Calls on 32 bit machines are failed after r90423
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2011-07-06  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>
2
3         Calls on 32 bit machines are failed after r90423
4         https://bugs.webkit.org/show_bug.cgi?id=63980
5
6         Reviewed by Gavin Barraclough.
7
8         Copy the necessary lines from JITCall.cpp.
9
10         * jit/JITCall32_64.cpp:
11         (JSC::JIT::compileOpCall):
12
13 2011-07-05  Filip Pizlo  <fpizlo@apple.com>
14
15         DFG JIT virtual call implementation is inefficient.
16         https://bugs.webkit.org/show_bug.cgi?id=63974
17
18         Reviewed by Gavin Barraclough.
19
20         * dfg/DFGOperations.cpp:
21         * runtime/Executable.h:
22         (JSC::ExecutableBase::generatedJITCodeForCallWithArityCheck):
23         (JSC::ExecutableBase::generatedJITCodeForConstructWithArityCheck):
24         (JSC::ExecutableBase::generatedJITCodeWithArityCheckFor):
25         (JSC::ExecutableBase::hasJITCodeForCall):
26         (JSC::ExecutableBase::hasJITCodeForConstruct):
27         (JSC::ExecutableBase::hasJITCodeFor):
28         * runtime/JSFunction.h:
29         (JSC::JSFunction::scopeUnchecked):
30
31 2011-07-05  Oliver Hunt  <oliver@apple.com>
32
33         Force inlining of simple functions that show up as not being inlined
34         https://bugs.webkit.org/show_bug.cgi?id=63964
35
36         Reviewed by Gavin Barraclough.
37
38         Looking at profile data indicates the gcc is failing to inline a
39         number of trivial functions.  This patch hits the ones that show
40         up in profiles with the ALWAYS_INLINE hammer.
41
42         We also replace the memcpy() call in linking with a manual loop.
43         Apparently memcpy() is almost never faster than an inlined loop.
44
45         * assembler/ARMv7Assembler.h:
46         (JSC::ARMv7Assembler::add):
47         (JSC::ARMv7Assembler::add_S):
48         (JSC::ARMv7Assembler::ARM_and):
49         (JSC::ARMv7Assembler::asr):
50         (JSC::ARMv7Assembler::b):
51         (JSC::ARMv7Assembler::blx):
52         (JSC::ARMv7Assembler::bx):
53         (JSC::ARMv7Assembler::clz):
54         (JSC::ARMv7Assembler::cmn):
55         (JSC::ARMv7Assembler::cmp):
56         (JSC::ARMv7Assembler::eor):
57         (JSC::ARMv7Assembler::it):
58         (JSC::ARMv7Assembler::ldr):
59         (JSC::ARMv7Assembler::ldrCompact):
60         (JSC::ARMv7Assembler::ldrh):
61         (JSC::ARMv7Assembler::ldrb):
62         (JSC::ARMv7Assembler::lsl):
63         (JSC::ARMv7Assembler::lsr):
64         (JSC::ARMv7Assembler::movT3):
65         (JSC::ARMv7Assembler::mov):
66         (JSC::ARMv7Assembler::movt):
67         (JSC::ARMv7Assembler::mvn):
68         (JSC::ARMv7Assembler::neg):
69         (JSC::ARMv7Assembler::orr):
70         (JSC::ARMv7Assembler::orr_S):
71         (JSC::ARMv7Assembler::ror):
72         (JSC::ARMv7Assembler::smull):
73         (JSC::ARMv7Assembler::str):
74         (JSC::ARMv7Assembler::sub):
75         (JSC::ARMv7Assembler::sub_S):
76         (JSC::ARMv7Assembler::tst):
77         (JSC::ARMv7Assembler::linkRecordSourceComparator):
78         (JSC::ARMv7Assembler::link):
79         (JSC::ARMv7Assembler::ARMInstructionFormatter::oneWordOp5Reg3Imm8):
80         (JSC::ARMv7Assembler::ARMInstructionFormatter::oneWordOp5Imm5Reg3Reg3):
81         (JSC::ARMv7Assembler::ARMInstructionFormatter::oneWordOp7Reg3Reg3Reg3):
82         (JSC::ARMv7Assembler::ARMInstructionFormatter::oneWordOp8Imm8):
83         (JSC::ARMv7Assembler::ARMInstructionFormatter::oneWordOp8RegReg143):
84         (JSC::ARMv7Assembler::ARMInstructionFormatter::oneWordOp9Imm7):
85         (JSC::ARMv7Assembler::ARMInstructionFormatter::oneWordOp10Reg3Reg3):
86         (JSC::ARMv7Assembler::ARMInstructionFormatter::twoWordOp12Reg4FourFours):
87         (JSC::ARMv7Assembler::ARMInstructionFormatter::twoWordOp16FourFours):
88         (JSC::ARMv7Assembler::ARMInstructionFormatter::twoWordOp16Op16):
89         (JSC::ARMv7Assembler::ARMInstructionFormatter::twoWordOp5i6Imm4Reg4EncodedImm):
90         (JSC::ARMv7Assembler::ARMInstructionFormatter::twoWordOp12Reg4Reg4Imm12):
91         (JSC::ARMv7Assembler::ARMInstructionFormatter::vfpOp):
92         (JSC::ARMv7Assembler::ARMInstructionFormatter::vfpMemOp):
93         * assembler/LinkBuffer.h:
94         (JSC::LinkBuffer::linkCode):
95         * assembler/MacroAssemblerARMv7.h:
96         (JSC::MacroAssemblerARMv7::nearCall):
97         (JSC::MacroAssemblerARMv7::call):
98         (JSC::MacroAssemblerARMv7::ret):
99         (JSC::MacroAssemblerARMv7::moveWithPatch):
100         (JSC::MacroAssemblerARMv7::branchPtrWithPatch):
101         (JSC::MacroAssemblerARMv7::storePtrWithPatch):
102         (JSC::MacroAssemblerARMv7::tailRecursiveCall):
103         (JSC::MacroAssemblerARMv7::makeTailRecursiveCall):
104         (JSC::MacroAssemblerARMv7::jump):
105         (JSC::MacroAssemblerARMv7::makeBranch):
106
107 2011-07-05  Zoltan Herczeg  <zherczeg@inf.u-szeged.hu>
108
109         Make "Add optimised paths for a few maths functions" work on Qt
110         https://bugs.webkit.org/show_bug.cgi?id=63893
111
112         Reviewed by Oliver Hunt.
113
114         Move the generated code to the .text section instead of .data section.
115         Fix alignment for the 32 bit thunk code.
116
117         * jit/ThunkGenerators.cpp:
118
119 2011-07-05  Filip Pizlo  <fpizlo@apple.com>
120
121         DFG JIT does not implement op_call.
122         https://bugs.webkit.org/show_bug.cgi?id=63858
123
124         Reviewed by Gavin Barraclough.
125
126         * bytecode/CodeBlock.cpp:
127         (JSC::CodeBlock::unlinkCalls):
128         * bytecode/CodeBlock.h:
129         (JSC::CodeBlock::setNumberOfCallLinkInfos):
130         (JSC::CodeBlock::numberOfCallLinkInfos):
131         * bytecompiler/BytecodeGenerator.cpp:
132         (JSC::BytecodeGenerator::emitCall):
133         (JSC::BytecodeGenerator::emitConstruct):
134         * dfg/DFGAliasTracker.h:
135         (JSC::DFG::AliasTracker::lookupGetByVal):
136         (JSC::DFG::AliasTracker::recordCall):
137         (JSC::DFG::AliasTracker::equalIgnoringLaterNumericConversion):
138         * dfg/DFGByteCodeParser.cpp:
139         (JSC::DFG::ByteCodeParser::ByteCodeParser):
140         (JSC::DFG::ByteCodeParser::getLocal):
141         (JSC::DFG::ByteCodeParser::getArgument):
142         (JSC::DFG::ByteCodeParser::toInt32):
143         (JSC::DFG::ByteCodeParser::addToGraph):
144         (JSC::DFG::ByteCodeParser::addVarArgChild):
145         (JSC::DFG::ByteCodeParser::predictInt32):
146         (JSC::DFG::ByteCodeParser::parseBlock):
147         (JSC::DFG::ByteCodeParser::processPhiStack):
148         (JSC::DFG::ByteCodeParser::allocateVirtualRegisters):
149         * dfg/DFGGraph.cpp:
150         (JSC::DFG::Graph::opName):
151         (JSC::DFG::Graph::dump):
152         (JSC::DFG::Graph::refChildren):
153         * dfg/DFGGraph.h:
154         * dfg/DFGJITCodeGenerator.cpp:
155         (JSC::DFG::JITCodeGenerator::useChildren):
156         (JSC::DFG::JITCodeGenerator::emitCall):
157         * dfg/DFGJITCodeGenerator.h:
158         (JSC::DFG::JITCodeGenerator::addressOfCallData):
159         * dfg/DFGJITCompiler.cpp:
160         (JSC::DFG::JITCompiler::compileFunction):
161         * dfg/DFGJITCompiler.h:
162         (JSC::DFG::CallRecord::CallRecord):
163         (JSC::DFG::JITCompiler::notifyCall):
164         (JSC::DFG::JITCompiler::appendCallWithFastExceptionCheck):
165         (JSC::DFG::JITCompiler::addJSCall):
166         (JSC::DFG::JITCompiler::PropertyAccessRecord::PropertyAccessRecord):
167         (JSC::DFG::JITCompiler::JSCallRecord::JSCallRecord):
168         * dfg/DFGNode.h:
169         (JSC::DFG::Node::Node):
170         (JSC::DFG::Node::child1):
171         (JSC::DFG::Node::child2):
172         (JSC::DFG::Node::child3):
173         (JSC::DFG::Node::firstChild):
174         (JSC::DFG::Node::numChildren):
175         * dfg/DFGNonSpeculativeJIT.cpp:
176         (JSC::DFG::NonSpeculativeJIT::basicArithOp):
177         (JSC::DFG::NonSpeculativeJIT::compare):
178         (JSC::DFG::NonSpeculativeJIT::compile):
179         * dfg/DFGOperations.cpp:
180         * dfg/DFGOperations.h:
181         * dfg/DFGRepatch.cpp:
182         (JSC::DFG::dfgLinkCall):
183         * dfg/DFGRepatch.h:
184         * dfg/DFGSpeculativeJIT.cpp:
185         (JSC::DFG::SpeculativeJIT::compilePeepHoleIntegerBranch):
186         (JSC::DFG::SpeculativeJIT::compilePeepHoleCall):
187         (JSC::DFG::SpeculativeJIT::compile):
188         * dfg/DFGSpeculativeJIT.h:
189         (JSC::DFG::SpeculativeJIT::detectPeepHoleBranch):
190         * interpreter/CallFrame.h:
191         (JSC::ExecState::calleeAsValue):
192         * jit/JIT.cpp:
193         (JSC::JIT::JIT):
194         (JSC::JIT::privateCompileMainPass):
195         (JSC::JIT::privateCompileSlowCases):
196         (JSC::JIT::privateCompile):
197         (JSC::JIT::linkCall):
198         (JSC::JIT::linkConstruct):
199         * jit/JITCall.cpp:
200         (JSC::JIT::compileOpCall):
201         * jit/JITCode.h:
202         (JSC::JITCode::JITCode):
203         (JSC::JITCode::jitType):
204         (JSC::JITCode::HostFunction):
205         * runtime/JSFunction.h:
206         * runtime/JSGlobalData.h:
207
208 2011-07-05  Oliver Hunt  <oliver@apple.com>
209
210         Initialize new MarkStack member
211
212         * heap/MarkStack.h:
213         (JSC::MarkStack::MarkStack):
214
215 2011-07-05  Oliver Hunt  <oliver@apple.com>
216
217         Don't throw out compiled code repeatedly
218         https://bugs.webkit.org/show_bug.cgi?id=63960
219
220         Reviewed by Gavin Barraclough.
221
222         Stop throwing away all compiled code every time
223         we're told to do a full GC.  Instead unlink all
224         callsites during such GC passes to maximise the
225         number of collectable functions, but otherwise
226         leave compiled functions alone.
227
228         * API/JSBase.cpp:
229         (JSGarbageCollect):
230         * bytecode/CodeBlock.cpp:
231         (JSC::CodeBlock::visitAggregate):
232         * heap/Heap.cpp:
233         (JSC::Heap::collectAllGarbage):
234         * heap/MarkStack.h:
235         (JSC::MarkStack::shouldUnlinkCalls):
236         (JSC::MarkStack::setShouldUnlinkCalls):
237         * runtime/JSGlobalData.cpp:
238         (JSC::JSGlobalData::recompileAllJSFunctions):
239         (JSC::JSGlobalData::releaseExecutableMemory):
240         * runtime/RegExp.cpp:
241         (JSC::RegExp::compile):
242         (JSC::RegExp::invalidateCode):
243         * runtime/RegExp.h:
244
245 2011-07-05  Filip Pizlo  <fpizlo@apple.com>
246
247         JSC JIT has code duplication for the handling of call and construct
248         https://bugs.webkit.org/show_bug.cgi?id=63957
249
250         Reviewed by Gavin Barraclough.
251
252         * jit/JIT.cpp:
253         (JSC::JIT::linkFor):
254         * jit/JIT.h:
255         * jit/JITStubs.cpp:
256         (JSC::jitCompileFor):
257         (JSC::DEFINE_STUB_FUNCTION):
258         (JSC::arityCheckFor):
259         (JSC::lazyLinkFor):
260         * runtime/Executable.h:
261         (JSC::ExecutableBase::generatedJITCodeFor):
262         (JSC::FunctionExecutable::compileFor):
263         (JSC::FunctionExecutable::isGeneratedFor):
264         (JSC::FunctionExecutable::generatedBytecodeFor):
265         (JSC::FunctionExecutable::generatedJITCodeWithArityCheckFor):
266
267 2011-07-05  Gavin Barraclough  <barraclough@apple.com>
268
269         Build fix following last patch.
270
271         * runtime/JSFunction.cpp:
272         (JSC::createPrototypeProperty):
273
274 2011-07-05  Gavin Barraclough  <barraclough@apple.com>
275
276         https://bugs.webkit.org/show_bug.cgi?id=63947
277         ASSERT running Object.preventExtensions(Math.sin)
278
279         Reviewed by Oliver Hunt.
280
281         This is due to calling scope() on a hostFunction as a part of
282         calling createPrototypeProperty to reify the prototype property.
283         But host functions don't have a prototype property anyway!
284
285         Prevent callling createPrototypeProperty on a host function.
286
287         * runtime/JSFunction.cpp:
288         (JSC::JSFunction::createPrototypeProperty):
289         (JSC::JSFunction::preventExtensions):
290
291 2011-07-04  Gavin Barraclough  <barraclough@apple.com>
292
293         https://bugs.webkit.org/show_bug.cgi?id=63880
294         Evaluation order of conversions of operands to >, >= incorrect.
295
296         Reviewed by Sam Weinig.
297
298         Add 'leftFirst' parameter to jsLess, jsLessEq matching that described in the ES5
299         spec. This allows these methods to be reused to perform >, >= relational compares
300         with correct ordering of type conversions.
301
302         * dfg/DFGOperations.cpp:
303         * interpreter/Interpreter.cpp:
304         (JSC::Interpreter::privateExecute):
305         * jit/JITStubs.cpp:
306         (JSC::DEFINE_STUB_FUNCTION):
307         * runtime/Operations.h:
308         (JSC::jsLess):
309         (JSC::jsLessEq):
310
311 2011-07-04  Gavin Barraclough  <barraclough@apple.com>
312
313         Reviewed by Sam Weinig.
314
315         https://bugs.webkit.org/show_bug.cgi?id=16652
316         Firefox and JavaScriptCore differ in Number.toString(integer)
317
318         Our arbitrary radix (2..36) toString conversion is inaccurate.
319         This is partly because it uses doubles to perform math that requires
320         higher accuracy, and partly becasue it does not attempt to correctly
321         detect where to terminate, instead relying on a simple 'epsilon'.
322
323         * runtime/NumberPrototype.cpp:
324         (JSC::decomposeDouble):
325             - helper function to extract sign, exponent, mantissa from IEEE doubles.
326         (JSC::Uint16WithFraction::Uint16WithFraction):
327             - helper class, u16int with infinite precision fraction, used to convert
328               the fractional part of the number to a string.
329         (JSC::Uint16WithFraction::operator*=):
330             - Multiply by a uint16.
331         (JSC::Uint16WithFraction::operator<):
332             - Compare two Uint16WithFractions.
333         (JSC::Uint16WithFraction::floorAndSubtract):
334             - Extract the integer portion of the number, and subtract it (clears the integer portion).
335         (JSC::Uint16WithFraction::comparePoint5):
336             - Compare to 0.5.
337         (JSC::Uint16WithFraction::sumGreaterThanOne):
338             - Passed a second Uint16WithFraction, returns true if the result of adding
339               the two values would be greater than one.
340         (JSC::Uint16WithFraction::isNormalized):
341             - Used by ASSERTs to consistency check internal representation.
342         (JSC::BigInteger::BigInteger):
343             - helper class, unbounded integer value, used to convert the integer part
344               of the number to a string.
345         (JSC::BigInteger::divide):
346             - Divide this value through by a uint32.
347         (JSC::BigInteger::operator!):
348             - test for zero.
349         (JSC::toStringWithRadix):
350             - Performs number to string conversion, with the given radix (2..36).
351         (JSC::numberProtoFuncToString):
352             - Changed to use toStringWithRadix.
353
354 2011-07-04  Gavin Barraclough  <barraclough@apple.com>
355
356         https://bugs.webkit.org/show_bug.cgi?id=63881
357         Need separate bytecodes for handling >, >= comparisons.
358
359         Reviewed by Oliver Hunt.
360
361         This clears the way to fix Bug#63880. We currently handle greater-than comparisons
362         as being using the corresponding op_less, etc opcodes.  This is incorrect with
363         respect to evaluation ordering of the implicit conversions performed on operands -
364         we should be calling ToPrimitive on the LHS and RHS operands to the greater than,
365         but instead convert RHS then LHS.
366
367         This patch adds opcodes for greater-than comparisons mirroring existing ones used
368         for less-than.
369
370         * bytecode/CodeBlock.cpp:
371         (JSC::CodeBlock::dump):
372         * bytecode/Opcode.h:
373         * bytecompiler/BytecodeGenerator.cpp:
374         (JSC::BytecodeGenerator::emitJumpIfTrue):
375         (JSC::BytecodeGenerator::emitJumpIfFalse):
376         * bytecompiler/NodesCodegen.cpp:
377         * dfg/DFGByteCodeParser.cpp:
378         (JSC::DFG::ByteCodeParser::parseBlock):
379         * dfg/DFGNode.h:
380         * dfg/DFGNonSpeculativeJIT.cpp:
381         (JSC::DFG::NonSpeculativeJIT::compare):
382         (JSC::DFG::NonSpeculativeJIT::compile):
383         * dfg/DFGNonSpeculativeJIT.h:
384         * dfg/DFGOperations.cpp:
385         * dfg/DFGOperations.h:
386         * dfg/DFGSpeculativeJIT.cpp:
387         (JSC::DFG::SpeculativeJIT::compare):
388         (JSC::DFG::SpeculativeJIT::compile):
389         * dfg/DFGSpeculativeJIT.h:
390         * interpreter/Interpreter.cpp:
391         (JSC::Interpreter::privateExecute):
392         * jit/JIT.cpp:
393         (JSC::JIT::privateCompileMainPass):
394         (JSC::JIT::privateCompileSlowCases):
395         * jit/JIT.h:
396         (JSC::JIT::emit_op_loop_if_greater):
397         (JSC::JIT::emitSlow_op_loop_if_greater):
398         (JSC::JIT::emit_op_loop_if_greatereq):
399         (JSC::JIT::emitSlow_op_loop_if_greatereq):
400         * jit/JITArithmetic.cpp:
401         (JSC::JIT::emit_op_jgreater):
402         (JSC::JIT::emit_op_jgreatereq):
403         (JSC::JIT::emit_op_jngreater):
404         (JSC::JIT::emit_op_jngreatereq):
405         (JSC::JIT::emitSlow_op_jgreater):
406         (JSC::JIT::emitSlow_op_jgreatereq):
407         (JSC::JIT::emitSlow_op_jngreater):
408         (JSC::JIT::emitSlow_op_jngreatereq):
409         (JSC::JIT::emit_compareAndJumpSlow):
410         * jit/JITArithmetic32_64.cpp:
411         (JSC::JIT::emitBinaryDoubleOp):
412         * jit/JITStubs.cpp:
413         (JSC::DEFINE_STUB_FUNCTION):
414         * jit/JITStubs.h:
415         * parser/NodeConstructors.h:
416         (JSC::GreaterNode::GreaterNode):
417         (JSC::GreaterEqNode::GreaterEqNode):
418         * parser/Nodes.h:
419
420 2011-07-03  Gavin Barraclough  <barraclough@apple.com>
421
422         https://bugs.webkit.org/show_bug.cgi?id=63879
423         Reduce code duplication for op_jless, op_jlesseq, op_jnless, op_jnlesseq.
424
425         Reviewed by Sam Weinig.
426         
427         There is a lot of copy & paste code here; we can reduce duplication by making
428         a shared implementation.
429
430         * assembler/MacroAssembler.h:
431         (JSC::MacroAssembler::branch32):
432         (JSC::MacroAssembler::commute):
433             - Make these function platform agnostic.
434         * assembler/MacroAssemblerX86Common.h:
435             - Moved branch32/commute up to MacroAssembler.
436         * jit/JIT.h:
437         (JSC::JIT::emit_op_loop_if_lesseq):
438         (JSC::JIT::emitSlow_op_loop_if_lesseq):
439             - Add an implementation matching that for op_loop_if_less, which just calls op_jless.
440         * jit/JITArithmetic.cpp:
441         (JSC::JIT::emit_op_jless):
442         (JSC::JIT::emit_op_jlesseq):
443         (JSC::JIT::emit_op_jnless):
444         (JSC::JIT::emit_op_jnlesseq):
445         (JSC::JIT::emitSlow_op_jless):
446         (JSC::JIT::emitSlow_op_jlesseq):
447         (JSC::JIT::emitSlow_op_jnless):
448         (JSC::JIT::emitSlow_op_jnlesseq):
449             - Common implmentations of these methods for JSVALUE64 & JSVALUE32_64.
450         (JSC::JIT::emit_compareAndJump):
451         (JSC::JIT::emit_compareAndJumpSlow):
452             - Internal implmementation of jless etc for JSVALUE64.
453         * jit/JITArithmetic32_64.cpp:
454         (JSC::JIT::emit_compareAndJump):
455         (JSC::JIT::emit_compareAndJumpSlow):
456             - Internal implmementation of jless etc for JSVALUE32_64.
457         * jit/JITOpcodes.cpp:
458         * jit/JITOpcodes32_64.cpp:
459         * jit/JITStubs.cpp:
460         * jit/JITStubs.h:
461             - Remove old implementation of emit_op_loop_if_lesseq.
462
463 2011-07-03  Sheriff Bot  <webkit.review.bot@gmail.com>
464
465         Unreviewed, rolling out r90347.
466         http://trac.webkit.org/changeset/90347
467         https://bugs.webkit.org/show_bug.cgi?id=63886
468
469         Build breaks on Leopard, Chromium-win, WinCairo, and WinCE.
470         (Requested by tkent on #webkit).
471
472         * JavaScriptCore.xcodeproj/project.pbxproj:
473         * runtime/BigInteger.h: Removed.
474         * runtime/NumberPrototype.cpp:
475         (JSC::numberProtoFuncToPrecision):
476         (JSC::numberProtoFuncToString):
477         * runtime/Uint16WithFraction.h: Removed.
478         * wtf/MathExtras.h:
479
480 2011-06-30  Gavin Barraclough  <barraclough@apple.com>
481
482         Reviewed by Sam Weinig.
483
484         https://bugs.webkit.org/show_bug.cgi?id=16652
485         Firefox and JavaScriptCore differ in Number.toString(integer)
486
487         Our arbitrary radix (2..36) toString conversion is inaccurate.
488         This is partly because it uses doubles to perform math that requires
489         higher accuracy, and partly becasue it does not attempt to correctly
490         detect where to terminate, instead relying on a simple 'epsilon'.
491
492         * runtime/NumberPrototype.cpp:
493         (JSC::decomposeDouble):
494             - helper function to extract sign, exponent, mantissa from IEEE doubles.
495         (JSC::Uint16WithFraction::Uint16WithFraction):
496             - helper class, u16int with infinite precision fraction, used to convert
497               the fractional part of the number to a string.
498         (JSC::Uint16WithFraction::operator*=):
499             - Multiply by a uint16.
500         (JSC::Uint16WithFraction::operator<):
501             - Compare two Uint16WithFractions.
502         (JSC::Uint16WithFraction::floorAndSubtract):
503             - Extract the integer portion of the number, and subtract it (clears the integer portion).
504         (JSC::Uint16WithFraction::comparePoint5):
505             - Compare to 0.5.
506         (JSC::Uint16WithFraction::sumGreaterThanOne):
507             - Passed a second Uint16WithFraction, returns true if the result of adding
508               the two values would be greater than one.
509         (JSC::Uint16WithFraction::isNormalized):
510             - Used by ASSERTs to consistency check internal representation.
511         (JSC::BigInteger::BigInteger):
512             - helper class, unbounded integer value, used to convert the integer part
513               of the number to a string.
514         (JSC::BigInteger::divide):
515             - Divide this value through by a uint32.
516         (JSC::BigInteger::operator!):
517             - test for zero.
518         (JSC::toStringWithRadix):
519             - Performs number to string conversion, with the given radix (2..36).
520         (JSC::numberProtoFuncToString):
521             - Changed to use toStringWithRadix.
522
523 2011-07-02  Gavin Barraclough  <barraclough@apple.com>
524
525         https://bugs.webkit.org/show_bug.cgi?id=63866
526         DFG JIT - implement instanceof
527
528         Reviewed by Sam Weinig.
529
530         Add ops CheckHasInstance & InstanceOf to implement bytecodes
531         op_check_has_instance & op_instanceof. This is an initial
532         functional implementation, performance is a wash. We can
533         follow up with changes to fuse the InstanceOf node with
534         a subsequant branch, as we do with other comparisons.
535
536         * dfg/DFGByteCodeParser.cpp:
537         (JSC::DFG::ByteCodeParser::parseBlock):
538         * dfg/DFGJITCompiler.cpp:
539         (JSC::DFG::JITCompiler::jitAssertIsCell):
540         * dfg/DFGJITCompiler.h:
541         (JSC::DFG::JITCompiler::jitAssertIsCell):
542         * dfg/DFGNode.h:
543         * dfg/DFGNonSpeculativeJIT.cpp:
544         (JSC::DFG::NonSpeculativeJIT::compile):
545         * dfg/DFGOperations.cpp:
546         * dfg/DFGOperations.h:
547         * dfg/DFGSpeculativeJIT.cpp:
548         (JSC::DFG::SpeculativeJIT::compile):
549
550 2011-07-01  Oliver Hunt  <oliver@apple.com>
551
552         IE Web Workers demo crashes in JSC::SlotVisitor::visitChildren()
553         https://bugs.webkit.org/show_bug.cgi?id=63732
554
555         Reviewed by Gavin Barraclough.
556
557         Initialise the memory at the head of the new storage so that
558         GC is safe if triggered by reportExtraMemoryCost.
559
560         * runtime/JSArray.cpp:
561         (JSC::JSArray::increaseVectorPrefixLength):
562
563 2011-07-01  Oliver Hunt  <oliver@apple.com>
564
565         GC sweep can occur before an object is completely initialised
566         https://bugs.webkit.org/show_bug.cgi?id=63836
567
568         Reviewed by Gavin Barraclough.
569
570         In rare cases it's possible for a GC sweep to occur while a
571         live, but not completely initialised object is on the stack.
572         In such a case we may incorrectly choose to mark it, even
573         though it has no children that need marking.
574
575         We resolve this by always zeroing out the structure of any
576         value returned from JSCell::operator new(), and making the
577         markstack tolerant of a null structure. 
578
579         * runtime/JSCell.h:
580         (JSC::JSCell::JSCell::~JSCell):
581         (JSC::JSCell::JSCell::operator new):
582         * runtime/Structure.h:
583         (JSC::MarkStack::internalAppend):
584
585 2011-07-01  Filip Pizlo  <fpizlo@apple.com>
586
587         Reviewed by Gavin Barraclough.
588
589         DFG non-speculative JIT always performs slow C calls for div and mod.
590         https://bugs.webkit.org/show_bug.cgi?id=63684
591
592         * dfg/DFGNonSpeculativeJIT.cpp:
593         (JSC::DFG::NonSpeculativeJIT::compile):
594
595 2011-07-01  Juan C. Montemayor  <jmont@apple.com>
596
597         Reviewed by Oliver Hunt.
598
599         Lexer error messages are currently appalling
600         https://bugs.webkit.org/show_bug.cgi?id=63340
601
602         Added error messages for the Lexer. These messages will be displayed
603         instead of the lexer error messages from the parser that are currently
604         shown.
605
606         * parser/Lexer.cpp:
607         (JSC::Lexer::getInvalidCharMessage):
608         (JSC::Lexer::setCode):
609         (JSC::Lexer::parseString):
610         (JSC::Lexer::lex):
611         (JSC::Lexer::clear):
612         * parser/Lexer.h:
613         (JSC::Lexer::getErrorMessage):
614         (JSC::Lexer::setOffset):
615         * parser/Parser.cpp:
616         (JSC::Parser::parse):
617
618 2011-07-01  Jungshik Shin  <jshin@chromium.org>
619
620         Reviewed by Alexey Proskuryakov.
621
622         Add ScriptCodesFromICU.h to wtf/unicode and make necessary changes in
623         build files for ports not using ICU.
624         Add icu/unicode/uscript.h for ports using ICU. It's taken from 
625         ICU 3.6 (the version used on Mac OS 10.5)
626
627         http://bugs.webkit.org/show_bug.cgi?id=20797
628
629         * GNUmakefile.list.am:
630         * JavaScriptCore.gypi:
631         * icu/unicode/uscript.h: Added for UScriptCode enum.
632         * wtf/unicode/ScriptCodesFromICU.h: UScriptCode enum added.
633         * wtf/unicode/icu/UnicodeIcu.h:
634         * wtf/unicode/brew/UnicodeBrew.h:
635         * wtf/unicode/glib/UnicodeGLib.h:
636         * wtf/unicode/qt4/UnicodeQt4.h:
637         * wtf/unicode/wince/UnicodeWinCE.h:
638
639 2011-07-01  Gavin Barraclough  <barraclough@apple.com>
640
641         Reviewed by Sam Weinig.
642
643         https://bugs.webkit.org/show_bug.cgi?id=63819
644         Escaping of forwardslashes in strings incorrect if multiple exist.
645
646         The bug is in the parameters passed to a substring - should be
647         start & length, but we're passing start & end indices!
648
649         * runtime/RegExpObject.cpp:
650         (JSC::regExpObjectSource):
651
652 2011-07-01  Adam Roben  <aroben@apple.com>
653
654         Roll out r90194
655         http://trac.webkit.org/changeset/90194
656         https://bugs.webkit.org/show_bug.cgi?id=63778
657
658         Fixes <http://webkit.org/b/63812> REGRESSION (r90194): Multiple tests intermittently failing
659         assertions in WriteBarrierBase<JSC::Structure>::get
660
661         * runtime/JSCell.h:
662         (JSC::JSCell::JSCell::~JSCell):
663
664 2011-06-30  Oliver Hunt  <oliver@apple.com>
665
666         Reviewed by Gavin Barraclough.
667
668         Add optimised paths for a few maths functions
669         https://bugs.webkit.org/show_bug.cgi?id=63757
670
671         Relanding as a Mac only patch.
672
673         This adds specialised thunks for Math.abs, Math.round, Math.ceil,
674         Math.floor, Math.log, and Math.exp as they are apparently more
675         important in real web content than we thought, which is somewhat
676         mind-boggling.  On average doubles the performance of the common
677         cases (eg. actually passing numbers in).  They're not as efficient
678         as they could be, but this way gives them the most portability.
679
680         * assembler/MacroAssemblerARM.h:
681         (JSC::MacroAssemblerARM::supportsDoubleBitops):
682         (JSC::MacroAssemblerARM::andnotDouble):
683         * assembler/MacroAssemblerARMv7.h:
684         (JSC::MacroAssemblerARMv7::supportsDoubleBitops):
685         (JSC::MacroAssemblerARMv7::andnotDouble):
686         * assembler/MacroAssemblerMIPS.h:
687         (JSC::MacroAssemblerMIPS::andnotDouble):
688         (JSC::MacroAssemblerMIPS::supportsDoubleBitops):
689         * assembler/MacroAssemblerSH4.h:
690         (JSC::MacroAssemblerSH4::supportsDoubleBitops):
691         (JSC::MacroAssemblerSH4::andnotDouble):
692         * assembler/MacroAssemblerX86.h:
693         (JSC::MacroAssemblerX86::supportsDoubleBitops):
694         * assembler/MacroAssemblerX86Common.h:
695         (JSC::MacroAssemblerX86Common::andnotDouble):
696         * assembler/MacroAssemblerX86_64.h:
697         (JSC::MacroAssemblerX86_64::supportsDoubleBitops):
698         * assembler/X86Assembler.h:
699         (JSC::X86Assembler::andnpd_rr):
700         * create_hash_table:
701         * jit/SpecializedThunkJIT.h:
702         (JSC::SpecializedThunkJIT::finalize):
703         (JSC::SpecializedThunkJIT::callDoubleToDouble):
704         * jit/ThunkGenerators.cpp:
705         (JSC::floorThunkGenerator):
706         (JSC::ceilThunkGenerator):
707         (JSC::roundThunkGenerator):
708         (JSC::expThunkGenerator):
709         (JSC::logThunkGenerator):
710         (JSC::absThunkGenerator):
711         * jit/ThunkGenerators.h:
712
713 2011-07-01  David Kilzer  <ddkilzer@apple.com>
714
715         <http://webkit.org/b/63814> Fix clang build error in JITOpcodes32_64.cpp
716
717         Fixes the following build error in clang:
718
719             JavaScriptCore/jit/JITOpcodes32_64.cpp:741:36:{741:9-741:35}: error: operator '?:' has lower precedence than '+'; '+' will be evaluated first [-Werror,-Wparentheses,3]
720                  map(m_bytecodeOffset + dynamic ? OPCODE_LENGTH(op_resolve_global_dynamic) : OPCODE_LENGTH(op_resolve_global), dst, regT1, regT0);
721                      ~~~~~~~~~~~~~~~~~~~~~~~~~~ ^
722             JavaScriptCore/jit/JITOpcodes32_64.cpp:741:36: note: place parentheses around the '+' expression to silence this warning [3]
723                  map(m_bytecodeOffset + dynamic ? OPCODE_LENGTH(op_resolve_global_dynamic) : OPCODE_LENGTH(op_resolve_global), dst, regT1, regT0);
724                                                 ^
725                      (                         )
726             fix-it:"JavaScriptCore/jit/JITOpcodes32_64.cpp":{741:9-741:9}:"("
727             fix-it:"JavaScriptCore/jit/JITOpcodes32_64.cpp":{741:35-741:35}:")"
728             JavaScriptCore/jit/JITOpcodes32_64.cpp:741:36:{741:28-741:94}: note: place parentheses around the '?:' expression to evaluate it first [3]
729                  map(m_bytecodeOffset + dynamic ? OPCODE_LENGTH(op_resolve_global_dynamic) : OPCODE_LENGTH(op_resolve_global), dst, regT1, regT0);
730                                         ~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
731             1 error generated.
732
733         * jit/JITOpcodes32_64.cpp:
734         (JSC::JIT::emit_op_resolve_global): Add parenthesis to make the
735         tertiary expression evaluate first.
736
737 2011-07-01  Sheriff Bot  <webkit.review.bot@gmail.com>
738
739         Unreviewed, rolling out r90177 and r90179.
740         http://trac.webkit.org/changeset/90177
741         http://trac.webkit.org/changeset/90179
742         https://bugs.webkit.org/show_bug.cgi?id=63790
743
744         It caused crashes on Qt in debug mode (Requested by Ossy on
745         #webkit).
746
747         * assembler/MacroAssemblerARM.h:
748         (JSC::MacroAssemblerARM::rshift32):
749         (JSC::MacroAssemblerARM::supportsFloatingPointSqrt):
750         (JSC::MacroAssemblerARM::sqrtDouble):
751         * assembler/MacroAssemblerARMv7.h:
752         (JSC::MacroAssemblerARMv7::supportsFloatingPointSqrt):
753         (JSC::MacroAssemblerARMv7::sqrtDouble):
754         * assembler/MacroAssemblerMIPS.h:
755         (JSC::MacroAssemblerMIPS::sqrtDouble):
756         (JSC::MacroAssemblerMIPS::supportsFloatingPointSqrt):
757         * assembler/MacroAssemblerSH4.h:
758         (JSC::MacroAssemblerSH4::sqrtDouble):
759         * assembler/MacroAssemblerX86.h:
760         * assembler/MacroAssemblerX86Common.h:
761         * assembler/MacroAssemblerX86_64.h:
762         * assembler/X86Assembler.h:
763         * create_hash_table:
764         * jit/JSInterfaceJIT.h:
765         (JSC::JSInterfaceJIT::emitLoadDouble):
766         * jit/SpecializedThunkJIT.h:
767         (JSC::SpecializedThunkJIT::finalize):
768         * jit/ThunkGenerators.cpp:
769         * jit/ThunkGenerators.h:
770
771 2011-06-30  Oliver Hunt  <oliver@apple.com>
772
773         Reviewed by Beth Dakin.
774
775         Make GC validation clear cell structure on destruction
776         https://bugs.webkit.org/show_bug.cgi?id=63778
777
778         * runtime/JSCell.h:
779         (JSC::JSCell::JSCell::~JSCell):
780
781 2011-06-30  Geoffrey Garen  <ggaren@apple.com>
782
783         Reviewed by Gavin Barraclough.
784
785         Added write barrier that was missing from put_by_id_transition
786         https://bugs.webkit.org/show_bug.cgi?id=63775
787
788         * dfg/DFGJITCodeGenerator.cpp:
789         (JSC::DFG::JITCodeGenerator::writeBarrier): Made this static with a
790         MacroAssembler& argument so our patching functions could use it.
791
792         (JSC::DFG::JITCodeGenerator::cachedPutById):
793         * dfg/DFGJITCodeGenerator.h:
794         * dfg/DFGNonSpeculativeJIT.cpp:
795         (JSC::DFG::NonSpeculativeJIT::compile): Updated for signature change.
796
797         * dfg/DFGRepatch.cpp:
798         (JSC::DFG::tryCachePutByID): Missing barrier!
799
800         * dfg/DFGSpeculativeJIT.cpp:
801         (JSC::DFG::SpeculativeJIT::compile): Updated for signature change.
802
803         * jit/JITPropertyAccess.cpp:
804         (JSC::JIT::privateCompilePutByIdTransition):
805         * jit/JITPropertyAccess32_64.cpp:
806         (JSC::JIT::privateCompilePutByIdTransition):
807         * jit/JSInterfaceJIT.h: Same game here. Removed storePtrWithWriteBarrier
808         because its meaning isn't clear -- maybe in the future we'll have a
809         clear way to pass all stores through a common function that guarantees
810         a write barrier, but that's not the case right now.
811
812 2011-06-30  Filip Pizlo  <fpizlo@apple.com>
813
814         Reviewed by Gavin Barraclough.
815
816         DFG non-speculative JIT does not reuse registers when compiling comparisons.
817         https://bugs.webkit.org/show_bug.cgi?id=63565
818
819         * dfg/DFGNonSpeculativeJIT.cpp:
820         (JSC::DFG::NonSpeculativeJIT::knownConstantArithOp):
821         (JSC::DFG::NonSpeculativeJIT::basicArithOp):
822         (JSC::DFG::NonSpeculativeJIT::compare):
823
824 2011-06-30  Geoffrey Garen  <ggaren@apple.com>
825
826         Reviewed by Gavin Barraclough.
827
828         Added empty write barrier stubs in all the right places in the DFG JIT
829         https://bugs.webkit.org/show_bug.cgi?id=63764
830         
831         SunSpider thinks this might be a 0.5% speedup. Meh.
832
833         * dfg/DFGJITCodeGenerator.cpp:
834         (JSC::DFG::JITCodeGenerator::writeBarrier): Le stub.
835
836         (JSC::DFG::JITCodeGenerator::cachedPutById): Don't do anything special
837         for the case where base == scratch, since we now require base and scratch
838         to be not equal, for the sake of the write barrier.
839
840         * dfg/DFGJITCodeGenerator.h: Le stub.
841
842         * dfg/DFGNonSpeculativeJIT.cpp:
843         (JSC::DFG::NonSpeculativeJIT::compile): Don't reuse the base register
844         as the scratch register, since that's incompatible with the write barrier,
845         which needs a distinct base and scratch.
846         
847         Do put the global object into a register before loading its var storage,
848         since it needs to be in a register for the write barrier to operate on it.
849
850         * dfg/DFGSpeculativeJIT.cpp:
851         (JSC::DFG::SpeculativeJIT::compile):
852         * jit/JITPropertyAccess.cpp:
853         (JSC::JIT::emitWriteBarrier): Second verse, same as the first.
854
855         * jit/JITPropertyAccess.cpp:
856         (JSC::JIT::emit_op_get_scoped_var):
857         (JSC::JIT::emit_op_put_scoped_var):
858         (JSC::JIT::emit_op_put_global_var): Deployed offsetOfRegisters() to more
859         places.
860
861         (JSC::JIT::emitWriteBarrier): Added a teeny tiny ASSERT so this function
862         is a little more than meaningless.
863
864         * jit/JITPropertyAccess32_64.cpp:
865         (JSC::JIT::emit_op_get_scoped_var):
866         (JSC::JIT::emit_op_put_scoped_var):
867         (JSC::JIT::emit_op_put_global_var): Deployed offsetOfRegisters() to more
868         places.
869
870         (JSC::JIT::emitWriteBarrier): Added a teeny tiny ASSERT so this function
871         is a little more than meaningless.
872
873         * runtime/JSVariableObject.h:
874         (JSC::JSVariableObject::offsetOfRegisters): Now used by the JIT, since
875         we put the global object in a register and only then load its var storage
876         by offset.
877
878         (JSC::JIT::emitWriteBarrier):
879
880 2011-06-30  Oliver Hunt  <oliver@apple.com>
881
882         Fix ARMv6 build
883
884         * assembler/MacroAssemblerARM.h:
885         (JSC::MacroAssemblerARM::rshift32):
886
887 2011-06-30  Oliver Hunt  <oliver@apple.com>
888
889         Reviewed by Gavin Barraclough.
890
891         Add optimised paths for a few maths functions
892         https://bugs.webkit.org/show_bug.cgi?id=63757
893
894         This adds specialised thunks for Math.abs, Math.round, Math.ceil,
895         Math.floor, Math.log, and Math.exp as they are apparently more
896         important in real web content than we thought, which is somewhat
897         mind-boggling.  On average doubles the performance of the common
898         cases (eg. actually passing numbers in).  They're not as efficient
899         as they could be, but this way gives them the most portability.
900
901         * assembler/MacroAssemblerARM.h:
902         (JSC::MacroAssemblerARM::supportsDoubleBitops):
903         (JSC::MacroAssemblerARM::andnotDouble):
904         * assembler/MacroAssemblerARMv7.h:
905         (JSC::MacroAssemblerARMv7::supportsDoubleBitops):
906         (JSC::MacroAssemblerARMv7::andnotDouble):
907         * assembler/MacroAssemblerMIPS.h:
908         (JSC::MacroAssemblerMIPS::andnotDouble):
909         (JSC::MacroAssemblerMIPS::supportsDoubleBitops):
910         * assembler/MacroAssemblerSH4.h:
911         (JSC::MacroAssemblerSH4::supportsDoubleBitops):
912         (JSC::MacroAssemblerSH4::andnotDouble):
913         * assembler/MacroAssemblerX86.h:
914         (JSC::MacroAssemblerX86::supportsDoubleBitops):
915         * assembler/MacroAssemblerX86Common.h:
916         (JSC::MacroAssemblerX86Common::andnotDouble):
917         * assembler/MacroAssemblerX86_64.h:
918         (JSC::MacroAssemblerX86_64::supportsDoubleBitops):
919         * assembler/X86Assembler.h:
920         (JSC::X86Assembler::andnpd_rr):
921         * create_hash_table:
922         * jit/SpecializedThunkJIT.h:
923         (JSC::SpecializedThunkJIT::finalize):
924         (JSC::SpecializedThunkJIT::callDoubleToDouble):
925         * jit/ThunkGenerators.cpp:
926         (JSC::floorThunkGenerator):
927         (JSC::ceilThunkGenerator):
928         (JSC::roundThunkGenerator):
929         (JSC::expThunkGenerator):
930         (JSC::logThunkGenerator):
931         (JSC::absThunkGenerator):
932         * jit/ThunkGenerators.h:
933
934 2011-06-30  Cary Clark  <caryclark@google.com>
935
936         Reviewed by James Robinson.
937
938         Use Skia if Skia on Mac Chrome is enabled
939         https://bugs.webkit.org/show_bug.cgi?id=62999
940
941         * wtf/Platform.h:
942         Add switch to use Skia if, externally,
943         Skia has been enabled by a gyp define.
944
945 2011-06-30  Juan C. Montemayor  <jmont@apple.com>
946
947         Reviewed by Geoffrey Garen.
948
949         Web Inspector fails to display source for eval with syntax error
950         https://bugs.webkit.org/show_bug.cgi?id=63583
951
952         Web Inspector now displays a link to an eval statement that contains
953         a syntax error.
954
955         * parser/Parser.h:
956         (JSC::isEvalNode):
957         (JSC::EvalNode):
958         (JSC::Parser::parse):
959
960 2011-06-30  Filip Pizlo  <fpizlo@apple.com>
961
962         Reviewed by Gavin Barraclough.
963
964         X86Assembler does not encode byte registers in 64-bit mode correctly.
965         https://bugs.webkit.org/show_bug.cgi?id=63665
966
967         * assembler/X86Assembler.h:
968         (JSC::X86Assembler::testb_rr):
969         (JSC::X86Assembler::X86InstructionFormatter::oneByteOp8):
970
971 2011-06-30  Sheriff Bot  <webkit.review.bot@gmail.com>
972
973         Unreviewed, rolling out r90102.
974         http://trac.webkit.org/changeset/90102
975         https://bugs.webkit.org/show_bug.cgi?id=63714
976
977         Lots of tests asserting beneath
978         SVGSMILElement::findInstanceTime (Requested by aroben on
979         #webkit).
980
981         * wtf/StdLibExtras.h:
982         (WTF::binarySearch):
983
984 2011-06-30  Oliver Varga  <Varga.Oliver@stud.u-szeged.hu>
985
986         Reviewed by Nikolas Zimmermann.
987
988         Speed up SVGSMILElement::findInstanceTime.
989         https://bugs.webkit.org/show_bug.cgi?id=61025
990
991         Add a new parameter to StdlibExtras.h::binarySerarch function
992         to also handle cases when the array does not contain the key value.
993         This is needed for an svg function.
994
995         * wtf/StdLibExtras.h:
996         (WTF::binarySearch):
997
998 2011-06-29  Gavin Barraclough  <barraclough@apple.com>
999
1000         Reviewed by Geoff Garen.
1001
1002         https://bugs.webkit.org/show_bug.cgi?id=63669
1003         DFG JIT - fix spectral-norm regression
1004
1005         The problem is a mis-speculation leading to us falling off the speculative path.
1006         Make the speculation logic slightly smarter, don't predict int if one of the
1007         operands is already loaded as a double (we use this logic already for compares).
1008
1009         * dfg/DFGSpeculativeJIT.cpp:
1010         (JSC::DFG::SpeculativeJIT::compile):
1011         * dfg/DFGSpeculativeJIT.h:
1012         (JSC::DFG::SpeculativeJIT::shouldSpeculateInteger):
1013
1014 2011-06-29  Filip Pizlo  <fpizlo@apple.com>
1015
1016         Reviewed by Gavin Barraclough.
1017
1018         DFG JIT does not do put_by_id transition caching.
1019         https://bugs.webkit.org/show_bug.cgi?id=63662
1020
1021         * dfg/DFGJITCodeGenerator.cpp:
1022         (JSC::DFG::JITCodeGenerator::cachedPutById):
1023         * dfg/DFGJITCompiler.h:
1024         (JSC::DFG::JITCompiler::addPropertyAccess):
1025         * dfg/DFGRepatch.cpp:
1026         (JSC::DFG::testPrototype):
1027         (JSC::DFG::tryCachePutByID):
1028
1029 2011-06-29  Geoffrey Garen  <ggaren@apple.com>
1030
1031         Reviewed by Oliver Hunt.
1032
1033         Added a dummy write barrier emitting function in all the right places in the old JIT
1034         https://bugs.webkit.org/show_bug.cgi?id=63667
1035         
1036         SunSpider reports no change.
1037
1038         * jit/JIT.h:
1039         * jit/JITPropertyAccess.cpp:
1040         (JSC::JIT::emit_op_put_by_id):
1041         (JSC::JIT::emit_op_put_scoped_var): Do it.
1042
1043         (JSC::JIT::emit_op_put_global_var): Global object needs to be in a register
1044         for the sake of the write barrier.
1045
1046         (JSC::JIT::emitWriteBarrier): Empty for now. Not for long!
1047
1048         * jit/JITPropertyAccess32_64.cpp:
1049         (JSC::JIT::emit_op_put_by_val):
1050         (JSC::JIT::emit_op_put_by_id):
1051         (JSC::JIT::emit_op_put_scoped_var): Do it.
1052
1053         (JSC::JIT::emit_op_put_global_var): Global object needs to be in a register
1054         for the sake of the write barrier.
1055
1056         (JSC::JIT::emitWriteBarrier): Empty for now. Not for long!
1057
1058 2011-06-29  Filip Pizlo  <fpizlo@apple.com>
1059
1060         Reviewed by Gavin Barraclough.
1061
1062         DFG JIT does not perform get_by_id self list caching.
1063         https://bugs.webkit.org/show_bug.cgi?id=63605
1064
1065         * bytecode/StructureStubInfo.h:
1066         * dfg/DFGJITCompiler.cpp:
1067         (JSC::DFG::JITCompiler::compileFunction):
1068         * dfg/DFGOperations.cpp:
1069         * dfg/DFGOperations.h:
1070         * dfg/DFGRepatch.cpp:
1071         (JSC::DFG::tryCacheGetByID):
1072         (JSC::DFG::tryBuildGetByIDList):
1073         (JSC::DFG::dfgBuildGetByIDList):
1074         * dfg/DFGRepatch.h:
1075
1076 2011-06-28  Filip Pizlo  <fpizlo@apple.com>
1077
1078         Reviewed by Gavin Barraclough.
1079
1080         DFG JIT lacks array.length caching.
1081         https://bugs.webkit.org/show_bug.cgi?id=63505
1082
1083         * bytecode/StructureStubInfo.h:
1084         * dfg/DFGJITCodeGenerator.cpp:
1085         (JSC::DFG::JITCodeGenerator::cachedGetById):
1086         (JSC::DFG::JITCodeGenerator::cachedPutById):
1087         * dfg/DFGJITCodeGenerator.h:
1088         (JSC::DFG::JITCodeGenerator::tryAllocate):
1089         (JSC::DFG::JITCodeGenerator::selectScratchGPR):
1090         (JSC::DFG::JITCodeGenerator::silentSpillAllRegisters):
1091         * dfg/DFGJITCompiler.cpp:
1092         (JSC::DFG::JITCompiler::compileFunction):
1093         * dfg/DFGJITCompiler.h:
1094         (JSC::DFG::JITCompiler::addPropertyAccess):
1095         (JSC::DFG::JITCompiler::PropertyAccessRecord::PropertyAccessRecord):
1096         * dfg/DFGRegisterBank.h:
1097         (JSC::DFG::RegisterBank::tryAllocate):
1098         * dfg/DFGRepatch.cpp:
1099         (JSC::DFG::tryCacheGetByID):
1100
1101 2011-06-28  Pierre Rossi  <pierre.rossi@gmail.com>
1102
1103         Reviewed by Eric Seidel.
1104
1105         Warnings in JSC's JIT on 32 bit
1106         https://bugs.webkit.org/show_bug.cgi?id=63259
1107
1108         Fairly straightforward, just use ASSERT_JIT_OFFSET_UNUSED when it applies.
1109
1110         * jit/JITPropertyAccess32_64.cpp:
1111         (JSC::JIT::emit_op_method_check):
1112         (JSC::JIT::compileGetByIdHotPath):
1113         (JSC::JIT::emit_op_put_by_id):
1114
1115 2011-06-28  Sheriff Bot  <webkit.review.bot@gmail.com>
1116
1117         Unreviewed, rolling out r89968.
1118         http://trac.webkit.org/changeset/89968
1119         https://bugs.webkit.org/show_bug.cgi?id=63581
1120
1121         Broke chromium windows compile (Requested by jamesr on
1122         #webkit).
1123
1124         * wtf/Platform.h:
1125
1126 2011-06-28  Oliver Hunt  <oliver@apple.com>
1127
1128         Reviewed by Gavin Barraclough.
1129
1130         Fix sampling build
1131         https://bugs.webkit.org/show_bug.cgi?id=63579
1132
1133         Gets opcode sampling building again, doesn't seem to work alas
1134
1135         * bytecode/SamplingTool.cpp:
1136         (JSC::SamplingTool::notifyOfScope):
1137         * bytecode/SamplingTool.h:
1138         (JSC::SamplingTool::SamplingTool):
1139         * interpreter/Interpreter.cpp:
1140         (JSC::Interpreter::enableSampler):
1141         * runtime/Executable.h:
1142         (JSC::ScriptExecutable::ScriptExecutable):
1143
1144 2011-06-28  Cary Clark  <caryclark@google.com>
1145
1146         Reviewed by James Robinson.
1147
1148         Use Skia if Skia on Mac Chrome is enabled
1149         https://bugs.webkit.org/show_bug.cgi?id=62999
1150
1151         * wtf/Platform.h:
1152         Add switch to use Skia if, externally,
1153         Skia has been enabled by a gyp define.
1154
1155 2011-06-28  Oliver Hunt  <oliver@apple.com>
1156
1157         Reviewed by Gavin Barraclough.
1158
1159         ASSERT when launching debug builds with interpreter and jit enabled
1160         https://bugs.webkit.org/show_bug.cgi?id=63566
1161
1162         Add appropriate guards to the various Executable's memory reporting
1163         logic.
1164
1165         * runtime/Executable.cpp:
1166         (JSC::EvalExecutable::compileInternal):
1167         (JSC::ProgramExecutable::compileInternal):
1168         (JSC::FunctionExecutable::compileForCallInternal):
1169         (JSC::FunctionExecutable::compileForConstructInternal):
1170
1171 2011-06-28  Gavin Barraclough  <barraclough@apple.com>
1172
1173         Reviewed by Oliver Hunt.
1174
1175         https://bugs.webkit.org/show_bug.cgi?id=63563
1176         DFG JIT - add support for double arith to speculative path
1177
1178         Add integer support for div & mod, add double support for div, mod,
1179         add, sub & mul, dynamically selecting based on operand types.
1180
1181         * dfg/DFGJITCodeGenerator.cpp:
1182         (JSC::DFG::FPRTemporary::FPRTemporary):
1183         * dfg/DFGJITCodeGenerator.h:
1184         * dfg/DFGJITCompiler.h:
1185         (JSC::DFG::JITCompiler::assembler):
1186         * dfg/DFGSpeculativeJIT.cpp:
1187         (JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
1188         (JSC::DFG::SpeculativeJIT::compile):
1189         * dfg/DFGSpeculativeJIT.h:
1190         (JSC::DFG::SpeculateDoubleOperand::SpeculateDoubleOperand):
1191         (JSC::DFG::SpeculateDoubleOperand::~SpeculateDoubleOperand):
1192         (JSC::DFG::SpeculateDoubleOperand::index):
1193         (JSC::DFG::SpeculateDoubleOperand::fpr):
1194
1195 2011-06-28  Oliver Hunt  <oliver@apple.com>
1196
1197         Fix interpreter build.
1198
1199         * interpreter/Interpreter.cpp:
1200         (JSC::Interpreter::privateExecute):
1201
1202 2011-06-28  Gavin Barraclough  <barraclough@apple.com>
1203
1204         Reviewed by Oliver Hunt.
1205
1206         https://bugs.webkit.org/show_bug.cgi?id=63561
1207         DFG JIT - don't always assume integer in relational compare
1208
1209         If neither operand is known integer, or either is in double representation,
1210         then at least use a function call (don't bail off the speculative path).
1211
1212         * dfg/DFGSpeculativeJIT.cpp:
1213         (JSC::DFG::SpeculativeJIT::compilePeepHoleCall):
1214         (JSC::DFG::SpeculativeJIT::compile):
1215         * dfg/DFGSpeculativeJIT.h:
1216         (JSC::DFG::SpeculativeJIT::isDataFormatDouble):
1217         (JSC::DFG::SpeculativeJIT::compareIsInteger):
1218
1219 2011-06-28  Oliver Hunt  <oliver@apple.com>
1220
1221         Reviewed by Gavin Barraclough.
1222
1223         Make constant array optimisation less strict about what constitutes a constant
1224         https://bugs.webkit.org/show_bug.cgi?id=63554
1225
1226         Now allow string constants in array literals to actually be considered constant,
1227         and so avoid codegen in array literals with strings in them.
1228
1229         * bytecode/CodeBlock.h:
1230         (JSC::CodeBlock::addConstantBuffer):
1231         (JSC::CodeBlock::constantBuffer):
1232         * bytecompiler/BytecodeGenerator.cpp:
1233         (JSC::BytecodeGenerator::addConstantBuffer):
1234         (JSC::BytecodeGenerator::addStringConstant):
1235         (JSC::BytecodeGenerator::emitNewArray):
1236         * bytecompiler/BytecodeGenerator.h:
1237         * interpreter/Interpreter.cpp:
1238         (JSC::Interpreter::privateExecute):
1239         * jit/JITStubs.cpp:
1240         (JSC::DEFINE_STUB_FUNCTION):
1241
1242 2011-06-28  Gavin Barraclough  <barraclough@apple.com>
1243
1244         Reviewed by Oliver Hunt.
1245
1246         https://bugs.webkit.org/show_bug.cgi?id=63560
1247         DFG_JIT allow allocation of specific machine registers
1248
1249         This allow us to allocate the registers necessary to perform x86
1250         idiv instructions for div/mod, and may be useful for shifts, too.
1251
1252         * dfg/DFGJITCodeGenerator.cpp:
1253         (JSC::DFG::GPRTemporary::GPRTemporary):
1254         * dfg/DFGJITCodeGenerator.h:
1255         (JSC::DFG::JITCodeGenerator::allocate):
1256         (JSC::DFG::GPRResult::GPRResult):
1257         * dfg/DFGRegisterBank.h:
1258         (JSC::DFG::RegisterBank::allocateSpecific):
1259         * dfg/DFGSpeculativeJIT.h:
1260         (JSC::DFG::SpeculativeJIT::isInteger):
1261
1262 2011-06-28  Gavin Barraclough  <barraclough@apple.com>
1263
1264         Reviewed by Oliver Hunt.
1265
1266         https://bugs.webkit.org/show_bug.cgi?id=55040
1267         RegExp constructor returns the argument regexp instead of a new object
1268
1269         Per 15.10.3.1, our current behaviour is correct if called as a function,
1270         but incorrect when called as a constructor.
1271
1272         * runtime/RegExpConstructor.cpp:
1273         (JSC::constructRegExp):
1274         (JSC::constructWithRegExpConstructor):
1275         * runtime/RegExpConstructor.h:
1276
1277 2011-06-28  Luke Macpherson   <macpherson@chromium.org>
1278
1279         Reviewed by Darin Adler.
1280
1281         Clean up integer clamping functions in MathExtras.h and support arbitrary numeric types and limits.
1282         https://bugs.webkit.org/show_bug.cgi?id=63469
1283
1284         * wtf/MathExtras.h:
1285         (defaultMinimumForClamp):
1286         Version of std::numeric_limits::min() that returns the largest negative value for floating point types.
1287         (defaultMaximumForClamp):
1288         Symmetric alias for std::numeric_limits::max()
1289         (clampTo):
1290         New templated clamping function that supports arbitrary output types.
1291         (clampToInteger):
1292         Use new clampTo template.
1293         (clampToFloat):
1294         Use new clampTo template.
1295         (clampToPositiveInteger):
1296         Use new clampTo template.
1297
1298 2011-06-28  Adam Roben  <aroben@apple.com>
1299
1300         Windows Debug build fix after r89885
1301
1302         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Exported
1303         JSGlobalData::releaseExecutableMemory for jsc.exe's benefit.
1304
1305 2011-06-28  Shinya Kawanaka  <shinyak@google.com>
1306
1307         Reviewed by Kent Tamura.
1308
1309         Add const to show() method in WTFString and AtomicString.
1310         https://bugs.webkit.org/show_bug.cgi?id=63515
1311
1312         The lack of const in show() method is painful when
1313         doing something like printf-debug.
1314
1315         * wtf/text/AtomicString.cpp:
1316         (WTF::AtomicString::show):
1317         * wtf/text/AtomicString.h:
1318         * wtf/text/WTFString.cpp:
1319         (String::show):
1320         * wtf/text/WTFString.h:
1321
1322 2011-06-27  Ryosuke Niwa  <rniwa@webkit.org>
1323
1324         Build fix attempt after r89885.
1325
1326         * JavaScriptCore.exp:
1327         * jsc.cpp:
1328
1329 2011-06-27  Oliver Hunt  <oliver@apple.com>
1330
1331         Reviewed by Geoffrey Garen.
1332
1333         Support throwing away non-running code even while other code is running
1334         https://bugs.webkit.org/show_bug.cgi?id=63485
1335
1336         Add a function to CodeBlock to support unlinking direct linked callsites,
1337         and then with that in place add logic to discard code from any function
1338         that is not currently on the stack.
1339
1340         The unlinking completely reverts any optimized call sites, such that they
1341         may be relinked again in future.
1342
1343         * JavaScriptCore.exp:
1344         * bytecode/CodeBlock.cpp:
1345         (JSC::CodeBlock::unlinkCalls):
1346         (JSC::CodeBlock::clearEvalCache):
1347         * bytecode/CodeBlock.h:
1348         (JSC::CallLinkInfo::CallLinkInfo):
1349         (JSC::CallLinkInfo::unlink):
1350         * bytecode/EvalCodeCache.h:
1351         (JSC::EvalCodeCache::clear):
1352         * heap/Heap.cpp:
1353         (JSC::Heap::getConservativeRegisterRoots):
1354         * heap/Heap.h:
1355         * jit/JIT.cpp:
1356         (JSC::JIT::privateCompile):
1357         * jit/JIT.h:
1358         * jit/JITCall.cpp:
1359         (JSC::JIT::compileOpCall):
1360         * jit/JITWriteBarrier.h:
1361         (JSC::JITWriteBarrierBase::clear):
1362         * jsc.cpp:
1363         (GlobalObject::GlobalObject):
1364         (functionReleaseExecutableMemory):
1365         * runtime/Executable.cpp:
1366         (JSC::EvalExecutable::unlinkCalls):
1367         (JSC::ProgramExecutable::unlinkCalls):
1368         (JSC::FunctionExecutable::discardCode):
1369         (JSC::FunctionExecutable::unlinkCalls):
1370         * runtime/Executable.h:
1371         * runtime/JSGlobalData.cpp:
1372         (JSC::SafeRecompiler::returnValue):
1373         (JSC::SafeRecompiler::operator()):
1374         (JSC::JSGlobalData::releaseExecutableMemory):
1375
1376 2011-06-27  Gavin Barraclough  <barraclough@apple.com>
1377
1378         Reviewed by Darin Adler & Oliver Hunt.
1379
1380         https://bugs.webkit.org/show_bug.cgi?id=50554
1381         RegExp.prototype.toString does not escape slashes
1382
1383         The problem here is that we don't escape forwards slashes when converting
1384         a RegExp to a string. This means that RegExp("/").toString() is "///",
1385         which is not a valid RegExp literal. Also, we return an invalid literal
1386         for RegExp.prototype.toString() ("//", which is an empty single-line comment).
1387
1388         From ES5:
1389         "NOTE: The returned String has the form of a RegularExpressionLiteral that
1390         evaluates to another RegExp object with the same behaviour as this object."
1391
1392         * runtime/RegExpObject.cpp:
1393         (JSC::regExpObjectSource):
1394             - Escape forward slashes when getting the source of a RegExp.
1395         * runtime/RegExpPrototype.cpp:
1396         (JSC::regExpProtoFuncToString):
1397             - Remove unnecessary and erroneous hack to return "//" as the string
1398             representation of RegExp.prototype. This is not a valid RegExp literal
1399             (it is an empty single-line comment).
1400
1401 2011-06-27  Gavin Barraclough  <barraclough@apple.com>
1402
1403         Reviewed by Oliver Hunt.
1404
1405         https://bugs.webkit.org/show_bug.cgi?id=63497
1406         Add DEBUG_WITH_BREAKPOINT support to the DFG JIT.
1407
1408         * dfg/DFGByteCodeParser.cpp:
1409         (JSC::DFG::ByteCodeParser::parseBlock):
1410         * dfg/DFGNode.h:
1411         * dfg/DFGNonSpeculativeJIT.cpp:
1412         (JSC::DFG::NonSpeculativeJIT::compile):
1413         * dfg/DFGSpeculativeJIT.cpp:
1414         (JSC::DFG::SpeculativeJIT::compile):
1415
1416 2011-06-27  Juan C. Montemayor  <jmont@apple.com>
1417
1418         Reviewed by Mark Rowe.
1419
1420         Indirectly including TextPosition.h and XPathGrammar.h causes compile errors
1421         https://bugs.webkit.org/show_bug.cgi?id=63392
1422         
1423         When both TextPosition.h and XPathGrammar.h are included a compile-error
1424         is caused, since XPathGrammar.h defines a macro called NUMBER and 
1425         TextPosition has a typedef named NUMBER.
1426
1427         * wtf/text/TextPosition.h:
1428         (WTF::TextPosition::TextPosition):
1429         (WTF::TextPosition::minimumPosition):
1430         (WTF::TextPosition::belowRangePosition):
1431
1432 2011-06-27  Filip Pizlo  <fpizlo@apple.com>
1433
1434         Reviewed by Gavin Barraclough.
1435
1436         DFG JIT does not perform put_by_id caching.
1437         https://bugs.webkit.org/show_bug.cgi?id=63409
1438
1439         * bytecode/StructureStubInfo.h:
1440         * dfg/DFGJITCodeGenerator.cpp:
1441         (JSC::DFG::JITCodeGenerator::cachedPutById):
1442         * dfg/DFGJITCodeGenerator.h:
1443         * dfg/DFGJITCompiler.cpp:
1444         (JSC::DFG::JITCompiler::compileFunction):
1445         * dfg/DFGJITCompiler.h:
1446         (JSC::DFG::JITCompiler::addPropertyAccess):
1447         (JSC::DFG::JITCompiler::PropertyAccessRecord::PropertyAccessRecord):
1448         * dfg/DFGNonSpeculativeJIT.cpp:
1449         (JSC::DFG::NonSpeculativeJIT::compile):
1450         * dfg/DFGOperations.cpp:
1451         * dfg/DFGOperations.h:
1452         * dfg/DFGRepatch.cpp:
1453         (JSC::DFG::dfgRepatchByIdSelfAccess):
1454         (JSC::DFG::tryCacheGetByID):
1455         (JSC::DFG::appropriatePutByIdFunction):
1456         (JSC::DFG::tryCachePutByID):
1457         (JSC::DFG::dfgRepatchPutByID):
1458         * dfg/DFGRepatch.h:
1459         * dfg/DFGSpeculativeJIT.cpp:
1460         (JSC::DFG::SpeculativeJIT::compile):
1461
1462 2011-06-27  Gustavo Noronha Silva  <gns@gnome.org>
1463
1464         Unreviewed build fix. One more filed missing during distcheck, for
1465         the MIPS build.
1466
1467         * GNUmakefile.list.am:
1468
1469 2011-06-26  Filip Pizlo  <fpizlo@apple.com>
1470
1471         Reviewed by Gavin Barraclough.
1472
1473         DFG non-speculative JIT has potentially harmful speculations with respect to arithmetic operations.
1474         https://bugs.webkit.org/show_bug.cgi?id=63347
1475
1476         * dfg/DFGNonSpeculativeJIT.cpp:
1477             - Changed arithmetic operations to speculate in favor of integers.
1478         (JSC::DFG::NonSpeculativeJIT::valueToNumber):
1479         (JSC::DFG::NonSpeculativeJIT::knownConstantArithOp):
1480         (JSC::DFG::NonSpeculativeJIT::basicArithOp):
1481         (JSC::DFG::NonSpeculativeJIT::compile):
1482         * dfg/DFGNonSpeculativeJIT.h:
1483         * dfg/DFGOperations.cpp:
1484             - Added slow-path routines for arithmetic that perform no speculation; the
1485               non-speculative JIT will generate calls to these in cases where its
1486               speculation fails.
1487         * dfg/DFGOperations.h:
1488
1489 2011-06-24  Nikolas Zimmermann  <nzimmermann@rim.com>
1490
1491         Reviewed by Rob Buis.
1492
1493         Integrate SVG Fonts within GlyphPage concept, removing the special SVG code paths from Font, making it possible to reuse the simple text code path for SVG Fonts
1494         https://bugs.webkit.org/show_bug.cgi?id=59085
1495
1496         * wtf/Platform.h: Force Qt-EWS into a full rebuild, otherwhise this patch breaks the EWS.
1497
1498 2011-06-24  Michael Saboff  <msaboff@apple.com>
1499
1500         Reviewed by Gavin Barraclough.
1501
1502         Arm Assembler, Immediate stack offset values truncated to 8 bits for add & sub
1503         https://bugs.webkit.org/show_bug.cgi?id=63345
1504
1505         The methods ARMThumbImmediate::getUInt9 and ARMThumbImmediate::getUInt10
1506         return 9 and 10 bit quantities, therefore changed their return type from
1507         uint8_t to uint16_t.  Also casted the places where they are used as they
1508         are currently shifted and used as 7 or 8 bit values.
1509
1510         These methods are currently used for literals for stack offsets, 
1511         including creating and destroying stack frames.  The prior truncation of
1512         the upper bits caused stack frames to be too small, thus allowing a
1513         JIT'ed function to access and overwrite stack space outside of the
1514         incorrectly sized stack frame.
1515
1516         * assembler/ARMv7Assembler.h:
1517         (JSC::ARMThumbImmediate::getUInt9):
1518         (JSC::ARMThumbImmediate::getUInt10):
1519         (JSC::ARMv7Assembler::add):
1520         (JSC::ARMv7Assembler::ldr):
1521         (JSC::ARMv7Assembler::str):
1522         (JSC::ARMv7Assembler::sub):
1523         (JSC::ARMv7Assembler::sub_S):
1524
1525 2011-06-24  Michael Saboff  <msaboff@apple.com>
1526
1527         Reviewed by Geoffrey Garen.
1528
1529         releaseFastMallocFreeMemory doesn't adjust free counts for scavenger
1530         https://bugs.webkit.org/show_bug.cgi?id=63015
1531
1532         Added code to adjust class TCMalloc_PageHeap variables free_committed_pages_ and
1533         min_free_committed_pages_since_last_scavenge_ in ReleaseFreeList().  These 
1534         adjustments are a bug.  These need to reflect the pages that are released
1535         in ReleaseFreeLsit so that scavenge doesn't try to free that many pages as well.
1536         Made ReleaseFreeList a member of TCMalloc_PageHeap in the process.  Updated
1537         Check() and helper method CheckList() to check the number of actual free pages
1538         with free_committed_pages_.
1539
1540         The symptom of the problem of the existing code is that the scavenger may
1541         run unneccesarily without any real work to do, i.e. pages on the free lists.
1542         The scanvenger would also end up freeing too many pages, that is going below 
1543         the current 528 target free pages.
1544
1545         Note that the style of the changes was kept consistent with the
1546         existing style.
1547
1548         * wtf/FastMalloc.cpp:
1549         (WTF::TCMalloc_PageHeap::Check):
1550         (WTF::TCMalloc_PageHeap::CheckList):
1551         (WTF::TCMalloc_PageHeap::ReleaseFreeList):
1552
1553 2011-06-24  Abhishek Arya  <inferno@chromium.org>
1554
1555         Reviewed by Darin Adler.
1556
1557         Match other clampTo* functions in style with clampToInteger(float)
1558         function.
1559         https://bugs.webkit.org/show_bug.cgi?id=53449
1560
1561         * wtf/MathExtras.h:
1562         (clampToInteger):
1563         (clampToFloat):
1564         (clampToPositiveInteger):
1565
1566 2011-06-24  Sheriff Bot  <webkit.review.bot@gmail.com>
1567
1568         Unreviewed, rolling out r89594.
1569         http://trac.webkit.org/changeset/89594
1570         https://bugs.webkit.org/show_bug.cgi?id=63316
1571
1572         It broke 5 tests on the Qt bot (Requested by Ossy_DC on
1573         #webkit).
1574
1575         * GNUmakefile.list.am:
1576         * JavaScriptCore.gypi:
1577         * icu/unicode/uscript.h: Removed.
1578         * wtf/unicode/ScriptCodesFromICU.h: Removed.
1579         * wtf/unicode/brew/UnicodeBrew.h:
1580         * wtf/unicode/glib/UnicodeGLib.h:
1581         * wtf/unicode/icu/UnicodeIcu.h:
1582         * wtf/unicode/qt4/UnicodeQt4.h:
1583         * wtf/unicode/wince/UnicodeWinCE.h:
1584
1585 2011-06-23  Filip Pizlo  <fpizlo@apple.com>
1586
1587         Reviewed by Gavin Barraclough.
1588
1589         DFG non-speculative JIT should have obvious optimizations for GetById and GetByVal
1590         https://bugs.webkit.org/show_bug.cgi?id=63173
1591
1592         * dfg/DFGJITCodeGenerator.cpp:
1593         (JSC::DFG::JITCodeGenerator::cachedGetById):
1594         * dfg/DFGJITCodeGenerator.h:
1595         * dfg/DFGNonSpeculativeJIT.cpp:
1596         (JSC::DFG::NonSpeculativeJIT::compile):
1597         * dfg/DFGSpeculativeJIT.cpp:
1598         (JSC::DFG::SpeculativeJIT::compile):
1599
1600 2011-06-23  Oliver Hunt  <oliver@apple.com>
1601
1602         Fix Qt again.
1603
1604         * assembler/ARMAssembler.h:
1605         (JSC::ARMAssembler::readPointer):
1606
1607 2011-06-23  Oliver Hunt  <oliver@apple.com>
1608
1609         Fix Qt Build
1610
1611         * assembler/ARMAssembler.h:
1612         (JSC::ARMAssembler::readPointer):
1613
1614 2011-06-23  Stephanie Lewis  <slewis@apple.com>
1615
1616         Reviewed by Darin Adler.
1617
1618         https://bugs.webkit.org/show_bug.cgi?id=63298
1619         Replace Malloc with FastMalloc to match the rest of wtf.
1620
1621         * wtf/BlockStack.h:
1622         (WTF::::~BlockStack):
1623         (WTF::::grow):
1624         (WTF::::shrink):
1625
1626 2011-06-23  Oliver Hunt  <oliver@apple.com>
1627
1628         Reviewed by Gavin Barraclough.
1629
1630         Add the ability to dynamically modify linked call sites
1631         https://bugs.webkit.org/show_bug.cgi?id=63291
1632
1633         Add JITWriteBarrier as a writebarrier class that allows
1634         reading and writing directly into the code stream.
1635
1636         This required adding logic to all the assemblers to allow
1637         us to read values back out of the instruction stream.
1638
1639         * JavaScriptCore.xcodeproj/project.pbxproj:
1640         * assembler/ARMAssembler.h:
1641         (JSC::ARMAssembler::readPointer):
1642         * assembler/ARMv7Assembler.h:
1643         (JSC::ARMv7Assembler::readPointer):
1644         (JSC::ARMv7Assembler::readInt32):
1645         (JSC::ARMv7Assembler::decodeTwoWordOp5i6Imm4Reg4EncodedImmFirst):
1646         (JSC::ARMv7Assembler::decodeTwoWordOp5i6Imm4Reg4EncodedImmSecond):
1647         * assembler/AbstractMacroAssembler.h:
1648         (JSC::AbstractMacroAssembler::readPointer):
1649         * assembler/MIPSAssembler.h:
1650         (JSC::MIPSAssembler::readInt32):
1651         (JSC::MIPSAssembler::readPointer):
1652         * assembler/MacroAssemblerCodeRef.h:
1653         (JSC::MacroAssemblerCodePtr::operator!):
1654         * assembler/SH4Assembler.h:
1655         (JSC::SH4Assembler::readPCrelativeAddress):
1656         (JSC::SH4Assembler::readPointer):
1657         (JSC::SH4Assembler::readInt32):
1658         * assembler/X86Assembler.h:
1659         (JSC::X86Assembler::readPointer):
1660         * bytecode/CodeBlock.cpp:
1661         (JSC::CodeBlock::visitAggregate):
1662         * bytecode/CodeBlock.h:
1663         (JSC::MethodCallLinkInfo::seenOnce):
1664         (JSC::MethodCallLinkInfo::setSeen):
1665         * heap/MarkStack.h:
1666         * jit/JIT.cpp:
1667         (JSC::JIT::privateCompile):
1668         (JSC::JIT::linkCall):
1669         (JSC::JIT::linkConstruct):
1670         * jit/JITPropertyAccess.cpp:
1671         (JSC::JIT::patchMethodCallProto):
1672         * jit/JITPropertyAccess32_64.cpp:
1673         * jit/JITWriteBarrier.h: Added.
1674         (JSC::JITWriteBarrierBase::operator UnspecifiedBoolType*):
1675         (JSC::JITWriteBarrierBase::operator!):
1676         (JSC::JITWriteBarrierBase::setFlagOnBarrier):
1677         (JSC::JITWriteBarrierBase::isFlagged):
1678         (JSC::JITWriteBarrierBase::setLocation):
1679         (JSC::JITWriteBarrierBase::location):
1680         (JSC::JITWriteBarrierBase::JITWriteBarrierBase):
1681         (JSC::JITWriteBarrierBase::set):
1682         (JSC::JITWriteBarrierBase::get):
1683         (JSC::JITWriteBarrier::JITWriteBarrier):
1684         (JSC::JITWriteBarrier::set):
1685         (JSC::JITWriteBarrier::get):
1686         (JSC::MarkStack::append):
1687
1688 2011-06-23  Gavin Barraclough  <barraclough@apple.com>
1689
1690         Reviewed by Oliver Hunt.
1691
1692         https://bugs.webkit.org/show_bug.cgi?id=61585
1693         Crash running regexp /(?:(?=g))|(?:m).{2147483648,}/
1694
1695         This is due to use of int instead of unsigned, bad math around
1696         the 2^31 boundary.
1697
1698         * yarr/YarrInterpreter.cpp:
1699         (JSC::Yarr::ByteCompiler::emitDisjunction):
1700             - Change some uses of int to unsigned, refactor compare logic to
1701               restrict to the range 0..2^32-1 (rather than -2^32-1..2^32-1).
1702         * yarr/YarrJIT.cpp:
1703         (JSC::Yarr::YarrGenerator::generate):
1704         (JSC::Yarr::YarrGenerator::backtrack):
1705             - Ditto.
1706
1707 2011-06-22  Gavin Barraclough  <barraclough@apple.com>
1708
1709         Reviewed by Sam Weinig.
1710
1711         https://bugs.webkit.org/show_bug.cgi?id=63218
1712         DFG JIT - remove machine type guarantees from graph
1713
1714         The DFG JIT currently makes assumptions about the types of machine registers
1715         that certain nodes will be loaded into. This will be broken as we generate
1716         nodes to produce both integer and double code paths. Remove int<->double
1717         conversions nodes. This design decision also gave rise to multiple types of
1718         constant nodes, requiring separate handling for each type. Merge these back
1719         into JSConstant.
1720
1721         * dfg/DFGAliasTracker.h:
1722         (JSC::DFG::AliasTracker::equalIgnoringLaterNumericConversion):
1723         * dfg/DFGByteCodeParser.cpp:
1724         (JSC::DFG::ByteCodeParser::getToInt32):
1725         (JSC::DFG::ByteCodeParser::getToNumber):
1726         (JSC::DFG::ByteCodeParser::toInt32):
1727         (JSC::DFG::ByteCodeParser::toNumber):
1728         (JSC::DFG::ByteCodeParser::isInt32Constant):
1729         (JSC::DFG::ByteCodeParser::isDoubleConstant):
1730         (JSC::DFG::ByteCodeParser::valueOfInt32Constant):
1731         (JSC::DFG::ByteCodeParser::valueOfDoubleConstant):
1732         (JSC::DFG::ByteCodeParser::one):
1733         (JSC::DFG::ByteCodeParser::predictInt32):
1734         * dfg/DFGGraph.cpp:
1735         (JSC::DFG::Graph::dump):
1736         * dfg/DFGJITCodeGenerator.h:
1737         (JSC::DFG::JITCodeGenerator::silentFillGPR):
1738         (JSC::DFG::JITCodeGenerator::silentFillFPR):
1739         (JSC::DFG::JITCodeGenerator::isJSConstant):
1740         (JSC::DFG::JITCodeGenerator::isDoubleConstant):
1741         (JSC::DFG::JITCodeGenerator::valueOfJSConstantAsImmPtr):
1742         * dfg/DFGJITCompiler.cpp:
1743         (JSC::DFG::JITCompiler::fillNumericToDouble):
1744         (JSC::DFG::JITCompiler::fillInt32ToInteger):
1745         * dfg/DFGJITCompiler.h:
1746         (JSC::DFG::JITCompiler::isJSConstant):
1747         (JSC::DFG::JITCompiler::isInt32Constant):
1748         (JSC::DFG::JITCompiler::isDoubleConstant):
1749         (JSC::DFG::JITCompiler::valueOfJSConstant):
1750         (JSC::DFG::JITCompiler::valueOfInt32Constant):
1751         (JSC::DFG::JITCompiler::valueOfDoubleConstant):
1752         * dfg/DFGNode.h:
1753         (JSC::DFG::Node::Node):
1754         (JSC::DFG::Node::isConstant):
1755         (JSC::DFG::Node::notTakenBytecodeOffset):
1756         * dfg/DFGNonSpeculativeJIT.cpp:
1757         (JSC::DFG::NonSpeculativeJIT::isKnownInteger):
1758         (JSC::DFG::NonSpeculativeJIT::isKnownNumeric):
1759         (JSC::DFG::NonSpeculativeJIT::compile):
1760         * dfg/DFGSpeculativeJIT.cpp:
1761         (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
1762         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
1763         (JSC::DFG::SpeculativeJIT::compilePeepHoleIntegerBranch):
1764         (JSC::DFG::SpeculativeJIT::compile):
1765
1766 2011-06-23  Jungshik Shin  <jshin@chromium.org>
1767
1768         Reviewed by Alexey Proskuryakov.
1769
1770         Add ScriptCodesFromICU.h to wtf/unicode and make necessary changes in
1771         build files for ports not using ICU.
1772         Add icu/unicode/uscript.h for ports using ICU. It's taken from 
1773         ICU 3.6 (the version used on Mac OS 10.5)
1774
1775         http://bugs.webkit.org/show_bug.cgi?id=20797
1776
1777         * GNUmakefile.list.am:
1778         * JavaScriptCore.gypi:
1779         * icu/unicode/uscript.h: Added for UScriptCode enum.
1780         * wtf/unicode/ScriptCodesFromICU.h: UScriptCode enum added.
1781         * wtf/unicode/icu/UnicodeIcu.h:
1782         * wtf/unicode/brew/UnicodeBrew.h:
1783         * wtf/unicode/glib/UnicodeGLib.h:
1784         * wtf/unicode/qt4/UnicodeQt4.h:
1785         * wtf/unicode/wince/UnicodeWinCE.h:
1786
1787 2011-06-23  Ryuan Choi  <ryuan.choi@samsung.com>
1788
1789         Reviewed by Andreas Kling.
1790
1791         [EFL][WK2] Add PLATFORM(EFL) to use UNIX_DOMAIN_SOCKETS.
1792         https://bugs.webkit.org/show_bug.cgi?id=63228
1793
1794         * wtf/Platform.h: Add PLATFORM(EFL) guard.
1795
1796 2011-06-23  Sheriff Bot  <webkit.review.bot@gmail.com>
1797
1798         Unreviewed, rolling out r89547.
1799         http://trac.webkit.org/changeset/89547
1800         https://bugs.webkit.org/show_bug.cgi?id=63252
1801
1802         "Chrmium crash on start" (Requested by yurys on #webkit).
1803
1804         * wtf/DynamicAnnotations.cpp:
1805         (WTFAnnotateBenignRaceSized):
1806         (WTFAnnotateHappensBefore):
1807         (WTFAnnotateHappensAfter):
1808         * wtf/DynamicAnnotations.h:
1809
1810 2011-06-23  Timur Iskhodzhanov  <timurrrr@google.com>
1811
1812         Reviewed by David Levin.
1813
1814         Make dynamic annotations weak symbols and prevent identical code folding by the linker
1815         https://bugs.webkit.org/show_bug.cgi?id=62443
1816
1817         * wtf/DynamicAnnotations.cpp:
1818         (WTFAnnotateBenignRaceSized):
1819         (WTFAnnotateHappensBefore):
1820         (WTFAnnotateHappensAfter):
1821         * wtf/DynamicAnnotations.h:
1822
1823 2011-06-22  Yael Aharon  <yael.aharon@nokia.com>
1824
1825         Reviewed by Andreas Kling.
1826
1827         [Qt] Add a build flag for building with libxml2 and libxslt.
1828         https://bugs.webkit.org/show_bug.cgi?id=63113
1829
1830         * wtf/Platform.h:
1831
1832 2011-06-22  Sheriff Bot  <webkit.review.bot@gmail.com>
1833
1834         Unreviewed, rolling out r89489.
1835         http://trac.webkit.org/changeset/89489
1836         https://bugs.webkit.org/show_bug.cgi?id=63203
1837
1838         Broke chromium mac build on build.webkit.org (Requested by
1839         abarth on #webkit).
1840
1841         * wtf/Platform.h:
1842
1843 2011-06-22  Cary Clark  <caryclark@google.com>
1844
1845         Reviewed by Darin Fisher.
1846
1847         Use Skia if Skia on Mac Chrome is enabled
1848         https://bugs.webkit.org/show_bug.cgi?id=62999
1849
1850         * wtf/Platform.h:
1851         Add switch to use Skia if, externally,
1852         Skia has been enabled by a gyp define.
1853
1854 2011-06-22  Geoffrey Garen  <ggaren@apple.com>
1855
1856         Reviewed by Oliver Hunt.
1857
1858         * interpreter/RegisterFile.h: Removed unnecessary #include <stdio.h>.
1859
1860 2011-06-22  Geoffrey Garen  <ggaren@apple.com>
1861
1862         Reviewed by Oliver Hunt.
1863
1864         Removed the conceit that global variables are local variables when running global code
1865         https://bugs.webkit.org/show_bug.cgi?id=63106
1866         
1867         This is required for write barrier correctness.
1868         
1869         SunSpider reports about a 0.5% regression, mostly from bitops-bitwise-and.js.
1870         I was able to reduce the regression with a tiny peephole optimization in
1871         the bytecompiler, but not eliminate it. I'm committing this assuming
1872         that turning on generational GC will win back at least 0.5%.
1873
1874         (FWIW, the DFG JIT can easily eliminate any regression by sharing loads of
1875         the global object's var storage. I considered doing the same kind of
1876         optimization in the existing JIT, but it seemed like moving in the wrong
1877         direction.)
1878
1879         * bytecompiler/BytecodeGenerator.cpp:
1880         (JSC::BytecodeGenerator::addGlobalVar):
1881         (JSC::BytecodeGenerator::BytecodeGenerator): Don't give global variables
1882         negative indices, since they're no longer negatively offset from the
1883         current stack frame.
1884         
1885         Do give global variables monotonically increasing positive indices, since
1886         that's much easier to work with.
1887         
1888         Don't limit the number of optimizable global variables, since it's no
1889         longer limited by the register file, since they're no longer stored in
1890         the register file.
1891
1892         (JSC::BytecodeGenerator::registerFor): Global code never has any local
1893         registers because a var in global code is actually a property of the
1894         global object.
1895
1896         (JSC::BytecodeGenerator::constRegisterFor): Ditto.
1897
1898         (JSC::BytecodeGenerator::emitResolve): Did a tiny bit of constant
1899         propagation and dead code elimination to speed up our compiles and
1900         reduce WTFs / minute.
1901
1902         * bytecompiler/BytecodeGenerator.h:
1903         (JSC::BytecodeGenerator::registerFor): Removed special handling of globals.
1904
1905         (JSC::BytecodeGenerator::shouldOptimizeLocals): Don't optimize locals in
1906         global code, since there are none.
1907
1908         (JSC::BytecodeGenerator::canOptimizeNonLocals): Do optimize non-locals
1909         in global code (i.e., global vars), since there are some.
1910
1911         * interpreter/Interpreter.cpp:
1912         (JSC::Interpreter::callEval):
1913         (JSC::Interpreter::Interpreter):
1914         (JSC::Interpreter::dumpRegisters):
1915         (JSC::Interpreter::execute):
1916         * interpreter/Interpreter.h: Updated for deleted / renamed code.
1917
1918         * interpreter/RegisterFile.cpp:
1919         (JSC::RegisterFile::gatherConservativeRoots):
1920         (JSC::RegisterFile::releaseExcessCapacity): Updated for deleted / renamed
1921         data members.
1922
1923         * interpreter/RegisterFile.h:
1924         (JSC::RegisterFile::begin):
1925         (JSC::RegisterFile::size):
1926         (JSC::RegisterFile::RegisterFile):
1927         (JSC::RegisterFile::shrink): Removed all code and comments dealing with
1928         global variables stored in the register file.
1929
1930         (JSC::RegisterFile::grow): Updated for same.
1931         
1932         Also, a slight correctness fix: Test the VM commit end, and not just the
1933         in-use end, when checking for stack overflow. In theory, it's invalid to
1934         commit past the end of your allocation, even if you never touch that
1935         memory. This makes the usable size of the stack slightly smaller. No test
1936         because we don't know of any case in practice where this crashes.
1937
1938         * runtime/JSGlobalData.cpp:
1939         (JSC::JSGlobalData::JSGlobalData): Updated for changes above.
1940
1941         * runtime/JSGlobalObject.cpp:
1942         (JSC::JSGlobalObject::resizeRegisters):
1943         (JSC::JSGlobalObject::addStaticGlobals):
1944         * runtime/JSGlobalObject.h: Simplified globals to have monotonically 
1945         increasing indexes, always located in our external storage.
1946
1947 2011-06-21  MORITA Hajime  <morrita@google.com>
1948
1949         Unreviewed, rolling out r89401 and r89403.
1950         http://trac.webkit.org/changeset/89401
1951         http://trac.webkit.org/changeset/89403
1952         https://bugs.webkit.org/show_bug.cgi?id=62970
1953
1954         Breaks mac build and mistakenly enables the spellcheck API
1955
1956         * Configurations/FeatureDefines.xcconfig:
1957         * JavaScriptCore.xcodeproj/project.pbxproj:
1958
1959 2011-06-21  Kent Tamura  <tkent@chromium.org>
1960
1961         [Mac] Sort Xcode project files.
1962
1963         * JavaScriptCore.xcodeproj/project.pbxproj:
1964
1965 2011-06-20  MORITA Hajime  <morrita@google.com>
1966
1967         Reviewed by Kent Tamura.
1968
1969         Spellcheck API should be build-able.
1970         https://bugs.webkit.org/show_bug.cgi?id=62970
1971
1972         No new tests, changing only build related files
1973         
1974         * Configurations/FeatureDefines.xcconfig:
1975
1976 2011-06-21  Geoffrey Garen  <ggaren@apple.com>
1977
1978         Reviewed by Oliver Hunt.
1979
1980         Moved 'const' off the global-variable-as-local-variable crack pipe
1981         https://bugs.webkit.org/show_bug.cgi?id=63105
1982         
1983         This is necessary for moving the rest of the code off of same.
1984         
1985         Many problems remain in our handling of const. I have fixed none of them.
1986
1987         * bytecompiler/BytecodeGenerator.h:
1988         (JSC::BytecodeGenerator::scopeChain): New accessor, needed to enable
1989         const to directly implement its unique scoping rules.
1990
1991         * bytecompiler/NodesCodegen.cpp:
1992         (JSC::PrefixResolveNode::emitBytecode): Do specify that our resolve is
1993         for writing, so we don't overwrite const variables.
1994
1995         (JSC::ConstDeclNode::emitCodeSingle): Don't assume that all declared const
1996         variables are available as local variables, since this won't be the case
1997         once global variables are not available as local variables. Instead, use
1998         put_scoped_var in the case where there is no local variable. Like a local
1999         variable, put_scoped_var succeeds even though const properties are
2000         read-only, since put_scoped_var skips read-only checks. (Yay?)
2001
2002 2011-06-21  Oliver Hunt  <oliver@apple.com>
2003
2004         Reviewed by Alexey Proskuryakov.
2005
2006         REGRESSION(r89257): It broke 2 jscore tests (Requested by Ossy_away on #webkit).
2007         https://bugs.webkit.org/show_bug.cgi?id=63052
2008
2009         Release mode only failure, the stack overflow guards were getting there error
2010         handling inlined, so that they were essentially causing their own demise.
2011
2012         * parser/JSParser.cpp:
2013         (JSC::JSParser::updateErrorMessage):
2014         (JSC::JSParser::updateErrorWithNameAndMessage):
2015
2016 2011-06-20  Kenneth Russell  <kbr@google.com>
2017
2018         Unreviewed.
2019
2020         Rolled out r89233 and r89235 because of crashes in http/tests/misc/acid3.html on Snow Leopard and other platforms
2021         https://bugs.webkit.org/show_bug.cgi?id=63022
2022
2023         * wtf/Platform.h:
2024
2025 2011-06-18  Anders Carlsson  <andersca@apple.com>
2026
2027         Reviewed by Darin Adler.
2028
2029         Disallow assigning into PassOwnArrayPtr, PassOwnPtr and PassRefPtr
2030         https://bugs.webkit.org/show_bug.cgi?id=62940
2031
2032         Remove clear() and all assignment operators except one which now has a COMPILE_ASSERT.
2033
2034         * wtf/PassOwnArrayPtr.h:
2035         (WTF::PassOwnArrayPtr::operator=):
2036         * wtf/PassOwnPtr.h:
2037         (WTF::PassOwnPtr::operator=):
2038         * wtf/PassRefPtr.h:
2039         (WTF::PassRefPtr::operator=):
2040         (WTF::NonNullPassRefPtr::operator=):
2041
2042 2011-06-20  Oliver Hunt  <oliver@apple.com>
2043
2044         Reviewed by Darin Adler.
2045
2046         REGRESSION (r79060): Searching for a flight at united.com fails
2047         https://bugs.webkit.org/show_bug.cgi?id=63003
2048
2049         This original change also broke Twitter, and we attempted to refine the fix to 
2050         address that problem (http://trac.webkit.org/changeset/80542), but since it still breaks United,
2051         we need to revert the change until we understand the problem better.
2052
2053         * wtf/DateMath.cpp:
2054         (WTF::parseDateFromNullTerminatedCharacters):
2055
2056 2011-06-20  Juan C. Montemayor  <jmont@apple.com>
2057
2058         Reviewed by Oliver Hunt.
2059
2060         No context for javascript parse errors.
2061         https://bugs.webkit.org/show_bug.cgi?id=62613
2062         
2063         Parse errors now show more details like:
2064         "Unexpected token: ]"
2065         or
2066         "Expected token: while"
2067         
2068         For reserved names, numbers, indentifiers, strings, lexer errors, 
2069         and EOFs, the following error messages are printed:
2070         
2071         "Use of reserved word: super"
2072         "Unexpected number: 42"
2073         "Unexpected identifier: "
2074         "Unexpected string: "foobar""
2075         "Invalid token character sequence: \u4023"
2076         "Unexpected EOF"
2077
2078         * parser/JSParser.cpp:
2079         (JSC::JSParser::consume):
2080         (JSC::JSParser::getToken):
2081         (JSC::JSParser::getTokenName):
2082         (JSC::JSParser::updateErrorMessageSpecialCase):
2083         (JSC::JSParser::updateErrorMessage):
2084         (JSC::JSParser::updateErrorWithNameAndMessage):
2085         (JSC::jsParse):
2086         (JSC::JSParser::JSParser):
2087         (JSC::JSParser::parseProgram):
2088         (JSC::JSParser::parseVarDeclarationList):
2089         (JSC::JSParser::parseForStatement):
2090         (JSC::JSParser::parseBreakStatement):
2091         (JSC::JSParser::parseContinueStatement):
2092         (JSC::JSParser::parseWithStatement):
2093         (JSC::JSParser::parseTryStatement):
2094         (JSC::JSParser::parseStatement):
2095         (JSC::JSParser::parseFormalParameters):
2096         (JSC::JSParser::parseFunctionInfo):
2097         (JSC::JSParser::parseAssignmentExpression):
2098         (JSC::JSParser::parsePrimaryExpression):
2099         (JSC::JSParser::parseMemberExpression):
2100         (JSC::JSParser::parseUnaryExpression):
2101         * parser/JSParser.h:
2102         * parser/Lexer.cpp:
2103         (JSC::Lexer::lex):
2104         * parser/Parser.cpp:
2105         (JSC::Parser::parse):
2106
2107 2011-06-20  Nikolas Zimmermann  <nzimmermann@rim.com>
2108
2109         Reviewed by Rob Buis.
2110
2111         Integrate SVG Fonts within GlyphPage concept, removing the special SVG code paths from Font, making it possible to reuse the simple text code path for SVG Fonts
2112         https://bugs.webkit.org/show_bug.cgi?id=59085
2113
2114         * wtf/Platform.h: Force Qt-EWS into a full rebuild, otherwhise this patch breaks the EWS.
2115
2116 2011-06-19  Oliver Hunt  <oliver@apple.com>
2117
2118         Reviewed by Sam Weinig.
2119
2120         Correct logic for putting errors on the correct line when handling JSONP
2121         https://bugs.webkit.org/show_bug.cgi?id=62962
2122
2123         Minor fix for the minor fix.  *sigh*
2124
2125         * interpreter/Interpreter.cpp:
2126         (JSC::Interpreter::execute):
2127
2128 2011-06-19  Oliver Hunt  <oliver@apple.com>
2129
2130         Minor fix to correct layout test results.
2131
2132         * interpreter/Interpreter.cpp:
2133         (JSC::Interpreter::execute):
2134
2135 2011-06-17  Oliver Hunt  <oliver@apple.com>
2136
2137         Reviewed by Gavin Barraclough.
2138
2139         JSONP is unnecessarily slow
2140         https://bugs.webkit.org/show_bug.cgi?id=62920
2141
2142         JSONP has unfortunately become a fairly common idiom online, yet
2143         it triggers very poor performance in JSC as we end up doing codegen
2144         for a large number of property accesses that will
2145            * only be run once, so the vast amount of logic we dump to handle
2146              caching of accesses is unnecessary.
2147            * We are doing codegen that is directly proportional to just
2148              creating the object in the first place.
2149
2150         This patch extends the use of the literal parser to JSONP-like structures
2151         in global code, handling a number of different forms I have seen online.
2152         In an extreme case this improves performance of JSONP by more than 2x
2153         due to removal of code generation and execution time, and a few optimisations
2154         that I made to the parser itself.
2155
2156         * API/JSValueRef.cpp:
2157         (JSValueMakeFromJSONString):
2158         * interpreter/Interpreter.cpp:
2159         (JSC::Interpreter::callEval):
2160         (JSC::Interpreter::execute):
2161         * parser/Lexer.cpp:
2162         (JSC::Lexer::isKeyword):
2163         * parser/Lexer.h:
2164         * runtime/JSGlobalObjectFunctions.cpp:
2165         (JSC::globalFuncEval):
2166         * runtime/JSONObject.cpp:
2167         (JSC::JSONProtoFuncParse):
2168         * runtime/LiteralParser.cpp:
2169         (JSC::LiteralParser::tryJSONPParse):
2170         (JSC::LiteralParser::makeIdentifier):
2171         (JSC::LiteralParser::Lexer::lex):
2172         (JSC::LiteralParser::Lexer::next):
2173         (JSC::isSafeStringCharacter):
2174         (JSC::LiteralParser::Lexer::lexString):
2175         (JSC::LiteralParser::Lexer::lexNumber):
2176         (JSC::LiteralParser::parse):
2177         * runtime/LiteralParser.h:
2178         (JSC::LiteralParser::LiteralParser):
2179         (JSC::LiteralParser::tryLiteralParse):
2180         (JSC::LiteralParser::Lexer::Lexer):
2181
2182 2011-06-18  Sheriff Bot  <webkit.review.bot@gmail.com>
2183
2184         Unreviewed, rolling out r89184.
2185         http://trac.webkit.org/changeset/89184
2186         https://bugs.webkit.org/show_bug.cgi?id=62927
2187
2188         It broke 22 tests on all bot (Requested by Ossy_weekend on
2189         #webkit).
2190
2191         * API/JSValueRef.cpp:
2192         (JSValueMakeFromJSONString):
2193         * interpreter/Interpreter.cpp:
2194         (JSC::Interpreter::callEval):
2195         (JSC::Interpreter::execute):
2196         * parser/Lexer.cpp:
2197         * parser/Lexer.h:
2198         * runtime/JSGlobalObjectFunctions.cpp:
2199         (JSC::globalFuncEval):
2200         * runtime/JSONObject.cpp:
2201         (JSC::JSONProtoFuncParse):
2202         * runtime/LiteralParser.cpp:
2203         (JSC::LiteralParser::Lexer::lex):
2204         (JSC::isSafeStringCharacter):
2205         (JSC::LiteralParser::Lexer::lexString):
2206         (JSC::LiteralParser::Lexer::lexNumber):
2207         (JSC::LiteralParser::parse):
2208         * runtime/LiteralParser.h:
2209         (JSC::LiteralParser::LiteralParser):
2210         (JSC::LiteralParser::tryLiteralParse):
2211         (JSC::LiteralParser::Lexer::Lexer):
2212         (JSC::LiteralParser::Lexer::next):
2213
2214 2011-06-17  Oliver Hunt  <oliver@apple.com>
2215
2216         Reviewed by Gavin Barraclough.
2217
2218         JSONP is unnecessarily slow
2219         https://bugs.webkit.org/show_bug.cgi?id=62920
2220
2221         JSONP has unfortunately become a fairly common idiom online, yet
2222         it triggers very poor performance in JSC as we end up doing codegen
2223         for a large number of property accesses that will
2224            * only be run once, so the vast amount of logic we dump to handle
2225              caching of accesses is unnecessary.
2226            * We are doing codegen that is directly proportional to just
2227              creating the object in the first place.
2228
2229         This patch extends the use of the literal parser to JSONP-like structures
2230         in global code, handling a number of different forms I have seen online.
2231         In an extreme case this improves performance of JSONP by more than 2x
2232         due to removal of code generation and execution time, and a few optimisations
2233         that I made to the parser itself.
2234
2235         * API/JSValueRef.cpp:
2236         (JSValueMakeFromJSONString):
2237         * interpreter/Interpreter.cpp:
2238         (JSC::Interpreter::callEval):
2239         (JSC::Interpreter::execute):
2240         * parser/Lexer.cpp:
2241         (JSC::Lexer::isKeyword):
2242         * parser/Lexer.h:
2243         * runtime/JSGlobalObjectFunctions.cpp:
2244         (JSC::globalFuncEval):
2245         * runtime/JSONObject.cpp:
2246         (JSC::JSONProtoFuncParse):
2247         * runtime/LiteralParser.cpp:
2248         (JSC::LiteralParser::tryJSONPParse):
2249         (JSC::LiteralParser::makeIdentifier):
2250         (JSC::LiteralParser::Lexer::lex):
2251         (JSC::LiteralParser::Lexer::next):
2252         (JSC::isSafeStringCharacter):
2253         (JSC::LiteralParser::Lexer::lexString):
2254         (JSC::LiteralParser::Lexer::lexNumber):
2255         (JSC::LiteralParser::parse):
2256         * runtime/LiteralParser.h:
2257         (JSC::LiteralParser::LiteralParser):
2258         (JSC::LiteralParser::tryLiteralParse):
2259         (JSC::LiteralParser::Lexer::Lexer):
2260
2261 2011-06-17  Geoffrey Garen  <ggaren@apple.com>
2262
2263         Reviewed by Oliver Hunt.
2264
2265         Moved some property access JIT code into property access JIT files
2266         https://bugs.webkit.org/show_bug.cgi?id=62906
2267
2268         * jit/JITOpcodes.cpp:
2269         * jit/JITOpcodes32_64.cpp:
2270         * jit/JITPropertyAccess.cpp:
2271         (JSC::JIT::emitSlow_op_put_by_val):
2272         (JSC::JIT::emit_op_get_scoped_var):
2273         (JSC::JIT::emit_op_put_scoped_var):
2274         (JSC::JIT::emit_op_get_global_var):
2275         (JSC::JIT::emit_op_put_global_var):
2276         * jit/JITPropertyAccess32_64.cpp:
2277         (JSC::JIT::emit_op_get_scoped_var):
2278         (JSC::JIT::emit_op_put_scoped_var):
2279         (JSC::JIT::emit_op_get_global_var):
2280         (JSC::JIT::emit_op_put_global_var):
2281
2282 2011-06-17  Anders Carlsson  <andersca@apple.com>
2283
2284         Build fix.
2285
2286         * JavaScriptCore.xcodeproj/project.pbxproj:
2287
2288 2011-06-17  Geoffrey Garen  <ggaren@apple.com>
2289
2290         Try to fix the Leopard build?
2291
2292         * JavaScriptCore.xcodeproj/project.pbxproj:
2293
2294 2011-06-16  Geoffrey Garen  <ggaren@apple.com>
2295
2296         Reviewed by Oliver Hunt.
2297
2298         Added some write barrier action, compiled out by default
2299         https://bugs.webkit.org/show_bug.cgi?id=62844
2300
2301         * JavaScriptCore.exp: Build!
2302
2303         * JavaScriptCore.xcodeproj/project.pbxproj: Fixed an incremental build
2304         issue with Heap.cpp.
2305
2306         * heap/Heap.cpp:
2307         (JSC::Heap::writeBarrierSlowCase):
2308         * heap/Heap.h:
2309         (JSC::Heap::writeBarrier):
2310         * heap/MarkedBlock.h:
2311         (JSC::MarkedBlock::isAtomAligned):
2312         (JSC::MarkedBlock::blockFor):
2313         (JSC::MarkedBlock::atomNumber):
2314         (JSC::MarkedBlock::ownerSetNumber):
2315         (JSC::MarkedBlock::addOldSpaceOwner):
2316         (JSC::MarkedBlock::OwnerSet::OwnerSet):
2317         (JSC::MarkedBlock::OwnerSet::add):
2318         (JSC::MarkedBlock::OwnerSet::clear):
2319         (JSC::MarkedBlock::OwnerSet::size):
2320         (JSC::MarkedBlock::OwnerSet::didOverflow):
2321         (JSC::MarkedBlock::OwnerSet::owners): Added a basic write barrier that
2322         tracks owners for regions within blocks. Currently unused.
2323
2324 2011-06-17  Raphael Kubo da Costa  <kubo@profusion.mobi>
2325
2326         Reviewed by Eric Seidel.
2327
2328         [EFL] Add some OwnPtr specializations for EFL types.
2329         For now there are specializations for Ecore_Evas and Evas_Object.
2330         https://bugs.webkit.org/show_bug.cgi?id=62877
2331
2332         * wtf/CMakeListsEfl.txt:
2333         * wtf/OwnPtrCommon.h:
2334         * wtf/efl/OwnPtrEfl.cpp: Added.
2335         (WTF::deleteOwnedPtr):
2336
2337 2011-06-17  Joone Hur  <joone.hur@collabora.co.uk>
2338
2339         Reviewed by Martin Robinson.
2340
2341         [GTK] Replace GdkRectangle by cairo_rectangle_int_t
2342         https://bugs.webkit.org/show_bug.cgi?id=60687
2343
2344         Replace GdkRectangle by cairo_rectangle_int_t.
2345
2346         * wtf/gobject/GTypedefs.h: Replace GdkRectangle by cairo_rectangle_int_t.
2347
2348 2011-06-16  Gavin Barraclough  <barraclough@apple.com>
2349
2350         Reviewed by Oliver Hunt.
2351
2352         https://bugs.webkit.org/show_bug.cgi?id=53014
2353         ES5 strict mode keyword restrictions aren't implemented
2354
2355         The following are future restricted words is strict mode code:
2356             implements, interface, let, package, private, protected, public, static, yield
2357
2358         * parser/JSParser.h:
2359             - Add RESERVED_IF_STRICT token.
2360         * parser/Keywords.table:
2361             - Add new future restricted words.
2362         * parser/Lexer.cpp:
2363         (JSC::Lexer::parseIdentifier):
2364             - Check for RESERVED_IF_STRICT; in nonstrict code this is converted to IDENT.
2365         (JSC::Lexer::lex):
2366             - Pass strictMode flag to parseIdentifier.
2367         * parser/Lexer.h:
2368             - parseIdentifier needs a strictMode flag.
2369         * runtime/CommonIdentifiers.h:
2370             - Add identifiers for new reserved words.
2371
2372 2011-06-16  Gavin Barraclough  <barraclough@apple.com>
2373
2374         Reviewed by Oliver Hunt.
2375
2376         https://bugs.webkit.org/show_bug.cgi?id=23611
2377         Multiline Javascript comments cause incorrect parsing of following script.
2378
2379         From the spec:
2380         "A MultiLineComment [is] simply discarded if it contains no line terminator,
2381         but if a MultiLineComment contains one or more line terminators, then it is
2382         replaced with a single line terminator, which becomes part of the stream of
2383         inputs for the syntactic grammar." 
2384
2385         This may result in behavioural changes, due to automatic semicolon insertion.
2386
2387         * parser/Lexer.cpp:
2388         (JSC::Lexer::parseMultilineComment):
2389             - Set m_terminator is we see a line terminator in a multiline comment.
2390
2391 2011-06-16  Gavin Barraclough  <barraclough@apple.com>
2392
2393         Reviewed by Sam Weinig.
2394
2395         https://bugs.webkit.org/show_bug.cgi?id=62824
2396         DFG JIT - add support for branch-fusion of compareEq, JSValue comparisons in SpeculativeJIT
2397
2398         CompareEq of non-integer values is the most common cause of speculation failure.
2399
2400         * dfg/DFGSpeculativeJIT.cpp:
2401         (JSC::DFG::SpeculativeJIT::compilePeepHoleIntegerBranch):
2402             - Support Equals.
2403         (JSC::DFG::SpeculativeJIT::compilePeepHoleEq):
2404             - new! - peephole optimized Eq of JSValues.
2405         (JSC::DFG::SpeculativeJIT::compile):
2406             - Add peephole optimization for CompareEq.
2407         * dfg/DFGSpeculativeJIT.h:
2408         (JSC::DFG::SpeculativeJIT::detectPeepHoleBranch):
2409             - Add support for dead nodes between compare & branch.
2410         (JSC::DFG::SpeculativeJIT::isInteger):
2411             - Added to determine which form of peephole to do in CompareEq.
2412
2413 2011-06-16  Geoffrey Garen  <ggaren@apple.com>
2414
2415         Try to fix the Windows build.
2416
2417         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Export another
2418         symbol.
2419
2420         * bytecode/EvalCodeCache.h:
2421         * heap/HandleHeap.h:
2422         * heap/HeapRootVisitor.h:
2423         * heap/NewSpace.h:
2424         * runtime/ArgList.h:
2425         * runtime/ScopeChain.h:
2426         * runtime/SmallStrings.h:
2427         * runtime/Structure.h: Stop forward-declaring things that don't really
2428         exist anymore.
2429
2430 2011-06-16  Geoffrey Garen  <ggaren@apple.com>
2431
2432         Try to fix the Mac build: Removed and re-added SlotVisitor.h to the Xcode
2433         project while crossing my fingers and facing west.
2434
2435         * JavaScriptCore.xcodeproj/project.pbxproj:
2436
2437 2011-06-16  Geoffrey Garen  <ggaren@apple.com>
2438
2439         Build fix: Removed an incorrect symbol on Windows.
2440
2441         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2442
2443 2011-06-16  Geoffrey Garen  <ggaren@apple.com>
2444
2445         Build fix: Removed an accidental commit from the future.
2446
2447         * CMakeLists.txt:
2448
2449 2011-06-16  Geoffrey Garen  <ggaren@apple.com>
2450
2451         Reviewed by Oliver Hunt.
2452
2453         Introduced SlotVisitor into the project
2454         https://bugs.webkit.org/show_bug.cgi?id=62820
2455         
2456         This resolves a class vs typedef forward declaration issue, and gives all
2457         exported symbols the correct names.
2458
2459         * CMakeLists.txt:
2460         * GNUmakefile.list.am:
2461         * JavaScriptCore.exp:
2462         * JavaScriptCore.gypi:
2463         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2464         * JavaScriptCore.xcodeproj/project.pbxproj: Build!
2465
2466         * bytecode/EvalCodeCache.h:
2467         * heap/HandleHeap.h:
2468         * heap/Heap.cpp:
2469         (JSC::Heap::Heap):
2470         (JSC::Heap::markRoots):
2471         * heap/Heap.h:
2472         * heap/HeapRootVisitor.h: Replaced MarkStack with SlotVisitor. Now no
2473         clients operate on a MarkStack.
2474
2475         * heap/MarkStack.cpp:
2476         (JSC::SlotVisitor::visitChildren):
2477         (JSC::SlotVisitor::drain):
2478         * heap/SlotVisitor.h: Added.
2479         (JSC::SlotVisitor::SlotVisitor): Used 'protected' and a little cheesy
2480         inheritance to give SlotVisitor all the attributes of MarkStack without
2481         making this change giant. Over time, we will move more behavior into
2482         SlotVisitor and its subclasses.
2483
2484         * heap/MarkStack.h:
2485         * heap/NewSpace.h: Replaced MarkStack with SlotVisitor. Now no
2486         clients operate on a MarkStack.
2487
2488         * runtime/ArgList.h:
2489         * runtime/JSCell.h:
2490         * runtime/JSObject.h:
2491         * runtime/ScopeChain.h:
2492         * runtime/SmallStrings.h:
2493         * runtime/Structure.h: Replaced MarkStack with SlotVisitor. Now no
2494         clients operate on a MarkStack.
2495
2496 2011-06-15  Oliver Hunt  <oliver@apple.com>
2497
2498         Reviewed by Geoffrey Garen.
2499
2500         Reduce memory usage of resolve_global
2501         https://bugs.webkit.org/show_bug.cgi?id=62765
2502
2503         If we have a large number of resolve_globals in a single
2504         block start planting plain resolve instructions instead 
2505         whenever we aren't in a loop.  This allows us to reduce
2506         the code size for extremely large functions without
2507         losing the performance benefits of op_resolve_global.
2508
2509         * bytecode/CodeBlock.h:
2510         (JSC::CodeBlock::globalResolveInfoCount):
2511         * bytecompiler/BytecodeGenerator.cpp:
2512         (JSC::BytecodeGenerator::shouldAvoidResolveGlobal):
2513         (JSC::BytecodeGenerator::emitResolve):
2514         (JSC::BytecodeGenerator::emitResolveWithBase):
2515         * bytecompiler/BytecodeGenerator.h:
2516
2517 2011-06-16  Qi Zhang  <qi.2.zhang@nokia.com>
2518
2519         Reviewed by Laszlo Gombos.
2520
2521         [Qt] Fix building with CONFIG(use_system_icu)
2522         https://bugs.webkit.org/show_bug.cgi?id=62744
2523
2524         Do not define WTF_USE_QT4_UNICODE if WTF_USE_ICU_UNICODE is set.
2525
2526         * wtf/Platform.h:
2527
2528 2011-06-15  Darin Adler  <darin@apple.com>
2529
2530         Reviewed by Adam Barth.
2531
2532         Remove obsolete LOOSE_OWN_PTR code
2533         https://bugs.webkit.org/show_bug.cgi?id=59909
2534
2535         The internal Apple dependency on this is gone now.
2536
2537         * wtf/OwnArrayPtr.h: Removed constructor that takes a raw pointer,
2538         set function that takes a raw pointer.
2539
2540         * wtf/OwnPtr.h: Removed constructor that takes a raw pointer,
2541         set functino that takes a raw pointer.
2542
2543         * wtf/PassOwnArrayPtr.h: Made constructor that takes a nullptr
2544         and assignment operator that takes a nullptr unconditional.
2545         Made constructor that takes a raw pointer private and explicit,
2546         and removed assignment operator that takes a raw pointer.
2547
2548         * wtf/PassOwnPtr.h: Made assignment operator that takes a nullptr
2549         unconditional. Made constructor that takes a raw pointer private
2550         and explicit, and removed assignment operator that takes a raw pointer.
2551
2552 2011-06-15  Sam Weinig  <sam@webkit.org>
2553
2554         Reviewed by Geoffrey Garen and Gavin Barraclough.
2555
2556         Make access-nseive ~9x faster on the non-speculative path by
2557         adding special casing for doubles that can lossless-ly be converted
2558         to a uint32_t in getByVal and putByVal. This avoids calls to stringification
2559         and the hash lookup.  Long term, we should try and get property of a getByVal
2560         and putByVal to be an integer immediate even in the non-speculative path.
2561
2562         * dfg/DFGOperations.cpp:
2563         (JSC::DFG::putByVal):
2564         (JSC::DFG::operationPutByValInternal):
2565
2566 2011-06-15  Oliver Hunt  <oliver@apple.com>
2567
2568         Reviewed by Darin Adler.
2569
2570         REGRESSION (r88719): 5by5.tv schedule is not visible
2571         https://bugs.webkit.org/show_bug.cgi?id=62720
2572
2573         Problem here is that the lexer wasn't considering '$' to be
2574         a valid character in an identifier.
2575
2576         * parser/Lexer.h:
2577         (JSC::Lexer::lexExpectIdentifier):
2578
2579 2011-06-15  Oliver Hunt  <oliver@apple.com>
2580
2581         Reviewed by Sam Weinig.
2582
2583         Reduce the size of global_resolve
2584         https://bugs.webkit.org/show_bug.cgi?id=62738
2585
2586         Reduce the code size of global_resolve in the JIT by replacing
2587         multiple pointer loads with a single pointer move + two offset
2588         loads.
2589
2590         * jit/JITOpcodes.cpp:
2591         (JSC::JIT::emit_op_resolve_global):
2592         * jit/JITOpcodes32_64.cpp:
2593         (JSC::JIT::emit_op_resolve_global):
2594
2595 2011-06-14  Geoffrey Garen  <ggaren@apple.com>
2596
2597         Reviewed by Dan Bernstein.
2598
2599         Fixed an inavlid ASSERT I found while investigating
2600         <rdar://problem/9580254> Crash in JSC::HandleHeap::finalizeWeakHandles + 92
2601         https://bugs.webkit.org/show_bug.cgi?id=62699        
2602
2603         No test since we don't know of a way to get WebCore to deallocate the
2604         next-to-finalize handle, which is also the last handle in the list,
2605         while finalizing the second-to-last handle in the list.
2606
2607         * heap/HandleHeap.h:
2608         (JSC::HandleHeap::deallocate): Don't ASSERT that m_nextToFinalize has a
2609         non-0 next() after updating it, since it is valid to update m_nextToFinalize
2610         to point to the tail sentinel.
2611         
2612         Do ASSERT that m_nextToFinalize has a non-0 next() before updating it,
2613         since it is not valid to update m_nextToFinalize to point past the tail
2614         sentinel.
2615         
2616         Also, use m_nextToFinalize consistently for clarity.
2617
2618 2011-06-14  Gavin Barraclough  <barraclough@apple.com>
2619
2620         Reviewed by Sam Weinig.
2621
2622         https://bugs.webkit.org/show_bug.cgi?id=43841
2623         SegmentedVector::operator== typo
2624
2625         * wtf/SegmentedVector.h:
2626         (WTF::SegmentedVectorIterator::operator==):
2627         (WTF::SegmentedVectorIterator::operator!=):
2628
2629 2011-06-14  Oliver Hunt  <oliver@apple.com>
2630
2631         Reviewed by Gavin Barraclough.
2632
2633         Constant array literals result in unnecessarily large amounts of code
2634         https://bugs.webkit.org/show_bug.cgi?id=62658
2635
2636         Add a new version of op_new_array that simply copies values from a buffer
2637         we hang off of the CodeBlock, rather than generating code to place each
2638         entry into the registerfile, and then copying it from the registerfile into
2639         the array.  This is a slight improvement on some sunspider tests, but no
2640         measurable overall change.  That's okay though as our goal was to reduce
2641         code size without hurting performance.
2642
2643         * bytecode/CodeBlock.cpp:
2644         (JSC::CodeBlock::dump):
2645         * bytecode/CodeBlock.h:
2646         (JSC::CodeBlock::addImmediateBuffer):
2647         (JSC::CodeBlock::immediateBuffer):
2648         * bytecode/Opcode.h:
2649         * bytecompiler/BytecodeGenerator.cpp:
2650         (JSC::BytecodeGenerator::addImmediateBuffer):
2651         (JSC::BytecodeGenerator::emitNewArray):
2652         * bytecompiler/BytecodeGenerator.h:
2653         * bytecompiler/NodesCodegen.cpp:
2654         (JSC::ArrayNode::emitBytecode):
2655         * interpreter/Interpreter.cpp:
2656         (JSC::Interpreter::privateExecute):
2657         * jit/JIT.cpp:
2658         (JSC::JIT::privateCompileMainPass):
2659         * jit/JIT.h:
2660         * jit/JITOpcodes.cpp:
2661         (JSC::JIT::emit_op_new_array):
2662         (JSC::JIT::emit_op_new_array_buffer):
2663         * jit/JITOpcodes32_64.cpp:
2664         * jit/JITStubs.cpp:
2665         (JSC::DEFINE_STUB_FUNCTION):
2666         * jit/JITStubs.h:
2667
2668 2011-06-14  Sheriff Bot  <webkit.review.bot@gmail.com>
2669
2670         Unreviewed, rolling out r88841.
2671         http://trac.webkit.org/changeset/88841
2672         https://bugs.webkit.org/show_bug.cgi?id=62672
2673
2674         Caused many tests to crash (Requested by rniwa on #webkit).
2675
2676         * bytecode/CodeBlock.cpp:
2677         (JSC::CodeBlock::dump):
2678         * bytecode/CodeBlock.h:
2679         * bytecode/Opcode.h:
2680         * bytecompiler/BytecodeGenerator.cpp:
2681         (JSC::BytecodeGenerator::emitNewArray):
2682         * bytecompiler/BytecodeGenerator.h:
2683         * bytecompiler/NodesCodegen.cpp:
2684         (JSC::ArrayNode::emitBytecode):
2685         * interpreter/Interpreter.cpp:
2686         (JSC::Interpreter::privateExecute):
2687         * jit/JIT.cpp:
2688         (JSC::JIT::privateCompileMainPass):
2689         * jit/JIT.h:
2690         * jit/JITOpcodes.cpp:
2691         (JSC::JIT::emit_op_new_array):
2692         * jit/JITOpcodes32_64.cpp:
2693         (JSC::JIT::emit_op_new_array):
2694         * jit/JITStubs.cpp:
2695         * jit/JITStubs.h:
2696
2697 2011-06-14  Oliver Hunt  <oliver@apple.com>
2698
2699         Reviewed by Gavin Barraclough.
2700
2701         Constant array literals result in unnecessarily large amounts of code
2702         https://bugs.webkit.org/show_bug.cgi?id=62658
2703
2704         Add a new version of op_new_array that simply copies values from a buffer
2705         we hang off of the CodeBlock, rather than generating code to place each
2706         entry into the registerfile, and then copying it from the registerfile into
2707         the array.  This is a slight improvement on some sunspider tests, but no
2708         measurable overall change.  That's okay though as our goal was to reduce
2709         code size without hurting performance.
2710
2711         * bytecode/CodeBlock.cpp:
2712         (JSC::CodeBlock::dump):
2713         * bytecode/CodeBlock.h:
2714         (JSC::CodeBlock::addImmediateBuffer):
2715         (JSC::CodeBlock::immediateBuffer):
2716         * bytecode/Opcode.h:
2717         * bytecompiler/BytecodeGenerator.cpp:
2718         (JSC::BytecodeGenerator::addImmediateBuffer):
2719         (JSC::BytecodeGenerator::emitNewArray):
2720         * bytecompiler/BytecodeGenerator.h:
2721         * bytecompiler/NodesCodegen.cpp:
2722         (JSC::ArrayNode::emitBytecode):
2723         * interpreter/Interpreter.cpp:
2724         (JSC::Interpreter::privateExecute):
2725         * jit/JIT.cpp:
2726         (JSC::JIT::privateCompileMainPass):
2727         * jit/JIT.h:
2728         * jit/JITOpcodes.cpp:
2729         (JSC::JIT::emit_op_new_array):
2730         (JSC::JIT::emit_op_new_array_buffer):
2731         * jit/JITOpcodes32_64.cpp:
2732         * jit/JITStubs.cpp:
2733         (JSC::DEFINE_STUB_FUNCTION):
2734         * jit/JITStubs.h:
2735
2736 2011-06-14  Stephanie Lewis  <slewis@apple.com>
2737
2738         Rubber stamped by Oliver Hunt.
2739
2740         <rdar://problem/9511169>
2741         Update order files.
2742
2743         * JavaScriptCore.order:
2744
2745 2011-06-14  Sam Weinig  <sam@webkit.org>
2746
2747         Reviewed by Geoffrey Garen.
2748
2749         Fix dumping of constants to have the correct constant number.
2750
2751         * bytecode/CodeBlock.cpp:
2752         (JSC::CodeBlock::dump):
2753
2754 2011-06-14  Benjamin Poulain  <benjamin@webkit.org>
2755
2756         Reviewed by Eric Seidel.
2757
2758         KeywordLookupGenerator's Trie does not work with Python 3
2759         https://bugs.webkit.org/show_bug.cgi?id=62635
2760
2761         With Python 3, dict.items() return an iterator. Since the iterator
2762         protocol changed between Python 2 and 3, the easiest way to get the
2763         values is to have something that use the iterator implicitely, like a
2764         for() loop.
2765
2766         * KeywordLookupGenerator.py:
2767
2768 2011-06-13  Oliver Hunt  <oliver@apple.com>
2769
2770         Reviewed by Gavin Barraclough.
2771
2772         Fix llocp and lvalp names in the lexer to something more meaningful
2773         https://bugs.webkit.org/show_bug.cgi?id=62605
2774
2775         A simple rename
2776
2777         * parser/Lexer.cpp:
2778         (JSC::Lexer::parseIdentifier):
2779         (JSC::Lexer::parseString):
2780         (JSC::Lexer::lex):
2781         * parser/Lexer.h:
2782         (JSC::Lexer::lexExpectIdentifier):
2783
2784 2011-06-13  Oliver Hunt  <oliver@apple.com>
2785
2786         Reviewed by Gavin Barraclough.
2787
2788         Make it possible to inline the common case of identifier lexing
2789         https://bugs.webkit.org/show_bug.cgi?id=62600
2790
2791         Add a lexing function that expects to lex an "normal" alpha numeric
2792         identifier (that ignores keywords) so it's possible to inline the
2793         common parsing cases.  This comes out as a reasonable parsing speed
2794         boost.
2795
2796         * parser/JSParser.cpp:
2797         (JSC::JSParser::nextExpectIdentifier):
2798         (JSC::JSParser::parseProperty):
2799         (JSC::JSParser::parseMemberExpression):
2800         * parser/Lexer.cpp:
2801         * parser/Lexer.h:
2802         (JSC::Lexer::makeIdentifier):
2803         (JSC::Lexer::lexExpectIdentifier):
2804
2805 2011-06-13  Xan Lopez  <xlopez@igalia.com>
2806
2807         Reviewed by Martin Robinson.
2808
2809         Distcheck fixes.
2810
2811         * GNUmakefile.am:
2812         * GNUmakefile.list.am:
2813
2814 2011-06-13  Oliver Hunt  <oliver@apple.com>
2815
2816         Reviewed by Simon Fraser.
2817
2818         Make it possible to inline Identifier::equal
2819         https://bugs.webkit.org/show_bug.cgi?id=62584
2820
2821         Move Identifier::equal to the Identifier header file.
2822
2823         * runtime/Identifier.cpp:
2824         * runtime/Identifier.h:
2825         (JSC::Identifier::equal):
2826
2827 2011-06-13  Tony Chang  <tony@chromium.org>
2828
2829         Reviewed by Dimitri Glazkov.
2830
2831         rename ENABLE_NEW_FLEXBOX to ENABLE_CSS3_FLEXBOX
2832         https://bugs.webkit.org/show_bug.cgi?id=62578
2833
2834         * Configurations/FeatureDefines.xcconfig:
2835
2836 2011-06-13  Tony Chang  <tony@chromium.org>
2837
2838         Reviewed by Adam Barth.
2839
2840         rename ENABLE_FLEXBOX to ENABLE_NEW_FLEXBOX
2841         https://bugs.webkit.org/show_bug.cgi?id=62545
2842
2843         * Configurations/FeatureDefines.xcconfig:
2844
2845 2011-06-12  Patrick Gansterer  <paroga@webkit.org>
2846
2847         Unreviewed. Build fix for !ENABLE(JIT) after r88604.
2848
2849         * bytecode/CodeBlock.cpp:
2850         (JSC::CodeBlock::visitAggregate):
2851
2852 2011-06-11  Gavin Barraclough  <barraclough@apple.com>
2853
2854         Reviewed by Darin Adler.
2855
2856         https://bugs.webkit.org/show_bug.cgi?id=16777
2857
2858         Remove #define NaN per Darin's comments.
2859
2860         * runtime/JSGlobalObjectFunctions.cpp:
2861         (JSC::parseIntOverflow):
2862         (JSC::parseInt):
2863         (JSC::jsStrDecimalLiteral):
2864         (JSC::jsToNumber):
2865         (JSC::parseFloat):
2866         * wtf/DateMath.cpp:
2867         (WTF::equivalentYearForDST):
2868         (WTF::parseES5DateFromNullTerminatedCharacters):
2869         (WTF::parseDateFromNullTerminatedCharacters):
2870         (WTF::timeClip):
2871         (JSC::parseDateFromNullTerminatedCharacters):
2872
2873 2011-06-11  Gavin Barraclough  <barraclough@apple.com>
2874
2875         Rubber stamped by Geoff Garen.
2876
2877         https://bugs.webkit.org/show_bug.cgi?id=62503
2878         Remove JIT_OPTIMIZE_* switches
2879
2880         The alternative code paths are untested, and not well maintained.
2881         These were useful when there was more churn in the JIT, but now
2882         are a maintenance overhead. Time to move on, removing.
2883
2884         * bytecode/CodeBlock.cpp:
2885         (JSC::CodeBlock::visitAggregate):
2886         * jit/JIT.cpp:
2887         (JSC::JIT::privateCompileSlowCases):
2888         (JSC::JIT::privateCompile):
2889         (JSC::JIT::linkConstruct):
2890         * jit/JIT.h:
2891         * jit/JITCall.cpp:
2892         * jit/JITCall32_64.cpp:
2893         * jit/JITOpcodes.cpp:
2894         (JSC::JIT::privateCompileCTIMachineTrampolines):
2895         (JSC::JIT::privateCompileCTINativeCall):
2896         * jit/JITOpcodes32_64.cpp:
2897         (JSC::JIT::privateCompileCTIMachineTrampolines):
2898         (JSC::JIT::privateCompileCTINativeCall):
2899         (JSC::JIT::softModulo):
2900         * jit/JITPropertyAccess.cpp:
2901         * jit/JITPropertyAccess32_64.cpp:
2902         * jit/JITStubs.cpp:
2903         (JSC::DEFINE_STUB_FUNCTION):
2904         * runtime/Lookup.cpp:
2905         (JSC::setUpStaticFunctionSlot):
2906         * runtime/Lookup.h:
2907         * wtf/Platform.h:
2908
2909 2011-06-10  Gavin Barraclough  <barraclough@apple.com>
2910
2911         Reviewed by Sam Weinig.
2912
2913         https://bugs.webkit.org/show_bug.cgi?id=16777
2914         Eliminate JSC::NaN and JSC::Inf
2915
2916         There's no good reason for -K-J-S- JSC to have its own NAN and infinity constants.
2917         The ones in std::numeric_limits are perfectly good.
2918         Remove JSC::Inf, JSC::NaN, switch some cases of (isnan || isinf) to !isfinite.
2919
2920         * API/JSCallbackObjectFunctions.h:
2921         (JSC::::toNumber):
2922         * API/JSValueRef.cpp:
2923         (JSValueMakeNumber):
2924         (JSValueToNumber):
2925         * JavaScriptCore.exp:
2926         * runtime/CachedTranscendentalFunction.h:
2927         (JSC::CachedTranscendentalFunction::initialize):
2928         * runtime/DateConstructor.cpp:
2929         (JSC::constructDate):
2930         * runtime/DateInstanceCache.h:
2931         (JSC::DateInstanceData::DateInstanceData):
2932         (JSC::DateInstanceCache::reset):
2933         * runtime/JSCell.cpp:
2934         * runtime/JSCell.h:
2935         (JSC::JSCell::JSValue::getPrimitiveNumber):
2936         (JSC::JSCell::JSValue::toNumber):
2937         * runtime/JSGlobalData.cpp:
2938         (JSC::JSGlobalData::JSGlobalData):
2939         (JSC::JSGlobalData::resetDateCache):
2940         * runtime/JSGlobalObject.cpp:
2941         (JSC::JSGlobalObject::reset):
2942         * runtime/JSGlobalObjectFunctions.cpp:
2943         (JSC::globalFuncParseInt):
2944         (JSC::globalFuncIsFinite):
2945         * runtime/JSNotAnObject.cpp:
2946         (JSC::JSNotAnObject::toNumber):
2947         * runtime/JSValue.cpp:
2948         * runtime/JSValue.h:
2949         * runtime/JSValueInlineMethods.h:
2950         (JSC::jsNaN):
2951         * runtime/MathObject.cpp:
2952         (JSC::mathProtoFuncMax):
2953         (JSC::mathProtoFuncMin):
2954         * runtime/NumberConstructor.cpp:
2955         (JSC::numberConstructorNegInfinity):
2956         (JSC::numberConstructorPosInfinity):
2957         * runtime/NumberPrototype.cpp:
2958         (JSC::numberProtoFuncToExponential):
2959         (JSC::numberProtoFuncToFixed):
2960         (JSC::numberProtoFuncToPrecision):
2961         (JSC::numberProtoFuncToString):
2962         * runtime/UString.cpp:
2963         * wtf/DecimalNumber.h:
2964         (WTF::DecimalNumber::DecimalNumber):
2965         * wtf/dtoa.cpp:
2966         (WTF::dtoa):
2967
2968 2011-06-10  Tony Chang  <tony@chromium.org>
2969
2970         Reviewed by Ojan Vafai.
2971
2972         add a compile guard ENABLE(FLEXBOX)
2973         https://bugs.webkit.org/show_bug.cgi?id=62049
2974
2975         * Configurations/FeatureDefines.xcconfig:
2976
2977 2011-06-10  Gavin Barraclough  <barraclough@apple.com>
2978
2979         Reviewed by Sam Weinig.
2980
2981         https://bugs.webkit.org/show_bug.cgi?id=55347
2982         "name" and "message" enumerable on *Error.prototype
2983
2984         This arises from chapter 15 of the spec:
2985             "Every other property described in this clause has the attributes
2986             { [[Writable]]: true, [[Enumerable]]: false, [[Configurable]]: true }
2987             unless otherwise specified."
2988         Standardized properties are not enumerable.
2989
2990         * runtime/ErrorInstance.cpp:
2991         (JSC::ErrorInstance::ErrorInstance):
2992         * runtime/NativeErrorPrototype.cpp:
2993         (JSC::NativeErrorPrototype::NativeErrorPrototype):
2994
2995 2011-06-09  Geoffrey Garen  <ggaren@apple.com>
2996
2997         Build fix: Corrected header spelling.
2998
2999         * heap/OldSpace.h:
3000
3001 2011-06-09  Geoffrey Garen  <ggaren@apple.com>
3002
3003         Reviewed by Oliver Hunt.
3004
3005         Added OldSpace to the project
3006         https://bugs.webkit.org/show_bug.cgi?id=62417
3007         
3008         Currently unused.
3009         
3010         Added OldSpace, the ability to iterate NewSpace vs OldSpace, and a
3011         per-block flag for testing whether you're in NewSpace vs OldSpace.
3012
3013         * CMakeLists.txt:
3014         * GNUmakefile.list.am:
3015         * JavaScriptCore.gypi:
3016         * JavaScriptCore.pro:
3017         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3018         * JavaScriptCore.xcodeproj/project.pbxproj: Build!
3019
3020         * heap/MarkedBlock.cpp:
3021         (JSC::MarkedBlock::MarkedBlock):
3022         * heap/MarkedBlock.h:
3023         (JSC::MarkedBlock::inNewSpace):
3024         (JSC::MarkedBlock::setInNewSpace): Added inNewSpace flag, for use in
3025         write barrier.
3026
3027         * heap/NewSpace.cpp:
3028         (JSC::NewSpace::addBlock):
3029         (JSC::NewSpace::removeBlock):
3030         * heap/NewSpace.h:
3031         (JSC::NewSpace::forEachBlock): Added forEachBlock, to use for
3032         NewSpace-specific operations.
3033
3034         * heap/OldSpace.cpp: Added.
3035         (JSC::OldSpace::OldSpace):
3036         (JSC::OldSpace::addBlock):
3037         (JSC::OldSpace::removeBlock):
3038         * heap/OldSpace.h: Added.
3039         (JSC::OldSpace::forEachBlock): New class for holding promoted blocks.
3040         Not in use yet.
3041
3042 2011-06-09  Hyowon Kim  <hw1008.kim@samsung.com>
3043
3044         Reviewed by Antonio Gomes.
3045
3046         [EFL] Make accelerated compositing build in Webkit-EFL
3047         https://bugs.webkit.org/show_bug.cgi?id=62361
3048
3049         Add PLATFORM(EFL) to enable ACCELERATED_COMPOSITING on EFL port.
3050
3051         * wtf/Platform.h:
3052
3053 2011-06-09  Gavin Barraclough  <barraclough@apple.com>
3054
3055         Reviewed by Geoff Garen.
3056
3057         Bug 62405 - Fix integer overflow in Array.prototype.push
3058
3059         Fix geoff's review comments re static_cast.
3060
3061         * runtime/ArrayPrototype.cpp:
3062         (JSC::arrayProtoFuncPush):
3063
3064 2011-06-09  Geoffrey Garen  <ggaren@apple.com>
3065
3066         Reviewed by Oliver Hunt.
3067
3068         Factored MarkedBlock set management into a helper class with a fast case Bloom filter
3069         https://bugs.webkit.org/show_bug.cgi?id=62413
3070         
3071         SunSpider reports a small speedup.
3072         
3073         This is in preparation for having ConservativeSet operate on arbitrary
3074         sets of MarkedBlocks, and in preparation for conservative scanning
3075         becoming proportionally more important than other GC activities.
3076
3077         * GNUmakefile.list.am:
3078         * JavaScriptCore.gypi:
3079         * JavaScriptCore.xcodeproj/project.pbxproj: Build-o.
3080
3081         * heap/ConservativeRoots.cpp:
3082         (JSC::ConservativeRoots::add):
3083         * heap/ConservativeRoots.h:
3084         (JSC::ConservativeRoots::ConservativeRoots): Operate on a MarkedBlockSet
3085         directly, instead of a Heap, so we can operate on subsets of the Heap
3086         instead.
3087         
3088         Use a TinyBloomFilter for single-cycle exclusion of most pointers. This
3089         is particularly important since we expect not to find our subject pointer
3090         in the MarkedBlock hash, and hash misses are more expensive than typical
3091         hash lookups because they have high collision rates.
3092         
3093         No need for single-pointer add() to be public anymore, since nobody uses it.
3094
3095         * heap/Heap.cpp:
3096         (JSC::Heap::markRoots):
3097         * heap/Heap.h:
3098         (JSC::Heap::forEachCell):
3099         (JSC::Heap::forEachBlock): Use MarkedBlockSet since that's what
3100         ConservativeRoots relies on.
3101         
3102         Nixed contains(), since nobody uses it anymore.
3103
3104         * heap/MarkedBlock.h:
3105         (WTF::MarkedBlockHash::hash): Added a faster hash taking advantage of
3106         the VM layout properties of MarkedBlocks.
3107
3108         * heap/MarkedBlockSet.h: Added.
3109         (JSC::MarkedBlockSet::add):
3110         (JSC::MarkedBlockSet::remove):
3111         (JSC::MarkedBlockSet::recomputeFilter):
3112         (JSC::MarkedBlockSet::filter):
3113         (JSC::MarkedBlockSet::set):
3114         * heap/TinyBloomFilter.h: Added.
3115         (JSC::TinyBloomFilter::TinyBloomFilter):
3116         (JSC::TinyBloomFilter::add):
3117         (JSC::TinyBloomFilter::ruleOut): New helper class, used above.
3118
3119         * interpreter/RegisterFile.cpp:
3120         (JSC::RegisterFile::gatherConservativeRoots): No need to specifically
3121         exclude values by tag -- the tiny bloom filter is already a register-register
3122         compare, so adding another "rule out" factor just slows things down.
3123
3124 2011-06-09  Gavin Barraclough  <barraclough@apple.com>
3125
3126         Reviewed by Oliver Hunt.
3127
3128         Bug 62405 - Fix integer overflow in Array.prototype.push
3129
3130         There are three integer overflows here, leading to safe (not a security risk)
3131         but incorrect (non-spec-compliant) behaviour.
3132
3133         Two overflows occur when calculating the new length after pushing (one in the
3134         fast version of push in JSArray, one in the generic version in ArrayPrototype).
3135         The other occurs calculating indices to write to when multiple items are pushed.
3136
3137         These errors result in three test-262 failures.
3138
3139         * runtime/ArrayPrototype.cpp:
3140         (JSC::arrayProtoFuncPush):
3141         * runtime/JSArray.cpp:
3142         (JSC::JSArray::put):
3143         (JSC::JSArray::push):
3144
3145 2011-06-09  Dan Bernstein  <mitz@apple.com>
3146
3147         Reviewed by Anders Carlsson.
3148
3149         Add Vector::reverse()
3150         https://bugs.webkit.org/show_bug.cgi?id=62393
3151
3152         * wtf/Vector.h:
3153         (WTF::Vector::reverse): Added
3154
3155 2011-06-08  Geoffrey Garen  <ggaren@apple.com>
3156
3157         Reviewed by Oliver Hunt.
3158
3159         Factored a bunch of Heap functionality into stand-alone functors
3160         https://bugs.webkit.org/show_bug.cgi?id=62337
3161         
3162         This is in preparation for making these functors operate on arbitrary
3163         sets of MarkedBlocks.
3164
3165         * JavaScriptCore.exp: This file is a small tragedy.
3166
3167         * debugger/Debugger.cpp:
3168         (JSC::Debugger::recompileAllJSFunctions): Updated for type change and rename.
3169
3170         * heap/HandleHeap.h:
3171         (JSC::HandleHeap::forEachStrongHandle): New function for iterating all
3172         strong handles, so we can play along in the functor game.
3173
3174         * heap/Heap.cpp:
3175         (JSC::CountFunctor::CountFunctor::CountFunctor):
3176         (JSC::CountFunctor::CountFunctor::count):
3177         (JSC::CountFunctor::CountFunctor::returnValue):
3178         (JSC::CountFunctor::ClearMarks::operator()):
3179         (JSC::CountFunctor::ResetAllocator::operator()):
3180         (JSC::CountFunctor::Sweep::operator()):
3181         (JSC::CountFunctor::MarkCount::operator()):
3182         (JSC::CountFunctor::Size::operator()):
3183         (JSC::CountFunctor::Capacity::operator()):
3184         (JSC::CountFunctor::Count::operator()):
3185         (JSC::CountFunctor::CountIfGlobalObject::operator()):
3186         (JSC::CountFunctor::TakeIfEmpty::TakeIfEmpty):
3187         (JSC::CountFunctor::TakeIfEmpty::operator()):
3188         (JSC::CountFunctor::TakeIfEmpty::returnValue):
3189         (JSC::CountFunctor::RecordType::RecordType):
3190         (JSC::CountFunctor::RecordType::typeName):
3191         (JSC::CountFunctor::RecordType::operator()):
3192         (JSC::CountFunctor::RecordType::returnValue): These functors factor out
3193         behavior that used to be in the functions below.
3194
3195         (JSC::Heap::clearMarks):
3196         (JSC::Heap::sweep):
3197         (JSC::Heap::objectCount):
3198         (JSC::Heap::size):
3199         (JSC::Heap::capacity):
3200         (JSC::Heap::protectedGlobalObjectCount):
3201         (JSC::Heap::protectedObjectCount):
3202         (JSC::Heap::protectedObjectTypeCounts):
3203         (JSC::Heap::objectTypeCounts):
3204         (JSC::Heap::resetAllocator):
3205         (JSC::Heap::freeBlocks):
3206         (JSC::Heap::shrink): Factored out behavior into the functors above.
3207
3208         * heap/Heap.h:
3209         (JSC::Heap::forEachProtectedCell):
3210         (JSC::Heap::forEachCell):
3211         (JSC::Heap::forEachBlock): Added forEach* iteration templates. I chose
3212         functor-based templates instead of plain iterators because they're simpler
3213         to implement in this case and they require a lot less code at the call site.
3214
3215         * heap/MarkedBlock.h:
3216         (JSC::MarkedBlock::VoidFunctor::returnValue): Default parent class for
3217         trivial functors.
3218
3219         (JSC::MarkedBlock::forEachCell): Renamed forEach to forEachCell because
3220         we have a few different kind of "for each" now.
3221
3222         * runtime/JSGlobalData.cpp:
3223         (WTF::Recompile::operator()):
3224         (JSC::JSGlobalData::JSGlobalData):
3225         (JSC::JSGlobalData::recompileAllJSFunctions): Updated for type change and rename.
3226
3227         * runtime/JSGlobalData.h: Removed globalObjectCount because it was unused.
3228
3229 2011-06-08  Mikołaj Małecki  <m.malecki@samsung.com>
3230
3231         Reviewed by Pavel Feldman.
3232
3233         Web Inspector: Crash by buffer overrun crash when serializing inspector object tree.
3234         https://bugs.webkit.org/show_bug.cgi?id=52791
3235
3236         No new tests. The problem can be reproduced by trying to create InspectorValue
3237         from 1.0e-100 and call ->toJSONString() on this.
3238
3239         * JavaScriptCore.exp:
3240         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3241         export 2 functions DecimalNumber::bufferLengthForStringExponential and
3242         DecimalNumber::toStringExponential.
3243
3244 2011-06-08  Sheriff Bot  <webkit.review.bot@gmail.com>
3245
3246         Unreviewed, rolling out r88404.
3247         http://trac.webkit.org/changeset/88404
3248         https://bugs.webkit.org/show_bug.cgi?id=62342
3249
3250         broke win and mac build (Requested by tony^work on #webkit).
3251
3252         * JavaScriptCore.gyp/JavaScriptCore.gyp:
3253
3254 2011-06-08  Evan Martin  <evan@chromium.org>
3255
3256         Reviewed by Adam Barth.
3257
3258         [chromium] use gyp 'settings' type for settings target
3259         https://bugs.webkit.org/show_bug.cgi?id=62323
3260
3261         The 'settings' gyp target type is for targets that exist solely
3262         for their settings (no build rules).  The comment above this target
3263         says it's for this, but it incorrectly uses 'none'.
3264
3265         * JavaScriptCore.gyp/JavaScriptCore.gyp:
3266
3267 2011-06-08  Sailesh Agrawal  <sail@chromium.org>
3268
3269         Reviewed by Mihai Parparita.
3270
3271         Chromium Mac: Enable overlay scrollbars
3272         https://bugs.webkit.org/show_bug.cgi?id=59756
3273
3274         Enable WTF_USE_WK_SCROLLBAR_PAINTER for Chromium Mac. This allows us to use overlay scrollbars on future versions of Mac OS X.
3275
3276         * wtf/Platform.h:
3277
3278 2011-06-08  Oliver Hunt  <oliver@apple.com>
3279
3280         Reviewed by Geoffrey Garen.
3281
3282         Add faster lookup cache for multi character identifiers
3283         https://bugs.webkit.org/show_bug.cgi?id=62327
3284
3285         Add a non-hash lookup for mutiple character identifiers.  This saves us from
3286         adding repeated identifiers to the ParserArena's identifier list as people
3287         tend to not start all their variables and properties with the same character
3288         and happily identifier locality works in our favour.
3289
3290         * parser/ParserArena.h:
3291         (JSC::IdentifierArena::isEmpty):
3292         (JSC::IdentifierArena::clear):
3293         (JSC::IdentifierArena::makeIdentifier):
3294
3295 2011-06-08  Geoffrey Garen  <ggaren@apple.com>
3296
3297         Reviewed by Oliver Hunt.
3298
3299         Took some responsibilities away from NewSpace
3300         https://bugs.webkit.org/show_bug.cgi?id=62325
3301         
3302         NewSpace is basically just an allocator now.
3303         
3304         Heap acts as a controller, responsible for managing the set of all
3305         MarkedBlocks.
3306         
3307         This is in preparation for moving parts of the controller logic into
3308         separate helper classes that can act on arbitrary sets of MarkedBlocks
3309         that may or may not be in NewSpace.
3310
3311         * heap/Heap.cpp:
3312         (JSC::Heap::Heap):
3313         (JSC::Heap::destroy):
3314         (JSC::Heap::allocate):
3315         (JSC::Heap::markRoots):
3316         (JSC::Heap::clearMarks):
3317         (JSC::Heap::sweep):
3318         (JSC::Heap::objectCount):
3319         (JSC::Heap::size):
3320         (JSC::Heap::capacity):
3321         (JSC::Heap::collect):
3322         (JSC::Heap::resetAllocator):
3323         (JSC::Heap::allocateBlock):
3324         (JSC::Heap::freeBlocks):
3325         (JSC::Heap::shrink): Moved the set of MarkedBlocks from NewSpace to Heap,
3326         along with all functions that operate on the set of MarkedBlocks. Also
3327         moved responsibility for deciding whether to allocate a new MarkedBlock,
3328         and for allocating it.
3329
3330         * heap/Heap.h:
3331         (JSC::Heap::contains):
3332         (JSC::Heap::forEach): Ditto.
3333
3334         * heap/NewSpace.cpp:
3335         (JSC::NewSpace::addBlock):
3336         (JSC::NewSpace::removeBlock):
3337         (JSC::NewSpace::resetAllocator):
3338         * heap/NewSpace.h:
3339         (JSC::NewSpace::waterMark):
3340         (JSC::NewSpace::allocate): Ditto.
3341
3342 2011-06-08  Geoffrey Garen  <ggaren@apple.com>
3343
3344         Reviewed by Oliver Hunt.
3345
3346         Some more MarkedSpace => NewSpace renaming
3347         https://bugs.webkit.org/show_bug.cgi?id=62305
3348
3349         * JavaScriptCore.exp:
3350         * JavaScriptCore.order:
3351         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3352         * heap/Heap.cpp:
3353         (JSC::Heap::Heap):
3354         (JSC::Heap::destroy):
3355         (JSC::Heap::reportExtraMemoryCostSlowCase):
3356         (JSC::Heap::allocate):
3357         (JSC::Heap::markRoots):
3358         (JSC::Heap::objectCount):
3359         (JSC::Heap::size):
3360         (JSC::Heap::capacity):
3361         (JSC::Heap::collect):
3362         (JSC::Heap::isValidAllocation):
3363         * heap/Heap.h:
3364         (JSC::Heap::markedSpace):
3365         (JSC::Heap::contains):
3366         (JSC::Heap::forEach):
3367         (JSC::Heap::allocate):
3368         * runtime/JSCell.h:
3369
3370 2011-06-08  Kevin Ollivier  <kevino@theolliviers.com>
3371
3372         Reviewed by Eric Seidel.
3373
3374         Add export macros to profiler headers.
3375         https://bugs.webkit.org/show_bug.cgi?id=27551
3376
3377         * profiler/Profiler.h:
3378
3379 2011-06-08  Kevin Ollivier  <kevino@theolliviers.com>
3380
3381         Reviewed by Eric Seidel.
3382
3383         Add export symbols to parser headers.
3384         https://bugs.webkit.org/show_bug.cgi?id=27551
3385
3386         * parser/SourceProviderCache.h:
3387
3388 2011-06-08  Kevin Ollivier  <kevino@theolliviers.com>
3389
3390         Reviewed by Eric Seidel.
3391
3392         Add export symbols to interpreter headers.
3393         https://bugs.webkit.org/show_bug.cgi?id=27551
3394
3395         * interpreter/Interpreter.h:
3396
3397 2011-06-08  Kevin Ollivier  <kevino@theolliviers.com>
3398
3399         Reviewed by Eric Seidel.
3400
3401         Add export symbols to debugger headers.
3402         https://bugs.webkit.org/show_bug.cgi?id=27551
3403
3404         * debugger/Debugger.h:
3405         * debugger/DebuggerCallFrame.h:
3406
3407 2011-06-08  Geoffrey Garen  <ggaren@apple.com>
3408
3409         Reviewed by Darin Adler.
3410
3411         Moved MarkedSpace.* to NewSpace.* in preparation for more renaming
3412         https://bugs.webkit.org/show_bug.cgi?id=62268
3413
3414         * CMakeLists.txt:
3415         * GNUmakefile.list.am:
3416         * JavaScriptCore.gypi:
3417         * JavaScriptCore.pro:
3418         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3419         * JavaScriptCore.xcodeproj/project.pbxproj:
3420         * heap/Heap.h:
3421         * heap/MarkedBlock.h:
3422         * heap/MarkedSpace.cpp: Removed.
3423         * heap/MarkedSpace.h: Removed.
3424         * heap/NewSpace.cpp: Copied from Source/JavaScriptCore/heap/MarkedSpace.cpp.
3425         * heap/NewSpace.h: Copied from Source/JavaScriptCore/heap/MarkedSpace.h.
3426
3427 2011-06-08  Sheriff Bot  <webkit.review.bot@gmail.com>
3428
3429         Unreviewed, rolling out r88365.
3430         http://trac.webkit.org/changeset/88365
3431         https://bugs.webkit.org/show_bug.cgi?id=62301
3432
3433         windows bots broken (Requested by loislo_ on #webkit).
3434
3435         * JavaScriptCore.exp:
3436
3437 2011-06-08  Ryan Sleevi  <rsleevi@chromium.org>
3438
3439         Reviewed by Tony Chang.
3440
3441         Suppress C++0x compat warnings when compiling Chromium port with GCC 4.6
3442
3443         Compiling Chromium port under GCC 4.6 produces warnings about nullptr
3444         https://bugs.webkit.org/show_bug.cgi?id=62242
3445
3446         * JavaScriptCore.gyp/JavaScriptCore.gyp:
3447
3448 2011-06-08  Ademar de Souza Reis Jr.  <ademar.reis@openbossa.org>
3449
3450         Reviewed by Andreas Kling.
3451
3452         Webkit on SPARC Solaris has wrong endian
3453         https://bugs.webkit.org/show_bug.cgi?id=29407
3454
3455         Bug 57256 fixed one crash on misaligned reads on sparc/solaris, but
3456         there are more ocurrences of the same code pattern in webkit.
3457
3458         This patch includes the check on these other parts of the code.
3459
3460         This is a speculative fix, I don't have a sparc machine to test and
3461         don't know which kind of test would trigger a crash (but it's quite
3462         obvious that it's the same code duplicated in different files).
3463
3464         * runtime/UString.h:
3465         (JSC::UStringHash::equal):
3466         * wtf/text/StringHash.h:
3467         (WTF::StringHash::equal):
3468
3469 2011-06-08  Yael Aharon  <yael.aharon@nokia.com>
3470
3471         Reviewed by Andreas Kling.
3472
3473         [Qt] Build fix for building QtWebKit inside of Qt.
3474         https://bugs.webkit.org/show_bug.cgi?id=62280
3475
3476         Remove CONFIG=staticlib, because it causes the configure script to add -ljavascriptcore
3477         into QtWebKit.prl.
3478
3479         No new tests, as this is just a build fix.
3480
3481         * JavaScriptCore.pri:
3482
3483 2011-06-07  Geoffrey Garen  <ggaren@apple.com>
3484
3485         Reviewed by Oliver Hunt.
3486
3487         Split 'reset' into 'collect' and 'resetAllocator'
3488         https://bugs.webkit.org/show_bug.cgi?id=62267
3489
3490         * heap/Heap.cpp:
3491         (JSC::Heap::allocate):
3492         (JSC::Heap::collectAllGarbage):
3493         (JSC::Heap::collect):
3494         * heap/Heap.h:
3495         * heap/MarkedBlock.h:
3496         (JSC::MarkedBlock::resetAllocator):
3497         * heap/MarkedSpace.cpp:
3498         (JSC::MarkedSpace::resetAllocator):
3499         * heap/MarkedSpace.h:
3500         (JSC::MarkedSpace::SizeClass::resetAllocator):
3501
3502 2011-06-07  Geoffrey Garen  <ggaren@apple.com>
3503
3504         Reviewed by Sam Weinig.
3505
3506         Renamed some more marks to visits
3507         https://bugs.webkit.org/show_bug.cgi?id=62254
3508
3509         * heap/HandleHeap.cpp:
3510         (JSC::HandleHeap::visitStrongHandles):
3511         (JSC::HandleHeap::visitWeakHandles):
3512         * heap/HandleHeap.h:
3513         * heap/HandleStack.cpp:
3514         (JSC::HandleStack::visit):
3515         * heap/HandleStack.h:
3516         * heap/Heap.cpp:
3517         (JSC::Heap::markProtectedObjects):
3518         (JSC::Heap::markTempSortVectors):
3519         (JSC::Heap::markRoots):
3520         * heap/HeapRootVisitor.h:
3521         (JSC::HeapRootVisitor::visit):
3522         * runtime/ArgList.cpp:
3523         (JSC::MarkedArgumentBuffer::markLists):
3524
3525 2011-06-07  Gavin Barraclough  <barraclough@apple.com>
3526
3527         Reviewed by Sam Weinig
3528
3529         https://bugs.webkit.org/show_bug.cgi?id=55537
3530         Functions claim to have 'callee' which they actually don't (and shouldn't)
3531
3532         * JavaScriptCore.xcodeproj/project.pbxproj:
3533         * runtime/JSFunction.cpp:
3534         (JSC::JSFunction::getOwnPropertyNames):
3535
3536 2011-06-07  Juan C. Montemayor  <jmont@apple.com>
3537
3538         Reviewed by Darin Adler.
3539
3540         Make JSStaticFunction and JSStaticValue less "const"
3541         https://bugs.webkit.org/show_bug.cgi?id=62222
3542
3543         * API/JSObjectRef.h:
3544         * API/tests/testapi.c:
3545         (checkConstnessInJSObjectNames):
3546         (main):
3547         * JavaScriptCore.xcodeproj/project.pbxproj:
3548
3549 2011-06-07  Gavin Barraclough  <barraclough@apple.com>
3550
3551         Reviewed by Sam Weinig.
3552
3553         https://bugs.webkit.org/show_bug.cgi?id=62240
3554         DFG JIT - add support for for-loop array initialization.
3555
3556         Support put by val beyond vector length.
3557         Add a operationPutByValBeyondArrayBounds operation, make
3558         PutValVal call this if the vector length check fails.
3559
3560         * dfg/DFGJITCodeGenerator.h:
3561         (JSC::DFG::JITCodeGenerator::silentSpillGPR):
3562         (JSC::DFG::JITCodeGenerator::silentFillGPR):
3563         (JSC::DFG::JITCodeGenerator::silentSpillAllRegisters):
3564         (JSC::DFG::JITCodeGenerator::isDoubleConstantWithInt32Value):
3565         (JSC::DFG::JITCodeGenerator::isJSConstantWithInt32Value):
3566         (JSC::DFG::JITCodeGenerator::isIntegerConstant):
3567         (JSC::DFG::JITCodeGenerator::valueOfIntegerConstant):
3568         * dfg/DFGOperations.cpp:
3569         (JSC::DFG::operationPutByValInternal):
3570         * dfg/DFGOperations.h:
3571         * dfg/DFGSpeculativeJIT.cpp:
3572         (JSC::DFG::SpeculativeJIT::compile):
3573         * dfg/DFGSpeculativeJIT.h:
3574
3575 2011-06-06  James Simonsen  <simonjam@chromium.org>
3576
3577         Reviewed by James Robinson.
3578
3579         Add monotonicallyIncreasingTime() to get monotonically increasing time
3580         https://bugs.webkit.org/show_bug.cgi?id=37743
3581
3582         * wtf/CurrentTime.cpp: Add monotonicallyIncreasingTime() for mac and a fallback implementation that just wraps currentTime().
3583         (WTF::monotonicallyIncreasingTime):
3584         * wtf/CurrentTime.h: Add monotonicallyIncreasingTime().
3585
3586 2011-06-06  Alexandru Chiculita  <achicu@adobe.com>
3587
3588         Reviewed by Kent Tamura.
3589
3590         Add ENABLE_CSS_EXCLUSIONS support for build-webkit script
3591         https://bugs.webkit.org/show_bug.cgi?id=61628
3592
3593         * Configurations/FeatureDefines.xcconfig:
3594
3595 2011-06-06  Mihnea Ovidenie  <mihnea@adobe.com>
3596
3597         Reviewed by Kent Tamura.
3598
3599         Add ENABLE(CSS_REGIONS) guard for CSS Regions support
3600         https://bugs.webkit.org/show_bug.cgi?id=61631
3601
3602         * Configurations/FeatureDefines.xcconfig:
3603
3604 2011-06-06  Carlos Garcia Campos  <cgarcia@igalia.com>
3605
3606         Unreviewed. Fix the GTK+ build.
3607
3608         * GNUmakefile.am: Add javascriptcore_cflags variable.
3609
3610 2011-06-04  Kevin Ollivier  <kevino@theolliviers.com>
3611
3612         [wx] Unreviewed build fix. Restore the PPC build and allow users to specify architectures
3613         to build on Mac.
3614
3615         * wtf/Platform.h:
3616
3617 2011-06-04  Gustavo Noronha Silva  <gns@gnome.org>
3618
3619         Unreviewed, MIPS build fix.
3620
3621         WebKitGTK+ tarball fails to build on MIPS.
3622         https://buildd.debian.org/status/fetch.php?pkg=webkitgtk%2B&arch=mips&ver=1.4.0-1&stamp=1304786691
3623
3624         * GNUmakefile.list.am: Add missing MIPS-related file to the list
3625         of files that are added to the tarball on make dist, and fix
3626         sorting.
3627
3628 2011-06-04  Sam Weinig  <sam@webkit.org>
3629
3630         Reviewed by Darin Adler.
3631
3632         Fix formatting of the output generated by KeywordLookupGenerator.py
3633         https://bugs.webkit.org/show_bug.cgi?id=62083
3634
3635         - Uses correct year for copyright.
3636         - Puts ending brace on same line as "else if"
3637         - Puts starting brace of function on its own line.
3638         - Adds some tasteful whitespace.
3639         - Adds comments to make clear that scopes are ending
3640         - Make macros actually split on two lines.
3641
3642         * KeywordLookupGenerator.py:
3643
3644 2011-06-04  Adam Barth  <abarth@webkit.org>
3645
3646         Reviewed by Eric Seidel.
3647
3648         KeywordLookupGenerator.py spams stdout in Chromium Linux build
3649         https://bugs.webkit.org/show_bug.cgi?id=62087
3650
3651         This action does not appear to be needed.
3652
3653         * JavaScriptCore.gyp/JavaScriptCore.gyp:
3654
3655 2011-06-03  Oliver Hunt  <oliver@apple.com>
3656
3657         Reviewed by Maciej Stachowiak.
3658
3659         Lexer needs to provide Identifier for reserved words
3660         https://bugs.webkit.org/show_bug.cgi?id=62086
3661
3662         Alas it is necessary to provide an Identifier reference for keywords
3663         so that we can do the right thing when they're used in object literals.
3664         We now keep Identifiers for all reserved words in the CommonIdentifiers
3665         structure so that we can access them without a hash lookup.
3666
3667         * KeywordLookupGenerator.py:
3668         * parser/Lexer.cpp:
3669         (JSC::Lexer::parseIdentifier):
3670         * parser/Lexer.h:
3671         * runtime/CommonIdentifiers.cpp:
3672         (JSC::CommonIdentifiers::CommonIdentifiers):
3673         * runtime/CommonIdentifiers.h:
3674
3675 2011-06-03  Gavin Barraclough  <barraclough@apple.com>
3676
3677         Reviewed by Sam Weinig.
3678
3679         Add debug code to break on speculation failures.
3680
3681         * dfg/DFGJITCompiler.cpp:
3682         (JSC::DFG::JITCompiler::jumpFromSpeculativeToNonSpeculative):
3683         (JSC::DFG::JITCompiler::compileFunction):
3684         * dfg/DFGNode.h:
3685
3686 2011-06-03  Gavin Barraclough  <barraclough@apple.com>
3687
3688         Reviewed by Sam Weinig.
3689
3690         https://bugs.webkit.org/show_bug.cgi?id=62082
3691         DFG JIT - bug passing arguments that need swap
3692
3693         This is really just a typo.
3694         When setting up the arguments for a call out to a C operation, we'll
3695         fail to swap arguments where this is necessary. For example, in the
3696         case of 2 arg calls, where the first argument is in %rdx & the second
3697         is in %rsi we should swap (exec will be passed in %rdi), but we don't.
3698
3699         This can also affect function calls passing three arguments.
3700
3701         * dfg/DFGJITCodeGenerator.h:
3702         (JSC::DFG::JITCodeGenerator::setupTwoStubArgs):
3703             - Call swap with the correct arguments.
3704
3705 2011-06-03  Oliver Hunt  <oliver@apple.com>
3706
3707         Reviewed by Gavin Barraclough.
3708
3709         Force inlining of some hot lexer functions
3710         https://bugs.webkit.org/show_bug.cgi?id=62079
3711
3712         Fix more GCC stupidity
3713
3714         * parser/Lexer.h:
3715         (JSC::Lexer::isWhiteSpace):
3716         (JSC::Lexer::isLineTerminator):
3717
3718 2011-06-03  Oliver Hunt  <oliver@apple.com>
3719
3720         Reviewed by Gavin Barraclough.
3721
3722         GCC not inlining some functions that it really should be
3723         https://bugs.webkit.org/show_bug.cgi?id=62075
3724
3725         Add ALWAYS_INLINE to a number of parsing and lexing functions
3726         that should always be inlined.  This gets us ~1.4% on my ad hoc
3727         parser test.
3728
3729         * KeywordLookupGenerator.py:
3730         * parser/JSParser.cpp:
3731         (JSC::JSParser::next):
3732         (JSC::JSParser::nextTokenIsColon):
3733         (JSC::JSParser::consume):
3734         (JSC::JSParser::match):
3735         (JSC::JSParser::tokenStart):
3736         (JSC::JSParser::tokenLine):
3737         (JSC::JSParser::tokenEnd):
3738         * parser/Lexer.cpp:
3739         (JSC::isIdentPart):
3740
3741 2011-06-03  Oliver Hunt  <oliver@apple.com>
3742
3743         Whoops, fix last minute bug.
3744
3745         * parser/Lexer.cpp:
3746         (JSC::Lexer::parseIdentifier):
3747
3748 2011-06-03  Martin Robinson  <mrobinson@igalia.com>
3749
3750         Try to fix the GTK+ build.
3751
3752         * GNUmakefile.am: Clean up some spaces that should be tabs.
3753         * GNUmakefile.list.am: Add KeywordLookup.h to the source list
3754         and clean up some spaces that should be tabs.
3755
3756 2011-06-03  Oliver Hunt  <oliver@apple.com>
3757
3758         Reviewed by Geoffrey Garen.
3759
3760         Improve keyword lookup
3761         https://bugs.webkit.org/show_bug.cgi?id=61913
3762
3763         Rather than doing multiple hash lookups as we currently
3764         do when trying to identify keywords we now use an 
3765         automatically generated decision tree (essentially it's
3766         a hard coded patricia trie).  We still use the regular
3767         lookup table for the last few characters of an input as
3768         this allows us to completely skip all bounds checks.
3769
3770         * CMakeLists.txt:
3771         * DerivedSources.make:
3772         * DerivedSources.pro:
3773         * GNUmakefile.am:
3774         * JavaScriptCore.gyp/JavaScriptCore.gyp:
3775         * JavaScriptCore.xcodeproj/project.pbxproj:
3776         * KeywordLookupGenerator.py: Added.
3777         * make-generated-sources.sh:
3778         * parser/Lexer.cpp:
3779         (JSC::Lexer::internalShift):
3780         (JSC::Lexer::shift):
3781         (JSC::Lexer::parseIdentifier):
3782         * parser/Lexer.h:
3783
3784 2011-06-03  Siddharth Mathur  <siddharth.mathur@nokia.com>
3785
3786         Reviewed by Benjamin Poulain.
3787
3788         [Qt] Build flag for experimental ICU library support
3789         https://bugs.webkit.org/show_bug.cgi?id=60786
3790
3791         Adds a build-time flag (CONFIG+=use_system_icu) that enables experimental 
3792         ICU powered Unicode support. 
3793
3794         * JavaScriptCore.pri: Support for use_system_icu CONFIG flag.
3795         * wtf/unicode/qt4/UnicodeQt4.h: Guard an include file with USE(ICU_UNICODE). 
3796
3797 2011-06-03  Alexis Menard  <alexis.menard@openbossa.org>
3798
3799         Reviewed by Benjamin Poulain.
3800
3801         [Qt] Build fix of QtWebKit 2.2 when inside Qt tree with GCC 4.6.
3802         https://bugs.webkit.org/show_bug.cgi?id=61957
3803
3804         When building inside the Qt source tree, qmake always append the mkspecs
3805         defines after ours. We have to workaround and make sure that we append 
3806         our flags after the qmake variable used inside Qt. This workaround was provided 
3807         by our qmake folks. We need to append in both case because qmake behave differently
3808         when called with -spec or via SUBDIR+=. This patch unbreak r87950 on Mac for Qt port.
3809
3810         * JavaScriptCore.pro:
3811
3812 2011-06-02  Jay Civelli  <jcivelli@chromium.org>
3813
3814         Reviewed by Adam Barth.
3815
3816         Added a method to generate RFC 2822 compliant date strings.
3817         https://bugs.webkit.org/show_bug.cgi?id=7169
3818
3819         * wtf/DateMath.cpp:
3820         (WTF::twoDigitStringFromNumber):
3821         (WTF::makeRFC2822DateString):
3822         * wtf/DateMath.h:
3823
3824 2011-06-02  Alexis Menard  <alexis.menard@openbossa.org>
3825
3826         Reviewed by Andreas Kling.
3827
3828         [Qt] Build fix of QtWebKit 2.2 when inside Qt tree with GCC 4.6.
3829         https://bugs.webkit.org/show_bug.cgi?id=61957
3830
3831         When building inside the Qt source tree, qmake always append the mkspecs
3832         defines after ours. We have to workaround and make sure that we append  
3833         our flags after the qmake variable used inside Qt. This workaround was provided
3834         by our qmake folks.
3835
3836         * JavaScriptCore.pro:
3837
3838 2011-06-01  Oliver Hunt  <oliver@apple.com>
3839
3840         Reviewed by Geoffrey Garen.
3841
3842         Add single character lookup cache to IdentifierArena
3843         https://bugs.webkit.org/show_bug.cgi?id=61879
3844
3845         Add a simple lookup cache for single ascii character
3846         identifiers.  Produces around a 2% improvement in parse
3847         time for my adhoc parser test.
3848
3849         * parser/ParserArena.h:
3850         (JSC::IdentifierArena::IdentifierArena):
3851         (JSC::IdentifierArena::clear):
3852         (JSC::IdentifierArena::makeIdentifier):
3853
3854 2011-05-31  Oliver Hunt  <oliver@apple.com>
3855
3856         Reviewed by Geoffrey Garen.
3857
3858         Freezing a function and its prototype causes browser to crash.
3859         https://bugs.webkit.org/show_bug.cgi?id=61758
3860
3861         Make JSObject::preventExtensions virtual so that we can override it
3862         and instantiate all lazy
3863
3864         * JavaScriptCore.exp:
3865         * runtime/JSFunction.cpp:
3866         (JSC::createPrototypeProperty):
3867         (JSC::JSFunction::preventExtensions):
3868         (JSC::JSFunction::getOwnPropertySlot):
3869         * runtime/JSFunction.h:
3870         * runtime/JSObject.h:
3871         * runtime/JSObject.cpp:
3872         (JSC::JSObject::seal):
3873         (JSC::JSObject::seal):
3874
3875 2011-06-01  Sheriff Bot  <webkit.review.bot@gmail.com>
3876
3877         Unreviewed, rolling out r87788.
3878         http://trac.webkit.org/changeset/87788
3879         https://bugs.webkit.org/show_bug.cgi?id=61856
3880
3881         breaks windows chromium canary (Requested by jknotten on
3882         #webkit).
3883
3884         * wtf/DateMath.cpp:
3885         (WTF::timeClip):
3886         * wtf/DateMath.h:
3887
3888 2011-06-01  Jay Civelli  <jcivelli@chromium.org>
3889
3890         Reviewed by Adam Barth.
3891
3892         Added a method to generate RFC 2822 compliant date strings.
3893         https://bugs.webkit.org/show_bug.cgi?id=7169
3894
3895         * wtf/DateMath.cpp:
3896         (WTF::twoDigitStringFromNumber):
3897         (WTF::makeRFC2822DateString):
3898         * wtf/DateMath.h:
3899
3900 2011-05-31  Yong Li  <yoli@rim.com>
3901
3902         Reviewed by Eric Seidel.
3903
3904         https://bugs.webkit.org/show_bug.cgi?id=54807
3905         We have been assuming plain bitfields (like "int a : 31") are always signed integers.
3906         However some compilers can treat them as unsigned. For example, RVCT 4.0 states plain
3907         bitfields (declared without either signed or unsigned qualifiers) are treats as unsigned.
3908         http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.dui0348c/Babjddhe.html
3909         Although we can use "--signed-bitfields" flag to make RVCT 4.0 behave as most other compilers,
3910         always using "signed"/"unsigned" qualifier to declare integral type bitfields is still a good
3911         rule we should have in order to make our code independent from compilers and compiler flags.
3912
3913         No new test added because this change is not known to fix any issue.
3914
3915         * bytecode/StructureStubInfo.h:
3916
3917 2011-05-30  Hojong Han  <hojong.han@samsung.com>
3918
3919         Reviewed by Geoffrey Garen.
3920
3921         [JSC] malfunction during arithmetic condition check with negative number (-2147483648)
3922         https://bugs.webkit.org/show_bug.cgi?id=61416
3923
3924         * assembler/MacroAssemblerARM.h:
3925         (JSC::MacroAssemblerARM::branch32):
3926         * tests/mozilla/ecma/Expressions/11.12-1.js:
3927         (getTestCases):
3928
3929 2011-05-29  Geoffrey Garen  <ggaren@apple.com>
3930
3931         Reviewed by Sam Weinig.
3932
3933         Some heap refactoring
3934         https://bugs.webkit.org/show_bug.cgi?id=61704
3935         
3936         SunSpider says no change.
3937
3938         * JavaScriptCore.exp: Export!
3939
3940         * heap/Heap.cpp: COLLECT_ON_EVERY_ALLOCATION can actually do so now.
3941
3942         (JSC::Heap::Heap): Changed Heap sub-objects to point to the heap.
3943
3944         (JSC::Heap::allocate): Changed inline allocation code to only select the
3945         size class, since this can be optimized out at compile time -- everything
3946         else is now inlined into this out-of-line function.
3947         
3948         No need to duplicate ASSERTs made in our caller.
3949
3950         * heap/Heap.h:
3951         (JSC::Heap::heap):
3952         (JSC::Heap::isMarked):
3953         (JSC::Heap::testAndSetMarked):
3954         (JSC::Heap::testAndClearMarked):
3955         (JSC::Heap::setMarked): Call directly into MarkedBlock instead of adding
3956         a layer of indirection through MarkedSpace.
3957
3958         (JSC::Heap::allocate): See above.
3959
3960         * heap/MarkedBlock.cpp:
3961         (JSC::MarkedBlock::create):
3962         (JSC::MarkedBlock::MarkedBlock):
3963         * heap/MarkedBlock.h: Changed Heap sub-objects to point to the heap.
3964
3965         * heap/MarkedSpace.cpp:
3966         (JSC::MarkedSpace::MarkedSpace):
3967         (JSC::MarkedSpace::allocateBlock):
3968         * heap/MarkedSpace.h:
3969         (JSC::MarkedSpace::allocate): Updated to match changes above.
3970
3971 2011-05-28  David Kilzer  <ddkilzer@apple.com>
3972
3973         BUILD FIX when building only the interpreter
3974
3975         Fixes the following compiler warning:
3976
3977             JavaScriptCore/runtime/JSGlobalData.cpp:462:6: error: no previous prototype for function 'releaseExecutableMemory' [-Werror,-Wmissing-prototypes,3]
3978              void releaseExecutableMemory(JSGlobalData& globalData)
3979                   ^
3980
3981         * jit/ExecutableAllocator.h: Moved declaration of
3982         JSC::releaseExecutableMemory().
3983
3984 2011-05-28  David Kilzer  <ddkilzer@apple.com>
3985
3986         BUILD FIX after r87527 with ENABLE(BRANCH_COMPACTION)
3987
3988         * assembler/LinkBuffer.h:
3989         (JSC::LinkBuffer::linkCode): Added missing argument.
3990
3991 2011-05-27  Geoffrey Garen  <ggaren@apple.com>
3992
3993         Reviewed by Oliver Hunt.
3994
3995         JS API is too aggressive about throwing exceptions for NULL get or set operations
3996         https://bugs.webkit.org/show_bug.cgi?id=61678
3997
3998         * API/JSCallbackObject.h: Changed our staticValueGetter to a regular
3999         function that returns a JSValue, so it can fail and still forward to
4000         normal property lookup.
4001
4002         * API/JSCallbackObjectFunctions.h:
4003         (JSC::::getOwnPropertySlot): Don't throw an exception when failing to
4004         access a static property -- just forward the access. This allows objects
4005         to observe get/set operations but still let the JS object manage lifetime.
4006
4007         (JSC::::put): Ditto.
4008
4009         (JSC::::getStaticValue): Same as JSCallbackObject.h.
4010
4011         * API/tests/testapi.c:
4012         (MyObject_set_nullGetForwardSet):
4013         * API/tests/testapi.js: Updated tests to reflect slightly less strict
4014         behavior, which matches headerdoc claims.
4015
4016 2011-05-27  Geoffrey Garen  <ggaren@apple.com>
4017
4018         Reviewed by Oliver Hunt.
4019
4020         Property caching is too aggressive for API objects
4021         https://bugs.webkit.org/show_bug.cgi?id=61677
4022
4023         * API/JSCallbackObject.h: Opt in to ProhibitsPropertyCaching, since our
4024         callback APIs allow the client to change its mind about our propertis at
4025         any time.
4026
4027         * API/tests/testapi.c:
4028         (PropertyCatchalls_getProperty):
4029         (PropertyCatchalls_setProperty):
4030         (PropertyCatchalls_getPropertyNames):
4031         (PropertyCatchalls_class):
4032         (main):
4033         * API/tests/testapi.js: Some tests for dynamic API objects.
4034
4035         * interpreter/Interpreter.cpp:
4036         (JSC::Interpreter::tryCachePutByID):
4037         (JSC::Interpreter::tryCacheGetByID):
4038         * jit/JITStubs.cpp:
4039         (JSC::JITThunks::tryCachePutByID):
4040         (JSC::JITThunks::tryCacheGetByID):
4041         (JSC::DEFINE_STUB_FUNCTION): Opt out of property caching if the client
4042         requires it.
4043
4044         * runtime/JSTypeInfo.h:
4045         (JSC::TypeInfo::TypeInfo):
4046         (JSC::TypeInfo::isFinal):
4047         (JSC::TypeInfo::prohibitsPropertyCaching):
4048         (JSC::TypeInfo::flags): Added a flag to track opting out of property
4049         caching. Fixed an "&&" vs "&" typo that was previously harmless, but
4050         is now harmful since m_flags2 can have more than one bit set.
4051
4052 2011-05-27  Stephanie Lewis  <slewis@apple.com>
4053
4054         Unreviewed.
4055
4056         Fix a typo in the order_file flag.
4057
4058         * Configurations/Base.xcconfig:
4059
4060 2011-05-27  Patrick Gansterer  <paroga@webkit.org>
4061
4062         Unreviewed. Build fix for !ENABLE(ASSEMBLER) after r87527.
4063
4064         * runtime/JSGlobalData.cpp: