16a86b0c595931b4708b9eb95477c98033a1bb47
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2011-11-14  Michael Saboff  <msaboff@apple.com>
2
3         Towards 8 bit strings - Add 8 bit handling to JSString Ropes
4         https://bugs.webkit.org/show_bug.cgi?id=72317
5
6         Added bit to track that a rope is made up of all 8 bit fibers.
7         Created an 8 bit path (fast and slow cases) to handle 8 bit 
8         only ropes.
9
10         Reviewed by Oliver Hunt.
11
12         * runtime/JSString.cpp:
13         (JSC::JSString::resolveRope):
14         (JSC::JSString::resolveRopeSlowCase8):
15         (JSC::JSString::resolveRopeSlowCase16):
16         * runtime/JSString.h:
17         (JSC::RopeBuilder::finishCreation):
18         (JSC::RopeBuilder::is8Bit):
19         (JSC::jsSubstring8):
20
21 2011-11-14  Geoffrey Garen  <ggaren@apple.com>
22
23         A little bit of function call cleanup
24         https://bugs.webkit.org/show_bug.cgi?id=72314
25
26         Reviewed by Oliver Hunt.
27
28         * bytecompiler/BytecodeGenerator.cpp:
29         (JSC::BytecodeGenerator::emitCall): Renamed callFrame to registerOffset
30         because this value doesn't give you the offset of the callee's call frame.
31
32         (JSC::BytecodeGenerator::emitReturn): Tightened to use equality instead
33         of greater-than. Removed comment since its reasoning was wrong.
34         
35         (JSC::BytecodeGenerator::emitConstruct): Updated for rename mentioned above.
36
37         (JSC::BytecodeGenerator::isArgumentNumber): Provided a more precise way
38         to ask this question, giving the bytecode generator more freedom to change
39         internal implementation details.
40         
41         * bytecompiler/BytecodeGenerator.h: Reduced default vector capacity because
42         16 was overkill.
43         (JSC::CallArguments::registerOffset): Updated for rename mentioned above.
44
45         * bytecompiler/NodesCodegen.cpp:
46         (JSC::CallArguments::CallArguments):
47         (JSC::CallArguments::newArgument): Factored out argument allocation into
48         a helper function, so I can change it later.
49
50         (JSC::CallFunctionCallDotNode::emitBytecode):
51         (JSC::FunctionBodyNode::emitBytecode): Use helper function mentioned above.
52
53 2011-11-14  Tony Chang  <tony@chromium.org>
54
55         Remove the CSS3_FLEXBOX compile time flag and enable on all ports
56         https://bugs.webkit.org/show_bug.cgi?id=72196
57
58         Reviewed by Ojan Vafai.
59
60         * Configurations/FeatureDefines.xcconfig:
61
62 2011-11-14  Mark Rowe  <mrowe@apple.com>
63
64         <rdar://problem/10424154> testRegExp should not be installed as part of JavaScriptCore
65
66         testRegExp and testapi.js were being installed in the JavaScriptCore framework.
67         As test-only tools they shouldn't be installed there by default, only when
68         FORCE_TOOL_INSTALL is set to YES.
69
70         This patch incorprorates a few related changes:
71         1) Make the jsc and testRegExp targets be configured via .xcconfig files.
72         2) Sets up testRegExp so that SKIP_INSTALL is YES by default, and only NO when
73            FORCE_TOOL_INSTALL is YES.
74         3) Switches the testapi target to using a script build phase to install testapi.js
75            so that the installation will be skipped when SKIP_INSTALL is YES. I'm not sure
76            why this isn't the built-in behavior when a Copy Files build phase has "Copy only
77            when installing" checked, but it doesn't seem to be.
78         4) Other random cleanup such as removing a bogus group that refers to files that do
79            not exist, moving testRegExp.cpp in to the tests group, etc.
80
81         Reviewed by Geoff Garen.
82
83         * Configurations/JSC.xcconfig: Added.
84         * Configurations/TestRegExp.xcconfig: Added.
85         * JavaScriptCore.xcodeproj/project.pbxproj:
86
87 2011-11-14  Michael Saboff  <msaboff@apple.com>
88
89         Towards 8 bit strings - Add 8 bit paths to StringImpl methods
90         https://bugs.webkit.org/show_bug.cgi?id=72290
91
92         Added 8 bit patchs to StringImpl to number and find methods.
93
94         Reviewed by Oliver Hunt.
95
96         * wtf/text/StringImpl.cpp:
97         (WTF::StringImpl::toIntStrict):
98         (WTF::StringImpl::toUIntStrict):
99         (WTF::StringImpl::toInt64Strict):
100         (WTF::StringImpl::toUInt64Strict):
101         (WTF::StringImpl::toIntPtrStrict):
102         (WTF::StringImpl::toInt):
103         (WTF::StringImpl::toUInt):
104         (WTF::StringImpl::toInt64):
105         (WTF::StringImpl::toUInt64):
106         (WTF::StringImpl::toIntPtr):
107         (WTF::StringImpl::toDouble):
108         (WTF::StringImpl::toFloat):
109         (WTF::StringImpl::find):
110         (WTF::StringImpl::reverseFind):
111         * wtf/text/WTFString.cpp:
112         (WTF::toIntegralType):
113         (WTF::lengthOfCharactersAsInteger):
114         (WTF::charactersToIntStrict):
115         (WTF::charactersToUIntStrict):
116         (WTF::charactersToInt64Strict):
117         (WTF::charactersToUInt64Strict):
118         (WTF::charactersToIntPtrStrict):
119         (WTF::charactersToInt):
120         (WTF::charactersToUInt):
121         (WTF::charactersToInt64):
122         (WTF::charactersToUInt64):
123         (WTF::charactersToIntPtr):
124         (WTF::toDoubleType):
125         (WTF::charactersToDouble):
126         (WTF::charactersToFloat):
127         * wtf/text/WTFString.h:
128         (WTF::find):
129         (WTF::reverseFind):
130
131 2011-11-14  Vincent Scheib  <scheib@chromium.org>
132
133         Mouse Lock: Renaming to 'Pointer Lock': ENABLE Flags
134         https://bugs.webkit.org/show_bug.cgi?id=72286
135
136         Reviewed by Adam Barth.
137
138         * wtf/Platform.h:
139
140 2011-11-14  Gavin Barraclough  <barraclough@apple.com>
141
142         https://bugs.webkit.org/show_bug.cgi?id=72280
143
144         Rubber stamped by Geoff Garen.
145
146         Fix 32-bit Lion.
147
148         * JavaScriptCore.xcodeproj/project.pbxproj:
149         * wtf/OSAllocatorPosix.cpp:
150         (WTF::OSAllocator::reserveAndCommit):
151
152 2011-11-14  Geoffrey Garen  <ggaren@apple.com>
153
154         32-bit Build fix: declare virtual register indices to be int rather than
155         unsigned, since they can be positive or negative.
156         
157         For better clarity, explicitly use ReturnPC instead of -1 as the "invalid"
158         state, since we'll never load and operate on the ReturnPC as a JS value.
159
160         * jit/JIT.cpp:
161         (JSC::JIT::JIT):
162         * jit/JIT.h:
163         * jit/JITInlineMethods.h:
164         (JSC::JIT::emitLoadTag):
165         (JSC::JIT::emitLoadPayload):
166         (JSC::JIT::emitLoad):
167         (JSC::JIT::emitLoad2):
168         (JSC::JIT::emitLoadDouble):
169         (JSC::JIT::emitLoadInt32ToDouble):
170         (JSC::JIT::emitStore):
171         (JSC::JIT::emitStoreInt32):
172         (JSC::JIT::emitStoreAndMapInt32):
173         (JSC::JIT::emitStoreCell):
174         (JSC::JIT::emitStoreBool):
175         (JSC::JIT::emitStoreDouble):
176         (JSC::JIT::map):
177         (JSC::JIT::unmap):
178         (JSC::JIT::isMapped):
179         (JSC::JIT::getMappedPayload):
180         (JSC::JIT::getMappedTag):
181         (JSC::JIT::emitJumpSlowCaseIfNotJSCell):
182
183 2011-11-14  Michael Saboff  <msaboff@apple.com>
184
185         Remove unused m_data member from UStringSourceProvider
186         https://bugs.webkit.org/show_bug.cgi?id=72289
187
188         Removed unused m_data member from UStringSourceProvider.
189
190         Reviewed by Oliver Hunt.
191
192         * parser/SourceProvider.h:
193         (JSC::UStringSourceProvider::UStringSourceProvider):
194
195 2011-11-14  Michael Saboff  <msaboff@apple.com>
196
197         Towards 8 Bit Strings: Templatize YARR Parser
198         https://bugs.webkit.org/show_bug.cgi?id=72288
199
200         Changed Yarr::Parser to be a template based on character type.
201
202         Reviewed by Oliver Hunt.
203
204         * yarr/YarrParser.h:
205         (JSC::Yarr::Parser::Parser):
206         (JSC::Yarr::parse):
207
208 2011-11-14  Geoffrey Garen  <ggaren@apple.com>
209
210         32-bit build fix: Removed unused declaration.
211
212         * dfg/DFGJITCodeGenerator32_64.cpp:
213         (JSC::DFG::JITCodeGenerator::emitCall):
214
215 2011-11-12  Geoffrey Garen  <ggaren@apple.com>
216
217         Standardized the JS calling convention
218         https://bugs.webkit.org/show_bug.cgi?id=72221
219         
220         Reviewed by Oliver Hunt.
221
222         This patch standardizes the calling convention so that the caller always
223         sets up the callee's CallFrame. Adjustments for call type, callee type,
224         argument count, etc. now always take place after that initial setup.
225         
226         This is a step toward reversing the argument order, but also has these
227         immediate benefits (measured on x64):
228         
229         (1) 1% benchmark speedup across the board.
230         
231         (2) 50% code size reduction in baseline JIT function calls.
232         
233         (3) 1.5x speedup for single-dispatch .apply forwarding.
234         
235         (4) 1.1x speedup for multi-dispatch .apply forwarding.
236
237         This change affected the baseline JIT most, since the baseline JIT had
238         lots of ad hoc calling conventions for different caller / callee types.
239
240         * assembler/MacroAssemblerX86_64.h:
241         (JSC::MacroAssemblerX86_64::branchPtr):
242         (JSC::MacroAssemblerX86_64::branchAddPtr): Optimize compare to 0 into
243         a test, like other assemblers do. (I added some compares to 0, and didn't
244         want them to be slow.)
245
246         * bytecode/CodeBlock.cpp:
247         (JSC::CodeBlock::dump): Merged op_load_varargs into op_call_varargs so
248         op_call_varargs could share code generation with other forms of op_call.
249         This is also a small optimization, since op_*varargs no longer have to
250         pass arguments to each other through the register file.
251
252         (JSC::CallLinkInfo::unlink):
253         * bytecode/CodeBlock.h: Added a new call type: CallVarargs. This allows
254         us to link functions called through .apply syntax. We need to distinguish
255         CallVarargs from Call because CallVarargs changes its argument count
256         on each inovcation, so we must always link to the argument count checking
257         version of the callee.
258
259         * bytecode/Opcode.h:
260         * bytecompiler/BytecodeGenerator.cpp:
261         (JSC::BytecodeGenerator::emitCallVarargs):
262         * bytecompiler/BytecodeGenerator.h: Merged op_load_varargs into op_call_varargs.
263
264         * bytecompiler/NodesCodegen.cpp:
265         (JSC::ApplyFunctionCallDotNode::emitBytecode): Ditto. Also, simplified
266         some of this bytecode generation to remove redundant copies.
267
268         * dfg/DFGJITCodeGenerator32_64.cpp:
269         (JSC::DFG::JITCodeGenerator::emitCall):
270         * dfg/DFGJITCodeGenerator64.cpp:
271         (JSC::DFG::JITCodeGenerator::emitCall): Added a new call type: CallVarargs.
272         DFG doesn't support this type, but its code needs to change slightly
273         to accomodate a 3-state variable.
274
275         Stopped passing the argument count in regT1 because this is non-standard.
276         (The argument count goes in the CallFrame. This trades speed on the slow
277         path for speed and code size on the fast path, and simplicity on all paths.
278         A good trade, in my opinion.)
279
280         * dfg/DFGJITCompiler.cpp:
281         (JSC::DFG::JITCompiler::compileEntry):
282         (JSC::DFG::JITCompiler::link):
283         (JSC::DFG::JITCompiler::compile):
284         (JSC::DFG::JITCompiler::compileFunction): Tweaked code to make CallFrame
285         setup more obvious when single-stepping. Also, updated for argument count
286         not being in regT1.
287
288         * dfg/DFGJITCompiler.h:
289         (JSC::DFG::JITCompiler::addJSCall):
290         (JSC::DFG::JITCompiler::JSCallRecord::JSCallRecord): Added a new call
291         type: CallVarargs.
292
293         * dfg/DFGOperations.cpp: Do finish CallFrame setup in one place before
294         doing anything else. Don't check for stack overflow because we have no callee
295         registers, and our caller has already checked for its own registers.
296
297         * dfg/DFGRepatch.cpp:
298         (JSC::DFG::dfgLinkFor): We can link to our callee even if our argument
299         count doesn't match -- we just need to link to the argument count checking
300         version.
301
302         * interpreter/CallFrameClosure.h:
303         (JSC::CallFrameClosure::setArgument): BUG FIX: When supplying too many
304         arguments from C++, we need to supply a full copy of the arguments prior
305         to the subset copy that matches our callee's argument count. (That is what
306         the standard calling convention would have produced in JS.) I would have
307         split this into its own patch, but I couldn't find a way to get the JIT
308         to fail a regression test in this area without my patch applied.
309
310         * interpreter/Interpreter.cpp: Let the true code bomb begin!
311
312         (JSC::eval): Fixed up this helper function to operate on eval()'s CallFrame,
313         and not eval()'s caller frame. We no longer leave the CallFrame pointing
314         to eval()'s caller during a call to eval(), since that is not standard.
315
316         (JSC::loadVarargs): Factored out a shared helper function for use by JIT
317         and interpreter because half the code means one quarter the bugs -- in my
318         programming, at least.
319
320         (JSC::Interpreter::execute): Removed a now-unused way to invoke eval.
321         
322         (JSC::Interpreter::privateExecute): Removed an invalid ASSERT following
323         putDirect, because it got in the way of my testing. (When putting a
324         function, the cached base of a PutPropertySlot can be 0 to signify "do
325         not optimize".)
326         
327         op_call_eval: Updated for new, standard eval calling convention.
328         
329         op_load_varargs: Merged op_load_varargs into op_call_varargs.
330
331         op_call_varags: Updated for new, standard eval calling convention. Don't
332         check for stack overflow because the loadVarargs helper function already
333         checked.
334
335         * interpreter/Interpreter.h:
336         (JSC::Interpreter::execute): Headers are fun and educational!
337
338         * interpreter/RegisterFile.cpp:
339         (JSC::RegisterFile::growSlowCase):
340         * interpreter/RegisterFile.h:
341         (JSC::RegisterFile::grow): Factored out the slow case into a slow
342         case because it was cramping the style of my fast case.
343
344         * jit/JIT.cpp:
345         (JSC::JIT::privateCompile): Moved initialization of
346         RegisterFile::CodeBlock to make it more obvious when debugging. Removed
347         assumption that argument count is in regT1, as above. Removed call to
348         restoreArgumentReference() because the JITStubCall abstraction does this for us.
349
350         (JSC::JIT::linkFor): Link even if we miss on argument count, as above.
351
352         * jit/JIT.h:
353         * jit/JITCall32_64.cpp:
354         (JSC::JIT::emitSlow_op_call):
355         (JSC::JIT::emitSlow_op_call_eval):
356         (JSC::JIT::emitSlow_op_call_varargs):
357         (JSC::JIT::emitSlow_op_construct):
358         (JSC::JIT::emit_op_call_eval):
359         (JSC::JIT::emit_op_call_varargs): Share all function call code generation.
360         Don't count call_eval when accounting for linkable function calls because
361         eval doesn't link. (Its fast path is to perform the eval.)
362
363         (JSC::JIT::compileLoadVarargs): Ported this inline copying optimization
364         to our new calling convention. The key to this optimization is the
365         observation that, in a function that declares no arguments, if any
366         arguments are passed, they all end up right behind 'this'.
367
368         (JSC::JIT::compileCallEval):
369         (JSC::JIT::compileCallEvalSlowCase): Factored out eval for a little clarity.
370
371         (JSC::JIT::compileOpCall):
372         (JSC::JIT::compileOpCallSlowCase): If you are still with me, dear reader,
373         this is the whole point of my patch. The caller now unconditionally moves
374         the CallFrame forward and fills in the data it knows before taking any
375         branches to deal with weird caller/callee pairs.
376         
377         This also means that there is almost no slow path for calls -- it all
378         gets folded into the shared virtual call stub. The only things remaining
379         in the slow path are the rare case counter and a call to the stub.
380
381         * jit/JITOpcodes32_64.cpp:
382         (JSC::JIT::privateCompileCTIMachineTrampolines):
383         (JSC::JIT::privateCompileCTINativeCall): Updated for values being in
384         different registers or in memory, based on our new standard calling
385         convention.
386         
387         Added a shared path for calling out to CTI helper functions for non-JS
388         calls.
389
390         * jit/JITPropertyAccess32_64.cpp:
391         (JSC::JIT::emit_op_method_check): method_check emits its own code and
392         the following get_by_id's code, so it needs to add both when informing
393         result chaining of its result. This is important because the standard
394         calling convention can now take advantage of this chaining.
395
396         * jit/JITCall.cpp:
397         (JSC::JIT::compileLoadVarargs):
398         (JSC::JIT::compileCallEval):
399         (JSC::JIT::compileCallEvalSlowCase):
400         (JSC::JIT::compileOpCall):
401         (JSC::JIT::compileOpCallSlowCase):
402         * jit/JITOpcodes.cpp:
403         (JSC::JIT::privateCompileCTIMachineTrampolines):
404         (JSC::JIT::emit_op_call_eval):
405         (JSC::JIT::emit_op_call_varargs):
406         (JSC::JIT::emitSlow_op_call):
407         (JSC::JIT::emitSlow_op_call_eval):
408         (JSC::JIT::emitSlow_op_call_varargs):
409         (JSC::JIT::emitSlow_op_construct): Observe, as I write all of my code a
410         second time, now with 64 bits.
411
412         * jit/JITStubs.cpp:
413         (JSC::throwExceptionFromOpCall):
414         (JSC::jitCompileFor):
415         (JSC::arityCheckFor):
416         (JSC::lazyLinkFor): A lot of mechanical changes here for one purpose:
417         Exceptions thrown in the middle of a function call now use a shared helper
418         function (throwExceptionFromOpCall). This function understands that the
419         CallFrame currently points to the callEE, and the exception must be
420         thrown by the callER. (The old calling convention would often still have
421         the CallFrame pointing at the callER at the point of an exception. That
422         is not the way of our new, standard calling convention.)
423
424         (JSC::op_call_eval): Finish standard CallFrame setup before calling 
425         our eval helper function, which now depends on that setup.
426
427         * runtime/Arguments.h:
428         (JSC::Arguments::length): Renamed numProvidedArguments() to length()
429         because that's what other objects call it, and the difference made our
430         new loadVarargs helper function hard to read.
431
432         * runtime/Executable.cpp:
433         (JSC::FunctionExecutable::compileForCallInternal):
434         (JSC::FunctionExecutable::compileForConstructInternal): Interpreter build
435         fixes.
436
437         * runtime/FunctionPrototype.cpp:
438         (JSC::functionProtoFuncApply): Honor Arguments::MaxArguments even when
439         the .apply call_varargs optimization fails. (This bug appears on layout
440         tests when you disable the optimization.)
441
442 2011-11-11  Jer Noble  <jer.noble@apple.com>
443
444         Implement MediaController.
445         https://bugs.webkit.org/show_bug.cgi?id=71408
446
447         Reviewed by Eric Carlson.
448
449         Change the definition of WTF_USE_COREAUDIO to exclude Windows completely, as 
450         CoreAudioClock.h is not available there.
451
452         * wtf/Platform.h:
453
454 2011-11-14  Patrick Gansterer  <paroga@webkit.org>
455
456         [WIN] Remove dependency on pthread from FastMalloc
457         https://bugs.webkit.org/show_bug.cgi?id=72098
458
459         Reviewed by Adam Roben.
460
461         All pthread calls are already ported to native Windows calls.
462         Use the native version for all OS(WINDOWS) to remove the
463         runtime dependency on the pthread dll.
464
465         * wtf/FastMalloc.cpp:
466
467 2011-11-14  Simon Hausmann  <simon.hausmann@nokia.com>
468
469         [Qt] Replace use of QApplication with QGuiApplication.
470
471         Reviewed by Tor Arne Vestbø.
472
473         * wtf/qt/compat/qguiapplication.h:
474         (QGuiApplication::styleHints): Introduce styleHints wrapper hack.
475
476 2011-11-14  Carlos Garcia Campos  <cgarcia@igalia.com>
477
478         Unreviewed. Fix make distcheck build.
479
480         * GNUmakefile.list.am: Add missing files.
481
482 2011-11-11  Yury Semikhatsky  <yurys@chromium.org>
483
484         Web Inspector: function remote objetct should provide access to function position in the script
485         https://bugs.webkit.org/show_bug.cgi?id=71808
486
487         Exposed accessor for function source code.
488
489         Reviewed by Pavel Feldman.
490
491         * JavaScriptCore.exp:
492         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
493         * runtime/JSFunction.cpp:
494         (JSC::JSFunction::sourceCode):
495         * runtime/JSFunction.h:
496
497 2011-11-13  Yuqiang Xian  <yuqiang.xian@intel.com>
498
499         Fix silent spilling/filling GPRs in DFG 32_64
500         https://bugs.webkit.org/show_bug.cgi?id=72201
501
502         Reviewed by Gavin Barraclough.
503
504         Current silentSpillGPR/silentFillGPR may not work as expected for some
505         cases in 32_64. If there's a JSValue which was retained by two GPRs,
506         we may end up failing to spill/fill some GPRs or redundantly
507         spilling/filling some GPRs. For example, if we tend to exclude "eax"
508         from spilling while a JSValue is retained by both "eax" and "edx",
509         then "edx" won't be spilled as well (wrong). And if another JSValue is
510         retained by "ecx" and "ebx", both "ecx" and "ebx" will be spilled
511         twice. The similar problem applies to silentFillGPR.
512         The fix is to make silentSpillGPR/silentFillGPR more straightforward,
513         i.e., spilling/filling based on the GPR instead of the virtual
514         register. FPR spilling/filling is also modified accordingly to make it
515         consistent with GPR spilling/filling.
516
517         * dfg/DFGJITCodeGenerator.h:
518         (JSC::DFG::JITCodeGenerator::silentSpillGPR):
519         (JSC::DFG::JITCodeGenerator::silentSpillFPR):
520         (JSC::DFG::JITCodeGenerator::silentFillGPR):
521         (JSC::DFG::JITCodeGenerator::silentFillFPR):
522         (JSC::DFG::JITCodeGenerator::silentSpillAllRegisters):
523         (JSC::DFG::JITCodeGenerator::silentFillAllRegisters):
524
525 2011-11-12  Laszlo Gombos  <laszlo.1.gombos@nokia.com>
526
527         [Qt][Symbian] Remove support for WINSCW compiler
528         https://bugs.webkit.org/show_bug.cgi?id=70178
529
530         Reviewed by Chang Shu.
531
532         * API/JSStringRef.h:
533         * create_hash_table: Revert r45553.
534         * runtime/JSGlobalData.cpp: Revert r45553.
535         * runtime/LiteralParser.cpp: Remove WINSCW comment.
536         (JSC::LiteralParser::Lexer::lexString):
537         * runtime/Lookup.h: Revert r45553.
538         * runtime/Structure.h: Revert r48461.
539         * wtf/Alignment.h:
540         * wtf/Assertions.h: Revert r52337.
541         * wtf/Compiler.h:
542         * wtf/ListRefPtr.h: Revert r48988.
543         (WTF::ListRefPtr::~ListRefPtr):
544         * wtf/OwnArrayPtr.h: Revert r45911.
545         (WTF::OwnArrayPtr::operator UnspecifiedBoolType):
546         * wtf/PassOwnArrayPtr.h:
547         (WTF::PassOwnArrayPtr::operator UnspecifiedBoolType):
548         * wtf/PassRefPtr.h:
549         * wtf/StaticConstructors.h:
550         * wtf/unicode/qt4/UnicodeQt4.h:
551
552 2011-11-12  Patrick Gansterer  <paroga@webkit.org>
553
554         Unreviewed. Add ENABLE(DFG_JIT) around DFGCorrectableJumpPoint code.
555
556         * dfg/DFGCorrectableJumpPoint.cpp:
557         * dfg/DFGCorrectableJumpPoint.h:
558
559 2011-11-12  Patrick Gansterer  <paroga@webkit.org>
560
561         [CMake] Move list of DFG source files into correct file
562         https://bugs.webkit.org/show_bug.cgi?id=72212
563
564         Reviewed by Daniel Bates.
565
566         The DFG files are platform independent. So move them from
567         the EFL specific file into the general CMakeLists.txt.
568
569         * CMakeLists.txt:
570         * PlatformEfl.cmake:
571
572 2011-11-12  Patrick Gansterer  <paroga@webkit.org>
573
574         Fix "unused variable" warning in JSLock
575         https://bugs.webkit.org/show_bug.cgi?id=72213
576
577         Reviewed by Anders Carlsson.
578
579         Use ASSERT_UNUSED() instead of ASSERT() to make sure
580         that the variable is also used in the release build.
581
582         * runtime/JSLock.cpp:
583         (JSC::JSLock::lock):
584         (JSC::JSLock::unlock):
585
586 2011-11-11  Gavin Barraclough  <barraclough@apple.com>
587
588         Update iOS compiler version.
589
590         Reviewed by David Kilzer.
591
592         * Configurations/CompilerVersion.xcconfig:
593             - Update compiler version.
594
595 2011-11-11  Gavin Barraclough  <barraclough@apple.com>
596
597         Update iOS port's configuration setting, particularly in Platform.h
598         https://bugs.webkit.org/show_bug.cgi?id=72187
599         
600         Reviewed by David Kilzer.
601
602         * interpreter/Interpreter.h:
603             - Lower the reentry depth.
604         * runtime/DatePrototype.cpp:
605             - iOS also uses CF.
606         * wtf/FastMalloc.cpp:
607         (WTF::TCMalloc_PageHeap::IncrementalScavenge):
608             - Update fastmalloc configuration for iOS.
609         * wtf/OSAllocatorPosix.cpp:
610         (WTF::OSAllocator::reserveAndCommit):
611             - Added flag.
612         * wtf/Platform.h:
613             - Update platform configuration for iOS.
614
615 2011-11-11  David Kilzer  <ddkilzer@apple.com>
616
617         Only define BUILDING_ON_* and TARGETING_* macros when building for Mac OS X
618         <http://webkit.org/b/72175>
619
620         Reviewed by Joseph Pecoraro.
621
622         * wtf/Platform.h: Move the definition of the BUILDING_ON_* and
623         TARGETING_* macros to where the WTF_OS_MAC_OS_X macro is defined
624         so that they're only defined on Mac OS X builds.  Also include
625         Availability.h, which is needed on iOS builds.
626
627 2011-11-11  Darin Adler  <darin@apple.com>
628
629         Remove all releaseRef implementations except for RetainPtr
630         https://bugs.webkit.org/show_bug.cgi?id=71423
631
632         Reviewed by Julien Chaffraix.
633
634         * API/JSRetainPtr.h: Removed releaseRef.
635         * wtf/PassRefPtr.h: Removed releaseRef.
636
637 2011-11-11  Darin Adler  <darin@apple.com>
638
639         * JavaScriptCore.xcodeproj/project.pbxproj: Let a newer Xcode update this file.
640         If an older Xcode downgrades this file and we have a risk of some kind of
641         oscillating commit situation, please contact me so I know not to do this again.
642
643 2011-11-11  Mark Hahnenberg  <mhahnenberg@apple.com>
644
645         Add jsCast to replace static_cast
646         https://bugs.webkit.org/show_bug.cgi?id=72071
647
648         Reviewed by Geoffrey Garen.
649
650         Added new jsCast and changed all of the static_cast sites in functions that 
651         are in the MethodTable to use jsCast instead.
652
653         * API/JSCallbackFunction.cpp:
654         (JSC::JSCallbackFunction::toStringCallback):
655         (JSC::JSCallbackFunction::valueOfCallback):
656         * API/JSCallbackObject.h:
657         (JSC::JSCallbackObject::visitChildren):
658         * API/JSCallbackObjectFunctions.h:
659         (JSC::::className):
660         (JSC::::getOwnPropertySlot):
661         (JSC::::getOwnPropertyDescriptor):
662         (JSC::::put):
663         (JSC::::deleteProperty):
664         (JSC::::deletePropertyByIndex):
665         (JSC::::getConstructData):
666         (JSC::::hasInstance):
667         (JSC::::getCallData):
668         (JSC::::getOwnPropertyNames):
669         * debugger/DebuggerActivation.cpp:
670         (JSC::DebuggerActivation::visitChildren):
671         (JSC::DebuggerActivation::className):
672         (JSC::DebuggerActivation::getOwnPropertySlot):
673         (JSC::DebuggerActivation::put):
674         (JSC::DebuggerActivation::putWithAttributes):
675         (JSC::DebuggerActivation::deleteProperty):
676         (JSC::DebuggerActivation::getOwnPropertyNames):
677         (JSC::DebuggerActivation::getOwnPropertyDescriptor):
678         (JSC::DebuggerActivation::defineGetter):
679         (JSC::DebuggerActivation::defineSetter):
680         * runtime/Arguments.cpp:
681         (JSC::Arguments::visitChildren):
682         (JSC::Arguments::getOwnPropertySlotByIndex):
683         (JSC::Arguments::getOwnPropertySlot):
684         (JSC::Arguments::getOwnPropertyDescriptor):
685         (JSC::Arguments::getOwnPropertyNames):
686         (JSC::Arguments::putByIndex):
687         (JSC::Arguments::put):
688         (JSC::Arguments::deletePropertyByIndex):
689         (JSC::Arguments::deleteProperty):
690         * runtime/ArrayConstructor.cpp:
691         (JSC::ArrayConstructor::getOwnPropertySlot):
692         (JSC::ArrayConstructor::getOwnPropertyDescriptor):
693         * runtime/ArrayPrototype.cpp:
694         (JSC::ArrayPrototype::getOwnPropertySlot):
695         (JSC::ArrayPrototype::getOwnPropertyDescriptor):
696         * runtime/BooleanPrototype.cpp:
697         (JSC::BooleanPrototype::getOwnPropertySlot):
698         (JSC::BooleanPrototype::getOwnPropertyDescriptor):
699         * runtime/DateConstructor.cpp:
700         (JSC::DateConstructor::getOwnPropertySlot):
701         (JSC::DateConstructor::getOwnPropertyDescriptor):
702         * runtime/DatePrototype.cpp:
703         (JSC::DatePrototype::getOwnPropertySlot):
704         (JSC::DatePrototype::getOwnPropertyDescriptor):
705         * runtime/ErrorPrototype.cpp:
706         (JSC::ErrorPrototype::getOwnPropertySlot):
707         (JSC::ErrorPrototype::getOwnPropertyDescriptor):
708         * runtime/Executable.cpp:
709         (JSC::ExecutableBase::clearCode):
710         (JSC::EvalExecutable::visitChildren):
711         (JSC::ProgramExecutable::visitChildren):
712         (JSC::FunctionExecutable::visitChildren):
713         * runtime/GetterSetter.cpp:
714         (JSC::GetterSetter::visitChildren):
715         * runtime/JSActivation.cpp:
716         (JSC::JSActivation::visitChildren):
717         (JSC::JSActivation::getOwnPropertyNames):
718         (JSC::JSActivation::getOwnPropertySlot):
719         (JSC::JSActivation::put):
720         (JSC::JSActivation::putWithAttributes):
721         * runtime/JSArray.cpp:
722         (JSC::JSArray::getOwnPropertySlotByIndex):
723         (JSC::JSArray::getOwnPropertySlot):
724         (JSC::JSArray::getOwnPropertyDescriptor):
725         (JSC::JSArray::put):
726         (JSC::JSArray::putByIndex):
727         (JSC::JSArray::deleteProperty):
728         (JSC::JSArray::deletePropertyByIndex):
729         (JSC::JSArray::getOwnPropertyNames):
730         (JSC::JSArray::visitChildren):
731         * runtime/JSBoundFunction.cpp:
732         (JSC::JSBoundFunction::hasInstance):
733         (JSC::JSBoundFunction::visitChildren):
734         * runtime/JSByteArray.cpp:
735         (JSC::JSByteArray::getOwnPropertySlot):
736         (JSC::JSByteArray::getOwnPropertyDescriptor):
737         (JSC::JSByteArray::getOwnPropertySlotByIndex):
738         (JSC::JSByteArray::put):
739         (JSC::JSByteArray::putByIndex):
740         (JSC::JSByteArray::getOwnPropertyNames):
741         * runtime/JSCell.h:
742         (JSC::JSCell::visitChildren):
743         (JSC::jsCast):
744         * runtime/JSFunction.cpp:
745         (JSC::JSFunction::visitChildren):
746         (JSC::JSFunction::getCallData):
747         (JSC::JSFunction::getOwnPropertySlot):
748         (JSC::JSFunction::getOwnPropertyDescriptor):
749         (JSC::JSFunction::getOwnPropertyNames):
750         (JSC::JSFunction::put):
751         (JSC::JSFunction::deleteProperty):
752         (JSC::JSFunction::getConstructData):
753         * runtime/JSGlobalData.cpp:
754         (JSC::StackPreservingRecompiler::operator()):
755         * runtime/JSGlobalObject.cpp:
756         (JSC::JSGlobalObject::put):
757         (JSC::JSGlobalObject::putWithAttributes):
758         (JSC::JSGlobalObject::defineGetter):
759         (JSC::JSGlobalObject::defineSetter):
760         (JSC::JSGlobalObject::visitChildren):
761         (JSC::JSGlobalObject::getOwnPropertySlot):
762         (JSC::JSGlobalObject::getOwnPropertyDescriptor):
763         (JSC::JSGlobalObject::clearRareData):
764         * runtime/JSGlobalThis.cpp:
765         (JSC::JSGlobalThis::visitChildren):
766         * runtime/JSONObject.cpp:
767         (JSC::JSONObject::getOwnPropertySlot):
768         (JSC::JSONObject::getOwnPropertyDescriptor):
769         * runtime/JSObject.cpp:
770         (JSC::JSObject::finalize):
771         (JSC::JSObject::visitChildren):
772         (JSC::JSObject::getOwnPropertySlotByIndex):
773         (JSC::JSObject::put):
774         (JSC::JSObject::putByIndex):
775         (JSC::JSObject::deleteProperty):
776         (JSC::JSObject::deletePropertyByIndex):
777         * runtime/JSObject.h:
778         (JSC::JSObject::getOwnPropertySlot):
779         * runtime/JSPropertyNameIterator.cpp:
780         (JSC::JSPropertyNameIterator::visitChildren):
781         * runtime/JSStaticScopeObject.cpp:
782         (JSC::JSStaticScopeObject::visitChildren):
783         (JSC::JSStaticScopeObject::put):
784         (JSC::JSStaticScopeObject::putWithAttributes):
785         (JSC::JSStaticScopeObject::getOwnPropertySlot):
786         * runtime/JSString.cpp:
787         (JSC::JSString::visitChildren):
788         (JSC::JSString::toThisObject):
789         (JSC::JSString::getOwnPropertySlot):
790         (JSC::JSString::getOwnPropertySlotByIndex):
791         * runtime/JSVariableObject.cpp:
792         (JSC::JSVariableObject::deleteProperty):
793         (JSC::JSVariableObject::getOwnPropertyNames):
794         * runtime/JSWrapperObject.cpp:
795         (JSC::JSWrapperObject::visitChildren):
796         * runtime/MathObject.cpp:
797         (JSC::MathObject::getOwnPropertySlot):
798         (JSC::MathObject::getOwnPropertyDescriptor):
799         * runtime/NativeErrorConstructor.cpp:
800         (JSC::NativeErrorConstructor::visitChildren):
801         * runtime/NumberConstructor.cpp:
802         (JSC::NumberConstructor::getOwnPropertySlot):
803         (JSC::NumberConstructor::getOwnPropertyDescriptor):
804         * runtime/NumberPrototype.cpp:
805         (JSC::NumberPrototype::getOwnPropertySlot):
806         (JSC::NumberPrototype::getOwnPropertyDescriptor):
807         * runtime/ObjectConstructor.cpp:
808         (JSC::ObjectConstructor::getOwnPropertySlot):
809         (JSC::ObjectConstructor::getOwnPropertyDescriptor):
810         * runtime/ObjectPrototype.cpp:
811         (JSC::ObjectPrototype::put):
812         (JSC::ObjectPrototype::getOwnPropertySlotByIndex):
813         (JSC::ObjectPrototype::getOwnPropertySlot):
814         (JSC::ObjectPrototype::getOwnPropertyDescriptor):
815         * runtime/RegExpConstructor.cpp:
816         (JSC::RegExpConstructor::getOwnPropertySlot):
817         (JSC::RegExpConstructor::getOwnPropertyDescriptor):
818         (JSC::RegExpConstructor::put):
819         * runtime/RegExpMatchesArray.h:
820         (JSC::RegExpMatchesArray::getOwnPropertySlot):
821         (JSC::RegExpMatchesArray::getOwnPropertySlotByIndex):
822         (JSC::RegExpMatchesArray::getOwnPropertyDescriptor):
823         (JSC::RegExpMatchesArray::put):
824         (JSC::RegExpMatchesArray::putByIndex):
825         (JSC::RegExpMatchesArray::deleteProperty):
826         (JSC::RegExpMatchesArray::deletePropertyByIndex):
827         (JSC::RegExpMatchesArray::getOwnPropertyNames):
828         * runtime/RegExpObject.cpp:
829         (JSC::RegExpObject::visitChildren):
830         (JSC::RegExpObject::getOwnPropertySlot):
831         (JSC::RegExpObject::getOwnPropertyDescriptor):
832         (JSC::RegExpObject::put):
833         * runtime/RegExpPrototype.cpp:
834         (JSC::RegExpPrototype::getOwnPropertySlot):
835         (JSC::RegExpPrototype::getOwnPropertyDescriptor):
836         * runtime/ScopeChain.cpp:
837         (JSC::ScopeChainNode::visitChildren):
838         * runtime/StringConstructor.cpp:
839         (JSC::StringConstructor::getOwnPropertySlot):
840         (JSC::StringConstructor::getOwnPropertyDescriptor):
841         * runtime/StringObject.cpp:
842         (JSC::StringObject::getOwnPropertySlot):
843         (JSC::StringObject::getOwnPropertySlotByIndex):
844         (JSC::StringObject::getOwnPropertyDescriptor):
845         (JSC::StringObject::deleteProperty):
846         (JSC::StringObject::getOwnPropertyNames):
847         * runtime/StringPrototype.cpp:
848         (JSC::StringPrototype::getOwnPropertySlot):
849         (JSC::StringPrototype::getOwnPropertyDescriptor):
850         * runtime/Structure.cpp:
851         (JSC::Structure::visitChildren):
852         * runtime/StructureChain.cpp:
853         (JSC::StructureChain::visitChildren):
854
855 2011-11-11  Gavin Barraclough  <barraclough@apple.com>
856
857         Enable DFG JIT for ARMv7/iOS.
858
859         Rubber stamped by Oliver Hunt.
860
861         * wtf/Platform.h:
862             - enable DFG JIT for ARMv7/iOS.
863
864 2011-11-11  Mark Hahnenberg  <mhahnenberg@apple.com>
865
866         De-virtualize supportsProfiling, supportsRichSourceInfo, shouldInterruptScript in JSGlobalObject
867         https://bugs.webkit.org/show_bug.cgi?id=72035
868
869         Reviewed by Geoffrey Garen.
870
871         De-virtualized the methods through the use of a new method table just for JSGlobalObject and subclasses.
872
873         * JavaScriptCore.exp:
874         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
875         * bytecompiler/BytecodeGenerator.cpp: Changed call sites to use the new GlobalObjectMethodTable.
876         (JSC::BytecodeGenerator::BytecodeGenerator):
877         * interpreter/Interpreter.cpp: Ditto.
878         (JSC::Interpreter::execute):
879         * runtime/JSGlobalObject.cpp: Added a static const GlobalObjectMethodTable with the correct function pointers.
880         * runtime/JSGlobalObject.h: Added a field in JSGlobalObject to keep track of the current method table.
881         (JSC::JSGlobalObject::JSGlobalObject):
882         (JSC::JSGlobalObject::globalObjectMethodTable): The new struct to contain the function pointers.
883         (JSC::JSGlobalObject::supportsProfiling): Made static to put in the method table.
884         (JSC::JSGlobalObject::supportsRichSourceInfo): Ditto.
885         (JSC::JSGlobalObject::shouldInterruptScript): Ditto.
886         * runtime/TimeoutChecker.cpp: Changed call sites to use the new GlobalObjectMethodTable for lookup.
887         (JSC::TimeoutChecker::didTimeOut):
888
889 2011-11-11  Mark Hahnenberg  <mhahnenberg@apple.com>
890
891         De-virtualize JSGlobalObject::allowsAccessFrom
892         https://bugs.webkit.org/show_bug.cgi?id=71969
893
894         Reviewed by Darin Adler.
895
896         * runtime/JSGlobalObject.h: Removed allowsAccessFrom from JSGlobalObject since it is exclusive to 
897         JSDOMWindowBase and WebScriptObject.
898
899 2011-11-11  Sheriff Bot  <webkit.review.bot@gmail.com>
900
901         Unreviewed, rolling out r99950.
902         http://trac.webkit.org/changeset/99950
903         https://bugs.webkit.org/show_bug.cgi?id=72117
904
905         "Landed wrong patch by mistake" (Requested by yurys on
906         #webkit).
907
908         * JavaScriptCore.exp:
909         * runtime/JSFunction.cpp:
910         * runtime/JSFunction.h:
911
912 2011-11-11  Patrick Gansterer  <paroga@webkit.org>
913
914         Unreviewed. Build fix for !ENABLE(JIT) after r99898.
915
916         * bytecode/CodeBlock.cpp:
917         (JSC::CodeBlock::CodeBlock):
918
919 2011-11-10  Dan Bernstein  <mitz@apple.com>
920
921         Disabling assertions breaks the debug build
922         https://bugs.webkit.org/show_bug.cgi?id=72091
923
924         Reviewed by Geoff Garen.
925
926         * dfg/DFGNode.h: Made hasIdentifier() available when assertions are
927         disabled. It is used in Graph::dump().
928         * runtime/JSObject.cpp:
929         (JSC::JSObject::visitChildren): Update m_isCheckingForDefaultMarkViolation
930         only if assertions are enabled.
931         * wtf/Deque.h:
932         (WTF::::checkIndexValidity): Changed ASSERT to ASSERT_UNUSED.
933         * wtf/ThreadRestrictionVerifier.h:
934         (WTF::ThreadRestrictionVerifier::setShared): Guarded the definition of
935         a local variable that is only used in an assertion.
936
937 2011-11-10  Filip Pizlo  <fpizlo@apple.com>
938
939         JSString forgets to clear m_fibers when resolving ropes
940         https://bugs.webkit.org/show_bug.cgi?id=72089
941
942         Reviewed by Geoff Garen.
943
944         * runtime/JSString.cpp:
945         (JSC::JSString::resolveRopeSlowCase):
946
947 2011-11-09  Filip Pizlo  <fpizlo@apple.com>
948
949         DFG byte array support sometimes clamps values incorrectly
950         https://bugs.webkit.org/show_bug.cgi?id=71975
951
952         Reviewed by Oliver Hunt.
953
954         * dfg/DFGSpeculativeJIT.cpp:
955         (JSC::DFG::SpeculativeJIT::compilePutByValForByteArray):
956
957 2011-11-10  Filip Pizlo  <fpizlo@apple.com>
958
959         ValueProfile/PredictedType contains dead code, and doesn't recognize functions
960         https://bugs.webkit.org/show_bug.cgi?id=72065
961
962         Reviewed by Gavin Barraclough and Geoff Garen.
963         
964         Added PredictFunction support, and did some cleaning up along the way.
965         ValueProfile no longer has statistics machinery, because we never used
966         it. Rearranged some bits in PredictedType to more easily make room for
967         one more object type. Changed some debug code to use more consistent
968         conventions (ByteArray becomes Bytearray so that if we ever have a
969         "Byte" prediction we don't get confused between a prediction that is
970         the union of Byte and Array and a prediction that indicates precisely
971         a ByteArray).
972
973         * bytecode/PredictedType.cpp:
974         (JSC::predictionToString):
975         (JSC::predictionFromClassInfo):
976         * bytecode/PredictedType.h:
977         (JSC::isFunctionPrediction):
978         * bytecode/ValueProfile.cpp:
979         * bytecode/ValueProfile.h:
980         (JSC::ValueProfile::dump):
981         * dfg/DFGAbstractState.cpp:
982         (JSC::DFG::AbstractState::execute):
983         * dfg/DFGPropagator.cpp:
984         (JSC::DFG::Propagator::propagateNodePredictions):
985
986 2011-11-10  David Kilzer  <ddkilzer@apple.com>
987
988         <http://webkit.org/b/72049> Specify testapi.js install path using JAVASCRIPTCORE_FRAMEWORKS_DIR
989
990         Reviewed by Joseph Pecoraro.
991
992         * JavaScriptCore.xcodeproj/project.pbxproj: The testapi.js
993         script should use JAVASCRIPTCORE_FRAMEWORKS_DIR in its dstPath
994         for installation.  Also removed "Versions/A/" from the path
995         since this is unneeded due the default symlinks present in the
996         framework.
997
998 2011-11-10  Gavin Barraclough  <barraclough@apple.com>
999
1000         Add ARMv7 support to the DFG JIT
1001         https://bugs.webkit.org/show_bug.cgi?id=72061
1002
1003         Reviewed by Geoff Garen.
1004
1005         * dfg/DFGAssemblyHelpers.h:
1006         (JSC::DFG::AssemblyHelpers::preserveReturnAddressAfterCall):
1007         (JSC::DFG::AssemblyHelpers::restoreReturnAddressBeforeReturn):
1008         (JSC::DFG::AssemblyHelpers::emitPutImmediateToCallFrameHeader):
1009         (JSC::DFG::AssemblyHelpers::boxDouble):
1010         (JSC::DFG::AssemblyHelpers::unboxDouble):
1011             - Add CPU(ARM) copies of these functions.
1012         * dfg/DFGJITCodeGenerator.h:
1013         (JSC::DFG::JITCodeGenerator::spill):
1014             - Fix matching of '}' re #if blocks, makes some tools happy.
1015         (JSC::DFG::JITCodeGenerator::setupArguments):
1016         (JSC::DFG::JITCodeGenerator::setupArgumentsWithExecState):
1017         (JSC::DFG::JITCodeGenerator::appendCallWithExceptionCheckSetResult):
1018         (JSC::DFG::JITCodeGenerator::appendCallSetResult):
1019             - Add CPU(ARM) / 4 argument register copies of these functions.
1020         * dfg/DFGJITCodeGenerator32_64.cpp:
1021         (JSC::DFG::JITCodeGenerator::nonSpeculativeValueToInt32):
1022             - Should use callOperation to plant a call to a DFG_OPERATION.
1023         (JSC::DFG::JITCodeGenerator::cachedGetById):
1024         (JSC::DFG::JITCodeGenerator::cachedPutById):
1025             - These methods need to plant a relinkable jump; we currently do so
1026               using beginUninterruptedSequence() / endUninterruptedSequence().
1027         * dfg/DFGJITCodeGenerator64.cpp:
1028         (JSC::DFG::JITCodeGenerator::nonSpeculativeValueToInt32):
1029             - Should use callOperation to plant a call to a DFG_OPERATION.
1030         * dfg/DFGJITCompiler.cpp:
1031         (JSC::DFG::JITCompiler::linkOSRExits):
1032             - This method needs to plant a relinkable jump; we currently do so
1033               using beginUninterruptedSequence() / endUninterruptedSequence().
1034         (JSC::DFG::JITCompiler::compileBody):
1035             - Add abstraction to retrieve the pc after a call.
1036         * dfg/DFGOSRExitCompiler.cpp:
1037             - Fix a bug - CodeLocationLabel needs a data address rather than an
1038               executable one, but can just take a MacroAssemblerCodePtr instead!
1039         * dfg/DFGOperations.cpp:
1040         * dfg/DFGSpeculativeJIT.cpp:
1041         (JSC::DFG::compileClampDoubleToByte):
1042             - Add FIXME comment to come back to! - bug#72054.
1043         * dfg/DFGSpeculativeJIT.h:
1044         (JSC::DFG::SpeculativeJIT::speculationCheck):
1045             - Add missing method (ooops, required by bug#72047)
1046         * dfg/DFGSpeculativeJIT32_64.cpp:
1047             - Need to wrap fmod on ARMv7.
1048
1049
1050 2011-11-10  Filip Pizlo  <fpizlo@apple.com>
1051
1052         DFG should not reparse code that was just parsed
1053         https://bugs.webkit.org/show_bug.cgi?id=71977
1054
1055         Reviewed by Geoff Garen.
1056         
1057         The instruction stream of a code block is now kept around until
1058         the next GC. When doing either an optimizing compilation of an
1059         executable, or inlining of an executable, we now try to find the
1060         already preexisting bytecode. If we find it, we don't have to parse.
1061         If we don't find it, we parse as before. Inlining takes the extra
1062         step of caching code blocks, so if the same executable gets inlined
1063         multiple times into the same caller, then we parse it at most once
1064         even if prior to inlining that executable did not have any code
1065         blocks with an instruction stream.
1066         
1067         Also fixed a silly bug where the strict mode for various operations
1068         was being determined by looking at the machine code block rather
1069         than the inlinee.
1070
1071         To enable the delete-on-next-GC policy, I introduced the notion
1072         of an ultra weak finalizer, which anyone can register during
1073         tracing. This is thread-safe (for parallel GC) and
1074         stop-the-world-safe (so calls to free() are postponed until the
1075         world is resumed). This required reusing some facilities previously
1076         created for WeakReferenceHarvester, so I created a common utility
1077         class. I also retweaked the handling of WeakReferenceHarvesters,
1078         since they should be executed during stop-the-world since in the
1079         future we may want to allow them to call drain().
1080         
1081         2% win on SunSpider. 2% win on V8, when run in my harness. Neutral
1082         elsewhere.
1083
1084         * JavaScriptCore.xcodeproj/project.pbxproj:
1085         * bytecode/CodeBlock.cpp:
1086         (JSC::CodeBlock::CodeBlock):
1087         (JSC::CodeBlock::visitAggregate):
1088         (JSC::CodeBlock::copyPostParseDataFrom):
1089         (JSC::CodeBlock::copyPostParseDataFromAlternative):
1090         (JSC::CodeBlock::finalizeUnconditionally):
1091         * bytecode/CodeBlock.h:
1092         (JSC::CodeBlock::canProduceCopyWithBytecode):
1093         (JSC::CodeBlock::discardBytecodeLater):
1094         (JSC::CodeBlock::handleBytecodeDiscardingOpportunity):
1095         (JSC::GlobalCodeBlock::GlobalCodeBlock):
1096         (JSC::ProgramCodeBlock::ProgramCodeBlock):
1097         (JSC::EvalCodeBlock::EvalCodeBlock):
1098         (JSC::FunctionCodeBlock::FunctionCodeBlock):
1099         (JSC::BytecodeDestructionBlocker::BytecodeDestructionBlocker):
1100         (JSC::BytecodeDestructionBlocker::~BytecodeDestructionBlocker):
1101         * dfg/DFGAssemblyHelpers.h:
1102         (JSC::DFG::AssemblyHelpers::strictModeFor):
1103         * dfg/DFGByteCodeCache.h: Added.
1104         (JSC::DFG::CodeBlockKey::CodeBlockKey):
1105         (JSC::DFG::CodeBlockKey::operator==):
1106         (JSC::DFG::CodeBlockKey::hash):
1107         (JSC::DFG::CodeBlockKey::executable):
1108         (JSC::DFG::CodeBlockKey::kind):
1109         (JSC::DFG::CodeBlockKey::isHashTableDeletedValue):
1110         (JSC::DFG::CodeBlockKeyHash::hash):
1111         (JSC::DFG::CodeBlockKeyHash::equal):
1112         (JSC::DFG::ByteCodeCache::ByteCodeCache):
1113         (JSC::DFG::ByteCodeCache::~ByteCodeCache):
1114         (JSC::DFG::ByteCodeCache::get):
1115         * dfg/DFGByteCodeParser.cpp:
1116         (JSC::DFG::ByteCodeParser::handleInlining):
1117         * dfg/DFGJITCodeGenerator32_64.cpp:
1118         (JSC::DFG::JITCodeGenerator::cachedPutById):
1119         * dfg/DFGJITCodeGenerator64.cpp:
1120         (JSC::DFG::JITCodeGenerator::cachedPutById):
1121         * dfg/DFGSpeculativeJIT64.cpp:
1122         (JSC::DFG::SpeculativeJIT::compile):
1123         * heap/Heap.cpp:
1124         (JSC::Heap::finalizeUnconditionally):
1125         (JSC::Heap::markRoots):
1126         (JSC::Heap::collect):
1127         * heap/Heap.h:
1128         * heap/ListableHandler.h: Added.
1129         (JSC::ListableHandler::ListableHandler):
1130         (JSC::ListableHandler::~ListableHandler):
1131         (JSC::ListableHandler::List::List):
1132         (JSC::ListableHandler::List::addNotThreadSafe):
1133         (JSC::ListableHandler::List::addThreadSafe):
1134         (JSC::ListableHandler::List::hasNext):
1135         (JSC::ListableHandler::List::removeNext):
1136         * heap/MarkStack.cpp:
1137         (JSC::MarkStackThreadSharedData::MarkStackThreadSharedData):
1138         (JSC::SlotVisitor::harvestWeakReferences):
1139         (JSC::SlotVisitor::finalizeUnconditionally):
1140         * heap/MarkStack.h:
1141         (JSC::MarkStack::addWeakReferenceHarvester):
1142         (JSC::MarkStack::addUnconditionalFinalizer):
1143         * heap/SlotVisitor.h:
1144         * heap/UnconditionalFinalizer.h: Added.
1145         (JSC::UnconditionalFinalizer::~UnconditionalFinalizer):
1146         * heap/WeakReferenceHarvester.h:
1147         (JSC::WeakReferenceHarvester::WeakReferenceHarvester):
1148         (JSC::WeakReferenceHarvester::~WeakReferenceHarvester):
1149         * runtime/Executable.cpp:
1150         (JSC::EvalExecutable::compileInternal):
1151         (JSC::ProgramExecutable::compileInternal):
1152         (JSC::FunctionExecutable::baselineCodeBlockFor):
1153         (JSC::FunctionExecutable::codeBlockWithBytecodeFor):
1154         (JSC::FunctionExecutable::produceCodeBlockFor):
1155         (JSC::FunctionExecutable::compileForCallInternal):
1156         (JSC::FunctionExecutable::compileForConstructInternal):
1157         * runtime/Executable.h:
1158         (JSC::FunctionExecutable::profiledCodeBlockFor):
1159
1160 2011-11-10  Gavin Barraclough  <barraclough@apple.com>
1161
1162         Add ARMv7 register info for the DFG JIT
1163         https://bugs.webkit.org/show_bug.cgi?id=72050
1164
1165         Reviewed by Geoff Garen.
1166
1167         * dfg/DFGFPRInfo.h:
1168         (JSC::DFG::FPRInfo::toRegister):
1169         (JSC::DFG::FPRInfo::toIndex):
1170         (JSC::DFG::FPRInfo::debugName):
1171         * dfg/DFGGPRInfo.h:
1172         (JSC::DFG::GPRInfo::toRegister):
1173         (JSC::DFG::GPRInfo::toIndex):
1174         (JSC::DFG::GPRInfo::debugName):
1175
1176 2011-11-10  Gavin Barraclough  <barraclough@apple.com>
1177
1178         #ifdef CPU(X86) specific div/mod code in DFGSpeculativeJIT32_64
1179         https://bugs.webkit.org/show_bug.cgi?id=72047
1180
1181         Reviewed by Geoff Garen.
1182
1183         We currently don't attempt to abstract divide through the macro assembler,
1184         due to these instructions commonly having specific requirements. This means
1185         there is architecture specific code in the JIT - #ifdef it, and provide a
1186         common implementation.
1187
1188         * dfg/DFGSpeculativeJIT32_64.cpp:
1189         (JSC::DFG::fmodAsDFGOperation):
1190         (JSC::DFG::SpeculativeJIT::compile):
1191
1192 2011-11-10  Gavin Barraclough  <barraclough@apple.com>
1193
1194         Add ENABLE_VALUE_PROFILER support for ARMv7
1195         https://bugs.webkit.org/show_bug.cgi?id=72043
1196
1197         Reviewed by Geoff Garen.
1198
1199         This requires us to make a bucketCounterRegister available; to do so we'll need to spill more registers on entry to JIT code.
1200
1201         * jit/JITArithmetic32_64.cpp:
1202         (JSC::JIT::emitSlow_op_mod):
1203             - cleanup location of UNUSED_PARAM
1204         * jit/JITStubs.cpp:
1205         (JSC::ctiTrampoline):
1206         (JSC::ctiVMThrowTrampoline):
1207         (JSC::ctiOpThrowNotCaught):
1208         (JSC::JITThunks::JITThunks):
1209         * jit/JITStubs.h:
1210             - Update JITStackFrame structure & asm code to spill more registers.
1211         * jit/JSInterfaceJIT.h:
1212             - Assign a bucketCounterRegister.
1213
1214 2011-11-10  Gavin Barraclough  <barraclough@apple.com>
1215
1216         Fix sampling counters on ARMv7, move add64 functionality to macro assembler
1217         https://bugs.webkit.org/show_bug.cgi?id=72040
1218
1219         Reviewed by Geoff Garen.
1220
1221         The ability to add an integer to a uint64_t in memory is poorly copied in
1222         multiple places & ifdef'ed on architecture, addWithCarry32 is also a badly
1223         designed interface since add32 is not required to set flags (we have no
1224         concept of flags in the macro assembler interface).
1225
1226         * assembler/MacroAssemblerARMv7.h:
1227         (JSC::MacroAssemblerARMv7::add64):
1228         * assembler/MacroAssemblerX86.h:
1229         (JSC::MacroAssemblerX86::add64):
1230         * assembler/MacroAssemblerX86_64.h:
1231         (JSC::MacroAssemblerX86_64::add64):
1232         * dfg/DFGAssemblyHelpers.cpp:
1233         * dfg/DFGAssemblyHelpers.h:
1234         (JSC::DFG::AssemblyHelpers::emitCount):
1235         * dfg/DFGJITCodeGenerator.cpp:
1236         (JSC::DFG::JITCodeGenerator::writeBarrier):
1237         * jit/JIT.h:
1238         * jit/JITInlineMethods.h:
1239         (JSC::JIT::emitCount):
1240
1241 011-11-10  Ryuan Choi  <ryuan.choi@samsung.com>
1242
1243         [CMAKE] Refactoring CMakeLists${PORT}.txt to Platform${PORT}.cmake
1244         https://bugs.webkit.org/show_bug.cgi?id=56705
1245
1246         Reviewed by Adam Roben.
1247
1248         * CMakeLists.txt:
1249         * PlatformEfl.cmake: Renamed from Source/JavaScriptCore/CMakeListsEfl.txt.
1250         * PlatformWinCE.cmake: Renamed from Source/JavaScriptCore/CMakeListsWinCE.txt.
1251         * shell/CMakeLists.txt:
1252         * shell/PlatformEfl.cmake: Renamed from Source/JavaScriptCore/shell/CMakeListsEfl.txt.
1253         * shell/PlatformWinCE.cmake: Renamed from Source/JavaScriptCore/shell/CMakeListsWinCE.txt.
1254         * wtf/CMakeLists.txt:
1255         * wtf/PlatformEfl.cmake: Renamed from Source/JavaScriptCore/wtf/CMakeListsEfl.txt.
1256         * wtf/PlatformWinCE.cmake: Renamed from Source/JavaScriptCore/wtf/CMakeListsWinCE.txt.
1257
1258 2011-11-10  Carlos Garcia Campos  <cgarcia@igalia.com>
1259
1260         Unreviewed. Fix make distcheck build.
1261
1262         * GNUmakefile.list.am: Add missing files.
1263
1264 2011-11-09  Michael Saboff  <msaboff@apple.com>
1265
1266         Towards 8 Bit Strings: Templatize JSC::LiteralParser class by character type
1267         https://bugs.webkit.org/show_bug.cgi?id=71862
1268
1269         Changed LiteralParser to be templatized of character type.
1270
1271         Moved five enums out of class definition to work around a clang compiler defect.
1272
1273         Added lexIdentifier templated method to break out character specific versions.
1274         Added static setParserTokenString templated method to handle setting approriately
1275         sized string pointer.
1276
1277         To keep code in LiteralParser.cpp and keep LiteralParser.h small, the two
1278         flavors of LiteralParser are explicitly instantiated at the end of
1279         LiteralParser.cpp.
1280
1281         Reviewed by Oliver Hunt.
1282
1283         * API/JSValueRef.cpp:
1284         (JSValueMakeFromJSONString):
1285         * JavaScriptCore.exp:
1286         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1287         * interpreter/Interpreter.cpp:
1288         (JSC::Interpreter::callEval):
1289         (JSC::Interpreter::execute):
1290         * runtime/JSGlobalObjectFunctions.cpp:
1291         (JSC::globalFuncEval):
1292         * runtime/JSONObject.cpp:
1293         (JSC::JSONProtoFuncParse):
1294         * runtime/LiteralParser.cpp:
1295         (JSC::isJSONWhiteSpace):
1296         (JSC::::tryJSONPParse):
1297         (JSC::::makeIdentifier):
1298         (JSC::::Lexer::lex):
1299         (JSC::::Lexer::lexIdentifier):
1300         (JSC::::Lexer::next):
1301         (JSC::LChar):
1302         (JSC::UChar):
1303         (JSC::isSafeStringCharacter):
1304         (JSC::::Lexer::lexString):
1305         (JSC::::Lexer::lexNumber):
1306         (JSC::::parse):
1307         * runtime/LiteralParser.h:
1308         (JSC::LiteralParser::LiteralParser):
1309         (JSC::LiteralParser::getErrorMessage):
1310         (JSC::LiteralParser::tryLiteralParse):
1311         (JSC::LiteralParser::Lexer::Lexer):
1312         (JSC::LiteralParser::Lexer::currentToken):
1313         (JSC::LiteralParser::Lexer::getErrorMessage):
1314         * runtime/UString.h:
1315         (JSC::LChar):
1316         (JSC::UChar):
1317         * wtf/text/StringBuilder.cpp:
1318         (WTF::StringBuilder::append):
1319         * wtf/text/StringBuilder.h:
1320         (WTF::StringBuilder::append):
1321
1322 2011-11-09  Filip Pizlo  <fpizlo@apple.com>
1323
1324         Multiple CodeBlock should be able to share the same instruction
1325         stream without copying
1326         https://bugs.webkit.org/show_bug.cgi?id=71978
1327
1328         Reviewed by Oliver Hunt.
1329         
1330         This refactors CodeBlock::m_instructions to be a Vector boxed in a
1331         ref-counted object, but otherwise does not take advantage of this.
1332         
1333         This is performance neutral.
1334
1335         * bytecode/CodeBlock.cpp:
1336         (JSC::CodeBlock::printStructure):
1337         (JSC::CodeBlock::printStructures):
1338         (JSC::CodeBlock::dump):
1339         (JSC::CodeBlock::CodeBlock):
1340         (JSC::CodeBlock::visitAggregate):
1341         (JSC::CodeBlock::shrinkToFit):
1342         * bytecode/CodeBlock.h:
1343         (JSC::CodeBlock::hasInstructions):
1344         (JSC::CodeBlock::numberOfInstructions):
1345         (JSC::CodeBlock::instructions):
1346         * jit/JIT.cpp:
1347         (JSC::JIT::JIT):
1348
1349 2011-11-09  Gavin Barraclough  <barraclough@apple.com>
1350
1351         Renovate ARMv7 assembler/macro-assembler
1352         https://bugs.webkit.org/show_bug.cgi?id=71982
1353
1354         Reviewed by Geoff Garen.
1355
1356         ARMv7Assembler:
1357         * add support for strb (byte stores)
1358         * rename the VMOV_CtoS opcodes (there are currently backwards!)
1359         * add support for adc (add with carry)
1360         * add support for vsqrt, vabs
1361         * add support for vmov (between FPRs, and to/from GPR pairs).
1362         * remove '_F64' postfixes from instructions (these aren't helpful, functions can already be distinguished by their signatures).
1363         * rename vcvt_F64_S32  to vcvt_signedToFloatingPoint, the prior postfix was unhelpful in failing to distinguish the types (S32 indicates a single precision register, but the type could be float, int32, or uint32).
1364         * rename vcvtr_S32_F64 to vcvt_floatingPointToSigned, as for previous, also vcvtr was the incorrect name for the operation (the emitted instruction truncates).
1365
1366         MacroAssemblerARMv7:
1367         * add 3-operand versions of and32, lshift32, or32, rshift32, urshift32, sub32, xor32, 
1368         * add store8, and store32 imm to base-index.
1369         * fix load32WithCompactAddressOffsetPatch to work for all gprs (the fix is a little kludgy but functional; to do better we'll have to also fix the repatching code).
1370         * Update supportsFloating* flags (all features now supported).
1371         * add moveDouble, storeDouble to absolute address, addDouble to absolute address
1372         * add 3-operand double operations.
1373         * implement sqrtDouble/absDouble
1374         * add branchTruncateDoubleToInt32, implement truncateDoubleToInt32
1375         * move should do nothing if src == dest
1376         * branchTest8-on-memory can be implemented in terms of branchTest32-on-register (branchTest8-on-register has been removed).
1377         * add 3-operand branchAdd32, branchSub32, also branchAdd32 absolute address.
1378
1379 2011-11-09  Gavin Barraclough  <barraclough@apple.com>
1380
1381         https://bugs.webkit.org/show_bug.cgi?id=71873
1382
1383         Reviewed by Geoff Garen.
1384
1385         Incrementally re-landing these changes, trying to determine what went wrong.
1386         (The whole patch failed tests on the build bot but worked locally.
1387
1388         * dfg/DFGByteCodeParser.cpp:
1389         (JSC::DFG::ByteCodeParser::handleIntrinsic):
1390
1391 2011-11-09  Filip Pizlo  <fpizlo@apple.com>
1392
1393         DFG OSR exit code should be lazily generated
1394         https://bugs.webkit.org/show_bug.cgi?id=71744
1395
1396         Reviewed by Gavin Barraclough.
1397         
1398         The OSR exit code is now generated the first time it is executed,
1399         rather than right after speculative compilation. Because most OSR
1400         exits are never taken, this should greatly reduce both code size
1401         and compilation time.
1402         
1403         This is a 1% win on SunSpider, and a 1% win on V8 when running in
1404         my harness. No change in V8 in V8's harness (due to the long runs,
1405         so compile time is not an issue) and no change in Kraken (again,
1406         long runs of small code so compile time has no measurable effect).
1407
1408         * CMakeListsEfl.txt:
1409         * GNUmakefile.list.am:
1410         * JavaScriptCore.xcodeproj/project.pbxproj:
1411         * Target.pri:
1412         * assembler/AbstractMacroAssembler.h:
1413         * assembler/MacroAssemblerX86.h:
1414         (JSC::MacroAssemblerX86::jump):
1415         * assembler/MacroAssemblerX86_64.h:
1416         (JSC::MacroAssemblerX86_64::jump):
1417         * assembler/X86Assembler.h:
1418         (JSC::X86Assembler::jmp_m):
1419         * bytecode/CodeBlock.h:
1420         (JSC::CodeBlock::createDFGDataIfNecessary):
1421         (JSC::CodeBlock::appendDFGOSREntryData):
1422         (JSC::CodeBlock::numberOfDFGOSREntries):
1423         (JSC::CodeBlock::dfgOSREntryData):
1424         (JSC::CodeBlock::dfgOSREntryDataForBytecodeIndex):
1425         (JSC::CodeBlock::appendOSRExit):
1426         (JSC::CodeBlock::appendSpeculationRecovery):
1427         (JSC::CodeBlock::numberOfOSRExits):
1428         (JSC::CodeBlock::numberOfSpeculationRecoveries):
1429         (JSC::CodeBlock::osrExit):
1430         (JSC::CodeBlock::speculationRecovery):
1431         * dfg/DFGAssemblyHelpers.h:
1432         (JSC::DFG::AssemblyHelpers::debugCall):
1433         * dfg/DFGCorrectableJumpPoint.cpp: Added.
1434         (JSC::DFG::CorrectableJumpPoint::codeLocationForRepatch):
1435         * dfg/DFGCorrectableJumpPoint.h: Added.
1436         (JSC::DFG::CorrectableJumpPoint::CorrectableJumpPoint):
1437         (JSC::DFG::CorrectableJumpPoint::switchToLateJump):
1438         (JSC::DFG::CorrectableJumpPoint::correctInitialJump):
1439         (JSC::DFG::CorrectableJumpPoint::correctLateJump):
1440         (JSC::DFG::CorrectableJumpPoint::initialJump):
1441         (JSC::DFG::CorrectableJumpPoint::lateJump):
1442         (JSC::DFG::CorrectableJumpPoint::correctJump):
1443         (JSC::DFG::CorrectableJumpPoint::getJump):
1444         * dfg/DFGJITCompiler.cpp:
1445         (JSC::DFG::JITCompiler::linkOSRExits):
1446         (JSC::DFG::JITCompiler::compileBody):
1447         (JSC::DFG::JITCompiler::link):
1448         * dfg/DFGJITCompiler.h:
1449         * dfg/DFGOSRExit.cpp: Added.
1450         (JSC::DFG::OSRExit::OSRExit):
1451         (JSC::DFG::OSRExit::dump):
1452         * dfg/DFGOSRExit.h:
1453         * dfg/DFGOSRExitCompiler.cpp: Added.
1454         * dfg/DFGOSRExitCompiler.h:
1455         * dfg/DFGOSRExitCompiler32_64.cpp:
1456         (JSC::DFG::OSRExitCompiler::compileExit):
1457         * dfg/DFGOSRExitCompiler64.cpp:
1458         (JSC::DFG::OSRExitCompiler::compileExit):
1459         * dfg/DFGOperations.cpp:
1460         * dfg/DFGSpeculativeJIT.cpp:
1461         * dfg/DFGSpeculativeJIT.h:
1462         (JSC::DFG::SpeculativeJIT::speculationCheck):
1463         * dfg/DFGThunks.cpp: Added.
1464         (JSC::DFG::osrExitGenerationThunkGenerator):
1465         * dfg/DFGThunks.h: Added.
1466         * jit/JITCode.h:
1467         (JSC::JITCode::dataAddressAtOffset):
1468         * runtime/JSGlobalData.h:
1469
1470 2011-11-09  Mark Hahnenberg  <mhahnenberg@apple.com>
1471
1472         Fixing build breakage
1473
1474         Unreviewed build fix
1475
1476         * JavaScriptCore.exp:
1477         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1478
1479 2011-11-09  Mark Hahnenberg  <mhahnenberg@apple.com>
1480
1481         De-virtualize JSVariableObject::isDynamicScope
1482         https://bugs.webkit.org/show_bug.cgi?id=71933
1483
1484         Reviewed by Geoffrey Garen.
1485
1486         * runtime/JSActivation.cpp:
1487         * runtime/JSActivation.h: Inlined and de-virtualized isDynamicScope
1488         (JSC::JSActivation::isDynamicScope):
1489         * runtime/JSGlobalObject.cpp:
1490         * runtime/JSGlobalObject.h: Inlined and de-virtualized isDynamicScope
1491         (JSC::JSGlobalObject::isDynamicScope):
1492         * runtime/JSStaticScopeObject.cpp:
1493         * runtime/JSStaticScopeObject.h: Inlined and de-virtualized isDynamicScope
1494         (JSC::JSStaticScopeObject::createStructure): Changed createStructure to use new JSType
1495         (JSC::JSStaticScopeObject::isDynamicScope):
1496         * runtime/JSType.h: Added new type for JSStaticScopeObject
1497         * runtime/JSVariableObject.cpp: De-virtualized and added an implementation that checks the 
1498         object's type and calls the corresponding implementation.
1499         (JSC::JSVariableObject::isDynamicScope):
1500         * runtime/JSVariableObject.h:
1501
1502 2011-11-09  Mark Hahnenberg  <mhahnenberg@apple.com>
1503
1504         De-virtualize JSGlobalObject::hasOwnPropertyForWrite
1505         https://bugs.webkit.org/show_bug.cgi?id=71934
1506
1507         Reviewed by Geoffrey Garen.
1508
1509         * runtime/JSGlobalObject.h: Removed the virtual-ness of hasOwnPropertyForWrite since nobody overrides it.
1510
1511 2011-11-09  Gavin Barraclough  <barraclough@apple.com>
1512
1513         https://bugs.webkit.org/show_bug.cgi?id=71873
1514
1515         Reviewed by Geoff Garen.
1516
1517         Incrementally re-landing these changes, trying to determine what went wrong.
1518         (The whole patch failed tests on the build bot but worked locally.
1519
1520         * assembler/MacroAssemblerARM.h:
1521         (JSC::MacroAssemblerARM::absDouble):
1522         * assembler/MacroAssemblerARMv7.h:
1523         * assembler/MacroAssemblerMIPS.h:
1524         (JSC::MacroAssemblerMIPS::absDouble):
1525         * assembler/MacroAssemblerSH4.h:
1526         (JSC::MacroAssemblerSH4::absDouble):
1527         * assembler/MacroAssemblerX86.h:
1528         (JSC::MacroAssemblerX86::absDouble):
1529         * assembler/MacroAssemblerX86Common.h:
1530         * assembler/MacroAssemblerX86_64.h:
1531         (JSC::MacroAssemblerX86_64::absDouble):
1532         * dfg/DFGSpeculativeJIT32_64.cpp:
1533         (JSC::DFG::SpeculativeJIT::compile):
1534         * dfg/DFGSpeculativeJIT64.cpp:
1535         (JSC::DFG::SpeculativeJIT::compile):
1536         * jit/ThunkGenerators.cpp:
1537         (JSC::absThunkGenerator):
1538
1539 2011-11-09  Mark Hahnenberg  <mhahnenberg@apple.com>
1540
1541         De-virtualize JSObject::getOwnPropertyDescriptor
1542         https://bugs.webkit.org/show_bug.cgi?id=71523
1543
1544         Reviewed by Sam Weinig.
1545
1546         Added getOwnPropertyDescriptor to the MethodTable, changed all of the 
1547         virtual versions of getOwnPropertyDescriptor to static ones, and 
1548         changed all of the call sites to the corresponding lookup in the MethodTable.
1549
1550         * API/JSCallbackObject.h:
1551         * API/JSCallbackObjectFunctions.h:
1552         (JSC::::getOwnPropertyDescriptor):
1553         * JavaScriptCore.exp:
1554         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1555         * debugger/DebuggerActivation.cpp:
1556         (JSC::DebuggerActivation::getOwnPropertyDescriptor):
1557         * debugger/DebuggerActivation.h:
1558         * runtime/Arguments.cpp:
1559         (JSC::Arguments::getOwnPropertyDescriptor):
1560         * runtime/Arguments.h:
1561         * runtime/ArrayConstructor.cpp:
1562         (JSC::ArrayConstructor::getOwnPropertyDescriptor):
1563         * runtime/ArrayConstructor.h:
1564         * runtime/ArrayPrototype.cpp:
1565         (JSC::ArrayPrototype::getOwnPropertyDescriptor):
1566         * runtime/ArrayPrototype.h:
1567         * runtime/BooleanPrototype.cpp:
1568         (JSC::BooleanPrototype::getOwnPropertyDescriptor):
1569         * runtime/BooleanPrototype.h:
1570         * runtime/ClassInfo.h:
1571         * runtime/DateConstructor.cpp:
1572         (JSC::DateConstructor::getOwnPropertyDescriptor):
1573         * runtime/DateConstructor.h:
1574         * runtime/DatePrototype.cpp:
1575         (JSC::DatePrototype::getOwnPropertyDescriptor):
1576         * runtime/DatePrototype.h:
1577         * runtime/ErrorPrototype.cpp:
1578         (JSC::ErrorPrototype::getOwnPropertyDescriptor):
1579         * runtime/ErrorPrototype.h:
1580         * runtime/JSArray.cpp:
1581         (JSC::JSArray::getOwnPropertyDescriptor):
1582         * runtime/JSArray.h:
1583         * runtime/JSByteArray.cpp:
1584         (JSC::JSByteArray::getOwnPropertyDescriptor):
1585         * runtime/JSByteArray.h:
1586         * runtime/JSCell.cpp:
1587         (JSC::JSCell::getOwnPropertyDescriptor):
1588         * runtime/JSCell.h:
1589         * runtime/JSFunction.cpp:
1590         (JSC::JSFunction::getOwnPropertyDescriptor):
1591         * runtime/JSFunction.h:
1592         * runtime/JSGlobalObject.cpp:
1593         (JSC::JSGlobalObject::getOwnPropertyDescriptor):
1594         * runtime/JSGlobalObject.h:
1595         * runtime/JSNotAnObject.cpp:
1596         (JSC::JSNotAnObject::getOwnPropertyDescriptor):
1597         * runtime/JSNotAnObject.h:
1598         * runtime/JSONObject.cpp:
1599         (JSC::JSONObject::getOwnPropertyDescriptor):
1600         * runtime/JSONObject.h:
1601         * runtime/JSObject.cpp:
1602         (JSC::JSObject::vtableAnchor):
1603         (JSC::JSObject::propertyIsEnumerable):
1604         (JSC::JSObject::getOwnPropertyDescriptor):
1605         (JSC::JSObject::getPropertyDescriptor):
1606         (JSC::JSObject::defineOwnProperty):
1607         * runtime/JSObject.h:
1608         * runtime/JSString.cpp: Removed getOwnPropertyDescriptor, since this seems to be a relic from a 
1609         bygone era when getOwnPropertyDescriptor was rooted in JSCell rather than JSObject.  There were 
1610         no call sites for this version of getOwnPropertyDescriptor in the entire project.
1611         * runtime/JSString.h:
1612         * runtime/Lookup.h:
1613         (JSC::getStaticPropertyDescriptor):
1614         (JSC::getStaticFunctionDescriptor):
1615         (JSC::getStaticValueDescriptor):
1616         * runtime/MathObject.cpp:
1617         (JSC::MathObject::getOwnPropertyDescriptor):
1618         * runtime/MathObject.h:
1619         * runtime/NumberConstructor.cpp:
1620         (JSC::NumberConstructor::getOwnPropertyDescriptor):
1621         * runtime/NumberConstructor.h:
1622         * runtime/NumberPrototype.cpp:
1623         (JSC::NumberPrototype::getOwnPropertyDescriptor):
1624         * runtime/NumberPrototype.h:
1625         * runtime/ObjectConstructor.cpp:
1626         (JSC::ObjectConstructor::getOwnPropertyDescriptor):
1627         (JSC::objectConstructorGetOwnPropertyDescriptor):
1628         * runtime/ObjectConstructor.h:
1629         * runtime/ObjectPrototype.cpp:
1630         (JSC::ObjectPrototype::getOwnPropertyDescriptor):
1631         * runtime/ObjectPrototype.h:
1632         * runtime/RegExpConstructor.cpp:
1633         (JSC::RegExpConstructor::getOwnPropertyDescriptor):
1634         * runtime/RegExpConstructor.h:
1635         * runtime/RegExpMatchesArray.h:
1636         (JSC::RegExpMatchesArray::getOwnPropertyDescriptor):
1637         * runtime/RegExpObject.cpp:
1638         (JSC::RegExpObject::getOwnPropertyDescriptor):
1639         * runtime/RegExpObject.h:
1640         * runtime/RegExpPrototype.cpp:
1641         (JSC::RegExpPrototype::getOwnPropertyDescriptor):
1642         * runtime/RegExpPrototype.h:
1643         * runtime/StringConstructor.cpp:
1644         (JSC::StringConstructor::getOwnPropertyDescriptor):
1645         * runtime/StringConstructor.h:
1646         * runtime/StringObject.cpp:
1647         (JSC::StringObject::vtableAnchor): Added to prevent a weak vtable.
1648         (JSC::StringObject::getOwnPropertyDescriptor):
1649         * runtime/StringObject.h:
1650         * runtime/StringPrototype.cpp:
1651         (JSC::StringPrototype::getOwnPropertyDescriptor):
1652         * runtime/StringPrototype.h:
1653
1654 2011-11-09  Gavin Barraclough  <barraclough@apple.com>
1655
1656         https://bugs.webkit.org/show_bug.cgi?id=71873
1657
1658         Reviewed by Geoff Garen.
1659
1660         Incrementally re-landing these changes, trying to determine what went wrong.
1661         (The whole patch failed tests on the build bot but worked locally.
1662
1663         * assembler/MacroAssemblerARM.h:
1664         (JSC::MacroAssemblerARM::supportsFloatingPoint):
1665         (JSC::MacroAssemblerARM::supportsFloatingPointTruncate):
1666         (JSC::MacroAssemblerARM::supportsFloatingPointSqrt):
1667         (JSC::MacroAssemblerARM::supportsFloatingPointAbs):
1668         * assembler/MacroAssemblerARMv7.h:
1669         (JSC::MacroAssemblerARMv7::supportsFloatingPoint):
1670         (JSC::MacroAssemblerARMv7::supportsFloatingPointTruncate):
1671         (JSC::MacroAssemblerARMv7::supportsFloatingPointSqrt):
1672         (JSC::MacroAssemblerARMv7::supportsFloatingPointAbs):
1673         * assembler/MacroAssemblerMIPS.h:
1674         (JSC::MacroAssemblerMIPS::supportsFloatingPoint):
1675         (JSC::MacroAssemblerMIPS::supportsFloatingPointTruncate):
1676         (JSC::MacroAssemblerMIPS::supportsFloatingPointSqrt):
1677         (JSC::MacroAssemblerMIPS::supportsFloatingPointAbs):
1678         * assembler/MacroAssemblerSH4.h:
1679         (JSC::MacroAssemblerSH4::supportsFloatingPoint):
1680         (JSC::MacroAssemblerSH4::supportsFloatingPointTruncate):
1681         (JSC::MacroAssemblerSH4::supportsFloatingPointSqrt):
1682         (JSC::MacroAssemblerSH4::supportsFloatingPointAbs):
1683         * assembler/MacroAssemblerX86.h:
1684         (JSC::MacroAssemblerX86::supportsFloatingPoint):
1685         (JSC::MacroAssemblerX86::supportsFloatingPointTruncate):
1686         (JSC::MacroAssemblerX86::supportsFloatingPointSqrt):
1687         (JSC::MacroAssemblerX86::supportsFloatingPointAbs):
1688         * assembler/MacroAssemblerX86_64.h:
1689         (JSC::MacroAssemblerX86_64::supportsFloatingPoint):
1690         (JSC::MacroAssemblerX86_64::supportsFloatingPointTruncate):
1691         (JSC::MacroAssemblerX86_64::supportsFloatingPointSqrt):
1692         (JSC::MacroAssemblerX86_64::supportsFloatingPointAbs):
1693         * jit/ThunkGenerators.cpp:
1694         (JSC::absThunkGenerator):
1695
1696 2011-11-08  Darin Adler  <darin@apple.com>
1697
1698         Add code path in HashTable for emptyValueIsZero that does not require copying the empty value
1699         https://bugs.webkit.org/show_bug.cgi?id=71875
1700
1701         Reviewed by Anders Carlsson.
1702
1703         This is a step along the path of making OwnPtr work as HashMap value types.
1704
1705         * wtf/Alignment.h: Moved the AlignedBufferChar and AlignedBuffer types from Vector.h here.
1706         Also fixed include style. To include other WTF headers inside WTF, we use "" includes.
1707         I did not change the code to fix style checker complaints.
1708
1709         * wtf/HashTable.h: Added includes as needed and fixed include style.
1710         (WTF::doubleHash): Removed the uneeeded and inappropriate "static" in this function, which
1711         gave it internal linkage for no good reason.
1712         (WTF::HashTable::checkKey): Made this use AlignedBuffer for the deleted value check to avoid
1713         construction/destruction problems instead of doing the trick where we construct and destroy
1714         an empty value twice. It's cleaner and simpler and avoids copying the empty value.
1715         (WTF::HashTable::initializeBucket): Specialized initializeBucket to use memset when the
1716         empty value is zero rather than copying an empty value.
1717
1718         * wtf/Vector.h: Moved the AlignedBufferChar and AlignedBuffer types into Alignment.h.
1719
1720 2011-11-09  Gabor Rapcsanyi  <rgabor@webkit.org>
1721
1722         Buildfix for 32bit debug mode.
1723
1724         Reviewed by Csaba Osztrogonác.
1725
1726         * dfg/DFGAbstractState.cpp:
1727         (JSC::DFG::AbstractState::dump):
1728         * dfg/DFGGraph.cpp:
1729         (JSC::DFG::Graph::dump):
1730
1731 2011-11-09  Andy Wingo  <wingo@igalia.com>
1732
1733         Enable the DFG JIT on X86-64 Linux platforms
1734         https://bugs.webkit.org/show_bug.cgi?id=71373
1735
1736         Reviewed by Csaba Osztrogonác.
1737
1738         * wtf/Platform.h (ENABLE_DFG_JIT): Enable the DFG JIT on the
1739         x86-64 GNU/Linux platform.
1740         * CMakeListsEfl.txt: Add JSValue64 implementations to EFL build.
1741
1742 2011-11-09  Csaba Osztrogonác  <ossy@webkit.org>
1743
1744         Enable the DFG JIT on x86-64 Linux platforms
1745         https://bugs.webkit.org/show_bug.cgi?id=71373
1746
1747         Enable DFG JIT by default on X86 Linux and Mac platforms
1748         https://bugs.webkit.org/show_bug.cgi?id=71686
1749
1750         Buildfix for stricter compilers: -Werror=unused-but-set-variable
1751
1752         Reviewed by Zoltan Herczeg.
1753
1754         * dfg/DFGSpeculativeJIT.cpp:
1755         (JSC::DFG::SpeculativeJIT::compilePutByValForByteArray):
1756         * dfg/DFGSpeculativeJIT32_64.cpp:
1757         (JSC::DFG::SpeculativeJIT::compile):
1758         * dfg/DFGSpeculativeJIT64.cpp:
1759         (JSC::DFG::SpeculativeJIT::compile):
1760
1761 2011-11-09  Sheriff Bot  <webkit.review.bot@gmail.com>
1762
1763         Unreviewed, rolling out r99678.
1764         http://trac.webkit.org/changeset/99678
1765         https://bugs.webkit.org/show_bug.cgi?id=71882
1766
1767         broke the build with -Werror=unused-but-set-variable
1768         (Requested by tronical_ on #webkit).
1769
1770         * CMakeListsEfl.txt:
1771         * wtf/Platform.h:
1772
1773 2011-11-09  Andy Wingo  <wingo@igalia.com>
1774
1775         Enable the DFG JIT on X86-64 Linux platforms
1776         https://bugs.webkit.org/show_bug.cgi?id=71373
1777
1778         Reviewed by Filip Pizlo.
1779
1780         * wtf/Platform.h (ENABLE_DFG_JIT): Enable the DFG JIT on the
1781         x86-64 GNU/Linux platform.
1782         * CMakeListsEfl.txt: Add JSValue64 implementations to EFL build.
1783
1784 2011-11-09  Mark Hahnenberg  <mhahnenberg@apple.com>
1785
1786         De-virtualize JSObject::defineOwnProperty
1787         https://bugs.webkit.org/show_bug.cgi?id=71429
1788
1789         Reviewed by Geoffrey Garen.
1790
1791         Added defineOwnProperty to the MethodTable, changed all the virtual 
1792         implementations of defineOwnProperty to static ones, and replaced 
1793         all call sites with corresponding lookups in the MethodTable.
1794
1795         * JavaScriptCore.exp:
1796         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1797         * runtime/Arguments.cpp:
1798         (JSC::Arguments::createStrictModeCallerIfNecessary):
1799         (JSC::Arguments::createStrictModeCalleeIfNecessary):
1800         * runtime/ClassInfo.h:
1801         * runtime/JSCell.cpp:
1802         (JSC::JSCell::defineOwnProperty):
1803         * runtime/JSCell.h:
1804         * runtime/JSObject.cpp:
1805         (JSC::JSObject::defineOwnProperty):
1806         * runtime/JSObject.h:
1807         * runtime/ObjectConstructor.cpp:
1808         (JSC::objectConstructorDefineProperty):
1809         (JSC::defineProperties):
1810
1811 2011-11-09  Simon Hausmann  <simon.hausmann@nokia.com>
1812
1813         [Qt] Build system cleanup
1814         https://bugs.webkit.org/show_bug.cgi?id=71815
1815
1816         Reviewed by Kenneth Rohde Christiansen.
1817
1818         * wtf/wtf.pri: Moved the glib dependency to javascriptcore.prf.
1819
1820 2011-11-08  Simon Hausmann  <simon.hausmann@nokia.com>
1821
1822         [Qt] Replace use of QApplication with QGuiApplication
1823         https://bugs.webkit.org/show_bug.cgi?id=71794
1824
1825         Reviewed by Andreas Kling.
1826
1827         Add compat headers for use when building with Qt 4: QGuiApplication
1828         is typedef'ed to QApplication.
1829
1830         * wtf/qt/compat/QGuiApplication: Added.
1831         * wtf/qt/compat/qguiapplication.h: Added.
1832
1833 2011-11-08  Sheriff Bot  <webkit.review.bot@gmail.com>
1834
1835         Unreviewed, rolling out r99647.
1836         http://trac.webkit.org/changeset/99647
1837         https://bugs.webkit.org/show_bug.cgi?id=71876
1838
1839         It broke jsc and layout tests on all bot (Requested by
1840         Ossy_night on #webkit).
1841
1842         * assembler/MacroAssemblerARM.h:
1843         (JSC::MacroAssemblerARM::supportsFloatingPoint):
1844         (JSC::MacroAssemblerARM::supportsFloatingPointTruncate):
1845         (JSC::MacroAssemblerARM::supportsFloatingPointSqrt):
1846         (JSC::MacroAssemblerARM::supportsDoubleBitops):
1847         (JSC::MacroAssemblerARM::andnotDouble):
1848         * assembler/MacroAssemblerARMv7.h:
1849         (JSC::MacroAssemblerARMv7::supportsFloatingPoint):
1850         (JSC::MacroAssemblerARMv7::supportsFloatingPointTruncate):
1851         (JSC::MacroAssemblerARMv7::supportsFloatingPointSqrt):
1852         (JSC::MacroAssemblerARMv7::supportsDoubleBitops):
1853         * assembler/MacroAssemblerMIPS.h:
1854         (JSC::MacroAssemblerMIPS::andnotDouble):
1855         (JSC::MacroAssemblerMIPS::supportsFloatingPoint):
1856         (JSC::MacroAssemblerMIPS::supportsFloatingPointTruncate):
1857         (JSC::MacroAssemblerMIPS::supportsFloatingPointSqrt):
1858         (JSC::MacroAssemblerMIPS::supportsDoubleBitops):
1859         * assembler/MacroAssemblerSH4.h:
1860         (JSC::MacroAssemblerSH4::supportsFloatingPoint):
1861         (JSC::MacroAssemblerSH4::supportsFloatingPointTruncate):
1862         (JSC::MacroAssemblerSH4::supportsFloatingPointSqrt):
1863         (JSC::MacroAssemblerSH4::supportsDoubleBitops):
1864         (JSC::MacroAssemblerSH4::andnotDouble):
1865         * assembler/MacroAssemblerX86.h:
1866         (JSC::MacroAssemblerX86::MacroAssemblerX86):
1867         (JSC::MacroAssemblerX86::supportsFloatingPoint):
1868         (JSC::MacroAssemblerX86::supportsFloatingPointTruncate):
1869         (JSC::MacroAssemblerX86::supportsFloatingPointSqrt):
1870         (JSC::MacroAssemblerX86::supportsDoubleBitops):
1871         * assembler/MacroAssemblerX86Common.h:
1872         (JSC::MacroAssemblerX86Common::andnotDouble):
1873         * assembler/MacroAssemblerX86_64.h:
1874         (JSC::MacroAssemblerX86_64::supportsFloatingPoint):
1875         (JSC::MacroAssemblerX86_64::supportsFloatingPointTruncate):
1876         (JSC::MacroAssemblerX86_64::supportsFloatingPointSqrt):
1877         (JSC::MacroAssemblerX86_64::supportsDoubleBitops):
1878         * assembler/X86Assembler.h:
1879         * dfg/DFGByteCodeParser.cpp:
1880         (JSC::DFG::ByteCodeParser::handleIntrinsic):
1881         * dfg/DFGSpeculativeJIT32_64.cpp:
1882         (JSC::DFG::SpeculativeJIT::compile):
1883         * dfg/DFGSpeculativeJIT64.cpp:
1884         (JSC::DFG::SpeculativeJIT::compile):
1885         * jit/ThunkGenerators.cpp:
1886         (JSC::absThunkGenerator):
1887         * runtime/JSGlobalData.cpp:
1888
1889 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
1890
1891         Better abstract 'abs' operation through the MacroAssembler.
1892         https://bugs.webkit.org/show_bug.cgi?id=71873
1893
1894         Reviewed by Geoff Garen.
1895
1896         Currently the x86 specific instruction sequence to perform a double abs
1897         is duplicated throughout the JITs / thunk generators.
1898
1899         * assembler/MacroAssemblerARM.h:
1900         (JSC::MacroAssemblerARM::supportsFloatingPoint):
1901         (JSC::MacroAssemblerARM::supportsFloatingPointTruncate):
1902         (JSC::MacroAssemblerARM::supportsFloatingPointSqrt):
1903         (JSC::MacroAssemblerARM::supportsFloatingPointAbs):
1904         (JSC::MacroAssemblerARM::absDouble):
1905             - Renamed supportsFloatingPointAbs, make these methods static so that
1906               we can check the JIT's capabilites before we begin compilation.
1907         * assembler/MacroAssemblerARMv7.h:
1908         (JSC::MacroAssemblerARMv7::supportsFloatingPoint):
1909         (JSC::MacroAssemblerARMv7::supportsFloatingPointTruncate):
1910         (JSC::MacroAssemblerARMv7::supportsFloatingPointSqrt):
1911         (JSC::MacroAssemblerARMv7::supportsFloatingPointAbs):
1912             - Renamed supportsFloatingPointAbs, make these methods static so that
1913               we can check the JIT's capabilites before we begin compilation.
1914         * assembler/MacroAssemblerMIPS.h:
1915         (JSC::MacroAssemblerMIPS::absDouble):
1916         (JSC::MacroAssemblerMIPS::supportsFloatingPoint):
1917         (JSC::MacroAssemblerMIPS::supportsFloatingPointTruncate):
1918         (JSC::MacroAssemblerMIPS::supportsFloatingPointSqrt):
1919         (JSC::MacroAssemblerMIPS::supportsFloatingPointAbs):
1920             - Renamed supportsFloatingPointAbs, make these methods static so that
1921               we can check the JIT's capabilites before we begin compilation.
1922         * assembler/MacroAssemblerSH4.h:
1923         (JSC::MacroAssemblerSH4::supportsFloatingPoint):
1924         (JSC::MacroAssemblerSH4::supportsFloatingPointTruncate):
1925         (JSC::MacroAssemblerSH4::supportsFloatingPointSqrt):
1926         (JSC::MacroAssemblerSH4::supportsFloatingPointAbs):
1927         (JSC::MacroAssemblerSH4::absDouble):
1928             - Renamed supportsFloatingPointAbs, make these methods static so that
1929               we can check the JIT's capabilites before we begin compilation.
1930         * assembler/MacroAssemblerX86.h:
1931         (JSC::MacroAssemblerX86::absDouble):
1932         (JSC::MacroAssemblerX86::supportsFloatingPoint):
1933         (JSC::MacroAssemblerX86::supportsFloatingPointTruncate):
1934         (JSC::MacroAssemblerX86::supportsFloatingPointSqrt):
1935         (JSC::MacroAssemblerX86::supportsFloatingPointAbs):
1936             - Made supports* methods static so that we can check the JIT's
1937               capabilites before we begin compilation. Added absDouble.
1938         * assembler/MacroAssemblerX86Common.h:
1939             - Removed andnotDouble, added s_maskSignBit.
1940         * assembler/MacroAssemblerX86_64.h:
1941         (JSC::MacroAssemblerX86_64::absDouble):
1942         (JSC::MacroAssemblerX86_64::supportsFloatingPoint):
1943         (JSC::MacroAssemblerX86_64::supportsFloatingPointTruncate):
1944         (JSC::MacroAssemblerX86_64::supportsFloatingPointSqrt):
1945         (JSC::MacroAssemblerX86_64::supportsFloatingPointAbs):
1946             - Made supports* methods static so that we can check the JIT's
1947               capabilites before we begin compilation. Added absDouble.
1948         * assembler/X86Assembler.h:
1949         (JSC::X86Assembler::andpd_rr):
1950         (JSC::X86Assembler::andpd_mr):
1951             - Added support for andpd instruction.
1952         * dfg/DFGByteCodeParser.cpp:
1953         (JSC::DFG::ByteCodeParser::handleIntrinsic):
1954             - Added checks for supportsFloatingPointAbs, supportsFloatingPointSqrt.
1955         * dfg/DFGSpeculativeJIT32_64.cpp:
1956         (JSC::DFG::SpeculativeJIT::compile):
1957             - Switched to use doubleAbs, we can now also reuse the operand register for the result.
1958         * dfg/DFGSpeculativeJIT64.cpp:
1959         (JSC::DFG::SpeculativeJIT::compile):
1960             - Switched to use doubleAbs, we can now also reuse the operand register for the result.
1961         * jit/ThunkGenerators.cpp:
1962             - Switched to use doubleAbs.
1963         (JSC::absThunkGenerator):
1964         * runtime/JSGlobalData.cpp:
1965             - Declared MacroAssemblerX86Common::s_maskSignBit here.
1966               This is a little ugly, but it doesn't seem worth adding a whole extra .cpp
1967               to the compile for just one constant.
1968
1969 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
1970
1971         Move duplicates of SYMBOL_STRING* macros to the single location
1972         https://bugs.webkit.org/show_bug.cgi?id=71456
1973
1974         Reviewed by Sam Weinig.
1975
1976         * JavaScriptCore.xcodeproj/project.pbxproj:
1977         * dfg/DFGOperations.cpp:
1978         * jit/JITStubs.cpp:
1979         * wtf/InlineASM.h: Added.
1980             - Moved asm related macros.
1981
1982 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
1983
1984         Move code to handle 8bit regs from X86Assembler to MacroAssembler
1985         https://bugs.webkit.org/show_bug.cgi?id=71867
1986
1987         Reviewed by Oliver Hunt.
1988
1989         This code is fine, but is in the wrong place really. X86 assembler should
1990         basically just format up exactly the instruction you request - not expand
1991         out to a set of instructions (that is what the macro assembler layer is
1992         for!). For other 8-bit ops, on X86 we don't guard against clients accessing
1993         the XH registers.
1994
1995         * assembler/MacroAssemblerX86Common.h:
1996         (JSC::MacroAssemblerX86Common::store8):
1997         * assembler/X86Assembler.h:
1998         (JSC::X86Assembler::movb_rm):
1999             - moved some code.
2000
2001 2011-11-08  Filip Pizlo  <fpizlo@apple.com>
2002
2003         Unreviewed build fix for GTK.
2004
2005         * GNUmakefile.list.am:
2006
2007 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
2008
2009         Build fix.
2010
2011         * assembler/X86Assembler.h:
2012
2013 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
2014
2015         Errrk, failed to commit this in last change.
2016
2017         * assembler/X86Assembler.h:
2018
2019 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
2020
2021         Remove an unused method.
2022
2023         Rubber stamped by Geoff Garen.
2024
2025         * assembler/AbstractMacroAssembler.h:
2026         * assembler/AssemblerBuffer.h:
2027             - removed rewindToLabel.
2028
2029 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
2030
2031         Fix OSR entry points to calculate offsets correctly WRT to branch compaction.
2032         https://bugs.webkit.org/show_bug.cgi?id=71864
2033
2034         Reviewed by Filip Pizlo.
2035
2036         * assembler/LinkBuffer.h:
2037         (JSC::LinkBuffer::offsetOf):
2038             - We use this to return the offsets into the code of the entry points.
2039         * dfg/DFGJITCompiler.cpp:
2040         (JSC::DFG::JITCompiler::compileEntry):
2041         (JSC::DFG::JITCompiler::compileBody):
2042         (JSC::DFG::JITCompiler::compile):
2043         (JSC::DFG::JITCompiler::compileFunction):
2044             - Move the construction of the speculative JIT outside of
2045               compileBody, such that it is still available to link the
2046               OSR entry points at the point we are linking.
2047         * dfg/DFGJITCompiler.h:
2048         (JSC::DFG::JITCompiler::noticeOSREntry):
2049             - Pass the label of the block & linkbuffer into noticeOSREntry.
2050         * dfg/DFGSpeculativeJIT.cpp:
2051         (JSC::DFG::SpeculativeJIT::compile):
2052         (JSC::DFG::SpeculativeJIT::linkOSREntries):
2053             - Moved call to noticeOSREntry until we we linking.
2054         * dfg/DFGSpeculativeJIT.h:
2055         * jit/JIT.cpp:
2056         (JSC::JIT::privateCompileMainPass):
2057         (JSC::JIT::privateCompileSlowCases):
2058         (JSC::JIT::privateCompile):
2059             - Moved calculation of entries until we we linking.
2060         * jit/JIT.h:
2061             - Removed some members.
2062
2063 2011-11-08  Filip Pizlo  <fpizlo@apple.com>
2064
2065         DFG OSR exit code should be generated by a separate compiler, not
2066         related to DFG::JITCompiler
2067         https://bugs.webkit.org/show_bug.cgi?id=71787
2068
2069         Reviewed by Gavin Barraclough.
2070         
2071         Moves the exitSpeculativeWithOSR() method from JITCompiler to
2072         OSRExitCompiler::compileExit().
2073
2074         * CMakeListsEfl.txt:
2075         * JavaScriptCore.xcodeproj/project.pbxproj:
2076         * Target.pri:
2077         * dfg/DFGJITCompiler.cpp:
2078         (JSC::DFG::JITCompiler::linkOSRExits):
2079         * dfg/DFGJITCompiler32_64.cpp: Removed.
2080         * dfg/DFGOSRExitCompiler.h: Added.
2081         (JSC::DFG::OSRExitCompiler::OSRExitCompiler):
2082         * dfg/DFGOSRExitCompiler32_64.cpp: Added.
2083         (JSC::DFG::OSRExitCompiler::compileExit):
2084         * dfg/DFGOSRExitCompiler64.cpp: Added.
2085         (JSC::DFG::OSRExitCompiler::compileExit):
2086         * runtime/JSValue.h:
2087
2088 2011-11-08  Filip Pizlo  <fpizlo@apple.com>
2089
2090         Basic DFG definitions should be moved out of DFGNode.h
2091         https://bugs.webkit.org/show_bug.cgi?id=71861
2092
2093         Rubber-stamped by Gavin Barraclough.
2094
2095         * JavaScriptCore.xcodeproj/project.pbxproj:
2096         * dfg/DFGCommon.h: Added.
2097         (JSC::DFG::NodeIndexTraits::defaultValue):
2098         * dfg/DFGNode.h:
2099         * dfg/DFGOSRExit.h:
2100         * dfg/DFGRegisterBank.h:
2101
2102 2011-11-08  Michael Saboff  <msaboff@apple.com>
2103
2104         Towards 8 Bit Strings: Templatize JSC::Parser class by Lexer type
2105         https://bugs.webkit.org/show_bug.cgi?id=71761
2106
2107         Templatized Parser based on Lexer<T>. Moved two enums,
2108         SourceElementsMode and FunctionRequirements out of Parser definition
2109         to work around a clang compiler defect.
2110
2111         Cleaned up SourceCode data() to return StringImpl* and eliminated
2112         the recently added stringData() virtual method.
2113
2114         To keep code in Parser.cpp and keep Parser.h small, the two flavors
2115         of Parser are explicitly instantiated at the end of Parser.cpp.
2116
2117         Reviewed by Gavin Barraclough.
2118
2119         * interpreter/Interpreter.cpp:
2120         (JSC::appendSourceToError):
2121         * parser/Lexer.cpp:
2122         (JSC::::setCode):
2123         (JSC::::sourceCode):
2124         * parser/Parser.cpp:
2125         (JSC::::Parser):
2126         (JSC::::~Parser):
2127         (JSC::::parseInner):
2128         (JSC::::didFinishParsing):
2129         (JSC::::allowAutomaticSemicolon):
2130         (JSC::::parseSourceElements):
2131         (JSC::::parseVarDeclaration):
2132         (JSC::::parseConstDeclaration):
2133         (JSC::::parseDoWhileStatement):
2134         (JSC::::parseWhileStatement):
2135         (JSC::::parseVarDeclarationList):
2136         (JSC::::parseConstDeclarationList):
2137         (JSC::::parseForStatement):
2138         (JSC::::parseBreakStatement):
2139         (JSC::::parseContinueStatement):
2140         (JSC::::parseReturnStatement):
2141         (JSC::::parseThrowStatement):
2142         (JSC::::parseWithStatement):
2143         (JSC::::parseSwitchStatement):
2144         (JSC::::parseSwitchClauses):
2145         (JSC::::parseSwitchDefaultClause):
2146         (JSC::::parseTryStatement):
2147         (JSC::::parseDebuggerStatement):
2148         (JSC::::parseBlockStatement):
2149         (JSC::::parseStatement):
2150         (JSC::::parseFormalParameters):
2151         (JSC::::parseFunctionBody):
2152         (JSC::::parseFunctionInfo):
2153         (JSC::::parseFunctionDeclaration):
2154         (JSC::::parseExpressionOrLabelStatement):
2155         (JSC::::parseExpressionStatement):
2156         (JSC::::parseIfStatement):
2157         (JSC::::parseExpression):
2158         (JSC::::parseAssignmentExpression):
2159         (JSC::::parseConditionalExpression):
2160         (JSC::::isBinaryOperator):
2161         (JSC::::parseBinaryExpression):
2162         (JSC::::parseProperty):
2163         (JSC::::parseObjectLiteral):
2164         (JSC::::parseStrictObjectLiteral):
2165         (JSC::::parseArrayLiteral):
2166         (JSC::::parsePrimaryExpression):
2167         (JSC::::parseArguments):
2168         (JSC::::parseMemberExpression):
2169         (JSC::::parseUnaryExpression):
2170         * parser/Parser.h:
2171         (JSC::::parse):
2172         (JSC::parse):
2173         * parser/SourceCode.h:
2174         (JSC::SourceCode::data):
2175         (JSC::SourceCode::subExpression):
2176         * parser/SourceProvider.h:
2177         (JSC::UStringSourceProvider::data):
2178
2179 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
2180
2181         Fix PropertyAccessRecords in DFG JIT to take account of branch compaction.
2182         https://bugs.webkit.org/show_bug.cgi?id=71855
2183
2184         Reviewed by Filip Pizlo.
2185
2186         The DFG JIT presently calculates a set of offsets early, before branches have been compacted.
2187         This won't work on ARMv7.
2188
2189         * assembler/AbstractMacroAssembler.h:
2190         (JSC::AbstractMacroAssembler::differenceBetweenCodePtr):
2191         * assembler/LinkBuffer.h:
2192         (JSC::LinkBuffer::locationOf):
2193         * dfg/DFGJITCodeGenerator32_64.cpp:
2194         (JSC::DFG::JITCodeGenerator::cachedGetById):
2195         (JSC::DFG::JITCodeGenerator::cachedPutById):
2196         * dfg/DFGJITCodeGenerator64.cpp:
2197         (JSC::DFG::JITCodeGenerator::cachedGetById):
2198         (JSC::DFG::JITCodeGenerator::cachedPutById):
2199         * dfg/DFGJITCompiler.cpp:
2200         (JSC::DFG::JITCompiler::link):
2201         * dfg/DFGJITCompiler.h:
2202         (JSC::DFG::PropertyAccessRecord::PropertyAccessRecord):
2203         (JSC::DFG::JITCompiler::addPropertyAccess):
2204
2205 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
2206
2207         DFG JIT calculation of OSR entry points is not THUMB2 safe
2208         https://bugs.webkit.org/show_bug.cgi?id=71852
2209
2210         Reviewed by Oliver Hunt.
2211
2212         Executable addresses are tagged with a low bit set to distinguish
2213         between THUMB2 and traditional ARM.
2214
2215         * dfg/DFGJITCompiler.cpp:
2216         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
2217         * dfg/DFGJITCompiler32_64.cpp:
2218         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
2219         * dfg/DFGOSREntry.cpp:
2220         (JSC::DFG::prepareOSREntry):
2221         * jit/JITCode.h:
2222         (JSC::JITCode::executableAddressAtOffset):
2223         (JSC::JITCode::start):
2224         (JSC::JITCode::size):
2225
2226 2011-11-08  Michael Saboff  <msaboff@apple.com>
2227
2228         JSC::Parser::Parser leaks Lexer member
2229         https://bugs.webkit.org/show_bug.cgi?id=71847
2230
2231         Changed m_lexer member of Parser to be OwnPtr to fix a memory leak.
2232
2233         Reviewed by Oliver Hunt.
2234
2235         * parser/Parser.cpp:
2236         (JSC::Parser::Parser):
2237         (JSC::Parser::parseFunctionBody):
2238         * parser/Parser.h:
2239
2240 2011-11-08  Yuqiang Xian  <yuqiang.xian@intel.com>
2241
2242         Enable DFG JIT by default on X86 Linux and Mac platforms
2243         https://bugs.webkit.org/show_bug.cgi?id=71686
2244
2245         Reviewed by Filip Pizlo.
2246
2247         We can get 9% on SunSpider, 89% on Kraken and 37% on V8, on Linux X86.
2248
2249         * wtf/Platform.h:
2250
2251 2011-11-08  Yuqiang Xian  <yuqiang.xian@intel.com>
2252
2253         DFG 32_64 - update make lists for efl, gtk, and Qt ports with DFG change r99519
2254         https://bugs.webkit.org/show_bug.cgi?id=71768
2255
2256         Reviewed by Geoffrey Garen.
2257
2258         Also includes a fix to make the newly introduced AssemblyHelpers
2259         friend of JSValue as we need the Tag definitions.
2260
2261         * CMakeListsEfl.txt:
2262         * GNUmakefile.list.am:
2263         * Target.pri:
2264         * runtime/JSValue.h:
2265
2266 2011-11-07  Yuqiang Xian  <yuqiang.xian@intel.com>
2267
2268         Fix gcc 4.4 compilation warnings in DFG 32_64
2269         https://bugs.webkit.org/show_bug.cgi?id=71762
2270
2271         Reviewed by Filip Pizlo.
2272
2273         * dfg/DFGJITCodeGenerator.h:
2274         (JSC::DFG::JITCodeGenerator::registersMatched):
2275
2276 2011-11-07  Filip Pizlo  <fpizlo@apple.com>
2277
2278         DFG code base should allow for classes not related to DFG::JITCompiler
2279         to use DFG idioms
2280         https://bugs.webkit.org/show_bug.cgi?id=71746
2281
2282         Reviewed by Gavin Barraclough.
2283
2284         * JavaScriptCore.xcodeproj/project.pbxproj:
2285         * dfg/DFGAssemblyHelpers.cpp: Added.
2286         (JSC::DFG::AssemblyHelpers::decodedCodeMapFor):
2287         (JSC::DFG::AssemblyHelpers::emitCount):
2288         (JSC::DFG::AssemblyHelpers::setSamplingFlag):
2289         (JSC::DFG::AssemblyHelpers::clearSamplingFlag):
2290         (JSC::DFG::AssemblyHelpers::jitAssertIsInt32):
2291         (JSC::DFG::AssemblyHelpers::jitAssertIsJSInt32):
2292         (JSC::DFG::AssemblyHelpers::jitAssertIsJSNumber):
2293         (JSC::DFG::AssemblyHelpers::jitAssertIsJSDouble):
2294         (JSC::DFG::AssemblyHelpers::jitAssertIsCell):
2295         * dfg/DFGAssemblyHelpers.h: Added.
2296         * dfg/DFGJITCompiler.cpp:
2297         * dfg/DFGJITCompiler.h:
2298         (JSC::DFG::JITCompiler::JITCompiler):
2299         (JSC::DFG::JITCompiler::graph):
2300         * dfg/DFGJITCompiler32_64.cpp:
2301         * dfg/DFGOSRExit.h: Added.
2302         (JSC::DFG::SpeculationRecovery::SpeculationRecovery):
2303         (JSC::DFG::SpeculationRecovery::type):
2304         (JSC::DFG::SpeculationRecovery::dest):
2305         (JSC::DFG::SpeculationRecovery::src):
2306         (JSC::DFG::OSRExit::numberOfRecoveries):
2307         (JSC::DFG::OSRExit::valueRecovery):
2308         (JSC::DFG::OSRExit::isArgument):
2309         (JSC::DFG::OSRExit::isVariable):
2310         (JSC::DFG::OSRExit::argumentForIndex):
2311         (JSC::DFG::OSRExit::variableForIndex):
2312         (JSC::DFG::OSRExit::operandForArgument):
2313         (JSC::DFG::OSRExit::operandForIndex):
2314         * dfg/DFGSpeculativeJIT.h:
2315
2316 2011-11-07  Filip Pizlo  <fpizlo@apple.com>
2317
2318         Switch back to 1+1 value profiling buckets, since it didn't help on arewefastyet,
2319         but it appears to help on other benchmarks.
2320
2321         Rubber stamped by Oliver Hunt.
2322
2323         * bytecode/ValueProfile.h:
2324
2325 2011-11-07  Ariya Hidayat  <ariya@sencha.com>
2326
2327         "use strict" can not contain escape sequences or line continuation
2328         https://bugs.webkit.org/show_bug.cgi?id=71532
2329
2330         Reviewed by Darin Adler.
2331
2332         Store the actual literal length (before the escapes and line
2333         continuation are encoded) while parsing the directive and use it
2334         for the directive comparison.
2335
2336         * parser/Parser.cpp:
2337         (JSC::Parser::parseSourceElements):
2338         (JSC::Parser::parseStatement):
2339         * parser/Parser.h:
2340
2341 2011-11-06  Filip Pizlo  <fpizlo@apple.com>
2342
2343         DFG operationCreateThis slow path may get the wrong callee in case of inlining
2344         https://bugs.webkit.org/show_bug.cgi?id=71647
2345
2346         Reviewed by Oliver Hunt.
2347         
2348         No new tests because I only saw this manifest itself when I had other bugs
2349         leading to spurious slow path executions.
2350
2351         * dfg/DFGJITCodeGenerator.h:
2352         (JSC::DFG::callOperation):
2353         * dfg/DFGOperations.cpp:
2354         * dfg/DFGOperations.h:
2355         * dfg/DFGSpeculativeJIT32_64.cpp:
2356         (JSC::DFG::SpeculativeJIT::compile):
2357         * dfg/DFGSpeculativeJIT64.cpp:
2358         (JSC::DFG::SpeculativeJIT::compile):
2359
2360 2011-11-07  Mark Hahnenberg  <mhahnenberg@apple.com>
2361
2362         De-virtualize JSObject::putWithAttributes
2363         https://bugs.webkit.org/show_bug.cgi?id=71716
2364
2365         Reviewed by Darin Adler.
2366
2367         Added putWithAttributes to the MethodTable, changed all the virtual 
2368         implementations of putWithAttributes to static ones, and replaced 
2369         all call sites with corresponding lookups in the MethodTable.
2370
2371         * API/JSObjectRef.cpp:
2372         (JSObjectSetProperty):
2373         * JavaScriptCore.exp:
2374         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2375         * debugger/DebuggerActivation.cpp:
2376         (JSC::DebuggerActivation::putWithAttributes):
2377         * debugger/DebuggerActivation.h:
2378         * interpreter/Interpreter.cpp:
2379         (JSC::Interpreter::execute):
2380         * runtime/ClassInfo.h:
2381         * runtime/JSActivation.cpp:
2382         (JSC::JSActivation::putWithAttributes):
2383         * runtime/JSActivation.h:
2384         * runtime/JSCell.cpp:
2385         (JSC::JSCell::putWithAttributes):
2386         * runtime/JSCell.h:
2387         * runtime/JSGlobalObject.cpp:
2388         (JSC::JSGlobalObject::putWithAttributes):
2389         * runtime/JSGlobalObject.h:
2390         * runtime/JSObject.cpp:
2391         (JSC::JSObject::putWithAttributes):
2392         (JSC::putDescriptor):
2393         * runtime/JSObject.h:
2394         * runtime/JSStaticScopeObject.cpp:
2395         (JSC::JSStaticScopeObject::putWithAttributes):
2396         * runtime/JSStaticScopeObject.h:
2397         * runtime/JSVariableObject.cpp:
2398         (JSC::JSVariableObject::putWithAttributes):
2399         * runtime/JSVariableObject.h:
2400
2401 2011-11-07  Dmitry Lomov  <dslomov@google.com>
2402
2403         Unreviewed. Release build fix.
2404
2405         * parser/Lexer.cpp:
2406         (JSC::assertCharIsIn8BitRange):
2407
2408 2011-11-07  Filip Pizlo  <fpizlo@apple.com>
2409
2410         Switch the value profiler back to 8 buckets, because we suspect that while this
2411         is more expensive it's also more stable.
2412
2413         Rubber stamped by Geoff Garen.
2414
2415         * bytecode/ValueProfile.h:
2416
2417 2011-11-07  Andrew Wason  <rectalogic@rectalogic.com>
2418
2419         Uninitialized Heap member var
2420         https://bugs.webkit.org/show_bug.cgi?id=71722
2421
2422         Reviewed by Filip Pizlo.
2423
2424         * heap/Heap.cpp:
2425         (JSC::Heap::Heap): Initialize m_blockFreeingThreadShouldQuit
2426
2427 2011-11-07  Yuqiang Xian  <yuqiang.xian@intel.com>
2428
2429         DFG 32_64 - registers cannot be reused arbitrarily if speculation failures are possible
2430         https://bugs.webkit.org/show_bug.cgi?id=71684
2431
2432         Reviewed by Filip Pizlo.
2433
2434         Currently in DFG JIT, we try to reuse the physical register of an
2435         operand for temporary usage if the current use of the operand is the
2436         last use. But sometimes this can be wrong, for example if there are
2437         possible speculation failures and we need to fallback to baseline JIT,
2438         the value of the operand which is supposed to be hold in the physical
2439         register can be modified by register reusing. The fixes the last
2440         inspector failures in layout test on Mac 32-bit if switching on DFG.
2441
2442         * dfg/DFGSpeculativeJIT32_64.cpp:
2443         (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
2444         (JSC::DFG::SpeculativeJIT::compile):
2445
2446 2011-11-07  Ryosuke Niwa  <rniwa@webkit.org>
2447
2448         REGRESSION(r99436): Broke Snow Leopard debug build
2449         https://bugs.webkit.org/show_bug.cgi?id=71713
2450
2451         Reviewed by Darin Adler.
2452
2453         Put the assertion in a template and use template specialization
2454         to avoid warning when instantiated with UChar or LChar.
2455
2456         In the long term, we should have traits for unsigned integral types
2457         and use that to specialize template instead of specializing it for UChar and LChar.
2458
2459         * parser/Lexer.cpp:
2460         (JSC::assertCharIsIn8BitRange):
2461         (JSC::::append8):
2462
2463 2011-11-07  ChangSeok Oh  <shivamidow@gmail.com>
2464
2465         [EFL] Support requestAnimationFrame API
2466         https://bugs.webkit.org/show_bug.cgi?id=67112
2467
2468         Reviewed by Andreas Kling.
2469
2470         Let EFL port use REQUEST_ANIMATION_FRAME_TIMER.
2471
2472         * wtf/Platform.h:
2473
2474 2011-11-07  Michael Saboff  <msaboff@apple.com>
2475
2476         Towards 8 Bit Strings: Templatize JSC::Lexer class by character type
2477         https://bugs.webkit.org/show_bug.cgi?id=71331
2478
2479         Change the Lexer class to be a template class based on the character
2480         type of the source.  In the process updated the parseIdentifier()
2481         and parseString() methods to create 8 bit strings where possible.
2482         Also added some helper methods for accumulating temporary string
2483         data in the 8 and 16 bit vectors.
2484
2485         Changed the SourceProvider::data() virtual method to return a
2486         StringImpl* instead of a UChar*.
2487
2488         Updated the KeywordLookup generator to create code to match keywords
2489         for both 8 and 16 bit source strings.
2490
2491         Due to a compiler bug (<rdar://problem/10194295>) moved enum
2492         definition outside of Lexer class declaration.  Remove second enum
2493         no longer needed.
2494
2495         Reviewed by Darin Adler.
2496
2497         * KeywordLookupGenerator.py:
2498         * interpreter/Interpreter.cpp:
2499         (JSC::Interpreter::callEval):
2500         * parser/Lexer.cpp:
2501         (JSC::::Lexer):
2502         (JSC::::~Lexer):
2503         (JSC::::getInvalidCharMessage):
2504         (JSC::::currentCharacter):
2505         (JSC::::setCode):
2506         (JSC::::internalShift):
2507         (JSC::::shift):
2508         (JSC::::peek):
2509         (JSC::::getUnicodeCharacter):
2510         (JSC::::shiftLineTerminator):
2511         (JSC::::lastTokenWasRestrKeyword):
2512         (JSC::::record8):
2513         (JSC::::append8):
2514         (JSC::::append16):
2515         (JSC::::record16):
2516         (JSC::::parseIdentifier):
2517         (JSC::::parseIdentifierSlowCase):
2518         (JSC::::parseString):
2519         (JSC::::parseStringSlowCase):
2520         (JSC::::parseHex):
2521         (JSC::::parseOctal):
2522         (JSC::::parseDecimal):
2523         (JSC::::parseNumberAfterDecimalPoint):
2524         (JSC::::parseNumberAfterExponentIndicator):
2525         (JSC::::parseMultilineComment):
2526         (JSC::::nextTokenIsColon):
2527         (JSC::::lex):
2528         (JSC::::scanRegExp):
2529         (JSC::::skipRegExp):
2530         (JSC::::clear):
2531         (JSC::::sourceCode):
2532         * parser/Lexer.h:
2533         (JSC::Lexer::append16):
2534         (JSC::Lexer::currentOffset):
2535         (JSC::Lexer::setOffsetFromCharOffset):
2536         (JSC::::isWhiteSpace):
2537         (JSC::::isLineTerminator):
2538         (JSC::::convertHex):
2539         (JSC::::convertUnicode):
2540         (JSC::::makeIdentifier):
2541         (JSC::::setCodeStart):
2542         (JSC::::makeIdentifierLCharFromUChar):
2543         (JSC::::lexExpectIdentifier):
2544         * parser/Parser.cpp:
2545         (JSC::Parser::Parser):
2546         (JSC::Parser::parseProperty):
2547         (JSC::Parser::parseMemberExpression):
2548         * parser/Parser.h:
2549         (JSC::Parser::next):
2550         (JSC::Parser::nextExpectIdentifier):
2551         * parser/ParserArena.h:
2552         (JSC::IdentifierArena::makeIdentifier):
2553         (JSC::IdentifierArena::makeIdentifierLCharFromUChar):
2554         * parser/SourceCode.h:
2555         (JSC::SourceCode::subExpression):
2556         * parser/SourceProvider.h:
2557         (JSC::UStringSourceProvider::stringData):
2558         * parser/SourceProviderCache.h:
2559         * parser/SyntaxChecker.h:
2560         * runtime/FunctionPrototype.cpp:
2561         (JSC::insertSemicolonIfNeeded):
2562         * runtime/Identifier.cpp:
2563         (JSC::IdentifierTable::add):
2564         (JSC::IdentifierLCharFromUCharTranslator::hash):
2565         (JSC::IdentifierLCharFromUCharTranslator::equal):
2566         (JSC::IdentifierLCharFromUCharTranslator::translate):
2567         (JSC::Identifier::add8):
2568         * runtime/Identifier.h:
2569         (JSC::Identifier::Identifier):
2570         (JSC::Identifier::createLCharFromUChar):
2571         (JSC::Identifier::canUseSingleCharacterString):
2572         (JSC::IdentifierCharBufferTranslator::hash):
2573         (JSC::IdentifierCharBufferTranslator::equal):
2574         (JSC::IdentifierCharBufferTranslator::translate):
2575         (JSC::Identifier::add):
2576         (JSC::Identifier::equal):
2577         (JSC::IdentifierTable::add):
2578         * runtime/JSGlobalObjectFunctions.cpp:
2579         (JSC::decode):
2580         (JSC::parseIntOverflow):
2581         (JSC::globalFuncUnescape):
2582         * runtime/JSGlobalObjectFunctions.h:
2583         (JSC::parseIntOverflow):
2584         * runtime/LiteralParser.cpp:
2585         (JSC::LiteralParser::tryJSONPParse):
2586         (JSC::LiteralParser::Lexer::lexString):
2587         * wtf/text/StringImpl.h:
2588
2589 2011-11-07  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>
2590
2591         [Qt] Put the jsc binary in 'bin' instead of leaving it deep in the build tree
2592
2593         Allows us to not package up the whole Source/JavaScriptCore directory for the
2594         buildbots.
2595
2596         Reviewed-by Simon Hausmann.
2597
2598         * jsc.pro:
2599
2600 2011-11-06  Filip Pizlo  <fpizlo@apple.com>
2601
2602         REGRESSION(r99374): GTK+ build of the jsc binary doesn't like the call
2603         to initializeMainThread, and crashes
2604         https://bugs.webkit.org/show_bug.cgi?id=71643
2605
2606         Reviewed by Sam Weinig.
2607
2608         * jsc.cpp:
2609         (main):
2610
2611 2011-11-06  Sam Weinig  <sam@webkit.org>
2612
2613         Add space missing from some class declarations
2614         https://bugs.webkit.org/show_bug.cgi?id=71632
2615
2616         Reviewed by Anders Carlsson.
2617
2618         * assembler/AssemblerBufferWithConstantPool.h:
2619         * bytecode/CodeBlock.h:
2620         * dfg/DFGVariableAccessData.h:
2621         * heap/VTableSpectrum.h:
2622         * jit/ExecutableAllocator.cpp:
2623         * jit/ExecutableAllocatorFixedVMPool.cpp:
2624         * wtf/MetaAllocatorHandle.h:
2625         * wtf/UnionFind.h:
2626
2627 2011-11-06  Sam Weinig  <sam@webkit.org>
2628
2629         Allow use of FINAL in JavaScriptCore
2630         https://bugs.webkit.org/show_bug.cgi?id=71630
2631
2632         Reviewed by Anders Carlsson.
2633
2634         * Configurations/Base.xcconfig:
2635         Don't warn about C++11 extensions used in C++98 mode.
2636
2637 2011-11-05  Filip Pizlo  <fpizlo@apple.com>
2638
2639         Value profiling should just use two buckets
2640         https://bugs.webkit.org/show_bug.cgi?id=71619
2641
2642         Reviewed by Gavin Barraclough.
2643         
2644         Added one more configuration options (like Heuristics::minimumOptimizationDelay),
2645         improved debugging in JIT optimization support, changed the number of buckets
2646         in the value profile from 9 to 2, and wrote a more optimal value profiling path
2647         in the old JIT to take advantage of this. It's still possible to play around with
2648         larger numbers of buckets, and we should probably keep this for a little while
2649         until we convince ourselves that using just two buckets is the right call.
2650
2651         * bytecode/CodeBlock.cpp:
2652         (JSC::CodeBlock::shouldOptimizeNow):
2653         * bytecode/ValueProfile.h:
2654         * jit/JITInlineMethods.h:
2655         (JSC::JIT::emitValueProfilingSite):
2656         * jit/JITStubs.cpp:
2657         (JSC::DEFINE_STUB_FUNCTION):
2658         * runtime/Heuristics.cpp:
2659         (JSC::Heuristics::initializeHeuristics):
2660         * runtime/Heuristics.h:
2661
2662 2011-11-03  Filip Pizlo  <fpizlo@apple.com>
2663
2664         JSC should be able to sample itself in a more flexible way than just sampling flags
2665         https://bugs.webkit.org/show_bug.cgi?id=71522
2666
2667         Reviewed by Gavin Barraclough.
2668         
2669         Added a construct that looks like SamplingRegion samplingRegion("name").
2670
2671         * JavaScriptCore.exp:
2672         * JavaScriptCore.xcodeproj/project.pbxproj:
2673         * bytecode/SamplingTool.cpp:
2674         (JSC::SamplingRegion::Locker::Locker):
2675         (JSC::SamplingRegion::Locker::~Locker):
2676         (JSC::SamplingRegion::sample):
2677         (JSC::SamplingRegion::dump):
2678         (JSC::SamplingRegion::dumpInternal):
2679         (JSC::SamplingThread::threadStartFunc):
2680         * bytecode/SamplingTool.h:
2681         (JSC::SamplingRegion::SamplingRegion):
2682         (JSC::SamplingRegion::~SamplingRegion):
2683         (JSC::SamplingRegion::exchangeCurrent):
2684         * bytecompiler/BytecodeGenerator.cpp:
2685         (JSC::BytecodeGenerator::generate):
2686         * dfg/DFGDriver.cpp:
2687         (JSC::DFG::compile):
2688         * heap/Heap.cpp:
2689         (JSC::Heap::markRoots):
2690         (JSC::Heap::collect):
2691         * heap/VTableSpectrum.cpp:
2692         (JSC::VTableSpectrum::countVPtr):
2693         (JSC::VTableSpectrum::dump):
2694         * heap/VTableSpectrum.h:
2695         * jsc.cpp:
2696         (main):
2697         (runWithScripts):
2698         * parser/Parser.h:
2699         (JSC::parse):
2700         * runtime/Executable.cpp:
2701         (JSC::EvalExecutable::compileInternal):
2702         (JSC::ProgramExecutable::compileInternal):
2703         (JSC::FunctionExecutable::compileForCallInternal):
2704         (JSC::FunctionExecutable::compileForConstructInternal):
2705         * wtf/Atomics.h:
2706         (WTF::weakCompareAndSwap):
2707         * wtf/Platform.h:
2708         * wtf/Spectrum.h: Added.
2709         (WTF::Spectrum::Spectrum):
2710         (WTF::Spectrum::add):
2711         (WTF::Spectrum::get):
2712         (WTF::Spectrum::begin):
2713         (WTF::Spectrum::end):
2714         (WTF::Spectrum::KeyAndCount::KeyAndCount):
2715         (WTF::Spectrum::KeyAndCount::operator<):
2716         (WTF::Spectrum::buildList):
2717         * wtf/wtf.pri:
2718
2719 2011-11-05  Sam Weinig  <sam@webkit.org>
2720
2721         Fix windows build.
2722
2723         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2724
2725 2011-11-04  Sam Weinig  <sam@webkit.org>
2726
2727         Reduce the number of putWithAttributes
2728         https://bugs.webkit.org/show_bug.cgi?id=71597
2729
2730         Reviewed by Adam Roben.
2731
2732         * JavaScriptCore.exp:
2733         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2734         Remove exports of removed functions.
2735
2736         * runtime/JSActivation.cpp:
2737         (JSC::JSActivation::putWithAttributes):
2738         Calling the overload without the extra parameters does the same thing.
2739
2740         * runtime/JSObject.cpp:
2741         (JSC::JSObject::putWithAttributes):
2742         * runtime/JSObject.h:
2743         Remove four unused JSObject::putWithAttributes overloads and make one of the remaining
2744         two overloads not virtual, since no one overrides it.
2745
2746 2011-11-04  Pratik Solanki  <psolanki@apple.com>
2747
2748         sqrtDouble and andnotDouble should be declared noreturn
2749         https://bugs.webkit.org/show_bug.cgi?id=71592
2750
2751         Reviewed by Sam Weinig.
2752
2753         * assembler/MacroAssemblerARMv7.h:
2754
2755 2011-11-04  Mark Hahnenberg  <mhahnenberg@apple.com>
2756
2757         De-virtualize JSObject::hasInstance
2758         https://bugs.webkit.org/show_bug.cgi?id=71430
2759
2760         Reviewed by Darin Adler.
2761
2762         Added hasInstance to the MethodTable, changed all the virtual 
2763         implementations of hasInstance to static ones, and replaced 
2764         all call sites with corresponding lookups in the MethodTable.
2765
2766         * API/JSCallbackObject.h:
2767         * API/JSCallbackObjectFunctions.h:
2768         (JSC::::hasInstance):
2769         * API/JSValueRef.cpp:
2770         (JSValueIsInstanceOfConstructor):
2771         * JavaScriptCore.exp:
2772         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2773         * interpreter/Interpreter.cpp:
2774         (JSC::Interpreter::privateExecute):
2775         * jit/JITStubs.cpp:
2776         (JSC::DEFINE_STUB_FUNCTION):
2777         * runtime/ClassInfo.h:
2778         * runtime/JSBoundFunction.cpp:
2779         (JSC::JSBoundFunction::hasInstance):
2780         * runtime/JSBoundFunction.h:
2781         * runtime/JSCell.cpp:
2782         (JSC::JSCell::hasInstance):
2783         * runtime/JSCell.h:
2784         * runtime/JSObject.cpp:
2785         (JSC::JSObject::hasInstance):
2786         * runtime/JSObject.h:
2787
2788 2011-11-04  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>
2789
2790         [Qt] Refactor and clean up the qmake build system
2791
2792         The qmake build system has accumulated a bit of cruft and redundancy
2793         over time. There's also a fairly tight coupling between how to build
2794         the various targets, and _what_ to build, making it harder to add new
2795         rules or sources. This patch aims to elevate these issues somewhat.
2796
2797         This is a short-list of the changes:
2798
2799           * The rules for how to build targets are now mostly contained as
2800             prf-files in Tools/qmake/mkspecs/features. Using mkspecs also
2801             allows us to do pre- and post-processing of each project file,
2802             which helps to clean up the actual project files.
2803
2804           * Derived sources are no longer generated as a separate make-step
2805             but is part of each target's project file as a subdir. Makefile
2806             rules are used to ensure that we run make on the derived sources
2807             before running qmake on the actual target makefile. This makes
2808             it easier to keep a proper dependency between derived sources
2809             and the target.
2810
2811           * We use GNU make and the compiler to generate dependencies on
2812             UNIX-based systems running Qt 5. This allows us to lessen the
2813             need to run qmake, which should reduce compile time.
2814
2815           * WebKit2 is now build by default if building with Qt 5. It can
2816             be disabled by passing --no-webkit2 to build-webkit.
2817
2818         The result of these changes are hopefully a cleaner and easier
2819         build system to modify, and faster build times due to no longer
2820         running qmake on every single build. It's also a first step
2821         towards possibly generating the list of sources using another
2822         build system.
2823
2824         https://bugs.webkit.org/show_bug.cgi?id=71222
2825
2826         Reviewed by Simon Hausmann.
2827
2828         * DerivedSources.pri: Added.
2829         * DerivedSources.pro: Removed.
2830         * JavaScriptCore.pro:
2831         * Target.pri: Copied from Source/JavaScriptCore/JavaScriptCore.pro.
2832         * headers.pri: Removed.
2833         * jsc.pro:
2834         * wtf/wtf.pri:
2835         * yarr/yarr.pri:
2836
2837 2011-11-04  Yuqiang Xian  <yuqiang.xian@intel.com>
2838
2839         More code clean-up in DFG 32_64
2840         https://bugs.webkit.org/show_bug.cgi?id=71540
2841
2842         Remove unnecessary code duplications, and fix compilation warnings.
2843
2844         Reviewed by Gavin Barraclough.
2845
2846         * dfg/DFGJITCompiler.cpp:
2847         (JSC::DFG::JITCompiler::emitCount):
2848         (JSC::DFG::JITCompiler::setSamplingFlag):
2849         (JSC::DFG::JITCompiler::clearSamplingFlag):
2850         (JSC::DFG::JITCompiler::jitAssertIsCell):
2851         * dfg/DFGJITCompiler32_64.cpp:
2852         * dfg/DFGSpeculativeJIT32_64.cpp:
2853         (JSC::DFG::SpeculativeJIT::compile):
2854
2855 2011-11-04  Csaba Osztrogonác  <ossy@webkit.org>
2856
2857         De-virtualize JSObject::hasInstance
2858         https://bugs.webkit.org/show_bug.cgi?id=71430
2859
2860         Unreviewed rolling out r99238, because it made a test crash on all platform.
2861
2862         * API/JSCallbackObject.h:
2863         * API/JSCallbackObjectFunctions.h:
2864         (JSC::::hasInstance):
2865         * API/JSValueRef.cpp:
2866         (JSValueIsInstanceOfConstructor):
2867         * JavaScriptCore.exp:
2868         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2869         * interpreter/Interpreter.cpp:
2870         (JSC::Interpreter::privateExecute):
2871         * jit/JITStubs.cpp:
2872         (JSC::DEFINE_STUB_FUNCTION):
2873         * runtime/ClassInfo.h:
2874         * runtime/JSBoundFunction.cpp:
2875         (JSC::JSBoundFunction::hasInstance):
2876         * runtime/JSBoundFunction.h:
2877         * runtime/JSCell.cpp:
2878         * runtime/JSCell.h:
2879         * runtime/JSObject.cpp:
2880         (JSC::JSObject::hasInstance):
2881         * runtime/JSObject.h:
2882
2883 2011-11-03  Mark Hahnenberg  <mhahnenberg@apple.com>
2884
2885         De-virtualize JSObject::getPropertyNames
2886         https://bugs.webkit.org/show_bug.cgi?id=71306
2887
2888         Reviewed by Darin Adler.
2889
2890         Added getPropertyNames to the MethodTable, changed all the virtual 
2891         implementations of getPropertyNames to static ones, and replaced 
2892         all call sites with corresponding lookups in the MethodTable.
2893
2894         * API/JSObjectRef.cpp:
2895         (JSObjectCopyPropertyNames):
2896         * JavaScriptCore.exp:
2897         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2898         * debugger/DebuggerActivation.cpp:
2899         (JSC::DebuggerActivation::getOwnPropertyNames):
2900         * runtime/ClassInfo.h:
2901         * runtime/JSCell.cpp:
2902         (JSC::JSCell::getPropertyNames):
2903         * runtime/JSCell.h:
2904         * runtime/JSObject.cpp:
2905         (JSC::JSObject::getPropertyNames):
2906         (JSC::JSObject::getOwnPropertyNames):
2907         * runtime/JSObject.h:
2908         * runtime/JSPropertyNameIterator.cpp:
2909         (JSC::JSPropertyNameIterator::create):
2910         * runtime/ScopeChain.cpp:
2911         (JSC::ScopeChainNode::print):
2912         * runtime/Structure.cpp:
2913         (JSC::Structure::getPropertyNamesFromStructure):
2914         * runtime/Structure.h:
2915
2916 2011-11-03  Darin Adler  <darin@apple.com>
2917
2918         Change remaining callers of releaseRef to call leakRef
2919         https://bugs.webkit.org/show_bug.cgi?id=71422
2920
2921         * wtf/text/AtomicString.cpp:
2922         (WTF::HashAndUTF8CharactersTranslator::translate): Use leakRef.
2923
2924 2011-11-02  Darin Adler  <darin@apple.com>
2925
2926         Change remaining callers of releaseRef to call leakRef
2927         https://bugs.webkit.org/show_bug.cgi?id=71422
2928
2929         * wtf/text/AtomicString.cpp:
2930         (WTF::HashAndUTF8CharactersTranslator::translate): Use leakRef.
2931
2932 2011-11-03  Mark Hahnenberg  <mhahnenberg@apple.com>
2933
2934         De-virtualize JSObject::hasInstance
2935         https://bugs.webkit.org/show_bug.cgi?id=71430
2936
2937         Reviewed by Darin Adler.
2938
2939         Added hasInstance to the MethodTable, changed all the virtual 
2940         implementations of hasInstance to static ones, and replaced 
2941         all call sites with corresponding lookups in the MethodTable.
2942
2943         * API/JSCallbackObject.h:
2944         * API/JSCallbackObjectFunctions.h:
2945         (JSC::::hasInstance):
2946         * API/JSValueRef.cpp:
2947         (JSValueIsInstanceOfConstructor):
2948         * JavaScriptCore.exp:
2949         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2950         * interpreter/Interpreter.cpp:
2951         (JSC::Interpreter::privateExecute):
2952         * jit/JITStubs.cpp:
2953         (JSC::DEFINE_STUB_FUNCTION):
2954         * runtime/ClassInfo.h:
2955         * runtime/JSBoundFunction.cpp:
2956         (JSC::JSBoundFunction::hasInstance):
2957         * runtime/JSBoundFunction.h:
2958         * runtime/JSCell.cpp:
2959         (JSC::JSCell::hasInstance):
2960         * runtime/JSCell.h:
2961         * runtime/JSObject.cpp:
2962         (JSC::JSObject::hasInstance):
2963         * runtime/JSObject.h:
2964
2965 2011-11-03  Filip Pizlo  <fpizlo@apple.com>
2966
2967         JIT-specific code should be able to refer to register types even on JIT-disabled builds
2968         https://bugs.webkit.org/show_bug.cgi?id=71498
2969
2970         Reviewed by Gavin Barraclough.
2971
2972         * assembler/MacroAssembler.h:
2973         (MacroAssembler::MacroAssembler):
2974
2975 2011-11-03  Mark Hahnenberg  <mhahnenberg@apple.com>
2976
2977         De-virtualize JSObject::className
2978         https://bugs.webkit.org/show_bug.cgi?id=71428
2979
2980         Reviewed by Sam Weinig.
2981
2982         Added className to the MethodTable, changed all the virtual 
2983         implementations of className to static ones, and replaced 
2984         all call sites with corresponding lookups in the MethodTable.
2985
2986         * API/JSCallbackObject.h:
2987         * API/JSCallbackObjectFunctions.h:
2988         (JSC::::className):
2989         * JavaScriptCore.exp:
2990         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2991         * debugger/DebuggerActivation.cpp:
2992         (JSC::DebuggerActivation::className):
2993         * debugger/DebuggerActivation.h:
2994         * jsc.cpp:
2995         (GlobalObject::createStructure):
2996         * profiler/Profiler.cpp:
2997         (JSC::Profiler::createCallIdentifier):
2998         * runtime/ClassInfo.h:
2999         * runtime/JSCell.cpp:
3000         (JSC::JSCell::className):
3001         * runtime/JSCell.h:
3002         * runtime/JSObject.cpp:
3003         (JSC::JSObject::className):
3004         * runtime/JSObject.h:
3005         * runtime/ObjectPrototype.cpp:
3006         (JSC::objectProtoFuncToString):
3007         * testRegExp.cpp:
3008         (GlobalObject::createStructure):
3009
3010 2011-11-02  Jer Noble  <jer.noble@apple.com>
3011
3012         Add Clock class and platform-specific implementations.
3013         https://bugs.webkit.org/show_bug.cgi?id=71341
3014
3015         Reviewed by Sam Weinig.
3016
3017         Add WTF_USE_COREAUDIO macro for use by PlatformClockCA.
3018
3019         * wtf/Platform.h:
3020
3021 2011-11-03  Pavel Feldman  <pfeldman@chromium.org>
3022
3023         Not reviewed: fixing win build. step2.
3024
3025         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3026
3027 2011-11-03  Pavel Feldman  <pfeldman@chromium.org>
3028
3029         Not reviewed: fix windows build, step1
3030
3031         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3032
3033 2011-11-03  Pavel Feldman  <pfeldman@google.com>
3034
3035         Web Inspector: preserve script location for inline handlers.
3036         https://bugs.webkit.org/show_bug.cgi?id=71367
3037
3038         Makes SourceCode factories receive TextPosition instead of the line number;
3039         Stores consistent position values in SourceCode and SourceProvider;
3040
3041         Reviewed by Yury Semikhatsky.
3042
3043         * API/JSBase.cpp:
3044         (JSEvaluateScript):
3045         (JSCheckScriptSyntax):
3046         * API/JSObjectRef.cpp:
3047         (JSObjectMakeFunction):
3048         * parser/SourceCode.h:
3049         (JSC::makeSource):
3050         * parser/SourceProvider.h:
3051         (JSC::SourceProvider::SourceProvider):
3052         (JSC::SourceProvider::startPosition):
3053         (JSC::UStringSourceProvider::create):
3054         (JSC::UStringSourceProvider::UStringSourceProvider):
3055         * runtime/FunctionConstructor.cpp:
3056         (JSC::constructFunction):
3057         (JSC::constructFunctionSkippingEvalEnabledCheck):
3058         * runtime/FunctionConstructor.h:
3059
3060 2011-11-03  Kentaro Hara  <haraken@chromium.org>
3061
3062         Fixed wrong implementation of doubleValue % 2^{64}.
3063         https://bugs.webkit.org/show_bug.cgi?id=67980
3064
3065         Reviewed by Hajime Morita.
3066
3067         fast/events/constructors/progress-event-constructor.html was failing
3068         because of the wrong implementation of conversion from an ECMAScript value
3069         to an IDL unsigned long long value (Spec: http://www.w3.org/TR/WebIDL/#es-unsigned-long-long).
3070         In particular, the calculation of doubleValue % 2^{64} was wrong.
3071         This patch implemented it correctly in doubleToInteger() in wtf/MathExtras.h.
3072
3073         * wtf/MathExtras.h:
3074         (doubleToInteger): Implemented the spec correctly.
3075
3076 2011-11-03  Sheriff Bot  <webkit.review.bot@gmail.com>
3077
3078         Unreviewed, rolling out r99089.
3079         http://trac.webkit.org/changeset/99089
3080         https://bugs.webkit.org/show_bug.cgi?id=71448
3081
3082         @plt postfix for math functions cause crash on Linux 32 (the
3083         symbol is defined but it points to NULL) (Requested by
3084         zherczeg on #webkit).
3085
3086         * dfg/DFGOperations.cpp:
3087         * jit/JITStubs.cpp:
3088         * jit/ThunkGenerators.cpp:
3089
3090 2011-11-02  Filip Pizlo  <fpizlo@apple.com>
3091
3092         DFG inlining breaks function.arguments[something] if the argument being
3093         retrieved was subjected to DFG's unboxing optimizations
3094         https://bugs.webkit.org/show_bug.cgi?id=71436
3095
3096         Reviewed by Oliver Hunt.
3097         
3098         This makes inlined arguments retrieval use some of the same machinery as
3099         OSR to determine where from, and how, to retrieve a value that the DFG
3100         might have somehow squirreled away while the old JIT would put it in its
3101         obvious location, using an obvious format.
3102         
3103         To that end, previously DFG-internal notions such as DataFormat,
3104         VirtualRegister, and ValueRecovery are now in bytecode/ since they are
3105         stored as part of InlineCallFrames.
3106
3107         * bytecode/CodeOrigin.h:
3108         * dfg/DFGAbstractState.cpp:
3109         (JSC::DFG::AbstractState::execute):
3110         * dfg/DFGByteCodeParser.cpp:
3111         (JSC::DFG::ByteCodeParser::handleInlining):
3112         (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
3113         * dfg/DFGJITCompiler.cpp:
3114         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
3115         * dfg/DFGJITCompiler32_64.cpp:
3116         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
3117         * dfg/DFGNode.h:
3118         * dfg/DFGPropagator.cpp:
3119         (JSC::DFG::Propagator::propagateNodePredictions):
3120         * dfg/DFGSpeculativeJIT.cpp:
3121         (JSC::DFG::SpeculativeJIT::compile):
3122         * dfg/DFGSpeculativeJIT64.cpp:
3123         (JSC::DFG::SpeculativeJIT::compile):
3124         * interpreter/CallFrame.cpp:
3125         (JSC::CallFrame::trueCallerFrame):
3126         * interpreter/CallFrame.h:
3127         (JSC::ExecState::inlineCallFrame):
3128         * interpreter/Register.h:
3129         (JSC::Register::asInlineCallFrame):
3130         (JSC::Register::unboxedInt32):
3131         (JSC::Register::unboxedBoolean):
3132         (JSC::Register::unboxedCell):
3133         * runtime/Arguments.h:
3134         (JSC::Arguments::finishCreationAndCopyRegisters):
3135
3136 2011-11-02  Filip Pizlo  <fpizlo@apple.com>
3137
3138         ValueRecovery should be moved out of the DFG JIT
3139         https://bugs.webkit.org/show_bug.cgi?id=71439
3140
3141         Reviewed by Oliver Hunt.
3142
3143         * JavaScriptCore.xcodeproj/project.pbxproj:
3144         * bytecode/DataFormat.h: Added.
3145         (JSC::dataFormatToString):
3146         (JSC::needDataFormatConversion):
3147         (JSC::isJSFormat):
3148         (JSC::isJSInteger):
3149         (JSC::isJSDouble):
3150         (JSC::isJSCell):
3151         (JSC::isJSBoolean):
3152         * bytecode/ValueRecovery.h: Added.
3153         (JSC::ValueRecovery::ValueRecovery):
3154         (JSC::ValueRecovery::alreadyInRegisterFile):
3155         (JSC::ValueRecovery::alreadyInRegisterFileAsUnboxedInt32):
3156         (JSC::ValueRecovery::alreadyInRegisterFileAsUnboxedCell):
3157         (JSC::ValueRecovery::alreadyInRegisterFileAsUnboxedBoolean):
3158         (JSC::ValueRecovery::inGPR):
3159         (JSC::ValueRecovery::inPair):
3160         (JSC::ValueRecovery::inFPR):
3161         (JSC::ValueRecovery::displacedInRegisterFile):
3162         (JSC::ValueRecovery::constant):
3163         (JSC::ValueRecovery::technique):
3164         (JSC::ValueRecovery::isInRegisters):
3165         (JSC::ValueRecovery::gpr):
3166         (JSC::ValueRecovery::tagGPR):
3167         (JSC::ValueRecovery::payloadGPR):
3168         (JSC::ValueRecovery::fpr):
3169         (JSC::ValueRecovery::virtualRegister):
3170         (JSC::ValueRecovery::dump):
3171         * bytecode/VirtualRegister.h: Added.
3172         * dfg/DFGGenerationInfo.h:
3173         (JSC::DFG::GenerationInfo::isJSFormat):
3174         * dfg/DFGSpeculativeJIT.cpp:
3175         (JSC::DFG::ValueSource::dump):
3176         * dfg/DFGSpeculativeJIT.h:
3177         * dfg/DFGVariableAccessData.h:
3178
3179 2011-11-02  Sam Weinig  <sam@webkit.org>
3180
3181         Object.getOwnPropertyDescriptor() does not retrieve the getter/setter from a property on the window that has been overridden with a getter/setter
3182         https://bugs.webkit.org/show_bug.cgi?id=71333
3183
3184         Reviewed by Gavin Barraclough.
3185
3186         Tested by fast/dom/getter-on-window-object2.html
3187
3188         * runtime/PropertyDescriptor.cpp:
3189         (JSC::PropertyDescriptor::setDescriptor):
3190         The attributes returned from Structure::get do not include Getter or Setter, so
3191         instead check if the value is a GetterSetter like we do elsewhere. If it is, update
3192         the descriptor's attributes accordingly.
3193
3194 2011-11-02  Yuqiang Xian  <yuqiang.xian@intel.com>
3195
3196         FunctionPtr should accept FASTCALL functions on X86
3197         https://bugs.webkit.org/show_bug.cgi?id=71434
3198
3199         Reviewed by Filip Pizlo.
3200
3201         On X86 we sometimes use FASTCALL convention functions, for example the
3202         cti functions, and we may need the pointers to such functions, e.g.,
3203         in current DFG register file check and arity check, though long term
3204         we may avoid such usage of cti calls in DFG.
3205
3206         * assembler/MacroAssemblerCodeRef.h:
3207         (JSC::FunctionPtr::FunctionPtr):
3208
3209 2011-11-02  Filip Pizlo  <fpizlo@apple.com>
3210
3211         Inlined uses of the global object should use the right global object
3212         https://bugs.webkit.org/show_bug.cgi?id=71427
3213
3214         Reviewed by Oliver Hunt.
3215
3216         * dfg/DFGJITCompiler.h:
3217         (JSC::DFG::JITCompiler::globalObjectFor):
3218         * dfg/DFGSpeculativeJIT64.cpp:
3219         (JSC::DFG::SpeculativeJIT::compile):
3220
3221 2011-11-02  Yuqiang Xian  <yuqiang.xian@intel.com>
3222
3223         Remove some unnecessary loads/stores in DFG JIT 32_64
3224         https://bugs.webkit.org/show_bug.cgi?id=71090
3225
3226         Reviewed by Filip Pizlo.
3227
3228         In fillSpeculateCell and OSR exit, some unnecessary loads/stores can
3229         be eliminated.
3230
3231         * dfg/DFGJITCompiler32_64.cpp:
3232         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
3233         * dfg/DFGSpeculativeJIT32_64.cpp:
3234         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
3235
3236 2011-11-02  Adam Klein  <adamk@chromium.org>
3237
3238         Replace usage of StringImpl with String where possible in CharacterData and Text
3239         https://bugs.webkit.org/show_bug.cgi?id=71383
3240
3241         Reviewed by Darin Adler.
3242
3243         * wtf/text/WTFString.h:
3244         (WTF::String::containsOnlyWhitespace): Added new method.
3245
3246 2011-11-02  Mark Hahnenberg  <mhahnenberg@apple.com>
3247
3248         De-virtualize JSObject::getOwnPropertyNames
3249         https://bugs.webkit.org/show_bug.cgi?id=71307
3250
3251         Reviewed by Darin Adler.
3252
3253         Added getOwnPropertyNames to the MethodTable, changed all the virtual 
3254         implementations of getOwnPropertyNames to static ones, and replaced 
3255         all call sites with corresponding lookups in the MethodTable.
3256
3257         * API/JSCallbackObject.h:
3258         * API/JSCallbackObjectFunctions.h:
3259         (JSC::::getOwnPropertyNames):
3260         * JavaScriptCore.exp:
3261         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3262         * debugger/DebuggerActivation.cpp:
3263         (JSC::DebuggerActivation::getOwnPropertyNames):
3264         * debugger/DebuggerActivation.h:
3265         * runtime/Arguments.cpp:
3266         (JSC::Arguments::getOwnPropertyNames):
3267         * runtime/Arguments.h:
3268         * runtime/ClassInfo.h:
3269         * runtime/JSActivation.cpp:
3270         (JSC::JSActivation::getOwnPropertyNames):
3271         * runtime/JSActivation.h:
3272         * runtime/JSArray.cpp:
3273         (JSC::JSArray::getOwnPropertyNames):
3274         * runtime/JSArray.h:
3275         * runtime/JSByteArray.cpp:
3276         (JSC::JSByteArray::getOwnPropertyNames):
3277         * runtime/JSByteArray.h:
3278         * runtime/JSCell.cpp:
3279         (JSC::JSCell::getOwnPropertyNames):
3280         * runtime/JSCell.h:
3281         * runtime/JSFunction.cpp:
3282         (JSC::JSFunction::getOwnPropertyNames):
3283         * runtime/JSFunction.h:
3284         * runtime/JSNotAnObject.cpp:
3285         (JSC::JSNotAnObject::getOwnPropertyNames):
3286         * runtime/JSNotAnObject.h:
3287         * runtime/JSONObject.cpp:
3288         (JSC::Stringifier::Holder::appendNextProperty):
3289         (JSC::Walker::walk):
3290         * runtime/JSObject.cpp:
3291         (JSC::JSObject::getPropertyNames):
3292         (JSC::JSObject::getOwnPropertyNames):
3293         * runtime/JSObject.h:
3294         * runtime/JSVariableObject.cpp:
3295         (JSC::JSVariableObject::~JSVariableObject):
3296         (JSC::JSVariableObject::getOwnPropertyNames):
3297         * runtime/JSVariableObject.h:
3298         * runtime/ObjectConstructor.cpp:
3299         (JSC::objectConstructorGetOwnPropertyNames):
3300         (JSC::objectConstructorKeys):
3301         (JSC::defineProperties):
3302         * runtime/RegExpMatchesArray.h:
3303         (JSC::RegExpMatchesArray::getOwnPropertyNames):
3304         * runtime/StringObject.cpp:
3305         (JSC::StringObject::getOwnPropertyNames):
3306         * runtime/StringObject.h:
3307         * runtime/Structure.h:
3308
3309 2011-11-02  Dean Jackson  <dino@apple.com>
3310
3311         Add ENABLE_CSS_SHADERS flag
3312         https://bugs.webkit.org/show_bug.cgi?id=71394
3313
3314         Reviewed by Sam Weinig.
3315
3316         * Configurations/FeatureDefines.xcconfig:
3317
3318 2011-11-02  Alexey Shabalin  <a.shabalin@gmail.com>
3319
3320         TEXTREL in libjavascriptcoregtk-1.0.so.0.11.0 on x86 (or i586)
3321         https://bugs.webkit.org/show_bug.cgi?id=70610
3322
3323         Reviewed by Martin Robinson.
3324
3325         Properly annotate ASM on BSD and Linux x86 systems.
3326
3327         * dfg/DFGOperations.cpp: Add annotation for X86.
3328         * jit/JITStubs.cpp: Ditto.
3329         * jit/ThunkGenerators.cpp: Ditto.
3330
3331 2011-11-02  Xianzhu Wang  <wangxianzhu@chromium.org>
3332
3333         Missing Force8BitConstructor in 8-bit version of StringImpl::reallocate()
3334         https://bugs.webkit.org/show_bug.cgi?id=71347
3335
3336         Reviewed by Geoffrey Garen.
3337
3338         * wtf/text/StringImpl.cpp:
3339         (WTF::StringImpl::reallocate):
3340
3341 2011-11-01  Darin Adler  <darin@apple.com>
3342
3343         Cut down on malloc/free a bit in the parser arena
3344         https://bugs.webkit.org/show_bug.cgi?id=71343
3345
3346         Reviewed by Oliver Hunt.
3347
3348         * parser/ParserArena.cpp:
3349         (JSC::ParserArena::deallocateObjects): Call the destructors of
3350         the deletable objects before freeing the pools. Don't call
3351         fastFree on the deletable objects any more.
3352
3353         * parser/ParserArena.h:
3354         (JSC::ParserArena::allocateDeletable): Use allocateFreeable
3355         instead of fastMalloc here.
3356
3357 2011-11-01  Sam Weinig  <sam@webkit.org>
3358
3359         Implement __lookupGetter__/__lookupSetter__ in terms of getPropertyDescriptor
3360         https://bugs.webkit.org/show_bug.cgi?id=71336
3361
3362         Reviewed by Darin Adler.
3363
3364         * debugger/DebuggerActivation.cpp:
3365         * debugger/DebuggerActivation.h:
3366         Remove overrides of lookupGetter/lookupSetter, which are no longer needed
3367         due to implementing getPropertyDescriptor.
3368
3369         * runtime/JSObject.cpp:
3370         (JSC::JSObject::lookupGetter):
3371         (JSC::JSObject::lookupSetter):
3372         * runtime/JSObject.h:
3373         De-virtualize lookupGetter/lookupSetter, and implement them in terms of
3374         getPropertyDescriptor.
3375
3376 2011-11-01  Mark Hahnenberg  <mhahnenberg@apple.com>
3377
3378         De-virtualize JSObject::defineSetter
3379         https://bugs.webkit.org/show_bug.cgi?id=71303
3380
3381         Reviewed by Darin Adler.
3382
3383         Added defineSetter to the MethodTable, changed all the virtual 
3384         implementations of defineSetter to static ones, and replaced 
3385         all call sites with corresponding lookups in the MethodTable.
3386
3387         * JavaScriptCore.exp:
3388         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3389         * debugger/DebuggerActivation.cpp:
3390         (JSC::DebuggerActivation::defineSetter):
3391         * debugger/DebuggerActivation.h:
3392         * interpreter/Interpreter.cpp:
3393         (JSC::Interpreter::privateExecute):
3394         * jit/JITStubs.cpp:
3395         (JSC::DEFINE_STUB_FUNCTION):
3396         * runtime/ClassInfo.h:
3397         * runtime/JSCell.cpp:
3398         (JSC::JSCell::defineSetter):
3399         * runtime/JSCell.h:
3400         * runtime/JSGlobalObject.cpp:
3401         (JSC::JSGlobalObject::defineSetter):
3402         * runtime/JSGlobalObject.h:
3403         * runtime/JSObject.cpp:
3404         (JSC::JSObject::defineSetter):
3405         (JSC::putDescriptor):
3406         * runtime/JSObject.h:
3407         * runtime/ObjectPrototype.cpp:
3408         (JSC::objectProtoFuncDefineSetter):
3409
3410 2011-11-01  Filip Pizlo  <fpizlo@apple.com>
3411
3412         DFG inlining breaks function.arguments
3413         https://bugs.webkit.org/show_bug.cgi?id=71329
3414
3415         Reviewed by Oliver Hunt.
3416         
3417         The DFG was forgetting to store code origin mappings for inlined
3418         call sites. Some of the fast-path optimizations for
3419         CallFrame::trueCallerFrame() were wrong. An assertion in Arguments
3420         was wrong.
3421         
3422         I also took the opportunity to decrease code duplication between
3423         DFG64 and DFG32_64, because I didn't feel like writing the same
3424         code twice.
3425
3426         * bytecode/CodeBlock.h:
3427         (JSC::ExecState::isInlineCallFrame):
3428         * dfg/DFGJITCompiler.cpp:
3429         (JSC::DFG::JITCompiler::compileEntry):
3430         (JSC::DFG::JITCompiler::compileBody):
3431         (JSC::DFG::JITCompiler::link):
3432         (JSC::DFG::JITCompiler::compile):
3433         (JSC::DFG::JITCompiler::compileFunction):
3434         * dfg/DFGJITCompiler32_64.cpp:
3435         * dfg/DFGNode.h:
3436         * interpreter/CallFrame.cpp:
3437         (JSC::CallFrame::trueCallerFrame):
3438         * interpreter/CallFrame.h:
3439         * runtime/Arguments.h:
3440         (JSC::Arguments::getArgumentsData):
3441
3442 2011-11-01  Xianzhu Wang  <wangxianzhu@chromium.org>
3443
3444         StringImpl::reallocate() should have a 8-bit version
3445         https://bugs.webkit.org/show_bug.cgi?id=71210
3446
3447         Reviewed by Geoffrey Garen.
3448
3449         * wtf/text/StringImpl.cpp:
3450         (WTF::StringImpl::reallocate):
3451         * wtf/text/StringImpl.h:
3452
3453 2011-10-31  Filip Pizlo  <fpizlo@apple.com>
3454
3455         The GC should be parallel
3456         https://bugs.webkit.org/show_bug.cgi?id=70995
3457
3458         Reviewed by Geoff Garen.
3459         
3460         Added parallel tracing to the GC. This works by having local mark
3461         stacks per thread, and a global shared one. Threads sometimes
3462         donate cells from the mark stack to the global one if the heuristics
3463         tell them that it's affordable to do so. Threads that have depleted
3464         their local mark stacks try to steal some from the shared one.
3465
3466         Marking is now done using an atomic weak relaxed CAS (compare-and-swap).
3467         
3468         This is a 23% speed-up on V8-splay when I use 4 marking threads,
3469         leading to a 3.5% speed-up on V8.
3470         
3471         It also appears that this reduces GC pause times on real websites by
3472         more than half.
3473
3474         * JavaScriptCore.exp:
3475         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3476         * heap/Heap.cpp:
3477         (JSC::Heap::Heap):
3478         (JSC::Heap::~Heap):
3479         (JSC::Heap::markRoots):
3480         * heap/Heap.h:
3481         * heap/MarkStack.cpp:
3482         (JSC::MarkStackSegmentAllocator::MarkStackSegmentAllocator):
3483         (JSC::MarkStackSegmentAllocator::~MarkStackSegmentAllocator):
3484         (JSC::MarkStackSegmentAllocator::allocate):
3485         (JSC::MarkStackSegmentAllocator::release):
3486         (JSC::MarkStackSegmentAllocator::shrinkReserve):
3487         (JSC::MarkStackArray::MarkStackArray):
3488         (JSC::MarkStackArray::~MarkStackArray):
3489         (JSC::MarkStackArray::expand):
3490         (JSC::MarkStackArray::refill):
3491         (JSC::MarkStackArray::donateSomeCellsTo):
3492         (JSC::MarkStackArray::stealSomeCellsFrom):
3493         (JSC::MarkStackThreadSharedData::markingThreadMain):
3494         (JSC::MarkStackThreadSharedData::markingThreadStartFunc):
3495         (JSC::MarkStackThreadSharedData::MarkStackThreadSharedData):
3496         (JSC::MarkStackThreadSharedData::~MarkStackThreadSharedData):
3497         (JSC::MarkStackThreadSharedData::reset):
3498         (JSC::MarkStack::reset):
3499         (JSC::SlotVisitor::donateSlow):
3500         (JSC::SlotVisitor::drain):
3501         (JSC::SlotVisitor::drainFromShared):
3502         (JSC::MarkStack::mergeOpaqueRoots):
3503         (JSC::SlotVisitor::harvestWeakReferences):
3504         * heap/MarkStack.h:
3505         (JSC::MarkStackSegment::data):
3506         (JSC::MarkStackSegment::capacityFromSize):
3507         (JSC::MarkStackSegment::sizeFromCapacity):
3508         (JSC::MarkStackArray::postIncTop):
3509         (JSC::MarkStackArray::preDecTop):
3510         (JSC::MarkStackArray::setTopForFullSegment):
3511         (JSC::MarkStackArray::setTopForEmptySegment):
3512         (JSC::MarkStackArray::top):
3513         (JSC::MarkStackArray::validatePrevious):
3514         (JSC::MarkStack::addWeakReferenceHarvester):
3515         (JSC::MarkStack::mergeOpaqueRootsIfNecessary):
3516         (JSC::MarkStack::mergeOpaqueRootsIfProfitable):
3517         (JSC::MarkStack::MarkStack):
3518         (JSC::MarkStack::addOpaqueRoot):
3519         (JSC::MarkStack::containsOpaqueRoot):
3520         (JSC::MarkStack::opaqueRootCount):
3521         (JSC::MarkStackArray::append):
3522         (JSC::MarkStackArray::canRemoveLast):
3523         (JSC::MarkStackArray::removeLast):
3524         (JSC::MarkStackArray::isEmpty):
3525         (JSC::MarkStackArray::canDonateSomeCells):
3526         (JSC::MarkStackArray::size):
3527         (JSC::ParallelModeEnabler::ParallelModeEnabler):
3528         (JSC::ParallelModeEnabler::~ParallelModeEnabler):
3529         * heap/MarkedBlock.h:
3530         (JSC::MarkedBlock::testAndSetMarked):
3531         * heap/SlotVisitor.h:
3532         (JSC::SlotVisitor::donate):
3533         (JSC::SlotVisitor::donateAndDrain):
3534         (JSC::SlotVisitor::donateKnownParallel):
3535         (JSC::SlotVisitor::SlotVisitor):
3536         * heap/WeakReferenceHarvester.h:
3537         * runtime/Heuristics.cpp:
3538         (JSC::Heuristics::initializeHeuristics):
3539         * runtime/Heuristics.h:
3540         * wtf/Atomics.h:
3541         (WTF::weakCompareAndSwap):
3542         * wtf/Bitmap.h:
3543         (WTF::::Bitmap):
3544         (WTF::::get):
3545         (WTF::::set):
3546         (WTF::::testAndSet):
3547         (WTF::::testAndClear):
3548         (WTF::::concurrentTestAndSet):
3549         (WTF::::concurrentTestAndClear):
3550         (WTF::::clear):
3551         (WTF::::clearAll):
3552         (WTF::::nextPossiblyUnset):
3553         (WTF::::findRunOfZeros):
3554         (WTF::::count):
3555         (WTF::::isEmpty):
3556         (WTF::::isFull):
3557         * wtf/MainThread.h:
3558         (WTF::isMainThreadOrGCThread):
3559         * wtf/Platform.h:
3560         * wtf/ThreadSpecific.h:
3561         (WTF::::isSet):
3562         * wtf/mac/MainThreadMac.mm:
3563         (WTF::initializeGCThreads):
3564         (WTF::initializeMainThreadPlatform):
3565         (WTF::initializeMainThreadToProcessMainThreadPlatform):
3566         (WTF::registerGCThread):
3567         (WTF::isMainThreadOrGCThread):
3568
3569 2011-10-31  Mark Hahnenberg  <mhahnenberg@apple.com>
3570
3571         De-virtualize JSObject::defaultValue
3572         https://bugs.webkit.org/show_bug.cgi?id=71146
3573
3574         Reviewed by Sam Weinig.
3575
3576         Added defaultValue to the MethodTable.  Replaced all virtual versions of 
3577         defaultValue with static versions.  Replaced all call sites with lookups in the 
3578         MethodTable.
3579
3580         * JavaScriptCore.exp:
3581         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3582         * runtime/ClassInfo.h:
3583         * runtime/ExceptionHelpers.cpp:
3584         (JSC::InterruptedExecutionError::defaultValue):
3585         (JSC::TerminatedExecutionError::defaultValue):
3586         * runtime/ExceptionHelpers.h:
3587         * runtime/JSCell.cpp:
3588         (JSC::JSCell::defaultValue):
3589         * runtime/JSCell.h:
3590         * runtime/JSNotAnObject.cpp:
3591         (JSC::JSNotAnObject::defaultValue):
3592         * runtime/JSNotAnObject.h:
3593         * runtime/JSObject.cpp:
3594         (JSC::JSObject::getPrimitiveNumber):
3595         (JSC::JSObject::defaultValue):
3596         * runtime/JSObject.h:
3597         (JSC::JSObject::toPrimitive):
3598
3599 2011-10-31  Mark Hahnenberg  <mhahnenberg@apple.com>
3600
3601         Interpreter build fix
3602
3603         Unreviewed build fix
3604
3605         * interpreter/Interpreter.cpp:
3606         (JSC::Interpreter::privateExecute):
3607         * runtime/Executable.cpp:
3608         (JSC::FunctionExecutable::compileForCallInternal):
3609         (JSC::FunctionExecutable::compileForConstructInternal):
3610
3611 2011-10-31  Filip Pizlo  <fpizlo@apple.com>
3612
3613         DFG OSR exits should add to value profiles
3614         https://bugs.webkit.org/show_bug.cgi?id=71202
3615
3616         Reviewed by Oliver Hunt.
3617         
3618         Value profiles now have an extra special slot not used by the old JIT's
3619         profiling, which is reserved for OSR exits.
3620         
3621         The DFG's OSR exit code now knows which register, node index, and value
3622         profiling site was responsible for the (possibly flawed) information that
3623         led to the OSR failure. This is somewhat opportunistic and imperfect;
3624         if there's a lot of control flow between the value profiling site and the
3625         OSR failure point, then this mechanism simply gives up. It also gives up
3626         if the OSR failure is caused by either known deficiencies in the DFG
3627         (like that we always assume that the index in a strict charCodeAt access
3628         is within bounds) or where the OSR failure would be catalogues and
3629         profiled through other means (like slow case counters).
3630         
3631         This patch also adds the notion of a JSValueRegs, which is either a
3632         single register in JSVALUE64 or a pair in JSVALUE32_64. We should
3633         probably move the 32_64 DFG towards using this, since it often makes it
3634         easier to share code between 64 and 32_64.
3635         
3636         Also fixed a number of pathologies that this uncovered. op_method_check 
3637         didn't have a value profiling site on the slow path. GetById should not
3638         always force OSR exit if it never executed in the old JIT; we may be
3639         able to infer its type if it's a array or string length get. Finally,
3640         these changes benefit from a slight tweak to optimization delay
3641         heuristics (profile fullness is now 0.35 instead of 0.25).
3642         
3643         3.8% speed-up on Kraken, mostly due to ~35% on both stanford-crypto-aes
3644         and imaging-darkroom.
3645
3646         * bytecode/ValueProfile.cpp:
3647         (JSC::ValueProfile::computeStatistics):
3648         (JSC::ValueProfile::computeUpdatedPrediction):
3649         * bytecode/ValueProfile.h:
3650         (JSC::ValueProfile::ValueProfile):
3651         (JSC::ValueProfile::specFailBucket):
3652         (JSC::ValueProfile::numberOfSamples):
3653         (JSC::ValueProfile::isLive):
3654         (JSC::ValueProfile::numberOfInt32s):
3655         (JSC::ValueProfile::numberOfDoubles):
3656         (JSC::ValueProfile::numberOfCells):
3657         (JSC::ValueProfile::numberOfObjects):
3658         (JSC::ValueProfile::numberOfFinalObjects):
3659         (JSC::ValueProfile::numberOfStrings):
3660         (JSC::ValueProfile::numberOfArrays):
3661         (JSC::ValueProfile::numberOfBooleans):
3662         (JSC::ValueProfile::dump):
3663         * dfg/DFGAbstractState.cpp:
3664         (JSC::DFG::AbstractState::execute):
3665         * dfg/DFGByteCodeParser.cpp:
3666         (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
3667         (JSC::DFG::ByteCodeParser::getPrediction):
3668         (JSC::DFG::ByteCodeParser::parseBlock):
3669         * dfg/DFGGPRInfo.h:
3670         (JSC::DFG::JSValueRegs::JSValueRegs):
3671         (JSC::DFG::JSValueRegs::operator!):
3672         (JSC::DFG::JSValueRegs::gpr):
3673         (JSC::DFG::JSValueSource::JSValueSource):
3674         (JSC::DFG::JSValueSource::unboxedCell):
3675         (JSC::DFG::JSValueSource::operator!):
3676         (JSC::DFG::JSValueSource::isAddress):
3677         (JSC::DFG::JSValueSource::offset):
3678         (JSC::DFG::JSValueSource::base):
3679         (JSC::DFG::JSValueSource::gpr):
3680         (JSC::DFG::JSValueSource::asAddress):
3681         (JSC::DFG::JSValueSource::notAddress):
3682         (JSC::DFG::JSValueRegs::tagGPR):
3683         (JSC::DFG::JSValueRegs::payloadGPR):
3684         (JSC::DFG::JSValueSource::tagGPR):
3685         (JSC::DFG::JSValueSource::payloadGPR):
3686         (JSC::DFG::JSValueSource::hasKnownTag):
3687         (JSC::DFG::JSValueSource::tag):
3688         * dfg/DFGGenerationInfo.h:
3689         (JSC::DFG::GenerationInfo::jsValueRegs):
3690         * dfg/DFGGraph.h:
3691         (JSC::DFG::Graph::valueProfileFor):
3692         * dfg/DFGJITCodeGenerator.h:
3693         (JSC::JSValueOperand::jsValueRegs):
3694         * dfg/DFGJITCompiler.cpp:
3695         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
3696         * dfg/DFGJITCompiler.h:
3697         (JSC::DFG::JITCompiler::valueProfileFor):
3698         * dfg/DFGJITCompiler32_64.cpp:
3699         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
3700         * dfg/DFGPropagator.cpp:
3701         (JSC::DFG::Propagator::propagateNodePredictions):
3702         * dfg/DFGSpeculativeJIT.cpp:
3703         (JSC::DFG::OSRExit::OSRExit):
3704         (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectEquality):
3705         (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
3706         (JSC::DFG::SpeculativeJIT::compileGetCharCodeAt):
3707         (JSC::DFG::SpeculativeJIT::compileGetByValOnString):
3708         (JSC::DFG::SpeculativeJIT::compilePutByValForByteArray):
3709         (JSC::DFG::SpeculativeJIT::compileGetByValOnByteArray):
3710         * dfg/DFGSpeculativeJIT.h:
3711         (JSC::DFG::SpeculativeJIT::speculationCheck):
3712         (JSC::DFG::SpeculativeJIT::terminateSpeculativeExecution):
3713         * dfg/DFGSpeculativeJIT32_64.cpp:
3714         (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
3715         (JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
3716         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
3717         (JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
3718         (JSC::DFG::SpeculativeJIT::compileObjectEquality):
3719         (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
3720         (JSC::DFG::SpeculativeJIT::compileLogicalNot):
3721         (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
3722         (JSC::DFG::SpeculativeJIT::compile):
3723         * dfg/DFGSpeculativeJIT64.cpp:
3724         (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
3725         (JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
3726         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
3727         (JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
3728         (JSC::DFG::SpeculativeJIT::compileObjectEquality):
3729         (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
3730         (JSC::DFG::SpeculativeJIT::compileLogicalNot):
3731         (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
3732         (JSC::DFG::SpeculativeJIT::emitBranch):
3733         (JSC::DFG::SpeculativeJIT::compile):
3734         * jit/JITPropertyAccess.cpp:
3735         (JSC::JIT::emitSlow_op_method_check):
3736         * jit/JITPropertyAccess32_64.cpp:
3737         (JSC::JIT::emitSlow_op_method_check):
3738         * runtime/Heuristics.cpp:
3739         (JSC::Heuristics::initializeHeuristics):
3740         * runtime/JSValue.h:
3741
3742 2011-10-31  Sam Weinig  <sam@webkit.org>
3743
3744         Remove need for virtual JSObject::unwrappedObject
3745         https://bugs.webkit.org/show_bug.cgi?id=71034
3746
3747         Reviewed by Geoffrey Garen.
3748
3749         * JavaScriptCore.exp:
3750         Update exports.
3751
3752         * CMakeLists.txt:
3753         * GNUmakefile.list.am:
3754         * JavaScriptCore.exp:
3755         * JavaScriptCore.gypi:
3756         * JavaScriptCore.pro:
3757         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3758         * JavaScriptCore.xcodeproj/project.pbxproj:
3759         Add JSGlobalThis.cpp.
3760
3761         * runtime/JSGlobalThis.cpp: Added.
3762         (JSC::JSGlobalThis::visitChildren):
3763         (JSC::JSGlobalThis::unwrappedObject):
3764         * runtime/JSGlobalThis.h:
3765         (JSC::JSGlobalThis::createStructure):
3766         Move underlying object from JSDOMWindowShell down to JSGlobalThis
3767         and corresponding visitChildren method.
3768
3769         * runtime/JSObject.cpp:
3770         (JSC::JSObject::unwrappedObject):
3771         Change unwrappedObject from virtual, to just needing an if check.
3772
3773         * runtime/JSObject.h:
3774         (JSC::JSObject::isGlobalThis):
3775         * runtime/JSType.h:
3776         Add isGlobalThis predicate and type.
3777
3778 2011-10-31  Xianzhu Wang  <wangxianzhu@chromium.org>
3779
3780         WTF::StringImpl::create(const char*, unsigned) calls itself
3781         https://bugs.webkit.org/show_bug.cgi?id=71206
3782
3783         The original implementation just calls itself, causing infinite recursion.
3784         Cast the first parameter to const LChar* to fix that.
3785
3786         Reviewed by Ryosuke Niwa.
3787
3788         * wtf/text/StringImpl.h:
3789         (WTF::StringImpl::create):
3790
3791 2011-10-31  Andy Wingo  <wingo@igalia.com>
3792
3793         Fix DFG JIT compilation on Linux targets.
3794         https://bugs.webkit.org/show_bug.cgi?id=70904
3795
3796         Reviewed by Darin Adler.
3797
3798         * jit/JITStubs.cpp (SYMBOL_STRING_RELOCATION): Simplify this
3799         macro.
3800
3801         * dfg/DFGOperations.cpp (SYMBOL_STRING_RELOCATION): Copy the
3802         simplified definition from jit/JITStubs.cpp.
3803         (FUNCTION_WRAPPER_WITH_RETURN_ADDRESS, getHostCallReturnValue):
3804         Use the macro to access trampoline targets through the PLT on PIC
3805         systems, instead of introducing a text relocation.  Otherwise, the
3806         library fails to link.
3807
3808 2011-10-31  Mark Hahnenberg  <mhahnenberg@apple.com>
3809
3810         De-virtualize JSObject::defineGetter
3811         https://bugs.webkit.org/show_bug.cgi?id=71134
3812
3813         Reviewed by Darin Adler.
3814
3815         Added defineGetter to the MethodTable.  Replaced all virtual versions of defineGetter
3816         with static versions.  Replaced all call sites with lookups in the MethodTable.
3817
3818         * JavaScriptCore.exp:
3819         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3820         * debugger/DebuggerActivation.cpp:
3821         (JSC::DebuggerActivation::defineGetter):
3822         * debugger/DebuggerActivation.h:
3823         * interpreter/Interpreter.cpp:
3824         (JSC::Interpreter::privateExecute):
3825         * jit/JITStubs.cpp:
3826         (JSC::DEFINE_STUB_FUNCTION):
3827         * runtime/ClassInfo.h:
3828         * runtime/JSCell.cpp:
3829         (JSC::JSCell::defineGetter):
3830         * runtime/JSCell.h:
3831         * runtime/JSGlobalObject.cpp:
3832         (JSC::JSGlobalObject::defineGetter):
3833         * runtime/JSGlobalObject.h:
3834         * runtime/JSObject.cpp:
3835         (JSC::JSObject::defineGetter):
3836         (JSC::putDescriptor):
3837         * runtime/JSObject.h:
3838         * runtime/ObjectPrototype.cpp:
3839         (JSC::objectProtoFuncDefineGetter):
3840
3841 2011-10-31  Michael Saboff  <msaboff@apple.com>
3842
3843         Towards 8-bit Strings: Move Lexer and Parser Objects out of JSGlobalData
3844         https://bugs.webkit.org/show_bug.cgi?id=71138
3845
3846         Restructure and movement of Lexer and Parser code.
3847         Moved Lexer and Parser objects out of JSGlobalData.
3848         Added a new ParserTokens class and instance to JSGlobalData that
3849         have JavaScript token related definitions.
3850         Replaced JSGlobalData arguments to Node classes with lineNumber,
3851         as that was the only use of the JSGlobalData.
3852         Combined JSParser and Parser classes into one class,
3853         eliminating JSParser.h and .cpp.
3854         Various supporting #include changes.
3855
3856         These mostly mechanical changes are done in preparation to
3857         making the Lexer and Parser template classes.
3858
3859         Reviewed by Darin Adler.
3860
3861         * CMakeLists.txt:
3862         * GNUmakefile.list.am:
3863         * JavaScriptCore.gypi:
3864         * JavaScriptCore.pro:
3865         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3866         * JavaScriptCore.xcodeproj/project.pbxproj:
3867         * bytecompiler/NodesCodegen.cpp:
3868         (JSC::ArrayNode::toArgumentList):
3869         (JSC::ApplyFunctionCallDotNode::emitBytecode):
3870         * parser/ASTBuilder.h:
3871         (JSC::ASTBuilder::ASTBuilder):
3872         (JSC::ASTBuilder::createSourceElements):
3873         (JSC::ASTBuilder::createCommaExpr):
3874         (JSC::ASTBuilder::createLogicalNot):
3875         (JSC::ASTBuilder::createUnaryPlus):
3876         (JSC::ASTBuilder::createVoid):
3877         (JSC::ASTBuilder::thisExpr):
3878         (JSC::ASTBuilder::createResolve):
3879         (JSC::ASTBuilder::createObjectLiteral):
3880         (JSC::ASTBuilder::createArray):
3881         (JSC::ASTBuilder::createNumberExpr):
3882         (JSC::ASTBuilder::createString):
3883         (JSC::ASTBuilder::createBoolean):
3884         (JSC::ASTBuilder::createNull):
3885         (JSC::ASTBuilder::createBracketAccess):
3886         (JSC::ASTBuilder::createDotAccess):
3887         (JSC::ASTBuilder::createRegExp):
3888         (JSC::ASTBuilder::createNewExpr):
3889         (JSC::ASTBuilder::createConditionalExpr):
3890         (JSC::ASTBuilder::createAssignResolve):
3891         (JSC::ASTBuilder::createFunctionExpr):
3892         (JSC::ASTBuilder::createFunctionBody):
3893         (JSC::ASTBuilder::createGetterOrSetterProperty):
3894         (JSC::ASTBuilder::createArguments):
3895         (JSC::ASTBuilder::createArgumentsList):
3896         (JSC::ASTBuilder::createPropertyList):
3897         (JSC::ASTBuilder::createElementList):
3898         (JSC::ASTBuilder::createFormalParameterList):
3899         (JSC::ASTBuilder::createClause):
3900         (JSC::ASTBuilder::createClauseList):
3901         (JSC::ASTBuilder::createFuncDeclStatement):
3902         (JSC::ASTBuilder::createBlockStatement):
3903         (JSC::ASTBuilder::createExprStatement):
3904         (JSC::ASTBuilder::createIfStatement):
3905         (JSC::ASTBuilder::createForLoop):
3906         (JSC::ASTBuilder::createForInLoop):
3907         (JSC::ASTBuilder::createEmptyStatement):
3908         (JSC::ASTBuilder::createVarStatement):
3909         (JSC::ASTBuilder::createReturnStatement):
3910         (JSC::ASTBuilder::createBreakStatement):
3911         (JSC::ASTBuilder::createContinueStatement):
3912         (JSC::ASTBuilder::createTryStatement):
3913         (JSC::ASTBuilder::createSwitchStatement):
3914         (JSC::ASTBuilder::createWhileStatement):
3915         (JSC::ASTBuilder::createDoWhileStatement):
3916         (JSC::ASTBuilder::createLabelStatement):
3917         (JSC::ASTBuilder::createWithStatement):
3918         (JSC::ASTBuilder::createThrowStatement):
3919         (JSC::ASTBuilder::createDebugger):
3920         (JSC::ASTBuilder::createConstStatement):
3921         (JSC::ASTBuilder::appendConstDecl):
3922         (JSC::ASTBuilder::combineCommaNodes):
3923         (JSC::ASTBuilder::appendBinaryOperation):
3924         (JSC::ASTBuilder::createAssignment):
3925         (JSC::ASTBuilder::createNumber):
3926         (JSC::ASTBuilder::makeTypeOfNode):
3927         (JSC::ASTBuilder::makeDeleteNode):
3928         (JSC::ASTBuilder::makeNegateNode):
3929         (JSC::ASTBuilder::makeBitwiseNotNode):
3930         (JSC::ASTBuilder::makeMultNode):
3931         (JSC::ASTBuilder::makeDivNode):
3932         (JSC::ASTBuilder::makeModNode):
3933         (JSC::ASTBuilder::makeAddNode):
3934         (JSC::ASTBuilder::makeSubNode):
3935         (JSC::ASTBuilder::makeLeftShiftNode):
3936         (JSC::ASTBuilder::makeRightShiftNode):
3937         (JSC::ASTBuilder::makeURightShiftNode):
3938         (JSC::ASTBuilder::makeBitOrNode):
3939         (JSC::ASTBuilder::makeBitAndNode):
3940         (JSC::ASTBuilder::makeBitXOrNode):
3941         (JSC::ASTBuilder::makeFunctionCallNode):
3942         (JSC::ASTBuilder::makeBinaryNode):
3943         (JSC::ASTBuilder::makeAssignNode):
3944         (JSC::ASTBuilder::makePrefixNode):
3945         (JSC::ASTBuilder::makePostfixNode):
3946         * parser/JSParser.cpp: Removed.
3947         * parser/JSParser.h: Removed.
3948         * parser/Lexer.cpp:
3949         (JSC::Keywords::Keywords):
3950         (JSC::Lexer::Lexer):
3951         (JSC::Lexer::~Lexer):
3952         (JSC::Lexer::setCode):
3953         (JSC::Lexer::parseIdentifier):
3954         * parser/Lexer.h:
3955         (JSC::Keywords::isKeyword):
3956         (JSC::Keywords::getKeyword):
3957         (JSC::Keywords::~Keywords):
3958         (JSC::Lexer::setIsReparsing):
3959         (JSC::Lexer::isReparsing):
3960         (JSC::Lexer::lineNumber):
3961         (JSC::Lexer::setLastLineNumber):
3962         (JSC::Lexer::lastLineNumber):
3963         (JSC::Lexer::prevTerminator):
3964         (JSC::Lexer::sawError):
3965         (JSC::Lexer::getErrorMessage):
3966         (JSC::Lexer::currentOffset):
3967         (JSC::Lexer::setOffset):
3968         (JSC::Lexer::setLineNumber):
3969         (JSC::Lexer::sourceProvider):
3970         (JSC::Lexer::isWhiteSpace):
3971         (JSC::Lexer::isLineTerminator):
3972         (JSC::Lexer::convertHex):
3973         (JSC::Lexer::convertUnicode):
3974         (JSC::Lexer::makeIdentifier):
3975         (JSC::Lexer::lexExpectIdentifier):
3976         * parser/NodeConstructors.h:
3977         (JSC::ParserArenaFreeable::operator new):
3978         (JSC::ParserArenaDeletable::operator new):
3979         (JSC::ParserArenaRefCounted::ParserArenaRefCounted):
3980         (JSC::Node::Node):
3981         (JSC::ExpressionNode::ExpressionNode):
3982         (JSC::StatementNode::StatementNode):
3983         (JSC::NullNode::NullNode):
3984         (JSC::BooleanNode::BooleanNode):
3985         (JSC::NumberNode::NumberNode):
3986         (JSC::StringNode::StringNode):
3987         (JSC::RegExpNode::RegExpNode):
3988         (JSC::ThisNode::ThisNode):
3989         (JSC::ResolveNode::ResolveNode):
3990         (JSC::ElementNode::ElementNode):
3991         (JSC::ArrayNode::ArrayNode):
3992         (JSC::PropertyNode::PropertyNode):
3993         (JSC::PropertyListNode::PropertyListNode):
3994         (JSC::ObjectLiteralNode::ObjectLiteralNode):
3995         (JSC::BracketAccessorNode::BracketAccessorNode):
3996         (JSC::DotAccessorNode::DotAccessorNode):
3997         (JSC::ArgumentListNode::ArgumentListNode):
3998         (JSC::ArgumentsNode::ArgumentsNode):
3999         (JSC::NewExprNode::NewExprNode):
4000         (JSC::EvalFunctionCallNode::EvalFunctionCallNode):
4001         (JSC::FunctionCallValueNode::FunctionCallValueNode):
4002         (JSC::FunctionCallResolveNode::FunctionCallResolveNode):
4003         (JSC::FunctionCallBracketNode::FunctionCallBracketNode):
4004         (JSC::FunctionCallDotNode::FunctionCallDotNode):
4005         (JSC::CallFunctionCallDotNode::CallFunctionCallDotNode):
4006         (JSC::ApplyFunctionCallDotNode::ApplyFunctionCallDotNode):