Make randomNumber generate 2^53 values instead of 2^32 (or 2^31 for rand() platforms)
[WebKit-https.git] / JavaScriptCore / ChangeLog
1 2009-01-02  Oliver Hunt  <oliver@apple.com>
2
3         Reviewed by Maciej Stachowiak.
4
5         Make randomNumber generate 2^53 values instead of 2^32 (or 2^31 for rand() platforms)
6
7         * wtf/RandomNumber.cpp:
8         (WTF::randomNumber):
9
10 2009-01-02  David Kilzer  <ddkilzer@apple.com>
11
12         Remove declaration for JSC::Identifier::initializeIdentifierThreading()
13
14         Reviewed by Alexey Proskuryakov.
15
16         * runtime/Identifier.h:
17         (JSC::Identifier::initializeIdentifierThreading): Removed
18         declaration since the implementation was removed in r34412.
19
20 2009-01-01  Darin Adler  <darin@apple.com>
21
22         Reviewed by Oliver Hunt.
23
24         String.replace does not support $& replacement metacharacter when search term is not a RegExp
25         <https://bugs.webkit.org/show_bug.cgi?id=21431>
26         <rdar://problem/6274993>
27
28         Test: fast/js/string-replace-3.html
29
30         * runtime/StringPrototype.cpp:
31         (JSC::substituteBackreferences): Added a null check here so we won't try to handle $$-$9
32         backreferences when the search term is a string, not a RegExp. Added a check for 0 so we
33         won't try to handle $0 or $00 as a backreference.
34         (JSC::stringProtoFuncReplace): Added a call to substituteBackreferences.
35
36 2009-01-01  Gavin Barraclough  <barraclough@apple.com>
37
38         Reviewed by Darin Adler.
39
40         Allow 32-bit integers to be stored in JSImmediates, on x64-bit.
41         Presently the top 32-bits of a 64-bit JSImmediate serve as a sign extension of a 31-bit
42         int stored in the low word (shifted left by one, to make room for a tag).  In the new
43         format, the top 31-bits serve as a sign extension of a 32-bit int, still shifted left by
44         one.
45
46         The new behavior is enabled using a flag in Platform.h, 'WTF_USE_ALTERNATE_JSIMMEDIATE'.
47         When this is set the constants defining the range of ints allowed to be stored as
48         JSImmediate values is extended.  The code in JSImmediate.h can safely operate on either
49         format.  This patch updates the JIT so that it can also operate with the new format.
50
51         ~2% progression on x86-64, with & without the JIT, on sunspider & v8 tests.
52
53         * assembler/MacroAssembler.h:
54         (JSC::MacroAssembler::addPtr):
55         (JSC::MacroAssembler::orPtr):
56         (JSC::MacroAssembler::or32):
57         (JSC::MacroAssembler::rshiftPtr):
58         (JSC::MacroAssembler::rshift32):
59         (JSC::MacroAssembler::subPtr):
60         (JSC::MacroAssembler::xorPtr):
61         (JSC::MacroAssembler::xor32):
62         (JSC::MacroAssembler::move):
63         (JSC::MacroAssembler::compareImm64ForBranch):
64         (JSC::MacroAssembler::compareImm64ForBranchEquality):
65         (JSC::MacroAssembler::jePtr):
66         (JSC::MacroAssembler::jgePtr):
67         (JSC::MacroAssembler::jlPtr):
68         (JSC::MacroAssembler::jlePtr):
69         (JSC::MacroAssembler::jnePtr):
70         (JSC::MacroAssembler::jnzSubPtr):
71         (JSC::MacroAssembler::joAddPtr):
72         (JSC::MacroAssembler::jzSubPtr):
73         * assembler/X86Assembler.h:
74         (JSC::X86Assembler::addq_rr):
75         (JSC::X86Assembler::orq_ir):
76         (JSC::X86Assembler::subq_ir):
77         (JSC::X86Assembler::xorq_rr):
78         (JSC::X86Assembler::sarq_CLr):
79         (JSC::X86Assembler::sarq_i8r):
80         (JSC::X86Assembler::cmpq_ir):
81         * jit/JIT.cpp:
82         (JSC::JIT::compileOpStrictEq):
83         (JSC::JIT::privateCompileMainPass):
84         (JSC::JIT::privateCompileSlowCases):
85         (JSC::JIT::privateCompileCTIMachineTrampolines):
86         * jit/JIT.h:
87         * jit/JITArithmetic.cpp:
88         (JSC::JIT::compileFastArith_op_lshift):
89         (JSC::JIT::compileFastArithSlow_op_lshift):
90         (JSC::JIT::compileFastArith_op_rshift):
91         (JSC::JIT::compileFastArithSlow_op_rshift):
92         (JSC::JIT::compileFastArith_op_bitand):
93         (JSC::JIT::compileFastArithSlow_op_bitand):
94         (JSC::JIT::compileFastArith_op_mod):
95         (JSC::JIT::compileFastArithSlow_op_mod):
96         (JSC::JIT::compileFastArith_op_add):
97         (JSC::JIT::compileFastArithSlow_op_add):
98         (JSC::JIT::compileFastArith_op_mul):
99         (JSC::JIT::compileFastArithSlow_op_mul):
100         (JSC::JIT::compileFastArith_op_post_inc):
101         (JSC::JIT::compileFastArithSlow_op_post_inc):
102         (JSC::JIT::compileFastArith_op_post_dec):
103         (JSC::JIT::compileFastArithSlow_op_post_dec):
104         (JSC::JIT::compileFastArith_op_pre_inc):
105         (JSC::JIT::compileFastArithSlow_op_pre_inc):
106         (JSC::JIT::compileFastArith_op_pre_dec):
107         (JSC::JIT::compileFastArithSlow_op_pre_dec):
108         (JSC::JIT::compileBinaryArithOp):
109         * jit/JITInlineMethods.h:
110         (JSC::JIT::getConstantOperand):
111         (JSC::JIT::getConstantOperandImmediateInt):
112         (JSC::JIT::isOperandConstantImmediateInt):
113         (JSC::JIT::isOperandConstant31BitImmediateInt):
114         (JSC::JIT::emitFastArithDeTagImmediate):
115         (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
116         (JSC::JIT::emitFastArithReTagImmediate):
117         (JSC::JIT::emitFastArithImmToInt):
118         (JSC::JIT::emitFastArithIntToImmNoCheck):
119         * runtime/JSImmediate.h:
120         (JSC::JSImmediate::isPositiveNumber):
121         (JSC::JSImmediate::isNegative):
122         (JSC::JSImmediate::rightShiftImmediateNumbers):
123         (JSC::JSImmediate::canDoFastAdditiveOperations):
124         (JSC::JSImmediate::makeValue):
125         (JSC::JSImmediate::makeInt):
126         (JSC::JSImmediate::makeBool):
127         (JSC::JSImmediate::intValue):
128         (JSC::JSImmediate::rawValue):
129         (JSC::JSImmediate::toBoolean):
130         (JSC::JSImmediate::from):
131         * wtf/Platform.h:
132
133 2008-12-31  Oliver Hunt  <oliver@apple.com>
134
135         Reviewed by Cameron Zwarich.
136
137         [jsfunfuzz] Assertion + incorrect behaviour with dynamically created local variable in a catch block
138         <https://bugs.webkit.org/show_bug.cgi?id=23063>
139
140         Eval inside a catch block attempts to use the catch block's static scope in
141         an unsafe way by attempting to add new properties to the scope.  This patch
142         fixes this issue simply by preventing the catch block from using a static
143         scope if it contains an eval.
144
145         * parser/Grammar.y:
146         * parser/Nodes.cpp:
147         (JSC::TryNode::emitBytecode):
148         * parser/Nodes.h:
149         (JSC::TryNode::):
150
151 2008-12-31  Oliver Hunt  <oliver@apple.com>
152
153         Reviewed by Gavin Barraclough.
154
155         [jsfunfuzz] Computed exception offset wrong when first instruction is attempt to resolve deleted eval
156         <https://bugs.webkit.org/show_bug.cgi?id=23062>
157
158         This was caused by the expression information for the initial resolve of
159         eval not being emitted.  If this resolve was the first instruction that
160         could throw an exception the information search would fail leading to an
161         assertion failure.  If it was not the first throwable opcode the wrong
162         expression information would used.
163
164         Fix is simply to emit the expression info.
165
166         * parser/Nodes.cpp:
167         (JSC::EvalFunctionCallNode::emitBytecode):
168
169 2008-12-31  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
170
171         Reviewed by Oliver Hunt.
172
173         Bug 23054: Caching of global lookups occurs even when the global object has become a dictionary
174         <https://bugs.webkit.org/show_bug.cgi?id=23054>
175         <rdar://problem/6469905>
176
177         * interpreter/Interpreter.cpp:
178         (JSC::Interpreter::resolveGlobal): Do not cache lookup if the global
179         object has transitioned to a dictionary.
180         (JSC::Interpreter::cti_op_resolve_global): Do not cache lookup if the
181         global object has transitioned to a dictionary.
182
183 2008-12-30  Oliver Hunt  <oliver@apple.com>
184
185         Reviewed by Darin Adler.
186
187         <https://bugs.webkit.org/show_bug.cgi?id=23049> [jsfunfuzz] With blocks do not correctly protect their scope object
188         <rdar://problem/6469742> Crash in JSC::TypeInfo::hasStandardGetOwnPropertySlot() running jsfunfuzz
189
190         The problem that caused this was that with nodes were not correctly protecting
191         the final object that was placed in the scope chain.  We correct this by forcing
192         the use of a temporary register (which stops us relying on a local register
193         protecting the scope) and changing the behaviour of op_push_scope so that it
194         will store the final scope object.
195
196         * bytecompiler/BytecodeGenerator.cpp:
197         (JSC::BytecodeGenerator::emitPushScope):
198         * interpreter/Interpreter.cpp:
199         (JSC::Interpreter::privateExecute):
200         (JSC::Interpreter::cti_op_push_scope):
201         * interpreter/Interpreter.h:
202         * jit/JIT.cpp:
203         (JSC::JIT::privateCompileMainPass):
204         * parser/Nodes.cpp:
205         (JSC::WithNode::emitBytecode):
206
207 2008-12-30  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
208
209         Reviewed by Sam Weinig.
210
211         Bug 23037: Parsing and reparsing disagree on automatic semicolon insertion
212         <https://bugs.webkit.org/show_bug.cgi?id=23037>
213         <rdar://problem/6467124>
214
215         Parsing and reparsing disagree about automatic semicolon insertion, so that a
216         function like
217
218         function() { a = 1, }
219
220         is parsed as being syntactically valid but gets a syntax error upon reparsing.
221         This leads to an assertion failure in Parser::reparse(). It is not that big of
222         an issue in practice, because in a Release build such a function will return
223         'undefined' when called.
224
225         In this case, we are not following the spec and it should be a syntax error.
226         However, unless there is a newline separating the ',' and the '}', WebKit would
227         not treat it as a syntax error in the past either. It would be a bit of work to
228         make the automatic semicolon insertion match the spec exactly, so this patch
229         changes it to match our past behaviour.
230
231         The problem is that even during reparsing, the Lexer adds a semicolon at the
232         end of the input, which confuses allowAutomaticSemicolon(), because it is
233         expecting either a '}', the end of input, or a terminator like a newline.
234
235         * parser/Lexer.cpp:
236         (JSC::Lexer::Lexer): Initialize m_isReparsing to false.
237         (JSC::Lexer::lex): Do not perform automatic semicolon insertion in the Lexer if
238         we are in the middle of reparsing.
239         (JSC::Lexer::clear): Set m_isReparsing to false.
240         * parser/Lexer.h:
241         (JSC::Lexer::setIsReparsing): Added.
242         * parser/Parser.cpp:
243         (JSC::Parser::reparse): Call Lexer::setIsReparsing() to notify the Lexer of
244         reparsing.
245
246 2008-12-29  Oliver Hunt  <oliver@apple.com>
247
248         Reviewed by NOBODY (Build fix).
249
250         Yet another attempt to fix Tiger.
251
252         * wtf/RandomNumber.cpp:
253         (WTF::randomNumber):
254
255 2008-12-29  Oliver Hunt  <oliver@apple.com>
256
257         Reviewed by NOBODY (Build fix).
258
259         Tiger build fix (correct this time)
260
261         * wtf/RandomNumber.cpp:
262
263 2008-12-29  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
264
265         Rubber-stamped by Alexey Proskuryakov.
266
267         Revert r39509, because kjsyydebug is used in the generated code if YYDEBUG is 1.
268
269         * parser/Grammar.y:
270
271 2008-12-29  Oliver Hunt  <oliver@apple.com>
272
273         Reviewed by NOBODY (Build fix).
274
275         Tiger build fix.
276
277         * wtf/RandomNumber.cpp:
278
279 2008-12-29  Oliver Hunt  <oliver@apple.com>
280
281         Reviewed by Mark Rowe.
282
283         <rdar://problem/6358108> Insecure randomness in Math.random() leads to user tracking
284
285         Switch to arc4random on PLATFORM(DARWIN), this is ~1.5x slower than random(), but the
286         it is still so fast that there is no fathomable way it could be a bottleneck for anything.
287
288         randomNumber is called in two places
289           * During form submission where it is called once per form
290           * Math.random in JSC.  For this difference to show up you have to be looping on
291             a cached local copy of random, for a large (>10000) calls.
292
293         No change in SunSpider.
294
295         * wtf/RandomNumber.cpp:
296         (WTF::randomNumber):
297         * wtf/RandomNumberSeed.h:
298         (WTF::initializeRandomNumberGenerator):
299
300 2008-12-29  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
301
302         Rubber-stamped by Sam Weinig.
303
304         Remove unused kjsyydebug #define.
305
306         * parser/Grammar.y:
307
308 2008-12-29  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
309
310         Reviewed by Oliver Hunt and Sam Weinig.
311
312         Bug 23029: REGRESSION (r39337): jsfunfuzz generates identical test files
313         <https://bugs.webkit.org/show_bug.cgi?id=23029>
314         <rdar://problem/6469185>
315
316         The unification of random number generation in r39337 resulted in random()
317         being initialized on Darwin, but rand() actually being used. Fix this by
318         making randomNumber() use random() instead of rand() on Darwin.
319
320         * wtf/RandomNumber.cpp:
321         (WTF::randomNumber):
322
323 2008-12-29  Sam Weinig  <sam@webkit.org>
324
325         Fix buildbots.
326
327         * runtime/Structure.cpp:
328
329 2008-12-29  Sam Weinig  <sam@webkit.org>
330
331         Reviewed by Oliver Hunt.
332
333         Patch for https://bugs.webkit.org/show_bug.cgi?id=23026
334         Move the deleted offsets vector into the PropertyMap
335
336         Saves 3 words per Structure.
337
338         * runtime/PropertyMapHashTable.h:
339         * runtime/Structure.cpp:
340         (JSC::Structure::addPropertyTransition):
341         (JSC::Structure::changePrototypeTransition):
342         (JSC::Structure::getterSetterTransition):
343         (JSC::Structure::toDictionaryTransition):
344         (JSC::Structure::fromDictionaryTransition):
345         (JSC::Structure::copyPropertyTable):
346         (JSC::Structure::put):
347         (JSC::Structure::remove):
348         (JSC::Structure::rehashPropertyMapHashTable):
349         * runtime/Structure.h:
350         (JSC::Structure::propertyStorageSize):
351
352 2008-12-29  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
353
354         Reviewed by Oliver Hunt.
355
356         Change code using m_body.get() as a boolean to take advantage of the 
357         implicit conversion of RefPtr to boolean.
358
359         * runtime/JSFunction.cpp:
360         (JSC::JSFunction::~JSFunction):
361
362 2008-12-28  Cameron Zwarich  <cwzwarich@uwaterloo.ca>
363
364         Reviewed by Oliver Hunt.
365
366         Bug 22840: REGRESSION (r38349): Gmail doesn't load with profiling enabled
367         <https://bugs.webkit.org/show_bug.cgi?id=22840>
368         <rdar://problem/6468077>
369
370         * bytecompiler/BytecodeGenerator.cpp:
371         (JSC::BytecodeGenerator::emitNewArray): Add an assertion that the range
372         of registers passed to op_new_array is sequential.
373         (JSC::BytecodeGenerator::emitCall): Correct the relocation of registers
374         when emitting profiler hooks so that registers aren't leaked. Also, add
375         an assertion that the 'this' register is always ref'd (because it is),
376         remove the needless protection of the 'this' register when relocating,
377         and add an assertion that the range of registers passed to op_call for
378         function call arguments is sequential.
379         (JSC::BytecodeGenerator::emitConstruct): Correct the relocation of
380         registers when emitting profiler hooks so that registers aren't leaked.
381         Also, add an assertion that the range of registers passed to op_construct
382         for function call arguments is sequential.
383
384 2008-12-26  Mark Rowe  <mrowe@apple.com>
385
386         Reviewed by Alexey Proskuryakov.
387
388         <rdar://problem/6467376> Race condition in WTF::currentThread can lead to a thread using two different identifiers during its lifetime
389
390         If a newly-created thread calls WTF::currentThread() before WTF::createThread calls establishIdentifierForPthreadHandle
391         then more than one identifier will be used for the same thread.  We can avoid this by adding some extra synchronization
392         during thread creation that delays the execution of the thread function until the thread identifier has been set up, and
393         an assertion to catch this problem should it reappear in the future.
394
395         * wtf/Threading.cpp: Added.
396         (WTF::NewThreadContext::NewThreadContext):
397         (WTF::threadEntryPoint):
398         (WTF::createThread): Add cross-platform createThread function that delays the execution of the thread function until
399         after the thread identifier has been set up.
400         * wtf/Threading.h:
401         * wtf/ThreadingGtk.cpp:
402         (WTF::establishIdentifierForThread):
403         (WTF::createThreadInternal):
404         * wtf/ThreadingNone.cpp:
405         (WTF::createThreadInternal):
406         * wtf/ThreadingPthreads.cpp:
407         (WTF::establishIdentifierForPthreadHandle):
408         (WTF::createThreadInternal):
409         * wtf/ThreadingQt.cpp:
410         (WTF::identifierByQthreadHandle):
411         (WTF::establishIdentifierForThread):
412         (WTF::createThreadInternal):
413         * wtf/ThreadingWin.cpp:
414         (WTF::storeThreadHandleByIdentifier):
415         (WTF::createThreadInternal):
416
417         Add Threading.cpp to the build.
418
419         * GNUmakefile.am:
420         * JavaScriptCore.pri:
421         * JavaScriptCore.scons:
422         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
423         * JavaScriptCore.xcodeproj/project.pbxproj:
424         * JavaScriptCoreSources.bkl:
425
426 2008-12-26  Sam Weinig  <sam@webkit.org>
427
428         Reviewed by Alexey Proskuryakov.
429
430         Remove unused method.
431
432         * runtime/Structure.h: Remove mutableTypeInfo.
433
434 2008-12-22  Gavin Barraclough  <barraclough@apple.com>
435
436         Reviewed by Oliver Hunt.
437
438         Fix rounding / bounds / signed comparison bug in ExecutableAllocator.
439
440         ExecutableAllocator::alloc assumed that m_freePtr would be aligned.  This was
441         not always true, since the first allocation from an additional pool would not
442         be rounded up.  Subsequent allocations would be unaligned, and too much memory
443         could be erroneously allocated from the pool, when the size requested was
444         available, but the size rounded up to word granularity was not available in the
445         pool.  This may result in the value of m_freePtr being greater than m_end.
446
447         Under these circumstances, the unsigned check for space will always pass,
448         resulting in pointers to memory outside of the arena being returned, and
449         ultimately segfaulty goodness when attempting to memcpy the hot freshly jitted
450         code from the AssemblerBuffer.
451
452         https://bugs.webkit.org/show_bug.cgi?id=22974
453         ... and probably many, many more.
454
455         * jit/ExecutableAllocator.h:
456         (JSC::ExecutablePool::alloc):
457         (JSC::ExecutablePool::roundUpAllocationSize):
458         (JSC::ExecutablePool::ExecutablePool):
459         (JSC::ExecutablePool::poolAllocate):
460
461 2008-12-22  Sam Weinig  <sam@webkit.org>
462
463         Reviewed by Gavin Barraclough.
464
465         Rename all uses of the term "repatch" to "patch".
466
467         * assembler/MacroAssembler.h:
468         (JSC::MacroAssembler::DataLabelPtr::patch):
469         (JSC::MacroAssembler::DataLabel32::patch):
470         (JSC::MacroAssembler::Jump::patch):
471         (JSC::MacroAssembler::PatchBuffer::PatchBuffer):
472         (JSC::MacroAssembler::PatchBuffer::setPtr):
473         (JSC::MacroAssembler::loadPtrWithAddressOffsetPatch):
474         (JSC::MacroAssembler::storePtrWithAddressOffsetPatch):
475         (JSC::MacroAssembler::storePtrWithPatch):
476         (JSC::MacroAssembler::jnePtrWithPatch):
477         * assembler/X86Assembler.h:
478         (JSC::X86Assembler::patchAddress):
479         (JSC::X86Assembler::patchImmediate):
480         (JSC::X86Assembler::patchPointer):
481         (JSC::X86Assembler::patchBranchOffset):
482         * interpreter/Interpreter.cpp:
483         (JSC::Interpreter::tryCTICachePutByID):
484         (JSC::Interpreter::tryCTICacheGetByID):
485         (JSC::Interpreter::cti_op_put_by_id):
486         (JSC::Interpreter::cti_op_get_by_id):
487         (JSC::Interpreter::cti_op_get_by_id_self_fail):
488         (JSC::Interpreter::cti_op_get_by_id_proto_list):
489         (JSC::Interpreter::cti_vm_dontLazyLinkCall):
490         * jit/JIT.cpp:
491         (JSC::ctiPatchCallByReturnAddress):
492         (JSC::JIT::privateCompileMainPass):
493         (JSC::JIT::privateCompile):
494         (JSC::JIT::privateCompileCTIMachineTrampolines):
495         * jit/JIT.h:
496         * jit/JITCall.cpp:
497         (JSC::JIT::unlinkCall):
498         (JSC::JIT::linkCall):
499         (JSC::JIT::compileOpCall):
500         * jit/JITPropertyAccess.cpp:
501         (JSC::JIT::compileGetByIdHotPath):
502         (JSC::JIT::compilePutByIdHotPath):
503         (JSC::JIT::compileGetByIdSlowCase):
504         (JSC::JIT::compilePutByIdSlowCase):
505         (JSC::JIT::privateCompilePutByIdTransition):
506         (JSC::JIT::patchGetByIdSelf):
507         (JSC::JIT::patchPutByIdReplace):
508         (JSC::JIT::privateCompilePatchGetArrayLength):
509         (JSC::JIT::privateCompileGetByIdSelf):
510         (JSC::JIT::privateCompileGetByIdProto):
511         (JSC::JIT::privateCompileGetByIdSelfList):
512         (JSC::JIT::privateCompileGetByIdProtoList):
513         (JSC::JIT::privateCompileGetByIdChainList):
514         (JSC::JIT::privateCompileGetByIdChain):
515         (JSC::JIT::privateCompilePutByIdReplace):
516
517 2008-12-22  Adam Roben  <aroben@apple.com>
518
519         Build fix after r39428
520
521         * jit/JITCall.cpp:
522         (JSC::JIT::compileOpCallSlowCase): Added a missing MacroAssembler::
523
524 2008-12-22  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
525
526         Rubber-stamped by George Staikos.
527
528         Unify all TorchMobile copyright lines. Consolidate in a single line, as requested by Mark Rowe, some time ago.
529
530         * wtf/RandomNumber.cpp:
531         * wtf/RandomNumber.h:
532         * wtf/RandomNumberSeed.h:
533
534 2008-12-21  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
535
536         Rubber-stamped by George Staikos.
537
538         Fix copyright of the new RandomNumber* files.
539
540         * wtf/RandomNumber.cpp:
541         * wtf/RandomNumber.h:
542         * wtf/RandomNumberSeed.h:
543
544 2008-12-21  Gavin Barraclough  <barraclough@apple.com>
545
546         Reviewed by Oliver Hunt & Cameron Zwarich.
547
548         Add support for call and property access repatching on x86-64.
549
550         No change in performance on current configurations (2x impovement on v8-tests with JIT enabled on x86-64).
551
552         * assembler/MacroAssembler.h:
553         (JSC::MacroAssembler::DataLabelPtr::repatch):
554         (JSC::MacroAssembler::DataLabelPtr::operator X86Assembler::JmpDst):
555         (JSC::MacroAssembler::DataLabel32::repatch):
556         (JSC::MacroAssembler::RepatchBuffer::addressOf):
557         (JSC::MacroAssembler::add32):
558         (JSC::MacroAssembler::sub32):
559         (JSC::MacroAssembler::loadPtrWithAddressOffsetRepatch):
560         (JSC::MacroAssembler::storePtrWithAddressOffsetRepatch):
561         (JSC::MacroAssembler::jePtr):
562         (JSC::MacroAssembler::jnePtr):
563         (JSC::MacroAssembler::jnePtrWithRepatch):
564         (JSC::MacroAssembler::differenceBetween):
565         * assembler/X86Assembler.h:
566         (JSC::X86Assembler::addl_im):
567         (JSC::X86Assembler::subl_im):
568         (JSC::X86Assembler::cmpl_rm):
569         (JSC::X86Assembler::movq_rm_disp32):
570         (JSC::X86Assembler::movq_mr_disp32):
571         (JSC::X86Assembler::repatchPointer):
572         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp64_disp32):
573         * jit/JIT.cpp:
574         (JSC::JIT::privateCompile):
575         (JSC::JIT::privateCompileCTIMachineTrampolines):
576         * jit/JIT.h:
577         * jit/JITCall.cpp:
578         (JSC::JIT::unlinkCall):
579         (JSC::JIT::linkCall):
580         (JSC::JIT::compileOpCall):
581         (JSC::JIT::compileOpCallSlowCase):
582         * jit/JITInlineMethods.h:
583         (JSC::JIT::restoreArgumentReferenceForTrampoline):
584         * jit/JITPropertyAccess.cpp:
585         (JSC::JIT::compileGetByIdHotPath):
586         (JSC::JIT::compileGetByIdSlowCase):
587         (JSC::JIT::compilePutByIdHotPath):
588         (JSC::JIT::compilePutByIdSlowCase):
589         (JSC::resizePropertyStorage):
590         (JSC::JIT::privateCompilePutByIdTransition):
591         (JSC::JIT::privateCompileGetByIdProto):
592         (JSC::JIT::privateCompileGetByIdProtoList):
593         (JSC::JIT::privateCompileGetByIdChainList):
594         (JSC::JIT::privateCompileGetByIdChain):
595         * wtf/Platform.h:
596
597 2008-12-20  Gavin Barraclough  <barraclough@apple.com>
598
599         Reviewed by Oliver Hunt.
600
601         Port optimized property access generation to the MacroAssembler.
602
603         * assembler/MacroAssembler.h:
604         (JSC::MacroAssembler::AbsoluteAddress::AbsoluteAddress):
605         (JSC::MacroAssembler::DataLabelPtr::repatch):
606         (JSC::MacroAssembler::DataLabel32::DataLabel32):
607         (JSC::MacroAssembler::DataLabel32::repatch):
608         (JSC::MacroAssembler::Label::operator X86Assembler::JmpDst):
609         (JSC::MacroAssembler::Jump::repatch):
610         (JSC::MacroAssembler::JumpList::empty):
611         (JSC::MacroAssembler::RepatchBuffer::link):
612         (JSC::MacroAssembler::add32):
613         (JSC::MacroAssembler::and32):
614         (JSC::MacroAssembler::sub32):
615         (JSC::MacroAssembler::loadPtrWithAddressRepatch):
616         (JSC::MacroAssembler::storePtrWithAddressRepatch):
617         (JSC::MacroAssembler::push):
618         (JSC::MacroAssembler::ja32):
619         (JSC::MacroAssembler::jePtr):
620         (JSC::MacroAssembler::jnePtr):
621         (JSC::MacroAssembler::jnePtrWithRepatch):
622         (JSC::MacroAssembler::align):
623         (JSC::MacroAssembler::differenceBetween):
624         * assembler/X86Assembler.h:
625         (JSC::X86Assembler::movl_rm_disp32):
626         (JSC::X86Assembler::movl_mr_disp32):
627         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp_disp32):
628         (JSC::X86Assembler::X86InstructionFormatter::memoryModRM):
629         * jit/JIT.cpp:
630         (JSC::ctiRepatchCallByReturnAddress):
631         (JSC::JIT::privateCompileMainPass):
632         (JSC::JIT::privateCompile):
633         (JSC::JIT::privateCompileCTIMachineTrampolines):
634         * jit/JIT.h:
635         * jit/JITPropertyAccess.cpp:
636         (JSC::JIT::compileGetByIdHotPath):
637         (JSC::JIT::compileGetByIdSlowCase):
638         (JSC::JIT::compilePutByIdHotPath):
639         (JSC::JIT::compilePutByIdSlowCase):
640         (JSC::resizePropertyStorage):
641         (JSC::JIT::privateCompilePutByIdTransition):
642         (JSC::JIT::patchGetByIdSelf):
643         (JSC::JIT::patchPutByIdReplace):
644         (JSC::JIT::privateCompilePatchGetArrayLength):
645         (JSC::JIT::privateCompileGetByIdSelf):
646         (JSC::JIT::privateCompileGetByIdProto):
647         (JSC::JIT::privateCompileGetByIdSelfList):
648         (JSC::JIT::privateCompileGetByIdProtoList):
649         (JSC::JIT::privateCompileGetByIdChainList):
650         (JSC::JIT::privateCompileGetByIdChain):
651         (JSC::JIT::privateCompilePutByIdReplace):
652         * wtf/RefCounted.h:
653         (WTF::RefCountedBase::addressOfCount):
654
655 2008-12-19  Gustavo Noronha Silva  <gns@gnome.org>
656
657         Reviewed by Holger Freyther.
658
659         https://bugs.webkit.org/show_bug.cgi?id=22686
660
661         Added file which was missing to the javascriptcore_sources
662         variable, so that it shows up in the tarball created by `make
663         dist'.
664
665         * GNUmakefile.am:
666
667 2008-12-19  Holger Hans Peter Freyther  <zecke@selfish.org>
668
669         Reviewed by Antti Koivisto.
670
671         Build fix when building JS API tests with a c89 c compiler
672
673         Do not use C++ style comments and convert them to C comments.
674
675         * wtf/Platform.h:
676
677 2008-12-18  Gavin Barraclough  <barraclough@apple.com>
678
679         Reviewed by Sam Weinig.
680
681         Same as last revision, adding cases for pre & post inc & dec.
682
683         https://bugs.webkit.org/show_bug.cgi?id=22928
684
685         * jit/JIT.cpp:
686         (JSC::JIT::privateCompileMainPass):
687
688 2008-12-18  Gavin Barraclough  <barraclough@apple.com>
689
690         Reviewed by Sam Weinig.
691
692         Fixes for the JIT's handling of JSImmediate values on x86-64.
693         On 64-bit systems, the code in JSImmediate.h relies on the upper
694         bits of a JSImmediate being a sign extension of the low 32-bits.
695         This was not being enforced by the JIT, since a number of inline
696         operations were being performed on 32-bit values in registers, and
697         when a 32-bit result is written to a register on x86-64 the value
698         is zero-extended to 64-bits.
699         
700         This fix honors previous behavoir.  A better fix in the long run
701         (when the JIT is enabled by default) may be to change JSImmediate.h
702         so it no longer relies on the upper bits of the pointer,... though
703         if we're going to change JSImmediate.h for 64-bit, we probably may
704         as well change the format so that the full range of 32-bit ints can
705         be stored, rather than just 31-bits.
706
707         https://bugs.webkit.org/show_bug.cgi?id=22925
708
709         * assembler/MacroAssembler.h:
710         (JSC::MacroAssembler::addPtr):
711         (JSC::MacroAssembler::andPtr):
712         (JSC::MacroAssembler::orPtr):
713         (JSC::MacroAssembler::or32):
714         (JSC::MacroAssembler::xor32):
715         (JSC::MacroAssembler::xorPtr):
716         (JSC::MacroAssembler::signExtend32ToPtr):
717         * assembler/X86Assembler.h:
718         (JSC::X86Assembler::):
719         (JSC::X86Assembler::andq_rr):
720         (JSC::X86Assembler::andq_ir):
721         (JSC::X86Assembler::orq_rr):
722         (JSC::X86Assembler::xorq_ir):
723         (JSC::X86Assembler::movsxd_rr):
724         * jit/JIT.cpp:
725         (JSC::JIT::privateCompileMainPass):
726         * jit/JITInlineMethods.h:
727         (JSC::JIT::emitFastArithReTagImmediate):
728         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
729         (JSC::JIT::emitFastArithImmToInt):
730
731 2008-12-18  Gavin Barraclough  <barraclough@apple.com>
732
733         Reviewed by Sam Weinig.
734
735         Just a tidy up - rename & refactor some the #defines configuring the JIT.
736
737         * interpreter/Interpreter.cpp:
738         (JSC::Interpreter::cti_op_convert_this):
739         (JSC::Interpreter::cti_op_end):
740         (JSC::Interpreter::cti_op_add):
741         (JSC::Interpreter::cti_op_pre_inc):
742         (JSC::Interpreter::cti_timeout_check):
743         (JSC::Interpreter::cti_register_file_check):
744         (JSC::Interpreter::cti_op_loop_if_less):
745         (JSC::Interpreter::cti_op_loop_if_lesseq):
746         (JSC::Interpreter::cti_op_new_object):
747         (JSC::Interpreter::cti_op_put_by_id_generic):
748         (JSC::Interpreter::cti_op_get_by_id_generic):
749         (JSC::Interpreter::cti_op_put_by_id):
750         (JSC::Interpreter::cti_op_put_by_id_second):
751         (JSC::Interpreter::cti_op_put_by_id_fail):
752         (JSC::Interpreter::cti_op_get_by_id):
753         (JSC::Interpreter::cti_op_get_by_id_second):
754         (JSC::Interpreter::cti_op_get_by_id_self_fail):
755         (JSC::Interpreter::cti_op_get_by_id_proto_list):
756         (JSC::Interpreter::cti_op_get_by_id_proto_list_full):
757         (JSC::Interpreter::cti_op_get_by_id_proto_fail):
758         (JSC::Interpreter::cti_op_get_by_id_array_fail):
759         (JSC::Interpreter::cti_op_get_by_id_string_fail):
760         (JSC::Interpreter::cti_op_instanceof):
761         (JSC::Interpreter::cti_op_del_by_id):
762         (JSC::Interpreter::cti_op_mul):
763         (JSC::Interpreter::cti_op_new_func):
764         (JSC::Interpreter::cti_op_call_JSFunction):
765         (JSC::Interpreter::cti_op_call_arityCheck):
766         (JSC::Interpreter::cti_vm_dontLazyLinkCall):
767         (JSC::Interpreter::cti_vm_lazyLinkCall):
768         (JSC::Interpreter::cti_op_push_activation):
769         (JSC::Interpreter::cti_op_call_NotJSFunction):
770         (JSC::Interpreter::cti_op_create_arguments):
771         (JSC::Interpreter::cti_op_create_arguments_no_params):
772         (JSC::Interpreter::cti_op_tear_off_activation):
773         (JSC::Interpreter::cti_op_tear_off_arguments):
774         (JSC::Interpreter::cti_op_profile_will_call):
775         (JSC::Interpreter::cti_op_profile_did_call):
776         (JSC::Interpreter::cti_op_ret_scopeChain):
777         (JSC::Interpreter::cti_op_new_array):
778         (JSC::Interpreter::cti_op_resolve):
779         (JSC::Interpreter::cti_op_construct_JSConstruct):
780         (JSC::Interpreter::cti_op_construct_NotJSConstruct):
781         (JSC::Interpreter::cti_op_get_by_val):
782         (JSC::Interpreter::cti_op_resolve_func):
783         (JSC::Interpreter::cti_op_sub):
784         (JSC::Interpreter::cti_op_put_by_val):
785         (JSC::Interpreter::cti_op_put_by_val_array):
786         (JSC::Interpreter::cti_op_lesseq):
787         (JSC::Interpreter::cti_op_loop_if_true):
788         (JSC::Interpreter::cti_op_negate):
789         (JSC::Interpreter::cti_op_resolve_base):
790         (JSC::Interpreter::cti_op_resolve_skip):
791         (JSC::Interpreter::cti_op_resolve_global):
792         (JSC::Interpreter::cti_op_div):
793         (JSC::Interpreter::cti_op_pre_dec):
794         (JSC::Interpreter::cti_op_jless):
795         (JSC::Interpreter::cti_op_not):
796         (JSC::Interpreter::cti_op_jtrue):
797         (JSC::Interpreter::cti_op_post_inc):
798         (JSC::Interpreter::cti_op_eq):
799         (JSC::Interpreter::cti_op_lshift):
800         (JSC::Interpreter::cti_op_bitand):
801         (JSC::Interpreter::cti_op_rshift):
802         (JSC::Interpreter::cti_op_bitnot):
803         (JSC::Interpreter::cti_op_resolve_with_base):
804         (JSC::Interpreter::cti_op_new_func_exp):
805         (JSC::Interpreter::cti_op_mod):
806         (JSC::Interpreter::cti_op_less):
807         (JSC::Interpreter::cti_op_neq):
808         (JSC::Interpreter::cti_op_post_dec):
809         (JSC::Interpreter::cti_op_urshift):
810         (JSC::Interpreter::cti_op_bitxor):
811         (JSC::Interpreter::cti_op_new_regexp):
812         (JSC::Interpreter::cti_op_bitor):
813         (JSC::Interpreter::cti_op_call_eval):
814         (JSC::Interpreter::cti_op_throw):
815         (JSC::Interpreter::cti_op_get_pnames):
816         (JSC::Interpreter::cti_op_next_pname):
817         (JSC::Interpreter::cti_op_push_scope):
818         (JSC::Interpreter::cti_op_pop_scope):
819         (JSC::Interpreter::cti_op_typeof):
820         (JSC::Interpreter::cti_op_is_undefined):
821         (JSC::Interpreter::cti_op_is_boolean):
822         (JSC::Interpreter::cti_op_is_number):
823         (JSC::Interpreter::cti_op_is_string):
824         (JSC::Interpreter::cti_op_is_object):
825         (JSC::Interpreter::cti_op_is_function):
826         (JSC::Interpreter::cti_op_stricteq):
827         (JSC::Interpreter::cti_op_nstricteq):
828         (JSC::Interpreter::cti_op_to_jsnumber):
829         (JSC::Interpreter::cti_op_in):
830         (JSC::Interpreter::cti_op_push_new_scope):
831         (JSC::Interpreter::cti_op_jmp_scopes):
832         (JSC::Interpreter::cti_op_put_by_index):
833         (JSC::Interpreter::cti_op_switch_imm):
834         (JSC::Interpreter::cti_op_switch_char):
835         (JSC::Interpreter::cti_op_switch_string):
836         (JSC::Interpreter::cti_op_del_by_val):
837         (JSC::Interpreter::cti_op_put_getter):
838         (JSC::Interpreter::cti_op_put_setter):
839         (JSC::Interpreter::cti_op_new_error):
840         (JSC::Interpreter::cti_op_debug):
841         (JSC::Interpreter::cti_vm_throw):
842         * interpreter/Interpreter.h:
843         * jit/JIT.cpp:
844         (JSC::):
845         (JSC::JIT::privateCompileMainPass):
846         (JSC::JIT::privateCompile):
847         * jit/JIT.h:
848         * jit/JITInlineMethods.h:
849         (JSC::JIT::restoreArgumentReference):
850         (JSC::JIT::restoreArgumentReferenceForTrampoline):
851         * wtf/Platform.h:
852
853 2008-12-18  Cameron Zwarich  <zwarich@apple.com>
854
855         Reviewed by Geoff Garen.
856
857         Bug 21855: REGRESSION (r37323): Gmail complains about popup blocking when opening a link
858         <https://bugs.webkit.org/show_bug.cgi?id=21855>
859         <rdar://problem/6278244>
860
861         Move DynamicGlobalObjectScope to JSGlobalObject.h so that it can be used
862         from WebCore.
863
864         * interpreter/Interpreter.cpp:
865         * runtime/JSGlobalObject.h:
866         (JSC::DynamicGlobalObjectScope::DynamicGlobalObjectScope):
867         (JSC::DynamicGlobalObjectScope::~DynamicGlobalObjectScope):
868
869 2008-12-17  Geoffrey Garen  <ggaren@apple.com>
870
871         Reviewed by Gavin Barraclough.
872         
873         Fixed https://bugs.webkit.org/show_bug.cgi?id=22393
874         Segfault when caching property accesses to primitive cells.
875         
876         Changed some asObject casts to asCell casts in cases where a primitive
877         value may be a cell and not an object.
878         
879         Re-enabled property caching for primitives in cases where it had been
880         disabled because of this bug.
881         
882         Updated a comment to better explain something Darin thought needed
883         explaining in an old patch review.
884
885         * interpreter/Interpreter.cpp:
886         (JSC::countPrototypeChainEntriesAndCheckForProxies):
887         (JSC::Interpreter::tryCacheGetByID):
888         (JSC::Interpreter::tryCTICacheGetByID):
889         (JSC::Interpreter::cti_op_get_by_id_self_fail):
890         (JSC::Interpreter::cti_op_get_by_id_proto_list):
891
892 2008-12-17  Gavin Barraclough  <barraclough@apple.com>
893
894         Reviewed by Cameron Zwarich.
895
896         Fixes for Sunspider failures with the JIT enabled on x86-64.
897
898         * assembler/MacroAssembler.h:
899             Switch the order of the RegisterID & Address form of je32, to keep it consistent with jne32.
900         * jit/JIT.cpp:
901         * jit/JIT.h:
902         * jit/JITInlineMethods.h:
903             Port the m_ctiVirtualCall tramopline generation to use the MacroAssembler interface.
904         * jit/JITCall.cpp:
905             Fix bug in the non-optimizing code path, vptr check should have been to the memory address pointer
906             to by the register, not to the register itself.
907         * wrec/WRECGenerator.cpp:
908             See assembler/MacroAssembler.h, above.
909
910 2008-12-17  Gavin Barraclough  <barraclough@apple.com>
911
912         Reviewed by Sam Weinig.
913
914         print("Hello, 64-bit jitted world!");
915         Get hello-world working through the JIT, on x86-64.
916
917         * assembler/X86Assembler.h:
918             Fix encoding of opcode + RegisterID format instructions for 64-bit.
919         * interpreter/Interpreter.cpp:
920         * interpreter/Interpreter.h:
921             Make VoidPtrPair actually be a pair of void*s.
922             (Possibly should make this change for 32-bit Mac platforms, too - but won't change 32-bit behaviour in this patch).
923         * jit/JIT.cpp:
924         * jit/JIT.h:
925             Provide names for the timeoutCheckRegister & callFrameRegister on x86-64,
926             force x86-64 ctiTrampoline arguments onto the stack,
927             implement the asm trampolines for x86-64,
928             implement the restoreArgumentReference methods for x86-64 calling conventions.
929         * jit/JITCall.cpp:
930         * jit/JITInlineMethods.h:
931         * wtf/Platform.h:
932             Add switch settings to ENABLE(JIT), on PLATFORM(X86_64) (currently still disabled).
933
934 2008-12-17  Sam Weinig  <sam@webkit.org>
935
936         Reviewed by Gavin Barraclough.
937
938         Add more CodeBlock statistics.
939
940         * bytecode/CodeBlock.cpp:
941         (JSC::CodeBlock::dumpStatistics):
942
943 2008-12-17  Sam Weinig  <sam@webkit.org>
944
945         Reviewed by Darin Adler.
946
947         Fix for https://bugs.webkit.org/show_bug.cgi?id=22897
948         <rdar://problem/6428342>
949         Look into feasibility of discarding bytecode after native codegen
950
951         Clear the bytecode Instruction vector at the end JIT generation.
952
953         Saves 4.8 MB on Membuster head.
954
955         * bytecode/CodeBlock.cpp:
956         (JSC::CodeBlock::dump): Add logging for the case that someone tries
957         to dump the instructions of a CodeBlock that has had its bytecode
958         vector cleared.
959         (JSC::CodeBlock::CodeBlock): Initialize the instructionCount
960         (JSC::CodeBlock::handlerForBytecodeOffset): Use instructionCount instead
961         of the size of the instruction vector in the assertion.
962         (JSC::CodeBlock::lineNumberForBytecodeOffset): Ditto.
963         (JSC::CodeBlock::expressionRangeForBytecodeOffset): Ditto.
964         (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset): Ditto.
965         (JSC::CodeBlock::functionRegisterForBytecodeOffset): Ditto.
966         * bytecode/CodeBlock.h:
967         (JSC::CodeBlock::setInstructionCount): Store the instruction vector size
968         in debug builds for assertions.
969         * bytecompiler/BytecodeGenerator.cpp:
970         (JSC::BytecodeGenerator::generate):
971         * jit/JIT.cpp:
972         (JSC::JIT::privateCompile): Clear the bytecode vector unless we
973         have compiled with Opcode sampling where we will continue to require it
974
975 2008-12-17  Cary Clark  <caryclark@google.com>
976
977         Reviewed by Darin Adler.
978         Landed by Adam Barth.
979
980         Add ENABLE_TEXT_CARET to permit the ANDROID platform
981         to invalidate and draw the caret in a separate thread.
982
983         * wtf/Platform.h:
984         Default ENABLE_TEXT_CARET to 1.
985
986 2008-12-17  Alexey Proskuryakov  <ap@webkit.org>
987
988         Reviewed by Darin Adler.
989
990         Don't use unique context group in JSGlobalContextCreate() on Tiger or Leopard, take two.
991
992         * API/JSContextRef.cpp: The previous patch that claimed to do this was making Tiger and
993         Leopard always use unique context group instead.
994
995 2008-12-16  Sam Weinig  <sam@webkit.org>
996
997         Reviewed by Geoffrey Garen.
998
999         Fix for https://bugs.webkit.org/show_bug.cgi?id=22838
1000         Remove dependency on the bytecode Instruction buffer in Interpreter::throwException
1001         Part of <rdar://problem/6428342>
1002
1003         * bytecode/CodeBlock.cpp:
1004         (JSC::CodeBlock::functionRegisterForBytecodeOffset): Added. Function to get
1005         a function Register index in a callFrame for a bytecode offset.
1006         (JSC::CodeBlock::shrinkToFit): Shrink m_getByIdExceptionInfo and m_functionRegisterInfos.
1007         * bytecode/CodeBlock.h:
1008         (JSC::FunctionRegisterInfo::FunctionRegisterInfo): Added.
1009         (JSC::CodeBlock::addFunctionRegisterInfo):
1010         * bytecompiler/BytecodeGenerator.cpp:
1011         (JSC::BytecodeGenerator::emitCall):
1012         * interpreter/Interpreter.cpp:
1013         (JSC::Interpreter::throwException): Use functionRegisterForBytecodeOffset in JIT
1014         mode.
1015
1016 2008-12-16  Sam Weinig  <sam@webkit.org>
1017
1018         Reviewed by Gavin Barraclough.
1019
1020         Fix for https://bugs.webkit.org/show_bug.cgi?id=22837
1021         Remove dependency on the bytecode Instruction buffer in Interpreter::cti_op_call_NotJSFunction
1022         Part of <rdar://problem/6428342>
1023
1024         * interpreter/CallFrame.h: Added comment regarding returnPC storing a void*.
1025         * interpreter/Interpreter.cpp:
1026         (JSC::bytecodeOffsetForPC): We no longer have any cases of the PC
1027         being in the instruction stream for JIT, so we can remove the check.
1028         (JSC::Interpreter::cti_op_call_NotJSFunction): Use the CTI_RETURN_ADDRESS
1029         as the call frame returnPC as it is only necessary for looking up when
1030         throwing an exception.
1031         * interpreter/RegisterFile.h:
1032         (JSC::RegisterFile::): Added comment regarding returnPC storing a void*.
1033         * jit/JIT.h: Remove ARG_instr4.
1034         * jit/JITCall.cpp:
1035         (JSC::JIT::compileOpCallSetupArgs): Don't pass the instruction pointer.
1036
1037 2008-12-16  Darin Adler  <darin@apple.com>
1038
1039         Reviewed and landed by Cameron Zwarich.
1040
1041         Preparatory work for fixing
1042
1043         Bug 22887: Make UString::Rep use RefCounted rather than implementing its own ref counting
1044         <https://bugs.webkit.org/show_bug.cgi?id=22887>
1045
1046         Change the various string translators used by Identifier:add() so that
1047         they never zero the ref count of a newly created UString::Rep.
1048
1049         * runtime/Identifier.cpp:
1050         (JSC::CStringTranslator::translate):
1051         (JSC::Identifier::add):
1052         (JSC::UCharBufferTranslator::translate):
1053
1054 2008-12-16  Gavin Barraclough  <barraclough@apple.com>
1055
1056         Build fix for 'doze.
1057
1058         * assembler/AssemblerBuffer.h:
1059
1060 2008-12-16  Gavin Barraclough  <barraclough@apple.com>
1061
1062         Reviewed by Cameron Zwarich.
1063
1064         Make the JIT compile on x86-64.
1065         This largely involves populting the missing calls in MacroAssembler.h.
1066         In addition some reinterpret_casts need removing from the JIT, and the
1067         repatching property access code will need to be fully compiled out for
1068         now.  The changes in interpret.cpp are to reorder the functions so that
1069         the _generic forms come before all other property access methods, and
1070         then to place all property access methods other than the generic forms
1071         under control of the ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS macro.
1072
1073         No performance impact.
1074
1075         * assembler/AssemblerBuffer.h:
1076         (JSC::AssemblerBuffer::putInt64Unchecked):
1077         * assembler/MacroAssembler.h:
1078         (JSC::MacroAssembler::loadPtr):
1079         (JSC::MacroAssembler::load32):
1080         (JSC::MacroAssembler::storePtr):
1081         (JSC::MacroAssembler::storePtrWithRepatch):
1082         (JSC::MacroAssembler::store32):
1083         (JSC::MacroAssembler::poke):
1084         (JSC::MacroAssembler::move):
1085         (JSC::MacroAssembler::testImm64):
1086         (JSC::MacroAssembler::jePtr):
1087         (JSC::MacroAssembler::jnePtr):
1088         (JSC::MacroAssembler::jnzPtr):
1089         (JSC::MacroAssembler::jzPtr):
1090         * assembler/X86Assembler.h:
1091         (JSC::X86Assembler::):
1092         (JSC::X86Assembler::cmpq_rr):
1093         (JSC::X86Assembler::cmpq_rm):
1094         (JSC::X86Assembler::cmpq_im):
1095         (JSC::X86Assembler::testq_i32m):
1096         (JSC::X86Assembler::movl_mEAX):
1097         (JSC::X86Assembler::movl_i32r):
1098         (JSC::X86Assembler::movl_EAXm):
1099         (JSC::X86Assembler::movq_rm):
1100         (JSC::X86Assembler::movq_mEAX):
1101         (JSC::X86Assembler::movq_mr):
1102         (JSC::X86Assembler::movq_i64r):
1103         (JSC::X86Assembler::movl_mr):
1104         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp64):
1105         (JSC::X86Assembler::X86InstructionFormatter::immediate64):
1106         * interpreter/Interpreter.cpp:
1107         (JSC::Interpreter::cti_op_put_by_id_generic):
1108         (JSC::Interpreter::cti_op_get_by_id_generic):
1109         (JSC::Interpreter::cti_op_put_by_id):
1110         (JSC::Interpreter::cti_op_put_by_id_second):
1111         * jit/JIT.cpp:
1112         (JSC::JIT::privateCompileMainPass):
1113         (JSC::JIT::privateCompile):
1114         (JSC::JIT::privateCompileCTIMachineTrampolines):
1115         * jit/JITCall.cpp:
1116         (JSC::JIT::compileOpCallSetupArgs):
1117         (JSC::JIT::compileOpCall):
1118         * jit/JITPropertyAccess.cpp:
1119         (JSC::JIT::compileGetByIdHotPath):
1120         (JSC::JIT::compilePutByIdHotPath):
1121         * runtime/JSImmediate.h:
1122         (JSC::JSImmediate::makeInt):
1123
1124 2008-12-16  Cameron Zwarich  <zwarich@apple.com>
1125
1126         Reviewed by Darin Adler.
1127
1128         Bug 22869: REGRESSION (r38407): http://news.cnet.com/8301-13579_3-9953533-37.html crashes
1129         <https://bugs.webkit.org/show_bug.cgi?id=22869>
1130         <rdar://problem/6402499>
1131
1132         Before r38407, Structure::m_nameInPrevious was ref'd due to it being
1133         stored in a PropertyMap. However, PropertyMaps are created lazily after
1134         r38407, so Structure::m_nameInPrevious is not necessarily ref'd while
1135         it is being used. Making it a RefPtr instead of a raw pointer fixes
1136         the problem.
1137
1138         Unfortunately, the crash in the bug is rather intermittent, and it is
1139         impossible to add an assertion in UString::Ref::ref() to catch this bug
1140         because some users of UString::Rep deliberately zero out the reference
1141         count. Therefore, there is no layout test accompanying this bug fix.
1142
1143         * runtime/Structure.cpp:
1144         (JSC::Structure::~Structure): Use get().
1145         (JSC::Structure::materializePropertyMap): Use get().
1146         (JSC::Structure::addPropertyTransitionToExistingStructure): Use get().
1147         (JSC::Structure::addPropertyTransition): Use get().
1148         * runtime/Structure.h: Make Structure::m_nameInPrevious a RefPtr instead
1149         of a raw pointer.
1150
1151 2008-12-16  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
1152
1153         Not reviewed. Attempt to fix win build. No 'using namespace WTF' in this file, needs manual WTF:: prefix.
1154         Not sure why the build works as is here.
1155
1156         * runtime/MathObject.cpp:
1157         (JSC::mathProtoFuncRandom):
1158
1159 2008-12-16  Nikolas Zimmermann  <nikolas.zimmermann@torchmobile.com>
1160
1161         Reviewed by Darin Adler.
1162
1163         Fixes: https://bugs.webkit.org/show_bug.cgi?id=22876
1164
1165         Unify random number generation in JavaScriptCore & WebCore, by introducing
1166         wtf/RandomNumber.h and moving wtf_random/wtf_random_init out of MathExtras.h.
1167
1168         wtf_random_init() has been renamed to initializeRandomNumberGenerator() and
1169         lives in it's own private header: wtf/RandomNumberSeed.h, only intended to
1170         be used from within JavaScriptCore.
1171
1172         wtf_random() has been renamed to randomNumber() and lives in a public header
1173         wtf/RandomNumber.h, usable from within JavaScriptCore & WebCore. It encapsulates
1174         the code taking care of initializing the random number generator (only when
1175         building without ENABLE(JSC_MULTIPLE_THREADS), otherwhise initializeThreading()
1176         already took care of that).
1177
1178         Functional change on darwin: Use random() instead of rand(), as it got a larger
1179         period (more randomness). HTMLFormElement already contains this implementation
1180         and I just moved it in randomNumber(), as  special case for PLATFORM(DARWIN).
1181
1182         * GNUmakefile.am: Add RandomNumber.(cpp/h) / RandomNumberSeed.h.
1183         * JavaScriptCore.exp: Ditto.
1184         * JavaScriptCore.pri: Ditto.
1185         * JavaScriptCore.scons: Ditto.
1186         * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
1187         * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
1188         * JavaScriptCoreSources.bkl: Ditto.
1189         * runtime/MathObject.cpp: Use new WTF::randomNumber() functionality.
1190         (JSC::mathProtoFuncRandom):
1191         * wtf/MathExtras.h: Move wtf_random / wtf_random_init to new files.
1192         * wtf/RandomNumber.cpp: Added.
1193         (WTF::randomNumber):
1194         * wtf/RandomNumber.h: Added.
1195         * wtf/RandomNumberSeed.h: Added. Internal usage within JSC only.
1196         (WTF::initializeRandomNumberGenerator):
1197         * wtf/ThreadingGtk.cpp: Rename wtf_random_init() to initializeRandomNumberGenerator().
1198         (WTF::initializeThreading):
1199         * wtf/ThreadingPthreads.cpp: Ditto.
1200         (WTF::initializeThreading):
1201         * wtf/ThreadingQt.cpp: Ditto.
1202         (WTF::initializeThreading):
1203         * wtf/ThreadingWin.cpp: Ditto.
1204         (WTF::initializeThreading):
1205
1206 2008-12-16 Yael Aharon <yael.aharon@nokia.com>
1207
1208         Reviewed by Tor Arne Vestbø.
1209
1210         Qt/Win build fix
1211
1212         * JavaScriptCore.pri:
1213
1214 2008-12-15  Mark Rowe  <mrowe@apple.com>
1215
1216         Reviewed by Cameron Zwarich.
1217
1218         Fix the build with GCC 4.0.
1219
1220         * Configurations/JavaScriptCore.xcconfig:  GCC 4.0 appears to have a bug when compiling with -funwind-tables on,
1221         so don't use it with that compiler version.
1222
1223 2008-12-15  Mark Rowe  <mrowe@apple.com>
1224
1225         Rubber-stamped by Cameron Zwarich.
1226
1227         <rdar://problem/6289933> Change WebKit-related projects to build with GCC 4.2 on Leopard.
1228
1229         * Configurations/Base.xcconfig:
1230         * Configurations/DebugRelease.xcconfig:
1231
1232 2008-12-15  Alexey Proskuryakov  <ap@webkit.org>
1233
1234         Reviewed by Darin Adler.
1235
1236         Don't use unique context group in JSGlobalContextCreate() on Tiger or Leopard.
1237
1238         * API/JSContextRef.cpp: (JSGlobalContextCreate):
1239
1240 2008-12-15  Alexey Proskuryakov  <ap@webkit.org>
1241
1242         Reviewed by Darin Adler.
1243
1244         <rdar://problem/6445089> Mach ports leak from worker threads
1245
1246         * interpreter/Interpreter.cpp: (JSC::getCPUTime):
1247         Deallocate the thread self port.
1248
1249 2008-12-15  Gavin Barraclough  <barraclough@apple.com>
1250
1251         Reviewed by Mark Rowe.
1252
1253         Construct stack frames in JIT code, so that backtracing can still work.
1254         <rdar://problem/6447870> JIT should play nice with attempts to take stack traces
1255
1256         * jit/JIT.cpp:
1257         (JSC::):
1258         (JSC::JIT::privateCompileMainPass):
1259
1260 2008-12-15  Mark Rowe  <mrowe@apple.com>
1261
1262         Reviewed by Gavin Barraclough.
1263
1264         <rdar://problem/6402262> JavaScriptCore needs exception handling tables in order to get stack traces without frame pointers
1265
1266         * Configurations/JavaScriptCore.xcconfig:
1267
1268 2008-12-15  Gavin Barraclough  <barraclough@apple.com>
1269
1270         Rubber stamped by Mark Rowe.
1271
1272         Revert r39226 / Bug 22818: Unify JIT callback argument access OS X / Windows
1273         This causes Acid3 failures – reverting for now & will revisit later.
1274         https://bugs.webkit.org/show_bug.cgi?id=22873
1275
1276         * interpreter/Interpreter.h:
1277         * jit/JIT.cpp:
1278         (JSC::JIT::privateCompileCTIMachineTrampolines):
1279         * jit/JIT.h:
1280         * jit/JITInlineMethods.h:
1281         (JSC::JIT::restoreArgumentReference):
1282         (JSC::JIT::restoreArgumentReferenceForTrampoline):
1283         (JSC::JIT::emitCTICall_internal):
1284         * jit/JITPropertyAccess.cpp:
1285         (JSC::JIT::privateCompilePutByIdTransition):
1286         * wtf/Platform.h:
1287
1288 2008-12-15  Darin Adler  <darin@apple.com>
1289
1290         Reviewed by Sam Weinig.
1291
1292         - fix <rdar://problem/6427048> crash due to infinite recursion after setting window.__proto__ = window
1293
1294         Replaced toGlobalObject with the more generally useful unwrappedObject and used it to
1295         fix the cycle detection code in put(__proto__).
1296
1297         * JavaScriptCore.exp: Updated.
1298
1299         * runtime/JSGlobalObject.cpp: Removed toGlobalObject. We now use unwrappedObject instead.
1300         * runtime/JSGlobalObject.h:
1301         (JSC::JSGlobalObject::isGlobalObject): Ditto.
1302
1303         * runtime/JSGlobalObjectFunctions.cpp:
1304         (JSC::globalFuncEval): Use unwrappedObject and isGlobalObject here rather than toGlobalObject.
1305
1306         * runtime/JSObject.cpp:
1307         (JSC::JSObject::put): Rewrote prototype cycle checking loop. Use unwrappedObject in the loop now.
1308         (JSC::JSObject::unwrappedObject): Replaced toGlobalObject with this new function.
1309         * runtime/JSObject.h: More of the same.
1310
1311 2008-12-15  Steve Falkenburg  <sfalken@apple.com>
1312
1313         Windows build fix.
1314         
1315         Visual Studio requires visibility of forward declarations to match class declaration.
1316
1317         * assembler/X86Assembler.h:
1318
1319 2008-12-15  Gustavo Noronha Silva  <kov@kov.eti.br>
1320
1321         Reviewed by Mark Rowe.
1322
1323         https://bugs.webkit.org/show_bug.cgi?id=22686
1324
1325         GTK+ build fix.
1326
1327         * GNUmakefile.am:
1328
1329 2008-12-15  Gavin Barraclough  <barraclough@apple.com>
1330
1331         Reviewed by Geoff Garen.
1332
1333         Add support to X86Assembler emitting instructions that access all 16 registers on x86-64.
1334         Add a new formating class, that is reponsible for both emitting the opcode bytes and the
1335         ModRm  bytes of an instruction in a single call; this can insert the REX byte as necessary
1336         before the opcode, but has access to the register numbers to build the REX.
1337
1338         * assembler/AssemblerBuffer.h:
1339         (JSC::AssemblerBuffer::isAligned):
1340         (JSC::AssemblerBuffer::data):
1341         * assembler/MacroAssembler.h:
1342         (JSC::MacroAssembler::addPtr):
1343         (JSC::MacroAssembler::add32):
1344         (JSC::MacroAssembler::and32):
1345         (JSC::MacroAssembler::or32):
1346         (JSC::MacroAssembler::sub32):
1347         (JSC::MacroAssembler::xor32):
1348         (JSC::MacroAssembler::loadPtr):
1349         (JSC::MacroAssembler::load32):
1350         (JSC::MacroAssembler::load16):
1351         (JSC::MacroAssembler::storePtr):
1352         (JSC::MacroAssembler::storePtrWithRepatch):
1353         (JSC::MacroAssembler::store32):
1354         (JSC::MacroAssembler::pop):
1355         (JSC::MacroAssembler::push):
1356         (JSC::MacroAssembler::compareImm32ForBranch):
1357         (JSC::MacroAssembler::compareImm32ForBranchEquality):
1358         (JSC::MacroAssembler::testImm32):
1359         (JSC::MacroAssembler::jae32):
1360         (JSC::MacroAssembler::jb32):
1361         (JSC::MacroAssembler::je16):
1362         (JSC::MacroAssembler::jg32):
1363         (JSC::MacroAssembler::jnePtr):
1364         (JSC::MacroAssembler::jne32):
1365         (JSC::MacroAssembler::jump):
1366         * assembler/X86Assembler.h:
1367         (JSC::X86::):
1368         (JSC::X86Assembler::):
1369         (JSC::X86Assembler::size):
1370         (JSC::X86Assembler::push_r):
1371         (JSC::X86Assembler::pop_r):
1372         (JSC::X86Assembler::push_i32):
1373         (JSC::X86Assembler::push_m):
1374         (JSC::X86Assembler::pop_m):
1375         (JSC::X86Assembler::addl_rr):
1376         (JSC::X86Assembler::addl_mr):
1377         (JSC::X86Assembler::addl_ir):
1378         (JSC::X86Assembler::addq_ir):
1379         (JSC::X86Assembler::addl_im):
1380         (JSC::X86Assembler::andl_rr):
1381         (JSC::X86Assembler::andl_ir):
1382         (JSC::X86Assembler::orl_rr):
1383         (JSC::X86Assembler::orl_mr):
1384         (JSC::X86Assembler::orl_ir):
1385         (JSC::X86Assembler::subl_rr):
1386         (JSC::X86Assembler::subl_mr):
1387         (JSC::X86Assembler::subl_ir):
1388         (JSC::X86Assembler::subl_im):
1389         (JSC::X86Assembler::xorl_rr):
1390         (JSC::X86Assembler::xorl_ir):
1391         (JSC::X86Assembler::sarl_i8r):
1392         (JSC::X86Assembler::sarl_CLr):
1393         (JSC::X86Assembler::shll_i8r):
1394         (JSC::X86Assembler::shll_CLr):
1395         (JSC::X86Assembler::imull_rr):
1396         (JSC::X86Assembler::imull_i32r):
1397         (JSC::X86Assembler::idivl_r):
1398         (JSC::X86Assembler::cmpl_rr):
1399         (JSC::X86Assembler::cmpl_rm):
1400         (JSC::X86Assembler::cmpl_mr):
1401         (JSC::X86Assembler::cmpl_ir):
1402         (JSC::X86Assembler::cmpl_ir_force32):
1403         (JSC::X86Assembler::cmpl_im):
1404         (JSC::X86Assembler::cmpl_im_force32):
1405         (JSC::X86Assembler::cmpw_rm):
1406         (JSC::X86Assembler::testl_rr):
1407         (JSC::X86Assembler::testl_i32r):
1408         (JSC::X86Assembler::testl_i32m):
1409         (JSC::X86Assembler::testq_rr):
1410         (JSC::X86Assembler::testq_i32r):
1411         (JSC::X86Assembler::testb_i8r):
1412         (JSC::X86Assembler::sete_r):
1413         (JSC::X86Assembler::setz_r):
1414         (JSC::X86Assembler::setne_r):
1415         (JSC::X86Assembler::setnz_r):
1416         (JSC::X86Assembler::cdq):
1417         (JSC::X86Assembler::xchgl_rr):
1418         (JSC::X86Assembler::movl_rr):
1419         (JSC::X86Assembler::movl_rm):
1420         (JSC::X86Assembler::movl_mr):
1421         (JSC::X86Assembler::movl_i32r):
1422         (JSC::X86Assembler::movl_i32m):
1423         (JSC::X86Assembler::movq_rr):
1424         (JSC::X86Assembler::movq_rm):
1425         (JSC::X86Assembler::movq_mr):
1426         (JSC::X86Assembler::movzwl_mr):
1427         (JSC::X86Assembler::movzbl_rr):
1428         (JSC::X86Assembler::leal_mr):
1429         (JSC::X86Assembler::call):
1430         (JSC::X86Assembler::jmp):
1431         (JSC::X86Assembler::jmp_r):
1432         (JSC::X86Assembler::jmp_m):
1433         (JSC::X86Assembler::jne):
1434         (JSC::X86Assembler::jnz):
1435         (JSC::X86Assembler::je):
1436         (JSC::X86Assembler::jl):
1437         (JSC::X86Assembler::jb):
1438         (JSC::X86Assembler::jle):
1439         (JSC::X86Assembler::jbe):
1440         (JSC::X86Assembler::jge):
1441         (JSC::X86Assembler::jg):
1442         (JSC::X86Assembler::ja):
1443         (JSC::X86Assembler::jae):
1444         (JSC::X86Assembler::jo):
1445         (JSC::X86Assembler::jp):
1446         (JSC::X86Assembler::js):
1447         (JSC::X86Assembler::addsd_rr):
1448         (JSC::X86Assembler::addsd_mr):
1449         (JSC::X86Assembler::cvtsi2sd_rr):
1450         (JSC::X86Assembler::cvttsd2si_rr):
1451         (JSC::X86Assembler::movd_rr):
1452         (JSC::X86Assembler::movsd_rm):
1453         (JSC::X86Assembler::movsd_mr):
1454         (JSC::X86Assembler::mulsd_rr):
1455         (JSC::X86Assembler::mulsd_mr):
1456         (JSC::X86Assembler::pextrw_irr):
1457         (JSC::X86Assembler::subsd_rr):
1458         (JSC::X86Assembler::subsd_mr):
1459         (JSC::X86Assembler::ucomis_rr):
1460         (JSC::X86Assembler::int3):
1461         (JSC::X86Assembler::ret):
1462         (JSC::X86Assembler::predictNotTaken):
1463         (JSC::X86Assembler::label):
1464         (JSC::X86Assembler::align):
1465         (JSC::X86Assembler::link):
1466         (JSC::X86Assembler::executableCopy):
1467         (JSC::X86Assembler::X86InstructionFormater::prefix):
1468         (JSC::X86Assembler::X86InstructionFormater::oneByteOp):
1469         (JSC::X86Assembler::X86InstructionFormater::twoByteOp):
1470         (JSC::X86Assembler::X86InstructionFormater::oneByteOp64):
1471         (JSC::X86Assembler::X86InstructionFormater::oneByteOp8):
1472         (JSC::X86Assembler::X86InstructionFormater::twoByteOp8):
1473         (JSC::X86Assembler::X86InstructionFormater::instructionImmediate8):
1474         (JSC::X86Assembler::X86InstructionFormater::instructionImmediate32):
1475         (JSC::X86Assembler::X86InstructionFormater::instructionRel32):
1476         (JSC::X86Assembler::X86InstructionFormater::size):
1477         (JSC::X86Assembler::X86InstructionFormater::isAligned):
1478         (JSC::X86Assembler::X86InstructionFormater::data):
1479         (JSC::X86Assembler::X86InstructionFormater::executableCopy):
1480         (JSC::X86Assembler::X86InstructionFormater::registerModRM):
1481         (JSC::X86Assembler::X86InstructionFormater::memoryModRM):
1482         * jit/JIT.cpp:
1483         (JSC::JIT::privateCompileMainPass):
1484         (JSC::JIT::privateCompile):
1485         (JSC::JIT::privateCompileCTIMachineTrampolines):
1486         * jit/JITArithmetic.cpp:
1487         (JSC::JIT::putDoubleResultToJSNumberCellOrJSImmediate):
1488         (JSC::JIT::compileBinaryArithOp):
1489         * jit/JITCall.cpp:
1490         (JSC::JIT::compileOpCall):
1491         (JSC::JIT::compileOpCallSlowCase):
1492         * jit/JITPropertyAccess.cpp:
1493         (JSC::JIT::compileGetByIdHotPath):
1494         (JSC::JIT::compilePutByIdHotPath):
1495         (JSC::JIT::privateCompilePutByIdTransition):
1496         (JSC::JIT::privateCompilePatchGetArrayLength):
1497         (JSC::JIT::privateCompileGetByIdProto):
1498         (JSC::JIT::privateCompileGetByIdProtoList):
1499         (JSC::JIT::privateCompileGetByIdChainList):
1500         (JSC::JIT::privateCompileGetByIdChain):
1501
1502 2008-12-15  Darin Adler  <darin@apple.com>
1503
1504         * interpreter/RegisterFile.h: Tweak include formatting.
1505
1506 2008-12-15  Holger Hans Peter Freyther  <zecke@selfish.org>
1507
1508         Build fix for Gtk+.
1509
1510         * interpreter/RegisterFile.h: Include stdio.h for fprintf
1511
1512 2008-12-15  Alexey Proskuryakov  <ap@webkit.org>
1513
1514         Reviewed by Oliver Hunt.
1515
1516         <rdar://problem/6444455> Worker Thread crash running multiple workers for a moderate amount of time
1517
1518         * interpreter/RegisterFile.h: (JSC::RegisterFile::RegisterFile):
1519         Improve error handling: if mmap fails, crash immediately, and print out the reason.
1520
1521 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1522
1523         Reviewed by Cameron Zwarich.
1524
1525         Re-enable WREC on 64-bit.
1526         Implements one of the MacroAssembler::jnzPtr methods, previously only implemented for 32-bit x86.
1527
1528         https://bugs.webkit.org/show_bug.cgi?id=22849
1529
1530         * assembler/MacroAssembler.h:
1531         (JSC::MacroAssembler::testImm64):
1532         (JSC::MacroAssembler::jnzPtr):
1533         * assembler/X86Assembler.h:
1534         (JSC::X86Assembler::testq_i32r):
1535         (JSC::X86Assembler::testq_rr):
1536         * wtf/Platform.h:
1537
1538 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1539
1540         Fix PPC builds.
1541
1542         * assembler/MacroAssembler.h:
1543
1544 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1545
1546         Build fix only, no review.
1547
1548         * bytecode/CodeBlock.h:
1549
1550 2008-12-13  Gavin Barraclough  <barraclough@apple.com>
1551
1552         Reviewed by Cameron Zwarich.
1553
1554         Port the remainder of the JIT, bar calling convention related code, and code
1555         implementing optimizations which can be disabled, to use the MacroAssembler.
1556
1557         * assembler/MacroAssembler.h:
1558         (JSC::MacroAssembler::DataLabelPtr::DataLabelPtr):
1559         (JSC::MacroAssembler::RepatchBuffer::RepatchBuffer):
1560         (JSC::MacroAssembler::RepatchBuffer::link):
1561         (JSC::MacroAssembler::RepatchBuffer::addressOf):
1562         (JSC::MacroAssembler::RepatchBuffer::setPtr):
1563         (JSC::MacroAssembler::addPtr):
1564         (JSC::MacroAssembler::lshift32):
1565         (JSC::MacroAssembler::mod32):
1566         (JSC::MacroAssembler::rshift32):
1567         (JSC::MacroAssembler::storePtrWithRepatch):
1568         (JSC::MacroAssembler::jnzPtr):
1569         (JSC::MacroAssembler::jzPtr):
1570         (JSC::MacroAssembler::jump):
1571         (JSC::MacroAssembler::label):
1572         * assembler/X86Assembler.h:
1573         (JSC::X86Assembler::):
1574         (JSC::X86Assembler::xchgl_rr):
1575         (JSC::X86Assembler::jmp_m):
1576         (JSC::X86Assembler::repatchAddress):
1577         (JSC::X86Assembler::getRelocatedAddress):
1578         * bytecode/CodeBlock.cpp:
1579         (JSC::CodeBlock::CodeBlock):
1580         * bytecode/CodeBlock.h:
1581         (JSC::JITCodeRef::JITCodeRef):
1582         (JSC::CodeBlock::setJITCode):
1583         (JSC::CodeBlock::jitCode):
1584         (JSC::CodeBlock::executablePool):
1585         * jit/JIT.cpp:
1586         (JSC::JIT::privateCompileMainPass):
1587         (JSC::JIT::privateCompileLinkPass):
1588         (JSC::JIT::privateCompile):
1589         (JSC::JIT::privateCompileCTIMachineTrampolines):
1590         * jit/JIT.h:
1591         (JSC::CallRecord::CallRecord):
1592         (JSC::JumpTable::JumpTable):
1593         (JSC::JIT::emitCTICall):
1594         (JSC::JIT::JSRInfo::JSRInfo):
1595         * jit/JITArithmetic.cpp:
1596         * jit/JITCall.cpp:
1597         * jit/JITInlineMethods.h:
1598         (JSC::JIT::emitNakedCall):
1599         (JSC::JIT::emitCTICall_internal):
1600         (JSC::JIT::checkStructure):
1601         (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
1602         (JSC::JIT::addSlowCase):
1603         (JSC::JIT::addJump):
1604         (JSC::JIT::emitJumpSlowToHot):
1605         * jit/JITPropertyAccess.cpp:
1606         (JSC::JIT::privateCompileGetByIdChainList):
1607         (JSC::JIT::privateCompileGetByIdChain):
1608
1609 2008-12-12  Cameron Zwarich  <zwarich@apple.com>
1610
1611         Reviewed by Sam Weinig.
1612
1613         Fix the failures of the following layout tests, which regressed in
1614         r39255:
1615
1616         fast/dom/StyleSheet/ownerNode-lifetime-2.html
1617         fast/xsl/transform-xhr-doc.xhtml
1618
1619         The binary search in CodeBlock::getByIdExceptionInfoForBytecodeOffset()
1620         doesn't guarantee that it actually finds a match, so add an explicit check
1621         for this.
1622
1623         * bytecode/CodeBlock.cpp:
1624         (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
1625
1626 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1627
1628         Reviewed by Cameron Zwarich.
1629
1630         Replace emitPutCallArg methods with emitPutJITStubArg methods.  Primarily to make the argument numbering
1631         more sensible (1-based incrementing by 1, rather than 0-based incrementing by 4).  The CTI name also seems
1632         to be being deprecated from the code generally.
1633
1634         * jit/JIT.cpp:
1635         (JSC::JIT::privateCompileMainPass):
1636         (JSC::JIT::privateCompileSlowCases):
1637         (JSC::JIT::privateCompileCTIMachineTrampolines):
1638         * jit/JIT.h:
1639         * jit/JITArithmetic.cpp:
1640         (JSC::JIT::compileBinaryArithOp):
1641         (JSC::JIT::compileBinaryArithOpSlowCase):
1642         * jit/JITCall.cpp:
1643         (JSC::JIT::compileOpCallSetupArgs):
1644         (JSC::JIT::compileOpCallEvalSetupArgs):
1645         (JSC::JIT::compileOpConstructSetupArgs):
1646         (JSC::JIT::compileOpCall):
1647         * jit/JITInlineMethods.h:
1648         (JSC::JIT::emitPutJITStubArg):
1649         (JSC::JIT::emitPutJITStubArgConstant):
1650         (JSC::JIT::emitGetJITStubArg):
1651         (JSC::JIT::emitPutJITStubArgFromVirtualRegister):
1652         * jit/JITPropertyAccess.cpp:
1653         (JSC::JIT::compileGetByIdHotPath):
1654         (JSC::JIT::compilePutByIdHotPath):
1655         (JSC::JIT::compileGetByIdSlowCase):
1656         (JSC::JIT::compilePutByIdSlowCase):
1657
1658 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1659
1660         Fix windows builds.
1661
1662         * jit/JIT.cpp:
1663         (JSC::JIT::privateCompileMainPass):
1664         (JSC::JIT::privateCompileSlowCases):
1665         (JSC::JIT::privateCompile):
1666
1667 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1668
1669         Reviewed by Geoff Garen.
1670
1671         Remove loop counter 'i' from the JIT generation passes, replace with a member m_bytecodeIndex.
1672
1673         No impact on performance.
1674
1675         * jit/JIT.cpp:
1676         (JSC::JIT::compileOpStrictEq):
1677         (JSC::JIT::emitSlowScriptCheck):
1678         (JSC::JIT::privateCompileMainPass):
1679         (JSC::JIT::privateCompileSlowCases):
1680         (JSC::JIT::privateCompile):
1681         * jit/JIT.h:
1682         (JSC::CallRecord::CallRecord):
1683         (JSC::JmpTable::JmpTable):
1684         (JSC::JIT::emitCTICall):
1685         * jit/JITArithmetic.cpp:
1686         (JSC::JIT::compileBinaryArithOp):
1687         (JSC::JIT::compileBinaryArithOpSlowCase):
1688         * jit/JITCall.cpp:
1689         (JSC::JIT::compileOpCall):
1690         (JSC::JIT::compileOpCallSlowCase):
1691         * jit/JITInlineMethods.h:
1692         (JSC::JIT::emitGetVirtualRegister):
1693         (JSC::JIT::emitGetVirtualRegisters):
1694         (JSC::JIT::emitNakedCall):
1695         (JSC::JIT::emitCTICall_internal):
1696         (JSC::JIT::emitJumpSlowCaseIfJSCell):
1697         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
1698         (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
1699         (JSC::JIT::emitJumpSlowCaseIfNotImmNums):
1700         (JSC::JIT::emitFastArithIntToImmOrSlowCase):
1701         (JSC::JIT::addSlowCase):
1702         (JSC::JIT::addJump):
1703         (JSC::JIT::emitJumpSlowToHot):
1704         * jit/JITPropertyAccess.cpp:
1705         (JSC::JIT::compileGetByIdHotPath):
1706         (JSC::JIT::compileGetByIdSlowCase):
1707         (JSC::JIT::compilePutByIdHotPath):
1708         (JSC::JIT::compilePutByIdSlowCase):
1709
1710 2008-12-12  Sam Weinig  <sam@webkit.org>
1711
1712         Reviewed by Cameron Zwarich.
1713
1714         <rdar://problem/6428342> Look into feasibility of discarding bytecode after native codegen
1715
1716         Move more JIT functionality to using offsets into the Instruction buffer
1717         instead of raw pointers. Two to go!
1718
1719         * interpreter/Interpreter.cpp:
1720         (JSC::bytecodeOffsetForPC): Rename from vPCForPC.
1721         (JSC::Interpreter::resolve): Pass offset to exception helper.
1722         (JSC::Interpreter::resolveSkip): Ditto.
1723         (JSC::Interpreter::resolveGlobal): Ditto.
1724         (JSC::Interpreter::resolveBaseAndProperty): Ditto.
1725         (JSC::Interpreter::resolveBaseAndFunc): Ditto.
1726         (JSC::isNotObject): Ditto.
1727         (JSC::Interpreter::unwindCallFrame): Call bytecodeOffsetForPC.
1728         (JSC::Interpreter::throwException): Use offsets instead of vPCs.
1729         (JSC::Interpreter::privateExecute): Pass offset to exception helper.
1730         (JSC::Interpreter::retrieveLastCaller): Ditto.
1731         (JSC::Interpreter::cti_op_instanceof): Ditto.
1732         (JSC::Interpreter::cti_op_call_NotJSFunction): Ditto.
1733         (JSC::Interpreter::cti_op_resolve): Pass offset to exception helper.
1734         (JSC::Interpreter::cti_op_construct_NotJSConstruct): Ditto.
1735         (JSC::Interpreter::cti_op_resolve_func): Ditto.
1736         (JSC::Interpreter::cti_op_resolve_skip): Ditto.
1737         (JSC::Interpreter::cti_op_resolve_global): Ditto.
1738         (JSC::Interpreter::cti_op_resolve_with_base): Ditto.
1739         (JSC::Interpreter::cti_op_throw): Ditto.
1740         (JSC::Interpreter::cti_op_in): Ditto.
1741         (JSC::Interpreter::cti_vm_throw): Ditto.
1742         * interpreter/Interpreter.h:
1743
1744         * jit/JIT.cpp:
1745         (JSC::JIT::privateCompileMainPass): Don't pass unnecessary vPC to stub.
1746         * jit/JIT.h: Remove ARG_instr1 - ARG_instr3 and ARG_instr5 - ARG_instr6.
1747         * jit/JITCall.cpp:
1748         (JSC::JIT::compileOpCallEvalSetupArgs): Don't pass unnecessary vPC to stub..
1749         (JSC::JIT::compileOpConstructSetupArgs): Ditto.
1750
1751         * runtime/ExceptionHelpers.cpp:
1752         (JSC::createUndefinedVariableError): Take an offset instead of vPC.
1753         (JSC::createInvalidParamError): Ditto.
1754         (JSC::createNotAConstructorError): Ditto.
1755         (JSC::createNotAFunctionError): Ditto.
1756         (JSC::createNotAnObjectError): Ditto.
1757         * runtime/ExceptionHelpers.h:
1758
1759 2008-12-12  Cameron Zwarich  <zwarich@apple.com>
1760
1761         Reviewed by Oliver Hunt.
1762
1763         Bug 22835: Crash during bytecode generation when comparing to null
1764         <https://bugs.webkit.org/show_bug.cgi?id=22835>
1765         <rdar://problem/6286749>
1766
1767         Change the special cases in bytecode generation for comparison to null
1768         to use tempDestination().
1769
1770         * parser/Nodes.cpp:
1771         (JSC::BinaryOpNode::emitBytecode):
1772         (JSC::EqualNode::emitBytecode):
1773
1774 2008-12-12  Gavin Barraclough  <barraclough@apple.com>
1775
1776         Reviewed by Geoff Garen.
1777
1778         Move slow-cases of JIT code generation over to the MacroAssembler interface.
1779
1780         * assembler/MacroAssembler.h:
1781         (JSC::MacroAssembler::Label::Label):
1782         (JSC::MacroAssembler::jae32):
1783         (JSC::MacroAssembler::jg32):
1784         (JSC::MacroAssembler::jzPtr):
1785         * jit/JIT.cpp:
1786         (JSC::JIT::privateCompileSlowCases):
1787         (JSC::JIT::privateCompile):
1788         (JSC::JIT::emitGetVariableObjectRegister):
1789         (JSC::JIT::emitPutVariableObjectRegister):
1790         * jit/JIT.h:
1791         (JSC::SlowCaseEntry::SlowCaseEntry):
1792         (JSC::JIT::getSlowCase):
1793         (JSC::JIT::linkSlowCase):
1794         * jit/JITArithmetic.cpp:
1795         (JSC::JIT::compileBinaryArithOpSlowCase):
1796         * jit/JITCall.cpp:
1797         (JSC::JIT::compileOpCallInitializeCallFrame):
1798         (JSC::JIT::compileOpCall):
1799         (JSC::JIT::compileOpCallSlowCase):
1800         * jit/JITInlineMethods.h:
1801         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
1802         (JSC::JIT::linkSlowCaseIfNotJSCell):
1803         * jit/JITPropertyAccess.cpp:
1804         (JSC::JIT::compileGetByIdHotPath):
1805         (JSC::JIT::compilePutByIdHotPath):
1806         (JSC::JIT::compileGetByIdSlowCase):
1807         (JSC::JIT::compilePutByIdSlowCase):
1808
1809 2008-12-12  Cameron Zwarich  <zwarich@apple.com>
1810
1811         Reviewed by Sam Weinig.
1812
1813         Bug 22828: Do not inspect bytecode instruction stream for op_get_by_id exception information
1814         <https://bugs.webkit.org/show_bug.cgi?id=22828>
1815
1816         In order to remove the bytecode instruction stream after generating
1817         native code, all inspection of bytecode instructions at runtime must
1818         be removed. One particular instance of this is the special handling of
1819         exceptions thrown by the op_get_by_id emitted directly before an
1820         op_construct or an op_instanceof. This patch moves that information to
1821         an auxiliary data structure in CodeBlock.
1822
1823         * bytecode/CodeBlock.cpp:
1824         (JSC::CodeBlock::getByIdExceptionInfoForBytecodeOffset):
1825         * bytecode/CodeBlock.h:
1826         (JSC::CodeBlock::addGetByIdExceptionInfo):
1827         * bytecompiler/BytecodeGenerator.cpp:
1828         (JSC::BytecodeGenerator::emitConstruct):
1829         * bytecompiler/BytecodeGenerator.h:
1830         (JSC::BytecodeGenerator::emitGetByIdExceptionInfo):
1831         * parser/Nodes.cpp:
1832         (JSC::InstanceOfNode::emitBytecode):
1833         * runtime/ExceptionHelpers.cpp:
1834         (JSC::createNotAnObjectError):
1835
1836 2008-12-12  Sam Weinig  <sam@webkit.org>
1837
1838         Reviewed by Geoffrey Garen.
1839
1840         Change exception information accessors to take offsets into the bytecode
1841         instruction buffer instead of pointers so that they can work even even
1842         if the bytecode buffer is purged.
1843
1844         * bytecode/CodeBlock.cpp:
1845         (JSC::instructionOffsetForNth):
1846         (JSC::CodeBlock::handlerForBytecodeOffset):
1847         (JSC::CodeBlock::lineNumberForBytecodeOffset):
1848         (JSC::CodeBlock::expressionRangeForBytecodeOffset):
1849         * bytecode/CodeBlock.h:
1850         * bytecode/SamplingTool.cpp:
1851         (JSC::SamplingTool::dump):
1852         * interpreter/Interpreter.cpp:
1853         (JSC::Interpreter::throwException):
1854         (JSC::Interpreter::privateExecute):
1855         (JSC::Interpreter::retrieveLastCaller):
1856         * jit/JIT.cpp:
1857         (JSC::JIT::privateCompileMainPass):
1858         * runtime/ExceptionHelpers.cpp:
1859         (JSC::createUndefinedVariableError):
1860         (JSC::createInvalidParamError):
1861         (JSC::createNotAConstructorError):
1862         (JSC::createNotAFunctionError):
1863         (JSC::createNotAnObjectError):
1864
1865 2008-12-12  Geoffrey Garen  <ggaren@apple.com>
1866
1867         Reviewed by Cameron Zwarich.
1868         
1869         Tiny bit of refactoring in quantifier generation.
1870
1871         * wrec/WRECGenerator.cpp:
1872         (JSC::WREC::Generator::generateNonGreedyQuantifier):
1873         (JSC::WREC::Generator::generateGreedyQuantifier):
1874
1875 2008-12-11  Sam Weinig  <sam@webkit.org>
1876
1877         Reviewed by Geoffrey Garen.
1878
1879         Remove dependancy on having the Instruction buffer in order to
1880         deref Structures used for property access and global resolves.
1881         Instead, we put references to the necessary Structures in auxiliary
1882         data structures on the CodeBlock. This is not an ideal solution,
1883         as we still pay for having the Structures in two places and we
1884         would like to eventually just hold on to offsets into the machine
1885         code buffer.
1886
1887         - Also removes CodeBlock bloat in non-JIT by #ifdefing the JIT
1888           only data structures.
1889
1890         * GNUmakefile.am:
1891         * JavaScriptCore.pri:
1892         * JavaScriptCore.scons:
1893         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1894         * JavaScriptCore.xcodeproj/project.pbxproj:
1895         * JavaScriptCoreSources.bkl:
1896         * bytecode/CodeBlock.cpp:
1897         (JSC::isGlobalResolve):
1898         (JSC::isPropertyAccess):
1899         (JSC::instructionOffsetForNth):
1900         (JSC::printGlobalResolveInfo):
1901         (JSC::printStructureStubInfo):
1902         (JSC::CodeBlock::printStructures):
1903         (JSC::CodeBlock::dump):
1904         (JSC::CodeBlock::~CodeBlock):
1905         (JSC::CodeBlock::shrinkToFit):
1906         * bytecode/CodeBlock.h:
1907         (JSC::GlobalResolveInfo::GlobalResolveInfo):
1908         (JSC::getNativePC):
1909         (JSC::CodeBlock::instructions):
1910         (JSC::CodeBlock::getStubInfo):
1911         (JSC::CodeBlock::getBytecodeIndex):
1912         (JSC::CodeBlock::addPropertyAccessInstruction):
1913         (JSC::CodeBlock::addGlobalResolveInstruction):
1914         (JSC::CodeBlock::numberOfStructureStubInfos):
1915         (JSC::CodeBlock::addStructureStubInfo):
1916         (JSC::CodeBlock::structureStubInfo):
1917         (JSC::CodeBlock::addGlobalResolveInfo):
1918         (JSC::CodeBlock::globalResolveInfo):
1919         (JSC::CodeBlock::numberOfCallLinkInfos):
1920         (JSC::CodeBlock::addCallLinkInfo):
1921         (JSC::CodeBlock::callLinkInfo):
1922         * bytecode/Instruction.h:
1923         (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::set):
1924         (JSC::PolymorphicAccessStructureList::PolymorphicAccessStructureList):
1925         * bytecode/Opcode.h:
1926         (JSC::):
1927         * bytecode/StructureStubInfo.cpp: Copied from bytecode/CodeBlock.cpp.
1928         (JSC::StructureStubInfo::deref):
1929         * bytecode/StructureStubInfo.h: Copied from bytecode/CodeBlock.h.
1930         (JSC::StructureStubInfo::StructureStubInfo):
1931         (JSC::StructureStubInfo::initGetByIdSelf):
1932         (JSC::StructureStubInfo::initGetByIdProto):
1933         (JSC::StructureStubInfo::initGetByIdChain):
1934         (JSC::StructureStubInfo::initGetByIdSelfList):
1935         (JSC::StructureStubInfo::initGetByIdProtoList):
1936         (JSC::StructureStubInfo::initPutByIdTransition):
1937         (JSC::StructureStubInfo::initPutByIdReplace):
1938         (JSC::StructureStubInfo::):
1939         * bytecompiler/BytecodeGenerator.cpp:
1940         (JSC::BytecodeGenerator::emitResolve):
1941         (JSC::BytecodeGenerator::emitGetById):
1942         (JSC::BytecodeGenerator::emitPutById):
1943         (JSC::BytecodeGenerator::emitCall):
1944         (JSC::BytecodeGenerator::emitConstruct):
1945         (JSC::BytecodeGenerator::emitCatch):
1946         * interpreter/Interpreter.cpp:
1947         (JSC::Interpreter::tryCTICachePutByID):
1948         (JSC::Interpreter::tryCTICacheGetByID):
1949         (JSC::Interpreter::cti_op_get_by_id_self_fail):
1950         (JSC::getPolymorphicAccessStructureListSlot):
1951         (JSC::Interpreter::cti_op_get_by_id_proto_list):
1952         (JSC::Interpreter::cti_op_resolve_global):
1953         * jit/JIT.cpp:
1954         (JSC::JIT::JIT):
1955         (JSC::JIT::privateCompileMainPass):
1956         (JSC::JIT::privateCompileSlowCases):
1957         (JSC::JIT::privateCompile):
1958         * jit/JITPropertyAccess.cpp:
1959         (JSC::JIT::compileGetByIdHotPath):
1960         (JSC::JIT::compilePutByIdHotPath):
1961         (JSC::JIT::compileGetByIdSlowCase):
1962         (JSC::JIT::compilePutByIdSlowCase):
1963         (JSC::JIT::privateCompileGetByIdSelfList):
1964         (JSC::JIT::privateCompileGetByIdProtoList):
1965         (JSC::JIT::privateCompileGetByIdChainList):
1966
1967 2008-12-11  Gavin Barraclough  <barraclough@apple.com>
1968
1969         Reviewed by Oliver Hunt.
1970
1971         Remove CTI_ARGUMENTS mode, use va_start implementation on Windows,
1972         unifying JIT callback (cti_*) argument access on OS X & Windows
1973
1974         No performance impact.
1975
1976         * interpreter/Interpreter.h:
1977         * jit/JIT.cpp:
1978         (JSC::JIT::privateCompileCTIMachineTrampolines):
1979         * jit/JIT.h:
1980         * jit/JITInlineMethods.h:
1981         (JSC::JIT::emitCTICall):
1982         * jit/JITPropertyAccess.cpp:
1983         (JSC::JIT::privateCompilePutByIdTransition):
1984         * wtf/Platform.h:
1985
1986 2008-12-11  Holger Freyther  <zecke@selfish.org>
1987
1988         Reviewed by Simon Hausmann.
1989
1990         https://bugs.webkit.org/show_bug.cgi?id=20953
1991
1992         For Qt it is not pratical to have a FontCache and GlyphPageTreeNode
1993         implementation. This is one of the reasons why the Qt port is currently not
1994         using WebCore/platform/graphics/Font.cpp. By allowing to not use
1995         the simple/fast-path the Qt port will be able to use it.
1996
1997         Introduce USE(FONT_FAST_PATH) and define it for every port but the
1998         Qt one.
1999
2000         * wtf/Platform.h: Enable USE(FONT_FAST_PATH)
2001
2002 2008-12-11  Gabor Loki  <loki@inf.u-szeged.hu>
2003
2004         Reviewed by Darin Adler and landed by Holger Freyther.
2005
2006         <https://bugs.webkit.org/show_bug.cgi?id=22648>
2007         Fix threading on Qt-port and Gtk-port for Sampling tool.
2008
2009         * wtf/ThreadingGtk.cpp:
2010         (WTF::waitForThreadCompletion):
2011         * wtf/ThreadingQt.cpp:
2012         (WTF::waitForThreadCompletion):
2013
2014 2008-12-10  Cameron Zwarich  <zwarich@apple.com>
2015
2016         Reviewed by Oliver Hunt.
2017
2018         Bug 22734: Debugger crashes when stepping into a function call in a return statement
2019         <https://bugs.webkit.org/show_bug.cgi?id=22734>
2020         <rdar://problem/6426796>
2021
2022         * bytecompiler/BytecodeGenerator.cpp:
2023         (JSC::BytecodeGenerator::BytecodeGenerator): The DebuggerCallFrame uses
2024         the 'this' value stored in a callFrame, so op_convert_this should be
2025         emitted at the beginning of a function body when generating bytecode
2026         with debug hooks.
2027         * debugger/DebuggerCallFrame.cpp:
2028         (JSC::DebuggerCallFrame::thisObject): The assertion inherent in the call
2029         to asObject() here is valid, because any 'this' value should have been
2030         converted to a JSObject*.
2031
2032 2008-12-10  Gavin Barraclough  <barraclough@apple.com>
2033
2034         Reviewed by Geoff Garen.
2035
2036         Port more of the JIT to use the MacroAssembler interface.
2037         
2038         Everything in the main pass, bar a few corner cases (operations with required
2039         registers, or calling convention code).  Slightly refactors array creation,
2040         moving the offset calculation into the callFrame into C code (reducing code
2041         planted).
2042
2043         Overall this appears to be a 1% win on v8-tests, due to the smaller immediates
2044         being planted (in jfalse in particular).
2045
2046         * interpreter/Interpreter.cpp:
2047         (JSC::Interpreter::cti_op_new_array):
2048         * jit/JIT.cpp:
2049         (JSC::JIT::privateCompileMainPass):
2050         (JSC::JIT::privateCompileSlowCases):
2051         * jit/JIT.h:
2052         * wrec/WRECGenerator.cpp:
2053         (JSC::WREC::Generator::generateEnter):
2054
2055 2008-12-10  Sam Weinig  <sam@webkit.org>
2056
2057         Fix non-JIT builds.
2058
2059         * bytecode/CodeBlock.h:
2060
2061 2008-12-10  Sam Weinig  <sam@webkit.org>
2062
2063         Reviewed by Geoffrey Garen.
2064
2065         <rdar://problem/6428332> Remove the CTI return address table from CodeBlock
2066
2067         Step 2:
2068
2069         Convert the return address table from a HashMap to a sorted Vector.  This
2070         reduces the size of the data structure by ~4.5MB on Membuster head.
2071
2072         SunSpider reports a 0.5% progression.
2073
2074         * bytecode/CodeBlock.cpp:
2075         (JSC::sizeInBytes): Generic method to get the cost of a Vector.
2076         (JSC::CodeBlock::dumpStatistics): Add dumping of member sizes.
2077         * bytecode/CodeBlock.h:
2078         (JSC::PC::PC): Struct representing NativePC -> VirtualPC mappings.
2079         (JSC::getNativePC): Helper for binary chop.
2080         (JSC::CodeBlock::getBytecodeIndex): Used to get the VirtualPC from a
2081         NativePC using a binary chop of the pcVector.
2082         (JSC::CodeBlock::pcVector): Accessor.
2083
2084         * interpreter/Interpreter.cpp:
2085         (JSC::vPCForPC): Use getBytecodeIndex instead of jitReturnAddressVPCMap().get().
2086         (JSC::Interpreter::cti_op_instanceof): Ditto.
2087         (JSC::Interpreter::cti_op_resolve): Ditto.
2088         (JSC::Interpreter::cti_op_resolve_func): Ditto.
2089         (JSC::Interpreter::cti_op_resolve_skip): Ditto.
2090         (JSC::Interpreter::cti_op_resolve_with_base): Ditto.
2091         (JSC::Interpreter::cti_op_throw): Ditto.
2092         (JSC::Interpreter::cti_op_in): Ditto.
2093         (JSC::Interpreter::cti_vm_throw): Ditto.
2094
2095         * jit/JIT.cpp:
2096         (JSC::JIT::privateCompile): Reserve exact capacity and fill the pcVector.
2097
2098 2008-12-09  Geoffrey Garen  <ggaren@apple.com>
2099
2100         Reviewed by Oliver Hunt.
2101
2102         Added WREC support for an assertion followed by a quantifier. Fixed
2103         PCRE to match.
2104
2105         * wrec/WRECParser.cpp:
2106         (JSC::WREC::Parser::parseParentheses): Throw away the quantifier, since
2107         it's meaningless. (Firefox does the same.)
2108
2109         * pcre/pcre_compile.cpp:
2110         (compileBranch): ditto.
2111
2112 2008-12-09  Geoffrey Garen  <ggaren@apple.com>
2113
2114         Reviewed by Cameron Zwarich.
2115
2116         In preparation for compiling WREC without PCRE:
2117         
2118         Further relaxed WREC's parsing to be more web-compatible. Fixed PCRE to
2119         match in cases where it didn't already.
2120         
2121         Changed JavaScriptCore to report syntax errors detected by WREC, rather
2122         than falling back on PCRE any time WREC sees an error.
2123         
2124         * pcre/pcre_compile.cpp:
2125         (checkEscape): Relaxed parsing of \c and \N escapes to be more
2126         web-compatible.
2127         
2128         * runtime/RegExp.cpp:
2129         (JSC::RegExp::RegExp): Only fall back on PCRE if WREC has not reported
2130         a syntax error.
2131
2132         * wrec/WREC.cpp:
2133         (JSC::WREC::Generator::compileRegExp): Fixed some error reporting to
2134         match PCRE.
2135
2136         * wrec/WRECParser.cpp: Added error messages that match PCRE.
2137
2138         (JSC::WREC::Parser::consumeGreedyQuantifier):
2139         (JSC::WREC::Parser::parseParentheses):
2140         (JSC::WREC::Parser::parseCharacterClass):
2141         (JSC::WREC::Parser::parseNonCharacterEscape): Updated the above functions to
2142         use the new setError API.
2143
2144         (JSC::WREC::Parser::consumeEscape): Relaxed parsing of \c \N \u \x \B
2145         to be more web-compatible.
2146
2147         (JSC::WREC::Parser::parseAlternative): Distinguish between a malformed
2148         quantifier and a quantifier with no prefix, like PCRE does.
2149
2150         (JSC::WREC::Parser::consumeParenthesesType): Updated to use the new setError API.
2151
2152         * wrec/WRECParser.h:
2153         (JSC::WREC::Parser::error):
2154         (JSC::WREC::Parser::syntaxError):
2155         (JSC::WREC::Parser::parsePattern):
2156         (JSC::WREC::Parser::reset):
2157         (JSC::WREC::Parser::setError): Store error messages instead of error codes,
2158         to provide for exception messages. Use a setter for reporting errors, so
2159         errors detected early are not overwritten by errors detected later.
2160
2161 2008-12-09  Gavin Barraclough  <barraclough@apple.com>
2162
2163         Reviewed by Oliver Hunt.
2164
2165         Use va_args to access cti function arguments.
2166         https://bugs.webkit.org/show_bug.cgi?id=22774
2167
2168         This may be a minor regression, but we'll take the hit if so to reduce fragility.
2169
2170         * interpreter/Interpreter.cpp:
2171         * interpreter/Interpreter.h:
2172
2173 2008-12-09  Sam Weinig  <sam@webkit.org>
2174
2175         Reviewed twice by Cameron Zwarich.
2176
2177         Fix for https://bugs.webkit.org/show_bug.cgi?id=22752
2178         Clear SymbolTable after codegen for Function codeblocks that
2179         don't require an activation
2180
2181         This is a ~1.5MB improvement on Membuster-head.
2182
2183         * bytecode/CodeBlock.cpp:
2184         (JSC::CodeBlock::dumpStatistics): Add logging of non-empty symbol tables
2185         and total size used by symbol tables.
2186         * bytecompiler/BytecodeGenerator.cpp:
2187         (JSC::BytecodeGenerator::generate): Clear the symbol table here.
2188
2189 2008-12-09  Sam Weinig  <sam@webkit.org>
2190
2191         Reviewed by Geoffrey Garen.
2192
2193         Remove unnecessary extra lookup when throwing an exception.
2194         We used to first lookup the target offset using getHandlerForVPC
2195         and then we would lookup the native code stub using 
2196         nativeExceptionCodeForHandlerVPC.  Instead, we can just pass around
2197         the HandlerInfo.
2198
2199         * bytecode/CodeBlock.cpp:
2200         (JSC::CodeBlock::handlerForVPC): Return the HandlerInfo.
2201         * bytecode/CodeBlock.h: Remove nativeExceptionCodeForHandlerVPC.
2202
2203         * interpreter/Interpreter.cpp:
2204         (JSC::Interpreter::throwException): Return a HandlerInfo instead of
2205         and Instruction offset.
2206         (JSC::Interpreter::privateExecute): Get the offset from HandlerInfo.
2207         (JSC::Interpreter::cti_op_throw): Get the native code from the HandleInfo.
2208         (JSC::Interpreter::cti_vm_throw): Ditto.
2209         * interpreter/Interpreter.h:
2210
2211 2008-12-09  Eric Seidel  <eric@webkit.org>
2212
2213         Build fix only, no review.
2214
2215         Speculative fix for the Chromium-Windows bot.
2216         Add JavaScriptCore/os-win32 to the include path (for stdint.h)
2217         Strangely it builds fine on my local windows box (or at least doesn't hit this error)
2218
2219         * JavaScriptCore.scons:
2220
2221 2008-12-09  Eric Seidel  <eric@webkit.org>
2222
2223         No review, build fix only.
2224         
2225         Add ExecutableAllocator files missing from Scons build.
2226
2227         * JavaScriptCore.scons:
2228
2229 2008-12-09  Dimitri Glazkov  <dglazkov@chromium.org>
2230
2231         Reviewed by Timothy Hatcher.
2232
2233         https://bugs.webkit.org/show_bug.cgi?id=22631
2234         Allow ScriptCallFrame query names of functions in the call stack.
2235
2236         * JavaScriptCore.exp: added InternalFunction::name and
2237         UString operator==() as exported symbol
2238
2239 2008-12-08  Judit Jasz  <jasy@inf.u-szeged.hu>
2240
2241         Reviewed and tweaked by Cameron Zwarich.
2242
2243         Bug 22352: Annotate opcodes with their length
2244         <https://bugs.webkit.org/show_bug.cgi?id=22352>
2245
2246         * bytecode/Opcode.cpp:
2247         * bytecode/Opcode.h:
2248         * interpreter/Interpreter.cpp:
2249         (JSC::Interpreter::privateExecute):
2250         * jit/JIT.cpp:
2251         (JSC::JIT::privateCompileMainPass):
2252         (JSC::JIT::privateCompileSlowCases):
2253
2254 2008-12-08  Geoffrey Garen  <ggaren@apple.com>
2255
2256         Reviewed by Oliver Hunt.
2257         
2258         Implemented more of the relaxed and somewhat weird rules for deciding
2259         how to interpret a non-pattern-character.
2260         
2261         * wrec/Escapes.h:
2262         (JSC::WREC::Escape::):
2263         (JSC::WREC::Escape::Escape): Eliminated Escape::None because it was
2264         unused. If you see an '\\', it's either a valid escape or an error.
2265
2266         * wrec/Quantifier.h:
2267         (JSC::WREC::Quantifier::Quantifier):
2268         * wrec/WRECGenerator.cpp:
2269         (JSC::WREC::Generator::generateNonGreedyQuantifier):
2270         (JSC::WREC::Generator::generateGreedyQuantifier): Renamed "noMaxSpecified"
2271         to "Infinity", since that's what it means.
2272
2273         * wrec/WRECParser.cpp:
2274         (JSC::WREC::Parser::consumeGreedyQuantifier): Re-wrote {n,m} parsing rules
2275         because they were too strict before. Added support for backtracking
2276         in the case where the {n,m} fails to parse as a quantifier, and yet is
2277         not a syntax error.
2278
2279         (JSC::WREC::Parser::parseCharacterClass):
2280         (JSC::WREC::Parser::parseNonCharacterEscape): Eliminated Escape::None,
2281         as above.
2282
2283         (JSC::WREC::Parser::consumeEscape): Don't treat ASCII and _ escapes
2284         as syntax errors. See fast/regex/non-pattern-characters.html.
2285         
2286         * wrec/WRECParser.h:
2287         (JSC::WREC::Parser::SavedState::SavedState):
2288         (JSC::WREC::Parser::SavedState::restore): Added a state backtracker,
2289         since parsing {n,m} forms requires backtracking if the form turns out
2290         not to be a quantifier.
2291
2292 2008-12-08  Geoffrey Garen  <ggaren@apple.com>
2293
2294         Reviewed by Oliver Hunt.
2295         
2296         Refactored WREC parsing so that only one piece of code needs to know
2297         the relaxed and somewhat weird rules for deciding how to interpret a
2298         non-pattern-character, in preparation for implementing those rules.
2299         
2300         Also, implemented the relaxed and somewhat weird rules for '}' and ']'.
2301
2302         * wrec/WREC.cpp: Reduced the regular expression size limit. Now that
2303         WREC handles ']' properly, it compiles fast/js/regexp-charclass-crash.html,
2304         which makes it hang at the old limit. (The old limit was based on the
2305         misimpression that the same value in PCRE limited the regular expression
2306         pattern size; in reality, it limited the expected compiled regular
2307         expression size. WREC doesn't have a way to calculate an expected
2308         compiled regular expression size, but this should be good enough.)
2309
2310         * wrec/WRECParser.cpp:
2311         (JSC::WREC::parsePatternCharacterSequence): Nixed this function because
2312         it contained a second copy of the logic for handling non-pattern-characters,
2313         which is about to get a lot more complicated.
2314
2315         (JSC::WREC::PatternCharacterSequence::PatternCharacterSequence): 
2316         (JSC::WREC::PatternCharacterSequence::size):
2317         (JSC::WREC::PatternCharacterSequence::append):
2318         (JSC::WREC::PatternCharacterSequence::flush): Helper object for generating
2319         an optimized sequence of pattern characters.
2320
2321         (JSC::WREC::Parser::parseNonCharacterEscape): Renamed to reflect the fact
2322         that the main parseAlternative loop handles character escapes.
2323
2324         (JSC::WREC::Parser::parseAlternative): Moved pattern character sequence
2325         logic from parsePatternCharacterSequence to here, using
2326         PatternCharacterSequence to help with the details.
2327
2328         * wrec/WRECParser.h: Updated for renames.
2329
2330 2008-12-08  Alexey Proskuryakov  <ap@webkit.org>
2331
2332         Reviewed by Geoff Garen.
2333
2334         <rdar://problem/6166088> Give JSGlobalContextCreate a behavior that is concurrency aware,
2335         and un-deprecate it
2336
2337         * API/JSContextRef.cpp: (JSGlobalContextCreate):
2338         * API/JSContextRef.h:
2339         Use a unique context group for the context, unless the application was linked against old
2340         JavaScriptCore.
2341
2342 2008-12-08  Sam Weinig  <sam@webkit.org>
2343
2344         Reviewed by Cameron Zwarich.
2345
2346         Fix for <rdar://problem/6428332> Remove the CTI return address table from CodeBlock
2347
2348         Step 1:
2349
2350         Remove use of jitReturnAddressVPCMap when looking for vPC to store Structures
2351         in for cached lookup.  Instead, use the offset in the StructureStubInfo that is
2352         already required.
2353
2354         * bytecode/CodeBlock.cpp:
2355         (JSC::CodeBlock::dumpStatistics): Fix extraneous semicolon.
2356         * interpreter/Interpreter.cpp:
2357         (JSC::Interpreter::tryCTICachePutByID):
2358         (JSC::Interpreter::tryCTICacheGetByID):
2359         (JSC::Interpreter::cti_op_get_by_id_self_fail):
2360         (JSC::Interpreter::cti_op_get_by_id_proto_list):
2361         * jit/JIT.h:
2362         (JSC::JIT::compileGetByIdSelf):
2363         (JSC::JIT::compileGetByIdProto):
2364         (JSC::JIT::compileGetByIdChain):
2365         (JSC::JIT::compilePutByIdReplace):
2366         (JSC::JIT::compilePutByIdTransition):
2367         * jit/JITPropertyAccess.cpp:
2368         (JSC::JIT::privateCompilePutByIdTransition):
2369         (JSC::JIT::patchGetByIdSelf):
2370         (JSC::JIT::patchPutByIdReplace):
2371         (JSC::JIT::privateCompilePatchGetArrayLength): Remove extra call to getStubInfo.
2372         (JSC::JIT::privateCompileGetByIdSelf):
2373         (JSC::JIT::privateCompileGetByIdProto):
2374         (JSC::JIT::privateCompileGetByIdChain):
2375         (JSC::JIT::privateCompilePutByIdReplace):
2376
2377 2008-12-08  Gavin Barraclough  <barraclough@apple.com>
2378
2379         Reviewed by Oliver Hunt.
2380
2381         Port the op_j?n?eq_null JIT code generation to use the MacroAssembler,
2382         and clean up slightly at the same time.  The 'j' forms currently compare,
2383         then set a register, then compare again, then branch.  Branch directly on
2384         the result of the first compare.
2385
2386         Around a 1% progression on deltablue, crypto & early boyer, for about 1/2%
2387         overall on v8-tests.
2388
2389         * jit/JIT.cpp:
2390         (JSC::JIT::privateCompileMainPass):
2391         * jit/JITPropertyAccess.cpp:
2392         (JSC::JIT::compileGetByIdSlowCase):
2393
2394 2008-12-08  Gavin Barraclough  <barraclough@apple.com>
2395
2396         Reviewed by Geoff Garen.
2397
2398         Expand MacroAssembler to support more operations, required by the JIT.
2399
2400         Generally adds more operations and permutations of operands to the existing
2401         interface.  Rename 'jset' to 'jnz' and 'jnset' to 'jz', which seem clearer,
2402         and require that immediate pointer operands (though not pointer addresses to
2403         load and store instructions) are wrapped in a ImmPtr() type, akin to Imm32().
2404
2405         No performance impact.
2406
2407         * assembler/MacroAssembler.h:
2408         (JSC::MacroAssembler::):
2409         (JSC::MacroAssembler::ImmPtr::ImmPtr):
2410         (JSC::MacroAssembler::add32):
2411         (JSC::MacroAssembler::and32):
2412         (JSC::MacroAssembler::or32):
2413         (JSC::MacroAssembler::sub32):
2414         (JSC::MacroAssembler::xor32):
2415         (JSC::MacroAssembler::loadPtr):
2416         (JSC::MacroAssembler::load32):
2417         (JSC::MacroAssembler::storePtr):
2418         (JSC::MacroAssembler::store32):
2419         (JSC::MacroAssembler::poke):
2420         (JSC::MacroAssembler::move):
2421         (JSC::MacroAssembler::testImm32):
2422         (JSC::MacroAssembler::jae32):
2423         (JSC::MacroAssembler::jb32):
2424         (JSC::MacroAssembler::jePtr):
2425         (JSC::MacroAssembler::je32):
2426         (JSC::MacroAssembler::jnePtr):
2427         (JSC::MacroAssembler::jne32):
2428         (JSC::MacroAssembler::jnzPtr):
2429         (JSC::MacroAssembler::jnz32):
2430         (JSC::MacroAssembler::jzPtr):
2431         (JSC::MacroAssembler::jz32):
2432         (JSC::MacroAssembler::joSub32):
2433         (JSC::MacroAssembler::jump):
2434         (JSC::MacroAssembler::sete32):
2435         (JSC::MacroAssembler::setne32):
2436         (JSC::MacroAssembler::setnz32):
2437         (JSC::MacroAssembler::setz32):
2438         * assembler/X86Assembler.h:
2439         (JSC::X86Assembler::addl_mr):
2440         (JSC::X86Assembler::andl_i8r):
2441         (JSC::X86Assembler::cmpl_rm):
2442         (JSC::X86Assembler::cmpl_mr):
2443         (JSC::X86Assembler::cmpl_i8m):
2444         (JSC::X86Assembler::subl_mr):
2445         (JSC::X86Assembler::testl_i32m):
2446         (JSC::X86Assembler::xorl_i32r):
2447         (JSC::X86Assembler::movl_rm):
2448         (JSC::X86Assembler::modRm_opmsib):
2449         * jit/JIT.cpp:
2450         (JSC::JIT::privateCompileMainPass):
2451         * jit/JITInlineMethods.h:
2452         (JSC::JIT::emitGetVirtualRegister):
2453         (JSC::JIT::emitPutCTIArgConstant):
2454         (JSC::JIT::emitPutCTIParam):
2455         (JSC::JIT::emitPutImmediateToCallFrameHeader):
2456         (JSC::JIT::emitInitRegister):
2457         (JSC::JIT::checkStructure):
2458         (JSC::JIT::emitJumpIfJSCell):
2459         (JSC::JIT::emitJumpIfNotJSCell):
2460         (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
2461
2462 2008-12-08  Geoffrey Garen  <ggaren@apple.com>
2463
2464         Reviewed by Sam Weinig.
2465         
2466         Fixed a bug where WREC would allow a quantifier whose minimum was
2467         greater than its maximum.
2468         
2469         * wrec/Quantifier.h:
2470         (JSC::WREC::Quantifier::Quantifier): ASSERT that the quantifier is not
2471         backwards.
2472         
2473         * wrec/WRECParser.cpp:
2474         (JSC::WREC::Parser::consumeGreedyQuantifier): Verify that the minimum
2475         is not greater than the maximum.
2476
2477 2008-12-08  Eric Seidel  <eric@webkit.org>
2478         
2479         Build fix only, no review.
2480
2481         * JavaScriptCore.scons: add bytecode/JumpTable.cpp
2482
2483 2008-12-08  Sam Weinig  <sam@webkit.org>
2484
2485         Reviewed by Geoffrey Garen.
2486
2487         Patch for https://bugs.webkit.org/show_bug.cgi?id=22716
2488         <rdar://problem/6428315>
2489         Add RareData structure to CodeBlock for infrequently used auxiliary data
2490         members.
2491
2492         Reduces memory on Membuster-head by ~.5MB 
2493
2494         * bytecode/CodeBlock.cpp:
2495         (JSC::CodeBlock::dump):
2496         (JSC::CodeBlock::dumpStatistics):
2497         (JSC::CodeBlock::mark):
2498         (JSC::CodeBlock::getHandlerForVPC):
2499         (JSC::CodeBlock::nativeExceptionCodeForHandlerVPC):
2500         (JSC::CodeBlock::shrinkToFit):
2501         * bytecode/CodeBlock.h:
2502         (JSC::CodeBlock::numberOfExceptionHandlers):
2503         (JSC::CodeBlock::addExceptionHandler):
2504         (JSC::CodeBlock::exceptionHandler):
2505         (JSC::CodeBlock::addFunction):
2506         (JSC::CodeBlock::function):
2507         (JSC::CodeBlock::addUnexpectedConstant):
2508         (JSC::CodeBlock::unexpectedConstant):
2509         (JSC::CodeBlock::addRegExp):
2510         (JSC::CodeBlock::regexp):
2511         (JSC::CodeBlock::numberOfImmediateSwitchJumpTables):
2512         (JSC::CodeBlock::addImmediateSwitchJumpTable):
2513         (JSC::CodeBlock::immediateSwitchJumpTable):
2514         (JSC::CodeBlock::numberOfCharacterSwitchJumpTables):
2515         (JSC::CodeBlock::addCharacterSwitchJumpTable):
2516         (JSC::CodeBlock::characterSwitchJumpTable):
2517         (JSC::CodeBlock::numberOfStringSwitchJumpTables):
2518         (JSC::CodeBlock::addStringSwitchJumpTable):
2519         (JSC::CodeBlock::stringSwitchJumpTable):
2520         (JSC::CodeBlock::evalCodeCache):
2521         (JSC::CodeBlock::createRareDataIfNecessary):
2522
2523 2008-11-26  Peter Kasting  <pkasting@google.com>
2524
2525         Reviewed by Anders Carlsson.
2526
2527         https://bugs.webkit.org/show_bug.cgi?id=16814
2528         Allow ports to disable ActiveX->NPAPI conversion for Media Player.
2529         Improve handling of miscellaneous ActiveX objects.
2530
2531         * wtf/Platform.h: Add another ENABLE(...).
2532
2533 2008-12-08  Sam Weinig  <sam@webkit.org>
2534
2535         Reviewed by Mark Rowe.
2536
2537         Add dumping of CodeBlock member structure usage.
2538
2539         * bytecode/CodeBlock.cpp:
2540         (JSC::CodeBlock::dumpStatistics):
2541         * bytecode/EvalCodeCache.h:
2542         (JSC::EvalCodeCache::isEmpty):
2543
2544 2008-12-08  David Kilzer  <ddkilzer@apple.com>
2545
2546         Bug 22555: Sort "children" sections in Xcode project files
2547
2548         <https://bugs.webkit.org/show_bug.cgi?id=22555>
2549
2550         Reviewed by Eric Seidel.
2551
2552         * JavaScriptCore.xcodeproj/project.pbxproj: Sorted.
2553
2554 2008-12-08  Tony Chang  <tony@chromium.org>
2555
2556         Reviewed by Eric Seidel.
2557
2558         Enable Pan scrolling only when building on PLATFORM(WIN_OS)
2559         Previously platforms like Apple Windows WebKit, Cairo Windows WebKit,
2560         Wx and Chromium were enabling it explicitly, now we just turn it on
2561         for all WIN_OS, later platforms can turn it off as needed on Windows
2562         (or turn it on under Linux, etc.)
2563         https://bugs.webkit.org/show_bug.cgi?id=22698
2564
2565         * wtf/Platform.h:
2566
2567 2008-12-08  Sam Weinig  <sam@webkit.org>
2568
2569         Reviewed by Cameron Zwarich.
2570
2571         Add basic memory statistics dumping for CodeBlock.
2572
2573         * bytecode/CodeBlock.cpp:
2574         (JSC::CodeBlock::dumpStatistics):
2575         (JSC::CodeBlock::CodeBlock):
2576         (JSC::CodeBlock::~CodeBlock):
2577         * bytecode/CodeBlock.h:
2578
2579 2008-12-08  Simon Hausmann  <simon.hausmann@nokia.com>
2580
2581         Fix the Linux build with newer gcc/glibc.
2582
2583         * jit/ExecutableAllocatorPosix.cpp: Include unistd.h for
2584         getpagesize(), according to
2585         http://opengroup.org/onlinepubs/007908775/xsh/getpagesize.html
2586
2587 2008-12-08  Simon Hausmann  <simon.hausmann@nokia.com>
2588
2589         Fix the build with Qt on Windows.
2590
2591         * JavaScriptCore.pri: Compile ExecutableAllocatorWin.cpp on Windows.
2592
2593 2008-12-07  Oliver Hunt  <oliver@apple.com>
2594
2595         Reviewed by NOBODY (Buildfix).
2596
2597         Fix non-WREC builds
2598
2599         * runtime/RegExp.cpp:
2600         (JSC::RegExp::RegExp):
2601
2602 2008-12-07  Oliver Hunt  <oliver@apple.com>
2603
2604         Reviewed by NOBODY (Build fix).
2605
2606         Put ENABLE(ASSEMBLER) guards around use of ExecutableAllocator in global data
2607
2608         Correct Qt and Gtk project files
2609
2610         * GNUmakefile.am:
2611         * JavaScriptCore.pri:
2612         * runtime/JSGlobalData.h:
2613
2614 2008-12-07  Oliver Hunt  <oliver@apple.com>
2615
2616         Reviewed by NOBODY (Build fix).
2617
2618         Add new files to other projects.
2619
2620         * GNUmakefile.am:
2621         * JavaScriptCore.pri:
2622         * JavaScriptCore.pro:
2623
2624 2008-12-07  Oliver Hunt  <oliver@apple.com>
2625
2626         Rubber stamped by Mark Rowe.
2627
2628         Rename ExecutableAllocatorMMAP to the more sensible ExecutableAllocatorPosix
2629
2630         * JavaScriptCore.xcodeproj/project.pbxproj:
2631         * jit/ExecutableAllocator.h:
2632         * jit/ExecutableAllocatorPosix.cpp: Renamed from JavaScriptCore/jit/ExecutableAllocatorMMAP.cpp.
2633         (JSC::ExecutableAllocator::intializePageSize):
2634         (JSC::ExecutablePool::systemAlloc):
2635         (JSC::ExecutablePool::systemRelease):
2636
2637 2008-12-07  Oliver Hunt  <oliver@apple.com>
2638
2639         Reviewed by Cameron Zwarich and Sam Weinig
2640
2641         <rdar://problem/6309878> Need more granular control over allocation of executable memory (21783)
2642         <https://bugs.webkit.org/show_bug.cgi?id=21783>
2643
2644         Add a new allocator for use by the JIT that provides executable pages, so
2645         we can get rid of the current hack that makes the entire heap executable.
2646
2647         1-2% progression on SunSpider-v8, 1% on SunSpider.  Reduces memory usage as well!
2648
2649         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2650         * JavaScriptCore.vcproj/jsc/jsc.vcproj:
2651         * JavaScriptCore.xcodeproj/project.pbxproj:
2652         * assembler/AssemblerBuffer.h:
2653         (JSC::AssemblerBuffer::size):
2654         (JSC::AssemblerBuffer::executableCopy):
2655         * assembler/MacroAssembler.h:
2656         (JSC::MacroAssembler::size):
2657         (JSC::MacroAssembler::copyCode):
2658         * assembler/X86Assembler.h:
2659         (JSC::X86Assembler::size):
2660         (JSC::X86Assembler::executableCopy):
2661         * bytecode/CodeBlock.cpp:
2662         (JSC::CodeBlock::~CodeBlock):
2663         * bytecode/CodeBlock.h:
2664         (JSC::CodeBlock::executablePool):
2665         (JSC::CodeBlock::setExecutablePool):
2666         * bytecode/Instruction.h:
2667         (JSC::PolymorphicAccessStructureList::derefStructures):
2668         * interpreter/Interpreter.cpp:
2669         (JSC::Interpreter::~Interpreter):
2670         * interpreter/Interpreter.h:
2671         * jit/ExecutableAllocator.cpp: Added.
2672         * jit/ExecutableAllocator.h: Added.
2673         (JSC::ExecutablePool::create):
2674         (JSC::ExecutablePool::alloc):
2675         (JSC::ExecutablePool::~ExecutablePool):
2676         (JSC::ExecutablePool::available):
2677         (JSC::ExecutablePool::ExecutablePool):
2678         (JSC::ExecutablePool::poolAllocate):
2679         (JSC::ExecutableAllocator::ExecutableAllocator):
2680         (JSC::ExecutableAllocator::poolForSize):
2681         (JSC::ExecutablePool::sizeForAllocation):
2682         * jit/ExecutableAllocatorMMAP.cpp: Added.
2683         (JSC::ExecutableAllocator::intializePageSize):
2684         (JSC::ExecutablePool::systemAlloc):
2685         (JSC::ExecutablePool::systemRelease):
2686         * jit/ExecutableAllocatorWin.cpp: Added.
2687         (JSC::ExecutableAllocator::intializePageSize):
2688         (JSC::ExecutablePool::systemAlloc):
2689         (JSC::ExecutablePool::systemRelease):
2690         * jit/JIT.cpp:
2691         (JSC::JIT::privateCompile):
2692         (JSC::JIT::privateCompileCTIMachineTrampolines):
2693         * jit/JIT.h:
2694         (JSC::JIT::compileCTIMachineTrampolines):
2695         * jit/JITPropertyAccess.cpp:
2696         (JSC::JIT::privateCompilePutByIdTransition):
2697         (JSC::JIT::privateCompilePatchGetArrayLength):
2698         (JSC::JIT::privateCompileGetByIdSelf):
2699         (JSC::JIT::privateCompileGetByIdProto):
2700         (JSC::JIT::privateCompileGetByIdSelfList):
2701         (JSC::JIT::privateCompileGetByIdProtoList):
2702         (JSC::JIT::privateCompileGetByIdChainList):
2703         (JSC::JIT::privateCompileGetByIdChain):
2704         (JSC::JIT::privateCompilePutByIdReplace):
2705         * parser/Nodes.cpp:
2706         (JSC::RegExpNode::emitBytecode):
2707         * runtime/JSGlobalData.h:
2708         (JSC::JSGlobalData::poolForSize):
2709         * runtime/RegExp.cpp:
2710         (JSC::RegExp::RegExp):
2711         (JSC::RegExp::create):
2712         (JSC::RegExp::~RegExp):
2713         * runtime/RegExp.h:
2714         * runtime/RegExpConstructor.cpp:
2715         (JSC::constructRegExp):
2716         * runtime/RegExpPrototype.cpp:
2717         (JSC::regExpProtoFuncCompile):
2718         * runtime/StringPrototype.cpp:
2719         (JSC::stringProtoFuncMatch):
2720         (JSC::stringProtoFuncSearch):
2721         * wrec/WREC.cpp:
2722         (JSC::WREC::Generator::compileRegExp):
2723         * wrec/WRECGenerator.h:
2724         * wtf/FastMalloc.cpp:
2725         * wtf/FastMalloc.h:
2726         * wtf/TCSystemAlloc.cpp:
2727         (TryMmap):
2728         (TryVirtualAlloc):
2729         (TryDevMem):
2730         (TCMalloc_SystemRelease):
2731
2732 2008-12-06  Sam Weinig  <sam@webkit.org>
2733
2734         Fix the Gtk build.
2735
2736         * jit/JITPropertyAccess.cpp:
2737         (JSC::JIT::compileGetByIdHotPath):
2738         (JSC::JIT::compilePutByIdHotPath):
2739
2740 2008-12-06  Sam Weinig  <sam@webkit.org>
2741
2742         Reviewed by Cameron Zwarich,
2743
2744         Move CodeBlock constructor into the .cpp file.
2745
2746         Sunspider reports a .7% progression, but I can only assume this
2747         is noise.
2748
2749         * bytecode/CodeBlock.cpp:
2750         (JSC::CodeBlock::CodeBlock):
2751         * bytecode/CodeBlock.h:
2752
2753 2008-12-06  Sam Weinig  <sam@webkit.org>
2754
2755         Reviewed by Cameron Zwarich.
2756
2757         Split JumpTable code into its own file.
2758
2759         * GNUmakefile.am:
2760         * JavaScriptCore.pri:
2761         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2762         * JavaScriptCore.xcodeproj/project.pbxproj:
2763         * JavaScriptCoreSources.bkl:
2764         * bytecode/CodeBlock.cpp:
2765         * bytecode/CodeBlock.h:
2766         * bytecode/JumpTable.cpp: Copied from bytecode/CodeBlock.cpp.
2767         * bytecode/JumpTable.h: Copied from bytecode/CodeBlock.h.
2768
2769 2008-12-05  Sam Weinig  <sam@webkit.org>
2770
2771         Reviewed by Cameron Zwarich.
2772
2773         Fix for https://bugs.webkit.org/show_bug.cgi?id=22715
2774         Encapsulate more CodeBlock members in preparation
2775         of moving some of them to a rare data structure.
2776
2777         * bytecode/CodeBlock.cpp:
2778         (JSC::locationForOffset):
2779         (JSC::printConditionalJump):
2780         (JSC::printGetByIdOp):
2781         (JSC::printPutByIdOp):
2782         (JSC::CodeBlock::printStructure):
2783         (JSC::CodeBlock::printStructures):
2784         (JSC::CodeBlock::dump):
2785         (JSC::CodeBlock::~CodeBlock):
2786         (JSC::CodeBlock::unlinkCallers):
2787         (JSC::CodeBlock::derefStructures):
2788         (JSC::CodeBlock::refStructures):
2789         (JSC::CodeBlock::mark):
2790         (JSC::CodeBlock::getHandlerForVPC):
2791         (JSC::CodeBlock::nativeExceptionCodeForHandlerVPC):
2792         (JSC::CodeBlock::lineNumberForVPC):
2793         (JSC::CodeBlock::expressionRangeForVPC):
2794         (JSC::CodeBlock::shrinkToFit):
2795         * bytecode/CodeBlock.h:
2796         (JSC::CodeBlock::CodeBlock):
2797         (JSC::CodeBlock::addCaller):
2798         (JSC::CodeBlock::removeCaller):
2799         (JSC::CodeBlock::isKnownNotImmediate):
2800         (JSC::CodeBlock::isConstantRegisterIndex):
2801         (JSC::CodeBlock::getConstant):
2802         (JSC::CodeBlock::isTemporaryRegisterIndex):
2803         (JSC::CodeBlock::getStubInfo):
2804         (JSC::CodeBlock::getCallLinkInfo):
2805         (JSC::CodeBlock::instructions):
2806         (JSC::CodeBlock::setJITCode):
2807         (JSC::CodeBlock::jitCode):
2808         (JSC::CodeBlock::ownerNode):
2809         (JSC::CodeBlock::setGlobalData):
2810         (JSC::CodeBlock::setThisRegister):
2811         (JSC::CodeBlock::thisRegister):
2812         (JSC::CodeBlock::setNeedsFullScopeChain):
2813         (JSC::CodeBlock::needsFullScopeChain):
2814         (JSC::CodeBlock::setUsesEval):
2815         (JSC::CodeBlock::usesEval):
2816         (JSC::CodeBlock::setUsesArguments):
2817         (JSC::CodeBlock::usesArguments):
2818         (JSC::CodeBlock::codeType):
2819         (JSC::CodeBlock::source):
2820         (JSC::CodeBlock::sourceOffset):
2821         (JSC::CodeBlock::addGlobalResolveInstruction):
2822         (JSC::CodeBlock::numberOfPropertyAccessInstructions):
2823         (JSC::CodeBlock::addPropertyAccessInstruction):
2824         (JSC::CodeBlock::propertyAccessInstruction):
2825         (JSC::CodeBlock::numberOfCallLinkInfos):
2826         (JSC::CodeBlock::addCallLinkInfo):
2827         (JSC::CodeBlock::callLinkInfo):
2828         (JSC::CodeBlock::numberOfJumpTargets):
2829         (JSC::CodeBlock::addJumpTarget):
2830         (JSC::CodeBlock::jumpTarget):
2831         (JSC::CodeBlock::lastJumpTarget):
2832         (JSC::CodeBlock::numberOfExceptionHandlers):
2833         (JSC::CodeBlock::addExceptionHandler):
2834         (JSC::CodeBlock::exceptionHandler):
2835         (JSC::CodeBlock::addExpressionInfo):
2836         (JSC::CodeBlock::numberOfLineInfos):
2837         (JSC::CodeBlock::addLineInfo):
2838         (JSC::CodeBlock::lastLineInfo):
2839         (JSC::CodeBlock::jitReturnAddressVPCMap):
2840         (JSC::CodeBlock::numberOfIdentifiers):
2841         (JSC::CodeBlock::addIdentifier):
2842         (JSC::CodeBlock::identifier):
2843         (JSC::CodeBlock::numberOfConstantRegisters):
2844         (JSC::CodeBlock::addConstantRegister):
2845         (JSC::CodeBlock::constantRegister):
2846         (JSC::CodeBlock::addFunction):
2847         (JSC::CodeBlock::function):
2848         (JSC::CodeBlock::addFunctionExpression):
2849         (JSC::CodeBlock::functionExpression):
2850         (JSC::CodeBlock::addUnexpectedConstant):
2851         (JSC::CodeBlock::unexpectedConstant):
2852         (JSC::CodeBlock::addRegExp):
2853         (JSC::CodeBlock::regexp):
2854         (JSC::CodeBlock::symbolTable):
2855         (JSC::CodeBlock::evalCodeCache):
2856         New inline setters/getters.
2857
2858         (JSC::ProgramCodeBlock::ProgramCodeBlock):
2859         (JSC::ProgramCodeBlock::~ProgramCodeBlock):
2860         (JSC::ProgramCodeBlock::clearGlobalObject):
2861         * bytecode/SamplingTool.cpp:
2862         (JSC::ScopeSampleRecord::sample):
2863         (JSC::SamplingTool::dump):
2864         * bytecompiler/BytecodeGenerator.cpp:
2865         * bytecompiler/BytecodeGenerator.h:
2866         * bytecompiler/Label.h:
2867         * interpreter/CallFrame.cpp:
2868         * interpreter/Interpreter.cpp:
2869         * jit/JIT.cpp:
2870         * jit/JITCall.cpp:
2871         * jit/JITInlineMethods.h:
2872         * jit/JITPropertyAccess.cpp:
2873         * parser/Nodes.cpp:
2874         * runtime/Arguments.h:
2875         * runtime/ExceptionHelpers.cpp:
2876         * runtime/JSActivation.cpp:
2877         * runtime/JSActivation.h:
2878         * runtime/JSGlobalObject.cpp:
2879         Change direct access to use new getter/setters.
2880
2881 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2882
2883         Reviewed by Oliver Hunt.
2884
2885         Prevent GCC4.2 from hanging when trying to compile Interpreter.cpp.
2886         Added "-fno-var-tracking" compiler flag.
2887
2888         https://bugs.webkit.org/show_bug.cgi?id=22704
2889
2890         * JavaScriptCore.xcodeproj/project.pbxproj:
2891
2892 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2893
2894         Reviewed by Oliver Hunt.
2895
2896         Ordering of branch operands in MacroAssembler in unnecessarily  inconsistent.
2897
2898         je, jg etc take an immediate operand as the second argument, but for the
2899         equality branches (je, jne) the immediate operand was the first argument.  This
2900         was unnecessarily inconsistent.  Change je, jne methods to take the immediate
2901         as the second argument.
2902
2903         https://bugs.webkit.org/show_bug.cgi?id=22703
2904
2905         * assembler/MacroAssembler.h:
2906         (JSC::MacroAssembler::je32):
2907         (JSC::MacroAssembler::jne32):
2908         * jit/JIT.cpp:
2909         (JSC::JIT::compileOpStrictEq):
2910         * wrec/WRECGenerator.cpp:
2911         (JSC::WREC::Generator::generateEnter):
2912         (JSC::WREC::Generator::generateNonGreedyQuantifier):
2913         (JSC::WREC::Generator::generateGreedyQuantifier):
2914         (JSC::WREC::Generator::generatePatternCharacterPair):
2915         (JSC::WREC::Generator::generatePatternCharacter):
2916         (JSC::WREC::Generator::generateCharacterClassInvertedRange):
2917         (JSC::WREC::Generator::generateCharacterClassInverted):
2918         (JSC::WREC::Generator::generateAssertionBOL):
2919         (JSC::WREC::Generator::generateAssertionWordBoundary):
2920
2921 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2922
2923         Reviewed by Geoff Garen.
2924
2925         Second tranche of porting JIT.cpp to MacroAssembler interface.
2926
2927         * assembler/MacroAssembler.h:
2928         (JSC::MacroAssembler::mul32):
2929         (JSC::MacroAssembler::jl32):
2930         (JSC::MacroAssembler::jnzSub32):
2931         (JSC::MacroAssembler::joAdd32):
2932         (JSC::MacroAssembler::joMul32):
2933         (JSC::MacroAssembler::jzSub32):
2934         * jit/JIT.cpp:
2935         (JSC::JIT::emitSlowScriptCheck):
2936         (JSC::JIT::privateCompileMainPass):
2937         (JSC::JIT::privateCompileSlowCases):
2938         (JSC::JIT::privateCompileCTIMachineTrampolines):
2939         * jit/JIT.h:
2940         * jit/JITInlineMethods.h:
2941         (JSC::JIT::emitJumpIfNotJSCell):
2942         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
2943
2944 2008-12-05  David Kilzer  <ddkilzer@apple.com>
2945
2946         Bug 22609: Provide a build-time choice when generating hash tables for properties of built-in DOM objects
2947
2948         <https://bugs.webkit.org/show_bug.cgi?id=22609>
2949         <rdar://problem/6331749>
2950
2951         Reviewed by Darin Adler.
2952
2953         Initial patch by Yosen Lin.  Adapted for ToT WebKit by David Kilzer.
2954
2955         Added back the code that generates a "compact" hash (instead of a
2956         perfect hash) as a build-time option using the
2957         ENABLE(PERFECT_HASH_SIZE) macro as defined in Lookup.h.
2958
2959         * create_hash_table: Rename variables to differentiate perfect hash
2960         values from compact hash values.  Added back code to compute compact
2961         hash tables.  Generate both hash table sizes and emit
2962         conditionalized code based on ENABLE(PERFECT_HASH_SIZE).
2963         * runtime/Lookup.cpp:
2964         (JSC::HashTable::createTable): Added version of createTable() for
2965         use with compact hash tables.
2966         (JSC::HashTable::deleteTable): Updated to work with compact hash
2967         tables.
2968         * runtime/Lookup.h: Defined ENABLE(PERFECT_HASH_SIZE) macro here.
2969         (JSC::HashEntry::initialize): Set m_next to zero when using compact
2970         hash tables.
2971         (JSC::HashEntry::setNext): Added for compact hash tables.
2972         (JSC::HashEntry::next): Added for compact hash tables.
2973         (JSC::HashTable::entry): Added version of entry() for use with
2974         compact hash tables.
2975         * runtime/Structure.cpp:
2976         (JSC::Structure::getEnumerablePropertyNames): Updated to work with
2977         compact hash tables.
2978
2979 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2980
2981         Reviewed by Geoff Garen.
2982
2983         Remove redundant calls to JIT::emitSlowScriptCheck.
2984         This is checked in the hot path, so is not needed on the slow path - and the code
2985         was being planted before the start of the slow case, so was completely unreachable!
2986
2987         * jit/JIT.cpp:
2988         (JSC::JIT::privateCompileSlowCases):
2989
2990 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
2991
2992         Reviewed by Geoff Garen.
2993
2994         Move JIT::compileOpStrictEq to MacroAssembler interface.
2995
2996         The rewrite also looks like a small (<1%) performance progression.
2997
2998         https://bugs.webkit.org/show_bug.cgi?id=22697
2999
3000         * jit/JIT.cpp:
3001         (JSC::JIT::compileOpStrictEq):
3002         (JSC::JIT::privateCompileSlowCases):
3003         * jit/JIT.h:
3004         * jit/JITInlineMethods.h:
3005         (JSC::JIT::emitJumpIfJSCell):
3006         (JSC::JIT::emitJumpSlowCaseIfJSCell):
3007
3008 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
3009
3010         Reviewed by Geoff Garen.
3011
3012         Remove m_assembler from MacroAssembler::Jump.
3013         Keeping a pointer allowed for some syntactic sugar - "link()" looks nicer
3014         than "link(this)".  But maintaining this doubles the size of Jump, which
3015         is even more unfortunate for the JIT, since there are many large structures
3016         holding JmpSrcs.  Probably best to remove it.
3017
3018         https://bugs.webkit.org/show_bug.cgi?id=22693
3019
3020         * assembler/MacroAssembler.h:
3021         (JSC::MacroAssembler::Jump::Jump):
3022         (JSC::MacroAssembler::Jump::link):
3023         (JSC::MacroAssembler::Jump::linkTo):
3024         (JSC::MacroAssembler::JumpList::link):
3025         (JSC::MacroAssembler::JumpList::linkTo):
3026         (JSC::MacroAssembler::jae32):
3027         (JSC::MacroAssembler::je32):
3028         (JSC::MacroAssembler::je16):
3029         (JSC::MacroAssembler::jg32):
3030         (JSC::MacroAssembler::jge32):
3031         (JSC::MacroAssembler::jl32):
3032         (JSC::MacroAssembler::jle32):
3033         (JSC::MacroAssembler::jnePtr):
3034         (JSC::MacroAssembler::jne32):
3035         (JSC::MacroAssembler::jnset32):
3036         (JSC::MacroAssembler::jset32):
3037         (JSC::MacroAssembler::jump):
3038         (JSC::MacroAssembler::jzSub32):
3039         (JSC::MacroAssembler::joAdd32):
3040         (JSC::MacroAssembler::call):
3041         * wrec/WREC.cpp:
3042         (JSC::WREC::Generator::compileRegExp):
3043         * wrec/WRECGenerator.cpp:
3044         (JSC::WREC::Generator::generateEnter):
3045         (JSC::WREC::Generator::generateBackreferenceQuantifier):
3046         (JSC::WREC::Generator::generateNonGreedyQuantifier):
3047         (JSC::WREC::Generator::generateGreedyQuantifier):
3048         (JSC::WREC::Generator::generatePatternCharacter):
3049         (JSC::WREC::Generator::generateCharacterClassInvertedRange):
3050         (JSC::WREC::Generator::generateCharacterClassInverted):
3051         (JSC::WREC::Generator::generateCharacterClass):
3052         (JSC::WREC::Generator::generateParenthesesAssertion):
3053         (JSC::WREC::Generator::generateParenthesesInvertedAssertion):
3054         (JSC::WREC::Generator::generateParenthesesNonGreedy):
3055         (JSC::WREC::Generator::generateParenthesesResetTrampoline):
3056         (JSC::WREC::Generator::generateAssertionBOL):
3057         (JSC::WREC::Generator::generateAssertionEOL):
3058         (JSC::WREC::Generator::generateAssertionWordBoundary):
3059         (JSC::WREC::Generator::generateBackreference):
3060         (JSC::WREC::Generator::terminateAlternative):
3061         (JSC::WREC::Generator::terminateDisjunction):
3062         * wrec/WRECParser.h:
3063
3064 2008-12-05  Gavin Barraclough  <barraclough@apple.com>
3065
3066         Reviewed by Geoffrey Garen.
3067
3068         Simplify JIT generated checks for timeout code, by moving more work into the C function.
3069         https://bugs.webkit.org/show_bug.cgi?id=22688
3070
3071         * interpreter/Interpreter.cpp:
3072         (JSC::Interpreter::cti_timeout_check):
3073         * interpreter/Interpreter.h:
3074         * jit/JIT.cpp:
3075         (JSC::JIT::emitSlowScriptCheck):
3076
3077 2008-12-05  Sam Weinig  <sam@webkit.org>
3078
3079         Reviewed by Geoffrey Garen.
3080
3081         Encapsulate access to jump tables in the CodeBlock in preparation
3082         of moving them to a rare data structure.
3083
3084         * bytecode/CodeBlock.cpp:
3085         (JSC::CodeBlock::dump):
3086         (JSC::CodeBlock::shrinkToFit):
3087         * bytecode/CodeBlock.h:
3088         (JSC::CodeBlock::numberOfImmediateSwitchJumpTables):
3089         (JSC::CodeBlock::addImmediateSwitchJumpTable):
3090         (JSC::CodeBlock::immediateSwitchJumpTable):
3091         (JSC::CodeBlock::numberOfCharacterSwitchJumpTables):
3092         (JSC::CodeBlock::addCharacterSwitchJumpTable):
3093         (JSC::CodeBlock::characterSwitchJumpTable):
3094         (JSC::CodeBlock::numberOfStringSwitchJumpTables):
3095         (JSC::CodeBlock::addStringSwitchJumpTable):
3096         (JSC::CodeBlock::stringSwitchJumpTable):
3097         * bytecompiler/BytecodeGenerator.cpp:
3098         (JSC::BytecodeGenerator::generate):
3099         (JSC::BytecodeGenerator::endSwitch):
3100         * interpreter/Interpreter.cpp:
3101         (JSC::Interpreter::privateExecute):
3102         (JSC::Interpreter::cti_op_switch_imm):
3103         (JSC::Interpreter::cti_op_switch_char):
3104         (JSC::Interpreter::cti_op_switch_string):
3105         * jit/JIT.cpp:
3106         (JSC::JIT::privateCompileMainPass):
3107
3108 2008-12-05  Adam Roben  <aroben@apple.com>
3109
3110         Windows build fix after r39020
3111
3112         * jit/JITInlineMethods.h:
3113         (JSC::JIT::restoreArgumentReference):
3114         (JSC::JIT::restoreArgumentReferenceForTrampoline):
3115         Add some apparently-missing __.
3116
3117 2008-12-04  Geoffrey Garen  <ggaren@apple.com>
3118
3119         Reviewed by Darin Adler.
3120         
3121         https://bugs.webkit.org/show_bug.cgi?id=22673
3122         
3123         Added support for the assertion (?=) and inverted assertion (?!) atoms
3124         in WREC.
3125
3126         * wrec/WRECGenerator.cpp:
3127         (JSC::WREC::Generator::generateParenthesesAssertion):
3128         (JSC::WREC::Generator::generateParenthesesInvertedAssertion): Split the
3129         old (unused) generateParentheses into these two functions, with more
3130         limited capabilities.
3131         
3132         * wrec/WRECGenerator.h:
3133         (JSC::WREC::Generator::): Moved an enum to the top of the class definition,
3134         to match the WebKit style, and removed a defunct comment.
3135
3136         * wrec/WRECParser.cpp:
3137         (JSC::WREC::Parser::parseParentheses):
3138         (JSC::WREC::Parser::consumeParenthesesType):
3139         * wrec/WRECParser.h:
3140         (JSC::WREC::Parser::): Added support for parsing (?=) and (?!).
3141
3142 2008-12-05  Simon Hausmann  <simon.hausmann@nokia.com>
3143
3144         Rubber-stamped by Tor Arne Vestbø.
3145
3146         Disable the JIT for the Qt build alltogether again, after observing
3147         more miscompilations in a wider range of newer gcc versions.
3148
3149         * JavaScriptCore.pri:
3150
3151 2008-12-05  Simon Hausmann  <simon.hausmann@nokia.com>
3152
3153         Reviewed by Tor Arne Vestbø.
3154
3155         Disable the JIT for the Qt build on Linux unless gcc is >= 4.2,
3156         due to miscompilations.
3157
3158         * JavaScriptCore.pri:
3159
3160 2008-12-04  Gavin Barraclough  <barraclough@apple.com>
3161
3162         Reviewed by Geoff Garen.
3163
3164         Start porting the JIT to use the MacroAssembler.
3165
3166         https://bugs.webkit.org/show_bug.cgi?id=22671
3167         No change in performance.
3168
3169         * assembler/MacroAssembler.h:
3170         (JSC::MacroAssembler::Jump::operator X86Assembler::JmpSrc):
3171         (JSC::MacroAssembler::add32):
3172         (JSC::MacroAssembler::and32):
3173         (JSC::MacroAssembler::lshift32):
3174         (JSC::MacroAssembler::rshift32):
3175         (JSC::MacroAssembler::storePtr):
3176         (JSC::MacroAssembler::store32):
3177         (JSC::MacroAssembler::poke):
3178         (JSC::MacroAssembler::move):
3179         (JSC::MacroAssembler::compareImm32ForBranchEquality):
3180         (JSC::MacroAssembler::jnePtr):
3181         (JSC::MacroAssembler::jnset32):
3182         (JSC::MacroAssembler::jset32):
3183         (JSC::MacroAssembler::jzeroSub32):
3184         (JSC::MacroAssembler::joverAdd32):
3185         (JSC::MacroAssembler::call):
3186         * assembler/X86Assembler.h:
3187         (JSC::X86Assembler::shll_i8r):
3188         * jit/JIT.cpp:
3189         (JSC::JIT::privateCompileMainPass):
3190         (JSC::JIT::privateCompile):
3191         (JSC::JIT::privateCompileCTIMachineTrampolines):
3192         * jit/JIT.h:
3193         * jit/JITArithmetic.cpp:
3194         (JSC::JIT::compileBinaryArithOp):
3195         * jit/JITInlineMethods.h:
3196         (JSC::JIT::emitGetVirtualRegister):
3197         (JSC::JIT::emitPutCTIArg):
3198         (JSC::JIT::emitPutCTIArgConstant):
3199         (JSC::JIT::emitGetCTIArg):
3200         (JSC::JIT::emitPutCTIArgFromVirtualRegister):
3201         (JSC::JIT::emitPutCTIParam):
3202         (JSC::JIT::emitGetCTIParam):
3203         (JSC::JIT::emitPutToCallFrameHeader):
3204         (JSC::JIT::emitPutImmediateToCallFrameHeader):
3205         (JSC::JIT::emitGetFromCallFrameHeader):
3206         (JSC::JIT::emitPutVirtualRegister):
3207         (JSC::JIT::emitInitRegister):
3208         (JSC::JIT::emitNakedCall):
3209         (JSC::JIT::restoreArgumentReference):
3210         (JSC::JIT::restoreArgumentReferenceForTrampoline):
3211         (JSC::JIT::emitCTICall):
3212         (JSC::JIT::checkStructure):
3213         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
3214         (JSC::JIT::emitJumpSlowCaseIfNotImmNum):
3215         (JSC::JIT::emitJumpSlowCaseIfNotImmNums):
3216         (JSC::JIT::emitFastArithDeTagImmediate):
3217         (JSC::JIT::emitFastArithDeTagImmediateJumpIfZero):
3218         (JSC::JIT::emitFastArithReTagImmediate):
3219         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
3220         (JSC::JIT::emitFastArithImmToInt):
3221         (JSC::JIT::emitFastArithIntToImmOrSlowCase):
3222         (JSC::JIT::emitFastArithIntToImmNoCheck):
3223         (JSC::JIT::emitTagAsBoolImmediate):
3224         * jit/JITPropertyAccess.cpp:
3225         (JSC::JIT::privateCompilePutByIdTransition):
3226
3227 2008-12-04  Geoffrey Garen  <ggaren@apple.com>
3228
3229         Reviewed by Oliver Hunt.
3230         
3231         Some refactoring for generateGreedyQuantifier.
3232         
3233         SunSpider reports no change (possibly a 0.3% speedup).
3234
3235         * wrec/WRECGenerator.cpp:
3236         (JSC::WREC::Generator::generateGreedyQuantifier): Clarified label
3237         meanings and unified some logic to simplify things.
3238
3239         * wrec/WRECParser.h:
3240         (JSC::WREC::Parser::parseAlternative): Added a version of parseAlternative
3241         that can jump to a Label, instead of a JumpList, upon failure. (Eventually,
3242         when we have a true Label class, this will be redundant.) This makes
3243         things easier for generateGreedyQuantifier, because it can avoid
3244         explicitly linking things.
3245
3246 2008-12-04  Simon Hausmann  <simon.hausmann@nokia.com>
3247
3248         Reviewed by Holger Freyther.
3249
3250         Fix crashes in the Qt build on Linux/i386 with non-executable memory
3251         by enabling TCSystemAlloc and the PROT_EXEC flag for mmap.
3252
3253         * JavaScriptCore.pri: Enable the use of TCSystemAlloc if the JIT is
3254         enabled.
3255         * wtf/TCSystemAlloc.cpp: Extend the PROT_EXEC permissions to
3256         PLATFORM(QT).
3257
3258 2008-12-04  Simon Hausmann  <simon.hausmann@nokia.com>
3259
3260         Reviewed by Tor Arne Vestbø.
3261
3262         Enable ENABLE_JIT_OPTIMIZE_CALL, ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS
3263         and ENABLE_JIT_OPTIMIZE_ARITHMETIC, as suggested by Niko.
3264
3265         * JavaScriptCore.pri: 
3266
3267 2008-12-04  Kent Hansen  <khansen@trolltech.com>
3268
3269         Reviewed by Simon Hausmann.
3270
3271         Enable the JSC jit for the Qt build by default for release builds on
3272         linux-g++ and win32-msvc.
3273
3274         * JavaScriptCore.pri:
3275
3276 2008-12-04  Gavin Barraclough  <barraclough@apple.com>
3277
3278         Reviewed by Oliver Hunt.
3279
3280         Allow JIT to function without property access repatching and arithmetic optimizations.
3281         Controlled by ENABLE_JIT_OPTIMIZE_PROPERTY_ACCESS and ENABLE_JIT_OPTIMIZE_ARITHMETIC switches.
3282
3283         https://bugs.webkit.org/show_bug.cgi?id=22643
3284
3285         * JavaScriptCore.xcodeproj/project.pbxproj:
3286         * jit/JIT.cpp:
3287         (JSC::JIT::privateCompileMainPass):
3288         (JSC::JIT::privateCompileSlowCases):
3289         * jit/JIT.h:
3290         * jit/JITArithmetic.cpp: Copied from jit/JIT.cpp.
3291         (JSC::JIT::compileBinaryArithOp):
3292         (JSC::JIT::compileBinaryArithOpSlowCase):
3293         * jit/JITPropertyAccess.cpp: Copied from jit/JIT.cpp.
3294         (JSC::JIT::compileGetByIdHotPath):
3295         (JSC::JIT::compileGetByIdSlowCase):
3296         (JSC::JIT::compilePutByIdHotPath):
3297         (JSC::JIT::compilePutByIdSlowCase):
3298         (JSC::resizePropertyStorage):
3299         (JSC::transitionWillNeedStorageRealloc):
3300         (JSC::JIT::privateCompilePutByIdTransition):
3301         (JSC::JIT::patchGetByIdSelf):
3302         (JSC::JIT::patchPutByIdReplace):
3303         (JSC::JIT::privateCompilePatchGetArrayLength):
3304         * wtf/Platform.h:
3305
3306 2008-12-03  Geoffrey Garen  <ggaren@apple.com>
3307
3308         Reviewed by Oliver Hunt.
3309         
3310         Optimized sequences of characters in regular expressions by comparing
3311         two characters at a time.
3312         
3313         1-2% speedup on SunSpider, 19-25% speedup on regexp-dna.
3314
3315         * assembler/MacroAssembler.h:
3316         (JSC::MacroAssembler::load32):
3317         (JSC::MacroAssembler::jge32): Filled out a few more macro methods.
3318
3319         * assembler/X86Assembler.h:
3320         (JSC::X86Assembler::movl_mr): Added a verion of movl_mr that operates
3321         without an offset, to allow the macro assembler to optmize for that case.
3322         
3323         * wrec/WREC.cpp:
3324         (JSC::WREC::Generator::compileRegExp): Test the saved value of index
3325         instead of the index register when checking for "end of input." The
3326         index register doesn't increment by 1 in an orderly fashion, so testing
3327         it for == "end of input" is not valid.
3328         
3329         Also, jump all the way to "return failure" upon reaching "end of input,"
3330         instead of executing the next alternative. This is more logical, and
3331         it's a slight optimization in the case of an expression with many alternatives.
3332
3333         * wrec/WRECGenerator.cpp:
3334         (JSC::WREC::Generator::generateIncrementIndex): Added support for
3335         jumping to a failure label in the case where the index has reached "end
3336         of input."
3337
3338         (JSC::WREC::Generator::generatePatternCharacterSequence):
3339         (JSC::WREC::Generator::generatePatternCharacterPair): This is the
3340         optmization. It's basically like generatePatternCharacter, but it runs two
3341         characters at a time.
3342         
3343         (JSC::WREC::Generator::generatePatternCharacter): Changed to use isASCII,
3344         since it's clearer than comparing to a magic hex value.
3345         
3346         * wrec/WRECGenerator.h:
3347
3348 2008-12-03  Gavin Barraclough  <barraclough@apple.com>
3349
3350         Reviewed by Cameron Zwarich.
3351
3352         Allow JIT to operate without the call-repatching optimization.
3353         Controlled by ENABLE(JIT_OPTIMIZE_CALL), defaults on, disabling
3354         this leads to significant performance regression.
3355
3356         https://bugs.webkit.org/show_bug.cgi?id=22639
3357
3358         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3359         * JavaScriptCore.xcodeproj/project.pbxproj:
3360         * jit/JIT.cpp:
3361         (JSC::JIT::privateCompileSlowCases):
3362         * jit/JIT.h:
3363         * jit/JITCall.cpp: Copied from jit/JIT.cpp.
3364         (JSC::JIT::compileOpCallInitializeCallFrame):
3365         (JSC::JIT::compileOpCallSetupArgs):
3366         (JSC::JIT::compileOpCallEvalSetupArgs):
3367         (JSC::JIT::compileOpConstructSetupArgs):
3368         (JSC::JIT::compileOpCall):
3369         (JSC::JIT::compileOpCallSlowCase):
3370         (JSC::unreachable):
3371         * jit/JITInlineMethods.h: Copied from jit/JIT.cpp.
3372         (JSC::JIT::checkStructure):
3373         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
3374         (JSC::JIT::emitTagAsBoolImmediate):
3375         * wtf/Platform.h:
3376
3377 2008-12-03  Eric Seidel  <eric@webkit.org>
3378
3379         Rubber-stamped by David Hyatt.
3380
3381         Make HAVE_ACCESSIBILITY only define if !defined
3382
3383         * wtf/Platform.h:
3384
3385 2008-12-03  Sam Weinig  <sam@webkit.org>
3386
3387         Fix build.
3388
3389         * assembler/X86Assembler.h:
3390         (JSC::X86Assembler::orl_i32r):
3391
3392 2008-12-03  Sam Weinig  <sam@webkit.org>
3393
3394         Reviewed by Geoffrey Garen.
3395
3396         Remove shared AssemblerBuffer 1MB buffer and instead give AssemblerBuffer
3397         an 256 byte inline capacity.
3398
3399         1% progression on Sunspider.
3400
3401         * assembler/AssemblerBuffer.h:
3402         (JSC::AssemblerBuffer::AssemblerBuffer):
3403         (JSC::AssemblerBuffer::~AssemblerBuffer):
3404         (JSC::AssemblerBuffer::grow):
3405         * assembler/MacroAssembler.h:
3406         (JSC::MacroAssembler::MacroAssembler):
3407         * assembler/X86Assembler.h:
3408         (JSC::X86Assembler::X86Assembler):
3409         * interpreter/Interpreter.cpp:
3410         (JSC::Interpreter::Interpreter):
3411         * interpreter/Interpreter.h:
3412         * jit/JIT.cpp:
3413         (JSC::JIT::JIT):
3414         * parser/Nodes.cpp:
3415         (JSC::RegExpNode::emitBytecode):
3416         * runtime/RegExp.cpp:
3417         (JSC::RegExp::RegExp):
3418         (JSC::RegExp::create):
3419         * runtime/RegExp.h:
3420         * runtime/RegExpConstructor.cpp:
3421         (JSC::constructRegExp):
3422         * runtime/RegExpPrototype.cpp:
3423         (JSC::regExpProtoFuncCompile):
3424         * runtime/StringPrototype.cpp:
3425         (JSC::stringProtoFuncMatch):
3426         (JSC::stringProtoFuncSearch):
3427         * wrec/WREC.cpp:
3428         (JSC::WREC::Generator::compileRegExp):
3429         * wrec/WRECGenerator.h:
3430         (JSC::WREC::Generator::Generator):
3431         * wrec/WRECParser.h:
3432         (JSC::WREC::Parser::Parser):
3433
3434 2008-12-03  Geoffrey Garen  <ggaren@apple.com>
3435
3436         Reviewed by Oliver Hunt, with help from Gavin Barraclough.
3437         
3438         orl_i32r was actually coded as an 8bit OR. So, I renamed orl_i32r to
3439         orl_i8r, changed all orl_i32r clients to use orl_i8r, and then added
3440         a new orl_i32r that actually does a 32bit OR.
3441         
3442         (32bit OR is currently unused, but a patch I'm working on uses it.)
3443
3444         * assembler/MacroAssembler.h:
3445         (JSC::MacroAssembler::or32): Updated to choose between 8bit and 32bit OR.
3446
3447         * assembler/X86Assembler.h:
3448         (JSC::X86Assembler::orl_i8r): The old orl_i32r.
3449         (JSC::X86Assembler::orl_i32r): The new orl_i32r.
3450         
3451         * jit/JIT.cpp:
3452         (JSC::JIT::emitFastArithPotentiallyReTagImmediate):
3453         (JSC::JIT::emitTagAsBoolImmediate): Use orl_i8r, since we're ORing 8bit
3454         values.
3455
3456 2008-12-03  Dean Jackson  <dino@apple.com>
3457
3458         Reviewed by Dan Bernstein.
3459
3460         Helper functions for turn -> degrees.
3461         https://bugs.webkit.org/show_bug.cgi?id=22497
3462
3463         * wtf/MathExtras.h:
3464         (turn2deg):
3465         (deg2turn):
3466
3467 2008-12-02  Cameron Zwarich  <zwarich@apple.com>
3468
3469         Reviewed by Geoff Garen.
3470
3471         Bug 22504: Crashes during code generation occur due to refing of ignoredResult()
3472         <https://bugs.webkit.org/show_bug.cgi?id=22504>
3473
3474         Since ignoredResult() was implemented by casting 1 to a RegisterID*, any
3475         attempt to ref ignoredResult() results in a crash. This will occur in
3476         code generation of a function body where a node emits another node with
3477         the dst that was passed to it, and then refs the returned RegisterID*.
3478
3479         To fix this problem, make ignoredResult() a member function of
3480         BytecodeGenerator that simply returns a pointe to a fixed RegisterID
3481         member of BytecodeGenerator.
3482
3483         * bytecompiler/BytecodeGenerator.h:
3484         (JSC::BytecodeGenerator::ignoredResult):
3485         * bytecompiler/RegisterID.h:
3486         * parser/Nodes.cpp:
3487         (JSC::NullNode::emitBytecode):
3488         (JSC::BooleanNode::emitBytecode):
3489         (JSC::NumberNode::emitBytecode):
3490         (JSC::StringNode::emitBytecode):
3491         (JSC::RegExpNode::emitBytecode):
3492         (JSC::ThisNode::emitBytecode):
3493         (JSC::ResolveNode::emitBytecode):
3494         (JSC::ObjectLiteralNode::emitBytecode):
3495         (JSC::PostfixResolveNode::emitBytecode):
3496         (JSC::PostfixBracketNode::emitBytecode):
3497         (JSC::PostfixDotNode::emitBytecode):
3498         (JSC::DeleteValueNode::emitBytecode):
3499         (JSC::VoidNode::emitBytecode):
3500         (JSC::TypeOfResolveNode::emitBytecode):
3501         (JSC::TypeOfValueNode::emitBytecode):
3502         (JSC::PrefixResolveNode::emitBytecode):
3503         (JSC::AssignResolveNode::emitBytecode):
3504         (JSC::CommaNode::emitBytecode):
3505         (JSC::ForNode::emitBytecode):
3506         (JSC::ForInNode::emitBytecode):
3507         (JSC::ReturnNode::emitBytecode):
3508         (JSC::ThrowNode::emitBytecode):
3509         (JSC::FunctionBodyNode::emitBytecode):
3510         (JSC::FuncDeclNode::emitBytecode):
3511
3512 2008-12-02  Geoffrey Garen  <ggaren@apple.com>
3513
3514         Reviewed by Cameron Zwarich.
3515         
3516         Fixed https://bugs.webkit.org/show_bug.cgi?id=22537
3517         REGRESSION (r38745): Assertion failure in jsSubstring() at ge.com
3518
3519         The bug was that index would become greater than length, so our
3520         "end of input" checks, which all check "index == length", would fail.
3521         
3522         The solution is to check for end of input before incrementing index,
3523         to ensure that index is always <= length.
3524         
3525         As a side benefit, generateJumpIfEndOfInput can now use je instead of
3526         jg, which should be slightly faster.
3527
3528         * wrec/WREC.cpp:
3529         (JSC::WREC::Generator::compileRegExp):
3530         * wrec/WRECGenerator.cpp:
3531         (JSC::WREC::Generator::generateJumpIfEndOfInput):
3532
3533 2008-12-02  Gavin Barraclough  <barraclough@apple.com>