Fixing build breakage
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2011-11-09  Mark Hahnenberg  <mhahnenberg@apple.com>
2
3         Fixing build breakage
4
5         Unreviewed build fix
6
7         * JavaScriptCore.exp:
8         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
9
10 2011-11-09  Mark Hahnenberg  <mhahnenberg@apple.com>
11
12         De-virtualize JSVariableObject::isDynamicScope
13         https://bugs.webkit.org/show_bug.cgi?id=71933
14
15         Reviewed by Geoffrey Garen.
16
17         * runtime/JSActivation.cpp:
18         * runtime/JSActivation.h: Inlined and de-virtualized isDynamicScope
19         (JSC::JSActivation::isDynamicScope):
20         * runtime/JSGlobalObject.cpp:
21         * runtime/JSGlobalObject.h: Inlined and de-virtualized isDynamicScope
22         (JSC::JSGlobalObject::isDynamicScope):
23         * runtime/JSStaticScopeObject.cpp:
24         * runtime/JSStaticScopeObject.h: Inlined and de-virtualized isDynamicScope
25         (JSC::JSStaticScopeObject::createStructure): Changed createStructure to use new JSType
26         (JSC::JSStaticScopeObject::isDynamicScope):
27         * runtime/JSType.h: Added new type for JSStaticScopeObject
28         * runtime/JSVariableObject.cpp: De-virtualized and added an implementation that checks the 
29         object's type and calls the corresponding implementation.
30         (JSC::JSVariableObject::isDynamicScope):
31         * runtime/JSVariableObject.h:
32
33 2011-11-09  Mark Hahnenberg  <mhahnenberg@apple.com>
34
35         De-virtualize JSGlobalObject::hasOwnPropertyForWrite
36         https://bugs.webkit.org/show_bug.cgi?id=71934
37
38         Reviewed by Geoffrey Garen.
39
40         * runtime/JSGlobalObject.h: Removed the virtual-ness of hasOwnPropertyForWrite since nobody overrides it.
41
42 2011-11-09  Gavin Barraclough  <barraclough@apple.com>
43
44         https://bugs.webkit.org/show_bug.cgi?id=71873
45
46         Reviewed by Geoff Garen.
47
48         Incrementally re-landing these changes, trying to determine what went wrong.
49         (The whole patch failed tests on the build bot but worked locally.
50
51         * assembler/MacroAssemblerARM.h:
52         (JSC::MacroAssemblerARM::absDouble):
53         * assembler/MacroAssemblerARMv7.h:
54         * assembler/MacroAssemblerMIPS.h:
55         (JSC::MacroAssemblerMIPS::absDouble):
56         * assembler/MacroAssemblerSH4.h:
57         (JSC::MacroAssemblerSH4::absDouble):
58         * assembler/MacroAssemblerX86.h:
59         (JSC::MacroAssemblerX86::absDouble):
60         * assembler/MacroAssemblerX86Common.h:
61         * assembler/MacroAssemblerX86_64.h:
62         (JSC::MacroAssemblerX86_64::absDouble):
63         * dfg/DFGSpeculativeJIT32_64.cpp:
64         (JSC::DFG::SpeculativeJIT::compile):
65         * dfg/DFGSpeculativeJIT64.cpp:
66         (JSC::DFG::SpeculativeJIT::compile):
67         * jit/ThunkGenerators.cpp:
68         (JSC::absThunkGenerator):
69
70 2011-11-09  Mark Hahnenberg  <mhahnenberg@apple.com>
71
72         De-virtualize JSObject::getOwnPropertyDescriptor
73         https://bugs.webkit.org/show_bug.cgi?id=71523
74
75         Reviewed by Sam Weinig.
76
77         Added getOwnPropertyDescriptor to the MethodTable, changed all of the 
78         virtual versions of getOwnPropertyDescriptor to static ones, and 
79         changed all of the call sites to the corresponding lookup in the MethodTable.
80
81         * API/JSCallbackObject.h:
82         * API/JSCallbackObjectFunctions.h:
83         (JSC::::getOwnPropertyDescriptor):
84         * JavaScriptCore.exp:
85         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
86         * debugger/DebuggerActivation.cpp:
87         (JSC::DebuggerActivation::getOwnPropertyDescriptor):
88         * debugger/DebuggerActivation.h:
89         * runtime/Arguments.cpp:
90         (JSC::Arguments::getOwnPropertyDescriptor):
91         * runtime/Arguments.h:
92         * runtime/ArrayConstructor.cpp:
93         (JSC::ArrayConstructor::getOwnPropertyDescriptor):
94         * runtime/ArrayConstructor.h:
95         * runtime/ArrayPrototype.cpp:
96         (JSC::ArrayPrototype::getOwnPropertyDescriptor):
97         * runtime/ArrayPrototype.h:
98         * runtime/BooleanPrototype.cpp:
99         (JSC::BooleanPrototype::getOwnPropertyDescriptor):
100         * runtime/BooleanPrototype.h:
101         * runtime/ClassInfo.h:
102         * runtime/DateConstructor.cpp:
103         (JSC::DateConstructor::getOwnPropertyDescriptor):
104         * runtime/DateConstructor.h:
105         * runtime/DatePrototype.cpp:
106         (JSC::DatePrototype::getOwnPropertyDescriptor):
107         * runtime/DatePrototype.h:
108         * runtime/ErrorPrototype.cpp:
109         (JSC::ErrorPrototype::getOwnPropertyDescriptor):
110         * runtime/ErrorPrototype.h:
111         * runtime/JSArray.cpp:
112         (JSC::JSArray::getOwnPropertyDescriptor):
113         * runtime/JSArray.h:
114         * runtime/JSByteArray.cpp:
115         (JSC::JSByteArray::getOwnPropertyDescriptor):
116         * runtime/JSByteArray.h:
117         * runtime/JSCell.cpp:
118         (JSC::JSCell::getOwnPropertyDescriptor):
119         * runtime/JSCell.h:
120         * runtime/JSFunction.cpp:
121         (JSC::JSFunction::getOwnPropertyDescriptor):
122         * runtime/JSFunction.h:
123         * runtime/JSGlobalObject.cpp:
124         (JSC::JSGlobalObject::getOwnPropertyDescriptor):
125         * runtime/JSGlobalObject.h:
126         * runtime/JSNotAnObject.cpp:
127         (JSC::JSNotAnObject::getOwnPropertyDescriptor):
128         * runtime/JSNotAnObject.h:
129         * runtime/JSONObject.cpp:
130         (JSC::JSONObject::getOwnPropertyDescriptor):
131         * runtime/JSONObject.h:
132         * runtime/JSObject.cpp:
133         (JSC::JSObject::vtableAnchor):
134         (JSC::JSObject::propertyIsEnumerable):
135         (JSC::JSObject::getOwnPropertyDescriptor):
136         (JSC::JSObject::getPropertyDescriptor):
137         (JSC::JSObject::defineOwnProperty):
138         * runtime/JSObject.h:
139         * runtime/JSString.cpp: Removed getOwnPropertyDescriptor, since this seems to be a relic from a 
140         bygone era when getOwnPropertyDescriptor was rooted in JSCell rather than JSObject.  There were 
141         no call sites for this version of getOwnPropertyDescriptor in the entire project.
142         * runtime/JSString.h:
143         * runtime/Lookup.h:
144         (JSC::getStaticPropertyDescriptor):
145         (JSC::getStaticFunctionDescriptor):
146         (JSC::getStaticValueDescriptor):
147         * runtime/MathObject.cpp:
148         (JSC::MathObject::getOwnPropertyDescriptor):
149         * runtime/MathObject.h:
150         * runtime/NumberConstructor.cpp:
151         (JSC::NumberConstructor::getOwnPropertyDescriptor):
152         * runtime/NumberConstructor.h:
153         * runtime/NumberPrototype.cpp:
154         (JSC::NumberPrototype::getOwnPropertyDescriptor):
155         * runtime/NumberPrototype.h:
156         * runtime/ObjectConstructor.cpp:
157         (JSC::ObjectConstructor::getOwnPropertyDescriptor):
158         (JSC::objectConstructorGetOwnPropertyDescriptor):
159         * runtime/ObjectConstructor.h:
160         * runtime/ObjectPrototype.cpp:
161         (JSC::ObjectPrototype::getOwnPropertyDescriptor):
162         * runtime/ObjectPrototype.h:
163         * runtime/RegExpConstructor.cpp:
164         (JSC::RegExpConstructor::getOwnPropertyDescriptor):
165         * runtime/RegExpConstructor.h:
166         * runtime/RegExpMatchesArray.h:
167         (JSC::RegExpMatchesArray::getOwnPropertyDescriptor):
168         * runtime/RegExpObject.cpp:
169         (JSC::RegExpObject::getOwnPropertyDescriptor):
170         * runtime/RegExpObject.h:
171         * runtime/RegExpPrototype.cpp:
172         (JSC::RegExpPrototype::getOwnPropertyDescriptor):
173         * runtime/RegExpPrototype.h:
174         * runtime/StringConstructor.cpp:
175         (JSC::StringConstructor::getOwnPropertyDescriptor):
176         * runtime/StringConstructor.h:
177         * runtime/StringObject.cpp:
178         (JSC::StringObject::vtableAnchor): Added to prevent a weak vtable.
179         (JSC::StringObject::getOwnPropertyDescriptor):
180         * runtime/StringObject.h:
181         * runtime/StringPrototype.cpp:
182         (JSC::StringPrototype::getOwnPropertyDescriptor):
183         * runtime/StringPrototype.h:
184
185 2011-11-09  Gavin Barraclough  <barraclough@apple.com>
186
187         https://bugs.webkit.org/show_bug.cgi?id=71873
188
189         Reviewed by Geoff Garen.
190
191         Incrementally re-landing these changes, trying to determine what went wrong.
192         (The whole patch failed tests on the build bot but worked locally.
193
194         * assembler/MacroAssemblerARM.h:
195         (JSC::MacroAssemblerARM::supportsFloatingPoint):
196         (JSC::MacroAssemblerARM::supportsFloatingPointTruncate):
197         (JSC::MacroAssemblerARM::supportsFloatingPointSqrt):
198         (JSC::MacroAssemblerARM::supportsFloatingPointAbs):
199         * assembler/MacroAssemblerARMv7.h:
200         (JSC::MacroAssemblerARMv7::supportsFloatingPoint):
201         (JSC::MacroAssemblerARMv7::supportsFloatingPointTruncate):
202         (JSC::MacroAssemblerARMv7::supportsFloatingPointSqrt):
203         (JSC::MacroAssemblerARMv7::supportsFloatingPointAbs):
204         * assembler/MacroAssemblerMIPS.h:
205         (JSC::MacroAssemblerMIPS::supportsFloatingPoint):
206         (JSC::MacroAssemblerMIPS::supportsFloatingPointTruncate):
207         (JSC::MacroAssemblerMIPS::supportsFloatingPointSqrt):
208         (JSC::MacroAssemblerMIPS::supportsFloatingPointAbs):
209         * assembler/MacroAssemblerSH4.h:
210         (JSC::MacroAssemblerSH4::supportsFloatingPoint):
211         (JSC::MacroAssemblerSH4::supportsFloatingPointTruncate):
212         (JSC::MacroAssemblerSH4::supportsFloatingPointSqrt):
213         (JSC::MacroAssemblerSH4::supportsFloatingPointAbs):
214         * assembler/MacroAssemblerX86.h:
215         (JSC::MacroAssemblerX86::supportsFloatingPoint):
216         (JSC::MacroAssemblerX86::supportsFloatingPointTruncate):
217         (JSC::MacroAssemblerX86::supportsFloatingPointSqrt):
218         (JSC::MacroAssemblerX86::supportsFloatingPointAbs):
219         * assembler/MacroAssemblerX86_64.h:
220         (JSC::MacroAssemblerX86_64::supportsFloatingPoint):
221         (JSC::MacroAssemblerX86_64::supportsFloatingPointTruncate):
222         (JSC::MacroAssemblerX86_64::supportsFloatingPointSqrt):
223         (JSC::MacroAssemblerX86_64::supportsFloatingPointAbs):
224         * jit/ThunkGenerators.cpp:
225         (JSC::absThunkGenerator):
226
227 2011-11-08  Darin Adler  <darin@apple.com>
228
229         Add code path in HashTable for emptyValueIsZero that does not require copying the empty value
230         https://bugs.webkit.org/show_bug.cgi?id=71875
231
232         Reviewed by Anders Carlsson.
233
234         This is a step along the path of making OwnPtr work as HashMap value types.
235
236         * wtf/Alignment.h: Moved the AlignedBufferChar and AlignedBuffer types from Vector.h here.
237         Also fixed include style. To include other WTF headers inside WTF, we use "" includes.
238         I did not change the code to fix style checker complaints.
239
240         * wtf/HashTable.h: Added includes as needed and fixed include style.
241         (WTF::doubleHash): Removed the uneeeded and inappropriate "static" in this function, which
242         gave it internal linkage for no good reason.
243         (WTF::HashTable::checkKey): Made this use AlignedBuffer for the deleted value check to avoid
244         construction/destruction problems instead of doing the trick where we construct and destroy
245         an empty value twice. It's cleaner and simpler and avoids copying the empty value.
246         (WTF::HashTable::initializeBucket): Specialized initializeBucket to use memset when the
247         empty value is zero rather than copying an empty value.
248
249         * wtf/Vector.h: Moved the AlignedBufferChar and AlignedBuffer types into Alignment.h.
250
251 2011-11-09  Gabor Rapcsanyi  <rgabor@webkit.org>
252
253         Buildfix for 32bit debug mode.
254
255         Reviewed by Csaba Osztrogonác.
256
257         * dfg/DFGAbstractState.cpp:
258         (JSC::DFG::AbstractState::dump):
259         * dfg/DFGGraph.cpp:
260         (JSC::DFG::Graph::dump):
261
262 2011-11-09  Andy Wingo  <wingo@igalia.com>
263
264         Enable the DFG JIT on X86-64 Linux platforms
265         https://bugs.webkit.org/show_bug.cgi?id=71373
266
267         Reviewed by Csaba Osztrogonác.
268
269         * wtf/Platform.h (ENABLE_DFG_JIT): Enable the DFG JIT on the
270         x86-64 GNU/Linux platform.
271         * CMakeListsEfl.txt: Add JSValue64 implementations to EFL build.
272
273 2011-11-09  Csaba Osztrogonác  <ossy@webkit.org>
274
275         Enable the DFG JIT on x86-64 Linux platforms
276         https://bugs.webkit.org/show_bug.cgi?id=71373
277
278         Enable DFG JIT by default on X86 Linux and Mac platforms
279         https://bugs.webkit.org/show_bug.cgi?id=71686
280
281         Buildfix for stricter compilers: -Werror=unused-but-set-variable
282
283         Reviewed by Zoltan Herczeg.
284
285         * dfg/DFGSpeculativeJIT.cpp:
286         (JSC::DFG::SpeculativeJIT::compilePutByValForByteArray):
287         * dfg/DFGSpeculativeJIT32_64.cpp:
288         (JSC::DFG::SpeculativeJIT::compile):
289         * dfg/DFGSpeculativeJIT64.cpp:
290         (JSC::DFG::SpeculativeJIT::compile):
291
292 2011-11-09  Sheriff Bot  <webkit.review.bot@gmail.com>
293
294         Unreviewed, rolling out r99678.
295         http://trac.webkit.org/changeset/99678
296         https://bugs.webkit.org/show_bug.cgi?id=71882
297
298         broke the build with -Werror=unused-but-set-variable
299         (Requested by tronical_ on #webkit).
300
301         * CMakeListsEfl.txt:
302         * wtf/Platform.h:
303
304 2011-11-09  Andy Wingo  <wingo@igalia.com>
305
306         Enable the DFG JIT on X86-64 Linux platforms
307         https://bugs.webkit.org/show_bug.cgi?id=71373
308
309         Reviewed by Filip Pizlo.
310
311         * wtf/Platform.h (ENABLE_DFG_JIT): Enable the DFG JIT on the
312         x86-64 GNU/Linux platform.
313         * CMakeListsEfl.txt: Add JSValue64 implementations to EFL build.
314
315 2011-11-09  Mark Hahnenberg  <mhahnenberg@apple.com>
316
317         De-virtualize JSObject::defineOwnProperty
318         https://bugs.webkit.org/show_bug.cgi?id=71429
319
320         Reviewed by Geoffrey Garen.
321
322         Added defineOwnProperty to the MethodTable, changed all the virtual 
323         implementations of defineOwnProperty to static ones, and replaced 
324         all call sites with corresponding lookups in the MethodTable.
325
326         * JavaScriptCore.exp:
327         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
328         * runtime/Arguments.cpp:
329         (JSC::Arguments::createStrictModeCallerIfNecessary):
330         (JSC::Arguments::createStrictModeCalleeIfNecessary):
331         * runtime/ClassInfo.h:
332         * runtime/JSCell.cpp:
333         (JSC::JSCell::defineOwnProperty):
334         * runtime/JSCell.h:
335         * runtime/JSObject.cpp:
336         (JSC::JSObject::defineOwnProperty):
337         * runtime/JSObject.h:
338         * runtime/ObjectConstructor.cpp:
339         (JSC::objectConstructorDefineProperty):
340         (JSC::defineProperties):
341
342 2011-11-09  Simon Hausmann  <simon.hausmann@nokia.com>
343
344         [Qt] Build system cleanup
345         https://bugs.webkit.org/show_bug.cgi?id=71815
346
347         Reviewed by Kenneth Rohde Christiansen.
348
349         * wtf/wtf.pri: Moved the glib dependency to javascriptcore.prf.
350
351 2011-11-08  Simon Hausmann  <simon.hausmann@nokia.com>
352
353         [Qt] Replace use of QApplication with QGuiApplication
354         https://bugs.webkit.org/show_bug.cgi?id=71794
355
356         Reviewed by Andreas Kling.
357
358         Add compat headers for use when building with Qt 4: QGuiApplication
359         is typedef'ed to QApplication.
360
361         * wtf/qt/compat/QGuiApplication: Added.
362         * wtf/qt/compat/qguiapplication.h: Added.
363
364 2011-11-08  Sheriff Bot  <webkit.review.bot@gmail.com>
365
366         Unreviewed, rolling out r99647.
367         http://trac.webkit.org/changeset/99647
368         https://bugs.webkit.org/show_bug.cgi?id=71876
369
370         It broke jsc and layout tests on all bot (Requested by
371         Ossy_night on #webkit).
372
373         * assembler/MacroAssemblerARM.h:
374         (JSC::MacroAssemblerARM::supportsFloatingPoint):
375         (JSC::MacroAssemblerARM::supportsFloatingPointTruncate):
376         (JSC::MacroAssemblerARM::supportsFloatingPointSqrt):
377         (JSC::MacroAssemblerARM::supportsDoubleBitops):
378         (JSC::MacroAssemblerARM::andnotDouble):
379         * assembler/MacroAssemblerARMv7.h:
380         (JSC::MacroAssemblerARMv7::supportsFloatingPoint):
381         (JSC::MacroAssemblerARMv7::supportsFloatingPointTruncate):
382         (JSC::MacroAssemblerARMv7::supportsFloatingPointSqrt):
383         (JSC::MacroAssemblerARMv7::supportsDoubleBitops):
384         * assembler/MacroAssemblerMIPS.h:
385         (JSC::MacroAssemblerMIPS::andnotDouble):
386         (JSC::MacroAssemblerMIPS::supportsFloatingPoint):
387         (JSC::MacroAssemblerMIPS::supportsFloatingPointTruncate):
388         (JSC::MacroAssemblerMIPS::supportsFloatingPointSqrt):
389         (JSC::MacroAssemblerMIPS::supportsDoubleBitops):
390         * assembler/MacroAssemblerSH4.h:
391         (JSC::MacroAssemblerSH4::supportsFloatingPoint):
392         (JSC::MacroAssemblerSH4::supportsFloatingPointTruncate):
393         (JSC::MacroAssemblerSH4::supportsFloatingPointSqrt):
394         (JSC::MacroAssemblerSH4::supportsDoubleBitops):
395         (JSC::MacroAssemblerSH4::andnotDouble):
396         * assembler/MacroAssemblerX86.h:
397         (JSC::MacroAssemblerX86::MacroAssemblerX86):
398         (JSC::MacroAssemblerX86::supportsFloatingPoint):
399         (JSC::MacroAssemblerX86::supportsFloatingPointTruncate):
400         (JSC::MacroAssemblerX86::supportsFloatingPointSqrt):
401         (JSC::MacroAssemblerX86::supportsDoubleBitops):
402         * assembler/MacroAssemblerX86Common.h:
403         (JSC::MacroAssemblerX86Common::andnotDouble):
404         * assembler/MacroAssemblerX86_64.h:
405         (JSC::MacroAssemblerX86_64::supportsFloatingPoint):
406         (JSC::MacroAssemblerX86_64::supportsFloatingPointTruncate):
407         (JSC::MacroAssemblerX86_64::supportsFloatingPointSqrt):
408         (JSC::MacroAssemblerX86_64::supportsDoubleBitops):
409         * assembler/X86Assembler.h:
410         * dfg/DFGByteCodeParser.cpp:
411         (JSC::DFG::ByteCodeParser::handleIntrinsic):
412         * dfg/DFGSpeculativeJIT32_64.cpp:
413         (JSC::DFG::SpeculativeJIT::compile):
414         * dfg/DFGSpeculativeJIT64.cpp:
415         (JSC::DFG::SpeculativeJIT::compile):
416         * jit/ThunkGenerators.cpp:
417         (JSC::absThunkGenerator):
418         * runtime/JSGlobalData.cpp:
419
420 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
421
422         Better abstract 'abs' operation through the MacroAssembler.
423         https://bugs.webkit.org/show_bug.cgi?id=71873
424
425         Reviewed by Geoff Garen.
426
427         Currently the x86 specific instruction sequence to perform a double abs
428         is duplicated throughout the JITs / thunk generators.
429
430         * assembler/MacroAssemblerARM.h:
431         (JSC::MacroAssemblerARM::supportsFloatingPoint):
432         (JSC::MacroAssemblerARM::supportsFloatingPointTruncate):
433         (JSC::MacroAssemblerARM::supportsFloatingPointSqrt):
434         (JSC::MacroAssemblerARM::supportsFloatingPointAbs):
435         (JSC::MacroAssemblerARM::absDouble):
436             - Renamed supportsFloatingPointAbs, make these methods static so that
437               we can check the JIT's capabilites before we begin compilation.
438         * assembler/MacroAssemblerARMv7.h:
439         (JSC::MacroAssemblerARMv7::supportsFloatingPoint):
440         (JSC::MacroAssemblerARMv7::supportsFloatingPointTruncate):
441         (JSC::MacroAssemblerARMv7::supportsFloatingPointSqrt):
442         (JSC::MacroAssemblerARMv7::supportsFloatingPointAbs):
443             - Renamed supportsFloatingPointAbs, make these methods static so that
444               we can check the JIT's capabilites before we begin compilation.
445         * assembler/MacroAssemblerMIPS.h:
446         (JSC::MacroAssemblerMIPS::absDouble):
447         (JSC::MacroAssemblerMIPS::supportsFloatingPoint):
448         (JSC::MacroAssemblerMIPS::supportsFloatingPointTruncate):
449         (JSC::MacroAssemblerMIPS::supportsFloatingPointSqrt):
450         (JSC::MacroAssemblerMIPS::supportsFloatingPointAbs):
451             - Renamed supportsFloatingPointAbs, make these methods static so that
452               we can check the JIT's capabilites before we begin compilation.
453         * assembler/MacroAssemblerSH4.h:
454         (JSC::MacroAssemblerSH4::supportsFloatingPoint):
455         (JSC::MacroAssemblerSH4::supportsFloatingPointTruncate):
456         (JSC::MacroAssemblerSH4::supportsFloatingPointSqrt):
457         (JSC::MacroAssemblerSH4::supportsFloatingPointAbs):
458         (JSC::MacroAssemblerSH4::absDouble):
459             - Renamed supportsFloatingPointAbs, make these methods static so that
460               we can check the JIT's capabilites before we begin compilation.
461         * assembler/MacroAssemblerX86.h:
462         (JSC::MacroAssemblerX86::absDouble):
463         (JSC::MacroAssemblerX86::supportsFloatingPoint):
464         (JSC::MacroAssemblerX86::supportsFloatingPointTruncate):
465         (JSC::MacroAssemblerX86::supportsFloatingPointSqrt):
466         (JSC::MacroAssemblerX86::supportsFloatingPointAbs):
467             - Made supports* methods static so that we can check the JIT's
468               capabilites before we begin compilation. Added absDouble.
469         * assembler/MacroAssemblerX86Common.h:
470             - Removed andnotDouble, added s_maskSignBit.
471         * assembler/MacroAssemblerX86_64.h:
472         (JSC::MacroAssemblerX86_64::absDouble):
473         (JSC::MacroAssemblerX86_64::supportsFloatingPoint):
474         (JSC::MacroAssemblerX86_64::supportsFloatingPointTruncate):
475         (JSC::MacroAssemblerX86_64::supportsFloatingPointSqrt):
476         (JSC::MacroAssemblerX86_64::supportsFloatingPointAbs):
477             - Made supports* methods static so that we can check the JIT's
478               capabilites before we begin compilation. Added absDouble.
479         * assembler/X86Assembler.h:
480         (JSC::X86Assembler::andpd_rr):
481         (JSC::X86Assembler::andpd_mr):
482             - Added support for andpd instruction.
483         * dfg/DFGByteCodeParser.cpp:
484         (JSC::DFG::ByteCodeParser::handleIntrinsic):
485             - Added checks for supportsFloatingPointAbs, supportsFloatingPointSqrt.
486         * dfg/DFGSpeculativeJIT32_64.cpp:
487         (JSC::DFG::SpeculativeJIT::compile):
488             - Switched to use doubleAbs, we can now also reuse the operand register for the result.
489         * dfg/DFGSpeculativeJIT64.cpp:
490         (JSC::DFG::SpeculativeJIT::compile):
491             - Switched to use doubleAbs, we can now also reuse the operand register for the result.
492         * jit/ThunkGenerators.cpp:
493             - Switched to use doubleAbs.
494         (JSC::absThunkGenerator):
495         * runtime/JSGlobalData.cpp:
496             - Declared MacroAssemblerX86Common::s_maskSignBit here.
497               This is a little ugly, but it doesn't seem worth adding a whole extra .cpp
498               to the compile for just one constant.
499
500 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
501
502         Move duplicates of SYMBOL_STRING* macros to the single location
503         https://bugs.webkit.org/show_bug.cgi?id=71456
504
505         Reviewed by Sam Weinig.
506
507         * JavaScriptCore.xcodeproj/project.pbxproj:
508         * dfg/DFGOperations.cpp:
509         * jit/JITStubs.cpp:
510         * wtf/InlineASM.h: Added.
511             - Moved asm related macros.
512
513 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
514
515         Move code to handle 8bit regs from X86Assembler to MacroAssembler
516         https://bugs.webkit.org/show_bug.cgi?id=71867
517
518         Reviewed by Oliver Hunt.
519
520         This code is fine, but is in the wrong place really. X86 assembler should
521         basically just format up exactly the instruction you request - not expand
522         out to a set of instructions (that is what the macro assembler layer is
523         for!). For other 8-bit ops, on X86 we don't guard against clients accessing
524         the XH registers.
525
526         * assembler/MacroAssemblerX86Common.h:
527         (JSC::MacroAssemblerX86Common::store8):
528         * assembler/X86Assembler.h:
529         (JSC::X86Assembler::movb_rm):
530             - moved some code.
531
532 2011-11-08  Filip Pizlo  <fpizlo@apple.com>
533
534         Unreviewed build fix for GTK.
535
536         * GNUmakefile.list.am:
537
538 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
539
540         Build fix.
541
542         * assembler/X86Assembler.h:
543
544 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
545
546         Errrk, failed to commit this in last change.
547
548         * assembler/X86Assembler.h:
549
550 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
551
552         Remove an unused method.
553
554         Rubber stamped by Geoff Garen.
555
556         * assembler/AbstractMacroAssembler.h:
557         * assembler/AssemblerBuffer.h:
558             - removed rewindToLabel.
559
560 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
561
562         Fix OSR entry points to calculate offsets correctly WRT to branch compaction.
563         https://bugs.webkit.org/show_bug.cgi?id=71864
564
565         Reviewed by Filip Pizlo.
566
567         * assembler/LinkBuffer.h:
568         (JSC::LinkBuffer::offsetOf):
569             - We use this to return the offsets into the code of the entry points.
570         * dfg/DFGJITCompiler.cpp:
571         (JSC::DFG::JITCompiler::compileEntry):
572         (JSC::DFG::JITCompiler::compileBody):
573         (JSC::DFG::JITCompiler::compile):
574         (JSC::DFG::JITCompiler::compileFunction):
575             - Move the construction of the speculative JIT outside of
576               compileBody, such that it is still available to link the
577               OSR entry points at the point we are linking.
578         * dfg/DFGJITCompiler.h:
579         (JSC::DFG::JITCompiler::noticeOSREntry):
580             - Pass the label of the block & linkbuffer into noticeOSREntry.
581         * dfg/DFGSpeculativeJIT.cpp:
582         (JSC::DFG::SpeculativeJIT::compile):
583         (JSC::DFG::SpeculativeJIT::linkOSREntries):
584             - Moved call to noticeOSREntry until we we linking.
585         * dfg/DFGSpeculativeJIT.h:
586         * jit/JIT.cpp:
587         (JSC::JIT::privateCompileMainPass):
588         (JSC::JIT::privateCompileSlowCases):
589         (JSC::JIT::privateCompile):
590             - Moved calculation of entries until we we linking.
591         * jit/JIT.h:
592             - Removed some members.
593
594 2011-11-08  Filip Pizlo  <fpizlo@apple.com>
595
596         DFG OSR exit code should be generated by a separate compiler, not
597         related to DFG::JITCompiler
598         https://bugs.webkit.org/show_bug.cgi?id=71787
599
600         Reviewed by Gavin Barraclough.
601         
602         Moves the exitSpeculativeWithOSR() method from JITCompiler to
603         OSRExitCompiler::compileExit().
604
605         * CMakeListsEfl.txt:
606         * JavaScriptCore.xcodeproj/project.pbxproj:
607         * Target.pri:
608         * dfg/DFGJITCompiler.cpp:
609         (JSC::DFG::JITCompiler::linkOSRExits):
610         * dfg/DFGJITCompiler32_64.cpp: Removed.
611         * dfg/DFGOSRExitCompiler.h: Added.
612         (JSC::DFG::OSRExitCompiler::OSRExitCompiler):
613         * dfg/DFGOSRExitCompiler32_64.cpp: Added.
614         (JSC::DFG::OSRExitCompiler::compileExit):
615         * dfg/DFGOSRExitCompiler64.cpp: Added.
616         (JSC::DFG::OSRExitCompiler::compileExit):
617         * runtime/JSValue.h:
618
619 2011-11-08  Filip Pizlo  <fpizlo@apple.com>
620
621         Basic DFG definitions should be moved out of DFGNode.h
622         https://bugs.webkit.org/show_bug.cgi?id=71861
623
624         Rubber-stamped by Gavin Barraclough.
625
626         * JavaScriptCore.xcodeproj/project.pbxproj:
627         * dfg/DFGCommon.h: Added.
628         (JSC::DFG::NodeIndexTraits::defaultValue):
629         * dfg/DFGNode.h:
630         * dfg/DFGOSRExit.h:
631         * dfg/DFGRegisterBank.h:
632
633 2011-11-08  Michael Saboff  <msaboff@apple.com>
634
635         Towards 8 Bit Strings: Templatize JSC::Parser class by Lexer type
636         https://bugs.webkit.org/show_bug.cgi?id=71761
637
638         Templatized Parser based on Lexer<T>. Moved two enums,
639         SourceElementsMode and FunctionRequirements out of Parser definition
640         to work around a clang compiler defect.
641
642         Cleaned up SourceCode data() to return StringImpl* and eliminated
643         the recently added stringData() virtual method.
644
645         To keep code in Parser.cpp and keep Parser.h small, the two flavors
646         of Parser are explicitly instantiated at the end of Parser.cpp.
647
648         Reviewed by Gavin Barraclough.
649
650         * interpreter/Interpreter.cpp:
651         (JSC::appendSourceToError):
652         * parser/Lexer.cpp:
653         (JSC::::setCode):
654         (JSC::::sourceCode):
655         * parser/Parser.cpp:
656         (JSC::::Parser):
657         (JSC::::~Parser):
658         (JSC::::parseInner):
659         (JSC::::didFinishParsing):
660         (JSC::::allowAutomaticSemicolon):
661         (JSC::::parseSourceElements):
662         (JSC::::parseVarDeclaration):
663         (JSC::::parseConstDeclaration):
664         (JSC::::parseDoWhileStatement):
665         (JSC::::parseWhileStatement):
666         (JSC::::parseVarDeclarationList):
667         (JSC::::parseConstDeclarationList):
668         (JSC::::parseForStatement):
669         (JSC::::parseBreakStatement):
670         (JSC::::parseContinueStatement):
671         (JSC::::parseReturnStatement):
672         (JSC::::parseThrowStatement):
673         (JSC::::parseWithStatement):
674         (JSC::::parseSwitchStatement):
675         (JSC::::parseSwitchClauses):
676         (JSC::::parseSwitchDefaultClause):
677         (JSC::::parseTryStatement):
678         (JSC::::parseDebuggerStatement):
679         (JSC::::parseBlockStatement):
680         (JSC::::parseStatement):
681         (JSC::::parseFormalParameters):
682         (JSC::::parseFunctionBody):
683         (JSC::::parseFunctionInfo):
684         (JSC::::parseFunctionDeclaration):
685         (JSC::::parseExpressionOrLabelStatement):
686         (JSC::::parseExpressionStatement):
687         (JSC::::parseIfStatement):
688         (JSC::::parseExpression):
689         (JSC::::parseAssignmentExpression):
690         (JSC::::parseConditionalExpression):
691         (JSC::::isBinaryOperator):
692         (JSC::::parseBinaryExpression):
693         (JSC::::parseProperty):
694         (JSC::::parseObjectLiteral):
695         (JSC::::parseStrictObjectLiteral):
696         (JSC::::parseArrayLiteral):
697         (JSC::::parsePrimaryExpression):
698         (JSC::::parseArguments):
699         (JSC::::parseMemberExpression):
700         (JSC::::parseUnaryExpression):
701         * parser/Parser.h:
702         (JSC::::parse):
703         (JSC::parse):
704         * parser/SourceCode.h:
705         (JSC::SourceCode::data):
706         (JSC::SourceCode::subExpression):
707         * parser/SourceProvider.h:
708         (JSC::UStringSourceProvider::data):
709
710 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
711
712         Fix PropertyAccessRecords in DFG JIT to take account of branch compaction.
713         https://bugs.webkit.org/show_bug.cgi?id=71855
714
715         Reviewed by Filip Pizlo.
716
717         The DFG JIT presently calculates a set of offsets early, before branches have been compacted.
718         This won't work on ARMv7.
719
720         * assembler/AbstractMacroAssembler.h:
721         (JSC::AbstractMacroAssembler::differenceBetweenCodePtr):
722         * assembler/LinkBuffer.h:
723         (JSC::LinkBuffer::locationOf):
724         * dfg/DFGJITCodeGenerator32_64.cpp:
725         (JSC::DFG::JITCodeGenerator::cachedGetById):
726         (JSC::DFG::JITCodeGenerator::cachedPutById):
727         * dfg/DFGJITCodeGenerator64.cpp:
728         (JSC::DFG::JITCodeGenerator::cachedGetById):
729         (JSC::DFG::JITCodeGenerator::cachedPutById):
730         * dfg/DFGJITCompiler.cpp:
731         (JSC::DFG::JITCompiler::link):
732         * dfg/DFGJITCompiler.h:
733         (JSC::DFG::PropertyAccessRecord::PropertyAccessRecord):
734         (JSC::DFG::JITCompiler::addPropertyAccess):
735
736 2011-11-08  Gavin Barraclough  <barraclough@apple.com>
737
738         DFG JIT calculation of OSR entry points is not THUMB2 safe
739         https://bugs.webkit.org/show_bug.cgi?id=71852
740
741         Reviewed by Oliver Hunt.
742
743         Executable addresses are tagged with a low bit set to distinguish
744         between THUMB2 and traditional ARM.
745
746         * dfg/DFGJITCompiler.cpp:
747         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
748         * dfg/DFGJITCompiler32_64.cpp:
749         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
750         * dfg/DFGOSREntry.cpp:
751         (JSC::DFG::prepareOSREntry):
752         * jit/JITCode.h:
753         (JSC::JITCode::executableAddressAtOffset):
754         (JSC::JITCode::start):
755         (JSC::JITCode::size):
756
757 2011-11-08  Michael Saboff  <msaboff@apple.com>
758
759         JSC::Parser::Parser leaks Lexer member
760         https://bugs.webkit.org/show_bug.cgi?id=71847
761
762         Changed m_lexer member of Parser to be OwnPtr to fix a memory leak.
763
764         Reviewed by Oliver Hunt.
765
766         * parser/Parser.cpp:
767         (JSC::Parser::Parser):
768         (JSC::Parser::parseFunctionBody):
769         * parser/Parser.h:
770
771 2011-11-08  Yuqiang Xian  <yuqiang.xian@intel.com>
772
773         Enable DFG JIT by default on X86 Linux and Mac platforms
774         https://bugs.webkit.org/show_bug.cgi?id=71686
775
776         Reviewed by Filip Pizlo.
777
778         We can get 9% on SunSpider, 89% on Kraken and 37% on V8, on Linux X86.
779
780         * wtf/Platform.h:
781
782 2011-11-08  Yuqiang Xian  <yuqiang.xian@intel.com>
783
784         DFG 32_64 - update make lists for efl, gtk, and Qt ports with DFG change r99519
785         https://bugs.webkit.org/show_bug.cgi?id=71768
786
787         Reviewed by Geoffrey Garen.
788
789         Also includes a fix to make the newly introduced AssemblyHelpers
790         friend of JSValue as we need the Tag definitions.
791
792         * CMakeListsEfl.txt:
793         * GNUmakefile.list.am:
794         * Target.pri:
795         * runtime/JSValue.h:
796
797 2011-11-07  Yuqiang Xian  <yuqiang.xian@intel.com>
798
799         Fix gcc 4.4 compilation warnings in DFG 32_64
800         https://bugs.webkit.org/show_bug.cgi?id=71762
801
802         Reviewed by Filip Pizlo.
803
804         * dfg/DFGJITCodeGenerator.h:
805         (JSC::DFG::JITCodeGenerator::registersMatched):
806
807 2011-11-07  Filip Pizlo  <fpizlo@apple.com>
808
809         DFG code base should allow for classes not related to DFG::JITCompiler
810         to use DFG idioms
811         https://bugs.webkit.org/show_bug.cgi?id=71746
812
813         Reviewed by Gavin Barraclough.
814
815         * JavaScriptCore.xcodeproj/project.pbxproj:
816         * dfg/DFGAssemblyHelpers.cpp: Added.
817         (JSC::DFG::AssemblyHelpers::decodedCodeMapFor):
818         (JSC::DFG::AssemblyHelpers::emitCount):
819         (JSC::DFG::AssemblyHelpers::setSamplingFlag):
820         (JSC::DFG::AssemblyHelpers::clearSamplingFlag):
821         (JSC::DFG::AssemblyHelpers::jitAssertIsInt32):
822         (JSC::DFG::AssemblyHelpers::jitAssertIsJSInt32):
823         (JSC::DFG::AssemblyHelpers::jitAssertIsJSNumber):
824         (JSC::DFG::AssemblyHelpers::jitAssertIsJSDouble):
825         (JSC::DFG::AssemblyHelpers::jitAssertIsCell):
826         * dfg/DFGAssemblyHelpers.h: Added.
827         * dfg/DFGJITCompiler.cpp:
828         * dfg/DFGJITCompiler.h:
829         (JSC::DFG::JITCompiler::JITCompiler):
830         (JSC::DFG::JITCompiler::graph):
831         * dfg/DFGJITCompiler32_64.cpp:
832         * dfg/DFGOSRExit.h: Added.
833         (JSC::DFG::SpeculationRecovery::SpeculationRecovery):
834         (JSC::DFG::SpeculationRecovery::type):
835         (JSC::DFG::SpeculationRecovery::dest):
836         (JSC::DFG::SpeculationRecovery::src):
837         (JSC::DFG::OSRExit::numberOfRecoveries):
838         (JSC::DFG::OSRExit::valueRecovery):
839         (JSC::DFG::OSRExit::isArgument):
840         (JSC::DFG::OSRExit::isVariable):
841         (JSC::DFG::OSRExit::argumentForIndex):
842         (JSC::DFG::OSRExit::variableForIndex):
843         (JSC::DFG::OSRExit::operandForArgument):
844         (JSC::DFG::OSRExit::operandForIndex):
845         * dfg/DFGSpeculativeJIT.h:
846
847 2011-11-07  Filip Pizlo  <fpizlo@apple.com>
848
849         Switch back to 1+1 value profiling buckets, since it didn't help on arewefastyet,
850         but it appears to help on other benchmarks.
851
852         Rubber stamped by Oliver Hunt.
853
854         * bytecode/ValueProfile.h:
855
856 2011-11-07  Ariya Hidayat  <ariya@sencha.com>
857
858         "use strict" can not contain escape sequences or line continuation
859         https://bugs.webkit.org/show_bug.cgi?id=71532
860
861         Reviewed by Darin Adler.
862
863         Store the actual literal length (before the escapes and line
864         continuation are encoded) while parsing the directive and use it
865         for the directive comparison.
866
867         * parser/Parser.cpp:
868         (JSC::Parser::parseSourceElements):
869         (JSC::Parser::parseStatement):
870         * parser/Parser.h:
871
872 2011-11-06  Filip Pizlo  <fpizlo@apple.com>
873
874         DFG operationCreateThis slow path may get the wrong callee in case of inlining
875         https://bugs.webkit.org/show_bug.cgi?id=71647
876
877         Reviewed by Oliver Hunt.
878         
879         No new tests because I only saw this manifest itself when I had other bugs
880         leading to spurious slow path executions.
881
882         * dfg/DFGJITCodeGenerator.h:
883         (JSC::DFG::callOperation):
884         * dfg/DFGOperations.cpp:
885         * dfg/DFGOperations.h:
886         * dfg/DFGSpeculativeJIT32_64.cpp:
887         (JSC::DFG::SpeculativeJIT::compile):
888         * dfg/DFGSpeculativeJIT64.cpp:
889         (JSC::DFG::SpeculativeJIT::compile):
890
891 2011-11-07  Mark Hahnenberg  <mhahnenberg@apple.com>
892
893         De-virtualize JSObject::putWithAttributes
894         https://bugs.webkit.org/show_bug.cgi?id=71716
895
896         Reviewed by Darin Adler.
897
898         Added putWithAttributes to the MethodTable, changed all the virtual 
899         implementations of putWithAttributes to static ones, and replaced 
900         all call sites with corresponding lookups in the MethodTable.
901
902         * API/JSObjectRef.cpp:
903         (JSObjectSetProperty):
904         * JavaScriptCore.exp:
905         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
906         * debugger/DebuggerActivation.cpp:
907         (JSC::DebuggerActivation::putWithAttributes):
908         * debugger/DebuggerActivation.h:
909         * interpreter/Interpreter.cpp:
910         (JSC::Interpreter::execute):
911         * runtime/ClassInfo.h:
912         * runtime/JSActivation.cpp:
913         (JSC::JSActivation::putWithAttributes):
914         * runtime/JSActivation.h:
915         * runtime/JSCell.cpp:
916         (JSC::JSCell::putWithAttributes):
917         * runtime/JSCell.h:
918         * runtime/JSGlobalObject.cpp:
919         (JSC::JSGlobalObject::putWithAttributes):
920         * runtime/JSGlobalObject.h:
921         * runtime/JSObject.cpp:
922         (JSC::JSObject::putWithAttributes):
923         (JSC::putDescriptor):
924         * runtime/JSObject.h:
925         * runtime/JSStaticScopeObject.cpp:
926         (JSC::JSStaticScopeObject::putWithAttributes):
927         * runtime/JSStaticScopeObject.h:
928         * runtime/JSVariableObject.cpp:
929         (JSC::JSVariableObject::putWithAttributes):
930         * runtime/JSVariableObject.h:
931
932 2011-11-07  Dmitry Lomov  <dslomov@google.com>
933
934         Unreviewed. Release build fix.
935
936         * parser/Lexer.cpp:
937         (JSC::assertCharIsIn8BitRange):
938
939 2011-11-07  Filip Pizlo  <fpizlo@apple.com>
940
941         Switch the value profiler back to 8 buckets, because we suspect that while this
942         is more expensive it's also more stable.
943
944         Rubber stamped by Geoff Garen.
945
946         * bytecode/ValueProfile.h:
947
948 2011-11-07  Andrew Wason  <rectalogic@rectalogic.com>
949
950         Uninitialized Heap member var
951         https://bugs.webkit.org/show_bug.cgi?id=71722
952
953         Reviewed by Filip Pizlo.
954
955         * heap/Heap.cpp:
956         (JSC::Heap::Heap): Initialize m_blockFreeingThreadShouldQuit
957
958 2011-11-07  Yuqiang Xian  <yuqiang.xian@intel.com>
959
960         DFG 32_64 - registers cannot be reused arbitrarily if speculation failures are possible
961         https://bugs.webkit.org/show_bug.cgi?id=71684
962
963         Reviewed by Filip Pizlo.
964
965         Currently in DFG JIT, we try to reuse the physical register of an
966         operand for temporary usage if the current use of the operand is the
967         last use. But sometimes this can be wrong, for example if there are
968         possible speculation failures and we need to fallback to baseline JIT,
969         the value of the operand which is supposed to be hold in the physical
970         register can be modified by register reusing. The fixes the last
971         inspector failures in layout test on Mac 32-bit if switching on DFG.
972
973         * dfg/DFGSpeculativeJIT32_64.cpp:
974         (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
975         (JSC::DFG::SpeculativeJIT::compile):
976
977 2011-11-07  Ryosuke Niwa  <rniwa@webkit.org>
978
979         REGRESSION(r99436): Broke Snow Leopard debug build
980         https://bugs.webkit.org/show_bug.cgi?id=71713
981
982         Reviewed by Darin Adler.
983
984         Put the assertion in a template and use template specialization
985         to avoid warning when instantiated with UChar or LChar.
986
987         In the long term, we should have traits for unsigned integral types
988         and use that to specialize template instead of specializing it for UChar and LChar.
989
990         * parser/Lexer.cpp:
991         (JSC::assertCharIsIn8BitRange):
992         (JSC::::append8):
993
994 2011-11-07  ChangSeok Oh  <shivamidow@gmail.com>
995
996         [EFL] Support requestAnimationFrame API
997         https://bugs.webkit.org/show_bug.cgi?id=67112
998
999         Reviewed by Andreas Kling.
1000
1001         Let EFL port use REQUEST_ANIMATION_FRAME_TIMER.
1002
1003         * wtf/Platform.h:
1004
1005 2011-11-07  Michael Saboff  <msaboff@apple.com>
1006
1007         Towards 8 Bit Strings: Templatize JSC::Lexer class by character type
1008         https://bugs.webkit.org/show_bug.cgi?id=71331
1009
1010         Change the Lexer class to be a template class based on the character
1011         type of the source.  In the process updated the parseIdentifier()
1012         and parseString() methods to create 8 bit strings where possible.
1013         Also added some helper methods for accumulating temporary string
1014         data in the 8 and 16 bit vectors.
1015
1016         Changed the SourceProvider::data() virtual method to return a
1017         StringImpl* instead of a UChar*.
1018
1019         Updated the KeywordLookup generator to create code to match keywords
1020         for both 8 and 16 bit source strings.
1021
1022         Due to a compiler bug (<rdar://problem/10194295>) moved enum
1023         definition outside of Lexer class declaration.  Remove second enum
1024         no longer needed.
1025
1026         Reviewed by Darin Adler.
1027
1028         * KeywordLookupGenerator.py:
1029         * interpreter/Interpreter.cpp:
1030         (JSC::Interpreter::callEval):
1031         * parser/Lexer.cpp:
1032         (JSC::::Lexer):
1033         (JSC::::~Lexer):
1034         (JSC::::getInvalidCharMessage):
1035         (JSC::::currentCharacter):
1036         (JSC::::setCode):
1037         (JSC::::internalShift):
1038         (JSC::::shift):
1039         (JSC::::peek):
1040         (JSC::::getUnicodeCharacter):
1041         (JSC::::shiftLineTerminator):
1042         (JSC::::lastTokenWasRestrKeyword):
1043         (JSC::::record8):
1044         (JSC::::append8):
1045         (JSC::::append16):
1046         (JSC::::record16):
1047         (JSC::::parseIdentifier):
1048         (JSC::::parseIdentifierSlowCase):
1049         (JSC::::parseString):
1050         (JSC::::parseStringSlowCase):
1051         (JSC::::parseHex):
1052         (JSC::::parseOctal):
1053         (JSC::::parseDecimal):
1054         (JSC::::parseNumberAfterDecimalPoint):
1055         (JSC::::parseNumberAfterExponentIndicator):
1056         (JSC::::parseMultilineComment):
1057         (JSC::::nextTokenIsColon):
1058         (JSC::::lex):
1059         (JSC::::scanRegExp):
1060         (JSC::::skipRegExp):
1061         (JSC::::clear):
1062         (JSC::::sourceCode):
1063         * parser/Lexer.h:
1064         (JSC::Lexer::append16):
1065         (JSC::Lexer::currentOffset):
1066         (JSC::Lexer::setOffsetFromCharOffset):
1067         (JSC::::isWhiteSpace):
1068         (JSC::::isLineTerminator):
1069         (JSC::::convertHex):
1070         (JSC::::convertUnicode):
1071         (JSC::::makeIdentifier):
1072         (JSC::::setCodeStart):
1073         (JSC::::makeIdentifierLCharFromUChar):
1074         (JSC::::lexExpectIdentifier):
1075         * parser/Parser.cpp:
1076         (JSC::Parser::Parser):
1077         (JSC::Parser::parseProperty):
1078         (JSC::Parser::parseMemberExpression):
1079         * parser/Parser.h:
1080         (JSC::Parser::next):
1081         (JSC::Parser::nextExpectIdentifier):
1082         * parser/ParserArena.h:
1083         (JSC::IdentifierArena::makeIdentifier):
1084         (JSC::IdentifierArena::makeIdentifierLCharFromUChar):
1085         * parser/SourceCode.h:
1086         (JSC::SourceCode::subExpression):
1087         * parser/SourceProvider.h:
1088         (JSC::UStringSourceProvider::stringData):
1089         * parser/SourceProviderCache.h:
1090         * parser/SyntaxChecker.h:
1091         * runtime/FunctionPrototype.cpp:
1092         (JSC::insertSemicolonIfNeeded):
1093         * runtime/Identifier.cpp:
1094         (JSC::IdentifierTable::add):
1095         (JSC::IdentifierLCharFromUCharTranslator::hash):
1096         (JSC::IdentifierLCharFromUCharTranslator::equal):
1097         (JSC::IdentifierLCharFromUCharTranslator::translate):
1098         (JSC::Identifier::add8):
1099         * runtime/Identifier.h:
1100         (JSC::Identifier::Identifier):
1101         (JSC::Identifier::createLCharFromUChar):
1102         (JSC::Identifier::canUseSingleCharacterString):
1103         (JSC::IdentifierCharBufferTranslator::hash):
1104         (JSC::IdentifierCharBufferTranslator::equal):
1105         (JSC::IdentifierCharBufferTranslator::translate):
1106         (JSC::Identifier::add):
1107         (JSC::Identifier::equal):
1108         (JSC::IdentifierTable::add):
1109         * runtime/JSGlobalObjectFunctions.cpp:
1110         (JSC::decode):
1111         (JSC::parseIntOverflow):
1112         (JSC::globalFuncUnescape):
1113         * runtime/JSGlobalObjectFunctions.h:
1114         (JSC::parseIntOverflow):
1115         * runtime/LiteralParser.cpp:
1116         (JSC::LiteralParser::tryJSONPParse):
1117         (JSC::LiteralParser::Lexer::lexString):
1118         * wtf/text/StringImpl.h:
1119
1120 2011-11-07  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>
1121
1122         [Qt] Put the jsc binary in 'bin' instead of leaving it deep in the build tree
1123
1124         Allows us to not package up the whole Source/JavaScriptCore directory for the
1125         buildbots.
1126
1127         Reviewed-by Simon Hausmann.
1128
1129         * jsc.pro:
1130
1131 2011-11-06  Filip Pizlo  <fpizlo@apple.com>
1132
1133         REGRESSION(r99374): GTK+ build of the jsc binary doesn't like the call
1134         to initializeMainThread, and crashes
1135         https://bugs.webkit.org/show_bug.cgi?id=71643
1136
1137         Reviewed by Sam Weinig.
1138
1139         * jsc.cpp:
1140         (main):
1141
1142 2011-11-06  Sam Weinig  <sam@webkit.org>
1143
1144         Add space missing from some class declarations
1145         https://bugs.webkit.org/show_bug.cgi?id=71632
1146
1147         Reviewed by Anders Carlsson.
1148
1149         * assembler/AssemblerBufferWithConstantPool.h:
1150         * bytecode/CodeBlock.h:
1151         * dfg/DFGVariableAccessData.h:
1152         * heap/VTableSpectrum.h:
1153         * jit/ExecutableAllocator.cpp:
1154         * jit/ExecutableAllocatorFixedVMPool.cpp:
1155         * wtf/MetaAllocatorHandle.h:
1156         * wtf/UnionFind.h:
1157
1158 2011-11-06  Sam Weinig  <sam@webkit.org>
1159
1160         Allow use of FINAL in JavaScriptCore
1161         https://bugs.webkit.org/show_bug.cgi?id=71630
1162
1163         Reviewed by Anders Carlsson.
1164
1165         * Configurations/Base.xcconfig:
1166         Don't warn about C++11 extensions used in C++98 mode.
1167
1168 2011-11-05  Filip Pizlo  <fpizlo@apple.com>
1169
1170         Value profiling should just use two buckets
1171         https://bugs.webkit.org/show_bug.cgi?id=71619
1172
1173         Reviewed by Gavin Barraclough.
1174         
1175         Added one more configuration options (like Heuristics::minimumOptimizationDelay),
1176         improved debugging in JIT optimization support, changed the number of buckets
1177         in the value profile from 9 to 2, and wrote a more optimal value profiling path
1178         in the old JIT to take advantage of this. It's still possible to play around with
1179         larger numbers of buckets, and we should probably keep this for a little while
1180         until we convince ourselves that using just two buckets is the right call.
1181
1182         * bytecode/CodeBlock.cpp:
1183         (JSC::CodeBlock::shouldOptimizeNow):
1184         * bytecode/ValueProfile.h:
1185         * jit/JITInlineMethods.h:
1186         (JSC::JIT::emitValueProfilingSite):
1187         * jit/JITStubs.cpp:
1188         (JSC::DEFINE_STUB_FUNCTION):
1189         * runtime/Heuristics.cpp:
1190         (JSC::Heuristics::initializeHeuristics):
1191         * runtime/Heuristics.h:
1192
1193 2011-11-03  Filip Pizlo  <fpizlo@apple.com>
1194
1195         JSC should be able to sample itself in a more flexible way than just sampling flags
1196         https://bugs.webkit.org/show_bug.cgi?id=71522
1197
1198         Reviewed by Gavin Barraclough.
1199         
1200         Added a construct that looks like SamplingRegion samplingRegion("name").
1201
1202         * JavaScriptCore.exp:
1203         * JavaScriptCore.xcodeproj/project.pbxproj:
1204         * bytecode/SamplingTool.cpp:
1205         (JSC::SamplingRegion::Locker::Locker):
1206         (JSC::SamplingRegion::Locker::~Locker):
1207         (JSC::SamplingRegion::sample):
1208         (JSC::SamplingRegion::dump):
1209         (JSC::SamplingRegion::dumpInternal):
1210         (JSC::SamplingThread::threadStartFunc):
1211         * bytecode/SamplingTool.h:
1212         (JSC::SamplingRegion::SamplingRegion):
1213         (JSC::SamplingRegion::~SamplingRegion):
1214         (JSC::SamplingRegion::exchangeCurrent):
1215         * bytecompiler/BytecodeGenerator.cpp:
1216         (JSC::BytecodeGenerator::generate):
1217         * dfg/DFGDriver.cpp:
1218         (JSC::DFG::compile):
1219         * heap/Heap.cpp:
1220         (JSC::Heap::markRoots):
1221         (JSC::Heap::collect):
1222         * heap/VTableSpectrum.cpp:
1223         (JSC::VTableSpectrum::countVPtr):
1224         (JSC::VTableSpectrum::dump):
1225         * heap/VTableSpectrum.h:
1226         * jsc.cpp:
1227         (main):
1228         (runWithScripts):
1229         * parser/Parser.h:
1230         (JSC::parse):
1231         * runtime/Executable.cpp:
1232         (JSC::EvalExecutable::compileInternal):
1233         (JSC::ProgramExecutable::compileInternal):
1234         (JSC::FunctionExecutable::compileForCallInternal):
1235         (JSC::FunctionExecutable::compileForConstructInternal):
1236         * wtf/Atomics.h:
1237         (WTF::weakCompareAndSwap):
1238         * wtf/Platform.h:
1239         * wtf/Spectrum.h: Added.
1240         (WTF::Spectrum::Spectrum):
1241         (WTF::Spectrum::add):
1242         (WTF::Spectrum::get):
1243         (WTF::Spectrum::begin):
1244         (WTF::Spectrum::end):
1245         (WTF::Spectrum::KeyAndCount::KeyAndCount):
1246         (WTF::Spectrum::KeyAndCount::operator<):
1247         (WTF::Spectrum::buildList):
1248         * wtf/wtf.pri:
1249
1250 2011-11-05  Sam Weinig  <sam@webkit.org>
1251
1252         Fix windows build.
1253
1254         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1255
1256 2011-11-04  Sam Weinig  <sam@webkit.org>
1257
1258         Reduce the number of putWithAttributes
1259         https://bugs.webkit.org/show_bug.cgi?id=71597
1260
1261         Reviewed by Adam Roben.
1262
1263         * JavaScriptCore.exp:
1264         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1265         Remove exports of removed functions.
1266
1267         * runtime/JSActivation.cpp:
1268         (JSC::JSActivation::putWithAttributes):
1269         Calling the overload without the extra parameters does the same thing.
1270
1271         * runtime/JSObject.cpp:
1272         (JSC::JSObject::putWithAttributes):
1273         * runtime/JSObject.h:
1274         Remove four unused JSObject::putWithAttributes overloads and make one of the remaining
1275         two overloads not virtual, since no one overrides it.
1276
1277 2011-11-04  Pratik Solanki  <psolanki@apple.com>
1278
1279         sqrtDouble and andnotDouble should be declared noreturn
1280         https://bugs.webkit.org/show_bug.cgi?id=71592
1281
1282         Reviewed by Sam Weinig.
1283
1284         * assembler/MacroAssemblerARMv7.h:
1285
1286 2011-11-04  Mark Hahnenberg  <mhahnenberg@apple.com>
1287
1288         De-virtualize JSObject::hasInstance
1289         https://bugs.webkit.org/show_bug.cgi?id=71430
1290
1291         Reviewed by Darin Adler.
1292
1293         Added hasInstance to the MethodTable, changed all the virtual 
1294         implementations of hasInstance to static ones, and replaced 
1295         all call sites with corresponding lookups in the MethodTable.
1296
1297         * API/JSCallbackObject.h:
1298         * API/JSCallbackObjectFunctions.h:
1299         (JSC::::hasInstance):
1300         * API/JSValueRef.cpp:
1301         (JSValueIsInstanceOfConstructor):
1302         * JavaScriptCore.exp:
1303         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1304         * interpreter/Interpreter.cpp:
1305         (JSC::Interpreter::privateExecute):
1306         * jit/JITStubs.cpp:
1307         (JSC::DEFINE_STUB_FUNCTION):
1308         * runtime/ClassInfo.h:
1309         * runtime/JSBoundFunction.cpp:
1310         (JSC::JSBoundFunction::hasInstance):
1311         * runtime/JSBoundFunction.h:
1312         * runtime/JSCell.cpp:
1313         (JSC::JSCell::hasInstance):
1314         * runtime/JSCell.h:
1315         * runtime/JSObject.cpp:
1316         (JSC::JSObject::hasInstance):
1317         * runtime/JSObject.h:
1318
1319 2011-11-04  Tor Arne Vestbø  <tor.arne.vestbo@nokia.com>
1320
1321         [Qt] Refactor and clean up the qmake build system
1322
1323         The qmake build system has accumulated a bit of cruft and redundancy
1324         over time. There's also a fairly tight coupling between how to build
1325         the various targets, and _what_ to build, making it harder to add new
1326         rules or sources. This patch aims to elevate these issues somewhat.
1327
1328         This is a short-list of the changes:
1329
1330           * The rules for how to build targets are now mostly contained as
1331             prf-files in Tools/qmake/mkspecs/features. Using mkspecs also
1332             allows us to do pre- and post-processing of each project file,
1333             which helps to clean up the actual project files.
1334
1335           * Derived sources are no longer generated as a separate make-step
1336             but is part of each target's project file as a subdir. Makefile
1337             rules are used to ensure that we run make on the derived sources
1338             before running qmake on the actual target makefile. This makes
1339             it easier to keep a proper dependency between derived sources
1340             and the target.
1341
1342           * We use GNU make and the compiler to generate dependencies on
1343             UNIX-based systems running Qt 5. This allows us to lessen the
1344             need to run qmake, which should reduce compile time.
1345
1346           * WebKit2 is now build by default if building with Qt 5. It can
1347             be disabled by passing --no-webkit2 to build-webkit.
1348
1349         The result of these changes are hopefully a cleaner and easier
1350         build system to modify, and faster build times due to no longer
1351         running qmake on every single build. It's also a first step
1352         towards possibly generating the list of sources using another
1353         build system.
1354
1355         https://bugs.webkit.org/show_bug.cgi?id=71222
1356
1357         Reviewed by Simon Hausmann.
1358
1359         * DerivedSources.pri: Added.
1360         * DerivedSources.pro: Removed.
1361         * JavaScriptCore.pro:
1362         * Target.pri: Copied from Source/JavaScriptCore/JavaScriptCore.pro.
1363         * headers.pri: Removed.
1364         * jsc.pro:
1365         * wtf/wtf.pri:
1366         * yarr/yarr.pri:
1367
1368 2011-11-04  Yuqiang Xian  <yuqiang.xian@intel.com>
1369
1370         More code clean-up in DFG 32_64
1371         https://bugs.webkit.org/show_bug.cgi?id=71540
1372
1373         Remove unnecessary code duplications, and fix compilation warnings.
1374
1375         Reviewed by Gavin Barraclough.
1376
1377         * dfg/DFGJITCompiler.cpp:
1378         (JSC::DFG::JITCompiler::emitCount):
1379         (JSC::DFG::JITCompiler::setSamplingFlag):
1380         (JSC::DFG::JITCompiler::clearSamplingFlag):
1381         (JSC::DFG::JITCompiler::jitAssertIsCell):
1382         * dfg/DFGJITCompiler32_64.cpp:
1383         * dfg/DFGSpeculativeJIT32_64.cpp:
1384         (JSC::DFG::SpeculativeJIT::compile):
1385
1386 2011-11-04  Csaba Osztrogonác  <ossy@webkit.org>
1387
1388         De-virtualize JSObject::hasInstance
1389         https://bugs.webkit.org/show_bug.cgi?id=71430
1390
1391         Unreviewed rolling out r99238, because it made a test crash on all platform.
1392
1393         * API/JSCallbackObject.h:
1394         * API/JSCallbackObjectFunctions.h:
1395         (JSC::::hasInstance):
1396         * API/JSValueRef.cpp:
1397         (JSValueIsInstanceOfConstructor):
1398         * JavaScriptCore.exp:
1399         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1400         * interpreter/Interpreter.cpp:
1401         (JSC::Interpreter::privateExecute):
1402         * jit/JITStubs.cpp:
1403         (JSC::DEFINE_STUB_FUNCTION):
1404         * runtime/ClassInfo.h:
1405         * runtime/JSBoundFunction.cpp:
1406         (JSC::JSBoundFunction::hasInstance):
1407         * runtime/JSBoundFunction.h:
1408         * runtime/JSCell.cpp:
1409         * runtime/JSCell.h:
1410         * runtime/JSObject.cpp:
1411         (JSC::JSObject::hasInstance):
1412         * runtime/JSObject.h:
1413
1414 2011-11-03  Mark Hahnenberg  <mhahnenberg@apple.com>
1415
1416         De-virtualize JSObject::getPropertyNames
1417         https://bugs.webkit.org/show_bug.cgi?id=71306
1418
1419         Reviewed by Darin Adler.
1420
1421         Added getPropertyNames to the MethodTable, changed all the virtual 
1422         implementations of getPropertyNames to static ones, and replaced 
1423         all call sites with corresponding lookups in the MethodTable.
1424
1425         * API/JSObjectRef.cpp:
1426         (JSObjectCopyPropertyNames):
1427         * JavaScriptCore.exp:
1428         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1429         * debugger/DebuggerActivation.cpp:
1430         (JSC::DebuggerActivation::getOwnPropertyNames):
1431         * runtime/ClassInfo.h:
1432         * runtime/JSCell.cpp:
1433         (JSC::JSCell::getPropertyNames):
1434         * runtime/JSCell.h:
1435         * runtime/JSObject.cpp:
1436         (JSC::JSObject::getPropertyNames):
1437         (JSC::JSObject::getOwnPropertyNames):
1438         * runtime/JSObject.h:
1439         * runtime/JSPropertyNameIterator.cpp:
1440         (JSC::JSPropertyNameIterator::create):
1441         * runtime/ScopeChain.cpp:
1442         (JSC::ScopeChainNode::print):
1443         * runtime/Structure.cpp:
1444         (JSC::Structure::getPropertyNamesFromStructure):
1445         * runtime/Structure.h:
1446
1447 2011-11-03  Darin Adler  <darin@apple.com>
1448
1449         Change remaining callers of releaseRef to call leakRef
1450         https://bugs.webkit.org/show_bug.cgi?id=71422
1451
1452         * wtf/text/AtomicString.cpp:
1453         (WTF::HashAndUTF8CharactersTranslator::translate): Use leakRef.
1454
1455 2011-11-02  Darin Adler  <darin@apple.com>
1456
1457         Change remaining callers of releaseRef to call leakRef
1458         https://bugs.webkit.org/show_bug.cgi?id=71422
1459
1460         * wtf/text/AtomicString.cpp:
1461         (WTF::HashAndUTF8CharactersTranslator::translate): Use leakRef.
1462
1463 2011-11-03  Mark Hahnenberg  <mhahnenberg@apple.com>
1464
1465         De-virtualize JSObject::hasInstance
1466         https://bugs.webkit.org/show_bug.cgi?id=71430
1467
1468         Reviewed by Darin Adler.
1469
1470         Added hasInstance to the MethodTable, changed all the virtual 
1471         implementations of hasInstance to static ones, and replaced 
1472         all call sites with corresponding lookups in the MethodTable.
1473
1474         * API/JSCallbackObject.h:
1475         * API/JSCallbackObjectFunctions.h:
1476         (JSC::::hasInstance):
1477         * API/JSValueRef.cpp:
1478         (JSValueIsInstanceOfConstructor):
1479         * JavaScriptCore.exp:
1480         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1481         * interpreter/Interpreter.cpp:
1482         (JSC::Interpreter::privateExecute):
1483         * jit/JITStubs.cpp:
1484         (JSC::DEFINE_STUB_FUNCTION):
1485         * runtime/ClassInfo.h:
1486         * runtime/JSBoundFunction.cpp:
1487         (JSC::JSBoundFunction::hasInstance):
1488         * runtime/JSBoundFunction.h:
1489         * runtime/JSCell.cpp:
1490         (JSC::JSCell::hasInstance):
1491         * runtime/JSCell.h:
1492         * runtime/JSObject.cpp:
1493         (JSC::JSObject::hasInstance):
1494         * runtime/JSObject.h:
1495
1496 2011-11-03  Filip Pizlo  <fpizlo@apple.com>
1497
1498         JIT-specific code should be able to refer to register types even on JIT-disabled builds
1499         https://bugs.webkit.org/show_bug.cgi?id=71498
1500
1501         Reviewed by Gavin Barraclough.
1502
1503         * assembler/MacroAssembler.h:
1504         (MacroAssembler::MacroAssembler):
1505
1506 2011-11-03  Mark Hahnenberg  <mhahnenberg@apple.com>
1507
1508         De-virtualize JSObject::className
1509         https://bugs.webkit.org/show_bug.cgi?id=71428
1510
1511         Reviewed by Sam Weinig.
1512
1513         Added className to the MethodTable, changed all the virtual 
1514         implementations of className to static ones, and replaced 
1515         all call sites with corresponding lookups in the MethodTable.
1516
1517         * API/JSCallbackObject.h:
1518         * API/JSCallbackObjectFunctions.h:
1519         (JSC::::className):
1520         * JavaScriptCore.exp:
1521         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1522         * debugger/DebuggerActivation.cpp:
1523         (JSC::DebuggerActivation::className):
1524         * debugger/DebuggerActivation.h:
1525         * jsc.cpp:
1526         (GlobalObject::createStructure):
1527         * profiler/Profiler.cpp:
1528         (JSC::Profiler::createCallIdentifier):
1529         * runtime/ClassInfo.h:
1530         * runtime/JSCell.cpp:
1531         (JSC::JSCell::className):
1532         * runtime/JSCell.h:
1533         * runtime/JSObject.cpp:
1534         (JSC::JSObject::className):
1535         * runtime/JSObject.h:
1536         * runtime/ObjectPrototype.cpp:
1537         (JSC::objectProtoFuncToString):
1538         * testRegExp.cpp:
1539         (GlobalObject::createStructure):
1540
1541 2011-11-02  Jer Noble  <jer.noble@apple.com>
1542
1543         Add Clock class and platform-specific implementations.
1544         https://bugs.webkit.org/show_bug.cgi?id=71341
1545
1546         Reviewed by Sam Weinig.
1547
1548         Add WTF_USE_COREAUDIO macro for use by PlatformClockCA.
1549
1550         * wtf/Platform.h:
1551
1552 2011-11-03  Pavel Feldman  <pfeldman@chromium.org>
1553
1554         Not reviewed: fixing win build. step2.
1555
1556         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1557
1558 2011-11-03  Pavel Feldman  <pfeldman@chromium.org>
1559
1560         Not reviewed: fix windows build, step1
1561
1562         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1563
1564 2011-11-03  Pavel Feldman  <pfeldman@google.com>
1565
1566         Web Inspector: preserve script location for inline handlers.
1567         https://bugs.webkit.org/show_bug.cgi?id=71367
1568
1569         Makes SourceCode factories receive TextPosition instead of the line number;
1570         Stores consistent position values in SourceCode and SourceProvider;
1571
1572         Reviewed by Yury Semikhatsky.
1573
1574         * API/JSBase.cpp:
1575         (JSEvaluateScript):
1576         (JSCheckScriptSyntax):
1577         * API/JSObjectRef.cpp:
1578         (JSObjectMakeFunction):
1579         * parser/SourceCode.h:
1580         (JSC::makeSource):
1581         * parser/SourceProvider.h:
1582         (JSC::SourceProvider::SourceProvider):
1583         (JSC::SourceProvider::startPosition):
1584         (JSC::UStringSourceProvider::create):
1585         (JSC::UStringSourceProvider::UStringSourceProvider):
1586         * runtime/FunctionConstructor.cpp:
1587         (JSC::constructFunction):
1588         (JSC::constructFunctionSkippingEvalEnabledCheck):
1589         * runtime/FunctionConstructor.h:
1590
1591 2011-11-03  Kentaro Hara  <haraken@chromium.org>
1592
1593         Fixed wrong implementation of doubleValue % 2^{64}.
1594         https://bugs.webkit.org/show_bug.cgi?id=67980
1595
1596         Reviewed by Hajime Morita.
1597
1598         fast/events/constructors/progress-event-constructor.html was failing
1599         because of the wrong implementation of conversion from an ECMAScript value
1600         to an IDL unsigned long long value (Spec: http://www.w3.org/TR/WebIDL/#es-unsigned-long-long).
1601         In particular, the calculation of doubleValue % 2^{64} was wrong.
1602         This patch implemented it correctly in doubleToInteger() in wtf/MathExtras.h.
1603
1604         * wtf/MathExtras.h:
1605         (doubleToInteger): Implemented the spec correctly.
1606
1607 2011-11-03  Sheriff Bot  <webkit.review.bot@gmail.com>
1608
1609         Unreviewed, rolling out r99089.
1610         http://trac.webkit.org/changeset/99089
1611         https://bugs.webkit.org/show_bug.cgi?id=71448
1612
1613         @plt postfix for math functions cause crash on Linux 32 (the
1614         symbol is defined but it points to NULL) (Requested by
1615         zherczeg on #webkit).
1616
1617         * dfg/DFGOperations.cpp:
1618         * jit/JITStubs.cpp:
1619         * jit/ThunkGenerators.cpp:
1620
1621 2011-11-02  Filip Pizlo  <fpizlo@apple.com>
1622
1623         DFG inlining breaks function.arguments[something] if the argument being
1624         retrieved was subjected to DFG's unboxing optimizations
1625         https://bugs.webkit.org/show_bug.cgi?id=71436
1626
1627         Reviewed by Oliver Hunt.
1628         
1629         This makes inlined arguments retrieval use some of the same machinery as
1630         OSR to determine where from, and how, to retrieve a value that the DFG
1631         might have somehow squirreled away while the old JIT would put it in its
1632         obvious location, using an obvious format.
1633         
1634         To that end, previously DFG-internal notions such as DataFormat,
1635         VirtualRegister, and ValueRecovery are now in bytecode/ since they are
1636         stored as part of InlineCallFrames.
1637
1638         * bytecode/CodeOrigin.h:
1639         * dfg/DFGAbstractState.cpp:
1640         (JSC::DFG::AbstractState::execute):
1641         * dfg/DFGByteCodeParser.cpp:
1642         (JSC::DFG::ByteCodeParser::handleInlining):
1643         (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
1644         * dfg/DFGJITCompiler.cpp:
1645         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
1646         * dfg/DFGJITCompiler32_64.cpp:
1647         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
1648         * dfg/DFGNode.h:
1649         * dfg/DFGPropagator.cpp:
1650         (JSC::DFG::Propagator::propagateNodePredictions):
1651         * dfg/DFGSpeculativeJIT.cpp:
1652         (JSC::DFG::SpeculativeJIT::compile):
1653         * dfg/DFGSpeculativeJIT64.cpp:
1654         (JSC::DFG::SpeculativeJIT::compile):
1655         * interpreter/CallFrame.cpp:
1656         (JSC::CallFrame::trueCallerFrame):
1657         * interpreter/CallFrame.h:
1658         (JSC::ExecState::inlineCallFrame):
1659         * interpreter/Register.h:
1660         (JSC::Register::asInlineCallFrame):
1661         (JSC::Register::unboxedInt32):
1662         (JSC::Register::unboxedBoolean):
1663         (JSC::Register::unboxedCell):
1664         * runtime/Arguments.h:
1665         (JSC::Arguments::finishCreationAndCopyRegisters):
1666
1667 2011-11-02  Filip Pizlo  <fpizlo@apple.com>
1668
1669         ValueRecovery should be moved out of the DFG JIT
1670         https://bugs.webkit.org/show_bug.cgi?id=71439
1671
1672         Reviewed by Oliver Hunt.
1673
1674         * JavaScriptCore.xcodeproj/project.pbxproj:
1675         * bytecode/DataFormat.h: Added.
1676         (JSC::dataFormatToString):
1677         (JSC::needDataFormatConversion):
1678         (JSC::isJSFormat):
1679         (JSC::isJSInteger):
1680         (JSC::isJSDouble):
1681         (JSC::isJSCell):
1682         (JSC::isJSBoolean):
1683         * bytecode/ValueRecovery.h: Added.
1684         (JSC::ValueRecovery::ValueRecovery):
1685         (JSC::ValueRecovery::alreadyInRegisterFile):
1686         (JSC::ValueRecovery::alreadyInRegisterFileAsUnboxedInt32):
1687         (JSC::ValueRecovery::alreadyInRegisterFileAsUnboxedCell):
1688         (JSC::ValueRecovery::alreadyInRegisterFileAsUnboxedBoolean):
1689         (JSC::ValueRecovery::inGPR):
1690         (JSC::ValueRecovery::inPair):
1691         (JSC::ValueRecovery::inFPR):
1692         (JSC::ValueRecovery::displacedInRegisterFile):
1693         (JSC::ValueRecovery::constant):
1694         (JSC::ValueRecovery::technique):
1695         (JSC::ValueRecovery::isInRegisters):
1696         (JSC::ValueRecovery::gpr):
1697         (JSC::ValueRecovery::tagGPR):
1698         (JSC::ValueRecovery::payloadGPR):
1699         (JSC::ValueRecovery::fpr):
1700         (JSC::ValueRecovery::virtualRegister):
1701         (JSC::ValueRecovery::dump):
1702         * bytecode/VirtualRegister.h: Added.
1703         * dfg/DFGGenerationInfo.h:
1704         (JSC::DFG::GenerationInfo::isJSFormat):
1705         * dfg/DFGSpeculativeJIT.cpp:
1706         (JSC::DFG::ValueSource::dump):
1707         * dfg/DFGSpeculativeJIT.h:
1708         * dfg/DFGVariableAccessData.h:
1709
1710 2011-11-02  Sam Weinig  <sam@webkit.org>
1711
1712         Object.getOwnPropertyDescriptor() does not retrieve the getter/setter from a property on the window that has been overridden with a getter/setter
1713         https://bugs.webkit.org/show_bug.cgi?id=71333
1714
1715         Reviewed by Gavin Barraclough.
1716
1717         Tested by fast/dom/getter-on-window-object2.html
1718
1719         * runtime/PropertyDescriptor.cpp:
1720         (JSC::PropertyDescriptor::setDescriptor):
1721         The attributes returned from Structure::get do not include Getter or Setter, so
1722         instead check if the value is a GetterSetter like we do elsewhere. If it is, update
1723         the descriptor's attributes accordingly.
1724
1725 2011-11-02  Yuqiang Xian  <yuqiang.xian@intel.com>
1726
1727         FunctionPtr should accept FASTCALL functions on X86
1728         https://bugs.webkit.org/show_bug.cgi?id=71434
1729
1730         Reviewed by Filip Pizlo.
1731
1732         On X86 we sometimes use FASTCALL convention functions, for example the
1733         cti functions, and we may need the pointers to such functions, e.g.,
1734         in current DFG register file check and arity check, though long term
1735         we may avoid such usage of cti calls in DFG.
1736
1737         * assembler/MacroAssemblerCodeRef.h:
1738         (JSC::FunctionPtr::FunctionPtr):
1739
1740 2011-11-02  Filip Pizlo  <fpizlo@apple.com>
1741
1742         Inlined uses of the global object should use the right global object
1743         https://bugs.webkit.org/show_bug.cgi?id=71427
1744
1745         Reviewed by Oliver Hunt.
1746
1747         * dfg/DFGJITCompiler.h:
1748         (JSC::DFG::JITCompiler::globalObjectFor):
1749         * dfg/DFGSpeculativeJIT64.cpp:
1750         (JSC::DFG::SpeculativeJIT::compile):
1751
1752 2011-11-02  Yuqiang Xian  <yuqiang.xian@intel.com>
1753
1754         Remove some unnecessary loads/stores in DFG JIT 32_64
1755         https://bugs.webkit.org/show_bug.cgi?id=71090
1756
1757         Reviewed by Filip Pizlo.
1758
1759         In fillSpeculateCell and OSR exit, some unnecessary loads/stores can
1760         be eliminated.
1761
1762         * dfg/DFGJITCompiler32_64.cpp:
1763         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
1764         * dfg/DFGSpeculativeJIT32_64.cpp:
1765         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
1766
1767 2011-11-02  Adam Klein  <adamk@chromium.org>
1768
1769         Replace usage of StringImpl with String where possible in CharacterData and Text
1770         https://bugs.webkit.org/show_bug.cgi?id=71383
1771
1772         Reviewed by Darin Adler.
1773
1774         * wtf/text/WTFString.h:
1775         (WTF::String::containsOnlyWhitespace): Added new method.
1776
1777 2011-11-02  Mark Hahnenberg  <mhahnenberg@apple.com>
1778
1779         De-virtualize JSObject::getOwnPropertyNames
1780         https://bugs.webkit.org/show_bug.cgi?id=71307
1781
1782         Reviewed by Darin Adler.
1783
1784         Added getOwnPropertyNames to the MethodTable, changed all the virtual 
1785         implementations of getOwnPropertyNames to static ones, and replaced 
1786         all call sites with corresponding lookups in the MethodTable.
1787
1788         * API/JSCallbackObject.h:
1789         * API/JSCallbackObjectFunctions.h:
1790         (JSC::::getOwnPropertyNames):
1791         * JavaScriptCore.exp:
1792         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1793         * debugger/DebuggerActivation.cpp:
1794         (JSC::DebuggerActivation::getOwnPropertyNames):
1795         * debugger/DebuggerActivation.h:
1796         * runtime/Arguments.cpp:
1797         (JSC::Arguments::getOwnPropertyNames):
1798         * runtime/Arguments.h:
1799         * runtime/ClassInfo.h:
1800         * runtime/JSActivation.cpp:
1801         (JSC::JSActivation::getOwnPropertyNames):
1802         * runtime/JSActivation.h:
1803         * runtime/JSArray.cpp:
1804         (JSC::JSArray::getOwnPropertyNames):
1805         * runtime/JSArray.h:
1806         * runtime/JSByteArray.cpp:
1807         (JSC::JSByteArray::getOwnPropertyNames):
1808         * runtime/JSByteArray.h:
1809         * runtime/JSCell.cpp:
1810         (JSC::JSCell::getOwnPropertyNames):
1811         * runtime/JSCell.h:
1812         * runtime/JSFunction.cpp:
1813         (JSC::JSFunction::getOwnPropertyNames):
1814         * runtime/JSFunction.h:
1815         * runtime/JSNotAnObject.cpp:
1816         (JSC::JSNotAnObject::getOwnPropertyNames):
1817         * runtime/JSNotAnObject.h:
1818         * runtime/JSONObject.cpp:
1819         (JSC::Stringifier::Holder::appendNextProperty):
1820         (JSC::Walker::walk):
1821         * runtime/JSObject.cpp:
1822         (JSC::JSObject::getPropertyNames):
1823         (JSC::JSObject::getOwnPropertyNames):
1824         * runtime/JSObject.h:
1825         * runtime/JSVariableObject.cpp:
1826         (JSC::JSVariableObject::~JSVariableObject):
1827         (JSC::JSVariableObject::getOwnPropertyNames):
1828         * runtime/JSVariableObject.h:
1829         * runtime/ObjectConstructor.cpp:
1830         (JSC::objectConstructorGetOwnPropertyNames):
1831         (JSC::objectConstructorKeys):
1832         (JSC::defineProperties):
1833         * runtime/RegExpMatchesArray.h:
1834         (JSC::RegExpMatchesArray::getOwnPropertyNames):
1835         * runtime/StringObject.cpp:
1836         (JSC::StringObject::getOwnPropertyNames):
1837         * runtime/StringObject.h:
1838         * runtime/Structure.h:
1839
1840 2011-11-02  Dean Jackson  <dino@apple.com>
1841
1842         Add ENABLE_CSS_SHADERS flag
1843         https://bugs.webkit.org/show_bug.cgi?id=71394
1844
1845         Reviewed by Sam Weinig.
1846
1847         * Configurations/FeatureDefines.xcconfig:
1848
1849 2011-11-02  Alexey Shabalin  <a.shabalin@gmail.com>
1850
1851         TEXTREL in libjavascriptcoregtk-1.0.so.0.11.0 on x86 (or i586)
1852         https://bugs.webkit.org/show_bug.cgi?id=70610
1853
1854         Reviewed by Martin Robinson.
1855
1856         Properly annotate ASM on BSD and Linux x86 systems.
1857
1858         * dfg/DFGOperations.cpp: Add annotation for X86.
1859         * jit/JITStubs.cpp: Ditto.
1860         * jit/ThunkGenerators.cpp: Ditto.
1861
1862 2011-11-02  Xianzhu Wang  <wangxianzhu@chromium.org>
1863
1864         Missing Force8BitConstructor in 8-bit version of StringImpl::reallocate()
1865         https://bugs.webkit.org/show_bug.cgi?id=71347
1866
1867         Reviewed by Geoffrey Garen.
1868
1869         * wtf/text/StringImpl.cpp:
1870         (WTF::StringImpl::reallocate):
1871
1872 2011-11-01  Darin Adler  <darin@apple.com>
1873
1874         Cut down on malloc/free a bit in the parser arena
1875         https://bugs.webkit.org/show_bug.cgi?id=71343
1876
1877         Reviewed by Oliver Hunt.
1878
1879         * parser/ParserArena.cpp:
1880         (JSC::ParserArena::deallocateObjects): Call the destructors of
1881         the deletable objects before freeing the pools. Don't call
1882         fastFree on the deletable objects any more.
1883
1884         * parser/ParserArena.h:
1885         (JSC::ParserArena::allocateDeletable): Use allocateFreeable
1886         instead of fastMalloc here.
1887
1888 2011-11-01  Sam Weinig  <sam@webkit.org>
1889
1890         Implement __lookupGetter__/__lookupSetter__ in terms of getPropertyDescriptor
1891         https://bugs.webkit.org/show_bug.cgi?id=71336
1892
1893         Reviewed by Darin Adler.
1894
1895         * debugger/DebuggerActivation.cpp:
1896         * debugger/DebuggerActivation.h:
1897         Remove overrides of lookupGetter/lookupSetter, which are no longer needed
1898         due to implementing getPropertyDescriptor.
1899
1900         * runtime/JSObject.cpp:
1901         (JSC::JSObject::lookupGetter):
1902         (JSC::JSObject::lookupSetter):
1903         * runtime/JSObject.h:
1904         De-virtualize lookupGetter/lookupSetter, and implement them in terms of
1905         getPropertyDescriptor.
1906
1907 2011-11-01  Mark Hahnenberg  <mhahnenberg@apple.com>
1908
1909         De-virtualize JSObject::defineSetter
1910         https://bugs.webkit.org/show_bug.cgi?id=71303
1911
1912         Reviewed by Darin Adler.
1913
1914         Added defineSetter to the MethodTable, changed all the virtual 
1915         implementations of defineSetter to static ones, and replaced 
1916         all call sites with corresponding lookups in the MethodTable.
1917
1918         * JavaScriptCore.exp:
1919         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1920         * debugger/DebuggerActivation.cpp:
1921         (JSC::DebuggerActivation::defineSetter):
1922         * debugger/DebuggerActivation.h:
1923         * interpreter/Interpreter.cpp:
1924         (JSC::Interpreter::privateExecute):
1925         * jit/JITStubs.cpp:
1926         (JSC::DEFINE_STUB_FUNCTION):
1927         * runtime/ClassInfo.h:
1928         * runtime/JSCell.cpp:
1929         (JSC::JSCell::defineSetter):
1930         * runtime/JSCell.h:
1931         * runtime/JSGlobalObject.cpp:
1932         (JSC::JSGlobalObject::defineSetter):
1933         * runtime/JSGlobalObject.h:
1934         * runtime/JSObject.cpp:
1935         (JSC::JSObject::defineSetter):
1936         (JSC::putDescriptor):
1937         * runtime/JSObject.h:
1938         * runtime/ObjectPrototype.cpp:
1939         (JSC::objectProtoFuncDefineSetter):
1940
1941 2011-11-01  Filip Pizlo  <fpizlo@apple.com>
1942
1943         DFG inlining breaks function.arguments
1944         https://bugs.webkit.org/show_bug.cgi?id=71329
1945
1946         Reviewed by Oliver Hunt.
1947         
1948         The DFG was forgetting to store code origin mappings for inlined
1949         call sites. Some of the fast-path optimizations for
1950         CallFrame::trueCallerFrame() were wrong. An assertion in Arguments
1951         was wrong.
1952         
1953         I also took the opportunity to decrease code duplication between
1954         DFG64 and DFG32_64, because I didn't feel like writing the same
1955         code twice.
1956
1957         * bytecode/CodeBlock.h:
1958         (JSC::ExecState::isInlineCallFrame):
1959         * dfg/DFGJITCompiler.cpp:
1960         (JSC::DFG::JITCompiler::compileEntry):
1961         (JSC::DFG::JITCompiler::compileBody):
1962         (JSC::DFG::JITCompiler::link):
1963         (JSC::DFG::JITCompiler::compile):
1964         (JSC::DFG::JITCompiler::compileFunction):
1965         * dfg/DFGJITCompiler32_64.cpp:
1966         * dfg/DFGNode.h:
1967         * interpreter/CallFrame.cpp:
1968         (JSC::CallFrame::trueCallerFrame):
1969         * interpreter/CallFrame.h:
1970         * runtime/Arguments.h:
1971         (JSC::Arguments::getArgumentsData):
1972
1973 2011-11-01  Xianzhu Wang  <wangxianzhu@chromium.org>
1974
1975         StringImpl::reallocate() should have a 8-bit version
1976         https://bugs.webkit.org/show_bug.cgi?id=71210
1977
1978         Reviewed by Geoffrey Garen.
1979
1980         * wtf/text/StringImpl.cpp:
1981         (WTF::StringImpl::reallocate):
1982         * wtf/text/StringImpl.h:
1983
1984 2011-10-31  Filip Pizlo  <fpizlo@apple.com>
1985
1986         The GC should be parallel
1987         https://bugs.webkit.org/show_bug.cgi?id=70995
1988
1989         Reviewed by Geoff Garen.
1990         
1991         Added parallel tracing to the GC. This works by having local mark
1992         stacks per thread, and a global shared one. Threads sometimes
1993         donate cells from the mark stack to the global one if the heuristics
1994         tell them that it's affordable to do so. Threads that have depleted
1995         their local mark stacks try to steal some from the shared one.
1996
1997         Marking is now done using an atomic weak relaxed CAS (compare-and-swap).
1998         
1999         This is a 23% speed-up on V8-splay when I use 4 marking threads,
2000         leading to a 3.5% speed-up on V8.
2001         
2002         It also appears that this reduces GC pause times on real websites by
2003         more than half.
2004
2005         * JavaScriptCore.exp:
2006         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2007         * heap/Heap.cpp:
2008         (JSC::Heap::Heap):
2009         (JSC::Heap::~Heap):
2010         (JSC::Heap::markRoots):
2011         * heap/Heap.h:
2012         * heap/MarkStack.cpp:
2013         (JSC::MarkStackSegmentAllocator::MarkStackSegmentAllocator):
2014         (JSC::MarkStackSegmentAllocator::~MarkStackSegmentAllocator):
2015         (JSC::MarkStackSegmentAllocator::allocate):
2016         (JSC::MarkStackSegmentAllocator::release):
2017         (JSC::MarkStackSegmentAllocator::shrinkReserve):
2018         (JSC::MarkStackArray::MarkStackArray):
2019         (JSC::MarkStackArray::~MarkStackArray):
2020         (JSC::MarkStackArray::expand):
2021         (JSC::MarkStackArray::refill):
2022         (JSC::MarkStackArray::donateSomeCellsTo):
2023         (JSC::MarkStackArray::stealSomeCellsFrom):
2024         (JSC::MarkStackThreadSharedData::markingThreadMain):
2025         (JSC::MarkStackThreadSharedData::markingThreadStartFunc):
2026         (JSC::MarkStackThreadSharedData::MarkStackThreadSharedData):
2027         (JSC::MarkStackThreadSharedData::~MarkStackThreadSharedData):
2028         (JSC::MarkStackThreadSharedData::reset):
2029         (JSC::MarkStack::reset):
2030         (JSC::SlotVisitor::donateSlow):
2031         (JSC::SlotVisitor::drain):
2032         (JSC::SlotVisitor::drainFromShared):
2033         (JSC::MarkStack::mergeOpaqueRoots):
2034         (JSC::SlotVisitor::harvestWeakReferences):
2035         * heap/MarkStack.h:
2036         (JSC::MarkStackSegment::data):
2037         (JSC::MarkStackSegment::capacityFromSize):
2038         (JSC::MarkStackSegment::sizeFromCapacity):
2039         (JSC::MarkStackArray::postIncTop):
2040         (JSC::MarkStackArray::preDecTop):
2041         (JSC::MarkStackArray::setTopForFullSegment):
2042         (JSC::MarkStackArray::setTopForEmptySegment):
2043         (JSC::MarkStackArray::top):
2044         (JSC::MarkStackArray::validatePrevious):
2045         (JSC::MarkStack::addWeakReferenceHarvester):
2046         (JSC::MarkStack::mergeOpaqueRootsIfNecessary):
2047         (JSC::MarkStack::mergeOpaqueRootsIfProfitable):
2048         (JSC::MarkStack::MarkStack):
2049         (JSC::MarkStack::addOpaqueRoot):
2050         (JSC::MarkStack::containsOpaqueRoot):
2051         (JSC::MarkStack::opaqueRootCount):
2052         (JSC::MarkStackArray::append):
2053         (JSC::MarkStackArray::canRemoveLast):
2054         (JSC::MarkStackArray::removeLast):
2055         (JSC::MarkStackArray::isEmpty):
2056         (JSC::MarkStackArray::canDonateSomeCells):
2057         (JSC::MarkStackArray::size):
2058         (JSC::ParallelModeEnabler::ParallelModeEnabler):
2059         (JSC::ParallelModeEnabler::~ParallelModeEnabler):
2060         * heap/MarkedBlock.h:
2061         (JSC::MarkedBlock::testAndSetMarked):
2062         * heap/SlotVisitor.h:
2063         (JSC::SlotVisitor::donate):
2064         (JSC::SlotVisitor::donateAndDrain):
2065         (JSC::SlotVisitor::donateKnownParallel):
2066         (JSC::SlotVisitor::SlotVisitor):
2067         * heap/WeakReferenceHarvester.h:
2068         * runtime/Heuristics.cpp:
2069         (JSC::Heuristics::initializeHeuristics):
2070         * runtime/Heuristics.h:
2071         * wtf/Atomics.h:
2072         (WTF::weakCompareAndSwap):
2073         * wtf/Bitmap.h:
2074         (WTF::::Bitmap):
2075         (WTF::::get):
2076         (WTF::::set):
2077         (WTF::::testAndSet):
2078         (WTF::::testAndClear):
2079         (WTF::::concurrentTestAndSet):
2080         (WTF::::concurrentTestAndClear):
2081         (WTF::::clear):
2082         (WTF::::clearAll):
2083         (WTF::::nextPossiblyUnset):
2084         (WTF::::findRunOfZeros):
2085         (WTF::::count):
2086         (WTF::::isEmpty):
2087         (WTF::::isFull):
2088         * wtf/MainThread.h:
2089         (WTF::isMainThreadOrGCThread):
2090         * wtf/Platform.h:
2091         * wtf/ThreadSpecific.h:
2092         (WTF::::isSet):
2093         * wtf/mac/MainThreadMac.mm:
2094         (WTF::initializeGCThreads):
2095         (WTF::initializeMainThreadPlatform):
2096         (WTF::initializeMainThreadToProcessMainThreadPlatform):
2097         (WTF::registerGCThread):
2098         (WTF::isMainThreadOrGCThread):
2099
2100 2011-10-31  Mark Hahnenberg  <mhahnenberg@apple.com>
2101
2102         De-virtualize JSObject::defaultValue
2103         https://bugs.webkit.org/show_bug.cgi?id=71146
2104
2105         Reviewed by Sam Weinig.
2106
2107         Added defaultValue to the MethodTable.  Replaced all virtual versions of 
2108         defaultValue with static versions.  Replaced all call sites with lookups in the 
2109         MethodTable.
2110
2111         * JavaScriptCore.exp:
2112         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2113         * runtime/ClassInfo.h:
2114         * runtime/ExceptionHelpers.cpp:
2115         (JSC::InterruptedExecutionError::defaultValue):
2116         (JSC::TerminatedExecutionError::defaultValue):
2117         * runtime/ExceptionHelpers.h:
2118         * runtime/JSCell.cpp:
2119         (JSC::JSCell::defaultValue):
2120         * runtime/JSCell.h:
2121         * runtime/JSNotAnObject.cpp:
2122         (JSC::JSNotAnObject::defaultValue):
2123         * runtime/JSNotAnObject.h:
2124         * runtime/JSObject.cpp:
2125         (JSC::JSObject::getPrimitiveNumber):
2126         (JSC::JSObject::defaultValue):
2127         * runtime/JSObject.h:
2128         (JSC::JSObject::toPrimitive):
2129
2130 2011-10-31  Mark Hahnenberg  <mhahnenberg@apple.com>
2131
2132         Interpreter build fix
2133
2134         Unreviewed build fix
2135
2136         * interpreter/Interpreter.cpp:
2137         (JSC::Interpreter::privateExecute):
2138         * runtime/Executable.cpp:
2139         (JSC::FunctionExecutable::compileForCallInternal):
2140         (JSC::FunctionExecutable::compileForConstructInternal):
2141
2142 2011-10-31  Filip Pizlo  <fpizlo@apple.com>
2143
2144         DFG OSR exits should add to value profiles
2145         https://bugs.webkit.org/show_bug.cgi?id=71202
2146
2147         Reviewed by Oliver Hunt.
2148         
2149         Value profiles now have an extra special slot not used by the old JIT's
2150         profiling, which is reserved for OSR exits.
2151         
2152         The DFG's OSR exit code now knows which register, node index, and value
2153         profiling site was responsible for the (possibly flawed) information that
2154         led to the OSR failure. This is somewhat opportunistic and imperfect;
2155         if there's a lot of control flow between the value profiling site and the
2156         OSR failure point, then this mechanism simply gives up. It also gives up
2157         if the OSR failure is caused by either known deficiencies in the DFG
2158         (like that we always assume that the index in a strict charCodeAt access
2159         is within bounds) or where the OSR failure would be catalogues and
2160         profiled through other means (like slow case counters).
2161         
2162         This patch also adds the notion of a JSValueRegs, which is either a
2163         single register in JSVALUE64 or a pair in JSVALUE32_64. We should
2164         probably move the 32_64 DFG towards using this, since it often makes it
2165         easier to share code between 64 and 32_64.
2166         
2167         Also fixed a number of pathologies that this uncovered. op_method_check 
2168         didn't have a value profiling site on the slow path. GetById should not
2169         always force OSR exit if it never executed in the old JIT; we may be
2170         able to infer its type if it's a array or string length get. Finally,
2171         these changes benefit from a slight tweak to optimization delay
2172         heuristics (profile fullness is now 0.35 instead of 0.25).
2173         
2174         3.8% speed-up on Kraken, mostly due to ~35% on both stanford-crypto-aes
2175         and imaging-darkroom.
2176
2177         * bytecode/ValueProfile.cpp:
2178         (JSC::ValueProfile::computeStatistics):
2179         (JSC::ValueProfile::computeUpdatedPrediction):
2180         * bytecode/ValueProfile.h:
2181         (JSC::ValueProfile::ValueProfile):
2182         (JSC::ValueProfile::specFailBucket):
2183         (JSC::ValueProfile::numberOfSamples):
2184         (JSC::ValueProfile::isLive):
2185         (JSC::ValueProfile::numberOfInt32s):
2186         (JSC::ValueProfile::numberOfDoubles):
2187         (JSC::ValueProfile::numberOfCells):
2188         (JSC::ValueProfile::numberOfObjects):
2189         (JSC::ValueProfile::numberOfFinalObjects):
2190         (JSC::ValueProfile::numberOfStrings):
2191         (JSC::ValueProfile::numberOfArrays):
2192         (JSC::ValueProfile::numberOfBooleans):
2193         (JSC::ValueProfile::dump):
2194         * dfg/DFGAbstractState.cpp:
2195         (JSC::DFG::AbstractState::execute):
2196         * dfg/DFGByteCodeParser.cpp:
2197         (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
2198         (JSC::DFG::ByteCodeParser::getPrediction):
2199         (JSC::DFG::ByteCodeParser::parseBlock):
2200         * dfg/DFGGPRInfo.h:
2201         (JSC::DFG::JSValueRegs::JSValueRegs):
2202         (JSC::DFG::JSValueRegs::operator!):
2203         (JSC::DFG::JSValueRegs::gpr):
2204         (JSC::DFG::JSValueSource::JSValueSource):
2205         (JSC::DFG::JSValueSource::unboxedCell):
2206         (JSC::DFG::JSValueSource::operator!):
2207         (JSC::DFG::JSValueSource::isAddress):
2208         (JSC::DFG::JSValueSource::offset):
2209         (JSC::DFG::JSValueSource::base):
2210         (JSC::DFG::JSValueSource::gpr):
2211         (JSC::DFG::JSValueSource::asAddress):
2212         (JSC::DFG::JSValueSource::notAddress):
2213         (JSC::DFG::JSValueRegs::tagGPR):
2214         (JSC::DFG::JSValueRegs::payloadGPR):
2215         (JSC::DFG::JSValueSource::tagGPR):
2216         (JSC::DFG::JSValueSource::payloadGPR):
2217         (JSC::DFG::JSValueSource::hasKnownTag):
2218         (JSC::DFG::JSValueSource::tag):
2219         * dfg/DFGGenerationInfo.h:
2220         (JSC::DFG::GenerationInfo::jsValueRegs):
2221         * dfg/DFGGraph.h:
2222         (JSC::DFG::Graph::valueProfileFor):
2223         * dfg/DFGJITCodeGenerator.h:
2224         (JSC::JSValueOperand::jsValueRegs):
2225         * dfg/DFGJITCompiler.cpp:
2226         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
2227         * dfg/DFGJITCompiler.h:
2228         (JSC::DFG::JITCompiler::valueProfileFor):
2229         * dfg/DFGJITCompiler32_64.cpp:
2230         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
2231         * dfg/DFGPropagator.cpp:
2232         (JSC::DFG::Propagator::propagateNodePredictions):
2233         * dfg/DFGSpeculativeJIT.cpp:
2234         (JSC::DFG::OSRExit::OSRExit):
2235         (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectEquality):
2236         (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
2237         (JSC::DFG::SpeculativeJIT::compileGetCharCodeAt):
2238         (JSC::DFG::SpeculativeJIT::compileGetByValOnString):
2239         (JSC::DFG::SpeculativeJIT::compilePutByValForByteArray):
2240         (JSC::DFG::SpeculativeJIT::compileGetByValOnByteArray):
2241         * dfg/DFGSpeculativeJIT.h:
2242         (JSC::DFG::SpeculativeJIT::speculationCheck):
2243         (JSC::DFG::SpeculativeJIT::terminateSpeculativeExecution):
2244         * dfg/DFGSpeculativeJIT32_64.cpp:
2245         (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
2246         (JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
2247         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
2248         (JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
2249         (JSC::DFG::SpeculativeJIT::compileObjectEquality):
2250         (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
2251         (JSC::DFG::SpeculativeJIT::compileLogicalNot):
2252         (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
2253         (JSC::DFG::SpeculativeJIT::compile):
2254         * dfg/DFGSpeculativeJIT64.cpp:
2255         (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
2256         (JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
2257         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
2258         (JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
2259         (JSC::DFG::SpeculativeJIT::compileObjectEquality):
2260         (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
2261         (JSC::DFG::SpeculativeJIT::compileLogicalNot):
2262         (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
2263         (JSC::DFG::SpeculativeJIT::emitBranch):
2264         (JSC::DFG::SpeculativeJIT::compile):
2265         * jit/JITPropertyAccess.cpp:
2266         (JSC::JIT::emitSlow_op_method_check):
2267         * jit/JITPropertyAccess32_64.cpp:
2268         (JSC::JIT::emitSlow_op_method_check):
2269         * runtime/Heuristics.cpp:
2270         (JSC::Heuristics::initializeHeuristics):
2271         * runtime/JSValue.h:
2272
2273 2011-10-31  Sam Weinig  <sam@webkit.org>
2274
2275         Remove need for virtual JSObject::unwrappedObject
2276         https://bugs.webkit.org/show_bug.cgi?id=71034
2277
2278         Reviewed by Geoffrey Garen.
2279
2280         * JavaScriptCore.exp:
2281         Update exports.
2282
2283         * CMakeLists.txt:
2284         * GNUmakefile.list.am:
2285         * JavaScriptCore.exp:
2286         * JavaScriptCore.gypi:
2287         * JavaScriptCore.pro:
2288         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2289         * JavaScriptCore.xcodeproj/project.pbxproj:
2290         Add JSGlobalThis.cpp.
2291
2292         * runtime/JSGlobalThis.cpp: Added.
2293         (JSC::JSGlobalThis::visitChildren):
2294         (JSC::JSGlobalThis::unwrappedObject):
2295         * runtime/JSGlobalThis.h:
2296         (JSC::JSGlobalThis::createStructure):
2297         Move underlying object from JSDOMWindowShell down to JSGlobalThis
2298         and corresponding visitChildren method.
2299
2300         * runtime/JSObject.cpp:
2301         (JSC::JSObject::unwrappedObject):
2302         Change unwrappedObject from virtual, to just needing an if check.
2303
2304         * runtime/JSObject.h:
2305         (JSC::JSObject::isGlobalThis):
2306         * runtime/JSType.h:
2307         Add isGlobalThis predicate and type.
2308
2309 2011-10-31  Xianzhu Wang  <wangxianzhu@chromium.org>
2310
2311         WTF::StringImpl::create(const char*, unsigned) calls itself
2312         https://bugs.webkit.org/show_bug.cgi?id=71206
2313
2314         The original implementation just calls itself, causing infinite recursion.
2315         Cast the first parameter to const LChar* to fix that.
2316
2317         Reviewed by Ryosuke Niwa.
2318
2319         * wtf/text/StringImpl.h:
2320         (WTF::StringImpl::create):
2321
2322 2011-10-31  Andy Wingo  <wingo@igalia.com>
2323
2324         Fix DFG JIT compilation on Linux targets.
2325         https://bugs.webkit.org/show_bug.cgi?id=70904
2326
2327         Reviewed by Darin Adler.
2328
2329         * jit/JITStubs.cpp (SYMBOL_STRING_RELOCATION): Simplify this
2330         macro.
2331
2332         * dfg/DFGOperations.cpp (SYMBOL_STRING_RELOCATION): Copy the
2333         simplified definition from jit/JITStubs.cpp.
2334         (FUNCTION_WRAPPER_WITH_RETURN_ADDRESS, getHostCallReturnValue):
2335         Use the macro to access trampoline targets through the PLT on PIC
2336         systems, instead of introducing a text relocation.  Otherwise, the
2337         library fails to link.
2338
2339 2011-10-31  Mark Hahnenberg  <mhahnenberg@apple.com>
2340
2341         De-virtualize JSObject::defineGetter
2342         https://bugs.webkit.org/show_bug.cgi?id=71134
2343
2344         Reviewed by Darin Adler.
2345
2346         Added defineGetter to the MethodTable.  Replaced all virtual versions of defineGetter
2347         with static versions.  Replaced all call sites with lookups in the MethodTable.
2348
2349         * JavaScriptCore.exp:
2350         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2351         * debugger/DebuggerActivation.cpp:
2352         (JSC::DebuggerActivation::defineGetter):
2353         * debugger/DebuggerActivation.h:
2354         * interpreter/Interpreter.cpp:
2355         (JSC::Interpreter::privateExecute):
2356         * jit/JITStubs.cpp:
2357         (JSC::DEFINE_STUB_FUNCTION):
2358         * runtime/ClassInfo.h:
2359         * runtime/JSCell.cpp:
2360         (JSC::JSCell::defineGetter):
2361         * runtime/JSCell.h:
2362         * runtime/JSGlobalObject.cpp:
2363         (JSC::JSGlobalObject::defineGetter):
2364         * runtime/JSGlobalObject.h:
2365         * runtime/JSObject.cpp:
2366         (JSC::JSObject::defineGetter):
2367         (JSC::putDescriptor):
2368         * runtime/JSObject.h:
2369         * runtime/ObjectPrototype.cpp:
2370         (JSC::objectProtoFuncDefineGetter):
2371
2372 2011-10-31  Michael Saboff  <msaboff@apple.com>
2373
2374         Towards 8-bit Strings: Move Lexer and Parser Objects out of JSGlobalData
2375         https://bugs.webkit.org/show_bug.cgi?id=71138
2376
2377         Restructure and movement of Lexer and Parser code.
2378         Moved Lexer and Parser objects out of JSGlobalData.
2379         Added a new ParserTokens class and instance to JSGlobalData that
2380         have JavaScript token related definitions.
2381         Replaced JSGlobalData arguments to Node classes with lineNumber,
2382         as that was the only use of the JSGlobalData.
2383         Combined JSParser and Parser classes into one class,
2384         eliminating JSParser.h and .cpp.
2385         Various supporting #include changes.
2386
2387         These mostly mechanical changes are done in preparation to
2388         making the Lexer and Parser template classes.
2389
2390         Reviewed by Darin Adler.
2391
2392         * CMakeLists.txt:
2393         * GNUmakefile.list.am:
2394         * JavaScriptCore.gypi:
2395         * JavaScriptCore.pro:
2396         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2397         * JavaScriptCore.xcodeproj/project.pbxproj:
2398         * bytecompiler/NodesCodegen.cpp:
2399         (JSC::ArrayNode::toArgumentList):
2400         (JSC::ApplyFunctionCallDotNode::emitBytecode):
2401         * parser/ASTBuilder.h:
2402         (JSC::ASTBuilder::ASTBuilder):
2403         (JSC::ASTBuilder::createSourceElements):
2404         (JSC::ASTBuilder::createCommaExpr):
2405         (JSC::ASTBuilder::createLogicalNot):
2406         (JSC::ASTBuilder::createUnaryPlus):
2407         (JSC::ASTBuilder::createVoid):
2408         (JSC::ASTBuilder::thisExpr):
2409         (JSC::ASTBuilder::createResolve):
2410         (JSC::ASTBuilder::createObjectLiteral):
2411         (JSC::ASTBuilder::createArray):
2412         (JSC::ASTBuilder::createNumberExpr):
2413         (JSC::ASTBuilder::createString):
2414         (JSC::ASTBuilder::createBoolean):
2415         (JSC::ASTBuilder::createNull):
2416         (JSC::ASTBuilder::createBracketAccess):
2417         (JSC::ASTBuilder::createDotAccess):
2418         (JSC::ASTBuilder::createRegExp):
2419         (JSC::ASTBuilder::createNewExpr):
2420         (JSC::ASTBuilder::createConditionalExpr):
2421         (JSC::ASTBuilder::createAssignResolve):
2422         (JSC::ASTBuilder::createFunctionExpr):
2423         (JSC::ASTBuilder::createFunctionBody):
2424         (JSC::ASTBuilder::createGetterOrSetterProperty):
2425         (JSC::ASTBuilder::createArguments):
2426         (JSC::ASTBuilder::createArgumentsList):
2427         (JSC::ASTBuilder::createPropertyList):
2428         (JSC::ASTBuilder::createElementList):
2429         (JSC::ASTBuilder::createFormalParameterList):
2430         (JSC::ASTBuilder::createClause):
2431         (JSC::ASTBuilder::createClauseList):
2432         (JSC::ASTBuilder::createFuncDeclStatement):
2433         (JSC::ASTBuilder::createBlockStatement):
2434         (JSC::ASTBuilder::createExprStatement):
2435         (JSC::ASTBuilder::createIfStatement):
2436         (JSC::ASTBuilder::createForLoop):
2437         (JSC::ASTBuilder::createForInLoop):
2438         (JSC::ASTBuilder::createEmptyStatement):
2439         (JSC::ASTBuilder::createVarStatement):
2440         (JSC::ASTBuilder::createReturnStatement):
2441         (JSC::ASTBuilder::createBreakStatement):
2442         (JSC::ASTBuilder::createContinueStatement):
2443         (JSC::ASTBuilder::createTryStatement):
2444         (JSC::ASTBuilder::createSwitchStatement):
2445         (JSC::ASTBuilder::createWhileStatement):
2446         (JSC::ASTBuilder::createDoWhileStatement):
2447         (JSC::ASTBuilder::createLabelStatement):
2448         (JSC::ASTBuilder::createWithStatement):
2449         (JSC::ASTBuilder::createThrowStatement):
2450         (JSC::ASTBuilder::createDebugger):
2451         (JSC::ASTBuilder::createConstStatement):
2452         (JSC::ASTBuilder::appendConstDecl):
2453         (JSC::ASTBuilder::combineCommaNodes):
2454         (JSC::ASTBuilder::appendBinaryOperation):
2455         (JSC::ASTBuilder::createAssignment):
2456         (JSC::ASTBuilder::createNumber):
2457         (JSC::ASTBuilder::makeTypeOfNode):
2458         (JSC::ASTBuilder::makeDeleteNode):
2459         (JSC::ASTBuilder::makeNegateNode):
2460         (JSC::ASTBuilder::makeBitwiseNotNode):
2461         (JSC::ASTBuilder::makeMultNode):
2462         (JSC::ASTBuilder::makeDivNode):
2463         (JSC::ASTBuilder::makeModNode):
2464         (JSC::ASTBuilder::makeAddNode):
2465         (JSC::ASTBuilder::makeSubNode):
2466         (JSC::ASTBuilder::makeLeftShiftNode):
2467         (JSC::ASTBuilder::makeRightShiftNode):
2468         (JSC::ASTBuilder::makeURightShiftNode):
2469         (JSC::ASTBuilder::makeBitOrNode):
2470         (JSC::ASTBuilder::makeBitAndNode):
2471         (JSC::ASTBuilder::makeBitXOrNode):
2472         (JSC::ASTBuilder::makeFunctionCallNode):
2473         (JSC::ASTBuilder::makeBinaryNode):
2474         (JSC::ASTBuilder::makeAssignNode):
2475         (JSC::ASTBuilder::makePrefixNode):
2476         (JSC::ASTBuilder::makePostfixNode):
2477         * parser/JSParser.cpp: Removed.
2478         * parser/JSParser.h: Removed.
2479         * parser/Lexer.cpp:
2480         (JSC::Keywords::Keywords):
2481         (JSC::Lexer::Lexer):
2482         (JSC::Lexer::~Lexer):
2483         (JSC::Lexer::setCode):
2484         (JSC::Lexer::parseIdentifier):
2485         * parser/Lexer.h:
2486         (JSC::Keywords::isKeyword):
2487         (JSC::Keywords::getKeyword):
2488         (JSC::Keywords::~Keywords):
2489         (JSC::Lexer::setIsReparsing):
2490         (JSC::Lexer::isReparsing):
2491         (JSC::Lexer::lineNumber):
2492         (JSC::Lexer::setLastLineNumber):
2493         (JSC::Lexer::lastLineNumber):
2494         (JSC::Lexer::prevTerminator):
2495         (JSC::Lexer::sawError):
2496         (JSC::Lexer::getErrorMessage):
2497         (JSC::Lexer::currentOffset):
2498         (JSC::Lexer::setOffset):
2499         (JSC::Lexer::setLineNumber):
2500         (JSC::Lexer::sourceProvider):
2501         (JSC::Lexer::isWhiteSpace):
2502         (JSC::Lexer::isLineTerminator):
2503         (JSC::Lexer::convertHex):
2504         (JSC::Lexer::convertUnicode):
2505         (JSC::Lexer::makeIdentifier):
2506         (JSC::Lexer::lexExpectIdentifier):
2507         * parser/NodeConstructors.h:
2508         (JSC::ParserArenaFreeable::operator new):
2509         (JSC::ParserArenaDeletable::operator new):
2510         (JSC::ParserArenaRefCounted::ParserArenaRefCounted):
2511         (JSC::Node::Node):
2512         (JSC::ExpressionNode::ExpressionNode):
2513         (JSC::StatementNode::StatementNode):
2514         (JSC::NullNode::NullNode):
2515         (JSC::BooleanNode::BooleanNode):
2516         (JSC::NumberNode::NumberNode):
2517         (JSC::StringNode::StringNode):
2518         (JSC::RegExpNode::RegExpNode):
2519         (JSC::ThisNode::ThisNode):
2520         (JSC::ResolveNode::ResolveNode):
2521         (JSC::ElementNode::ElementNode):
2522         (JSC::ArrayNode::ArrayNode):
2523         (JSC::PropertyNode::PropertyNode):
2524         (JSC::PropertyListNode::PropertyListNode):
2525         (JSC::ObjectLiteralNode::ObjectLiteralNode):
2526         (JSC::BracketAccessorNode::BracketAccessorNode):
2527         (JSC::DotAccessorNode::DotAccessorNode):
2528         (JSC::ArgumentListNode::ArgumentListNode):
2529         (JSC::ArgumentsNode::ArgumentsNode):
2530         (JSC::NewExprNode::NewExprNode):
2531         (JSC::EvalFunctionCallNode::EvalFunctionCallNode):
2532         (JSC::FunctionCallValueNode::FunctionCallValueNode):
2533         (JSC::FunctionCallResolveNode::FunctionCallResolveNode):
2534         (JSC::FunctionCallBracketNode::FunctionCallBracketNode):
2535         (JSC::FunctionCallDotNode::FunctionCallDotNode):
2536         (JSC::CallFunctionCallDotNode::CallFunctionCallDotNode):
2537         (JSC::ApplyFunctionCallDotNode::ApplyFunctionCallDotNode):
2538         (JSC::PrePostResolveNode::PrePostResolveNode):
2539         (JSC::PostfixResolveNode::PostfixResolveNode):
2540         (JSC::PostfixBracketNode::PostfixBracketNode):
2541         (JSC::PostfixDotNode::PostfixDotNode):
2542         (JSC::PostfixErrorNode::PostfixErrorNode):
2543         (JSC::DeleteResolveNode::DeleteResolveNode):
2544         (JSC::DeleteBracketNode::DeleteBracketNode):
2545         (JSC::DeleteDotNode::DeleteDotNode):
2546         (JSC::DeleteValueNode::DeleteValueNode):
2547         (JSC::VoidNode::VoidNode):
2548         (JSC::TypeOfResolveNode::TypeOfResolveNode):
2549         (JSC::TypeOfValueNode::TypeOfValueNode):
2550         (JSC::PrefixResolveNode::PrefixResolveNode):
2551         (JSC::PrefixBracketNode::PrefixBracketNode):
2552         (JSC::PrefixDotNode::PrefixDotNode):
2553         (JSC::PrefixErrorNode::PrefixErrorNode):
2554         (JSC::UnaryOpNode::UnaryOpNode):
2555         (JSC::UnaryPlusNode::UnaryPlusNode):
2556         (JSC::NegateNode::NegateNode):
2557         (JSC::BitwiseNotNode::BitwiseNotNode):
2558         (JSC::LogicalNotNode::LogicalNotNode):
2559         (JSC::BinaryOpNode::BinaryOpNode):
2560         (JSC::MultNode::MultNode):
2561         (JSC::DivNode::DivNode):
2562         (JSC::ModNode::ModNode):
2563         (JSC::AddNode::AddNode):
2564         (JSC::SubNode::SubNode):
2565         (JSC::LeftShiftNode::LeftShiftNode):
2566         (JSC::RightShiftNode::RightShiftNode):
2567         (JSC::UnsignedRightShiftNode::UnsignedRightShiftNode):
2568         (JSC::LessNode::LessNode):
2569         (JSC::GreaterNode::GreaterNode):
2570         (JSC::LessEqNode::LessEqNode):
2571         (JSC::GreaterEqNode::GreaterEqNode):
2572         (JSC::ThrowableBinaryOpNode::ThrowableBinaryOpNode):
2573         (JSC::InstanceOfNode::InstanceOfNode):
2574         (JSC::InNode::InNode):
2575         (JSC::EqualNode::EqualNode):
2576         (JSC::NotEqualNode::NotEqualNode):
2577         (JSC::StrictEqualNode::StrictEqualNode):
2578         (JSC::NotStrictEqualNode::NotStrictEqualNode):
2579         (JSC::BitAndNode::BitAndNode):
2580         (JSC::BitOrNode::BitOrNode):
2581         (JSC::BitXOrNode::BitXOrNode):
2582         (JSC::LogicalOpNode::LogicalOpNode):
2583         (JSC::ConditionalNode::ConditionalNode):
2584         (JSC::ReadModifyResolveNode::ReadModifyResolveNode):
2585         (JSC::AssignResolveNode::AssignResolveNode):
2586         (JSC::ReadModifyBracketNode::ReadModifyBracketNode):
2587         (JSC::AssignBracketNode::AssignBracketNode):
2588         (JSC::AssignDotNode::AssignDotNode):
2589         (JSC::ReadModifyDotNode::ReadModifyDotNode):
2590         (JSC::AssignErrorNode::AssignErrorNode):
2591         (JSC::CommaNode::CommaNode):
2592         (JSC::ConstStatementNode::ConstStatementNode):
2593         (JSC::SourceElements::SourceElements):
2594         (JSC::EmptyStatementNode::EmptyStatementNode):
2595         (JSC::DebuggerStatementNode::DebuggerStatementNode):
2596         (JSC::ExprStatementNode::ExprStatementNode):
2597         (JSC::VarStatementNode::VarStatementNode):
2598         (JSC::IfNode::IfNode):
2599         (JSC::IfElseNode::IfElseNode):
2600         (JSC::DoWhileNode::DoWhileNode):
2601         (JSC::WhileNode::WhileNode):
2602         (JSC::ForNode::ForNode):
2603         (JSC::ContinueNode::ContinueNode):
2604         (JSC::BreakNode::BreakNode):
2605         (JSC::ReturnNode::ReturnNode):
2606         (JSC::WithNode::WithNode):
2607         (JSC::LabelNode::LabelNode):
2608         (JSC::ThrowNode::ThrowNode):
2609         (JSC::TryNode::TryNode):
2610         (JSC::ParameterNode::ParameterNode):
2611         (JSC::FuncExprNode::FuncExprNode):
2612         (JSC::FuncDeclNode::FuncDeclNode):
2613         (JSC::CaseClauseNode::CaseClauseNode):
2614         (JSC::ClauseListNode::ClauseListNode):
2615         (JSC::CaseBlockNode::CaseBlockNode):
2616         (JSC::SwitchNode::SwitchNode):
2617         (JSC::ConstDeclNode::ConstDeclNode):
2618         (JSC::BlockNode::BlockNode):
2619         (JSC::ForInNode::ForInNode):
2620         * parser/NodeInfo.h:
2621         * parser/Nodes.cpp:
2622         (JSC::StatementNode::setLoc):
2623         (JSC::ScopeNode::ScopeNode):
2624         (JSC::ProgramNode::ProgramNode):
2625         (JSC::ProgramNode::create):
2626         (JSC::EvalNode::EvalNode):
2627         (JSC::EvalNode::create):
2628         (JSC::FunctionBodyNode::FunctionBodyNode):
2629         (JSC::FunctionBodyNode::create):
2630         * parser/Nodes.h:
2631         (JSC::Node::lineNo):
2632         * parser/Parser.cpp:
2633         (JSC::Parser::Parser):
2634         (JSC::Parser::~Parser):
2635         (JSC::Parser::parseInner):
2636         (JSC::Parser::allowAutomaticSemicolon):
2637         (JSC::Parser::parseSourceElements):
2638         (JSC::Parser::parseVarDeclaration):
2639         (JSC::Parser::parseConstDeclaration):
2640         (JSC::Parser::parseDoWhileStatement):
2641         (JSC::Parser::parseWhileStatement):
2642         (JSC::Parser::parseVarDeclarationList):
2643         (JSC::Parser::parseConstDeclarationList):
2644         (JSC::Parser::parseForStatement):
2645         (JSC::Parser::parseBreakStatement):
2646         (JSC::Parser::parseContinueStatement):
2647         (JSC::Parser::parseReturnStatement):
2648         (JSC::Parser::parseThrowStatement):
2649         (JSC::Parser::parseWithStatement):
2650         (JSC::Parser::parseSwitchStatement):
2651         (JSC::Parser::parseSwitchClauses):
2652         (JSC::Parser::parseSwitchDefaultClause):
2653         (JSC::Parser::parseTryStatement):
2654         (JSC::Parser::parseDebuggerStatement):
2655         (JSC::Parser::parseBlockStatement):
2656         (JSC::Parser::parseStatement):
2657         (JSC::Parser::parseFormalParameters):
2658         (JSC::Parser::parseFunctionBody):
2659         (JSC::Parser::parseFunctionInfo):
2660         (JSC::Parser::parseFunctionDeclaration):
2661         (JSC::LabelInfo::LabelInfo):
2662         (JSC::Parser::parseExpressionOrLabelStatement):
2663         (JSC::Parser::parseExpressionStatement):
2664         (JSC::Parser::parseIfStatement):
2665         (JSC::Parser::parseExpression):
2666         (JSC::Parser::parseAssignmentExpression):
2667         (JSC::Parser::parseConditionalExpression):
2668         (JSC::isUnaryOp):
2669         (JSC::Parser::isBinaryOperator):
2670         (JSC::Parser::parseBinaryExpression):
2671         (JSC::Parser::parseProperty):
2672         (JSC::Parser::parseObjectLiteral):
2673         (JSC::Parser::parseStrictObjectLiteral):
2674         (JSC::Parser::parseArrayLiteral):
2675         (JSC::Parser::parsePrimaryExpression):
2676         (JSC::Parser::parseArguments):
2677         (JSC::Parser::parseMemberExpression):
2678         (JSC::Parser::parseUnaryExpression):
2679         * parser/Parser.h:
2680         (JSC::isEvalNode):
2681         (JSC::EvalNode):
2682         (JSC::DepthManager::DepthManager):
2683         (JSC::DepthManager::~DepthManager):
2684         (JSC::ScopeLabelInfo::ScopeLabelInfo):
2685         (JSC::Scope::Scope):
2686         (JSC::Scope::startSwitch):
2687         (JSC::Scope::endSwitch):
2688         (JSC::Scope::startLoop):
2689         (JSC::Scope::endLoop):
2690         (JSC::Scope::inLoop):
2691         (JSC::Scope::breakIsValid):
2692         (JSC::Scope::continueIsValid):
2693         (JSC::Scope::pushLabel):
2694         (JSC::Scope::popLabel):
2695         (JSC::Scope::getLabel):
2696         (JSC::Scope::setIsFunction):
2697         (JSC::Scope::isFunction):
2698         (JSC::Scope::isFunctionBoundary):
2699         (JSC::Scope::declareVariable):
2700         (JSC::Scope::declareWrite):
2701         (JSC::Scope::preventNewDecls):
2702         (JSC::Scope::allowsNewDecls):
2703         (JSC::Scope::declareParameter):
2704         (JSC::Scope::useVariable):
2705         (JSC::Scope::setNeedsFullActivation):
2706         (JSC::Scope::collectFreeVariables):
2707         (JSC::Scope::getUncapturedWrittenVariables):
2708         (JSC::Scope::getCapturedVariables):
2709         (JSC::Scope::setStrictMode):
2710         (JSC::Scope::strictMode):
2711         (JSC::Scope::isValidStrictMode):
2712         (JSC::Scope::shadowsArguments):
2713         (JSC::Scope::copyCapturedVariablesToVector):
2714         (JSC::Scope::saveFunctionInfo):
2715         (JSC::Scope::restoreFunctionInfo):
2716         (JSC::ScopeRef::ScopeRef):
2717         (JSC::ScopeRef::operator->):
2718         (JSC::ScopeRef::index):
2719         (JSC::ScopeRef::hasContainingScope):
2720         (JSC::ScopeRef::containingScope):
2721         (JSC::Parser::AllowInOverride::AllowInOverride):
2722         (JSC::Parser::AllowInOverride::~AllowInOverride):
2723         (JSC::Parser::AutoPopScopeRef::AutoPopScopeRef):
2724         (JSC::Parser::AutoPopScopeRef::~AutoPopScopeRef):
2725         (JSC::Parser::AutoPopScopeRef::setPopped):
2726         (JSC::Parser::currentScope):
2727         (JSC::Parser::pushScope):
2728         (JSC::Parser::popScopeInternal):
2729         (JSC::Parser::popScope):
2730         (JSC::Parser::declareVariable):
2731         (JSC::Parser::declareWrite):
2732         (JSC::Parser::findCachedFunctionInfo):
2733         (JSC::Parser::isFunctionBodyNode):
2734         (JSC::Parser::next):
2735         (JSC::Parser::nextExpectIdentifier):
2736         (JSC::Parser::nextTokenIsColon):
2737         (JSC::Parser::consume):
2738         (JSC::Parser::getToken):
2739         (JSC::Parser::match):
2740         (JSC::Parser::tokenStart):
2741         (JSC::Parser::tokenLine):
2742         (JSC::Parser::tokenEnd):
2743         (JSC::Parser::getTokenName):
2744         (JSC::Parser::updateErrorMessageSpecialCase):
2745         (JSC::Parser::updateErrorMessage):
2746         (JSC::Parser::updateErrorWithNameAndMessage):
2747         (JSC::Parser::startLoop):
2748         (JSC::Parser::endLoop):
2749         (JSC::Parser::startSwitch):
2750         (JSC::Parser::endSwitch):
2751         (JSC::Parser::setStrictMode):
2752         (JSC::Parser::strictMode):
2753         (JSC::Parser::isValidStrictMode):
2754         (JSC::Parser::declareParameter):
2755         (JSC::Parser::breakIsValid):
2756         (JSC::Parser::continueIsValid):
2757         (JSC::Parser::pushLabel):
2758         (JSC::Parser::popLabel):
2759         (JSC::Parser::getLabel):
2760         (JSC::Parser::autoSemiColon):
2761         (JSC::Parser::canRecurse):
2762         (JSC::Parser::lastTokenEnd):
2763         (JSC::Parser::DepthManager::DepthManager):
2764         (JSC::Parser::DepthManager::~DepthManager):
2765         (JSC::Parser::parse):
2766         (JSC::parse):
2767         * parser/ParserTokens.h: Added.
2768         (JSC::JSTokenInfo::JSTokenInfo):
2769         * parser/SourceCode.h:
2770         (JSC::SourceCode::subExpression):
2771         * parser/SourceProviderCacheItem.h:
2772         * parser/SyntaxChecker.h:
2773         (JSC::SyntaxChecker::SyntaxChecker):
2774         (JSC::SyntaxChecker::makeFunctionCallNode):
2775         (JSC::SyntaxChecker::createCommaExpr):
2776         (JSC::SyntaxChecker::makeAssignNode):
2777         (JSC::SyntaxChecker::makePrefixNode):
2778         (JSC::SyntaxChecker::makePostfixNode):
2779         (JSC::SyntaxChecker::makeTypeOfNode):
2780         (JSC::SyntaxChecker::makeDeleteNode):
2781         (JSC::SyntaxChecker::makeNegateNode):
2782         (JSC::SyntaxChecker::makeBitwiseNotNode):
2783         (JSC::SyntaxChecker::createLogicalNot):
2784         (JSC::SyntaxChecker::createUnaryPlus):
2785         (JSC::SyntaxChecker::createVoid):
2786         (JSC::SyntaxChecker::thisExpr):
2787         (JSC::SyntaxChecker::createResolve):
2788         (JSC::SyntaxChecker::createObjectLiteral):
2789         (JSC::SyntaxChecker::createArray):
2790         (JSC::SyntaxChecker::createNumberExpr):
2791         (JSC::SyntaxChecker::createString):
2792         (JSC::SyntaxChecker::createBoolean):
2793         (JSC::SyntaxChecker::createNull):
2794         (JSC::SyntaxChecker::createBracketAccess):
2795         (JSC::SyntaxChecker::createDotAccess):
2796         (JSC::SyntaxChecker::createRegExp):
2797         (JSC::SyntaxChecker::createNewExpr):
2798         (JSC::SyntaxChecker::createConditionalExpr):
2799         (JSC::SyntaxChecker::createAssignResolve):
2800         (JSC::SyntaxChecker::createFunctionExpr):
2801         (JSC::SyntaxChecker::createFunctionBody):
2802         (JSC::SyntaxChecker::createArguments):
2803         (JSC::SyntaxChecker::createArgumentsList):
2804         (JSC::SyntaxChecker::createProperty):
2805         (JSC::SyntaxChecker::createPropertyList):
2806         (JSC::SyntaxChecker::createFuncDeclStatement):
2807         (JSC::SyntaxChecker::createBlockStatement):
2808         (JSC::SyntaxChecker::createExprStatement):
2809         (JSC::SyntaxChecker::createIfStatement):
2810         (JSC::SyntaxChecker::createForLoop):
2811         (JSC::SyntaxChecker::createForInLoop):
2812         (JSC::SyntaxChecker::createEmptyStatement):
2813         (JSC::SyntaxChecker::createVarStatement):
2814         (JSC::SyntaxChecker::createReturnStatement):
2815         (JSC::SyntaxChecker::createBreakStatement):
2816         (JSC::SyntaxChecker::createContinueStatement):
2817         (JSC::SyntaxChecker::createTryStatement):
2818         (JSC::SyntaxChecker::createSwitchStatement):
2819         (JSC::SyntaxChecker::createWhileStatement):
2820         (JSC::SyntaxChecker::createWithStatement):
2821         (JSC::SyntaxChecker::createDoWhileStatement):
2822         (JSC::SyntaxChecker::createLabelStatement):
2823         (JSC::SyntaxChecker::createThrowStatement):
2824         (JSC::SyntaxChecker::createDebugger):
2825         (JSC::SyntaxChecker::createConstStatement):
2826         (JSC::SyntaxChecker::appendConstDecl):
2827         (JSC::SyntaxChecker::createGetterOrSetterProperty):
2828         (JSC::SyntaxChecker::combineCommaNodes):
2829         (JSC::SyntaxChecker::operatorStackPop):
2830         * runtime/Executable.cpp:
2831         (JSC::EvalExecutable::compileInternal):
2832         (JSC::ProgramExecutable::checkSyntax):
2833         (JSC::ProgramExecutable::compileInternal):
2834         (JSC::FunctionExecutable::produceCodeBlockFor):
2835         (JSC::FunctionExecutable::fromGlobalCode):
2836         * runtime/JSGlobalData.cpp:
2837         (JSC::JSGlobalData::JSGlobalData):
2838         (JSC::JSGlobalData::~JSGlobalData):
2839         * runtime/JSGlobalData.h:
2840         * runtime/LiteralParser.cpp:
2841         (JSC::LiteralParser::tryJSONPParse):
2842
2843 2011-10-31  Filip Pizlo  <fpizlo@apple.com>
2844
2845         REGRESSION (r97118): Reproducible crash in JSCell::toPrimitive when adding
2846         https://bugs.webkit.org/show_bug.cgi?id=71227
2847
2848         Reviewed by Oliver Hunt.
2849         
2850         No new tests, since while I can see exactly where the DFG went wrong on the
2851         site in question from looking at the generated machine code, and while I can
2852         certainly believe that such a scenario would happen, I cannot visualize how
2853         to make it happen reproducibly. It requires an odd combination of double
2854         values getting spilled and then refilled, but then reboxed at just the right
2855         time so that the spilled value is an unboxed double while the in-register
2856         value is a boxed double.
2857
2858         * dfg/DFGJITCodeGenerator.h:
2859         (JSC::DFG::JITCodeGenerator::silentFillGPR):
2860
2861 2011-10-30  Filip Pizlo  <fpizlo@apple.com>
2862
2863         JSParser::parsePrimaryExpression should have an overflow check
2864         https://bugs.webkit.org/show_bug.cgi?id=71197
2865
2866         Reviewed by Geoff Garen.
2867
2868         * parser/JSParser.cpp:
2869         (JSC::JSParser::parsePrimaryExpression):
2870
2871 2011-10-30  Filip Pizlo  <fpizlo@apple.com>
2872
2873         DFG ValueAdd(string, int) should not fail speculation
2874         https://bugs.webkit.org/show_bug.cgi?id=71195
2875
2876         Reviewed by Geoff Garen.
2877         
2878         1% speed-up on V8.
2879
2880         * dfg/DFGNode.h:
2881         (JSC::DFG::Node::shouldNotSpeculateInteger):
2882         (JSC::DFG::Node::shouldSpeculateInteger):
2883
2884 2011-10-30  Filip Pizlo  <fpizlo@apple.com>
2885
2886         The DFG inliner should not flush the callee
2887         https://bugs.webkit.org/show_bug.cgi?id=71191
2888
2889         Reviewed by Oliver Hunt.
2890         
2891         0.6% speed-up on V8.
2892
2893         * bytecode/CodeBlock.cpp:
2894         (JSC::CodeBlock::visitAggregate):
2895         * bytecode/CodeOrigin.h:
2896         * dfg/DFGByteCodeParser.cpp:
2897         (JSC::DFG::ByteCodeParser::flush):
2898         (JSC::DFG::ByteCodeParser::handleInlining):
2899         (JSC::DFG::ByteCodeParser::parseBlock):
2900         (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
2901         (JSC::DFG::ByteCodeParser::parse):
2902         * dfg/DFGJITCompiler.cpp:
2903         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
2904         * dfg/DFGJITCompiler32_64.cpp:
2905         (JSC::DFG::JITCompiler::exitSpeculativeWithOSR):
2906         * interpreter/CallFrame.cpp:
2907         (JSC::CallFrame::trueCallerFrameSlow):
2908
2909 2011-10-28  Mark Hahnenberg  <mhahnenberg@apple.com>
2910
2911         De-virtualize isGlobalObject, isVariableObject, isActivationObject, and isErrorInstance in JSObject
2912         https://bugs.webkit.org/show_bug.cgi?id=70968
2913
2914         Reviewed by Geoffrey Garen.
2915
2916         * API/JSCallbackObject.cpp: Added two specializations for createStructure that use different JSTypes in their
2917         TypeInfo.  Had to also create a specialization for JSNonFinalObject, even JSGlobalObject was the only that 
2918         needed it because Windows wouldn't build without it.
2919         (JSC::::createStructure):
2920         * API/JSCallbackObject.h:
2921         * JavaScriptCore.exp:
2922         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2923         * runtime/ErrorInstance.h: Removed virtual function and changed JSType provided to TypeInfo in createStructure. 
2924         (JSC::ErrorInstance::createStructure):
2925         * runtime/ErrorPrototype.h: Ditto
2926         (JSC::ErrorPrototype::createStructure):
2927         * runtime/JSActivation.h: Ditto
2928         (JSC::JSActivation::createStructure):
2929         * runtime/JSGlobalObject.h: Ditto
2930         (JSC::JSGlobalObject::createStructure):
2931         * runtime/JSObject.h: De-virtualized functions.  They now check the JSType of the object for the corresponding type.
2932         (JSC::JSObject::isGlobalObject):
2933         (JSC::JSObject::isVariableObject):
2934         (JSC::JSObject::isActivationObject):
2935         (JSC::JSObject::isErrorInstance):
2936         * runtime/JSType.h: Added new types for GlobalObject, VariableObject, ActivationObject, and ErrorInstance.
2937         * runtime/JSVariableObject.cpp: Removed virtual function.
2938         * runtime/JSVariableObject.h: Changed JSType provided to TypeInfo in createStructure.
2939         (JSC::JSVariableObject::createStructure):
2940
2941 2011-10-28  Pavel Feldman  <pfeldman@google.com>
2942
2943         Reset line numbers for scripts generated with document.write.
2944         https://bugs.webkit.org/show_bug.cgi?id=71099
2945
2946         Reviewed by Yury Semikhatsky.
2947
2948         * wtf/text/TextPosition.h:
2949         (WTF::OrdinalNumber::OrdinalNumber):
2950
2951 2011-10-27  Daniel Bates  <dbates@rim.com>
2952
2953         CMake: Add support to optionally install the built JavaScript shell
2954         https://bugs.webkit.org/show_bug.cgi?id=71062
2955
2956         Reviewed by Antonio Gomes.
2957
2958         Generate an installation rule for installing the JavaScript shell in
2959         /bin (with respect to the prefix path) when SHOULD_INSTALL_JS_SHELL
2960         is defined.
2961
2962         * shell/CMakeLists.txt:
2963
2964 2011-10-27  Kentaro Hara  <haraken@chromium.org>
2965
2966         Generate WebKitCSSMatrix constructor for JSC by [Constructor] IDL
2967         https://bugs.webkit.org/show_bug.cgi?id=70215
2968
2969         Reviewed by Adam Barth.
2970
2971         Added a method that judges if a given JSValue is empty.
2972
2973         Tests: transforms/svg-vs-css.xhtml
2974                transforms/cssmatrix-2d-interface.xhtml
2975                transforms/cssmatrix-3d-interface.xhtml
2976
2977         * runtime/JSValue.h:
2978         * runtime/JSValueInlineMethods.h:
2979         (JSC::JSValue::isEmpty):
2980
2981 2011-10-27  Michael Saboff  <msaboff@apple.com>
2982
2983         ENH: Add 8 bit string support to JSC JIT
2984         https://bugs.webkit.org/show_bug.cgi?id=71073
2985
2986         Changed the JIT String character access generation to create code
2987         to check the character size and load8() or load16() as approriate.
2988
2989         Reviewed by Gavin Barraclough.
2990
2991         * assembler/MacroAssemblerX86Common.h:
2992         (JSC::MacroAssemblerX86Common::load8):
2993         * assembler/X86Assembler.h:
2994         (JSC::X86Assembler::movzbl_mr):
2995         * dfg/DFGSpeculativeJIT.cpp:
2996         (JSC::DFG::SpeculativeJIT::compileGetCharCodeAt):
2997         (JSC::DFG::SpeculativeJIT::compileGetByValOnString):
2998         * jit/JITInlineMethods.h:
2999         (JSC::JIT::emitLoadCharacterString):
3000         * jit/JITPropertyAccess.cpp:
3001         (JSC::JIT::stringGetByValStubGenerator):
3002         * jit/JITPropertyAccess32_64.cpp:
3003         (JSC::JIT::stringGetByValStubGenerator):
3004         * jit/JSInterfaceJIT.h:
3005         (JSC::ThunkHelpers::stringImplFlagsOffset):
3006         (JSC::ThunkHelpers::stringImpl8BitFlag):
3007         * jit/ThunkGenerators.cpp:
3008         (JSC::stringCharLoad):
3009
3010 2011-10-27  Filip Pizlo  <fpizlo@apple.com>
3011
3012         If the bytecode generator emits code after the return in the first basic block,
3013         DFG's inliner crashes
3014         https://bugs.webkit.org/show_bug.cgi?id=71071
3015
3016         Reviewed by Gavin Barraclough.
3017         
3018         Removed some cruft dealing with parsing failures due to unsupported functionality
3019         (that's never reached anymore due to it being caught in DFGCapabilities). This
3020         allowed me to repurpose the bool return from parseBlock() to mean: true if we
3021         should continue to parse, or false if we've already parsed all live code.
3022
3023         * dfg/DFGByteCodeParser.cpp:
3024         (JSC::DFG::ByteCodeParser::ByteCodeParser):
3025         (JSC::DFG::ByteCodeParser::parseBlock):
3026         (JSC::DFG::ByteCodeParser::parseCodeBlock):
3027
3028 2011-10-27  Joseph Pecoraro  <pecoraro@apple.com>
3029
3030         Reviewed by David Kilzer.
3031
3032         Make FeatureDefines Identical Across OS X Projects
3033         https://bugs.webkit.org/show_bug.cgi?id=71051
3034
3035         * Configurations/FeatureDefines.xcconfig:
3036
3037 2011-10-27  Filip Pizlo  <fpizlo@apple.com>
3038
3039         Crash in JSC::Structure::materializePropertyMap when viewing Garden-O-Matic
3040         https://bugs.webkit.org/show_bug.cgi?id=71045
3041
3042         Reviewed by Geoff Garen.
3043         
3044         Make sure that if a structure is pinned, it also has a property map.
3045
3046         * runtime/Structure.cpp:
3047         (JSC::Structure::changePrototypeTransition):
3048         (JSC::Structure::despecifyFunctionTransition):
3049         (JSC::Structure::getterSetterTransition):
3050         (JSC::Structure::toDictionaryTransition):
3051         (JSC::Structure::preventExtensionsTransition):
3052         (JSC::Structure::addPropertyWithoutTransition):
3053         (JSC::Structure::removePropertyWithoutTransition):
3054         (JSC::Structure::pin):
3055         (JSC::Structure::copyPropertyTableForPinning):
3056         * runtime/Structure.h:
3057         (JSC::Structure::materializePropertyMapIfNecessaryForPinning):
3058
3059 2011-10-27  Michael Saboff  <msaboff@apple.com>
3060
3061         32bit build failure after r98624
3062         https://bugs.webkit.org/show_bug.cgi?id=71064
3063
3064         Disambiguated operator overload with unsigned index (0u).
3065
3066         Reviewed by Sam Weinig.
3067
3068         * runtime/UString.h:
3069         (JSC::operator==):
3070
3071 2011-10-27  Gustavo Noronha Silva  <gns@gnome.org>
3072
3073         Fix building on GNU/kFreeBSD
3074         https://bugs.webkit.org/show_bug.cgi?id=71005
3075
3076         Reviewed by Darin Adler.
3077
3078         * config.h:
3079         * wtf/Platform.h:
3080
3081 2011-10-27  Michael Saboff  <msaboff@apple.com>
3082
3083         Investigate storing strings in 8-bit buffers when possible
3084         https://bugs.webkit.org/show_bug.cgi?id=66161
3085
3086         Investigate storing strings in 8-bit buffers when possible
3087         https://bugs.webkit.org/show_bug.cgi?id=66161
3088
3089         Added support for 8 bit string data in StringImpl.  Changed
3090         (UChar*) m_data to m_data16.  Added char* m_data8 as a union
3091         with m_data16.  Added UChar* m_copyData16 to the other union
3092         to store a 16 bit copy of an 8 bit string when needed.
3093         Added characters8() and characters16() accessor methods
3094         that assume the caller has checked the underlying string type
3095         via the new is8Bit() method. The characters() method will
3096         return a UChar* of the string, materializing a 16 bit copy if the
3097         string is an 8 bit string.  Added two flags, one for 8 bit buffer
3098         and a second for a 16 bit copy for an 8 bit string.
3099
3100         Fixed method name typo (StringHasher::defaultCoverter()).
3101
3102         Over time the goal is to eliminate calls to characters() and
3103         us the character8() and characters16() accessors.
3104
3105         This patch does not include changes that actually create 8 bit
3106         strings. This is the first of at least 8 patches.  Subsequent
3107         patches will be submitted for JIT changes, making the JSC lexer,
3108         parser and literal parser, JavaScript string changes and
3109         then changes in webcore to take advantage of the 8 bit strings.
3110
3111         This change is performance neutral for SunSpider and V8 when
3112         run from the command line with "jsc".
3113
3114         Reviewed by Geoffrey Garen.
3115
3116         * JavaScriptCore.exp:
3117         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def
3118         * interpreter/Interpreter.cpp:
3119         (JSC::Interpreter::callEval):
3120         * parser/SourceProvider.h:
3121         (JSC::UStringSourceProvider::data):
3122         (JSC::UStringSourceProvider::UStringSourceProvider):
3123         * runtime/Identifier.cpp:
3124         (JSC::IdentifierCStringTranslator::hash):
3125         (JSC::IdentifierCStringTranslator::equal):
3126         (JSC::IdentifierCStringTranslator::translate):
3127         (JSC::Identifier::add):
3128         (JSC::Identifier::toUInt32):
3129         * runtime/Identifier.h:
3130         (JSC::Identifier::equal):
3131         (JSC::operator==):
3132         (JSC::operator!=):
3133         * runtime/JSString.cpp:
3134         (JSC::JSString::resolveRope):
3135         (JSC::JSString::resolveRopeSlowCase):
3136         * runtime/RegExp.cpp:
3137         (JSC::RegExp::match):
3138         * runtime/StringPrototype.cpp:
3139         (JSC::jsSpliceSubstringsWithSeparators):
3140         * runtime/UString.cpp:
3141         (JSC::UString::UString):
3142         (JSC::equalSlowCase):
3143         (JSC::UString::utf8):
3144         * runtime/UString.h:
3145         (JSC::UString::characters):
3146         (JSC::UString::characters8):
3147         (JSC::UString::characters16):
3148         (JSC::UString::is8Bit):
3149         (JSC::UString::operator[]):
3150         (JSC::UString::find):
3151         (JSC::operator==):
3152         * wtf/StringHasher.h:
3153         (WTF::StringHasher::computeHash):
3154         (WTF::StringHasher::defaultConverter):
3155         * wtf/text/AtomicString.cpp:
3156         (WTF::CStringTranslator::hash):
3157         (WTF::CStringTranslator::equal):
3158         (WTF::CStringTranslator::translate):
3159         (WTF::AtomicString::add):
3160         * wtf/text/AtomicString.h:
3161         (WTF::AtomicString::AtomicString):
3162         (WTF::AtomicString::contains):
3163         (WTF::AtomicString::find):
3164         (WTF::AtomicString::add):
3165         (WTF::operator==):
3166         (WTF::operator!=):
3167         (WTF::equalIgnoringCase):
3168         * wtf/text/StringConcatenate.h:
3169         * wtf/text/StringHash.h:
3170         (WTF::StringHash::equal):
3171         (WTF::CaseFoldingHash::hash):
3172         * wtf/text/StringImpl.cpp:
3173         (WTF::StringImpl::~StringImpl):
3174         (WTF::StringImpl::createUninitialized):
3175         (WTF::StringImpl::create):
3176         (WTF::StringImpl::getData16SlowCase):
3177         (WTF::StringImpl::containsOnlyWhitespace):
3178         (WTF::StringImpl::substring):
3179         (WTF::StringImpl::characterStartingAt):
3180         (WTF::StringImpl::lower):
3181         (WTF::StringImpl::upper):
3182         (WTF::StringImpl::fill):
3183         (WTF::StringImpl::foldCase):
3184         (WTF::StringImpl::stripMatchedCharacters):
3185         (WTF::StringImpl::removeCharacters):
3186         (WTF::StringImpl::simplifyMatchedCharactersToSpace):
3187         (WTF::StringImpl::toIntStrict):
3188         (WTF::StringImpl::toUIntStrict):
3189         (WTF::StringImpl::toInt64Strict):
3190         (WTF::StringImpl::toUInt64Strict):
3191         (WTF::StringImpl::toIntPtrStrict):
3192         (WTF::StringImpl::toInt):
3193         (WTF::StringImpl::toUInt):
3194         (WTF::StringImpl::toInt64):
3195         (WTF::StringImpl::toUInt64):
3196         (WTF::StringImpl::toIntPtr):
3197         (WTF::StringImpl::toDouble):
3198         (WTF::StringImpl::toFloat):
3199         (WTF::equal):
3200         (WTF::equalIgnoringCase):
3201         (WTF::StringImpl::find):
3202         (WTF::StringImpl::findIgnoringCase):
3203         (WTF::StringImpl::reverseFind):
3204         (WTF::StringImpl::replace):
3205         (WTF::StringImpl::defaultWritingDirection):
3206         (WTF::StringImpl::adopt):
3207         (WTF::StringImpl::createWithTerminatingNullCharacter):
3208         * wtf/text/StringImpl.h:
3209         (WTF::StringImpl::StringImpl):
3210         (WTF::StringImpl::create):
3211         (WTF::StringImpl::create8):
3212         (WTF::StringImpl::tryCreateUninitialized):
3213         (WTF::StringImpl::flagsOffset):
3214         (WTF::StringImpl::flagIs8Bit):
3215         (WTF::StringImpl::dataOffset):
3216         (WTF::StringImpl::is8Bit):
3217         (WTF::StringImpl::characters8):
3218         (WTF::StringImpl::characters16):
3219         (WTF::StringImpl::characters):
3220         (WTF::StringImpl::has16BitShadow):
3221         (WTF::StringImpl::setHash):
3222         (WTF::StringImpl::hash):
3223         (WTF::StringImpl::copyChars):
3224         (WTF::StringImpl::operator[]):
3225         (WTF::StringImpl::find):
3226         (WTF::StringImpl::findIgnoringCase):
3227         (WTF::equal):
3228         (WTF::equalIgnoringCase):
3229         (WTF::StringImpl::isolatedCopy):
3230         * wtf/text/WTFString.cpp:
3231         (WTF::String::String):
3232         (WTF::String::append):
3233         (WTF::String::format):
3234         (WTF::String::fromUTF8):
3235         (WTF::String::fromUTF8WithLatin1Fallback):
3236         * wtf/text/WTFString.h:
3237         (WTF::String::find):
3238         (WTF::String::findIgnoringCase):
3239         (WTF::String::contains):
3240         (WTF::String::append):
3241         (WTF::String::fromUTF8):
3242         (WTF::String::fromUTF8WithLatin1Fallback):
3243         (WTF::operator==):
3244         (WTF::operator!=):
3245         (WTF::equalIgnoringCase):
3246         * wtf/unicode/Unicode.h:
3247         * yarr/YarrJIT.cpp:
3248         (JSC::Yarr::execute):
3249         * yarr/YarrJIT.h:
3250         (JSC::Yarr::YarrCodeBlock::execute):
3251         * yarr/YarrParser.h:
3252         (JSC::Yarr::Parser::Parser):
3253
3254 2011-10-27  Mark Hahnenberg  <mhahnenberg@apple.com>
3255
3256         Fixing windows build
3257
3258         Unreviewed build fix
3259
3260         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3261
3262 2011-10-27  Mark Hahnenberg  <mhahnenberg@apple.com>
3263
3264         Add ability to check for presence of static members at compile time
3265         https://bugs.webkit.org/show_bug.cgi?id=70986
3266
3267         Reviewed by Geoffrey Garen.
3268
3269         Added new CREATE_MEMBER_CHECKER macro to instantiate the template and the 
3270         HAS_MEMBER_NAMED macro to use that template to check if the specified class 
3271         does indeed have a method with that name.  This mechanism is not currently 
3272         used anywhere, but will be in the future when adding virtual methods from 
3273         JSObject to the MethodTable.
3274
3275         * runtime/ClassInfo.h:
3276
3277 2011-10-27  Mark Hahnenberg  <mhahnenberg@apple.com>
3278
3279         De-virtualize JSCell::toThisObject
3280         https://bugs.webkit.org/show_bug.cgi?id=70958
3281
3282         Reviewed by Geoffrey Garen.
3283
3284         Converted all instances of toThisObject to static functions, 
3285         added toThisObject to the MethodTable, and replaced all call sites
3286         with a corresponding lookup in the MethodTable.
3287
3288         * API/JSContextRef.cpp:
3289         * JavaScriptCore.exp:
3290         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3291         * runtime/ClassInfo.h:
3292         * runtime/JSActivation.cpp:
3293         (JSC::JSActivation::toThisObject):
3294         * runtime/JSActivation.h:
3295         * runtime/JSCell.cpp:
3296         (JSC::JSCell::toThisObject):
3297         * runtime/JSCell.h:
3298         * runtime/JSObject.cpp:
3299         (JSC::JSObject::put):
3300         (JSC::JSObject::toThisObject):
3301         * runtime/JSObject.h:
3302         (JSC::JSValue::toThisObject):
3303         * runtime/JSStaticScopeObject.cpp:
3304         (JSC::JSStaticScopeObject::toThisObject):
3305         * runtime/JSStaticScopeObject.h:
3306         * runtime/JSString.cpp:
3307         (JSC::JSString::toThisObject):
3308         * runtime/JSString.h:
3309         * runtime/StrictEvalActivation.cpp:
3310         (JSC::StrictEvalActivation::toThisObject):
3311         * runtime/StrictEvalActivation.h:
3312
3313 2011-10-27  Yuqiang Xian  <yuqiang.xian@intel.com>
3314
3315         Fix a small bug in callOperation after r98431
3316         https://bugs.webkit.org/show_bug.cgi?id=70984
3317
3318         Reviewed by Geoffrey Garen.
3319
3320         TrustedImmPtr is not expecting "int" type parameters.
3321
3322         * dfg/DFGJITCodeGenerator.h:
3323         (JSC::DFG::callOperation):
3324
3325 2011-10-26  Oliver Hunt  <oliver@apple.com>
3326
3327         Restore structure-clearing behaviour of allocateCell<>
3328         https://bugs.webkit.org/show_bug.cgi?id=70976
3329
3330         Reviewed by Geoffrey Garen.
3331
3332         This restores the logic that allows the markstack to filter
3333         live objects that have not yet been initialised.
3334
3335         * runtime/JSCell.h:
3336         (JSC::JSCell::clearStructure):
3337            Validation-safe method to clear a cell's structure.
3338         (JSC::allocateCell):
3339            Call the above method.
3340         * runtime/Structure.h:
3341         (JSC::MarkStack::internalAppend):
3342            Don't visit cells that haven't been initialised.
3343
3344 2011-10-26  Filip Pizlo  <fpizlo@apple.com>
3345
3346         REGRESSION (r97030): Cannot log in to progressive.com
3347         https://bugs.webkit.org/show_bug.cgi?id=70094
3348
3349         Reviewed by Oliver Hunt.
3350
3351         * dfg/DFGByteCodeParser.cpp:
3352         (JSC::DFG::ByteCodeParser::handleCall):
3353
3354 2011-10-26  Mark Hahnenberg  <mhahnenberg@apple.com>
3355
3356         Remove getOwnPropertySlotVirtual
3357         https://bugs.webkit.org/show_bug.cgi?id=70741
3358
3359         Reviewed by Geoffrey Garen.
3360
3361         Removed all declarations and definitions of getOwnPropertySlotVirtual.
3362         Also replaced all call sites to getOwnPropertyVirtualVirtual with a 
3363         corresponding lookup in the MethodTable.
3364
3365         * API/JSCallbackObject.h:
3366         * API/JSCallbackObjectFunctions.h:
3367         (JSC::::getOwnPropertyDescriptor):
3368         * JavaScriptCore.exp:
3369         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3370         * debugger/DebuggerActivation.cpp:
3371         (JSC::DebuggerActivation::getOwnPropertySlot):
3372         * debugger/DebuggerActivation.h:
3373         * runtime/Arguments.cpp:
3374         * runtime/Arguments.h:
3375         * runtime/ArrayConstructor.cpp:
3376         * runtime/ArrayConstructor.h:
3377         * runtime/ArrayPrototype.cpp:
3378         * runtime/ArrayPrototype.h:
3379         * runtime/BooleanPrototype.cpp:
3380         * runtime/BooleanPrototype.h:
3381         * runtime/DateConstructor.cpp:
3382         * runtime/DateConstructor.h:
3383         * runtime/DatePrototype.cpp:
3384         * runtime/DatePrototype.h:
3385         (JSC::DatePrototype::create):
3386         * runtime/ErrorPrototype.cpp:
3387         * runtime/ErrorPrototype.h:
3388         * runtime/JSActivation.cpp:
3389         * runtime/JSActivation.h:
3390         * runtime/JSArray.cpp:
3391         (JSC::JSArray::getOwnPropertySlotByIndex):
3392         * runtime/JSArray.h:
3393         * runtime/JSByteArray.cpp:
3394         * runtime/JSByteArray.h:
3395         * runtime/JSCell.cpp:
3396         * runtime/JSCell.h:
3397         * runtime/JSFunction.cpp:
3398         (JSC::JSFunction::getOwnPropertyDescriptor):
3399         (JSC::JSFunction::getOwnPropertyNames):
3400         (JSC::JSFunction::put):
3401         * runtime/JSFunction.h:
3402         * runtime/JSGlobalObject.cpp:
3403         * runtime/JSGlobalObject.h:
3404         * runtime/JSNotAnObject.cpp:
3405         * runtime/JSNotAnObject.h:
3406         * runtime/JSONObject.cpp:
3407         (JSC::Stringifier::Holder::appendNextProperty):
3408         (JSC::Walker::walk):
3409         * runtime/JSONObject.h:
3410         * runtime/JSObject.cpp:
3411         (JSC::JSObject::getOwnPropertySlotByIndex):
3412         (JSC::JSObject::hasOwnProperty):
3413         * runtime/JSObject.h:
3414         (JSC::JSCell::fastGetOwnPropertySlot):
3415         (JSC::JSObject::getPropertySlot):
3416         (JSC::JSValue::get):
3417         * runtime/JSStaticScopeObject.cpp:
3418         * runtime/JSStaticScopeObject.h:
3419         * runtime/JSString.cpp:
3420         (JSC::JSString::getOwnPropertySlot):
3421         * runtime/JSString.h:
3422         * runtime/MathObject.cpp:
3423         * runtime/MathObject.h:
3424         (JSC::MathObject::create):
3425         * runtime/NumberConstructor.cpp:
3426         * runtime/NumberConstructor.h:
3427         * runtime/NumberPrototype.cpp:
3428         * runtime/NumberPrototype.h:
3429         * runtime/ObjectConstructor.cpp:
3430         * runtime/ObjectConstructor.h:
3431         * runtime/ObjectPrototype.cpp:
3432         * runtime/ObjectPrototype.h:
3433         * runtime/RegExpConstructor.cpp:
3434         * runtime/RegExpConstructor.h:
3435         * runtime/RegExpMatchesArray.h:
3436         (JSC::RegExpMatchesArray::createStructure):
3437         * runtime/RegExpObject.cpp:
3438         * runtime/RegExpObject.h:
3439         * runtime/RegExpPrototype.cpp:
3440         * runtime/RegExpPrototype.h:
3441         * runtime/StringConstructor.cpp:
3442         * runtime/StringConstructor.h:
3443         * runtime/StringObject.cpp:
3444         * runtime/StringObject.h:
3445         * runtime/StringPrototype.cpp:
3446         * runtime/StringPrototype.h:
3447
3448 2011-10-26  Alejandro G. Castro  <alex@igalia.com>
3449
3450         [GTK] [WK2] Add WebKit2 distcheck support
3451         https://bugs.webkit.org/show_bug.cgi?id=70933
3452
3453         Reviewed by&n