24d50ac8280801edef5d4ad704f2194e446649dd
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2012-02-28  Dmitry Lomov  <dslomov@google.com>
2
3         [JSC] Implement ArrayBuffer transfer
4         https://bugs.webkit.org/show_bug.cgi?id=73493.
5         Implement ArrayBuffer transfer, per Khronos spec:  http://www.khronos.org/registry/typedarray/specs/latest/#9.
6         This brings parity with V8 implementation of transferable typed arrays.
7
8         Reviewed by Oliver Hunt.
9
10         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Extra export.
11         * wtf/ArrayBuffer.h:
12         (ArrayBuffer): Added extra export.
13
14 2012-02-28  Kevin Ollivier  <kevino@theolliviers.com>
15
16         [wx] Unreviewed. Build fix after recent LLInt additions.
17         
18         * wscript:
19
20 2012-02-28  Mark Hahnenberg  <mhahnenberg@apple.com>
21
22         Refactor SpeculativeJIT::emitAllocateJSFinalObject
23         https://bugs.webkit.org/show_bug.cgi?id=79801
24
25         Reviewed by Filip Pizlo.
26
27         * dfg/DFGSpeculativeJIT.h:
28         (JSC::DFG::SpeculativeJIT::emitAllocateBasicJSObject): Split emitAllocateJSFinalObject out to form this
29         function, which is more generic in that it can allocate a variety of classes.
30         (SpeculativeJIT):
31         (JSC::DFG::SpeculativeJIT::emitAllocateJSFinalObject): Changed to use the new helper function.
32
33 2012-02-28  Gavin Barraclough  <barraclough@apple.com>
34
35         [[Get]]/[[Put]] for primitives should not wrap on strict accessor call
36         https://bugs.webkit.org/show_bug.cgi?id=79588
37
38         Reviewed by Oliver Hunt.
39
40         In the case of [[Get]], this is a pretty trivial bug - just don't wrap
41         primitives at the point you call a getter.
42
43         For setters, this is a little more involved, since we have already wrapped
44         the value up in a synthesized object. Stop doing so. There is also a further
45         subtely, that in strict mode all attempts to create a new data property on
46         the object should throw.
47
48         * runtime/JSCell.cpp:
49         (JSC::JSCell::put):
50             - [[Put]] to a string primitive should use JSValue::putToPrimitive.
51         * runtime/JSObject.cpp:
52         (JSC::JSObject::put):
53             - Remove static function called in one place.
54         * runtime/JSObject.h:
55         (JSC::JSValue::put):
56             - [[Put]] to a non-cell JSValue should use JSValue::putToPrimitive.
57         * runtime/JSValue.cpp:
58         (JSC::JSValue::synthesizePrototype):
59             - Add support for synthesizing the prototype of strings.
60         (JSC::JSValue::putToPrimitive):
61             - Added, implements [[Put]] for primitive bases, per 8.7.2.
62         * runtime/JSValue.h:
63         (JSValue):
64             - Add declaration for JSValue::putToPrimitive.
65         * runtime/PropertySlot.cpp:
66         (JSC::PropertySlot::functionGetter):
67             - Don't call ToObject on primitive this values.
68
69 2012-02-28  Mark Hahnenberg  <mhahnenberg@apple.com>
70
71         Re-enable parallel GC on Mac
72         https://bugs.webkit.org/show_bug.cgi?id=79837
73
74         Rubber stamped by Filip Pizlo.
75
76         * runtime/Options.cpp:
77         (JSC::Options::initializeOptions): We accidentally disabled parallel GC with this line,
78         so we removed it and things should go back to normal.
79
80 2012-02-28  Filip Pizlo  <fpizlo@apple.com>
81
82         Some run-javascriptcore-tests broken for 32-bit debug
83         https://bugs.webkit.org/show_bug.cgi?id=79844
84
85         Rubber stamped by Oliver Hunt.
86         
87         These assertions are just plain wrong for 32-bit. We could either have a massive
88         assertion that depends on value representation, that has to be changed every
89         time we change the JITs, resulting in a bug tail of debug-mode crashes, or we
90         could get rid of the assertions. I pick the latter.
91
92         * dfg/DFGOperations.cpp:
93         * jit/JITStubs.cpp:
94         (JSC::DEFINE_STUB_FUNCTION):
95
96 2012-02-28  Mark Hahnenberg  <mhahnenberg@apple.com>
97
98         Get rid of padding cruft in CopiedBlock
99         https://bugs.webkit.org/show_bug.cgi?id=79686
100
101         Reviewed by Filip Pizlo.
102
103         * heap/CopiedBlock.h:
104         (CopiedBlock): Removed the extra padding that was used for alignment purposes until 
105         the calculation of the payload offset into CopiedBlocks was redone recently.
106
107 2012-02-28  Anders Carlsson  <andersca@apple.com>
108
109         Fix build with newer versions of clang.
110
111         Clang now warns since we're not passing a CFString literal to CFStringCreateWithFormatAndArguments,
112         but it's OK to ignore this warning since clang is also checking that the caller (vprintf_stderr_common)
113         takes a string literal.
114
115         * wtf/Assertions.cpp:
116
117 2012-02-28  Mario Sanchez Prada  <msanchez@igalia.com>
118
119         [GTK] Add GMainLoop and GMainContext to be handled by GRefPtr
120         https://bugs.webkit.org/show_bug.cgi?id=79496
121
122         Reviewed by Martin Robinson.
123
124         Handle GMainLoop and GMainContext in GRefPtr, by calling
125         g_main_loop_(un)ref and g_main_context_(un)ref in the
126         implementation of the refGPtr and derefGPtr template functions.
127
128         * wtf/gobject/GRefPtr.cpp:
129         (WTF::refGPtr):
130         (WTF):
131         (WTF::derefGPtr):
132         * wtf/gobject/GRefPtr.h:
133         (WTF):
134         * wtf/gobject/GTypedefs.h:
135
136 2012-02-28  Yong Li  <yoli@rim.com>
137
138         JSString::resolveRope() should report extra memory cost to the heap.
139         https://bugs.webkit.org/show_bug.cgi?id=79555
140
141         Reviewed by Michael Saboff.
142
143         At the time a JSString is constructed with fibers, it doesn't report
144         extra memory cost, which is reasonable because it hasn't allocate
145         new memory. However when the rope is resolved, it should report meory
146         cost for the new buffer.
147
148         * runtime/JSString.cpp:
149         (JSC::JSString::resolveRope):
150
151 2012-02-27  Oliver Hunt  <oliver@apple.com>
152
153         sputnik/Unicode/Unicode_500/S7.2_A1.6_T1.html crashes in the interpreter
154         https://bugs.webkit.org/show_bug.cgi?id=79728
155
156         Reviewed by Gavin Barraclough.
157
158         When initialising a chained get instruction we may end up in a state where
159         the instruction stream says we have a scopechain, but it has not yet been set
160         (eg. if allocating the StructureChain itself is what leads to the GC).  We could
161         re-order the allocation, but it occurs in a couple of places, so it seems less
162         fragile simply to null check the scopechain slot before we actually visit the slot.
163
164         * bytecode/CodeBlock.cpp:
165         (JSC::CodeBlock::visitStructures):
166
167 2012-02-27  Filip Pizlo  <fpizlo@apple.com>
168
169         Old JIT's style of JSVALUE64 strict equality is subtly wrong
170         https://bugs.webkit.org/show_bug.cgi?id=79700
171
172         Reviewed by Oliver Hunt.
173
174         * assembler/MacroAssemblerX86_64.h:
175         (JSC::MacroAssemblerX86_64::comparePtr):
176         (MacroAssemblerX86_64):
177         * dfg/DFGOperations.cpp:
178         * dfg/DFGSpeculativeJIT.cpp:
179         (JSC::DFG::SpeculativeJIT::nonSpeculativeStrictEq):
180         * dfg/DFGSpeculativeJIT64.cpp:
181         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
182         (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeStrictEq):
183         * jit/JITOpcodes.cpp:
184         (JSC::JIT::compileOpStrictEq):
185         (JSC::JIT::emitSlow_op_stricteq):
186         (JSC::JIT::emitSlow_op_nstricteq):
187         * jit/JITStubs.cpp:
188         (JSC::DEFINE_STUB_FUNCTION):
189
190 2012-02-27  Gavin Barraclough  <barraclough@apple.com>
191
192         Implement support for op_negate and op_bitnot in the DFG JIT
193         https://bugs.webkit.org/show_bug.cgi?id=79617
194
195         Reviewed by Filip Pizlo.
196
197         Add an ArithNegate op to the DFG JIT, to implement op_negate.
198
199         This patch also adds support for op_negate to the JSVALUE64 baseline JIT
200         (JSVALUE32_64 already had this), so that we can profile the slowpath usage.
201
202         This is a 2.5%-3% Sunspider progression and a 1% win on Kraken.
203
204         * assembler/ARMv7Assembler.h:
205         (JSC::ARMv7Assembler::sub_S):
206             - Added sub_S from immediate.
207         (ARMv7Assembler):
208         (JSC::ARMv7Assembler::vneg):
209             - Added double negate.
210         * assembler/MacroAssemblerARMv7.h:
211         (JSC::MacroAssemblerARMv7::negateDouble):
212             - Added double negate.
213         (MacroAssemblerARMv7):
214         (JSC::MacroAssemblerARMv7::branchNeg32):
215             - Added.
216         * assembler/MacroAssemblerX86.h:
217         (MacroAssemblerX86):
218             - moved loadDouble, absDouble to common.
219         * assembler/MacroAssemblerX86Common.h:
220         (MacroAssemblerX86Common):
221         (JSC::MacroAssemblerX86Common::absDouble):
222             - implementation can be shared.
223         (JSC::MacroAssemblerX86Common::negateDouble):
224             - Added.
225         (JSC::MacroAssemblerX86Common::loadDouble):
226             - allow absDouble to have a common implementation.
227         * assembler/MacroAssemblerX86_64.h:
228         (MacroAssemblerX86_64):
229             - moved loadDouble, absDouble to common.
230         * dfg/DFGAbstractState.cpp:
231         (JSC::DFG::AbstractState::execute):
232             - support ArithNegate.
233         * dfg/DFGArithNodeFlagsInferencePhase.cpp:
234         (JSC::DFG::ArithNodeFlagsInferencePhase::propagate):
235             - support ArithNegate.
236         * dfg/DFGByteCodeParser.cpp:
237         (JSC::DFG::ByteCodeParser::makeSafe):
238             - support ArithNegate.
239         (JSC::DFG::ByteCodeParser::parseBlock):
240             - support op_negate.
241         * dfg/DFGCSEPhase.cpp:
242         (JSC::DFG::CSEPhase::performNodeCSE):
243             - support ArithNegate.
244         * dfg/DFGCapabilities.h:
245         (JSC::DFG::canCompileOpcode):
246             - support op_negate.
247         * dfg/DFGGraph.h:
248         (JSC::DFG::Graph::negateShouldSpeculateInteger):
249             - support ArithNegate.
250         * dfg/DFGNode.h:
251         (JSC::DFG::Node::hasArithNodeFlags):
252             - support ArithNegate.
253         * dfg/DFGPredictionPropagationPhase.cpp:
254         (JSC::DFG::PredictionPropagationPhase::propagate):
255             - support ArithNegate.
256         * dfg/DFGSpeculativeJIT.cpp:
257         (JSC::DFG::SpeculativeJIT::compileArithNegate):
258             - support ArithNegate.
259         * dfg/DFGSpeculativeJIT.h:
260         (SpeculativeJIT):
261             - support ArithNegate.
262         * dfg/DFGSpeculativeJIT32_64.cpp:
263         (JSC::DFG::SpeculativeJIT::compile):
264             - support ArithNegate.
265         * dfg/DFGSpeculativeJIT64.cpp:
266         (JSC::DFG::SpeculativeJIT::compile):
267             - support ArithNegate.
268         * jit/JIT.cpp:
269         (JSC::JIT::privateCompileMainPass):
270         (JSC::JIT::privateCompileSlowCases):
271             - Add support for op_negate in JSVALUE64.
272         * jit/JITArithmetic.cpp:
273         (JSC::JIT::emit_op_negate):
274         (JSC::JIT::emitSlow_op_negate):
275             - Add support for op_negate in JSVALUE64.
276
277 2012-02-27  Mahesh Kulkarni  <mahesh.kulkarni@nokia.com>
278
279         Unreviewed. Build fix for linux-bot (qt) after r109021.
280
281         * runtime/Error.cpp:
282
283 2012-02-27  Oliver Hunt  <oliver@apple.com>
284
285         REGRESSION (r108112): AWS Management Console at amazon.com fails to initialize
286         https://bugs.webkit.org/show_bug.cgi?id=79693
287
288         Reviewed by Filip Pizlo.
289
290         Alas we can't provide the stack trace as an array, as despite everyone wanting
291         an array, everyone arbitrarily creates the array by calling split on the stack
292         trace.  To create the array we would have provided them in the first place.
293
294         This changes the exception's stack property to a \n separated string.  To get the
295         old array just do <exception>.stack.split("\n").
296
297         * runtime/Error.cpp:
298         (JSC::addErrorInfo):
299
300 2012-02-27  Gavin Barraclough  <barraclough@apple.com>
301
302         RegExp lastIndex should behave as a regular property
303         https://bugs.webkit.org/show_bug.cgi?id=79446
304
305         Reviewed by Sam Weinig.
306
307         lastIndex should be a regular data descriptor, with the attributes configurable:false,
308         enumerable:false, writable:true. As such, it should be possible to reconfigure writable
309         as false. If the lastIndex property is reconfigured to be read-only, we should respect
310         this correctly.
311
312         * runtime/CommonIdentifiers.h:
313             - Removed some unused identifiers, added lastIndex.
314         * runtime/RegExpObject.cpp:
315         (JSC::RegExpObject::getOwnPropertySlot):
316             - lastIndex is no longer a static value, provided specific handling.
317         (JSC::RegExpObject::getOwnPropertyDescriptor):
318             - lastIndex is no longer a static value, provided specific handling.
319         (JSC::RegExpObject::deleteProperty):
320             - lastIndex is no longer a static value, provided specific handling.
321         (JSC::RegExpObject::getOwnPropertyNames):
322             - lastIndex is no longer a static value, provided specific handling.
323         (JSC::RegExpObject::getPropertyNames):
324             - lastIndex is no longer a static value, provided specific handling.
325         (JSC::reject):
326             - helper function for defineOwnProperty.
327         (JSC::RegExpObject::defineOwnProperty):
328             - lastIndex is no longer a static value, provided specific handling.
329         (JSC::RegExpObject::put):
330             - lastIndex is no longer a static value, provided specific handling.
331         (JSC::RegExpObject::match):
332             - Pass setLastIndex an ExecState, so it can throw if read-only.
333         * runtime/RegExpObject.h:
334         (JSC::RegExpObject::setLastIndex):
335             - Pass setLastIndex an ExecState, so it can throw if read-only.
336         (RegExpObjectData):
337             - Added lastIndexIsWritable.
338         * runtime/RegExpPrototype.cpp:
339         (JSC::regExpProtoFuncCompile):
340             - Pass setLastIndex an ExecState, so it can throw if read-only.
341
342 2012-02-27  Gavin Barraclough  <barraclough@apple.com>
343
344         Implement support for op_negate and op_bitnot in the DFG JIT
345         https://bugs.webkit.org/show_bug.cgi?id=79617
346
347         Reviewed by Sam Weinig.
348
349         Remove op_bitnop - this is redundant, ~x === x^-1.
350         This is a fractional (<1%) progression.
351
352         Remove not32(X) from the MacroAssemblers - make this an optimization to add32(-1, X).
353         Remove CanReuse from the result type - this was unused.
354         Remove op_bitnot.
355
356         * assembler/MacroAssemblerARM.h:
357         (MacroAssemblerARM):
358         (JSC::MacroAssemblerARM::xor32):
359         * assembler/MacroAssemblerARMv7.h:
360         (MacroAssemblerARMv7):
361         (JSC::MacroAssemblerARMv7::xor32):
362         * assembler/MacroAssemblerMIPS.h:
363         (MacroAssemblerMIPS):
364         (JSC::MacroAssemblerMIPS::xor32):
365         * assembler/MacroAssemblerSH4.h:
366         (MacroAssemblerSH4):
367         (JSC::MacroAssemblerSH4::xor32):
368         * assembler/MacroAssemblerX86Common.h:
369         (MacroAssemblerX86Common):
370         (JSC::MacroAssemblerX86Common::xor32):
371         * bytecode/CodeBlock.cpp:
372         (JSC::CodeBlock::dump):
373         * bytecode/Opcode.h:
374         (JSC):
375         (JSC::padOpcodeName):
376         * bytecompiler/NodesCodegen.cpp:
377         (JSC):
378         (JSC::BitwiseNotNode::emitBytecode):
379         * interpreter/Interpreter.cpp:
380         (JSC::Interpreter::privateExecute):
381         * jit/JIT.cpp:
382         (JSC::JIT::privateCompileMainPass):
383         (JSC::JIT::privateCompileSlowCases):
384         * jit/JIT.h:
385         (JIT):
386         * jit/JITArithmetic32_64.cpp:
387         (JSC):
388         * jit/JITOpcodes.cpp:
389         (JSC):
390         * jit/JITStubs.cpp:
391         (JSC):
392         * jit/JITStubs.h:
393         * llint/LLIntSlowPaths.cpp:
394         (LLInt):
395         * llint/LLIntSlowPaths.h:
396         (LLInt):
397         * llint/LowLevelInterpreter32_64.asm:
398         * parser/NodeConstructors.h:
399         (JSC::NegateNode::NegateNode):
400         (JSC::BitwiseNotNode::BitwiseNotNode):
401         (JSC::MultNode::MultNode):
402         (JSC::DivNode::DivNode):
403         (JSC::ModNode::ModNode):
404         (JSC::SubNode::SubNode):
405         (JSC::UnsignedRightShiftNode::UnsignedRightShiftNode):
406         * parser/Nodes.h:
407         (BitwiseNotNode):
408         (JSC::BitwiseNotNode::expr):
409         (JSC):
410         * parser/ResultType.h:
411         (ResultType):
412         (JSC::ResultType::numberTypeIsInt32):
413         (JSC::ResultType::stringOrNumberType):
414         (JSC::ResultType::forAdd):
415         (JSC::ResultType::forBitOp):
416
417 2012-02-27  Michael Saboff  <msaboff@apple.com>
418
419         Error check regexp min quantifier
420         https://bugs.webkit.org/show_bug.cgi?id=70648
421
422         Reviewed by Gavin Barraclough.
423
424         Added checking for min or only quantifier being UINT_MAX.
425         When encountered this becomes a SyntaxError during parsing.
426
427         * yarr/YarrParser.h:
428         (JSC::Yarr::Parser::parseQuantifier):
429         (JSC::Yarr::Parser::parse):
430         (Parser):
431
432 2012-02-27  Carlos Garcia Campos  <cgarcia@igalia.com>
433
434         Unreviewed. Fix make distcheck.
435
436         * GNUmakefile.list.am: Add missing files.
437
438 2012-02-26  Hajime Morrita  <morrita@chromium.org>
439
440         Move ChromeClient::showContextMenu() to ContextMenuClient
441         https://bugs.webkit.org/show_bug.cgi?id=79427
442
443         Reviewed by Adam Barth.
444
445         Added ACCESSIBILITY_CONTEXT_MENUS.
446
447         * wtf/Platform.h:
448
449 2012-02-26  Filip Pizlo  <fpizlo@apple.com>
450
451         LayoutTests/fast/xpath/xpath-functional-test.html is crashing in the DFG
452         https://bugs.webkit.org/show_bug.cgi?id=79616
453
454         Reviewed by Oliver Hunt.
455         
456         Guard against the fact that in JSVALUE64, JSValue().isCell() == true.
457
458         * dfg/DFGAbstractValue.h:
459         (JSC::DFG::AbstractValue::validate):
460
461 2012-02-26  Filip Pizlo  <fpizlo@apple.com>
462
463         DFG should support activations and nested functions
464         https://bugs.webkit.org/show_bug.cgi?id=79554
465
466         Reviewed by Sam Weinig.
467         
468         Fix 32-bit. The 32-bit function+activation code had some really weird
469         register reuse bugs.
470
471         * dfg/DFGSpeculativeJIT32_64.cpp:
472         (JSC::DFG::SpeculativeJIT::compile):
473
474 2012-02-26  Filip Pizlo  <fpizlo@apple.com>
475
476         Getting the instruction stream for a code block should not require two loads
477         https://bugs.webkit.org/show_bug.cgi?id=79608
478
479         Reviewed by Sam Weinig.
480         
481         Introduced the RefCountedArray class, which contains a single inline pointer
482         to a ref-counted non-resizeable vector backing store. This satisfies the
483         requirements of CodeBlock, which desires the ability to share instruction
484         streams with other CodeBlocks. It also reduces the number of loads required
485         for getting the instruction stream by one.
486         
487         This patch also gets rid of the bytecode discarding logic, since we don't
488         use it anymore and it's unlikely to ever work right with DFG or LLInt. And
489         I didn't feel like porting dead code to use RefCountedArray.
490
491         * GNUmakefile.list.am:
492         * JavaScriptCore.xcodeproj/project.pbxproj:
493         * bytecode/CodeBlock.cpp:
494         (JSC::instructionOffsetForNth):
495         (JSC::CodeBlock::dump):
496         (JSC::CodeBlock::CodeBlock):
497         (JSC::CodeBlock::finalizeUnconditionally):
498         (JSC::CodeBlock::handlerForBytecodeOffset):
499         (JSC::CodeBlock::lineNumberForBytecodeOffset):
500         (JSC::CodeBlock::expressionRangeForBytecodeOffset):
501         (JSC::CodeBlock::shrinkToFit):
502         * bytecode/CodeBlock.h:
503         (CodeBlock):
504         (JSC::CodeBlock::numberOfInstructions):
505         (JSC::CodeBlock::instructions):
506         (JSC::CodeBlock::instructionCount):
507         (JSC::CodeBlock::valueProfileForBytecodeOffset):
508         (JSC):
509         * bytecompiler/BytecodeGenerator.cpp:
510         (JSC::Label::setLocation):
511         (JSC):
512         (JSC::BytecodeGenerator::generate):
513         (JSC::BytecodeGenerator::newLabel):
514         * bytecompiler/BytecodeGenerator.h:
515         (JSC):
516         (BytecodeGenerator):
517         (JSC::BytecodeGenerator::instructions):
518         * bytecompiler/Label.h:
519         (JSC::Label::Label):
520         (Label):
521         * dfg/DFGByteCodeCache.h:
522         (JSC::DFG::ByteCodeCache::~ByteCodeCache):
523         (JSC::DFG::ByteCodeCache::get):
524         * jit/JITExceptions.cpp:
525         (JSC::genericThrow):
526         * llint/LowLevelInterpreter32_64.asm:
527         * runtime/Executable.cpp:
528         (JSC::EvalExecutable::compileInternal):
529         (JSC::ProgramExecutable::compileInternal):
530         (JSC::FunctionExecutable::codeBlockWithBytecodeFor):
531         (JSC::FunctionExecutable::produceCodeBlockFor):
532         * wtf/RefCountedArray.h: Added.
533         (WTF):
534         (RefCountedArray):
535         (WTF::RefCountedArray::RefCountedArray):
536         (WTF::RefCountedArray::operator=):
537         (WTF::RefCountedArray::~RefCountedArray):
538         (WTF::RefCountedArray::size):
539         (WTF::RefCountedArray::data):
540         (WTF::RefCountedArray::begin):
541         (WTF::RefCountedArray::end):
542         (WTF::RefCountedArray::at):
543         (WTF::RefCountedArray::operator[]):
544         (Header):
545         (WTF::RefCountedArray::Header::size):
546         (WTF::RefCountedArray::Header::payload):
547         (WTF::RefCountedArray::Header::fromPayload):
548         * wtf/Platform.h:
549
550 2012-02-26  Yusuke Suzuki  <utatane.tea@gmail.com>
551
552         StringLiteral and NumericLiteral are allowed as ObjectLiteral getter / setter name
553         https://bugs.webkit.org/show_bug.cgi?id=79571
554
555         Reviewed by Gavin Barraclough.
556
557         * parser/ASTBuilder.h:
558         (JSC::ASTBuilder::createGetterOrSetterProperty):
559         * parser/Parser.cpp:
560         (JSC::::parseProperty):
561         * parser/SyntaxChecker.h:
562         (JSC::SyntaxChecker::createGetterOrSetterProperty):
563
564 2012-02-26  Mark Hahnenberg  <mhahnenberg@apple.com>
565
566         Implement fast path for op_new_array in the baseline JIT
567         https://bugs.webkit.org/show_bug.cgi?id=78612
568
569         Reviewed by Filip Pizlo.
570
571         heap/CopiedAllocator.h:
572         (CopiedAllocator): Friended the JIT to allow access to m_currentOffset.
573         * heap/CopiedSpace.h:
574         (CopiedSpace): Friended the JIT to allow access to isOversize.
575         (JSC::CopiedSpace::allocator):
576         * heap/Heap.h:
577         (JSC::Heap::storageAllocator): Added a getter for the CopiedAllocator class so the JIT
578         can use it for simple allocation i.e. when we can just bump the offset without having to 
579         do anything else.
580         * jit/JIT.cpp:
581         (JSC::JIT::privateCompileSlowCases): Added new slow case for op_new_array for when
582         we have to bail out because the fast allocation path fails for whatever reason.
583         * jit/JIT.h:
584         (JIT):
585         * jit/JITInlineMethods.h:
586         (JSC::JIT::emitAllocateBasicStorage): Added utility function that allows objects to 
587         allocate generic backing stores. This function is used by emitAllocateJSArray.
588         (JSC):
589         (JSC::JIT::emitAllocateJSArray): Added utility function that allows the client to 
590         more easily allocate JSArrays. This function is used by emit_op_new_array and I expect 
591         it will also be used for emit_op_new_array_buffer.
592         * jit/JITOpcodes.cpp:
593         (JSC::JIT::emit_op_new_array): Changed to do inline allocation of JSArrays. Still does 
594         a stub call for oversize arrays.
595         (JSC):
596         (JSC::JIT::emitSlow_op_new_array): New slow path that just bails out to a stub call if we 
597         fail in any way on the fast path.
598         * runtime/JSArray.cpp:
599         (JSC):
600         * runtime/JSArray.h: Added lots of offset functions for all the fields that we need to 
601         initialize in the JIT.
602         (ArrayStorage):
603         (JSC::ArrayStorage::lengthOffset):
604         (JSC::ArrayStorage::numValuesInVectorOffset):
605         (JSC::ArrayStorage::allocBaseOffset):
606         (JSC::ArrayStorage::vectorOffset):
607         (JSArray):
608         (JSC::JSArray::sparseValueMapOffset):
609         (JSC::JSArray::subclassDataOffset):
610         (JSC::JSArray::indexBiasOffset):
611         (JSC):
612         (JSC::JSArray::storageSize): Moved this function from being a static function in the cpp file
613         to being a static function in the JSArray class. This move allows the JIT to call it to 
614         see what size it should allocate.
615
616 2012-02-26  Patrick Gansterer  <paroga@webkit.org>
617
618         Unreviewed. Build fix for ENABLE(CLASSIC_INTERPRETER) after r108681.
619
620         * interpreter/Interpreter.cpp:
621         (JSC::getLineNumberForCallFrame):
622         (JSC::Interpreter::getStackTrace):
623
624 2012-02-26  Patrick Gansterer  <paroga@webkit.org>
625
626         Unreviewed. Build fix for !ENABLE(JIT) after r108681.
627
628         * interpreter/Interpreter.cpp:
629         (JSC::getLineNumberForCallFrame):
630
631 2012-02-25  Filip Pizlo  <fpizlo@apple.com>
632
633         LLInt assembly file should be split into 32-bit and 64-bit parts
634         https://bugs.webkit.org/show_bug.cgi?id=79584
635
636         Reviewed by Sam Weinig.
637         
638         Moved LowLevelInterpreter.asm to LowLevelInterpreter32_64.asm. Gave offlineasm
639         the ability to include files, and correctly track dependencies: it restricts
640         the include mechanism to using the same directory as the source file, and uses
641         the SHA1 hash of all .asm files in that directory as an input hash.
642
643         * llint/LLIntOfflineAsmConfig.h:
644         * llint/LowLevelInterpreter.asm:
645         * llint/LowLevelInterpreter32_64.asm: Added.
646             - This is just the entire contents of what was previously LowLevelInterpreter.asm
647         * llint/LowLevelInterpreter64.asm: Added.
648         * offlineasm/asm.rb:
649         * offlineasm/ast.rb:
650         * offlineasm/generate_offset_extractor.rb:
651         * offlineasm/parser.rb:
652         * offlineasm/self_hash.rb:
653
654 2012-02-25  Filip Pizlo  <fpizlo@apple.com>
655
656         Offlineasm should support X86_64
657         https://bugs.webkit.org/show_bug.cgi?id=79581
658
659         Reviewed by Oliver Hunt.
660
661         * llint/LLIntOfflineAsmConfig.h:
662         * offlineasm/backends.rb:
663         * offlineasm/instructions.rb:
664         * offlineasm/settings.rb:
665         * offlineasm/x86.rb:
666
667 2012-02-25  Filip Pizlo  <fpizlo@apple.com>
668
669         DFG should support activations and nested functions
670         https://bugs.webkit.org/show_bug.cgi?id=79554
671
672         Reviewed by Oliver Hunt.
673         
674         Wrote the simplest possible implementation of activations. Big speed-up on
675         code that uses activations, no speed-up on major benchmarks (SunSpider, V8,
676         Kraken) because they do not appear to have sufficient coverage over code
677         that uses activations.
678
679         * bytecode/PredictedType.cpp:
680         (JSC::predictionToString):
681         (JSC::predictionFromValue):
682         * bytecode/PredictedType.h:
683         (JSC):
684         (JSC::isEmptyPrediction):
685         * dfg/DFGAbstractState.cpp:
686         (JSC::DFG::AbstractState::execute):
687         * dfg/DFGByteCodeParser.cpp:
688         (JSC::DFG::ByteCodeParser::ByteCodeParser):
689         (ByteCodeParser):
690         (JSC::DFG::ByteCodeParser::parseBlock):
691         (JSC::DFG::ByteCodeParser::buildOperandMapsIfNecessary):
692         (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
693         (JSC::DFG::ByteCodeParser::parse):
694         * dfg/DFGCapabilities.h:
695         (JSC::DFG::canCompileOpcode):
696         (JSC::DFG::canInlineOpcode):
697         * dfg/DFGGraph.h:
698         (JSC::DFG::Graph::needsActivation):
699         * dfg/DFGNode.h:
700         (DFG):
701         (JSC::DFG::Node::storageAccessDataIndex):
702         (Node):
703         (JSC::DFG::Node::hasFunctionDeclIndex):
704         (JSC::DFG::Node::functionDeclIndex):
705         (JSC::DFG::Node::hasFunctionExprIndex):
706         (JSC::DFG::Node::functionExprIndex):
707         * dfg/DFGOperations.cpp:
708         * dfg/DFGOperations.h:
709         * dfg/DFGPredictionPropagationPhase.cpp:
710         (JSC::DFG::PredictionPropagationPhase::propagate):
711         * dfg/DFGSpeculativeJIT.cpp:
712         (JSC::DFG::SpeculativeJIT::compileNewFunctionNoCheck):
713         (DFG):
714         (JSC::DFG::SpeculativeJIT::compileNewFunctionExpression):
715         * dfg/DFGSpeculativeJIT.h:
716         (JSC::DFG::SpeculativeJIT::callOperation):
717         * dfg/DFGSpeculativeJIT32_64.cpp:
718         (JSC::DFG::SpeculativeJIT::compile):
719         * dfg/DFGSpeculativeJIT64.cpp:
720         (JSC::DFG::SpeculativeJIT::compile):
721
722 2012-02-25  Benjamin Poulain  <benjamin@webkit.org>
723
724         Add an empty skeleton of KURL for WTFURL
725         https://bugs.webkit.org/show_bug.cgi?id=78990
726
727         Reviewed by Adam Barth.
728
729         * JavaScriptCore.xcodeproj/project.pbxproj: Export the relevant classes from WTFURL
730         so that can use them in WebCore.
731
732 2012-02-25  Filip Pizlo  <fpizlo@apple.com>
733
734         Unreviewed, fix build for DFG disabled and LLInt enabled.
735
736         * jit/JIT.cpp:
737         (JSC::JIT::privateCompile):
738         * llint/LLIntSlowPaths.cpp:
739         (LLInt):
740         (JSC::LLInt::LLINT_SLOW_PATH_DECL):
741
742 2012-02-25  Mark Hahnenberg  <mhahnenberg@apple.com>
743
744         Fix the CopiedBlock offset alignment in a cross platform fashion
745         https://bugs.webkit.org/show_bug.cgi?id=79556
746
747         Reviewed by Filip Pizlo.
748
749         Replaced m_payload with a payload() method that calculates the offset
750         of the payload with the proper alignment. This change allows us to 
751         avoid alignment-related issues in a cross-platform manner.
752
753         * heap/CopiedAllocator.h:
754         (JSC::CopiedAllocator::currentUtilization):
755         * heap/CopiedBlock.h:
756         (JSC::CopiedBlock::CopiedBlock):
757         (JSC::CopiedBlock::payload):
758         (CopiedBlock):
759         * heap/CopiedSpace.cpp:
760         (JSC::CopiedSpace::doneFillingBlock):
761         * heap/CopiedSpaceInlineMethods.h:
762         (JSC::CopiedSpace::borrowBlock):
763         (JSC::CopiedSpace::allocateFromBlock):
764
765 2012-02-24  Michael Saboff  <msaboff@apple.com>
766
767         Unreviewed, Windows build fix.  Changed signature in export to match
768         change made in r108858.
769
770         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
771
772 2012-02-24  Filip Pizlo  <fpizlo@apple.com>
773
774         DFG support for op_new_regexp should be enabled
775         https://bugs.webkit.org/show_bug.cgi?id=79538
776
777         Reviewed by Oliver Hunt.
778         
779         No performance change.
780
781         * dfg/DFGCapabilities.h:
782         (JSC::DFG::canCompileOpcode):
783         * dfg/DFGCommon.h:
784
785 2012-02-24  Michael Saboff  <msaboff@apple.com>
786
787         ASSERT(position < 0) in JSC::Yarr::Interpreter::InputStream::readChecked
788         https://bugs.webkit.org/show_bug.cgi?id=73728
789
790         Reviewed by Gavin Barraclough.
791
792         Fixed the mixing of signed and unsigned character indeces in YARR
793         interpreter.
794
795         * runtime/RegExp.cpp:
796         (JSC::RegExp::match): Added code to check for match longer than 2^31 and
797         return no match after resetting the offsets.
798         * yarr/YarrInterpreter.cpp: Changed to use unsigned for all character index
799         handling except when matching back references.
800         (JSC::Yarr::Interpreter::InputStream::readChecked):
801         (JSC::Yarr::Interpreter::InputStream::checkInput):
802         (JSC::Yarr::Interpreter::InputStream::uncheckInput):
803         (JSC::Yarr::Interpreter::InputStream::atStart):
804         (JSC::Yarr::Interpreter::InputStream::atEnd):
805         (JSC::Yarr::Interpreter::InputStream::isAvailableInput):
806         (JSC::Yarr::Interpreter::checkCharacter):
807         (JSC::Yarr::Interpreter::checkCasedCharacter):
808         (JSC::Yarr::Interpreter::checkCharacterClass):
809         (JSC::Yarr::Interpreter::tryConsumeBackReference):
810         (JSC::Yarr::Interpreter::matchAssertionBOL):
811         (JSC::Yarr::Interpreter::matchAssertionWordBoundary):
812         (JSC::Yarr::Interpreter::backtrackPatternCharacter):
813         (JSC::Yarr::Interpreter::backtrackPatternCasedCharacter):
814         (JSC::Yarr::Interpreter::matchCharacterClass):
815         (JSC::Yarr::Interpreter::backtrackCharacterClass):
816         (JSC::Yarr::Interpreter::matchParenthesesOnceBegin):
817         (JSC::Yarr::Interpreter::matchDisjunction):
818         (JSC::Yarr::Interpreter::interpret):
819         (JSC::Yarr::ByteCompiler::assertionBOL):
820         (JSC::Yarr::ByteCompiler::assertionEOL):
821         (JSC::Yarr::ByteCompiler::assertionWordBoundary):
822         (JSC::Yarr::ByteCompiler::atomPatternCharacter):
823         (JSC::Yarr::ByteCompiler::atomCharacterClass):
824         (JSC::Yarr::ByteCompiler::atomBackReference):
825         (JSC::Yarr::ByteCompiler::atomParenthesesOnceBegin):
826         (JSC::Yarr::ByteCompiler::atomParenthesesTerminalBegin):
827         (JSC::Yarr::ByteCompiler::atomParenthesesSubpatternBegin):
828         (JSC::Yarr::ByteCompiler::atomParentheticalAssertionEnd):
829         (JSC::Yarr::ByteCompiler::emitDisjunction):
830         * yarr/YarrInterpreter.h:
831
832 2012-02-24  Filip Pizlo  <fpizlo@apple.com>
833
834         Unreviewed, build fix for builds where the DFG is disabled but the LLInt is
835         enabled.
836
837         * llint/LLIntOfflineAsmConfig.h:
838         * llint/LowLevelInterpreter.asm:
839
840 2012-02-24  Filip Pizlo  <fpizlo@apple.com>
841
842         DFG should be able to handle variables getting captured
843         https://bugs.webkit.org/show_bug.cgi?id=79469
844
845         Reviewed by Oliver Hunt.
846         
847         Made captured variables work by placing a Flush on the SetLocal and
848         forcing the emission of the GetLocal even if copy propagation tells us
849         who has the value.
850         
851         Changed the CFA and various prediction codes to understand that we can't
852         really prove anything about captured variables. Well, we could in the
853         future by just looking at what side effects are happening, but in this
854         first cut we just assume that we can't reason about captured variables.
855         
856         Also added a mode where the DFG pretends that all variables and arguments
857         got captured. Used this mode to harden the code.
858         
859         This is performance neutral. Capturing all variables is a slow down, but
860         not too big of one. This seems to predict that when we add activation
861         support, the amount of speed benefit we'll get from increased coverage
862         will far outweigh the pessimism that we'll have to endure for captured
863         variables.
864
865         * bytecode/CodeType.h:
866         (JSC::codeTypeToString):
867         * dfg/DFGAbstractState.cpp:
868         (JSC::DFG::AbstractState::initialize):
869         (JSC::DFG::AbstractState::endBasicBlock):
870         (JSC::DFG::AbstractState::execute):
871         (JSC::DFG::AbstractState::merge):
872         * dfg/DFGAbstractState.h:
873         (AbstractState):
874         * dfg/DFGByteCodeParser.cpp:
875         (JSC::DFG::ByteCodeParser::getLocal):
876         (JSC::DFG::ByteCodeParser::setLocal):
877         (JSC::DFG::ByteCodeParser::getArgument):
878         (JSC::DFG::ByteCodeParser::setArgument):
879         (JSC::DFG::ByteCodeParser::flushArgument):
880         (JSC::DFG::ByteCodeParser::handleInlining):
881         (JSC::DFG::ByteCodeParser::processPhiStack):
882         (JSC::DFG::ByteCodeParser::parseCodeBlock):
883         (JSC::DFG::ByteCodeParser::parse):
884         * dfg/DFGCapabilities.h:
885         (JSC::DFG::mightInlineFunctionForCall):
886         (JSC::DFG::mightInlineFunctionForConstruct):
887         * dfg/DFGCommon.h:
888         * dfg/DFGGraph.h:
889         (JSC::DFG::Graph::needsActivation):
890         (Graph):
891         (JSC::DFG::Graph::argumentIsCaptured):
892         (JSC::DFG::Graph::localIsCaptured):
893         (JSC::DFG::Graph::isCaptured):
894         * dfg/DFGNode.h:
895         (JSC::DFG::Node::shouldGenerate):
896         * dfg/DFGPredictionPropagationPhase.cpp:
897         (JSC::DFG::PredictionPropagationPhase::propagate):
898         (JSC::DFG::PredictionPropagationPhase::doRoundOfDoubleVoting):
899         * dfg/DFGSpeculativeJIT.cpp:
900         (DFG):
901         (JSC::DFG::ValueSource::dump):
902         (JSC::DFG::SpeculativeJIT::compile):
903         * dfg/DFGSpeculativeJIT.h:
904         (ValueSource):
905         * dfg/DFGSpeculativeJIT32_64.cpp:
906         (JSC::DFG::SpeculativeJIT::compile):
907         * dfg/DFGSpeculativeJIT64.cpp:
908         (JSC::DFG::SpeculativeJIT::compile):
909         * dfg/DFGVirtualRegisterAllocationPhase.cpp:
910         (JSC::DFG::VirtualRegisterAllocationPhase::run):
911
912 2012-02-24  Gavin Barraclough  <barraclough@apple.com>
913
914         Should not allow malformed \x escapes
915         https://bugs.webkit.org/show_bug.cgi?id=79462
916
917         Reviewed by Oliver Hunt.
918
919         * parser/Lexer.cpp:
920         (JSC::::parseString):
921         (JSC::::parseStringSlowCase):
922             - Prohibit malformed '\x' escapes
923         * tests/mozilla/ecma/Array/15.4.5.1-1.js:
924         * tests/mozilla/ecma/LexicalConventions/7.7.4.js:
925         * tests/mozilla/ecma_2/RegExp/hex-001.js:
926         * tests/mozilla/js1_2/regexp/hexadecimal.js:
927             - Remove erroneous test cases (correct behaviour is tested by LayoutTests/sputnik).
928
929 2012-02-24  Daniel Bates  <dbates@webkit.org>
930
931         Fix change log entry for changeset r108819; add bug URL
932         https://bugs.webkit.org/show_bug.cgi?id=79504
933
934         Changeset r108819 is associated with bug #79504.
935
936         * ChangeLog
937
938 2012-02-24  Daniel Bates  <dbates@webkit.org>
939
940         Substitute ENABLE(CLASSIC_INTERPRETER) for ENABLE(INTERPRETER) in Interpreter.cpp
941         https://bugs.webkit.org/show_bug.cgi?id=79504
942
943         Reviewed by Oliver Hunt.
944
945         There are a few places in Interpreter.cpp that need to be updated to use
946         ENABLE(CLASSIC_INTERPRETER) following the renaming of ENABLE_INTERPRETER to
947         ENABLE_CLASSIC_INTERPRETER in changeset <http://trac.webkit.org/changeset/108020>
948         (https://bugs.webkit.org/show_bug.cgi?id=78791).
949
950         * interpreter/Interpreter.cpp:
951         (JSC::getLineNumberForCallFrame):
952         (JSC::getCallerInfo):
953         (JSC::getSourceURLFromCallFrame):
954
955 2012-02-24  Adam Roben  <aroben@apple.com>
956
957         Undo the BUILDING_WTF part of r108808
958
959         This broke the build, which is obviously worse than the linker warning it was trying to
960         solve.
961
962         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
963
964 2012-02-24  Adam Roben  <aroben@apple.com>
965
966         Fix linker warnings on Windows
967
968         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Removed symbols that are already
969         exported via JS_EXPORTDATA.
970
971         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops: Define BUILDING_WTF. We
972         aren't actually building WTF, but we are statically linking it, so we need to define this
973         symbol so that we export WTF's exports.
974
975 2012-02-24  Philippe Normand  <pnormand@igalia.com>
976
977         Fix GTK WebAudio build for WebKitGTK 1.7.90.
978
979         Patch by Priit Laes <plaes@plaes.org> on 2012-02-24
980         Rubber-stamped by Philippe Normand.
981
982         * GNUmakefile.list.am: Add Complex.h to the list of files so it
983         gets disted in the tarballs.
984
985 2012-02-24  Zoltan Herczeg  <zherczeg@webkit.org>
986
987         [Qt] Buildfix for "Zero out CopiedBlocks on initialization".
988         https://bugs.webkit.org/show_bug.cgi?id=79199
989
990         Ruber stamped by Csaba Osztrogonác.
991
992         Temporary fix since the new member wastes a little space on
993         64 bit systems. Although it is harmless, it is only needed
994         for 32 bit systems.
995
996         * heap/CopiedBlock.h:
997         (CopiedBlock):
998
999 2012-02-24  Han Hojong  <hojong.han@samsung.com>
1000
1001         Remove useless jump instructions for short circuit
1002         https://bugs.webkit.org/show_bug.cgi?id=75602
1003
1004         Reviewed by Michael Saboff.
1005
1006         Jump instruction is inserted to make short circuit, 
1007         however it does nothing but moving to the next instruction.
1008         Therefore useless jump instructions are removed, 
1009         and jump list is moved into the case not for a short circuit,
1010         so that only necessary instructions are added to JIT code
1011         unless it has a 16 bit pattern character and an 8 bit string.
1012
1013         * yarr/YarrJIT.cpp:
1014         (JSC::Yarr::YarrGenerator::generatePatternCharacterGreedy):
1015         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterNonGreedy):
1016
1017 2012-02-24  Sheriff Bot  <webkit.review.bot@gmail.com>
1018
1019         Unreviewed, rolling out r108731.
1020         http://trac.webkit.org/changeset/108731
1021         https://bugs.webkit.org/show_bug.cgi?id=79464
1022
1023         Broke Chromium Win tests (Requested by bashi on #webkit).
1024
1025         * wtf/Platform.h:
1026
1027 2012-02-24  Andrew Lo  <anlo@rim.com>
1028
1029         [BlackBerry] Enable requestAnimationFrame
1030         https://bugs.webkit.org/show_bug.cgi?id=79408
1031
1032         Use timer implementation of requestAnimationFrame on BlackBerry.
1033
1034         Reviewed by Rob Buis.
1035
1036         * wtf/Platform.h:
1037
1038 2012-02-24  Mathias Bynens  <mathias@qiwi.be>
1039
1040         `\u200c` and `\u200d` should be allowed in IdentifierPart, as per ES5
1041         https://bugs.webkit.org/show_bug.cgi?id=78908
1042
1043         Add additional checks for zero-width non-joiner (0x200C) and
1044         zero-width joiner (0x200D) characters.
1045
1046         Reviewed by Michael Saboff.
1047
1048         * parser/Lexer.cpp:
1049         (JSC::isNonASCIIIdentPart)
1050         * runtime/LiteralParser.cpp:
1051         (JSC::::Lexer::lexIdentifier)
1052
1053 2012-02-23  Kenichi Ishibashi  <bashi@chromium.org>
1054
1055         Adding WebSocket per-frame DEFLATE extension
1056         https://bugs.webkit.org/show_bug.cgi?id=77522
1057
1058         Added USE(ZLIB) flag.
1059
1060         Reviewed by Kent Tamura.
1061
1062         * wtf/Platform.h:
1063
1064 2012-02-23  Mark Hahnenberg  <mhahnenberg@apple.com>
1065
1066         Zero out CopiedBlocks on initialization
1067         https://bugs.webkit.org/show_bug.cgi?id=79199
1068
1069         Reviewed by Filip Pizlo.
1070
1071         Made CopyBlocks zero their payloads during construction. This allows 
1072         JSArray to avoid having to manually clear its backing store upon allocation
1073         and also alleviates any future pain with regard to the garbage collector trying 
1074         to mark what it thinks are values in what is actually uninitialized memory.
1075
1076         * heap/CopiedBlock.h:
1077         (JSC::CopiedBlock::CopiedBlock):
1078         * runtime/JSArray.cpp:
1079         (JSC::JSArray::finishCreation):
1080         (JSC::JSArray::tryFinishCreationUninitialized):
1081         (JSC::JSArray::increaseVectorLength):
1082         (JSC::JSArray::unshiftCountSlowCase):
1083
1084 2012-02-23  Oliver Hunt  <oliver@apple.com>
1085
1086         Make Interpreter::getStackTrace be able to generate the line number for the top callframe if none is provided
1087         https://bugs.webkit.org/show_bug.cgi?id=79407
1088
1089         Reviewed by Gavin Barraclough.
1090
1091         Outside of exception handling, we don't know what our source line number is.  This
1092         change allows us to pass -1 is as the initial line number, and get the correct line
1093         number in the resultant stack trace.  We can't completely elide the initial line
1094         number (yet) due to some idiosyncrasies of the exception handling machinery.
1095
1096         * interpreter/Interpreter.cpp:
1097         (JSC::getLineNumberForCallFrame):
1098         (JSC):
1099         (JSC::Interpreter::getStackTrace):
1100
1101 2012-02-22  Filip Pizlo  <fpizlo@apple.com>
1102
1103         DFG OSR exit value profiling should have graceful handling of local variables and arguments
1104         https://bugs.webkit.org/show_bug.cgi?id=79310
1105
1106         Reviewed by Gavin Barraclough.
1107         
1108         Previously, if we OSR exited because a prediction in a local was wrong, we'd
1109         only realize what the true type of the local was if the regular value profiling
1110         kicked in and told us. Unless the local was block-locally copy propagated, in
1111         which case we'd know from an OSR exit profile.
1112         
1113         This patch adds OSR exit profiling to all locals and arguments. Now, if we OSR
1114         exit because of a mispredicted local or argument type, we'll know what the type of
1115         the local or argument should be immediately upon exiting.
1116         
1117         The way that local variable OSR exit profiling works is that we now have a lazily
1118         added set of OSR-exit-only value profiles for exit sites that are BadType and that
1119         cited a GetLocal as their value source. The value profiles are only added if the
1120         OSR exit is taken, and are keyed by CodeBlock, bytecode index of the GetLocal, and
1121         operand. The look-up is performed by querying the
1122         CompressedLazyOperandValueProfileHolder in the CodeBlock, using a key that contains
1123         the bytecode index and the operand. Because the value profiles are added at random
1124         times, they are not sorted; instead they are just stored in an arbitrarily-ordered
1125         SegmentedVector. Look-ups are made fast by "decompressing": the DFG::ByteCodeParser
1126         creates a LazyOperandValueProfileParser, which turns the
1127         CompressedLazyOperandValueProfileHolder's contents into a HashMap for the duration
1128         of DFG parsing.
1129         
1130         Previously, OSR exits had a pointer to the ValueProfile that had the specFailBucket
1131         into which values observed during OSR exit would be placed. Now it uses a lazy
1132         thunk for a ValueProfile. I call this the MethodOfGettingAValueProfile. It may
1133         either contain a ValueProfile inside it (which works for previous uses of OSR exit
1134         profiling) or it may just have knowledge of how to go about creating the
1135         LazyOperandValueProfile in the case that the OSR exit is actually taken. This
1136         ensures that we never have to create NumOperands*NumBytecodeIndices*NumCodeBlocks
1137         value profiling buckets unless we actually did OSR exit on every single operand,
1138         in every single instruction, in each code block (that's probably unlikely).
1139         
1140         This appears to be neutral on the major benchmarks, but is a double-digit speed-up
1141         on code deliberately written to have data flow that spans basic blocks and where
1142         the code exhibits post-optimization polymorphism in a local variable.
1143
1144         * CMakeLists.txt:
1145         * GNUmakefile.list.am:
1146         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1147         * JavaScriptCore.xcodeproj/project.pbxproj:
1148         * Target.pri:
1149         * bytecode/CodeBlock.cpp:
1150         (JSC::CodeBlock::stronglyVisitStrongReferences):
1151         * bytecode/CodeBlock.h:
1152         (CodeBlock):
1153         (JSC::CodeBlock::lazyOperandValueProfiles):
1154         * bytecode/LazyOperandValueProfile.cpp: Added.
1155         (JSC):
1156         (JSC::CompressedLazyOperandValueProfileHolder::CompressedLazyOperandValueProfileHolder):
1157         (JSC::CompressedLazyOperandValueProfileHolder::~CompressedLazyOperandValueProfileHolder):
1158         (JSC::CompressedLazyOperandValueProfileHolder::computeUpdatedPredictions):
1159         (JSC::CompressedLazyOperandValueProfileHolder::add):
1160         (JSC::LazyOperandValueProfileParser::LazyOperandValueProfileParser):
1161         (JSC::LazyOperandValueProfileParser::~LazyOperandValueProfileParser):
1162         (JSC::LazyOperandValueProfileParser::getIfPresent):
1163         (JSC::LazyOperandValueProfileParser::prediction):
1164         * bytecode/LazyOperandValueProfile.h: Added.
1165         (JSC):
1166         (LazyOperandValueProfileKey):
1167         (JSC::LazyOperandValueProfileKey::LazyOperandValueProfileKey):
1168         (JSC::LazyOperandValueProfileKey::operator!):
1169         (JSC::LazyOperandValueProfileKey::operator==):
1170         (JSC::LazyOperandValueProfileKey::hash):
1171         (JSC::LazyOperandValueProfileKey::bytecodeOffset):
1172         (JSC::LazyOperandValueProfileKey::operand):
1173         (JSC::LazyOperandValueProfileKey::isHashTableDeletedValue):
1174         (JSC::LazyOperandValueProfileKeyHash::hash):
1175         (JSC::LazyOperandValueProfileKeyHash::equal):
1176         (LazyOperandValueProfileKeyHash):
1177         (WTF):
1178         (JSC::LazyOperandValueProfile::LazyOperandValueProfile):
1179         (LazyOperandValueProfile):
1180         (JSC::LazyOperandValueProfile::key):
1181         (CompressedLazyOperandValueProfileHolder):
1182         (LazyOperandValueProfileParser):
1183         * bytecode/MethodOfGettingAValueProfile.cpp: Added.
1184         (JSC):
1185         (JSC::MethodOfGettingAValueProfile::fromLazyOperand):
1186         (JSC::MethodOfGettingAValueProfile::getSpecFailBucket):
1187         * bytecode/MethodOfGettingAValueProfile.h: Added.
1188         (JSC):
1189         (MethodOfGettingAValueProfile):
1190         (JSC::MethodOfGettingAValueProfile::MethodOfGettingAValueProfile):
1191         (JSC::MethodOfGettingAValueProfile::operator!):
1192         * bytecode/ValueProfile.cpp: Removed.
1193         * bytecode/ValueProfile.h:
1194         (JSC):
1195         (ValueProfileBase):
1196         (JSC::ValueProfileBase::ValueProfileBase):
1197         (JSC::ValueProfileBase::dump):
1198         (JSC::ValueProfileBase::computeUpdatedPrediction):
1199         (JSC::MinimalValueProfile::MinimalValueProfile):
1200         (ValueProfileWithLogNumberOfBuckets):
1201         (JSC::ValueProfileWithLogNumberOfBuckets::ValueProfileWithLogNumberOfBuckets):
1202         (JSC::ValueProfile::ValueProfile):
1203         (JSC::getValueProfileBytecodeOffset):
1204         (JSC::getRareCaseProfileBytecodeOffset):
1205         * dfg/DFGByteCodeParser.cpp:
1206         (ByteCodeParser):
1207         (JSC::DFG::ByteCodeParser::injectLazyOperandPrediction):
1208         (JSC::DFG::ByteCodeParser::getLocal):
1209         (JSC::DFG::ByteCodeParser::getArgument):
1210         (InlineStackEntry):
1211         (JSC::DFG::ByteCodeParser::fixVariableAccessPredictions):
1212         (DFG):
1213         (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
1214         (JSC::DFG::ByteCodeParser::parse):
1215         * dfg/DFGDriver.cpp:
1216         (JSC::DFG::compile):
1217         * dfg/DFGGraph.h:
1218         (JSC::DFG::Graph::valueProfileFor):
1219         (JSC::DFG::Graph::methodOfGettingAValueProfileFor):
1220         (Graph):
1221         * dfg/DFGNode.h:
1222         (Node):
1223         * dfg/DFGOSRExit.cpp:
1224         (JSC::DFG::OSRExit::OSRExit):
1225         * dfg/DFGOSRExit.h:
1226         (OSRExit):
1227         * dfg/DFGOSRExitCompiler32_64.cpp:
1228         (JSC::DFG::OSRExitCompiler::compileExit):
1229         * dfg/DFGOSRExitCompiler64.cpp:
1230         (JSC::DFG::OSRExitCompiler::compileExit):
1231         * dfg/DFGPhase.cpp:
1232         (JSC::DFG::Phase::beginPhase):
1233         (JSC::DFG::Phase::endPhase):
1234         * dfg/DFGSpeculativeJIT.cpp:
1235         (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
1236         * dfg/DFGSpeculativeJIT.h:
1237         (JSC::DFG::SpeculativeJIT::speculationCheck):
1238         * dfg/DFGVariableAccessData.h:
1239         (JSC::DFG::VariableAccessData::nonUnifiedPrediction):
1240         (VariableAccessData):
1241
1242 2012-02-23  Filip Pizlo  <fpizlo@apple.com>
1243
1244         Build fix.
1245
1246         * llint/LLIntOffsetsExtractor.cpp:
1247
1248 2012-02-23  Kevin Ollivier  <kevino@theolliviers.com>
1249
1250         [wx] Build fix, disable LLINT for now and fix ENABLE defines for it.
1251
1252         * llint/LLIntOffsetsExtractor.cpp:
1253         * wtf/Platform.h:
1254
1255 2012-02-23  Kevin Ollivier  <kevino@theolliviers.com>
1256
1257         [wx] Build fix for non-Mac wx builds.
1258
1259         * runtime/DatePrototype.cpp:
1260
1261 2012-02-22  Filip Pizlo  <fpizlo@apple.com>
1262
1263         DFG's logic for emitting a Flush is too convoluted and contains an inaccurate comment
1264         https://bugs.webkit.org/show_bug.cgi?id=79334
1265
1266         Reviewed by Oliver Hunt.
1267
1268         * dfg/DFGByteCodeParser.cpp:
1269         (JSC::DFG::ByteCodeParser::getLocal):
1270         (JSC::DFG::ByteCodeParser::getArgument):
1271         (JSC::DFG::ByteCodeParser::flush):
1272
1273 2012-02-23  Gavin Barraclough  <barraclough@apple.com>
1274
1275         Object.isSealed / Object.isFrozen don't work for native objects
1276         https://bugs.webkit.org/show_bug.cgi?id=79331
1277
1278         Reviewed by Sam Weinig.
1279
1280         Need to inspect all properties, including static ones.
1281         This exposes a couple of bugs in Array & Arguments:
1282             - getOwnPropertyDescriptor doesn't correctly report the writable attribute of array length.
1283             - Arguments object's defineOwnProperty does not handle callee/caller/length correctly.
1284
1285         * runtime/Arguments.cpp:
1286         (JSC::Arguments::defineOwnProperty):
1287             - Add handling for callee/caller/length.
1288         * runtime/JSArray.cpp:
1289         (JSC::JSArray::getOwnPropertyDescriptor):
1290             - report length's writability correctly.
1291         * runtime/ObjectConstructor.cpp:
1292         (JSC::objectConstructorSeal):
1293         (JSC::objectConstructorFreeze):
1294         (JSC::objectConstructorIsSealed):
1295         (JSC::objectConstructorIsFrozen):
1296             - Add spec-based implementation for non-final objects.
1297
1298 2012-02-23  Gavin Barraclough  <barraclough@apple.com>
1299
1300         pop of array hole should get from the prototype chain
1301         https://bugs.webkit.org/show_bug.cgi?id=79338
1302
1303         Reviewed by Sam Weinig.
1304
1305         * runtime/JSArray.cpp:
1306         (JSC::JSArray::pop):
1307             - If the fast fast vector case fails, more closely follow the spec.
1308
1309 2012-02-23  Yong Li  <yoli@rim.com>
1310
1311         JSString::outOfMemory() should ASSERT(isRope()) rather than !isRope()
1312         https://bugs.webkit.org/show_bug.cgi?id=79268
1313
1314         Reviewed by Michael Saboff.
1315
1316         resolveRope() is the only caller of outOfMemory(), and it calls outOfMemory()
1317         after it fails to allocate a buffer for m_value. So outOfMemory() should assert
1318         isRope() rather than !isRope().
1319
1320         * runtime/JSString.cpp:
1321         (JSC::JSString::outOfMemory):
1322
1323 2012-02-23  Patrick Gansterer  <paroga@webkit.org>
1324
1325         [CMake] Add WEBKIT_INCLUDE_CONFIG_FILES_IF_EXISTS macro
1326         https://bugs.webkit.org/show_bug.cgi?id=79371
1327
1328         Reviewed by Daniel Bates.
1329
1330         * CMakeLists.txt:
1331         * shell/CMakeLists.txt:
1332         * wtf/CMakeLists.txt:
1333
1334 2012-02-23  Aron Rosenberg  <arosenberg@logitech.com>
1335
1336         Fix the PRI macros used in WTF::String formatters to be compatible with Qt and Visual Studio 2005 and newer.
1337         https://bugs.webkit.org/show_bug.cgi?id=76210
1338
1339         Add compile time check for Visual Studio 2005 or newer.
1340
1341         Reviewed by Simon Hausmann.
1342
1343         * os-win32/inttypes.h:
1344
1345 2012-02-22  Gavin Barraclough  <barraclough@apple.com>
1346
1347         Implement [[DefineOwnProperty]] for the arguments object
1348         https://bugs.webkit.org/show_bug.cgi?id=79309
1349
1350         Reviewed by Sam Weinig.
1351
1352         * runtime/Arguments.cpp:
1353         (JSC::Arguments::deletePropertyByIndex):
1354         (JSC::Arguments::deleteProperty):
1355             - Deleting an argument should also delete the copy on the object, if any.
1356         (JSC::Arguments::defineOwnProperty):
1357             - Defining a property may override the live mapping.
1358         * runtime/Arguments.h:
1359         (Arguments):
1360
1361 2012-02-22  Gavin Barraclough  <barraclough@apple.com>
1362
1363         Fix Object.freeze for non-final objects.
1364         https://bugs.webkit.org/show_bug.cgi?id=79286
1365
1366         Reviewed by Oliver Hunt.
1367
1368         For vanilla objects we implement this with a single transition, for objects
1369         with special properties we should just follow the spec defined algorithm.
1370
1371         * runtime/JSArray.cpp:
1372         (JSC::SparseArrayValueMap::put):
1373             - this does need to handle inextensible objects.
1374         * runtime/ObjectConstructor.cpp:
1375         (JSC::objectConstructorSeal):
1376         (JSC::objectConstructorFreeze):
1377             - Implement spec defined algorithm for non-final objects.
1378         * runtime/Structure.cpp:
1379         (JSC::Structure::Structure):
1380         (JSC::Structure::freezeTransition):
1381             - freeze should set m_hasReadOnlyOrGetterSetterPropertiesExcludingProto.
1382         * runtime/Structure.h:
1383         (JSC::Structure::hasReadOnlyOrGetterSetterPropertiesExcludingProto):
1384         (JSC::Structure::setHasGetterSetterProperties):
1385         (JSC::Structure::setContainsReadOnlyProperties):
1386         (Structure):
1387             - renamed m_hasReadOnlyOrGetterSetterPropertiesExcludingProto.
1388
1389 2012-02-22  Mark Hahnenberg  <mhahnenberg@apple.com>
1390
1391         Allocations from CopiedBlocks should always be 8-byte aligned
1392         https://bugs.webkit.org/show_bug.cgi?id=79271
1393
1394         Reviewed by Geoffrey Garen.
1395
1396         * heap/CopiedAllocator.h:
1397         (JSC::CopiedAllocator::allocate):
1398         * heap/CopiedBlock.h: Changed to add padding so that the start of the payload is always 
1399         guaranteed to be 8 byte aligned on both 64- and 32-bit platforms.
1400         (CopiedBlock):
1401         * heap/CopiedSpace.cpp: Changed all assertions of isPointerAligned to is8ByteAligned.
1402         (JSC::CopiedSpace::tryAllocateOversize):
1403         (JSC::CopiedSpace::getFreshBlock):
1404         * heap/CopiedSpaceInlineMethods.h:
1405         (JSC::CopiedSpace::allocateFromBlock):
1406         * runtime/JSArray.h:
1407         (ArrayStorage): Added padding for ArrayStorage to make sure that it is always 8 byte 
1408         aligned on both 64- and 32-bit platforms.
1409         * wtf/StdLibExtras.h:
1410         (WTF::is8ByteAligned): Added new utility function that functions similarly to the 
1411         way isPointerAligned does, but it just always checks for 8 byte alignment.
1412         (WTF):
1413
1414 2012-02-22  Sheriff Bot  <webkit.review.bot@gmail.com>
1415
1416         Unreviewed, rolling out r108456.
1417         http://trac.webkit.org/changeset/108456
1418         https://bugs.webkit.org/show_bug.cgi?id=79223
1419
1420         Broke fast/regex/pcre-test-4.html and cannot find anyone on
1421         IRC (Requested by zherczeg on #webkit).
1422
1423         * yarr/YarrJIT.cpp:
1424         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterGreedy):
1425
1426 2012-02-22  Sheriff Bot  <webkit.review.bot@gmail.com>
1427
1428         Unreviewed, rolling out r108468.
1429         http://trac.webkit.org/changeset/108468
1430         https://bugs.webkit.org/show_bug.cgi?id=79219
1431
1432         Broke Chromium Win release build (Requested by bashi on
1433         #webkit).
1434
1435         * wtf/Platform.h:
1436
1437 2012-02-22  Kenichi Ishibashi  <bashi@chromium.org>
1438
1439         Adding WebSocket per-frame DEFLATE extension
1440         https://bugs.webkit.org/show_bug.cgi?id=77522
1441
1442         Added USE(ZLIB) flag.
1443
1444         Reviewed by Kent Tamura.
1445
1446         * wtf/Platform.h:
1447
1448 2012-02-22  Hojong Han  <hojong.han@samsung.com>
1449
1450         Short circuit fixed for a 16 bt pattern character and an 8 bit string.
1451         https://bugs.webkit.org/show_bug.cgi?id=75602
1452
1453         Reviewed by Gavin Barraclough.
1454
1455         * yarr/YarrJIT.cpp:
1456         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterGreedy):
1457
1458 2012-02-21  Filip Pizlo  <fpizlo@apple.com>
1459
1460         Build fix for systems with case sensitive disks.
1461
1462         * llint/LLIntOfflineAsmConfig.h:
1463
1464 2012-02-21  Filip Pizlo  <fpizlo@apple.com>
1465
1466         JSC should be a triple-tier VM
1467         https://bugs.webkit.org/show_bug.cgi?id=75812
1468         <rdar://problem/10079694>
1469
1470         Reviewed by Gavin Barraclough.
1471         
1472         Implemented an interpreter that uses the JIT's calling convention. This
1473         interpreter is called LLInt, or the Low Level Interpreter. JSC will now
1474         will start by executing code in LLInt and will only tier up to the old
1475         JIT after the code is proven hot.
1476         
1477         LLInt is written in a modified form of our macro assembly. This new macro
1478         assembly is compiled by an offline assembler (see offlineasm), which
1479         implements many modern conveniences such as a Turing-complete CPS-based
1480         macro language and direct access to relevant C++ type information
1481         (basically offsets of fields and sizes of structs/classes).
1482         
1483         Code executing in LLInt appears to the rest of the JSC world "as if" it
1484         were executing in the old JIT. Hence, things like exception handling and
1485         cross-execution-engine calls just work and require pretty much no
1486         additional overhead.
1487         
1488         This interpreter is 2-2.5x faster than our old interpreter on SunSpider,
1489         V8, and Kraken. With triple-tiering turned on, we're neutral on SunSpider,
1490         V8, and Kraken, but appear to get a double-digit improvement on real-world
1491         websites due to a huge reduction in the amount of JIT'ing.
1492         
1493         * CMakeLists.txt:
1494         * GNUmakefile.am:
1495         * GNUmakefile.list.am:
1496         * JavaScriptCore.pri:
1497         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1498         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
1499         * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
1500         * JavaScriptCore.xcodeproj/project.pbxproj:
1501         * Target.pri:
1502         * assembler/LinkBuffer.h:
1503         * assembler/MacroAssemblerCodeRef.h:
1504         (MacroAssemblerCodePtr):
1505         (JSC::MacroAssemblerCodePtr::createFromExecutableAddress):
1506         * bytecode/BytecodeConventions.h: Added.
1507         * bytecode/CallLinkStatus.cpp:
1508         (JSC::CallLinkStatus::computeFromLLInt):
1509         (JSC):
1510         (JSC::CallLinkStatus::computeFor):
1511         * bytecode/CallLinkStatus.h:
1512         (JSC::CallLinkStatus::isSet):
1513         (JSC::CallLinkStatus::operator!):
1514         (CallLinkStatus):
1515         * bytecode/CodeBlock.cpp:
1516         (JSC::CodeBlock::dump):
1517         (JSC::CodeBlock::CodeBlock):
1518         (JSC::CodeBlock::~CodeBlock):
1519         (JSC::CodeBlock::finalizeUnconditionally):
1520         (JSC::CodeBlock::stronglyVisitStrongReferences):
1521         (JSC):
1522         (JSC::CodeBlock::unlinkCalls):
1523         (JSC::CodeBlock::unlinkIncomingCalls):
1524         (JSC::CodeBlock::bytecodeOffset):
1525         (JSC::ProgramCodeBlock::jettison):
1526         (JSC::EvalCodeBlock::jettison):
1527         (JSC::FunctionCodeBlock::jettison):
1528         (JSC::ProgramCodeBlock::jitCompileImpl):
1529         (JSC::EvalCodeBlock::jitCompileImpl):
1530         (JSC::FunctionCodeBlock::jitCompileImpl):
1531         * bytecode/CodeBlock.h:
1532         (JSC):
1533         (CodeBlock):
1534         (JSC::CodeBlock::baselineVersion):
1535         (JSC::CodeBlock::linkIncomingCall):
1536         (JSC::CodeBlock::bytecodeOffset):
1537         (JSC::CodeBlock::jitCompile):
1538         (JSC::CodeBlock::hasOptimizedReplacement):
1539         (JSC::CodeBlock::addPropertyAccessInstruction):
1540         (JSC::CodeBlock::addGlobalResolveInstruction):
1541         (JSC::CodeBlock::addLLIntCallLinkInfo):
1542         (JSC::CodeBlock::addGlobalResolveInfo):
1543         (JSC::CodeBlock::numberOfMethodCallLinkInfos):
1544         (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset):
1545         (JSC::CodeBlock::likelyToTakeSlowCase):
1546         (JSC::CodeBlock::couldTakeSlowCase):
1547         (JSC::CodeBlock::likelyToTakeSpecialFastCase):
1548         (JSC::CodeBlock::likelyToTakeDeepestSlowCase):
1549         (JSC::CodeBlock::likelyToTakeAnySlowCase):
1550         (JSC::CodeBlock::addFrequentExitSite):
1551         (JSC::CodeBlock::dontJITAnytimeSoon):
1552         (JSC::CodeBlock::jitAfterWarmUp):
1553         (JSC::CodeBlock::jitSoon):
1554         (JSC::CodeBlock::llintExecuteCounter):
1555         (ProgramCodeBlock):
1556         (EvalCodeBlock):
1557         (FunctionCodeBlock):
1558         * bytecode/GetByIdStatus.cpp:
1559         (JSC::GetByIdStatus::computeFromLLInt):
1560         (JSC):
1561         (JSC::GetByIdStatus::computeFor):
1562         * bytecode/GetByIdStatus.h:
1563         (JSC::GetByIdStatus::GetByIdStatus):
1564         (JSC::GetByIdStatus::wasSeenInJIT):
1565         (GetByIdStatus):
1566         * bytecode/Instruction.h:
1567         (JSC):
1568         (JSC::Instruction::Instruction):
1569         (Instruction):
1570         * bytecode/LLIntCallLinkInfo.h: Added.
1571         (JSC):
1572         (JSC::LLIntCallLinkInfo::LLIntCallLinkInfo):
1573         (LLIntCallLinkInfo):
1574         (JSC::LLIntCallLinkInfo::~LLIntCallLinkInfo):
1575         (JSC::LLIntCallLinkInfo::isLinked):
1576         (JSC::LLIntCallLinkInfo::unlink):
1577         * bytecode/MethodCallLinkStatus.cpp:
1578         (JSC::MethodCallLinkStatus::computeFor):
1579         * bytecode/Opcode.cpp:
1580         (JSC):
1581         * bytecode/Opcode.h:
1582         (JSC):
1583         (JSC::padOpcodeName):
1584         * bytecode/PutByIdStatus.cpp:
1585         (JSC::PutByIdStatus::computeFromLLInt):
1586         (JSC):
1587         (JSC::PutByIdStatus::computeFor):
1588         * bytecode/PutByIdStatus.h:
1589         (PutByIdStatus):
1590         * bytecompiler/BytecodeGenerator.cpp:
1591         (JSC::BytecodeGenerator::emitResolve):
1592         (JSC::BytecodeGenerator::emitResolveWithBase):
1593         (JSC::BytecodeGenerator::emitGetById):
1594         (JSC::BytecodeGenerator::emitPutById):
1595         (JSC::BytecodeGenerator::emitDirectPutById):
1596         (JSC::BytecodeGenerator::emitCall):
1597         (JSC::BytecodeGenerator::emitConstruct):
1598         (JSC::BytecodeGenerator::emitCatch):
1599         * dfg/DFGByteCodeParser.cpp:
1600         (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
1601         (JSC::DFG::ByteCodeParser::handleInlining):
1602         (JSC::DFG::ByteCodeParser::parseBlock):
1603         * dfg/DFGCapabilities.h:
1604         (JSC::DFG::canCompileOpcode):
1605         * dfg/DFGOSRExitCompiler.cpp:
1606         * dfg/DFGOperations.cpp:
1607         * heap/Heap.h:
1608         (JSC):
1609         (JSC::Heap::firstAllocatorWithoutDestructors):
1610         (Heap):
1611         * heap/MarkStack.cpp:
1612         (JSC::visitChildren):
1613         * heap/MarkedAllocator.h:
1614         (JSC):
1615         (MarkedAllocator):
1616         * heap/MarkedSpace.h:
1617         (JSC):
1618         (MarkedSpace):
1619         (JSC::MarkedSpace::firstAllocator):
1620         * interpreter/CallFrame.cpp:
1621         (JSC):
1622         (JSC::CallFrame::bytecodeOffsetForNonDFGCode):
1623         (JSC::CallFrame::setBytecodeOffsetForNonDFGCode):
1624         (JSC::CallFrame::currentVPC):
1625         (JSC::CallFrame::setCurrentVPC):
1626         (JSC::CallFrame::trueCallerFrame):
1627         * interpreter/CallFrame.h:
1628         (JSC::ExecState::hasReturnPC):
1629         (JSC::ExecState::clearReturnPC):
1630         (ExecState):
1631         (JSC::ExecState::bytecodeOffsetForNonDFGCode):
1632         (JSC::ExecState::currentVPC):
1633         (JSC::ExecState::setCurrentVPC):
1634         * interpreter/Interpreter.cpp:
1635         (JSC::Interpreter::Interpreter):
1636         (JSC::Interpreter::~Interpreter):
1637         (JSC):
1638         (JSC::Interpreter::initialize):
1639         (JSC::Interpreter::isOpcode):
1640         (JSC::Interpreter::unwindCallFrame):
1641         (JSC::getCallerInfo):
1642         (JSC::Interpreter::privateExecute):
1643         (JSC::Interpreter::retrieveLastCaller):
1644         * interpreter/Interpreter.h:
1645         (JSC):
1646         (Interpreter):
1647         (JSC::Interpreter::getOpcode):
1648         (JSC::Interpreter::getOpcodeID):
1649         (JSC::Interpreter::classicEnabled):
1650         * interpreter/RegisterFile.h:
1651         (JSC):
1652         (RegisterFile):
1653         * jit/ExecutableAllocator.h:
1654         (JSC):
1655         * jit/HostCallReturnValue.cpp: Added.
1656         (JSC):
1657         (JSC::getHostCallReturnValueWithExecState):
1658         * jit/HostCallReturnValue.h: Added.
1659         (JSC):
1660         (JSC::initializeHostCallReturnValue):
1661         * jit/JIT.cpp:
1662         (JSC::JIT::privateCompileMainPass):
1663         (JSC::JIT::privateCompileSlowCases):
1664         (JSC::JIT::privateCompile):
1665         * jit/JITCode.h:
1666         (JSC::JITCode::isOptimizingJIT):
1667         (JITCode):
1668         (JSC::JITCode::isBaselineCode):
1669         (JSC::JITCode::JITCode):
1670         * jit/JITDriver.h:
1671         (JSC::jitCompileIfAppropriate):
1672         (JSC::jitCompileFunctionIfAppropriate):
1673         * jit/JITExceptions.cpp:
1674         (JSC::jitThrow):
1675         * jit/JITInlineMethods.h:
1676         (JSC::JIT::updateTopCallFrame):
1677         * jit/JITStubs.cpp:
1678         (JSC::DEFINE_STUB_FUNCTION):
1679         (JSC):
1680         * jit/JITStubs.h:
1681         (JSC):
1682         * jit/JSInterfaceJIT.h:
1683         * llint: Added.
1684         * llint/LLIntCommon.h: Added.
1685         * llint/LLIntData.cpp: Added.
1686         (LLInt):
1687         (JSC::LLInt::Data::Data):
1688         (JSC::LLInt::Data::performAssertions):
1689         (JSC::LLInt::Data::~Data):
1690         * llint/LLIntData.h: Added.
1691         (JSC):
1692         (LLInt):
1693         (Data):
1694         (JSC::LLInt::Data::exceptionInstructions):
1695         (JSC::LLInt::Data::opcodeMap):
1696         (JSC::LLInt::Data::performAssertions):
1697         * llint/LLIntEntrypoints.cpp: Added.
1698         (LLInt):
1699         (JSC::LLInt::getFunctionEntrypoint):
1700         (JSC::LLInt::getEvalEntrypoint):
1701         (JSC::LLInt::getProgramEntrypoint):
1702         * llint/LLIntEntrypoints.h: Added.
1703         (JSC):
1704         (LLInt):
1705         (JSC::LLInt::getEntrypoint):
1706         * llint/LLIntExceptions.cpp: Added.
1707         (LLInt):
1708         (JSC::LLInt::interpreterThrowInCaller):
1709         (JSC::LLInt::returnToThrowForThrownException):
1710         (JSC::LLInt::returnToThrow):
1711         (JSC::LLInt::callToThrow):
1712         * llint/LLIntExceptions.h: Added.
1713         (JSC):
1714         (LLInt):
1715         * llint/LLIntOfflineAsmConfig.h: Added.
1716         * llint/LLIntOffsetsExtractor.cpp: Added.
1717         (JSC):
1718         (LLIntOffsetsExtractor):
1719         (JSC::LLIntOffsetsExtractor::dummy):
1720         (main):
1721         * llint/LLIntSlowPaths.cpp: Added.
1722         (LLInt):
1723         (JSC::LLInt::llint_trace_operand):
1724         (JSC::LLInt::llint_trace_value):
1725         (JSC::LLInt::LLINT_SLOW_PATH_DECL):
1726         (JSC::LLInt::traceFunctionPrologue):
1727         (JSC::LLInt::shouldJIT):
1728         (JSC::LLInt::entryOSR):
1729         (JSC::LLInt::resolveGlobal):
1730         (JSC::LLInt::getByVal):
1731         (JSC::LLInt::handleHostCall):
1732         (JSC::LLInt::setUpCall):
1733         (JSC::LLInt::genericCall):
1734         * llint/LLIntSlowPaths.h: Added.
1735         (JSC):
1736         (LLInt):
1737         * llint/LLIntThunks.cpp: Added.
1738         (LLInt):
1739         (JSC::LLInt::generateThunkWithJumpTo):
1740         (JSC::LLInt::functionForCallEntryThunkGenerator):
1741         (JSC::LLInt::functionForConstructEntryThunkGenerator):
1742         (JSC::LLInt::functionForCallArityCheckThunkGenerator):
1743         (JSC::LLInt::functionForConstructArityCheckThunkGenerator):
1744         (JSC::LLInt::evalEntryThunkGenerator):
1745         (JSC::LLInt::programEntryThunkGenerator):
1746         * llint/LLIntThunks.h: Added.
1747         (JSC):
1748         (LLInt):
1749         * llint/LowLevelInterpreter.asm: Added.
1750         * llint/LowLevelInterpreter.cpp: Added.
1751         * llint/LowLevelInterpreter.h: Added.
1752         * offlineasm: Added.
1753         * offlineasm/armv7.rb: Added.
1754         * offlineasm/asm.rb: Added.
1755         * offlineasm/ast.rb: Added.
1756         * offlineasm/backends.rb: Added.
1757         * offlineasm/generate_offset_extractor.rb: Added.
1758         * offlineasm/instructions.rb: Added.
1759         * offlineasm/offset_extractor_constants.rb: Added.
1760         * offlineasm/offsets.rb: Added.
1761         * offlineasm/opt.rb: Added.
1762         * offlineasm/parser.rb: Added.
1763         * offlineasm/registers.rb: Added.
1764         * offlineasm/self_hash.rb: Added.
1765         * offlineasm/settings.rb: Added.
1766         * offlineasm/transform.rb: Added.
1767         * offlineasm/x86.rb: Added.
1768         * runtime/CodeSpecializationKind.h: Added.
1769         (JSC):
1770         * runtime/CommonSlowPaths.h:
1771         (JSC::CommonSlowPaths::arityCheckFor):
1772         (CommonSlowPaths):
1773         * runtime/Executable.cpp:
1774         (JSC::jettisonCodeBlock):
1775         (JSC):
1776         (JSC::EvalExecutable::jitCompile):
1777         (JSC::samplingDescription):
1778         (JSC::EvalExecutable::compileInternal):
1779         (JSC::ProgramExecutable::jitCompile):
1780         (JSC::ProgramExecutable::compileInternal):
1781         (JSC::FunctionExecutable::baselineCodeBlockFor):
1782         (JSC::FunctionExecutable::jitCompileForCall):
1783         (JSC::FunctionExecutable::jitCompileForConstruct):
1784         (JSC::FunctionExecutable::compileForCallInternal):
1785         (JSC::FunctionExecutable::compileForConstructInternal):
1786         * runtime/Executable.h:
1787         (JSC):
1788         (EvalExecutable):
1789         (ProgramExecutable):
1790         (FunctionExecutable):
1791         (JSC::FunctionExecutable::jitCompileFor):
1792         * runtime/ExecutionHarness.h: Added.
1793         (JSC):
1794         (JSC::prepareForExecution):
1795         (JSC::prepareFunctionForExecution):
1796         * runtime/JSArray.h:
1797         (JSC):
1798         (JSArray):
1799         * runtime/JSCell.h:
1800         (JSC):
1801         (JSCell):
1802         * runtime/JSFunction.h:
1803         (JSC):
1804         (JSFunction):
1805         * runtime/JSGlobalData.cpp:
1806         (JSC::JSGlobalData::JSGlobalData):
1807         * runtime/JSGlobalData.h:
1808         (JSC):
1809         (JSGlobalData):
1810         * runtime/JSGlobalObject.h:
1811         (JSC):
1812         (JSGlobalObject):
1813         * runtime/JSObject.h:
1814         (JSC):
1815         (JSObject):
1816         (JSFinalObject):
1817         * runtime/JSPropertyNameIterator.h:
1818         (JSC):
1819         (JSPropertyNameIterator):
1820         * runtime/JSString.h:
1821         (JSC):
1822         (JSString):
1823         * runtime/JSTypeInfo.h:
1824         (JSC):
1825         (TypeInfo):
1826         * runtime/JSValue.cpp:
1827         (JSC::JSValue::description):
1828         * runtime/JSValue.h:
1829         (LLInt):
1830         (JSValue):
1831         * runtime/JSVariableObject.h:
1832         (JSC):
1833         (JSVariableObject):
1834         * runtime/Options.cpp:
1835         (Options):
1836         (JSC::Options::initializeOptions):
1837         * runtime/Options.h:
1838         (Options):
1839         * runtime/ScopeChain.h:
1840         (JSC):
1841         (ScopeChainNode):
1842         * runtime/Structure.cpp:
1843         (JSC::Structure::addPropertyTransition):
1844         * runtime/Structure.h:
1845         (JSC):
1846         (Structure):
1847         * runtime/StructureChain.h:
1848         (JSC):
1849         (StructureChain):
1850         * wtf/InlineASM.h:
1851         * wtf/Platform.h:
1852         * wtf/SentinelLinkedList.h:
1853         (SentinelLinkedList):
1854         (WTF::SentinelLinkedList::isEmpty):
1855         * wtf/text/StringImpl.h:
1856         (JSC):
1857         (StringImpl):
1858
1859 2012-02-21  Oliver Hunt  <oliver@apple.com>
1860
1861         Unbreak double-typed arrays on ARMv7
1862         https://bugs.webkit.org/show_bug.cgi?id=79177
1863
1864         Reviewed by Gavin Barraclough.
1865
1866         The existing code had completely broken address arithmetic.
1867
1868         * JSCTypedArrayStubs.h:
1869         (JSC):
1870         * assembler/MacroAssemblerARMv7.h:
1871         (JSC::MacroAssemblerARMv7::storeDouble):
1872         (JSC::MacroAssemblerARMv7::storeFloat):
1873
1874 2012-02-21  Gavin Barraclough  <barraclough@apple.com>
1875
1876         Should be able to reconfigure a non-configurable property as read-only
1877         https://bugs.webkit.org/show_bug.cgi?id=79170
1878
1879         Reviewed by Sam Weinig.
1880
1881         See ES5.1 8.12.9 10.a.i - the spec prohibits making a read-only property writable,
1882         but does not inhibit making a writable property read-only.
1883
1884         * runtime/JSGlobalData.cpp:
1885         (JSC::JSGlobalData::JSGlobalData):
1886         * runtime/JSGlobalData.h:
1887         (JSC::JSGlobalData::setInDefineOwnProperty):
1888         (JSGlobalData):
1889         (JSC::JSGlobalData::isInDefineOwnProperty):
1890             - Added flag, tracking whether we are in JSObject::defineOwnProperty.
1891         * runtime/JSObject.cpp:
1892         (JSC::JSObject::deleteProperty):
1893         (DefineOwnPropertyScope):
1894             - Always allow properties to be deleted by DefineOwnProperty - assume it knows what it is doing!
1895         (JSC::DefineOwnPropertyScope::DefineOwnPropertyScope):
1896         (JSC::DefineOwnPropertyScope::~DefineOwnPropertyScope):
1897             - Added RAII helper.
1898         (JSC::JSObject::defineOwnProperty):
1899             - Track on the globalData when we are in this method.
1900
1901 2012-02-21  Oliver Hunt  <oliver@apple.com>
1902
1903         Make TypedArrays be available in commandline jsc
1904         https://bugs.webkit.org/show_bug.cgi?id=79163
1905
1906         Reviewed by Gavin Barraclough.
1907
1908         Adds a compile time option to have jsc support a basic implementation
1909         of the TypedArrays available in WebCore.  This lets us test the typed
1910         array logic in the JIT witout having to build webcore.
1911
1912         * JSCTypedArrayStubs.h: Added.
1913         (JSC):
1914         * JavaScriptCore.xcodeproj/project.pbxproj:
1915         * jsc.cpp:
1916         (GlobalObject::finishCreation):
1917         (GlobalObject):
1918         (GlobalObject::addConstructableFunction):
1919         * runtime/JSGlobalData.h:
1920         (JSGlobalData):
1921
1922 2012-02-21  Tom Sepez  <tsepez@chromium.org>
1923
1924         equalIgnoringNullity() only comparing half the bytes for equality
1925         https://bugs.webkit.org/show_bug.cgi?id=79135
1926
1927         Reviewed by Adam Barth.
1928
1929         * wtf/text/StringImpl.h:
1930         (WTF::equalIgnoringNullity):
1931
1932 2012-02-21  Roland Takacs  <takacs.roland@stud.u-szeged.hu>
1933
1934         Unnecessary preprocessor macros in MainThread.h/cpp
1935         https://bugs.webkit.org/show_bug.cgi?id=79083
1936
1937         Removed invalid/wrong PLATFORM(WINDOWS) preprocessor macro.
1938
1939         * wtf/MainThread.cpp:
1940         (WTF):
1941         * wtf/MainThread.h:
1942         (WTF):
1943
1944 2012-02-21  Sam Weinig  <sam@webkit.org>
1945
1946         Attempt to fix the Snow Leopard build.
1947
1948         * Configurations/Base.xcconfig:
1949
1950 2012-02-21  Sam Weinig  <sam@webkit.org>
1951
1952         Use libc++ when building with Clang on Mac
1953         https://bugs.webkit.org/show_bug.cgi?id=78981
1954
1955         Reviewed by Dan Bernstein.
1956
1957         * Configurations/Base.xcconfig:
1958
1959 2012-02-21  Adam Roben  <aroben@apple.com>
1960
1961         Roll out r108309, r108323, and r108326
1962
1963         They broke the 32-bit Lion build.
1964
1965         Original bugs is <http://webkit.org/b/75812> <rdar://problem/10079694>.
1966
1967         * CMakeLists.txt:
1968         * GNUmakefile.am:
1969         * GNUmakefile.list.am:
1970         * JavaScriptCore.pri:
1971         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1972         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
1973         * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
1974         * JavaScriptCore.xcodeproj/project.pbxproj:
1975         * Target.pri:
1976         * assembler/LinkBuffer.h:
1977         * assembler/MacroAssemblerCodeRef.h:
1978         * bytecode/BytecodeConventions.h: Removed.
1979         * bytecode/CallLinkStatus.cpp:
1980         * bytecode/CallLinkStatus.h:
1981         * bytecode/CodeBlock.cpp:
1982         * bytecode/CodeBlock.h:
1983         * bytecode/GetByIdStatus.cpp:
1984         * bytecode/GetByIdStatus.h:
1985         * bytecode/Instruction.h:
1986         * bytecode/LLIntCallLinkInfo.h: Removed.
1987         * bytecode/MethodCallLinkStatus.cpp:
1988         * bytecode/Opcode.cpp:
1989         * bytecode/Opcode.h:
1990         * bytecode/PutByIdStatus.cpp:
1991         * bytecode/PutByIdStatus.h:
1992         * bytecompiler/BytecodeGenerator.cpp:
1993         * dfg/DFGByteCodeParser.cpp:
1994         * dfg/DFGCapabilities.h:
1995         * dfg/DFGOSRExitCompiler.cpp:
1996         * dfg/DFGOperations.cpp:
1997         * heap/Heap.h:
1998         * heap/MarkStack.cpp:
1999         * heap/MarkedAllocator.h:
2000         * heap/MarkedSpace.h:
2001         * interpreter/CallFrame.cpp:
2002         * interpreter/CallFrame.h:
2003         * interpreter/Interpreter.cpp:
2004         * interpreter/Interpreter.h:
2005         * interpreter/RegisterFile.h:
2006         * jit/ExecutableAllocator.h:
2007         * jit/HostCallReturnValue.cpp: Removed.
2008         * jit/HostCallReturnValue.h: Removed.
2009         * jit/JIT.cpp:
2010         * jit/JITCode.h:
2011         * jit/JITDriver.h:
2012         * jit/JITExceptions.cpp:
2013         * jit/JITInlineMethods.h:
2014         * jit/JITStubs.cpp:
2015         * jit/JITStubs.h:
2016         * jit/JSInterfaceJIT.h:
2017         * llint/LLIntCommon.h: Removed.
2018         * llint/LLIntData.cpp: Removed.
2019         * llint/LLIntData.h: Removed.
2020         * llint/LLIntEntrypoints.cpp: Removed.
2021         * llint/LLIntEntrypoints.h: Removed.
2022         * llint/LLIntExceptions.cpp: Removed.
2023         * llint/LLIntExceptions.h: Removed.
2024         * llint/LLIntOfflineAsmConfig.h: Removed.
2025         * llint/LLIntOffsetsExtractor.cpp: Removed.
2026         * llint/LLIntSlowPaths.cpp: Removed.
2027         * llint/LLIntSlowPaths.h: Removed.
2028         * llint/LLIntThunks.cpp: Removed.
2029         * llint/LLIntThunks.h: Removed.
2030         * llint/LowLevelInterpreter.asm: Removed.
2031         * llint/LowLevelInterpreter.cpp: Removed.
2032         * llint/LowLevelInterpreter.h: Removed.
2033         * offlineasm/armv7.rb: Removed.
2034         * offlineasm/asm.rb: Removed.
2035         * offlineasm/ast.rb: Removed.
2036         * offlineasm/backends.rb: Removed.
2037         * offlineasm/generate_offset_extractor.rb: Removed.
2038         * offlineasm/instructions.rb: Removed.
2039         * offlineasm/offset_extractor_constants.rb: Removed.
2040         * offlineasm/offsets.rb: Removed.
2041         * offlineasm/opt.rb: Removed.
2042         * offlineasm/parser.rb: Removed.
2043         * offlineasm/registers.rb: Removed.
2044         * offlineasm/self_hash.rb: Removed.
2045         * offlineasm/settings.rb: Removed.
2046         * offlineasm/transform.rb: Removed.
2047         * offlineasm/x86.rb: Removed.
2048         * runtime/CodeSpecializationKind.h: Removed.
2049         * runtime/CommonSlowPaths.h:
2050         * runtime/Executable.cpp:
2051         * runtime/Executable.h:
2052         * runtime/ExecutionHarness.h: Removed.
2053         * runtime/JSArray.h:
2054         * runtime/JSCell.h:
2055         * runtime/JSFunction.h:
2056         * runtime/JSGlobalData.cpp:
2057         * runtime/JSGlobalData.h:
2058         * runtime/JSGlobalObject.h:
2059         * runtime/JSObject.h:
2060         * runtime/JSPropertyNameIterator.h:
2061         * runtime/JSString.h:
2062         * runtime/JSTypeInfo.h:
2063         * runtime/JSValue.cpp:
2064         * runtime/JSValue.h:
2065         * runtime/JSVariableObject.h:
2066         * runtime/Options.cpp:
2067         * runtime/Options.h:
2068         * runtime/ScopeChain.h:
2069         * runtime/Structure.cpp:
2070         * runtime/Structure.h:
2071         * runtime/StructureChain.h:
2072         * wtf/InlineASM.h:
2073         * wtf/Platform.h:
2074         * wtf/SentinelLinkedList.h:
2075         * wtf/text/StringImpl.h:
2076
2077 2012-02-21  Gustavo Noronha Silva  <kov@debian.org> and Bob Tracy  <rct@frus.com>
2078
2079         Does not build on IA64, SPARC and Alpha
2080         https://bugs.webkit.org/show_bug.cgi?id=79047
2081
2082         Rubber-stamped by Kent Tamura.
2083
2084         * wtf/dtoa/utils.h: these architectures also have correct double
2085         operations, so add them to the appropriate side of the check.
2086
2087 2012-02-21  Filip Pizlo  <fpizlo@apple.com>
2088
2089         Fix massive crashes in all tests introduced by previous build fix, and fix non-DFG build.
2090         https://bugs.webkit.org/show_bug.cgi?id=75812
2091
2092         Reviewed by Csaba Osztrogonác.
2093
2094         * dfg/DFGOperations.cpp:
2095         (JSC):
2096         * jit/HostCallReturnValue.h:
2097         (JSC::initializeHostCallReturnValue):
2098
2099 2012-02-21  Filip Pizlo  <fpizlo@apple.com>
2100
2101         Attempted build fix for ELF platforms.
2102
2103         * dfg/DFGOperations.cpp:
2104         (JSC):
2105         (JSC::getHostCallReturnValueWithExecState):
2106         * jit/HostCallReturnValue.cpp:
2107         (JSC):
2108         * jit/HostCallReturnValue.h:
2109         (JSC::initializeHostCallReturnValue):
2110
2111 2012-02-20  Filip Pizlo  <fpizlo@apple.com>
2112
2113         JSC should be a triple-tier VM
2114         https://bugs.webkit.org/show_bug.cgi?id=75812
2115         <rdar://problem/10079694>
2116
2117         Reviewed by Gavin Barraclough.
2118         
2119         Implemented an interpreter that uses the JIT's calling convention. This
2120         interpreter is called LLInt, or the Low Level Interpreter. JSC will now
2121         will start by executing code in LLInt and will only tier up to the old
2122         JIT after the code is proven hot.
2123         
2124         LLInt is written in a modified form of our macro assembly. This new macro
2125         assembly is compiled by an offline assembler (see offlineasm), which
2126         implements many modern conveniences such as a Turing-complete CPS-based
2127         macro language and direct access to relevant C++ type information
2128         (basically offsets of fields and sizes of structs/classes).
2129         
2130         Code executing in LLInt appears to the rest of the JSC world "as if" it
2131         were executing in the old JIT. Hence, things like exception handling and
2132         cross-execution-engine calls just work and require pretty much no
2133         additional overhead.
2134         
2135         This interpreter is 2-2.5x faster than our old interpreter on SunSpider,
2136         V8, and Kraken. With triple-tiering turned on, we're neutral on SunSpider,
2137         V8, and Kraken, but appear to get a double-digit improvement on real-world
2138         websites due to a huge reduction in the amount of JIT'ing.
2139         
2140         * CMakeLists.txt:
2141         * GNUmakefile.am:
2142         * GNUmakefile.list.am:
2143         * JavaScriptCore.pri:
2144         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2145         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
2146         * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
2147         * JavaScriptCore.xcodeproj/project.pbxproj:
2148         * Target.pri:
2149         * assembler/LinkBuffer.h:
2150         * assembler/MacroAssemblerCodeRef.h:
2151         (MacroAssemblerCodePtr):
2152         (JSC::MacroAssemblerCodePtr::createFromExecutableAddress):
2153         * bytecode/BytecodeConventions.h: Added.
2154         * bytecode/CallLinkStatus.cpp:
2155         (JSC::CallLinkStatus::computeFromLLInt):
2156         (JSC):
2157         (JSC::CallLinkStatus::computeFor):
2158         * bytecode/CallLinkStatus.h:
2159         (JSC::CallLinkStatus::isSet):
2160         (JSC::CallLinkStatus::operator!):
2161         (CallLinkStatus):
2162         * bytecode/CodeBlock.cpp:
2163         (JSC::CodeBlock::dump):
2164         (JSC::CodeBlock::CodeBlock):
2165         (JSC::CodeBlock::~CodeBlock):
2166         (JSC::CodeBlock::finalizeUnconditionally):
2167         (JSC::CodeBlock::stronglyVisitStrongReferences):
2168         (JSC):
2169         (JSC::CodeBlock::unlinkCalls):
2170         (JSC::CodeBlock::unlinkIncomingCalls):
2171         (JSC::CodeBlock::bytecodeOffset):
2172         (JSC::ProgramCodeBlock::jettison):
2173         (JSC::EvalCodeBlock::jettison):
2174         (JSC::FunctionCodeBlock::jettison):
2175         (JSC::ProgramCodeBlock::jitCompileImpl):
2176         (JSC::EvalCodeBlock::jitCompileImpl):
2177         (JSC::FunctionCodeBlock::jitCompileImpl):
2178         * bytecode/CodeBlock.h:
2179         (JSC):
2180         (CodeBlock):
2181         (JSC::CodeBlock::baselineVersion):
2182         (JSC::CodeBlock::linkIncomingCall):
2183         (JSC::CodeBlock::bytecodeOffset):
2184         (JSC::CodeBlock::jitCompile):
2185         (JSC::CodeBlock::hasOptimizedReplacement):
2186         (JSC::CodeBlock::addPropertyAccessInstruction):
2187         (JSC::CodeBlock::addGlobalResolveInstruction):
2188         (JSC::CodeBlock::addLLIntCallLinkInfo):
2189         (JSC::CodeBlock::addGlobalResolveInfo):
2190         (JSC::CodeBlock::numberOfMethodCallLinkInfos):
2191         (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset):
2192         (JSC::CodeBlock::likelyToTakeSlowCase):
2193         (JSC::CodeBlock::couldTakeSlowCase):
2194         (JSC::CodeBlock::likelyToTakeSpecialFastCase):
2195         (JSC::CodeBlock::likelyToTakeDeepestSlowCase):
2196         (JSC::CodeBlock::likelyToTakeAnySlowCase):
2197         (JSC::CodeBlock::addFrequentExitSite):
2198         (JSC::CodeBlock::dontJITAnytimeSoon):
2199         (JSC::CodeBlock::jitAfterWarmUp):
2200         (JSC::CodeBlock::jitSoon):
2201         (JSC::CodeBlock::llintExecuteCounter):
2202         (ProgramCodeBlock):
2203         (EvalCodeBlock):
2204         (FunctionCodeBlock):
2205         * bytecode/GetByIdStatus.cpp:
2206         (JSC::GetByIdStatus::computeFromLLInt):
2207         (JSC):
2208         (JSC::GetByIdStatus::computeFor):
2209         * bytecode/GetByIdStatus.h:
2210         (JSC::GetByIdStatus::GetByIdStatus):
2211         (JSC::GetByIdStatus::wasSeenInJIT):
2212         (GetByIdStatus):
2213         * bytecode/Instruction.h:
2214         (JSC):
2215         (JSC::Instruction::Instruction):
2216         (Instruction):
2217         * bytecode/LLIntCallLinkInfo.h: Added.
2218         (JSC):
2219         (JSC::LLIntCallLinkInfo::LLIntCallLinkInfo):
2220         (LLIntCallLinkInfo):
2221         (JSC::LLIntCallLinkInfo::~LLIntCallLinkInfo):
2222         (JSC::LLIntCallLinkInfo::isLinked):
2223         (JSC::LLIntCallLinkInfo::unlink):
2224         * bytecode/MethodCallLinkStatus.cpp:
2225         (JSC::MethodCallLinkStatus::computeFor):
2226         * bytecode/Opcode.cpp:
2227         (JSC):
2228         * bytecode/Opcode.h:
2229         (JSC):
2230         (JSC::padOpcodeName):
2231         * bytecode/PutByIdStatus.cpp:
2232         (JSC::PutByIdStatus::computeFromLLInt):
2233         (JSC):
2234         (JSC::PutByIdStatus::computeFor):
2235         * bytecode/PutByIdStatus.h:
2236         (PutByIdStatus):
2237         * bytecompiler/BytecodeGenerator.cpp:
2238         (JSC::BytecodeGenerator::emitResolve):
2239         (JSC::BytecodeGenerator::emitResolveWithBase):
2240         (JSC::BytecodeGenerator::emitGetById):
2241         (JSC::BytecodeGenerator::emitPutById):
2242         (JSC::BytecodeGenerator::emitDirectPutById):
2243         (JSC::BytecodeGenerator::emitCall):
2244         (JSC::BytecodeGenerator::emitConstruct):
2245         (JSC::BytecodeGenerator::emitCatch):
2246         * dfg/DFGByteCodeParser.cpp:
2247         (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
2248         (JSC::DFG::ByteCodeParser::handleInlining):
2249         (JSC::DFG::ByteCodeParser::parseBlock):
2250         * dfg/DFGCapabilities.h:
2251         (JSC::DFG::canCompileOpcode):
2252         * dfg/DFGOSRExitCompiler.cpp:
2253         * dfg/DFGOperations.cpp:
2254         * heap/Heap.h:
2255         (JSC):
2256         (JSC::Heap::firstAllocatorWithoutDestructors):
2257         (Heap):
2258         * heap/MarkStack.cpp:
2259         (JSC::visitChildren):
2260         * heap/MarkedAllocator.h:
2261         (JSC):
2262         (MarkedAllocator):
2263         * heap/MarkedSpace.h:
2264         (JSC):
2265         (MarkedSpace):
2266         (JSC::MarkedSpace::firstAllocator):
2267         * interpreter/CallFrame.cpp:
2268         (JSC):
2269         (JSC::CallFrame::bytecodeOffsetForNonDFGCode):
2270         (JSC::CallFrame::setBytecodeOffsetForNonDFGCode):
2271         (JSC::CallFrame::currentVPC):
2272         (JSC::CallFrame::setCurrentVPC):
2273         (JSC::CallFrame::trueCallerFrame):
2274         * interpreter/CallFrame.h:
2275         (JSC::ExecState::hasReturnPC):
2276         (JSC::ExecState::clearReturnPC):
2277         (ExecState):
2278         (JSC::ExecState::bytecodeOffsetForNonDFGCode):
2279         (JSC::ExecState::currentVPC):
2280         (JSC::ExecState::setCurrentVPC):
2281         * interpreter/Interpreter.cpp:
2282         (JSC::Interpreter::Interpreter):
2283         (JSC::Interpreter::~Interpreter):
2284         (JSC):
2285         (JSC::Interpreter::initialize):
2286         (JSC::Interpreter::isOpcode):
2287         (JSC::Interpreter::unwindCallFrame):
2288         (JSC::getCallerInfo):
2289         (JSC::Interpreter::privateExecute):
2290         (JSC::Interpreter::retrieveLastCaller):
2291         * interpreter/Interpreter.h:
2292         (JSC):
2293         (Interpreter):
2294         (JSC::Interpreter::getOpcode):
2295         (JSC::Interpreter::getOpcodeID):
2296         (JSC::Interpreter::classicEnabled):
2297         * interpreter/RegisterFile.h:
2298         (JSC):
2299         (RegisterFile):
2300         * jit/ExecutableAllocator.h:
2301         (JSC):
2302         * jit/HostCallReturnValue.cpp: Added.
2303         (JSC):
2304         (JSC::getHostCallReturnValueWithExecState):
2305         * jit/HostCallReturnValue.h: Added.
2306         (JSC):
2307         (JSC::initializeHostCallReturnValue):
2308         * jit/JIT.cpp:
2309         (JSC::JIT::privateCompileMainPass):
2310         (JSC::JIT::privateCompileSlowCases):
2311         (JSC::JIT::privateCompile):
2312         * jit/JITCode.h:
2313         (JSC::JITCode::isOptimizingJIT):
2314         (JITCode):
2315         (JSC::JITCode::isBaselineCode):
2316         (JSC::JITCode::JITCode):
2317         * jit/JITDriver.h:
2318         (JSC::jitCompileIfAppropriate):
2319         (JSC::jitCompileFunctionIfAppropriate):
2320         * jit/JITExceptions.cpp:
2321         (JSC::jitThrow):
2322         * jit/JITInlineMethods.h:
2323         (JSC::JIT::updateTopCallFrame):
2324         * jit/JITStubs.cpp:
2325         (JSC::DEFINE_STUB_FUNCTION):
2326         (JSC):
2327         * jit/JITStubs.h:
2328         (JSC):
2329         * jit/JSInterfaceJIT.h:
2330         * llint: Added.
2331         * llint/LLIntCommon.h: Added.
2332         * llint/LLIntData.cpp: Added.
2333         (LLInt):
2334         (JSC::LLInt::Data::Data):
2335         (JSC::LLInt::Data::performAssertions):
2336         (JSC::LLInt::Data::~Data):
2337         * llint/LLIntData.h: Added.
2338         (JSC):
2339         (LLInt):
2340         (Data):
2341         (JSC::LLInt::Data::exceptionInstructions):
2342         (JSC::LLInt::Data::opcodeMap):
2343         (JSC::LLInt::Data::performAssertions):
2344         * llint/LLIntEntrypoints.cpp: Added.
2345         (LLInt):
2346         (JSC::LLInt::getFunctionEntrypoint):
2347         (JSC::LLInt::getEvalEntrypoint):
2348         (JSC::LLInt::getProgramEntrypoint):
2349         * llint/LLIntEntrypoints.h: Added.
2350         (JSC):
2351         (LLInt):
2352         (JSC::LLInt::getEntrypoint):
2353         * llint/LLIntExceptions.cpp: Added.
2354         (LLInt):
2355         (JSC::LLInt::interpreterThrowInCaller):
2356         (JSC::LLInt::returnToThrowForThrownException):
2357         (JSC::LLInt::returnToThrow):
2358         (JSC::LLInt::callToThrow):
2359         * llint/LLIntExceptions.h: Added.
2360         (JSC):
2361         (LLInt):
2362         * llint/LLIntOfflineAsmConfig.h: Added.
2363         * llint/LLIntOffsetsExtractor.cpp: Added.
2364         (JSC):
2365         (LLIntOffsetsExtractor):
2366         (JSC::LLIntOffsetsExtractor::dummy):
2367         (main):
2368         * llint/LLIntSlowPaths.cpp: Added.
2369         (LLInt):
2370         (JSC::LLInt::llint_trace_operand):
2371         (JSC::LLInt::llint_trace_value):
2372         (JSC::LLInt::LLINT_SLOW_PATH_DECL):
2373         (JSC::LLInt::traceFunctionPrologue):
2374         (JSC::LLInt::shouldJIT):
2375         (JSC::LLInt::entryOSR):
2376         (JSC::LLInt::resolveGlobal):
2377         (JSC::LLInt::getByVal):
2378         (JSC::LLInt::handleHostCall):
2379         (JSC::LLInt::setUpCall):
2380         (JSC::LLInt::genericCall):
2381         * llint/LLIntSlowPaths.h: Added.
2382         (JSC):
2383         (LLInt):
2384         * llint/LLIntThunks.cpp: Added.
2385         (LLInt):
2386         (JSC::LLInt::generateThunkWithJumpTo):
2387         (JSC::LLInt::functionForCallEntryThunkGenerator):
2388         (JSC::LLInt::functionForConstructEntryThunkGenerator):
2389         (JSC::LLInt::functionForCallArityCheckThunkGenerator):
2390         (JSC::LLInt::functionForConstructArityCheckThunkGenerator):
2391         (JSC::LLInt::evalEntryThunkGenerator):
2392         (JSC::LLInt::programEntryThunkGenerator):
2393         * llint/LLIntThunks.h: Added.
2394         (JSC):
2395         (LLInt):
2396         * llint/LowLevelInterpreter.asm: Added.
2397         * llint/LowLevelInterpreter.cpp: Added.
2398         * llint/LowLevelInterpreter.h: Added.
2399         * offlineasm: Added.
2400         * offlineasm/armv7.rb: Added.
2401         * offlineasm/asm.rb: Added.
2402         * offlineasm/ast.rb: Added.
2403         * offlineasm/backends.rb: Added.
2404         * offlineasm/generate_offset_extractor.rb: Added.
2405         * offlineasm/instructions.rb: Added.
2406         * offlineasm/offset_extractor_constants.rb: Added.
2407         * offlineasm/offsets.rb: Added.
2408         * offlineasm/opt.rb: Added.
2409         * offlineasm/parser.rb: Added.
2410         * offlineasm/registers.rb: Added.
2411         * offlineasm/self_hash.rb: Added.
2412         * offlineasm/settings.rb: Added.
2413         * offlineasm/transform.rb: Added.
2414         * offlineasm/x86.rb: Added.
2415         * runtime/CodeSpecializationKind.h: Added.
2416         (JSC):
2417         * runtime/CommonSlowPaths.h:
2418         (JSC::CommonSlowPaths::arityCheckFor):
2419         (CommonSlowPaths):
2420         * runtime/Executable.cpp:
2421         (JSC::jettisonCodeBlock):
2422         (JSC):
2423         (JSC::EvalExecutable::jitCompile):
2424         (JSC::samplingDescription):
2425         (JSC::EvalExecutable::compileInternal):
2426         (JSC::ProgramExecutable::jitCompile):
2427         (JSC::ProgramExecutable::compileInternal):
2428         (JSC::FunctionExecutable::baselineCodeBlockFor):
2429         (JSC::FunctionExecutable::jitCompileForCall):
2430         (JSC::FunctionExecutable::jitCompileForConstruct):
2431         (JSC::FunctionExecutable::compileForCallInternal):
2432         (JSC::FunctionExecutable::compileForConstructInternal):
2433         * runtime/Executable.h:
2434         (JSC):
2435         (EvalExecutable):
2436         (ProgramExecutable):
2437         (FunctionExecutable):
2438         (JSC::FunctionExecutable::jitCompileFor):
2439         * runtime/ExecutionHarness.h: Added.
2440         (JSC):
2441         (JSC::prepareForExecution):
2442         (JSC::prepareFunctionForExecution):
2443         * runtime/JSArray.h:
2444         (JSC):
2445         (JSArray):
2446         * runtime/JSCell.h:
2447         (JSC):
2448         (JSCell):
2449         * runtime/JSFunction.h:
2450         (JSC):
2451         (JSFunction):
2452         * runtime/JSGlobalData.cpp:
2453         (JSC::JSGlobalData::JSGlobalData):
2454         * runtime/JSGlobalData.h:
2455         (JSC):
2456         (JSGlobalData):
2457         * runtime/JSGlobalObject.h:
2458         (JSC):
2459         (JSGlobalObject):
2460         * runtime/JSObject.h:
2461         (JSC):
2462         (JSObject):
2463         (JSFinalObject):
2464         * runtime/JSPropertyNameIterator.h:
2465         (JSC):
2466         (JSPropertyNameIterator):
2467         * runtime/JSString.h:
2468         (JSC):
2469         (JSString):
2470         * runtime/JSTypeInfo.h:
2471         (JSC):
2472         (TypeInfo):
2473         * runtime/JSValue.cpp:
2474         (JSC::JSValue::description):
2475         * runtime/JSValue.h:
2476         (LLInt):
2477         (JSValue):
2478         * runtime/JSVariableObject.h:
2479         (JSC):
2480         (JSVariableObject):
2481         * runtime/Options.cpp:
2482         (Options):
2483         (JSC::Options::initializeOptions):
2484         * runtime/Options.h:
2485         (Options):
2486         * runtime/ScopeChain.h:
2487         (JSC):
2488         (ScopeChainNode):
2489         * runtime/Structure.cpp:
2490         (JSC::Structure::addPropertyTransition):
2491         * runtime/Structure.h:
2492         (JSC):
2493         (Structure):
2494         * runtime/StructureChain.h:
2495         (JSC):
2496         (StructureChain):
2497         * wtf/InlineASM.h:
2498         * wtf/Platform.h:
2499         * wtf/SentinelLinkedList.h:
2500         (SentinelLinkedList):
2501         (WTF::SentinelLinkedList::isEmpty):
2502         * wtf/text/StringImpl.h:
2503         (JSC):
2504         (StringImpl):
2505
2506 2012-02-20  Filip Pizlo  <fpizlo@apple.com>
2507
2508         Unreviewed, rolling out http://trac.webkit.org/changeset/108291
2509         It completely broke the 32-bit JIT.
2510
2511         * heap/CopiedAllocator.h:
2512         * heap/CopiedSpace.h:
2513         (CopiedSpace):
2514         * heap/Heap.h:
2515         (JSC::Heap::allocatorForObjectWithDestructor):
2516         * jit/JIT.cpp:
2517         (JSC::JIT::privateCompileSlowCases):
2518         * jit/JIT.h:
2519         (JIT):
2520         * jit/JITInlineMethods.h:
2521         (JSC):
2522         * jit/JITOpcodes.cpp:
2523         (JSC::JIT::emit_op_new_array):
2524         * runtime/JSArray.cpp:
2525         (JSC::storageSize):
2526         (JSC):
2527         * runtime/JSArray.h:
2528         (ArrayStorage):
2529         (JSArray):
2530
2531 2012-02-20  Gavin Barraclough  <barraclough@apple.com>
2532
2533         [[Put]] should throw if prototype chain contains a readonly property.
2534         https://bugs.webkit.org/show_bug.cgi?id=79069
2535
2536         Reviewed by Oliver Hunt.
2537
2538         Currently we only check the base of the put, not the prototype chain.
2539         Fold this check in with the test for accessors.
2540
2541         * runtime/JSObject.cpp:
2542         (JSC::JSObject::put):
2543             - Updated to test all objects in the propotype chain for readonly properties.
2544         (JSC::JSObject::putDirectAccessor):
2545         (JSC::putDescriptor):
2546             - Record the presence of readonly properties on the structure.
2547         * runtime/Structure.cpp:
2548         (JSC::Structure::Structure):
2549             - hasGetterSetterPropertiesExcludingProto expanded to hasReadOnlyOrGetterSetterPropertiesExcludingProto.
2550         * runtime/Structure.h:
2551         (JSC::Structure::hasReadOnlyOrGetterSetterPropertiesExcludingProto):
2552         (JSC::Structure::setHasGetterSetterProperties):
2553             - hasGetterSetterPropertiesExcludingProto expanded to hasReadOnlyOrGetterSetterPropertiesExcludingProto.
2554         (JSC::Structure::setContainsReadOnlyProperties):
2555             - Added.
2556
2557 2012-02-20  Mark Hahnenberg  <mhahnenberg@apple.com>
2558
2559         Implement fast path for op_new_array in the baseline JIT
2560         https://bugs.webkit.org/show_bug.cgi?id=78612
2561
2562         Reviewed by Filip Pizlo.
2563
2564         * heap/CopiedAllocator.h:
2565         (CopiedAllocator): Friended the JIT to allow access to m_currentOffset.
2566         * heap/CopiedSpace.h:
2567         (CopiedSpace): Friended the JIT to allow access to 
2568         (JSC::CopiedSpace::allocator):
2569         * heap/Heap.h:
2570         (JSC::Heap::storageAllocator): Added a getter for the CopiedAllocator class so the JIT
2571         can use it for simple allocation i.e. when we can just bump the offset without having to 
2572         do anything else.
2573         * jit/JIT.cpp:
2574         (JSC::JIT::privateCompileSlowCases): Added new slow case for op_new_array for when
2575         we have to bail out because the fast allocation path fails for whatever reason.
2576         * jit/JIT.h:
2577         (JIT):
2578         * jit/JITInlineMethods.h:
2579         (JSC::JIT::emitAllocateBasicStorage): Added utility function that allows objects to 
2580         allocate generic backing stores. This function is used by emitAllocateJSArray.
2581         (JSC):
2582         (JSC::JIT::emitAllocateJSArray): Added utility function that allows the client to 
2583         more easily allocate JSArrays. This function is used by emit_op_new_array and I expect 
2584         it will also be used for emit_op_new_array_buffer.
2585         * jit/JITOpcodes.cpp:
2586         (JSC::JIT::emit_op_new_array): Changed to do inline allocation of JSArrays. Still does 
2587         a stub call for oversize arrays.
2588         (JSC):
2589         (JSC::JIT::emitSlow_op_new_array): Just bails out to a stub call if we fail in any way on 
2590         the fast path.
2591         * runtime/JSArray.cpp:
2592         (JSC):
2593         * runtime/JSArray.h: Added lots of offset functions for all the fields that we need to 
2594         initialize in the JIT.
2595         (ArrayStorage):
2596         (JSC::ArrayStorage::lengthOffset):
2597         (JSC::ArrayStorage::numValuesInVectorOffset):
2598         (JSC::ArrayStorage::allocBaseOffset):
2599         (JSC::ArrayStorage::vectorOffset):
2600         (JSArray):
2601         (JSC::JSArray::sparseValueMapOffset):
2602         (JSC::JSArray::subclassDataOffset):
2603         (JSC::JSArray::indexBiasOffset):
2604         (JSC):
2605         (JSC::JSArray::storageSize): Moved this function from being a static function in the cpp file
2606         to being a static function in the JSArray class. This move allows the JIT to call it to 
2607         see what size it should allocate.
2608
2609 2012-02-20  Gavin Barraclough  <barraclough@apple.com>
2610
2611         DefineOwnProperty fails with numeric properties & Object.prototype
2612         https://bugs.webkit.org/show_bug.cgi?id=79059
2613
2614         Reviewed by Oliver Hunt.
2615
2616         ObjectPrototype caches whether it contains any numeric properties (m_hasNoPropertiesWithUInt32Names),
2617         calls to defineOwnProperty need to update this cache.
2618
2619         * runtime/ObjectPrototype.cpp:
2620         (JSC::ObjectPrototype::put):
2621         (JSC::ObjectPrototype::defineOwnProperty):
2622         (JSC):
2623         (JSC::ObjectPrototype::getOwnPropertySlotByIndex):
2624         * runtime/ObjectPrototype.h:
2625         (ObjectPrototype):
2626
2627 2012-02-20  Pino Toscano  <pino@debian.org>
2628
2629         Does not build on GNU Hurd
2630         https://bugs.webkit.org/show_bug.cgi?id=79045
2631
2632         Reviewed by Gustavo Noronha Silva.
2633
2634         * wtf/Platform.h: define WTF_OS_HURD.
2635         * wtf/ThreadIdentifierDataPthreads.cpp: adds a band-aid fix
2636         for the lack of PTHREAD_KEYS_MAX definition, with a value which
2637         should not cause issues.
2638
2639 2012-02-20  Gavin Barraclough  <barraclough@apple.com>
2640
2641         Unreviewed windows build fix.
2642
2643         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2644
2645 2012-02-20  Mark Hahnenberg  <mhahnenberg@apple.com>
2646
2647         Undoing accidental changes
2648
2649         * heap/Heap.cpp:
2650         (JSC::Heap::collectAllGarbage):
2651
2652 2012-02-20  Mark Hahnenberg  <mhahnenberg@apple.com>
2653
2654         Factor out allocation in CopySpace into a separate CopyAllocator
2655         https://bugs.webkit.org/show_bug.cgi?id=78610
2656
2657         Reviewed by Oliver Hunt.
2658
2659         Added a new CopyAllocator class, which allows us to do allocations without 
2660         having to load the current offset and store the current offset in the current 
2661         block. This change will allow us to easily do inline assembly in the JIT for 
2662         array allocations.
2663
2664         * GNUmakefile.list.am:
2665         * JavaScriptCore.gypi:
2666         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2667         * JavaScriptCore.xcodeproj/project.pbxproj:
2668         * heap/CopiedAllocator.h: Added.
2669         (JSC):
2670         (CopiedAllocator):
2671         (JSC::CopiedAllocator::currentBlock):
2672         (JSC::CopiedAllocator::CopiedAllocator):
2673         (JSC::CopiedAllocator::allocate):
2674         (JSC::CopiedAllocator::fitsInCurrentBlock):
2675         (JSC::CopiedAllocator::wasLastAllocation):
2676         (JSC::CopiedAllocator::startedCopying):
2677         (JSC::CopiedAllocator::resetCurrentBlock):
2678         (JSC::CopiedAllocator::currentUtilization):
2679         (JSC::CopiedAllocator::resetLastAllocation):
2680         * heap/CopiedBlock.h:
2681         (CopiedBlock):
2682         * heap/CopiedSpace.cpp: Moved some stuff from CopiedSpaceInlineMethods to here because we 
2683         weren't really getting any benefits from having such big functions in a header file.
2684         (JSC::CopiedSpace::CopiedSpace):
2685         (JSC):
2686         (JSC::CopiedSpace::init):
2687         (JSC::CopiedSpace::tryAllocateSlowCase):
2688         (JSC::CopiedSpace::tryAllocateOversize):
2689         (JSC::CopiedSpace::tryReallocate):
2690         (JSC::CopiedSpace::tryReallocateOversize):
2691         (JSC::CopiedSpace::doneFillingBlock):
2692         (JSC::CopiedSpace::doneCopying):
2693         (JSC::CopiedSpace::getFreshBlock):
2694         * heap/CopiedSpace.h:
2695         (CopiedSpace):
2696         * heap/CopiedSpaceInlineMethods.h:
2697         (JSC):
2698         (JSC::CopiedSpace::startedCopying):
2699         (JSC::CopiedSpace::addNewBlock):
2700         (JSC::CopiedSpace::allocateNewBlock):
2701         (JSC::CopiedSpace::fitsInBlock):
2702         (JSC::CopiedSpace::tryAllocate):
2703         (JSC::CopiedSpace::allocateFromBlock):
2704         * heap/Heap.cpp:
2705         (JSC::Heap::collectAllGarbage):
2706         * heap/HeapBlock.h:
2707         (HeapBlock):
2708
2709 2012-02-20  Patrick Gansterer  <paroga@webkit.org>
2710
2711         Fix Visual Studio 2010 build.
2712
2713         * bytecompiler/NodesCodegen.cpp:
2714         (JSC::PropertyListNode::emitBytecode):
2715
2716 2012-02-16  Gavin Barraclough  <barraclough@apple.com>
2717
2718         Move special __proto__ property to Object.prototype
2719         https://bugs.webkit.org/show_bug.cgi?id=78409
2720
2721         Reviewed by Oliver Hunt.
2722
2723         Re-implement this as a regular accessor property.  This has three key benefits:
2724         1) It makes it possible for objects to be given properties named __proto__.
2725         2) Object.prototype.__proto__ can be deleted, preventing object prototypes from being changed.
2726         3) This largely removes the magic used the implement __proto__, it can just be made a regular accessor property.
2727
2728         * parser/Parser.cpp:
2729         (JSC::::parseFunctionInfo):
2730             - No need to prohibit functions named __proto__.
2731         * runtime/JSGlobalObject.cpp:
2732         (JSC::JSGlobalObject::reset):
2733             - Add __proto__ accessor to Object.prototype.
2734         * runtime/JSGlobalObjectFunctions.cpp:
2735         (JSC::globalFuncProtoGetter):
2736         (JSC::globalFuncProtoSetter):
2737             - Definition of the __proto__ accessor functions.
2738         * runtime/JSGlobalObjectFunctions.h:
2739             - Declaration of the __proto__ accessor functions.
2740         * runtime/JSObject.cpp:
2741         (JSC::JSObject::put):
2742             - Remove the special handling for __proto__, there is still a check to allow for a fast guard for accessors excluding __proto__.
2743         (JSC::JSObject::putDirectAccessor):
2744             - Track on the structure whether an object contains accessors other than one for __proto__.
2745         (JSC::JSObject::defineOwnProperty):
2746             - No need to prohibit definition of own properties named __proto__.
2747         * runtime/JSObject.h:
2748         (JSC::JSObject::inlineGetOwnPropertySlot):
2749             - Remove the special handling for __proto__.
2750         (JSC::JSValue::get):
2751             - Remove the special handling for __proto__.
2752         * runtime/JSString.cpp:
2753         (JSC::JSString::getOwnPropertySlot):
2754             - Remove the special handling for __proto__.
2755         * runtime/JSValue.h:
2756         (JSValue):
2757             - Made synthesizePrototype public (this may be needed by the __proto__ getter).
2758         * runtime/ObjectConstructor.cpp:
2759         (JSC::objectConstructorGetPrototypeOf):
2760             - Perform the security check & call prototype() directly.
2761         * runtime/Structure.cpp:
2762         (JSC::Structure::Structure):
2763             - Added 'ExcludingProto' variant of the 'hasGetterSetterProperties' state.
2764         * runtime/Structure.h:
2765         (JSC::Structure::hasGetterSetterPropertiesExcludingProto):
2766         (JSC::Structure::setHasGetterSetterProperties):
2767         (Structure):
2768             - Added 'ExcludingProto' variant of the 'hasGetterSetterProperties' state.
2769
2770 2012-02-20  Michael Saboff  <msaboff@apple.com>
2771
2772         Update toLower and toUpper tests for Unicode 6.1 changes
2773         https://bugs.webkit.org/show_bug.cgi?id=78923
2774
2775         Reviewed by Oliver Hunt.
2776
2777         * tests/mozilla/ecma/String/15.5.4.11-2.js: Updated the test
2778         to handle a third set of results for updated Unicode 6.1
2779         changes.
2780         (getTestCases):
2781         (TestCaseMultiExpected):
2782         (writeTestCaseResultMultiExpected):
2783         (getTestCaseResultMultiExpected):
2784         (test):
2785         (GetUnicodeValues):
2786         (DecimalToHexString):
2787
2788 2012-02-20  Andy Wingo  <wingo@igalia.com>
2789
2790         Remove unused features from CodeFeatures
2791         https://bugs.webkit.org/show_bug.cgi?id=78804
2792
2793         Reviewed by Gavin Barraclough.
2794
2795         * parser/Nodes.h:
2796         * parser/ASTBuilder.h:
2797         (JSC::ClosureFeature):
2798         (JSC::ASTBuilder::createFunctionBody):
2799         (JSC::ASTBuilder::usesClosures):
2800         Remove "ClosureFeature".  Since we track captured variables more
2801         precisely, this bit doesn't do us any good.
2802
2803         (JSC::AssignFeature):
2804         (JSC::ASTBuilder::makeAssignNode):
2805         (JSC::ASTBuilder::makePrefixNode):
2806         (JSC::ASTBuilder::makePostfixNode):
2807         (JSC::ASTBuilder::usesAssignment):
2808         Similarly, remove AssignFeature.  It is unused.
2809
2810 2012-02-19  Carlos Garcia Campos  <cgarcia@igalia.com>
2811
2812         Unreviewed. Fix make distcheck issues.
2813
2814         * GNUmakefile.list.am: Add missing files.
2815
2816 2012-02-18  Sam Weinig  <sam@webkit.org>
2817
2818         Fix style issues in DFG Phase classes
2819         https://bugs.webkit.org/show_bug.cgi?id=78983
2820
2821         Reviewed by Ryosuke Niwa.
2822
2823         * dfg/DFGArithNodeFlagsInferencePhase.cpp:
2824         * dfg/DFGCFAPhase.cpp:
2825         * dfg/DFGCSEPhase.cpp:
2826         * dfg/DFGPredictionPropagationPhase.cpp:
2827         * dfg/DFGVirtualRegisterAllocationPhase.cpp:
2828         Add a space before the colon in class declarations.
2829
2830 2012-02-18  Filip Pizlo  <fpizlo@apple.com>
2831
2832         Attempt to fix Windows build.
2833
2834         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2835
2836 2012-02-18  Sam Weinig  <sam@webkit.org>
2837
2838         Fix the libc++ build.
2839
2840         Reviewed by Anders Carlsson.
2841
2842         * heap/Weak.h:
2843         Libc++'s nullptr emulation does not allow default construction
2844         of the nullptr_t type. Work around this with the arguably clearer
2845         just returning nullptr.
2846
2847 2012-02-18  Filip Pizlo  <fpizlo@apple.com>
2848
2849         DFGPropagator.cpp has too many things
2850         https://bugs.webkit.org/show_bug.cgi?id=78956
2851
2852         Reviewed by Oliver Hunt.
2853         
2854         Added the notion of a DFG::Phase. Removed DFG::Propagator, and took its
2855         various things and put them into separate files. These new phases follow
2856         the naming convention "DFG<name>Phase" where <name> is a noun. They are
2857         called via functions of the form "perform<name>".
2858
2859         * CMakeLists.txt:
2860         * GNUmakefile.list.am:
2861         * JavaScriptCore.xcodeproj/project.pbxproj:
2862         * Target.pri:
2863         * dfg/DFGArithNodeFlagsInferencePhase.cpp: Added.
2864         (DFG):
2865         (JSC::DFG::performArithNodeFlagsInference):
2866         * dfg/DFGArithNodeFlagsInferencePhase.h: Added.
2867         (DFG):
2868         * dfg/DFGCFAPhase.cpp: Added.
2869         (DFG):
2870         (JSC::DFG::performCFA):
2871         * dfg/DFGCFAPhase.h: Added.
2872         (DFG):
2873         * dfg/DFGCSEPhase.cpp: Added.
2874         (DFG):
2875         (JSC::DFG::performCSE):
2876         * dfg/DFGCSEPhase.h: Added.
2877         (DFG):
2878         * dfg/DFGDriver.cpp:
2879         (JSC::DFG::compile):
2880         * dfg/DFGPhase.cpp: Added.
2881         (DFG):
2882         (JSC::DFG::Phase::beginPhase):
2883         (JSC::DFG::Phase::endPhase):
2884         * dfg/DFGPhase.h: Added.
2885         (DFG):
2886         (Phase):
2887         (JSC::DFG::Phase::Phase):
2888         (JSC::DFG::Phase::~Phase):
2889         (JSC::DFG::Phase::globalData):
2890         (JSC::DFG::Phase::codeBlock):
2891         (JSC::DFG::Phase::profiledBlock):
2892         (JSC::DFG::Phase::beginPhase):
2893         (JSC::DFG::Phase::endPhase):
2894         (JSC::DFG::runPhase):
2895         * dfg/DFGPredictionPropagationPhase.cpp: Added.
2896         (DFG):
2897         (JSC::DFG::performPredictionPropagation):
2898         * dfg/DFGPredictionPropagationPhase.h: Added.
2899         (DFG):
2900         * dfg/DFGPropagator.cpp: Removed.
2901         * dfg/DFGPropagator.h: Removed.
2902         * dfg/DFGVirtualRegisterAllocationPhase.cpp: Added.
2903         (DFG):
2904         (JSC::DFG::performVirtualRegisterAllocation):
2905         * dfg/DFGVirtualRegisterAllocationPhase.h: Added.
2906         (DFG):
2907
2908 2012-02-17  Filip Pizlo  <fpizlo@apple.com>
2909
2910         DFG::Graph should have references to JSGlobalData, the CodeBlock being compiled, and
2911         the CodeBlock that was used for profiling
2912         https://bugs.webkit.org/show_bug.cgi?id=78954
2913
2914         Reviewed by Gavin Barraclough.
2915
2916         * bytecode/CodeBlock.h:
2917         (JSC::baselineCodeBlockForOriginAndBaselineCodeBlock):
2918         (JSC):
2919         * dfg/DFGAbstractState.cpp:
2920         (JSC::DFG::AbstractState::AbstractState):
2921         (JSC::DFG::AbstractState::execute):
2922         * dfg/DFGAbstractState.h:
2923         * dfg/DFGAssemblyHelpers.h:
2924         (AssemblyHelpers):
2925         * dfg/DFGByteCodeParser.cpp:
2926         (JSC::DFG::ByteCodeParser::ByteCodeParser):
2927         (JSC::DFG::ByteCodeParser::handleCall):
2928         (JSC::DFG::parse):
2929         * dfg/DFGByteCodeParser.h:
2930         (DFG):
2931         * dfg/DFGDriver.cpp:
2932         (JSC::DFG::compile):
2933         * dfg/DFGGraph.cpp:
2934         (JSC::DFG::Graph::dump):
2935         (JSC::DFG::Graph::predictArgumentTypes):
2936         * dfg/DFGGraph.h:
2937         (JSC::DFG::Graph::Graph):
2938         (Graph):
2939         (JSC::DFG::Graph::getJSConstantPrediction):
2940         (JSC::DFG::Graph::addShouldSpeculateInteger):
2941         (JSC::DFG::Graph::isInt32Constant):
2942         (JSC::DFG::Graph::isDoubleConstant):
2943         (JSC::DFG::Graph::isNumberConstant):
2944         (JSC::DFG::Graph::isBooleanConstant):
2945         (JSC::DFG::Graph::isFunctionConstant):
2946         (JSC::DFG::Graph::valueOfJSConstant):
2947         (JSC::DFG::Graph::valueOfInt32Constant):
2948         (JSC::DFG::Graph::valueOfNumberConstant):
2949         (JSC::DFG::Graph::valueOfBooleanConstant):
2950         (JSC::DFG::Graph::valueOfFunctionConstant):
2951         (JSC::DFG::Graph::baselineCodeBlockFor):
2952         (JSC::DFG::Graph::valueProfileFor):
2953         (JSC::DFG::Graph::addImmediateShouldSpeculateInteger):
2954         * dfg/DFGJITCompiler.h:
2955         (JSC::DFG::JITCompiler::JITCompiler):
2956         (JITCompiler):
2957         * dfg/DFGOSRExit.cpp:
2958         (JSC::DFG::OSRExit::considerAddingAsFrequentExitSiteSlow):
2959         * dfg/DFGPropagator.cpp:
2960         (JSC::DFG::Propagator::Propagator):
2961         (JSC::DFG::Propagator::isNotNegZero):
2962         (JSC::DFG::Propagator::isNotZero):
2963         (JSC::DFG::Propagator::propagateNodePredictions):
2964         (JSC::DFG::Propagator::doRoundOfDoubleVoting):
2965         (JSC::DFG::Propagator::globalCFA):
2966         (JSC::DFG::propagate):
2967         * dfg/DFGPropagator.h:
2968         (DFG):
2969         * dfg/DFGSpeculativeJIT.cpp:
2970         (JSC::DFG::SpeculativeJIT::computeValueRecoveryFor):
2971         (JSC::DFG::SpeculativeJIT::compileAdd):
2972         (JSC::DFG::SpeculativeJIT::compileArithSub):
2973         * dfg/DFGSpeculativeJIT.h:
2974         (JSC::DFG::SpeculativeJIT::isConstant):
2975         (JSC::DFG::SpeculativeJIT::isJSConstant):
2976         (JSC::DFG::SpeculativeJIT::isInt32Constant):
2977         (JSC::DFG::SpeculativeJIT::isDoubleConstant):
2978         (JSC::DFG::SpeculativeJIT::isNumberConstant):
2979         (JSC::DFG::SpeculativeJIT::isBooleanConstant):
2980         (JSC::DFG::SpeculativeJIT::isFunctionConstant):
2981         (JSC::DFG::SpeculativeJIT::valueOfInt32Constant):
2982         (JSC::DFG::SpeculativeJIT::valueOfNumberConstant):
2983         (JSC::DFG::SpeculativeJIT::valueOfJSConstant):
2984         (JSC::DFG::SpeculativeJIT::valueOfBooleanConstant):
2985         (JSC::DFG::SpeculativeJIT::valueOfFunctionConstant):
2986         (JSC::DFG::SpeculativeJIT::speculationCheck):
2987         (JSC::DFG::SpeculativeJIT::SpeculativeJIT):
2988
2989 2012-02-17  Ahmad Sharif  <asharif.tools@gmail.com>
2990
2991         There is a warning in memset in glibc that gets triggered through a
2992         warndecl when the fill-value of memset is a non-zero constant and the
2993         size is zero. This warning is enabled when building with
2994         -D_FORTIFY_SOURCE=2. This patch fixes the warning.
2995
2996         https://bugs.webkit.org/show_bug.cgi?id=78513
2997
2998         Reviewed by Alexey Proskuryakov
2999
3000         * wtf/Vector.h:
3001
3002 2012-02-17  Kalev Lember  <kalevlember@gmail.com>
3003
3004         Remove unused parameters from WTF threading API
3005         https://bugs.webkit.org/show_bug.cgi?id=78389
3006
3007         Reviewed by Adam Roben.
3008
3009         waitForThreadCompletion() had an out param 'void **result' to get the
3010         'void *' returned by ThreadFunction. However, the implementation in
3011         ThreadingWin.cpp ignored the out param, not filling it in. This had
3012         led to a situation where none of the client code made use of the param
3013         and just ignored it.
3014
3015         To clean this up, the patch changes the signature of ThreadFunction to
3016         return void instead of void* and drops the the unused 'void **result'
3017         parameter from waitForThreadCompletion. Also, all client code is
3018         updated for the API change.
3019
3020         As mentioned in https://bugs.webkit.org/show_bug.cgi?id=78389 , even
3021         though the change only affects internal API, Safari is using it
3022         directly and we'll need to keep the old versions around for ABI
3023         compatibility. For this, the patch adds compatibility wrappers with
3024         the old ABI.
3025
3026         * JavaScriptCore.order:
3027         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3028         * bytecode/SamplingTool.cpp:
3029         (JSC::SamplingThread::threadStartFunc):
3030         (JSC::SamplingThread::stop):
3031         * bytecode/SamplingTool.h:
3032         (SamplingThread):
3033         * heap/Heap.cpp:
3034         (JSC::Heap::~Heap):
3035         (JSC::Heap::blockFreeingThreadStartFunc):
3036         * heap/Heap.h:
3037         * heap/MarkStack.cpp:
3038         (JSC::MarkStackThreadSharedData::markingThreadStartFunc):
3039         (JSC::MarkStackThreadSharedData::~MarkStackThreadSharedData):
3040         * heap/MarkStack.h:
3041         (MarkStackThreadSharedData):
3042         * wtf/ParallelJobsGeneric.cpp:
3043         (WTF::ParallelEnvironment::ThreadPrivate::workerThread):
3044         * wtf/ParallelJobsGeneric.h:
3045         (ThreadPrivate):
3046         * wtf/ThreadFunctionInvocation.h: Update the signature of
3047         ThreadFunction.
3048         (WTF):
3049         * wtf/Threading.cpp:
3050         (WTF::threadEntryPoint): Update for ThreadFunction signature change.
3051         (WTF):
3052         (WTF::ThreadFunctionWithReturnValueInvocation::ThreadFunctionWithReturnValueInvocation):
3053         ABI compatibility function for Safari.
3054         (ThreadFunctionWithReturnValueInvocation): Ditto.
3055         (WTF::compatEntryPoint): Ditto.
3056         (WTF::createThread): Ditto.
3057         (WTF::waitForThreadCompletion): Ditto.
3058         * wtf/Threading.h: Update the signature of ThreadFunction and
3059         waitForThreadCompletion.
3060         (WTF):
3061         * wtf/ThreadingPthreads.cpp: Implement the new API.
3062         (WTF::wtfThreadEntryPoint):
3063         (WTF):
3064         (WTF::createThreadInternal):
3065         (WTF::waitForThreadCompletion):
3066         * wtf/ThreadingWin.cpp: Implement the new API.
3067         (WTF::wtfThreadEntryPoint):
3068         (WTF::waitForThreadCompletion):
3069
3070 2012-02-16  Oliver Hunt  <oliver@apple.com>
3071
3072         Implement Error.stack
3073         https://bugs.webkit.org/show_bug.cgi?id=66994
3074
3075         Reviewed by Gavin Barraclough.
3076
3077         Implement support for stack traces on exception objects.  This is a rewrite
3078         of the core portion of the last stack walking logic, but the mechanical work
3079         of adding the information to an exception comes from the original work by
3080         Juan Carlos Montemayor Elosua.
3081
3082         * interpreter/Interpreter.cpp:
3083         (JSC::getCallerInfo):
3084         (JSC):
3085         (JSC::getSourceURLFromCallFrame):
3086         (JSC::getStackFrameCodeType):
3087         (JSC::Interpreter::getStackTrace):
3088         (JSC::Interpreter::throwException):
3089         (JSC::Interpreter::privateExecute):
3090         * interpreter/Interpreter.h:
3091         (JSC):
3092         (StackFrame):
3093         (JSC::StackFrame::toString):
3094         (Interpreter):
3095         * jsc.cpp:
3096         (GlobalObject::finishCreation):
3097         (functionJSCStack):
3098         * parser/Nodes.h:
3099         (JSC::FunctionBodyNode::setInferredName):
3100         * parser/Parser.h:
3101         (JSC::::parse):
3102         * runtime/CommonIdentifiers.h:
3103         * runtime/Error.cpp:
3104         (JSC::addErrorInfo):
3105         * runtime/Error.h:
3106         (JSC):
3107
3108 2012-02-17  Mark Hahnenberg  <mhahnenberg@apple.com>
3109
3110         Rename Bump* to Copy*
3111         https://bugs.webkit.org/show_bug.cgi?id=78573
3112
3113         Reviewed by Geoffrey Garen.
3114
3115         Renamed anything with "Bump" in the name to have "Copied" instead.
3116
3117         * CMakeLists.txt:
3118         * GNUmakefile.list.am:
3119         * JavaScriptCore.gypi:
3120         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3121         * JavaScriptCore.xcodeproj/project.pbxproj:
3122         * Target.pri:
3123         * heap/BumpBlock.h: Removed.
3124         * heap/BumpSpace.cpp: Removed.
3125         * heap/BumpSpace.h: Removed.
3126         * heap/BumpSpaceInlineMethods.h: Removed.
3127         * heap/ConservativeRoots.cpp:
3128         (JSC::ConservativeRoots::ConservativeRoots):
3129         (JSC::ConservativeRoots::genericAddPointer):
3130         * heap/ConservativeRoots.h:
3131         (ConservativeRoots):
3132         * heap/CopiedBlock.h: Added.
3133         (JSC):
3134         (CopiedBlock):
3135         (JSC::CopiedBlock::CopiedBlock):
3136         * heap/CopiedSpace.cpp: Added.
3137         (JSC):
3138         (JSC::CopiedSpace::tryAllocateSlowCase):
3139         * heap/CopiedSpace.h: Added.
3140         (JSC):
3141         (CopiedSpace):
3142         (JSC::CopiedSpace::isInCopyPhase):
3143         (JSC::CopiedSpace::totalMemoryAllocated):
3144         (JSC::CopiedSpace::totalMemoryUtilized):
3145         * heap/CopiedSpaceInlineMethods.h: Added.
3146         (JSC):
3147         (JSC::CopiedSpace::CopiedSpace):
3148         (JSC::CopiedSpace::init):
3149         (JSC::CopiedSpace::contains):
3150         (JSC::CopiedSpace::pin):
3151         (JSC::CopiedSpace::startedCopying):
3152         (JSC::CopiedSpace::doneCopying):
3153         (JSC::CopiedSpace::doneFillingBlock):
3154         (JSC::CopiedSpace::recycleBlock):
3155         (JSC::CopiedSpace::getFreshBlock):
3156         (JSC::CopiedSpace::borrowBlock):
3157         (JSC::CopiedSpace::addNewBlock):
3158         (JSC::CopiedSpace::allocateNewBlock):
3159         (JSC::CopiedSpace::fitsInBlock):
3160         (JSC::CopiedSpace::fitsInCurrentBlock):
3161         (JSC::CopiedSpace::tryAllocate):
3162         (JSC::CopiedSpace::tryAllocateOversize):
3163         (JSC::CopiedSpace::allocateFromBlock):
3164         (JSC::CopiedSpace::tryReallocate):
3165         (JSC::CopiedSpace::tryReallocateOversize):
3166         (JSC::CopiedSpace::isOversize):
3167         (JSC::CopiedSpace::isPinned):
3168         (JSC::CopiedSpace::oversizeBlockFor):
3169         (JSC::CopiedSpace::blockFor):
3170         * heap/Heap.cpp:
3171         * heap/Heap.h:
3172         (JSC):
3173         (Heap):
3174         * heap/MarkStack.cpp:
3175         (JSC::MarkStackThreadSharedData::MarkStackThreadSharedData):
3176         (JSC::SlotVisitor::drainFromShared):
3177         (JSC::SlotVisitor::startCopying):
3178         (JSC::SlotVisitor::allocateNewSpace):
3179         (JSC::SlotVisitor::doneCopying):
3180         * heap/MarkStack.h:
3181         (MarkStackThreadSharedData):
3182         * heap/SlotVisitor.h:
3183         (SlotVisitor):
3184         * runtime/JSArray.cpp:
3185         * runtime/JSObject.cpp:
3186
3187 2012-02-16  Yuqiang Xian  <yuqiang.xian@intel.com>
3188
3189         Add JSC code profiling support on Linux x86
3190         https://bugs.webkit.org/show_bug.cgi?id=78871
3191
3192         Reviewed by Gavin Barraclough.
3193
3194         We don't unwind the stack for now as we cannot guarantee all the
3195         libraries are compiled without -fomit-frame-pointer.
3196
3197         * tools/CodeProfile.cpp:
3198         (JSC::CodeProfile::sample):
3199         * tools/CodeProfiling.cpp:
3200         (JSC):
3201         (JSC::profilingTimer):
3202         (JSC::CodeProfiling::begin):
3203         (JSC::CodeProfiling::end):
3204
3205 2012-02-16  Csaba Osztrogonác  <ossy@webkit.org>
3206
3207         Unreviewed. Rolling out r107980, because it broke 32 bit platforms.
3208
3209         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3210         * interpreter/Interpreter.cpp:
3211         (JSC::Interpreter::throwException):
3212         (JSC::Interpreter::privateExecute):
3213         * interpreter/Interpreter.h:
3214         (JSC):
3215         (Interpreter):
3216         * jsc.cpp:
3217         (GlobalObject::finishCreation):
3218         * parser/Nodes.h:
3219         (JSC::FunctionBodyNode::setInferredName):
3220         * parser/Parser.h:
3221         (JSC::::parse):
3222         * runtime/CommonIdentifiers.h:
3223         * runtime/Error.cpp:
3224         (JSC::addErrorInfo):
3225         * runtime/Error.h:
3226         (JSC):
3227
3228 2012-02-16  Filip Pizlo  <fpizlo@apple.com>
3229
3230         ENABLE_INTERPRETER should be ENABLE_CLASSIC_INTERPRETER
3231         https://bugs.webkit.org/show_bug.cgi?id=78791
3232
3233         Rubber stamped by Oliver Hunt.
3234         
3235         Just a renaming, nothing more. Also renamed COMPUTED_GOTO_INTERPRETER to
3236         COMPUTED_GOTO_CLASSIC_INTERPRETER.
3237
3238         * bytecode/CodeBlock.cpp:
3239         (JSC::CodeBlock::dump):
3240         (JSC::CodeBlock::stronglyVisitStrongReferences):
3241         (JSC):
3242         (JSC::CodeBlock::shrinkToFit):
3243         * bytecode/CodeBlock.h:
3244         (CodeBlock):
3245         * bytecode/Instruction.h:
3246         (JSC::Instruction::Instruction):
3247         * bytecode/Opcode.h:
3248         (JSC::padOpcodeName):
3249         * bytecompiler/BytecodeGenerator.cpp:
3250         (JSC::BytecodeGenerator::emitResolve):
3251         (JSC::BytecodeGenerator::emitResolveWithBase):
3252         (JSC::BytecodeGenerator::emitGetById):
3253         (JSC::BytecodeGenerator::emitPutById):
3254         (JSC::BytecodeGenerator::emitDirectPutById):
3255         * interpreter/AbstractPC.cpp:
3256         (JSC::AbstractPC::AbstractPC):
3257         * interpreter/AbstractPC.h:
3258         (AbstractPC):
3259         * interpreter/CallFrame.h:
3260         (ExecState):
3261         * interpreter/Interpreter.cpp:
3262         (JSC):
3263         (JSC::Interpreter::initialize):
3264         (JSC::Interpreter::isOpcode):
3265         (JSC::Interpreter::unwindCallFrame):
3266         (JSC::Interpreter::execute):
3267         (JSC::Interpreter::privateExecute):
3268         (JSC::Interpreter::retrieveLastCaller):
3269         * interpreter/Interpreter.h:
3270         (JSC::Interpreter::getOpcode):
3271         (JSC::Interpreter::getOpcodeID):
3272         (Interpreter):
3273         * jit/ExecutableAllocatorFixedVMPool.cpp:
3274         (JSC::FixedVMPoolExecutableAllocator::FixedVMPoolExecutableAllocator):
3275         * runtime/Executable.cpp:
3276         (JSC::EvalExecutable::compileInternal):
3277         (JSC::ProgramExecutable::compileInternal):
3278         (JSC::FunctionExecutable::compileForCallInternal):
3279         (JSC::FunctionExecutable::compileForConstructInternal):
3280         * runtime/Executable.h:
3281         (NativeExecutable):
3282         * runtime/JSGlobalData.cpp:
3283         (JSC::JSGlobalData::JSGlobalData):
3284         (JSC::JSGlobalData::getHostFunction):
3285         * runtime/JSGlobalData.h:
3286         (JSGlobalData):
3287         * wtf/OSAllocatorPosix.cpp:
3288         (WTF::OSAllocator::reserveAndCommit):
3289         * wtf/Platform.h:
3290
3291 2012-02-15  Geoffrey Garen  <ggaren@apple.com>
3292
3293         Made Weak<T> single-owner, adding PassWeak<T>
3294         https://bugs.webkit.org/show_bug.cgi?id=78740
3295
3296         Reviewed by Sam Weinig.
3297
3298         This works basically the same way as OwnPtr<T> and PassOwnPtr<T>.
3299
3300         This clarifies the semantics of finalizers: It's ambiguous and probably
3301         a bug to copy a finalizer (i.e., it's a bug to run a C++ destructor
3302         twice), so I've made Weak<T> non-copyable. Anywhere we used to copy a 
3303         Weak<T>, we now use PassWeak<T>.
3304
3305         This also makes Weak<T> HashMaps more efficient.
3306
3307         * API/JSClassRef.cpp:
3308         (OpaqueJSClass::prototype): Use PassWeak<T> instead of set(), since 
3309         set() is gone now.
3310
3311         * JavaScriptCore.xcodeproj/project.pbxproj: Export!
3312
3313         * heap/PassWeak.h: Added.
3314         (JSC):
3315         (PassWeak):
3316         (JSC::PassWeak::PassWeak):
3317         (JSC::PassWeak::~PassWeak):
3318         (JSC::PassWeak::get):
3319         (JSC::::leakHandle):
3320         (JSC::adoptWeak):
3321         (JSC::operator==):
3322         (JSC::operator!=): This is the Weak<T> version of PassOwnPtr<T>.
3323
3324         * heap/Weak.h:
3325         (Weak):
3326         (JSC::Weak::Weak):
3327         (JSC::Weak::release):
3328         (JSC::Weak::hashTableDeletedValue):
3329         (JSC::=):
3330         (JSC): Changed to be non-copyable, removing a lot of copying-related
3331         APIs. Added hash traits so hash maps still work.
3332
3333         * jit/JITStubs.cpp:
3334         (JSC::JITThunks::hostFunctionStub):
3335         * runtime/RegExpCache.cpp:
3336         (JSC::RegExpCache::lookupOrCreate): Use PassWeak<T>, as required by
3337         our new hash map API.
3338
3339 2012-02-16  Mark Hahnenberg  <mhahnenberg@apple.com>
3340
3341         Fix the broken viewport tests
3342         https://bugs.webkit.org/show_bug.cgi?id=78774
3343
3344         Reviewed by Kenneth Rohde Christiansen.
3345
3346         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3347         * wtf/text/WTFString.cpp:
3348         (WTF):
3349         (WTF::toDoubleType): Template-ized to allow other functions to specify whether they
3350         want to allow trailing junk or not when calling strtod.
3351         (WTF::charactersToDouble):
3352         (WTF::charactersToFloat):
3353         (WTF::charactersToFloatIgnoringJunk): Created new version of charactersToFloat that allows 
3354         trailing junk.
3355         * wtf/text/WTFString.h:
3356         (WTF):
3357
3358 2012-02-16  Oliver Hunt  <oliver@apple.com>
3359
3360         Implement Error.stack
3361         https://bugs.webkit.org/show_bug.cgi?id=66994
3362
3363         Reviewed by Gavin Barraclough.
3364
3365         Implement support for stack traces on exception objects.  This is a rewrite
3366         of the core portion of the last stack walking logic, but the mechanical work
3367         of adding the information to an exception comes from the original work by
3368         Juan Carlos Montemayor Elosua.
3369
3370         * interpreter/Interpreter.cpp:
3371         (JSC::getCallerInfo):
3372         (JSC):
3373         (JSC::getSourceURLFromCallFrame):
3374         (JSC::getStackFrameCodeType):
3375         (JSC::Interpreter::getStackTrace):
3376         (JSC::Interpreter::throwException):
3377         (JSC::Interpreter::privateExecute):
3378         * interpreter/Interpreter.h:
3379         (JSC):
3380         (StackFrame):
3381         (JSC::StackFrame::toString):
3382         (Interpreter):
3383         * jsc.cpp:
3384         (GlobalObject::finishCreation):
3385         (functionJSCStack):
3386         * parser/Nodes.h:
3387         (JSC::FunctionBodyNode::setInferredName):
3388         * parser/Parser.h:
3389         (JSC::::parse):
3390         * runtime/CommonIdentifiers.h:
3391         * runtime/Error.cpp:
3392         (JSC::addErrorInfo):
3393         * runtime/Error.h:
3394         (JSC):
3395
3396 2012-02-15  Gavin Barraclough  <barraclough@apple.com>
3397
3398         Numerous trivial bugs in Object.defineProperty
3399         https://bugs.webkit.org/show_bug.cgi?id=78777
3400
3401         Reviewed by Sam Weinig.
3402
3403         There are a handful of really trivial bugs, related to Object.defineProperty:
3404             * Redefining an accessor with different attributes changes the attributes, but not the get/set functions!
3405             * Calling an undefined setter should only throw in strict mode.
3406             * When redefining an accessor to a data decriptor, if writable is not specified we should default to false.
3407             * Any attempt to redefine a non-configurable property of an array as configurable should be rejected.
3408             * Object.defineProperties should call toObject on 'Properties' argument, rather than throwing if it is not an object.
3409             * If preventExtensions has been called on an array, subsequent assignment beyond array bounds should fail.
3410             * 'isFrozen' shouldn't be checking the ReadOnly bit for accessor descriptors (we presently always keep this bit as 'false').
3411             * Should be able to redefine an non-writable, non-configurable property, with the same value and attributes.
3412             * Should be able to define an non-configurable accessor.
3413         These are mostly all one-line changes, e.g. inverted boolean checks, masking against wrong attribute.
3414
3415         * runtime/JSArray.cpp:
3416         (JSC::SparseArrayValueMap::put):
3417             - Added ASSERT.
3418             - Calling an undefined setter should only throw in strict mode.
3419         (JSC::JSArray::putDescriptor):
3420             - Should be able to define an non-configurable accessor.
3421         (JSC::JSArray::defineOwnNumericProperty):
3422             - Any attempt to redefine a non-configurable property of an array as configurable should be rejected.
3423         (JSC::JSArray::putByIndexBeyondVectorLength):
3424             - If preventExtensions has been called on an array, subsequent assignment beyond array bounds should fail.
3425         * runtime/JSArray.h:
3426         (JSArray):
3427             - made enterDictionaryMode public, called from JSObject.
3428         * runtime/JSObject.cpp:
3429         (JSC::JSObject::put):
3430             - Calling an undefined setter should only throw in strict mode.
3431         (JSC::JSObject::preventExtensions):
3432             - Put array objects into dictionary mode to handle this!
3433         (JSC::JSObject::defineOwnProperty):
3434             - Should be able to redefine an non-writable, non-configurable property, with the same value and attributes.
3435             - Redefining an accessor with different attributes changes the attributes, but not the get/set functions!
3436         * runtime/ObjectConstructor.cpp:
3437         (JSC::objectConstructorDefineProperties):
3438             - Object.defineProperties should call toObject on 'Properties' argument, rather than throwing if it is not an object.
3439         * runtime/PropertyDescriptor.cpp:
3440         (JSC::PropertyDescriptor::attributesWithOverride):
3441             - When redefining an accessor to a data decriptor, if writable is not specified we should default to false.
3442         (JSC::PropertyDescriptor::attributesOverridingCurrent):
3443             - When redefining an accessor to a data decriptor, if writable is not specified we should default to false.
3444         * runtime/Structure.cpp:
3445         (JSC::Structure::freezeTransition):
3446             - 'freezeTransition' shouldn't be setting the ReadOnly bit for accessor descriptors (we presently always keep this bit as 'false').
3447         (JSC::Structure::isFrozen):
3448             - 'isFrozen' shouldn't be checking the ReadOnly bit for accessor descriptors (we presently always keep this bit as 'false').
3449
3450 2012-02-13  Filip Pizlo  <fpizlo@apple.com>
3451
3452         DFG should not check the types of arguments that are dead
3453         https://bugs.webkit.org/show_bug.cgi?id=78518
3454
3455         Reviewed by Geoff Garen.
3456         
3457         The argument checks are now elided if the corresponding SetArgument is dead,
3458         and the abstract value of the argument is set to bottom (None, []). This is
3459         performance neutral on the benchmarks we currently track.
3460
3461         * dfg/DFGAbstractState.cpp:
3462         (JSC::DFG::AbstractState::initialize):
3463         * dfg/DFGSpeculativeJIT.cpp:
3464         (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
3465
3466 2012-02-15  Oliver Hunt  <oliver@apple.com>
3467
3468         Ensure that the DFG JIT always plants a CodeOrigin when making calls
3469         https://bugs.webkit.org/show_bug.cgi?id=78763
3470
3471         Reviewed by Gavin Barraclough.
3472
3473         Make all calls plant a CodeOrigin prior to the actual
3474         call.  Also clobbers the Interpreter with logic to ensure
3475         that the interpreter always plants a bytecode offset.
3476
3477         * dfg/DFGJITCompiler.cpp:
3478         (JSC::DFG::JITCompiler::link):
3479         (JSC::DFG::JITCompiler::compileFunction):
3480         * dfg/DFGJITCompiler.h:
3481         (CallBeginToken):
3482         (JSC::DFG::JITCompiler::beginJSCall):
3483         (JSC::DFG::JITCompiler::beginCall):
3484         * dfg/DFGRepatch.cpp:
3485         (JSC::DFG::tryBuildGetByIDList):
3486         * dfg/DFGSpeculativeJIT.h:
3487         (JSC::DFG::SpeculativeJIT::appendCallWithExceptionCheck):
3488         * dfg/DFGSpeculativeJIT32_64.cpp:
3489         (JSC::DFG::SpeculativeJIT::emitCall):
3490         * dfg/DFGSpeculativeJIT64.cpp:
3491         (JSC::DFG::SpeculativeJIT::emitCall):
3492         * interpreter/AbstractPC.cpp:
3493         (JSC::AbstractPC::AbstractPC):
3494         * interpreter/CallFrame.cpp:
3495         (JSC::CallFrame::trueCallFrame):
3496         * interpreter/CallFrame.h:
3497         (JSC::ExecState::bytecodeOffsetForNonDFGCode):
3498         (ExecState):
3499         (JSC::ExecState::setBytecodeOffsetForNonDFGCode):
3500         (JSC::ExecState::codeOriginIndexForDFG):
3501
3502 2012-02-14  Oliver Hunt  <oliver@apple.com>
3503
3504         Fix Interpreter.
3505
3506         * runtime/Executable.cpp:
3507         (JSC):
3508         * runtime/Executable.h:
3509         (ExecutableBase):
3510
3511 2012-02-14  Matt Lilek  <mrl@apple.com>
3512
3513         Don't ENABLE_DASHBOARD_SUPPORT unconditionally on all Mac platforms
3514         https://bugs.webkit.org/show_bug.cgi?id=78629
3515
3516         Reviewed by David Kilzer.
3517
3518         * Configurations/FeatureDefines.xcconfig:
3519
3520 2012-02-14  Filip Pizlo  <fpizlo@apple.com>
3521
3522         Unreviewed, build fix for non-DFG platforms.
3523
3524         * assembler/MacroAssembler.h:
3525         (MacroAssembler):
3526
3527 2012-02-14  Filip Pizlo  <fpizlo@apple.com>
3528
3529         Unreviewed, fix build and configuration goof.
3530
3531         * assembler/MacroAssembler.h:
3532         (JSC::MacroAssembler::invert):
3533         * dfg/DFGCommon.h:
3534
3535 2012-02-13  Filip Pizlo  <fpizlo@apple.com>
3536
3537         DFG should be able to emit code on control flow edges
3538         https://bugs.webkit.org/show_bug.cgi?id=78515
3539
3540         Reviewed by Gavin Barraclough.
3541         
3542         This gets us a few steps closer to being able to perform global register allocation,
3543         by allowing us to have landing pads on control flow edges. This will let us reshuffle
3544         registers if it happens to be necessary due to different reg alloc decisions in
3545         differen blocks.
3546         
3547         This also introduces the notion of a landing pad for OSR entry, which will allow us
3548         to emit code that places data into registers when we're entering into the DFG from
3549         the old JIT.
3550         
3551         Finally, this patch introduces a verification mode that checks that the landing pads
3552         are actually emitted and do actually work as advertised. When verification is disabled,
3553         this has no effect on behavior.
3554
3555         * assembler/MacroAssembler.h:
3556         (MacroAssembler):
3557         (JSC::MacroAssembler::invert):
3558         (JSC::MacroAssembler::isInvertible):
3559         * dfg/DFGCommon.h:
3560         * dfg/DFGJITCompiler.cpp:
3561         (JSC::DFG::JITCompiler::compile):
3562         (JSC::DFG::JITCompiler::compileFunction):
3563         * dfg/DFGSpeculativeJIT.cpp:
3564         (JSC::DFG::SpeculativeJIT::compilePeepHoleDoubleBranch):
3565         (JSC::DFG::SpeculativeJIT::compilePeepHoleObjectEquality):
3566         (JSC::DFG::SpeculativeJIT::compilePeepHoleIntegerBranch):
3567         (JSC::DFG::SpeculativeJIT::compile):
3568         (JSC::DFG::SpeculativeJIT::createOSREntries):
3569         (DFG):
3570         (JSC::DFG::SpeculativeJIT::linkOSREntries):
3571         (JSC::DFG::SpeculativeJIT::compileStrictEqForConstant):
3572         * dfg/DFGSpeculativeJIT.h:
3573         (SpeculativeJIT):
3574         (JSC::DFG::SpeculativeJIT::branchDouble):
3575         (JSC::DFG::SpeculativeJIT::branchDoubleNonZero):
3576         (JSC::DFG::SpeculativeJIT::branch32):
3577         (JSC::DFG::SpeculativeJIT::branchTest32):
3578         (JSC::DFG::SpeculativeJIT::branchPtr):
3579         (JSC::DFG::SpeculativeJIT::branchTestPtr):
3580         (JSC::DFG::SpeculativeJIT::branchTest8):
3581         (JSC::DFG::SpeculativeJIT::jump):
3582         (JSC::DFG::SpeculativeJIT::haveEdgeCodeToEmit):
3583         (JSC::DFG::SpeculativeJIT::emitEdgeCode):
3584         * dfg/DFGSpeculativeJIT32_64.cpp:
3585         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
3586         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranch):
3587         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
3588         (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
3589         (JSC::DFG::SpeculativeJIT::emitBranch):
3590         (JSC::DFG::SpeculativeJIT::compile):
3591         * dfg/DFGSpeculativeJIT64.cpp:
3592         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNull):
3593         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranch):
3594         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
3595         (JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
3596         (JSC::DFG::SpeculativeJIT::emitBranch):
3597         (JSC::DFG::SpeculativeJIT::compile):
3598
3599 2012-02-14  Filip Pizlo  <fpizlo@apple.com>
3600
3601         Assertion failure under JSC::DFG::AbstractState::execute loading economist.com
3602         https://bugs.webkit.org/show_bug.cgi?id=78153
3603         <rdar://problem/10861712> <rdar://problem/10861947>
3604
3605         Reviewed by Oliver Hunt.
3606
3607         * dfg/DFGAbstractState.cpp:
3608         (JSC::DFG::AbstractState::execute):
3609         * dfg/DFGSpeculativeJIT.cpp:
3610         (JSC::DFG::SpeculativeJIT::compileAdd):
3611
3612 2012-02-14  Eric Seidel  <eric@webkit.org>
3613
3614         Upstream Android's additions to Platform.h
3615         https://bugs.webkit.org/show_bug.cgi?id=78536
3616
3617         Reviewed by Adam Barth.
3618
3619         * wtf/Platform.h:
3620
3621 2012-02-12  Mark Hahnenberg  <mhahnenberg@apple.com>
3622
3623         Replace old strtod with new strtod
3624         https://bugs.webkit.org/show_bug.cgi?id=68044
3625
3626         Reviewed by Geoffrey Garen.
3627
3628         * parser/Lexer.cpp: Added template argument. This version allows junk after numbers.
3629         (JSC::::lex):
3630         * runtime/JSGlobalObjectFunctions.cpp: Ditto.
3631         (JSC::parseInt):
3632         (JSC::jsStrDecimalLiteral):
3633         * runtime/LiteralParser.cpp: Ditto.
3634         (JSC::::Lexer::lexNumber):
3635         * wtf/dtoa.cpp: Replaced old strtod with a new version that uses the new StringToDoubleConverter.
3636         It takes a template argument to allow clients to determine statically whether it should allow 
3637         junk after the numbers or not.
3638         (WTF):
3639         (WTF::strtod):
3640         * wtf/dtoa.h:
3641         (WTF):
3642         * wtf/text/WTFString.cpp: Added template argument. This version does not allow junk after numbers.
3643         (WTF::toDoubleType):
3644
3645 2012-02-13  Mark Hahnenberg  <mhahnenberg@apple.com>
3646
3647         More windows build fixing
3648
3649         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3650
3651 2012-02-13  Oliver Hunt  <oliver@apple.com>
3652
3653         Executing out of bounds in JSC::Yarr::YarrCodeBlock::execute / JSC::RegExp::match
3654         https://bugs.webkit.org/show_bug.cgi?id=76315
3655
3656         Reviewed by Gavin Barraclough.
3657
3658         Perform a 3 byte compare using two comparisons, rather than trying to perform the
3659         operation with a four byte load.
3660
3661         * yarr/YarrJIT.cpp:
3662         (JSC::Yarr::YarrGenerator::generatePatternCharacterOnce):
3663
3664 2012-02-13  Mark Hahnenberg  <mhahnenberg@apple.com>
3665
3666         Windows build fix
3667
3668         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3669
3670 2012-02-12  Mark Hahnenberg  <mhahnenberg@apple.com>
3671
3672         Replace old strtod with new strtod
3673         https://bugs.webkit.org/show_bug.cgi?id=68044
3674
3675         Reviewed by Geoffrey Garen.
3676
3677         * parser/Lexer.cpp: Added template argument. This version allows junk after numbers.
3678         (JSC::::lex):
3679         * runtime/JSGlobalObjectFunctions.cpp: Ditto.
3680         (JSC::parseInt):
3681         (JSC::jsStrDecimalLiteral):
3682         * runtime/LiteralParser.cpp: Ditto.
3683         (JSC::::Lexer::lexNumber):
3684         * wtf/dtoa.cpp: Replaced old strtod with a new version that uses the new StringToDoubleConverter.
3685         It takes a template argument to allow clients to determine statically whether it should allow 
3686         junk after the numbers or not.
3687         (WTF):
3688         (WTF::strtod):
3689         * wtf/dtoa.h:
3690         (WTF):
3691         * wtf/text/WTFString.cpp: Added template argument. This version does not allow junk after numbers.
3692         (WTF::toDoubleType):
3693
3694 2012-02-13  Sam Weinig  <sam@webkit.org>
3695
3696         Move JSC related assertions out of Assertions.h and into their own header
3697         https://bugs.webkit.org/show_bug.cgi?id=78508
3698
3699         Reviewed by Gavin Barraclough.
3700
3701         * GNUmakefile.list.am:
3702         * JavaScriptCore.gypi:
3703         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3704         * JavaScriptCore.xcodeproj/project.pbxproj:
3705         Add GCAssertions.h
3706
3707         * heap/GCAssertions.h: Added.
3708         Move assertions here.
3709
3710         * runtime/WriteBarrier.h:
3711         Add #include of GCAssertions.h
3712
3713         * wtf/Assertions.h:
3714         Remove JSC related assertions.
3715
3716         * wtf/Compiler.h:
3717         Add compiler check for __has_trivial_destructor.
3718
3719 2012-02-13  Chao-ying Fu  <fu@mips.com>
3720
3721         Update MIPS patchOffsetGetByIdSlowCaseCall
3722         https://bugs.webkit.org/show_bug.cgi?id=78392
3723
3724         Reviewed by Gavin Barraclough.
3725
3726         * jit/JIT.h:
3727         (JIT):
3728
3729 2012-02-13  Patrick Gansterer  <paroga@webkit.org>
3730
3731         Remove obsolete #if from ThreadSpecific.h
3732         https://bugs.webkit.org/show_bug.cgi?id=78485
3733
3734         Reviewed by Adam Roben.
3735
3736         Since alle platform use either pthread or Win32 for threading,
3737         we can remove all PLATFORM() preprocessor statements.
3738
3739         * wtf/ThreadSpecific.h:
3740         (ThreadSpecific):
3741
3742 2012-02-13  Jessie Berlin  <jberlin@apple.com>
3743
3744         Fix the Windows build.
3745
3746         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3747
3748 2012-02-13  Sam Weinig  <sam@webkit.org>
3749
3750         Use C11's _Static_assert for COMPILE_ASSERT if it is available
3751         https://bugs.webkit.org/show_bug.cgi?id=78506
3752
3753         Rubber-stamped by Antti Koivisto.
3754
3755         Use C11's _Static_assert for COMPILE_ASSERT if it is available to give slightly
3756         better error messages.
3757
3758         * wtf/Assertions.h:
3759         Use _Static_assert if it is available.
3760
3761         * wtf/Compiler.h:
3762         Add COMPILER_SUPPORTS support for _Static_assert when using the LLVM Compiler.
3763
3764 2012-02-13  Mario Sanchez Prada  <msanchez@igalia.com>
3765
3766         [GTK] Add GSList to the list of GObject types in GOwnPtr
3767         https://bugs.webkit.org/show_bug.cgi?id=78487
3768
3769         Reviewed by Philippe Normand.
3770
3771         Handle the GSList type in GOwnPtr, by calling g_slist_free in the
3772         implementation of the freeOwnedGPtr template function.
3773
3774         * wtf/gobject/GOwnPtr.cpp:
3775         (WTF::GSList):
3776         (WTF):
3777         * wtf/gobject/GOwnPtr.h:
3778         (WTF):
3779         * wtf/gobject/GTypedefs.h:
3780
3781 2012-02-06  Raphael Kubo da Costa  <kubo@profusion.mobi>
3782
3783         [EFL] Drop support for the Curl network backend.
3784         https://bugs.webkit.org/show_bug.cgi?id=77874
3785
3786         Reviewed by Eric Seidel.
3787
3788         Nobody seems to be maintaining the Curl backend in WebCore, the
3789         EFL port developers all seem to be using the Soup backend and the
3790         port itself has many features which are only implemented for the
3791         latter.
3792
3793         * wtf/PlatformEfl.cmake: Always build the gobject-dependent source
3794         files.
3795
3796 2012-02-13  Patrick Gansterer  <paroga@webkit.org>
3797
3798         Unreviewed. Build fix for !ENABLE(JIT) after r107485.
3799
3800         * bytecode/PolymorphicPutByIdList.cpp:
3801
3802 2012-02-13  Gavin Barraclough  <barraclough@apple.com>
3803
3804         https://bugs.webkit.org/show_bug.cgi?id=78434
3805         Unreviewed - temporarily reverting r107498 will I fix a couple of testcases.
3806
3807         * parser/Parser.cpp:
3808         (JSC::::parseFunctionInfo):
3809         * runtime/ClassInfo.h:
3810         (MethodTable):
3811         (JSC):
3812         * runtime/JSCell.cpp:
3813         (JSC):
3814         * runtime/JSCell.h:
3815         (JSCell):
3816         * runtime/JSGlobalObject.cpp:
3817         (JSC::JSGlobalObject::reset):
3818         * runtime/JSGlobalObjectFunctions.cpp:
3819         (JSC):
3820         * runtime/JSGlobalObjectFunctions.h:
3821         (JSC):
3822         * runtime/JSObject.cpp:
3823         (JSC::JSObject::put):
3824         (JSC):
3825         (JSC::JSObject::putDirectAccessor):
3826         (JSC::JSObject::defineOwnProperty):
3827         * runtime/JSObject.h:
3828         (JSC::JSObject::inlineGetOwnPropertySlot):
3829         (JSC::JSValue::get):
3830         * runtime/JSString.cpp:
3831         (JSC::JSString::getOwnPropertySlot):
3832         * runtime/JSValue.h:
3833         (JSValue):
3834         * runtime/ObjectConstructor.cpp:
3835         (JSC::objectConstructorGetPrototypeOf):
3836         * runtime/Structure.cpp:
3837         (JSC::Structure::Structure):
3838         * runtime/Structure.h:
3839         (JSC::Structure::setHasGetterSetterProperties):
3840         (Structure):
3841
3842 2012-02-12  Ashod Nakashian  <ashodnakashian@yahoo.com>
3843
3844         KeywordLookupGenerator.py script fails in some cases
3845         https://bugs.webkit.org/show_bug.cgi?id=77886
3846
3847         Reviewed by Benjamin Poulain.
3848
3849         * parser/Keywords.table: Converted to LF-only.
3850
3851 2012-02-12  Shinya Kawanaka  <shinyak@google.com>
3852
3853         Introduce ShadowRootList.
3854         https://bugs.webkit.org/show_bug.cgi?id=78069
3855
3856         Reviewed by Hajime Morita.
3857
3858         DoublyLinkedList should have tail() method to take the last element.
3859
3860         * wtf/DoublyLinkedList.h:
3861         (DoublyLinkedList):
3862         (WTF::::tail):
3863         (WTF):
3864
3865 2012-02-12  Raphael Kubo da Costa  <kubo@profusion.mobi>
3866
3867         [CMake] Move source files in WTF_HEADERS to WTF_SOURCES.
3868         https://bugs.webkit.org/show_bug.cgi?id=78436
3869
3870         Reviewed by Daniel Bates.
3871
3872         * wtf/CMakeLists.txt: Move .cpp files from WTF_HEADERS to WTF_SOURCES,
3873         and correctly sort the files which start with 'M'.
3874
3875 2012-02-12  Sam Weinig  <sam@webkit.org>
3876
3877         Move the NumberOfCores.h/cpp files into the WTF group of JavaScriptCore.xcodeproj.
3878
3879         Rubber-stamped by Anders Carlsson.
3880
3881         * JavaScriptCore.xcodeproj/project.pbxproj:
3882
3883 2012-02-12  Raphael Kubo da Costa  <kubo@profusion.mobi>
3884
3885         [CMake] Remove unused or empty variable definitions.
3886         https://bugs.webkit.org/show_bug.cgi?id=78437
3887
3888         Reviewed by Daniel Bates.
3889
3890         * CMakeLists.txt: Remove unused JavaScriptCore_HEADERS definition.
3891         * shell/CMakeLists.txt: Remove unused JSC_HEADERS definition.
3892         * wtf/CMakeLists.txt: Remove empty WTF_LIBRARIES definition, it will
3893         be defined later by Platform*.cmake via LIST(APPEND WTF_LIBRARIES).
3894
3895 2012-02-12  Filip Pizlo  <fpizlo@apple.com>
3896
3897         DFG::SpeculativeJIT calls fprintf() instead of dataLog in terminateSpeculativeExecution()
3898         https://bugs.webkit.org/show_bug.cgi?id=78431
3899
3900         Reviewed by Gavin Barraclough.
3901
3902         * dfg/DFGSpeculativeJIT.h:
3903         (JSC::DFG::SpeculativeJIT::terminateSpeculativeExecution):
3904
3905 2012-02-11  Benjamin Poulain  <benjamin@webkit.org>
3906
3907         Add back WTFURL to WebKit
3908         https://bugs.webkit.org/show_bug.cgi?id=77291
3909
3910         Reviewed by Adam Barth.
3911
3912         WTFURL was removed from WebKit in r86787.
3913
3914         This patch adds the code back to WTF with the following changes:
3915         -Guard the feature with USE(WTFURL).
3916         -Change the typename CHAR to CharacterType to follow recent WebKit conventions.
3917         -Fix some coding style to make check-webkit-style happy.
3918
3919         * JavaScriptCore.xcodeproj/project.pbxproj:
3920         * wtf/Platform.h:
3921         * wtf/url/api/ParsedURL.cpp: Added.
3922         (WTF):
3923         (WTF::ParsedURL::ParsedURL):
3924         (WTF::ParsedURL::scheme):
3925         (WTF::ParsedURL::username):
3926         (WTF::ParsedURL::password):
3927         (WTF::ParsedURL::host):
3928         (WTF::ParsedURL::port):
3929         (WTF::ParsedURL::path):
3930         (WTF::ParsedURL::query):
3931         (WTF::ParsedURL::fragment):
3932         (WTF::ParsedURL::segment):
3933         * wtf/url/api/ParsedURL.h: Added.
3934         (WTF):
3935         (ParsedURL):
3936         (WTF::ParsedURL::spec):
3937         * wtf/url/api/URLString.h: Added.
3938         (WTF):
3939         (URLString):
3940         (WTF::URLString::URLString):
3941         (WTF::URLString::string):
3942         * wtf/url/src/RawURLBuffer.h: Added.
3943         (WTF):
3944         (RawURLBuffer):
3945         (WTF::RawURLBuffer::RawURLBuffer):
3946         (WTF::RawURLBuffer::~RawURLBuffer):
3947         (WTF::RawURLBuffer::resize):
3948         * wtf/url/src/URLBuffer.h: Added.
3949         (WTF):
3950         (URLBuffer):
3951         (WTF::URLBuffer::URLBuffer):
3952         (WTF::URLBuffer::~URLBuffer):
3953         (WTF::URLBuffer::at):
3954         (WTF::URLBuffer::set):
3955         (WTF::URLBuffer::capacity):
3956         (WTF::URLBuffer::length):
3957         (WTF::URLBuffer::data):
3958         (WTF::URLBuffer::setLength):
3959         (WTF::URLBuffer::append):
3960         (WTF::URLBuffer::grow):
3961         * wtf/url/src/URLCharacterTypes.cpp: Added.
3962         (WTF):
3963         ():
3964         * wtf/url/src/URLCharacterTypes.h: Added.
3965         (WTF):
3966         (URLCharacterTypes):
3967         (WTF::URLCharacterTypes::isQueryChar):
3968         (WTF::URLCharacterTypes::isIPv4Char):
3969         (WTF::URLCharacterTypes::isHexChar):
3970         ():
3971         (WTF::URLCharacterTypes::isCharOfType):
3972         * wtf/url/src/URLComponent.h: Added.
3973         (WTF):
3974         (URLComponent):
3975         (WTF::URLComponent::URLComponent):
3976         (WTF::URLComponent::fromRange):
3977         (WTF::URLComponent::isValid):
3978         (WTF::URLComponent::isNonEmpty):
3979         (WTF::URLComponent::isEmptyOrInvalid):
3980         (WTF::URLComponent::reset):
3981         (WTF::URLComponent::operator==):
3982         (WTF::URLComponent::begin):
3983         (WTF::URLComponent::setBegin):
3984         (WTF::URLComponent::length):
3985         (WTF::URLComponent::setLength):
3986         (WTF::URLComponent::end):
3987         * wtf/url/src/URLEscape.cpp: Added.
3988         (WTF):
3989         ():
3990         * wtf/url/src/URLEscape.h: Added.
3991         (WTF):
3992         (WTF::appendURLEscapedCharacter):
3993         * wtf/url/src/URLParser.h: Added.
3994         (WTF):
3995         (URLParser):
3996         ():
3997         (WTF::URLParser::isPossibleAuthorityTerminator):
3998         (WTF::URLParser::parseAuthority):
3999         (WTF::URLParser::extractScheme):
4000         (WTF::URLParser::parseAfterScheme):
4001         (WTF::URLParser::parseStandardURL):
4002         (WTF::URLParser::parsePath):
4003         (WTF::URLParser::parsePathURL):
4004         (WTF::URLParser::parseMailtoURL):
4005         (WTF::URLParser::parsePort):
4006         (WTF::URLParser::extractFileName):
4007         (WTF::URLParser::extractQueryKeyValue):
4008         (WTF::URLParser::isURLSlash):
4009         (WTF::URLParser::shouldTrimFromURL):
4010         (WTF::URLParser::trimURL):
4011         (WTF::URLParser::consecutiveSlashes):
4012         (WTF::URLParser::isPortDigit):
4013         (WTF::URLParser::nextAuthorityTerminator):
4014         (WTF::URLParser::parseUserInfo):
4015         (WTF::URLParser::parseServerInfo):
4016         * wtf/url/src/URLQueryCanonicalizer.h: Added.
4017         (WTF):
4018         (URLQueryCanonicalizer):
4019         (WTF::URLQueryCanonicalizer::canonicalize):
4020         (WTF::URLQueryCanonicalizer::isAllASCII):
4021         (WTF::URLQueryCanonicalizer::isRaw8Bit):
4022         (WTF::URLQueryCanonicalizer::appendRaw8BitQueryString):
4023         (WTF::URLQueryCanonicalizer::convertToQueryEncoding):
4024         * wtf/url/src/URLSegments.cpp: Added.
4025         (WTF):
4026         (WTF::URLSegments::length):
4027         (WTF::URLSegments::charactersBefore):
4028         * wtf/url/src/URLSegments.h: Added.
4029         (WTF):
4030         (URLSegments):
4031         ():
4032         (WTF::URLSegments::URLSegments):
4033