510
511         Reviewed by Cameron Zwarich.
512
513         Fixes for Sunspider failures with the JIT enabled on x86-64.
514
515         * assembler/MacroAssembler.h:
516             Switch the order of the RegisterID & Address form of je32, to keep it consistent with jne32.
517         * jit/JIT.cpp:
518         * jit/JIT.h:
519         * jit/JITInlineMethods.h:
520             Port the m_ctiVirtualCall tramopline generation to use the MacroAssembler interface.
521         * jit/JITCall.cpp:
522             Fix bug in the non-optimizing code path, vptr check should have been to the memory address pointer
523             to by the register, not to the register itself.
524         * wrec/WRECGenerator.cpp:
525             See assembler/MacroAssembler.h, above.
526
527 2008-12-17  Gavin Barraclough  <barraclough@apple.com>
528
529         Reviewed by Sam Weinig.
530
531         print("Hello, 64-bit jitted world!");
532         Get hello-world working through the JIT, on x86-64.
533
534         * assembler/X86Assembler.h:
535             Fix encoding of opcode + RegisterID format instructions for 64-bit.
536         * interpreter/Interpreter.cpp:
537         * interpreter/Interpreter.h:
538             Make VoidPtrPair actually be a pair of void*s.
539             (Possibly should make this change for 32-bit Mac platforms, too - but won't change 32-bit behaviour in this patch).
540         * jit/JIT.cpp:
541         * jit/JIT.h:
542             Provide names for the timeoutCheckRegister & callFrameRegister on x86-64,
543             force x86-64 ctiTrampoline arguments onto the stack,
544             implement the asm trampolines for x86-64,
545             implement the restoreArgumentReference methods for x86-64 calling conventions.
546         * jit/JITCall.cpp:
547         * jit/JITInlineMethods.h:
548         * wtf/Platform.h:
549             Add switch settings to ENABLE(JIT), on PLATFORM(X86_64) (currently still disabled).
550
551 2008-12-17  Sam Weinig  <sam@webkit.org>
552
553         Reviewed by Gavin Barraclough.
554
555         Add more CodeBlock statistics.
556
557         * bytecode/CodeBlock.cpp:
558         (JSC::CodeBlock::dumpStatistics):
559
560 2008-12-17  Sam Weinig  <sam@webkit.org>
561
562         Reviewed by Darin Adler.
563
564         Fix for https://bugs.webkit.org/show_bug.cgi?id=22897
565         <rdar://problem/6428342>
566         Look into feasibility of discarding bytecode after native codegen
567
568         Clear the bytecode Instruction vector at the end JIT generation.
569
570         Saves 4.8 MB on Membuster head.
571
572         * bytecode/CodeBlock.cpp:
573         (JSC::CodeBlock::dump): Add logging for the case that someone tries
574         to dump the instructions of a CodeBlock that has had its bytecode
575         vector cleared.
576         (JSC::CodeBlock::CodeBlock): Initialize the instructionCount
577         (JSC::CodeBlock::handlerForBytecodeOffset): Use instructionCount instead
578         of the size of the instruction vector in the assertion.
579         (JSC::CodeBlock::lineNumberForBytecodeOffset): Ditto.
580         (JSC::CodeBlock::expressionRangeForBytecodeOffset): Ditto.
581         (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset): Ditto.
582         (JSC::CodeBlock::functionRegisterForBytecodeOffset): Ditto.
583         * bytecode/CodeBlock.h:
584         (JSC::CodeBlock::setInstructionCount): Store the instruction vector size
585         in debug builds for assertions.
586         * bytecompiler/BytecodeGenerator.cpp:
587         (JSC::BytecodeGenerator::generate):
588         * jit/JIT.cpp:
589         (JSC::JIT::privateCompile): Clear the bytecode vector unless we
590         have compiled with Opcode sampling where we will continue to require it
591
592 2008-12-17  Cary Clark  <caryclark@google.com>
593
594         Reviewed by Darin Adler.
595         Landed by Adam Barth.
596
597         Add ENABLE_TEXT_CARET to permit the ANDROID platform
598         to invalidate and draw the caret in a separate thread.
599
600         * wtf/Platform.h:
601         Default ENABLE_TEXT_CARET to 1.
602
603 2008-12-17  Alexey Proskuryakov  <ap@webkit.org>
604
605         Reviewed by Darin Adler.
606
607         Don't use unique context group in JSGlobalContextCreate() on Tiger or Leopard, take two.
608
609         * API/JSContextRef.cpp: The previous patch that claimed to do this was making Tiger and
610         Leopard always use unique context group instead.
611
612 2008-12-16  Sam Weinig  <sam@webkit.org>
613
614         Reviewed by Geoffrey Garen.
615
616         Fix for https://bugs.webkit.org/show_bug.cgi?id=22838
617         Remove dependency on the bytecode Instruction buffer in Interpreter::throwException
618         Part of <rdar://problem/6428342>
619
620         * bytecode/CodeBlock.cpp:
621         (JSC::CodeBlock::functionRegisterForBytecodeOffset): Added. Function to get
622         a function Register index in a callFrame for a bytecode offset.
623         (JSC::CodeBlock::shrinkToFit): Shrink m_getByIdExceptionInfo and m_functionRegisterInfos.
624         * bytecode/CodeBlock.h:
625         (JSC::FunctionRegisterInfo::FunctionRegisterInfo): Added.
626         (JSC::CodeBlock::addFunctionRegisterInfo):
627         * bytecompiler/BytecodeGenerator.cpp:
628         (JSC::BytecodeGenerator::emitCall):
629         * interpreter/Interpreter.cpp:
630         (JSC::Interpreter::throwException): Use functionRegisterForBytecodeOffset in JIT
631         mode.
632
633 2008-12-16  Sam Weinig  <sam@webkit.org>
634
635         Reviewed by Gavin Barraclough.
636
637         Fix for https://bugs.webkit.org/show_bug.cgi?id=22837
638         Remove dependency on the bytecode Instruction buffer in Interpreter::cti_op_call_NotJSFunction
639         Part of <rdar://problem/6428342>
640
641         * interpreter/CallFrame.h: Added comment regarding returnPC storing a void*.
642         * interpreter/Interpreter.cpp:
643         (JSC::bytecodeOffsetForPC): We no longer have any cases of the PC
644         being in the instruction stream for JIT, so we can remove the check.
645         (JSC::Interpreter::cti_op_call_NotJSFunction): Use the CTI_RETURN_ADDRESS
646         as the call frame returnPC as it is only necessary for looking up when
647         throwing an exception.
648         * interpreter/RegisterFile.h:
649         (JSC::RegisterFile::): Added comment regarding returnPC storing a void*.
650         * jit/JIT.h: Remove ARG_instr4.
651         * jit/JITCall.cpp:
652         (JSC::JIT::compileOpCallSetupArgs): Don't pass the instruction pointer.
653
654 2008-12-16  Darin Adler  <darin@apple.com>
655
656         Reviewed and landed by Cameron Zwarich.
657
658         Preparatory work for fixing
659
660         Bug 22887: Make UString::Rep use RefCounted rather than implementing its own ref counting
661         <https://bugs.webkit.org/show_bug.cgi?id=22887>
662
663         Change the various string translators used by Identifier:add() so that
664         they never zero the ref count of a newly created UString::Rep.
665
666         * runtime/Identifier.cpp:
667         (JSC::CStringTranslator::translate):
668         (JSC::Identifier::add):
669         (JSC::UCharBufferTranslator::translate):
670
671 2008-12-16  Gavin Barraclough  <barraclough@apple.com>
672
673         Build fix for 'doze.
674
675         * assembler/AssemblerBuffer.h:
676
677 2008-12-16  Gavin Barraclough  <barraclough@apple.com>
678
679         Reviewed by Cameron Zwarich.
680
681         Make the JIT compile on x86-64.
682         This largely involves populting the missing calls in MacroAssembler.h.
683         In addition some reinterpret_casts need removing from the JIT, and the
684         repatching property access code will need to be fully compiled out for
685         now.  The changes in interpret.cpp are to reorder the functions so that
686         the _generic forms come before all other property access methods, and
687         then to place all property access methods other than the generic forms
688         under control of the ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS macro.
689
690         No performance impact.
691
692         * assembler/AssemblerBuffer.h:
693         (JSC::AssemblerBuffer::putInt64Unchecked):
694         * assembler/MacroAssembler.h:
695         (JSC::MacroAssembler::loadPtr):
696         (JSC::MacroAssembler::load32):
697         (JSC::MacroAssembler::storePtr):
698         (JSC::MacroAssembler::storePtrWithRepatch):
699         (JSC::MacroAssembler::store32):
700         (JSC::MacroAssembler::poke):
701         (JSC::MacroAssembler::move):
702         (JSC::MacroAssembler::testImm64):
703         (JSC::MacroAssembler::jePtr):
704         (JSC::MacroAssembler::jnePtr):
705         (JSC::MacroAssembler::jnzPtr):
706         (JSC::MacroAssembler::jzPtr):
707         * assembler/X86Assembler.h:
708         (JSC::X86Assembler::):
709         (JSC::X86Assembler::cmpq_rr):
710         (JSC::X86Assembler::cmpq_rm):
711         (JSC::X86Assembler::cmpq_im):
712         (JSC::X86Assembler::testq_i32m):
713         (JSC::X86Assembler::movl_mEAX):
714         (JSC::X86Assembler::movl_i32r):
715         (JSC::X86Assembler::movl_EAXm):
716         (JSC::X86Assembler::movq_rm):
717         (JSC::X86Assembler::movq_mEAX):
718         (JSC::X86Assembler::movq_mr):
719         (JSC::X86Assembler::movq_i64r):
720         (JSC::X86Assembler::movl_mr):
721         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp64):
722         (JSC::X86Assembler::X86InstructionFormatter::immediate64):
723         * interpreter/Interpreter.cpp:
724         (JSC::Interpreter::cti_op_put_by_id_generic):
725         (JSC::Interpreter::cti_op_get_by_id_generic):
726         (JSC::Interpreter::cti_op_put_by_id):
727         (JSC::Interpreter::cti_op_put_by_id_second):
728         * jit/JIT.cpp:
729         (JSC::JIT::privateCompileMainPass):
730         (JSC::JIT::privateCompile):
731         (JSC::JIT::privateCompileCTIMachineTrampolines):
732         * jit/JITCall.cpp:
733         (JSC::JIT::compileOpCallSetupArgs):
734         (JSC::JIT::compileOpCall):
735         * jit/JITPropertyAccess.cpp:
736         (JSC::JIT::compileGetByIdHotPath):
737         (JSC::JIT::compilePutByIdHotPath):
738         * runtime/JSImmediate.h:
739         (JSC::JSImmediate::makeInt):
740
741 2008-12-16  Cameron Zwarich  <zwarich@apple.com>
742
743         Reviewed by Darin Adler.
744
745         Bug 22869: REGRESSION (r38407): http://news.cnet.com/8301-13579_3-9953533-37.html crashes
746         <https://bugs.webkit.org/show_bug.cgi?id=22869>
747         <rdar://problem/6402499>
748
749         Before r38407, Structure::m_nameInPrevious was ref'd due to it being
750         stored in a PropertyMap. However, PropertyMaps are created lazily after
751         r38407, so Structure::m_nameInPrevious is not necessarily ref'd while
752         it is being used. Making it a RefPtr instead of a raw pointer fixes
753         the problem.
754
755         Unfortunately, the crash in the bug is rather intermittent, and it is
756         impossible to add an assertion in UString::Ref::ref() to catch this bug
757         because some users of UString::Rep deliberately zero out the reference
758         count. Therefore, there is no layout test accompanying this bug fix.
759
760         * runtime/Structure.cpp:
761         (JSC::Structure::~Structure): Use get().
762         (JSC::Structure::materializePropertyMap): Use get().
763         (JSC::Structure::addPropertyTransitionToExistingStructure): Use get().
764         (JSC::Structure::addPropertyTransition): Use get().
765         * runtime/Structure.h: Make Structure::m_nameInPrevious a RefPtr instead
766         of a raw pointer.
767
768 2008-12-16  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
769
770         Not reviewed. Attempt to fix win build. No 'using namespace WTF' in this file, needs manual WTF:: prefix.
771         Not sure why the build works as is here.
772
773         * runtime/MathObject.cpp:
774         (JSC::mathProtoFuncRandom):
775
776 2008-12-16  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
777
778         Reviewed by Darin Adler.
779
780         Fixes: https://bugs.webkit.org/show_bug.cgi?id=22876
781
782         Unify random number generation in JavaScriptCore & WebCore, by introducing
783         wtf/RandomNumber.h and moving wtf_random/wtf_random_init out of MathExtras.h.
784
785         wtf_random_init() has been renamed to initializeRandomNumberGenerator() and
786         lives in it's own private header: wtf/RandomNumberSeed.h, only intended to
787         be used from within JavaScriptCore.
788
789         wtf_random() has been renamed to randomNumber() and lives in a public header
790         wtf/RandomNumber.h, usable from within JavaScriptCore & WebCore. It encapsulates
791         the code taking care of initializing the random number generator (only when
792         building without ENABLE(JSC_MULTIPLE_THREADS), otherwhise initializeThreading()
793         already took care of that).
794
795         Functional change on darwin: Use random() instead of rand(), as it got a larger
796         period (more randomness). HTMLFormElement already contains this implementation
797         and I just moved it in randomNumber(), as  special case for PLATFORM(DARWIN).
798
799         * GNUmakefile.am: Add RandomNumber.(cpp/h) / RandomNumberSeed.h.
800         * JavaScriptCore.exp: Ditto.
801         * JavaScriptCore.pri: Ditto.
802         * JavaScriptCore.scons: Ditto.
803         * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
804         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
805         * JavaScriptCoreSources.bkl: Ditto.
806         * runtime/MathObject.cpp: Use new WTF::randomNumber() functionality.
807         (JSC::mathProtoFuncRandom):
808         * wtf/MathExtras.h: Move wtf_random / wtf_random_init to new files.
809         * wtf/RandomNumber.cpp: Added.
810         (WTF::randomNumber):
811         * wtf/RandomNumber.h: Added.
812         * wtf/RandomNumberSeed.h: Added. Internal usage within JSC only.
813         (WTF::initializeRandomNumberGenerator):
814         * wtf/ThreadingGtk.cpp: Rename wtf_random_init() to initializeRandomNumberGenerator().
815         (WTF::initializeThreading):
816         * wtf/ThreadingPthreads.cpp: Ditto.
817         (WTF::initializeThreading):
818         * wtf/ThreadingQt.cpp: Ditto.
819         (WTF::initializeThreading):
820         * wtf/ThreadingWin.cpp: Ditto.
821         (WTF::initializeThreading):
822
823 2008-12-16 Yael Aharon <yael.aharon@nokia.com>
824
825         Reviewed by Tor Arne Vestbø.
826
827         Qt/Win build fix
828
829         * JavaScriptCore.pri:
830
831 2008-12-15  Mark Rowe  <mrowe@apple.com>
832
833         Reviewed by Cameron Zwarich.
834
835         Fix the build with GCC 4.0.
836
837         * Configurations/JavaScriptCore.xcconfig:  GCC 4.0 appears to have a bug when compiling with -funwind-tables on,
838         so don't use it with that compiler version.
839
840 2008-12-15  Mark Rowe  <mrowe@apple.com>
841
842         Rubber-stamped by Cameron Zwarich.
843
844         <rdar://problem/6289933> Change WebKit-related projects to build with GCC 4.2 on Leopard.
845
846         * Configurations/Base.xcconfig:
847         * Configurations/DebugRelease.xcconfig:
848
849 2008-12-15  Alexey Proskuryakov  <ap@webkit.org>
850
851         Reviewed by Darin Adler.
852
853         Don't use unique context group in JSGlobalContextCreate() on Tiger or Leopard.
854
855         * API/JSContextRef.cpp: (JSGlobalContextCreate):
856
857 2008-12-15  Alexey Proskuryakov  <ap@webkit.org>
858
859         Reviewed by Darin Adler.
860
861         <rdar://problem/6445089> Mach ports leak from worker threads
862
863         * interpreter/Interpreter.cpp: (JSC::getCPUTime):
864         Deallocate the thread self port.
865
866 2008-12-15  Gavin Barraclough  <barraclough@apple.com>
867
868         Reviewed by Mark Rowe.
869
870         Construct stack frames in JIT code, so that backtracing can still work.
871         <rdar://problem/6447870> JIT should play nice with attempts to take stack traces
872
873         * jit/JIT.cpp:
874         (JSC::):
875         (JSC::JIT::privateCompileMainPass):
876
877 2008-12-15  Mark Rowe  <mrowe@apple.com>
878
879         Reviewed by Gavin Barraclough.
880
881         <rdar://problem/6402262> JavaScriptCore needs exception handling tables in order to get stack traces without frame pointers
882
883         * Configurations/JavaScriptCore.xcconfig:
884
885 2008-12-15  Gavin Barraclough  <barraclough@apple.com>
886
887         Rubber stamped by Mark Rowe.
888
889         Revert r39226 / Bug 22818: Unify JIT callback argument access OS X / Windows
890         This causes Acid3 failures – reverting for now & will revisit later.
891         https://bugs.webkit.org/show_bug.cgi?id=22873
892
893         * interpreter/Interpreter.h:
894         * jit/JIT.cpp:
895         (JSC::JIT::privateCompileCTIMachineTrampolines):
896         * jit/JIT.h:
897         * jit/JITInlineMethods.h:
898         (JSC::JIT::restoreArgumentReference):
899         (JSC::JIT::restoreArgumentReferenceForTrampoline):
900         (JSC::JIT::emitCTICall_internal):
901         * jit/JITPropertyAccess.cpp:
902         (JSC::JIT::privateCompilePutByIdTransition):
903         * wtf/Platform.h:
904
905 2008-12-15  Darin Adler  <darin@apple.com>
906
907         Reviewed by Sam Weinig.
908
909         - fix <rdar://problem/6427048> crash due to infinite recursion after setting window.__proto__ = window
910
911         Replaced toGlobalObject with the more generally useful unwrappedObject and used it to
912         fix the cycle detection code in put(__proto__).
913
914         * JavaScriptCore.exp: Updated.
915
916         * runtime/JSGlobalObject.cpp: Removed toGlobalObject. We now use unwrappedObject instead.
917         * runtime/JSGlobalObject.h:
918         (JSC::JSGlobalObject::isGlobalObject): Ditto.
919
920         * runtime/JSGlobalObjectFunctions.cpp:
921         (JSC::globalFuncEval): Use unwrappedObject and isGlobalObject here rather than toGlobalObject.
922
923         * runtime/JSObject.cpp:
924         (JSC::JSObject::put): Rewrote prototype cycle checking loop. Use unwrappedObject in the loop now.
925         (JSC::JSObject::unwrappedObject): Replaced toGlobalObject with this new function.
926         * runtime/JSObject.h: More of the same.
927
928 2008-12-15  Steve Falkenburg  <sfalken@apple.com>
929
930         Windows build fix.
931         
932         Visual Studio requires visibility of forward declarations to match class declaration.
933
934         * assembler/X86Assembler.h:
935
936 2008-12-15  Gustavo Noronha Silva  <kov@kov.eti.br>
937
938         Reviewed by Mark Rowe.
939
940         https://bugs.webkit.org/show_bug.cgi?id=22686
941
942         GTK+ build fix.
943
944         * GNUmakefile.am:
945
946 2008-12-15  Gavin Barraclough  <barraclough@apple.com>
947
948         Reviewed by Geoff Garen.
949
950         Add support to X86Assembler emitting instructions that access all 16 registers on x86-64.
951         Add a new formating class, that is reponsible for both emitting the opcode bytes and the
952         ModRm  bytes of an instruction in a single call; this can insert the REX byte as necessary
953         before the opcode, but has access to the register numbers to build the REX.
954
955         * assembler/AssemblerBuffer.h:
956         (JSC::AssemblerBuffer::isAligned):
957         (JSC::AssemblerBuffer::data):
958         * assembler/MacroAssembler.h:
959         (JSC::MacroAssembler::addPtr):
960         (JSC::MacroAssembler::add32):
961         (JSC::MacroAssembler::and32):
962         (JSC::MacroAssembler::or32):
963         (JSC::MacroAssembler::sub32):
964         (JSC::MacroAssembler::xor32):
965         (JSC::MacroAssembler::loadPtr):
966         (JSC::MacroAssembler::load32):
967         (JSC::MacroAssembler::load16):
968         (JSC::MacroAssembler::storePtr):
969         (JSC::MacroAssembler::storePtrWithRepatch):
970         (JSC::MacroAssembler::store32):
971         (JSC::MacroAssembler::pop):
972         (JSC::MacroAssembler::push):
973         (JSC::MacroAssembler::compareImm32ForBranch):
974         (JSC::MacroAssembler::compareImm32ForBranchEquality):
975         (JSC::MacroAssembler::testImm32):
976         (JSC::MacroAssembler::jae32):
977         (JSC::MacroAssembler::jb32):
978         (JSC::MacroAssembler::je16):
979         (JSC::MacroAssembler::jg32):
980         (JSC::MacroAssembler::jnePtr):
981         (JSC::MacroAssembler::jne32):
982         (JSC::MacroAssembler::jump):
983         * assembler/X86Assembler.h:
984         (JSC::X86::):
985         (JSC::X86Assembler::):
986         (JSC::X86Assembler::size):
987         (JSC::X86Assembler::push_r):
988         (JSC::X86Assembler::pop_r):
989         (JSC::X86Assembler::push_i32):
990         (JSC::X86Assembler::push_m):
991         (JSC::X86Assembler::pop_m):
992         (JSC::X86Assembler::addl_rr):
993         (JSC::X86Assembler::addl_mr):
994         (JSC::X86Assembler::addl_ir):
995         (JSC::X86Assembler::addq_ir):
996         (JSC::X86Assembler::addl_im):
997         (JSC::X86Assembler::andl_rr):
998         (JSC::X86Assembler::andl_ir):
999         (JSC::X86Assembler::orl_rr):
1000         (JSC::X86Assembler::orl_mr):
1001         (JSC::X86Assembler::orl_ir):
1002         (JSC::X86Assembler::subl_rr):
1003         (JSC::X86Assembler::subl_mr):
1004         (JSC::X86Assembler::subl_ir):
1005         (JSC::X86Assembler::subl_im):
1006         (JSC::X86Assembler::xorl_rr):
1007         (JSC::X86Assembler::xorl_ir):
1008         (JSC::X86Assembler::sarl_i8r):
1009         (JSC::X86Assembler::sarl_CLr):
1010         (JSC::X86Assembler::shll_i8r):
1011         (JSC::X86Assembler::shll_CLr):
1012         (JSC::X86Assembler::imull_rr):
1013         (JSC::X86Assembler::imull_i32r):
1014         (JSC::X86Assembler::idivl_r):
1015         (JSC::X86Assembler::cmpl_rr):
1016         (JSC::X86Assembler::cmpl_rm):
1017         (JSC::X86Assembler::cmpl_mr):
1018         (JSC::X86Assembler::cmpl_ir):
1019         (JSC::X86Assembler::cmpl_ir_force32):
1020         (JSC::X86Assembler::cmpl_im):
1021         (JSC::X86Assembler::cmpl_im_force32):
1022         (JSC::X86Assembler::cmpw_rm):
1023         (JSC::X86Assembler::testl_rr):
1024         (JSC::X86Assembler::testl_i32r):
1025         (JSC::X86Assembler::testl_i32m):
1026         (JSC::X86Assembler::testq_rr):
1027         (JSC::X86Assembler::testq_i32r):
1028         (JSC::X86Assembler::testb_i8r):
1029         (JSC::X86Assembler::sete_r):
1030         (JSC::X86Assembler::setz_r):
1031         (JSC::X86Assembler::setne_r):
1032         (JSC::X86Assembler::setnz_r):
1033         (JSC::X86Assembler::cdq):
1034         (JSC::X86Assembler::xchgl_rr):
1035         (JSC::X86Assembler::movl_rr):
1036         (JSC::X86Assembler::movl_rm):
1037         (JSC::X86Assembler::movl_mr):
1038         (JSC::X86Assembler::movl_i32r):
1039         (JSC::X86Assembler::movl_i32m):
1040         (JSC::X86Assembler::movq_rr):
1041         (JSC::X86Assembler::movq_rm):
1042         (JSC::X86Assembler::movq_mr):
1043         (JSC::X86Assembler::movzwl_mr):
1044         (JSC::X86Assembler::movzbl_rr):
1045         (JSC::X86Assembler::leal_mr):
1046         (JSC::X86Assembler::call):
1047         (JSC::X86Assembler::jmp):
1048         (JSC::X86Assembler::jmp_r):
1049         (JSC::X86Assembler::jmp_m):
1050         (JSC::X86Assembler::jne):
1051         (JSC::X86Assembler::jnz):
1052         (JSC::X86Assembler::je):
1053         (JSC::X86Assembler::jl):
1054         (JSC::X86Assembler::jb):
1055         (JSC::X86Assembler::jle):
1056         (JSC::X86Assembler::jbe):
1057         (JSC::X86Assembler::jge):
1058         (JSC::X86Assembler::jg):
1059         (JSC::X86Assembler::ja):
1060         (JSC::X86Assembler::jae):
1061         (JSC::X86Assembler::jo):
1062         (JSC::X86Assembler::jp):
1063         (JSC::X86Assembler::js):
1064         (JSC::X86Assembler::addsd_rr):
1065         (JSC::X86Assembler::addsd_mr):
1066         (JSC::X86Assembler::cvtsi2sd_rr):
1067         (JSC::X86Assembler::cvttsd2si_rr):
1068         (JSC::X86Assembler::movd_rr):
1069         (JSC::X86Assembler::movsd_rm):
1070         (JSC::X86Assembler::movsd_mr):
1071         (JSC::X86Assembler::mulsd_rr):
1072         (JSC::X86Assembler::mulsd_mr):
1073         (JSC::X86Assembler::pextrw_irr):
1074         (JSC::X86Assembler::subsd_rr):
1075         (JSC::X86Assembler::subsd_mr):
1076         (JSC::X86Assembler::ucomis_rr):
1077         (JSC::X86Assembler::int3):
1078         (JSC::X86Assembler::ret):
1079         (JSC::X86Assembler::predictNotTaken):
1080         (JSC::X86Assembler::label):
1081         (JSC::X86Assembler::align):
1082         (JSC::X86Assembler::link):
1083         (JSC::X86Assembler::executableCopy):
1084         (JSC::X86Assembler::X86InstructionFormater::prefix):
1085         (JSC::X86Assembler::X86InstructionFormater::oneByteOp):
1086         (JSC::X86Assembler::X86InstructionFormater::twoByteOp):
1087         (JSC::X86Assembler::X86InstructionFormater::oneByteOp64):
1088         (JSC::X86Assembler::X86InstructionFormater::oneByteOp8):
1089         (JSC::X86Assembler::X86InstructionFormater::twoByteOp8):
1090         (JSC::X86Assembler::X86InstructionFormater::instructionImmediate8):
1091         (JSC::X86Assembler::X86InstructionFormater::instructionImmediate32):
1092         (JSC::X86Assembler::X86InstructionFormater::instructionRel32):
1093         (JSC::X86Assembler::X86InstructionFormater::size):
1094         (JSC::X86Assembler::X86InstructionFormater::isAligned):
1095         (JSC::X86Assembler::X86InstructionFormater::data):
1096         (JSC::X86Assembler::X86InstructionFormater::executableCopy):
1097         (JSC::X86Assembler::X86InstructionFormater::registerModRM):
1098         (JSC::X86Assembler::X86InstructionFormater::memoryModRM):
1099         * jit/JIT.cpp:
1100         (JSC::JIT::privateCompileMainPass):
1101         (JSC::JIT::privateCompile):
1102         (JSC::JIT::privateCompileCTIMachineTrampolines):
1103         * jit/JITArithmetic.cpp:
1104         (JSC::JIT::putDoubleResultToJSNumberCellOrJSImmediate):
1105         (JSC::JIT::compileBinaryArithOp):
1106         * jit/JITCall.cpp:
1107         (JSC::JIT::compileOpCall):
1108         (JSC::JIT::compileOpCallSlowCase):
1109         * jit/JITPropertyAccess.cpp:
1110         (JSC::JIT::compileGetByIdHotPath):
1111         (JSC::JIT::compilePutByIdHotPath):
1112         (JSC::JIT::privateCompilePutByIdTransition):
1113         (JSC::JIT::privateCompilePatchGetArrayLength):
1114         (JSC::JIT::privateCompileGetByIdProto):
1115         (JSC::JIT::privateCompileGetByIdProtoList):
1116         (JSC::JIT::privateCompileGetByIdChainList):
1117         (JSC::JIT::privateCompileGetByIdChain):
1118
1119 2008-12-15  Darin Adler  <darin@apple.com>
1120
1121         * interpreter/RegisterFile.h: Tweak include formatting.
1122
1123 2008-12-15  Holger Hans Peter Freyther  <zecke@selfish.org>
1124
1125         Build fix for Gtk+.
1126
1127         * interpreter/RegisterFile.h: Include stdio.h for fprintf
1128
1129 2008-12-15  Alexey Proskuryakov  <ap@webkit.org>
1130
1131         Reviewed by Oliver Hunt.
1132
1133         <rdar://problem/6444455> Worker Thread crash running multiple workers for a moderate amount of time
1134
1135         * interpreter/RegisterFile.h: (JSC::RegisterFile::RegisterFile):
1136         Improve error handling: if mmap fails, crash immediately, and print out the reason.
1137
1138 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1139
1140         Reviewed by Cameron Zwarich.
1141
1142         Re-enable WREC on 64-bit.
1143         Implements one of the MacroAssembler::jnzPtr methods, previously only implemented for 32-bit x86.
1144
1145         https://bugs.webkit.org/show_bug.cgi?id=22849
1146
1147         * assembler/MacroAssembler.h:
1148         (JSC::MacroAssembler::testImm64):
1149         (JSC::MacroAssembler::jnzPtr):
1150         * assembler/X86Assembler.h:
1151         (JSC::X86Assembler::testq_i32r):
1152         (JSC::X86Assembler::testq_rr):
1153         * wtf/Platform.h:
1154
1155 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1156
1157         Fix PPC builds.
1158
1159         * assembler/MacroAssembler.h:
1160
1161 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1162
1163         Build fix only, no review.
1164
1165         * bytecode/CodeBlock.h:
1166
1167 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1168
1169         Reviewed by Cameron Zwarich.
1170
1171         Port the remainder of the JIT, bar calling convention related code, and code
1172         implementing optimizations which can be disabled, to use the MacroAssembler.
1173
1174         * assembler/MacroAssembler.h:
1175         (JSC::MacroAssembler::DataLabelPtr::DataLabelPtr):
1176         (JSC::MacroAssembler::RepatchBuffer::RepatchBuffer):
1177         (JSC::MacroAssembler::RepatchBuffer::link):
1178         (JSC::MacroAssembler::RepatchBuffer::addressOf):
1179         (JSC::MacroAssembler::RepatchBuffer::setPtr):
1180         (JSC::MacroAssembler::addPtr):
1181         (JSC::MacroAssembler::lshift32):
1182         (JSC::MacroAssembler::mod32):
1183         (JSC::MacroAssembler::rshift32):
1184         (JSC::MacroAssembler::storePtrWithRepatch):
1185         (JSC::MacroAssembler::jnzPtr):
1186         (JSC::MacroAssembler::jzPtr):
1187         (JSC::MacroAssembler::jump):
1188         (JSC::MacroAssembler::label):
1189         * assembler/X86Assembler.h:
1190         (JSC::X86Assembler::):
1191         (JSC::X86Assembler::xchgl_rr):
1192         (JSC::X86Assembler::jmp_m):
1193         (JSC::X86Assembler::repatchAddress):
1194         (JSC::X86Assembler::getRelocatedAddress):
1195         * bytecode/CodeBlock.cpp:
1196         (JSC::CodeBlock::CodeBlock):
1197         * bytecode/CodeBlock.h:
1198         (JSC::JITCodeRef::JITCodeRef):
1199         (JSC::CodeBlock::setJITCode):
1200         (JSC::CodeBlock::jitCode):
1201         (JSC::CodeBlock::executablePool):
1202         * jit/JIT.cpp:
1203         (JSC::JIT::privateCompileMainPass):
1204         (JSC::JIT::privateCompileLinkPass):
1205         (JSC::JIT::privateCompile):
1206         (JSC::JIT::privateCompileCTIMachineTrampolines):
1207         * jit/JIT.h:
1208         (JSC::CallRecord::CallRecord):
1209         (JSC::JumpTable::JumpTable):
1210         (JSC::JIT::emitCTICall):
1211         (JSC::JIT::JSRInfo::JSRInfo):
1212         * jit/JITArithmetic.cpp:
1213         * jit/JITCall.cpp:
1214         * jit/JITInlineMethods.h:
1215         (JSC::JIT::emitNakedCall):
1216         (JSC::JIT::emitCTICall_internal):
1217         (JSC::JIT::checkStructure):
1218         (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
1219         (JSC::JIT::addSlowCase):
1220         (JSC::JIT::addJump):
1221         (JSC::JIT::emitJumpSlowToHot):
1222         * jit/JITPropertyAccess.cpp:
1223         (JSC::JIT::privateCompileGetByIdChainList):
1224         (JSC::JIT::privateCompileGetByIdChain):
1225
1226 2008-12-12  Cameron Zwarich  <zwarich@apple.com>
1227
1228         Reviewed by Sam Weinig.
1229
1230         Fix the failures of the following layout tests, which regressed in
1231         r39255:
1232
1233         fast/dom/StyleSheet/ownerNode-lifetime-2.html
1234         fast/xsl/transform-xhr-doc.xhtml
1235
1236         The binary search in CodeBlock::getByIdExceptionInfoForBytecodeOffset()
1237         doesn't guarantee that it actually finds a match, so add an explicit check
1238         for this.
1239
1240         * bytecode/CodeBlock.cpp:
1241         (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
1242
1243 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1244
1245         Reviewed by Cameron Zwarich.
1246
1247         Replace emitPutCallArg methods with emitPutJITStubArg methods.  Primarily to make the argument numbering
1248         more sensible (1-based incrementing by 1, rather than 0-based incrementing by 4).  The CTI name also seems
1249         to be being deprecated from the code generally.
1250
1251         * jit/JIT.cpp:
1252         (JSC::JIT::privateCompileMainPass):
1253         (JSC::JIT::privateCompileSlowCases):
1254         (JSC::JIT::privateCompileCTIMachineTrampolines):
1255         * jit/JIT.h:
1256         * jit/JITArithmetic.cpp:
1257         (JSC::JIT::compileBinaryArithOp):
1258         (JSC::JIT::compileBinaryArithOpSlowCase):
1259         * jit/JITCall.cpp:
1260         (JSC::JIT::compileOpCallSetupArgs):
1261         (JSC::JIT::compileOpCallEvalSetupArgs):
1262         (JSC::JIT::compileOpConstructSetupArgs):
1263         (JSC::JIT::compileOpCall):
1264         * jit/JITInlineMethods.h:
1265         (JSC::JIT::emitPutJITStubArg):
1266         (JSC::JIT::emitPutJITStubArgConstant):
1267         (JSC::JIT::emitGetJITStubArg):
1268         (JSC::JIT::emitPutJITStubArgFromVirtualRegister):
1269         * jit/JITPropertyAccess.cpp:
1270         (JSC::JIT::compileGetByIdHotPath):
1271         (JSC::JIT::compilePutByIdHotPath):
1272         (JSC::JIT::compileGetByIdSlowCase):
1273         (JSC::JIT::compilePutByIdSlowCase):
1274
1275 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1276
1277         Fix windows builds.
1278
1279         * jit/JIT.cpp:
1280         (JSC::JIT::privateCompileMainPass):
1281         (JSC::JIT::privateCompileSlowCases):
1282         (JSC::JIT::privateCompile):
1283
1284 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1285
1286         Reviewed by Geoff Garen.
1287
1288         Remove loop counter 'i' from the JIT generation passes, replace with a member m_bytecodeIndex.
1289
1290         No impact on performance.
1291
1292         * jit/JIT.cpp:
1293         (JSC::JIT::compileOpStrictEq):
1294         (JSC::JIT::emitSlowScriptCheck):
1295         (JSC::JIT::privateCompileMainPass):
1296         (JSC::JIT::privateCompileSlowCases):
1297         (JSC::JIT::privateCompile):
1298         * jit/JIT.h:
1299         (JSC::CallRecord::CallRecord):
1300         (JSC::JmpTable::JmpTable):
1301         (JSC::JIT::emitCTICall):
1302         * jit/JITArithmetic.cpp:
1303         (JSC::JIT::compileBinaryArithOp):
1304         (JSC::JIT::compileBinaryArithOpSlowCase):
1305         * jit/JITCall.cpp:
1306         (JSC::JIT::compileOpCall):
1307         (JSC::JIT::compileOpCallSlowCase):
1308         * jit/JITInlineMethods.h:
1309         (JSC::JIT::emitGetVirtualRegister):
1310         (JSC::JIT::emitGetVirtualRegisters):
1311         (JSC::JIT::emitNakedCall):
1312         (JSC::JIT::emitCTICall_internal):
1313         (JSC::JIT::emitJumpSlowCaseIfJSCell):
1314         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
1315         (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
1316         (JSC::JIT::emitJumpSlowCaseIfNotImmNums):
1317         (JSC::JIT::emitFastArithIntToImmOrSlowCase):
1318         (JSC::JIT::addSlowCase):
1319         (JSC::JIT::addJump):
1320         (JSC::JIT::emitJumpSlowToHot):
1321         * jit/JITPropertyAccess.cpp:
1322         (JSC::JIT::compileGetByIdHotPath):
1323         (JSC::JIT::compileGetByIdSlowCase):
1324         (JSC::JIT::compilePutByIdHotPath):
1325         (JSC::JIT::compilePutByIdSlowCase):
1326
1327 2008-12-12  Sam Weinig  <sam@webkit.org>
1328
1329         Reviewed by Cameron Zwarich.
1330
1331         <rdar://problem/6428342> Look into feasibility of discarding bytecode after native codegen
1332
1333         Move more JIT functionality to using offsets into the Instruction buffer
1334         instead of raw pointers. Two to go!
1335
1336         * interpreter/Interpreter.cpp:
1337         (JSC::bytecodeOffsetForPC): Rename from vPCForPC.
1338         (JSC::Interpreter::resolve): Pass offset to exception helper.
1339         (JSC::Interpreter::resolveSkip): Ditto.
1340         (JSC::Interpreter::resolveGlobal): Ditto.
1341         (JSC::Interpreter::resolveBaseAndProperty): Ditto.
1342         (JSC::Interpreter::resolveBaseAndFunc): Ditto.
1343         (JSC::isNotObject): Ditto.
1344         (JSC::Interpreter::unwindCallFrame): Call bytecodeOffsetForPC.
1345         (JSC::Interpreter::throwException): Use offsets instead of vPCs.
1346         (JSC::Interpreter::privateExecute): Pass offset to exception helper.
1347         (JSC::Interpreter::retrieveLastCaller): Ditto.
1348         (JSC::Interpreter::cti_op_instanceof): Ditto.
1349         (JSC::Interpreter::cti_op_call_NotJSFunction): Ditto.
1350         (JSC::Interpreter::cti_op_resolve): Pass offset to exception helper.
1351         (JSC::Interpreter::cti_op_construct_NotJSConstruct): Ditto.
1352         (JSC::Interpreter::cti_op_resolve_func): Ditto.
1353         (JSC::Interpreter::cti_op_resolve_skip): Ditto.
1354         (JSC::Interpreter::cti_op_resolve_global): Ditto.
1355         (JSC::Interpreter::cti_op_resolve_with_base): Ditto.
1356         (JSC::Interpreter::cti_op_throw): Ditto.
1357         (JSC::Interpreter::cti_op_in): Ditto.
1358         (JSC::Interpreter::cti_vm_throw): Ditto.
1359         * interpreter/Interpreter.h:
1360
1361         * jit/JIT.cpp:
1362         (JSC::JIT::privateCompileMainPass): Don't pass unnecessary vPC to stub.
1363         * jit/JIT.h: Remove ARG_instr1 - ARG_instr3 and ARG_instr5 - ARG_instr6.
1364         * jit/JITCall.cpp:
1365         (JSC::JIT::compileOpCallEvalSetupArgs): Don't pass unnecessary vPC to stub..
1366         (JSC::JIT::compileOpConstructSetupArgs): Ditto.
1367
1368         * runtime/ExceptionHelpers.cpp:
1369         (JSC::createUndefinedVariableError): Take an offset instead of vPC.
1370         (JSC::createInvalidParamError): Ditto.
1371         (JSC::createNotAConstructorError): Ditto.
1372         (JSC::createNotAFunctionError): Ditto.
1373         (JSC::createNotAnObjectError): Ditto.
1374         * runtime/ExceptionHelpers.h:
1375
1376 2008-12-12  Cameron Zwarich  <zwarich@apple.com>
1377
1378         Reviewed by Oliver Hunt.
1379
1380         Bug 22835: Crash during bytecode generation when comparing to null
1381         <https://bugs.webkit.org/show_bug.cgi?id=22835>
1382         <rdar://problem/6286749>
1383
1384         Change the special cases in bytecode generation for comparison to null
1385         to use tempDestination().
1386
1387         * parser/Nodes.cpp:
1388         (JSC::BinaryOpNode::emitBytecode):
1389         (JSC::EqualNode::emitBytecode):
1390
1391 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1392
1393         Reviewed by Geoff Garen.
1394
1395         Move slow-cases of JIT code generation over to the MacroAssembler interface.
1396
1397         * assembler/MacroAssembler.h:
1398         (JSC::MacroAssembler::Label::Label):
1399         (JSC::MacroAssembler::jae32):
1400         (JSC::MacroAssembler::jg32):
1401         (JSC::MacroAssembler::jzPtr):
1402         * jit/JIT.cpp:
1403         (JSC::JIT::privateCompileSlowCases):
1404         (JSC::JIT::privateCompile):
1405         (JSC::JIT::emitGetVariableObjectRegister):
1406         (JSC::JIT::emitPutVariableObjectRegister):
1407         * jit/JIT.h:
1408         (JSC::SlowCaseEntry::SlowCaseEntry):
1409         (JSC::JIT::getSlowCase):
1410         (JSC::JIT::linkSlowCase):
1411         * jit/JITArithmetic.cpp:
1412         (JSC::JIT::compileBinaryArithOpSlowCase):
1413         * jit/JITCall.cpp:
1414         (JSC::JIT::compileOpCallInitializeCallFrame):
1415         (JSC::JIT::compileOpCall):
1416         (JSC::JIT::compileOpCallSlowCase):
1417         * jit/JITInlineMethods.h:
1418         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
1419         (JSC::JIT::linkSlowCaseIfNotJSCell):
1420         * jit/JITPropertyAccess.cpp:
1421         (JSC::JIT::compileGetByIdHotPath):
1422         (JSC::JIT::compilePutByIdHotPath):
1423         (JSC::JIT::compileGetByIdSlowCase):
1424         (JSC::JIT::compilePutByIdSlowCase):
1425
1426 2008-12-12  Cameron Zwarich  <zwarich@apple.com>
1427
1428         Reviewed by Sam Weinig.
1429
1430         Bug 22828: Do not inspect bytecode instruction stream for op_get_by_id exception information
1431         <https://bugs.webkit.org/show_bug.cgi?id=22828>
1432
1433         In order to remove the bytecode instruction stream after generating
1434         native code, all inspection of bytecode instructions at runtime must
1435         be removed. One particular instance of this is the special handling of
1436         exceptions thrown by the op_get_by_id emitted directly before an
1437         op_construct or an op_instanceof. This patch moves that information to
1438         an auxiliary data structure in CodeBlock.
1439
1440         * bytecode/CodeBlock.cpp:
1441         (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
1442         * bytecode/CodeBlock.h:
1443         (JSC::CodeBlock::addGetByIdExceptionInfo):
1444         * bytecompiler/BytecodeGenerator.cpp:
1445         (JSC::BytecodeGenerator::emitConstruct):
1446         * bytecompiler/BytecodeGenerator.h:
1447         (JSC::BytecodeGenerator::emitGetByIdExceptionInfo):
1448         * parser/Nodes.cpp:
1449         (JSC::InstanceOfNode::emitBytecode):
1450         * runtime/ExceptionHelpers.cpp:
1451         (JSC::createNotAnObjectError):
1452
1453 2008-12-12  Sam Weinig  <sam@webkit.org>
1454
1455         Reviewed by Geoffrey Garen.
1456
1457         Change exception information accessors to take offsets into the bytecode
1458         instruction buffer instead of pointers so that they can work even even
1459         if the bytecode buffer is purged.
1460
1461         * bytecode/CodeBlock.cpp:
1462         (JSC::instructionOffsetForNth):
1463         (JSC::CodeBlock::handlerForBytecodeOffset):
1464         (JSC::CodeBlock::lineNumberForBytecodeOffset):
1465         (JSC::CodeBlock::expressionRangeForBytecodeOffset):
1466         * bytecode/CodeBlock.h:
1467         * bytecode/SamplingTool.cpp:
1468         (JSC::SamplingTool::dump):
1469         * interpreter/Interpreter.cpp:
1470         (JSC::Interpreter::throwException):
1471         (JSC::Interpreter::privateExecute):
1472         (JSC::Interpreter::retrieveLastCaller):
1473         * jit/JIT.cpp:
1474         (JSC::JIT::privateCompileMainPass):
1475         * runtime/ExceptionHelpers.cpp:
1476         (JSC::createUndefinedVariableError):
1477         (JSC::createInvalidParamError):
1478         (JSC::createNotAConstructorError):
1479         (JSC::createNotAFunctionError):
1480         (JSC::createNotAnObjectError):
1481
1482 2008-12-12  Geoffrey Garen  <ggaren@apple.com>
1483
1484         Reviewed by Cameron Zwarich.
1485         
1486         Tiny bit of refactoring in quantifier generation.
1487
1488         * wrec/WRECGenerator.cpp:
1489         (JSC::WREC::Generator::generateNonGreedyQuantifier):
1490         (JSC::WREC::Generator::generateGreedyQuantifier):
1491
1492 2008-12-11  Sam Weinig  <sam@webkit.org>
1493
1494         Reviewed by Geoffrey Garen.
1495
1496         Remove dependancy on having the Instruction buffer in order to
1497         deref Structures used for property access and global resolves.
1498         Instead, we put references to the necessary Structures in auxiliary
1499         data structures on the CodeBlock. This is not an ideal solution,
1500         as we still pay for having the Structures in two places and we
1501         would like to eventually just hold on to offsets into the machine
1502         code buffer.
1503
1504         - Also removes CodeBlock bloat in non-JIT by #ifdefing the JIT
1505           only data structures.
1506
1507         * GNUmakefile.am:
1508         * JavaScriptCore.pri:
1509         * JavaScriptCore.scons:
1510         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1511         * JavaScriptCore.xcodeproj/project.pbxproj:
1512         * JavaScriptCoreSources.bkl:
1513         * bytecode/CodeBlock.cpp:
1514         (JSC::isGlobalResolve):
1515         (JSC::isPropertyAccess):
1516         (JSC::instructionOffsetForNth):
1517         (JSC::printGlobalResolveInfo):
1518         (JSC::printStructureStubInfo):
1519         (JSC::CodeBlock::printStructures):
1520         (JSC::CodeBlock::dump):
1521         (JSC::CodeBlock::~CodeBlock):
1522         (JSC::CodeBlock::shrinkToFit):
1523         * bytecode/CodeBlock.h:
1524         (JSC::GlobalResolveInfo::GlobalResolveInfo):
1525         (JSC::getNativePC):
1526         (JSC::CodeBlock::instructions):
1527         (JSC::CodeBlock::getStubInfo):
1528         (JSC::CodeBlock::getBytecodeIndex):
1529         (JSC::CodeBlock::addPropertyAccessInstruction):
1530         (JSC::CodeBlock::addGlobalResolveInstruction):
1531         (JSC::CodeBlock::numberOfStructureStubInfos):
1532         (JSC::CodeBlock::addStructureStubInfo):
1533         (JSC::CodeBlock::structureStubInfo):
1534         (JSC::CodeBlock::addGlobalResolveInfo):
1535         (JSC::CodeBlock::globalResolveInfo):
1536         (JSC::CodeBlock::numberOfCallLinkInfos):
1537         (JSC::CodeBlock::addCallLinkInfo):
1538         (JSC::CodeBlock::callLinkInfo):
1539         * bytecode/Instruction.h:
1540         (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
1541         (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
1542         * bytecode/Opcode.h:
1543         (JSC::):
1544         * bytecode/StructureStubInfo.cpp: Copied from bytecode/CodeBlock.cpp.
1545         (JSC::StructureStubInfo::deref):
1546         * bytecode/StructureStubInfo.h: Copied from bytecode/CodeBlock.h.
1547         (JSC::StructureStubInfo::StructureStubInfo):
1548         (JSC::StructureStubInfo::initGetByIdSelf):
1549         (JSC::StructureStubInfo::initGetByIdProto):
1550         (JSC::StructureStubInfo::initGetByIdChain):
1551         (JSC::StructureStubInfo::initGetByIdSelfList):
1552         (JSC::StructureStubInfo::initGetByIdProtoList):
1553         (JSC::StructureStubInfo::initPutByIdTransition):
1554         (JSC::StructureStubInfo::initPutByIdReplace):
1555         (JSC::StructureStubInfo::):
1556         * bytecompiler/BytecodeGenerator.cpp:
1557         (JSC::BytecodeGenerator::emitResolve):
1558         (JSC::BytecodeGenerator::emitGetById):
1559         (JSC::BytecodeGenerator::emitPutById):
1560         (JSC::BytecodeGenerator::emitCall):
1561         (JSC::BytecodeGenerator::emitConstruct):
1562         (JSC::BytecodeGenerator::emitCatch):
1563         * interpreter/Interpreter.cpp:
1564         (JSC::Interpreter::tryCTICachePutByID):
1565         (JSC::Interpreter::tryCTICacheGetByID):
1566         (JSC::Interpreter::cti_op_get_by_id_self_fail):
1567         (JSC::getPolymorphicAccessStructureListSlot):
1568         (JSC::Interpreter::cti_op_get_by_id_proto_list):
1569         (JSC::Interpreter::cti_op_resolve_global):
1570         * jit/JIT.cpp:
1571         (JSC::JIT::JIT):
1572         (JSC::JIT::privateCompileMainPass):
1573         (JSC::JIT::privateCompileSlowCases):
1574         (JSC::JIT::privateCompile):
1575         * jit/JITPropertyAccess.cpp:
1576         (JSC::JIT::compileGetByIdHotPath):
1577         (JSC::JIT::compilePutByIdHotPath):
1578         (JSC::JIT::compileGetByIdSlowCase):
1579         (JSC::JIT::compilePutByIdSlowCase):
1580         (JSC::JIT::privateCompileGetByIdSelfList):
1581         (JSC::JIT::privateCompileGetByIdProtoList):
1582         (JSC::JIT::privateCompileGetByIdChainList):
1583
1584 2008-12-11  Gavin Barraclough  <barraclough@apple.com>
1585
1586         Reviewed by Oliver Hunt.
1587
1588         Remove CTI_ARGUMENTS mode, use va_start implementation on Windows,
1589         unifying JIT callback (cti_*) argument access on OS X & Windows
1590
1591         No performance impact.
1592
1593         * interpreter/Interpreter.h:
1594         * jit/JIT.cpp:
1595         (JSC::JIT::privateCompileCTIMachineTrampolines):
1596         * jit/JIT.h:
1597         * jit/JITInlineMethods.h:
1598         (JSC::JIT::emitCTICall):
1599         * jit/JITPropertyAccess.cpp:
1600         (JSC::JIT::privateCompilePutByIdTransition):
1601         * wtf/Platform.h:
1602
1603 2008-12-11  Holger Freyther  <zecke@selfish.org>
1604
1605         Reviewed by Simon Hausmann.
1606
1607         https://bugs.webkit.org/show_bug.cgi?id=20953
1608
1609         For Qt it is not pratical to have a FontCache and GlyphPageTreeNode
1610         implementation. This is one of the reasons why the Qt port is currently not
1611         using WebCore/platform/graphics/Font.cpp. By allowing to not use
1612         the simple/fast-path the Qt port will be able to use it.
1613
1614         Introduce USE(FONT_FAST_PATH) and define it for every port but the
1615         Qt one.
1616
1617         * wtf/Platform.h: Enable USE(FONT_FAST_PATH)
1618
1619 2008-12-11  Gabor Loki  <loki@inf.u-szeged.hu>
1620
1621         Reviewed by Darin Adler and landed by Holger Freyther.
1622
1623         <https://bugs.webkit.org/show_bug.cgi?id=22648>
1624         Fix threading on Qt-port and Gtk-port for Sampling tool.
1625
1626         * wtf/ThreadingGtk.cpp:
1627         (WTF::waitForThreadCompletion):
1628         * wtf/ThreadingQt.cpp:
1629         (WTF::waitForThreadCompletion):
1630
1631 2008-12-10  Cameron Zwarich  <zwarich@apple.com>
1632
1633         Reviewed by Oliver Hunt.
1634
1635         Bug 22734: Debugger crashes when stepping into a function call in a return statement
1636         <https://bugs.webkit.org/show_bug.cgi?id=22734>
1637         <rdar://problem/6426796>
1638
1639         * bytecompiler/BytecodeGenerator.cpp:
1640         (JSC::BytecodeGenerator::BytecodeGenerator): The DebuggerCallFrame uses
1641         the 'this' value stored in a callFrame, so op_convert_this should be
1642         emitted at the beginning of a function body when generating bytecode
1643         with debug hooks.
1644         * debugger/DebuggerCallFrame.cpp:
1645         (JSC::DebuggerCallFrame::thisObject): The assertion inherent in the call
1646         to asObject() here is valid, because any 'this' value should have been
1647         converted to a JSObject*.
1648
1649 2008-12-10  Gavin Barraclough  <barraclough@apple.com>
1650
1651         Reviewed by Geoff Garen.
1652
1653         Port more of the JIT to use the MacroAssembler interface.
1654         
1655         Everything in the main pass, bar a few corner cases (operations with required
1656         registers, or calling convention code).  Slightly refactors array creation,
1657         moving the offset calculation into the callFrame into C code (reducing code
1658         planted).
1659
1660         Overall this appears to be a 1% win on v8-tests, due to the smaller immediates
1661         being planted (in jfalse in particular).
1662
1663         * interpreter/Interpreter.cpp:
1664         (JSC::Interpreter::cti_op_new_array):
1665         * jit/JIT.cpp:
1666         (JSC::JIT::privateCompileMainPass):
1667         (JSC::JIT::privateCompileSlowCases):
1668         * jit/JIT.h:
1669         * wrec/WRECGenerator.cpp:
1670         (JSC::WREC::Generator::generateEnter):
1671
1672 2008-12-10  Sam Weinig  <sam@webkit.org>
1673
1674         Fix non-JIT builds.
1675
1676         * bytecode/CodeBlock.h:
1677
1678 2008-12-10  Sam Weinig  <sam@webkit.org>
1679
1680         Reviewed by Geoffrey Garen.
1681
1682         <rdar://problem/6428332> Remove the CTI return address table from CodeBlock
1683
1684         Step 2:
1685
1686         Convert the return address table from a HashMap to a sorted Vector.  This
1687         reduces the size of the data structure by ~4.5MB on Membuster head.
1688
1689         SunSpider reports a 0.5% progression.
1690
1691         * bytecode/CodeBlock.cpp:
1692         (JSC::sizeInBytes): Generic method to get the cost of a Vector.
1693         (JSC::CodeBlock::dumpStatistics): Add dumping of member sizes.
1694         * bytecode/CodeBlock.h:
1695         (JSC::PC::PC): Struct representing NativePC -> VirtualPC mappings.
1696         (JSC::getNativePC): Helper for binary chop.
1697         (JSC::CodeBlock::getBytecodeIndex): Used to get the VirtualPC from a
1698         NativePC using a binary chop of the pcVector.
1699         (JSC::CodeBlock::pcVector): Accessor.
1700
1701         * interpreter/Interpreter.cpp:
1702         (JSC::vPCForPC): Use getBytecodeIndex instead of jitReturnAddressVPCMap().get().
1703         (JSC::Interpreter::cti_op_instanceof): Ditto.
1704         (JSC::Interpreter::cti_op_resolve): Ditto.
1705         (JSC::Interpreter::cti_op_resolve_func): Ditto.
1706         (JSC::Interpreter::cti_op_resolve_skip): Ditto.
1707         (JSC::Interpreter::cti_op_resolve_with_base): Ditto.
1708         (JSC::Interpreter::cti_op_throw): Ditto.
1709         (JSC::Interpreter::cti_op_in): Ditto.
1710         (JSC::Interpreter::cti_vm_throw): Ditto.
1711
1712         * jit/JIT.cpp:
1713         (JSC::JIT::privateCompile): Reserve exact capacity and fill the pcVector.
1714
1715 2008-12-09  Geoffrey Garen  <ggaren@apple.com>
1716
1717         Reviewed by Oliver Hunt.
1718
1719         Added WREC support for an assertion followed by a quantifier. Fixed
1720         PCRE to match.
1721
1722         * wrec/WRECParser.cpp:
1723         (JSC::WREC::Parser::parseParentheses): Throw away the quantifier, since
1724         it's meaningless. (Firefox does the same.)
1725
1726         * pcre/pcre_compile.cpp:
1727         (compileBranch): ditto.
1728
1729 2008-12-09  Geoffrey Garen  <ggaren@apple.com>
1730
1731         Reviewed by Cameron Zwarich.
1732
1733         In preparation for compiling WREC without PCRE:
1734         
1735         Further relaxed WREC's parsing to be more web-compatible. Fixed PCRE to
1736         match in cases where it didn't already.
1737         
1738         Changed JavaScriptCore to report syntax errors detected by WREC, rather
1739         than falling back on PCRE any time WREC sees an error.
1740         
1741         * pcre/pcre_compile.cpp:
1742         (checkEscape): Relaxed parsing of \c and \N escapes to be more
1743         web-compatible.
1744         
1745         * runtime/RegExp.cpp:
1746         (JSC::RegExp::RegExp): Only fall back on PCRE if WREC has not reported
1747         a syntax error.
1748
1749         * wrec/WREC.cpp:
1750         (JSC::WREC::Generator::compileRegExp): Fixed some error reporting to
1751         match PCRE.
1752
1753         * wrec/WRECParser.cpp: Added error messages that match PCRE.
1754
1755         (JSC::WREC::Parser::consumeGreedyQuantifier):
1756         (JSC::WREC::Parser::parseParentheses):
1757         (JSC::WREC::Parser::parseCharacterClass):
1758         (JSC::WREC::Parser::parseNonCharacterEscape): Updated the above functions to
1759         use the new setError API.
1760
1761         (JSC::WREC::Parser::consumeEscape): Relaxed parsing of \c \N \u \x \B
1762         to be more web-compatible.
1763
1764         (JSC::WREC::Parser::parseAlternative): Distinguish between a malformed
1765         quantifier and a quantifier with no prefix, like PCRE does.
1766
1767         (JSC::WREC::Parser::consumeParenthesesType): Updated to use the new setError API.
1768
1769         * wrec/WRECParser.h:
1770         (JSC::WREC::Parser::error):
1771         (JSC::WREC::Parser::syntaxError):
1772         (JSC::WREC::Parser::parsePattern):
1773         (JSC::WREC::Parser::reset):
1774         (JSC::WREC::Parser::setError): Store error messages instead of error codes,
1775         to provide for exception messages. Use a setter for reporting errors, so
1776         errors detected early are not overwritten by errors detected later.
1777
1778 2008-12-09  Gavin Barraclough  <barraclough@apple.com>
1779
1780         Reviewed by Oliver Hunt.
1781
1782         Use va_args to access cti function arguments.
1783         https://bugs.webkit.org/show_bug.cgi?id=22774
1784
1785         This may be a minor regression, but we'll take the hit if so to reduce fragility.
1786
1787         * interpreter/Interpreter.cpp:
1788         * interpreter/Interpreter.h:
1789
1790 2008-12-09  Sam Weinig  <sam@webkit.org>
1791
1792         Reviewed twice by Cameron Zwarich.
1793
1794         Fix for https://bugs.webkit.org/show_bug.cgi?id=22752
1795         Clear SymbolTable after codegen for Function codeblocks that
1796         don't require an activation
1797
1798         This is a ~1.5MB improvement on Membuster-head.
1799
1800         * bytecode/CodeBlock.cpp:
1801         (JSC::CodeBlock::dumpStatistics): Add logging of non-empty symbol tables
1802         and total size used by symbol tables.
1803         * bytecompiler/BytecodeGenerator.cpp:
1804         (JSC::BytecodeGenerator::generate): Clear the symbol table here.
1805
1806 2008-12-09  Sam Weinig  <sam@webkit.org>
1807
1808         Reviewed by Geoffrey Garen.
1809
1810         Remove unnecessary extra lookup when throwing an exception.
1811         We used to first lookup the target offset using getHandlerForVPC
1812         and then we would lookup the native code stub using 
1813         nativeExceptionCodeForHandlerVPC.  Instead, we can just pass around
1814         the HandlerInfo.
1815
1816         * bytecode/CodeBlock.cpp:
1817         (JSC::CodeBlock::handlerForVPC): Return the HandlerInfo.
1818         * bytecode/CodeBlock.h: Remove nativeExceptionCodeForHandlerVPC.
1819
1820         * interpreter/Interpreter.cpp:
1821         (JSC::Interpreter::throwException): Return a HandlerInfo instead of
1822         and Instruction offset.
1823         (JSC::Interpreter::privateExecute): Get the offset from HandlerInfo.
1824         (JSC::Interpreter::cti_op_throw): Get the native code from the HandleInfo.
1825         (JSC::Interpreter::cti_vm_throw): Ditto.
1826         * interpreter/Interpreter.h:
1827
1828 2008-12-09  Eric Seidel  <eric@webkit.org>
1829
1830         Build fix only, no review.
1831
1832         Speculative fix for the Chromium-Windows bot.
1833         Add JavaScriptCore/os-win32 to the include path (for stdint.h)
1834         Strangely it builds fine on my local windows box (or at least doesn't hit this error)
1835
1836         * JavaScriptCore.scons:
1837
1838 2008-12-09  Eric Seidel  <eric@webkit.org>
1839
1840         No review, build fix only.
1841         
1842         Add ExecutableAllocator files missing from Scons build.
1843
1844         * JavaScriptCore.scons:
1845
1846 2008-12-09  Dimitri Glazkov  <dglazkov@chromium.org>
1847
1848         Reviewed by Timothy Hatcher.
1849
1850         https://bugs.webkit.org/show_bug.cgi?id=22631
1851         Allow ScriptCallFrame query names of functions in the call stack.
1852
1853         * JavaScriptCore.exp: added InternalFunction::name and
1854         UString operator==() as exported symbol
1855
1856 2008-12-08  Judit Jasz  <jasy@inf.u-szeged.hu>
1857
1858         Reviewed and tweaked by Cameron Zwarich.
1859
1860         Bug 22352: Annotate opcodes with their length
1861         <https://bugs.webkit.org/show_bug.cgi?id=22352>
1862
1863         * bytecode/Opcode.cpp:
1864         * bytecode/Opcode.h:
1865         * interpreter/Interpreter.cpp:
1866         (JSC::Interpreter::privateExecute):
1867         * jit/JIT.cpp:
1868         (JSC::JIT::privateCompileMainPass):
1869         (JSC::JIT::privateCompileSlowCases):
1870
1871 2008-12-08  Geoffrey Garen  <ggaren@apple.com>
1872
1873         Reviewed by Oliver Hunt.
1874         
1875         Implemented more of the relaxed and somewhat weird rules for deciding
1876         how to interpret a non-pattern-character.
1877         
1878         * wrec/Escapes.h:
1879         (JSC::WREC::Escape::):
1880         (JSC::WREC::Escape::Escape): Eliminated Escape::None because it was
1881         unused. If you see an '\\', it's either a valid escape or an error.
1882
1883         * wrec/Quantifier.h:
1884         (JSC::WREC::Quantifier::Quantifier):
1885         * wrec/WRECGenerator.cpp:
1886         (JSC::WREC::Generator::generateNonGreedyQuantifier):
1887         (JSC::WREC::Generator::generateGreedyQuantifier): Renamed "noMaxSpecified"
1888         to "Infinity", since that's what it means.
1889
1890         * wrec/WRECParser.cpp:
1891         (JSC::WREC::Parser::consumeGreedyQuantifier): Re-wrote {n,m} parsing rules
1892         because they were too strict before. Added support for backtracking
1893         in the case where the {n,m} fails to parse as a quantifier, and yet is
1894         not a syntax error.
1895
1896         (JSC::WREC::Parser::parseCharacterClass):
1897         (JSC::WREC::Parser::parseNonCharacterEscape): Eliminated Escape::None,
1898         as above.
1899
1900         (JSC::WREC::Parser::consumeEscape): Don't treat ASCII and _ escapes
1901         as syntax errors. See fast/regex/non-pattern-characters.html.
1902         
1903         * wrec/WRECParser.h:
1904         (JSC::WREC::Parser::SavedState::SavedState):
1905         (JSC::WREC::Parser::SavedState::restore): Added a state backtracker,
1906         since parsing {n,m} forms requires backtracking if the form turns out
1907         not to be a quantifier.
1908
1909 2008-12-08  Geoffrey Garen  <ggaren@apple.com>
1910
1911         Reviewed by Oliver Hunt.
1912         
1913         Refactored WREC parsing so that only one piece of code needs to know
1914         the relaxed and somewhat weird rules for deciding how to interpret a
1915         non-pattern-character, in preparation for implementing those rules.
1916         
1917         Also, implemented the relaxed and somewhat weird rules for '}' and ']'.
1918
1919         * wrec/WREC.cpp: Reduced the regular expression size limit. Now that
1920         WREC handles ']' properly, it compiles fast/js/regexp-charclass-crash.html,
1921         which makes it hang at the old limit. (The old limit was based on the
1922         misimpression that the same value in PCRE limited the regular expression
1923         pattern size; in reality, it limited the expected compiled regular
1924         expression size. WREC doesn't have a way to calculate an expected
1925         compiled regular expression size, but this should be good enough.)
1926
1927         * wrec/WRECParser.cpp:
1928         (JSC::WREC::parsePatternCharacterSequence): Nixed this function because
1929         it contained a second copy of the logic for handling non-pattern-characters,
1930         which is about to get a lot more complicated.
1931
1932         (JSC::WREC::PatternCharacterSequence::PatternCharacterSequence): 
1933         (JSC::WREC::PatternCharacterSequence::size):
1934         (JSC::WREC::PatternCharacterSequence::append):
1935         (JSC::WREC::PatternCharacterSequence::flush): Helper object for generating
1936         an optimized sequence of pattern characters.
1937
1938         (JSC::WREC::Parser::parseNonCharacterEscape): Renamed to reflect the fact
1939         that the main parseAlternative loop handles character escapes.
1940
1941         (JSC::WREC::Parser::parseAlternative): Moved pattern character sequence
1942         logic from parsePatternCharacterSequence to here, using
1943         PatternCharacterSequence to help with the details.
1944
1945         * wrec/WRECParser.h: Updated for renames.
1946
1947 2008-12-08  Alexey Proskuryakov  <ap@webkit.org>
1948
1949         Reviewed by Geoff Garen.
1950
1951         <rdar://problem/6166088> Give JSGlobalContextCreate a behavior that is concurrency aware,
1952         and un-deprecate it
1953
1954         * API/JSContextRef.cpp: (JSGlobalContextCreate):
1955         * API/JSContextRef.h:
1956         Use a unique context group for the context, unless the application was linked against old
1957         JavaScriptCore.
1958
1959 2008-12-08  Sam Weinig  <sam@webkit.org>
1960
1961         Reviewed by Cameron Zwarich.
1962
1963         Fix for <rdar://problem/6428332> Remove the CTI return address table from CodeBlock
1964
1965         Step 1:
1966
1967         Remove use of jitReturnAddressVPCMap when looking for vPC to store Structures
1968         in for cached lookup.  Instead, use the offset in the StructureStubInfo that is
1969         already required.
1970
1971         * bytecode/CodeBlock.cpp:
1972         (JSC::CodeBlock::dumpStatistics): Fix extraneous semicolon.
1973         * interpreter/Interpreter.cpp:
1974         (JSC::Interpreter::tryCTICachePutByID):
1975         (JSC::Interpreter::tryCTICacheGetByID):
1976         (JSC::Interpreter::cti_op_get_by_id_self_fail):
1977         (JSC::Interpreter::cti_op_get_by_id_proto_list):
1978         * jit/JIT.h:
1979         (JSC::JIT::compileGetByIdSelf):
1980         (JSC::JIT::compileGetByIdProto):
1981         (JSC::JIT::compileGetByIdChain):
1982         (JSC::JIT::compilePutByIdReplace):
1983         (JSC::JIT::compilePutByIdTransition):
1984         * jit/JITPropertyAccess.cpp:
1985         (JSC::JIT::privateCompilePutByIdTransition):
1986         (JSC::JIT::patchGetByIdSelf):
1987         (JSC::JIT::patchPutByIdReplace):
1988         (JSC::JIT::privateCompilePatchGetArrayLength): Remove extra call to getStubInfo.
1989         (JSC::JIT::privateCompileGetByIdSelf):
1990         (JSC::JIT::privateCompileGetByIdProto):
1991         (JSC::JIT::privateCompileGetByIdChain):
1992         (JSC::JIT::privateCompilePutByIdReplace):
1993
1994 2008-12-08  Gavin Barraclough  <barraclough@apple.com>
1995
1996         Reviewed by Oliver Hunt.
1997
1998         Port the op_j?n?eq_null JIT code generation to use the MacroAssembler,
1999         and clean up slightly at the same time.  The 'j' forms currently compare,
2000         then set a register, then compare again, then branch.  Branch directly on
2001         the result of the first compare.
2002
2003         Around a 1% progression on deltablue, crypto & early boyer, for about 1/2%
2004         overall on v8-tests.
2005
2006         * jit/JIT.cpp:
2007         (JSC::JIT::privateCompileMainPass):
2008         * jit/JITPropertyAccess.cpp:
2009         (JSC::JIT::compileGetByIdSlowCase):
2010
2011 2008-12-08  Gavin Barraclough  <barraclough@apple.com>
2012
2013         Reviewed by Geoff Garen.
2014
2015         Expand MacroAssembler to support more operations, required by the JIT.
2016
2017         Generally adds more operations and permutations of operands to the existing
2018         interface.  Rename 'jset' to 'jnz' and 'jnset' to 'jz', which seem clearer,
2019         and require that immediate pointer operands (though not pointer addresses to
2020         load and store instructions) are wrapped in a ImmPtr() type, akin to Imm32().
2021
2022         No performance impact.
2023
2024         * assembler/MacroAssembler.h:
2025         (JSC::MacroAssembler::):
2026         (JSC::MacroAssembler::ImmPtr::ImmPtr):
2027         (JSC::MacroAssembler::add32):
2028         (JSC::MacroAssembler::and32):
2029         (JSC::MacroAssembler::or32):
2030         (JSC::MacroAssembler::sub32):
2031         (JSC::MacroAssembler::xor32):
2032         (JSC::MacroAssembler::loadPtr):
2033         (JSC::MacroAssembler::load32):
2034         (JSC::MacroAssembler::storePtr):
2035         (JSC::MacroAssembler::store32):
2036         (JSC::MacroAssembler::poke):
2037         (JSC::MacroAssembler::move):
2038         (JSC::MacroAssembler::testImm32):
2039         (JSC::MacroAssembler::jae32):
2040         (JSC::MacroAssembler::jb32):
2041         (JSC::MacroAssembler::jePtr):
2042         (JSC::MacroAssembler::je32):
2043         (JSC::MacroAssembler::jnePtr):
2044         (JSC::MacroAssembler::jne32):
2045         (JSC::MacroAssembler::jnzPtr):
2046         (JSC::MacroAssembler::jnz32):
2047         (JSC::MacroAssembler::jzPtr):
2048         (JSC::MacroAssembler::jz32):
2049         (JSC::MacroAssembler::joSub32):
2050         (JSC::MacroAssembler::jump):
2051         (JSC::MacroAssembler::sete32):
2052         (JSC::MacroAssembler::setne32):
2053         (JSC::MacroAssembler::setnz32):
2054         (JSC::MacroAssembler::setz32):
2055         * assembler/X86Assembler.h:
2056         (JSC::X86Assembler::addl_mr):
2057         (JSC::X86Assembler::andl_i8r):
2058         (JSC::X86Assembler::cmpl_rm):
2059         (JSC::X86Assembler::cmpl_mr):
2060         (JSC::X86Assembler::cmpl_i8m):
2061         (JSC::X86Assembler::subl_mr):
2062         (JSC::X86Assembler::testl_i32m):
2063         (JSC::X86Assembler::xorl_i32r):
2064         (JSC::X86Assembler::movl_rm):
2065         (JSC::X86Assembler::modRm_opmsib):
2066         * jit/JIT.cpp:
2067         (JSC::JIT::privateCompileMainPass):
2068         * jit/JITInlineMethods.h:
2069         (JSC::JIT::emitGetVirtualRegister):
2070         (JSC::JIT::emitPutCTIArgConstant):
2071         (JSC::JIT::emitPutCTIParam):
2072         (JSC::JIT::emitPutImmediateToCallFrameHeader):
2073         (JSC::JIT::emitInitRegister):
2074         (JSC::JIT::checkStructure):
2075         (JSC::JIT::emitJumpIfJSCell):
2076         (JSC::JIT::emitJumpIfNotJSCell):
2077         (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
2078
2079 2008-12-08  Geoffrey Garen  <ggaren@apple.com>
2080
2081         Reviewed by Sam Weinig.
2082         
2083         Fixed a bug where WREC would allow a quantifier whose minimum was
2084         greater than its maximum.
2085         
2086         * wrec/Quantifier.h:
2087         (JSC::WREC::Quantifier::Quantifier): ASSERT that the quantifier is not
2088         backwards.
2089         
2090         * wrec/WRECParser.cpp:
2091         (JSC::WREC::Parser::consumeGreedyQuantifier): Verify that the minimum
2092         is not greater than the maximum.
2093
2094 2008-12-08  Eric Seidel  <eric@webkit.org>
2095         
2096         Build fix only, no review.
2097
2098         * JavaScriptCore.scons: add bytecode/JumpTable.cpp
2099
2100 2008-12-08  Sam Weinig  <sam@webkit.org>
2101
2102         Reviewed by Geoffrey Garen.
2103
2104         Patch for https://bugs.webkit.org/show_bug.cgi?id=22716
2105         <rdar://problem/6428315>
2106         Add RareData structure to CodeBlock for infrequently used auxiliary data
2107         members.
2108
2109         Reduces memory on Membuster-head by ~.5MB 
2110
2111         * bytecode/CodeBlock.cpp:
2112         (JSC::CodeBlock::dump):
2113         (JSC::CodeBlock::dumpStatistics):
2114         (JSC::CodeBlock::mark):
2115         (JSC::CodeBlock::getHandlerForVPC):
2116         (JSC::CodeBlock::nativeExceptionCodeForHandlerVPC):
2117         (JSC::CodeBlock::shrinkToFit):
2118         * bytecode/CodeBlock.h:
2119         (JSC::CodeBlock::numberOfExceptionHandlers):
2120         (JSC::CodeBlock::addExceptionHandler):
2121         (JSC::CodeBlock::exceptionHandler):
2122         (JSC::CodeBlock::addFunction):
2123         (JSC::CodeBlock::function):
2124         (JSC::CodeBlock::addUnexpectedConstant):
2125         (JSC::CodeBlock::unexpectedConstant):
2126         (JSC::CodeBlock::addRegExp):
2127         (JSC::CodeBlock::regexp):
2128         (JSC::CodeBlock::numberOfImmediateSwitchJumpTables):
2129         (JSC::CodeBlock::addImmediateSwitchJumpTable):
2130         (JSC::CodeBlock::immediateSwitchJumpTable):
2131         (JSC::CodeBlock::numberOfCharacterSwitchJumpTables):
2132         (JSC::CodeBlock::addCharacterSwitchJumpTable):
2133         (JSC::CodeBlock::characterSwitchJumpTable):
2134         (JSC::CodeBlock::numberOfStringSwitchJumpTables):
2135         (JSC::CodeBlock::addStringSwitchJumpTable):
2136         (JSC::CodeBlock::stringSwitchJumpTable):
2137         (JSC::CodeBlock::evalCodeCache):
2138         (JSC::CodeBlock::createRareDataIfNecessary):
2139
2140 2008-11-26  Peter Kasting  <pkasting@google.com>
2141
2142         Reviewed by Anders Carlsson.
2143
2144         https://bugs.webkit.org/show_bug.cgi?id=16814
2145         Allow ports to disable ActiveX->NPAPI conversion for Media Player.
2146         Improve handling of miscellaneous ActiveX objects.
2147
2148         * wtf/Platform.h: Add another ENABLE(...).
2149
2150 2008-12-08  Sam Weinig  <sam@webkit.org>
2151
2152         Reviewed by Mark Rowe.
2153
2154         Add dumping of CodeBlock member structure usage.
2155
2156         * bytecode/CodeBlock.cpp:
2157         (JSC::CodeBlock::dumpStatistics):
2158         * bytecode/EvalCodeCache.h:
2159         (JSC::EvalCodeCache::isEmpty):
2160
2161 2008-12-08  David Kilzer  <ddkilzer@apple.com>
2162
2163         Bug 22555: Sort "children" sections in Xcode project files
2164
2165         <https://bugs.webkit.org/show_bug.cgi?id=22555>
2166
2167         Reviewed by Eric Seidel.
2168
2169         * JavaScriptCore.xcodeproj/project.pbxproj: Sorted.
2170
2171 2008-12-08  Tony Chang  <tony@chromium.org>
2172
2173         Reviewed by Eric Seidel.
2174
2175         Enable Pan scrolling only when building on PLATFORM(WIN_OS)
2176         Previously platforms like Apple Windows WebKit, Cairo Windows WebKit,
2177         Wx and Chromium were enabling it explicitly, now we just turn it on
2178         for all WIN_OS, later platforms can turn it off as needed on Windows
2179         (or turn it on under Linux, etc.)
2180         https://bugs.webkit.org/show_bug.cgi?id=22698
2181
2182         * wtf/Platform.h:
2183
2184 2008-12-08  Sam Weinig  <sam@webkit.org>
2185
2186         Reviewed by Cameron Zwarich.
2187
2188         Add basic memory statistics dumping for CodeBlock.
2189
2190         * bytecode/CodeBlock.cpp:
2191         (JSC::CodeBlock::dumpStatistics):
2192         (JSC::CodeBlock::CodeBlock):
2193         (JSC::CodeBlock::~CodeBlock):
2194         * bytecode/CodeBlock.h:
2195
2196 2008-12-08  Simon Hausmann  <simon.hausmann@nokia.com>
2197
2198         Fix the Linux build with newer gcc/glibc.
2199
2200         * jit/ExecutableAllocatorPosix.cpp: Include unistd.h for
2201         getpagesize(), according to
2202         http://opengroup.org/onlinepubs/007908775/xsh/getpagesize.html
2203
2204 2008-12-08  Simon Hausmann  <simon.hausmann@nokia.com>
2205
2206         Fix the build with Qt on Windows.
2207
2208         * JavaScriptCore.pri: Compile ExecutableAllocatorWin.cpp on Windows.
2209
2210 2008-12-07  Oliver Hunt  <oliver@apple.com>
2211
2212         Reviewed by NOBODY (Buildfix).
2213
2214         Fix non-WREC builds
2215
2216         * runtime/RegExp.cpp:
2217         (JSC::RegExp::RegExp):
2218
2219 2008-12-07  Oliver Hunt  <oliver@apple.com>
2220
2221         Reviewed by NOBODY (Build fix).
2222
2223         Put ENABLE(ASSEMBLER) guards around use of ExecutableAllocator in global data
2224
2225         Correct Qt and Gtk project files
2226
2227         * GNUmakefile.am:
2228         * JavaScriptCore.pri:
2229         * runtime/JSGlobalData.h:
2230
2231 2008-12-07  Oliver Hunt  <oliver@apple.com>
2232
2233         Reviewed by NOBODY (Build fix).
2234
2235         Add new files to other projects.
2236
2237         * GNUmakefile.am:
2238         * JavaScriptCore.pri:
2239         * JavaScriptCore.pro:
2240
2241 2008-12-07  Oliver Hunt  <oliver@apple.com>
2242
2243         Rubber stamped by Mark Rowe.
2244
2245         Rename ExecutableAllocatorMMAP to the more sensible ExecutableAllocatorPosix
2246
2247         * JavaScriptCore.xcodeproj/project.pbxproj:
2248         * jit/ExecutableAllocator.h:
2249         * jit/ExecutableAllocatorPosix.cpp: Renamed from JavaScriptCore/jit/ExecutableAllocatorMMAP.cpp.
2250         (JSC::ExecutableAllocator::intializePageSize):
2251         (JSC::ExecutablePool::systemAlloc):
2252         (JSC::ExecutablePool::systemRelease):
2253
2254 2008-12-07  Oliver Hunt  <oliver@apple.com>
2255
2256         Reviewed by Cameron Zwarich and Sam Weinig
2257
2258         <rdar://problem/6309878> Need more granular control over allocation of executable memory (21783)
2259         <https://bugs.webkit.org/show_bug.cgi?id=21783>
2260
2261         Add a new allocator for use by the JIT that provides executable pages, so
2262         we can get rid of the current hack that makes the entire heap executable.
2263
2264         1-2% progression on SunSpider-v8, 1% on SunSpider.  Reduces memory usage as well!
2265
2266         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2267         * JavaScriptCore.vcproj/jsc/jsc.vcproj:
2268         * JavaScriptCore.xcodeproj/project.pbxproj:
2269         * assembler/AssemblerBuffer.h:
2270         (JSC::AssemblerBuffer::size):
2271         (JSC::AssemblerBuffer::executableCopy):
2272         * assembler/MacroAssembler.h:
2273         (JSC::MacroAssembler::size):
2274         (JSC::MacroAssembler::copyCode):
2275         * assembler/X86Assembler.h:
2276         (JSC::X86Assembler::size):
2277         (JSC::X86Assembler::executableCopy):
2278         * bytecode/CodeBlock.cpp:
2279         (JSC::CodeBlock::~CodeBlock):
2280         * bytecode/CodeBlock.h:
2281         (JSC::CodeBlock::executablePool):
2282         (JSC::CodeBlock::setExecutablePool):
2283         * bytecode/Instruction.h:
2284         (JSC::PolymorphicAccessStructureList::derefStructures):
2285         * interpreter/Interpreter.cpp:
2286         (JSC::Interpreter::~Interpreter):
2287         * interpreter/Interpreter.h:
2288         * jit/ExecutableAllocator.cpp: Added.
2289         * jit/ExecutableAllocator.h: Added.
2290         (JSC::ExecutablePool::create):
2291         (JSC::ExecutablePool::alloc):
2292         (JSC::ExecutablePool::~ExecutablePool):
2293         (JSC::ExecutablePool::available):
2294         (JSC::ExecutablePool::ExecutablePool):
2295         (JSC::ExecutablePool::poolAllocate):
2296         (JSC::ExecutableAllocator::ExecutableAllocator):
2297         (JSC::ExecutableAllocator::poolForSize):
2298         (JSC::ExecutablePool::sizeForAllocation):
2299         * jit/ExecutableAllocatorMMAP.cpp: Added.
2300         (JSC::ExecutableAllocator::intializePageSize):
2301         (JSC::ExecutablePool::systemAlloc):
2302         (JSC::ExecutablePool::systemRelease):
2303         * jit/ExecutableAllocatorWin.cpp: Added.
2304         (JSC::ExecutableAllocator::intializePageSize):
2305         (JSC::ExecutablePool::systemAlloc):
2306         (JSC::ExecutablePool::systemRelease):
2307         * jit/JIT.cpp:
2308         (JSC::JIT::privateCompile):
2309         (JSC::JIT::privateCompileCTIMachineTrampolines):
2310         * jit/JIT.h:
2311         (JSC::JIT::compileCTIMachineTrampolines):
2312         * jit/JITPropertyAccess.cpp:
2313         (JSC::JIT::privateCompilePutByIdTransition):
2314         (JSC::JIT::privateCompilePatchGetArrayLength):
2315         (JSC::JIT::privateCompileGetByIdSelf):
2316         (JSC::JIT::privateCompileGetByIdProto):
2317         (JSC::JIT::privateCompileGetByIdSelfList):
2318         (JSC::JIT::privateCompileGetByIdProtoList):
2319         (JSC::JIT::privateCompileGetByIdChainList):
2320         (JSC::JIT::privateCompileGetByIdChain):
2321         (JSC::JIT::privateCompilePutByIdReplace):
2322         * parser/Nodes.cpp:
2323         (JSC::RegExpNode::emitBytecode):
2324         * runtime/JSGlobalData.h:
2325         (JSC::JSGlobalData::poolForSize):
2326         * runtime/RegExp.cpp:
2327         (JSC::RegExp::RegExp):
2328         (JSC::RegExp::create):
2329         (JSC::RegExp::~RegExp):
2330         * runtime/RegExp.h:
2331         * runtime/RegExpConstructor.cpp:
2332         (JSC::constructRegExp):
2333         * runtime/RegExpPrototype.cpp:
2334         (JSC::regExpProtoFuncCompile):
2335         * runtime/StringPrototype.cpp:
2336         (JSC::stringProtoFuncMatch):
2337         (JSC::stringProtoFuncSearch):
2338         * wrec/WREC.cpp:
2339         (JSC::WREC::Generator::compileRegExp):
2340         * wrec/WRECGenerator.h:
2341         * wtf/FastMalloc.cpp:
2342         * wtf/FastMalloc.h:
2343         * wtf/TCSystemAlloc.cpp:
2344         (TryMmap):
2345         (TryVirtualAlloc):
2346         (TryDevMem):
2347         (TCMalloc_SystemRelease):
2348
2349 2008-12-06  Sam Weinig  <sam@webkit.org>
2350
2351         Fix the Gtk build.
2352
2353         * jit/JITPropertyAccess.cpp:
2354         (JSC::JIT::compileGetByIdHotPath):
2355         (JSC::JIT::compilePutByIdHotPath):
2356
2357 2008-12-06  Sam Weinig  <sam@webkit.org>
2358
2359         Reviewed by Cameron Zwarich,
2360
2361         Move CodeBlock constructor into the .cpp file.
2362
2363         Sunspider reports a .7% progression, but I can only assume this
2364         is noise.
2365
2366         * bytecode/CodeBlock.cpp:
2367         (JSC::CodeBlock::CodeBlock):
2368         * bytecode/CodeBlock.h:
2369
2370 2008-12-06  Sam Weinig  <sam@webkit.org>
2371
2372         Reviewed by Cameron Zwarich.
2373
2374         Split JumpTable code into its own file.
2375
2376         * GNUmakefile.am:
2377         * JavaScriptCore.pri:
2378         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2379         * JavaScriptCore.xcodeproj/project.pbxproj:
2380         * JavaScriptCoreSources.bkl:
2381         * bytecode/CodeBlock.cpp:
2382         * bytecode/CodeBlock.h:
2383         * bytecode/JumpTable.cpp: Copied from bytecode/CodeBlock.cpp.
2384         * bytecode/JumpTable.h: Copied from bytecode/CodeBlock.h.
2385
2386 2008-12-05  Sam Weinig  <sam@webkit.org>
2387
2388         Reviewed by Cameron Zwarich.
2389
2390         Fix for https://bugs.webkit.org/show_bug.cgi?id=22715
2391         Encapsulate more CodeBlock members in preparation
2392         of moving some of them to a rare data structure.
2393
2394         * bytecode/CodeBlock.cpp:
2395         (JSC::locationForOffset):
2396         (JSC::printConditionalJump):
2397         (JSC::printGetByIdOp):
2398         (JSC::printPutByIdOp):
2399         (JSC::CodeBlock::printStructure):
2400         (JSC::CodeBlock::printStructures):
2401         (JSC::CodeBlock::dump):
2402         (JSC::CodeBlock::~CodeBlock):
2403         (JSC::CodeBlock::unlinkCallers):
2404         (JSC::CodeBlock::derefStructures):
2405         (JSC::CodeBlock::refStructures):
2406         (JSC::CodeBlock::mark):
2407         (JSC::CodeBlock::getHandlerForVPC):
2408         (JSC::CodeBlock::nativeExceptionCodeForHandlerVPC):
2409         (JSC::CodeBlock::lineNumberForVPC):
2410         (JSC::CodeBlock::expressionRangeForVPC):
2411         (JSC::CodeBlock::shrinkToFit):
2412         * bytecode/CodeBlock.h:
2413         (JSC::CodeBlock::CodeBlock):
2414         (JSC::CodeBlock::addCaller):
2415         (JSC::CodeBlock::removeCaller):
2416         (JSC::CodeBlock::isKnownNotImmediate):
2417         (JSC::CodeBlock::isConstantRegisterIndex):
2418         (JSC::CodeBlock::getConstant):
2419         (JSC::CodeBlock::isTemporaryRegisterIndex):
2420         (JSC::CodeBlock::getStubInfo):
2421         (JSC::CodeBlock::getCallLinkInfo):
2422         (JSC::CodeBlock::instructions):
2423         (JSC::CodeBlock::setJITCode):
2424         (JSC::CodeBlock::jitCode):
2425         (JSC::CodeBlock::ownerNode):
2426         (JSC::CodeBlock::setGlobalData):
2427         (JSC::CodeBlock::setThisRegister):
2428         (JSC::CodeBlock::thisRegister):
2429         (JSC::CodeBlock::setNeedsFullScopeChain):
2430         (JSC::CodeBlock::needsFullScopeChain):
2431         (JSC::CodeBlock::setUsesEval):
2432         (JSC::CodeBlock::usesEval):
2433         (JSC::CodeBlock::setUsesArguments):
2434         (JSC::CodeBlock::usesArguments):
2435         (JSC::CodeBlock::codeType):
2436         (JSC::CodeBlock::source):
2437         (JSC::CodeBlock::sourceOffset):
2438         (JSC::CodeBlock::addGlobalResolveInstruction):
2439         (JSC::CodeBlock::numberOfPropertyAccessInstructions):
2440         (JSC::CodeBlock::addPropertyAccessInstruction):
2441         (JSC::CodeBlock::propertyAccessInstruction):
2442         (JSC::CodeBlock::numberOfCallLinkInfos):
2443         (JSC::CodeBlock::addCallLinkInfo):
2444         (JSC::CodeBlock::callLinkInfo):
2445         (JSC::CodeBlock::numberOfJumpTargets):
2446         (JSC::CodeBlock::addJumpTarget):
2447         (JSC::CodeBlock::jumpTarget):
2448         (JSC::CodeBlock::lastJumpTarget):
2449         (JSC::CodeBlock::numberOfExceptionHandlers):
2450         (JSC::CodeBlock::addExceptionHandler):
2451         (JSC::CodeBlock::exceptionHandler):
2452         (JSC::CodeBlock::addExpressionInfo):
2453         (JSC::CodeBlock::numberOfLineInfos):
2454         (JSC::CodeBlock::addLineInfo):
2455         (JSC::CodeBlock::lastLineInfo):
2456         (JSC::CodeBlock::jitReturnAddressVPCMap):
2457         (JSC::CodeBlock::numberOfIdentifiers):
2458         (JSC::CodeBlock::addIdentifier):
2459         (JSC::CodeBlock::identifier):
2460         (JSC::CodeBlock::numberOfConstantRegisters):
2461         (JSC::CodeBlock::addConstantRegister):
2462         (JSC::CodeBlock::constantRegister):
2463         (JSC::CodeBlock::addFunction):
2464         (JSC::CodeBlock::function):
2465         (JSC::CodeBlock::addFunctionExpression):
2466         (JSC::CodeBlock::functionExpression):
2467         (JSC::CodeBlock::addUnexpectedConstant):
2468         (JSC::CodeBlock::unexpectedConstant):
2469         (JSC::CodeBlock::addRegExp):
2470         (JSC::CodeBlock::regexp):
2471         (JSC::CodeBlock::symbolTable):
2472         (JSC::CodeBlock::evalCodeCache):
2473         New inline setters/getters.
2474
2475         (JSC::ProgramCodeBlock::ProgramCodeBlock):
2476         (JSC::ProgramCodeBlock::~ProgramCodeBlock):
2477         (JSC::ProgramCodeBlock::clearGlobalObject):
2478         * bytecode/SamplingTool.cpp:
2479         (JSC::ScopeSampleRecord::sample):
2480         (JSC::SamplingTool::dump):
2481         * bytecompiler/BytecodeGenerator.cpp:
2482         * bytecompiler/BytecodeGenerator.h:
2483         * bytecompiler/Label.h:
2484         * interpreter/CallFrame.cpp:
2485         * interpreter/Interpreter.cpp:
2486         * jit/JIT.cpp:
2487         * jit/JITCall.cpp:
2488         * jit/JITInlineMethods.h:
2489         * jit/JITPropertyAccess.cpp:
2490         * parser/Nodes.cpp:
2491         * runtime/Arguments.h:
2492         * runtime/ExceptionHelpers.cpp:
2493         * runtime/JSActivation.cpp:
2494         * runtime/JSActivation.h:
2495         * runtime/JSGlobalObject.cpp:
2496         Change direct access to use new getter/setters.
2497
2498 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2499
2500         Reviewed by Oliver Hunt.
2501
2502         Prevent GCC4.2 from hanging when trying to compile Interpreter.cpp.
2503         Added "-fno-var-tracking" compiler flag.
2504
2505         https://bugs.webkit.org/show_bug.cgi?id=22704
2506
2507         * JavaScriptCore.xcodeproj/project.pbxproj:
2508
2509 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2510
2511         Reviewed by Oliver Hunt.
2512
2513         Ordering of branch operands in MacroAssembler in unnecessarily  inconsistent.
2514
2515         je, jg etc take an immediate operand as the second argument, but for the
2516         equality branches (je, jne) the immediate operand was the first argument.  This
2517         was unnecessarily inconsistent.  Change je, jne methods to take the immediate
2518         as the second argument.
2519
2520         https://bugs.webkit.org/show_bug.cgi?id=22703
2521
2522         * assembler/MacroAssembler.h:
2523         (JSC::MacroAssembler::je32):
2524         (JSC::MacroAssembler::jne32):
2525         * jit/JIT.cpp:
2526         (JSC::JIT::compileOpStrictEq):
2527         * wrec/WRECGenerator.cpp:
2528         (JSC::WREC::Generator::generateEnter):
2529         (JSC::WREC::Generator::generateNonGreedyQuantifier):
2530         (JSC::WREC::Generator::generateGreedyQuantifier):
2531         (JSC::WREC::Generator::generatePatternCharacterPair):
2532         (JSC::WREC::Generator::generatePatternCharacter):
2533         (JSC::WREC::Generator::generateCharacterClassInvertedRange):
2534         (JSC::WREC::Generator::generateCharacterClassInverted):
2535         (JSC::WREC::Generator::generateAssertionBOL):
2536         (JSC::WREC::Generator::generateAssertionWordBoundary):
2537
2538 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2539
2540         Reviewed by Geoff Garen.
2541
2542         Second tranche of porting JIT.cpp to MacroAssembler interface.
2543
2544         * assembler/MacroAssembler.h:
2545         (JSC::MacroAssembler::mul32):
2546         (JSC::MacroAssembler::jl32):
2547         (JSC::MacroAssembler::jnzSub32):
2548         (JSC::MacroAssembler::joAdd32):
2549         (JSC::MacroAssembler::joMul32):
2550         (JSC::MacroAssembler::jzSub32):
2551         * jit/JIT.cpp:
2552         (JSC::JIT::emitSlowScriptCheck):
2553         (JSC::JIT::privateCompileMainPass):
2554         (JSC::JIT::privateCompileSlowCases):
2555         (JSC::JIT::privateCompileCTIMachineTrampolines):
2556         * jit/JIT.h:
2557         * jit/JITInlineMethods.h:
2558         (JSC::JIT::emitJumpIfNotJSCell):
2559         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
2560
2561 2008-12-05  David Kilzer  <ddkilzer@apple.com>
2562
2563         Bug 22609: Provide a build-time choice when generating hash tables for properties of built-in DOM objects
2564
2565         <https://bugs.webkit.org/show_bug.cgi?id=22609>
2566         <rdar://problem/6331749>
2567
2568         Reviewed by Darin Adler.
2569
2570         Initial patch by Yosen Lin.  Adapted for ToT WebKit by David Kilzer.
2571
2572         Added back the code that generates a "compact" hash (instead of a
2573         perfect hash) as a build-time option using the
2574         ENABLE(PERFECT_HASH_SIZE) macro as defined in Lookup.h.
2575
2576         * create_hash_table: Rename variables to differentiate perfect hash
2577         values from compact hash values.  Added back code to compute compact
2578         hash tables.  Generate both hash table sizes and emit
2579         conditionalized code based on ENABLE(PERFECT_HASH_SIZE).
2580         * runtime/Lookup.cpp:
2581         (JSC::HashTable::createTable): Added version of createTable() for
2582         use with compact hash tables.
2583         (JSC::HashTable::deleteTable): Updated to work with compact hash
2584         tables.
2585         * runtime/Lookup.h: Defined ENABLE(PERFECT_HASH_SIZE) macro here.
2586         (JSC::HashEntry::initialize): Set m_next to zero when using compact
2587         hash tables.
2588         (JSC::HashEntry::setNext): Added for compact hash tables.
2589         (JSC::HashEntry::next): Added for compact hash tables.
2590         (JSC::HashTable::entry): Added version of entry() for use with
2591         compact hash tables.
2592         * runtime/Structure.cpp:
2593         (JSC::Structure::getEnumerablePropertyNames): Updated to work with
2594         compact hash tables.
2595
2596 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2597
2598         Reviewed by Geoff Garen.
2599
2600         Remove redundant calls to JIT::emitSlowScriptCheck.
2601         This is checked in the hot path, so is not needed on the slow path - and the code
2602         was being planted before the start of the slow case, so was completely unreachable!
2603
2604         * jit/JIT.cpp:
2605         (JSC::JIT::privateCompileSlowCases):
2606
2607 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2608
2609         Reviewed by Geoff Garen.
2610
2611         Move JIT::compileOpStrictEq to MacroAssembler interface.
2612
2613         The rewrite also looks like a small (<1%) performance progression.
2614
2615         https://bugs.webkit.org/show_bug.cgi?id=22697
2616
2617         * jit/JIT.cpp:
2618         (JSC::JIT::compileOpStrictEq):
2619         (JSC::JIT::privateCompileSlowCases):
2620         * jit/JIT.h:
2621         * jit/JITInlineMethods.h:
2622         (JSC::JIT::emitJumpIfJSCell):
2623         (JSC::JIT::emitJumpSlowCaseIfJSCell):
2624
2625 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2626
2627         Reviewed by Geoff Garen.
2628
2629         Remove m_assembler from MacroAssembler::Jump.
2630         Keeping a pointer allowed for some syntactic sugar - "link()" looks nicer
2631         than "link(this)".  But maintaining this doubles the size of Jump, which
2632         is even more unfortunate for the JIT, since there are many large structures
2633         holding JmpSrcs.  Probably best to remove it.
2634
2635         https://bugs.webkit.org/show_bug.cgi?id=22693
2636
2637         * assembler/MacroAssembler.h:
2638         (JSC::MacroAssembler::Jump::Jump):
2639         (JSC::MacroAssembler::Jump::link):
2640         (JSC::MacroAssembler::Jump::linkTo):
2641         (JSC::MacroAssembler::JumpList::link):
2642         (JSC::MacroAssembler::JumpList::linkTo):
2643         (JSC::MacroAssembler::jae32):
2644         (JSC::MacroAssembler::je32):
2645         (JSC::MacroAssembler::je16):
2646         (JSC::MacroAssembler::jg32):
2647         (JSC::MacroAssembler::jge32):
2648         (JSC::MacroAssembler::jl32):
2649         (JSC::MacroAssembler::jle32):
2650         (JSC::MacroAssembler::jnePtr):
2651         (JSC::MacroAssembler::jne32):
2652         (JSC::MacroAssembler::jnset32):
2653         (JSC::MacroAssembler::jset32):
2654         (JSC::MacroAssembler::jump):
2655         (JSC::MacroAssembler::jzSub32):
2656         (JSC::MacroAssembler::joAdd32):
2657         (JSC::MacroAssembler::call):
2658         * wrec/WREC.cpp:
2659         (JSC::WREC::Generator::compileRegExp):
2660         * wrec/WRECGenerator.cpp:
2661         (JSC::WREC::Generator::generateEnter):
2662         (JSC::WREC::Generator::generateBackreferenceQuantifier):
2663         (JSC::WREC::Generator::generateNonGreedyQuantifier):
2664         (JSC::WREC::Generator::generateGreedyQuantifier):
2665         (JSC::WREC::Generator::generatePatternCharacter):
2666         (JSC::WREC::Generator::generateCharacterClassInvertedRange):
2667         (JSC::WREC::Generator::generateCharacterClassInverted):
2668         (JSC::WREC::Generator::generateCharacterClass):
2669         (JSC::WREC::Generator::generateParenthesesAssertion):
2670         (JSC::WREC::Generator::generateParenthesesInvertedAssertion):
2671         (JSC::WREC::Generator::generateParenthesesNonGreedy):
2672         (JSC::WREC::Generator::generateParenthesesResetTrampoline):
2673         (JSC::WREC::Generator::generateAssertionBOL):
2674         (JSC::WREC::Generator::generateAssertionEOL):
2675         (JSC::WREC::Generator::generateAssertionWordBoundary):
2676         (JSC::WREC::Generator::generateBackreference):
2677         (JSC::WREC::Generator::terminateAlternative):
2678         (JSC::WREC::Generator::terminateDisjunction):
2679         * wrec/WRECParser.h:
2680
2681 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2682
2683         Reviewed by Geoffrey Garen.
2684
2685         Simplify JIT generated checks for timeout code, by moving more work into the C function.
2686         https://bugs.webkit.org/show_bug.cgi?id=22688
2687
2688         * interpreter/Interpreter.cpp:
2689         (JSC::Interpreter::cti_timeout_check):
2690         * interpreter/Interpreter.h:
2691         * jit/JIT.cpp:
2692         (JSC::JIT::emitSlowScriptCheck):
2693
2694 2008-12-05  Sam Weinig  <sam@webkit.org>
2695
2696         Reviewed by Geoffrey Garen.
2697
2698         Encapsulate access to jump tables in the CodeBlock in preparation
2699         of moving them to a rare data structure.
2700
2701         * bytecode/CodeBlock.cpp:
2702         (JSC::CodeBlock::dump):
2703         (JSC::CodeBlock::shrinkToFit):
2704         * bytecode/CodeBlock.h:
2705         (JSC::CodeBlock::numberOfImmediateSwitchJumpTables):
2706         (JSC::CodeBlock::addImmediateSwitchJumpTable):
2707         (JSC::CodeBlock::immediateSwitchJumpTable):
2708         (JSC::CodeBlock::numberOfCharacterSwitchJumpTables):
2709         (JSC::CodeBlock::addCharacterSwitchJumpTable):
2710         (JSC::CodeBlock::characterSwitchJumpTable):
2711         (JSC::CodeBlock::numberOfStringSwitchJumpTables):
2712         (JSC::CodeBlock::addStringSwitchJumpTable):
2713         (JSC::CodeBlock::stringSwitchJumpTable):
2714         * bytecompiler/BytecodeGenerator.cpp:
2715         (JSC::BytecodeGenerator::generate):
2716         (JSC::BytecodeGenerator::endSwitch):
2717         * interpreter/Interpreter.cpp:
2718         (JSC::Interpreter::privateExecute):
2719         (JSC::Interpreter::cti_op_switch_imm):
2720         (JSC::Interpreter::cti_op_switch_char):
2721         (JSC::Interpreter::cti_op_switch_string):
2722         * jit/JIT.cpp:
2723         (JSC::JIT::privateCompileMainPass):
2724
2725 2008-12-05  Adam Roben  <aroben@apple.com>
2726
2727         Windows build fix after r39020
2728
2729         * jit/JITInlineMethods.h:
2730         (JSC::JIT::restoreArgumentReference):
2731         (JSC::JIT::restoreArgumentReferenceForTrampoline):
2732         Add some apparently-missing __.
2733
2734 2008-12-04  Geoffrey Garen  <ggaren@apple.com>
2735
2736         Reviewed by Darin Adler.
2737         
2738         https://bugs.webkit.org/show_bug.cgi?id=22673
2739         
2740         Added support for the assertion (?=) and inverted assertion (?!) atoms
2741         in WREC.
2742
2743         * wrec/WRECGenerator.cpp:
2744         (JSC::WREC::Generator::generateParenthesesAssertion):
2745         (JSC::WREC::Generator::generateParenthesesInvertedAssertion): Split the
2746         old (unused) generateParentheses into these two functions, with more
2747         limited capabilities.
2748         
2749         * wrec/WRECGenerator.h:
2750         (JSC::WREC::Generator::): Moved an enum to the top of the class definition,
2751         to match the WebKit style, and removed a defunct comment.
2752
2753         * wrec/WRECParser.cpp:
2754         (JSC::WREC::Parser::parseParentheses):
2755         (JSC::WREC::Parser::consumeParenthesesType):
2756         * wrec/WRECParser.h:
2757         (JSC::WREC::Parser::): Added support for parsing (?=) and (?!).
2758
2759 2008-12-05  Simon Hausmann  <simon.hausmann@nokia.com>
2760
2761         Rubber-stamped by Tor Arne Vestbø.
2762
2763         Disable the JIT for the Qt build alltogether again, after observing
2764         more miscompilations in a wider range of newer gcc versions.
2765
2766         * JavaScriptCore.pri:
2767
2768 2008-12-05  Simon Hausmann  <simon.hausmann@nokia.com>
2769
2770         Reviewed by Tor Arne Vestbø.
2771
2772         Disable the JIT for the Qt build on Linux unless gcc is >= 4.2,
2773         due to miscompilations.
2774
2775         * JavaScriptCore.pri:
2776
2777 2008-12-04  Gavin Barraclough  <barraclough@apple.com>
2778
2779         Reviewed by Geoff Garen.
2780
2781         Start porting the JIT to use the MacroAssembler.
2782
2783         https://bugs.webkit.org/show_bug.cgi?id=22671
2784         No change in performance.
2785
2786         * assembler/MacroAssembler.h:
2787         (JSC::MacroAssembler::Jump::operator X86Assembler::JmpSrc):
2788         (JSC::MacroAssembler::add32):
2789         (JSC::MacroAssembler::and32):
2790         (JSC::MacroAssembler::lshift32):
2791         (JSC::MacroAssembler::rshift32):
2792         (JSC::MacroAssembler::storePtr):
2793         (JSC::MacroAssembler::store32):
2794         (JSC::MacroAssembler::poke):
2795         (JSC::MacroAssembler::move):
2796         (JSC::MacroAssembler::compareImm32ForBranchEquality):
2797         (JSC::MacroAssembler::jnePtr):
2798         (JSC::MacroAssembler::jnset32):
2799         (JSC::MacroAssembler::jset32):
2800         (JSC::MacroAssembler::jzeroSub32):
2801         (JSC::MacroAssembler::joverAdd32):
2802         (JSC::MacroAssembler::call):
2803         * assembler/X86Assembler.h:
2804         (JSC::X86Assembler::shll_i8r):
2805         * jit/JIT.cpp:
2806         (JSC::JIT::privateCompileMainPass):
2807         (JSC::JIT::privateCompile):
2808         (JSC::JIT::privateCompileCTIMachineTrampolines):
2809         * jit/JIT.h:
2810         * jit/JITArithmetic.cpp:
2811         (JSC::JIT::compileBinaryArithOp):
2812         * jit/JITInlineMethods.h:
2813         (JSC::JIT::emitGetVirtualRegister):
2814         (JSC::JIT::emitPutCTIArg):
2815         (JSC::JIT::emitPutCTIArgConstant):
2816         (JSC::JIT::emitGetCTIArg):
2817         (JSC::JIT::emitPutCTIArgFromVirtualRegister):
2818         (JSC::JIT::emitPutCTIParam):
2819         (JSC::JIT::emitGetCTIParam):
2820         (JSC::JIT::emitPutToCallFrameHeader):
2821         (JSC::JIT::emitPutImmediateToCallFrameHeader):
2822         (JSC::JIT::emitGetFromCallFrameHeader):
2823         (JSC::JIT::emitPutVirtualRegister):
2824         (JSC::JIT::emitInitRegister):
2825         (JSC::JIT::emitNakedCall):
2826         (JSC::JIT::restoreArgumentReference):
2827         (JSC::JIT::restoreArgumentReferenceForTrampoline):
2828         (JSC::JIT::emitCTICall):
2829         (JSC::JIT::checkStructure):
2830         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
2831         (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
2832         (JSC::JIT::emitJumpSlowCaseIfNotImmNums):
2833         (JSC::JIT::emitFastArithDeTagImmediate):
2834         (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
2835         (JSC::JIT::emitFastArithReTagImmediate):
2836         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
2837         (JSC::JIT::emitFastArithImmToInt):
2838         (JSC::JIT::emitFastArithIntToImmOrSlowCase):
2839         (JSC::JIT::emitFastArithIntToImmNoCheck):
2840         (JSC::JIT::emitTagAsBoolImmediate):
2841         * jit/JITPropertyAccess.cpp:
2842         (JSC::JIT::privateCompilePutByIdTransition):
2843
2844 2008-12-04  Geoffrey Garen  <ggaren@apple.com>
2845
2846         Reviewed by Oliver Hunt.
2847         
2848         Some refactoring for generateGreedyQuantifier.
2849         
2850         SunSpider reports no change (possibly a 0.3% speedup).
2851
2852         * wrec/WRECGenerator.cpp:
2853         (JSC::WREC::Generator::generateGreedyQuantifier): Clarified label
2854         meanings and unified some logic to simplify things.
2855
2856         * wrec/WRECParser.h:
2857         (JSC::WREC::Parser::parseAlternative): Added a version of parseAlternative
2858         that can jump to a Label, instead of a JumpList, upon failure. (Eventually,
2859         when we have a true Label class, this will be redundant.) This makes
2860         things easier for generateGreedyQuantifier, because it can avoid
2861         explicitly linking things.
2862
2863 2008-12-04  Simon Hausmann  <simon.hausmann@nokia.com>
2864
2865         Reviewed by Holger Freyther.
2866
2867         Fix crashes in the Qt build on Linux/i386 with non-executable memory
2868         by enabling TCSystemAlloc and the PROT_EXEC flag for mmap.
2869
2870         * JavaScriptCore.pri: Enable the use of TCSystemAlloc if the JIT is
2871         enabled.
2872         * wtf/TCSystemAlloc.cpp: Extend the PROT_EXEC permissions to
2873         PLATFORM(QT).
2874
2875 2008-12-04  Simon Hausmann  <simon.hausmann@nokia.com>
2876
2877         Reviewed by Tor Arne Vestbø.
2878
2879         Enable ENABLE_JIT_OPTIMIZE_CALL, ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS
2880         and ENABLE_JIT_OPTIMIZE_ARITHMETIC, as suggested by Niko.
2881
2882         * JavaScriptCore.pri: 
2883
2884 2008-12-04  Kent Hansen  <khansen@trolltech.com>
2885
2886         Reviewed by Simon Hausmann.
2887
2888         Enable the JSC jit for the Qt build by default for release builds on
2889         linux-g++ and win32-msvc.
2890
2891         * JavaScriptCore.pri:
2892
2893 2008-12-04  Gavin Barraclough  <barraclough@apple.com>
2894
2895         Reviewed by Oliver Hunt.
2896
2897         Allow JIT to function without property access repatching and arithmetic optimizations.
2898         Controlled by ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS and ENABLE_JIT_OPTIMIZE_ARITHMETIC switches.
2899
2900         https://bugs.webkit.org/show_bug.cgi?id=22643
2901
2902         * JavaScriptCore.xcodeproj/project.pbxproj:
2903         * jit/JIT.cpp:
2904         (JSC::JIT::privateCompileMainPass):
2905         (JSC::JIT::privateCompileSlowCases):
2906         * jit/JIT.h:
2907         * jit/JITArithmetic.cpp: Copied from jit/JIT.cpp.
2908         (JSC::JIT::compileBinaryArithOp):
2909         (JSC::JIT::compileBinaryArithOpSlowCase):
2910         * jit/JITPropertyAccess.cpp: Copied from jit/JIT.cpp.
2911         (JSC::JIT::compileGetByIdHotPath):
2912         (JSC::JIT::compileGetByIdSlowCase):
2913         (JSC::JIT::compilePutByIdHotPath):
2914         (JSC::JIT::compilePutByIdSlowCase):
2915         (JSC::resizePropertyStorage):
2916         (JSC::transitionWillNeedStorageRealloc):
2917         (JSC::JIT::privateCompilePutByIdTransition):
2918         (JSC::JIT::patchGetByIdSelf):
2919         (JSC::JIT::patchPutByIdReplace):
2920         (JSC::JIT::privateCompilePatchGetArrayLength):
2921         * wtf/Platform.h:
2922
2923 2008-12-03  Geoffrey Garen  <ggaren@apple.com>
2924
2925         Reviewed by Oliver Hunt.
2926         
2927         Optimized sequences of characters in regular expressions by comparing
2928         two characters at a time.
2929         
2930         1-2% speedup on SunSpider, 19-25% speedup on regexp-dna.
2931
2932         * assembler/MacroAssembler.h:
2933         (JSC::MacroAssembler::load32):
2934         (JSC::MacroAssembler::jge32): Filled out a few more macro methods.
2935
2936         * assembler/X86Assembler.h:
2937         (JSC::X86Assembler::movl_mr): Added a verion of movl_mr that operates
2938         without an offset, to allow the macro assembler to optmize for that case.
2939         
2940         * wrec/WREC.cpp:
2941         (JSC::WREC::Generator::compileRegExp): Test the saved value of index
2942         instead of the index register when checking for "end of input." The
2943         index register doesn't increment by 1 in an orderly fashion, so testing
2944         it for == "end of input" is not valid.
2945         
2946         Also, jump all the way to "return failure" upon reaching "end of input,"
2947         instead of executing the next alternative. This is more logical, and
2948         it's a slight optimization in the case of an expression with many alternatives.
2949
2950         * wrec/WRECGenerator.cpp:
2951         (JSC::WREC::Generator::generateIncrementIndex): Added support for
2952         jumping to a failure label in the case where the index has reached "end
2953         of input."
2954
2955         (JSC::WREC::Generator::generatePatternCharacterSequence):
2956         (JSC::WREC::Generator::generatePatternCharacterPair): This is the
2957         optmization. It's basically like generatePatternCharacter, but it runs two
2958         characters at a time.
2959         
2960         (JSC::WREC::Generator::generatePatternCharacter): Changed to use isASCII,
2961         since it's clearer than comparing to a magic hex value.
2962         
2963         * wrec/WRECGenerator.h:
2964
2965 2008-12-03  Gavin Barraclough  <barraclough@apple.com>
2966
2967         Reviewed by Cameron Zwarich.
2968
2969         Allow JIT to operate without the call-repatching optimization.
2970         Controlled by ENABLE(JIT_OPTIMIZE_CALL), defaults on, disabling
2971         this leads to significant performance regression.
2972
2973         https://bugs.webkit.org/show_bug.cgi?id=22639
2974
2975         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2976         * JavaScriptCore.xcodeproj/project.pbxproj:
2977         * jit/JIT.cpp:
2978         (JSC::JIT::privateCompileSlowCases):
2979         * jit/JIT.h:
2980         * jit/JITCall.cpp: Copied from jit/JIT.cpp.
2981         (JSC::JIT::compileOpCallInitializeCallFrame):
2982         (JSC::JIT::compileOpCallSetupArgs):
2983         (JSC::JIT::compileOpCallEvalSetupArgs):
2984         (JSC::JIT::compileOpConstructSetupArgs):
2985         (JSC::JIT::compileOpCall):
2986         (JSC::JIT::compileOpCallSlowCase):
2987         (JSC::unreachable):
2988         * jit/JITInlineMethods.h: Copied from jit/JIT.cpp.
2989         (JSC::JIT::checkStructure):
2990         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
2991         (JSC::JIT::emitTagAsBoolImmediate):
2992         * wtf/Platform.h:
2993
2994 2008-12-03  Eric Seidel  <eric@webkit.org>
2995
2996         Rubber-stamped by David Hyatt.
2997
2998         Make HAVE_ACCESSIBILITY only define if !defined
2999
3000         * wtf/Platform.h:
3001
3002 2008-12-03  Sam Weinig  <sam@webkit.org>
3003
3004         Fix build.
3005
3006         * assembler/X86Assembler.h:
3007         (JSC::X86Assembler::orl_i32r):
3008
3009 2008-12-03  Sam Weinig  <sam@webkit.org>
3010
3011         Reviewed by Geoffrey Garen.
3012
3013         Remove shared AssemblerBuffer 1MB buffer and instead give AssemblerBuffer
3014         an 256 byte inline capacity.
3015
3016         1% progression on Sunspider.
3017
3018         * assembler/AssemblerBuffer.h:
3019         (JSC::AssemblerBuffer::AssemblerBuffer):
3020         (JSC::AssemblerBuffer::~AssemblerBuffer):
3021         (JSC::AssemblerBuffer::grow):
3022         * assembler/MacroAssembler.h:
3023         (JSC::MacroAssembler::MacroAssembler):
3024         * assembler/X86Assembler.h:
3025         (JSC::X86Assembler::X86Assembler):
3026         * interpreter/Interpreter.cpp:
3027         (JSC::Interpreter::Interpreter):
3028         * interpreter/Interpreter.h:
3029         * jit/JIT.cpp:
3030         (JSC::JIT::JIT):
3031         * parser/Nodes.cpp:
3032         (JSC::RegExpNode::emitBytecode):
3033         * runtime/RegExp.cpp:
3034         (JSC::RegExp::RegExp):
3035         (JSC::RegExp::create):
3036         * runtime/RegExp.h:
3037         * runtime/RegExpConstructor.cpp:
3038         (JSC::constructRegExp):
3039         * runtime/RegExpPrototype.cpp:
3040         (JSC::regExpProtoFuncCompile):
3041         * runtime/StringPrototype.cpp:
3042         (JSC::stringProtoFuncMatch):
3043         (JSC::stringProtoFuncSearch):
3044         * wrec/WREC.cpp:
3045         (JSC::WREC::Generator::compileRegExp):
3046         * wrec/WRECGenerator.h:
3047         (JSC::WREC::Generator::Generator):
3048         * wrec/WRECParser.h:
3049         (JSC::WREC::Parser::Parser):
3050
3051 2008-12-03  Geoffrey Garen  <ggaren@apple.com>
3052
3053         Reviewed by Oliver Hunt, with help from Gavin Barraclough.
3054         
3055         orl_i32r was actually coded as an 8bit OR. So, I renamed orl_i32r to
3056         orl_i8r, changed all orl_i32r clients to use orl_i8r, and then added
3057         a new orl_i32r that actually does a 32bit OR.
3058         
3059         (32bit OR is currently unused, but a patch I'm working on uses it.)
3060
3061         * assembler/MacroAssembler.h:
3062         (JSC::MacroAssembler::or32): Updated to choose between 8bit and 32bit OR.
3063
3064         * assembler/X86Assembler.h:
3065         (JSC::X86Assembler::orl_i8r): The old orl_i32r.
3066         (JSC::X86Assembler::orl_i32r): The new orl_i32r.
3067         
3068         * jit/JIT.cpp:
3069         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
3070         (JSC::JIT::emitTagAsBoolImmediate): Use orl_i8r, since we're ORing 8bit
3071         values.
3072
3073 2008-12-03  Dean Jackson  <dino@apple.com>
3074
3075         Reviewed by Dan Bernstein.
3076
3077         Helper functions for turn -> degrees.
3078         https://bugs.webkit.org/show_bug.cgi?id=22497
3079
3080         * wtf/MathExtras.h:
3081         (turn2deg):
3082         (deg2turn):
3083
3084 2008-12-02  Cameron Zwarich  <zwarich@apple.com>
3085
3086         Reviewed by Geoff Garen.
3087
3088         Bug 22504: Crashes during code generation occur due to refing of ignoredResult()
3089         <https://bugs.webkit.org/show_bug.cgi?id=22504>
3090
3091         Since ignoredResult() was implemented by casting 1 to a RegisterID*, any
3092         attempt to ref ignoredResult() results in a crash. This will occur in
3093         code generation of a function body where a node emits another node with
3094         the dst that was passed to it, and then refs the returned RegisterID*.
3095
3096         To fix this problem, make ignoredResult() a member function of
3097         BytecodeGenerator that simply returns a pointe to a fixed RegisterID
3098         member of BytecodeGenerator.
3099
3100         * bytecompiler/BytecodeGenerator.h:
3101         (JSC::BytecodeGenerator::ignoredResult):
3102         * bytecompiler/RegisterID.h:
3103         * parser/Nodes.cpp:
3104         (JSC::NullNode::emitBytecode):
3105         (JSC::BooleanNode::emitBytecode):
3106         (JSC::NumberNode::emitBytecode):
3107         (JSC::StringNode::emitBytecode):
3108         (JSC::RegExpNode::emitBytecode):
3109         (JSC::ThisNode::emitBytecode):
3110         (JSC::ResolveNode::emitBytecode):
3111         (JSC::ObjectLiteralNode::emitBytecode):
3112         (JSC::PostfixResolveNode::emitBytecode):
3113         (JSC::PostfixBracketNode::emitBytecode):
3114         (JSC::PostfixDotNode::emitBytecode):
3115         (JSC::DeleteValueNode::emitBytecode):
3116         (JSC::VoidNode::emitBytecode):
3117         (JSC::TypeOfResolveNode::emitBytecode):
3118         (JSC::TypeOfValueNode::emitBytecode):
3119         (JSC::PrefixResolveNode::emitBytecode):
3120         (JSC::AssignResolveNode::emitBytecode):
3121         (JSC::CommaNode::emitBytecode):
3122         (JSC::ForNode::emitBytecode):
3123         (JSC::ForInNode::emitBytecode):
3124         (JSC::ReturnNode::emitBytecode):
3125         (JSC::ThrowNode::emitBytecode):
3126         (JSC::FunctionBodyNode::emitBytecode):
3127         (JSC::FuncDeclNode::emitBytecode):
3128
3129 2008-12-02  Geoffrey Garen  <ggaren@apple.com>
3130
3131         Reviewed by Cameron Zwarich.
3132         
3133         Fixed https://bugs.webkit.org/show_bug.cgi?id=22537
3134         REGRESSION (r38745): Assertion failure in jsSubstring() at ge.com
3135
3136         The bug was that index would become greater than length, so our
3137         "end of input" checks, which all check "index == length", would fail.
3138         
3139         The solution is to check for end of input before incrementing index,
3140         to ensure that index is always <= length.
3141         
3142         As a side benefit, generateJumpIfEndOfInput can now use je instead of
3143         jg, which should be slightly faster.
3144
3145         * wrec/WREC.cpp:
3146         (JSC::WREC::Generator::compileRegExp):
3147         * wrec/WRECGenerator.cpp:
3148         (JSC::WREC::Generator::generateJumpIfEndOfInput):
3149
3150 2008-12-02  Gavin Barraclough  <barraclough@apple.com>
3151
3152         Reviewed by Geoffrey Garen.
3153
3154         Plant shift right immediate instructions, which are awesome.
3155         https://bugs.webkit.org/show_bug.cgi?id=22610
3156         ~5% on the v8-crypto test.
3157
3158         * jit/JIT.cpp:
3159         (JSC::JIT::privateCompileMainPass):
3160         (JSC::JIT::privateCompileSlowCases):
3161
3162 2008-12-02  Geoffrey Garen  <ggaren@apple.com>
3163
3164         Reviewed by Sam Weinig.
3165         
3166         Cleaned up SegmentedVector by abstracting segment access into helper
3167         functions.
3168         
3169         SunSpider reports no change.
3170
3171         * bytecompiler/SegmentedVector.h:
3172         (JSC::SegmentedVector::SegmentedVector):
3173         (JSC::SegmentedVector::~SegmentedVector):
3174         (JSC::SegmentedVector::size):
3175         (JSC::SegmentedVector::at):
3176         (JSC::SegmentedVector::operator[]):
3177         (JSC::SegmentedVector::last):
3178         (JSC::SegmentedVector::append):
3179         (JSC::SegmentedVector::removeLast):
3180         (JSC::SegmentedVector::grow):
3181         (JSC::SegmentedVector::clear):
3182         (JSC::SegmentedVector::deleteAllSegments):
3183         (JSC::SegmentedVector::segmentFor):
3184         (JSC::SegmentedVector::subscriptFor):
3185         (JSC::SegmentedVector::ensureSegmentsFor):
3186         (JSC::SegmentedVector::ensureSegment):
3187
3188 2008-12-02  Geoffrey Garen  <ggaren@apple.com>
3189
3190         Reviewed by Geoffrey Garen. (Patch by Cameron Zwarich <zwarich@apple.com>.)
3191         
3192         Fixed https://bugs.webkit.org/show_bug.cgi?id=22482
3193         REGRESSION (r37991): Occasionally see "Scene rendered incorrectly"
3194         message when running the V8 Raytrace benchmark
3195         
3196         Rolled out r37991. It didn't properly save xmm0, which is caller-save,
3197         before calling helper functions.
3198         
3199         SunSpider and v8 benchmarks show little change -- possibly a .2%
3200         SunSpider regression, possibly a .2% v8 benchmark speedup.
3201
3202         * assembler/X86Assembler.h:
3203         (JSC::X86Assembler::):
3204         * bytecode/CodeBlock.cpp:
3205         (JSC::CodeBlock::dump):
3206         * bytecode/Instruction.h:
3207         (JSC::Instruction::):
3208         * bytecompiler/BytecodeGenerator.cpp:
3209         (JSC::BytecodeGenerator::emitUnaryOp):
3210         * bytecompiler/BytecodeGenerator.h:
3211         (JSC::BytecodeGenerator::emitToJSNumber):
3212         (JSC::BytecodeGenerator::emitTypeOf):
3213         (JSC::BytecodeGenerator::emitGetPropertyNames):
3214         * interpreter/Interpreter.cpp:
3215         (JSC::Interpreter::privateExecute):
3216         * interpreter/Interpreter.h:
3217         * jit/JIT.cpp:
3218         (JSC::JIT::privateCompileMainPass):
3219         (JSC::JIT::privateCompileSlowCases):
3220         * jit/JIT.h:
3221         * parser/Nodes.cpp:
3222         (JSC::UnaryOpNode::emitBytecode):
3223         (JSC::BinaryOpNode::emitBytecode):
3224         (JSC::EqualNode::emitBytecode):
3225         * parser/ResultType.h:
3226         (JSC::ResultType::isReusable):
3227         (JSC::ResultType::mightBeNumber):
3228         * runtime/JSNumberCell.h:
3229
3230 2008-12-01  Gavin Barraclough  <barraclough@apple.com>
3231
3232         Reviewed by Geoffrey Garen.
3233
3234         Remove unused (sampling only, and derivable) argument to JIT::emitCTICall.
3235         https://bugs.webkit.org/show_bug.cgi?id=22587
3236
3237         * jit/JIT.cpp:
3238         (JSC::JIT::emitCTICall):
3239         (JSC::JIT::compileOpCall):
3240         (JSC::JIT::emitSlowScriptCheck):
3241         (JSC::JIT::compileBinaryArithOpSlowCase):
3242         (JSC::JIT::privateCompileMainPass):
3243         (JSC::JIT::privateCompileSlowCases):
3244         (JSC::JIT::privateCompile):
3245         * jit/JIT.h:
3246
3247 2008-12-02  Dimitri Glazkov  <dglazkov@chromium.org>
3248
3249         Reviewed by Eric Seidel.
3250         
3251         Fix the inheritance chain for JSFunction.
3252
3253         * runtime/JSFunction.cpp:
3254         (JSC::JSFunction::info): Add InternalFunction::info as parent class
3255
3256 2008-12-02  Simon Hausmann  <hausmann@webkit.org>
3257
3258         Reviewed by Tor Arne Vestbø.
3259
3260         Fix ability to include JavaScriptCore.pri from other .pro files.
3261
3262         * JavaScriptCore.pri: Moved -O3 setting into the .pro files.
3263         * JavaScriptCore.pro:
3264         * jsc.pro:
3265
3266 2008-12-01  Geoffrey Garen  <ggaren@apple.com>
3267
3268         Reviewed by Cameron Zwarich, with help from Gavin Barraclough.
3269         
3270         Fixed https://bugs.webkit.org/show_bug.cgi?id=22583.
3271
3272         Refactored regular expression parsing to parse sequences of characters
3273         as a single unit, in preparation for optimizing sequences of characters.
3274         
3275         SunSpider reports no change.
3276
3277         * JavaScriptCore.xcodeproj/project.pbxproj:
3278         * wrec/Escapes.h: Added. Set of classes for representing an escaped
3279         token in a pattern.
3280
3281         * wrec/Quantifier.h:
3282         (JSC::WREC::Quantifier::Quantifier): Simplified this constructor slightly,
3283         to match the new Escape constructor.
3284
3285         * wrec/WRECGenerator.cpp:
3286         (JSC::WREC::Generator::generatePatternCharacterSequence):
3287         * wrec/WRECGenerator.h: Added an interface for generating a sequence
3288         of pattern characters at a time. It doesn't do anything special yet.
3289
3290         * wrec/WRECParser.cpp:
3291         (JSC::WREC::Parser::consumeGreedyQuantifier):
3292         (JSC::WREC::Parser::consumeQuantifier): Renamed "parse" to "consume" in
3293         these functions, to match "consumeEscape."
3294
3295         (JSC::WREC::Parser::parsePatternCharacterSequence): New function for
3296         iteratively aggregating a sequence of characters in a pattern.
3297
3298         (JSC::WREC::Parser::parseCharacterClassQuantifier):
3299         (JSC::WREC::Parser::parseBackreferenceQuantifier): Renamed "parse" to
3300         "consume" in these functions, to match "consumeEscape."
3301
3302         (JSC::WREC::Parser::parseCharacterClass): Refactored to use the common
3303         escape processing code in consumeEscape.
3304
3305         (JSC::WREC::Parser::parseEscape): Refactored to use the common
3306         escape processing code in consumeEscape.
3307
3308         (JSC::WREC::Parser::consumeEscape): Factored escaped token processing
3309         into a common function, since we were doing this in a few places.
3310
3311         (JSC::WREC::Parser::parseTerm): Refactored to use the common
3312         escape processing code in consumeEscape.
3313
3314         * wrec/WRECParser.h:
3315         (JSC::WREC::Parser::consumeOctal): Refactored to use a helper function
3316         for reading a digit.
3317
3318 2008-12-01  Cameron Zwarich  <zwarich@apple.com>
3319
3320         Reviewed by Oliver Hunt.
3321
3322         Bug 20340: SegmentedVector segment allocations can lead to unsafe use of temporary registers
3323         <https://bugs.webkit.org/show_bug.cgi?id=20340>
3324
3325         SegmentedVector currently frees segments and reallocates them when used
3326         as a stack. This can lead to unsafe use of pointers into freed segments.
3327
3328         In order to fix this problem, SegmentedVector will be changed to only
3329         grow and never shrink. Also, rename the reserveCapacity() member
3330         function to grow() to match the actual usage in BytecodeGenerator, where
3331         this function is used to allocate a group of registers at once, rather
3332         than merely saving space for them.
3333
3334         * bytecompiler/BytecodeGenerator.cpp:
3335         (JSC::BytecodeGenerator::BytecodeGenerator): Use grow() instead of 
3336         reserveCapacity().
3337         * bytecompiler/SegmentedVector.h:
3338         (JSC::SegmentedVector::SegmentedVector):
3339         (JSC::SegmentedVector::last):
3340         (JSC::SegmentedVector::append):
3341         (JSC::SegmentedVector::removeLast):
3342         (JSC::SegmentedVector::grow): Renamed from reserveCapacity().
3343         (JSC::SegmentedVector::clear):
3344
3345 2008-12-01  Mark Rowe  <mrowe@apple.com>
3346
3347         Rubber-stamped by Anders Carlsson.
3348
3349         Disable WREC for x86_64 since memory allocated by the system allocator is not marked executable,
3350         which causes 64-bit debug builds to crash.  Once we have a dedicated allocator for executable
3351         memory we can turn this back on.
3352
3353         * wtf/Platform.h:
3354
3355 2008-12-01  Antti Koivisto  <antti@apple.com>
3356
3357         Reviewed by Maciej Stachowiak.
3358         
3359         Restore inline buffer after vector is shrunk back below its inline capacity.
3360
3361         * wtf/Vector.h:
3362         (WTF::):
3363         (WTF::VectorBuffer::restoreInlineBufferIfNeeded):
3364         (WTF::::shrinkCapacity):
3365
3366 2008-11-30  Antti Koivisto  <antti@apple.com>
3367
3368         Reviewed by Mark Rowe.
3369         
3370         Try to return free pages in the current thread cache too.
3371
3372         * wtf/FastMalloc.cpp:
3373         (WTF::TCMallocStats::releaseFastMallocFreeMemory):
3374
3375 2008-12-01  David Levin  <levin@chromium.org>
3376
3377         Reviewed by Alexey Proskuryakov.
3378
3379         https://bugs.webkit.org/show_bug.cgi?id=22567
3380         Make HashTable work as expected with respect to threads. Specifically, it has class-level
3381         thread safety and constant methods work on constant objects without synchronization.
3382         
3383         No observable change in behavior, so no test. This only affects debug builds.
3384
3385         * wtf/HashTable.cpp:
3386         (WTF::hashTableStatsMutex):
3387         (WTF::HashTableStats::~HashTableStats):
3388         (WTF::HashTableStats::recordCollisionAtCount):
3389         Guarded variable access with a mutex.
3390
3391         * wtf/HashTable.h:
3392         (WTF::::lookup):
3393         (WTF::::lookupForWriting):
3394         (WTF::::fullLookupForWriting):
3395         (WTF::::add):
3396         (WTF::::reinsert):
3397         (WTF::::remove):
3398         (WTF::::rehash):
3399         Changed increments of static variables to use atomicIncrement.
3400
3401         (WTF::::invalidateIterators):
3402         (WTF::addIterator):
3403         (WTF::removeIterator):
3404         Guarded mutable access with a mutex.
3405
3406 2008-11-29  Gavin Barraclough  <barraclough@apple.com>
3407
3408         Reviewed by Cameron Zwarich.
3409
3410         Enable WREC on PLATFORM(X86_64).  This change predominantly requires changes to the
3411         WREC::Generator::generateEnter method to support the x86-64 ABI, and addition of
3412         support for a limited number of quadword operations in the X86Assembler.
3413
3414         This patch will cause the JS heap to be allocated with RWX permissions on 64-bit Mac
3415         platforms.  This is a regression with respect to previous 64-bit behaviour, but is no
3416         more permissive than on 32-bit builds.  This issue should be addressed at some point.
3417         (This is tracked by bug #21783.)
3418
3419         https://bugs.webkit.org/show_bug.cgi?id=22554
3420         Greater than 4x speedup on regexp-dna, on x86-64.
3421
3422         * assembler/MacroAssembler.h:
3423         (JSC::MacroAssembler::addPtr):
3424         (JSC::MacroAssembler::loadPtr):
3425         (JSC::MacroAssembler::storePtr):
3426         (JSC::MacroAssembler::pop):
3427         (JSC::MacroAssembler::push):
3428         (JSC::MacroAssembler::move):
3429         * assembler/X86Assembler.h:
3430         (JSC::X86Assembler::):
3431         (JSC::X86Assembler::movq_rr):
3432         (JSC::X86Assembler::addl_i8m):
3433         (JSC::X86Assembler::addl_i32r):
3434         (JSC::X86Assembler::addq_i8r):
3435         (JSC::X86Assembler::addq_i32r):
3436         (JSC::X86Assembler::movq_mr):
3437         (JSC::X86Assembler::movq_rm):
3438         * wrec/WREC.h:
3439         * wrec/WRECGenerator.cpp:
3440         (JSC::WREC::Generator::generateEnter):
3441         (JSC::WREC::Generator::generateReturnSuccess):
3442         (JSC::WREC::Generator::generateReturnFailure):
3443         * wtf/Platform.h:
3444         * wtf/TCSystemAlloc.cpp:
3445
3446 2008-12-01  Cameron Zwarich  <zwarich@apple.com>
3447
3448         Reviewed by Sam Weinig.
3449
3450         Preliminary work for bug 20340: SegmentedVector segment allocations can lead to unsafe use of temporary registers
3451         <https://bugs.webkit.org/show_bug.cgi?id=20340>
3452
3453         SegmentedVector currently frees segments and reallocates them when used
3454         as a stack. This can lead to unsafe use of pointers into freed segments.
3455
3456         In order to fix this problem, SegmentedVector will be changed to only
3457         grow and never shrink, with the sole exception of clearing all of its
3458         data, a capability that is required by Lexer. This patch changes the
3459         public interface to only allow for these capabilities.
3460
3461         * bytecompiler/BytecodeGenerator.cpp:
3462         (JSC::BytecodeGenerator::BytecodeGenerator): Use reserveCapacity()
3463         instead of resize() for m_globals and m_parameters.
3464         * bytecompiler/SegmentedVector.h:
3465         (JSC::SegmentedVector::resize): Removed.
3466         (JSC::SegmentedVector::reserveCapacity): Added.
3467         (JSC::SegmentedVector::clear): Added.
3468         (JSC::SegmentedVector::shrink): Removed.
3469         (JSC::SegmentedVector::grow): Removed.
3470         * parser/Lexer.cpp:
3471         (JSC::Lexer::clear): Use clear() instead of resize(0).
3472
3473 2008-11-30  Sam Weinig  <sam@webkit.org>
3474
3475         Reviewed by Mark Rowe.
3476
3477         Renames jumps to m_jumps in JumpList.
3478
3479         * assembler/MacroAssembler.h:
3480         (JSC::MacroAssembler::JumpList::link):
3481         (JSC::MacroAssembler::JumpList::linkTo):
3482         (JSC::MacroAssembler::JumpList::append):
3483
3484 2008-11-30  Antti Koivisto  <antti@apple.com>
3485
3486         Reviewed by Mark Rowe.
3487         
3488         https://bugs.webkit.org/show_bug.cgi?id=22557
3489         
3490         Report free size in central and thread caches too.
3491
3492         * wtf/FastMalloc.cpp:
3493         (WTF::TCMallocStats::fastMallocStatistics):
3494         * wtf/FastMalloc.h:
3495
3496 2008-11-29  Antti Koivisto  <antti@apple.com>
3497
3498         Reviewed by Dan Bernstein.
3499         
3500         https://bugs.webkit.org/show_bug.cgi?id=22557
3501         Add statistics for JavaScript GC heap.
3502
3503         * JavaScriptCore.exp:
3504         * runtime/Collector.cpp:
3505         (JSC::Heap::objectCount):
3506         (JSC::addToStatistics):
3507         (JSC::Heap::statistics):
3508         * runtime/Collector.h:
3509
3510 2008-11-29  Antti Koivisto  <antti@apple.com>
3511
3512         Fix debug build by adding a stub method.
3513
3514         * wtf/FastMalloc.cpp:
3515         (WTF::fastMallocStatistics):
3516
3517 2008-11-29  Antti Koivisto  <antti@apple.com>
3518
3519         Reviewed by Alexey Proskuryakov.
3520         
3521         https://bugs.webkit.org/show_bug.cgi?id=22557
3522         
3523         Add function for getting basic statistics from FastMalloc.
3524
3525         * JavaScriptCore.exp:
3526         * wtf/FastMalloc.cpp:
3527         (WTF::DLL_Length):
3528         (WTF::TCMalloc_PageHeap::ReturnedBytes):
3529         (WTF::TCMallocStats::fastMallocStatistics):
3530         * wtf/FastMalloc.h:
3531
3532 2008-11-29  Cameron Zwarich  <zwarich@apple.com>
3533
3534         Not reviewed.
3535
3536         The C++ standard does not automatically grant the friendships of an
3537         enclosing class to its nested subclasses, so we should do so explicitly.
3538         This fixes the GCC 4.0 build, although both GCC 4.2 and Visual C++ 2005
3539         accept the incorrect code as it is.