Fix style issues in DFG Phase classes
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2012-02-18  Sam Weinig  <sam@webkit.org>
2
3         Fix style issues in DFG Phase classes
4         https://bugs.webkit.org/show_bug.cgi?id=78983
5
6         Reviewed by Ryosuke Niwa.
7
8         * dfg/DFGArithNodeFlagsInferencePhase.cpp:
9         * dfg/DFGCFAPhase.cpp:
10         * dfg/DFGCSEPhase.cpp:
11         * dfg/DFGPredictionPropagationPhase.cpp:
12         * dfg/DFGVirtualRegisterAllocationPhase.cpp:
13         Add a space before the colon in class declarations.
14
15 2012-02-18  Filip Pizlo  <fpizlo@apple.com>
16
17         Attempt to fix Windows build.
18
19         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
20
21 2012-02-18  Sam Weinig  <sam@webkit.org>
22
23         Fix the libc++ build.
24
25         Reviewed by Anders Carlsson.
26
27         * heap/Weak.h:
28         Libc++'s nullptr emulation does not allow default construction
29         of the nullptr_t type. Work around this with the arguably clearer
30         just returning nullptr.
31
32 2012-02-18  Filip Pizlo  <fpizlo@apple.com>
33
34         DFGPropagator.cpp has too many things
35         https://bugs.webkit.org/show_bug.cgi?id=78956
36
37         Reviewed by Oliver Hunt.
38         
39         Added the notion of a DFG::Phase. Removed DFG::Propagator, and took its
40         various things and put them into separate files. These new phases follow
41         the naming convention "DFG<name>Phase" where <name> is a noun. They are
42         called via functions of the form "perform<name>".
43
44         * CMakeLists.txt:
45         * GNUmakefile.list.am:
46         * JavaScriptCore.xcodeproj/project.pbxproj:
47         * Target.pri:
48         * dfg/DFGArithNodeFlagsInferencePhase.cpp: Added.
49         (DFG):
50         (JSC::DFG::performArithNodeFlagsInference):
51         * dfg/DFGArithNodeFlagsInferencePhase.h: Added.
52         (DFG):
53         * dfg/DFGCFAPhase.cpp: Added.
54         (DFG):
55         (JSC::DFG::performCFA):
56         * dfg/DFGCFAPhase.h: Added.
57         (DFG):
58         * dfg/DFGCSEPhase.cpp: Added.
59         (DFG):
60         (JSC::DFG::performCSE):
61         * dfg/DFGCSEPhase.h: Added.
62         (DFG):
63         * dfg/DFGDriver.cpp:
64         (JSC::DFG::compile):
65         * dfg/DFGPhase.cpp: Added.
66         (DFG):
67         (JSC::DFG::Phase::beginPhase):
68         (JSC::DFG::Phase::endPhase):
69         * dfg/DFGPhase.h: Added.
70         (DFG):
71         (Phase):
72         (JSC::DFG::Phase::Phase):
73         (JSC::DFG::Phase::~Phase):
74         (JSC::DFG::Phase::globalData):
75         (JSC::DFG::Phase::codeBlock):
76         (JSC::DFG::Phase::profiledBlock):
77         (JSC::DFG::Phase::beginPhase):
78         (JSC::DFG::Phase::endPhase):
79         (JSC::DFG::runPhase):
80         * dfg/DFGPredictionPropagationPhase.cpp: Added.
81         (DFG):
82         (JSC::DFG::performPredictionPropagation):
83         * dfg/DFGPredictionPropagationPhase.h: Added.
84         (DFG):
85         * dfg/DFGPropagator.cpp: Removed.
86         * dfg/DFGPropagator.h: Removed.
87         * dfg/DFGVirtualRegisterAllocationPhase.cpp: Added.
88         (DFG):
89         (JSC::DFG::performVirtualRegisterAllocation):
90         * dfg/DFGVirtualRegisterAllocationPhase.h: Added.
91         (DFG):
92
93 2012-02-17  Filip Pizlo  <fpizlo@apple.com>
94
95         DFG::Graph should have references to JSGlobalData, the CodeBlock being compiled, and
96         the CodeBlock that was used for profiling
97         https://bugs.webkit.org/show_bug.cgi?id=78954
98
99         Reviewed by Gavin Barraclough.
100
101         * bytecode/CodeBlock.h:
102         (JSC::baselineCodeBlockForOriginAndBaselineCodeBlock):
103         (JSC):
104         * dfg/DFGAbstractState.cpp:
105         (JSC::DFG::AbstractState::AbstractState):
106         (JSC::DFG::AbstractState::execute):
107         * dfg/DFGAbstractState.h:
108         * dfg/DFGAssemblyHelpers.h:
109         (AssemblyHelpers):
110         * dfg/DFGByteCodeParser.cpp:
111         (JSC::DFG::ByteCodeParser::ByteCodeParser):
112         (JSC::DFG::ByteCodeParser::handleCall):
113         (JSC::DFG::parse):
114         * dfg/DFGByteCodeParser.h:
115         (DFG):
116         * dfg/DFGDriver.cpp:
117         (JSC::DFG::compile):
118         * dfg/DFGGraph.cpp:
119         (JSC::DFG::Graph::dump):
120         (JSC::DFG::Graph::predictArgumentTypes):
121         * dfg/DFGGraph.h:
122         (JSC::DFG::Graph::Graph):
123         (Graph):
124         (JSC::DFG::Graph::getJSConstantPrediction):
125         (JSC::DFG::Graph::addShouldSpeculateInteger):
126         (JSC::DFG::Graph::isInt32Constant):
127         (JSC::DFG::Graph::isDoubleConstant):
128         (JSC::DFG::Graph::isNumberConstant):
129         (JSC::DFG::Graph::isBooleanConstant):
130         (JSC::DFG::Graph::isFunctionConstant):
131         (JSC::DFG::Graph::valueOfJSConstant):
132         (JSC::DFG::Graph::valueOfInt32Constant):
133         (JSC::DFG::Graph::valueOfNumberConstant):
134         (JSC::DFG::Graph::valueOfBooleanConstant):
135         (JSC::DFG::Graph::valueOfFunctionConstant):
136         (JSC::DFG::Graph::baselineCodeBlockFor):
137         (JSC::DFG::Graph::valueProfileFor):
138         (JSC::DFG::Graph::addImmediateShouldSpeculateInteger):
139         * dfg/DFGJITCompiler.h:
140         (JSC::DFG::JITCompiler::JITCompiler):
141         (JITCompiler):
142         * dfg/DFGOSRExit.cpp:
143         (JSC::DFG::OSRExit::considerAddingAsFrequentExitSiteSlow):
144         * dfg/DFGPropagator.cpp:
145         (JSC::DFG::Propagator::Propagator):
146         (JSC::DFG::Propagator::isNotNegZero):
147         (JSC::DFG::Propagator::isNotZero):
148         (JSC::DFG::Propagator::propagateNodePredictions):
149         (JSC::DFG::Propagator::doRoundOfDoubleVoting):
150         (JSC::DFG::Propagator::globalCFA):
151         (JSC::DFG::propagate):
152         * dfg/DFGPropagator.h:
153         (DFG):
154         * dfg/DFGSpeculativeJIT.cpp:
155         (JSC::DFG::SpeculativeJIT::computeValueRecoveryFor):
156         (JSC::DFG::SpeculativeJIT::compileAdd):
157         (JSC::DFG::SpeculativeJIT::compileArithSub):
158         * dfg/DFGSpeculativeJIT.h:
159         (JSC::DFG::SpeculativeJIT::isConstant):
160         (JSC::DFG::SpeculativeJIT::isJSConstant):
161         (JSC::DFG::SpeculativeJIT::isInt32Constant):
162         (JSC::DFG::SpeculativeJIT::isDoubleConstant):
163         (JSC::DFG::SpeculativeJIT::isNumberConstant):
164         (JSC::DFG::SpeculativeJIT::isBooleanConstant):
165         (JSC::DFG::SpeculativeJIT::isFunctionConstant):
166         (JSC::DFG::SpeculativeJIT::valueOfInt32Constant):
167         (JSC::DFG::SpeculativeJIT::valueOfNumberConstant):
168         (JSC::DFG::SpeculativeJIT::valueOfJSConstant):
169         (JSC::DFG::SpeculativeJIT::valueOfBooleanConstant):
170         (JSC::DFG::SpeculativeJIT::valueOfFunctionConstant):
171         (JSC::DFG::SpeculativeJIT::speculationCheck):
172         (JSC::DFG::SpeculativeJIT::SpeculativeJIT):
173
174 2012-02-17  Ahmad Sharif  <asharif.tools@gmail.com>
175
176         There is a warning in memset in glibc that gets triggered through a
177         warndecl when the fill-value of memset is a non-zero constant and the
178         size is zero. This warning is enabled when building with
179         -D_FORTIFY_SOURCE=2. This patch fixes the warning.
180
181         https://bugs.webkit.org/show_bug.cgi?id=78513
182
183         Reviewed by Alexey Proskuryakov
184
185         * wtf/Vector.h:
186
187 2012-02-17  Kalev Lember  <kalevlember@gmail.com>
188
189         Remove unused parameters from WTF threading API
190         https://bugs.webkit.org/show_bug.cgi?id=78389
191
192         Reviewed by Adam Roben.
193
194         waitForThreadCompletion() had an out param 'void **result' to get the
195         'void *' returned by ThreadFunction. However, the implementation in
196         ThreadingWin.cpp ignored the out param, not filling it in. This had
197         led to a situation where none of the client code made use of the param
198         and just ignored it.
199
200         To clean this up, the patch changes the signature of ThreadFunction to
201         return void instead of void* and drops the the unused 'void **result'
202         parameter from waitForThreadCompletion. Also, all client code is
203         updated for the API change.
204
205         As mentioned in https://bugs.webkit.org/show_bug.cgi?id=78389 , even
206         though the change only affects internal API, Safari is using it
207         directly and we'll need to keep the old versions around for ABI
208         compatibility. For this, the patch adds compatibility wrappers with
209         the old ABI.
210
211         * JavaScriptCore.order:
212         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
213         * bytecode/SamplingTool.cpp:
214         (JSC::SamplingThread::threadStartFunc):
215         (JSC::SamplingThread::stop):
216         * bytecode/SamplingTool.h:
217         (SamplingThread):
218         * heap/Heap.cpp:
219         (JSC::Heap::~Heap):
220         (JSC::Heap::blockFreeingThreadStartFunc):
221         * heap/Heap.h:
222         * heap/MarkStack.cpp:
223         (JSC::MarkStackThreadSharedData::markingThreadStartFunc):
224         (JSC::MarkStackThreadSharedData::~MarkStackThreadSharedData):
225         * heap/MarkStack.h:
226         (MarkStackThreadSharedData):
227         * wtf/ParallelJobsGeneric.cpp:
228         (WTF::ParallelEnvironment::ThreadPrivate::workerThread):
229         * wtf/ParallelJobsGeneric.h:
230         (ThreadPrivate):
231         * wtf/ThreadFunctionInvocation.h: Update the signature of
232         ThreadFunction.
233         (WTF):
234         * wtf/Threading.cpp:
235         (WTF::threadEntryPoint): Update for ThreadFunction signature change.
236         (WTF):
237         (WTF::ThreadFunctionWithReturnValueInvocation::ThreadFunctionWithReturnValueInvocation):
238         ABI compatibility function for Safari.
239         (ThreadFunctionWithReturnValueInvocation): Ditto.
240         (WTF::compatEntryPoint): Ditto.
241         (WTF::createThread): Ditto.
242         (WTF::waitForThreadCompletion): Ditto.
243         * wtf/Threading.h: Update the signature of ThreadFunction and
244         waitForThreadCompletion.
245         (WTF):
246         * wtf/ThreadingPthreads.cpp: Implement the new API.
247         (WTF::wtfThreadEntryPoint):
248         (WTF):
249         (WTF::createThreadInternal):
250         (WTF::waitForThreadCompletion):
251         * wtf/ThreadingWin.cpp: Implement the new API.
252         (WTF::wtfThreadEntryPoint):
253         (WTF::waitForThreadCompletion):
254
255 2012-02-16  Oliver Hunt  <oliver@apple.com>
256
257         Implement Error.stack
258         https://bugs.webkit.org/show_bug.cgi?id=66994
259
260         Reviewed by Gavin Barraclough.
261
262         Implement support for stack traces on exception objects.  This is a rewrite
263         of the core portion of the last stack walking logic, but the mechanical work
264         of adding the information to an exception comes from the original work by
265         Juan Carlos Montemayor Elosua.
266
267         * interpreter/Interpreter.cpp:
268         (JSC::getCallerInfo):
269         (JSC):
270         (JSC::getSourceURLFromCallFrame):
271         (JSC::getStackFrameCodeType):
272         (JSC::Interpreter::getStackTrace):
273         (JSC::Interpreter::throwException):
274         (JSC::Interpreter::privateExecute):
275         * interpreter/Interpreter.h:
276         (JSC):
277         (StackFrame):
278         (JSC::StackFrame::toString):
279         (Interpreter):
280         * jsc.cpp:
281         (GlobalObject::finishCreation):
282         (functionJSCStack):
283         * parser/Nodes.h:
284         (JSC::FunctionBodyNode::setInferredName):
285         * parser/Parser.h:
286         (JSC::::parse):
287         * runtime/CommonIdentifiers.h:
288         * runtime/Error.cpp:
289         (JSC::addErrorInfo):
290         * runtime/Error.h:
291         (JSC):
292
293 2012-02-17  Mark Hahnenberg  <mhahnenberg@apple.com>
294
295         Rename Bump* to Copy*
296         https://bugs.webkit.org/show_bug.cgi?id=78573
297
298         Reviewed by Geoffrey Garen.
299
300         Renamed anything with "Bump" in the name to have "Copied" instead.
301
302         * CMakeLists.txt:
303         * GNUmakefile.list.am:
304         * JavaScriptCore.gypi:
305         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
306         * JavaScriptCore.xcodeproj/project.pbxproj:
307         * Target.pri:
308         * heap/BumpBlock.h: Removed.
309         * heap/BumpSpace.cpp: Removed.
310         * heap/BumpSpace.h: Removed.
311         * heap/BumpSpaceInlineMethods.h: Removed.
312         * heap/ConservativeRoots.cpp:
313         (JSC::ConservativeRoots::ConservativeRoots):
314         (JSC::ConservativeRoots::genericAddPointer):
315         * heap/ConservativeRoots.h:
316         (ConservativeRoots):
317         * heap/CopiedBlock.h: Added.
318         (JSC):
319         (CopiedBlock):
320         (JSC::CopiedBlock::CopiedBlock):
321         * heap/CopiedSpace.cpp: Added.
322         (JSC):
323         (JSC::CopiedSpace::tryAllocateSlowCase):
324         * heap/CopiedSpace.h: Added.
325         (JSC):
326         (CopiedSpace):
327         (JSC::CopiedSpace::isInCopyPhase):
328         (JSC::CopiedSpace::totalMemoryAllocated):
329         (JSC::CopiedSpace::totalMemoryUtilized):
330         * heap/CopiedSpaceInlineMethods.h: Added.
331         (JSC):
332         (JSC::CopiedSpace::CopiedSpace):
333         (JSC::CopiedSpace::init):
334         (JSC::CopiedSpace::contains):
335         (JSC::CopiedSpace::pin):
336         (JSC::CopiedSpace::startedCopying):
337         (JSC::CopiedSpace::doneCopying):
338         (JSC::CopiedSpace::doneFillingBlock):
339         (JSC::CopiedSpace::recycleBlock):
340         (JSC::CopiedSpace::getFreshBlock):
341         (JSC::CopiedSpace::borrowBlock):
342         (JSC::CopiedSpace::addNewBlock):
343         (JSC::CopiedSpace::allocateNewBlock):
344         (JSC::CopiedSpace::fitsInBlock):
345         (JSC::CopiedSpace::fitsInCurrentBlock):
346         (JSC::CopiedSpace::tryAllocate):
347         (JSC::CopiedSpace::tryAllocateOversize):
348         (JSC::CopiedSpace::allocateFromBlock):
349         (JSC::CopiedSpace::tryReallocate):
350         (JSC::CopiedSpace::tryReallocateOversize):
351         (JSC::CopiedSpace::isOversize):
352         (JSC::CopiedSpace::isPinned):
353         (JSC::CopiedSpace::oversizeBlockFor):
354         (JSC::CopiedSpace::blockFor):
355         * heap/Heap.cpp:
356         * heap/Heap.h:
357         (JSC):
358         (Heap):
359         * heap/MarkStack.cpp:
360         (JSC::MarkStackThreadSharedData::MarkStackThreadSharedData):
361         (JSC::SlotVisitor::drainFromShared):
362         (JSC::SlotVisitor::startCopying):
363         (JSC::SlotVisitor::allocateNewSpace):
364         (JSC::SlotVisitor::doneCopying):
365         * heap/MarkStack.h:
366         (MarkStackThreadSharedData):
367         * heap/SlotVisitor.h:
368         (SlotVisitor):
369         * runtime/JSArray.cpp:
370         * runtime/JSObject.cpp:
371
372 2012-02-16  Yuqiang Xian  <yuqiang.xian@intel.com>
373
374         Add JSC code profiling support on Linux x86
375         https://bugs.webkit.org/show_bug.cgi?id=78871
376
377         Reviewed by Gavin Barraclough.
378
379         We don't unwind the stack for now as we cannot guarantee all the
380         libraries are compiled without -fomit-frame-pointer.
381
382         * tools/CodeProfile.cpp:
383         (JSC::CodeProfile::sample):
384         * tools/CodeProfiling.cpp:
385         (JSC):
386         (JSC::profilingTimer):
387         (JSC::CodeProfiling::begin):
388         (JSC::CodeProfiling::end):
389
390 2012-02-16  Csaba Osztrogonác  <ossy@webkit.org>
391
392         Unreviewed. Rolling out r107980, because it broke 32 bit platforms.
393
394         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
395         * interpreter/Interpreter.cpp:
396         (JSC::Interpreter::throwException):
397         (JSC::Interpreter::privateExecute):
398         * interpreter/Interpreter.h:
399         (JSC):
400         (Interpreter):
401         * jsc.cpp:
402         (GlobalObject::finishCreation):
403         * parser/Nodes.h:
404         (JSC::FunctionBodyNode::setInferredName):
405         * parser/Parser.h:
406         (JSC::::parse):
407         * runtime/CommonIdentifiers.h:
408         * runtime/Error.cpp:
409         (JSC::addErrorInfo):
410         * runtime/Error.h:
411         (JSC):
412
413 2012-02-16  Filip Pizlo  <fpizlo@apple.com>
414
415         ENABLE_INTERPRETER should be ENABLE_CLASSIC_INTERPRETER
416         https://bugs.webkit.org/show_bug.cgi?id=78791
417
418         Rubber stamped by Oliver Hunt.
419         
420         Just a renaming, nothing more. Also renamed COMPUTED_GOTO_INTERPRETER to
421         COMPUTED_GOTO_CLASSIC_INTERPRETER.
422
423         * bytecode/CodeBlock.cpp:
424         (JSC::CodeBlock::dump):
425         (JSC::CodeBlock::stronglyVisitStrongReferences):
426         (JSC):
427         (JSC::CodeBlock::shrinkToFit):
428         * bytecode/CodeBlock.h:
429         (CodeBlock):
430         * bytecode/Instruction.h:
431         (JSC::Instruction::Instruction):
432         * bytecode/Opcode.h:
433         (JSC::padOpcodeName):
434         * bytecompiler/BytecodeGenerator.cpp:
435         (JSC::BytecodeGenerator::emitResolve):
436         (JSC::BytecodeGenerator::emitResolveWithBase):
437         (JSC::BytecodeGenerator::emitGetById):
438         (JSC::BytecodeGenerator::emitPutById):
439         (JSC::BytecodeGenerator::emitDirectPutById):
440         * interpreter/AbstractPC.cpp:
441         (JSC::AbstractPC::AbstractPC):
442         * interpreter/AbstractPC.h:
443         (AbstractPC):
444         * interpreter/CallFrame.h:
445         (ExecState):
446         * interpreter/Interpreter.cpp:
447         (JSC):
448         (JSC::Interpreter::initialize):
449         (JSC::Interpreter::isOpcode):
450         (JSC::Interpreter::unwindCallFrame):
451         (JSC::Interpreter::execute):
452         (JSC::Interpreter::privateExecute):
453         (JSC::Interpreter::retrieveLastCaller):
454         * interpreter/Interpreter.h:
455         (JSC::Interpreter::getOpcode):
456         (JSC::Interpreter::getOpcodeID):
457         (Interpreter):
458         * jit/ExecutableAllocatorFixedVMPool.cpp:
459         (JSC::FixedVMPoolExecutableAllocator::FixedVMPoolExecutableAllocator):
460         * runtime/Executable.cpp:
461         (JSC::EvalExecutable::compileInternal):
462         (JSC::ProgramExecutable::compileInternal):
463         (JSC::FunctionExecutable::compileForCallInternal):
464         (JSC::FunctionExecutable::compileForConstructInternal):
465         * runtime/Executable.h:
466         (NativeExecutable):
467         * runtime/JSGlobalData.cpp:
468         (JSC::JSGlobalData::JSGlobalData):
469         (JSC::JSGlobalData::getHostFunction):
470         * runtime/JSGlobalData.h:
471         (JSGlobalData):
472         * wtf/OSAllocatorPosix.cpp:
473         (WTF::OSAllocator::reserveAndCommit):
474         * wtf/Platform.h:
475
476 2012-02-15  Geoffrey Garen  <ggaren@apple.com>
477
478         Made Weak<T> single-owner, adding PassWeak<T>
479         https://bugs.webkit.org/show_bug.cgi?id=78740
480
481         Reviewed by Sam Weinig.
482
483         This works basically the same way as OwnPtr<T> and PassOwnPtr<T>.
484
485         This clarifies the semantics of finalizers: It's ambiguous and probably
486         a bug to copy a finalizer (i.e., it's a bug to run a C++ destructor
487         twice), so I've made Weak<T> non-copyable. Anywhere we used to copy a 
488         Weak<T>, we now use PassWeak<T>.
489
490         This also makes Weak<T> HashMaps more efficient.
491
492         * API/JSClassRef.cpp:
493         (OpaqueJSClass::prototype): Use PassWeak<T> instead of set(), since 
494         set() is gone now.
495
496         * JavaScriptCore.xcodeproj/project.pbxproj: Export!
497
498         * heap/PassWeak.h: Added.
499         (JSC):
500         (PassWeak):
501         (JSC::PassWeak::PassWeak):
502         (JSC::PassWeak::~PassWeak):
503         (JSC::PassWeak::get):
504         (JSC::::leakHandle):
505         (JSC::adoptWeak):
506         (JSC::operator==):
507         (JSC::operator!=): This is the Weak<T> version of PassOwnPtr<T>.
508
509         * heap/Weak.h:
510         (Weak):
511         (JSC::Weak::Weak):
512         (JSC::Weak::release):
513         (JSC::Weak::hashTableDeletedValue):
514         (JSC::=):
515         (JSC): Changed to be non-copyable, removing a lot of copying-related
516         APIs. Added hash traits so hash maps still work.
517
518         * jit/JITStubs.cpp:
519         (JSC::JITThunks::hostFunctionStub):
520         * runtime/RegExpCache.cpp:
521         (JSC::RegExpCache::lookupOrCreate): Use PassWeak<T>, as required by
522         our new hash map API.
523
524 2012-02-16  Mark Hahnenberg  <mhahnenberg@apple.com>
525
526         Fix the broken viewport tests
527         https://bugs.webkit.org/show_bug.cgi?id=78774
528
529         Reviewed by Kenneth Rohde Christiansen.
530
531         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
532         * wtf/text/WTFString.cpp:
533         (WTF):
534         (WTF::toDoubleType): Template-ized to allow other functions to specify whether they
535         want to allow trailing junk or not when calling strtod.
536         (WTF::charactersToDouble):
537         (WTF::charactersToFloat):
538         (WTF::charactersToFloatIgnoringJunk): Created new version of charactersToFloat that allows 
539         trailing junk.
540         * wtf/text/WTFString.h:
541         (WTF):
542
543 2012-02-16  Oliver Hunt  <oliver@apple.com>
544
545         Implement Error.stack
546         https://bugs.webkit.org/show_bug.cgi?id=66994
547
548         Reviewed by Gavin Barraclough.
549
550         Implement support for stack traces on exception objects.  This is a rewrite
551         of the core portion of the last stack walking logic, but the mechanical work
552         of adding the information to an exception comes from the original work by
553         Juan Carlos Montemayor Elosua.
554
555         * interpreter/Interpreter.cpp:
556         (JSC::getCallerInfo):
557         (JSC):
558         (JSC::getSourceURLFromCallFrame):
559         (JSC::getStackFrameCodeType):
560         (JSC::Interpreter::getStackTrace):
561         (JSC::Interpreter::throwException):
562         (JSC::Interpreter::privateExecute):
563         * interpreter/Interpreter.h:
564         (JSC):
565         (StackFrame):
566         (JSC::StackFrame::toString):
567         (Interpreter):
568         * jsc.cpp:
569         (GlobalObject::finishCreation):
570         (functionJSCStack):
571         * parser/Nodes.h:
572         (JSC::FunctionBodyNode::setInferredName):
573         * parser/Parser.h:
574         (JSC::::parse):
575         * runtime/CommonIdentifiers.h:
576         * runtime/Error.cpp:
577         (JSC::addErrorInfo):
578         * runtime/Error.h:
579         (JSC):
580
581 2012-02-15  Gavin Barraclough  <barraclough@apple.com>
582
583         Numerous trivial bugs in Object.defineProperty
584         https://bugs.webkit.org/show_bug.cgi?id=78777
585
586         Reviewed by Sam Weinig.
587
588         There are a handful of really trivial bugs, related to Object.defineProperty:
589             * Redefining an accessor with different attributes changes the attributes, but not the get/set functions!
590             * Calling an undefined setter should only throw in strict mode.
591             * When redefining an accessor to a data decriptor, if writable is not specified we should default to false.
592             * Any attempt to redefine a non-configurable property of an array as configurable should be rejected.
593             * Object.defineProperties should call toObject on 'Properties' argument, rather than throwing if it is not an object.
594             * If preventExtensions has been called on an array, subsequent assignment beyond array bounds should fail.
595             * 'isFrozen' shouldn't be checking the ReadOnly bit for accessor descriptors (we presently always keep this bit as 'false').
596             * Should be able to redefine an non-writable, non-configurable property, with the same value and attributes.
597             * Should be able to define an non-configurable accessor.
598         These are mostly all one-line changes, e.g. inverted boolean checks, masking against wrong attribute.
599
600         * runtime/JSArray.cpp:
601         (JSC::SparseArrayValueMap::put):
602             - Added ASSERT.
603             - Calling an undefined setter should only throw in strict mode.
604         (JSC::JSArray::putDescriptor):
605             - Should be able to define an non-configurable accessor.
606         (JSC::JSArray::defineOwnNumericProperty):
607             - Any attempt to redefine a non-configurable property of an array as configurable should be rejected.
608         (JSC::JSArray::putByIndexBeyondVectorLength):
609             - If preventExtensions has been called on an array, subsequent assignment beyond array bounds should fail.
610         * runtime/JSArray.h:
611         (JSArray):
612             - made enterDictionaryMode public, called from JSObject.
613         * runtime/JSObject.cpp:
614         (JSC::JSObject::put):
615             - Calling an undefined setter should only throw in strict mode.
616         (JSC::JSObject::preventExtensions):
617             - Put array objects into dictionary mode to handle this!
618         (JSC::JSObject::defineOwnProperty):
619             - Should be able to redefine an non-writable, non-configurable property, with the same value and attributes.
620             - Redefining an accessor with different attributes changes the attributes, but not the get/set functions!
621         * runtime/ObjectConstructor.cpp:
622         (JSC::objectConstructorDefineProperties):
623             - Object.defineProperties should call toObject on 'Properties' argument, rather than throwing if it is not an object.
624         * runtime/PropertyDescriptor.cpp:
625         (JSC::PropertyDescriptor::attributesWithOverride):
626             - When redefining an accessor to a data decriptor, if writable is not specified we should default to false.
627         (JSC::PropertyDescriptor::attributesOverridingCurrent):
628             - When redefining an accessor to a data decriptor, if writable is not specified we should default to false.
629         * runtime/Structure.cpp:
630         (JSC::Structure::freezeTransition):
631             - 'freezeTransition' shouldn't be setting the ReadOnly bit for accessor descriptors (we presently always keep this bit as 'false').
632         (JSC::Structure::isFrozen):
633             - 'isFrozen' shouldn't be checking the ReadOnly bit for accessor descriptors (we presently always keep this bit as 'false').
634
635 2012-02-13  Filip Pizlo  <fpizlo@apple.com>
636
637         DFG should not check the types of arguments that are dead
638         https://bugs.webkit.org/show_bug.cgi?id=78518
639
640         Reviewed by Geoff Garen.
641         
642         The argument checks are now elided if the corresponding SetArgument is dead,
643         and the abstract value of the argument is set to bottom (None, []). This is
644         performance neutral on the benchmarks we currently track.
645
646         * dfg/DFGAbstractState.cpp:
647         (JSC::DFG::AbstractState::initialize):
648         * dfg/DFGSpeculativeJIT.cpp:
649         (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
650
651 2012-02-15  Oliver Hunt  <oliver@apple.com>
652
653         Ensure that the DFG JIT always plants a CodeOrigin when making calls
654         https://bugs.webkit.org/show_bug.cgi?id=78763
655
656         Reviewed by Gavin Barraclough.
657
658         Make all calls plant a CodeOrigin prior to the actual
659         call.  Also clobbers the Interpreter with logic to ensure
660         that the interpreter always plants a bytecode offset.
661
662         * dfg/DFGJITCompiler.cpp:
663         (JSC::DFG::JITCompiler::link):
664         (JSC::DFG::JITCompiler::compileFunction):
665         * dfg/DFGJITCompiler.h:
666         (CallBeginToken):
667         (JSC::DFG::JITCompiler::beginJSCall):
668         (JSC::DFG::JITCompiler::beginCall):
669         * dfg/DFGRepatch.cpp:
670         (JSC::DFG::tryBuildGetByIDList):
671         * dfg/DFGSpeculativeJIT.h:
672         (JSC::DFG::SpeculativeJIT::appendCallWithExceptionCheck):
673         * dfg/DFGSpeculativeJIT32_64.cpp:
674         (JSC::DFG::SpeculativeJIT::emitCall):
675         * dfg/DFGSpeculativeJIT64.cpp:
676         (JSC::DFG::SpeculativeJIT::emitCall):
677         * interpreter/AbstractPC.cpp:
678         (JSC::AbstractPC::AbstractPC):
679         * interpreter/CallFrame.cpp:
680         (JSC::CallFrame::trueCallFrame):
681         * interpreter/CallFrame.h:
682         (JSC::ExecState::bytecodeOffsetForNonDFGCode):
683         (ExecState):
684         (JSC::ExecState::setBytecodeOffsetForNonDFGCode):
685         (JSC::ExecState::codeOriginIndexForDFG):
686
687 2012-02-14  Oliver Hunt  <oliver@apple.com>
688
689         Fix Interpreter.
690
691         * runtime/Executable.cpp:
692         (JSC):
693         * runtime/Executable.h:
694         (ExecutableBase):
695
696 2012-02-14  Matt Lilek  <mrl@apple.com>
697
698         Don't ENABLE_DASHBOARD_SUPPORT unconditionally on all Mac platforms
699         https://bugs.webkit.org/show_bug.cgi?id=78629
700
701         Reviewed by David Kilzer.
702
703         * Configurations/FeatureDefines.xcconfig:
704
705 2012-02-14  Filip Pizlo  <fpizlo@apple.com>
706
707         Unreviewed, build fix for non-DFG platforms.
708
709         * assembler/MacroAssembler.h:
710         (MacroAssembler):
711
712 2012-02-14  Filip Pizlo  <fpizlo@apple.com>
713
714         Unreviewed, fix build and configuration goof.
715
716         * assembler/MacroAssembler.h:
717         (JSC::MacroAssembler::invert):
718         * dfg/DFGCommon.h:
719
720 2012-02-13  Filip Pizlo  <fpizlo@apple.com>
721
722         DFG should be able to emit code on control flow edges
723         https://bugs.webkit.org/show_bug.cgi?id=78515
724
725         Reviewed by Gavin Barraclough.
726         
727         This gets us a few steps closer to being able to perform global register allocation,
728         by allowing us to have landing pads on control flow edges. This will let us reshuffle
729         registers if it happens to be necessary due to different reg alloc decisions in
730         differen blocks.
731         
732         This also introduces the notion of a landing pad for OSR entry, which will allow us
733         to emit code that places data into registers when we're entering into the DFG from
734         the old JIT.
735         
736         Finally, this patch introduces a verification mode that checks that the landing pads
737         are actually emitted and do actually work as advertised. When verification is disabled,
738         this has no effect on behavior.
739
740         * assembler/MacroAssembler.h:
741         (MacroAssembler):
742         (JSC::MacroAssembler::invert):
743         (JSC::MacroAssembler::isInvertible):
744         * dfg/DFGCommon.h:
745         * dfg/DFGJITCompiler.cpp:
746         (JSC::DFG::JITCompiler::compile):
747         (JSC::DFG::JITCompiler::compileFunction):
748         * dfg/DFGSpeculativeJIT.cpp:
749         (JSC::DFG::SpeculativeJIT::compilePeepHoleDoubleBranch):
750         (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectEquality):
751         (JSC::DFG::SpeculativeJIT::compilePeepHoleIntegerBranch):
752         (JSC::DFG::SpeculativeJIT::compile):
753         (JSC::DFG::SpeculativeJIT::createOSREntries):
754         (DFG):
755         (JSC::DFG::SpeculativeJIT::linkOSREntries):
756         (JSC::DFG::SpeculativeJIT::compileStrictEqForConstant):
757         * dfg/DFGSpeculativeJIT.h:
758         (SpeculativeJIT):
759         (JSC::DFG::SpeculativeJIT::branchDouble):
760         (JSC::DFG::SpeculativeJIT::branchDoubleNonZero):
761         (JSC::DFG::SpeculativeJIT::branch32):
762         (JSC::DFG::SpeculativeJIT::branchTest32):
763         (JSC::DFG::SpeculativeJIT::branchPtr):
764         (JSC::DFG::SpeculativeJIT::branchTestPtr):
765         (JSC::DFG::SpeculativeJIT::branchTest8):
766         (JSC::DFG::SpeculativeJIT::jump):
767         (JSC::DFG::SpeculativeJIT::haveEdgeCodeToEmit):
768         (JSC::DFG::SpeculativeJIT::emitEdgeCode):
769         * dfg/DFGSpeculativeJIT32_64.cpp:
770         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
771         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranch):
772         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
773         (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
774         (JSC::DFG::SpeculativeJIT::emitBranch):
775         (JSC::DFG::SpeculativeJIT::compile):
776         * dfg/DFGSpeculativeJIT64.cpp:
777         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
778         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranch):
779         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
780         (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
781         (JSC::DFG::SpeculativeJIT::emitBranch):
782         (JSC::DFG::SpeculativeJIT::compile):
783
784 2012-02-14  Filip Pizlo  <fpizlo@apple.com>
785
786         Assertion failure under JSC::DFG::AbstractState::execute loading economist.com
787         https://bugs.webkit.org/show_bug.cgi?id=78153
788         <rdar://problem/10861712> <rdar://problem/10861947>
789
790         Reviewed by Oliver Hunt.
791
792         * dfg/DFGAbstractState.cpp:
793         (JSC::DFG::AbstractState::execute):
794         * dfg/DFGSpeculativeJIT.cpp:
795         (JSC::DFG::SpeculativeJIT::compileAdd):
796
797 2012-02-14  Eric Seidel  <eric@webkit.org>
798
799         Upstream Android's additions to Platform.h
800         https://bugs.webkit.org/show_bug.cgi?id=78536
801
802         Reviewed by Adam Barth.
803
804         * wtf/Platform.h:
805
806 2012-02-12  Mark Hahnenberg  <mhahnenberg@apple.com>
807
808         Replace old strtod with new strtod
809         https://bugs.webkit.org/show_bug.cgi?id=68044
810
811         Reviewed by Geoffrey Garen.
812
813         * parser/Lexer.cpp: Added template argument. This version allows junk after numbers.
814         (JSC::::lex):
815         * runtime/JSGlobalObjectFunctions.cpp: Ditto.
816         (JSC::parseInt):
817         (JSC::jsStrDecimalLiteral):
818         * runtime/LiteralParser.cpp: Ditto.
819         (JSC::::Lexer::lexNumber):
820         * wtf/dtoa.cpp: Replaced old strtod with a new version that uses the new StringToDoubleConverter.
821         It takes a template argument to allow clients to determine statically whether it should allow 
822         junk after the numbers or not.
823         (WTF):
824         (WTF::strtod):
825         * wtf/dtoa.h:
826         (WTF):
827         * wtf/text/WTFString.cpp: Added template argument. This version does not allow junk after numbers.
828         (WTF::toDoubleType):
829
830 2012-02-13  Mark Hahnenberg  <mhahnenberg@apple.com>
831
832         More windows build fixing
833
834         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
835
836 2012-02-13  Oliver Hunt  <oliver@apple.com>
837
838         Executing out of bounds in JSC::Yarr::YarrCodeBlock::execute / JSC::RegExp::match
839         https://bugs.webkit.org/show_bug.cgi?id=76315
840
841         Reviewed by Gavin Barraclough.
842
843         Perform a 3 byte compare using two comparisons, rather than trying to perform the
844         operation with a four byte load.
845
846         * yarr/YarrJIT.cpp:
847         (JSC::Yarr::YarrGenerator::generatePatternCharacterOnce):
848
849 2012-02-13  Mark Hahnenberg  <mhahnenberg@apple.com>
850
851         Windows build fix
852
853         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
854
855 2012-02-12  Mark Hahnenberg  <mhahnenberg@apple.com>
856
857         Replace old strtod with new strtod
858         https://bugs.webkit.org/show_bug.cgi?id=68044
859
860         Reviewed by Geoffrey Garen.
861
862         * parser/Lexer.cpp: Added template argument. This version allows junk after numbers.
863         (JSC::::lex):
864         * runtime/JSGlobalObjectFunctions.cpp: Ditto.
865         (JSC::parseInt):
866         (JSC::jsStrDecimalLiteral):
867         * runtime/LiteralParser.cpp: Ditto.
868         (JSC::::Lexer::lexNumber):
869         * wtf/dtoa.cpp: Replaced old strtod with a new version that uses the new StringToDoubleConverter.
870         It takes a template argument to allow clients to determine statically whether it should allow 
871         junk after the numbers or not.
872         (WTF):
873         (WTF::strtod):
874         * wtf/dtoa.h:
875         (WTF):
876         * wtf/text/WTFString.cpp: Added template argument. This version does not allow junk after numbers.
877         (WTF::toDoubleType):
878
879 2012-02-13  Sam Weinig  <sam@webkit.org>
880
881         Move JSC related assertions out of Assertions.h and into their own header
882         https://bugs.webkit.org/show_bug.cgi?id=78508
883
884         Reviewed by Gavin Barraclough.
885
886         * GNUmakefile.list.am:
887         * JavaScriptCore.gypi:
888         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
889         * JavaScriptCore.xcodeproj/project.pbxproj:
890         Add GCAssertions.h
891
892         * heap/GCAssertions.h: Added.
893         Move assertions here.
894
895         * runtime/WriteBarrier.h:
896         Add #include of GCAssertions.h
897
898         * wtf/Assertions.h:
899         Remove JSC related assertions.
900
901         * wtf/Compiler.h:
902         Add compiler check for __has_trivial_destructor.
903
904 2012-02-13  Chao-ying Fu  <fu@mips.com>
905
906         Update MIPS patchOffsetGetByIdSlowCaseCall
907         https://bugs.webkit.org/show_bug.cgi?id=78392
908
909         Reviewed by Gavin Barraclough.
910
911         * jit/JIT.h:
912         (JIT):
913
914 2012-02-13  Patrick Gansterer  <paroga@webkit.org>
915
916         Remove obsolete #if from ThreadSpecific.h
917         https://bugs.webkit.org/show_bug.cgi?id=78485
918
919         Reviewed by Adam Roben.
920
921         Since alle platform use either pthread or Win32 for threading,
922         we can remove all PLATFORM() preprocessor statements.
923
924         * wtf/ThreadSpecific.h:
925         (ThreadSpecific):
926
927 2012-02-13  Jessie Berlin  <jberlin@apple.com>
928
929         Fix the Windows build.
930
931         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
932
933 2012-02-13  Sam Weinig  <sam@webkit.org>
934
935         Use C11's _Static_assert for COMPILE_ASSERT if it is available
936         https://bugs.webkit.org/show_bug.cgi?id=78506
937
938         Rubber-stamped by Antti Koivisto.
939
940         Use C11's _Static_assert for COMPILE_ASSERT if it is available to give slightly
941         better error messages.
942
943         * wtf/Assertions.h:
944         Use _Static_assert if it is available.
945
946         * wtf/Compiler.h:
947         Add COMPILER_SUPPORTS support for _Static_assert when using the LLVM Compiler.
948
949 2012-02-13  Mario Sanchez Prada  <msanchez@igalia.com>
950
951         [GTK] Add GSList to the list of GObject types in GOwnPtr
952         https://bugs.webkit.org/show_bug.cgi?id=78487
953
954         Reviewed by Philippe Normand.
955
956         Handle the GSList type in GOwnPtr, by calling g_slist_free in the
957         implementation of the freeOwnedGPtr template function.
958
959         * wtf/gobject/GOwnPtr.cpp:
960         (WTF::GSList):
961         (WTF):
962         * wtf/gobject/GOwnPtr.h:
963         (WTF):
964         * wtf/gobject/GTypedefs.h:
965
966 2012-02-06  Raphael Kubo da Costa  <kubo@profusion.mobi>
967
968         [EFL] Drop support for the Curl network backend.
969         https://bugs.webkit.org/show_bug.cgi?id=77874
970
971         Reviewed by Eric Seidel.
972
973         Nobody seems to be maintaining the Curl backend in WebCore, the
974         EFL port developers all seem to be using the Soup backend and the
975         port itself has many features which are only implemented for the
976         latter.
977
978         * wtf/PlatformEfl.cmake: Always build the gobject-dependent source
979         files.
980
981 2012-02-13  Patrick Gansterer  <paroga@webkit.org>
982
983         Unreviewed. Build fix for !ENABLE(JIT) after r107485.
984
985         * bytecode/PolymorphicPutByIdList.cpp:
986
987 2012-02-13  Gavin Barraclough  <barraclough@apple.com>
988
989         https://bugs.webkit.org/show_bug.cgi?id=78434
990         Unreviewed - temporarily reverting r107498 will I fix a couple of testcases.
991
992         * parser/Parser.cpp:
993         (JSC::::parseFunctionInfo):
994         * runtime/ClassInfo.h:
995         (MethodTable):
996         (JSC):
997         * runtime/JSCell.cpp:
998         (JSC):
999         * runtime/JSCell.h:
1000         (JSCell):
1001         * runtime/JSGlobalObject.cpp:
1002         (JSC::JSGlobalObject::reset):
1003         * runtime/JSGlobalObjectFunctions.cpp:
1004         (JSC):
1005         * runtime/JSGlobalObjectFunctions.h:
1006         (JSC):
1007         * runtime/JSObject.cpp:
1008         (JSC::JSObject::put):
1009         (JSC):
1010         (JSC::JSObject::putDirectAccessor):
1011         (JSC::JSObject::defineOwnProperty):
1012         * runtime/JSObject.h:
1013         (JSC::JSObject::inlineGetOwnPropertySlot):
1014         (JSC::JSValue::get):
1015         * runtime/JSString.cpp:
1016         (JSC::JSString::getOwnPropertySlot):
1017         * runtime/JSValue.h:
1018         (JSValue):
1019         * runtime/ObjectConstructor.cpp:
1020         (JSC::objectConstructorGetPrototypeOf):
1021         * runtime/Structure.cpp:
1022         (JSC::Structure::Structure):
1023         * runtime/Structure.h:
1024         (JSC::Structure::setHasGetterSetterProperties):
1025         (Structure):
1026
1027 2012-02-12  Ashod Nakashian  <ashodnakashian@yahoo.com>
1028
1029         KeywordLookupGenerator.py script fails in some cases
1030         https://bugs.webkit.org/show_bug.cgi?id=77886
1031
1032         Reviewed by Benjamin Poulain.
1033
1034         * parser/Keywords.table: Converted to LF-only.
1035
1036 2012-02-12  Shinya Kawanaka  <shinyak@google.com>
1037
1038         Introduce ShadowRootList.
1039         https://bugs.webkit.org/show_bug.cgi?id=78069
1040
1041         Reviewed by Hajime Morita.
1042
1043         DoublyLinkedList should have tail() method to take the last element.
1044
1045         * wtf/DoublyLinkedList.h:
1046         (DoublyLinkedList):
1047         (WTF::::tail):
1048         (WTF):
1049
1050 2012-02-12  Raphael Kubo da Costa  <kubo@profusion.mobi>
1051
1052         [CMake] Move source files in WTF_HEADERS to WTF_SOURCES.
1053         https://bugs.webkit.org/show_bug.cgi?id=78436
1054
1055         Reviewed by Daniel Bates.
1056
1057         * wtf/CMakeLists.txt: Move .cpp files from WTF_HEADERS to WTF_SOURCES,
1058         and correctly sort the files which start with 'M'.
1059
1060 2012-02-12  Sam Weinig  <sam@webkit.org>
1061
1062         Move the NumberOfCores.h/cpp files into the WTF group of JavaScriptCore.xcodeproj.
1063
1064         Rubber-stamped by Anders Carlsson.
1065
1066         * JavaScriptCore.xcodeproj/project.pbxproj:
1067
1068 2012-02-12  Raphael Kubo da Costa  <kubo@profusion.mobi>
1069
1070         [CMake] Remove unused or empty variable definitions.
1071         https://bugs.webkit.org/show_bug.cgi?id=78437
1072
1073         Reviewed by Daniel Bates.
1074
1075         * CMakeLists.txt: Remove unused JavaScriptCore_HEADERS definition.
1076         * shell/CMakeLists.txt: Remove unused JSC_HEADERS definition.
1077         * wtf/CMakeLists.txt: Remove empty WTF_LIBRARIES definition, it will
1078         be defined later by Platform*.cmake via LIST(APPEND WTF_LIBRARIES).
1079
1080 2012-02-12  Filip Pizlo  <fpizlo@apple.com>
1081
1082         DFG::SpeculativeJIT calls fprintf() instead of dataLog in terminateSpeculativeExecution()
1083         https://bugs.webkit.org/show_bug.cgi?id=78431
1084
1085         Reviewed by Gavin Barraclough.
1086
1087         * dfg/DFGSpeculativeJIT.h:
1088         (JSC::DFG::SpeculativeJIT::terminateSpeculativeExecution):
1089
1090 2012-02-11  Benjamin Poulain  <benjamin@webkit.org>
1091
1092         Add back WTFURL to WebKit
1093         https://bugs.webkit.org/show_bug.cgi?id=77291
1094
1095         Reviewed by Adam Barth.
1096
1097         WTFURL was removed from WebKit in r86787.
1098
1099         This patch adds the code back to WTF with the following changes:
1100         -Guard the feature with USE(WTFURL).
1101         -Change the typename CHAR to CharacterType to follow recent WebKit conventions.
1102         -Fix some coding style to make check-webkit-style happy.
1103
1104         * JavaScriptCore.xcodeproj/project.pbxproj:
1105         * wtf/Platform.h:
1106         * wtf/url/api/ParsedURL.cpp: Added.
1107         (WTF):
1108         (WTF::ParsedURL::ParsedURL):
1109         (WTF::ParsedURL::scheme):
1110         (WTF::ParsedURL::username):
1111         (WTF::ParsedURL::password):
1112         (WTF::ParsedURL::host):
1113         (WTF::ParsedURL::port):
1114         (WTF::ParsedURL::path):
1115         (WTF::ParsedURL::query):
1116         (WTF::ParsedURL::fragment):
1117         (WTF::ParsedURL::segment):
1118         * wtf/url/api/ParsedURL.h: Added.
1119         (WTF):
1120         (ParsedURL):
1121         (WTF::ParsedURL::spec):
1122         * wtf/url/api/URLString.h: Added.
1123         (WTF):
1124         (URLString):
1125         (WTF::URLString::URLString):
1126         (WTF::URLString::string):
1127         * wtf/url/src/RawURLBuffer.h: Added.
1128         (WTF):
1129         (RawURLBuffer):
1130         (WTF::RawURLBuffer::RawURLBuffer):
1131         (WTF::RawURLBuffer::~RawURLBuffer):
1132         (WTF::RawURLBuffer::resize):
1133         * wtf/url/src/URLBuffer.h: Added.
1134         (WTF):
1135         (URLBuffer):
1136         (WTF::URLBuffer::URLBuffer):
1137         (WTF::URLBuffer::~URLBuffer):
1138         (WTF::URLBuffer::at):
1139         (WTF::URLBuffer::set):
1140         (WTF::URLBuffer::capacity):
1141         (WTF::URLBuffer::length):
1142         (WTF::URLBuffer::data):
1143         (WTF::URLBuffer::setLength):
1144         (WTF::URLBuffer::append):
1145         (WTF::URLBuffer::grow):
1146         * wtf/url/src/URLCharacterTypes.cpp: Added.
1147         (WTF):
1148         ():
1149         * wtf/url/src/URLCharacterTypes.h: Added.
1150         (WTF):
1151         (URLCharacterTypes):
1152         (WTF::URLCharacterTypes::isQueryChar):
1153         (WTF::URLCharacterTypes::isIPv4Char):
1154         (WTF::URLCharacterTypes::isHexChar):
1155         ():
1156         (WTF::URLCharacterTypes::isCharOfType):
1157         * wtf/url/src/URLComponent.h: Added.
1158         (WTF):
1159         (URLComponent):
1160         (WTF::URLComponent::URLComponent):
1161         (WTF::URLComponent::fromRange):
1162         (WTF::URLComponent::isValid):
1163         (WTF::URLComponent::isNonEmpty):
1164         (WTF::URLComponent::isEmptyOrInvalid):
1165         (WTF::URLComponent::reset):
1166         (WTF::URLComponent::operator==):
1167         (WTF::URLComponent::begin):
1168         (WTF::URLComponent::setBegin):
1169         (WTF::URLComponent::length):
1170         (WTF::URLComponent::setLength):
1171         (WTF::URLComponent::end):
1172         * wtf/url/src/URLEscape.cpp: Added.
1173         (WTF):
1174         ():
1175         * wtf/url/src/URLEscape.h: Added.
1176         (WTF):
1177         (WTF::appendURLEscapedCharacter):
1178         * wtf/url/src/URLParser.h: Added.
1179         (WTF):
1180         (URLParser):
1181         ():
1182         (WTF::URLParser::isPossibleAuthorityTerminator):
1183         (WTF::URLParser::parseAuthority):
1184         (WTF::URLParser::extractScheme):
1185         (WTF::URLParser::parseAfterScheme):
1186         (WTF::URLParser::parseStandardURL):
1187         (WTF::URLParser::parsePath):
1188         (WTF::URLParser::parsePathURL):
1189         (WTF::URLParser::parseMailtoURL):
1190         (WTF::URLParser::parsePort):
1191         (WTF::URLParser::extractFileName):
1192         (WTF::URLParser::extractQueryKeyValue):
1193         (WTF::URLParser::isURLSlash):
1194         (WTF::URLParser::shouldTrimFromURL):
1195         (WTF::URLParser::trimURL):
1196         (WTF::URLParser::consecutiveSlashes):
1197         (WTF::URLParser::isPortDigit):
1198         (WTF::URLParser::nextAuthorityTerminator):
1199         (WTF::URLParser::parseUserInfo):
1200         (WTF::URLParser::parseServerInfo):
1201         * wtf/url/src/URLQueryCanonicalizer.h: Added.
1202         (WTF):
1203         (URLQueryCanonicalizer):
1204         (WTF::URLQueryCanonicalizer::canonicalize):
1205         (WTF::URLQueryCanonicalizer::isAllASCII):
1206         (WTF::URLQueryCanonicalizer::isRaw8Bit):
1207         (WTF::URLQueryCanonicalizer::appendRaw8BitQueryString):
1208         (WTF::URLQueryCanonicalizer::convertToQueryEncoding):
1209         * wtf/url/src/URLSegments.cpp: Added.
1210         (WTF):
1211         (WTF::URLSegments::length):
1212         (WTF::URLSegments::charactersBefore):
1213         * wtf/url/src/URLSegments.h: Added.
1214         (WTF):
1215         (URLSegments):
1216         ():
1217         (WTF::URLSegments::URLSegments):
1218
1219 2012-02-11  Filip Pizlo  <fpizlo@apple.com>
1220
1221         Old JIT put_by_id profiling counts every put_by_id_transition as taking slow path
1222         https://bugs.webkit.org/show_bug.cgi?id=78430
1223         <rdar://problem/10849469> <rdar://problem/10849684>
1224
1225         Reviewed by Gavin Barraclough.
1226         
1227         The old JIT's put_by_id transition caching involves repatching the slow call to
1228         a generated stub. That means that the call is counted as "slow case". So, this
1229         patch inserts code to decrement the slow case count if the stub succeeds.
1230         
1231         Looks like a ~1% speed-up on V8.
1232
1233         * jit/JITPropertyAccess.cpp:
1234         (JSC::JIT::privateCompilePutByIdTransition):
1235         * jit/JITPropertyAccess32_64.cpp:
1236         (JSC::JIT::privateCompilePutByIdTransition):
1237
1238 2012-02-11  Filip Pizlo  <fpizlo@apple.com>
1239
1240         Build fix for Qt.
1241
1242         * wtf/DataLog.h:
1243
1244 2012-02-11  Filip Pizlo  <fpizlo@apple.com>
1245
1246         It should be possible to send all JSC debug logging to a file
1247         https://bugs.webkit.org/show_bug.cgi?id=78418
1248
1249         Reviewed by Sam Weinig.
1250         
1251         Introduced wtf/DataLog, which defines WTF::dataFile, WTF::dataLog,
1252         and WTF::dataLogV. Changed all debugging- and profiling-related printfs
1253         to use WTF::dataLog() or one of its friends. By default, debug logging
1254         goes to stderr, unless you change the setting in wtf/DataLog.cpp.
1255
1256         * GNUmakefile.list.am:
1257         * JavaScriptCore.gypi:
1258         * JavaScriptCore.vcproj/WTF/WTF.vcproj:
1259         * JavaScriptCore.xcodeproj/project.pbxproj:
1260         * assembler/LinkBuffer.h:
1261         (JSC::LinkBuffer::dumpLinkStatistics):
1262         (JSC::LinkBuffer::dumpCode):
1263         * assembler/SH4Assembler.h:
1264         (JSC::SH4Assembler::vprintfStdoutInstr):
1265         * bytecode/CodeBlock.cpp:
1266         (JSC::CodeBlock::printUnaryOp):
1267         (JSC::CodeBlock::printBinaryOp):
1268         (JSC::CodeBlock::printConditionalJump):
1269         (JSC::CodeBlock::printGetByIdOp):
1270         (JSC::CodeBlock::printCallOp):
1271         (JSC::CodeBlock::printPutByIdOp):
1272         (JSC::printGlobalResolveInfo):
1273         (JSC::printStructureStubInfo):
1274         (JSC::CodeBlock::printStructure):
1275         (JSC::CodeBlock::printStructures):
1276         (JSC::CodeBlock::dump):
1277         (JSC::CodeBlock::dumpStatistics):
1278         (JSC::CodeBlock::finalizeUnconditionally):
1279         (JSC::CodeBlock::shouldOptimizeNow):
1280         (JSC::CodeBlock::tallyFrequentExitSites):
1281         (JSC::CodeBlock::dumpValueProfiles):
1282         * bytecode/Opcode.cpp:
1283         (JSC::OpcodeStats::~OpcodeStats):
1284         * bytecode/SamplingTool.cpp:
1285         (JSC::SamplingFlags::stop):
1286         (JSC::SamplingRegion::dumpInternal):
1287         (JSC::SamplingTool::dump):
1288         * dfg/DFGAbstractState.cpp:
1289         (JSC::DFG::AbstractState::endBasicBlock):
1290         (JSC::DFG::AbstractState::mergeStateAtTail):
1291         * dfg/DFGByteCodeParser.cpp:
1292         (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
1293         (JSC::DFG::ByteCodeParser::makeSafe):
1294         (JSC::DFG::ByteCodeParser::makeDivSafe):
1295         (JSC::DFG::ByteCodeParser::handleCall):
1296         (JSC::DFG::ByteCodeParser::handleInlining):
1297         (JSC::DFG::ByteCodeParser::parseBlock):
1298         (JSC::DFG::ByteCodeParser::processPhiStack):
1299         (JSC::DFG::ByteCodeParser::linkBlock):
1300         (JSC::DFG::ByteCodeParser::parseCodeBlock):
1301         (JSC::DFG::ByteCodeParser::parse):
1302         * dfg/DFGCommon.h:
1303         * dfg/DFGDriver.cpp:
1304         (JSC::DFG::compile):
1305         * dfg/DFGGraph.cpp:
1306         (JSC::DFG::printWhiteSpace):
1307         (JSC::DFG::Graph::dumpCodeOrigin):
1308         (JSC::DFG::Graph::dump):
1309         (JSC::DFG::Graph::predictArgumentTypes):
1310         * dfg/DFGJITCompiler.cpp:
1311         (JSC::DFG::JITCompiler::link):
1312         * dfg/DFGOSREntry.cpp:
1313         (JSC::DFG::prepareOSREntry):
1314         * dfg/DFGOSRExitCompiler.cpp:
1315         * dfg/DFGOSRExitCompiler32_64.cpp:
1316         (JSC::DFG::OSRExitCompiler::compileExit):
1317         * dfg/DFGOSRExitCompiler64.cpp:
1318         (JSC::DFG::OSRExitCompiler::compileExit):
1319         * dfg/DFGOperations.cpp:
1320         * dfg/DFGPropagator.cpp:
1321         (JSC::DFG::Propagator::fixpoint):
1322         (JSC::DFG::Propagator::propagateArithNodeFlags):
1323         (JSC::DFG::Propagator::propagateArithNodeFlagsForward):
1324         (JSC::DFG::Propagator::propagateArithNodeFlagsBackward):
1325         (JSC::DFG::Propagator::propagateNodePredictions):
1326         (JSC::DFG::Propagator::propagatePredictionsForward):
1327         (JSC::DFG::Propagator::propagatePredictionsBackward):
1328         (JSC::DFG::Propagator::doRoundOfDoubleVoting):
1329         (JSC::DFG::Propagator::fixupNode):
1330         (JSC::DFG::Propagator::fixup):
1331         (JSC::DFG::Propagator::startIndexForChildren):
1332         (JSC::DFG::Propagator::endIndexForPureCSE):
1333         (JSC::DFG::Propagator::setReplacement):
1334         (JSC::DFG::Propagator::eliminate):
1335         (JSC::DFG::Propagator::performNodeCSE):
1336         (JSC::DFG::Propagator::localCSE):
1337         (JSC::DFG::Propagator::allocateVirtualRegisters):
1338         (JSC::DFG::Propagator::performBlockCFA):
1339         (JSC::DFG::Propagator::performForwardCFA):
1340         * dfg/DFGRegisterBank.h:
1341         (JSC::DFG::RegisterBank::dump):
1342         * dfg/DFGScoreBoard.h:
1343         (JSC::DFG::ScoreBoard::dump):
1344         * dfg/DFGSpeculativeJIT.cpp:
1345         (JSC::DFG::SpeculativeJIT::dump):
1346         (JSC::DFG::SpeculativeJIT::checkConsistency):
1347         (JSC::DFG::SpeculativeJIT::compile):
1348         * dfg/DFGSpeculativeJIT32_64.cpp:
1349         (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
1350         (JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
1351         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
1352         (JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
1353         * dfg/DFGSpeculativeJIT64.cpp:
1354         (JSC::DFG::SpeculativeJIT::fillSpeculateIntInternal):
1355         (JSC::DFG::SpeculativeJIT::fillSpeculateDouble):
1356         (JSC::DFG::SpeculativeJIT::fillSpeculateCell):
1357         (JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
1358         * heap/Heap.cpp:
1359         (JSC::Heap::destroy):
1360         * heap/MarkedBlock.h:
1361         * interpreter/CallFrame.cpp:
1362         (JSC::CallFrame::dumpCaller):
1363         * interpreter/Interpreter.cpp:
1364         (JSC::Interpreter::dumpRegisters):
1365         * jit/JIT.cpp:
1366         (JSC::JIT::privateCompileMainPass):
1367         (JSC::JIT::privateCompileSlowCases):
1368         (JSC::JIT::privateCompile):
1369         * jit/JITStubs.cpp:
1370         (JSC::DEFINE_STUB_FUNCTION):
1371         * profiler/Profile.cpp:
1372         (JSC::Profile::debugPrintData):
1373         (JSC::Profile::debugPrintDataSampleStyle):
1374         * profiler/ProfileNode.cpp:
1375         (JSC::ProfileNode::debugPrintData):
1376         (JSC::ProfileNode::debugPrintDataSampleStyle):
1377         * runtime/JSGlobalData.cpp:
1378         (JSC::JSGlobalData::dumpRegExpTrace):
1379         * runtime/RegExp.cpp:
1380         (JSC::RegExp::matchCompareWithInterpreter):
1381         * runtime/SamplingCounter.cpp:
1382         (JSC::AbstractSamplingCounter::dump):
1383         * runtime/SamplingCounter.h:
1384         (JSC::DeletableSamplingCounter::~DeletableSamplingCounter):
1385         * runtime/ScopeChain.cpp:
1386         (JSC::ScopeChainNode::print):
1387         * runtime/Structure.cpp:
1388         (JSC::Structure::dumpStatistics):
1389         (JSC::PropertyMapStatisticsExitLogger::~PropertyMapStatisticsExitLogger):
1390         * tools/CodeProfile.cpp:
1391         (JSC::CodeProfile::report):
1392         * tools/ProfileTreeNode.h:
1393         (JSC::ProfileTreeNode::dumpInternal):
1394         * wtf/CMakeLists.txt:
1395         * wtf/DataLog.cpp: Added.
1396         (WTF):
1397         (WTF::initializeLogFileOnce):
1398         (WTF::initializeLogFile):
1399         (WTF::dataFile):
1400         (WTF::dataLogV):
1401         (WTF::dataLog):
1402         * wtf/DataLog.h: Added.
1403         (WTF):
1404         * wtf/HashTable.cpp:
1405         (WTF::HashTableStats::~HashTableStats):
1406         * wtf/MetaAllocator.cpp:
1407         (WTF::MetaAllocator::dumpProfile):
1408         * wtf/text/WTFString.cpp:
1409         (String::show):
1410         * yarr/YarrInterpreter.cpp:
1411         (JSC::Yarr::ByteCompiler::dumpDisjunction):
1412
1413 2012-02-11  Gavin Barraclough  <barraclough@apple.com>
1414
1415         Move special __proto__ property to Object.prototype
1416         https://bugs.webkit.org/show_bug.cgi?id=78409
1417
1418         Reviewed by Oliver Hunt.
1419
1420         Re-implement this as a regular accessor property.  This has three key benefits:
1421         1) It makes it possible for objects to be given properties named __proto__.
1422         2) Object.prototype.__proto__ can be deleted, preventing object prototypes from being changed.
1423         3) This largely removes the magic used the implement __proto__, it can just be made a regular accessor property.
1424
1425         * parser/Parser.cpp:
1426         (JSC::::parseFunctionInfo):
1427             - No need to prohibit functions named __proto__.
1428         * runtime/JSGlobalObject.cpp:
1429         (JSC::JSGlobalObject::reset):
1430             - Add __proto__ accessor to Object.prototype.
1431         * runtime/JSGlobalObjectFunctions.cpp:
1432         (JSC::globalFuncProtoGetter):
1433         (JSC::globalFuncProtoSetter):
1434             - Definition of the __proto__ accessor functions.
1435         * runtime/JSGlobalObjectFunctions.h:
1436             - Declaration of the __proto__ accessor functions.
1437         * runtime/JSObject.cpp:
1438         (JSC::JSObject::put):
1439             - Remove the special handling for __proto__, there is still a check to allow for a fast guard for accessors excluding __proto__.
1440         (JSC::JSObject::putDirectAccessor):
1441             - Track on the structure whether an object contains accessors other than one for __proto__.
1442         (JSC::JSObject::defineOwnProperty):
1443             - No need to prohibit definition of own properties named __proto__.
1444         * runtime/JSObject.h:
1445         (JSC::JSObject::inlineGetOwnPropertySlot):
1446             - Remove the special handling for __proto__.
1447         (JSC::JSValue::get):
1448             - Remove the special handling for __proto__.
1449         * runtime/JSString.cpp:
1450         (JSC::JSString::getOwnPropertySlot):
1451             - Remove the special handling for __proto__.
1452         * runtime/JSValue.h:
1453         (JSValue):
1454             - Made synthesizePrototype public (this may be needed by the __proto__ getter).
1455         * runtime/ObjectConstructor.cpp:
1456         (JSC::objectConstructorGetPrototypeOf):
1457             - Perform the security check & call prototype() directly.
1458         * runtime/Structure.cpp:
1459         (JSC::Structure::Structure):
1460             - Added 'ExcludingProto' variant of the 'hasGetterSetterProperties' state.
1461         * runtime/Structure.h:
1462         (JSC::Structure::hasGetterSetterPropertiesExcludingProto):
1463         (JSC::Structure::setHasGetterSetterProperties):
1464         (Structure):
1465             - Added 'ExcludingProto' variant of the 'hasGetterSetterProperties' state.
1466
1467 2012-02-11  Filip Pizlo  <fpizlo@apple.com>
1468
1469         DFG CFA assumes that a WeakJSConstant's structure is known
1470         https://bugs.webkit.org/show_bug.cgi?id=78428
1471         <rdar://problem/10849492> <rdar://problem/10849621>
1472
1473         Reviewed by Gavin Barraclough.
1474
1475         * dfg/DFGAbstractState.cpp:
1476         (JSC::DFG::AbstractState::execute):
1477
1478 2012-02-11  Mark Hahnenberg  <mhahnenberg@apple.com>
1479
1480         Qt debug build fix
1481
1482         * heap/MarkedBlock.cpp:
1483         (JSC::MarkedBlock::callDestructor): Platforms that don't use clang will allocate 
1484         JSFinalObjects in the destuctor subspace, so we should remove this assert so it 
1485         doesn't cause crashes.
1486
1487 2012-02-11  Filip Pizlo  <fpizlo@apple.com>
1488
1489         Old 32_64 JIT should assert that its use of map() is consistent with the DFG
1490         OSR exit's expectations
1491         https://bugs.webkit.org/show_bug.cgi?id=78419
1492         <rdar://problem/10817121>
1493
1494         Reviewed by Oliver Hunt.
1495
1496         * jit/JITInlineMethods.h:
1497         (JSC::JIT::map):
1498
1499 2012-02-11  Mark Hahnenberg  <mhahnenberg@apple.com>
1500
1501         Reduce the reentrancy limit of the interpreter for the iOS simulator
1502         https://bugs.webkit.org/show_bug.cgi?id=78400
1503
1504         Reviewed by Gavin Barraclough.
1505
1506         * interpreter/Interpreter.h: Lowered the maximum reentrancy limit for large thread stacks.
1507         (JSC):
1508
1509 2012-02-11  Filip Pizlo  <fpizlo@apple.com>
1510
1511         [DFG] Misuse of WeakJSConstants in silentFillGPR code.
1512         https://bugs.webkit.org/show_bug.cgi?id=78423
1513         <rdar://problem/10849353> <rdar://problem/10804043>
1514
1515         Reviewed by Sam Weinig.
1516         
1517         The code was using Node::isConstant(), when it was supposed to use Node::hasConstant().
1518         This patch is a surgical fix; the bigger problem is: why do we have isConstant() and
1519         hasConstant() when hasConstant() is correct and isConstant() is almost always wrong?
1520
1521         * dfg/DFGSpeculativeJIT.h:
1522         (JSC::DFG::SpeculativeJIT::silentFillGPR):
1523
1524 2012-02-11  Sam Weinig  <sam@webkit.org>
1525
1526         Prepare JavaScriptCore to build with libc++
1527         <rdar://problem/10426673>
1528         https://bugs.webkit.org/show_bug.cgi?id=78424
1529
1530         Reviewed by Anders Carlsson.
1531
1532         * wtf/NullPtr.cpp:
1533         * wtf/NullPtr.h:
1534         libc++ provides std::nullptr emulation, so we don't have to.
1535
1536 2012-02-07  Filip Pizlo  <fpizlo@apple.com>
1537
1538         DFG should have polymorphic put_by_id caching
1539         https://bugs.webkit.org/show_bug.cgi?id=78062
1540         <rdar://problem/10326439> <rdar://problem/10824839>
1541
1542         Reviewed by Oliver Hunt.
1543         
1544         Implemented polymorphic put_by_id caching in the DFG, and added much of the
1545         machinery that would be needed to implement it in the old JIT as well.
1546         
1547         I decided against using the old PolymorphicAccessStructureList mechanism as
1548         this didn't quite fit with put_by_id. In particular, I wanted the ability to
1549         have one list that captured all relevant cases (including proto put_by_id
1550         if we ever decided to do it). And I wanted the code to have better
1551         encapsulation. And I didn't want to get confused by the fact that the
1552         original (non-list) put_by_id cache may itself consist of a stub routine.
1553         
1554         This code is still sub-optimal (for example adding a replace to a list whose
1555         previous elements are all transitions should just repatch the original code,
1556         but here it will generate a stub) but it already generates a >20% speed-up
1557         on V8-splay, leading to a 2% win overall in splay. Neutral elsewhere.
1558
1559         * CMakeLists.txt:
1560         * GNUmakefile.list.am:
1561         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1562         * JavaScriptCore.xcodeproj/project.pbxproj:
1563         * Target.pri:
1564         * bytecode/PolymorphicPutByIdList.cpp: Added.
1565         (JSC):
1566         (JSC::PutByIdAccess::fromStructureStubInfo):
1567         (JSC::PutByIdAccess::visitWeak):
1568         (JSC::PolymorphicPutByIdList::PolymorphicPutByIdList):
1569         (JSC::PolymorphicPutByIdList::from):
1570         (JSC::PolymorphicPutByIdList::~PolymorphicPutByIdList):
1571         (JSC::PolymorphicPutByIdList::isFull):
1572         (JSC::PolymorphicPutByIdList::isAlmostFull):
1573         (JSC::PolymorphicPutByIdList::addAccess):
1574         (JSC::PolymorphicPutByIdList::visitWeak):
1575         * bytecode/PolymorphicPutByIdList.h: Added.
1576         (JSC):
1577         (PutByIdAccess):
1578         (JSC::PutByIdAccess::PutByIdAccess):
1579         (JSC::PutByIdAccess::transition):
1580         (JSC::PutByIdAccess::replace):
1581         (JSC::PutByIdAccess::isSet):
1582         (JSC::PutByIdAccess::operator!):
1583         (JSC::PutByIdAccess::type):
1584         (JSC::PutByIdAccess::isTransition):
1585         (JSC::PutByIdAccess::isReplace):
1586         (JSC::PutByIdAccess::oldStructure):
1587         (JSC::PutByIdAccess::structure):
1588         (JSC::PutByIdAccess::newStructure):
1589         (JSC::PutByIdAccess::chain):
1590         (JSC::PutByIdAccess::stubRoutine):
1591         (PolymorphicPutByIdList):
1592         (JSC::PolymorphicPutByIdList::currentSlowPathTarget):
1593         (JSC::PolymorphicPutByIdList::isEmpty):
1594         (JSC::PolymorphicPutByIdList::size):
1595         (JSC::PolymorphicPutByIdList::at):
1596         (JSC::PolymorphicPutByIdList::operator[]):
1597         (JSC::PolymorphicPutByIdList::kind):
1598         * bytecode/PutKind.h: Added.
1599         (JSC):
1600         * bytecode/StructureStubInfo.cpp:
1601         (JSC::StructureStubInfo::deref):
1602         (JSC::StructureStubInfo::visitWeakReferences):
1603         * bytecode/StructureStubInfo.h:
1604         (JSC):
1605         (JSC::isPutByIdAccess):
1606         (JSC::StructureStubInfo::initPutByIdList):
1607         (StructureStubInfo):
1608         (JSC::StructureStubInfo::reset):
1609         * dfg/DFGOperations.cpp:
1610         * dfg/DFGOperations.h:
1611         (DFG):
1612         * dfg/DFGRepatch.cpp:
1613         (JSC::DFG::appropriateGenericPutByIdFunction):
1614         (JSC::DFG::appropriateListBuildingPutByIdFunction):
1615         (DFG):
1616         (JSC::DFG::emitPutReplaceStub):
1617         (JSC::DFG::emitPutTransitionStub):
1618         (JSC::DFG::tryCachePutByID):
1619         (JSC::DFG::dfgRepatchPutByID):
1620         (JSC::DFG::tryBuildPutByIdList):
1621         (JSC::DFG::dfgBuildPutByIdList):
1622         (JSC::DFG::dfgResetPutByID):
1623         * dfg/DFGRepatch.h:
1624         (DFG):
1625         * runtime/WriteBarrier.h:
1626         (WriteBarrierBase):
1627         (JSC::WriteBarrierBase::copyFrom):
1628
1629 2012-02-10  Vineet Chaudhary  <rgf748@motorola.com>
1630
1631         https://bugs.webkit.org/show_bug.cgi?id=72756
1632         DOMHTMLElement’s accessKey property is declared as available in WebKit version that didn’t have it 
1633
1634         Reviewed by Timothy Hatcher.
1635
1636         * API/WebKitAvailability.h: Added AVAILABLE_AFTER_WEBKIT_VERSION_5_1 and
1637           AVAILABLE_WEBKIT_VERSION_1_3_AND_LATER_BUT_DEPRECATED_AFTER_WEBKIT_VERSION_5_1 for the new versions.
1638
1639 2012-02-10  Mark Hahnenberg  <mhahnenberg@apple.com>
1640
1641         Fixing windows build
1642
1643         Unreviewed build fix
1644
1645         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
1646
1647 2012-02-10  Adam Klein  <adamk@chromium.org>
1648
1649         Enable MUTATION_OBSERVERS by default on all platforms
1650         https://bugs.webkit.org/show_bug.cgi?id=78196
1651
1652         Reviewed by Ojan Vafai.
1653
1654         * Configurations/FeatureDefines.xcconfig:
1655
1656 2012-02-10  Yong Li  <yoli@rim.com>
1657
1658         ENABLE(ASSEMBLER_WX_EXCLUSIVE): LinkBuffer can leave pages not marked as executable.
1659         https://bugs.webkit.org/show_bug.cgi?id=76724
1660
1661         Reviewed by Rob Buis.
1662
1663         This issue only exists when both ENABLE(ASSEMBLER_WX_EXCLUSIVE) and ENABLE(BRANCH_COMPACTION) are on.
1664         The size used to call makeExecutable can be smaller than the one that was used for makeWritable.
1665         So it can leave pages behind that are not set back to default flags. When an assembly on one of those
1666         pages is executed or JIT returns to those pages in the case it was already executing from there, the
1667         software will crash.
1668
1669         * assembler/LinkBuffer.h: Add m_initialSize and use it in performFinalization().
1670         (JSC::LinkBuffer::LinkBuffer):
1671         (JSC::LinkBuffer::linkCode):
1672         (JSC::LinkBuffer::performFinalization):
1673         (LinkBuffer):
1674
1675 2012-02-10  Mark Hahnenberg  <mhahnenberg@apple.com>
1676
1677         Split MarkedSpace into destructor and destructor-free subspaces
1678         https://bugs.webkit.org/show_bug.cgi?id=77761
1679
1680         Reviewed by Geoffrey Garen.
1681
1682         * dfg/DFGSpeculativeJIT.h:
1683         (JSC::DFG::SpeculativeJIT::emitAllocateJSFinalObject): Switched over to use destructor-free space.
1684         * heap/Heap.h:
1685         (JSC::Heap::allocatorForObjectWithoutDestructor): Added to give clients (e.g. the JIT) the ability to 
1686         pick which subspace they want to allocate out of.
1687         (JSC::Heap::allocatorForObjectWithDestructor): Ditto.
1688         (Heap):
1689         (JSC::Heap::allocateWithDestructor): Added private function for CellAllocator to use.
1690         (JSC):
1691         (JSC::Heap::allocateWithoutDestructor): Ditto.
1692         * heap/MarkedAllocator.cpp: Added the cellsNeedDestruction flag to allocators so that they can allocate 
1693         their MarkedBlocks correctly.
1694         (JSC::MarkedAllocator::allocateBlock):
1695         * heap/MarkedAllocator.h:
1696         (JSC::MarkedAllocator::cellsNeedDestruction):
1697         (MarkedAllocator):
1698         (JSC::MarkedAllocator::MarkedAllocator):
1699         (JSC):
1700         (JSC::MarkedAllocator::init): Replaced custom set functions, which were only used upon initialization, with
1701         an init function that does all of that stuff in fewer lines.
1702         * heap/MarkedBlock.cpp:
1703         (JSC::MarkedBlock::create):
1704         (JSC::MarkedBlock::recycle):
1705         (JSC::MarkedBlock::MarkedBlock):
1706         (JSC::MarkedBlock::callDestructor): Templatized, along with specializedSweep and sweepHelper, to make 
1707         checking the m_cellsNeedDestructor flag faster and cleaner looking.
1708         (JSC):
1709         (JSC::MarkedBlock::specializedSweep):
1710         (JSC::MarkedBlock::sweep):
1711         (JSC::MarkedBlock::sweepHelper):
1712         * heap/MarkedBlock.h:
1713         (MarkedBlock):
1714         (JSC::MarkedBlock::cellsNeedDestruction):
1715         (JSC):
1716         * heap/MarkedSpace.cpp:
1717         (JSC::MarkedSpace::MarkedSpace):
1718         (JSC::MarkedSpace::resetAllocators):
1719         (JSC::MarkedSpace::canonicalizeCellLivenessData):
1720         (JSC::TakeIfUnmarked::operator()):
1721         * heap/MarkedSpace.h:
1722         (MarkedSpace):
1723         (Subspace):
1724         (JSC::MarkedSpace::allocatorFor): Needed function to differentiate between the two broad subspaces of 
1725         allocators.
1726         (JSC):
1727         (JSC::MarkedSpace::destructorAllocatorFor): Ditto.
1728         (JSC::MarkedSpace::allocateWithoutDestructor): Ditto.
1729         (JSC::MarkedSpace::allocateWithDestructor): Ditto.
1730         (JSC::MarkedSpace::forEachBlock):
1731         * jit/JIT.h:
1732         * jit/JITInlineMethods.h: Modified to use the proper allocator for JSFinalObjects and others.
1733         (JSC::JIT::emitAllocateBasicJSObject):
1734         (JSC::JIT::emitAllocateJSFinalObject):
1735         (JSC::JIT::emitAllocateJSFunction):
1736         * runtime/JSArray.cpp:
1737         (JSC):
1738         * runtime/JSArray.h:
1739         (JSArray):
1740         (JSC::JSArray::create):
1741         (JSC):
1742         (JSC::JSArray::tryCreateUninitialized):
1743         * runtime/JSCell.h:
1744         (JSCell):
1745         (JSC):
1746         (NeedsDestructor): Template struct that calculates at compile time whether the class in question requires 
1747         destruction or not using the compiler type trait __has_trivial_destructor. allocateCell then checks this 
1748         constant to decide whether to allocate in the destructor or destructor-free parts of the heap.
1749         (JSC::allocateCell): 
1750         * runtime/JSFunction.cpp:
1751         (JSC):
1752         * runtime/JSFunction.h:
1753         (JSFunction):
1754         * runtime/JSObject.cpp:
1755         (JSC):
1756         * runtime/JSObject.h:
1757         (JSNonFinalObject):
1758         (JSC):
1759         (JSFinalObject):
1760         (JSC::JSFinalObject::create):
1761
1762 2012-02-10  Adrienne Walker  <enne@google.com>
1763
1764         Remove implicit copy constructor usage in HashMaps with OwnPtr
1765         https://bugs.webkit.org/show_bug.cgi?id=78071
1766
1767         Reviewed by Darin Adler.
1768
1769         Change the return type of emptyValue() in PairHashTraits to be the
1770         actual type returned rather than the trait type to avoid an implicit
1771         generation of the OwnPtr copy constructor. This happens for hash
1772         traits involving OwnPtr where the empty value is not zero and each
1773         hash bucket needs to be initialized with emptyValue().
1774
1775         Also, update StructureTransitionTable to use default hash traits
1776         rather than rolling its own, in order to update it to handle
1777         EmptyValueType.
1778
1779         Test: patch from bug 74154 compiles on Clang with this patch
1780
1781         * runtime/StructureTransitionTable.h:
1782         (StructureTransitionTable):
1783         * wtf/HashTraits.h:
1784         (GenericHashTraits):
1785         (PairHashTraits):
1786         (WTF::PairHashTraits::emptyValue):
1787
1788 2012-02-10  Aron Rosenberg  <arosenberg@logitech.com>
1789
1790         [Qt] Fix compiler warning in Visual Studio 2010 about TR1
1791         https://bugs.webkit.org/show_bug.cgi?id=63642
1792
1793         Reviewed by Simon Hausmann.
1794
1795         * JavaScriptCore.pri:
1796
1797 2012-02-10  Michael Saboff  <msaboff@apple.com>
1798
1799         Yarr assert with regexp where alternative in *-quantified group matches empty
1800         https://bugs.webkit.org/show_bug.cgi?id=67752        
1801
1802         Reviewed by Gavin Barraclough.
1803
1804         Added backtracking for the prior alternative if it matched
1805         but didn't consume any input characters.
1806
1807         * yarr/YarrJIT.cpp:
1808         (YarrOp): New jump.
1809         (JSC::Yarr::YarrGenerator::generate): Emit conditional jump
1810         when an alternative matches and no input was consumed.  Moved the
1811         zero length match check for a set of alternatives to the alternative
1812         code from the parentheses cases to the alternative end cases.
1813         Converted the existing zero length checks in the parentheses cases
1814         to runtime assertion checks.
1815         (JSC::Yarr::YarrGenerator::backtrack): Link new jump to backtrack
1816         to prior term.
1817
1818 2012-02-10  Roland Takacs  <takacs.roland@stud.u-szeged.hu>
1819
1820         [Qt] GC should be parallel on Qt platform
1821         https://bugs.webkit.org/show_bug.cgi?id=73309
1822
1823         Reviewed by Zoltan Herczeg.
1824
1825         These changes made the parallel gc feature available for Qt port.
1826         The implementation of "registerGCThread" and "isMainThreadOrGCThread",
1827         and a local static function [initializeGCThreads] is moved from
1828         MainThreadMac.mm to the common MainThread.cpp to make them available
1829         for other platforms.
1830
1831         Measurement results:
1832         V8           speed-up:  1.025x as fast  [From: 663.4ms  To: 647.0ms ]
1833         V8 Splay     speed-up:  1.185x as fast  [From: 138.4ms  To: 116.8ms ]
1834
1835         Tested on Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz with 4-core.
1836
1837         * JavaScriptCore.order:
1838         * wtf/MainThread.cpp:
1839         (WTF::initializeMainThread):
1840         (WTF):
1841         (WTF::initializeGCThreads):
1842         (WTF::registerGCThread):
1843         (WTF::isMainThreadOrGCThread):
1844         * wtf/MainThread.h:
1845         (WTF):
1846         * wtf/Platform.h:
1847         * wtf/mac/MainThreadMac.mm:
1848         (WTF):
1849
1850 2012-02-09  Andy Wingo  <wingo@igalia.com>
1851
1852         Eliminate dead code in BytecodeGenerator::resolve()
1853         https://bugs.webkit.org/show_bug.cgi?id=78242
1854
1855         Reviewed by Gavin Barraclough.
1856
1857         * bytecompiler/BytecodeGenerator.cpp:
1858         (JSC::BytecodeGenerator::resolve):
1859         BytecodeGenerator::shouldOptimizeLocals() is only true for
1860         FunctionCode, and thus cannot be true for GlobalCode.
1861
1862 2012-02-09  Andy Wingo  <wingo@igalia.com>
1863
1864         Remove BytecodeGenerator::isLocal
1865         https://bugs.webkit.org/show_bug.cgi?id=78241
1866
1867         Minor refactor to BytecodeGenerator.
1868
1869         Reviewed by Gavin Barraclough.
1870
1871         * bytecompiler/BytecodeGenerator.h:
1872         * bytecompiler/BytecodeGenerator.cpp:
1873         (JSC::BytecodeGenerator::isLocal):
1874         (JSC::BytecodeGenerator::isLocalConstant): Remove now-unused
1875         methods.
1876         * bytecompiler/NodesCodegen.cpp:
1877         (JSC::ResolveNode::isPure): Use the ResolveResult mechanism
1878         instead of isLocal.  This will recognize more resolve nodes as
1879         being pure.
1880         (JSC::PrefixResolveNode::emitBytecode): Use isReadOnly on the
1881         location instead of isLocalConstant.
1882
1883 2012-02-09  Oliver Hunt  <oliver@apple.com>
1884
1885         The JS Parser scope object needs a VectorTrait specialization
1886         https://bugs.webkit.org/show_bug.cgi?id=78308
1887
1888         Reviewed by Gavin Barraclough.
1889
1890         This showed up as a periodic crash in various bits of generated code
1891         originally, but I've added an assertion in the bytecode generator
1892         that makes the effected code much more crash-happy should it go
1893         wrong again.
1894
1895         * bytecompiler/BytecodeGenerator.cpp:
1896         (JSC::BytecodeGenerator::BytecodeGenerator):
1897         (JSC::BytecodeGenerator::resolve):
1898         * parser/Parser.cpp:
1899         * parser/Parser.h:
1900         (JSC):
1901         * runtime/JSActivation.h:
1902         (JSC::JSActivation::isValidScopedLookup):
1903         (JSActivation):
1904
1905 2012-02-08  Oliver Hunt  <oliver@apple.com>
1906
1907         Whoops, fix the build.
1908
1909         * runtime/Executable.cpp:
1910         (JSC::FunctionExecutable::FunctionExecutable):
1911
1912 2012-02-08  Oliver Hunt  <oliver@apple.com>
1913
1914         Fix issue encountered while debugging stacktraces
1915         https://bugs.webkit.org/show_bug.cgi?id=78147
1916
1917         Reviewed by Gavin Barraclough.
1918
1919         Debugging is easier if we always ensure that we have a non-null
1920         inferred name.
1921
1922         * runtime/Executable.cpp:
1923         (JSC::FunctionExecutable::FunctionExecutable):
1924
1925 2012-02-08  Oliver Hunt  <oliver@apple.com>
1926
1927         updateTopCallframe in the baseline JIT doesn't provide enough information to the stubs
1928         https://bugs.webkit.org/show_bug.cgi?id=78145
1929
1930         Reviewed by Gavin Barraclough.
1931
1932         Fix the updateTopCallFrame helper to store additional information
1933         that becomes necessary when we are trying to provide more stack
1934         frame information.
1935
1936         * interpreter/CallFrame.h:
1937         (JSC::ExecState::bytecodeOffsetForBaselineJIT):
1938         (ExecState):
1939         * jit/JIT.cpp:
1940         (JSC::JIT::privateCompile):
1941         * jit/JIT.h:
1942         (JSC::JIT::compileGetByIdProto):
1943         (JSC::JIT::compileGetByIdSelfList):
1944         (JSC::JIT::compileGetByIdProtoList):
1945         (JSC::JIT::compileGetByIdChainList):
1946         (JSC::JIT::compileGetByIdChain):
1947         (JSC::JIT::compilePutByIdTransition):
1948         (JIT):
1949         * jit/JITInlineMethods.h:
1950         (JSC::JIT::updateTopCallFrame):
1951
1952 2012-02-07  Robert Kroeger  <rjkroege@chromium.org>
1953
1954         [chromium] Remove the enable marcro for the no longer necessary Chromium
1955         gesture recognizer.
1956         https://bugs.webkit.org/show_bug.cgi?id=77492
1957
1958         Reviewed by Adam Barth.
1959
1960         * wtf/Platform.h:
1961
1962 2012-02-07  Tony Chang  <tony@chromium.org>
1963
1964         merge DashboardSupportCSSPropertyNames.in into CSSPropertyNames.in
1965         https://bugs.webkit.org/show_bug.cgi?id=78036
1966
1967         Reviewed by Darin Adler.
1968
1969         * Configurations/FeatureDefines.xcconfig: Add ENABLE_DASHBOARD_SUPPORT to FEATURE_DEFINES.
1970
1971 2012-02-07  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
1972
1973         [CMAKE] Use *bin* and *lib* directories for executable and libraries.
1974         https://bugs.webkit.org/show_bug.cgi?id=77928
1975
1976         Reviewed by Daniel Bates.
1977
1978         CMake has used *Programs* directory for executable. In addition, shared libraries are being
1979         built in source directory. It is better to set common places in order to maintain executable
1980         and libraries. *bin* is for executable and *lib* is for library.
1981
1982         * shell/CMakeLists.txt: Change *Programs* with *bin*.
1983
1984 2012-02-07  Gavin Barraclough  <barraclough@apple.com>
1985
1986         Crash on http://www.rickshawbags.com/
1987         https://bugs.webkit.org/show_bug.cgi?id=78045
1988
1989         Reviewed by Darin Adler.
1990
1991         Problem URL is: http://www.rickshawbags.com/customize/custom-bag#!thl=rickshaw/bag()
1992         
1993         This is a bug introduced by https://bugs.webkit.org/show_bug.cgi?id=71933,
1994         isVariableObject() checks were excluding StaticScopeObjects, this patch
1995         inadvertently changed them to be included.
1996
1997         * runtime/JSType.h:
1998             - sort JSType enum such that StaticScopeObjectType comes before VariableObjectType,
1999               and thus is excluded from isVariableObject() checks.
2000
2001 2012-02-06  Jer Noble  <jer.noble@apple.com>
2002
2003         Use CMClock as a timing source for PlatformClock where available.
2004         https://bugs.webkit.org/show_bug.cgi?id=77885
2005
2006         Reviewed by Eric Carlson.
2007
2008         * wtf/Platform.h: Added WTF_USE_COREMEDIA.
2009
2010 2012-02-06  Filip Pizlo  <fpizlo@apple.com>
2011
2012         ValueToNumber and ValueToDouble nodes don't do anything and should be removed
2013         https://bugs.webkit.org/show_bug.cgi?id=77855
2014         <rdar://problem/10811325>
2015
2016         Reviewed by Gavin Barraclough.
2017         
2018         Removed ValueToNumber and ValueToDouble, because the only thing they were doing
2019         was wasting registers.
2020         
2021         This looks like a 1% win on V8 (with a 5% win on crypto) and a 2-3% win on Kraken,
2022         mostly due to a >10% win on gaussian-blur. No win anywhere else.
2023
2024         * dfg/DFGAbstractState.cpp:
2025         (JSC::DFG::AbstractState::execute):
2026         * dfg/DFGByteCodeParser.cpp:
2027         (JSC::DFG::ByteCodeParser::getToInt32):
2028         (ByteCodeParser):
2029         (JSC::DFG::ByteCodeParser::handleMinMax):
2030         (JSC::DFG::ByteCodeParser::handleIntrinsic):
2031         (JSC::DFG::ByteCodeParser::parseBlock):
2032         * dfg/DFGNode.h:
2033         (DFG):
2034         (JSC::DFG::Node::hasArithNodeFlags):
2035         * dfg/DFGPropagator.cpp:
2036         (JSC::DFG::Propagator::propagateArithNodeFlags):
2037         (JSC::DFG::Propagator::propagateNodePredictions):
2038         (JSC::DFG::Propagator::vote):
2039         (JSC::DFG::Propagator::doRoundOfDoubleVoting):
2040         (Propagator):
2041         (JSC::DFG::Propagator::fixupNode):
2042         (JSC::DFG::Propagator::canonicalize):
2043         * dfg/DFGSpeculativeJIT.cpp:
2044         (JSC::DFG::SpeculativeJIT::computeValueRecoveryFor):
2045         * dfg/DFGSpeculativeJIT32_64.cpp:
2046         (JSC::DFG::SpeculativeJIT::compile):
2047         * dfg/DFGSpeculativeJIT64.cpp:
2048         (JSC::DFG::SpeculativeJIT::compile):
2049
2050 2012-02-06  Patrick Gansterer  <paroga@webkit.org>
2051
2052         Unreviewed WinCE build fix after r106197.
2053
2054         * tools/CodeProfiling.cpp:
2055         (JSC::CodeProfiling::notifyAllocator): getenv() isn't supported by WinCE. Don't call it.
2056
2057 2012-02-05  Gavin Barraclough  <barraclough@apple.com>
2058
2059         Remove JSObject defineGetter/defineSetter lookupGetter/lookupSetter
2060         https://bugs.webkit.org/show_bug.cgi?id=77451
2061
2062         Reviewed by Sam Weinig.
2063
2064         These can now all be implemented in terms of defineOwnProperty & getPropertyDescriptor.
2065         Also remove initializeGetterSetterProperty, since this is equivalent to putDirectAccessor.
2066
2067         * JavaScriptCore.exp:
2068         * debugger/DebuggerActivation.cpp:
2069         (JSC::DebuggerActivation::defineOwnProperty):
2070         * debugger/DebuggerActivation.h:
2071         (DebuggerActivation):
2072         * runtime/ClassInfo.h:
2073         (MethodTable):
2074         (JSC):
2075         * runtime/JSBoundFunction.cpp:
2076         (JSC::JSBoundFunction::finishCreation):
2077         * runtime/JSCell.cpp:
2078         (JSC):
2079         * runtime/JSCell.h:
2080         (JSCell):
2081         * runtime/JSFunction.cpp:
2082         (JSC::JSFunction::getOwnPropertySlot):
2083         (JSC::JSFunction::getOwnPropertyDescriptor):
2084         * runtime/JSGlobalObject.cpp:
2085         (JSC::JSGlobalObject::defineOwnProperty):
2086         (JSC):
2087         * runtime/JSGlobalObject.h:
2088         (JSGlobalObject):
2089         * runtime/JSObject.cpp:
2090         (JSC):
2091         * runtime/JSObject.h:
2092         (JSObject):
2093         * runtime/ObjectPrototype.cpp:
2094         (JSC::objectProtoFuncDefineGetter):
2095         (JSC::objectProtoFuncDefineSetter):
2096         (JSC::objectProtoFuncLookupGetter):
2097         (JSC::objectProtoFuncLookupSetter):
2098
2099 2012-02-06  Carlos Garcia Campos  <cgarcia@igalia.com>
2100
2101         Unreviewed. Fix make distcheck.
2102
2103         * GNUmakefile.list.am: Add missing files.
2104
2105 2012-02-05  Filip Pizlo  <fpizlo@apple.com>
2106
2107         DFG's child references from one node to another should have room for type information
2108         https://bugs.webkit.org/show_bug.cgi?id=77797
2109
2110         Reviewed by Oliver Hunt.
2111         
2112         The DFG::Node::child fields now contain both a DFG::NodeIndex (which is just an unsigned)
2113         and a DFG::UseKind (which is currently an effectively empty enum). They are encapsulated
2114         together as a DFG::NodeUse, which can in most cases still be used as an index (for
2115         example DFG::Graph, AbstractState, and SpeculativeJIT all accept NodeUse in most places
2116         where they really want a NodeIndex).
2117         
2118         The NodeUse stores both the index and the UseKind without bloating the memory usage of
2119         DFG::Node, since we really don't need full 32 bits for the NodeIndex (a DFG::Node is
2120         roughly 11 words, so if we assume that we never want to use more than 1GB to DFG compile
2121         something - likely a sensible assumption! - then we will only be able to have room for
2122         about 24 million nodes, which means we only need about 24.5 bits for the node index).
2123         Currently the DFG::NodeUse allocates 4 bits for the UseKind and 28 bits for the index,
2124         but stores the index as a signed number to make NoNode work naturally. Hence we really
2125         just have 27 bits for the index.
2126         
2127         This is performance-neutral on all benchmarks we track.
2128
2129         * JavaScriptCore.xcodeproj/project.pbxproj:
2130         * dfg/DFGAbstractState.h:
2131         (JSC::DFG::AbstractState::forNode):
2132         (AbstractState):
2133         * dfg/DFGByteCodeParser.cpp:
2134         (JSC::DFG::ByteCodeParser::getLocal):
2135         (JSC::DFG::ByteCodeParser::getArgument):
2136         (JSC::DFG::ByteCodeParser::toInt32):
2137         (JSC::DFG::ByteCodeParser::addVarArgChild):
2138         (JSC::DFG::ByteCodeParser::processPhiStack):
2139         * dfg/DFGCommon.h:
2140         * dfg/DFGGraph.cpp:
2141         (JSC::DFG::Graph::dump):
2142         (DFG):
2143         * dfg/DFGGraph.h:
2144         (Graph):
2145         (JSC::DFG::Graph::operator[]):
2146         (JSC::DFG::Graph::at):
2147         (JSC::DFG::Graph::ref):
2148         (JSC::DFG::Graph::deref):
2149         (JSC::DFG::Graph::clearAndDerefChild1):
2150         (JSC::DFG::Graph::clearAndDerefChild2):
2151         (JSC::DFG::Graph::clearAndDerefChild3):
2152         * dfg/DFGJITCompiler.h:
2153         (JSC::DFG::JITCompiler::getPrediction):
2154         * dfg/DFGNode.h:
2155         (JSC::DFG::Node::Node):
2156         (JSC::DFG::Node::child1):
2157         (JSC::DFG::Node::child1Unchecked):
2158         (JSC::DFG::Node::child2):
2159         (JSC::DFG::Node::child3):
2160         (JSC::DFG::Node::firstChild):
2161         (JSC::DFG::Node::numChildren):
2162         (JSC::DFG::Node::dumpChildren):
2163         (Node):
2164         * dfg/DFGNodeReferenceBlob.h: Added.
2165         (DFG):
2166         (NodeReferenceBlob):
2167         (JSC::DFG::NodeReferenceBlob::NodeReferenceBlob):
2168         (JSC::DFG::NodeReferenceBlob::child):
2169         (JSC::DFG::NodeReferenceBlob::child1):
2170         (JSC::DFG::NodeReferenceBlob::child2):
2171         (JSC::DFG::NodeReferenceBlob::child3):
2172         (JSC::DFG::NodeReferenceBlob::child1Unchecked):
2173         (JSC::DFG::NodeReferenceBlob::initialize):
2174         (JSC::DFG::NodeReferenceBlob::firstChild):
2175         (JSC::DFG::NodeReferenceBlob::setFirstChild):
2176         (JSC::DFG::NodeReferenceBlob::numChildren):
2177         (JSC::DFG::NodeReferenceBlob::setNumChildren):
2178         * dfg/DFGNodeUse.h: Added.
2179         (DFG):
2180         (NodeUse):
2181         (JSC::DFG::NodeUse::NodeUse):
2182         (JSC::DFG::NodeUse::indexUnchecked):
2183         (JSC::DFG::NodeUse::index):
2184         (JSC::DFG::NodeUse::setIndex):
2185         (JSC::DFG::NodeUse::useKind):
2186         (JSC::DFG::NodeUse::setUseKind):
2187         (JSC::DFG::NodeUse::isSet):
2188         (JSC::DFG::NodeUse::operator!):
2189         (JSC::DFG::NodeUse::operator==):
2190         (JSC::DFG::NodeUse::operator!=):
2191         (JSC::DFG::NodeUse::shift):
2192         (JSC::DFG::NodeUse::makeWord):
2193         (JSC::DFG::operator==):
2194         (JSC::DFG::operator!=):
2195         * dfg/DFGPropagator.cpp:
2196         (JSC::DFG::Propagator::propagateArithNodeFlags):
2197         (JSC::DFG::Propagator::vote):
2198         (JSC::DFG::Propagator::toDouble):
2199         (JSC::DFG::Propagator::fixupNode):
2200         (JSC::DFG::Propagator::canonicalize):
2201         (JSC::DFG::Propagator::startIndex):
2202         (JSC::DFG::Propagator::globalVarLoadElimination):
2203         (JSC::DFG::Propagator::getByValLoadElimination):
2204         (JSC::DFG::Propagator::getByOffsetLoadElimination):
2205         (JSC::DFG::Propagator::performSubstitution):
2206         (JSC::DFG::Propagator::performNodeCSE):
2207         * dfg/DFGScoreBoard.h:
2208         (JSC::DFG::ScoreBoard::use):
2209         * dfg/DFGSpeculativeJIT.cpp:
2210         (JSC::DFG::SpeculativeJIT::useChildren):
2211         (JSC::DFG::SpeculativeJIT::writeBarrier):
2212         (JSC::DFG::SpeculativeJIT::nonSpeculativeStrictEq):
2213         (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectEquality):
2214         (JSC::DFG::SpeculativeJIT::compilePeepHoleIntegerBranch):
2215         (JSC::DFG::SpeculativeJIT::compileMovHint):
2216         (JSC::DFG::SpeculativeJIT::computeValueRecoveryFor):
2217         (JSC::DFG::SpeculativeJIT::compilePutByValForByteArray):
2218         (JSC::DFG::SpeculativeJIT::compilePutByValForIntTypedArray):
2219         (JSC::DFG::SpeculativeJIT::compilePutByValForFloatTypedArray):
2220         (JSC::DFG::SpeculativeJIT::compileSoftModulo):
2221         (JSC::DFG::SpeculativeJIT::compileAdd):
2222         (JSC::DFG::SpeculativeJIT::compileArithSub):
2223         (JSC::DFG::SpeculativeJIT::compileStrictEqForConstant):
2224         (JSC::DFG::SpeculativeJIT::compileStrictEq):
2225         * dfg/DFGSpeculativeJIT.h:
2226         (JSC::DFG::SpeculativeJIT::at):
2227         (JSC::DFG::SpeculativeJIT::canReuse):
2228         (JSC::DFG::SpeculativeJIT::use):
2229         (SpeculativeJIT):
2230         (JSC::DFG::SpeculativeJIT::detectPeepHoleBranch):
2231         (JSC::DFG::SpeculativeJIT::speculationCheck):
2232         (JSC::DFG::SpeculativeJIT::terminateSpeculativeExecution):
2233         (JSC::DFG::IntegerOperand::IntegerOperand):
2234         (JSC::DFG::DoubleOperand::DoubleOperand):
2235         (JSC::DFG::JSValueOperand::JSValueOperand):
2236         (JSC::DFG::StorageOperand::StorageOperand):
2237         (JSC::DFG::SpeculateIntegerOperand::SpeculateIntegerOperand):
2238         (JSC::DFG::SpeculateStrictInt32Operand::SpeculateStrictInt32Operand):
2239         (JSC::DFG::SpeculateDoubleOperand::SpeculateDoubleOperand):
2240         (JSC::DFG::SpeculateCellOperand::SpeculateCellOperand):
2241         (JSC::DFG::SpeculateBooleanOperand::SpeculateBooleanOperand):
2242         * dfg/DFGSpeculativeJIT32_64.cpp:
2243         (JSC::DFG::SpeculativeJIT::nonSpeculativeValueToNumber):
2244         (JSC::DFG::SpeculativeJIT::nonSpeculativeValueToInt32):
2245         (JSC::DFG::SpeculativeJIT::cachedPutById):
2246         (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNull):
2247         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
2248         (JSC::DFG::SpeculativeJIT::nonSpeculativeCompareNull):
2249         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranch):
2250         (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompare):
2251         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
2252         (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeStrictEq):
2253         (JSC::DFG::SpeculativeJIT::emitCall):
2254         (JSC::DFG::SpeculativeJIT::compileValueAdd):
2255         (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
2256         (JSC::DFG::SpeculativeJIT::compileLogicalNot):
2257         (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
2258         (JSC::DFG::SpeculativeJIT::emitBranch):
2259         (JSC::DFG::SpeculativeJIT::compile):
2260         * dfg/DFGSpeculativeJIT64.cpp:
2261         (JSC::DFG::SpeculativeJIT::nonSpeculativeValueToNumber):
2262         (JSC::DFG::SpeculativeJIT::nonSpeculativeValueToInt32):
2263         (JSC::DFG::SpeculativeJIT::cachedPutById):
2264         (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNull):
2265         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
2266         (JSC::DFG::SpeculativeJIT::nonSpeculativeCompareNull):
2267         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranch):
2268         (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompare):
2269         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
2270         (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeStrictEq):
2271         (JSC::DFG::SpeculativeJIT::emitCall):
2272         (JSC::DFG::SpeculativeJIT::compileObjectEquality):
2273         (JSC::DFG::SpeculativeJIT::compileValueAdd):
2274         (JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
2275         (JSC::DFG::SpeculativeJIT::compileLogicalNot):
2276         (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
2277         (JSC::DFG::SpeculativeJIT::emitBranch):
2278         (JSC::DFG::SpeculativeJIT::compile):
2279
2280 2012-02-05  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
2281
2282         [CMAKE] Support javascriptcore test for EFL port. 
2283         https://bugs.webkit.org/show_bug.cgi?id=77425
2284
2285         Reviewed by Daniel Bates.
2286
2287         Efl and WinCE as well as Blackberry port are now using Cmake as its build system
2288         and they are share the make file to create jsc excutable. In order to run
2289         "run-javascriptcore-tests", EFL port needs to change jsc installation configuration
2290         with executable output directory(e.g. Programs). So, this patch change jsc installation
2291         configuration only for EFL port.
2292
2293         * shell/CMakeLists.txt:
2294
2295 2012-02-04  Gavin Barraclough  <barraclough@apple.com>
2296
2297         Rubber stamped by Sam Weinig.
2298
2299         * yarr/YarrPattern.cpp:
2300         (JSC::Yarr::YarrPatternConstructor::quantifyAtom):
2301             - Fix comment.
2302
2303 2012-02-04  Kalev Lember  <kalevlember@gmail.com>
2304
2305         [GTK] CurrentTime: Reorder headers for win32
2306         https://bugs.webkit.org/show_bug.cgi?id=77808
2307
2308         Reviewed by Martin Robinson.
2309
2310         In GTK+ win32 port, monotonicallyIncreasingTime() implementation is
2311         based on g_get_monotonic_time(). Reorder headers to make sure glib.h
2312         gets included even when the platform is win32.
2313
2314         CurrentTime.cpp: In function 'double WTF::monotonicallyIncreasingTime()':
2315         CurrentTime.cpp:321:53: error: 'g_get_monotonic_time' was not declared in this scope
2316         CurrentTime.cpp:322:1: warning: control reaches end of non-void function [-Wreturn-type]
2317
2318         * wtf/CurrentTime.cpp:
2319
2320 2012-02-03  Anders Carlsson  <andersca@apple.com>
2321
2322         Prefix the typedef in WTF_MAKE_FAST_ALLOCATED with underscores
2323         https://bugs.webkit.org/show_bug.cgi?id=77788
2324
2325         Reviewed by Andreas Kling.
2326
2327         The current typedef name, 'ThisIsHereToForceASemicolonAfterThisMacro', shows up when trying to 
2328         code-complete 'this' in Xcode. Prefix the typedef with two underscores to stop this from happening.
2329
2330         * wtf/FastAllocBase.h:
2331
2332 2012-02-03  Rob Buis  <rbuis@rim.com>
2333
2334         Fix alignment warnings in ARMv7
2335         https://bugs.webkit.org/show_bug.cgi?id=55368
2336
2337         Reviewed by Filip Pizlo.
2338
2339         Use reinterpret_cast_ptr and static_cast to get rid of alignment issues in ARMv7 code.
2340
2341         * heap/HandleTypes.h:
2342         (JSC::HandleTypes::getFromSlot):
2343         * heap/MarkedBlock.cpp:
2344         (JSC::MarkedBlock::specializedSweep):
2345         * heap/MarkedBlock.h:
2346         (JSC::MarkedBlock::forEachCell):
2347         * runtime/WriteBarrier.h:
2348         (JSC::WriteBarrierBase::get):
2349         (JSC::WriteBarrierBase::unvalidatedGet):
2350
2351 2012-02-03  Mark Hahnenberg  <mhahnenberg@apple.com>
2352
2353         Build fix
2354
2355         Unreviewed build fix
2356
2357         Forgot to add a couple files.
2358
2359         * heap/MarkedAllocator.cpp: Added.
2360         (JSC):
2361         (JSC::MarkedAllocator::tryAllocateHelper):
2362         (JSC::MarkedAllocator::tryAllocate):
2363         (JSC::MarkedAllocator::allocateSlowCase):
2364         (JSC::MarkedAllocator::allocateBlock):
2365         (JSC::MarkedAllocator::addBlock):
2366         (JSC::MarkedAllocator::removeBlock):
2367         * heap/MarkedAllocator.h: Added.
2368         (JSC):
2369         (DFG):
2370         (MarkedAllocator):
2371         (JSC::MarkedAllocator::cellSize):
2372         (JSC::MarkedAllocator::heap):
2373         (JSC::MarkedAllocator::setHeap):
2374         (JSC::MarkedAllocator::setCellSize):
2375         (JSC::MarkedAllocator::setMarkedSpace):
2376         (JSC::MarkedAllocator::MarkedAllocator):
2377         (JSC::MarkedAllocator::allocate):
2378         (JSC::MarkedAllocator::reset):
2379         (JSC::MarkedAllocator::zapFreeList):
2380         (JSC::MarkedAllocator::forEachBlock):
2381
2382 2012-02-03  Mark Hahnenberg  <mhahnenberg@apple.com>
2383
2384         Refactor MarkedBlock::SizeClass into a separate class
2385         https://bugs.webkit.org/show_bug.cgi?id=77600
2386
2387         Reviewed by Geoffrey Garen.
2388
2389         We pulled SizeClass out into its own class, named MarkedAllocator, and gave it
2390         the responsibility of allocating objects from the collection of MarkedBlocks 
2391         that it manages. Also limited the amount of coupling to internal data fields 
2392         from other places, although it's mostly unavoidable in the JIT code.
2393
2394         Eventually MarkedAllocator will implement various policies to do with object 
2395         management, e.g. whether or not to run destructors on objects that it manages.
2396         MarkedSpace will manage a collection of MarkedAllocators with varying policies,
2397         as it does now but to a larger extent. 
2398
2399         * CMakeLists.txt:
2400         * GNUmakefile.list.am:
2401         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2402         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2403         * JavaScriptCore.xcodeproj/project.pbxproj:
2404         * Target.pri:
2405         * dfg/DFGSpeculativeJIT.h:
2406         (JSC::DFG::SpeculativeJIT::emitAllocateJSFinalObject):
2407         * heap/Heap.cpp:
2408         (JSC::Heap::collect):
2409         (JSC::Heap::resetAllocators):
2410         * heap/Heap.h:
2411         (JSC::Heap::allocatorForObject):
2412         (Heap):
2413         * heap/MarkedAllocator.cpp: Added.
2414         (JSC):
2415         (JSC::MarkedAllocator::tryAllocateHelper):
2416         (JSC::MarkedAllocator::tryAllocate):
2417         (JSC::MarkedAllocator::allocateSlowCase):
2418         (JSC::MarkedAllocator::allocateBlock):
2419         (JSC::MarkedAllocator::addBlock):
2420         (JSC::MarkedAllocator::removeBlock):
2421         * heap/MarkedAllocator.h: Added.
2422         (JSC):
2423         (DFG):
2424         (MarkedAllocator):
2425         (JSC::MarkedAllocator::cellSize):
2426         (JSC::MarkedAllocator::heap):
2427         (JSC::MarkedAllocator::setHeap):
2428         (JSC::MarkedAllocator::setCellSize):
2429         (JSC::MarkedAllocator::setMarkedSpace):
2430         (JSC::MarkedAllocator::MarkedAllocator):
2431         (JSC::MarkedAllocator::allocate):
2432         (JSC::MarkedAllocator::reset):
2433         (JSC::MarkedAllocator::zapFreeList):
2434         (JSC::MarkedAllocator::forEachBlock):
2435         * heap/MarkedSpace.cpp:
2436         (JSC::MarkedSpace::MarkedSpace):
2437         (JSC::MarkedSpace::resetAllocators):
2438         (JSC::MarkedSpace::canonicalizeCellLivenessData):
2439         (JSC::TakeIfUnmarked::operator()):
2440         * heap/MarkedSpace.h:
2441         (MarkedSpace):
2442         (JSC::MarkedSpace::allocatorFor):
2443         (JSC::MarkedSpace::allocate):
2444         (JSC::MarkedSpace::forEachBlock):
2445         (JSC::MarkedSpace::didAddBlock):
2446         (JSC::MarkedSpace::didConsumeFreeList):
2447         * jit/JITInlineMethods.h:
2448         (JSC::JIT::emitAllocateBasicJSObject):
2449
2450 2012-02-03  Simon Hausmann  <simon.hausmann@nokia.com>
2451
2452         [Qt] Replace GNU linker script for exports with export macros in WTF/JSC
2453         https://bugs.webkit.org/show_bug.cgi?id=77723
2454
2455         Reviewed by Tor Arne Vestbø.
2456
2457         * wtf/Platform.h: Enable use of export macros.
2458
2459 2012-02-02  Hajime Morrita  <morrita@chromium.org>
2460
2461         Unreviewed, removing an unnecessarily JS_PRIVATE_EXPORT annotation.
2462
2463         * interpreter/Interpreter.h:
2464         (Interpreter):
2465
2466 2012-01-31  Hajime Morrita  <morrita@chromium.org>
2467
2468         [Mac] eliminate JavaScriptCore.exp
2469         https://bugs.webkit.org/show_bug.cgi?id=72854
2470
2471         Reviewed by Darin Adler.
2472
2473         - Removed exp files and corresponding makefile entries.
2474         - Changed the build configuration no to use exp file.
2475
2476         * Configurations/JavaScriptCore.xcconfig:
2477         * DerivedSources.make:
2478         * JavaScriptCore.JSVALUE32_64only.exp: Removed.
2479         * JavaScriptCore.JSVALUE64only.exp: Removed.
2480         * JavaScriptCore.exp: Removed.
2481         * JavaScriptCore.xcodeproj/project.pbxproj:
2482         * wtf/Platform.h:
2483
2484 2012-02-02  Benjamin Poulain  <bpoulain@apple.com>
2485
2486         Running a Web Worker on about:blank crashes the interpreter
2487         https://bugs.webkit.org/show_bug.cgi?id=77593
2488
2489         Reviewed by Michael Saboff.
2490
2491         The method Interpreter::execute() was crashing on empty programs because
2492         the assumption is made the source is not null.
2493
2494         This patch shortcut the execution when the String is null to avoid invalid
2495         memory access.
2496
2497         * interpreter/Interpreter.cpp:
2498         (JSC::Interpreter::execute):
2499
2500 2012-02-02  Kalev Lember  <kalevlember@gmail.com>
2501
2502         [GTK] Use win32 native threading
2503         https://bugs.webkit.org/show_bug.cgi?id=77676
2504
2505         Reviewed by Martin Robinson.
2506
2507         r97269 switched from glib threading to pthreads, breaking win32 GTK+.
2508         This is a follow up, removing some leftovers in ThreadSpecific.h and
2509         switching win32 to use the native threading in ThreadingWin.cpp.
2510
2511         * GNUmakefile.list.am: Compile in win32 native threading support
2512         * wtf/ThreadSpecific.h: Remove GTK+-specific definitions
2513         (ThreadSpecific):
2514         (WTF::::destroy):
2515
2516 2012-02-02  Filip Pizlo  <fpizlo@apple.com>
2517
2518         retrieveCallerFromVMCode should call trueCallerFrame
2519         https://bugs.webkit.org/show_bug.cgi?id=77684
2520
2521         Reviewed by Oliver Hunt.
2522
2523         * interpreter/Interpreter.cpp:
2524         (JSC::Interpreter::retrieveCallerFromVMCode):
2525
2526 2012-02-02  Kalev Lember  <kalevlember@gmail.com>
2527
2528         [GTK] Implement current executable path finding for win32
2529         https://bugs.webkit.org/show_bug.cgi?id=77677
2530
2531         Reviewed by Martin Robinson.
2532
2533         The WTF helper for getting the binary path that was added in r101710
2534         left out the win32 implementation. Fix this.
2535
2536         * wtf/gobject/GlibUtilities.cpp:
2537         (getCurrentExecutablePath):
2538
2539 2012-02-02  Filip Pizlo  <fpizlo@apple.com>
2540
2541         Throwing away bytecode and then reparsing during DFG optimization is just
2542         plain wrong and makes things crash
2543         https://bugs.webkit.org/show_bug.cgi?id=77680
2544         <rdar://problem/10798490>
2545
2546         Reviewed by Oliver Hunt.
2547
2548         This is the minimal surgical fix: it removes the code that triggered bytecode
2549         throw-away. Once we're confident that this is a good idea, we can kill all of
2550         the code that implements the feature.
2551
2552         * bytecode/CodeBlock.h:
2553         (JSC::CodeBlock::discardBytecodeLater):
2554         (JSC::CodeBlock::addValueProfile):
2555         * jit/JITDriver.h:
2556         (JSC::jitCompileIfAppropriate):
2557         (JSC::jitCompileFunctionIfAppropriate):
2558
2559 2012-02-02  Filip Pizlo  <fpizlo@apple.com>
2560
2561         Release build debugging should be easier
2562         https://bugs.webkit.org/show_bug.cgi?id=77669
2563
2564         Reviewed by Gavin Barraclough.
2565
2566         * assembler/ARMAssembler.h:
2567         (ARMAssembler):
2568         (JSC::ARMAssembler::debugOffset):
2569         * assembler/ARMv7Assembler.h:
2570         (ARMv7Assembler):
2571         (JSC::ARMv7Assembler::debugOffset):
2572         (ARMInstructionFormatter):
2573         (JSC::ARMv7Assembler::ARMInstructionFormatter::debugOffset):
2574         * assembler/AbstractMacroAssembler.h:
2575         (AbstractMacroAssembler):
2576         (JSC::AbstractMacroAssembler::debugOffset):
2577         * assembler/AssemblerBuffer.h:
2578         (AssemblerBuffer):
2579         (JSC::AssemblerBuffer::debugOffset):
2580         * assembler/LinkBuffer.h:
2581         (LinkBuffer):
2582         (JSC::LinkBuffer::debugSize):
2583         * assembler/MIPSAssembler.h:
2584         (MIPSAssembler):
2585         (JSC::MIPSAssembler::debugOffset):
2586         * assembler/X86Assembler.h:
2587         (X86Assembler):
2588         (JSC::X86Assembler::debugOffset):
2589         (X86InstructionFormatter):
2590         (JSC::X86Assembler::X86InstructionFormatter::debugOffset):
2591         * bytecode/CodeBlock.cpp:
2592         (JSC):
2593         * bytecode/CodeBlock.h:
2594         (CodeBlock):
2595         * bytecode/CodeOrigin.h:
2596         (CodeOrigin):
2597         (JSC):
2598         (JSC::CodeOrigin::inlineStack):
2599         * bytecode/DFGExitProfile.h:
2600         (JSC::DFG::exitKindToString):
2601         * bytecode/DataFormat.h:
2602         (JSC::dataFormatToString):
2603         * bytecode/PredictedType.cpp:
2604         (JSC):
2605         (JSC::predictionToString):
2606         * bytecode/PredictedType.h:
2607         (JSC):
2608         * bytecode/ValueRecovery.h:
2609         (ValueRecovery):
2610         (JSC::ValueRecovery::dump):
2611         * bytecompiler/BytecodeGenerator.cpp:
2612         (JSC):
2613         (JSC::BytecodeGenerator::setDumpsGeneratedCode):
2614         (JSC::BytecodeGenerator::dumpsGeneratedCode):
2615         (JSC::BytecodeGenerator::generate):
2616         * dfg/DFGAbstractValue.h:
2617         (StructureAbstractValue):
2618         (JSC::DFG::StructureAbstractValue::dump):
2619         (AbstractValue):
2620         (JSC::DFG::AbstractValue::dump):
2621         * dfg/DFGAssemblyHelpers.h:
2622         (DFG):
2623         (AssemblyHelpers):
2624         (JSC::DFG::AssemblyHelpers::debugCall):
2625         * dfg/DFGFPRInfo.h:
2626         (FPRInfo):
2627         (JSC::DFG::FPRInfo::debugName):
2628         * dfg/DFGGPRInfo.h:
2629         (GPRInfo):
2630         (JSC::DFG::GPRInfo::debugName):
2631         * dfg/DFGGraph.cpp:
2632         (DFG):
2633         * dfg/DFGGraph.h:
2634         (Graph):
2635         * dfg/DFGNode.h:
2636         (DFG):
2637         (JSC::DFG::arithNodeFlagsAsString):
2638         (Node):
2639         (JSC::DFG::Node::hasIdentifier):
2640         (JSC::DFG::Node::dumpChildren):
2641         * dfg/DFGOSRExit.cpp:
2642         (DFG):
2643         (JSC::DFG::OSRExit::dump):
2644         * dfg/DFGOSRExit.h:
2645         (OSRExit):
2646         * runtime/JSValue.cpp:
2647         (JSC):
2648         (JSC::JSValue::description):
2649         * runtime/JSValue.h:
2650         (JSValue):
2651         * wtf/BitVector.cpp:
2652         (WTF):
2653         (WTF::BitVector::dump):
2654         * wtf/BitVector.h:
2655         (BitVector):
2656
2657 2012-02-02  Oliver Hunt  <oliver@apple.com>
2658
2659         Getters and setters cause line numbers in errors/console.log to be offset for the whole file
2660         https://bugs.webkit.org/show_bug.cgi?id=77675
2661
2662         Reviewed by Timothy Hatcher.
2663
2664         Our default literal parsing logic doesn't handle the extra work required for
2665         getters and setters.  When it encounters one, it rolls back the lexer and 
2666         then switches to a more complete parsing function.  Unfortunately it was only
2667         winding back the character position, and was ignoring the line number and
2668         other lexer data.  This led to every getter and setter causing the line number
2669         to be incorrectly incremented leading to increasingly incorrect numbers for
2670         the rest of the file.
2671
2672         * parser/Parser.cpp:
2673         (JSC::::parseObjectLiteral):
2674
2675 2012-02-02  Andy Wingo  <wingo@igalia.com>
2676
2677         Fix type punning warning in HashTable.h debug builds
2678         https://bugs.webkit.org/show_bug.cgi?id=77422
2679
2680         Reviewed by Gavin Barraclough.
2681
2682         * wtf/HashTable.h (WTF::HashTable::checkKey): Fix type punning
2683         warning appearing in debug builds with gcc-4.6.2 on GNU/Linux.
2684
2685 2012-02-01  Michael Saboff  <msaboff@apple.com>
2686
2687         Yarr crash with regexp replace
2688         https://bugs.webkit.org/show_bug.cgi?id=67454
2689
2690         Reviewed by Gavin Barraclough.
2691
2692         Properly handle the case of a back reference to an unmatched
2693         subpattern by always matching without consuming any characters.
2694
2695         * yarr/YarrInterpreter.cpp:
2696         (JSC::Yarr::Interpreter::matchBackReference):
2697         (JSC::Yarr::Interpreter::backtrackBackReference):
2698
2699 2012-02-01  Gavin Barraclough  <barraclough@apple.com>
2700
2701         calling function on catch block scope containing an eval result in wrong this value being passed
2702         https://bugs.webkit.org/show_bug.cgi?id=77581
2703
2704         Reviewed by Oliver Hunt.
2705
2706         javascript:function F(){ return 'F' in this; }; try { throw F; } catch (e) { eval(""); alert(e()); }
2707
2708         * bytecompiler/NodesCodegen.cpp:
2709         (JSC::TryNode::emitBytecode):
2710         * interpreter/Interpreter.cpp:
2711         (JSC::Interpreter::execute):
2712         * parser/ASTBuilder.h:
2713         (JSC::ASTBuilder::createTryStatement):
2714         * parser/NodeConstructors.h:
2715         (JSC::TryNode::TryNode):
2716         * parser/Nodes.h:
2717         (TryNode):
2718         * parser/Parser.cpp:
2719         (JSC::::parseTryStatement):
2720         * parser/SyntaxChecker.h:
2721         (JSC::SyntaxChecker::createTryStatement):
2722         * runtime/JSObject.h:
2723         (JSObject):
2724         (JSC::JSObject::isStaticScopeObject):
2725         (JSC):
2726
2727 2012-02-01  Oliver Hunt  <oliver@apple.com>
2728
2729         Add support for inferred function names
2730         https://bugs.webkit.org/show_bug.cgi?id=77579
2731
2732         Reviewed by Gavin Barraclough.
2733
2734         Add new "inferred" names to function expressions, getters, and setters.
2735         This property is not exposed to JS, so is only visible in the debugger
2736         and profiler.
2737
2738         * JavaScriptCore.exp:
2739         * bytecompiler/BytecodeGenerator.h:
2740         (JSC::BytecodeGenerator::makeFunction):
2741         * debugger/DebuggerCallFrame.cpp:
2742         (JSC::DebuggerCallFrame::calculatedFunctionName):
2743         * parser/ASTBuilder.h:
2744         (JSC::ASTBuilder::createAssignResolve):
2745         (JSC::ASTBuilder::createGetterOrSetterProperty):
2746         (JSC::ASTBuilder::createProperty):
2747         (JSC::ASTBuilder::makeAssignNode):
2748         * parser/Nodes.h:
2749         (JSC::FunctionBodyNode::setInferredName):
2750         (JSC::FunctionBodyNode::inferredName):
2751         (FunctionBodyNode):
2752         * profiler/Profiler.cpp:
2753         (JSC):
2754         (JSC::Profiler::createCallIdentifier):
2755         (JSC::createCallIdentifierFromFunctionImp):
2756         * runtime/Executable.cpp:
2757         (JSC::FunctionExecutable::FunctionExecutable):
2758         (JSC::FunctionExecutable::fromGlobalCode):
2759         * runtime/Executable.h:
2760         (JSC::FunctionExecutable::create):
2761         (JSC::FunctionExecutable::inferredName):
2762         (FunctionExecutable):
2763         * runtime/JSFunction.cpp:
2764         (JSC::JSFunction::calculatedDisplayName):
2765         (JSC):
2766         (JSC::getCalculatedDisplayName):
2767         * runtime/JSFunction.h:
2768         (JSC):
2769
2770 2012-02-01  Filip Pizlo  <fpizlo@apple.com>
2771
2772         DFG should fold double-to-int conversions
2773         https://bugs.webkit.org/show_bug.cgi?id=77532
2774
2775         Reviewed by Oliver Hunt.
2776         
2777         Performance neutral on major benchmarks. But it makes calling V8's
2778         Math.random() 4x faster.
2779
2780         * bytecode/CodeBlock.cpp:
2781         (JSC):
2782         (JSC::CodeBlock::addOrFindConstant):
2783         * bytecode/CodeBlock.h:
2784         (JSC::CodeBlock::addConstant):
2785         (CodeBlock):
2786         * dfg/DFGAbstractState.cpp:
2787         (JSC::DFG::AbstractState::execute):
2788         * dfg/DFGByteCodeParser.cpp:
2789         (JSC::DFG::ByteCodeParser::toInt32):
2790         (ByteCodeParser):
2791         (JSC::DFG::ByteCodeParser::getJSConstantForValue):
2792         (JSC::DFG::ByteCodeParser::isInt32Constant):
2793         * dfg/DFGGraph.h:
2794         (JSC::DFG::Graph::addShouldSpeculateInteger):
2795         (Graph):
2796         (JSC::DFG::Graph::addImmediateShouldSpeculateInteger):
2797         * dfg/DFGPropagator.cpp:
2798         (JSC::DFG::Propagator::propagateNodePredictions):
2799         (JSC::DFG::Propagator::doRoundOfDoubleVoting):
2800         (JSC::DFG::Propagator::fixupNode):
2801         * dfg/DFGSpeculativeJIT.cpp:
2802         (JSC::DFG::SpeculativeJIT::compileAdd):
2803         (DFG):
2804         (JSC::DFG::SpeculativeJIT::compileArithSub):
2805         * dfg/DFGSpeculativeJIT.h:
2806         (JSC::DFG::SpeculativeJIT::valueOfNumberConstantAsInt32):
2807         (SpeculativeJIT):
2808         * dfg/DFGSpeculativeJIT32_64.cpp:
2809         (JSC::DFG::SpeculativeJIT::compile):
2810         * dfg/DFGSpeculativeJIT64.cpp:
2811         (JSC::DFG::SpeculativeJIT::compile):
2812         * runtime/JSValueInlineMethods.h:
2813         (JSC::JSValue::asDouble):
2814
2815 2012-02-01  Filip Pizlo  <fpizlo@apple.com>
2816
2817         DFG graph dump for GetScopedVar should show the correct prediction
2818         https://bugs.webkit.org/show_bug.cgi?id=77530
2819
2820         Reviewed by Geoff Garen.
2821         
2822         GetScopedVar has a heap prediction, not a variable prediction. But it does
2823         have a variable. Hence we need to check for heap predictions before checking
2824         for variable predictions.
2825
2826         * dfg/DFGGraph.cpp:
2827         (JSC::DFG::Graph::dump):
2828
2829 2012-02-01  Mark Hahnenberg  <mhahnenberg@apple.com>
2830
2831         Replace JSArray destructor with finalizer
2832         https://bugs.webkit.org/show_bug.cgi?id=77488
2833
2834         Reviewed by Geoffrey Garen.
2835
2836         * JavaScriptCore.exp:
2837         * runtime/JSArray.cpp:
2838         (JSC::JSArray::finalize): Added finalizer.
2839         (JSC::JSArray::allocateSparseMap): Factored out code for allocating new sparse maps.
2840         (JSC):
2841         (JSC::JSArray::deallocateSparseMap): Factored out code for deallocating sparse maps.
2842         (JSC::JSArray::enterDictionaryMode): Renamed enterSparseMode to enterDictionaryMode 
2843         because the old name was confusing because we could have a sparse array that never 
2844         called enterSparseMode.
2845         (JSC::JSArray::defineOwnNumericProperty):
2846         (JSC::JSArray::setLengthWritable):
2847         (JSC::JSArray::putByIndexBeyondVectorLength):
2848         (JSC::JSArray::setLength):
2849         (JSC::JSArray::pop):
2850         (JSC::JSArray::sort):
2851         (JSC::JSArray::compactForSorting):
2852         * runtime/JSArray.h:
2853         (JSArray):
2854
2855 2012-02-01  Andy Wingo  <wingo@igalia.com>
2856
2857         Refactor identifier resolution in BytecodeGenerator
2858         https://bugs.webkit.org/show_bug.cgi?id=76285
2859
2860         Reviewed by Geoffrey Garen.
2861
2862         * bytecompiler/BytecodeGenerator.h:
2863         (JSC::ResolveResult): New class, to describe the storage
2864         location corresponding to an identifier in a program.
2865         * bytecompiler/BytecodeGenerator.cpp:
2866         (JSC::BytecodeGenerator::resolve): New function, replacing
2867         findScopedProperty.
2868         (JSC::BytecodeGenerator::resolveConstDecl): New function,
2869         encapsulating what ConstDeclNode::emitBytecode used to do.
2870         (JSC::BytecodeGenerator::emitGetStaticVar):
2871         (JSC::BytecodeGenerator::emitPutStaticVar): New functions,
2872         corresponding to the old emitGetScopedVar and emitPutScopedVar.
2873         (JSC::BytecodeGenerator::registerFor): Remove version that took an
2874         Identifier&; replaced by ResolveResult::local().
2875         (JSC::BytecodeGenerator::emitResolve):
2876         (JSC::BytecodeGenerator::emitResolveBase):
2877         (JSC::BytecodeGenerator::emitResolveBaseForPut):
2878         (JSC::BytecodeGenerator::emitResolveWithBase):
2879         (JSC::BytecodeGenerator::emitResolveWithThis): Change to accept a
2880         "resolveResult" argument.  This is more clear, and reduces the
2881         amount of double analysis happening at compile-time.
2882         * bytecompiler/NodesCodegen.cpp:
2883         (JSC::ResolveNode::emitBytecode):
2884         (JSC::EvalFunctionCallNode::emitBytecode):
2885         (JSC::FunctionCallResolveNode::emitBytecode):
2886         (JSC::PostfixResolveNode::emitBytecode):
2887         (JSC::DeleteResolveNode::emitBytecode):
2888         (JSC::TypeOfResolveNode::emitBytecode):
2889         (JSC::PrefixResolveNode::emitBytecode):
2890         (JSC::ReadModifyResolveNode::emitBytecode):
2891         (JSC::AssignResolveNode::emitBytecode):
2892         (JSC::ConstDeclNode::emitCodeSingle):
2893         (JSC::ForInNode::emitBytecode): Refactor to use the new
2894         ResolveResult structure.
2895
2896 2012-02-01  Csaba Osztrogonác  <ossy@webkit.org>
2897
2898         Implement Error.stack
2899         https://bugs.webkit.org/show_bug.cgi?id=66994
2900
2901         Unreviewed, rolling out r106407.
2902
2903         * JavaScriptCore.exp:
2904         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2905         * interpreter/AbstractPC.cpp:
2906         (JSC::AbstractPC::AbstractPC):
2907         * interpreter/Interpreter.cpp:
2908         (JSC::Interpreter::throwException):
2909         * interpreter/Interpreter.h:
2910         (JSC):
2911         (Interpreter):
2912         * jsc.cpp:
2913         (GlobalObject::finishCreation):
2914         * parser/Parser.h:
2915         (JSC::::parse):
2916         * runtime/CommonIdentifiers.h:
2917         * runtime/Error.cpp:
2918         (JSC::addErrorInfo):
2919         * runtime/Error.h:
2920         (JSC):
2921
2922 2012-01-31  Hajime Morrita  <morrita@chromium.org>
2923
2924         Add missing JS_PRIVATE_EXPORTs
2925         https://bugs.webkit.org/show_bug.cgi?id=77507
2926
2927         Reviewed by Kevin Ollivier.
2928
2929         * heap/MarkedSpace.h:
2930         (MarkedSpace):
2931         * interpreter/Interpreter.h:
2932         (Interpreter):
2933         * runtime/JSValue.h:
2934         (JSValue):
2935         * wtf/text/AtomicString.h:
2936         (WTF::AtomicString::add):
2937         * wtf/text/WTFString.h:
2938         (WTF):
2939
2940 2012-01-31  Geoffrey Garen  <ggaren@apple.com>
2941
2942         Stop using -fomit-frame-pointer
2943         https://bugs.webkit.org/show_bug.cgi?id=77403
2944
2945         Reviewed by Filip Pizlo.
2946         
2947         JavaScriptCore is too fast. I'm just the man to fix it.
2948
2949         * Configurations/JavaScriptCore.xcconfig:
2950
2951 2012-01-31  Michael Saboff  <msaboff@apple.com>
2952
2953         StringProtoFuncToUpperCase should call StringImpl::upper similar to StringProtoToLowerCase
2954         https://bugs.webkit.org/show_bug.cgi?id=76647
2955
2956         Reviewed by Darin Adler.
2957
2958         Changed stringProtoFuncToUpperCase to call StringImpl::upper() in a manor similar
2959         to stringProtoFuncToLowerCase().  Fixed StringImpl::upper() to handle to special
2960         cases.  One case is s-sharp (0xdf) which converts to "SS".  The other case is 
2961         for characters which become 16 bit values when converted to upper case.  For
2962         those, we up convert the the source string and use the 16 bit path.
2963
2964         * runtime/StringPrototype.cpp:
2965         (JSC::stringProtoFuncToUpperCase):
2966         * wtf/text/StringImpl.cpp:
2967         (WTF::StringImpl::upper):
2968         * wtf/unicode/CharacterNames.h:
2969         (smallLetterSharpS): New constant
2970
2971 2012-01-31  Oliver Hunt  <oliver@apple.com>
2972
2973         Remove unneeded sourceId property
2974         https://bugs.webkit.org/show_bug.cgi?id=77495
2975
2976         Reviewed by Filip Pizlo.
2977
2978         sourceId isn't used anymore, so we'll just remove it.
2979
2980         * runtime/Error.cpp:
2981         (JSC):
2982         (JSC::addErrorInfo):
2983         (JSC::hasErrorInfo):
2984
2985 2012-01-31  Oliver Hunt  <oliver@apple.com>
2986
2987         Implement Error.stack
2988         https://bugs.webkit.org/show_bug.cgi?id=66994
2989
2990         Reviewed by Gavin Barraclough.
2991
2992         Original patch by Juan Carlos Montemayor Elosua:
2993             This patch utilizes topCallFrame to create a stack trace when
2994             an error is thrown. Users will also be able to use the stack()
2995             command in jsc to get arrays with stack trace information.
2996
2997         Modified to be correct on ToT, with a variety of correctness,
2998         performance, and security improvements.
2999
3000         * JavaScriptCore.exp:
3001         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3002         * interpreter/Interpreter.cpp:
3003         (JSC::getCallerLine):
3004         (JSC::getSourceURLFromCallFrame):
3005         (JSC::getStackFrameCodeType):
3006         (JSC::Interpreter::getStackTrace):
3007         (JSC::Interpreter::throwException):
3008         * interpreter/Interpreter.h:
3009         (JSC::StackFrame::toString):
3010         * jsc.cpp:
3011         (GlobalObject::finishCreation):
3012         (functionJSCStack):
3013         * parser/Parser.h:
3014         (JSC::Parser::parse):
3015         * runtime/CommonIdentifiers.h:
3016         * runtime/Error.cpp:
3017         (JSC::addErrorInfo):
3018         * runtime/Error.h:
3019
3020 2012-01-31  Scott Graham  <scottmg@chromium.org>
3021
3022         [Chromium] Remove references to gyp cygwin build target
3023         https://bugs.webkit.org/show_bug.cgi?id=77253
3024
3025         Reviewed by Julien Chaffraix.
3026
3027         Target dependency is no longer required, it's done earlier in the
3028         build process.
3029
3030         * JavaScriptCore.gyp/JavaScriptCore.gyp:
3031
3032 2012-01-31  Michael Saboff  <msaboff@apple.com>
3033
3034         ASSERT(m_jumpsToLink.isEmpty()) failing in ARMv7Assembler dtor
3035         https://bugs.webkit.org/show_bug.cgi?id=77443
3036
3037         Reviewed by Gavin Barraclough.
3038
3039         Removed failing ASSERT() and thus destructor.  The ASSERT isn't needed.
3040         We are hitting it in the YARR JIT case where we bail out and go to the
3041         interpreter with a partially JIT'ed function.  Since we haven't linked
3042         the JIT'ed code, there is likely to be some unresolved jumps in the vector
3043         when the ARMv7Assembler destructor is called.  For the case where we
3044         complete the JIT process, we clear the vector at the end of
3045         LinkBuffer::linkCode (LinkBuffer.h:292).
3046
3047         * assembler/ARMv7Assembler.h:
3048         (ARMv7Assembler):
3049
3050 2012-01-31  Anders Carlsson  <andersca@apple.com>
3051
3052         Vector<T>::operator== shouldn't require T to have operator!=
3053         https://bugs.webkit.org/show_bug.cgi?id=77448
3054
3055         Reviewed by Andreas Kling.
3056
3057         Change VectorComparer::compare to use !(a == b) instead of a != b since
3058         it makes more sense for Vector::operator== to use the element's operator==.
3059
3060         * wtf/Vector.h:
3061
3062 2012-01-30  Oliver Hunt  <oliver@apple.com>
3063
3064         get_by_val_arguments is broken in the interpreter
3065         https://bugs.webkit.org/show_bug.cgi?id=77389
3066
3067         Reviewed by Gavin Barraclough.
3068
3069         When get_by_val had wad a value profile added, the same slot was not added to
3070         get_by_val_arguments.  This broke the interpreter as the interpreter falls
3071         back on its regular get_by_val implementation.
3072
3073         No tests are added as the interpreter is fairly broken in its
3074         current state (multiple tests fail due to this bug).
3075
3076         * bytecode/CodeBlock.cpp:
3077         (JSC::CodeBlock::dump):
3078         * bytecode/Opcode.h:
3079         (JSC):
3080         ():
3081         * bytecompiler/BytecodeGenerator.cpp:
3082         (JSC::BytecodeGenerator::emitGetArgumentByVal):
3083
3084 2012-01-30  Oliver Hunt  <oliver@apple.com>
3085
3086         Unexpected syntax error
3087         https://bugs.webkit.org/show_bug.cgi?id=77340
3088
3089         Reviewed by Gavin Barraclough.
3090
3091         Function calls and new expressions have the same semantics for
3092         assignment, so should simply share their lhs handling.
3093
3094         * parser/Parser.cpp:
3095         (JSC::::parseMemberExpression):
3096
3097 2012-01-30  Gavin Barraclough  <barraclough@apple.com>
3098
3099         Unreviewed ARMv7 build fix.
3100
3101         * tools/CodeProfiling.cpp:
3102         (JSC):
3103         (JSC::setProfileTimer):
3104         (JSC::CodeProfiling::begin):
3105         (JSC::CodeProfiling::end):
3106
3107 2012-01-30  David Levin  <levin@chromium.org>
3108
3109         Using OS(WIN) or OS(MAC) should cause a build error.
3110         https://bugs.webkit.org/show_bug.cgi?id=77162
3111
3112         Reviewed by Darin Adler.
3113
3114         * wtf/Platform.h: Expand them into something that will
3115          cause a compile error.
3116
3117 2012-01-30  Yong Li  <yoli@rim.com>
3118
3119         [BlackBerry] OS(QNX) also has TM_GMTOFF, TM_ZONE, and TIMEGM
3120         https://bugs.webkit.org/show_bug.cgi?id=77360
3121
3122         Reviewed by Rob Buis.
3123
3124         Turn on HAVE(TM_GMTOFF), HAVE(TM_ZONE), and HAVE(TIMEGM)
3125         for OS(QNX).
3126
3127         * wtf/Platform.h:
3128
3129 2012-01-30  Gavin Barraclough  <barraclough@apple.com>
3130
3131         Speculative Windows build fix.
3132
3133         * assembler/MacroAssemblerCodeRef.h:
3134         (FunctionPtr):
3135
3136 2012-01-30  Gavin Barraclough  <barraclough@apple.com>
3137
3138         https://bugs.webkit.org/show_bug.cgi?id=77163
3139         MacroAssemblerCodeRef.h uses OS(WIN) instead of OS(WINDOWS)
3140
3141         Rubber stamped by Geoff Garen
3142
3143         * assembler/MacroAssemblerCodeRef.h:
3144
3145 2012-01-30  Gavin Barraclough  <barraclough@apple.com>
3146
3147         Unreviewed build fix for interpreter builds.
3148
3149         * bytecode/CodeBlock.cpp:
3150         (JSC::CodeBlock::CodeBlock):
3151         * bytecode/CodeBlock.h:
3152         (CodeBlock):
3153         * interpreter/Interpreter.cpp:
3154         (JSC::Interpreter::privateExecute):
3155         * tools/CodeProfile.cpp:
3156         (JSC::CodeProfile::sample):
3157
3158 2012-01-30  Gavin Barraclough  <barraclough@apple.com>
3159
3160         Unreviewed build fix following bug#76855
3161
3162         * JavaScriptCore.exp:
3163
3164 2012-01-30  Michael Saboff  <msaboff@apple.com>
3165
3166         CaseFoldingHash::hash() doesn't handle 8 bit strings directly
3167         https://bugs.webkit.org/show_bug.cgi?id=76652
3168
3169         Reviewed by Andreas Kling.
3170
3171         * wtf/text/StringHash.h:
3172         (WTF::CaseFoldingHash::hash): Added 8 bit string code path.
3173
3174 2012-01-30  Michael Saboff  <msaboff@apple.com>
3175
3176         stringProtoFuncReplace converts 8 bit strings to 16 bit during replacement
3177         https://bugs.webkit.org/show_bug.cgi?id=76651
3178
3179         Reviewed by Geoffrey Garen.
3180
3181         Made local function substituteBackreferencesSlow a template function
3182         based on character width.  Cleaned up getCharacters() in both UString
3183         and StringImpl.  Changed getCharacters<UChar> to up convert an 8 bit
3184         string to 16 bits if necessary.
3185
3186         * runtime/StringPrototype.cpp:
3187         (JSC::substituteBackreferencesSlow):
3188         (JSC::substituteBackreferences):
3189         * runtime/UString.h:
3190         (JSC::LChar):
3191         (JSC::UChar):
3192         * wtf/text/StringImpl.h:
3193         (WTF::UChar):
3194
3195 2012-01-30  Gavin Barraclough  <barraclough@apple.com>
3196
3197         Clean up putDirect
3198         https://bugs.webkit.org/show_bug.cgi?id=76232
3199
3200         Reviewed by Sam Weinig.
3201
3202         Part 3 - merge op_put_getter & op_put_setter.
3203
3204         Putting these separately is inefficient (and makes future optimiation,
3205         e.g. making GetterSetter immutable) harder. Change to emit a single
3206         op_put_getter_setter bytecode op. Ultimately we should probably be
3207         able to merge this with put direct, to create a common op to initialize
3208         object literal properties.
3209
3210         * bytecode/CodeBlock.cpp:
3211         (JSC::CodeBlock::dump):
3212         * bytecode/Opcode.h:
3213         (JSC):
3214         ():
3215         * bytecompiler/BytecodeGenerator.cpp:
3216         (JSC::BytecodeGenerator::emitPutGetterSetter):
3217         * bytecompiler/BytecodeGenerator.h:
3218         (BytecodeGenerator):
3219         * bytecompiler/NodesCodegen.cpp:
3220         (JSC::PropertyListNode::emitBytecode):
3221         * interpreter/Interpreter.cpp:
3222         (JSC::Interpreter::privateExecute):
3223         * jit/JIT.cpp:
3224         (JSC::JIT::privateCompileMainPass):
3225         * jit/JIT.h:
3226         (JIT):
3227         * jit/JITPropertyAccess.cpp:
3228         (JSC::JIT::emit_op_put_getter_setter):
3229         * jit/JITPropertyAccess32_64.cpp:
3230         (JSC::JIT::emit_op_put_getter_setter):
3231         * jit/JITStubs.cpp:
3232         (JSC::DEFINE_STUB_FUNCTION):
3233         * jit/JITStubs.h:
3234         ():
3235         * runtime/JSObject.cpp:
3236         (JSC::JSObject::putDirectVirtual):
3237         (JSC::JSObject::putDirectAccessor):
3238         (JSC):
3239         (JSC::putDescriptor):
3240         (JSC::JSObject::defineOwnProperty):
3241         * runtime/JSObject.h:
3242         ():
3243         (JSC::JSObject::putDirectInternal):
3244         (JSC::JSObject::putDirect):
3245         (JSC::JSObject::putDirectWithoutTransition):
3246
3247 2012-01-30  Michael Saboff  <msaboff@apple.com>
3248
3249         Dromaeo tests call parseSimpleLengthValue() on 8 bit strings
3250         https://bugs.webkit.org/show_bug.cgi?id=76649
3251
3252         Reviewed by Geoffrey Garen.
3253
3254         * JavaScriptCore.exp: Added export for charactersToDouble.
3255
3256 2012-01-30  Michael Saboff  <msaboff@apple.com>
3257
3258         WebCore decodeEscapeSequences unnecessarily converts 8 bit strings to 16 bit when decoding.
3259         https://bugs.webkit.org/show_bug.cgi?id=76648
3260
3261         Reviewed by Geoffrey Garen.
3262
3263         Added a new overloaded append member that takes a String& argument, an offest
3264         and a length to do direct sub string appending to a StringBuilder.
3265
3266         * wtf/text/StringBuilder.h:
3267         (WTF::StringBuilder::append):
3268
3269 2012-01-29  Zoltan Herczeg  <zherczeg@webkit.org>
3270
3271         Custom written CSS lexer
3272         https://bugs.webkit.org/show_bug.cgi?id=70107
3273
3274         Reviewed by Antti Koivisto and Oliver Hunt.
3275
3276         Add new helper functions for the custom written CSS lexer.
3277
3278         * wtf/ASCIICType.h:
3279         (WTF::toASCIILowerUnchecked):
3280         (WTF):
3281         (WTF::isASCIIAlphaCaselessEqual):
3282
3283 2012-01-29  Filip Pizlo  <fpizlo@apple.com>
3284
3285         REGRESSION (r105576-r105582): Web Inspector Crash in JSC::JSValue::toString(JSC::ExecState*) const
3286         https://bugs.webkit.org/show_bug.cgi?id=77146
3287         <rdar://problem/10770586>
3288
3289         Reviewed by Oliver Hunt.
3290         
3291         The old JIT expects that the result of the last operation is in the lastResultRegister.  The DFG JIT is
3292         designed to correctly track the lastResultRegister by looking at SetLocal nodes.  However, when the DFG
3293         JIT inlines a code block, it forgets that the inlined code block's result would have been placed in the
3294         lastResultRegister.  Hence if we OSR exit on the first node following the end of an inlined code block
3295         that had a return value, and that first node uses the return value, the old JIT will get massively
3296         confused.  This patch takes a surgical approach: instead of making the DFG smarter, it makes the old
3297         JIT slightly dumber.
3298
3299         * jit/JITCall.cpp:
3300         (JSC::JIT::emit_op_call_put_result):
3301
3302 2012-01-29  Filip Pizlo  <fpizlo@apple.com>
3303
3304         Build fix for Mac non-x64 platforms.
3305
3306         * tools/CodeProfiling.cpp:
3307         (JSC):
3308
3309 2012-01-28  Gavin Barraclough  <barraclough@apple.com>
3310
3311         Reserve 'let'
3312         https://bugs.webkit.org/show_bug.cgi?id=77293
3313
3314         Rubber stamped by Oliver Hunt.
3315
3316         'let' may become a keyword in ES6.  We're going to try experimentally reserving it,
3317         to see if this breaks the web.
3318
3319         * parser/Keywords.table:
3320
3321 2012-01-27  Gavin Barraclough  <barraclough@apple.com>
3322
3323         Implement a JIT-code aware sampling profiler for JSC
3324         https://bugs.webkit.org/show_bug.cgi?id=76855
3325
3326         Reviewed by Oliver Hunt.
3327
3328         To enable the profiler, set the JSC_CODE_PROFILING environment variable to
3329         1 (no tracing the C stack), 2 (trace one level of C code) or 3 (recursively
3330         trace all samples).
3331
3332         The profiler requires -fomit-frame-pointer to be removed from the build flags.
3333
3334         * JavaScriptCore.exp:
3335             - Removed an export.
3336         * JavaScriptCore.xcodeproj/project.pbxproj:
3337             - Added new files
3338         * bytecode/CodeBlock.cpp:
3339             - For baseline codeblocks, cache the result of canCompileWithDFG.
3340         * bytecode/CodeBlock.h:
3341             - For baseline codeblocks, cache the result of canCompileWithDFG.
3342         * jit/ExecutableAllocator.cpp:
3343         (JSC::ExecutableAllocator::initializeAllocator):
3344             - Notify the profiler when the allocator is created.
3345         (JSC::ExecutableAllocator::allocate):
3346             - Inform the allocated of the ownerUID.
3347         * jit/ExecutableAllocatorFixedVMPool.cpp:
3348         (JSC::ExecutableAllocator::initializeAllocator):
3349             - Notify the profiler when the allocator is created.
3350         (JSC::ExecutableAllocator::allocate):
3351             - Inform the allocated of the ownerUID.
3352         * jit/JITStubs.cpp:
3353             - If profiling, don't mask the return address in JIT code.
3354               (We do so to provide nicer backtraces in debug builds).
3355         * runtime/Completion.cpp:
3356         (JSC::evaluate):
3357             - Notify the profiler of script evaluations.
3358         * tools: Added.
3359         * tools/CodeProfile.cpp: Added.
3360         (JSC::symbolName):
3361             - Helper function to get the name of a symbol in the framework.
3362         (JSC::truncateTrace):
3363             - Helper to truncate traces into methods know to have uninformatively deep stacks.
3364         (JSC::CodeProfile::sample):
3365             - Record a stack trace classifying samples.
3366         (JSC::CodeProfile::report):
3367             - {Print profiler output.
3368         * tools/CodeProfile.h: Added.
3369             - new class, captures a set of samples associated with an evaluated script,
3370               and nested to record samples from subscripts.
3371         * tools/CodeProfiling.cpp: Added.
3372         (JSC::CodeProfiling::profilingTimer):
3373             - callback fired then a timer event occurs.
3374         (JSC::CodeProfiling::notifyAllocator):
3375             - called when the executable allocator is constructed.
3376         (JSC::CodeProfiling::getOwnerUIDForPC):
3377             - helper to lookup the codeblock from an address in JIT code
3378         (JSC::CodeProfiling::begin):
3379             - enter a profiling scope.
3380         (JSC::CodeProfiling::end):
3381             - exit a profiling scope.
3382         * tools/CodeProfiling.h: Added.
3383             - new class, instantialed from Completion to define a profiling scope.
3384         * tools/ProfileTreeNode.h: Added.
3385             - new class, used to construct a tree of samples.
3386         * tools/TieredMMapArray.h: Added.
3387             - new class, a malloc-free vector (can be used while the main thread is suspended,
3388               possibly holding the malloc heap lock).
3389         * wtf/MetaAllocator.cpp:
3390         (WTF::MetaAllocatorHandle::MetaAllocatorHandle):
3391         (WTF::MetaAllocator::allocate):
3392             - Allow allocation handles to track information about their owner.
3393         * wtf/MetaAllocator.h:
3394         (MetaAllocator):
3395             - Allow allocation handles to track information about their owner.
3396         * wtf/MetaAllocatorHandle.h:
3397         (MetaAllocatorHandle):
3398         (WTF::MetaAllocatorHandle::ownerUID):
3399             - Allow allocation handles to track information about their owner.
3400         * wtf/OSAllocator.h:
3401         (WTF::OSAllocator::reallocateCommitted):
3402             - reallocate an existing, committed memory allocation.
3403
3404 2012-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
3405
3406         Unreviewed, rolling out r106187.
3407         http://trac.webkit.org/changeset/106187
3408         https://bugs.webkit.org/show_bug.cgi?id=77276
3409
3410         The last rollout was a false charge. (Requested by morrita on
3411         #webkit).
3412
3413         * runtime/ExceptionHelpers.h:
3414         (InterruptedExecutionError):
3415         * runtime/JSBoundFunction.h:
3416         (JSBoundFunction):
3417         * runtime/RegExp.h:
3418         (RegExp):
3419         * runtime/RegExpMatchesArray.h:
3420         (RegExpMatchesArray):
3421
3422 2012-01-28  Sheriff Bot  <webkit.review.bot@gmail.com>
3423
3424         Unreviewed, rolling out r106151.
3425         http://trac.webkit.org/changeset/106151
3426         https://bugs.webkit.org/show_bug.cgi?id=77275
3427
3428         may break windows build (Requested by morrita on #webkit).
3429
3430         * runtime/ExceptionHelpers.h:
3431         (InterruptedExecutionError):
3432         * runtime/JSBoundFunction.h:
3433         (JSBoundFunction):
3434         * runtime/RegExp.h:
3435         (RegExp):
3436         * runtime/RegExpMatchesArray.h:
3437         (RegExpMatchesArray):
3438
3439 2012-01-28  Filip Pizlo  <fpizlo@apple.com>
3440
3441         GC invoked while doing an old JIT property storage reallocation may lead
3442         to an object that refers to a dead structure
3443         https://bugs.webkit.org/show_bug.cgi?id=77273
3444         <rdar://problem/10770565>
3445
3446         Reviewed by Gavin Barraclough.
3447         
3448         The put_by_id transition was already saving the old structure by virtue of
3449         having the object on the stack, so that wasn't going to get deleted. But the
3450         new structure was unprotected in the transition. I've now changed the
3451         transition code to save the new structure, ensuring that the GC will know it
3452         to be marked if invoked from within put_by_id_transition_realloc.
3453
3454         * jit/JITPropertyAccess.cpp:
3455         (JSC::JIT::privateCompile