Writable attribute not set correctly when redefining an accessor to a data descriptor
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2012-02-29  Gavin Barraclough  <barraclough@apple.com>
2
3         Writable attribute not set correctly when redefining an accessor to a data descriptor
4         https://bugs.webkit.org/show_bug.cgi?id=79931
5
6         Reviewed by Oliver Hunt.
7
8         * runtime/JSObject.cpp:
9         (JSC::JSObject::defineOwnProperty):
10             - use attributesOverridingCurrent instead of attributesWithOverride.
11         * runtime/PropertyDescriptor.cpp:
12         * runtime/PropertyDescriptor.h:
13             - remove attributesWithOverride - attributesOverridingCurrent does the same thing.
14
15 2012-02-29  Kevin Ollivier  <kevino@theolliviers.com>
16
17         Add JSCore symbol exports needed by wx port
18         https://bugs.webkit.org/show_bug.cgi?id=77280
19
20         Reviewed by Hajime Morita.
21
22         * wtf/ArrayBufferView.h:
23         * wtf/ExportMacros.h:
24
25 2012-02-28  Raphael Kubo da Costa  <kubo@profusion.mobi>
26
27         [CMake] Always build wtf as a static library.
28         https://bugs.webkit.org/show_bug.cgi?id=79857
29
30         Reviewed by Eric Seidel.
31
32         To help the efforts in bug 75673 to move WTF out of
33         JavaScriptCore, act more like the other ports and remove the
34         possibility of building WTF as a shared library.
35
36         It does not make much sense to, for example, ship WTF as a
37         separate .so with webkit-efl packages, and it should be small
38         enough not to cause problems during linking.
39
40         * wtf/CMakeLists.txt:
41
42 2012-02-28  Dmitry Lomov  <dslomov@google.com>
43
44         [JSC] Implement ArrayBuffer transfer
45         https://bugs.webkit.org/show_bug.cgi?id=73493.
46         Implement ArrayBuffer transfer, per Khronos spec:  http://www.khronos.org/registry/typedarray/specs/latest/#9.
47         This brings parity with V8 implementation of transferable typed arrays.
48
49         Reviewed by Oliver Hunt.
50
51         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Extra export.
52         * wtf/ArrayBuffer.h:
53         (ArrayBuffer): Added extra export.
54
55 2012-02-28  Kevin Ollivier  <kevino@theolliviers.com>
56
57         [wx] Unreviewed. Build fix after recent LLInt additions.
58         
59         * wscript:
60
61 2012-02-28  Mark Hahnenberg  <mhahnenberg@apple.com>
62
63         Refactor SpeculativeJIT::emitAllocateJSFinalObject
64         https://bugs.webkit.org/show_bug.cgi?id=79801
65
66         Reviewed by Filip Pizlo.
67
68         * dfg/DFGSpeculativeJIT.h:
69         (JSC::DFG::SpeculativeJIT::emitAllocateBasicJSObject): Split emitAllocateJSFinalObject out to form this
70         function, which is more generic in that it can allocate a variety of classes.
71         (SpeculativeJIT):
72         (JSC::DFG::SpeculativeJIT::emitAllocateJSFinalObject): Changed to use the new helper function.
73
74 2012-02-28  Gavin Barraclough  <barraclough@apple.com>
75
76         [[Get]]/[[Put]] for primitives should not wrap on strict accessor call
77         https://bugs.webkit.org/show_bug.cgi?id=79588
78
79         Reviewed by Oliver Hunt.
80
81         In the case of [[Get]], this is a pretty trivial bug - just don't wrap
82         primitives at the point you call a getter.
83
84         For setters, this is a little more involved, since we have already wrapped
85         the value up in a synthesized object. Stop doing so. There is also a further
86         subtely, that in strict mode all attempts to create a new data property on
87         the object should throw.
88
89         * runtime/JSCell.cpp:
90         (JSC::JSCell::put):
91             - [[Put]] to a string primitive should use JSValue::putToPrimitive.
92         * runtime/JSObject.cpp:
93         (JSC::JSObject::put):
94             - Remove static function called in one place.
95         * runtime/JSObject.h:
96         (JSC::JSValue::put):
97             - [[Put]] to a non-cell JSValue should use JSValue::putToPrimitive.
98         * runtime/JSValue.cpp:
99         (JSC::JSValue::synthesizePrototype):
100             - Add support for synthesizing the prototype of strings.
101         (JSC::JSValue::putToPrimitive):
102             - Added, implements [[Put]] for primitive bases, per 8.7.2.
103         * runtime/JSValue.h:
104         (JSValue):
105             - Add declaration for JSValue::putToPrimitive.
106         * runtime/PropertySlot.cpp:
107         (JSC::PropertySlot::functionGetter):
108             - Don't call ToObject on primitive this values.
109
110 2012-02-28  Mark Hahnenberg  <mhahnenberg@apple.com>
111
112         Re-enable parallel GC on Mac
113         https://bugs.webkit.org/show_bug.cgi?id=79837
114
115         Rubber stamped by Filip Pizlo.
116
117         * runtime/Options.cpp:
118         (JSC::Options::initializeOptions): We accidentally disabled parallel GC with this line,
119         so we removed it and things should go back to normal.
120
121 2012-02-28  Filip Pizlo  <fpizlo@apple.com>
122
123         Some run-javascriptcore-tests broken for 32-bit debug
124         https://bugs.webkit.org/show_bug.cgi?id=79844
125
126         Rubber stamped by Oliver Hunt.
127         
128         These assertions are just plain wrong for 32-bit. We could either have a massive
129         assertion that depends on value representation, that has to be changed every
130         time we change the JITs, resulting in a bug tail of debug-mode crashes, or we
131         could get rid of the assertions. I pick the latter.
132
133         * dfg/DFGOperations.cpp:
134         * jit/JITStubs.cpp:
135         (JSC::DEFINE_STUB_FUNCTION):
136
137 2012-02-28  Mark Hahnenberg  <mhahnenberg@apple.com>
138
139         Get rid of padding cruft in CopiedBlock
140         https://bugs.webkit.org/show_bug.cgi?id=79686
141
142         Reviewed by Filip Pizlo.
143
144         * heap/CopiedBlock.h:
145         (CopiedBlock): Removed the extra padding that was used for alignment purposes until 
146         the calculation of the payload offset into CopiedBlocks was redone recently.
147
148 2012-02-28  Anders Carlsson  <andersca@apple.com>
149
150         Fix build with newer versions of clang.
151
152         Clang now warns since we're not passing a CFString literal to CFStringCreateWithFormatAndArguments,
153         but it's OK to ignore this warning since clang is also checking that the caller (vprintf_stderr_common)
154         takes a string literal.
155
156         * wtf/Assertions.cpp:
157
158 2012-02-28  Mario Sanchez Prada  <msanchez@igalia.com>
159
160         [GTK] Add GMainLoop and GMainContext to be handled by GRefPtr
161         https://bugs.webkit.org/show_bug.cgi?id=79496
162
163         Reviewed by Martin Robinson.
164
165         Handle GMainLoop and GMainContext in GRefPtr, by calling
166         g_main_loop_(un)ref and g_main_context_(un)ref in the
167         implementation of the refGPtr and derefGPtr template functions.
168
169         * wtf/gobject/GRefPtr.cpp:
170         (WTF::refGPtr):
171         (WTF):
172         (WTF::derefGPtr):
173         * wtf/gobject/GRefPtr.h:
174         (WTF):
175         * wtf/gobject/GTypedefs.h:
176
177 2012-02-28  Yong Li  <yoli@rim.com>
178
179         JSString::resolveRope() should report extra memory cost to the heap.
180         https://bugs.webkit.org/show_bug.cgi?id=79555
181
182         Reviewed by Michael Saboff.
183
184         At the time a JSString is constructed with fibers, it doesn't report
185         extra memory cost, which is reasonable because it hasn't allocate
186         new memory. However when the rope is resolved, it should report meory
187         cost for the new buffer.
188
189         * runtime/JSString.cpp:
190         (JSC::JSString::resolveRope):
191
192 2012-02-27  Oliver Hunt  <oliver@apple.com>
193
194         sputnik/Unicode/Unicode_500/S7.2_A1.6_T1.html crashes in the interpreter
195         https://bugs.webkit.org/show_bug.cgi?id=79728
196
197         Reviewed by Gavin Barraclough.
198
199         When initialising a chained get instruction we may end up in a state where
200         the instruction stream says we have a scopechain, but it has not yet been set
201         (eg. if allocating the StructureChain itself is what leads to the GC).  We could
202         re-order the allocation, but it occurs in a couple of places, so it seems less
203         fragile simply to null check the scopechain slot before we actually visit the slot.
204
205         * bytecode/CodeBlock.cpp:
206         (JSC::CodeBlock::visitStructures):
207
208 2012-02-27  Filip Pizlo  <fpizlo@apple.com>
209
210         Old JIT's style of JSVALUE64 strict equality is subtly wrong
211         https://bugs.webkit.org/show_bug.cgi?id=79700
212
213         Reviewed by Oliver Hunt.
214
215         * assembler/MacroAssemblerX86_64.h:
216         (JSC::MacroAssemblerX86_64::comparePtr):
217         (MacroAssemblerX86_64):
218         * dfg/DFGOperations.cpp:
219         * dfg/DFGSpeculativeJIT.cpp:
220         (JSC::DFG::SpeculativeJIT::nonSpeculativeStrictEq):
221         * dfg/DFGSpeculativeJIT64.cpp:
222         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
223         (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeStrictEq):
224         * jit/JITOpcodes.cpp:
225         (JSC::JIT::compileOpStrictEq):
226         (JSC::JIT::emitSlow_op_stricteq):
227         (JSC::JIT::emitSlow_op_nstricteq):
228         * jit/JITStubs.cpp:
229         (JSC::DEFINE_STUB_FUNCTION):
230
231 2012-02-27  Gavin Barraclough  <barraclough@apple.com>
232
233         Implement support for op_negate and op_bitnot in the DFG JIT
234         https://bugs.webkit.org/show_bug.cgi?id=79617
235
236         Reviewed by Filip Pizlo.
237
238         Add an ArithNegate op to the DFG JIT, to implement op_negate.
239
240         This patch also adds support for op_negate to the JSVALUE64 baseline JIT
241         (JSVALUE32_64 already had this), so that we can profile the slowpath usage.
242
243         This is a 2.5%-3% Sunspider progression and a 1% win on Kraken.
244
245         * assembler/ARMv7Assembler.h:
246         (JSC::ARMv7Assembler::sub_S):
247             - Added sub_S from immediate.
248         (ARMv7Assembler):
249         (JSC::ARMv7Assembler::vneg):
250             - Added double negate.
251         * assembler/MacroAssemblerARMv7.h:
252         (JSC::MacroAssemblerARMv7::negateDouble):
253             - Added double negate.
254         (MacroAssemblerARMv7):
255         (JSC::MacroAssemblerARMv7::branchNeg32):
256             - Added.
257         * assembler/MacroAssemblerX86.h:
258         (MacroAssemblerX86):
259             - moved loadDouble, absDouble to common.
260         * assembler/MacroAssemblerX86Common.h:
261         (MacroAssemblerX86Common):
262         (JSC::MacroAssemblerX86Common::absDouble):
263             - implementation can be shared.
264         (JSC::MacroAssemblerX86Common::negateDouble):
265             - Added.
266         (JSC::MacroAssemblerX86Common::loadDouble):
267             - allow absDouble to have a common implementation.
268         * assembler/MacroAssemblerX86_64.h:
269         (MacroAssemblerX86_64):
270             - moved loadDouble, absDouble to common.
271         * dfg/DFGAbstractState.cpp:
272         (JSC::DFG::AbstractState::execute):
273             - support ArithNegate.
274         * dfg/DFGArithNodeFlagsInferencePhase.cpp:
275         (JSC::DFG::ArithNodeFlagsInferencePhase::propagate):
276             - support ArithNegate.
277         * dfg/DFGByteCodeParser.cpp:
278         (JSC::DFG::ByteCodeParser::makeSafe):
279             - support ArithNegate.
280         (JSC::DFG::ByteCodeParser::parseBlock):
281             - support op_negate.
282         * dfg/DFGCSEPhase.cpp:
283         (JSC::DFG::CSEPhase::performNodeCSE):
284             - support ArithNegate.
285         * dfg/DFGCapabilities.h:
286         (JSC::DFG::canCompileOpcode):
287             - support op_negate.
288         * dfg/DFGGraph.h:
289         (JSC::DFG::Graph::negateShouldSpeculateInteger):
290             - support ArithNegate.
291         * dfg/DFGNode.h:
292         (JSC::DFG::Node::hasArithNodeFlags):
293             - support ArithNegate.
294         * dfg/DFGPredictionPropagationPhase.cpp:
295         (JSC::DFG::PredictionPropagationPhase::propagate):
296             - support ArithNegate.
297         * dfg/DFGSpeculativeJIT.cpp:
298         (JSC::DFG::SpeculativeJIT::compileArithNegate):
299             - support ArithNegate.
300         * dfg/DFGSpeculativeJIT.h:
301         (SpeculativeJIT):
302             - support ArithNegate.
303         * dfg/DFGSpeculativeJIT32_64.cpp:
304         (JSC::DFG::SpeculativeJIT::compile):
305             - support ArithNegate.
306         * dfg/DFGSpeculativeJIT64.cpp:
307         (JSC::DFG::SpeculativeJIT::compile):
308             - support ArithNegate.
309         * jit/JIT.cpp:
310         (JSC::JIT::privateCompileMainPass):
311         (JSC::JIT::privateCompileSlowCases):
312             - Add support for op_negate in JSVALUE64.
313         * jit/JITArithmetic.cpp:
314         (JSC::JIT::emit_op_negate):
315         (JSC::JIT::emitSlow_op_negate):
316             - Add support for op_negate in JSVALUE64.
317
318 2012-02-27  Mahesh Kulkarni  <mahesh.kulkarni@nokia.com>
319
320         Unreviewed. Build fix for linux-bot (qt) after r109021.
321
322         * runtime/Error.cpp:
323
324 2012-02-27  Oliver Hunt  <oliver@apple.com>
325
326         REGRESSION (r108112): AWS Management Console at amazon.com fails to initialize
327         https://bugs.webkit.org/show_bug.cgi?id=79693
328
329         Reviewed by Filip Pizlo.
330
331         Alas we can't provide the stack trace as an array, as despite everyone wanting
332         an array, everyone arbitrarily creates the array by calling split on the stack
333         trace.  To create the array we would have provided them in the first place.
334
335         This changes the exception's stack property to a \n separated string.  To get the
336         old array just do <exception>.stack.split("\n").
337
338         * runtime/Error.cpp:
339         (JSC::addErrorInfo):
340
341 2012-02-27  Gavin Barraclough  <barraclough@apple.com>
342
343         RegExp lastIndex should behave as a regular property
344         https://bugs.webkit.org/show_bug.cgi?id=79446
345
346         Reviewed by Sam Weinig.
347
348         lastIndex should be a regular data descriptor, with the attributes configurable:false,
349         enumerable:false, writable:true. As such, it should be possible to reconfigure writable
350         as false. If the lastIndex property is reconfigured to be read-only, we should respect
351         this correctly.
352
353         * runtime/CommonIdentifiers.h:
354             - Removed some unused identifiers, added lastIndex.
355         * runtime/RegExpObject.cpp:
356         (JSC::RegExpObject::getOwnPropertySlot):
357             - lastIndex is no longer a static value, provided specific handling.
358         (JSC::RegExpObject::getOwnPropertyDescriptor):
359             - lastIndex is no longer a static value, provided specific handling.
360         (JSC::RegExpObject::deleteProperty):
361             - lastIndex is no longer a static value, provided specific handling.
362         (JSC::RegExpObject::getOwnPropertyNames):
363             - lastIndex is no longer a static value, provided specific handling.
364         (JSC::RegExpObject::getPropertyNames):
365             - lastIndex is no longer a static value, provided specific handling.
366         (JSC::reject):
367             - helper function for defineOwnProperty.
368         (JSC::RegExpObject::defineOwnProperty):
369             - lastIndex is no longer a static value, provided specific handling.
370         (JSC::RegExpObject::put):
371             - lastIndex is no longer a static value, provided specific handling.
372         (JSC::RegExpObject::match):
373             - Pass setLastIndex an ExecState, so it can throw if read-only.
374         * runtime/RegExpObject.h:
375         (JSC::RegExpObject::setLastIndex):
376             - Pass setLastIndex an ExecState, so it can throw if read-only.
377         (RegExpObjectData):
378             - Added lastIndexIsWritable.
379         * runtime/RegExpPrototype.cpp:
380         (JSC::regExpProtoFuncCompile):
381             - Pass setLastIndex an ExecState, so it can throw if read-only.
382
383 2012-02-27  Gavin Barraclough  <barraclough@apple.com>
384
385         Implement support for op_negate and op_bitnot in the DFG JIT
386         https://bugs.webkit.org/show_bug.cgi?id=79617
387
388         Reviewed by Sam Weinig.
389
390         Remove op_bitnop - this is redundant, ~x === x^-1.
391         This is a fractional (<1%) progression.
392
393         Remove not32(X) from the MacroAssemblers - make this an optimization to add32(-1, X).
394         Remove CanReuse from the result type - this was unused.
395         Remove op_bitnot.
396
397         * assembler/MacroAssemblerARM.h:
398         (MacroAssemblerARM):
399         (JSC::MacroAssemblerARM::xor32):
400         * assembler/MacroAssemblerARMv7.h:
401         (MacroAssemblerARMv7):
402         (JSC::MacroAssemblerARMv7::xor32):
403         * assembler/MacroAssemblerMIPS.h:
404         (MacroAssemblerMIPS):
405         (JSC::MacroAssemblerMIPS::xor32):
406         * assembler/MacroAssemblerSH4.h:
407         (MacroAssemblerSH4):
408         (JSC::MacroAssemblerSH4::xor32):
409         * assembler/MacroAssemblerX86Common.h:
410         (MacroAssemblerX86Common):
411         (JSC::MacroAssemblerX86Common::xor32):
412         * bytecode/CodeBlock.cpp:
413         (JSC::CodeBlock::dump):
414         * bytecode/Opcode.h:
415         (JSC):
416         (JSC::padOpcodeName):
417         * bytecompiler/NodesCodegen.cpp:
418         (JSC):
419         (JSC::BitwiseNotNode::emitBytecode):
420         * interpreter/Interpreter.cpp:
421         (JSC::Interpreter::privateExecute):
422         * jit/JIT.cpp:
423         (JSC::JIT::privateCompileMainPass):
424         (JSC::JIT::privateCompileSlowCases):
425         * jit/JIT.h:
426         (JIT):
427         * jit/JITArithmetic32_64.cpp:
428         (JSC):
429         * jit/JITOpcodes.cpp:
430         (JSC):
431         * jit/JITStubs.cpp:
432         (JSC):
433         * jit/JITStubs.h:
434         * llint/LLIntSlowPaths.cpp:
435         (LLInt):
436         * llint/LLIntSlowPaths.h:
437         (LLInt):
438         * llint/LowLevelInterpreter32_64.asm:
439         * parser/NodeConstructors.h:
440         (JSC::NegateNode::NegateNode):
441         (JSC::BitwiseNotNode::BitwiseNotNode):
442         (JSC::MultNode::MultNode):
443         (JSC::DivNode::DivNode):
444         (JSC::ModNode::ModNode):
445         (JSC::SubNode::SubNode):
446         (JSC::UnsignedRightShiftNode::UnsignedRightShiftNode):
447         * parser/Nodes.h:
448         (BitwiseNotNode):
449         (JSC::BitwiseNotNode::expr):
450         (JSC):
451         * parser/ResultType.h:
452         (ResultType):
453         (JSC::ResultType::numberTypeIsInt32):
454         (JSC::ResultType::stringOrNumberType):
455         (JSC::ResultType::forAdd):
456         (JSC::ResultType::forBitOp):
457
458 2012-02-27  Michael Saboff  <msaboff@apple.com>
459
460         Error check regexp min quantifier
461         https://bugs.webkit.org/show_bug.cgi?id=70648
462
463         Reviewed by Gavin Barraclough.
464
465         Added checking for min or only quantifier being UINT_MAX.
466         When encountered this becomes a SyntaxError during parsing.
467
468         * yarr/YarrParser.h:
469         (JSC::Yarr::Parser::parseQuantifier):
470         (JSC::Yarr::Parser::parse):
471         (Parser):
472
473 2012-02-27  Carlos Garcia Campos  <cgarcia@igalia.com>
474
475         Unreviewed. Fix make distcheck.
476
477         * GNUmakefile.list.am: Add missing files.
478
479 2012-02-26  Hajime Morrita  <morrita@chromium.org>
480
481         Move ChromeClient::showContextMenu() to ContextMenuClient
482         https://bugs.webkit.org/show_bug.cgi?id=79427
483
484         Reviewed by Adam Barth.
485
486         Added ACCESSIBILITY_CONTEXT_MENUS.
487
488         * wtf/Platform.h:
489
490 2012-02-26  Filip Pizlo  <fpizlo@apple.com>
491
492         LayoutTests/fast/xpath/xpath-functional-test.html is crashing in the DFG
493         https://bugs.webkit.org/show_bug.cgi?id=79616
494
495         Reviewed by Oliver Hunt.
496         
497         Guard against the fact that in JSVALUE64, JSValue().isCell() == true.
498
499         * dfg/DFGAbstractValue.h:
500         (JSC::DFG::AbstractValue::validate):
501
502 2012-02-26  Filip Pizlo  <fpizlo@apple.com>
503
504         DFG should support activations and nested functions
505         https://bugs.webkit.org/show_bug.cgi?id=79554
506
507         Reviewed by Sam Weinig.
508         
509         Fix 32-bit. The 32-bit function+activation code had some really weird
510         register reuse bugs.
511
512         * dfg/DFGSpeculativeJIT32_64.cpp:
513         (JSC::DFG::SpeculativeJIT::compile):
514
515 2012-02-26  Filip Pizlo  <fpizlo@apple.com>
516
517         Getting the instruction stream for a code block should not require two loads
518         https://bugs.webkit.org/show_bug.cgi?id=79608
519
520         Reviewed by Sam Weinig.
521         
522         Introduced the RefCountedArray class, which contains a single inline pointer
523         to a ref-counted non-resizeable vector backing store. This satisfies the
524         requirements of CodeBlock, which desires the ability to share instruction
525         streams with other CodeBlocks. It also reduces the number of loads required
526         for getting the instruction stream by one.
527         
528         This patch also gets rid of the bytecode discarding logic, since we don't
529         use it anymore and it's unlikely to ever work right with DFG or LLInt. And
530         I didn't feel like porting dead code to use RefCountedArray.
531
532         * GNUmakefile.list.am:
533         * JavaScriptCore.xcodeproj/project.pbxproj:
534         * bytecode/CodeBlock.cpp:
535         (JSC::instructionOffsetForNth):
536         (JSC::CodeBlock::dump):
537         (JSC::CodeBlock::CodeBlock):
538         (JSC::CodeBlock::finalizeUnconditionally):
539         (JSC::CodeBlock::handlerForBytecodeOffset):
540         (JSC::CodeBlock::lineNumberForBytecodeOffset):
541         (JSC::CodeBlock::expressionRangeForBytecodeOffset):
542         (JSC::CodeBlock::shrinkToFit):
543         * bytecode/CodeBlock.h:
544         (CodeBlock):
545         (JSC::CodeBlock::numberOfInstructions):
546         (JSC::CodeBlock::instructions):
547         (JSC::CodeBlock::instructionCount):
548         (JSC::CodeBlock::valueProfileForBytecodeOffset):
549         (JSC):
550         * bytecompiler/BytecodeGenerator.cpp:
551         (JSC::Label::setLocation):
552         (JSC):
553         (JSC::BytecodeGenerator::generate):
554         (JSC::BytecodeGenerator::newLabel):
555         * bytecompiler/BytecodeGenerator.h:
556         (JSC):
557         (BytecodeGenerator):
558         (JSC::BytecodeGenerator::instructions):
559         * bytecompiler/Label.h:
560         (JSC::Label::Label):
561         (Label):
562         * dfg/DFGByteCodeCache.h:
563         (JSC::DFG::ByteCodeCache::~ByteCodeCache):
564         (JSC::DFG::ByteCodeCache::get):
565         * jit/JITExceptions.cpp:
566         (JSC::genericThrow):
567         * llint/LowLevelInterpreter32_64.asm:
568         * runtime/Executable.cpp:
569         (JSC::EvalExecutable::compileInternal):
570         (JSC::ProgramExecutable::compileInternal):
571         (JSC::FunctionExecutable::codeBlockWithBytecodeFor):
572         (JSC::FunctionExecutable::produceCodeBlockFor):
573         * wtf/RefCountedArray.h: Added.
574         (WTF):
575         (RefCountedArray):
576         (WTF::RefCountedArray::RefCountedArray):
577         (WTF::RefCountedArray::operator=):
578         (WTF::RefCountedArray::~RefCountedArray):
579         (WTF::RefCountedArray::size):
580         (WTF::RefCountedArray::data):
581         (WTF::RefCountedArray::begin):
582         (WTF::RefCountedArray::end):
583         (WTF::RefCountedArray::at):
584         (WTF::RefCountedArray::operator[]):
585         (Header):
586         (WTF::RefCountedArray::Header::size):
587         (WTF::RefCountedArray::Header::payload):
588         (WTF::RefCountedArray::Header::fromPayload):
589         * wtf/Platform.h:
590
591 2012-02-26  Yusuke Suzuki  <utatane.tea@gmail.com>
592
593         StringLiteral and NumericLiteral are allowed as ObjectLiteral getter / setter name
594         https://bugs.webkit.org/show_bug.cgi?id=79571
595
596         Reviewed by Gavin Barraclough.
597
598         * parser/ASTBuilder.h:
599         (JSC::ASTBuilder::createGetterOrSetterProperty):
600         * parser/Parser.cpp:
601         (JSC::::parseProperty):
602         * parser/SyntaxChecker.h:
603         (JSC::SyntaxChecker::createGetterOrSetterProperty):
604
605 2012-02-26  Mark Hahnenberg  <mhahnenberg@apple.com>
606
607         Implement fast path for op_new_array in the baseline JIT
608         https://bugs.webkit.org/show_bug.cgi?id=78612
609
610         Reviewed by Filip Pizlo.
611
612         heap/CopiedAllocator.h:
613         (CopiedAllocator): Friended the JIT to allow access to m_currentOffset.
614         * heap/CopiedSpace.h:
615         (CopiedSpace): Friended the JIT to allow access to isOversize.
616         (JSC::CopiedSpace::allocator):
617         * heap/Heap.h:
618         (JSC::Heap::storageAllocator): Added a getter for the CopiedAllocator class so the JIT
619         can use it for simple allocation i.e. when we can just bump the offset without having to 
620         do anything else.
621         * jit/JIT.cpp:
622         (JSC::JIT::privateCompileSlowCases): Added new slow case for op_new_array for when
623         we have to bail out because the fast allocation path fails for whatever reason.
624         * jit/JIT.h:
625         (JIT):
626         * jit/JITInlineMethods.h:
627         (JSC::JIT::emitAllocateBasicStorage): Added utility function that allows objects to 
628         allocate generic backing stores. This function is used by emitAllocateJSArray.
629         (JSC):
630         (JSC::JIT::emitAllocateJSArray): Added utility function that allows the client to 
631         more easily allocate JSArrays. This function is used by emit_op_new_array and I expect 
632         it will also be used for emit_op_new_array_buffer.
633         * jit/JITOpcodes.cpp:
634         (JSC::JIT::emit_op_new_array): Changed to do inline allocation of JSArrays. Still does 
635         a stub call for oversize arrays.
636         (JSC):
637         (JSC::JIT::emitSlow_op_new_array): New slow path that just bails out to a stub call if we 
638         fail in any way on the fast path.
639         * runtime/JSArray.cpp:
640         (JSC):
641         * runtime/JSArray.h: Added lots of offset functions for all the fields that we need to 
642         initialize in the JIT.
643         (ArrayStorage):
644         (JSC::ArrayStorage::lengthOffset):
645         (JSC::ArrayStorage::numValuesInVectorOffset):
646         (JSC::ArrayStorage::allocBaseOffset):
647         (JSC::ArrayStorage::vectorOffset):
648         (JSArray):
649         (JSC::JSArray::sparseValueMapOffset):
650         (JSC::JSArray::subclassDataOffset):
651         (JSC::JSArray::indexBiasOffset):
652         (JSC):
653         (JSC::JSArray::storageSize): Moved this function from being a static function in the cpp file
654         to being a static function in the JSArray class. This move allows the JIT to call it to 
655         see what size it should allocate.
656
657 2012-02-26  Patrick Gansterer  <paroga@webkit.org>
658
659         Unreviewed. Build fix for ENABLE(CLASSIC_INTERPRETER) after r108681.
660
661         * interpreter/Interpreter.cpp:
662         (JSC::getLineNumberForCallFrame):
663         (JSC::Interpreter::getStackTrace):
664
665 2012-02-26  Patrick Gansterer  <paroga@webkit.org>
666
667         Unreviewed. Build fix for !ENABLE(JIT) after r108681.
668
669         * interpreter/Interpreter.cpp:
670         (JSC::getLineNumberForCallFrame):
671
672 2012-02-25  Filip Pizlo  <fpizlo@apple.com>
673
674         LLInt assembly file should be split into 32-bit and 64-bit parts
675         https://bugs.webkit.org/show_bug.cgi?id=79584
676
677         Reviewed by Sam Weinig.
678         
679         Moved LowLevelInterpreter.asm to LowLevelInterpreter32_64.asm. Gave offlineasm
680         the ability to include files, and correctly track dependencies: it restricts
681         the include mechanism to using the same directory as the source file, and uses
682         the SHA1 hash of all .asm files in that directory as an input hash.
683
684         * llint/LLIntOfflineAsmConfig.h:
685         * llint/LowLevelInterpreter.asm:
686         * llint/LowLevelInterpreter32_64.asm: Added.
687             - This is just the entire contents of what was previously LowLevelInterpreter.asm
688         * llint/LowLevelInterpreter64.asm: Added.
689         * offlineasm/asm.rb:
690         * offlineasm/ast.rb:
691         * offlineasm/generate_offset_extractor.rb:
692         * offlineasm/parser.rb:
693         * offlineasm/self_hash.rb:
694
695 2012-02-25  Filip Pizlo  <fpizlo@apple.com>
696
697         Offlineasm should support X86_64
698         https://bugs.webkit.org/show_bug.cgi?id=79581
699
700         Reviewed by Oliver Hunt.
701
702         * llint/LLIntOfflineAsmConfig.h:
703         * offlineasm/backends.rb:
704         * offlineasm/instructions.rb:
705         * offlineasm/settings.rb:
706         * offlineasm/x86.rb:
707
708 2012-02-25  Filip Pizlo  <fpizlo@apple.com>
709
710         DFG should support activations and nested functions
711         https://bugs.webkit.org/show_bug.cgi?id=79554
712
713         Reviewed by Oliver Hunt.
714         
715         Wrote the simplest possible implementation of activations. Big speed-up on
716         code that uses activations, no speed-up on major benchmarks (SunSpider, V8,
717         Kraken) because they do not appear to have sufficient coverage over code
718         that uses activations.
719
720         * bytecode/PredictedType.cpp:
721         (JSC::predictionToString):
722         (JSC::predictionFromValue):
723         * bytecode/PredictedType.h:
724         (JSC):
725         (JSC::isEmptyPrediction):
726         * dfg/DFGAbstractState.cpp:
727         (JSC::DFG::AbstractState::execute):
728         * dfg/DFGByteCodeParser.cpp:
729         (JSC::DFG::ByteCodeParser::ByteCodeParser):
730         (ByteCodeParser):
731         (JSC::DFG::ByteCodeParser::parseBlock):
732         (JSC::DFG::ByteCodeParser::buildOperandMapsIfNecessary):
733         (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
734         (JSC::DFG::ByteCodeParser::parse):
735         * dfg/DFGCapabilities.h:
736         (JSC::DFG::canCompileOpcode):
737         (JSC::DFG::canInlineOpcode):
738         * dfg/DFGGraph.h:
739         (JSC::DFG::Graph::needsActivation):
740         * dfg/DFGNode.h:
741         (DFG):
742         (JSC::DFG::Node::storageAccessDataIndex):
743         (Node):
744         (JSC::DFG::Node::hasFunctionDeclIndex):
745         (JSC::DFG::Node::functionDeclIndex):
746         (JSC::DFG::Node::hasFunctionExprIndex):
747         (JSC::DFG::Node::functionExprIndex):
748         * dfg/DFGOperations.cpp:
749         * dfg/DFGOperations.h:
750         * dfg/DFGPredictionPropagationPhase.cpp:
751         (JSC::DFG::PredictionPropagationPhase::propagate):
752         * dfg/DFGSpeculativeJIT.cpp:
753         (JSC::DFG::SpeculativeJIT::compileNewFunctionNoCheck):
754         (DFG):
755         (JSC::DFG::SpeculativeJIT::compileNewFunctionExpression):
756         * dfg/DFGSpeculativeJIT.h:
757         (JSC::DFG::SpeculativeJIT::callOperation):
758         * dfg/DFGSpeculativeJIT32_64.cpp:
759         (JSC::DFG::SpeculativeJIT::compile):
760         * dfg/DFGSpeculativeJIT64.cpp:
761         (JSC::DFG::SpeculativeJIT::compile):
762
763 2012-02-25  Benjamin Poulain  <benjamin@webkit.org>
764
765         Add an empty skeleton of KURL for WTFURL
766         https://bugs.webkit.org/show_bug.cgi?id=78990
767
768         Reviewed by Adam Barth.
769
770         * JavaScriptCore.xcodeproj/project.pbxproj: Export the relevant classes from WTFURL
771         so that can use them in WebCore.
772
773 2012-02-25  Filip Pizlo  <fpizlo@apple.com>
774
775         Unreviewed, fix build for DFG disabled and LLInt enabled.
776
777         * jit/JIT.cpp:
778         (JSC::JIT::privateCompile):
779         * llint/LLIntSlowPaths.cpp:
780         (LLInt):
781         (JSC::LLInt::LLINT_SLOW_PATH_DECL):
782
783 2012-02-25  Mark Hahnenberg  <mhahnenberg@apple.com>
784
785         Fix the CopiedBlock offset alignment in a cross platform fashion
786         https://bugs.webkit.org/show_bug.cgi?id=79556
787
788         Reviewed by Filip Pizlo.
789
790         Replaced m_payload with a payload() method that calculates the offset
791         of the payload with the proper alignment. This change allows us to 
792         avoid alignment-related issues in a cross-platform manner.
793
794         * heap/CopiedAllocator.h:
795         (JSC::CopiedAllocator::currentUtilization):
796         * heap/CopiedBlock.h:
797         (JSC::CopiedBlock::CopiedBlock):
798         (JSC::CopiedBlock::payload):
799         (CopiedBlock):
800         * heap/CopiedSpace.cpp:
801         (JSC::CopiedSpace::doneFillingBlock):
802         * heap/CopiedSpaceInlineMethods.h:
803         (JSC::CopiedSpace::borrowBlock):
804         (JSC::CopiedSpace::allocateFromBlock):
805
806 2012-02-24  Michael Saboff  <msaboff@apple.com>
807
808         Unreviewed, Windows build fix.  Changed signature in export to match
809         change made in r108858.
810
811         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
812
813 2012-02-24  Filip Pizlo  <fpizlo@apple.com>
814
815         DFG support for op_new_regexp should be enabled
816         https://bugs.webkit.org/show_bug.cgi?id=79538
817
818         Reviewed by Oliver Hunt.
819         
820         No performance change.
821
822         * dfg/DFGCapabilities.h:
823         (JSC::DFG::canCompileOpcode):
824         * dfg/DFGCommon.h:
825
826 2012-02-24  Michael Saboff  <msaboff@apple.com>
827
828         ASSERT(position < 0) in JSC::Yarr::Interpreter::InputStream::readChecked
829         https://bugs.webkit.org/show_bug.cgi?id=73728
830
831         Reviewed by Gavin Barraclough.
832
833         Fixed the mixing of signed and unsigned character indeces in YARR
834         interpreter.
835
836         * runtime/RegExp.cpp:
837         (JSC::RegExp::match): Added code to check for match longer than 2^31 and
838         return no match after resetting the offsets.
839         * yarr/YarrInterpreter.cpp: Changed to use unsigned for all character index
840         handling except when matching back references.
841         (JSC::Yarr::Interpreter::InputStream::readChecked):
842         (JSC::Yarr::Interpreter::InputStream::checkInput):
843         (JSC::Yarr::Interpreter::InputStream::uncheckInput):
844         (JSC::Yarr::Interpreter::InputStream::atStart):
845         (JSC::Yarr::Interpreter::InputStream::atEnd):
846         (JSC::Yarr::Interpreter::InputStream::isAvailableInput):
847         (JSC::Yarr::Interpreter::checkCharacter):
848         (JSC::Yarr::Interpreter::checkCasedCharacter):
849         (JSC::Yarr::Interpreter::checkCharacterClass):
850         (JSC::Yarr::Interpreter::tryConsumeBackReference):
851         (JSC::Yarr::Interpreter::matchAssertionBOL):
852         (JSC::Yarr::Interpreter::matchAssertionWordBoundary):
853         (JSC::Yarr::Interpreter::backtrackPatternCharacter):
854         (JSC::Yarr::Interpreter::backtrackPatternCasedCharacter):
855         (JSC::Yarr::Interpreter::matchCharacterClass):
856         (JSC::Yarr::Interpreter::backtrackCharacterClass):
857         (JSC::Yarr::Interpreter::matchParenthesesOnceBegin):
858         (JSC::Yarr::Interpreter::matchDisjunction):
859         (JSC::Yarr::Interpreter::interpret):
860         (JSC::Yarr::ByteCompiler::assertionBOL):
861         (JSC::Yarr::ByteCompiler::assertionEOL):
862         (JSC::Yarr::ByteCompiler::assertionWordBoundary):
863         (JSC::Yarr::ByteCompiler::atomPatternCharacter):
864         (JSC::Yarr::ByteCompiler::atomCharacterClass):
865         (JSC::Yarr::ByteCompiler::atomBackReference):
866         (JSC::Yarr::ByteCompiler::atomParenthesesOnceBegin):
867         (JSC::Yarr::ByteCompiler::atomParenthesesTerminalBegin):
868         (JSC::Yarr::ByteCompiler::atomParenthesesSubpatternBegin):
869         (JSC::Yarr::ByteCompiler::atomParentheticalAssertionEnd):
870         (JSC::Yarr::ByteCompiler::emitDisjunction):
871         * yarr/YarrInterpreter.h:
872
873 2012-02-24  Filip Pizlo  <fpizlo@apple.com>
874
875         Unreviewed, build fix for builds where the DFG is disabled but the LLInt is
876         enabled.
877
878         * llint/LLIntOfflineAsmConfig.h:
879         * llint/LowLevelInterpreter.asm:
880
881 2012-02-24  Filip Pizlo  <fpizlo@apple.com>
882
883         DFG should be able to handle variables getting captured
884         https://bugs.webkit.org/show_bug.cgi?id=79469
885
886         Reviewed by Oliver Hunt.
887         
888         Made captured variables work by placing a Flush on the SetLocal and
889         forcing the emission of the GetLocal even if copy propagation tells us
890         who has the value.
891         
892         Changed the CFA and various prediction codes to understand that we can't
893         really prove anything about captured variables. Well, we could in the
894         future by just looking at what side effects are happening, but in this
895         first cut we just assume that we can't reason about captured variables.
896         
897         Also added a mode where the DFG pretends that all variables and arguments
898         got captured. Used this mode to harden the code.
899         
900         This is performance neutral. Capturing all variables is a slow down, but
901         not too big of one. This seems to predict that when we add activation
902         support, the amount of speed benefit we'll get from increased coverage
903         will far outweigh the pessimism that we'll have to endure for captured
904         variables.
905
906         * bytecode/CodeType.h:
907         (JSC::codeTypeToString):
908         * dfg/DFGAbstractState.cpp:
909         (JSC::DFG::AbstractState::initialize):
910         (JSC::DFG::AbstractState::endBasicBlock):
911         (JSC::DFG::AbstractState::execute):
912         (JSC::DFG::AbstractState::merge):
913         * dfg/DFGAbstractState.h:
914         (AbstractState):
915         * dfg/DFGByteCodeParser.cpp:
916         (JSC::DFG::ByteCodeParser::getLocal):
917         (JSC::DFG::ByteCodeParser::setLocal):
918         (JSC::DFG::ByteCodeParser::getArgument):
919         (JSC::DFG::ByteCodeParser::setArgument):
920         (JSC::DFG::ByteCodeParser::flushArgument):
921         (JSC::DFG::ByteCodeParser::handleInlining):
922         (JSC::DFG::ByteCodeParser::processPhiStack):
923         (JSC::DFG::ByteCodeParser::parseCodeBlock):
924         (JSC::DFG::ByteCodeParser::parse):
925         * dfg/DFGCapabilities.h:
926         (JSC::DFG::mightInlineFunctionForCall):
927         (JSC::DFG::mightInlineFunctionForConstruct):
928         * dfg/DFGCommon.h:
929         * dfg/DFGGraph.h:
930         (JSC::DFG::Graph::needsActivation):
931         (Graph):
932         (JSC::DFG::Graph::argumentIsCaptured):
933         (JSC::DFG::Graph::localIsCaptured):
934         (JSC::DFG::Graph::isCaptured):
935         * dfg/DFGNode.h:
936         (JSC::DFG::Node::shouldGenerate):
937         * dfg/DFGPredictionPropagationPhase.cpp:
938         (JSC::DFG::PredictionPropagationPhase::propagate):
939         (JSC::DFG::PredictionPropagationPhase::doRoundOfDoubleVoting):
940         * dfg/DFGSpeculativeJIT.cpp:
941         (DFG):
942         (JSC::DFG::ValueSource::dump):
943         (JSC::DFG::SpeculativeJIT::compile):
944         * dfg/DFGSpeculativeJIT.h:
945         (ValueSource):
946         * dfg/DFGSpeculativeJIT32_64.cpp:
947         (JSC::DFG::SpeculativeJIT::compile):
948         * dfg/DFGSpeculativeJIT64.cpp:
949         (JSC::DFG::SpeculativeJIT::compile):
950         * dfg/DFGVirtualRegisterAllocationPhase.cpp:
951         (JSC::DFG::VirtualRegisterAllocationPhase::run):
952
953 2012-02-24  Gavin Barraclough  <barraclough@apple.com>
954
955         Should not allow malformed \x escapes
956         https://bugs.webkit.org/show_bug.cgi?id=79462
957
958         Reviewed by Oliver Hunt.
959
960         * parser/Lexer.cpp:
961         (JSC::::parseString):
962         (JSC::::parseStringSlowCase):
963             - Prohibit malformed '\x' escapes
964         * tests/mozilla/ecma/Array/15.4.5.1-1.js:
965         * tests/mozilla/ecma/LexicalConventions/7.7.4.js:
966         * tests/mozilla/ecma_2/RegExp/hex-001.js:
967         * tests/mozilla/js1_2/regexp/hexadecimal.js:
968             - Remove erroneous test cases (correct behaviour is tested by LayoutTests/sputnik).
969
970 2012-02-24  Daniel Bates  <dbates@webkit.org>
971
972         Fix change log entry for changeset r108819; add bug URL
973         https://bugs.webkit.org/show_bug.cgi?id=79504
974
975         Changeset r108819 is associated with bug #79504.
976
977         * ChangeLog
978
979 2012-02-24  Daniel Bates  <dbates@webkit.org>
980
981         Substitute ENABLE(CLASSIC_INTERPRETER) for ENABLE(INTERPRETER) in Interpreter.cpp
982         https://bugs.webkit.org/show_bug.cgi?id=79504
983
984         Reviewed by Oliver Hunt.
985
986         There are a few places in Interpreter.cpp that need to be updated to use
987         ENABLE(CLASSIC_INTERPRETER) following the renaming of ENABLE_INTERPRETER to
988         ENABLE_CLASSIC_INTERPRETER in changeset <http://trac.webkit.org/changeset/108020>
989         (https://bugs.webkit.org/show_bug.cgi?id=78791).
990
991         * interpreter/Interpreter.cpp:
992         (JSC::getLineNumberForCallFrame):
993         (JSC::getCallerInfo):
994         (JSC::getSourceURLFromCallFrame):
995
996 2012-02-24  Adam Roben  <aroben@apple.com>
997
998         Undo the BUILDING_WTF part of r108808
999
1000         This broke the build, which is obviously worse than the linker warning it was trying to
1001         solve.
1002
1003         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
1004
1005 2012-02-24  Adam Roben  <aroben@apple.com>
1006
1007         Fix linker warnings on Windows
1008
1009         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Removed symbols that are already
1010         exported via JS_EXPORTDATA.
1011
1012         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops: Define BUILDING_WTF. We
1013         aren't actually building WTF, but we are statically linking it, so we need to define this
1014         symbol so that we export WTF's exports.
1015
1016 2012-02-24  Philippe Normand  <pnormand@igalia.com>
1017
1018         Fix GTK WebAudio build for WebKitGTK 1.7.90.
1019
1020         Patch by Priit Laes <plaes@plaes.org> on 2012-02-24
1021         Rubber-stamped by Philippe Normand.
1022
1023         * GNUmakefile.list.am: Add Complex.h to the list of files so it
1024         gets disted in the tarballs.
1025
1026 2012-02-24  Zoltan Herczeg  <zherczeg@webkit.org>
1027
1028         [Qt] Buildfix for "Zero out CopiedBlocks on initialization".
1029         https://bugs.webkit.org/show_bug.cgi?id=79199
1030
1031         Ruber stamped by Csaba Osztrogonác.
1032
1033         Temporary fix since the new member wastes a little space on
1034         64 bit systems. Although it is harmless, it is only needed
1035         for 32 bit systems.
1036
1037         * heap/CopiedBlock.h:
1038         (CopiedBlock):
1039
1040 2012-02-24  Han Hojong  <hojong.han@samsung.com>
1041
1042         Remove useless jump instructions for short circuit
1043         https://bugs.webkit.org/show_bug.cgi?id=75602
1044
1045         Reviewed by Michael Saboff.
1046
1047         Jump instruction is inserted to make short circuit, 
1048         however it does nothing but moving to the next instruction.
1049         Therefore useless jump instructions are removed, 
1050         and jump list is moved into the case not for a short circuit,
1051         so that only necessary instructions are added to JIT code
1052         unless it has a 16 bit pattern character and an 8 bit string.
1053
1054         * yarr/YarrJIT.cpp:
1055         (JSC::Yarr::YarrGenerator::generatePatternCharacterGreedy):
1056         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterNonGreedy):
1057
1058 2012-02-24  Sheriff Bot  <webkit.review.bot@gmail.com>
1059
1060         Unreviewed, rolling out r108731.
1061         http://trac.webkit.org/changeset/108731
1062         https://bugs.webkit.org/show_bug.cgi?id=79464
1063
1064         Broke Chromium Win tests (Requested by bashi on #webkit).
1065
1066         * wtf/Platform.h:
1067
1068 2012-02-24  Andrew Lo  <anlo@rim.com>
1069
1070         [BlackBerry] Enable requestAnimationFrame
1071         https://bugs.webkit.org/show_bug.cgi?id=79408
1072
1073         Use timer implementation of requestAnimationFrame on BlackBerry.
1074
1075         Reviewed by Rob Buis.
1076
1077         * wtf/Platform.h:
1078
1079 2012-02-24  Mathias Bynens  <mathias@qiwi.be>
1080
1081         `\u200c` and `\u200d` should be allowed in IdentifierPart, as per ES5
1082         https://bugs.webkit.org/show_bug.cgi?id=78908
1083
1084         Add additional checks for zero-width non-joiner (0x200C) and
1085         zero-width joiner (0x200D) characters.
1086
1087         Reviewed by Michael Saboff.
1088
1089         * parser/Lexer.cpp:
1090         (JSC::isNonASCIIIdentPart)
1091         * runtime/LiteralParser.cpp:
1092         (JSC::::Lexer::lexIdentifier)
1093
1094 2012-02-23  Kenichi Ishibashi  <bashi@chromium.org>
1095
1096         Adding WebSocket per-frame DEFLATE extension
1097         https://bugs.webkit.org/show_bug.cgi?id=77522
1098
1099         Added USE(ZLIB) flag.
1100
1101         Reviewed by Kent Tamura.
1102
1103         * wtf/Platform.h:
1104
1105 2012-02-23  Mark Hahnenberg  <mhahnenberg@apple.com>
1106
1107         Zero out CopiedBlocks on initialization
1108         https://bugs.webkit.org/show_bug.cgi?id=79199
1109
1110         Reviewed by Filip Pizlo.
1111
1112         Made CopyBlocks zero their payloads during construction. This allows 
1113         JSArray to avoid having to manually clear its backing store upon allocation
1114         and also alleviates any future pain with regard to the garbage collector trying 
1115         to mark what it thinks are values in what is actually uninitialized memory.
1116
1117         * heap/CopiedBlock.h:
1118         (JSC::CopiedBlock::CopiedBlock):
1119         * runtime/JSArray.cpp:
1120         (JSC::JSArray::finishCreation):
1121         (JSC::JSArray::tryFinishCreationUninitialized):
1122         (JSC::JSArray::increaseVectorLength):
1123         (JSC::JSArray::unshiftCountSlowCase):
1124
1125 2012-02-23  Oliver Hunt  <oliver@apple.com>
1126
1127         Make Interpreter::getStackTrace be able to generate the line number for the top callframe if none is provided
1128         https://bugs.webkit.org/show_bug.cgi?id=79407
1129
1130         Reviewed by Gavin Barraclough.
1131
1132         Outside of exception handling, we don't know what our source line number is.  This
1133         change allows us to pass -1 is as the initial line number, and get the correct line
1134         number in the resultant stack trace.  We can't completely elide the initial line
1135         number (yet) due to some idiosyncrasies of the exception handling machinery.
1136
1137         * interpreter/Interpreter.cpp:
1138         (JSC::getLineNumberForCallFrame):
1139         (JSC):
1140         (JSC::Interpreter::getStackTrace):
1141
1142 2012-02-22  Filip Pizlo  <fpizlo@apple.com>
1143
1144         DFG OSR exit value profiling should have graceful handling of local variables and arguments
1145         https://bugs.webkit.org/show_bug.cgi?id=79310
1146
1147         Reviewed by Gavin Barraclough.
1148         
1149         Previously, if we OSR exited because a prediction in a local was wrong, we'd
1150         only realize what the true type of the local was if the regular value profiling
1151         kicked in and told us. Unless the local was block-locally copy propagated, in
1152         which case we'd know from an OSR exit profile.
1153         
1154         This patch adds OSR exit profiling to all locals and arguments. Now, if we OSR
1155         exit because of a mispredicted local or argument type, we'll know what the type of
1156         the local or argument should be immediately upon exiting.
1157         
1158         The way that local variable OSR exit profiling works is that we now have a lazily
1159         added set of OSR-exit-only value profiles for exit sites that are BadType and that
1160         cited a GetLocal as their value source. The value profiles are only added if the
1161         OSR exit is taken, and are keyed by CodeBlock, bytecode index of the GetLocal, and
1162         operand. The look-up is performed by querying the
1163         CompressedLazyOperandValueProfileHolder in the CodeBlock, using a key that contains
1164         the bytecode index and the operand. Because the value profiles are added at random
1165         times, they are not sorted; instead they are just stored in an arbitrarily-ordered
1166         SegmentedVector. Look-ups are made fast by "decompressing": the DFG::ByteCodeParser
1167         creates a LazyOperandValueProfileParser, which turns the
1168         CompressedLazyOperandValueProfileHolder's contents into a HashMap for the duration
1169         of DFG parsing.
1170         
1171         Previously, OSR exits had a pointer to the ValueProfile that had the specFailBucket
1172         into which values observed during OSR exit would be placed. Now it uses a lazy
1173         thunk for a ValueProfile. I call this the MethodOfGettingAValueProfile. It may
1174         either contain a ValueProfile inside it (which works for previous uses of OSR exit
1175         profiling) or it may just have knowledge of how to go about creating the
1176         LazyOperandValueProfile in the case that the OSR exit is actually taken. This
1177         ensures that we never have to create NumOperands*NumBytecodeIndices*NumCodeBlocks
1178         value profiling buckets unless we actually did OSR exit on every single operand,
1179         in every single instruction, in each code block (that's probably unlikely).
1180         
1181         This appears to be neutral on the major benchmarks, but is a double-digit speed-up
1182         on code deliberately written to have data flow that spans basic blocks and where
1183         the code exhibits post-optimization polymorphism in a local variable.
1184
1185         * CMakeLists.txt:
1186         * GNUmakefile.list.am:
1187         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1188         * JavaScriptCore.xcodeproj/project.pbxproj:
1189         * Target.pri:
1190         * bytecode/CodeBlock.cpp:
1191         (JSC::CodeBlock::stronglyVisitStrongReferences):
1192         * bytecode/CodeBlock.h:
1193         (CodeBlock):
1194         (JSC::CodeBlock::lazyOperandValueProfiles):
1195         * bytecode/LazyOperandValueProfile.cpp: Added.
1196         (JSC):
1197         (JSC::CompressedLazyOperandValueProfileHolder::CompressedLazyOperandValueProfileHolder):
1198         (JSC::CompressedLazyOperandValueProfileHolder::~CompressedLazyOperandValueProfileHolder):
1199         (JSC::CompressedLazyOperandValueProfileHolder::computeUpdatedPredictions):
1200         (JSC::CompressedLazyOperandValueProfileHolder::add):
1201         (JSC::LazyOperandValueProfileParser::LazyOperandValueProfileParser):
1202         (JSC::LazyOperandValueProfileParser::~LazyOperandValueProfileParser):
1203         (JSC::LazyOperandValueProfileParser::getIfPresent):
1204         (JSC::LazyOperandValueProfileParser::prediction):
1205         * bytecode/LazyOperandValueProfile.h: Added.
1206         (JSC):
1207         (LazyOperandValueProfileKey):
1208         (JSC::LazyOperandValueProfileKey::LazyOperandValueProfileKey):
1209         (JSC::LazyOperandValueProfileKey::operator!):
1210         (JSC::LazyOperandValueProfileKey::operator==):
1211         (JSC::LazyOperandValueProfileKey::hash):
1212         (JSC::LazyOperandValueProfileKey::bytecodeOffset):
1213         (JSC::LazyOperandValueProfileKey::operand):
1214         (JSC::LazyOperandValueProfileKey::isHashTableDeletedValue):
1215         (JSC::LazyOperandValueProfileKeyHash::hash):
1216         (JSC::LazyOperandValueProfileKeyHash::equal):
1217         (LazyOperandValueProfileKeyHash):
1218         (WTF):
1219         (JSC::LazyOperandValueProfile::LazyOperandValueProfile):
1220         (LazyOperandValueProfile):
1221         (JSC::LazyOperandValueProfile::key):
1222         (CompressedLazyOperandValueProfileHolder):
1223         (LazyOperandValueProfileParser):
1224         * bytecode/MethodOfGettingAValueProfile.cpp: Added.
1225         (JSC):
1226         (JSC::MethodOfGettingAValueProfile::fromLazyOperand):
1227         (JSC::MethodOfGettingAValueProfile::getSpecFailBucket):
1228         * bytecode/MethodOfGettingAValueProfile.h: Added.
1229         (JSC):
1230         (MethodOfGettingAValueProfile):
1231         (JSC::MethodOfGettingAValueProfile::MethodOfGettingAValueProfile):
1232         (JSC::MethodOfGettingAValueProfile::operator!):
1233         * bytecode/ValueProfile.cpp: Removed.
1234         * bytecode/ValueProfile.h:
1235         (JSC):
1236         (ValueProfileBase):
1237         (JSC::ValueProfileBase::ValueProfileBase):
1238         (JSC::ValueProfileBase::dump):
1239         (JSC::ValueProfileBase::computeUpdatedPrediction):
1240         (JSC::MinimalValueProfile::MinimalValueProfile):
1241         (ValueProfileWithLogNumberOfBuckets):
1242         (JSC::ValueProfileWithLogNumberOfBuckets::ValueProfileWithLogNumberOfBuckets):
1243         (JSC::ValueProfile::ValueProfile):
1244         (JSC::getValueProfileBytecodeOffset):
1245         (JSC::getRareCaseProfileBytecodeOffset):
1246         * dfg/DFGByteCodeParser.cpp:
1247         (ByteCodeParser):
1248         (JSC::DFG::ByteCodeParser::injectLazyOperandPrediction):
1249         (JSC::DFG::ByteCodeParser::getLocal):
1250         (JSC::DFG::ByteCodeParser::getArgument):
1251         (InlineStackEntry):
1252         (JSC::DFG::ByteCodeParser::fixVariableAccessPredictions):
1253         (DFG):
1254         (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
1255         (JSC::DFG::ByteCodeParser::parse):
1256         * dfg/DFGDriver.cpp:
1257         (JSC::DFG::compile):
1258         * dfg/DFGGraph.h:
1259         (JSC::DFG::Graph::valueProfileFor):
1260         (JSC::DFG::Graph::methodOfGettingAValueProfileFor):
1261         (Graph):
1262         * dfg/DFGNode.h:
1263         (Node):
1264         * dfg/DFGOSRExit.cpp:
1265         (JSC::DFG::OSRExit::OSRExit):
1266         * dfg/DFGOSRExit.h:
1267         (OSRExit):
1268         * dfg/DFGOSRExitCompiler32_64.cpp:
1269         (JSC::DFG::OSRExitCompiler::compileExit):
1270         * dfg/DFGOSRExitCompiler64.cpp:
1271         (JSC::DFG::OSRExitCompiler::compileExit):
1272         * dfg/DFGPhase.cpp:
1273         (JSC::DFG::Phase::beginPhase):
1274         (JSC::DFG::Phase::endPhase):
1275         * dfg/DFGSpeculativeJIT.cpp:
1276         (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
1277         * dfg/DFGSpeculativeJIT.h:
1278         (JSC::DFG::SpeculativeJIT::speculationCheck):
1279         * dfg/DFGVariableAccessData.h:
1280         (JSC::DFG::VariableAccessData::nonUnifiedPrediction):
1281         (VariableAccessData):
1282
1283 2012-02-23  Filip Pizlo  <fpizlo@apple.com>
1284
1285         Build fix.
1286
1287         * llint/LLIntOffsetsExtractor.cpp:
1288
1289 2012-02-23  Kevin Ollivier  <kevino@theolliviers.com>
1290
1291         [wx] Build fix, disable LLINT for now and fix ENABLE defines for it.
1292
1293         * llint/LLIntOffsetsExtractor.cpp:
1294         * wtf/Platform.h:
1295
1296 2012-02-23  Kevin Ollivier  <kevino@theolliviers.com>
1297
1298         [wx] Build fix for non-Mac wx builds.
1299
1300         * runtime/DatePrototype.cpp:
1301
1302 2012-02-22  Filip Pizlo  <fpizlo@apple.com>
1303
1304         DFG's logic for emitting a Flush is too convoluted and contains an inaccurate comment
1305         https://bugs.webkit.org/show_bug.cgi?id=79334
1306
1307         Reviewed by Oliver Hunt.
1308
1309         * dfg/DFGByteCodeParser.cpp:
1310         (JSC::DFG::ByteCodeParser::getLocal):
1311         (JSC::DFG::ByteCodeParser::getArgument):
1312         (JSC::DFG::ByteCodeParser::flush):
1313
1314 2012-02-23  Gavin Barraclough  <barraclough@apple.com>
1315
1316         Object.isSealed / Object.isFrozen don't work for native objects
1317         https://bugs.webkit.org/show_bug.cgi?id=79331
1318
1319         Reviewed by Sam Weinig.
1320
1321         Need to inspect all properties, including static ones.
1322         This exposes a couple of bugs in Array & Arguments:
1323             - getOwnPropertyDescriptor doesn't correctly report the writable attribute of array length.
1324             - Arguments object's defineOwnProperty does not handle callee/caller/length correctly.
1325
1326         * runtime/Arguments.cpp:
1327         (JSC::Arguments::defineOwnProperty):
1328             - Add handling for callee/caller/length.
1329         * runtime/JSArray.cpp:
1330         (JSC::JSArray::getOwnPropertyDescriptor):
1331             - report length's writability correctly.
1332         * runtime/ObjectConstructor.cpp:
1333         (JSC::objectConstructorSeal):
1334         (JSC::objectConstructorFreeze):
1335         (JSC::objectConstructorIsSealed):
1336         (JSC::objectConstructorIsFrozen):
1337             - Add spec-based implementation for non-final objects.
1338
1339 2012-02-23  Gavin Barraclough  <barraclough@apple.com>
1340
1341         pop of array hole should get from the prototype chain
1342         https://bugs.webkit.org/show_bug.cgi?id=79338
1343
1344         Reviewed by Sam Weinig.
1345
1346         * runtime/JSArray.cpp:
1347         (JSC::JSArray::pop):
1348             - If the fast fast vector case fails, more closely follow the spec.
1349
1350 2012-02-23  Yong Li  <yoli@rim.com>
1351
1352         JSString::outOfMemory() should ASSERT(isRope()) rather than !isRope()
1353         https://bugs.webkit.org/show_bug.cgi?id=79268
1354
1355         Reviewed by Michael Saboff.
1356
1357         resolveRope() is the only caller of outOfMemory(), and it calls outOfMemory()
1358         after it fails to allocate a buffer for m_value. So outOfMemory() should assert
1359         isRope() rather than !isRope().
1360
1361         * runtime/JSString.cpp:
1362         (JSC::JSString::outOfMemory):
1363
1364 2012-02-23  Patrick Gansterer  <paroga@webkit.org>
1365
1366         [CMake] Add WEBKIT_INCLUDE_CONFIG_FILES_IF_EXISTS macro
1367         https://bugs.webkit.org/show_bug.cgi?id=79371
1368
1369         Reviewed by Daniel Bates.
1370
1371         * CMakeLists.txt:
1372         * shell/CMakeLists.txt:
1373         * wtf/CMakeLists.txt:
1374
1375 2012-02-23  Aron Rosenberg  <arosenberg@logitech.com>
1376
1377         Fix the PRI macros used in WTF::String formatters to be compatible with Qt and Visual Studio 2005 and newer.
1378         https://bugs.webkit.org/show_bug.cgi?id=76210
1379
1380         Add compile time check for Visual Studio 2005 or newer.
1381
1382         Reviewed by Simon Hausmann.
1383
1384         * os-win32/inttypes.h:
1385
1386 2012-02-22  Gavin Barraclough  <barraclough@apple.com>
1387
1388         Implement [[DefineOwnProperty]] for the arguments object
1389         https://bugs.webkit.org/show_bug.cgi?id=79309
1390
1391         Reviewed by Sam Weinig.
1392
1393         * runtime/Arguments.cpp:
1394         (JSC::Arguments::deletePropertyByIndex):
1395         (JSC::Arguments::deleteProperty):
1396             - Deleting an argument should also delete the copy on the object, if any.
1397         (JSC::Arguments::defineOwnProperty):
1398             - Defining a property may override the live mapping.
1399         * runtime/Arguments.h:
1400         (Arguments):
1401
1402 2012-02-22  Gavin Barraclough  <barraclough@apple.com>
1403
1404         Fix Object.freeze for non-final objects.
1405         https://bugs.webkit.org/show_bug.cgi?id=79286
1406
1407         Reviewed by Oliver Hunt.
1408
1409         For vanilla objects we implement this with a single transition, for objects
1410         with special properties we should just follow the spec defined algorithm.
1411
1412         * runtime/JSArray.cpp:
1413         (JSC::SparseArrayValueMap::put):
1414             - this does need to handle inextensible objects.
1415         * runtime/ObjectConstructor.cpp:
1416         (JSC::objectConstructorSeal):
1417         (JSC::objectConstructorFreeze):
1418             - Implement spec defined algorithm for non-final objects.
1419         * runtime/Structure.cpp:
1420         (JSC::Structure::Structure):
1421         (JSC::Structure::freezeTransition):
1422             - freeze should set m_hasReadOnlyOrGetterSetterPropertiesExcludingProto.
1423         * runtime/Structure.h:
1424         (JSC::Structure::hasReadOnlyOrGetterSetterPropertiesExcludingProto):
1425         (JSC::Structure::setHasGetterSetterProperties):
1426         (JSC::Structure::setContainsReadOnlyProperties):
1427         (Structure):
1428             - renamed m_hasReadOnlyOrGetterSetterPropertiesExcludingProto.
1429
1430 2012-02-22  Mark Hahnenberg  <mhahnenberg@apple.com>
1431
1432         Allocations from CopiedBlocks should always be 8-byte aligned
1433         https://bugs.webkit.org/show_bug.cgi?id=79271
1434
1435         Reviewed by Geoffrey Garen.
1436
1437         * heap/CopiedAllocator.h:
1438         (JSC::CopiedAllocator::allocate):
1439         * heap/CopiedBlock.h: Changed to add padding so that the start of the payload is always 
1440         guaranteed to be 8 byte aligned on both 64- and 32-bit platforms.
1441         (CopiedBlock):
1442         * heap/CopiedSpace.cpp: Changed all assertions of isPointerAligned to is8ByteAligned.
1443         (JSC::CopiedSpace::tryAllocateOversize):
1444         (JSC::CopiedSpace::getFreshBlock):
1445         * heap/CopiedSpaceInlineMethods.h:
1446         (JSC::CopiedSpace::allocateFromBlock):
1447         * runtime/JSArray.h:
1448         (ArrayStorage): Added padding for ArrayStorage to make sure that it is always 8 byte 
1449         aligned on both 64- and 32-bit platforms.
1450         * wtf/StdLibExtras.h:
1451         (WTF::is8ByteAligned): Added new utility function that functions similarly to the 
1452         way isPointerAligned does, but it just always checks for 8 byte alignment.
1453         (WTF):
1454
1455 2012-02-22  Sheriff Bot  <webkit.review.bot@gmail.com>
1456
1457         Unreviewed, rolling out r108456.
1458         http://trac.webkit.org/changeset/108456
1459         https://bugs.webkit.org/show_bug.cgi?id=79223
1460
1461         Broke fast/regex/pcre-test-4.html and cannot find anyone on
1462         IRC (Requested by zherczeg on #webkit).
1463
1464         * yarr/YarrJIT.cpp:
1465         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterGreedy):
1466
1467 2012-02-22  Sheriff Bot  <webkit.review.bot@gmail.com>
1468
1469         Unreviewed, rolling out r108468.
1470         http://trac.webkit.org/changeset/108468
1471         https://bugs.webkit.org/show_bug.cgi?id=79219
1472
1473         Broke Chromium Win release build (Requested by bashi on
1474         #webkit).
1475
1476         * wtf/Platform.h:
1477
1478 2012-02-22  Kenichi Ishibashi  <bashi@chromium.org>
1479
1480         Adding WebSocket per-frame DEFLATE extension
1481         https://bugs.webkit.org/show_bug.cgi?id=77522
1482
1483         Added USE(ZLIB) flag.
1484
1485         Reviewed by Kent Tamura.
1486
1487         * wtf/Platform.h:
1488
1489 2012-02-22  Hojong Han  <hojong.han@samsung.com>
1490
1491         Short circuit fixed for a 16 bt pattern character and an 8 bit string.
1492         https://bugs.webkit.org/show_bug.cgi?id=75602
1493
1494         Reviewed by Gavin Barraclough.
1495
1496         * yarr/YarrJIT.cpp:
1497         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterGreedy):
1498
1499 2012-02-21  Filip Pizlo  <fpizlo@apple.com>
1500
1501         Build fix for systems with case sensitive disks.
1502
1503         * llint/LLIntOfflineAsmConfig.h:
1504
1505 2012-02-21  Filip Pizlo  <fpizlo@apple.com>
1506
1507         JSC should be a triple-tier VM
1508         https://bugs.webkit.org/show_bug.cgi?id=75812
1509         <rdar://problem/10079694>
1510
1511         Reviewed by Gavin Barraclough.
1512         
1513         Implemented an interpreter that uses the JIT's calling convention. This
1514         interpreter is called LLInt, or the Low Level Interpreter. JSC will now
1515         will start by executing code in LLInt and will only tier up to the old
1516         JIT after the code is proven hot.
1517         
1518         LLInt is written in a modified form of our macro assembly. This new macro
1519         assembly is compiled by an offline assembler (see offlineasm), which
1520         implements many modern conveniences such as a Turing-complete CPS-based
1521         macro language and direct access to relevant C++ type information
1522         (basically offsets of fields and sizes of structs/classes).
1523         
1524         Code executing in LLInt appears to the rest of the JSC world "as if" it
1525         were executing in the old JIT. Hence, things like exception handling and
1526         cross-execution-engine calls just work and require pretty much no
1527         additional overhead.
1528         
1529         This interpreter is 2-2.5x faster than our old interpreter on SunSpider,
1530         V8, and Kraken. With triple-tiering turned on, we're neutral on SunSpider,
1531         V8, and Kraken, but appear to get a double-digit improvement on real-world
1532         websites due to a huge reduction in the amount of JIT'ing.
1533         
1534         * CMakeLists.txt:
1535         * GNUmakefile.am:
1536         * GNUmakefile.list.am:
1537         * JavaScriptCore.pri:
1538         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1539         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
1540         * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
1541         * JavaScriptCore.xcodeproj/project.pbxproj:
1542         * Target.pri:
1543         * assembler/LinkBuffer.h:
1544         * assembler/MacroAssemblerCodeRef.h:
1545         (MacroAssemblerCodePtr):
1546         (JSC::MacroAssemblerCodePtr::createFromExecutableAddress):
1547         * bytecode/BytecodeConventions.h: Added.
1548         * bytecode/CallLinkStatus.cpp:
1549         (JSC::CallLinkStatus::computeFromLLInt):
1550         (JSC):
1551         (JSC::CallLinkStatus::computeFor):
1552         * bytecode/CallLinkStatus.h:
1553         (JSC::CallLinkStatus::isSet):
1554         (JSC::CallLinkStatus::operator!):
1555         (CallLinkStatus):
1556         * bytecode/CodeBlock.cpp:
1557         (JSC::CodeBlock::dump):
1558         (JSC::CodeBlock::CodeBlock):
1559         (JSC::CodeBlock::~CodeBlock):
1560         (JSC::CodeBlock::finalizeUnconditionally):
1561         (JSC::CodeBlock::stronglyVisitStrongReferences):
1562         (JSC):
1563         (JSC::CodeBlock::unlinkCalls):
1564         (JSC::CodeBlock::unlinkIncomingCalls):
1565         (JSC::CodeBlock::bytecodeOffset):
1566         (JSC::ProgramCodeBlock::jettison):
1567         (JSC::EvalCodeBlock::jettison):
1568         (JSC::FunctionCodeBlock::jettison):
1569         (JSC::ProgramCodeBlock::jitCompileImpl):
1570         (JSC::EvalCodeBlock::jitCompileImpl):
1571         (JSC::FunctionCodeBlock::jitCompileImpl):
1572         * bytecode/CodeBlock.h:
1573         (JSC):
1574         (CodeBlock):
1575         (JSC::CodeBlock::baselineVersion):
1576         (JSC::CodeBlock::linkIncomingCall):
1577         (JSC::CodeBlock::bytecodeOffset):
1578         (JSC::CodeBlock::jitCompile):
1579         (JSC::CodeBlock::hasOptimizedReplacement):
1580         (JSC::CodeBlock::addPropertyAccessInstruction):
1581         (JSC::CodeBlock::addGlobalResolveInstruction):
1582         (JSC::CodeBlock::addLLIntCallLinkInfo):
1583         (JSC::CodeBlock::addGlobalResolveInfo):
1584         (JSC::CodeBlock::numberOfMethodCallLinkInfos):
1585         (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset):
1586         (JSC::CodeBlock::likelyToTakeSlowCase):
1587         (JSC::CodeBlock::couldTakeSlowCase):
1588         (JSC::CodeBlock::likelyToTakeSpecialFastCase):
1589         (JSC::CodeBlock::likelyToTakeDeepestSlowCase):
1590         (JSC::CodeBlock::likelyToTakeAnySlowCase):
1591         (JSC::CodeBlock::addFrequentExitSite):
1592         (JSC::CodeBlock::dontJITAnytimeSoon):
1593         (JSC::CodeBlock::jitAfterWarmUp):
1594         (JSC::CodeBlock::jitSoon):
1595         (JSC::CodeBlock::llintExecuteCounter):
1596         (ProgramCodeBlock):
1597         (EvalCodeBlock):
1598         (FunctionCodeBlock):
1599         * bytecode/GetByIdStatus.cpp:
1600         (JSC::GetByIdStatus::computeFromLLInt):
1601         (JSC):
1602         (JSC::GetByIdStatus::computeFor):
1603         * bytecode/GetByIdStatus.h:
1604         (JSC::GetByIdStatus::GetByIdStatus):
1605         (JSC::GetByIdStatus::wasSeenInJIT):
1606         (GetByIdStatus):
1607         * bytecode/Instruction.h:
1608         (JSC):
1609         (JSC::Instruction::Instruction):
1610         (Instruction):
1611         * bytecode/LLIntCallLinkInfo.h: Added.
1612         (JSC):
1613         (JSC::LLIntCallLinkInfo::LLIntCallLinkInfo):
1614         (LLIntCallLinkInfo):
1615         (JSC::LLIntCallLinkInfo::~LLIntCallLinkInfo):
1616         (JSC::LLIntCallLinkInfo::isLinked):
1617         (JSC::LLIntCallLinkInfo::unlink):
1618         * bytecode/MethodCallLinkStatus.cpp:
1619         (JSC::MethodCallLinkStatus::computeFor):
1620         * bytecode/Opcode.cpp:
1621         (JSC):
1622         * bytecode/Opcode.h:
1623         (JSC):
1624         (JSC::padOpcodeName):
1625         * bytecode/PutByIdStatus.cpp:
1626         (JSC::PutByIdStatus::computeFromLLInt):
1627         (JSC):
1628         (JSC::PutByIdStatus::computeFor):
1629         * bytecode/PutByIdStatus.h:
1630         (PutByIdStatus):
1631         * bytecompiler/BytecodeGenerator.cpp:
1632         (JSC::BytecodeGenerator::emitResolve):
1633         (JSC::BytecodeGenerator::emitResolveWithBase):
1634         (JSC::BytecodeGenerator::emitGetById):
1635         (JSC::BytecodeGenerator::emitPutById):
1636         (JSC::BytecodeGenerator::emitDirectPutById):
1637         (JSC::BytecodeGenerator::emitCall):
1638         (JSC::BytecodeGenerator::emitConstruct):
1639         (JSC::BytecodeGenerator::emitCatch):
1640         * dfg/DFGByteCodeParser.cpp:
1641         (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
1642         (JSC::DFG::ByteCodeParser::handleInlining):
1643         (JSC::DFG::ByteCodeParser::parseBlock):
1644         * dfg/DFGCapabilities.h:
1645         (JSC::DFG::canCompileOpcode):
1646         * dfg/DFGOSRExitCompiler.cpp:
1647         * dfg/DFGOperations.cpp:
1648         * heap/Heap.h:
1649         (JSC):
1650         (JSC::Heap::firstAllocatorWithoutDestructors):
1651         (Heap):
1652         * heap/MarkStack.cpp:
1653         (JSC::visitChildren):
1654         * heap/MarkedAllocator.h:
1655         (JSC):
1656         (MarkedAllocator):
1657         * heap/MarkedSpace.h:
1658         (JSC):
1659         (MarkedSpace):
1660         (JSC::MarkedSpace::firstAllocator):
1661         * interpreter/CallFrame.cpp:
1662         (JSC):
1663         (JSC::CallFrame::bytecodeOffsetForNonDFGCode):
1664         (JSC::CallFrame::setBytecodeOffsetForNonDFGCode):
1665         (JSC::CallFrame::currentVPC):
1666         (JSC::CallFrame::setCurrentVPC):
1667         (JSC::CallFrame::trueCallerFrame):
1668         * interpreter/CallFrame.h:
1669         (JSC::ExecState::hasReturnPC):
1670         (JSC::ExecState::clearReturnPC):
1671         (ExecState):
1672         (JSC::ExecState::bytecodeOffsetForNonDFGCode):
1673         (JSC::ExecState::currentVPC):
1674         (JSC::ExecState::setCurrentVPC):
1675         * interpreter/Interpreter.cpp:
1676         (JSC::Interpreter::Interpreter):
1677         (JSC::Interpreter::~Interpreter):
1678         (JSC):
1679         (JSC::Interpreter::initialize):
1680         (JSC::Interpreter::isOpcode):
1681         (JSC::Interpreter::unwindCallFrame):
1682         (JSC::getCallerInfo):
1683         (JSC::Interpreter::privateExecute):
1684         (JSC::Interpreter::retrieveLastCaller):
1685         * interpreter/Interpreter.h:
1686         (JSC):
1687         (Interpreter):
1688         (JSC::Interpreter::getOpcode):
1689         (JSC::Interpreter::getOpcodeID):
1690         (JSC::Interpreter::classicEnabled):
1691         * interpreter/RegisterFile.h:
1692         (JSC):
1693         (RegisterFile):
1694         * jit/ExecutableAllocator.h:
1695         (JSC):
1696         * jit/HostCallReturnValue.cpp: Added.
1697         (JSC):
1698         (JSC::getHostCallReturnValueWithExecState):
1699         * jit/HostCallReturnValue.h: Added.
1700         (JSC):
1701         (JSC::initializeHostCallReturnValue):
1702         * jit/JIT.cpp:
1703         (JSC::JIT::privateCompileMainPass):
1704         (JSC::JIT::privateCompileSlowCases):
1705         (JSC::JIT::privateCompile):
1706         * jit/JITCode.h:
1707         (JSC::JITCode::isOptimizingJIT):
1708         (JITCode):
1709         (JSC::JITCode::isBaselineCode):
1710         (JSC::JITCode::JITCode):
1711         * jit/JITDriver.h:
1712         (JSC::jitCompileIfAppropriate):
1713         (JSC::jitCompileFunctionIfAppropriate):
1714         * jit/JITExceptions.cpp:
1715         (JSC::jitThrow):
1716         * jit/JITInlineMethods.h:
1717         (JSC::JIT::updateTopCallFrame):
1718         * jit/JITStubs.cpp:
1719         (JSC::DEFINE_STUB_FUNCTION):
1720         (JSC):
1721         * jit/JITStubs.h:
1722         (JSC):
1723         * jit/JSInterfaceJIT.h:
1724         * llint: Added.
1725         * llint/LLIntCommon.h: Added.
1726         * llint/LLIntData.cpp: Added.
1727         (LLInt):
1728         (JSC::LLInt::Data::Data):
1729         (JSC::LLInt::Data::performAssertions):
1730         (JSC::LLInt::Data::~Data):
1731         * llint/LLIntData.h: Added.
1732         (JSC):
1733         (LLInt):
1734         (Data):
1735         (JSC::LLInt::Data::exceptionInstructions):
1736         (JSC::LLInt::Data::opcodeMap):
1737         (JSC::LLInt::Data::performAssertions):
1738         * llint/LLIntEntrypoints.cpp: Added.
1739         (LLInt):
1740         (JSC::LLInt::getFunctionEntrypoint):
1741         (JSC::LLInt::getEvalEntrypoint):
1742         (JSC::LLInt::getProgramEntrypoint):
1743         * llint/LLIntEntrypoints.h: Added.
1744         (JSC):
1745         (LLInt):
1746         (JSC::LLInt::getEntrypoint):
1747         * llint/LLIntExceptions.cpp: Added.
1748         (LLInt):
1749         (JSC::LLInt::interpreterThrowInCaller):
1750         (JSC::LLInt::returnToThrowForThrownException):
1751         (JSC::LLInt::returnToThrow):
1752         (JSC::LLInt::callToThrow):
1753         * llint/LLIntExceptions.h: Added.
1754         (JSC):
1755         (LLInt):
1756         * llint/LLIntOfflineAsmConfig.h: Added.
1757         * llint/LLIntOffsetsExtractor.cpp: Added.
1758         (JSC):
1759         (LLIntOffsetsExtractor):
1760         (JSC::LLIntOffsetsExtractor::dummy):
1761         (main):
1762         * llint/LLIntSlowPaths.cpp: Added.
1763         (LLInt):
1764         (JSC::LLInt::llint_trace_operand):
1765         (JSC::LLInt::llint_trace_value):
1766         (JSC::LLInt::LLINT_SLOW_PATH_DECL):
1767         (JSC::LLInt::traceFunctionPrologue):
1768         (JSC::LLInt::shouldJIT):
1769         (JSC::LLInt::entryOSR):
1770         (JSC::LLInt::resolveGlobal):
1771         (JSC::LLInt::getByVal):
1772         (JSC::LLInt::handleHostCall):
1773         (JSC::LLInt::setUpCall):
1774         (JSC::LLInt::genericCall):
1775         * llint/LLIntSlowPaths.h: Added.
1776         (JSC):
1777         (LLInt):
1778         * llint/LLIntThunks.cpp: Added.
1779         (LLInt):
1780         (JSC::LLInt::generateThunkWithJumpTo):
1781         (JSC::LLInt::functionForCallEntryThunkGenerator):
1782         (JSC::LLInt::functionForConstructEntryThunkGenerator):
1783         (JSC::LLInt::functionForCallArityCheckThunkGenerator):
1784         (JSC::LLInt::functionForConstructArityCheckThunkGenerator):
1785         (JSC::LLInt::evalEntryThunkGenerator):
1786         (JSC::LLInt::programEntryThunkGenerator):
1787         * llint/LLIntThunks.h: Added.
1788         (JSC):
1789         (LLInt):
1790         * llint/LowLevelInterpreter.asm: Added.
1791         * llint/LowLevelInterpreter.cpp: Added.
1792         * llint/LowLevelInterpreter.h: Added.
1793         * offlineasm: Added.
1794         * offlineasm/armv7.rb: Added.
1795         * offlineasm/asm.rb: Added.
1796         * offlineasm/ast.rb: Added.
1797         * offlineasm/backends.rb: Added.
1798         * offlineasm/generate_offset_extractor.rb: Added.
1799         * offlineasm/instructions.rb: Added.
1800         * offlineasm/offset_extractor_constants.rb: Added.
1801         * offlineasm/offsets.rb: Added.
1802         * offlineasm/opt.rb: Added.
1803         * offlineasm/parser.rb: Added.
1804         * offlineasm/registers.rb: Added.
1805         * offlineasm/self_hash.rb: Added.
1806         * offlineasm/settings.rb: Added.
1807         * offlineasm/transform.rb: Added.
1808         * offlineasm/x86.rb: Added.
1809         * runtime/CodeSpecializationKind.h: Added.
1810         (JSC):
1811         * runtime/CommonSlowPaths.h:
1812         (JSC::CommonSlowPaths::arityCheckFor):
1813         (CommonSlowPaths):
1814         * runtime/Executable.cpp:
1815         (JSC::jettisonCodeBlock):
1816         (JSC):
1817         (JSC::EvalExecutable::jitCompile):
1818         (JSC::samplingDescription):
1819         (JSC::EvalExecutable::compileInternal):
1820         (JSC::ProgramExecutable::jitCompile):
1821         (JSC::ProgramExecutable::compileInternal):
1822         (JSC::FunctionExecutable::baselineCodeBlockFor):
1823         (JSC::FunctionExecutable::jitCompileForCall):
1824         (JSC::FunctionExecutable::jitCompileForConstruct):
1825         (JSC::FunctionExecutable::compileForCallInternal):
1826         (JSC::FunctionExecutable::compileForConstructInternal):
1827         * runtime/Executable.h:
1828         (JSC):
1829         (EvalExecutable):
1830         (ProgramExecutable):
1831         (FunctionExecutable):
1832         (JSC::FunctionExecutable::jitCompileFor):
1833         * runtime/ExecutionHarness.h: Added.
1834         (JSC):
1835         (JSC::prepareForExecution):
1836         (JSC::prepareFunctionForExecution):
1837         * runtime/JSArray.h:
1838         (JSC):
1839         (JSArray):
1840         * runtime/JSCell.h:
1841         (JSC):
1842         (JSCell):
1843         * runtime/JSFunction.h:
1844         (JSC):
1845         (JSFunction):
1846         * runtime/JSGlobalData.cpp:
1847         (JSC::JSGlobalData::JSGlobalData):
1848         * runtime/JSGlobalData.h:
1849         (JSC):
1850         (JSGlobalData):
1851         * runtime/JSGlobalObject.h:
1852         (JSC):
1853         (JSGlobalObject):
1854         * runtime/JSObject.h:
1855         (JSC):
1856         (JSObject):
1857         (JSFinalObject):
1858         * runtime/JSPropertyNameIterator.h:
1859         (JSC):
1860         (JSPropertyNameIterator):
1861         * runtime/JSString.h:
1862         (JSC):
1863         (JSString):
1864         * runtime/JSTypeInfo.h:
1865         (JSC):
1866         (TypeInfo):
1867         * runtime/JSValue.cpp:
1868         (JSC::JSValue::description):
1869         * runtime/JSValue.h:
1870         (LLInt):
1871         (JSValue):
1872         * runtime/JSVariableObject.h:
1873         (JSC):
1874         (JSVariableObject):
1875         * runtime/Options.cpp:
1876         (Options):
1877         (JSC::Options::initializeOptions):
1878         * runtime/Options.h:
1879         (Options):
1880         * runtime/ScopeChain.h:
1881         (JSC):
1882         (ScopeChainNode):
1883         * runtime/Structure.cpp:
1884         (JSC::Structure::addPropertyTransition):
1885         * runtime/Structure.h:
1886         (JSC):
1887         (Structure):
1888         * runtime/StructureChain.h:
1889         (JSC):
1890         (StructureChain):
1891         * wtf/InlineASM.h:
1892         * wtf/Platform.h:
1893         * wtf/SentinelLinkedList.h:
1894         (SentinelLinkedList):
1895         (WTF::SentinelLinkedList::isEmpty):
1896         * wtf/text/StringImpl.h:
1897         (JSC):
1898         (StringImpl):
1899
1900 2012-02-21  Oliver Hunt  <oliver@apple.com>
1901
1902         Unbreak double-typed arrays on ARMv7
1903         https://bugs.webkit.org/show_bug.cgi?id=79177
1904
1905         Reviewed by Gavin Barraclough.
1906
1907         The existing code had completely broken address arithmetic.
1908
1909         * JSCTypedArrayStubs.h:
1910         (JSC):
1911         * assembler/MacroAssemblerARMv7.h:
1912         (JSC::MacroAssemblerARMv7::storeDouble):
1913         (JSC::MacroAssemblerARMv7::storeFloat):
1914
1915 2012-02-21  Gavin Barraclough  <barraclough@apple.com>
1916
1917         Should be able to reconfigure a non-configurable property as read-only
1918         https://bugs.webkit.org/show_bug.cgi?id=79170
1919
1920         Reviewed by Sam Weinig.
1921
1922         See ES5.1 8.12.9 10.a.i - the spec prohibits making a read-only property writable,
1923         but does not inhibit making a writable property read-only.
1924
1925         * runtime/JSGlobalData.cpp:
1926         (JSC::JSGlobalData::JSGlobalData):
1927         * runtime/JSGlobalData.h:
1928         (JSC::JSGlobalData::setInDefineOwnProperty):
1929         (JSGlobalData):
1930         (JSC::JSGlobalData::isInDefineOwnProperty):
1931             - Added flag, tracking whether we are in JSObject::defineOwnProperty.
1932         * runtime/JSObject.cpp:
1933         (JSC::JSObject::deleteProperty):
1934         (DefineOwnPropertyScope):
1935             - Always allow properties to be deleted by DefineOwnProperty - assume it knows what it is doing!
1936         (JSC::DefineOwnPropertyScope::DefineOwnPropertyScope):
1937         (JSC::DefineOwnPropertyScope::~DefineOwnPropertyScope):
1938             - Added RAII helper.
1939         (JSC::JSObject::defineOwnProperty):
1940             - Track on the globalData when we are in this method.
1941
1942 2012-02-21  Oliver Hunt  <oliver@apple.com>
1943
1944         Make TypedArrays be available in commandline jsc
1945         https://bugs.webkit.org/show_bug.cgi?id=79163
1946
1947         Reviewed by Gavin Barraclough.
1948
1949         Adds a compile time option to have jsc support a basic implementation
1950         of the TypedArrays available in WebCore.  This lets us test the typed
1951         array logic in the JIT witout having to build webcore.
1952
1953         * JSCTypedArrayStubs.h: Added.
1954         (JSC):
1955         * JavaScriptCore.xcodeproj/project.pbxproj:
1956         * jsc.cpp:
1957         (GlobalObject::finishCreation):
1958         (GlobalObject):
1959         (GlobalObject::addConstructableFunction):
1960         * runtime/JSGlobalData.h:
1961         (JSGlobalData):
1962
1963 2012-02-21  Tom Sepez  <tsepez@chromium.org>
1964
1965         equalIgnoringNullity() only comparing half the bytes for equality
1966         https://bugs.webkit.org/show_bug.cgi?id=79135
1967
1968         Reviewed by Adam Barth.
1969
1970         * wtf/text/StringImpl.h:
1971         (WTF::equalIgnoringNullity):
1972
1973 2012-02-21  Roland Takacs  <takacs.roland@stud.u-szeged.hu>
1974
1975         Unnecessary preprocessor macros in MainThread.h/cpp
1976         https://bugs.webkit.org/show_bug.cgi?id=79083
1977
1978         Removed invalid/wrong PLATFORM(WINDOWS) preprocessor macro.
1979
1980         * wtf/MainThread.cpp:
1981         (WTF):
1982         * wtf/MainThread.h:
1983         (WTF):
1984
1985 2012-02-21  Sam Weinig  <sam@webkit.org>
1986
1987         Attempt to fix the Snow Leopard build.
1988
1989         * Configurations/Base.xcconfig:
1990
1991 2012-02-21  Sam Weinig  <sam@webkit.org>
1992
1993         Use libc++ when building with Clang on Mac
1994         https://bugs.webkit.org/show_bug.cgi?id=78981
1995
1996         Reviewed by Dan Bernstein.
1997
1998         * Configurations/Base.xcconfig:
1999
2000 2012-02-21  Adam Roben  <aroben@apple.com>
2001
2002         Roll out r108309, r108323, and r108326
2003
2004         They broke the 32-bit Lion build.
2005
2006         Original bugs is <http://webkit.org/b/75812> <rdar://problem/10079694>.
2007
2008         * CMakeLists.txt:
2009         * GNUmakefile.am:
2010         * GNUmakefile.list.am:
2011         * JavaScriptCore.pri:
2012         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2013         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
2014         * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
2015         * JavaScriptCore.xcodeproj/project.pbxproj:
2016         * Target.pri:
2017         * assembler/LinkBuffer.h:
2018         * assembler/MacroAssemblerCodeRef.h:
2019         * bytecode/BytecodeConventions.h: Removed.
2020         * bytecode/CallLinkStatus.cpp:
2021         * bytecode/CallLinkStatus.h:
2022         * bytecode/CodeBlock.cpp:
2023         * bytecode/CodeBlock.h:
2024         * bytecode/GetByIdStatus.cpp:
2025         * bytecode/GetByIdStatus.h:
2026         * bytecode/Instruction.h:
2027         * bytecode/LLIntCallLinkInfo.h: Removed.
2028         * bytecode/MethodCallLinkStatus.cpp:
2029         * bytecode/Opcode.cpp:
2030         * bytecode/Opcode.h:
2031         * bytecode/PutByIdStatus.cpp:
2032         * bytecode/PutByIdStatus.h:
2033         * bytecompiler/BytecodeGenerator.cpp:
2034         * dfg/DFGByteCodeParser.cpp:
2035         * dfg/DFGCapabilities.h:
2036         * dfg/DFGOSRExitCompiler.cpp:
2037         * dfg/DFGOperations.cpp:
2038         * heap/Heap.h:
2039         * heap/MarkStack.cpp:
2040         * heap/MarkedAllocator.h:
2041         * heap/MarkedSpace.h:
2042         * interpreter/CallFrame.cpp:
2043         * interpreter/CallFrame.h:
2044         * interpreter/Interpreter.cpp:
2045         * interpreter/Interpreter.h:
2046         * interpreter/RegisterFile.h:
2047         * jit/ExecutableAllocator.h:
2048         * jit/HostCallReturnValue.cpp: Removed.
2049         * jit/HostCallReturnValue.h: Removed.
2050         * jit/JIT.cpp:
2051         * jit/JITCode.h:
2052         * jit/JITDriver.h:
2053         * jit/JITExceptions.cpp:
2054         * jit/JITInlineMethods.h:
2055         * jit/JITStubs.cpp:
2056         * jit/JITStubs.h:
2057         * jit/JSInterfaceJIT.h:
2058         * llint/LLIntCommon.h: Removed.
2059         * llint/LLIntData.cpp: Removed.
2060         * llint/LLIntData.h: Removed.
2061         * llint/LLIntEntrypoints.cpp: Removed.
2062         * llint/LLIntEntrypoints.h: Removed.
2063         * llint/LLIntExceptions.cpp: Removed.
2064         * llint/LLIntExceptions.h: Removed.
2065         * llint/LLIntOfflineAsmConfig.h: Removed.
2066         * llint/LLIntOffsetsExtractor.cpp: Removed.
2067         * llint/LLIntSlowPaths.cpp: Removed.
2068         * llint/LLIntSlowPaths.h: Removed.
2069         * llint/LLIntThunks.cpp: Removed.
2070         * llint/LLIntThunks.h: Removed.
2071         * llint/LowLevelInterpreter.asm: Removed.
2072         * llint/LowLevelInterpreter.cpp: Removed.
2073         * llint/LowLevelInterpreter.h: Removed.
2074         * offlineasm/armv7.rb: Removed.
2075         * offlineasm/asm.rb: Removed.
2076         * offlineasm/ast.rb: Removed.
2077         * offlineasm/backends.rb: Removed.
2078         * offlineasm/generate_offset_extractor.rb: Removed.
2079         * offlineasm/instructions.rb: Removed.
2080         * offlineasm/offset_extractor_constants.rb: Removed.
2081         * offlineasm/offsets.rb: Removed.
2082         * offlineasm/opt.rb: Removed.
2083         * offlineasm/parser.rb: Removed.
2084         * offlineasm/registers.rb: Removed.
2085         * offlineasm/self_hash.rb: Removed.
2086         * offlineasm/settings.rb: Removed.
2087         * offlineasm/transform.rb: Removed.
2088         * offlineasm/x86.rb: Removed.
2089         * runtime/CodeSpecializationKind.h: Removed.
2090         * runtime/CommonSlowPaths.h:
2091         * runtime/Executable.cpp:
2092         * runtime/Executable.h:
2093         * runtime/ExecutionHarness.h: Removed.
2094         * runtime/JSArray.h:
2095         * runtime/JSCell.h:
2096         * runtime/JSFunction.h:
2097         * runtime/JSGlobalData.cpp:
2098         * runtime/JSGlobalData.h:
2099         * runtime/JSGlobalObject.h:
2100         * runtime/JSObject.h:
2101         * runtime/JSPropertyNameIterator.h:
2102         * runtime/JSString.h:
2103         * runtime/JSTypeInfo.h:
2104         * runtime/JSValue.cpp:
2105         * runtime/JSValue.h:
2106         * runtime/JSVariableObject.h:
2107         * runtime/Options.cpp:
2108         * runtime/Options.h:
2109         * runtime/ScopeChain.h:
2110         * runtime/Structure.cpp:
2111         * runtime/Structure.h:
2112         * runtime/StructureChain.h:
2113         * wtf/InlineASM.h:
2114         * wtf/Platform.h:
2115         * wtf/SentinelLinkedList.h:
2116         * wtf/text/StringImpl.h:
2117
2118 2012-02-21  Gustavo Noronha Silva  <kov@debian.org> and Bob Tracy  <rct@frus.com>
2119
2120         Does not build on IA64, SPARC and Alpha
2121         https://bugs.webkit.org/show_bug.cgi?id=79047
2122
2123         Rubber-stamped by Kent Tamura.
2124
2125         * wtf/dtoa/utils.h: these architectures also have correct double
2126         operations, so add them to the appropriate side of the check.
2127
2128 2012-02-21  Filip Pizlo  <fpizlo@apple.com>
2129
2130         Fix massive crashes in all tests introduced by previous build fix, and fix non-DFG build.
2131         https://bugs.webkit.org/show_bug.cgi?id=75812
2132
2133         Reviewed by Csaba Osztrogonác.
2134
2135         * dfg/DFGOperations.cpp:
2136         (JSC):
2137         * jit/HostCallReturnValue.h:
2138         (JSC::initializeHostCallReturnValue):
2139
2140 2012-02-21  Filip Pizlo  <fpizlo@apple.com>
2141
2142         Attempted build fix for ELF platforms.
2143
2144         * dfg/DFGOperations.cpp:
2145         (JSC):
2146         (JSC::getHostCallReturnValueWithExecState):
2147         * jit/HostCallReturnValue.cpp:
2148         (JSC):
2149         * jit/HostCallReturnValue.h:
2150         (JSC::initializeHostCallReturnValue):
2151
2152 2012-02-20  Filip Pizlo  <fpizlo@apple.com>
2153
2154         JSC should be a triple-tier VM
2155         https://bugs.webkit.org/show_bug.cgi?id=75812
2156         <rdar://problem/10079694>
2157
2158         Reviewed by Gavin Barraclough.
2159         
2160         Implemented an interpreter that uses the JIT's calling convention. This
2161         interpreter is called LLInt, or the Low Level Interpreter. JSC will now
2162         will start by executing code in LLInt and will only tier up to the old
2163         JIT after the code is proven hot.
2164         
2165         LLInt is written in a modified form of our macro assembly. This new macro
2166         assembly is compiled by an offline assembler (see offlineasm), which
2167         implements many modern conveniences such as a Turing-complete CPS-based
2168         macro language and direct access to relevant C++ type information
2169         (basically offsets of fields and sizes of structs/classes).
2170         
2171         Code executing in LLInt appears to the rest of the JSC world "as if" it
2172         were executing in the old JIT. Hence, things like exception handling and
2173         cross-execution-engine calls just work and require pretty much no
2174         additional overhead.
2175         
2176         This interpreter is 2-2.5x faster than our old interpreter on SunSpider,
2177         V8, and Kraken. With triple-tiering turned on, we're neutral on SunSpider,
2178         V8, and Kraken, but appear to get a double-digit improvement on real-world
2179         websites due to a huge reduction in the amount of JIT'ing.
2180         
2181         * CMakeLists.txt:
2182         * GNUmakefile.am:
2183         * GNUmakefile.list.am:
2184         * JavaScriptCore.pri:
2185         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2186         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
2187         * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
2188         * JavaScriptCore.xcodeproj/project.pbxproj:
2189         * Target.pri:
2190         * assembler/LinkBuffer.h:
2191         * assembler/MacroAssemblerCodeRef.h:
2192         (MacroAssemblerCodePtr):
2193         (JSC::MacroAssemblerCodePtr::createFromExecutableAddress):
2194         * bytecode/BytecodeConventions.h: Added.
2195         * bytecode/CallLinkStatus.cpp:
2196         (JSC::CallLinkStatus::computeFromLLInt):
2197         (JSC):
2198         (JSC::CallLinkStatus::computeFor):
2199         * bytecode/CallLinkStatus.h:
2200         (JSC::CallLinkStatus::isSet):
2201         (JSC::CallLinkStatus::operator!):
2202         (CallLinkStatus):
2203         * bytecode/CodeBlock.cpp:
2204         (JSC::CodeBlock::dump):
2205         (JSC::CodeBlock::CodeBlock):
2206         (JSC::CodeBlock::~CodeBlock):
2207         (JSC::CodeBlock::finalizeUnconditionally):
2208         (JSC::CodeBlock::stronglyVisitStrongReferences):
2209         (JSC):
2210         (JSC::CodeBlock::unlinkCalls):
2211         (JSC::CodeBlock::unlinkIncomingCalls):
2212         (JSC::CodeBlock::bytecodeOffset):
2213         (JSC::ProgramCodeBlock::jettison):
2214         (JSC::EvalCodeBlock::jettison):
2215         (JSC::FunctionCodeBlock::jettison):
2216         (JSC::ProgramCodeBlock::jitCompileImpl):
2217         (JSC::EvalCodeBlock::jitCompileImpl):
2218         (JSC::FunctionCodeBlock::jitCompileImpl):
2219         * bytecode/CodeBlock.h:
2220         (JSC):
2221         (CodeBlock):
2222         (JSC::CodeBlock::baselineVersion):
2223         (JSC::CodeBlock::linkIncomingCall):
2224         (JSC::CodeBlock::bytecodeOffset):
2225         (JSC::CodeBlock::jitCompile):
2226         (JSC::CodeBlock::hasOptimizedReplacement):
2227         (JSC::CodeBlock::addPropertyAccessInstruction):
2228         (JSC::CodeBlock::addGlobalResolveInstruction):
2229         (JSC::CodeBlock::addLLIntCallLinkInfo):
2230         (JSC::CodeBlock::addGlobalResolveInfo):
2231         (JSC::CodeBlock::numberOfMethodCallLinkInfos):
2232         (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset):
2233         (JSC::CodeBlock::likelyToTakeSlowCase):
2234         (JSC::CodeBlock::couldTakeSlowCase):
2235         (JSC::CodeBlock::likelyToTakeSpecialFastCase):
2236         (JSC::CodeBlock::likelyToTakeDeepestSlowCase):
2237         (JSC::CodeBlock::likelyToTakeAnySlowCase):
2238         (JSC::CodeBlock::addFrequentExitSite):
2239         (JSC::CodeBlock::dontJITAnytimeSoon):
2240         (JSC::CodeBlock::jitAfterWarmUp):
2241         (JSC::CodeBlock::jitSoon):
2242         (JSC::CodeBlock::llintExecuteCounter):
2243         (ProgramCodeBlock):
2244         (EvalCodeBlock):
2245         (FunctionCodeBlock):
2246         * bytecode/GetByIdStatus.cpp:
2247         (JSC::GetByIdStatus::computeFromLLInt):
2248         (JSC):
2249         (JSC::GetByIdStatus::computeFor):
2250         * bytecode/GetByIdStatus.h:
2251         (JSC::GetByIdStatus::GetByIdStatus):
2252         (JSC::GetByIdStatus::wasSeenInJIT):
2253         (GetByIdStatus):
2254         * bytecode/Instruction.h:
2255         (JSC):
2256         (JSC::Instruction::Instruction):
2257         (Instruction):
2258         * bytecode/LLIntCallLinkInfo.h: Added.
2259         (JSC):
2260         (JSC::LLIntCallLinkInfo::LLIntCallLinkInfo):
2261         (LLIntCallLinkInfo):
2262         (JSC::LLIntCallLinkInfo::~LLIntCallLinkInfo):
2263         (JSC::LLIntCallLinkInfo::isLinked):
2264         (JSC::LLIntCallLinkInfo::unlink):
2265         * bytecode/MethodCallLinkStatus.cpp:
2266         (JSC::MethodCallLinkStatus::computeFor):
2267         * bytecode/Opcode.cpp:
2268         (JSC):
2269         * bytecode/Opcode.h:
2270         (JSC):
2271         (JSC::padOpcodeName):
2272         * bytecode/PutByIdStatus.cpp:
2273         (JSC::PutByIdStatus::computeFromLLInt):
2274         (JSC):
2275         (JSC::PutByIdStatus::computeFor):
2276         * bytecode/PutByIdStatus.h:
2277         (PutByIdStatus):
2278         * bytecompiler/BytecodeGenerator.cpp:
2279         (JSC::BytecodeGenerator::emitResolve):
2280         (JSC::BytecodeGenerator::emitResolveWithBase):
2281         (JSC::BytecodeGenerator::emitGetById):
2282         (JSC::BytecodeGenerator::emitPutById):
2283         (JSC::BytecodeGenerator::emitDirectPutById):
2284         (JSC::BytecodeGenerator::emitCall):
2285         (JSC::BytecodeGenerator::emitConstruct):
2286         (JSC::BytecodeGenerator::emitCatch):
2287         * dfg/DFGByteCodeParser.cpp:
2288         (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
2289         (JSC::DFG::ByteCodeParser::handleInlining):
2290         (JSC::DFG::ByteCodeParser::parseBlock):
2291         * dfg/DFGCapabilities.h:
2292         (JSC::DFG::canCompileOpcode):
2293         * dfg/DFGOSRExitCompiler.cpp:
2294         * dfg/DFGOperations.cpp:
2295         * heap/Heap.h:
2296         (JSC):
2297         (JSC::Heap::firstAllocatorWithoutDestructors):
2298         (Heap):
2299         * heap/MarkStack.cpp:
2300         (JSC::visitChildren):
2301         * heap/MarkedAllocator.h:
2302         (JSC):
2303         (MarkedAllocator):
2304         * heap/MarkedSpace.h:
2305         (JSC):
2306         (MarkedSpace):
2307         (JSC::MarkedSpace::firstAllocator):
2308         * interpreter/CallFrame.cpp:
2309         (JSC):
2310         (JSC::CallFrame::bytecodeOffsetForNonDFGCode):
2311         (JSC::CallFrame::setBytecodeOffsetForNonDFGCode):
2312         (JSC::CallFrame::currentVPC):
2313         (JSC::CallFrame::setCurrentVPC):
2314         (JSC::CallFrame::trueCallerFrame):
2315         * interpreter/CallFrame.h:
2316         (JSC::ExecState::hasReturnPC):
2317         (JSC::ExecState::clearReturnPC):
2318         (ExecState):
2319         (JSC::ExecState::bytecodeOffsetForNonDFGCode):
2320         (JSC::ExecState::currentVPC):
2321         (JSC::ExecState::setCurrentVPC):
2322         * interpreter/Interpreter.cpp:
2323         (JSC::Interpreter::Interpreter):
2324         (JSC::Interpreter::~Interpreter):
2325         (JSC):
2326         (JSC::Interpreter::initialize):
2327         (JSC::Interpreter::isOpcode):
2328         (JSC::Interpreter::unwindCallFrame):
2329         (JSC::getCallerInfo):
2330         (JSC::Interpreter::privateExecute):
2331         (JSC::Interpreter::retrieveLastCaller):
2332         * interpreter/Interpreter.h:
2333         (JSC):
2334         (Interpreter):
2335         (JSC::Interpreter::getOpcode):
2336         (JSC::Interpreter::getOpcodeID):
2337         (JSC::Interpreter::classicEnabled):
2338         * interpreter/RegisterFile.h:
2339         (JSC):
2340         (RegisterFile):
2341         * jit/ExecutableAllocator.h:
2342         (JSC):
2343         * jit/HostCallReturnValue.cpp: Added.
2344         (JSC):
2345         (JSC::getHostCallReturnValueWithExecState):
2346         * jit/HostCallReturnValue.h: Added.
2347         (JSC):
2348         (JSC::initializeHostCallReturnValue):
2349         * jit/JIT.cpp:
2350         (JSC::JIT::privateCompileMainPass):
2351         (JSC::JIT::privateCompileSlowCases):
2352         (JSC::JIT::privateCompile):
2353         * jit/JITCode.h:
2354         (JSC::JITCode::isOptimizingJIT):
2355         (JITCode):
2356         (JSC::JITCode::isBaselineCode):
2357         (JSC::JITCode::JITCode):
2358         * jit/JITDriver.h:
2359         (JSC::jitCompileIfAppropriate):
2360         (JSC::jitCompileFunctionIfAppropriate):
2361         * jit/JITExceptions.cpp:
2362         (JSC::jitThrow):
2363         * jit/JITInlineMethods.h:
2364         (JSC::JIT::updateTopCallFrame):
2365         * jit/JITStubs.cpp:
2366         (JSC::DEFINE_STUB_FUNCTION):
2367         (JSC):
2368         * jit/JITStubs.h:
2369         (JSC):
2370         * jit/JSInterfaceJIT.h:
2371         * llint: Added.
2372         * llint/LLIntCommon.h: Added.
2373         * llint/LLIntData.cpp: Added.
2374         (LLInt):
2375         (JSC::LLInt::Data::Data):
2376         (JSC::LLInt::Data::performAssertions):
2377         (JSC::LLInt::Data::~Data):
2378         * llint/LLIntData.h: Added.
2379         (JSC):
2380         (LLInt):
2381         (Data):
2382         (JSC::LLInt::Data::exceptionInstructions):
2383         (JSC::LLInt::Data::opcodeMap):
2384         (JSC::LLInt::Data::performAssertions):
2385         * llint/LLIntEntrypoints.cpp: Added.
2386         (LLInt):
2387         (JSC::LLInt::getFunctionEntrypoint):
2388         (JSC::LLInt::getEvalEntrypoint):
2389         (JSC::LLInt::getProgramEntrypoint):
2390         * llint/LLIntEntrypoints.h: Added.
2391         (JSC):
2392         (LLInt):
2393         (JSC::LLInt::getEntrypoint):
2394         * llint/LLIntExceptions.cpp: Added.
2395         (LLInt):
2396         (JSC::LLInt::interpreterThrowInCaller):
2397         (JSC::LLInt::returnToThrowForThrownException):
2398         (JSC::LLInt::returnToThrow):
2399         (JSC::LLInt::callToThrow):
2400         * llint/LLIntExceptions.h: Added.
2401         (JSC):
2402         (LLInt):
2403         * llint/LLIntOfflineAsmConfig.h: Added.
2404         * llint/LLIntOffsetsExtractor.cpp: Added.
2405         (JSC):
2406         (LLIntOffsetsExtractor):
2407         (JSC::LLIntOffsetsExtractor::dummy):
2408         (main):
2409         * llint/LLIntSlowPaths.cpp: Added.
2410         (LLInt):
2411         (JSC::LLInt::llint_trace_operand):
2412         (JSC::LLInt::llint_trace_value):
2413         (JSC::LLInt::LLINT_SLOW_PATH_DECL):
2414         (JSC::LLInt::traceFunctionPrologue):
2415         (JSC::LLInt::shouldJIT):
2416         (JSC::LLInt::entryOSR):
2417         (JSC::LLInt::resolveGlobal):
2418         (JSC::LLInt::getByVal):
2419         (JSC::LLInt::handleHostCall):
2420         (JSC::LLInt::setUpCall):
2421         (JSC::LLInt::genericCall):
2422         * llint/LLIntSlowPaths.h: Added.
2423         (JSC):
2424         (LLInt):
2425         * llint/LLIntThunks.cpp: Added.
2426         (LLInt):
2427         (JSC::LLInt::generateThunkWithJumpTo):
2428         (JSC::LLInt::functionForCallEntryThunkGenerator):
2429         (JSC::LLInt::functionForConstructEntryThunkGenerator):
2430         (JSC::LLInt::functionForCallArityCheckThunkGenerator):
2431         (JSC::LLInt::functionForConstructArityCheckThunkGenerator):
2432         (JSC::LLInt::evalEntryThunkGenerator):
2433         (JSC::LLInt::programEntryThunkGenerator):
2434         * llint/LLIntThunks.h: Added.
2435         (JSC):
2436         (LLInt):
2437         * llint/LowLevelInterpreter.asm: Added.
2438         * llint/LowLevelInterpreter.cpp: Added.
2439         * llint/LowLevelInterpreter.h: Added.
2440         * offlineasm: Added.
2441         * offlineasm/armv7.rb: Added.
2442         * offlineasm/asm.rb: Added.
2443         * offlineasm/ast.rb: Added.
2444         * offlineasm/backends.rb: Added.
2445         * offlineasm/generate_offset_extractor.rb: Added.
2446         * offlineasm/instructions.rb: Added.
2447         * offlineasm/offset_extractor_constants.rb: Added.
2448         * offlineasm/offsets.rb: Added.
2449         * offlineasm/opt.rb: Added.
2450         * offlineasm/parser.rb: Added.
2451         * offlineasm/registers.rb: Added.
2452         * offlineasm/self_hash.rb: Added.
2453         * offlineasm/settings.rb: Added.
2454         * offlineasm/transform.rb: Added.
2455         * offlineasm/x86.rb: Added.
2456         * runtime/CodeSpecializationKind.h: Added.
2457         (JSC):
2458         * runtime/CommonSlowPaths.h:
2459         (JSC::CommonSlowPaths::arityCheckFor):
2460         (CommonSlowPaths):
2461         * runtime/Executable.cpp:
2462         (JSC::jettisonCodeBlock):
2463         (JSC):
2464         (JSC::EvalExecutable::jitCompile):
2465         (JSC::samplingDescription):
2466         (JSC::EvalExecutable::compileInternal):
2467         (JSC::ProgramExecutable::jitCompile):
2468         (JSC::ProgramExecutable::compileInternal):
2469         (JSC::FunctionExecutable::baselineCodeBlockFor):
2470         (JSC::FunctionExecutable::jitCompileForCall):
2471         (JSC::FunctionExecutable::jitCompileForConstruct):
2472         (JSC::FunctionExecutable::compileForCallInternal):
2473         (JSC::FunctionExecutable::compileForConstructInternal):
2474         * runtime/Executable.h:
2475         (JSC):
2476         (EvalExecutable):
2477         (ProgramExecutable):
2478         (FunctionExecutable):
2479         (JSC::FunctionExecutable::jitCompileFor):
2480         * runtime/ExecutionHarness.h: Added.
2481         (JSC):
2482         (JSC::prepareForExecution):
2483         (JSC::prepareFunctionForExecution):
2484         * runtime/JSArray.h:
2485         (JSC):
2486         (JSArray):
2487         * runtime/JSCell.h:
2488         (JSC):
2489         (JSCell):
2490         * runtime/JSFunction.h:
2491         (JSC):
2492         (JSFunction):
2493         * runtime/JSGlobalData.cpp:
2494         (JSC::JSGlobalData::JSGlobalData):
2495         * runtime/JSGlobalData.h:
2496         (JSC):
2497         (JSGlobalData):
2498         * runtime/JSGlobalObject.h:
2499         (JSC):
2500         (JSGlobalObject):
2501         * runtime/JSObject.h:
2502         (JSC):
2503         (JSObject):
2504         (JSFinalObject):
2505         * runtime/JSPropertyNameIterator.h:
2506         (JSC):
2507         (JSPropertyNameIterator):
2508         * runtime/JSString.h:
2509         (JSC):
2510         (JSString):
2511         * runtime/JSTypeInfo.h:
2512         (JSC):
2513         (TypeInfo):
2514         * runtime/JSValue.cpp:
2515         (JSC::JSValue::description):
2516         * runtime/JSValue.h:
2517         (LLInt):
2518         (JSValue):
2519         * runtime/JSVariableObject.h:
2520         (JSC):
2521         (JSVariableObject):
2522         * runtime/Options.cpp:
2523         (Options):
2524         (JSC::Options::initializeOptions):
2525         * runtime/Options.h:
2526         (Options):
2527         * runtime/ScopeChain.h:
2528         (JSC):
2529         (ScopeChainNode):
2530         * runtime/Structure.cpp:
2531         (JSC::Structure::addPropertyTransition):
2532         * runtime/Structure.h:
2533         (JSC):
2534         (Structure):
2535         * runtime/StructureChain.h:
2536         (JSC):
2537         (StructureChain):
2538         * wtf/InlineASM.h:
2539         * wtf/Platform.h:
2540         * wtf/SentinelLinkedList.h:
2541         (SentinelLinkedList):
2542         (WTF::SentinelLinkedList::isEmpty):
2543         * wtf/text/StringImpl.h:
2544         (JSC):
2545         (StringImpl):
2546
2547 2012-02-20  Filip Pizlo  <fpizlo@apple.com>
2548
2549         Unreviewed, rolling out http://trac.webkit.org/changeset/108291
2550         It completely broke the 32-bit JIT.
2551
2552         * heap/CopiedAllocator.h:
2553         * heap/CopiedSpace.h:
2554         (CopiedSpace):
2555         * heap/Heap.h:
2556         (JSC::Heap::allocatorForObjectWithDestructor):
2557         * jit/JIT.cpp:
2558         (JSC::JIT::privateCompileSlowCases):
2559         * jit/JIT.h:
2560         (JIT):
2561         * jit/JITInlineMethods.h:
2562         (JSC):
2563         * jit/JITOpcodes.cpp:
2564         (JSC::JIT::emit_op_new_array):
2565         * runtime/JSArray.cpp:
2566         (JSC::storageSize):
2567         (JSC):
2568         * runtime/JSArray.h:
2569         (ArrayStorage):
2570         (JSArray):
2571
2572 2012-02-20  Gavin Barraclough  <barraclough@apple.com>
2573
2574         [[Put]] should throw if prototype chain contains a readonly property.
2575         https://bugs.webkit.org/show_bug.cgi?id=79069
2576
2577         Reviewed by Oliver Hunt.
2578
2579         Currently we only check the base of the put, not the prototype chain.
2580         Fold this check in with the test for accessors.
2581
2582         * runtime/JSObject.cpp:
2583         (JSC::JSObject::put):
2584             - Updated to test all objects in the propotype chain for readonly properties.
2585         (JSC::JSObject::putDirectAccessor):
2586         (JSC::putDescriptor):
2587             - Record the presence of readonly properties on the structure.
2588         * runtime/Structure.cpp:
2589         (JSC::Structure::Structure):
2590             - hasGetterSetterPropertiesExcludingProto expanded to hasReadOnlyOrGetterSetterPropertiesExcludingProto.
2591         * runtime/Structure.h:
2592         (JSC::Structure::hasReadOnlyOrGetterSetterPropertiesExcludingProto):
2593         (JSC::Structure::setHasGetterSetterProperties):
2594             - hasGetterSetterPropertiesExcludingProto expanded to hasReadOnlyOrGetterSetterPropertiesExcludingProto.
2595         (JSC::Structure::setContainsReadOnlyProperties):
2596             - Added.
2597
2598 2012-02-20  Mark Hahnenberg  <mhahnenberg@apple.com>
2599
2600         Implement fast path for op_new_array in the baseline JIT
2601         https://bugs.webkit.org/show_bug.cgi?id=78612
2602
2603         Reviewed by Filip Pizlo.
2604
2605         * heap/CopiedAllocator.h:
2606         (CopiedAllocator): Friended the JIT to allow access to m_currentOffset.
2607         * heap/CopiedSpace.h:
2608         (CopiedSpace): Friended the JIT to allow access to 
2609         (JSC::CopiedSpace::allocator):
2610         * heap/Heap.h:
2611         (JSC::Heap::storageAllocator): Added a getter for the CopiedAllocator class so the JIT
2612         can use it for simple allocation i.e. when we can just bump the offset without having to 
2613         do anything else.
2614         * jit/JIT.cpp:
2615         (JSC::JIT::privateCompileSlowCases): Added new slow case for op_new_array for when
2616         we have to bail out because the fast allocation path fails for whatever reason.
2617         * jit/JIT.h:
2618         (JIT):
2619         * jit/JITInlineMethods.h:
2620         (JSC::JIT::emitAllocateBasicStorage): Added utility function that allows objects to 
2621         allocate generic backing stores. This function is used by emitAllocateJSArray.
2622         (JSC):
2623         (JSC::JIT::emitAllocateJSArray): Added utility function that allows the client to 
2624         more easily allocate JSArrays. This function is used by emit_op_new_array and I expect 
2625         it will also be used for emit_op_new_array_buffer.
2626         * jit/JITOpcodes.cpp:
2627         (JSC::JIT::emit_op_new_array): Changed to do inline allocation of JSArrays. Still does 
2628         a stub call for oversize arrays.
2629         (JSC):
2630         (JSC::JIT::emitSlow_op_new_array): Just bails out to a stub call if we fail in any way on 
2631         the fast path.
2632         * runtime/JSArray.cpp:
2633         (JSC):
2634         * runtime/JSArray.h: Added lots of offset functions for all the fields that we need to 
2635         initialize in the JIT.
2636         (ArrayStorage):
2637         (JSC::ArrayStorage::lengthOffset):
2638         (JSC::ArrayStorage::numValuesInVectorOffset):
2639         (JSC::ArrayStorage::allocBaseOffset):
2640         (JSC::ArrayStorage::vectorOffset):
2641         (JSArray):
2642         (JSC::JSArray::sparseValueMapOffset):
2643         (JSC::JSArray::subclassDataOffset):
2644         (JSC::JSArray::indexBiasOffset):
2645         (JSC):
2646         (JSC::JSArray::storageSize): Moved this function from being a static function in the cpp file
2647         to being a static function in the JSArray class. This move allows the JIT to call it to 
2648         see what size it should allocate.
2649
2650 2012-02-20  Gavin Barraclough  <barraclough@apple.com>
2651
2652         DefineOwnProperty fails with numeric properties & Object.prototype
2653         https://bugs.webkit.org/show_bug.cgi?id=79059
2654
2655         Reviewed by Oliver Hunt.
2656
2657         ObjectPrototype caches whether it contains any numeric properties (m_hasNoPropertiesWithUInt32Names),
2658         calls to defineOwnProperty need to update this cache.
2659
2660         * runtime/ObjectPrototype.cpp:
2661         (JSC::ObjectPrototype::put):
2662         (JSC::ObjectPrototype::defineOwnProperty):
2663         (JSC):
2664         (JSC::ObjectPrototype::getOwnPropertySlotByIndex):
2665         * runtime/ObjectPrototype.h:
2666         (ObjectPrototype):
2667
2668 2012-02-20  Pino Toscano  <pino@debian.org>
2669
2670         Does not build on GNU Hurd
2671         https://bugs.webkit.org/show_bug.cgi?id=79045
2672
2673         Reviewed by Gustavo Noronha Silva.
2674
2675         * wtf/Platform.h: define WTF_OS_HURD.
2676         * wtf/ThreadIdentifierDataPthreads.cpp: adds a band-aid fix
2677         for the lack of PTHREAD_KEYS_MAX definition, with a value which
2678         should not cause issues.
2679
2680 2012-02-20  Gavin Barraclough  <barraclough@apple.com>
2681
2682         Unreviewed windows build fix.
2683
2684         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2685
2686 2012-02-20  Mark Hahnenberg  <mhahnenberg@apple.com>
2687
2688         Undoing accidental changes
2689
2690         * heap/Heap.cpp:
2691         (JSC::Heap::collectAllGarbage):
2692
2693 2012-02-20  Mark Hahnenberg  <mhahnenberg@apple.com>
2694
2695         Factor out allocation in CopySpace into a separate CopyAllocator
2696         https://bugs.webkit.org/show_bug.cgi?id=78610
2697
2698         Reviewed by Oliver Hunt.
2699
2700         Added a new CopyAllocator class, which allows us to do allocations without 
2701         having to load the current offset and store the current offset in the current 
2702         block. This change will allow us to easily do inline assembly in the JIT for 
2703         array allocations.
2704
2705         * GNUmakefile.list.am:
2706         * JavaScriptCore.gypi:
2707         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2708         * JavaScriptCore.xcodeproj/project.pbxproj:
2709         * heap/CopiedAllocator.h: Added.
2710         (JSC):
2711         (CopiedAllocator):
2712         (JSC::CopiedAllocator::currentBlock):
2713         (JSC::CopiedAllocator::CopiedAllocator):
2714         (JSC::CopiedAllocator::allocate):
2715         (JSC::CopiedAllocator::fitsInCurrentBlock):
2716         (JSC::CopiedAllocator::wasLastAllocation):
2717         (JSC::CopiedAllocator::startedCopying):
2718         (JSC::CopiedAllocator::resetCurrentBlock):
2719         (JSC::CopiedAllocator::currentUtilization):
2720         (JSC::CopiedAllocator::resetLastAllocation):
2721         * heap/CopiedBlock.h:
2722         (CopiedBlock):
2723         * heap/CopiedSpace.cpp: Moved some stuff from CopiedSpaceInlineMethods to here because we 
2724         weren't really getting any benefits from having such big functions in a header file.
2725         (JSC::CopiedSpace::CopiedSpace):
2726         (JSC):
2727         (JSC::CopiedSpace::init):
2728         (JSC::CopiedSpace::tryAllocateSlowCase):
2729         (JSC::CopiedSpace::tryAllocateOversize):
2730         (JSC::CopiedSpace::tryReallocate):
2731         (JSC::CopiedSpace::tryReallocateOversize):
2732         (JSC::CopiedSpace::doneFillingBlock):
2733         (JSC::CopiedSpace::doneCopying):
2734         (JSC::CopiedSpace::getFreshBlock):
2735         * heap/CopiedSpace.h:
2736         (CopiedSpace):
2737         * heap/CopiedSpaceInlineMethods.h:
2738         (JSC):
2739         (JSC::CopiedSpace::startedCopying):
2740         (JSC::CopiedSpace::addNewBlock):
2741         (JSC::CopiedSpace::allocateNewBlock):
2742         (JSC::CopiedSpace::fitsInBlock):
2743         (JSC::CopiedSpace::tryAllocate):
2744         (JSC::CopiedSpace::allocateFromBlock):
2745         * heap/Heap.cpp:
2746         (JSC::Heap::collectAllGarbage):
2747         * heap/HeapBlock.h:
2748         (HeapBlock):
2749
2750 2012-02-20  Patrick Gansterer  <paroga@webkit.org>
2751
2752         Fix Visual Studio 2010 build.
2753
2754         * bytecompiler/NodesCodegen.cpp:
2755         (JSC::PropertyListNode::emitBytecode):
2756
2757 2012-02-16  Gavin Barraclough  <barraclough@apple.com>
2758
2759         Move special __proto__ property to Object.prototype
2760         https://bugs.webkit.org/show_bug.cgi?id=78409
2761
2762         Reviewed by Oliver Hunt.
2763
2764         Re-implement this as a regular accessor property.  This has three key benefits:
2765         1) It makes it possible for objects to be given properties named __proto__.
2766         2) Object.prototype.__proto__ can be deleted, preventing object prototypes from being changed.
2767         3) This largely removes the magic used the implement __proto__, it can just be made a regular accessor property.
2768
2769         * parser/Parser.cpp:
2770         (JSC::::parseFunctionInfo):
2771             - No need to prohibit functions named __proto__.
2772         * runtime/JSGlobalObject.cpp:
2773         (JSC::JSGlobalObject::reset):
2774             - Add __proto__ accessor to Object.prototype.
2775         * runtime/JSGlobalObjectFunctions.cpp:
2776         (JSC::globalFuncProtoGetter):
2777         (JSC::globalFuncProtoSetter):
2778             - Definition of the __proto__ accessor functions.
2779         * runtime/JSGlobalObjectFunctions.h:
2780             - Declaration of the __proto__ accessor functions.
2781         * runtime/JSObject.cpp:
2782         (JSC::JSObject::put):
2783             - Remove the special handling for __proto__, there is still a check to allow for a fast guard for accessors excluding __proto__.
2784         (JSC::JSObject::putDirectAccessor):
2785             - Track on the structure whether an object contains accessors other than one for __proto__.
2786         (JSC::JSObject::defineOwnProperty):
2787             - No need to prohibit definition of own properties named __proto__.
2788         * runtime/JSObject.h:
2789         (JSC::JSObject::inlineGetOwnPropertySlot):
2790             - Remove the special handling for __proto__.
2791         (JSC::JSValue::get):
2792             - Remove the special handling for __proto__.
2793         * runtime/JSString.cpp:
2794         (JSC::JSString::getOwnPropertySlot):
2795             - Remove the special handling for __proto__.
2796         * runtime/JSValue.h:
2797         (JSValue):
2798             - Made synthesizePrototype public (this may be needed by the __proto__ getter).
2799         * runtime/ObjectConstructor.cpp:
2800         (JSC::objectConstructorGetPrototypeOf):
2801             - Perform the security check & call prototype() directly.
2802         * runtime/Structure.cpp:
2803         (JSC::Structure::Structure):
2804             - Added 'ExcludingProto' variant of the 'hasGetterSetterProperties' state.
2805         * runtime/Structure.h:
2806         (JSC::Structure::hasGetterSetterPropertiesExcludingProto):
2807         (JSC::Structure::setHasGetterSetterProperties):
2808         (Structure):
2809             - Added 'ExcludingProto' variant of the 'hasGetterSetterProperties' state.
2810
2811 2012-02-20  Michael Saboff  <msaboff@apple.com>
2812
2813         Update toLower and toUpper tests for Unicode 6.1 changes
2814         https://bugs.webkit.org/show_bug.cgi?id=78923
2815
2816         Reviewed by Oliver Hunt.
2817
2818         * tests/mozilla/ecma/String/15.5.4.11-2.js: Updated the test
2819         to handle a third set of results for updated Unicode 6.1
2820         changes.
2821         (getTestCases):
2822         (TestCaseMultiExpected):
2823         (writeTestCaseResultMultiExpected):
2824         (getTestCaseResultMultiExpected):
2825         (test):
2826         (GetUnicodeValues):
2827         (DecimalToHexString):
2828
2829 2012-02-20  Andy Wingo  <wingo@igalia.com>
2830
2831         Remove unused features from CodeFeatures
2832         https://bugs.webkit.org/show_bug.cgi?id=78804
2833
2834         Reviewed by Gavin Barraclough.
2835
2836         * parser/Nodes.h:
2837         * parser/ASTBuilder.h:
2838         (JSC::ClosureFeature):
2839         (JSC::ASTBuilder::createFunctionBody):
2840         (JSC::ASTBuilder::usesClosures):
2841         Remove "ClosureFeature".  Since we track captured variables more
2842         precisely, this bit doesn't do us any good.
2843
2844         (JSC::AssignFeature):
2845         (JSC::ASTBuilder::makeAssignNode):
2846         (JSC::ASTBuilder::makePrefixNode):
2847         (JSC::ASTBuilder::makePostfixNode):
2848         (JSC::ASTBuilder::usesAssignment):
2849         Similarly, remove AssignFeature.  It is unused.
2850
2851 2012-02-19  Carlos Garcia Campos  <cgarcia@igalia.com>
2852
2853         Unreviewed. Fix make distcheck issues.
2854
2855         * GNUmakefile.list.am: Add missing files.
2856
2857 2012-02-18  Sam Weinig  <sam@webkit.org>
2858
2859         Fix style issues in DFG Phase classes
2860         https://bugs.webkit.org/show_bug.cgi?id=78983
2861
2862         Reviewed by Ryosuke Niwa.
2863
2864         * dfg/DFGArithNodeFlagsInferencePhase.cpp:
2865         * dfg/DFGCFAPhase.cpp:
2866         * dfg/DFGCSEPhase.cpp:
2867         * dfg/DFGPredictionPropagationPhase.cpp:
2868         * dfg/DFGVirtualRegisterAllocationPhase.cpp:
2869         Add a space before the colon in class declarations.
2870
2871 2012-02-18  Filip Pizlo  <fpizlo@apple.com>
2872
2873         Attempt to fix Windows build.
2874
2875         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2876
2877 2012-02-18  Sam Weinig  <sam@webkit.org>
2878
2879         Fix the libc++ build.
2880
2881         Reviewed by Anders Carlsson.
2882
2883         * heap/Weak.h:
2884         Libc++'s nullptr emulation does not allow default construction
2885         of the nullptr_t type. Work around this with the arguably clearer
2886         just returning nullptr.
2887
2888 2012-02-18  Filip Pizlo  <fpizlo@apple.com>
2889
2890         DFGPropagator.cpp has too many things
2891         https://bugs.webkit.org/show_bug.cgi?id=78956
2892
2893         Reviewed by Oliver Hunt.
2894         
2895         Added the notion of a DFG::Phase. Removed DFG::Propagator, and took its
2896         various things and put them into separate files. These new phases follow
2897         the naming convention "DFG<name>Phase" where <name> is a noun. They are
2898         called via functions of the form "perform<name>".
2899
2900         * CMakeLists.txt:
2901         * GNUmakefile.list.am:
2902         * JavaScriptCore.xcodeproj/project.pbxproj:
2903         * Target.pri:
2904         * dfg/DFGArithNodeFlagsInferencePhase.cpp: Added.
2905         (DFG):
2906         (JSC::DFG::performArithNodeFlagsInference):
2907         * dfg/DFGArithNodeFlagsInferencePhase.h: Added.
2908         (DFG):
2909         * dfg/DFGCFAPhase.cpp: Added.
2910         (DFG):
2911         (JSC::DFG::performCFA):
2912         * dfg/DFGCFAPhase.h: Added.
2913         (DFG):
2914         * dfg/DFGCSEPhase.cpp: Added.
2915         (DFG):
2916         (JSC::DFG::performCSE):
2917         * dfg/DFGCSEPhase.h: Added.
2918         (DFG):
2919         * dfg/DFGDriver.cpp:
2920         (JSC::DFG::compile):
2921         * dfg/DFGPhase.cpp: Added.
2922         (DFG):
2923         (JSC::DFG::Phase::beginPhase):
2924         (JSC::DFG::Phase::endPhase):
2925         * dfg/DFGPhase.h: Added.
2926         (DFG):
2927         (Phase):
2928         (JSC::DFG::Phase::Phase):
2929         (JSC::DFG::Phase::~Phase):
2930         (JSC::DFG::Phase::globalData):
2931         (JSC::DFG::Phase::codeBlock):
2932         (JSC::DFG::Phase::profiledBlock):
2933         (JSC::DFG::Phase::beginPhase):
2934         (JSC::DFG::Phase::endPhase):
2935         (JSC::DFG::runPhase):
2936         * dfg/DFGPredictionPropagationPhase.cpp: Added.
2937         (DFG):
2938         (JSC::DFG::performPredictionPropagation):
2939         * dfg/DFGPredictionPropagationPhase.h: Added.
2940         (DFG):
2941         * dfg/DFGPropagator.cpp: Removed.
2942         * dfg/DFGPropagator.h: Removed.
2943         * dfg/DFGVirtualRegisterAllocationPhase.cpp: Added.
2944         (DFG):
2945         (JSC::DFG::performVirtualRegisterAllocation):
2946         * dfg/DFGVirtualRegisterAllocationPhase.h: Added.
2947         (DFG):
2948
2949 2012-02-17  Filip Pizlo  <fpizlo@apple.com>
2950
2951         DFG::Graph should have references to JSGlobalData, the CodeBlock being compiled, and
2952         the CodeBlock that was used for profiling
2953         https://bugs.webkit.org/show_bug.cgi?id=78954
2954
2955         Reviewed by Gavin Barraclough.
2956
2957         * bytecode/CodeBlock.h:
2958         (JSC::baselineCodeBlockForOriginAndBaselineCodeBlock):
2959         (JSC):
2960         * dfg/DFGAbstractState.cpp:
2961         (JSC::DFG::AbstractState::AbstractState):
2962         (JSC::DFG::AbstractState::execute):
2963         * dfg/DFGAbstractState.h:
2964         * dfg/DFGAssemblyHelpers.h:
2965         (AssemblyHelpers):
2966         * dfg/DFGByteCodeParser.cpp:
2967         (JSC::DFG::ByteCodeParser::ByteCodeParser):
2968         (JSC::DFG::ByteCodeParser::handleCall):
2969         (JSC::DFG::parse):
2970         * dfg/DFGByteCodeParser.h:
2971         (DFG):
2972         * dfg/DFGDriver.cpp:
2973         (JSC::DFG::compile):
2974         * dfg/DFGGraph.cpp:
2975         (JSC::DFG::Graph::dump):
2976         (JSC::DFG::Graph::predictArgumentTypes):
2977         * dfg/DFGGraph.h:
2978         (JSC::DFG::Graph::Graph):
2979         (Graph):
2980         (JSC::DFG::Graph::getJSConstantPrediction):
2981         (JSC::DFG::Graph::addShouldSpeculateInteger):
2982         (JSC::DFG::Graph::isInt32Constant):
2983         (JSC::DFG::Graph::isDoubleConstant):
2984         (JSC::DFG::Graph::isNumberConstant):
2985         (JSC::DFG::Graph::isBooleanConstant):
2986         (JSC::DFG::Graph::isFunctionConstant):
2987         (JSC::DFG::Graph::valueOfJSConstant):
2988         (JSC::DFG::Graph::valueOfInt32Constant):
2989         (JSC::DFG::Graph::valueOfNumberConstant):
2990         (JSC::DFG::Graph::valueOfBooleanConstant):
2991         (JSC::DFG::Graph::valueOfFunctionConstant):
2992         (JSC::DFG::Graph::baselineCodeBlockFor):
2993         (JSC::DFG::Graph::valueProfileFor):
2994         (JSC::DFG::Graph::addImmediateShouldSpeculateInteger):
2995         * dfg/DFGJITCompiler.h:
2996         (JSC::DFG::JITCompiler::JITCompiler):
2997         (JITCompiler):
2998         * dfg/DFGOSRExit.cpp:
2999         (JSC::DFG::OSRExit::considerAddingAsFrequentExitSiteSlow):
3000         * dfg/DFGPropagator.cpp:
3001         (JSC::DFG::Propagator::Propagator):
3002         (JSC::DFG::Propagator::isNotNegZero):
3003         (JSC::DFG::Propagator::isNotZero):
3004         (JSC::DFG::Propagator::propagateNodePredictions):
3005         (JSC::DFG::Propagator::doRoundOfDoubleVoting):
3006         (JSC::DFG::Propagator::globalCFA):
3007         (JSC::DFG::propagate):
3008         * dfg/DFGPropagator.h:
3009         (DFG):
3010         * dfg/DFGSpeculativeJIT.cpp:
3011         (JSC::DFG::SpeculativeJIT::computeValueRecoveryFor):
3012         (JSC::DFG::SpeculativeJIT::compileAdd):
3013         (JSC::DFG::SpeculativeJIT::compileArithSub):
3014         * dfg/DFGSpeculativeJIT.h:
3015         (JSC::DFG::SpeculativeJIT::isConstant):
3016         (JSC::DFG::SpeculativeJIT::isJSConstant):
3017         (JSC::DFG::SpeculativeJIT::isInt32Constant):
3018         (JSC::DFG::SpeculativeJIT::isDoubleConstant):
3019         (JSC::DFG::SpeculativeJIT::isNumberConstant):
3020         (JSC::DFG::SpeculativeJIT::isBooleanConstant):
3021         (JSC::DFG::SpeculativeJIT::isFunctionConstant):
3022         (JSC::DFG::SpeculativeJIT::valueOfInt32Constant):
3023         (JSC::DFG::SpeculativeJIT::valueOfNumberConstant):
3024         (JSC::DFG::SpeculativeJIT::valueOfJSConstant):
3025         (JSC::DFG::SpeculativeJIT::valueOfBooleanConstant):
3026         (JSC::DFG::SpeculativeJIT::valueOfFunctionConstant):
3027         (JSC::DFG::SpeculativeJIT::speculationCheck):
3028         (JSC::DFG::SpeculativeJIT::SpeculativeJIT):
3029
3030 2012-02-17  Ahmad Sharif  <asharif.tools@gmail.com>
3031
3032         There is a warning in memset in glibc that gets triggered through a
3033         warndecl when the fill-value of memset is a non-zero constant and the
3034         size is zero. This warning is enabled when building with
3035         -D_FORTIFY_SOURCE=2. This patch fixes the warning.
3036
3037         https://bugs.webkit.org/show_bug.cgi?id=78513
3038
3039         Reviewed by Alexey Proskuryakov
3040
3041         * wtf/Vector.h:
3042
3043 2012-02-17  Kalev Lember  <kalevlember@gmail.com>
3044
3045         Remove unused parameters from WTF threading API
3046         https://bugs.webkit.org/show_bug.cgi?id=78389
3047
3048         Reviewed by Adam Roben.
3049
3050         waitForThreadCompletion() had an out param 'void **result' to get the
3051         'void *' returned by ThreadFunction. However, the implementation in
3052         ThreadingWin.cpp ignored the out param, not filling it in. This had
3053         led to a situation where none of the client code made use of the param
3054         and just ignored it.
3055
3056         To clean this up, the patch changes the signature of ThreadFunction to
3057         return void instead of void* and drops the the unused 'void **result'
3058         parameter from waitForThreadCompletion. Also, all client code is
3059         updated for the API change.
3060
3061         As mentioned in https://bugs.webkit.org/show_bug.cgi?id=78389 , even
3062         though the change only affects internal API, Safari is using it
3063         directly and we'll need to keep the old versions around for ABI
3064         compatibility. For this, the patch adds compatibility wrappers with
3065         the old ABI.
3066
3067         * JavaScriptCore.order:
3068         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3069         * bytecode/SamplingTool.cpp:
3070         (JSC::SamplingThread::threadStartFunc):
3071         (JSC::SamplingThread::stop):
3072         * bytecode/SamplingTool.h:
3073         (SamplingThread):
3074         * heap/Heap.cpp:
3075         (JSC::Heap::~Heap):
3076         (JSC::Heap::blockFreeingThreadStartFunc):
3077         * heap/Heap.h:
3078         * heap/MarkStack.cpp:
3079         (JSC::MarkStackThreadSharedData::markingThreadStartFunc):
3080         (JSC::MarkStackThreadSharedData::~MarkStackThreadSharedData):
3081         * heap/MarkStack.h:
3082         (MarkStackThreadSharedData):
3083         * wtf/ParallelJobsGeneric.cpp:
3084         (WTF::ParallelEnvironment::ThreadPrivate::workerThread):
3085         * wtf/ParallelJobsGeneric.h:
3086         (ThreadPrivate):
3087         * wtf/ThreadFunctionInvocation.h: Update the signature of
3088         ThreadFunction.
3089         (WTF):
3090         * wtf/Threading.cpp:
3091         (WTF::threadEntryPoint): Update for ThreadFunction signature change.
3092         (WTF):
3093         (WTF::ThreadFunctionWithReturnValueInvocation::ThreadFunctionWithReturnValueInvocation):
3094         ABI compatibility function for Safari.
3095         (ThreadFunctionWithReturnValueInvocation): Ditto.
3096         (WTF::compatEntryPoint): Ditto.
3097         (WTF::createThread): Ditto.
3098         (WTF::waitForThreadCompletion): Ditto.
3099         * wtf/Threading.h: Update the signature of ThreadFunction and
3100         waitForThreadCompletion.
3101         (WTF):
3102         * wtf/ThreadingPthreads.cpp: Implement the new API.
3103         (WTF::wtfThreadEntryPoint):
3104         (WTF):
3105         (WTF::createThreadInternal):
3106         (WTF::waitForThreadCompletion):
3107         * wtf/ThreadingWin.cpp: Implement the new API.
3108         (WTF::wtfThreadEntryPoint):
3109         (WTF::waitForThreadCompletion):
3110
3111 2012-02-16  Oliver Hunt  <oliver@apple.com>
3112
3113         Implement Error.stack
3114         https://bugs.webkit.org/show_bug.cgi?id=66994
3115
3116         Reviewed by Gavin Barraclough.
3117
3118         Implement support for stack traces on exception objects.  This is a rewrite
3119         of the core portion of the last stack walking logic, but the mechanical work
3120         of adding the information to an exception comes from the original work by
3121         Juan Carlos Montemayor Elosua.
3122
3123         * interpreter/Interpreter.cpp:
3124         (JSC::getCallerInfo):
3125         (JSC):
3126         (JSC::getSourceURLFromCallFrame):
3127         (JSC::getStackFrameCodeType):
3128         (JSC::Interpreter::getStackTrace):
3129         (JSC::Interpreter::throwException):
3130         (JSC::Interpreter::privateExecute):
3131         * interpreter/Interpreter.h:
3132         (JSC):
3133         (StackFrame):
3134         (JSC::StackFrame::toString):
3135         (Interpreter):
3136         * jsc.cpp:
3137         (GlobalObject::finishCreation):
3138         (functionJSCStack):
3139         * parser/Nodes.h:
3140         (JSC::FunctionBodyNode::setInferredName):
3141         * parser/Parser.h:
3142         (JSC::::parse):
3143         * runtime/CommonIdentifiers.h:
3144         * runtime/Error.cpp:
3145         (JSC::addErrorInfo):
3146         * runtime/Error.h:
3147         (JSC):
3148
3149 2012-02-17  Mark Hahnenberg  <mhahnenberg@apple.com>
3150
3151         Rename Bump* to Copy*
3152         https://bugs.webkit.org/show_bug.cgi?id=78573
3153
3154         Reviewed by Geoffrey Garen.
3155
3156         Renamed anything with "Bump" in the name to have "Copied" instead.
3157
3158         * CMakeLists.txt:
3159         * GNUmakefile.list.am:
3160         * JavaScriptCore.gypi:
3161         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3162         * JavaScriptCore.xcodeproj/project.pbxproj:
3163         * Target.pri:
3164         * heap/BumpBlock.h: Removed.
3165         * heap/BumpSpace.cpp: Removed.
3166         * heap/BumpSpace.h: Removed.
3167         * heap/BumpSpaceInlineMethods.h: Removed.
3168         * heap/ConservativeRoots.cpp:
3169         (JSC::ConservativeRoots::ConservativeRoots):
3170         (JSC::ConservativeRoots::genericAddPointer):
3171         * heap/ConservativeRoots.h:
3172         (ConservativeRoots):
3173         * heap/CopiedBlock.h: Added.
3174         (JSC):
3175         (CopiedBlock):
3176         (JSC::CopiedBlock::CopiedBlock):
3177         * heap/CopiedSpace.cpp: Added.
3178         (JSC):
3179         (JSC::CopiedSpace::tryAllocateSlowCase):
3180         * heap/CopiedSpace.h: Added.
3181         (JSC):
3182         (CopiedSpace):
3183         (JSC::CopiedSpace::isInCopyPhase):
3184         (JSC::CopiedSpace::totalMemoryAllocated):
3185         (JSC::CopiedSpace::totalMemoryUtilized):
3186         * heap/CopiedSpaceInlineMethods.h: Added.
3187         (JSC):
3188         (JSC::CopiedSpace::CopiedSpace):
3189         (JSC::CopiedSpace::init):
3190         (JSC::CopiedSpace::contains):
3191         (JSC::CopiedSpace::pin):
3192         (JSC::CopiedSpace::startedCopying):
3193         (JSC::CopiedSpace::doneCopying):
3194         (JSC::CopiedSpace::doneFillingBlock):
3195         (JSC::CopiedSpace::recycleBlock):
3196         (JSC::CopiedSpace::getFreshBlock):
3197         (JSC::CopiedSpace::borrowBlock):
3198         (JSC::CopiedSpace::addNewBlock):
3199         (JSC::CopiedSpace::allocateNewBlock):
3200         (JSC::CopiedSpace::fitsInBlock):
3201         (JSC::CopiedSpace::fitsInCurrentBlock):
3202         (JSC::CopiedSpace::tryAllocate):
3203         (JSC::CopiedSpace::tryAllocateOversize):
3204         (JSC::CopiedSpace::allocateFromBlock):
3205         (JSC::CopiedSpace::tryReallocate):
3206         (JSC::CopiedSpace::tryReallocateOversize):
3207         (JSC::CopiedSpace::isOversize):
3208         (JSC::CopiedSpace::isPinned):
3209         (JSC::CopiedSpace::oversizeBlockFor):
3210         (JSC::CopiedSpace::blockFor):
3211         * heap/Heap.cpp:
3212         * heap/Heap.h:
3213         (JSC):
3214         (Heap):
3215         * heap/MarkStack.cpp:
3216         (JSC::MarkStackThreadSharedData::MarkStackThreadSharedData):
3217         (JSC::SlotVisitor::drainFromShared):
3218         (JSC::SlotVisitor::startCopying):
3219         (JSC::SlotVisitor::allocateNewSpace):
3220         (JSC::SlotVisitor::doneCopying):
3221         * heap/MarkStack.h:
3222         (MarkStackThreadSharedData):
3223         * heap/SlotVisitor.h:
3224         (SlotVisitor):
3225         * runtime/JSArray.cpp:
3226         * runtime/JSObject.cpp:
3227
3228 2012-02-16  Yuqiang Xian  <yuqiang.xian@intel.com>
3229
3230         Add JSC code profiling support on Linux x86
3231         https://bugs.webkit.org/show_bug.cgi?id=78871
3232
3233         Reviewed by Gavin Barraclough.
3234
3235         We don't unwind the stack for now as we cannot guarantee all the
3236         libraries are compiled without -fomit-frame-pointer.
3237
3238         * tools/CodeProfile.cpp:
3239         (JSC::CodeProfile::sample):
3240         * tools/CodeProfiling.cpp:
3241         (JSC):
3242         (JSC::profilingTimer):
3243         (JSC::CodeProfiling::begin):
3244         (JSC::CodeProfiling::end):
3245
3246 2012-02-16  Csaba Osztrogonác  <ossy@webkit.org>
3247
3248         Unreviewed. Rolling out r107980, because it broke 32 bit platforms.
3249
3250         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3251         * interpreter/Interpreter.cpp:
3252         (JSC::Interpreter::throwException):
3253         (JSC::Interpreter::privateExecute):
3254         * interpreter/Interpreter.h:
3255         (JSC):
3256         (Interpreter):
3257         * jsc.cpp:
3258         (GlobalObject::finishCreation):
3259         * parser/Nodes.h:
3260         (JSC::FunctionBodyNode::setInferredName):
3261         * parser/Parser.h:
3262         (JSC::::parse):
3263         * runtime/CommonIdentifiers.h:
3264         * runtime/Error.cpp:
3265         (JSC::addErrorInfo):
3266         * runtime/Error.h:
3267         (JSC):
3268
3269 2012-02-16  Filip Pizlo  <fpizlo@apple.com>
3270
3271         ENABLE_INTERPRETER should be ENABLE_CLASSIC_INTERPRETER
3272         https://bugs.webkit.org/show_bug.cgi?id=78791
3273
3274         Rubber stamped by Oliver Hunt.
3275         
3276         Just a renaming, nothing more. Also renamed COMPUTED_GOTO_INTERPRETER to
3277         COMPUTED_GOTO_CLASSIC_INTERPRETER.
3278
3279         * bytecode/CodeBlock.cpp:
3280         (JSC::CodeBlock::dump):
3281         (JSC::CodeBlock::stronglyVisitStrongReferences):
3282         (JSC):
3283         (JSC::CodeBlock::shrinkToFit):
3284         * bytecode/CodeBlock.h:
3285         (CodeBlock):
3286         * bytecode/Instruction.h:
3287         (JSC::Instruction::Instruction):
3288         * bytecode/Opcode.h:
3289         (JSC::padOpcodeName):
3290         * bytecompiler/BytecodeGenerator.cpp:
3291         (JSC::BytecodeGenerator::emitResolve):
3292         (JSC::BytecodeGenerator::emitResolveWithBase):
3293         (JSC::BytecodeGenerator::emitGetById):
3294         (JSC::BytecodeGenerator::emitPutById):
3295         (JSC::BytecodeGenerator::emitDirectPutById):
3296         * interpreter/AbstractPC.cpp:
3297         (JSC::AbstractPC::AbstractPC):
3298         * interpreter/AbstractPC.h:
3299         (AbstractPC):
3300         * interpreter/CallFrame.h:
3301         (ExecState):
3302         * interpreter/Interpreter.cpp:
3303         (JSC):
3304         (JSC::Interpreter::initialize):
3305         (JSC::Interpreter::isOpcode):
3306         (JSC::Interpreter::unwindCallFrame):
3307         (JSC::Interpreter::execute):
3308         (JSC::Interpreter::privateExecute):
3309         (JSC::Interpreter::retrieveLastCaller):
3310         * interpreter/Interpreter.h:
3311         (JSC::Interpreter::getOpcode):
3312         (JSC::Interpreter::getOpcodeID):
3313         (Interpreter):
3314         * jit/ExecutableAllocatorFixedVMPool.cpp:
3315         (JSC::FixedVMPoolExecutableAllocator::FixedVMPoolExecutableAllocator):
3316         * runtime/Executable.cpp:
3317         (JSC::EvalExecutable::compileInternal):
3318         (JSC::ProgramExecutable::compileInternal):
3319         (JSC::FunctionExecutable::compileForCallInternal):
3320         (JSC::FunctionExecutable::compileForConstructInternal):
3321         * runtime/Executable.h:
3322         (NativeExecutable):
3323         * runtime/JSGlobalData.cpp:
3324         (JSC::JSGlobalData::JSGlobalData):
3325         (JSC::JSGlobalData::getHostFunction):
3326         * runtime/JSGlobalData.h:
3327         (JSGlobalData):
3328         * wtf/OSAllocatorPosix.cpp:
3329         (WTF::OSAllocator::reserveAndCommit):
3330         * wtf/Platform.h:
3331
3332 2012-02-15  Geoffrey Garen  <ggaren@apple.com>
3333
3334         Made Weak<T> single-owner, adding PassWeak<T>
3335         https://bugs.webkit.org/show_bug.cgi?id=78740
3336
3337         Reviewed by Sam Weinig.
3338
3339         This works basically the same way as OwnPtr<T> and PassOwnPtr<T>.
3340
3341         This clarifies the semantics of finalizers: It's ambiguous and probably
3342         a bug to copy a finalizer (i.e., it's a bug to run a C++ destructor
3343         twice), so I've made Weak<T> non-copyable. Anywhere we used to copy a 
3344         Weak<T>, we now use PassWeak<T>.
3345
3346         This also makes Weak<T> HashMaps more efficient.
3347
3348         * API/JSClassRef.cpp:
3349         (OpaqueJSClass::prototype): Use PassWeak<T> instead of set(), since 
3350         set() is gone now.
3351
3352         * JavaScriptCore.xcodeproj/project.pbxproj: Export!
3353
3354         * heap/PassWeak.h: Added.
3355         (JSC):
3356         (PassWeak):
3357         (JSC::PassWeak::PassWeak):
3358         (JSC::PassWeak::~PassWeak):
3359         (JSC::PassWeak::get):
3360         (JSC::::leakHandle):
3361         (JSC::adoptWeak):
3362         (JSC::operator==):
3363         (JSC::operator!=): This is the Weak<T> version of PassOwnPtr<T>.
3364
3365         * heap/Weak.h:
3366         (Weak):
3367         (JSC::Weak::Weak):
3368         (JSC::Weak::release):
3369         (JSC::Weak::hashTableDeletedValue):
3370         (JSC::=):
3371         (JSC): Changed to be non-copyable, removing a lot of copying-related
3372         APIs. Added hash traits so hash maps still work.
3373
3374         * jit/JITStubs.cpp:
3375         (JSC::JITThunks::hostFunctionStub):
3376         * runtime/RegExpCache.cpp:
3377         (JSC::RegExpCache::lookupOrCreate): Use PassWeak<T>, as required by
3378         our new hash map API.
3379
3380 2012-02-16  Mark Hahnenberg  <mhahnenberg@apple.com>
3381
3382         Fix the broken viewport tests
3383         https://bugs.webkit.org/show_bug.cgi?id=78774
3384
3385         Reviewed by Kenneth Rohde Christiansen.
3386
3387         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3388         * wtf/text/WTFString.cpp:
3389         (WTF):
3390         (WTF::toDoubleType): Template-ized to allow other functions to specify whether they
3391         want to allow trailing junk or not when calling strtod.
3392         (WTF::charactersToDouble):
3393         (WTF::charactersToFloat):
3394         (WTF::charactersToFloatIgnoringJunk): Created new version of charactersToFloat that allows 
3395         trailing junk.
3396         * wtf/text/WTFString.h:
3397         (WTF):
3398
3399 2012-02-16  Oliver Hunt  <oliver@apple.com>
3400
3401         Implement Error.stack
3402         https://bugs.webkit.org/show_bug.cgi?id=66994
3403
3404         Reviewed by Gavin Barraclough.
3405
3406         Implement support for stack traces on exception objects.  This is a rewrite
3407         of the core portion of the last stack walking logic, but the mechanical work
3408         of adding the information to an exception comes from the original work by
3409         Juan Carlos Montemayor Elosua.
3410
3411         * interpreter/Interpreter.cpp:
3412         (JSC::getCallerInfo):
3413         (JSC):
3414         (JSC::getSourceURLFromCallFrame):
3415         (JSC::getStackFrameCodeType):
3416         (JSC::Interpreter::getStackTrace):
3417         (JSC::Interpreter::throwException):
3418         (JSC::Interpreter::privateExecute):
3419         * interpreter/Interpreter.h:
3420         (JSC):
3421         (StackFrame):
3422         (JSC::StackFrame::toString):
3423         (Interpreter):
3424         * jsc.cpp:
3425         (GlobalObject::finishCreation):
3426         (functionJSCStack):
3427         * parser/Nodes.h:
3428         (JSC::FunctionBodyNode::setInferredName):
3429         * parser/Parser.h:
3430         (JSC::::parse):
3431         * runtime/CommonIdentifiers.h:
3432         * runtime/Error.cpp:
3433         (JSC::addErrorInfo):
3434         * runtime/Error.h:
3435         (JSC):
3436
3437 2012-02-15  Gavin Barraclough  <barraclough@apple.com>
3438
3439         Numerous trivial bugs in Object.defineProperty
3440         https://bugs.webkit.org/show_bug.cgi?id=78777
3441
3442         Reviewed by Sam Weinig.