1 2011-05-27 Stephanie Lewis <slewis@apple.com>
3 Rubber Stamped by Adam Roben.
5 Update Order Files. Use -order_file flag since it can order more of the binary.
7 * Configurations/Base.xcconfig:
8 * JavaScriptCore.order:
10 2011-05-26 Geoffrey Garen <ggaren@apple.com>
12 Reviewed by Oliver Hunt.
14 Renamed heapRootMarker to heapRootVisitor to match its class name
15 https://bugs.webkit.org/show_bug.cgi?id=61584
18 (JSC::Heap::markProtectedObjects):
19 (JSC::Heap::markTempSortVectors):
20 (JSC::Heap::markRoots):
22 2011-05-26 Geoffrey Garen <ggaren@apple.com>
24 Reviewed by Oliver Hunt.
26 Removed some interdependency between Heap and SmallStrings by simplifying
27 the SmallStrings lifetime model
28 https://bugs.webkit.org/show_bug.cgi?id=61579
30 SunSpider reports no change.
32 Using Weak<T> could accomplish this too, but we're not sure it will give
33 us the performance we need. This is a first step, and it accomplishes
34 most of the value of using Weak<T>.
38 (JSC::Heap::markRoots):
39 (JSC::Heap::reset): Finalize small strings just like other weak handles.
41 * runtime/SmallStrings.cpp:
43 (JSC::SmallStrings::finalizeSmallStrings):
44 * runtime/SmallStrings.h: Make all small strings trivially weak, instead
45 of having an "all for one, one for all" memory model.
47 2011-05-26 Oliver Hunt <oliver@apple.com>
49 Reviewed by Geoffrey Garen.
51 Make RegExpCache a weak map
52 https://bugs.webkit.org/show_bug.cgi?id=61554
54 Switch to a weak map for the regexp cache, and hide that
55 behaviour behind RegExp::create.
57 When a RegExp is compiled it attempts to add itself to
58 the "strong" cache. This cache is a simple round-robin
59 buffer as was the old strong cache. Happily this can
60 be smaller than the old strong cache as RegExps are only
61 added when they're compiled so it is under less pressure
64 * bytecompiler/NodesCodegen.cpp:
65 (JSC::RegExpNode::emitBytecode):
67 (JSC::RegExp::RegExp):
68 (JSC::RegExp::create):
71 (JSC::RegExp::gcShouldInvalidateCode):
72 (JSC::RegExp::hasCode):
74 * runtime/RegExpCache.cpp:
75 (JSC::RegExpCache::lookupOrCreate):
76 (JSC::RegExpCache::RegExpCache):
77 (JSC::RegExpCache::isReachableFromOpaqueRoots):
78 (JSC::RegExpCache::finalize):
79 * runtime/RegExpCache.h:
80 * runtime/RegExpConstructor.cpp:
81 (JSC::constructRegExp):
82 * runtime/RegExpPrototype.cpp:
83 (JSC::regExpProtoFuncCompile):
84 * runtime/StringPrototype.cpp:
85 (JSC::stringProtoFuncMatch):
86 (JSC::stringProtoFuncSearch):
88 2011-05-26 Geoffrey Garen <ggaren@apple.com>
90 Reviewed by Oliver Hunt.
92 Moved Heap-related functions out of JSCell.h and into respective header files
93 https://bugs.webkit.org/show_bug.cgi?id=61567
96 (JSC::Heap::allocate):
99 (JSC::MarkedBlock::allocate):
100 * heap/MarkedSpace.h:
101 (JSC::MarkedSpace::sizeClassFor):
102 (JSC::MarkedSpace::allocate):
104 (JSC::JSCell::destructor):
106 2011-05-26 Geoffrey Garen <ggaren@apple.com>
108 Try to fix Windows build.
110 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
112 2011-05-26 Ryosuke Niwa <rniwa@webkit.org>
114 Reviewed by Eric Seidel.
116 [debug feature] WTFString should have show() method
117 https://bugs.webkit.org/show_bug.cgi?id=61149
119 Added String::show and AtomicString::show in NDEBUG.
121 * wtf/text/AtomicString.cpp:
122 (WTF::AtomicString::show):
123 * wtf/text/AtomicString.h:
124 * wtf/text/WTFString.cpp:
126 * wtf/text/WTFString.h:
128 2011-05-26 Geoffrey Garen <ggaren@apple.com>
130 Reviewed by Geoffrey Garen.
132 Factored out some Heap ASSERTs
133 https://bugs.webkit.org/show_bug.cgi?id=61565
135 * JavaScriptCore.exp:
137 (JSC::isValidSharedInstanceThreadState):
138 (JSC::isValidThreadState):
139 (JSC::Heap::markRoots):
140 (JSC::Heap::isValidAllocation):
143 (JSC::JSCell::Heap::allocate):
145 2011-05-26 Gavin Barraclough <barraclough@apple.com>
147 Reviewed by Geoff Garen.
149 https://bugs.webkit.org/show_bug.cgi?id=61508
150 DFG JIT - Add support for get by id self caching.
152 Change the call out to be an unexpected call (using silent spill/fill functions),
153 add a structure check & compact load to the JIT code, and add repatching mechanisms.
154 Since DFGOperations may want to be be implemented in asm, make these symbols be extern
155 "C". Add an asm wrapper to pass the return address to the optimizing get-by-id operation,
156 so that it can look up its StructureStubInfo.
158 * JavaScriptCore.xcodeproj/project.pbxproj:
160 * bytecode/StructureStubInfo.h:
161 - Added 'unset' entries to union.
162 * dfg/DFGJITCodeGenerator.h:
163 (JSC::DFG::JITCodeGenerator::appendCallWithExceptionCheck):
164 - Return the call, we need this to populate the StructureStubInfo.
165 * dfg/DFGJITCompiler.cpp:
166 (JSC::DFG::JITCompiler::compileFunction):
167 - Populate the CodebBlock's StructureStubInfo Vector.
168 * dfg/DFGJITCompiler.h:
169 (JSC::DFG::JITCompiler::appendCallWithExceptionCheck):
170 - Return the call, we need this to populate the StructureStubInfo.
171 (JSC::DFG::JITCompiler::addPropertyAccess):
172 (JSC::DFG::JITCompiler::PropertyAccessRecord::PropertyAccessRecord):
173 - Add structures to record property access info during compilation.
174 * dfg/DFGOperations.cpp:
175 - Made all external methods extern "C".
176 (JSC::DFG::operationPutByValInternal):
177 - Moved outside of the extern "C" block.
178 * dfg/DFGOperations.h:
179 - Made all external methods extern "C".
180 * dfg/DFGRepatch.cpp: Added.
181 (JSC::DFG::dfgRepatchCall):
182 - repatch a call to link to a new callee function.
183 (JSC::DFG::dfgRepatchGetByIdSelf):
184 - Modify the JIT code to optimize self accesses.
185 (JSC::DFG::tryCacheGetByID):
186 - Internal implementation of dfgRepatchGetByID (factor out failing cases).
187 (JSC::DFG::dfgRepatchGetByID):
188 - Used to optimize 'operationGetByIdOptimize' - repatches to 'operationGetById', and tries to optimize self accesses!
189 * dfg/DFGRepatch.h: Added.
190 - Expose dfgRepatchGetByID.
191 * dfg/DFGSpeculativeJIT.cpp:
192 (JSC::DFG::SpeculativeJIT::compile):
193 - Changed implementation of GetById ops.
195 2011-05-26 Geoffrey Garen <ggaren@apple.com>
197 Rolled back in http://trac.webkit.org/changeset/87408 with Windows build fixed.
199 * heap/MarkedBlock.cpp:
200 (JSC::MarkedBlock::MarkedBlock):
201 * heap/MarkedBlock.h:
202 * wtf/DoublyLinkedList.h:
203 (WTF::::DoublyLinkedListNode):
208 (WTF::::DoublyLinkedList):
217 2011-05-26 Geoffrey Garen <ggaren@apple.com>
219 Rolled out http://trac.webkit.org/changeset/87408 because it broke the
222 * heap/MarkedBlock.cpp:
223 (JSC::MarkedBlock::MarkedBlock):
224 * heap/MarkedBlock.h:
225 (JSC::MarkedBlock::setPrev):
226 (JSC::MarkedBlock::setNext):
227 (JSC::MarkedBlock::prev):
228 (JSC::MarkedBlock::next):
229 * wtf/DoublyLinkedList.h:
230 (WTF::::DoublyLinkedList):
236 2011-05-26 Geoffrey Garen <ggaren@apple.com>
238 Reviewed by Oliver Hunt.
240 Provide a real owner when copying a property table, for the sake of
242 https://bugs.webkit.org/show_bug.cgi?id=61547
244 No test because we can't enable the writeBarrier() ASSERT just yet.
246 * runtime/Structure.cpp:
247 (JSC::Structure::addPropertyTransition):
249 2011-05-26 Adam Roben <aroben@apple.com>
251 Windows build fix after r87346
253 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Fixed up exports to match
256 2011-05-26 Patrick Gansterer <paroga@webkit.org>
258 Reviewed by Adam Barth.
260 ASSERT(isMainThread()) when using single threaded jsc executable
261 https://bugs.webkit.org/show_bug.cgi?id=60846
263 Remove the ASSERT since we do not have the concept of MainThread in JSC.
265 * wtf/CryptographicallyRandomNumber.cpp:
266 (WTF::ARC4Stream::ARC4RandomNumberGenerator::randomNumber):
267 (WTF::ARC4Stream::ARC4RandomNumberGenerator::randomValues):
269 2011-05-25 Gavin Barraclough <barraclough@apple.com>
271 Reviewed by Sam Weinig.
273 https://bugs.webkit.org/show_bug.cgi?id=61506
275 Move the silent spill/fill methods in the DFG JIT to the JITCodeGenerator
276 so that they are available to the SpeculativeJIT.
278 * dfg/DFGJITCodeGenerator.h:
279 (JSC::DFG::JITCodeGenerator::silentSpillGPR):
280 (JSC::DFG::JITCodeGenerator::silentSpillFPR):
281 (JSC::DFG::JITCodeGenerator::silentFillGPR):
282 (JSC::DFG::JITCodeGenerator::silentFillFPR):
283 (JSC::DFG::JITCodeGenerator::silentSpillAllRegisters):
284 (JSC::DFG::JITCodeGenerator::silentFillAllRegisters):
285 * dfg/DFGNonSpeculativeJIT.h:
287 2011-05-25 Ryosuke Niwa <rniwa@webkit.org>
289 An attempt to revive Windows bots.
291 * runtime/RegExp.cpp:
294 2011-05-25 Gavin Barraclough <barraclough@apple.com>
296 Reviewed by Sam Weinig.
298 Bug 61503 - Move population of CodeBlock::m_structureStubInfos into JIT
300 This data structure, used at runtime by the JIT, is currently unnecessarily populated
301 with default entries during byte compilation.
303 Aside from meaning that there is JIT specific code in the bytecompiler, this also ties
304 us to one entry per corresponding bytecode op, which may be undesirable. Instead,
305 populate this array from the JIT.
307 The type StructureStubInfo has two unused states, one for gets & one for puts. Unify
308 these, so that the class can have a default constructor (and to simply switch statements
309 in code walking over the table).
311 This change has ramification for the DFG JIT, in that the DFG JIT used this datastructure
312 to check for functions containing property access. Instead do so in the DFGByteCodeParser.
314 * bytecode/CodeBlock.cpp:
315 (JSC::printStructureStubInfo):
316 * bytecode/CodeBlock.h:
317 (JSC::CodeBlock::setNumberOfStructureStubInfos):
318 (JSC::CodeBlock::numberOfStructureStubInfos):
319 * bytecode/StructureStubInfo.cpp:
320 (JSC::StructureStubInfo::deref):
321 (JSC::StructureStubInfo::visitAggregate):
322 * bytecode/StructureStubInfo.h:
323 (JSC::StructureStubInfo::StructureStubInfo):
324 * bytecompiler/BytecodeGenerator.cpp:
325 (JSC::BytecodeGenerator::emitGetById):
326 (JSC::BytecodeGenerator::emitPutById):
327 (JSC::BytecodeGenerator::emitDirectPutById):
328 * dfg/DFGByteCodeParser.cpp:
329 (JSC::DFG::ByteCodeParser::parseBlock):
332 (JSC::JIT::privateCompileMainPass):
333 (JSC::JIT::privateCompileSlowCases):
334 (JSC::JIT::privateCompile):
336 * jit/JITPropertyAccess.cpp:
337 (JSC::JIT::emit_op_get_by_id):
338 (JSC::JIT::emit_op_put_by_id):
339 (JSC::JIT::emit_op_method_check):
340 (JSC::JIT::compileGetByIdHotPath):
341 (JSC::JIT::compileGetByIdSlowCase):
342 (JSC::JIT::emitSlow_op_put_by_id):
343 * jit/JITPropertyAccess32_64.cpp:
344 (JSC::JIT::emit_op_get_by_id):
345 (JSC::JIT::emitSlow_op_get_by_id):
346 (JSC::JIT::emit_op_put_by_id):
347 (JSC::JIT::emitSlow_op_put_by_id):
348 (JSC::JIT::emit_op_method_check):
349 (JSC::JIT::compileGetByIdHotPath):
350 (JSC::JIT::compileGetByIdSlowCase):
351 * runtime/Executable.cpp:
352 (JSC::tryDFGCompile):
354 2011-05-25 Gavin Barraclough <barraclough@apple.com>
356 Reviewed by Sam Weinig.
358 Bug 61501 - Unify AbstractMacroAssembler::differenceBetween methods.
360 * assembler/AbstractMacroAssembler.h:
361 (JSC::AbstractMacroAssembler::Call::Call):
362 (JSC::AbstractMacroAssembler::Call::fromTailJump):
363 (JSC::AbstractMacroAssembler::Jump::Jump):
364 (JSC::AbstractMacroAssembler::Jump::link):
365 (JSC::AbstractMacroAssembler::Jump::linkTo):
366 (JSC::AbstractMacroAssembler::Jump::isSet):
367 (JSC::AbstractMacroAssembler::differenceBetween):
368 (JSC::AbstractMacroAssembler::linkJump):
369 (JSC::AbstractMacroAssembler::getLinkerCallReturnOffset):
370 * assembler/LinkBuffer.h:
371 (JSC::LinkBuffer::link):
372 (JSC::LinkBuffer::locationOf):
373 (JSC::LinkBuffer::locationOfNearCall):
374 (JSC::LinkBuffer::returnAddressOffset):
375 * assembler/MacroAssemblerARM.h:
376 (JSC::MacroAssemblerARM::linkCall):
377 * assembler/MacroAssemblerARMv7.h:
378 (JSC::MacroAssemblerARMv7::linkCall):
379 * assembler/MacroAssemblerMIPS.h:
380 (JSC::MacroAssemblerMIPS::linkCall):
381 * assembler/MacroAssemblerSH4.cpp:
382 (JSC::MacroAssemblerSH4::linkCall):
383 * assembler/MacroAssemblerX86.h:
384 (JSC::MacroAssemblerX86::linkCall):
385 * assembler/MacroAssemblerX86_64.h:
386 (JSC::MacroAssemblerX86_64::linkCall):
388 2011-05-25 Gavin Barraclough <barraclough@apple.com>
390 Reviewed by Sam Weinig.
392 https://bugs.webkit.org/show_bug.cgi?id=61500
393 Add JSObject::offsetOfPropertyStorage
395 * jit/JITPropertyAccess.cpp:
396 (JSC::JIT::compileGetDirectOffset):
397 (JSC::JIT::compileGetByIdHotPath):
398 (JSC::JIT::emit_op_put_by_id):
399 (JSC::JIT::compilePutDirectOffset):
400 * jit/JITPropertyAccess32_64.cpp:
401 (JSC::JIT::compileGetByIdHotPath):
402 (JSC::JIT::emit_op_put_by_id):
403 (JSC::JIT::compilePutDirectOffset):
404 (JSC::JIT::compileGetDirectOffset):
405 * runtime/JSObject.h:
406 (JSC::JSObject::offsetOfPropertyStorage):
408 2011-05-25 Oliver Hunt <oliver@apple.com>
410 Reviewed by Geoffrey Garen.
412 Make RegExp GC allocated
413 https://bugs.webkit.org/show_bug.cgi?id=61490
415 Make RegExp GC allocated. Basically mechanical change to replace
416 most use of [Pass]RefPtr<RegExp> with RegExp* or WriteBarrier<RegExp>
417 where actual ownership happens.
419 Made the RegExpCache use Strong<> references currently to avoid any
420 changes in behaviour.
422 * JavaScriptCore.exp:
423 * bytecode/CodeBlock.cpp:
424 (JSC::CodeBlock::visitAggregate):
425 * bytecode/CodeBlock.h:
426 (JSC::CodeBlock::addRegExp):
427 * bytecompiler/BytecodeGenerator.cpp:
428 (JSC::BytecodeGenerator::addRegExp):
429 (JSC::BytecodeGenerator::emitNewRegExp):
430 * bytecompiler/BytecodeGenerator.h:
432 * runtime/JSGlobalData.cpp:
433 (JSC::JSGlobalData::JSGlobalData):
434 (JSC::JSGlobalData::clearBuiltinStructures):
435 (JSC::JSGlobalData::addRegExpToTrace):
436 * runtime/JSGlobalData.h:
437 * runtime/JSGlobalObject.cpp:
438 (JSC::JSGlobalObject::reset):
439 * runtime/RegExp.cpp:
440 (JSC::RegExp::RegExp):
441 (JSC::RegExp::create):
442 (JSC::RegExp::invalidateCode):
444 (JSC::RegExp::createStructure):
445 * runtime/RegExpCache.cpp:
446 (JSC::RegExpCache::lookupOrCreate):
447 (JSC::RegExpCache::create):
448 * runtime/RegExpCache.h:
449 * runtime/RegExpConstructor.cpp:
450 (JSC::constructRegExp):
451 * runtime/RegExpObject.cpp:
452 (JSC::RegExpObject::RegExpObject):
453 (JSC::RegExpObject::visitChildren):
454 * runtime/RegExpObject.h:
455 (JSC::RegExpObject::setRegExp):
456 (JSC::RegExpObject::RegExpObjectData::RegExpObjectData):
457 * runtime/RegExpPrototype.cpp:
458 (JSC::RegExpPrototype::RegExpPrototype):
459 (JSC::regExpProtoFuncCompile):
460 * runtime/RegExpPrototype.h:
461 * runtime/StringPrototype.cpp:
462 (JSC::stringProtoFuncMatch):
463 (JSC::stringProtoFuncSearch):
465 2011-05-25 Oliver Hunt <oliver@apple.com>
467 Reviewed by Geoffrey Garen.
469 Generate regexp code lazily
470 https://bugs.webkit.org/show_bug.cgi?id=61476
472 RegExp construction now simply validates the RegExp, it does
473 not perform actual codegen.
475 * runtime/RegExp.cpp:
476 (JSC::RegExp::RegExp):
477 (JSC::RegExp::recompile):
478 (JSC::RegExp::compile):
479 (JSC::RegExp::match):
481 (JSC::RegExp::recompileIfNecessary):
482 * runtime/RegExpConstructor.h:
483 (JSC::RegExpConstructor::performMatch):
484 * runtime/RegExpObject.cpp:
485 (JSC::RegExpObject::match):
486 * runtime/StringPrototype.cpp:
487 (JSC::stringProtoFuncReplace):
488 (JSC::stringProtoFuncMatch):
489 (JSC::stringProtoFuncSearch):
490 (JSC::stringProtoFuncSplit):
492 2011-05-24 Geoffrey Garen <ggaren@apple.com>
494 Reviewed by Geoffrey Garen.
496 Removed MarkSetProperties because it was unused
497 https://bugs.webkit.org/show_bug.cgi?id=61418
500 (JSC::MarkSet::MarkSet):
501 (JSC::MarkStack::append):
502 * runtime/JSActivation.cpp:
503 (JSC::JSActivation::visitChildren):
505 (JSC::JSArray::visitChildrenDirect):
506 * runtime/JSPropertyNameIterator.cpp:
507 (JSC::JSPropertyNameIterator::visitChildren):
508 * runtime/WriteBarrier.h:
509 (JSC::MarkStack::appendValues):
511 2011-05-25 Oliver Hunt <oliver@apple.com>
513 Reviewed by Geoffrey Garen.
515 Make allocations with guard pages ensure that the allocation succeeded
516 https://bugs.webkit.org/show_bug.cgi?id=61453
518 Add null checks, and make PageBlock's operator bool() use
519 the realbase, rather than the start of usable memory.
521 * wtf/OSAllocatorPosix.cpp:
522 (WTF::OSAllocator::reserveAndCommit):
524 (WTF::PageBlock::operator bool):
525 (WTF::PageBlock::PageBlock):
527 2011-04-10 Kevin Ollivier <kevino@theolliviers.com>
529 Reviewed by Eric Seidel.
531 Add JS_EXPORT_PRIVATE macro for exported methods in bytecompiler headers.
533 https://bugs.webkit.org/show_bug.cgi?id=27551
535 * bytecompiler/BytecodeGenerator.h:
537 2011-05-24 Keishi Hattori <keishi@webkit.org>
539 Reviewed by Kent Tamura.
541 Disable textfield implementation of <input type=color>. Add INPUT_COLOR feature flag. Add input color sanitizer.
542 https://bugs.webkit.org/show_bug.cgi?id=61273
544 * Configurations/FeatureDefines.xcconfig: Added COLOR_INPUT feature flag.
546 2011-05-24 Kevin Ollivier <kevino@theolliviers.com>
548 Reviewed by Eric Seidel.
550 Add export macros to WTFString.h.
552 https://bugs.webkit.org/show_bug.cgi?id=27551
554 * wtf/text/WTFString.h:
555 (WTF::String::String):
556 (WTF::String::findIgnoringCase):
557 (WTF::String::isHashTableDeletedValue):
559 2011-05-24 Geoffrey Garen <ggaren@apple.com>
561 Maybe fix the Mac build now?
563 * JavaScriptCore.xcodeproj/project.pbxproj:
565 2011-05-24 Geoffrey Garen <ggaren@apple.com>
567 Maybe fix the Mac build?
569 * JavaScriptCore.xcodeproj/project.pbxproj:
571 2011-05-24 Geoffrey Garen <ggaren@apple.com>
573 Reviewed by Oliver Hunt.
575 Split HeapRootVisitor into its own class
576 https://bugs.webkit.org/show_bug.cgi?id=61399
578 * GNUmakefile.list.am:
579 * JavaScriptCore.gypi:
580 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
581 * JavaScriptCore.xcodeproj/project.pbxproj:
582 * heap/HandleHeap.cpp:
583 * heap/HandleStack.cpp:
585 * heap/HeapRootVisitor.h: Copied from Source/JavaScriptCore/heap/MarkStack.h.
587 * runtime/ArgList.cpp:
588 * runtime/SmallStrings.cpp:
590 2011-05-24 Jay Civelli <jcivelli@chromium.org>
592 Rubberstamped by David Kilzer.
594 Updated some files that I forgot in my previous MHTML CL.
596 * Configurations/FeatureDefines.xcconfig:
598 2011-05-24 Geoffrey Garen <ggaren@apple.com>
600 Fix the Mac build: Yes, please do remove these files, svn.
602 * JavaScriptCore.xcodeproj/project.pbxproj:
604 2011-05-24 Geoffrey Garen <ggaren@apple.com>
606 Reviewed by Oliver Hunt.
608 Let's just have one way to get the system page size, bokay?
609 https://bugs.webkit.org/show_bug.cgi?id=61384
612 * CMakeListsWinCE.txt:
613 * GNUmakefile.list.am:
614 * JavaScriptCore.exp:
615 * JavaScriptCore.gypi:
616 * JavaScriptCore.pro:
617 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj: MarkStack[Platform].cpp
618 is gone completely now, since it only existed to provide a duplicate way
619 to access the system page size.
621 * heap/MarkStack.cpp:
622 (JSC::MarkStack::reset):
624 (JSC::::MarkStackArray):
625 (JSC::::shrinkAllocation): Use WTF::pageSize.
627 * heap/MarkStackPosix.cpp:
628 * heap/MarkStackSymbian.cpp:
629 * heap/MarkStackWin.cpp: Removed now-empty files.
631 * jit/ExecutableAllocator.cpp:
632 (JSC::ExecutableAllocator::reprotectRegion):
633 * jit/ExecutableAllocator.h:
634 (JSC::ExecutableAllocator::ExecutableAllocator):
635 (JSC::ExecutablePool::ExecutablePool):
636 (JSC::ExecutablePool::poolAllocate):
637 * jit/ExecutableAllocatorFixedVMPool.cpp: Use WTF::pageSize.
639 * wscript: Removed now-empty files.
642 (WTF::systemPageSize): Integrated questionable Symbian page size rule
643 from ExecutableAllocator, because that seems like what the original
644 author should have done.
646 2011-05-24 Oliver Hunt <oliver@apple.com>
648 Reviewed by Gavin Barraclough.
650 Interpreter crashes with gc validation enabled due to failure to mark initial cache structure
651 https://bugs.webkit.org/show_bug.cgi?id=61385
653 The interpreter uses the structure slot of get_by_id and put_by_id to hold
654 the initial structure it encountered so that it can identify whether a
655 given access is stable.
657 When marking though we only visit the slot when we've decided to cache, and
658 so this value could die. This was "safe" as the value was only used for a
659 pointer compare, but it was incorrect. We now just mark the slot like we
660 should have been doing already.
662 * bytecode/CodeBlock.cpp:
663 (JSC::CodeBlock::visitStructures):
665 2011-05-24 Adam Roben <aroben@apple.com>
669 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Removed now-inline functions.
671 2011-05-24 Geoffrey Garen <ggaren@apple.com>
673 Windows build fix: update the #if OS(WINDOWS) section to match my last patch.
676 (JSC::::shrinkAllocation):
678 2011-05-24 Geoffrey Garen <ggaren@apple.com>
680 Rubber-stamped by Oliver Hunt.
682 Split out function definitions and class definitions from class
683 declarations in MarkStack.h, for readability.
686 (JSC::MarkStack::MarkStack):
687 (JSC::MarkStack::~MarkStack):
688 (JSC::MarkStack::addOpaqueRoot):
689 (JSC::MarkStack::containsOpaqueRoot):
690 (JSC::MarkStack::opaqueRootCount):
691 (JSC::MarkSet::MarkSet):
692 (JSC::MarkStack::allocateStack):
693 (JSC::MarkStack::releaseStack):
694 (JSC::MarkStack::pageSize):
695 (JSC::::MarkStackArray):
696 (JSC::::~MarkStackArray):
703 (JSC::::shrinkAllocation):
705 2011-05-24 Oliver Hunt <oliver@apple.com>
707 Reviewed by Geoffrey Garen.
709 Avoid creating unnecessary identifiers and strings in the syntax checker
710 https://bugs.webkit.org/show_bug.cgi?id=61378
712 Selectively tell the lexer that there are some places it does not need to
713 do the real work of creating Identifiers for IDENT and STRING tokens.
715 Make parseString and parseIdentifier templatized on whether they should
716 do real work, or merely validate the tokens.
718 SunSpider --parse-only reports ~5-8% win depending on hardware.
720 * parser/ASTBuilder.h:
721 (JSC::ASTBuilder::createDotAccess):
722 * parser/JSParser.cpp:
723 (JSC::JSParser::next):
724 (JSC::JSParser::consume):
725 (JSC::JSParser::parseVarDeclarationList):
726 (JSC::JSParser::parseConstDeclarationList):
727 (JSC::JSParser::parseExpression):
728 (JSC::JSParser::parseAssignmentExpression):
729 (JSC::JSParser::parseConditionalExpression):
730 (JSC::JSParser::parseBinaryExpression):
731 (JSC::JSParser::parseProperty):
732 (JSC::JSParser::parseObjectLiteral):
733 (JSC::JSParser::parseArrayLiteral):
734 (JSC::JSParser::parseArguments):
735 (JSC::JSParser::parseMemberExpression):
737 (JSC::Lexer::parseIdentifier):
738 (JSC::Lexer::parseString):
741 * parser/SyntaxChecker.h:
742 (JSC::SyntaxChecker::createDotAccess):
743 (JSC::SyntaxChecker::createProperty):
745 2011-05-23 Michael Saboff <msaboff@apple.com>
747 Reviewed by Mark Rowe.
749 Safari often freezes when clicking "Return free memory" in Caches dialog
750 https://bugs.webkit.org/show_bug.cgi?id=61325
752 There are two fixes and improvement in instrumentation code used to find
754 Changed ReleaseFreeList() to set the "decommitted" bit when releasing
755 pages to the system and moving Spans from the normal list to the returned
757 Added a "not making forward progress" check to TCMalloc_PageHeap::scavenge
758 to eliminate an infinite loop if we can't meet the pagesToRelease target.
759 Added a check for the decommitted bit being set properly in
760 TCMalloc_PageHeap::CheckList.
762 * wtf/FastMalloc.cpp:
763 (WTF::TCMalloc_PageHeap::scavenge):
764 (WTF::TCMalloc_PageHeap::Check):
765 (WTF::TCMalloc_PageHeap::CheckList):
766 (WTF::ReleaseFreeList):
768 2011-05-23 Gavin Barraclough <barraclough@apple.com>
770 Reviewed by Geoff Garen.
772 https://bugs.webkit.org/show_bug.cgi?id=61306
774 The begin characters optimization currently has issues (#61129),
775 and does not appear to still be a performance win. The prudent
776 next step seems to be to disable while we ascertain whether this
777 is still a useful performance optimization.
779 * yarr/YarrInterpreter.cpp:
780 (JSC::Yarr::Interpreter::matchDisjunction):
781 (JSC::Yarr::Interpreter::interpret):
782 * yarr/YarrInterpreter.h:
783 (JSC::Yarr::BytecodePattern::BytecodePattern):
784 * yarr/YarrPattern.cpp:
785 (JSC::Yarr::YarrPatternConstructor::YarrPatternConstructor):
786 (JSC::Yarr::YarrPattern::compile):
787 (JSC::Yarr::YarrPattern::YarrPattern):
788 * yarr/YarrPattern.h:
789 (JSC::Yarr::YarrPattern::reset):
791 2011-05-23 Matthew Delaney <mdelaney@apple.com>
793 Reviewed by Simon Fraser.
795 Remove safeFloatToInt() in FloatRect.cpp and replace with working version of clampToInteger()
796 https://bugs.webkit.org/show_bug.cgi?id=58216
800 (clampToPositiveInteger):
802 2011-05-23 Ruben <chromium@hybridsource.org>
804 Reviewed by Tony Chang.
806 Chromium gyp patch to use new POSIX defines toolkit_uses_gtk and os_posix
807 https://bugs.webkit.org/show_bug.cgi?id=61219
809 * JavaScriptCore.gyp/JavaScriptCore.gyp:
811 2011-05-23 Thouraya ANDOLSI <thouraya.andolsi@st.com>
813 Reviewed by Gavin Barraclough.
815 [SH4] AssemblerLabel does not name a type
816 https://bugs.webkit.org/show_bug.cgi?id=59927
818 SH4Assembler.h file shoold be included before AbstractMacroAssembler.h.
820 * assembler/MacroAssemblerSH4.h:
822 2011-05-23 Ryuan Choi <ryuan.choi@samsung.com>
824 Rubber stamped by Eric Seidel.
826 [CMAKE] Refactoring wtf related code.
827 https://bugs.webkit.org/show_bug.cgi?id=60146
829 Move wtf-files to Source/JavaScriptCore/wtf/CMakeLists.txt.
833 * wtf/CMakeLists.txt:
834 * wtf/CMakeListsEfl.txt:
836 2011-05-22 Adam Barth <abarth@webkit.org>
838 Enable strict PassOwnPtr for everyone. I expect this patch will need
839 some followups to make the GTK and EFL bots green again.
843 2011-05-20 Oliver Hunt <oliver@apple.com>
845 Reviewed by Gavin Barraclough.
847 Reduce size of inline cache path of get_by_id on ARMv7
848 https://bugs.webkit.org/show_bug.cgi?id=61221
850 This reduces the code size of get_by_id by 20 bytes
852 * assembler/ARMv7Assembler.h:
853 (JSC::ARMv7Assembler::ldrCompact):
854 (JSC::ARMv7Assembler::repatchCompact):
855 (JSC::ARMv7Assembler::setUInt7ForLoad):
856 * assembler/MacroAssemblerARMv7.h:
857 (JSC::MacroAssemblerARMv7::load32WithCompactAddressOffsetPatch):
860 2011-05-20 Zoltan Herczeg <zherczeg@inf.u-szeged.hu>
862 Reviewed by Oliver Hunt.
864 Zombies should "live" forever
865 https://bugs.webkit.org/show_bug.cgi?id=61170
867 Reusing zombie cells could still hide garbage
868 collected cell related bugs.
870 * JavaScriptCore.pro:
871 * heap/MarkedBlock.cpp:
872 (JSC::MarkedBlock::clearMarks):
873 * heap/MarkedBlock.h:
874 * heap/MarkedSpace.cpp:
875 (JSC::MarkedSpace::destroy):
877 (JSC::JSCell::JSValue::isZombie):
878 * runtime/JSZombie.h:
879 (JSC::JSZombie::~JSZombie):
880 * runtime/WriteBarrier.h:
881 (JSC::WriteBarrierBase::setWithoutWriteBarrier):
883 2011-05-20 Brady Eidson <beidson@apple.com>
885 Reviewed by Sam Weinig.
887 <rdar://problem/9472883> and https://bugs.webkit.org/show_bug.cgi?id=61203
888 Horrendous bug in callOnMainThreadAndWait
890 * wtf/MainThread.cpp:
891 (WTF::dispatchFunctionsFromMainThread): Before signaling the background thread with the
892 syncFlag condition, reacquire the mutex first.
894 2011-05-20 Oliver Hunt <oliver@apple.com>
896 Reviewed by Sam Weinig.
898 Remove unnecessary double->int conversion at the end of op_div
899 https://bugs.webkit.org/show_bug.cgi?id=61198
901 We don't attempt this conversion on 64bit, removing it actually speeds
902 up sunspider and v8 slightly, and it reduces code size.
904 * jit/JITArithmetic32_64.cpp:
905 (JSC::JIT::emit_op_div):
907 2011-05-19 Evan Martin <evan@chromium.org>
909 Reviewed by Tony Chang.
911 [chromium] remove <(library) variable
912 https://bugs.webkit.org/show_bug.cgi?id=61158
914 This was for a build experiment; we can just use the correct value now.
916 * JavaScriptCore.gyp/JavaScriptCore.gyp:
918 2011-05-20 Oliver Hunt <oliver@apple.com>
920 Reviewed by Sam Weinig.
922 Interpreter uses wrong bytecode offset for determining exception handler
923 https://bugs.webkit.org/show_bug.cgi?id=61191
925 The bytecode offset given for the returnPC from the JIT is
926 actually the offset for the start of the instruction triggering
927 the call, whereas in the interpreter it is the actual return
928 VPC. This means if the next instruction following a call was
929 in an exception region we would incorrectly redirect to its
930 handler. Long term we want to completely redo how exceptions
931 are handled anyway so the simplest and lowest risk fix here is
932 to simply subtract one from the return vPC so that we have an
933 offset in the triggering instruction.
935 It turns out this is caught by a couple of tests already.
937 * interpreter/Interpreter.cpp:
938 (JSC::Interpreter::unwindCallFrame):
940 2011-05-20 Xan Lopez <xlopez@igalia.com>
942 Reviewed by Oliver Hunt.
944 JIT requires VM overcommit (particularly on x86-64), Linux does not by default support this without swap?
945 https://bugs.webkit.org/show_bug.cgi?id=42756
947 Use the MAP_NORESERVE flag for mmap on Linux to skip the kernel
948 check of the available memory. This should give us an
949 overcommit-like behavior in most systems, which is what we want.
951 * wtf/OSAllocatorPosix.cpp:
952 (WTF::OSAllocator::reserveAndCommit): pass MAP_NORSERVE to mmap.
954 2011-05-19 Gabor Loki <loki@webkit.org>
956 Fix ARM build after r86919
958 * assembler/ARMAssembler.h:
959 (JSC::ARMAssembler::nop):
961 2011-05-19 Oliver Hunt <oliver@apple.com>
963 Reviewed by Gavin Barraclough.
965 Randomise code starting location a little
966 https://bugs.webkit.org/show_bug.cgi?id=61161
968 Add a nop() function to the Assemblers so that we
969 can randomise code offsets slightly at no real cost.
971 * assembler/ARMAssembler.h:
972 (JSC::ARMAssembler::nop):
973 * assembler/ARMv7Assembler.h:
974 (JSC::ARMv7Assembler::nop):
975 * assembler/MacroAssemblerARM.h:
976 (JSC::MacroAssemblerARM::nop):
977 * assembler/MacroAssemblerARMv7.h:
978 (JSC::MacroAssemblerARMv7::nop):
979 * assembler/MacroAssemblerMIPS.h:
980 (JSC::MacroAssemblerMIPS::nop):
981 * assembler/MacroAssemblerSH4.h:
982 (JSC::MacroAssemblerSH4::nop):
983 * assembler/MacroAssemblerX86Common.h:
984 (JSC::MacroAssemblerX86Common::nop):
985 * assembler/X86Assembler.h:
986 (JSC::X86Assembler::nop):
989 (JSC::JIT::privateCompile):
991 * runtime/WeakRandom.h:
992 (JSC::WeakRandom::getUint32):
994 2011-05-19 Oliver Hunt <oliver@apple.com>
998 * wtf/OSAllocatorWin.cpp:
999 (WTF::OSAllocator::reserveUncommitted):
1000 (WTF::OSAllocator::reserveAndCommit):
1002 2011-05-19 Oliver Hunt <oliver@apple.com>
1004 Reviewed by Gavin Barraclough.
1006 Add guard pages to each end of the memory region used by the fixedvm allocator
1007 https://bugs.webkit.org/show_bug.cgi?id=61150
1009 Add mechanism to notify the OSAllocator that pages at either end of an
1010 allocation should be considered guard pages. Update PageReservation,
1011 PageAllocation, etc to handle this.
1013 * JavaScriptCore.exp:
1014 * jit/ExecutableAllocatorFixedVMPool.cpp:
1015 (JSC::FixedVMPoolAllocator::FixedVMPoolAllocator):
1016 * wtf/OSAllocator.h:
1017 * wtf/OSAllocatorPosix.cpp:
1018 (WTF::OSAllocator::reserveUncommitted):
1019 (WTF::OSAllocator::reserveAndCommit):
1020 * wtf/PageAllocation.h:
1021 (WTF::PageAllocation::PageAllocation):
1022 * wtf/PageAllocationAligned.h:
1023 (WTF::PageAllocationAligned::PageAllocationAligned):
1025 (WTF::PageBlock::PageBlock):
1026 * wtf/PageReservation.h:
1027 (WTF::PageReservation::reserve):
1028 (WTF::PageReservation::reserveWithGuardPages):
1029 Add a new function to make a reservation that will add guard
1030 pages to the ends of an allocation.
1031 (WTF::PageReservation::PageReservation):
1033 2011-05-19 Oliver Hunt <oliver@apple.com>
1035 Reviewed by Geoffrey Garen.
1037 Make Executables release their JIT code as soon as they become dead
1038 https://bugs.webkit.org/show_bug.cgi?id=61134
1040 Add an ability to clear an Executable's jit code without requiring
1041 it to be destroyed, and then call that from a finalizer.
1047 (JSC::JITCode::clear):
1048 * runtime/Executable.cpp:
1049 (JSC::ExecutableFinalizer::finalize):
1050 (JSC::ExecutableBase::executableFinalizer):
1051 * runtime/Executable.h:
1052 (JSC::ExecutableBase::ExecutableBase):
1053 (JSC::ExecutableBase::clearExecutableCode):
1055 2011-05-19 Adam Roben <aroben@apple.com>
1057 Remove a redundant and broken data export
1059 Data can't be exported from JavaScriptCore.dll by listing it in the .def file. The
1060 JS_EXPORTDATA macro must be used instead. (In this case it was already being used, leading
1061 to a linker warning about multiple definitions.)
1063 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Removed JSGlobalData::s_info.
1065 2011-05-18 Oliver Hunt <oliver@apple.com>
1067 Reviewed by Gavin Barraclough.
1069 Some tests crashing in JSC::MarkStack::validateValue beneath ScriptController::clearWindowShell on SnowLeopard Intel Release (WebKit2 Tests)
1070 https://bugs.webkit.org/show_bug.cgi?id=61064
1072 Switch NonFinalObject to using WriteBarrier<> rather than WriteBarrierBase<>
1073 for its inline storage. This resolves the problem of GC occurring before
1074 a subclass has initialised its anonymous storage.
1076 * runtime/JSObject.h:
1078 2011-05-18 Adam Barth <abarth@webkit.org>
1080 Reviewed by Sam Weinig.
1083 https://bugs.webkit.org/show_bug.cgi?id=61084
1085 It's been a year and we've failed to complete this project. It's time
1086 to throw in the towel.
1088 * JavaScriptCore.xcodeproj/project.pbxproj:
1090 * wtf/url/api: Removed.
1091 * wtf/url/api/ParsedURL.cpp: Removed.
1092 * wtf/url/api/ParsedURL.h: Removed.
1093 * wtf/url/api/URLString.h: Removed.
1094 * wtf/url/src: Removed.
1095 * wtf/url/src/RawURLBuffer.h: Removed.
1096 * wtf/url/src/URLBuffer.h: Removed.
1097 * wtf/url/src/URLCharacterTypes.cpp: Removed.
1098 * wtf/url/src/URLCharacterTypes.h: Removed.
1099 * wtf/url/src/URLComponent.h: Removed.
1100 * wtf/url/src/URLEscape.cpp: Removed.
1101 * wtf/url/src/URLEscape.h: Removed.
1102 * wtf/url/src/URLParser.h: Removed.
1103 * wtf/url/src/URLQueryCanonicalizer.h: Removed.
1104 * wtf/url/src/URLSegments.cpp: Removed.
1105 * wtf/url/src/URLSegments.h: Removed.
1106 * wtf/url/wtfurl.gyp: Removed.
1108 2011-05-18 Oliver Hunt <oliver@apple.com>
1110 Reviewed by Sam Weinig.
1112 JSGlobalObject and some others do GC allocation during initialization, which can cause heap corruption
1113 https://bugs.webkit.org/show_bug.cgi?id=61090
1115 Remove the Structure-free JSGlobalObject constructor and instead always
1116 pass the structure into the JSGlobalObject constructor.
1117 Stop DebuggerActivation creating a new structure every time, and simply
1118 use a single shared structure held by the GlobalData.
1120 * API/JSContextRef.cpp:
1121 * debugger/DebuggerActivation.cpp:
1122 (JSC::DebuggerActivation::DebuggerActivation):
1124 (GlobalObject::GlobalObject):
1127 * runtime/JSGlobalData.cpp:
1128 (JSC::JSGlobalData::JSGlobalData):
1129 (JSC::JSGlobalData::clearBuiltinStructures):
1130 * runtime/JSGlobalData.h:
1131 * runtime/JSGlobalObject.h:
1133 2011-05-18 Oliver Hunt <oliver@apple.com>
1135 Reviewed by Adam Roben.
1137 Disable gc validation in release builds
1138 https://bugs.webkit.org/show_bug.cgi?id=60680
1140 Add back the NDEBUG check
1144 2011-05-17 Geoffrey Garen <ggaren@apple.com>
1146 Rolled out attempts to fix EFL build because they're not enough -- the
1147 build script needs to be fixed.
1149 * runtime/BooleanPrototype.cpp:
1150 * runtime/DateConstructor.cpp:
1151 * runtime/ErrorPrototype.cpp:
1153 2011-05-17 Geoffrey Garen <ggaren@apple.com>
1155 More attempts to work around the EFL build system being borken.
1157 * runtime/DateConstructor.cpp:
1158 * runtime/ErrorPrototype.cpp:
1160 2011-05-17 Geoffrey Garen <ggaren@apple.com>
1162 Try to fix the EFL build.
1164 * runtime/BooleanPrototype.cpp:
1166 2011-05-16 Geoffrey Garen <ggaren@apple.com>
1168 Rolling back in r86653 with build fixed.
1170 Reviewed by Gavin Barraclough and Oliver Hunt.
1172 Global object initialization is expensive
1173 https://bugs.webkit.org/show_bug.cgi?id=60933
1175 Changed a bunch of globals to allocate their properties lazily, and changed
1176 the global object to allocate a bunch of its globals lazily.
1178 This reduces the footprint of a global object from 287 objects with 58
1179 functions for 24K to 173 objects with 20 functions for 15K.
1181 Large patch, but it's all mechanical.
1183 * DerivedSources.make:
1184 * JavaScriptCore.exp: Build!
1186 * create_hash_table: Added a special case for fromCharCode, since it uses
1187 a custom "thunk generator".
1190 (JSC::TypeCounter::operator()): Fixed a bug where the type counter would
1191 overcount objects that were owned through more than one mechanism because
1192 it was getting in the way of counting the results for this patch.
1194 * interpreter/CallFrame.h:
1195 (JSC::ExecState::arrayConstructorTable):
1196 (JSC::ExecState::arrayPrototypeTable):
1197 (JSC::ExecState::booleanPrototypeTable):
1198 (JSC::ExecState::dateConstructorTable):
1199 (JSC::ExecState::errorPrototypeTable):
1200 (JSC::ExecState::globalObjectTable):
1201 (JSC::ExecState::numberConstructorTable):
1202 (JSC::ExecState::numberPrototypeTable):
1203 (JSC::ExecState::objectPrototypeTable):
1204 (JSC::ExecState::regExpPrototypeTable):
1205 (JSC::ExecState::stringConstructorTable): Added new tables.
1207 * runtime/ArrayConstructor.cpp:
1208 (JSC::ArrayConstructor::ArrayConstructor):
1209 (JSC::ArrayConstructor::getOwnPropertySlot):
1210 (JSC::ArrayConstructor::getOwnPropertyDescriptor):
1211 * runtime/ArrayConstructor.h:
1212 (JSC::ArrayConstructor::createStructure):
1213 * runtime/ArrayPrototype.cpp:
1214 (JSC::ArrayPrototype::getOwnPropertySlot):
1215 (JSC::ArrayPrototype::getOwnPropertyDescriptor):
1216 * runtime/ArrayPrototype.h:
1217 * runtime/BooleanPrototype.cpp:
1218 (JSC::BooleanPrototype::BooleanPrototype):
1219 (JSC::BooleanPrototype::getOwnPropertySlot):
1220 (JSC::BooleanPrototype::getOwnPropertyDescriptor):
1221 * runtime/BooleanPrototype.h:
1222 (JSC::BooleanPrototype::createStructure):
1223 * runtime/DateConstructor.cpp:
1224 (JSC::DateConstructor::DateConstructor):
1225 (JSC::DateConstructor::getOwnPropertySlot):
1226 (JSC::DateConstructor::getOwnPropertyDescriptor):
1227 * runtime/DateConstructor.h:
1228 (JSC::DateConstructor::createStructure):
1229 * runtime/ErrorPrototype.cpp:
1230 (JSC::ErrorPrototype::ErrorPrototype):
1231 (JSC::ErrorPrototype::getOwnPropertySlot):
1232 (JSC::ErrorPrototype::getOwnPropertyDescriptor):
1233 * runtime/ErrorPrototype.h:
1234 (JSC::ErrorPrototype::createStructure): Standardized these objects
1235 to use static tables for function properties.
1237 * runtime/JSGlobalData.cpp:
1238 (JSC::JSGlobalData::JSGlobalData):
1239 (JSC::JSGlobalData::~JSGlobalData):
1240 * runtime/JSGlobalData.h: Added new tables.
1242 * runtime/JSGlobalObject.cpp:
1243 (JSC::JSGlobalObject::reset):
1244 (JSC::JSGlobalObject::addStaticGlobals):
1245 (JSC::JSGlobalObject::getOwnPropertySlot):
1246 (JSC::JSGlobalObject::getOwnPropertyDescriptor):
1247 * runtime/JSGlobalObject.h:
1248 * runtime/JSGlobalObjectFunctions.cpp:
1249 * runtime/JSGlobalObjectFunctions.h: Changed JSGlobalObject to use a
1250 static table for its global functions. This required uninlining some
1251 things to avoid a circular header dependency. However, those things
1252 probably shouldn't have been inlined in the first place.
1254 Even more global object properties can be made lazy, but that requires
1255 more in-depth changes.
1257 * runtime/MathObject.cpp:
1258 * runtime/NumberConstructor.cpp:
1259 (JSC::NumberConstructor::getOwnPropertySlot):
1260 (JSC::NumberConstructor::getOwnPropertyDescriptor):
1261 * runtime/NumberPrototype.cpp:
1262 (JSC::NumberPrototype::NumberPrototype):
1263 (JSC::NumberPrototype::getOwnPropertySlot):
1264 (JSC::NumberPrototype::getOwnPropertyDescriptor):
1265 * runtime/NumberPrototype.h:
1266 (JSC::NumberPrototype::createStructure):
1267 * runtime/ObjectPrototype.cpp:
1268 (JSC::ObjectPrototype::ObjectPrototype):
1269 (JSC::ObjectPrototype::put):
1270 (JSC::ObjectPrototype::getOwnPropertySlot):
1271 (JSC::ObjectPrototype::getOwnPropertyDescriptor):
1272 * runtime/ObjectPrototype.h:
1273 (JSC::ObjectPrototype::createStructure):
1274 * runtime/RegExpPrototype.cpp:
1275 (JSC::RegExpPrototype::RegExpPrototype):
1276 (JSC::RegExpPrototype::getOwnPropertySlot):
1277 (JSC::RegExpPrototype::getOwnPropertyDescriptor):
1278 * runtime/RegExpPrototype.h:
1279 (JSC::RegExpPrototype::createStructure):
1280 * runtime/StringConstructor.cpp:
1281 (JSC::StringConstructor::StringConstructor):
1282 (JSC::StringConstructor::getOwnPropertySlot):
1283 (JSC::StringConstructor::getOwnPropertyDescriptor):
1284 * runtime/StringConstructor.h:
1285 (JSC::StringConstructor::createStructure): Standardized these objects
1286 to use static tables for function properties.
1288 2011-05-17 Sam Weinig <sam@webkit.org>
1290 Reviewed by Oliver Hunt.
1292 JSGlobalContextRelease should not trigger a synchronous garbage collection
1293 https://bugs.webkit.org/show_bug.cgi?id=60990
1295 * API/JSContextRef.cpp:
1296 Change synchronous call to collectAllGarbage to a call to trigger the
1299 2011-05-16 Oliver Hunt <oliver@apple.com>
1301 Reviewed by Gavin Barraclough.
1303 Reduce code size for inline cache
1304 https://bugs.webkit.org/show_bug.cgi?id=60942
1306 This patch introduces the concept of a "compact" address that
1307 allows individual architectures to control the maximum offset
1308 used for the inline path of get_by_id. This reduces the code
1309 size of get_by_id by 3 bytes on x86 and x86_64 and slightly
1310 improves performance on v8 tests.
1312 * assembler/ARMAssembler.h:
1313 (JSC::ARMAssembler::repatchCompact):
1314 * assembler/ARMv7Assembler.h:
1315 (JSC::ARMv7Assembler::repatchCompact):
1316 * assembler/AbstractMacroAssembler.h:
1317 (JSC::AbstractMacroAssembler::DataLabelCompact::DataLabelCompact):
1318 (JSC::AbstractMacroAssembler::differenceBetween):
1319 (JSC::AbstractMacroAssembler::repatchCompact):
1320 * assembler/CodeLocation.h:
1321 (JSC::CodeLocationDataLabelCompact::CodeLocationDataLabelCompact):
1322 (JSC::CodeLocationCommon::dataLabelCompactAtOffset):
1323 * assembler/LinkBuffer.h:
1324 (JSC::LinkBuffer::locationOf):
1325 * assembler/MIPSAssembler.h:
1326 (JSC::MIPSAssembler::repatchCompact):
1327 * assembler/MacroAssembler.h:
1328 (JSC::MacroAssembler::loadPtrWithCompactAddressOffsetPatch):
1329 * assembler/MacroAssemblerARM.h:
1330 (JSC::MacroAssemblerARM::load32WithCompactAddressOffsetPatch):
1331 * assembler/MacroAssemblerARMv7.h:
1332 (JSC::MacroAssemblerARMv7::load32WithCompactAddressOffsetPatch):
1333 * assembler/MacroAssemblerMIPS.h:
1334 (JSC::MacroAssemblerMIPS::load32WithCompactAddressOffsetPatch):
1335 * assembler/MacroAssemblerSH4.h:
1336 (JSC::MacroAssemblerSH4::load32WithAddressOffsetPatch):
1337 * assembler/MacroAssemblerX86.h:
1338 (JSC::MacroAssemblerX86::repatchCompact):
1339 * assembler/MacroAssemblerX86Common.h:
1340 (JSC::MacroAssemblerX86Common::loadCompactWithAddressOffsetPatch):
1341 * assembler/MacroAssemblerX86_64.h:
1342 (JSC::MacroAssemblerX86_64::loadPtrWithCompactAddressOffsetPatch):
1343 * assembler/RepatchBuffer.h:
1344 (JSC::RepatchBuffer::repatch):
1345 * assembler/SH4Assembler.h:
1346 (JSC::SH4Assembler::repatchCompact):
1347 * assembler/X86Assembler.h:
1348 (JSC::X86Assembler::movl_mr_disp8):
1349 (JSC::X86Assembler::movq_mr_disp8):
1350 (JSC::X86Assembler::repatchCompact):
1351 (JSC::X86Assembler::setInt8):
1352 (JSC::X86Assembler::X86InstructionFormatter::oneByteOp_disp8):
1353 (JSC::X86Assembler::X86InstructionFormatter::oneByteOp64_disp8):
1354 (JSC::X86Assembler::X86InstructionFormatter::memoryModRM):
1356 * jit/JITPropertyAccess.cpp:
1357 (JSC::JIT::compileGetByIdHotPath):
1358 (JSC::JIT::emit_op_put_by_id):
1359 (JSC::JIT::patchGetByIdSelf):
1360 * jit/JITPropertyAccess32_64.cpp:
1361 (JSC::JIT::compileGetByIdHotPath):
1362 (JSC::JIT::emit_op_put_by_id):
1363 (JSC::JIT::patchGetByIdSelf):
1365 (JSC::JITThunks::tryCacheGetByID):
1367 2011-05-16 Sheriff Bot <webkit.review.bot@gmail.com>
1369 Unreviewed, rolling out r86653.
1370 http://trac.webkit.org/changeset/86653
1371 https://bugs.webkit.org/show_bug.cgi?id=60944
1373 "Caused regressions on Windows, OSX and EFL" (Requested by
1376 * DerivedSources.make:
1377 * DerivedSources.pro:
1379 * GNUmakefile.list.am:
1380 * JavaScriptCore.exp:
1381 * JavaScriptCore.gypi:
1382 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1383 * create_hash_table:
1385 (JSC::TypeCounter::operator()):
1386 * interpreter/CallFrame.h:
1387 (JSC::ExecState::arrayTable):
1388 (JSC::ExecState::numberTable):
1389 * runtime/ArrayConstructor.cpp:
1390 (JSC::ArrayConstructor::ArrayConstructor):
1391 * runtime/ArrayConstructor.h:
1392 * runtime/ArrayPrototype.cpp:
1393 (JSC::ArrayPrototype::getOwnPropertySlot):
1394 (JSC::ArrayPrototype::getOwnPropertyDescriptor):
1395 * runtime/ArrayPrototype.h:
1396 * runtime/BooleanPrototype.cpp:
1397 (JSC::BooleanPrototype::BooleanPrototype):
1398 * runtime/BooleanPrototype.h:
1399 * runtime/DateConstructor.cpp:
1400 (JSC::DateConstructor::DateConstructor):
1401 * runtime/DateConstructor.h:
1402 * runtime/ErrorPrototype.cpp:
1403 (JSC::ErrorPrototype::ErrorPrototype):
1404 * runtime/ErrorPrototype.h:
1405 * runtime/JSGlobalData.cpp:
1406 (JSC::JSGlobalData::JSGlobalData):
1407 (JSC::JSGlobalData::~JSGlobalData):
1408 * runtime/JSGlobalData.h:
1409 * runtime/JSGlobalObject.cpp:
1410 (JSC::JSGlobalObject::reset):
1411 * runtime/JSGlobalObject.h:
1412 (JSC::JSGlobalObject::addStaticGlobals):
1413 (JSC::JSGlobalObject::getOwnPropertySlot):
1414 (JSC::JSGlobalObject::getOwnPropertyDescriptor):
1415 * runtime/JSGlobalObjectFunctions.cpp:
1416 (JSC::globalFuncJSCPrint):
1417 * runtime/JSGlobalObjectFunctions.h:
1418 * runtime/MathObject.cpp:
1419 * runtime/NumberConstructor.cpp:
1420 (JSC::NumberConstructor::getOwnPropertySlot):
1421 (JSC::NumberConstructor::getOwnPropertyDescriptor):
1422 * runtime/NumberPrototype.cpp:
1423 (JSC::NumberPrototype::NumberPrototype):
1424 * runtime/NumberPrototype.h:
1425 * runtime/ObjectPrototype.cpp:
1426 (JSC::ObjectPrototype::ObjectPrototype):
1427 (JSC::ObjectPrototype::put):
1428 (JSC::ObjectPrototype::getOwnPropertySlot):
1429 * runtime/ObjectPrototype.h:
1430 * runtime/RegExpPrototype.cpp:
1431 (JSC::RegExpPrototype::RegExpPrototype):
1432 * runtime/RegExpPrototype.h:
1433 * runtime/StringConstructor.cpp:
1434 (JSC::StringConstructor::StringConstructor):
1435 * runtime/StringConstructor.h:
1437 2011-05-16 Geoffrey Garen <ggaren@apple.com>
1439 Reviewed by Geoffrey Garen.
1441 Global object initialization is expensive
1442 https://bugs.webkit.org/show_bug.cgi?id=60933
1444 Changed a bunch of globals to allocate their properties lazily, and changed
1445 the global object to allocate a bunch of its globals lazily.
1447 This reduces the footprint of a global object from 287 objects with 58
1448 functions for 24K to 173 objects with 20 functions for 15K.
1450 Large patch, but it's all mechanical.
1452 * DerivedSources.make:
1453 * JavaScriptCore.exp: Build!
1455 * create_hash_table: Added a special case for fromCharCode, since it uses
1456 a custom "thunk generator".
1459 (JSC::TypeCounter::operator()): Fixed a bug where the type counter would
1460 overcount objects that were owned through more than one mechanism because
1461 it was getting in the way of counting the results for this patch.
1463 * interpreter/CallFrame.h:
1464 (JSC::ExecState::arrayConstructorTable):
1465 (JSC::ExecState::arrayPrototypeTable):
1466 (JSC::ExecState::booleanPrototypeTable):
1467 (JSC::ExecState::dateConstructorTable):
1468 (JSC::ExecState::errorPrototypeTable):
1469 (JSC::ExecState::globalObjectTable):
1470 (JSC::ExecState::numberConstructorTable):
1471 (JSC::ExecState::numberPrototypeTable):
1472 (JSC::ExecState::objectPrototypeTable):
1473 (JSC::ExecState::regExpPrototypeTable):
1474 (JSC::ExecState::stringConstructorTable): Added new tables.
1476 * runtime/ArrayConstructor.cpp:
1477 (JSC::ArrayConstructor::ArrayConstructor):
1478 (JSC::ArrayConstructor::getOwnPropertySlot):
1479 (JSC::ArrayConstructor::getOwnPropertyDescriptor):
1480 * runtime/ArrayConstructor.h:
1481 (JSC::ArrayConstructor::createStructure):
1482 * runtime/ArrayPrototype.cpp:
1483 (JSC::ArrayPrototype::getOwnPropertySlot):
1484 (JSC::ArrayPrototype::getOwnPropertyDescriptor):
1485 * runtime/ArrayPrototype.h:
1486 * runtime/BooleanPrototype.cpp:
1487 (JSC::BooleanPrototype::BooleanPrototype):
1488 (JSC::BooleanPrototype::getOwnPropertySlot):
1489 (JSC::BooleanPrototype::getOwnPropertyDescriptor):
1490 * runtime/BooleanPrototype.h:
1491 (JSC::BooleanPrototype::createStructure):
1492 * runtime/DateConstructor.cpp:
1493 (JSC::DateConstructor::DateConstructor):
1494 (JSC::DateConstructor::getOwnPropertySlot):
1495 (JSC::DateConstructor::getOwnPropertyDescriptor):
1496 * runtime/DateConstructor.h:
1497 (JSC::DateConstructor::createStructure):
1498 * runtime/ErrorPrototype.cpp:
1499 (JSC::ErrorPrototype::ErrorPrototype):
1500 (JSC::ErrorPrototype::getOwnPropertySlot):
1501 (JSC::ErrorPrototype::getOwnPropertyDescriptor):
1502 * runtime/ErrorPrototype.h:
1503 (JSC::ErrorPrototype::createStructure): Standardized these objects
1504 to use static tables for function properties.
1506 * runtime/JSGlobalData.cpp:
1507 (JSC::JSGlobalData::JSGlobalData):
1508 (JSC::JSGlobalData::~JSGlobalData):
1509 * runtime/JSGlobalData.h: Added new tables.
1511 * runtime/JSGlobalObject.cpp:
1512 (JSC::JSGlobalObject::reset):
1513 (JSC::JSGlobalObject::addStaticGlobals):
1514 (JSC::JSGlobalObject::getOwnPropertySlot):
1515 (JSC::JSGlobalObject::getOwnPropertyDescriptor):
1516 * runtime/JSGlobalObject.h:
1517 * runtime/JSGlobalObjectFunctions.cpp:
1518 * runtime/JSGlobalObjectFunctions.h: Changed JSGlobalObject to use a
1519 static table for its global functions. This required uninlining some
1520 things to avoid a circular header dependency. However, those things
1521 probably shouldn't have been inlined in the first place.
1523 Even more global object properties can be made lazy, but that requires
1524 more in-depth changes.
1526 * runtime/MathObject.cpp:
1527 * runtime/NumberConstructor.cpp:
1528 (JSC::NumberConstructor::getOwnPropertySlot):
1529 (JSC::NumberConstructor::getOwnPropertyDescriptor):
1530 * runtime/NumberPrototype.cpp:
1531 (JSC::NumberPrototype::NumberPrototype):
1532 (JSC::NumberPrototype::getOwnPropertySlot):
1533 (JSC::NumberPrototype::getOwnPropertyDescriptor):
1534 * runtime/NumberPrototype.h:
1535 (JSC::NumberPrototype::createStructure):
1536 * runtime/ObjectPrototype.cpp:
1537 (JSC::ObjectPrototype::ObjectPrototype):
1538 (JSC::ObjectPrototype::put):
1539 (JSC::ObjectPrototype::getOwnPropertySlot):
1540 (JSC::ObjectPrototype::getOwnPropertyDescriptor):
1541 * runtime/ObjectPrototype.h:
1542 (JSC::ObjectPrototype::createStructure):
1543 * runtime/RegExpPrototype.cpp:
1544 (JSC::RegExpPrototype::RegExpPrototype):
1545 (JSC::RegExpPrototype::getOwnPropertySlot):
1546 (JSC::RegExpPrototype::getOwnPropertyDescriptor):
1547 * runtime/RegExpPrototype.h:
1548 (JSC::RegExpPrototype::createStructure):
1549 * runtime/StringConstructor.cpp:
1550 (JSC::StringConstructor::StringConstructor):
1551 (JSC::StringConstructor::getOwnPropertySlot):
1552 (JSC::StringConstructor::getOwnPropertyDescriptor):
1553 * runtime/StringConstructor.h:
1554 (JSC::StringConstructor::createStructure): Standardized these objects
1555 to use static tables for function properties.
1557 2011-05-16 David Kilzer <ddkilzer@apple.com>
1559 <http://webkit.org/b/60913> C++ exceptions should not be enabled when building with llvm-gcc-4.2
1560 <rdar://problem/9446430>
1562 Reviewed by Mark Rowe.
1564 * Configurations/Base.xcconfig: Fixed typo.
1566 2011-05-16 Oliver Hunt <oliver@apple.com>
1568 Reviewed by Geoffrey Garen.
1570 JSWeakObjectMap finalisation may occur while gc is in inconsistent state
1571 https://bugs.webkit.org/show_bug.cgi?id=60908
1572 <rdar://problem/9409491>
1574 We need to ensure that we have called all the weak map finalizers while
1575 the global object (and hence global context) is still in a consistent
1576 state. The best way to achieve this is to simply use a weak handle and
1577 finalizer on the global object.
1579 * JavaScriptCore.exp:
1580 * runtime/JSGlobalObject.cpp:
1581 (JSC::JSGlobalObject::WeakMapFinalizer::finalize):
1582 * runtime/JSGlobalObject.h:
1583 (JSC::JSGlobalObject::registerWeakMap):
1585 2011-05-16 Siddharth Mathur <siddharth.mathur@nokia.com>
1587 Reviewed by Laszlo Gombos.
1589 [Qt][WK2][Symbian] Shared memory implementation for Symbian
1590 https://bugs.webkit.org/show_bug.cgi?id=55875
1592 * wtf/Platform.h: Exclude Symbian OS from USE(UNIX_DOMAIN_SOCKETS) users
1594 2011-05-16 Gavin Barraclough <barraclough@apple.com>
1596 Rubber stamped by Geoff Garen.
1598 https://bugs.webkit.org/show_bug.cgi?id=60866
1599 Evaluation order broken for empty alternatives in subpatterns
1601 Reverting https://bugs.webkit.org/show_bug.cgi?id=51395
1603 * yarr/YarrPattern.cpp:
1604 (JSC::Yarr::YarrPatternConstructor::atomParenthesesEnd):
1606 2011-05-15 Gavin Barraclough <barraclough@apple.com>
1608 Reviewed by Geoff Garen & Michael Saboff.
1610 https://bugs.webkit.org/show_bug.cgi?id=60860
1611 Simplify backtracking in YARR JIT
1613 YARR JIT currently performs a single pass of code generation over the pattern,
1614 with special handling to allow the code generation for some backtracking code
1615 out of line. We can simplify things by moving to a common mechanism whereby all
1616 forwards matching code is generated in one pass, and all backtracking code is
1617 generated in another. Backtracking code can be generated in reverse order, to
1618 optimized the common fall-through case.
1620 To make it easier to walk over the pattern, we can first convert to a more
1621 byte-code like format before JIT generating. In time we should unify this with
1622 the YARR interpreter to more closely unify the two.
1625 (JSC::Yarr::YarrGenerator::jumpIfNoAvailableInput):
1626 (JSC::Yarr::YarrGenerator::YarrOp::YarrOp):
1627 (JSC::Yarr::YarrGenerator::BacktrackingState::BacktrackingState):
1628 (JSC::Yarr::YarrGenerator::BacktrackingState::append):
1629 (JSC::Yarr::YarrGenerator::BacktrackingState::fallthrough):
1630 (JSC::Yarr::YarrGenerator::BacktrackingState::link):
1631 (JSC::Yarr::YarrGenerator::BacktrackingState::linkTo):
1632 (JSC::Yarr::YarrGenerator::BacktrackingState::takeBacktracksToJumpList):
1633 (JSC::Yarr::YarrGenerator::BacktrackingState::isEmpty):
1634 (JSC::Yarr::YarrGenerator::BacktrackingState::linkDataLabels):
1635 (JSC::Yarr::YarrGenerator::BacktrackingState::ReturnAddressRecord::ReturnAddressRecord):
1636 (JSC::Yarr::YarrGenerator::generateAssertionBOL):
1637 (JSC::Yarr::YarrGenerator::backtrackAssertionBOL):
1638 (JSC::Yarr::YarrGenerator::generateAssertionEOL):
1639 (JSC::Yarr::YarrGenerator::backtrackAssertionEOL):
1640 (JSC::Yarr::YarrGenerator::matchAssertionWordchar):
1641 (JSC::Yarr::YarrGenerator::generateAssertionWordBoundary):
1642 (JSC::Yarr::YarrGenerator::backtrackAssertionWordBoundary):
1643 (JSC::Yarr::YarrGenerator::generatePatternCharacterOnce):
1644 (JSC::Yarr::YarrGenerator::backtrackPatternCharacterOnce):
1645 (JSC::Yarr::YarrGenerator::generatePatternCharacterFixed):
1646 (JSC::Yarr::YarrGenerator::backtrackPatternCharacterFixed):
1647 (JSC::Yarr::YarrGenerator::generatePatternCharacterGreedy):
1648 (JSC::Yarr::YarrGenerator::backtrackPatternCharacterGreedy):
1649 (JSC::Yarr::YarrGenerator::generatePatternCharacterNonGreedy):
1650 (JSC::Yarr::YarrGenerator::backtrackPatternCharacterNonGreedy):
1651 (JSC::Yarr::YarrGenerator::generateCharacterClassOnce):
1652 (JSC::Yarr::YarrGenerator::backtrackCharacterClassOnce):
1653 (JSC::Yarr::YarrGenerator::generateCharacterClassFixed):
1654 (JSC::Yarr::YarrGenerator::backtrackCharacterClassFixed):
1655 (JSC::Yarr::YarrGenerator::generateCharacterClassGreedy):
1656 (JSC::Yarr::YarrGenerator::backtrackCharacterClassGreedy):
1657 (JSC::Yarr::YarrGenerator::generateCharacterClassNonGreedy):
1658 (JSC::Yarr::YarrGenerator::backtrackCharacterClassNonGreedy):
1659 (JSC::Yarr::YarrGenerator::generateTerm):
1660 (JSC::Yarr::YarrGenerator::backtrackTerm):
1661 (JSC::Yarr::YarrGenerator::generate):
1662 (JSC::Yarr::YarrGenerator::backtrack):
1663 (JSC::Yarr::YarrGenerator::opCompileParenthesesSubpattern):
1664 (JSC::Yarr::YarrGenerator::opCompileParentheticalAssertion):
1665 (JSC::Yarr::YarrGenerator::opCompileAlternative):
1666 (JSC::Yarr::YarrGenerator::opCompileBody):
1667 (JSC::Yarr::YarrGenerator::YarrGenerator):
1668 (JSC::Yarr::YarrGenerator::compile):
1670 2011-05-15 Adam Barth <abarth@webkit.org>
1672 Enable strict PassOwnPtr on Qt. (Build fixes to follow.)
1676 2011-05-15 Geoffrey Garen <ggaren@apple.com>
1678 Reviewed by Maciej Stachowiak.
1680 Partial fix for <rdar://problem/9417875> REGRESSION: SunSpider ~17% slower
1681 in browser than on command line
1683 This patch fixes a few issues in generated code that could unreasonably
1684 prolong object lifetimes.
1687 (JSC::Heap::collectAllGarbage): Throw away all function code before doing
1688 a major collection. We want to clear polymorphic caches, since they can
1689 keep alive large object graphs that have gone "stale". For the same reason,
1690 but to a lesser extent, we also want to clear linked functions and other
1693 This has the side-benefit of reducing memory footprint from run-once
1694 functions, and of allowing predictions and caches that have failed to
1697 Eventually, if compilation costs rise far enough, we may want a more
1698 limited strategy for de-specializing code without throwing it away
1699 completely, but this works for now, and it's the simplest solution.
1702 (JSC::JITThunks::hostFunctionStub):
1704 * runtime/JSFunction.cpp: Made the host function stub cache weak --
1705 otherwise it's effectively a memory leak that can seriously fragment the
1708 (JSC::JSFunction::JSFunction):
1709 (JSC::JSFunction::visitChildren): Cleared up some comments that confused
1710 me when working with this code.
1712 2011-05-13 Oliver Hunt <oliver@apple.com>
1714 Reviewed by Geoffrey Garen.
1716 Make GC validation more aggressive
1717 https://bugs.webkit.org/show_bug.cgi?id=60802
1719 This patch makes the checks performed under GC_VALIDATION
1720 much more aggressive, and adds the checks to more places
1721 in order to allow us to catch GC bugs much closer to the
1724 * JavaScriptCore.exp:
1725 * JavaScriptCore.xcodeproj/project.pbxproj:
1726 * debugger/DebuggerActivation.cpp:
1727 (JSC::DebuggerActivation::visitChildren):
1728 * heap/MarkedBlock.cpp:
1729 (JSC::MarkedBlock::MarkedBlock):
1730 * heap/MarkedSpace.cpp:
1731 * runtime/Arguments.cpp:
1732 (JSC::Arguments::visitChildren):
1733 * runtime/Executable.cpp:
1734 (JSC::EvalExecutable::visitChildren):
1735 (JSC::ProgramExecutable::visitChildren):
1736 (JSC::FunctionExecutable::visitChildren):
1737 * runtime/Executable.h:
1738 * runtime/GetterSetter.cpp:
1739 (JSC::GetterSetter::visitChildren):
1740 * runtime/GetterSetter.h:
1741 * runtime/JSAPIValueWrapper.h:
1742 (JSC::JSAPIValueWrapper::createStructure):
1743 (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1744 * runtime/JSActivation.cpp:
1745 (JSC::JSActivation::visitChildren):
1746 * runtime/JSArray.cpp:
1747 (JSC::JSArray::visitChildren):
1748 * runtime/JSCell.cpp:
1749 (JSC::slowValidateCell):
1751 (JSC::JSCell::JSCell::unvalidatedStructure):
1752 (JSC::JSCell::JSCell::JSCell):
1753 * runtime/JSFunction.cpp:
1754 (JSC::JSFunction::visitChildren):
1755 * runtime/JSGlobalObject.cpp:
1756 (JSC::JSGlobalObject::visitChildren):
1757 (JSC::slowValidateCell):
1758 * runtime/JSONObject.h:
1759 * runtime/JSObject.cpp:
1760 (JSC::JSObject::visitChildren):
1761 * runtime/JSPropertyNameIterator.cpp:
1762 (JSC::JSPropertyNameIterator::visitChildren):
1763 * runtime/JSPropertyNameIterator.h:
1764 * runtime/JSStaticScopeObject.cpp:
1765 (JSC::JSStaticScopeObject::visitChildren):
1766 * runtime/JSString.h:
1767 (JSC::RopeBuilder::JSString):
1768 * runtime/JSWrapperObject.cpp:
1769 (JSC::JSWrapperObject::visitChildren):
1770 * runtime/NativeErrorConstructor.cpp:
1771 (JSC::NativeErrorConstructor::visitChildren):
1772 * runtime/PropertyMapHashTable.h:
1773 (JSC::PropertyMapEntry::PropertyMapEntry):
1774 * runtime/RegExpObject.cpp:
1775 (JSC::RegExpObject::visitChildren):
1776 * runtime/ScopeChain.cpp:
1777 (JSC::ScopeChainNode::visitChildren):
1778 * runtime/ScopeChain.h:
1779 (JSC::ScopeChainNode::ScopeChainNode):
1780 * runtime/Structure.cpp:
1781 (JSC::Structure::Structure):
1782 (JSC::Structure::addPropertyTransition):
1783 (JSC::Structure::visitChildren):
1784 * runtime/Structure.h:
1785 (JSC::JSCell::classInfo):
1786 * runtime/StructureChain.cpp:
1787 (JSC::StructureChain::visitChildren):
1788 * runtime/StructureChain.h:
1789 * runtime/WriteBarrier.h:
1790 (JSC::validateCell):
1792 (JSC::JSGlobalObject):
1793 (JSC::WriteBarrierBase::set):
1794 (JSC::WriteBarrierBase::setMayBeNull):
1795 (JSC::WriteBarrierBase::setEarlyValue):
1796 (JSC::WriteBarrierBase::get):
1797 (JSC::WriteBarrierBase::operator*):
1798 (JSC::WriteBarrierBase::operator->):
1799 (JSC::WriteBarrierBase::unvalidatedGet):
1800 (JSC::WriteBarrier::WriteBarrier):
1803 2011-05-13 Oliver Hunt <oliver@apple.com>
1805 Reviewed by Geoffrey Garen.
1807 Make GC validation more aggressive
1808 https://bugs.webkit.org/show_bug.cgi?id=60802
1810 This patch makes the checks performed under GC_VALIDATION
1811 much more aggressive, and adds the checks to more places
1812 in order to allow us to catch GC bugs much closer to the
1815 * JavaScriptCore.exp:
1816 * JavaScriptCore.xcodeproj/project.pbxproj:
1817 * debugger/DebuggerActivation.cpp:
1818 (JSC::DebuggerActivation::visitChildren):
1819 * heap/MarkedBlock.cpp:
1820 (JSC::MarkedBlock::MarkedBlock):
1821 * heap/MarkedSpace.cpp:
1822 * runtime/Arguments.cpp:
1823 (JSC::Arguments::visitChildren):
1824 * runtime/Executable.cpp:
1825 (JSC::EvalExecutable::visitChildren):
1826 (JSC::ProgramExecutable::visitChildren):
1827 (JSC::FunctionExecutable::visitChildren):
1828 * runtime/Executable.h:
1829 * runtime/GetterSetter.cpp:
1830 (JSC::GetterSetter::visitChildren):
1831 * runtime/GetterSetter.h:
1832 * runtime/JSAPIValueWrapper.h:
1833 (JSC::JSAPIValueWrapper::createStructure):
1834 (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
1835 * runtime/JSActivation.cpp:
1836 (JSC::JSActivation::visitChildren):
1837 * runtime/JSArray.cpp:
1838 (JSC::JSArray::visitChildren):
1839 * runtime/JSCell.cpp:
1840 (JSC::slowValidateCell):
1842 (JSC::JSCell::JSCell::unvalidatedStructure):
1843 (JSC::JSCell::JSCell::JSCell):
1844 * runtime/JSFunction.cpp:
1845 (JSC::JSFunction::visitChildren):
1846 * runtime/JSGlobalObject.cpp:
1847 (JSC::JSGlobalObject::visitChildren):
1848 (JSC::slowValidateCell):
1849 * runtime/JSONObject.h:
1850 * runtime/JSObject.cpp:
1851 (JSC::JSObject::visitChildren):
1852 * runtime/JSPropertyNameIterator.cpp:
1853 (JSC::JSPropertyNameIterator::visitChildren):
1854 * runtime/JSPropertyNameIterator.h:
1855 * runtime/JSStaticScopeObject.cpp:
1856 (JSC::JSStaticScopeObject::visitChildren):
1857 * runtime/JSString.h:
1858 (JSC::RopeBuilder::JSString):
1859 * runtime/JSWrapperObject.cpp:
1860 (JSC::JSWrapperObject::visitChildren):
1861 * runtime/NativeErrorConstructor.cpp:
1862 (JSC::NativeErrorConstructor::visitChildren):
1863 * runtime/PropertyMapHashTable.h:
1864 (JSC::PropertyMapEntry::PropertyMapEntry):
1865 * runtime/RegExpObject.cpp:
1866 (JSC::RegExpObject::visitChildren):
1867 * runtime/ScopeChain.cpp:
1868 (JSC::ScopeChainNode::visitChildren):
1869 * runtime/ScopeChain.h:
1870 (JSC::ScopeChainNode::ScopeChainNode):
1871 * runtime/Structure.cpp:
1872 (JSC::Structure::Structure):
1873 (JSC::Structure::addPropertyTransition):
1874 (JSC::Structure::visitChildren):
1875 * runtime/Structure.h:
1876 (JSC::JSCell::classInfo):
1877 * runtime/StructureChain.cpp:
1878 (JSC::StructureChain::visitChildren):
1879 * runtime/StructureChain.h:
1880 * runtime/WriteBarrier.h:
1881 (JSC::validateCell):
1883 (JSC::JSGlobalObject):
1884 (JSC::WriteBarrierBase::set):
1885 (JSC::WriteBarrierBase::setMayBeNull):
1886 (JSC::WriteBarrierBase::setEarlyValue):
1887 (JSC::WriteBarrierBase::get):
1888 (JSC::WriteBarrierBase::operator*):
1889 (JSC::WriteBarrierBase::operator->):
1890 (JSC::WriteBarrierBase::unvalidatedGet):
1891 (JSC::WriteBarrier::WriteBarrier):
1894 2011-05-14 Csaba Osztrogonác <ossy@webkit.org>
1896 Unreviewed, rolling out r86469 and r86471, because they made hundreds tests crash on Qt.
1898 Make GC validation more aggressive
1899 https://bugs.webkit.org/show_bug.cgi?id=60802
1901 * JavaScriptCore.exp:
1902 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1903 * JavaScriptCore.xcodeproj/project.pbxproj:
1904 * debugger/DebuggerActivation.cpp:
1905 (JSC::DebuggerActivation::visitChildren):
1906 * heap/MarkedBlock.cpp:
1907 (JSC::MarkedBlock::MarkedBlock):
1908 * heap/MarkedSpace.cpp:
1909 * runtime/Arguments.cpp:
1910 (JSC::Arguments::visitChildren):
1911 * runtime/Executable.cpp:
1912 (JSC::EvalExecutable::visitChildren):
1913 (JSC::ProgramExecutable::visitChildren):
1914 (JSC::FunctionExecutable::visitChildren):
1915 * runtime/Executable.h:
1916 (JSC::ProgramExecutable::createStructure):
1917 (JSC::FunctionExecutable::createStructure):
1918 * runtime/GetterSetter.cpp:
1919 (JSC::GetterSetter::visitChildren):
1920 * runtime/GetterSetter.h:
1921 (JSC::GetterSetter::createStructure):
1922 * runtime/JSAPIValueWrapper.h:
1923 (JSC::JSAPIValueWrapper::createStructure):
1924 * runtime/JSActivation.cpp:
1925 (JSC::JSActivation::visitChildren):
1926 * runtime/JSArray.cpp:
1927 (JSC::JSArray::visitChildren):
1928 * runtime/JSCell.cpp:
1930 (JSC::JSCell::JSCell::JSCell):
1931 * runtime/JSFunction.cpp:
1932 (JSC::JSFunction::visitChildren):
1933 * runtime/JSGlobalObject.cpp:
1934 (JSC::JSGlobalObject::visitChildren):
1935 * runtime/JSONObject.h:
1936 (JSC::JSONObject::createStructure):
1937 * runtime/JSObject.cpp:
1938 (JSC::JSObject::visitChildren):
1939 * runtime/JSPropertyNameIterator.cpp:
1940 (JSC::JSPropertyNameIterator::visitChildren):
1941 * runtime/JSPropertyNameIterator.h:
1942 * runtime/JSStaticScopeObject.cpp:
1943 (JSC::JSStaticScopeObject::visitChildren):
1944 * runtime/JSString.h:
1945 (JSC::RopeBuilder::createStructure):
1946 * runtime/JSWrapperObject.cpp:
1947 (JSC::JSWrapperObject::visitChildren):
1948 * runtime/NativeErrorConstructor.cpp:
1949 (JSC::NativeErrorConstructor::visitChildren):
1950 * runtime/PropertyMapHashTable.h:
1951 (JSC::PropertyMapEntry::PropertyMapEntry):
1952 * runtime/RegExpObject.cpp:
1953 (JSC::RegExpObject::visitChildren):
1954 * runtime/ScopeChain.cpp:
1955 (JSC::ScopeChainNode::visitChildren):
1956 * runtime/ScopeChain.h:
1957 (JSC::ScopeChainNode::ScopeChainNode):
1958 * runtime/Structure.cpp:
1959 (JSC::Structure::Structure):
1960 (JSC::Structure::addPropertyTransition):
1961 (JSC::Structure::visitChildren):
1962 * runtime/Structure.h:
1963 (JSC::Structure::createStructure):
1964 (JSC::JSCell::classInfo):
1965 * runtime/StructureChain.cpp:
1966 (JSC::StructureChain::visitChildren):
1967 * runtime/StructureChain.h:
1968 * runtime/WriteBarrier.h:
1969 (JSC::WriteBarrierBase::set):
1970 (JSC::WriteBarrierBase::get):
1971 (JSC::WriteBarrierBase::operator*):
1972 (JSC::WriteBarrierBase::operator->):
1973 (JSC::WriteBarrier::WriteBarrier):
1976 2011-05-13 Oliver Hunt <oliver@apple.com>
1978 Reviewed by Geoffrey Garen.
1980 Make GC validation more aggressive
1981 https://bugs.webkit.org/show_bug.cgi?id=60802
1983 This patch makes the checks performed under GC_VALIDATION
1984 much more aggressive, and adds the checks to more places
1985 in order to allow us to catch GC bugs much closer to the
1988 * JavaScriptCore.exp:
1989 * JavaScriptCore.xcodeproj/project.pbxproj:
1990 * debugger/DebuggerActivation.cpp:
1991 (JSC::DebuggerActivation::visitChildren):
1992 * heap/MarkedBlock.cpp:
1993 (JSC::MarkedBlock::MarkedBlock):
1994 * heap/MarkedSpace.cpp:
1995 * runtime/Arguments.cpp:
1996 (JSC::Arguments::visitChildren):
1997 * runtime/Executable.cpp:
1998 (JSC::EvalExecutable::visitChildren):
1999 (JSC::ProgramExecutable::visitChildren):
2000 (JSC::FunctionExecutable::visitChildren):
2001 * runtime/Executable.h:
2002 * runtime/GetterSetter.cpp:
2003 (JSC::GetterSetter::visitChildren):
2004 * runtime/GetterSetter.h:
2005 * runtime/JSAPIValueWrapper.h:
2006 (JSC::JSAPIValueWrapper::createStructure):
2007 (JSC::JSAPIValueWrapper::JSAPIValueWrapper):
2008 * runtime/JSActivation.cpp:
2009 (JSC::JSActivation::visitChildren):
2010 * runtime/JSArray.cpp:
2011 (JSC::JSArray::visitChildren):
2012 * runtime/JSCell.cpp:
2013 (JSC::slowValidateCell):
2015 (JSC::JSCell::JSCell::unvalidatedStructure):
2016 (JSC::JSCell::JSCell::JSCell):
2017 * runtime/JSFunction.cpp:
2018 (JSC::JSFunction::visitChildren):
2019 * runtime/JSGlobalObject.cpp:
2020 (JSC::JSGlobalObject::visitChildren):
2021 (JSC::slowValidateCell):
2022 * runtime/JSONObject.h:
2023 * runtime/JSObject.cpp:
2024 (JSC::JSObject::visitChildren):
2025 * runtime/JSPropertyNameIterator.cpp:
2026 (JSC::JSPropertyNameIterator::visitChildren):
2027 * runtime/JSPropertyNameIterator.h:
2028 * runtime/JSStaticScopeObject.cpp:
2029 (JSC::JSStaticScopeObject::visitChildren):
2030 * runtime/JSString.h:
2031 (JSC::RopeBuilder::JSString):
2032 * runtime/JSWrapperObject.cpp:
2033 (JSC::JSWrapperObject::visitChildren):
2034 * runtime/NativeErrorConstructor.cpp:
2035 (JSC::NativeErrorConstructor::visitChildren):
2036 * runtime/PropertyMapHashTable.h:
2037 (JSC::PropertyMapEntry::PropertyMapEntry):
2038 * runtime/RegExpObject.cpp:
2039 (JSC::RegExpObject::visitChildren):
2040 * runtime/ScopeChain.cpp:
2041 (JSC::ScopeChainNode::visitChildren):
2042 * runtime/ScopeChain.h:
2043 (JSC::ScopeChainNode::ScopeChainNode):
2044 * runtime/Structure.cpp:
2045 (JSC::Structure::Structure):
2046 (JSC::Structure::addPropertyTransition):
2047 (JSC::Structure::visitChildren):
2048 * runtime/Structure.h:
2049 (JSC::JSCell::classInfo):
2050 * runtime/StructureChain.cpp:
2051 (JSC::StructureChain::visitChildren):
2052 * runtime/StructureChain.h:
2053 * runtime/WriteBarrier.h:
2054 (JSC::validateCell):
2056 (JSC::JSGlobalObject):
2057 (JSC::WriteBarrierBase::set):
2058 (JSC::WriteBarrierBase::setMayBeNull):
2059 (JSC::WriteBarrierBase::setEarlyValue):
2060 (JSC::WriteBarrierBase::get):
2061 (JSC::WriteBarrierBase::operator*):
2062 (JSC::WriteBarrierBase::operator->):
2063 (JSC::WriteBarrierBase::unvalidatedGet):
2064 (JSC::WriteBarrier::WriteBarrier):
2067 2011-05-01 Holger Hans Peter Freyther <holger@moiji-mobile.com>
2069 Reviewed by Steve Block.
2071 [android] OS(ANDROID) does not imply PLATFORM(ANDROID)
2072 https://bugs.webkit.org/show_bug.cgi?id=59888
2074 It is possible to build QtWebKit and others for OS(ANDROID). Let
2075 the buildsystem decide which platform is to be build.
2079 2011-05-12 Maciej Stachowiak <mjs@apple.com>
2081 Reviewed by Darin Adler.
2083 XMLDocumentParserLibxml2 should play nice with strict OwnPtrs
2084 https://bugs.webkit.org/show_bug.cgi?id=59394
2086 This portion of the change introduces a PassTraits template, which
2087 is used to enable takeFirst() to work for a Deque holding OwnPtrs,
2088 and optimize it for a Deque holding RefPtrs. In the future it can
2089 be deployed elsewhere to make our data structures work better with
2092 * GNUmakefile.list.am:
2093 * JavaScriptCore.gypi:
2094 * JavaScriptCore.vcproj/WTF/WTF.vcproj:
2095 * JavaScriptCore.xcodeproj/project.pbxproj:
2096 * wtf/CMakeLists.txt:
2099 * wtf/PassTraits.h: Added.
2100 (WTF::PassTraits::transfer):
2102 2011-05-12 Nikolas Zimmermann <nzimmermann@rim.com>
2106 Revert r86334, it broke the win build. WinCE build is fixed even without this patch. WinCairo remains broken atm, everything else works.
2108 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2110 2011-05-12 Nikolas Zimmermann <nzimmermann@rim.com>
2114 String operator+ reallocates unnecessarily when concatting > 2 strings
2115 https://bugs.webkit.org/show_bug.cgi?id=58420
2117 Try to fix WinCE/WinCairo linking by exporting three symbols, not sure whether it's correct though. Win worked just fine before.
2119 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2121 2011-05-12 Nikolas Zimmermann <nzimmermann@rim.com>
2123 Reviewed by Darin Adler.
2125 String operator+ reallocates unnecessarily when concatting > 2 strings
2126 https://bugs.webkit.org/show_bug.cgi?id=58420
2128 Provide a faster String append operator.
2129 Up until now, "String operator+(const String& a, const String& b)" copied String a into a temporary
2130 object, and used a.append(b), which reallocates a new buffer of aLength+bLength. When concatting
2131 N strings using operator+, this leads to N-1 reallocations.
2133 Replace this with a flexible operator+ implementation, that avoids these reallocations.
2134 When concatting a 'String' with any string type (char*, UChar, Vector<char>, String, AtomicString, etc..)
2135 a StringAppend<String, T> object is created, which holds the intermediate string objects, and delays
2136 creation of the final string, until operator String() is invoked.
2138 template<typename T>
2139 StringAppend<String, T> operator+(const String& string1, T string2)
2141 return StringAppend<String, T>(string1, string2);
2144 template<typename U, typename V, typename W>
2145 StringAppend<U, StringAppend<V, W> > operator+(U string1, const StringAppend<V, W>& string2)
2147 return StringAppend<U, StringAppend<V, W> >(string1, string2);
2150 When concatting three strings - "String a, b, c; String result = a + b + c;" following happens:
2151 first a StringAppend<String, String> object is created by operator+(const String& string1, String string2).
2152 Then operator+(String string1, const StringAppend<String, String>& string2) is invoked, which returns
2153 a StringAppend<String, StringAppend<String, String> > object.
2154 Then operator String() is invoked, which allocates a StringImpl object, once, large enough to hold the
2155 final string - it uses tryMakeString provided by StringConcatenate.h under the hoods, which guards us
2156 against too big string allocations, etc.
2158 Note that the second template, defines a recursive way to concat an arbitary number of strings
2159 into a single String with just one allocation.
2161 * GNUmakefile.list.am: Add StringOperators.h to build.
2162 * JavaScriptCore.exp: Export WTF::emptyString(). Remove no longer needed symbols.
2163 * JavaScriptCore.gypi: Add StringOperators.h to build.
2164 * JavaScriptCore.vcproj/WTF/WTF.vcproj: Ditto.
2165 * JavaScriptCore.xcodeproj/project.pbxproj: Ditto.
2166 * wtf/text/AtomicString.h: Pull in StringConcatenate.h at the end of the file.
2167 * wtf/text/StringConcatenate.h: Conditionally include AtomicString.h to avoid a cyclic dependency. Pull in StringOperators.h at the end of the file.
2168 * wtf/text/StringOperators.h: Added. This is never meant to be included directly, including either WTFString.h or AtomicString.h automatically pulls in this file.
2169 (WTF::StringAppend::StringAppend):
2170 (WTF::StringAppend::operator String):
2171 (WTF::StringAppend::operator AtomicString):
2172 (WTF::StringAppend::writeTo):
2173 (WTF::StringAppend::length):
2175 * wtf/text/WTFString.cpp: Remove operator+ implementations that use String::append().
2176 (WTF::emptyString): Add new shared empty string free function.
2177 * wtf/text/WTFString.h: Replace operator+ implementations by StringAppend template solution. Pull in AtomicString.h at the end of the file.
2179 2011-05-12 Philippe Normand <pnormand@igalia.com>
2181 Unreviewed, GTK build fix.
2185 2011-05-12 Keith Kyzivat <keith.kyzivat@nokia.com>
2187 Reviewed by Csaba Osztrogonác.
2189 [Qt] Arm debug build failing on ARMAssembler::debugOffset()
2190 https://bugs.webkit.org/show_bug.cgi?id=60688
2192 Related to svn rev 85523
2194 * assembler/ARMAssembler.h:
2195 (JSC::ARMAssembler::debugOffset):
2197 2011-05-11 Igor Oliveira <igor.oliveira@openbossa.org>
2199 Reviewed by Eric Seidel.
2201 WebKit does not build with GCCE
2202 https://bugs.webkit.org/show_bug.cgi?id=60667
2204 Allow compile WebKit with GCCE
2209 2011-05-11 Adam Barth <abarth@webkit.org>
2211 Reviewed by Eric Seidel.
2213 Enable strict PassOwnPtr on Mac
2214 https://bugs.webkit.org/show_bug.cgi?id=60684
2216 This should build cleanly now.
2220 2011-05-11 Oliver Hunt <oliver@apple.com>
2222 Reviewed by Darin Adler.
2224 Protect JSC from WebCore executing JS during JS wrapper finalization
2225 https://bugs.webkit.org/show_bug.cgi?id=60672
2226 <rdar://problem/9350997>
2228 Detect when we're trying to execute JS during GC and prevent the
2229 execution from happening. We also assert that this isn't happening
2230 as it implies incorrect behaviour of an object's destructor.
2232 * JavaScriptCore.exp:
2235 (JSC::Heap::isBusy):
2236 * interpreter/Interpreter.cpp:
2237 (JSC::Interpreter::execute):
2238 (JSC::Interpreter::executeCall):
2239 (JSC::Interpreter::executeConstruct):
2240 * runtime/JSGlobalData.h:
2241 (JSC::JSGlobalData::isCollectorBusy):
2243 2011-05-11 Oliver Hunt <oliver@apple.com>
2245 Reviewed by Gavin Barraclough.
2247 Enable gc mark validation in temporarily in release builds
2248 https://bugs.webkit.org/show_bug.cgi?id=60678
2250 Make it easier to turn the gc mark validation on and off, and
2251 temporarily turn it on for all builds.
2253 * heap/MarkStack.cpp:
2255 (JSC::MarkStack::append):
2256 (JSC::MarkStack::internalAppend):
2257 * runtime/WriteBarrier.h:
2258 (JSC::MarkStack::appendValues):
2261 2011-05-11 Geoffrey Garen <ggaren@apple.com>
2263 Reviewed by Oliver Hunt.
2265 <rdar://problem/9331651> REGRESSION: RPRVT grows by 1MB / sec @ dvd2blu.com
2267 SunSpider reports no change.
2269 This bug was caused by changing Structure and Executable to being GC
2270 objects, and by a long-standing bug that would thrash the global object
2271 between dictionary and non-dictionary states.
2273 * runtime/BatchedTransitionOptimizer.h:
2274 (JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer): Don't
2275 eagerly transition to dictionary -- this can cause pathological dictionary
2276 churn, and it's not necessary, since objects know how to automatically
2277 transition to dictionary when necessary.
2279 * runtime/Executable.cpp:
2280 (JSC::EvalExecutable::compileInternal):
2281 (JSC::ProgramExecutable::compileInternal):
2282 (JSC::FunctionExecutable::compileForCallInternal):
2283 (JSC::FunctionExecutable::compileForConstructInternal): Be sure to report
2284 extra cost from compilation, because it can be quite high. This is especially
2285 important for program code, since DOM timers can repeatedly allocate
2286 program code without allocating any other objects.
2288 * runtime/JSObject.cpp:
2289 (JSC::JSObject::removeDirect): Don't transition to the uncacheable state
2290 if the thing we're trying to remove doesn't exist. This can happen during
2291 compilation, since the compiler needs to ensure that no pre-existing
2292 conflicting definitions exist for certain declarations.
2294 2011-05-11 Oliver Hunt <oliver@apple.com>
2296 Reviewed by Gavin Barraclough.
2298 Make mark stack validation functions do something useful in a release build
2299 https://bugs.webkit.org/show_bug.cgi?id=60645
2301 Turn ASSERTs into actual if(...) CRASH(); statements.
2303 * heap/MarkStack.cpp:
2304 (JSC::MarkStack::validateValue):
2306 2011-05-11 Xan Lopez <xlopez@igalia.com>
2308 Reviewed by Martin Robinson.
2310 Fix copy&paste error in comment.
2312 * jit/JITPropertyAccess.cpp:
2313 (JSC::JIT::stringGetByValStubGenerator): the value is stored in
2316 2011-05-11 Adam Roben <aroben@apple.com>
2318 WinCE build fixes for strict PassOwnPtr
2320 * wtf/unicode/CollatorDefault.cpp:
2321 (WTF::Collator::userDefault): Use adoptPtr.
2323 2011-05-11 Holger Hans Peter Freyther <holger@moiji-mobile.com>
2325 Unreviewed build fix.
2327 [MIPS] Fix compilation of the MIPS JIT
2329 Include the MIPSAssembler.h first to indirectly include
2330 AssemblerBuffer.h before the AbstractMacroAssembler.h. This
2331 order is used for the ARM and X86 MacroAssembler*.h
2333 * assembler/MacroAssemblerMIPS.h:
2335 2011-05-11 Adam Roben <aroben@apple.com>
2337 Turn on strict PassOwnPtr on Windows
2339 Fixes <http://webkit.org/b/60632> Windows should build with strict PassOwnPtr enabled
2341 Reviewed by Adam Barth.
2345 2011-05-10 Stephanie Lewis <slewis@apple.com>
2349 Revert accidental JavaScriptCore change in http://trac.webkit.org/changeset/86130
2351 * Configurations/JavaScriptCore.xcconfig:
2353 2011-05-10 Adam Barth <abarth@webkit.org>
2355 Reviewed by David Levin.
2357 Enable strict PassOwnPtr on Chromium
2358 https://bugs.webkit.org/show_bug.cgi?id=60502
2360 Other platforms to follow.
2364 2011-05-10 Geoffrey Garen <ggaren@apple.com>
2366 Reviewed by Darin Adler.
2368 Fixed up some #include dependencies so the WriteBarrier class can actually call Heap::writeBarrier
2369 https://bugs.webkit.org/show_bug.cgi?id=60532
2371 * GNUmakefile.list.am:
2372 * JavaScriptCore.gypi:
2373 * JavaScriptCore.xcodeproj/project.pbxproj: Build!
2375 * heap/Handle.h: Moved HandleTypes to its own header because that's the
2376 WebKit style, and it was necessary to resolve a circular dependency
2377 between Handle.h and WriteBarrier.h.
2380 (JSC::Heap::writeBarrier): Added an inline no-op writeBarrier(), to
2381 verify that all the code is in the right place.
2383 * heap/MarkStack.h: Moved WriteBarrier operations to WriteBarrier.h to
2384 resolve a circular dependency.
2386 * runtime/ArgList.h:
2387 * runtime/JSCell.h: #include WriteBarrier.h since we don't get it for
2390 * runtime/PropertyMapHashTable.h:
2391 (JSC::PropertyTable::PropertyTable): Call the real writeBarrier()
2392 function, now that it exists.
2394 * runtime/SmallStrings.h: Removed a stray #include to resolve a circular
2397 * runtime/WriteBarrier.h:
2398 (JSC::WriteBarrierBase::set):
2399 (JSC::MarkStack::append):
2400 (JSC::MarkStack::appendValues): Updated to match the changes above.
2402 2011-05-10 Oliver Hunt <oliver@apple.com>
2406 * heap/MarkStack.cpp:
2407 (JSC::MarkStack::validateValue):
2409 2011-05-10 Oliver Hunt <oliver@apple.com>
2411 Reviewed by Gavin Barraclough.
2413 Add some aggressive GC validation to debug builds.
2414 https://bugs.webkit.org/show_bug.cgi?id=60601
2416 When assertions are enabled we now do some validity checking
2417 of objects being added to the mark stack.
2419 * bytecode/Instruction.h:
2420 (JSC::PolymorphicAccessStructureList::PolymorphicStubInfo::PolymorphicStubInfo):
2421 (JSC::PolymorphicAccessStructureList::visitAggregate):
2422 * heap/MarkStack.cpp:
2423 (JSC::MarkStack::validateSet):
2424 (JSC::MarkStack::validateValue):
2426 (JSC::MarkStack::appendValues):
2427 (JSC::MarkStack::append):
2428 (JSC::MarkStack::internalAppend):
2430 2011-05-09 Darin Adler <darin@apple.com>
2432 Reviewed by Oliver Hunt.
2434 http://bugs.webkit.org/show_bug.cgi?id=60509
2435 Wrong type used for return value from strlen
2437 * wtf/FastMalloc.cpp:
2438 (WTF::fastStrDup): Use size_t. Also don't bother checking for failure since
2439 fastMalloc won't return if it fails.
2441 2011-05-09 Adam Barth <abarth@webkit.org>
2443 Reviewed by Eric Seidel.
2445 CSP should block Function constructor
2446 https://bugs.webkit.org/show_bug.cgi?id=60240
2448 When eval is disabled, we need to block the use of the function
2449 constructor. However, the WebCore JSC bindings call the function
2450 constructor directly to create inline event listeners. To support that
2451 use, this patch adds an entrypoint that bypasses the check for whether
2454 * JavaScriptCore.exp:
2455 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2456 * runtime/FunctionConstructor.cpp:
2457 (JSC::constructFunction):
2458 (JSC::constructFunctionSkippingEvalEnabledCheck):
2459 * runtime/FunctionConstructor.h:
2461 2011-05-09 Adam Roben <aroben@apple.com>
2463 Automatically touch WebKit.idl whenever any other WebKit1 IDL file changes
2465 Fixes <http://webkit.org/b/60468> WebKit.idl needs to be manually touched whenever any other
2466 WebKit1 IDL file changes to avoid build errors
2468 Reviewed by Tim Hatcher.
2470 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.make:
2471 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreGenerated.vcproj:
2472 Updated for script rename.
2474 * JavaScriptCore.vcproj/JavaScriptCore/react-to-vsprops-changes.py: Removed.
2475 * JavaScriptCore.vcproj/JavaScriptCore/work-around-vs-dependency-tracking-bugs.py: Renamed
2476 from react-to-vsprops-changes.py.
2477 (top level): Moved a constant here from main.
2478 (main): Moved most code from here to react_to_vsprops_changes. Added a call to the new
2479 react_to_webkit1_interface_changes function.
2480 (react_to_vsprops_changes): Moved code here from main. Updated to use the
2481 TOP_LEVEL_DIRECTORY global. Moved some code from here to mtime_of_newest_file_matching_globa
2482 and touch_if_older_than.
2483 (react_to_webkit1_interface_changes): Added. Touches WebKit.idl if any other WebKit1 IDL
2485 (mtime_of_newest_file_matching_glob): Added. Code came from main.
2486 (touch_if_older_than): Added. Code came from main.
2488 2011-05-08 Jessie Berlin <jberlin@apple.com>
2490 Reviewed by Dan Bernstein.
2492 Make JSRetainPtr work with JSGlobalContextRefs.
2493 https://bugs.webkit.org/show_bug.cgi?id=60452
2495 Add specialized functions for JSRetain and JSRelease when dealing with JSGlobalContextRefs.
2497 * API/JSRetainPtr.h:
2501 2011-05-07 Dawit Alemayehu <adawit@kde.org>
2503 Reviewed by Daniel Bates.
2505 Fix compile with GCC 4.6.0
2506 https://bugs.webkit.org/show_bug.cgi?id=60380
2508 Remove unused local variable from code.
2510 * runtime/StringPrototype.cpp:
2511 (JSC::stringProtoFuncMatch):
2513 2011-05-06 Alexis Menard <alexis.menard@openbossa.org>
2515 Unreviewed build fix with gcc 4.6.0 on linux and c++0x support.
2517 std::tr1::has_trivial_constructor is in <tr1/memory>.
2521 2011-05-05 Jay Civelli <jcivelli@chromium.org>
2523 Reviewed by Adam Barth.
2525 Added convenience methods to convert from a byte to hex ASCII digit
2526 characters and vice-versa.
2527 https://bugs.webkit.org/show_bug.cgi?id=59834
2530 (WTF::toASCIIHexValue):
2531 (WTF::lowerNibbleToASCIIHexDigit):
2532 (WTF::upperNibbleToASCIIHexDigit):
2534 2011-05-05 Alexis Menard <alexis.menard@openbossa.org>
2536 Reviewed by Benjamin Poulain.
2538 [Qt] Make QtWebKit build when using gcc 4.6.0
2539 https://bugs.webkit.org/show_bug.cgi?id=60265
2541 If QtWebKit is compiled with gcc 4.6.0 or later we don't want to deactivate
2542 the c++0x support because it works.
2544 * JavaScriptCore.pro:
2546 2011-05-04 Fridrich Strba <fridrich.strba@bluewin.ch>
2548 Reviewed by Geoffrey Garen.
2550 Port MachineStackMarker.cpp to Windows x64
2551 https://bugs.webkit.org/show_bug.cgi?id=60216
2553 * heap/MachineStackMarker.cpp:
2554 (JSC::getPlatformThreadRegisters): the CONTEXT struct is usable also
2556 (JSC::otherThreadStackPointer): return the Rsp register on Windows x64.
2558 2011-05-04 Fridrich Strba <fridrich.strba@bluewin.ch>
2560 Reviewed by Martin Robinson.
2562 Link libjavascriptcoregtk on Windows with winmm.dll
2563 https://bugs.webkit.org/show_bug.cgi?id=60215
2567 2011-05-04 Tao Bai <michaelbai@chromium.org>
2569 Reviewed by David Kilzer.
2571 Populate touch-icon url to FrameLoaderClient
2572 https://bugs.webkit.org/show_bug.cgi?id=59143
2574 * Configurations/FeatureDefines.xcconfig:
2576 2011-05-03 Geoffrey Garen <ggaren@apple.com>
2578 Reviewed by Darin Adler.
2580 <rdar://problem/9366557> Various crashes due to bad DFG codegen at canalplus.fr
2582 * dfg/DFGSpeculativeJIT.cpp:
2583 (JSC::DFG::SpeculativeJIT::checkArgumentTypes): Removed a stray line of
2584 code that accidentally survived the conversion to a switch statement,
2585 causing a lot of important code not to run most of the time.
2587 Since this is not a trivial finger-picking mistake, I will not call it a
2590 2011-05-04 Adam Roben <aroben@apple.com>
2592 Another attempted build fix
2595 (WTF::OwnPtr::operator==):
2596 (WTF::OwnPtr::operator!=):
2598 (WTF::PassOwnPtr::operator==):
2599 (WTF::PassOwnPtr::operator!=):
2600 Added a return statement. And made a tweak based on a suggestion from Anders Carlsson.
2602 2011-05-04 Adam Roben <aroben@apple.com>
2604 Try to fix Leopard, Qt, and probably others
2607 (WTF::OwnPtr::operator==):
2608 (WTF::OwnPtr::operator!=):
2610 (WTF::PassOwnPtr::operator==):
2611 (WTF::PassOwnPtr::operator!=):
2612 Try to get the compiler not to instantiate these function templates unnecessarily.
2614 2011-05-03 Adam Roben <aroben@apple.com>
2616 Disallow equality comparisons between [Pass]OwnPtrs
2618 If you have two OwnPtrs that are equal, you've already lost. (Unless you're doing something
2619 really sneaky, in which case you should stop!)
2621 Fixes <http://webkit.org/b/60053> Testing OwnPtrs for equality should cause a compiler error
2623 Reviewed by Anders Carlsson and Antti Koivisto.
2626 (WTF::OwnPtr::operator==):
2627 (WTF::OwnPtr::operator!=):
2629 (WTF::PassOwnPtr::operator==):
2630 (WTF::PassOwnPtr::operator!=):
2631 Added private equality operators that fail to compile when used. (When not used, the
2632 compiler will skip over them because they are function templates.)
2634 2011-05-04 Alexis Menard <alexis.menard@openbossa.org>
2636 Reviewed by Gavin Barraclough.
2638 JITArithmetic.cpp produces a warning on a unused variable.
2639 https://bugs.webkit.org/show_bug.cgi?id=60060
2641 Just properly use what we already have converted.
2643 * jit/JITArithmetic.cpp:
2644 (JSC::JIT::emitSlow_op_add):
2645 (JSC::JIT::emitSlow_op_mul):
2647 2011-05-04 Alexis Menard <alexis.menard@openbossa.org>
2649 Reviewed by Geoffrey Garen.
2651 JITPropertyAccess produces a unused but set variable warning in gcc 4.6.0.
2652 https://bugs.webkit.org/show_bug.cgi?id=60050
2654 This patch fix a compilation warning. The new warning scenario -Wunused-but-set-variable
2655 in gcc 4.6.0 is included in -Wall and therefore stops the compilation when warnings are treated
2656 as errors. The patch introduces a new macro ASSERT_JIT_OFFSET_UNUSED and ASSERT_WITH_MESSAGE_UNUSED
2657 which copy the idea of ASSERT_UNUSED.
2660 * jit/JITPropertyAccess.cpp:
2661 (JSC::JIT::emit_op_method_check):
2662 (JSC::JIT::compileGetByIdHotPath):
2663 (JSC::JIT::emit_op_put_by_id):
2665 (assertWithMessageUnused):
2667 2011-04-29 Jer Noble <jer.noble@apple.com>
2669 Reviewed by Eric Seidel.
2671 Implement FULLSCREEN_API on Windows, Part 4: Enable it
2672 https://bugs.webkit.org/show_bug.cgi?id=59798
2674 * wtf/Platform.h: Set ENABLE_FULLSCREEN_API on win.
2676 2011-05-03 Alexis Menard <alexis.menard@openbossa.org>
2678 Reviewed by Eric Seidel.
2680 Unused but set variable warning in MacroAssemberX86_64
2681 https://bugs.webkit.org/show_bug.cgi?id=59482
2683 * assembler/MacroAssemblerX86_64.h:
2684 (JSC::MacroAssemblerX86_64::call):
2685 (JSC::MacroAssemblerX86_64::tailRecursiveCall):
2686 (JSC::MacroAssemblerX86_64::makeTailRecursiveCall):
2688 2011-05-03 Oliver Hunt <oliver@apple.com>
2690 Reviewed by Geoffrey Garen.
2692 Make malloc validation useful
2693 https://bugs.webkit.org/show_bug.cgi?id=57502
2695 Reland this patch (rolled out in 82905) without
2696 turning it on by default.
2698 * JavaScriptCore.exp:
2699 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2700 * wtf/FastMalloc.cpp:
2701 (WTF::tryFastMalloc):
2703 (WTF::tryFastCalloc):
2706 (WTF::tryFastRealloc):
2708 (WTF::fastMallocSize):
2709 (WTF::TCMalloc_PageHeap::isScavengerSuspended):
2710 (WTF::TCMalloc_PageHeap::scheduleScavenger):
2711 (WTF::TCMalloc_PageHeap::suspendScavenger):
2712 (WTF::TCMalloc_PageHeap::signalScavenger):
2713 (WTF::TCMallocStats::malloc):
2714 (WTF::TCMallocStats::free):
2715 (WTF::TCMallocStats::fastCalloc):
2716 (WTF::TCMallocStats::tryFastCalloc):
2717 (WTF::TCMallocStats::calloc):
2718 (WTF::TCMallocStats::fastRealloc):
2719 (WTF::TCMallocStats::tryFastRealloc):
2720 (WTF::TCMallocStats::realloc):
2721 (WTF::TCMallocStats::fastMallocSize):
2723 (WTF::Internal::fastMallocValidationHeader):
2724 (WTF::Internal::fastMallocValidationSuffix):
2725 (WTF::Internal::fastMallocMatchValidationType):
2726 (WTF::Internal::setFastMallocMatchValidationType):
2727 (WTF::fastMallocMatchValidateFree):
2728 (WTF::fastMallocValidate):
2730 2011-05-03 Xan Lopez <xlopez@igalia.com>
2732 Reviewed by Anders Carlsson.
2734 Compile error with GCC 4.6.0, tries to assign unsigned& to bitfield
2735 https://bugs.webkit.org/show_bug.cgi?id=59261
2737 Use unary '+' to force proper type detection in template arguments
2738 with GCC 4.6.0. See bug report for more details.
2740 * runtime/Structure.cpp:
2741 (JSC::StructureTransitionTable::remove): Use '+' to force precise type detection.
2742 (JSC::StructureTransitionTable::add): ditto.
2743 * runtime/Structure.h:
2744 (JSC::StructureTransitionTable::keyForWeakGCMapFinalizer): ditto.
2746 2011-05-03 Jessie Berlin <jberlin@apple.com>
2748 Rubber-stamped by Adam Roben.
2750 Revert r85550 and r85575.
2752 Variables cannot be exported via the .def file. Instead, they should be annotated with
2755 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2756 * runtime/Structure.cpp:
2757 (JSC::Structure::materializePropertyMap):
2758 * runtime/Structure.h:
2759 (JSC::Structure::typeInfo):
2760 (JSC::Structure::previousID):
2761 (JSC::Structure::propertyStorageCapacity):
2762 (JSC::Structure::propertyStorageSize):
2763 (JSC::Structure::get):
2764 (JSC::Structure::materializePropertyMapIfNecessary):
2766 2011-05-02 Adam Roben <aroben@apple.com>
2768 Allow implicit conversion from nullptr_t to PassOwnPtr
2770 This makes it a lot easier to write code that just wants a null PassOwnPtr, especially in
2771 strict PassOwnPtr mode.
2773 Fixes <http://webkit.org/b/59964> Implicit conversion from std::nullptr_t to PassOwnPtr
2774 doesn't work, but should
2776 Reviewed by Adam Barth.
2779 (WTF::PassOwnPtr::PassOwnPtr): Added a non-explicit constructor that takes a nullptr_t.
2781 * wtf/MessageQueue.h:
2782 (WTF::::waitForMessageFilteredWithTimeout):
2783 (WTF::::tryGetMessage):
2784 Use the new implicit conversion.
2786 2011-05-02 Jessie Berlin <jberlin@apple.com>
2788 Rubber-stamped by Oliver Hunt.
2790 Remove an assertion that Windows was hitting on launch.
2792 * runtime/Structure.cpp:
2793 (JSC::Structure::materializePropertyMap):
2794 * runtime/Structure.h:
2795 (JSC::Structure::typeInfo):
2796 (JSC::Structure::previousID):
2797 (JSC::Structure::propertyStorageCapacity):
2798 (JSC::Structure::propertyStorageSize):
2799 (JSC::Structure::get):
2800 (JSC::Structure::materializePropertyMapIfNecessary):
2802 2011-05-02 Mark Rowe <mrowe@apple.com>
2804 Reviewed by Geoff Garen.
2806 <rdar://problem/9371948> JavaScriptCore should build with GCC 4.2
2808 * Configurations/CompilerVersion.xcconfig:
2810 2011-05-02 Gavin Barraclough <barraclough@apple.com>
2814 * assembler/AbstractMacroAssembler.h:
2815 (JSC::AbstractMacroAssembler::Jump::link):
2816 (JSC::AbstractMacroAssembler::Jump::linkTo):
2818 2011-05-02 Oliver Hunt <oliver@apple.com>
2822 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2824 2011-05-02 Michael Saboff <msaboff@apple.com>
2826 Reviewed by Geoffrey Garen.
2828 crash in JSC::RegExp::match
2829 https://bugs.webkit.org/show_bug.cgi?id=58922
2831 Cleared chained backtrack data label when linking label even if that
2832 label doesn't chain itself. This is needed so that subsequent
2833 backtrack data labels point to the next outer paren and not within
2837 (JSC::Yarr::YarrGenerator::TermGenerationState::linkDataLabelToBacktrackIfExists):
2839 2011-05-02 Geoffrey Garen <ggaren@apple.com>
2841 Reviewed by Oliver Hunt.
2843 Tiny bit of heap cleanup.
2845 * heap/MarkedBlock.h:
2846 (JSC::MarkedBlock::contains): Tightened up an assertion and a comment.
2848 * heap/MarkedSpace.h:
2849 (JSC::MarkedSpace::globalData):
2850 (JSC::MarkedSpace::highWaterMark):
2851 (JSC::MarkedSpace::setHighWaterMark): Moved inlines out of the class
2852 definition, for better clarity.
2854 2011-05-02 Oliver Hunt <oliver@apple.com>
2856 Reviewed by Gavin Barraclough.
2858 Correct marking of interpreter data in mixed mode builds
2859 https://bugs.webkit.org/show_bug.cgi?id=59962
2861 We had a few places in mixed mode builds where we would not
2862 track data used by the interpreter for marking. This patch
2863 corrects the problem and adds a number of assertions to catch
2864 live Structures being collected.
2866 * JavaScriptCore.exp:
2867 * assembler/ARMv7Assembler.h:
2868 (JSC::ARMv7Assembler::ARMInstructionFormatter::debugOffset):
2869 * bytecode/CodeBlock.cpp:
2870 (JSC::CodeBlock::dump):
2871 * bytecode/CodeBlock.h:
2872 (JSC::CodeBlock::addPropertyAccessInstruction):
2873 (JSC::CodeBlock::addGlobalResolveInstruction):
2874 (JSC::CodeBlock::addStructureStubInfo):
2875 (JSC::CodeBlock::addGlobalResolveInfo):
2876 * bytecompiler/BytecodeGenerator.cpp:
2877 (JSC::BytecodeGenerator::emitResolve):
2878 (JSC::BytecodeGenerator::emitResolveWithBase):
2879 (JSC::BytecodeGenerator::emitGetById):
2880 (JSC::BytecodeGenerator::emitPutById):
2881 (JSC::BytecodeGenerator::emitDirectPutById):
2882 * runtime/Structure.cpp:
2883 (JSC::Structure::materializePropertyMap):
2884 * runtime/Structure.h:
2885 (JSC::Structure::typeInfo):
2886 (JSC::Structure::previousID):
2887 (JSC::Structure::propertyStorageCapacity):
2888 (JSC::Structure::propertyStorageSize):
2889 (JSC::Structure::get):
2890 (JSC::Structure::materializePropertyMapIfNecessary):
2892 2011-05-02 Xan Lopez <xlopez@igalia.com>
2894 Reviewed by Alexey Proskuryakov.
2896 Use native NullPtr when using GCC 4.6.0 and C++0x
2897 https://bugs.webkit.org/show_bug.cgi?id=59252
2899 GCC 4.6.0 has nullptr support, use it when possible.
2901 * wtf/NullPtr.cpp: include config.h to pull in Platform.h before
2902 NullPtr.h, since we need the GCC_VERSION_AT_LEAST definition.
2903 * wtf/NullPtr.h: check for GCC >= 4.6.0 and C++0x in order to
2906 2011-05-02 Gavin Barraclough <barraclough@apple.com>
2908 Reviewed by Oliver Hunt.
2910 https://bugs.webkit.org/show_bug.cgi?id=59950
2911 Clean up AssemblerBuffer to use a Vector internally.
2913 AssemblerBuffer handles reallocing a byte array itself - stop that.
2915 * assembler/ARMAssembler.cpp:
2916 (JSC::ARMAssembler::executableCopy):
2917 * assembler/AssemblerBuffer.h:
2918 (JSC::AssemblerLabel::AssemblerLabel):
2919 (JSC::AssemblerLabel::labelAtOffset):
2920 (JSC::AssemblerBuffer::AssemblerBuffer):
2921 (JSC::AssemblerBuffer::~AssemblerBuffer):
2922 (JSC::AssemblerBuffer::isAvailable):
2923 (JSC::AssemblerBuffer::ensureSpace):
2924 (JSC::AssemblerBuffer::isAligned):
2925 (JSC::AssemblerBuffer::putIntegral):
2926 (JSC::AssemblerBuffer::putIntegralUnchecked):
2927 (JSC::AssemblerBuffer::putByteUnchecked):
2928 (JSC::AssemblerBuffer::putByte):
2929 (JSC::AssemblerBuffer::putShortUnchecked):
2930 (JSC::AssemblerBuffer::putShort):
2931 (JSC::AssemblerBuffer::putIntUnchecked):
2932 (JSC::AssemblerBuffer::putInt):
2933 (JSC::AssemblerBuffer::putInt64Unchecked):
2934 (JSC::AssemblerBuffer::putInt64):
2935 (JSC::AssemblerBuffer::codeSize):
2936 (JSC::AssemblerBuffer::label):
2937 (JSC::AssemblerBuffer::executableCopy):
2938 (JSC::AssemblerBuffer::rewindToLabel):
2939 (JSC::AssemblerBuffer::debugOffset):
2940 (JSC::AssemblerBuffer::append):
2941 (JSC::AssemblerBuffer::grow):
2942 * assembler/AssemblerBufferWithConstantPool.h:
2943 * assembler/MacroAssemblerX86_64.h:
2944 (JSC::MacroAssemblerX86_64::linkCall):
2945 * assembler/X86Assembler.h:
2946 (JSC::X86Assembler::X86InstructionFormatter::rewindToLabel):
2948 2011-05-02 Jeff Miller <jeffm@apple.com>
2950 Reviewed by Alexy Proskuryakov.
2952 Avoid potential buffer overflow in WTFLog() and WTFLogVerbose()
2953 https://bugs.webkit.org/show_bug.cgi?id=59949
2955 * wtf/Assertions.cpp: Check for 0 or empty format string in WTFLog() and WTFLogVerbose().
2957 2011-05-02 Adam Barth <abarth@webkit.org>
2959 Reviewed by Alexey Proskuryakov.
2961 StringImpl::endsWith has some insane code
2962 https://bugs.webkit.org/show_bug.cgi?id=59900
2964 * wtf/text/StringImpl.cpp:
2965 (WTF::StringImpl::endsWith):
2966 - m_data shadows a member variable of the same name.
2968 2011-05-02 Gabor Loki <loki@webkit.org>
2970 Buildfix for ARM after r85448
2972 * assembler/ARMAssembler.h:
2973 (JSC::ARMAssembler::loadBranchTarget):
2975 2011-05-01 Oliver Hunt <oliver@apple.com>
2977 Reviewed by Gavin Barraclough.
2979 Strict-mode only reserved words not reserved
2980 https://bugs.webkit.org/show_bug.cgi?id=55342
2982 Fix line number tracking when we rollback the lexer.
2984 * parser/JSParser.cpp:
2985 (JSC::JSParser::parseSourceElements):
2987 2011-05-01 Oliver Hunt <oliver@apple.com>
2989 Reviewed by Gavin Barraclough.
2991 ES5 Strict mode does not allow getter and setter for same propId
2992 https://bugs.webkit.org/show_bug.cgi?id=57295
2994 Simplify and correct the logic for strict mode object literals.
2996 * parser/JSParser.cpp:
2997 (JSC::JSParser::parseStrictObjectLiteral):
2999 2011-05-01 Oliver Hunt <oliver@apple.com>
3001 Reviewed by Gavin Barraclough.
3003 Assigning to function identifier under strict should throw
3004 https://bugs.webkit.org/show_bug.cgi?id=59289
3006 Add logic to StaticScopeObject to ensure we don't silently consume
3007 writes to constant properties.
3009 * runtime/JSStaticScopeObject.cpp:
3010 (JSC::JSStaticScopeObject::put):
3012 2011-05-01 Gavin Barraclough <barraclough@apple.com>
3014 Reviewed by Sam Weinig.
3016 https://bugs.webkit.org/show_bug.cgi?id=59903
3017 Use AssemblerLabel throughout Assembler classes, AssemblerBuffer
3019 Creating a lable() into the AssemblerBuffer should return an AssemblerLabel,
3020 not an unsigned int.
3022 * assembler/ARMAssembler.cpp:
3023 (JSC::ARMAssembler::executableCopy):
3024 * assembler/ARMAssembler.h:
3025 (JSC::ARMAssembler::blx):
3026 (JSC::ARMAssembler::label):
3027 (JSC::ARMAssembler::loadBranchTarget):
3028 * assembler/ARMv7Assembler.h:
3029 (JSC::ARMv7Assembler::b):
3030 (JSC::ARMv7Assembler::blx):
3031 (JSC::ARMv7Assembler::bx):
3032 (JSC::ARMv7Assembler::label):
3033 (JSC::ARMv7Assembler::ARMInstructionFormatter::label):
3034 * assembler/AssemblerBuffer.h:
3035 (JSC::AssemblerBuffer::label):
3036 * assembler/AssemblerBufferWithConstantPool.h:
3037 * assembler/MIPSAssembler.h:
3038 (JSC::MIPSAssembler::label):
3039 (JSC::MIPSAssembler::relocateJumps):
3040 * assembler/SH4Assembler.h:
3041 (JSC::SH4Assembler::loadConstant):
3042 (JSC::SH4Assembler::loadConstantUnReusable):
3043 (JSC::SH4Assembler::call):
3044 (JSC::SH4Assembler::jmp):
3045 (JSC::SH4Assembler::jne):
3046 (JSC::SH4Assembler::je):
3047 (JSC::SH4Assembler::label):
3048 (JSC::SH4Assembler::oneShortOp):
3049 * assembler/X86Assembler.h:
3050 (JSC::X86Assembler::call):
3051 (JSC::X86Assembler::jmp_r):
3052 (JSC::X86Assembler::label):
3053 (JSC::X86Assembler::X86InstructionFormatter::immediateRel32):
3054 (JSC::X86Assembler::X86InstructionFormatter::label):
3056 2011-05-01 Adam Barth <abarth@webkit.org>
3058 Reviewed by David Levin.
3060 Enable strict mode for OwnPtr and PassOwnPtr
3061 https://bugs.webkit.org/show_bug.cgi?id=59428
3065 2011-05-01 Patrick Gansterer <paroga@webkit.org>
3067 Reviewed by Adam Barth.
3069 Enable strict OwnPtr for PLATFORM(WIN)
3070 https://bugs.webkit.org/show_bug.cgi?id=59881
3074 2011-05-01 Gavin Barraclough <barraclough@apple.com>
3076 Reviewed by Sam Weinig.
3078 https://bugs.webkit.org/show_bug.cgi?id=59896
3079 Remove JmpSrc/JmpDst types.
3081 The JmpSrc/JmpDst classes predate the MacroAssembler interface. Having these
3082 object be per-assembler in unhelpful, causes unnecessary code duplication,
3083 and prevents the AssemblerBuffer from providing a richer type for labels.
3084 The limited semantic meaning that they did convey is undermined by the manner
3085 in which their meanings have been overloaded (use of JmpSrc for Call, JmpDst
3088 Jumps on ARMv7 have had additional information added to the object via the
3089 ARMv7 JmpSrc. This data should probably be in the instruction stream. This
3090 patch does not fix the problem, and moves the data (ifdefed) to
3091 AbstractMacroAssembler::Jump (which is effectively where it was before!).
3092 This at least closes the hole such that no further data may be added to JmpSrc,
3093 but this is unfortunate, and should be cleaned up.
3095 * assembler/ARMAssembler.h:
3096 (JSC::ARMAssembler::blx):
3097 (JSC::ARMAssembler::label):
3098 (JSC::ARMAssembler::align):
3099 (JSC::ARMAssembler::loadBranchTarget):
3100 (JSC::ARMAssembler::jmp):
3101 (JSC::ARMAssembler::linkPointer):
3102 (JSC::ARMAssembler::linkJump):
3103 (JSC::ARMAssembler::linkCall):
3104 (JSC::ARMAssembler::getRelocatedAddress):
3105 (JSC::ARMAssembler::getDifferenceBetweenLabels):
3106 (JSC::ARMAssembler::getCallReturnOffset):
3107 * assembler/ARMv7Assembler.h:
3108 (JSC::ARMv7Assembler::b):
3109 (JSC::ARMv7Assembler::blx):
3110 (JSC::ARMv7Assembler::bx):
3111 (JSC::ARMv7Assembler::label):
3112 (JSC::ARMv7Assembler::align):
3113 (JSC::ARMv7Assembler::getRelocatedAddress):
3114 (JSC::ARMv7Assembler::getDifferenceBetweenLabels):
3115 (JSC::ARMv7Assembler::getCallReturnOffset):
3116 (JSC::ARMv7Assembler::linkJump):
3117 (JSC::ARMv7Assembler::linkCall):
3118 (JSC::ARMv7Assembler::linkPointer):
3119 * assembler/AbstractMacroAssembler.h:
3120 (JSC::AbstractMacroAssembler::Label::isSet):
3121 (JSC::AbstractMacroAssembler::Call::Call):
3122 (JSC::AbstractMacroAssembler::Jump::Jump):
3123 (JSC::AbstractMacroAssembler::Jump::link):
3124 (JSC::AbstractMacroAssembler::Jump::linkTo):
3125 (JSC::AbstractMacroAssembler::linkPointer):
3126 (JSC::AbstractMacroAssembler::getLinkerAddress):
3127 * assembler/AssemblerBuffer.h:
3128 (JSC::AssemblerLabel::AssemblerLabel):
3129 (JSC::AssemblerLabel::isSet):
3130 * assembler/LinkBuffer.h:
3131 (JSC::LinkBuffer::patch):
3132 * assembler/MIPSAssembler.h:
3133 (JSC::MIPSAssembler::label):
3134 (JSC::MIPSAssembler::align):
3135 (JSC::MIPSAssembler::getRelocatedAddress):
3136 (JSC::MIPSAssembler::getDifferenceBetweenLabels):
3137 (JSC::MIPSAssembler::getCallReturnOffset):
3138 (JSC::MIPSAssembler::linkJump):
3139 (JSC::MIPSAssembler::linkCall):
3140 (JSC::MIPSAssembler::linkPointer):
3141 * assembler/MacroAssemblerARMv7.h:
3142 (JSC::MacroAssemblerARMv7::branchDouble):
3143 (JSC::MacroAssemblerARMv7::branchDoubleZeroOrNaN):
3144 (JSC::MacroAssemblerARMv7::jump):
3145 (JSC::MacroAssemblerARMv7::nearCall):
3146 (JSC::MacroAssemblerARMv7::call):
3147 (JSC::MacroAssemblerARMv7::ret):
3148 (JSC::MacroAssemblerARMv7::tailRecursiveCall):
3149 (JSC::MacroAssemblerARMv7::makeBranch):
3150 * assembler/MacroAssemblerMIPS.h:
3151 (JSC::MacroAssemblerMIPS::nearCall):
3152 (JSC::MacroAssemblerMIPS::call):
3153 (JSC::MacroAssemblerMIPS::tailRecursiveCall):
3154 (JSC::MacroAssemblerMIPS::branchTrue):
3155 (JSC::MacroAssemblerMIPS::branchFalse):
3156 (JSC::MacroAssemblerMIPS::branchEqual):
3157 (JSC::MacroAssemblerMIPS::branchNotEqual):
3158 * assembler/SH4Assembler.h:
3159 (JSC::SH4Assembler::call):
3160 (JSC::SH4Assembler::jmp):
3161 (JSC::SH4Assembler::jne):
3162 (JSC::SH4Assembler::je):
3163 (JSC::SH4Assembler::label):
3164 (JSC::SH4Assembler::align):
3165 (JSC::SH4Assembler::linkJump):
3166 (JSC::SH4Assembler::linkCall):
3167 (JSC::SH4Assembler::linkPointer):
3168 (JSC::SH4Assembler::getCallReturnOffset):
3169 (JSC::SH4Assembler::getRelocatedAddress):
3170 (JSC::SH4Assembler::getDifferenceBetweenLabels):
3171 (JSC::SH4Assembler::patchPointer):
3172 * assembler/X86Assembler.h:
3173 (JSC::X86Assembler::call):
3174 (JSC::X86Assembler::jmp):
3175 (JSC::X86Assembler::jmp_r):
3176 (JSC::X86Assembler::jne):
3177 (JSC::X86Assembler::jnz):
3178 (JSC::X86Assembler::je):
3179 (JSC::X86Assembler::jz):
3180 (JSC::X86Assembler::jl):
3181 (JSC::X86Assembler::jb):
3182 (JSC::X86Assembler::jle):
3183 (JSC::X86Assembler::jbe):
3184 (JSC::X86Assembler::jge):
3185 (JSC::X86Assembler::jg):
3186 (JSC::X86Assembler::ja):
3187 (JSC::X86Assembler::jae):
3188 (JSC::X86Assembler::jo):
3189 (JSC::X86Assembler::jp):
3190 (JSC::X86Assembler::js):
3191 (JSC::X86Assembler::jCC):
3192 (JSC::X86Assembler::label):
3193 (JSC::X86Assembler::labelFor):
3194 (JSC::X86Assembler::align):
3195 (JSC::X86Assembler::linkJump):
3196 (JSC::X86Assembler::linkCall):
3197 (JSC::X86Assembler::linkPointer):
3198 (JSC::X86Assembler::getCallReturnOffset):
3199 (JSC::X86Assembler::getRelocatedAddress):
3200 (JSC::X86Assembler::getDifferenceBetweenLabels):
3201 (JSC::X86Assembler::rewindToLabel):
3202 (JSC::X86Assembler::X86InstructionFormatter::immediateRel32):
3203 (JSC::X86Assembler::X86InstructionFormatter::rewindToLabel):
3205 (JSC::JIT::privateCompileMainPass):
3207 * jit/JITInlineMethods.h:
3208 (JSC::JIT::atJumpTarget):
3209 (JSC::JIT::emitGetVirtualRegister):
3210 * jit/JITOpcodes.cpp:
3211 (JSC::JIT::emit_op_jmp):
3212 (JSC::JIT::emit_op_jfalse):
3213 (JSC::JIT::emit_op_jeq_null):
3214 (JSC::JIT::emit_op_jneq_null):
3215 (JSC::JIT::emit_op_jneq_ptr):
3216 (JSC::JIT::emit_op_jsr):
3217 (JSC::JIT::emit_op_jtrue):
3218 (JSC::JIT::emit_op_jmp_scopes):
3220 2011-05-01 Chao-ying Fu <fu@mips.com>
3222 Reviewed by Eric Seidel.
3224 Fix MIPS build due to the split of "Condition" enum
3225 https://bugs.webkit.org/show_bug.cgi?id=59407
3227 * assembler/MIPSAssembler.h:
3228 (JSC::MIPSAssembler::debugOffset):
3229 * assembler/MacroAssemblerMIPS.h:
3230 (JSC::MacroAssemblerMIPS::branch32):
3231 (JSC::MacroAssemblerMIPS::compare32):
3233 2011-04-30 Adam Barth <abarth@webkit.org>
3235 Reviewed by Adam Barth.
3237 Enable strict OwnPtr for GTK
3238 https://bugs.webkit.org/show_bug.cgi?id=59861
3242 2011-04-30 Gavin Barraclough <barraclough@apple.com>
3246 * assembler/AssemblerBufferWithConstantPool.h:
3248 2011-04-30 Gavin Barraclough <barraclough@apple.com>
3250 Reviewed by Oliver Hunt.
3252 Bug 59869 - AssemblerBuffer cleanup - disambiguate size()
3254 The method size() is called on the AssemblerBuffer both to acquire
3255 the complete size of the code, and to get a position to use as a
3256 label into the code. Instead, add an explicit 'label' method.
3258 * assembler/ARMAssembler.cpp:
3259 (JSC::ARMAssembler::executableCopy):
3260 * assembler/ARMAssembler.h:
3261 (JSC::ARMAssembler::blx):
3262 (JSC::ARMAssembler::codeSize):
3263 (JSC::ARMAssembler::label):
3264 (JSC::ARMAssembler::loadBranchTarget):
3265 * assembler/ARMv7Assembler.h:
3266 (JSC::ARMv7Assembler::b):
3267 (JSC::ARMv7Assembler::blx):
3268 (JSC::ARMv7Assembler::bx):
3269 (JSC::ARMv7Assembler::label):
3270 (JSC::ARMv7Assembler::codeSize):
3271 (JSC::ARMv7Assembler::ARMInstructionFormatter::codeSize):
3272 (JSC::ARMv7Assembler::ARMInstructionFormatter::data):
3273 * assembler/AbstractMacroAssembler.h:
3274 * assembler/AssemblerBuffer.h:
3275 (JSC::AssemblerBuffer::codeSize):
3276 (JSC::AssemblerBuffer::label):
3277 * assembler/AssemblerBufferWithConstantPool.h:
3278 * assembler/LinkBuffer.h:
3279 (JSC::LinkBuffer::LinkBuffer):
3280 (JSC::LinkBuffer::linkCode):
3281 * assembler/MIPSAssembler.h:
3282 (JSC::MIPSAssembler::newJmpSrc):
3283 (JSC::MIPSAssembler::appendJump):
3284 (JSC::MIPSAssembler::label):
3285 (JSC::MIPSAssembler::codeSize):
3286 (JSC::MIPSAssembler::relocateJumps):
3287 * assembler/SH4Assembler.h:
3288 (JSC::SH4Assembler::loadConstant):
3289 (JSC::SH4Assembler::loadConstantUnReusable):
3290 (JSC::SH4Assembler::call):
3291 (JSC::SH4Assembler::jmp):
3292 (JSC::SH4Assembler::jne):
3293 (JSC::SH4Assembler::je):
3294 (JSC::SH4Assembler::label):
3295 (JSC::SH4Assembler::executableCopy):
3296 (JSC::SH4Assembler::oneShortOp):
3297 (JSC::SH4Assembler::codeSize):
3298 * assembler/X86Assembler.h:
3299 (JSC::X86Assembler::call):
3300 (JSC::X86Assembler::jmp_r):
3301 (JSC::X86Assembler::codeSize):
3302 (JSC::X86Assembler::label):
3303 (JSC::X86Assembler::executableCopy):
3304 (JSC::X86Assembler::X86InstructionFormatter::immediateRel32):
3305 (JSC::X86Assembler::X86InstructionFormatter::codeSize):
3306 (JSC::X86Assembler::X86InstructionFormatter::label):
3307 (JSC::X86Assembler::X86InstructionFormatter::executableCopy):
3308 * dfg/DFGJITCompiler.cpp:
3309 (JSC::DFG::JITCompiler::compileFunction):
3311 (JSC::JIT::privateCompile):
3312 * jit/JITOpcodes.cpp:
3313 (JSC::JIT::privateCompileCTIMachineTrampolines):
3314 * jit/JITOpcodes32_64.cpp:
3315 (JSC::JIT::privateCompileCTIMachineTrampolines):
3317 (JSC::Yarr::YarrGenerator::compile):
3319 2011-04-29 Adam Barth <abarth@webkit.org>
3321 Attempt to fix the Windows build.
3323 * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3325 2011-04-29 Adam Barth <abarth@webkit.org>
3327 Reviewed by Eric Seidel.
3329 CSP script-src should block eval
3330 https://bugs.webkit.org/show_bug.cgi?id=59850
3332 ggaren recommend a different approach to this patch, essentially
3333 installing a new function for function-eval and changing the AST
3334 representation of operator-eval to call function-eval. However, I'm
3335 not sure that approach is workable because the ASTBuilder doesn't know
3336 about global objects, and there is added complication due to the cache.
3338 This approach is more dynamic, adding a branch in EvalExecutable to
3339 detect whether eval is current disabled in the lexical scope. The spec
3340 is slightly unclear about whether we should return undefined or throw
3341 an exception. I've asked Brandon to clarify the spec, but throwing an
3342 exception seems natural.
3344 * JavaScriptCore.exp:
3345 * runtime/Executable.cpp:
3346 (JSC::EvalExecutable::compileInternal):
3347 * runtime/JSGlobalObject.cpp:
3348 (JSC::JSGlobalObject::disableEval):
3349 * runtime/JSGlobalObject.h:
3350 (JSC::JSGlobalObject::JSGlobalObject):
3351 (JSC::JSGlobalObject::isEvalEnabled):
3353 2011-04-29 Gavin Barraclough <barraclough@apple.com>
3355 Reviewed by Oliver Hunt.
3357 https://bugs.webkit.org/show_bug.cgi?id=59847
3358 Remove linkOffset from LinkBuffer
3360 This is redundant since removal of recompilation for exception info.
3362 * assembler/LinkBuffer.h:
3363 (JSC::LinkBuffer::LinkBuffer):
3364 (JSC::LinkBuffer::linkCode):
3365 * dfg/DFGJITCompiler.cpp:
3366 (JSC::DFG::JITCompiler::compileFunction):
3369 (JSC::JIT::privateCompile):
3371 (JSC::JIT::compile):
3372 (JSC::JIT::compileCTIMachineTrampolines):
3373 (JSC::JIT::compileCTINativeCall):
3374 * jit/JITOpcodes.cpp:
3375 (JSC::JIT::privateCompileCTIMachineTrampolines):
3376 * jit/JITOpcodes32_64.cpp:
3377 (JSC::JIT::privateCompileCTIMachineTrampolines):
3378 (JSC::JIT::privateCompileCTINativeCall):
3379 * jit/JITPropertyAccess.cpp:
3380 (JSC::JIT::stringGetByValStubGenerator):
3381 (JSC::JIT::privateCompilePutByIdTransition):
3382 (JSC::JIT::privateCompilePatchGetArrayLength):
3383 (JSC::JIT::privateCompileGetByIdProto):
3384 (JSC::JIT::privateCompileGetByIdSelfList):
3385 (JSC::JIT::privateCompileGetByIdProtoList):
3386 (JSC::JIT::privateCompileGetByIdChainList):
3387 (JSC::JIT::privateCompileGetByIdChain):
3388 * jit/JITPropertyAccess32_64.cpp:
3389 (JSC::JIT::stringGetByValStubGenerator):
3390 (JSC::JIT::privateCompilePutByIdTransition):
3391 (JSC::JIT::privateCompilePatchGetArrayLength):
3392 (JSC::JIT::privateCompileGetByIdProto):
3393 (JSC::JIT::privateCompileGetByIdSelfList):
3394 (JSC::JIT::privateCompileGetByIdProtoList):
3395 (JSC::JIT::privateCompileGetByIdChainList):
3396 (JSC::JIT::privateCompileGetByIdChain):
3397 * jit/SpecializedThunkJIT.h:
3398 (JSC::SpecializedThunkJIT::finalize):
3400 (JSC::Yarr::YarrGenerator::compile):
3402 2011-04-29 Gavin Barraclough <barraclough@apple.com>
3404 Reviewed by Oliver Hunt & Geoff Garen.
3406 https://bugs.webkit.org/show_bug.cgi?id=59221
3407 [RegexFuzz] Regression blocking testing
3409 Okay, so the bug here is that when, in the case of a TypeParentheticalAssertion
3410 node, emitDisjunction recursively calls to itself to emit the nested disjunction
3411 the value of parenthesesInputCountAlreadyChecked is bogus (doesn't take into
3412 account the uncheck that has just taken place).
3414 Also, the special handling given to countToCheck in the case of parenthetical
3415 assertions is nonsense, delete it, along with the isParentheticalAssertion argument.
3417 * yarr/YarrInterpreter.cpp:
3418 (JSC::Yarr::ByteCompiler::emitDisjunction):
3420 2011-04-29 Csaba Osztrogonác <ossy@webkit.org>
3422 Reviewed by Adam Barth.
3424 Enable strict OwnPtr for Qt
3425 https://bugs.webkit.org/show_bug.cgi?id=59667
3429 2011-04-29 Dean Jackson <dino@apple.com>
3431 Reviewed by Simon Fraser.
3433 Add ENABLE macro for WebKitAnimation
3434 https://bugs.webkit.org/show_bug.cgi?id=59729
3436 Add new feature to toggle WebKit Animation API.
3438 * Configurations/FeatureDefines.xcconfig:
3440 2011-04-28 Sam Weinig <sam@webkit.org>
3442 Reviewed by Mark Rowe.
3444 Install testapi.js along side testapi
3445 https://bugs.webkit.org/show_bug.cgi?id=59773
3447 * JavaScriptCore.xcodeproj/project.pbxproj:
3448 Add new build phase to copy testapi.js to install path of testapi
3451 2011-04-28 David Levin <levin@chromium.org>
3453 Reviewed by Adam Barth.
3455 Remove IMAGE_RESIZER related code.
3456 https://bugs.webkit.org/show_bug.cgi?id=59735
3458 * Configurations/FeatureDefines.xcconfig:
3460 2011-04-28 Gavin Barraclough <barraclough@apple.com>
3462 Reviewed by Oliver Hunt.
3464 https://bugs.webkit.org/show_bug.cgi?id=59763
3465 DFG JIT - Unify FPRReg & FPRegisterID
3467 (Following on from GPRReg/RegisterID unification).
3470 (JSC::DFG::FPRInfo::toRegister):
3471 (JSC::DFG::FPRInfo::debugName):
3473 * dfg/DFGJITCodeGenerator.cpp:
3474 (JSC::DFG::JITCodeGenerator::fillDouble):
3475 (JSC::DFG::JITCodeGenerator::checkConsistency):
3476 * dfg/DFGJITCodeGenerator.h:
3477 (JSC::DFG::JITCodeGenerator::boxDouble):
3478 (JSC::DFG::JITCodeGenerator::unboxDouble):
3479 (JSC::DFG::JITCodeGenerator::flushRegisters):
3480 (JSC::DFG::JITCodeGenerator::isFlushed):
3481 (JSC::DFG::JITCodeGenerator::setupTwoStubArgs):
3482 (JSC::DFG::JITCodeGenerator::setupStubArguments):
3483 (JSC::DFG::JITCodeGenerator::cal
git://git.webkit.org / WebKit-https.git / blob