[CMake] Always build wtf as a static library.
[WebKit-https.git] / Source / JavaScriptCore / ChangeLog
1 2012-02-28  Raphael Kubo da Costa  <kubo@profusion.mobi>
2
3         [CMake] Always build wtf as a static library.
4         https://bugs.webkit.org/show_bug.cgi?id=79857
5
6         Reviewed by Eric Seidel.
7
8         To help the efforts in bug 75673 to move WTF out of
9         JavaScriptCore, act more like the other ports and remove the
10         possibility of building WTF as a shared library.
11
12         It does not make much sense to, for example, ship WTF as a
13         separate .so with webkit-efl packages, and it should be small
14         enough not to cause problems during linking.
15
16         * wtf/CMakeLists.txt:
17
18 2012-02-28  Dmitry Lomov  <dslomov@google.com>
19
20         [JSC] Implement ArrayBuffer transfer
21         https://bugs.webkit.org/show_bug.cgi?id=73493.
22         Implement ArrayBuffer transfer, per Khronos spec:  http://www.khronos.org/registry/typedarray/specs/latest/#9.
23         This brings parity with V8 implementation of transferable typed arrays.
24
25         Reviewed by Oliver Hunt.
26
27         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Extra export.
28         * wtf/ArrayBuffer.h:
29         (ArrayBuffer): Added extra export.
30
31 2012-02-28  Kevin Ollivier  <kevino@theolliviers.com>
32
33         [wx] Unreviewed. Build fix after recent LLInt additions.
34         
35         * wscript:
36
37 2012-02-28  Mark Hahnenberg  <mhahnenberg@apple.com>
38
39         Refactor SpeculativeJIT::emitAllocateJSFinalObject
40         https://bugs.webkit.org/show_bug.cgi?id=79801
41
42         Reviewed by Filip Pizlo.
43
44         * dfg/DFGSpeculativeJIT.h:
45         (JSC::DFG::SpeculativeJIT::emitAllocateBasicJSObject): Split emitAllocateJSFinalObject out to form this
46         function, which is more generic in that it can allocate a variety of classes.
47         (SpeculativeJIT):
48         (JSC::DFG::SpeculativeJIT::emitAllocateJSFinalObject): Changed to use the new helper function.
49
50 2012-02-28  Gavin Barraclough  <barraclough@apple.com>
51
52         [[Get]]/[[Put]] for primitives should not wrap on strict accessor call
53         https://bugs.webkit.org/show_bug.cgi?id=79588
54
55         Reviewed by Oliver Hunt.
56
57         In the case of [[Get]], this is a pretty trivial bug - just don't wrap
58         primitives at the point you call a getter.
59
60         For setters, this is a little more involved, since we have already wrapped
61         the value up in a synthesized object. Stop doing so. There is also a further
62         subtely, that in strict mode all attempts to create a new data property on
63         the object should throw.
64
65         * runtime/JSCell.cpp:
66         (JSC::JSCell::put):
67             - [[Put]] to a string primitive should use JSValue::putToPrimitive.
68         * runtime/JSObject.cpp:
69         (JSC::JSObject::put):
70             - Remove static function called in one place.
71         * runtime/JSObject.h:
72         (JSC::JSValue::put):
73             - [[Put]] to a non-cell JSValue should use JSValue::putToPrimitive.
74         * runtime/JSValue.cpp:
75         (JSC::JSValue::synthesizePrototype):
76             - Add support for synthesizing the prototype of strings.
77         (JSC::JSValue::putToPrimitive):
78             - Added, implements [[Put]] for primitive bases, per 8.7.2.
79         * runtime/JSValue.h:
80         (JSValue):
81             - Add declaration for JSValue::putToPrimitive.
82         * runtime/PropertySlot.cpp:
83         (JSC::PropertySlot::functionGetter):
84             - Don't call ToObject on primitive this values.
85
86 2012-02-28  Mark Hahnenberg  <mhahnenberg@apple.com>
87
88         Re-enable parallel GC on Mac
89         https://bugs.webkit.org/show_bug.cgi?id=79837
90
91         Rubber stamped by Filip Pizlo.
92
93         * runtime/Options.cpp:
94         (JSC::Options::initializeOptions): We accidentally disabled parallel GC with this line,
95         so we removed it and things should go back to normal.
96
97 2012-02-28  Filip Pizlo  <fpizlo@apple.com>
98
99         Some run-javascriptcore-tests broken for 32-bit debug
100         https://bugs.webkit.org/show_bug.cgi?id=79844
101
102         Rubber stamped by Oliver Hunt.
103         
104         These assertions are just plain wrong for 32-bit. We could either have a massive
105         assertion that depends on value representation, that has to be changed every
106         time we change the JITs, resulting in a bug tail of debug-mode crashes, or we
107         could get rid of the assertions. I pick the latter.
108
109         * dfg/DFGOperations.cpp:
110         * jit/JITStubs.cpp:
111         (JSC::DEFINE_STUB_FUNCTION):
112
113 2012-02-28  Mark Hahnenberg  <mhahnenberg@apple.com>
114
115         Get rid of padding cruft in CopiedBlock
116         https://bugs.webkit.org/show_bug.cgi?id=79686
117
118         Reviewed by Filip Pizlo.
119
120         * heap/CopiedBlock.h:
121         (CopiedBlock): Removed the extra padding that was used for alignment purposes until 
122         the calculation of the payload offset into CopiedBlocks was redone recently.
123
124 2012-02-28  Anders Carlsson  <andersca@apple.com>
125
126         Fix build with newer versions of clang.
127
128         Clang now warns since we're not passing a CFString literal to CFStringCreateWithFormatAndArguments,
129         but it's OK to ignore this warning since clang is also checking that the caller (vprintf_stderr_common)
130         takes a string literal.
131
132         * wtf/Assertions.cpp:
133
134 2012-02-28  Mario Sanchez Prada  <msanchez@igalia.com>
135
136         [GTK] Add GMainLoop and GMainContext to be handled by GRefPtr
137         https://bugs.webkit.org/show_bug.cgi?id=79496
138
139         Reviewed by Martin Robinson.
140
141         Handle GMainLoop and GMainContext in GRefPtr, by calling
142         g_main_loop_(un)ref and g_main_context_(un)ref in the
143         implementation of the refGPtr and derefGPtr template functions.
144
145         * wtf/gobject/GRefPtr.cpp:
146         (WTF::refGPtr):
147         (WTF):
148         (WTF::derefGPtr):
149         * wtf/gobject/GRefPtr.h:
150         (WTF):
151         * wtf/gobject/GTypedefs.h:
152
153 2012-02-28  Yong Li  <yoli@rim.com>
154
155         JSString::resolveRope() should report extra memory cost to the heap.
156         https://bugs.webkit.org/show_bug.cgi?id=79555
157
158         Reviewed by Michael Saboff.
159
160         At the time a JSString is constructed with fibers, it doesn't report
161         extra memory cost, which is reasonable because it hasn't allocate
162         new memory. However when the rope is resolved, it should report meory
163         cost for the new buffer.
164
165         * runtime/JSString.cpp:
166         (JSC::JSString::resolveRope):
167
168 2012-02-27  Oliver Hunt  <oliver@apple.com>
169
170         sputnik/Unicode/Unicode_500/S7.2_A1.6_T1.html crashes in the interpreter
171         https://bugs.webkit.org/show_bug.cgi?id=79728
172
173         Reviewed by Gavin Barraclough.
174
175         When initialising a chained get instruction we may end up in a state where
176         the instruction stream says we have a scopechain, but it has not yet been set
177         (eg. if allocating the StructureChain itself is what leads to the GC).  We could
178         re-order the allocation, but it occurs in a couple of places, so it seems less
179         fragile simply to null check the scopechain slot before we actually visit the slot.
180
181         * bytecode/CodeBlock.cpp:
182         (JSC::CodeBlock::visitStructures):
183
184 2012-02-27  Filip Pizlo  <fpizlo@apple.com>
185
186         Old JIT's style of JSVALUE64 strict equality is subtly wrong
187         https://bugs.webkit.org/show_bug.cgi?id=79700
188
189         Reviewed by Oliver Hunt.
190
191         * assembler/MacroAssemblerX86_64.h:
192         (JSC::MacroAssemblerX86_64::comparePtr):
193         (MacroAssemblerX86_64):
194         * dfg/DFGOperations.cpp:
195         * dfg/DFGSpeculativeJIT.cpp:
196         (JSC::DFG::SpeculativeJIT::nonSpeculativeStrictEq):
197         * dfg/DFGSpeculativeJIT64.cpp:
198         (JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
199         (JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeStrictEq):
200         * jit/JITOpcodes.cpp:
201         (JSC::JIT::compileOpStrictEq):
202         (JSC::JIT::emitSlow_op_stricteq):
203         (JSC::JIT::emitSlow_op_nstricteq):
204         * jit/JITStubs.cpp:
205         (JSC::DEFINE_STUB_FUNCTION):
206
207 2012-02-27  Gavin Barraclough  <barraclough@apple.com>
208
209         Implement support for op_negate and op_bitnot in the DFG JIT
210         https://bugs.webkit.org/show_bug.cgi?id=79617
211
212         Reviewed by Filip Pizlo.
213
214         Add an ArithNegate op to the DFG JIT, to implement op_negate.
215
216         This patch also adds support for op_negate to the JSVALUE64 baseline JIT
217         (JSVALUE32_64 already had this), so that we can profile the slowpath usage.
218
219         This is a 2.5%-3% Sunspider progression and a 1% win on Kraken.
220
221         * assembler/ARMv7Assembler.h:
222         (JSC::ARMv7Assembler::sub_S):
223             - Added sub_S from immediate.
224         (ARMv7Assembler):
225         (JSC::ARMv7Assembler::vneg):
226             - Added double negate.
227         * assembler/MacroAssemblerARMv7.h:
228         (JSC::MacroAssemblerARMv7::negateDouble):
229             - Added double negate.
230         (MacroAssemblerARMv7):
231         (JSC::MacroAssemblerARMv7::branchNeg32):
232             - Added.
233         * assembler/MacroAssemblerX86.h:
234         (MacroAssemblerX86):
235             - moved loadDouble, absDouble to common.
236         * assembler/MacroAssemblerX86Common.h:
237         (MacroAssemblerX86Common):
238         (JSC::MacroAssemblerX86Common::absDouble):
239             - implementation can be shared.
240         (JSC::MacroAssemblerX86Common::negateDouble):
241             - Added.
242         (JSC::MacroAssemblerX86Common::loadDouble):
243             - allow absDouble to have a common implementation.
244         * assembler/MacroAssemblerX86_64.h:
245         (MacroAssemblerX86_64):
246             - moved loadDouble, absDouble to common.
247         * dfg/DFGAbstractState.cpp:
248         (JSC::DFG::AbstractState::execute):
249             - support ArithNegate.
250         * dfg/DFGArithNodeFlagsInferencePhase.cpp:
251         (JSC::DFG::ArithNodeFlagsInferencePhase::propagate):
252             - support ArithNegate.
253         * dfg/DFGByteCodeParser.cpp:
254         (JSC::DFG::ByteCodeParser::makeSafe):
255             - support ArithNegate.
256         (JSC::DFG::ByteCodeParser::parseBlock):
257             - support op_negate.
258         * dfg/DFGCSEPhase.cpp:
259         (JSC::DFG::CSEPhase::performNodeCSE):
260             - support ArithNegate.
261         * dfg/DFGCapabilities.h:
262         (JSC::DFG::canCompileOpcode):
263             - support op_negate.
264         * dfg/DFGGraph.h:
265         (JSC::DFG::Graph::negateShouldSpeculateInteger):
266             - support ArithNegate.
267         * dfg/DFGNode.h:
268         (JSC::DFG::Node::hasArithNodeFlags):
269             - support ArithNegate.
270         * dfg/DFGPredictionPropagationPhase.cpp:
271         (JSC::DFG::PredictionPropagationPhase::propagate):
272             - support ArithNegate.
273         * dfg/DFGSpeculativeJIT.cpp:
274         (JSC::DFG::SpeculativeJIT::compileArithNegate):
275             - support ArithNegate.
276         * dfg/DFGSpeculativeJIT.h:
277         (SpeculativeJIT):
278             - support ArithNegate.
279         * dfg/DFGSpeculativeJIT32_64.cpp:
280         (JSC::DFG::SpeculativeJIT::compile):
281             - support ArithNegate.
282         * dfg/DFGSpeculativeJIT64.cpp:
283         (JSC::DFG::SpeculativeJIT::compile):
284             - support ArithNegate.
285         * jit/JIT.cpp:
286         (JSC::JIT::privateCompileMainPass):
287         (JSC::JIT::privateCompileSlowCases):
288             - Add support for op_negate in JSVALUE64.
289         * jit/JITArithmetic.cpp:
290         (JSC::JIT::emit_op_negate):
291         (JSC::JIT::emitSlow_op_negate):
292             - Add support for op_negate in JSVALUE64.
293
294 2012-02-27  Mahesh Kulkarni  <mahesh.kulkarni@nokia.com>
295
296         Unreviewed. Build fix for linux-bot (qt) after r109021.
297
298         * runtime/Error.cpp:
299
300 2012-02-27  Oliver Hunt  <oliver@apple.com>
301
302         REGRESSION (r108112): AWS Management Console at amazon.com fails to initialize
303         https://bugs.webkit.org/show_bug.cgi?id=79693
304
305         Reviewed by Filip Pizlo.
306
307         Alas we can't provide the stack trace as an array, as despite everyone wanting
308         an array, everyone arbitrarily creates the array by calling split on the stack
309         trace.  To create the array we would have provided them in the first place.
310
311         This changes the exception's stack property to a \n separated string.  To get the
312         old array just do <exception>.stack.split("\n").
313
314         * runtime/Error.cpp:
315         (JSC::addErrorInfo):
316
317 2012-02-27  Gavin Barraclough  <barraclough@apple.com>
318
319         RegExp lastIndex should behave as a regular property
320         https://bugs.webkit.org/show_bug.cgi?id=79446
321
322         Reviewed by Sam Weinig.
323
324         lastIndex should be a regular data descriptor, with the attributes configurable:false,
325         enumerable:false, writable:true. As such, it should be possible to reconfigure writable
326         as false. If the lastIndex property is reconfigured to be read-only, we should respect
327         this correctly.
328
329         * runtime/CommonIdentifiers.h:
330             - Removed some unused identifiers, added lastIndex.
331         * runtime/RegExpObject.cpp:
332         (JSC::RegExpObject::getOwnPropertySlot):
333             - lastIndex is no longer a static value, provided specific handling.
334         (JSC::RegExpObject::getOwnPropertyDescriptor):
335             - lastIndex is no longer a static value, provided specific handling.
336         (JSC::RegExpObject::deleteProperty):
337             - lastIndex is no longer a static value, provided specific handling.
338         (JSC::RegExpObject::getOwnPropertyNames):
339             - lastIndex is no longer a static value, provided specific handling.
340         (JSC::RegExpObject::getPropertyNames):
341             - lastIndex is no longer a static value, provided specific handling.
342         (JSC::reject):
343             - helper function for defineOwnProperty.
344         (JSC::RegExpObject::defineOwnProperty):
345             - lastIndex is no longer a static value, provided specific handling.
346         (JSC::RegExpObject::put):
347             - lastIndex is no longer a static value, provided specific handling.
348         (JSC::RegExpObject::match):
349             - Pass setLastIndex an ExecState, so it can throw if read-only.
350         * runtime/RegExpObject.h:
351         (JSC::RegExpObject::setLastIndex):
352             - Pass setLastIndex an ExecState, so it can throw if read-only.
353         (RegExpObjectData):
354             - Added lastIndexIsWritable.
355         * runtime/RegExpPrototype.cpp:
356         (JSC::regExpProtoFuncCompile):
357             - Pass setLastIndex an ExecState, so it can throw if read-only.
358
359 2012-02-27  Gavin Barraclough  <barraclough@apple.com>
360
361         Implement support for op_negate and op_bitnot in the DFG JIT
362         https://bugs.webkit.org/show_bug.cgi?id=79617
363
364         Reviewed by Sam Weinig.
365
366         Remove op_bitnop - this is redundant, ~x === x^-1.
367         This is a fractional (<1%) progression.
368
369         Remove not32(X) from the MacroAssemblers - make this an optimization to add32(-1, X).
370         Remove CanReuse from the result type - this was unused.
371         Remove op_bitnot.
372
373         * assembler/MacroAssemblerARM.h:
374         (MacroAssemblerARM):
375         (JSC::MacroAssemblerARM::xor32):
376         * assembler/MacroAssemblerARMv7.h:
377         (MacroAssemblerARMv7):
378         (JSC::MacroAssemblerARMv7::xor32):
379         * assembler/MacroAssemblerMIPS.h:
380         (MacroAssemblerMIPS):
381         (JSC::MacroAssemblerMIPS::xor32):
382         * assembler/MacroAssemblerSH4.h:
383         (MacroAssemblerSH4):
384         (JSC::MacroAssemblerSH4::xor32):
385         * assembler/MacroAssemblerX86Common.h:
386         (MacroAssemblerX86Common):
387         (JSC::MacroAssemblerX86Common::xor32):
388         * bytecode/CodeBlock.cpp:
389         (JSC::CodeBlock::dump):
390         * bytecode/Opcode.h:
391         (JSC):
392         (JSC::padOpcodeName):
393         * bytecompiler/NodesCodegen.cpp:
394         (JSC):
395         (JSC::BitwiseNotNode::emitBytecode):
396         * interpreter/Interpreter.cpp:
397         (JSC::Interpreter::privateExecute):
398         * jit/JIT.cpp:
399         (JSC::JIT::privateCompileMainPass):
400         (JSC::JIT::privateCompileSlowCases):
401         * jit/JIT.h:
402         (JIT):
403         * jit/JITArithmetic32_64.cpp:
404         (JSC):
405         * jit/JITOpcodes.cpp:
406         (JSC):
407         * jit/JITStubs.cpp:
408         (JSC):
409         * jit/JITStubs.h:
410         * llint/LLIntSlowPaths.cpp:
411         (LLInt):
412         * llint/LLIntSlowPaths.h:
413         (LLInt):
414         * llint/LowLevelInterpreter32_64.asm:
415         * parser/NodeConstructors.h:
416         (JSC::NegateNode::NegateNode):
417         (JSC::BitwiseNotNode::BitwiseNotNode):
418         (JSC::MultNode::MultNode):
419         (JSC::DivNode::DivNode):
420         (JSC::ModNode::ModNode):
421         (JSC::SubNode::SubNode):
422         (JSC::UnsignedRightShiftNode::UnsignedRightShiftNode):
423         * parser/Nodes.h:
424         (BitwiseNotNode):
425         (JSC::BitwiseNotNode::expr):
426         (JSC):
427         * parser/ResultType.h:
428         (ResultType):
429         (JSC::ResultType::numberTypeIsInt32):
430         (JSC::ResultType::stringOrNumberType):
431         (JSC::ResultType::forAdd):
432         (JSC::ResultType::forBitOp):
433
434 2012-02-27  Michael Saboff  <msaboff@apple.com>
435
436         Error check regexp min quantifier
437         https://bugs.webkit.org/show_bug.cgi?id=70648
438
439         Reviewed by Gavin Barraclough.
440
441         Added checking for min or only quantifier being UINT_MAX.
442         When encountered this becomes a SyntaxError during parsing.
443
444         * yarr/YarrParser.h:
445         (JSC::Yarr::Parser::parseQuantifier):
446         (JSC::Yarr::Parser::parse):
447         (Parser):
448
449 2012-02-27  Carlos Garcia Campos  <cgarcia@igalia.com>
450
451         Unreviewed. Fix make distcheck.
452
453         * GNUmakefile.list.am: Add missing files.
454
455 2012-02-26  Hajime Morrita  <morrita@chromium.org>
456
457         Move ChromeClient::showContextMenu() to ContextMenuClient
458         https://bugs.webkit.org/show_bug.cgi?id=79427
459
460         Reviewed by Adam Barth.
461
462         Added ACCESSIBILITY_CONTEXT_MENUS.
463
464         * wtf/Platform.h:
465
466 2012-02-26  Filip Pizlo  <fpizlo@apple.com>
467
468         LayoutTests/fast/xpath/xpath-functional-test.html is crashing in the DFG
469         https://bugs.webkit.org/show_bug.cgi?id=79616
470
471         Reviewed by Oliver Hunt.
472         
473         Guard against the fact that in JSVALUE64, JSValue().isCell() == true.
474
475         * dfg/DFGAbstractValue.h:
476         (JSC::DFG::AbstractValue::validate):
477
478 2012-02-26  Filip Pizlo  <fpizlo@apple.com>
479
480         DFG should support activations and nested functions
481         https://bugs.webkit.org/show_bug.cgi?id=79554
482
483         Reviewed by Sam Weinig.
484         
485         Fix 32-bit. The 32-bit function+activation code had some really weird
486         register reuse bugs.
487
488         * dfg/DFGSpeculativeJIT32_64.cpp:
489         (JSC::DFG::SpeculativeJIT::compile):
490
491 2012-02-26  Filip Pizlo  <fpizlo@apple.com>
492
493         Getting the instruction stream for a code block should not require two loads
494         https://bugs.webkit.org/show_bug.cgi?id=79608
495
496         Reviewed by Sam Weinig.
497         
498         Introduced the RefCountedArray class, which contains a single inline pointer
499         to a ref-counted non-resizeable vector backing store. This satisfies the
500         requirements of CodeBlock, which desires the ability to share instruction
501         streams with other CodeBlocks. It also reduces the number of loads required
502         for getting the instruction stream by one.
503         
504         This patch also gets rid of the bytecode discarding logic, since we don't
505         use it anymore and it's unlikely to ever work right with DFG or LLInt. And
506         I didn't feel like porting dead code to use RefCountedArray.
507
508         * GNUmakefile.list.am:
509         * JavaScriptCore.xcodeproj/project.pbxproj:
510         * bytecode/CodeBlock.cpp:
511         (JSC::instructionOffsetForNth):
512         (JSC::CodeBlock::dump):
513         (JSC::CodeBlock::CodeBlock):
514         (JSC::CodeBlock::finalizeUnconditionally):
515         (JSC::CodeBlock::handlerForBytecodeOffset):
516         (JSC::CodeBlock::lineNumberForBytecodeOffset):
517         (JSC::CodeBlock::expressionRangeForBytecodeOffset):
518         (JSC::CodeBlock::shrinkToFit):
519         * bytecode/CodeBlock.h:
520         (CodeBlock):
521         (JSC::CodeBlock::numberOfInstructions):
522         (JSC::CodeBlock::instructions):
523         (JSC::CodeBlock::instructionCount):
524         (JSC::CodeBlock::valueProfileForBytecodeOffset):
525         (JSC):
526         * bytecompiler/BytecodeGenerator.cpp:
527         (JSC::Label::setLocation):
528         (JSC):
529         (JSC::BytecodeGenerator::generate):
530         (JSC::BytecodeGenerator::newLabel):
531         * bytecompiler/BytecodeGenerator.h:
532         (JSC):
533         (BytecodeGenerator):
534         (JSC::BytecodeGenerator::instructions):
535         * bytecompiler/Label.h:
536         (JSC::Label::Label):
537         (Label):
538         * dfg/DFGByteCodeCache.h:
539         (JSC::DFG::ByteCodeCache::~ByteCodeCache):
540         (JSC::DFG::ByteCodeCache::get):
541         * jit/JITExceptions.cpp:
542         (JSC::genericThrow):
543         * llint/LowLevelInterpreter32_64.asm:
544         * runtime/Executable.cpp:
545         (JSC::EvalExecutable::compileInternal):
546         (JSC::ProgramExecutable::compileInternal):
547         (JSC::FunctionExecutable::codeBlockWithBytecodeFor):
548         (JSC::FunctionExecutable::produceCodeBlockFor):
549         * wtf/RefCountedArray.h: Added.
550         (WTF):
551         (RefCountedArray):
552         (WTF::RefCountedArray::RefCountedArray):
553         (WTF::RefCountedArray::operator=):
554         (WTF::RefCountedArray::~RefCountedArray):
555         (WTF::RefCountedArray::size):
556         (WTF::RefCountedArray::data):
557         (WTF::RefCountedArray::begin):
558         (WTF::RefCountedArray::end):
559         (WTF::RefCountedArray::at):
560         (WTF::RefCountedArray::operator[]):
561         (Header):
562         (WTF::RefCountedArray::Header::size):
563         (WTF::RefCountedArray::Header::payload):
564         (WTF::RefCountedArray::Header::fromPayload):
565         * wtf/Platform.h:
566
567 2012-02-26  Yusuke Suzuki  <utatane.tea@gmail.com>
568
569         StringLiteral and NumericLiteral are allowed as ObjectLiteral getter / setter name
570         https://bugs.webkit.org/show_bug.cgi?id=79571
571
572         Reviewed by Gavin Barraclough.
573
574         * parser/ASTBuilder.h:
575         (JSC::ASTBuilder::createGetterOrSetterProperty):
576         * parser/Parser.cpp:
577         (JSC::::parseProperty):
578         * parser/SyntaxChecker.h:
579         (JSC::SyntaxChecker::createGetterOrSetterProperty):
580
581 2012-02-26  Mark Hahnenberg  <mhahnenberg@apple.com>
582
583         Implement fast path for op_new_array in the baseline JIT
584         https://bugs.webkit.org/show_bug.cgi?id=78612
585
586         Reviewed by Filip Pizlo.
587
588         heap/CopiedAllocator.h:
589         (CopiedAllocator): Friended the JIT to allow access to m_currentOffset.
590         * heap/CopiedSpace.h:
591         (CopiedSpace): Friended the JIT to allow access to isOversize.
592         (JSC::CopiedSpace::allocator):
593         * heap/Heap.h:
594         (JSC::Heap::storageAllocator): Added a getter for the CopiedAllocator class so the JIT
595         can use it for simple allocation i.e. when we can just bump the offset without having to 
596         do anything else.
597         * jit/JIT.cpp:
598         (JSC::JIT::privateCompileSlowCases): Added new slow case for op_new_array for when
599         we have to bail out because the fast allocation path fails for whatever reason.
600         * jit/JIT.h:
601         (JIT):
602         * jit/JITInlineMethods.h:
603         (JSC::JIT::emitAllocateBasicStorage): Added utility function that allows objects to 
604         allocate generic backing stores. This function is used by emitAllocateJSArray.
605         (JSC):
606         (JSC::JIT::emitAllocateJSArray): Added utility function that allows the client to 
607         more easily allocate JSArrays. This function is used by emit_op_new_array and I expect 
608         it will also be used for emit_op_new_array_buffer.
609         * jit/JITOpcodes.cpp:
610         (JSC::JIT::emit_op_new_array): Changed to do inline allocation of JSArrays. Still does 
611         a stub call for oversize arrays.
612         (JSC):
613         (JSC::JIT::emitSlow_op_new_array): New slow path that just bails out to a stub call if we 
614         fail in any way on the fast path.
615         * runtime/JSArray.cpp:
616         (JSC):
617         * runtime/JSArray.h: Added lots of offset functions for all the fields that we need to 
618         initialize in the JIT.
619         (ArrayStorage):
620         (JSC::ArrayStorage::lengthOffset):
621         (JSC::ArrayStorage::numValuesInVectorOffset):
622         (JSC::ArrayStorage::allocBaseOffset):
623         (JSC::ArrayStorage::vectorOffset):
624         (JSArray):
625         (JSC::JSArray::sparseValueMapOffset):
626         (JSC::JSArray::subclassDataOffset):
627         (JSC::JSArray::indexBiasOffset):
628         (JSC):
629         (JSC::JSArray::storageSize): Moved this function from being a static function in the cpp file
630         to being a static function in the JSArray class. This move allows the JIT to call it to 
631         see what size it should allocate.
632
633 2012-02-26  Patrick Gansterer  <paroga@webkit.org>
634
635         Unreviewed. Build fix for ENABLE(CLASSIC_INTERPRETER) after r108681.
636
637         * interpreter/Interpreter.cpp:
638         (JSC::getLineNumberForCallFrame):
639         (JSC::Interpreter::getStackTrace):
640
641 2012-02-26  Patrick Gansterer  <paroga@webkit.org>
642
643         Unreviewed. Build fix for !ENABLE(JIT) after r108681.
644
645         * interpreter/Interpreter.cpp:
646         (JSC::getLineNumberForCallFrame):
647
648 2012-02-25  Filip Pizlo  <fpizlo@apple.com>
649
650         LLInt assembly file should be split into 32-bit and 64-bit parts
651         https://bugs.webkit.org/show_bug.cgi?id=79584
652
653         Reviewed by Sam Weinig.
654         
655         Moved LowLevelInterpreter.asm to LowLevelInterpreter32_64.asm. Gave offlineasm
656         the ability to include files, and correctly track dependencies: it restricts
657         the include mechanism to using the same directory as the source file, and uses
658         the SHA1 hash of all .asm files in that directory as an input hash.
659
660         * llint/LLIntOfflineAsmConfig.h:
661         * llint/LowLevelInterpreter.asm:
662         * llint/LowLevelInterpreter32_64.asm: Added.
663             - This is just the entire contents of what was previously LowLevelInterpreter.asm
664         * llint/LowLevelInterpreter64.asm: Added.
665         * offlineasm/asm.rb:
666         * offlineasm/ast.rb:
667         * offlineasm/generate_offset_extractor.rb:
668         * offlineasm/parser.rb:
669         * offlineasm/self_hash.rb:
670
671 2012-02-25  Filip Pizlo  <fpizlo@apple.com>
672
673         Offlineasm should support X86_64
674         https://bugs.webkit.org/show_bug.cgi?id=79581
675
676         Reviewed by Oliver Hunt.
677
678         * llint/LLIntOfflineAsmConfig.h:
679         * offlineasm/backends.rb:
680         * offlineasm/instructions.rb:
681         * offlineasm/settings.rb:
682         * offlineasm/x86.rb:
683
684 2012-02-25  Filip Pizlo  <fpizlo@apple.com>
685
686         DFG should support activations and nested functions
687         https://bugs.webkit.org/show_bug.cgi?id=79554
688
689         Reviewed by Oliver Hunt.
690         
691         Wrote the simplest possible implementation of activations. Big speed-up on
692         code that uses activations, no speed-up on major benchmarks (SunSpider, V8,
693         Kraken) because they do not appear to have sufficient coverage over code
694         that uses activations.
695
696         * bytecode/PredictedType.cpp:
697         (JSC::predictionToString):
698         (JSC::predictionFromValue):
699         * bytecode/PredictedType.h:
700         (JSC):
701         (JSC::isEmptyPrediction):
702         * dfg/DFGAbstractState.cpp:
703         (JSC::DFG::AbstractState::execute):
704         * dfg/DFGByteCodeParser.cpp:
705         (JSC::DFG::ByteCodeParser::ByteCodeParser):
706         (ByteCodeParser):
707         (JSC::DFG::ByteCodeParser::parseBlock):
708         (JSC::DFG::ByteCodeParser::buildOperandMapsIfNecessary):
709         (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
710         (JSC::DFG::ByteCodeParser::parse):
711         * dfg/DFGCapabilities.h:
712         (JSC::DFG::canCompileOpcode):
713         (JSC::DFG::canInlineOpcode):
714         * dfg/DFGGraph.h:
715         (JSC::DFG::Graph::needsActivation):
716         * dfg/DFGNode.h:
717         (DFG):
718         (JSC::DFG::Node::storageAccessDataIndex):
719         (Node):
720         (JSC::DFG::Node::hasFunctionDeclIndex):
721         (JSC::DFG::Node::functionDeclIndex):
722         (JSC::DFG::Node::hasFunctionExprIndex):
723         (JSC::DFG::Node::functionExprIndex):
724         * dfg/DFGOperations.cpp:
725         * dfg/DFGOperations.h:
726         * dfg/DFGPredictionPropagationPhase.cpp:
727         (JSC::DFG::PredictionPropagationPhase::propagate):
728         * dfg/DFGSpeculativeJIT.cpp:
729         (JSC::DFG::SpeculativeJIT::compileNewFunctionNoCheck):
730         (DFG):
731         (JSC::DFG::SpeculativeJIT::compileNewFunctionExpression):
732         * dfg/DFGSpeculativeJIT.h:
733         (JSC::DFG::SpeculativeJIT::callOperation):
734         * dfg/DFGSpeculativeJIT32_64.cpp:
735         (JSC::DFG::SpeculativeJIT::compile):
736         * dfg/DFGSpeculativeJIT64.cpp:
737         (JSC::DFG::SpeculativeJIT::compile):
738
739 2012-02-25  Benjamin Poulain  <benjamin@webkit.org>
740
741         Add an empty skeleton of KURL for WTFURL
742         https://bugs.webkit.org/show_bug.cgi?id=78990
743
744         Reviewed by Adam Barth.
745
746         * JavaScriptCore.xcodeproj/project.pbxproj: Export the relevant classes from WTFURL
747         so that can use them in WebCore.
748
749 2012-02-25  Filip Pizlo  <fpizlo@apple.com>
750
751         Unreviewed, fix build for DFG disabled and LLInt enabled.
752
753         * jit/JIT.cpp:
754         (JSC::JIT::privateCompile):
755         * llint/LLIntSlowPaths.cpp:
756         (LLInt):
757         (JSC::LLInt::LLINT_SLOW_PATH_DECL):
758
759 2012-02-25  Mark Hahnenberg  <mhahnenberg@apple.com>
760
761         Fix the CopiedBlock offset alignment in a cross platform fashion
762         https://bugs.webkit.org/show_bug.cgi?id=79556
763
764         Reviewed by Filip Pizlo.
765
766         Replaced m_payload with a payload() method that calculates the offset
767         of the payload with the proper alignment. This change allows us to 
768         avoid alignment-related issues in a cross-platform manner.
769
770         * heap/CopiedAllocator.h:
771         (JSC::CopiedAllocator::currentUtilization):
772         * heap/CopiedBlock.h:
773         (JSC::CopiedBlock::CopiedBlock):
774         (JSC::CopiedBlock::payload):
775         (CopiedBlock):
776         * heap/CopiedSpace.cpp:
777         (JSC::CopiedSpace::doneFillingBlock):
778         * heap/CopiedSpaceInlineMethods.h:
779         (JSC::CopiedSpace::borrowBlock):
780         (JSC::CopiedSpace::allocateFromBlock):
781
782 2012-02-24  Michael Saboff  <msaboff@apple.com>
783
784         Unreviewed, Windows build fix.  Changed signature in export to match
785         change made in r108858.
786
787         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
788
789 2012-02-24  Filip Pizlo  <fpizlo@apple.com>
790
791         DFG support for op_new_regexp should be enabled
792         https://bugs.webkit.org/show_bug.cgi?id=79538
793
794         Reviewed by Oliver Hunt.
795         
796         No performance change.
797
798         * dfg/DFGCapabilities.h:
799         (JSC::DFG::canCompileOpcode):
800         * dfg/DFGCommon.h:
801
802 2012-02-24  Michael Saboff  <msaboff@apple.com>
803
804         ASSERT(position < 0) in JSC::Yarr::Interpreter::InputStream::readChecked
805         https://bugs.webkit.org/show_bug.cgi?id=73728
806
807         Reviewed by Gavin Barraclough.
808
809         Fixed the mixing of signed and unsigned character indeces in YARR
810         interpreter.
811
812         * runtime/RegExp.cpp:
813         (JSC::RegExp::match): Added code to check for match longer than 2^31 and
814         return no match after resetting the offsets.
815         * yarr/YarrInterpreter.cpp: Changed to use unsigned for all character index
816         handling except when matching back references.
817         (JSC::Yarr::Interpreter::InputStream::readChecked):
818         (JSC::Yarr::Interpreter::InputStream::checkInput):
819         (JSC::Yarr::Interpreter::InputStream::uncheckInput):
820         (JSC::Yarr::Interpreter::InputStream::atStart):
821         (JSC::Yarr::Interpreter::InputStream::atEnd):
822         (JSC::Yarr::Interpreter::InputStream::isAvailableInput):
823         (JSC::Yarr::Interpreter::checkCharacter):
824         (JSC::Yarr::Interpreter::checkCasedCharacter):
825         (JSC::Yarr::Interpreter::checkCharacterClass):
826         (JSC::Yarr::Interpreter::tryConsumeBackReference):
827         (JSC::Yarr::Interpreter::matchAssertionBOL):
828         (JSC::Yarr::Interpreter::matchAssertionWordBoundary):
829         (JSC::Yarr::Interpreter::backtrackPatternCharacter):
830         (JSC::Yarr::Interpreter::backtrackPatternCasedCharacter):
831         (JSC::Yarr::Interpreter::matchCharacterClass):
832         (JSC::Yarr::Interpreter::backtrackCharacterClass):
833         (JSC::Yarr::Interpreter::matchParenthesesOnceBegin):
834         (JSC::Yarr::Interpreter::matchDisjunction):
835         (JSC::Yarr::Interpreter::interpret):
836         (JSC::Yarr::ByteCompiler::assertionBOL):
837         (JSC::Yarr::ByteCompiler::assertionEOL):
838         (JSC::Yarr::ByteCompiler::assertionWordBoundary):
839         (JSC::Yarr::ByteCompiler::atomPatternCharacter):
840         (JSC::Yarr::ByteCompiler::atomCharacterClass):
841         (JSC::Yarr::ByteCompiler::atomBackReference):
842         (JSC::Yarr::ByteCompiler::atomParenthesesOnceBegin):
843         (JSC::Yarr::ByteCompiler::atomParenthesesTerminalBegin):
844         (JSC::Yarr::ByteCompiler::atomParenthesesSubpatternBegin):
845         (JSC::Yarr::ByteCompiler::atomParentheticalAssertionEnd):
846         (JSC::Yarr::ByteCompiler::emitDisjunction):
847         * yarr/YarrInterpreter.h:
848
849 2012-02-24  Filip Pizlo  <fpizlo@apple.com>
850
851         Unreviewed, build fix for builds where the DFG is disabled but the LLInt is
852         enabled.
853
854         * llint/LLIntOfflineAsmConfig.h:
855         * llint/LowLevelInterpreter.asm:
856
857 2012-02-24  Filip Pizlo  <fpizlo@apple.com>
858
859         DFG should be able to handle variables getting captured
860         https://bugs.webkit.org/show_bug.cgi?id=79469
861
862         Reviewed by Oliver Hunt.
863         
864         Made captured variables work by placing a Flush on the SetLocal and
865         forcing the emission of the GetLocal even if copy propagation tells us
866         who has the value.
867         
868         Changed the CFA and various prediction codes to understand that we can't
869         really prove anything about captured variables. Well, we could in the
870         future by just looking at what side effects are happening, but in this
871         first cut we just assume that we can't reason about captured variables.
872         
873         Also added a mode where the DFG pretends that all variables and arguments
874         got captured. Used this mode to harden the code.
875         
876         This is performance neutral. Capturing all variables is a slow down, but
877         not too big of one. This seems to predict that when we add activation
878         support, the amount of speed benefit we'll get from increased coverage
879         will far outweigh the pessimism that we'll have to endure for captured
880         variables.
881
882         * bytecode/CodeType.h:
883         (JSC::codeTypeToString):
884         * dfg/DFGAbstractState.cpp:
885         (JSC::DFG::AbstractState::initialize):
886         (JSC::DFG::AbstractState::endBasicBlock):
887         (JSC::DFG::AbstractState::execute):
888         (JSC::DFG::AbstractState::merge):
889         * dfg/DFGAbstractState.h:
890         (AbstractState):
891         * dfg/DFGByteCodeParser.cpp:
892         (JSC::DFG::ByteCodeParser::getLocal):
893         (JSC::DFG::ByteCodeParser::setLocal):
894         (JSC::DFG::ByteCodeParser::getArgument):
895         (JSC::DFG::ByteCodeParser::setArgument):
896         (JSC::DFG::ByteCodeParser::flushArgument):
897         (JSC::DFG::ByteCodeParser::handleInlining):
898         (JSC::DFG::ByteCodeParser::processPhiStack):
899         (JSC::DFG::ByteCodeParser::parseCodeBlock):
900         (JSC::DFG::ByteCodeParser::parse):
901         * dfg/DFGCapabilities.h:
902         (JSC::DFG::mightInlineFunctionForCall):
903         (JSC::DFG::mightInlineFunctionForConstruct):
904         * dfg/DFGCommon.h:
905         * dfg/DFGGraph.h:
906         (JSC::DFG::Graph::needsActivation):
907         (Graph):
908         (JSC::DFG::Graph::argumentIsCaptured):
909         (JSC::DFG::Graph::localIsCaptured):
910         (JSC::DFG::Graph::isCaptured):
911         * dfg/DFGNode.h:
912         (JSC::DFG::Node::shouldGenerate):
913         * dfg/DFGPredictionPropagationPhase.cpp:
914         (JSC::DFG::PredictionPropagationPhase::propagate):
915         (JSC::DFG::PredictionPropagationPhase::doRoundOfDoubleVoting):
916         * dfg/DFGSpeculativeJIT.cpp:
917         (DFG):
918         (JSC::DFG::ValueSource::dump):
919         (JSC::DFG::SpeculativeJIT::compile):
920         * dfg/DFGSpeculativeJIT.h:
921         (ValueSource):
922         * dfg/DFGSpeculativeJIT32_64.cpp:
923         (JSC::DFG::SpeculativeJIT::compile):
924         * dfg/DFGSpeculativeJIT64.cpp:
925         (JSC::DFG::SpeculativeJIT::compile):
926         * dfg/DFGVirtualRegisterAllocationPhase.cpp:
927         (JSC::DFG::VirtualRegisterAllocationPhase::run):
928
929 2012-02-24  Gavin Barraclough  <barraclough@apple.com>
930
931         Should not allow malformed \x escapes
932         https://bugs.webkit.org/show_bug.cgi?id=79462
933
934         Reviewed by Oliver Hunt.
935
936         * parser/Lexer.cpp:
937         (JSC::::parseString):
938         (JSC::::parseStringSlowCase):
939             - Prohibit malformed '\x' escapes
940         * tests/mozilla/ecma/Array/15.4.5.1-1.js:
941         * tests/mozilla/ecma/LexicalConventions/7.7.4.js:
942         * tests/mozilla/ecma_2/RegExp/hex-001.js:
943         * tests/mozilla/js1_2/regexp/hexadecimal.js:
944             - Remove erroneous test cases (correct behaviour is tested by LayoutTests/sputnik).
945
946 2012-02-24  Daniel Bates  <dbates@webkit.org>
947
948         Fix change log entry for changeset r108819; add bug URL
949         https://bugs.webkit.org/show_bug.cgi?id=79504
950
951         Changeset r108819 is associated with bug #79504.
952
953         * ChangeLog
954
955 2012-02-24  Daniel Bates  <dbates@webkit.org>
956
957         Substitute ENABLE(CLASSIC_INTERPRETER) for ENABLE(INTERPRETER) in Interpreter.cpp
958         https://bugs.webkit.org/show_bug.cgi?id=79504
959
960         Reviewed by Oliver Hunt.
961
962         There are a few places in Interpreter.cpp that need to be updated to use
963         ENABLE(CLASSIC_INTERPRETER) following the renaming of ENABLE_INTERPRETER to
964         ENABLE_CLASSIC_INTERPRETER in changeset <http://trac.webkit.org/changeset/108020>
965         (https://bugs.webkit.org/show_bug.cgi?id=78791).
966
967         * interpreter/Interpreter.cpp:
968         (JSC::getLineNumberForCallFrame):
969         (JSC::getCallerInfo):
970         (JSC::getSourceURLFromCallFrame):
971
972 2012-02-24  Adam Roben  <aroben@apple.com>
973
974         Undo the BUILDING_WTF part of r108808
975
976         This broke the build, which is obviously worse than the linker warning it was trying to
977         solve.
978
979         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
980
981 2012-02-24  Adam Roben  <aroben@apple.com>
982
983         Fix linker warnings on Windows
984
985         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def: Removed symbols that are already
986         exported via JS_EXPORTDATA.
987
988         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops: Define BUILDING_WTF. We
989         aren't actually building WTF, but we are statically linking it, so we need to define this
990         symbol so that we export WTF's exports.
991
992 2012-02-24  Philippe Normand  <pnormand@igalia.com>
993
994         Fix GTK WebAudio build for WebKitGTK 1.7.90.
995
996         Patch by Priit Laes <plaes@plaes.org> on 2012-02-24
997         Rubber-stamped by Philippe Normand.
998
999         * GNUmakefile.list.am: Add Complex.h to the list of files so it
1000         gets disted in the tarballs.
1001
1002 2012-02-24  Zoltan Herczeg  <zherczeg@webkit.org>
1003
1004         [Qt] Buildfix for "Zero out CopiedBlocks on initialization".
1005         https://bugs.webkit.org/show_bug.cgi?id=79199
1006
1007         Ruber stamped by Csaba Osztrogonác.
1008
1009         Temporary fix since the new member wastes a little space on
1010         64 bit systems. Although it is harmless, it is only needed
1011         for 32 bit systems.
1012
1013         * heap/CopiedBlock.h:
1014         (CopiedBlock):
1015
1016 2012-02-24  Han Hojong  <hojong.han@samsung.com>
1017
1018         Remove useless jump instructions for short circuit
1019         https://bugs.webkit.org/show_bug.cgi?id=75602
1020
1021         Reviewed by Michael Saboff.
1022
1023         Jump instruction is inserted to make short circuit, 
1024         however it does nothing but moving to the next instruction.
1025         Therefore useless jump instructions are removed, 
1026         and jump list is moved into the case not for a short circuit,
1027         so that only necessary instructions are added to JIT code
1028         unless it has a 16 bit pattern character and an 8 bit string.
1029
1030         * yarr/YarrJIT.cpp:
1031         (JSC::Yarr::YarrGenerator::generatePatternCharacterGreedy):
1032         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterNonGreedy):
1033
1034 2012-02-24  Sheriff Bot  <webkit.review.bot@gmail.com>
1035
1036         Unreviewed, rolling out r108731.
1037         http://trac.webkit.org/changeset/108731
1038         https://bugs.webkit.org/show_bug.cgi?id=79464
1039
1040         Broke Chromium Win tests (Requested by bashi on #webkit).
1041
1042         * wtf/Platform.h:
1043
1044 2012-02-24  Andrew Lo  <anlo@rim.com>
1045
1046         [BlackBerry] Enable requestAnimationFrame
1047         https://bugs.webkit.org/show_bug.cgi?id=79408
1048
1049         Use timer implementation of requestAnimationFrame on BlackBerry.
1050
1051         Reviewed by Rob Buis.
1052
1053         * wtf/Platform.h:
1054
1055 2012-02-24  Mathias Bynens  <mathias@qiwi.be>
1056
1057         `\u200c` and `\u200d` should be allowed in IdentifierPart, as per ES5
1058         https://bugs.webkit.org/show_bug.cgi?id=78908
1059
1060         Add additional checks for zero-width non-joiner (0x200C) and
1061         zero-width joiner (0x200D) characters.
1062
1063         Reviewed by Michael Saboff.
1064
1065         * parser/Lexer.cpp:
1066         (JSC::isNonASCIIIdentPart)
1067         * runtime/LiteralParser.cpp:
1068         (JSC::::Lexer::lexIdentifier)
1069
1070 2012-02-23  Kenichi Ishibashi  <bashi@chromium.org>
1071
1072         Adding WebSocket per-frame DEFLATE extension
1073         https://bugs.webkit.org/show_bug.cgi?id=77522
1074
1075         Added USE(ZLIB) flag.
1076
1077         Reviewed by Kent Tamura.
1078
1079         * wtf/Platform.h:
1080
1081 2012-02-23  Mark Hahnenberg  <mhahnenberg@apple.com>
1082
1083         Zero out CopiedBlocks on initialization
1084         https://bugs.webkit.org/show_bug.cgi?id=79199
1085
1086         Reviewed by Filip Pizlo.
1087
1088         Made CopyBlocks zero their payloads during construction. This allows 
1089         JSArray to avoid having to manually clear its backing store upon allocation
1090         and also alleviates any future pain with regard to the garbage collector trying 
1091         to mark what it thinks are values in what is actually uninitialized memory.
1092
1093         * heap/CopiedBlock.h:
1094         (JSC::CopiedBlock::CopiedBlock):
1095         * runtime/JSArray.cpp:
1096         (JSC::JSArray::finishCreation):
1097         (JSC::JSArray::tryFinishCreationUninitialized):
1098         (JSC::JSArray::increaseVectorLength):
1099         (JSC::JSArray::unshiftCountSlowCase):
1100
1101 2012-02-23  Oliver Hunt  <oliver@apple.com>
1102
1103         Make Interpreter::getStackTrace be able to generate the line number for the top callframe if none is provided
1104         https://bugs.webkit.org/show_bug.cgi?id=79407
1105
1106         Reviewed by Gavin Barraclough.
1107
1108         Outside of exception handling, we don't know what our source line number is.  This
1109         change allows us to pass -1 is as the initial line number, and get the correct line
1110         number in the resultant stack trace.  We can't completely elide the initial line
1111         number (yet) due to some idiosyncrasies of the exception handling machinery.
1112
1113         * interpreter/Interpreter.cpp:
1114         (JSC::getLineNumberForCallFrame):
1115         (JSC):
1116         (JSC::Interpreter::getStackTrace):
1117
1118 2012-02-22  Filip Pizlo  <fpizlo@apple.com>
1119
1120         DFG OSR exit value profiling should have graceful handling of local variables and arguments
1121         https://bugs.webkit.org/show_bug.cgi?id=79310
1122
1123         Reviewed by Gavin Barraclough.
1124         
1125         Previously, if we OSR exited because a prediction in a local was wrong, we'd
1126         only realize what the true type of the local was if the regular value profiling
1127         kicked in and told us. Unless the local was block-locally copy propagated, in
1128         which case we'd know from an OSR exit profile.
1129         
1130         This patch adds OSR exit profiling to all locals and arguments. Now, if we OSR
1131         exit because of a mispredicted local or argument type, we'll know what the type of
1132         the local or argument should be immediately upon exiting.
1133         
1134         The way that local variable OSR exit profiling works is that we now have a lazily
1135         added set of OSR-exit-only value profiles for exit sites that are BadType and that
1136         cited a GetLocal as their value source. The value profiles are only added if the
1137         OSR exit is taken, and are keyed by CodeBlock, bytecode index of the GetLocal, and
1138         operand. The look-up is performed by querying the
1139         CompressedLazyOperandValueProfileHolder in the CodeBlock, using a key that contains
1140         the bytecode index and the operand. Because the value profiles are added at random
1141         times, they are not sorted; instead they are just stored in an arbitrarily-ordered
1142         SegmentedVector. Look-ups are made fast by "decompressing": the DFG::ByteCodeParser
1143         creates a LazyOperandValueProfileParser, which turns the
1144         CompressedLazyOperandValueProfileHolder's contents into a HashMap for the duration
1145         of DFG parsing.
1146         
1147         Previously, OSR exits had a pointer to the ValueProfile that had the specFailBucket
1148         into which values observed during OSR exit would be placed. Now it uses a lazy
1149         thunk for a ValueProfile. I call this the MethodOfGettingAValueProfile. It may
1150         either contain a ValueProfile inside it (which works for previous uses of OSR exit
1151         profiling) or it may just have knowledge of how to go about creating the
1152         LazyOperandValueProfile in the case that the OSR exit is actually taken. This
1153         ensures that we never have to create NumOperands*NumBytecodeIndices*NumCodeBlocks
1154         value profiling buckets unless we actually did OSR exit on every single operand,
1155         in every single instruction, in each code block (that's probably unlikely).
1156         
1157         This appears to be neutral on the major benchmarks, but is a double-digit speed-up
1158         on code deliberately written to have data flow that spans basic blocks and where
1159         the code exhibits post-optimization polymorphism in a local variable.
1160
1161         * CMakeLists.txt:
1162         * GNUmakefile.list.am:
1163         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1164         * JavaScriptCore.xcodeproj/project.pbxproj:
1165         * Target.pri:
1166         * bytecode/CodeBlock.cpp:
1167         (JSC::CodeBlock::stronglyVisitStrongReferences):
1168         * bytecode/CodeBlock.h:
1169         (CodeBlock):
1170         (JSC::CodeBlock::lazyOperandValueProfiles):
1171         * bytecode/LazyOperandValueProfile.cpp: Added.
1172         (JSC):
1173         (JSC::CompressedLazyOperandValueProfileHolder::CompressedLazyOperandValueProfileHolder):
1174         (JSC::CompressedLazyOperandValueProfileHolder::~CompressedLazyOperandValueProfileHolder):
1175         (JSC::CompressedLazyOperandValueProfileHolder::computeUpdatedPredictions):
1176         (JSC::CompressedLazyOperandValueProfileHolder::add):
1177         (JSC::LazyOperandValueProfileParser::LazyOperandValueProfileParser):
1178         (JSC::LazyOperandValueProfileParser::~LazyOperandValueProfileParser):
1179         (JSC::LazyOperandValueProfileParser::getIfPresent):
1180         (JSC::LazyOperandValueProfileParser::prediction):
1181         * bytecode/LazyOperandValueProfile.h: Added.
1182         (JSC):
1183         (LazyOperandValueProfileKey):
1184         (JSC::LazyOperandValueProfileKey::LazyOperandValueProfileKey):
1185         (JSC::LazyOperandValueProfileKey::operator!):
1186         (JSC::LazyOperandValueProfileKey::operator==):
1187         (JSC::LazyOperandValueProfileKey::hash):
1188         (JSC::LazyOperandValueProfileKey::bytecodeOffset):
1189         (JSC::LazyOperandValueProfileKey::operand):
1190         (JSC::LazyOperandValueProfileKey::isHashTableDeletedValue):
1191         (JSC::LazyOperandValueProfileKeyHash::hash):
1192         (JSC::LazyOperandValueProfileKeyHash::equal):
1193         (LazyOperandValueProfileKeyHash):
1194         (WTF):
1195         (JSC::LazyOperandValueProfile::LazyOperandValueProfile):
1196         (LazyOperandValueProfile):
1197         (JSC::LazyOperandValueProfile::key):
1198         (CompressedLazyOperandValueProfileHolder):
1199         (LazyOperandValueProfileParser):
1200         * bytecode/MethodOfGettingAValueProfile.cpp: Added.
1201         (JSC):
1202         (JSC::MethodOfGettingAValueProfile::fromLazyOperand):
1203         (JSC::MethodOfGettingAValueProfile::getSpecFailBucket):
1204         * bytecode/MethodOfGettingAValueProfile.h: Added.
1205         (JSC):
1206         (MethodOfGettingAValueProfile):
1207         (JSC::MethodOfGettingAValueProfile::MethodOfGettingAValueProfile):
1208         (JSC::MethodOfGettingAValueProfile::operator!):
1209         * bytecode/ValueProfile.cpp: Removed.
1210         * bytecode/ValueProfile.h:
1211         (JSC):
1212         (ValueProfileBase):
1213         (JSC::ValueProfileBase::ValueProfileBase):
1214         (JSC::ValueProfileBase::dump):
1215         (JSC::ValueProfileBase::computeUpdatedPrediction):
1216         (JSC::MinimalValueProfile::MinimalValueProfile):
1217         (ValueProfileWithLogNumberOfBuckets):
1218         (JSC::ValueProfileWithLogNumberOfBuckets::ValueProfileWithLogNumberOfBuckets):
1219         (JSC::ValueProfile::ValueProfile):
1220         (JSC::getValueProfileBytecodeOffset):
1221         (JSC::getRareCaseProfileBytecodeOffset):
1222         * dfg/DFGByteCodeParser.cpp:
1223         (ByteCodeParser):
1224         (JSC::DFG::ByteCodeParser::injectLazyOperandPrediction):
1225         (JSC::DFG::ByteCodeParser::getLocal):
1226         (JSC::DFG::ByteCodeParser::getArgument):
1227         (InlineStackEntry):
1228         (JSC::DFG::ByteCodeParser::fixVariableAccessPredictions):
1229         (DFG):
1230         (JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
1231         (JSC::DFG::ByteCodeParser::parse):
1232         * dfg/DFGDriver.cpp:
1233         (JSC::DFG::compile):
1234         * dfg/DFGGraph.h:
1235         (JSC::DFG::Graph::valueProfileFor):
1236         (JSC::DFG::Graph::methodOfGettingAValueProfileFor):
1237         (Graph):
1238         * dfg/DFGNode.h:
1239         (Node):
1240         * dfg/DFGOSRExit.cpp:
1241         (JSC::DFG::OSRExit::OSRExit):
1242         * dfg/DFGOSRExit.h:
1243         (OSRExit):
1244         * dfg/DFGOSRExitCompiler32_64.cpp:
1245         (JSC::DFG::OSRExitCompiler::compileExit):
1246         * dfg/DFGOSRExitCompiler64.cpp:
1247         (JSC::DFG::OSRExitCompiler::compileExit):
1248         * dfg/DFGPhase.cpp:
1249         (JSC::DFG::Phase::beginPhase):
1250         (JSC::DFG::Phase::endPhase):
1251         * dfg/DFGSpeculativeJIT.cpp:
1252         (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
1253         * dfg/DFGSpeculativeJIT.h:
1254         (JSC::DFG::SpeculativeJIT::speculationCheck):
1255         * dfg/DFGVariableAccessData.h:
1256         (JSC::DFG::VariableAccessData::nonUnifiedPrediction):
1257         (VariableAccessData):
1258
1259 2012-02-23  Filip Pizlo  <fpizlo@apple.com>
1260
1261         Build fix.
1262
1263         * llint/LLIntOffsetsExtractor.cpp:
1264
1265 2012-02-23  Kevin Ollivier  <kevino@theolliviers.com>
1266
1267         [wx] Build fix, disable LLINT for now and fix ENABLE defines for it.
1268
1269         * llint/LLIntOffsetsExtractor.cpp:
1270         * wtf/Platform.h:
1271
1272 2012-02-23  Kevin Ollivier  <kevino@theolliviers.com>
1273
1274         [wx] Build fix for non-Mac wx builds.
1275
1276         * runtime/DatePrototype.cpp:
1277
1278 2012-02-22  Filip Pizlo  <fpizlo@apple.com>
1279
1280         DFG's logic for emitting a Flush is too convoluted and contains an inaccurate comment
1281         https://bugs.webkit.org/show_bug.cgi?id=79334
1282
1283         Reviewed by Oliver Hunt.
1284
1285         * dfg/DFGByteCodeParser.cpp:
1286         (JSC::DFG::ByteCodeParser::getLocal):
1287         (JSC::DFG::ByteCodeParser::getArgument):
1288         (JSC::DFG::ByteCodeParser::flush):
1289
1290 2012-02-23  Gavin Barraclough  <barraclough@apple.com>
1291
1292         Object.isSealed / Object.isFrozen don't work for native objects
1293         https://bugs.webkit.org/show_bug.cgi?id=79331
1294
1295         Reviewed by Sam Weinig.
1296
1297         Need to inspect all properties, including static ones.
1298         This exposes a couple of bugs in Array & Arguments:
1299             - getOwnPropertyDescriptor doesn't correctly report the writable attribute of array length.
1300             - Arguments object's defineOwnProperty does not handle callee/caller/length correctly.
1301
1302         * runtime/Arguments.cpp:
1303         (JSC::Arguments::defineOwnProperty):
1304             - Add handling for callee/caller/length.
1305         * runtime/JSArray.cpp:
1306         (JSC::JSArray::getOwnPropertyDescriptor):
1307             - report length's writability correctly.
1308         * runtime/ObjectConstructor.cpp:
1309         (JSC::objectConstructorSeal):
1310         (JSC::objectConstructorFreeze):
1311         (JSC::objectConstructorIsSealed):
1312         (JSC::objectConstructorIsFrozen):
1313             - Add spec-based implementation for non-final objects.
1314
1315 2012-02-23  Gavin Barraclough  <barraclough@apple.com>
1316
1317         pop of array hole should get from the prototype chain
1318         https://bugs.webkit.org/show_bug.cgi?id=79338
1319
1320         Reviewed by Sam Weinig.
1321
1322         * runtime/JSArray.cpp:
1323         (JSC::JSArray::pop):
1324             - If the fast fast vector case fails, more closely follow the spec.
1325
1326 2012-02-23  Yong Li  <yoli@rim.com>
1327
1328         JSString::outOfMemory() should ASSERT(isRope()) rather than !isRope()
1329         https://bugs.webkit.org/show_bug.cgi?id=79268
1330
1331         Reviewed by Michael Saboff.
1332
1333         resolveRope() is the only caller of outOfMemory(), and it calls outOfMemory()
1334         after it fails to allocate a buffer for m_value. So outOfMemory() should assert
1335         isRope() rather than !isRope().
1336
1337         * runtime/JSString.cpp:
1338         (JSC::JSString::outOfMemory):
1339
1340 2012-02-23  Patrick Gansterer  <paroga@webkit.org>
1341
1342         [CMake] Add WEBKIT_INCLUDE_CONFIG_FILES_IF_EXISTS macro
1343         https://bugs.webkit.org/show_bug.cgi?id=79371
1344
1345         Reviewed by Daniel Bates.
1346
1347         * CMakeLists.txt:
1348         * shell/CMakeLists.txt:
1349         * wtf/CMakeLists.txt:
1350
1351 2012-02-23  Aron Rosenberg  <arosenberg@logitech.com>
1352
1353         Fix the PRI macros used in WTF::String formatters to be compatible with Qt and Visual Studio 2005 and newer.
1354         https://bugs.webkit.org/show_bug.cgi?id=76210
1355
1356         Add compile time check for Visual Studio 2005 or newer.
1357
1358         Reviewed by Simon Hausmann.
1359
1360         * os-win32/inttypes.h:
1361
1362 2012-02-22  Gavin Barraclough  <barraclough@apple.com>
1363
1364         Implement [[DefineOwnProperty]] for the arguments object
1365         https://bugs.webkit.org/show_bug.cgi?id=79309
1366
1367         Reviewed by Sam Weinig.
1368
1369         * runtime/Arguments.cpp:
1370         (JSC::Arguments::deletePropertyByIndex):
1371         (JSC::Arguments::deleteProperty):
1372             - Deleting an argument should also delete the copy on the object, if any.
1373         (JSC::Arguments::defineOwnProperty):
1374             - Defining a property may override the live mapping.
1375         * runtime/Arguments.h:
1376         (Arguments):
1377
1378 2012-02-22  Gavin Barraclough  <barraclough@apple.com>
1379
1380         Fix Object.freeze for non-final objects.
1381         https://bugs.webkit.org/show_bug.cgi?id=79286
1382
1383         Reviewed by Oliver Hunt.
1384
1385         For vanilla objects we implement this with a single transition, for objects
1386         with special properties we should just follow the spec defined algorithm.
1387
1388         * runtime/JSArray.cpp:
1389         (JSC::SparseArrayValueMap::put):
1390             - this does need to handle inextensible objects.
1391         * runtime/ObjectConstructor.cpp:
1392         (JSC::objectConstructorSeal):
1393         (JSC::objectConstructorFreeze):
1394             - Implement spec defined algorithm for non-final objects.
1395         * runtime/Structure.cpp:
1396         (JSC::Structure::Structure):
1397         (JSC::Structure::freezeTransition):
1398             - freeze should set m_hasReadOnlyOrGetterSetterPropertiesExcludingProto.
1399         * runtime/Structure.h:
1400         (JSC::Structure::hasReadOnlyOrGetterSetterPropertiesExcludingProto):
1401         (JSC::Structure::setHasGetterSetterProperties):
1402         (JSC::Structure::setContainsReadOnlyProperties):
1403         (Structure):
1404             - renamed m_hasReadOnlyOrGetterSetterPropertiesExcludingProto.
1405
1406 2012-02-22  Mark Hahnenberg  <mhahnenberg@apple.com>
1407
1408         Allocations from CopiedBlocks should always be 8-byte aligned
1409         https://bugs.webkit.org/show_bug.cgi?id=79271
1410
1411         Reviewed by Geoffrey Garen.
1412
1413         * heap/CopiedAllocator.h:
1414         (JSC::CopiedAllocator::allocate):
1415         * heap/CopiedBlock.h: Changed to add padding so that the start of the payload is always 
1416         guaranteed to be 8 byte aligned on both 64- and 32-bit platforms.
1417         (CopiedBlock):
1418         * heap/CopiedSpace.cpp: Changed all assertions of isPointerAligned to is8ByteAligned.
1419         (JSC::CopiedSpace::tryAllocateOversize):
1420         (JSC::CopiedSpace::getFreshBlock):
1421         * heap/CopiedSpaceInlineMethods.h:
1422         (JSC::CopiedSpace::allocateFromBlock):
1423         * runtime/JSArray.h:
1424         (ArrayStorage): Added padding for ArrayStorage to make sure that it is always 8 byte 
1425         aligned on both 64- and 32-bit platforms.
1426         * wtf/StdLibExtras.h:
1427         (WTF::is8ByteAligned): Added new utility function that functions similarly to the 
1428         way isPointerAligned does, but it just always checks for 8 byte alignment.
1429         (WTF):
1430
1431 2012-02-22  Sheriff Bot  <webkit.review.bot@gmail.com>
1432
1433         Unreviewed, rolling out r108456.
1434         http://trac.webkit.org/changeset/108456
1435         https://bugs.webkit.org/show_bug.cgi?id=79223
1436
1437         Broke fast/regex/pcre-test-4.html and cannot find anyone on
1438         IRC (Requested by zherczeg on #webkit).
1439
1440         * yarr/YarrJIT.cpp:
1441         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterGreedy):
1442
1443 2012-02-22  Sheriff Bot  <webkit.review.bot@gmail.com>
1444
1445         Unreviewed, rolling out r108468.
1446         http://trac.webkit.org/changeset/108468
1447         https://bugs.webkit.org/show_bug.cgi?id=79219
1448
1449         Broke Chromium Win release build (Requested by bashi on
1450         #webkit).
1451
1452         * wtf/Platform.h:
1453
1454 2012-02-22  Kenichi Ishibashi  <bashi@chromium.org>
1455
1456         Adding WebSocket per-frame DEFLATE extension
1457         https://bugs.webkit.org/show_bug.cgi?id=77522
1458
1459         Added USE(ZLIB) flag.
1460
1461         Reviewed by Kent Tamura.
1462
1463         * wtf/Platform.h:
1464
1465 2012-02-22  Hojong Han  <hojong.han@samsung.com>
1466
1467         Short circuit fixed for a 16 bt pattern character and an 8 bit string.
1468         https://bugs.webkit.org/show_bug.cgi?id=75602
1469
1470         Reviewed by Gavin Barraclough.
1471
1472         * yarr/YarrJIT.cpp:
1473         (JSC::Yarr::YarrGenerator::backtrackPatternCharacterGreedy):
1474
1475 2012-02-21  Filip Pizlo  <fpizlo@apple.com>
1476
1477         Build fix for systems with case sensitive disks.
1478
1479         * llint/LLIntOfflineAsmConfig.h:
1480
1481 2012-02-21  Filip Pizlo  <fpizlo@apple.com>
1482
1483         JSC should be a triple-tier VM
1484         https://bugs.webkit.org/show_bug.cgi?id=75812
1485         <rdar://problem/10079694>
1486
1487         Reviewed by Gavin Barraclough.
1488         
1489         Implemented an interpreter that uses the JIT's calling convention. This
1490         interpreter is called LLInt, or the Low Level Interpreter. JSC will now
1491         will start by executing code in LLInt and will only tier up to the old
1492         JIT after the code is proven hot.
1493         
1494         LLInt is written in a modified form of our macro assembly. This new macro
1495         assembly is compiled by an offline assembler (see offlineasm), which
1496         implements many modern conveniences such as a Turing-complete CPS-based
1497         macro language and direct access to relevant C++ type information
1498         (basically offsets of fields and sizes of structs/classes).
1499         
1500         Code executing in LLInt appears to the rest of the JSC world "as if" it
1501         were executing in the old JIT. Hence, things like exception handling and
1502         cross-execution-engine calls just work and require pretty much no
1503         additional overhead.
1504         
1505         This interpreter is 2-2.5x faster than our old interpreter on SunSpider,
1506         V8, and Kraken. With triple-tiering turned on, we're neutral on SunSpider,
1507         V8, and Kraken, but appear to get a double-digit improvement on real-world
1508         websites due to a huge reduction in the amount of JIT'ing.
1509         
1510         * CMakeLists.txt:
1511         * GNUmakefile.am:
1512         * GNUmakefile.list.am:
1513         * JavaScriptCore.pri:
1514         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1515         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
1516         * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
1517         * JavaScriptCore.xcodeproj/project.pbxproj:
1518         * Target.pri:
1519         * assembler/LinkBuffer.h:
1520         * assembler/MacroAssemblerCodeRef.h:
1521         (MacroAssemblerCodePtr):
1522         (JSC::MacroAssemblerCodePtr::createFromExecutableAddress):
1523         * bytecode/BytecodeConventions.h: Added.
1524         * bytecode/CallLinkStatus.cpp:
1525         (JSC::CallLinkStatus::computeFromLLInt):
1526         (JSC):
1527         (JSC::CallLinkStatus::computeFor):
1528         * bytecode/CallLinkStatus.h:
1529         (JSC::CallLinkStatus::isSet):
1530         (JSC::CallLinkStatus::operator!):
1531         (CallLinkStatus):
1532         * bytecode/CodeBlock.cpp:
1533         (JSC::CodeBlock::dump):
1534         (JSC::CodeBlock::CodeBlock):
1535         (JSC::CodeBlock::~CodeBlock):
1536         (JSC::CodeBlock::finalizeUnconditionally):
1537         (JSC::CodeBlock::stronglyVisitStrongReferences):
1538         (JSC):
1539         (JSC::CodeBlock::unlinkCalls):
1540         (JSC::CodeBlock::unlinkIncomingCalls):
1541         (JSC::CodeBlock::bytecodeOffset):
1542         (JSC::ProgramCodeBlock::jettison):
1543         (JSC::EvalCodeBlock::jettison):
1544         (JSC::FunctionCodeBlock::jettison):
1545         (JSC::ProgramCodeBlock::jitCompileImpl):
1546         (JSC::EvalCodeBlock::jitCompileImpl):
1547         (JSC::FunctionCodeBlock::jitCompileImpl):
1548         * bytecode/CodeBlock.h:
1549         (JSC):
1550         (CodeBlock):
1551         (JSC::CodeBlock::baselineVersion):
1552         (JSC::CodeBlock::linkIncomingCall):
1553         (JSC::CodeBlock::bytecodeOffset):
1554         (JSC::CodeBlock::jitCompile):
1555         (JSC::CodeBlock::hasOptimizedReplacement):
1556         (JSC::CodeBlock::addPropertyAccessInstruction):
1557         (JSC::CodeBlock::addGlobalResolveInstruction):
1558         (JSC::CodeBlock::addLLIntCallLinkInfo):
1559         (JSC::CodeBlock::addGlobalResolveInfo):
1560         (JSC::CodeBlock::numberOfMethodCallLinkInfos):
1561         (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset):
1562         (JSC::CodeBlock::likelyToTakeSlowCase):
1563         (JSC::CodeBlock::couldTakeSlowCase):
1564         (JSC::CodeBlock::likelyToTakeSpecialFastCase):
1565         (JSC::CodeBlock::likelyToTakeDeepestSlowCase):
1566         (JSC::CodeBlock::likelyToTakeAnySlowCase):
1567         (JSC::CodeBlock::addFrequentExitSite):
1568         (JSC::CodeBlock::dontJITAnytimeSoon):
1569         (JSC::CodeBlock::jitAfterWarmUp):
1570         (JSC::CodeBlock::jitSoon):
1571         (JSC::CodeBlock::llintExecuteCounter):
1572         (ProgramCodeBlock):
1573         (EvalCodeBlock):
1574         (FunctionCodeBlock):
1575         * bytecode/GetByIdStatus.cpp:
1576         (JSC::GetByIdStatus::computeFromLLInt):
1577         (JSC):
1578         (JSC::GetByIdStatus::computeFor):
1579         * bytecode/GetByIdStatus.h:
1580         (JSC::GetByIdStatus::GetByIdStatus):
1581         (JSC::GetByIdStatus::wasSeenInJIT):
1582         (GetByIdStatus):
1583         * bytecode/Instruction.h:
1584         (JSC):
1585         (JSC::Instruction::Instruction):
1586         (Instruction):
1587         * bytecode/LLIntCallLinkInfo.h: Added.
1588         (JSC):
1589         (JSC::LLIntCallLinkInfo::LLIntCallLinkInfo):
1590         (LLIntCallLinkInfo):
1591         (JSC::LLIntCallLinkInfo::~LLIntCallLinkInfo):
1592         (JSC::LLIntCallLinkInfo::isLinked):
1593         (JSC::LLIntCallLinkInfo::unlink):
1594         * bytecode/MethodCallLinkStatus.cpp:
1595         (JSC::MethodCallLinkStatus::computeFor):
1596         * bytecode/Opcode.cpp:
1597         (JSC):
1598         * bytecode/Opcode.h:
1599         (JSC):
1600         (JSC::padOpcodeName):
1601         * bytecode/PutByIdStatus.cpp:
1602         (JSC::PutByIdStatus::computeFromLLInt):
1603         (JSC):
1604         (JSC::PutByIdStatus::computeFor):
1605         * bytecode/PutByIdStatus.h:
1606         (PutByIdStatus):
1607         * bytecompiler/BytecodeGenerator.cpp:
1608         (JSC::BytecodeGenerator::emitResolve):
1609         (JSC::BytecodeGenerator::emitResolveWithBase):
1610         (JSC::BytecodeGenerator::emitGetById):
1611         (JSC::BytecodeGenerator::emitPutById):
1612         (JSC::BytecodeGenerator::emitDirectPutById):
1613         (JSC::BytecodeGenerator::emitCall):
1614         (JSC::BytecodeGenerator::emitConstruct):
1615         (JSC::BytecodeGenerator::emitCatch):
1616         * dfg/DFGByteCodeParser.cpp:
1617         (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
1618         (JSC::DFG::ByteCodeParser::handleInlining):
1619         (JSC::DFG::ByteCodeParser::parseBlock):
1620         * dfg/DFGCapabilities.h:
1621         (JSC::DFG::canCompileOpcode):
1622         * dfg/DFGOSRExitCompiler.cpp:
1623         * dfg/DFGOperations.cpp:
1624         * heap/Heap.h:
1625         (JSC):
1626         (JSC::Heap::firstAllocatorWithoutDestructors):
1627         (Heap):
1628         * heap/MarkStack.cpp:
1629         (JSC::visitChildren):
1630         * heap/MarkedAllocator.h:
1631         (JSC):
1632         (MarkedAllocator):
1633         * heap/MarkedSpace.h:
1634         (JSC):
1635         (MarkedSpace):
1636         (JSC::MarkedSpace::firstAllocator):
1637         * interpreter/CallFrame.cpp:
1638         (JSC):
1639         (JSC::CallFrame::bytecodeOffsetForNonDFGCode):
1640         (JSC::CallFrame::setBytecodeOffsetForNonDFGCode):
1641         (JSC::CallFrame::currentVPC):
1642         (JSC::CallFrame::setCurrentVPC):
1643         (JSC::CallFrame::trueCallerFrame):
1644         * interpreter/CallFrame.h:
1645         (JSC::ExecState::hasReturnPC):
1646         (JSC::ExecState::clearReturnPC):
1647         (ExecState):
1648         (JSC::ExecState::bytecodeOffsetForNonDFGCode):
1649         (JSC::ExecState::currentVPC):
1650         (JSC::ExecState::setCurrentVPC):
1651         * interpreter/Interpreter.cpp:
1652         (JSC::Interpreter::Interpreter):
1653         (JSC::Interpreter::~Interpreter):
1654         (JSC):
1655         (JSC::Interpreter::initialize):
1656         (JSC::Interpreter::isOpcode):
1657         (JSC::Interpreter::unwindCallFrame):
1658         (JSC::getCallerInfo):
1659         (JSC::Interpreter::privateExecute):
1660         (JSC::Interpreter::retrieveLastCaller):
1661         * interpreter/Interpreter.h:
1662         (JSC):
1663         (Interpreter):
1664         (JSC::Interpreter::getOpcode):
1665         (JSC::Interpreter::getOpcodeID):
1666         (JSC::Interpreter::classicEnabled):
1667         * interpreter/RegisterFile.h:
1668         (JSC):
1669         (RegisterFile):
1670         * jit/ExecutableAllocator.h:
1671         (JSC):
1672         * jit/HostCallReturnValue.cpp: Added.
1673         (JSC):
1674         (JSC::getHostCallReturnValueWithExecState):
1675         * jit/HostCallReturnValue.h: Added.
1676         (JSC):
1677         (JSC::initializeHostCallReturnValue):
1678         * jit/JIT.cpp:
1679         (JSC::JIT::privateCompileMainPass):
1680         (JSC::JIT::privateCompileSlowCases):
1681         (JSC::JIT::privateCompile):
1682         * jit/JITCode.h:
1683         (JSC::JITCode::isOptimizingJIT):
1684         (JITCode):
1685         (JSC::JITCode::isBaselineCode):
1686         (JSC::JITCode::JITCode):
1687         * jit/JITDriver.h:
1688         (JSC::jitCompileIfAppropriate):
1689         (JSC::jitCompileFunctionIfAppropriate):
1690         * jit/JITExceptions.cpp:
1691         (JSC::jitThrow):
1692         * jit/JITInlineMethods.h:
1693         (JSC::JIT::updateTopCallFrame):
1694         * jit/JITStubs.cpp:
1695         (JSC::DEFINE_STUB_FUNCTION):
1696         (JSC):
1697         * jit/JITStubs.h:
1698         (JSC):
1699         * jit/JSInterfaceJIT.h:
1700         * llint: Added.
1701         * llint/LLIntCommon.h: Added.
1702         * llint/LLIntData.cpp: Added.
1703         (LLInt):
1704         (JSC::LLInt::Data::Data):
1705         (JSC::LLInt::Data::performAssertions):
1706         (JSC::LLInt::Data::~Data):
1707         * llint/LLIntData.h: Added.
1708         (JSC):
1709         (LLInt):
1710         (Data):
1711         (JSC::LLInt::Data::exceptionInstructions):
1712         (JSC::LLInt::Data::opcodeMap):
1713         (JSC::LLInt::Data::performAssertions):
1714         * llint/LLIntEntrypoints.cpp: Added.
1715         (LLInt):
1716         (JSC::LLInt::getFunctionEntrypoint):
1717         (JSC::LLInt::getEvalEntrypoint):
1718         (JSC::LLInt::getProgramEntrypoint):
1719         * llint/LLIntEntrypoints.h: Added.
1720         (JSC):
1721         (LLInt):
1722         (JSC::LLInt::getEntrypoint):
1723         * llint/LLIntExceptions.cpp: Added.
1724         (LLInt):
1725         (JSC::LLInt::interpreterThrowInCaller):
1726         (JSC::LLInt::returnToThrowForThrownException):
1727         (JSC::LLInt::returnToThrow):
1728         (JSC::LLInt::callToThrow):
1729         * llint/LLIntExceptions.h: Added.
1730         (JSC):
1731         (LLInt):
1732         * llint/LLIntOfflineAsmConfig.h: Added.
1733         * llint/LLIntOffsetsExtractor.cpp: Added.
1734         (JSC):
1735         (LLIntOffsetsExtractor):
1736         (JSC::LLIntOffsetsExtractor::dummy):
1737         (main):
1738         * llint/LLIntSlowPaths.cpp: Added.
1739         (LLInt):
1740         (JSC::LLInt::llint_trace_operand):
1741         (JSC::LLInt::llint_trace_value):
1742         (JSC::LLInt::LLINT_SLOW_PATH_DECL):
1743         (JSC::LLInt::traceFunctionPrologue):
1744         (JSC::LLInt::shouldJIT):
1745         (JSC::LLInt::entryOSR):
1746         (JSC::LLInt::resolveGlobal):
1747         (JSC::LLInt::getByVal):
1748         (JSC::LLInt::handleHostCall):
1749         (JSC::LLInt::setUpCall):
1750         (JSC::LLInt::genericCall):
1751         * llint/LLIntSlowPaths.h: Added.
1752         (JSC):
1753         (LLInt):
1754         * llint/LLIntThunks.cpp: Added.
1755         (LLInt):
1756         (JSC::LLInt::generateThunkWithJumpTo):
1757         (JSC::LLInt::functionForCallEntryThunkGenerator):
1758         (JSC::LLInt::functionForConstructEntryThunkGenerator):
1759         (JSC::LLInt::functionForCallArityCheckThunkGenerator):
1760         (JSC::LLInt::functionForConstructArityCheckThunkGenerator):
1761         (JSC::LLInt::evalEntryThunkGenerator):
1762         (JSC::LLInt::programEntryThunkGenerator):
1763         * llint/LLIntThunks.h: Added.
1764         (JSC):
1765         (LLInt):
1766         * llint/LowLevelInterpreter.asm: Added.
1767         * llint/LowLevelInterpreter.cpp: Added.
1768         * llint/LowLevelInterpreter.h: Added.
1769         * offlineasm: Added.
1770         * offlineasm/armv7.rb: Added.
1771         * offlineasm/asm.rb: Added.
1772         * offlineasm/ast.rb: Added.
1773         * offlineasm/backends.rb: Added.
1774         * offlineasm/generate_offset_extractor.rb: Added.
1775         * offlineasm/instructions.rb: Added.
1776         * offlineasm/offset_extractor_constants.rb: Added.
1777         * offlineasm/offsets.rb: Added.
1778         * offlineasm/opt.rb: Added.
1779         * offlineasm/parser.rb: Added.
1780         * offlineasm/registers.rb: Added.
1781         * offlineasm/self_hash.rb: Added.
1782         * offlineasm/settings.rb: Added.
1783         * offlineasm/transform.rb: Added.
1784         * offlineasm/x86.rb: Added.
1785         * runtime/CodeSpecializationKind.h: Added.
1786         (JSC):
1787         * runtime/CommonSlowPaths.h:
1788         (JSC::CommonSlowPaths::arityCheckFor):
1789         (CommonSlowPaths):
1790         * runtime/Executable.cpp:
1791         (JSC::jettisonCodeBlock):
1792         (JSC):
1793         (JSC::EvalExecutable::jitCompile):
1794         (JSC::samplingDescription):
1795         (JSC::EvalExecutable::compileInternal):
1796         (JSC::ProgramExecutable::jitCompile):
1797         (JSC::ProgramExecutable::compileInternal):
1798         (JSC::FunctionExecutable::baselineCodeBlockFor):
1799         (JSC::FunctionExecutable::jitCompileForCall):
1800         (JSC::FunctionExecutable::jitCompileForConstruct):
1801         (JSC::FunctionExecutable::compileForCallInternal):
1802         (JSC::FunctionExecutable::compileForConstructInternal):
1803         * runtime/Executable.h:
1804         (JSC):
1805         (EvalExecutable):
1806         (ProgramExecutable):
1807         (FunctionExecutable):
1808         (JSC::FunctionExecutable::jitCompileFor):
1809         * runtime/ExecutionHarness.h: Added.
1810         (JSC):
1811         (JSC::prepareForExecution):
1812         (JSC::prepareFunctionForExecution):
1813         * runtime/JSArray.h:
1814         (JSC):
1815         (JSArray):
1816         * runtime/JSCell.h:
1817         (JSC):
1818         (JSCell):
1819         * runtime/JSFunction.h:
1820         (JSC):
1821         (JSFunction):
1822         * runtime/JSGlobalData.cpp:
1823         (JSC::JSGlobalData::JSGlobalData):
1824         * runtime/JSGlobalData.h:
1825         (JSC):
1826         (JSGlobalData):
1827         * runtime/JSGlobalObject.h:
1828         (JSC):
1829         (JSGlobalObject):
1830         * runtime/JSObject.h:
1831         (JSC):
1832         (JSObject):
1833         (JSFinalObject):
1834         * runtime/JSPropertyNameIterator.h:
1835         (JSC):
1836         (JSPropertyNameIterator):
1837         * runtime/JSString.h:
1838         (JSC):
1839         (JSString):
1840         * runtime/JSTypeInfo.h:
1841         (JSC):
1842         (TypeInfo):
1843         * runtime/JSValue.cpp:
1844         (JSC::JSValue::description):
1845         * runtime/JSValue.h:
1846         (LLInt):
1847         (JSValue):
1848         * runtime/JSVariableObject.h:
1849         (JSC):
1850         (JSVariableObject):
1851         * runtime/Options.cpp:
1852         (Options):
1853         (JSC::Options::initializeOptions):
1854         * runtime/Options.h:
1855         (Options):
1856         * runtime/ScopeChain.h:
1857         (JSC):
1858         (ScopeChainNode):
1859         * runtime/Structure.cpp:
1860         (JSC::Structure::addPropertyTransition):
1861         * runtime/Structure.h:
1862         (JSC):
1863         (Structure):
1864         * runtime/StructureChain.h:
1865         (JSC):
1866         (StructureChain):
1867         * wtf/InlineASM.h:
1868         * wtf/Platform.h:
1869         * wtf/SentinelLinkedList.h:
1870         (SentinelLinkedList):
1871         (WTF::SentinelLinkedList::isEmpty):
1872         * wtf/text/StringImpl.h:
1873         (JSC):
1874         (StringImpl):
1875
1876 2012-02-21  Oliver Hunt  <oliver@apple.com>
1877
1878         Unbreak double-typed arrays on ARMv7
1879         https://bugs.webkit.org/show_bug.cgi?id=79177
1880
1881         Reviewed by Gavin Barraclough.
1882
1883         The existing code had completely broken address arithmetic.
1884
1885         * JSCTypedArrayStubs.h:
1886         (JSC):
1887         * assembler/MacroAssemblerARMv7.h:
1888         (JSC::MacroAssemblerARMv7::storeDouble):
1889         (JSC::MacroAssemblerARMv7::storeFloat):
1890
1891 2012-02-21  Gavin Barraclough  <barraclough@apple.com>
1892
1893         Should be able to reconfigure a non-configurable property as read-only
1894         https://bugs.webkit.org/show_bug.cgi?id=79170
1895
1896         Reviewed by Sam Weinig.
1897
1898         See ES5.1 8.12.9 10.a.i - the spec prohibits making a read-only property writable,
1899         but does not inhibit making a writable property read-only.
1900
1901         * runtime/JSGlobalData.cpp:
1902         (JSC::JSGlobalData::JSGlobalData):
1903         * runtime/JSGlobalData.h:
1904         (JSC::JSGlobalData::setInDefineOwnProperty):
1905         (JSGlobalData):
1906         (JSC::JSGlobalData::isInDefineOwnProperty):
1907             - Added flag, tracking whether we are in JSObject::defineOwnProperty.
1908         * runtime/JSObject.cpp:
1909         (JSC::JSObject::deleteProperty):
1910         (DefineOwnPropertyScope):
1911             - Always allow properties to be deleted by DefineOwnProperty - assume it knows what it is doing!
1912         (JSC::DefineOwnPropertyScope::DefineOwnPropertyScope):
1913         (JSC::DefineOwnPropertyScope::~DefineOwnPropertyScope):
1914             - Added RAII helper.
1915         (JSC::JSObject::defineOwnProperty):
1916             - Track on the globalData when we are in this method.
1917
1918 2012-02-21  Oliver Hunt  <oliver@apple.com>
1919
1920         Make TypedArrays be available in commandline jsc
1921         https://bugs.webkit.org/show_bug.cgi?id=79163
1922
1923         Reviewed by Gavin Barraclough.
1924
1925         Adds a compile time option to have jsc support a basic implementation
1926         of the TypedArrays available in WebCore.  This lets us test the typed
1927         array logic in the JIT witout having to build webcore.
1928
1929         * JSCTypedArrayStubs.h: Added.
1930         (JSC):
1931         * JavaScriptCore.xcodeproj/project.pbxproj:
1932         * jsc.cpp:
1933         (GlobalObject::finishCreation):
1934         (GlobalObject):
1935         (GlobalObject::addConstructableFunction):
1936         * runtime/JSGlobalData.h:
1937         (JSGlobalData):
1938
1939 2012-02-21  Tom Sepez  <tsepez@chromium.org>
1940
1941         equalIgnoringNullity() only comparing half the bytes for equality
1942         https://bugs.webkit.org/show_bug.cgi?id=79135
1943
1944         Reviewed by Adam Barth.
1945
1946         * wtf/text/StringImpl.h:
1947         (WTF::equalIgnoringNullity):
1948
1949 2012-02-21  Roland Takacs  <takacs.roland@stud.u-szeged.hu>
1950
1951         Unnecessary preprocessor macros in MainThread.h/cpp
1952         https://bugs.webkit.org/show_bug.cgi?id=79083
1953
1954         Removed invalid/wrong PLATFORM(WINDOWS) preprocessor macro.
1955
1956         * wtf/MainThread.cpp:
1957         (WTF):
1958         * wtf/MainThread.h:
1959         (WTF):
1960
1961 2012-02-21  Sam Weinig  <sam@webkit.org>
1962
1963         Attempt to fix the Snow Leopard build.
1964
1965         * Configurations/Base.xcconfig:
1966
1967 2012-02-21  Sam Weinig  <sam@webkit.org>
1968
1969         Use libc++ when building with Clang on Mac
1970         https://bugs.webkit.org/show_bug.cgi?id=78981
1971
1972         Reviewed by Dan Bernstein.
1973
1974         * Configurations/Base.xcconfig:
1975
1976 2012-02-21  Adam Roben  <aroben@apple.com>
1977
1978         Roll out r108309, r108323, and r108326
1979
1980         They broke the 32-bit Lion build.
1981
1982         Original bugs is <http://webkit.org/b/75812> <rdar://problem/10079694>.
1983
1984         * CMakeLists.txt:
1985         * GNUmakefile.am:
1986         * GNUmakefile.list.am:
1987         * JavaScriptCore.pri:
1988         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
1989         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
1990         * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
1991         * JavaScriptCore.xcodeproj/project.pbxproj:
1992         * Target.pri:
1993         * assembler/LinkBuffer.h:
1994         * assembler/MacroAssemblerCodeRef.h:
1995         * bytecode/BytecodeConventions.h: Removed.
1996         * bytecode/CallLinkStatus.cpp:
1997         * bytecode/CallLinkStatus.h:
1998         * bytecode/CodeBlock.cpp:
1999         * bytecode/CodeBlock.h:
2000         * bytecode/GetByIdStatus.cpp:
2001         * bytecode/GetByIdStatus.h:
2002         * bytecode/Instruction.h:
2003         * bytecode/LLIntCallLinkInfo.h: Removed.
2004         * bytecode/MethodCallLinkStatus.cpp:
2005         * bytecode/Opcode.cpp:
2006         * bytecode/Opcode.h:
2007         * bytecode/PutByIdStatus.cpp:
2008         * bytecode/PutByIdStatus.h:
2009         * bytecompiler/BytecodeGenerator.cpp:
2010         * dfg/DFGByteCodeParser.cpp:
2011         * dfg/DFGCapabilities.h:
2012         * dfg/DFGOSRExitCompiler.cpp:
2013         * dfg/DFGOperations.cpp:
2014         * heap/Heap.h:
2015         * heap/MarkStack.cpp:
2016         * heap/MarkedAllocator.h:
2017         * heap/MarkedSpace.h:
2018         * interpreter/CallFrame.cpp:
2019         * interpreter/CallFrame.h:
2020         * interpreter/Interpreter.cpp:
2021         * interpreter/Interpreter.h:
2022         * interpreter/RegisterFile.h:
2023         * jit/ExecutableAllocator.h:
2024         * jit/HostCallReturnValue.cpp: Removed.
2025         * jit/HostCallReturnValue.h: Removed.
2026         * jit/JIT.cpp:
2027         * jit/JITCode.h:
2028         * jit/JITDriver.h:
2029         * jit/JITExceptions.cpp:
2030         * jit/JITInlineMethods.h:
2031         * jit/JITStubs.cpp:
2032         * jit/JITStubs.h:
2033         * jit/JSInterfaceJIT.h:
2034         * llint/LLIntCommon.h: Removed.
2035         * llint/LLIntData.cpp: Removed.
2036         * llint/LLIntData.h: Removed.
2037         * llint/LLIntEntrypoints.cpp: Removed.
2038         * llint/LLIntEntrypoints.h: Removed.
2039         * llint/LLIntExceptions.cpp: Removed.
2040         * llint/LLIntExceptions.h: Removed.
2041         * llint/LLIntOfflineAsmConfig.h: Removed.
2042         * llint/LLIntOffsetsExtractor.cpp: Removed.
2043         * llint/LLIntSlowPaths.cpp: Removed.
2044         * llint/LLIntSlowPaths.h: Removed.
2045         * llint/LLIntThunks.cpp: Removed.
2046         * llint/LLIntThunks.h: Removed.
2047         * llint/LowLevelInterpreter.asm: Removed.
2048         * llint/LowLevelInterpreter.cpp: Removed.
2049         * llint/LowLevelInterpreter.h: Removed.
2050         * offlineasm/armv7.rb: Removed.
2051         * offlineasm/asm.rb: Removed.
2052         * offlineasm/ast.rb: Removed.
2053         * offlineasm/backends.rb: Removed.
2054         * offlineasm/generate_offset_extractor.rb: Removed.
2055         * offlineasm/instructions.rb: Removed.
2056         * offlineasm/offset_extractor_constants.rb: Removed.
2057         * offlineasm/offsets.rb: Removed.
2058         * offlineasm/opt.rb: Removed.
2059         * offlineasm/parser.rb: Removed.
2060         * offlineasm/registers.rb: Removed.
2061         * offlineasm/self_hash.rb: Removed.
2062         * offlineasm/settings.rb: Removed.
2063         * offlineasm/transform.rb: Removed.
2064         * offlineasm/x86.rb: Removed.
2065         * runtime/CodeSpecializationKind.h: Removed.
2066         * runtime/CommonSlowPaths.h:
2067         * runtime/Executable.cpp:
2068         * runtime/Executable.h:
2069         * runtime/ExecutionHarness.h: Removed.
2070         * runtime/JSArray.h:
2071         * runtime/JSCell.h:
2072         * runtime/JSFunction.h:
2073         * runtime/JSGlobalData.cpp:
2074         * runtime/JSGlobalData.h:
2075         * runtime/JSGlobalObject.h:
2076         * runtime/JSObject.h:
2077         * runtime/JSPropertyNameIterator.h:
2078         * runtime/JSString.h:
2079         * runtime/JSTypeInfo.h:
2080         * runtime/JSValue.cpp:
2081         * runtime/JSValue.h:
2082         * runtime/JSVariableObject.h:
2083         * runtime/Options.cpp:
2084         * runtime/Options.h:
2085         * runtime/ScopeChain.h:
2086         * runtime/Structure.cpp:
2087         * runtime/Structure.h:
2088         * runtime/StructureChain.h:
2089         * wtf/InlineASM.h:
2090         * wtf/Platform.h:
2091         * wtf/SentinelLinkedList.h:
2092         * wtf/text/StringImpl.h:
2093
2094 2012-02-21  Gustavo Noronha Silva  <kov@debian.org> and Bob Tracy  <rct@frus.com>
2095
2096         Does not build on IA64, SPARC and Alpha
2097         https://bugs.webkit.org/show_bug.cgi?id=79047
2098
2099         Rubber-stamped by Kent Tamura.
2100
2101         * wtf/dtoa/utils.h: these architectures also have correct double
2102         operations, so add them to the appropriate side of the check.
2103
2104 2012-02-21  Filip Pizlo  <fpizlo@apple.com>
2105
2106         Fix massive crashes in all tests introduced by previous build fix, and fix non-DFG build.
2107         https://bugs.webkit.org/show_bug.cgi?id=75812
2108
2109         Reviewed by Csaba Osztrogonác.
2110
2111         * dfg/DFGOperations.cpp:
2112         (JSC):
2113         * jit/HostCallReturnValue.h:
2114         (JSC::initializeHostCallReturnValue):
2115
2116 2012-02-21  Filip Pizlo  <fpizlo@apple.com>
2117
2118         Attempted build fix for ELF platforms.
2119
2120         * dfg/DFGOperations.cpp:
2121         (JSC):
2122         (JSC::getHostCallReturnValueWithExecState):
2123         * jit/HostCallReturnValue.cpp:
2124         (JSC):
2125         * jit/HostCallReturnValue.h:
2126         (JSC::initializeHostCallReturnValue):
2127
2128 2012-02-20  Filip Pizlo  <fpizlo@apple.com>
2129
2130         JSC should be a triple-tier VM
2131         https://bugs.webkit.org/show_bug.cgi?id=75812
2132         <rdar://problem/10079694>
2133
2134         Reviewed by Gavin Barraclough.
2135         
2136         Implemented an interpreter that uses the JIT's calling convention. This
2137         interpreter is called LLInt, or the Low Level Interpreter. JSC will now
2138         will start by executing code in LLInt and will only tier up to the old
2139         JIT after the code is proven hot.
2140         
2141         LLInt is written in a modified form of our macro assembly. This new macro
2142         assembly is compiled by an offline assembler (see offlineasm), which
2143         implements many modern conveniences such as a Turing-complete CPS-based
2144         macro language and direct access to relevant C++ type information
2145         (basically offsets of fields and sizes of structs/classes).
2146         
2147         Code executing in LLInt appears to the rest of the JSC world "as if" it
2148         were executing in the old JIT. Hence, things like exception handling and
2149         cross-execution-engine calls just work and require pretty much no
2150         additional overhead.
2151         
2152         This interpreter is 2-2.5x faster than our old interpreter on SunSpider,
2153         V8, and Kraken. With triple-tiering turned on, we're neutral on SunSpider,
2154         V8, and Kraken, but appear to get a double-digit improvement on real-world
2155         websites due to a huge reduction in the amount of JIT'ing.
2156         
2157         * CMakeLists.txt:
2158         * GNUmakefile.am:
2159         * GNUmakefile.list.am:
2160         * JavaScriptCore.pri:
2161         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2162         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCoreCommon.vsprops:
2163         * JavaScriptCore.vcproj/JavaScriptCore/copy-files.cmd:
2164         * JavaScriptCore.xcodeproj/project.pbxproj:
2165         * Target.pri:
2166         * assembler/LinkBuffer.h:
2167         * assembler/MacroAssemblerCodeRef.h:
2168         (MacroAssemblerCodePtr):
2169         (JSC::MacroAssemblerCodePtr::createFromExecutableAddress):
2170         * bytecode/BytecodeConventions.h: Added.
2171         * bytecode/CallLinkStatus.cpp:
2172         (JSC::CallLinkStatus::computeFromLLInt):
2173         (JSC):
2174         (JSC::CallLinkStatus::computeFor):
2175         * bytecode/CallLinkStatus.h:
2176         (JSC::CallLinkStatus::isSet):
2177         (JSC::CallLinkStatus::operator!):
2178         (CallLinkStatus):
2179         * bytecode/CodeBlock.cpp:
2180         (JSC::CodeBlock::dump):
2181         (JSC::CodeBlock::CodeBlock):
2182         (JSC::CodeBlock::~CodeBlock):
2183         (JSC::CodeBlock::finalizeUnconditionally):
2184         (JSC::CodeBlock::stronglyVisitStrongReferences):
2185         (JSC):
2186         (JSC::CodeBlock::unlinkCalls):
2187         (JSC::CodeBlock::unlinkIncomingCalls):
2188         (JSC::CodeBlock::bytecodeOffset):
2189         (JSC::ProgramCodeBlock::jettison):
2190         (JSC::EvalCodeBlock::jettison):
2191         (JSC::FunctionCodeBlock::jettison):
2192         (JSC::ProgramCodeBlock::jitCompileImpl):
2193         (JSC::EvalCodeBlock::jitCompileImpl):
2194         (JSC::FunctionCodeBlock::jitCompileImpl):
2195         * bytecode/CodeBlock.h:
2196         (JSC):
2197         (CodeBlock):
2198         (JSC::CodeBlock::baselineVersion):
2199         (JSC::CodeBlock::linkIncomingCall):
2200         (JSC::CodeBlock::bytecodeOffset):
2201         (JSC::CodeBlock::jitCompile):
2202         (JSC::CodeBlock::hasOptimizedReplacement):
2203         (JSC::CodeBlock::addPropertyAccessInstruction):
2204         (JSC::CodeBlock::addGlobalResolveInstruction):
2205         (JSC::CodeBlock::addLLIntCallLinkInfo):
2206         (JSC::CodeBlock::addGlobalResolveInfo):
2207         (JSC::CodeBlock::numberOfMethodCallLinkInfos):
2208         (JSC::CodeBlock::valueProfilePredictionForBytecodeOffset):
2209         (JSC::CodeBlock::likelyToTakeSlowCase):
2210         (JSC::CodeBlock::couldTakeSlowCase):
2211         (JSC::CodeBlock::likelyToTakeSpecialFastCase):
2212         (JSC::CodeBlock::likelyToTakeDeepestSlowCase):
2213         (JSC::CodeBlock::likelyToTakeAnySlowCase):
2214         (JSC::CodeBlock::addFrequentExitSite):
2215         (JSC::CodeBlock::dontJITAnytimeSoon):
2216         (JSC::CodeBlock::jitAfterWarmUp):
2217         (JSC::CodeBlock::jitSoon):
2218         (JSC::CodeBlock::llintExecuteCounter):
2219         (ProgramCodeBlock):
2220         (EvalCodeBlock):
2221         (FunctionCodeBlock):
2222         * bytecode/GetByIdStatus.cpp:
2223         (JSC::GetByIdStatus::computeFromLLInt):
2224         (JSC):
2225         (JSC::GetByIdStatus::computeFor):
2226         * bytecode/GetByIdStatus.h:
2227         (JSC::GetByIdStatus::GetByIdStatus):
2228         (JSC::GetByIdStatus::wasSeenInJIT):
2229         (GetByIdStatus):
2230         * bytecode/Instruction.h:
2231         (JSC):
2232         (JSC::Instruction::Instruction):
2233         (Instruction):
2234         * bytecode/LLIntCallLinkInfo.h: Added.
2235         (JSC):
2236         (JSC::LLIntCallLinkInfo::LLIntCallLinkInfo):
2237         (LLIntCallLinkInfo):
2238         (JSC::LLIntCallLinkInfo::~LLIntCallLinkInfo):
2239         (JSC::LLIntCallLinkInfo::isLinked):
2240         (JSC::LLIntCallLinkInfo::unlink):
2241         * bytecode/MethodCallLinkStatus.cpp:
2242         (JSC::MethodCallLinkStatus::computeFor):
2243         * bytecode/Opcode.cpp:
2244         (JSC):
2245         * bytecode/Opcode.h:
2246         (JSC):
2247         (JSC::padOpcodeName):
2248         * bytecode/PutByIdStatus.cpp:
2249         (JSC::PutByIdStatus::computeFromLLInt):
2250         (JSC):
2251         (JSC::PutByIdStatus::computeFor):
2252         * bytecode/PutByIdStatus.h:
2253         (PutByIdStatus):
2254         * bytecompiler/BytecodeGenerator.cpp:
2255         (JSC::BytecodeGenerator::emitResolve):
2256         (JSC::BytecodeGenerator::emitResolveWithBase):
2257         (JSC::BytecodeGenerator::emitGetById):
2258         (JSC::BytecodeGenerator::emitPutById):
2259         (JSC::BytecodeGenerator::emitDirectPutById):
2260         (JSC::BytecodeGenerator::emitCall):
2261         (JSC::BytecodeGenerator::emitConstruct):
2262         (JSC::BytecodeGenerator::emitCatch):
2263         * dfg/DFGByteCodeParser.cpp:
2264         (JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
2265         (JSC::DFG::ByteCodeParser::handleInlining):
2266         (JSC::DFG::ByteCodeParser::parseBlock):
2267         * dfg/DFGCapabilities.h:
2268         (JSC::DFG::canCompileOpcode):
2269         * dfg/DFGOSRExitCompiler.cpp:
2270         * dfg/DFGOperations.cpp:
2271         * heap/Heap.h:
2272         (JSC):
2273         (JSC::Heap::firstAllocatorWithoutDestructors):
2274         (Heap):
2275         * heap/MarkStack.cpp:
2276         (JSC::visitChildren):
2277         * heap/MarkedAllocator.h:
2278         (JSC):
2279         (MarkedAllocator):
2280         * heap/MarkedSpace.h:
2281         (JSC):
2282         (MarkedSpace):
2283         (JSC::MarkedSpace::firstAllocator):
2284         * interpreter/CallFrame.cpp:
2285         (JSC):
2286         (JSC::CallFrame::bytecodeOffsetForNonDFGCode):
2287         (JSC::CallFrame::setBytecodeOffsetForNonDFGCode):
2288         (JSC::CallFrame::currentVPC):
2289         (JSC::CallFrame::setCurrentVPC):
2290         (JSC::CallFrame::trueCallerFrame):
2291         * interpreter/CallFrame.h:
2292         (JSC::ExecState::hasReturnPC):
2293         (JSC::ExecState::clearReturnPC):
2294         (ExecState):
2295         (JSC::ExecState::bytecodeOffsetForNonDFGCode):
2296         (JSC::ExecState::currentVPC):
2297         (JSC::ExecState::setCurrentVPC):
2298         * interpreter/Interpreter.cpp:
2299         (JSC::Interpreter::Interpreter):
2300         (JSC::Interpreter::~Interpreter):
2301         (JSC):
2302         (JSC::Interpreter::initialize):
2303         (JSC::Interpreter::isOpcode):
2304         (JSC::Interpreter::unwindCallFrame):
2305         (JSC::getCallerInfo):
2306         (JSC::Interpreter::privateExecute):
2307         (JSC::Interpreter::retrieveLastCaller):
2308         * interpreter/Interpreter.h:
2309         (JSC):
2310         (Interpreter):
2311         (JSC::Interpreter::getOpcode):
2312         (JSC::Interpreter::getOpcodeID):
2313         (JSC::Interpreter::classicEnabled):
2314         * interpreter/RegisterFile.h:
2315         (JSC):
2316         (RegisterFile):
2317         * jit/ExecutableAllocator.h:
2318         (JSC):
2319         * jit/HostCallReturnValue.cpp: Added.
2320         (JSC):
2321         (JSC::getHostCallReturnValueWithExecState):
2322         * jit/HostCallReturnValue.h: Added.
2323         (JSC):
2324         (JSC::initializeHostCallReturnValue):
2325         * jit/JIT.cpp:
2326         (JSC::JIT::privateCompileMainPass):
2327         (JSC::JIT::privateCompileSlowCases):
2328         (JSC::JIT::privateCompile):
2329         * jit/JITCode.h:
2330         (JSC::JITCode::isOptimizingJIT):
2331         (JITCode):
2332         (JSC::JITCode::isBaselineCode):
2333         (JSC::JITCode::JITCode):
2334         * jit/JITDriver.h:
2335         (JSC::jitCompileIfAppropriate):
2336         (JSC::jitCompileFunctionIfAppropriate):
2337         * jit/JITExceptions.cpp:
2338         (JSC::jitThrow):
2339         * jit/JITInlineMethods.h:
2340         (JSC::JIT::updateTopCallFrame):
2341         * jit/JITStubs.cpp:
2342         (JSC::DEFINE_STUB_FUNCTION):
2343         (JSC):
2344         * jit/JITStubs.h:
2345         (JSC):
2346         * jit/JSInterfaceJIT.h:
2347         * llint: Added.
2348         * llint/LLIntCommon.h: Added.
2349         * llint/LLIntData.cpp: Added.
2350         (LLInt):
2351         (JSC::LLInt::Data::Data):
2352         (JSC::LLInt::Data::performAssertions):
2353         (JSC::LLInt::Data::~Data):
2354         * llint/LLIntData.h: Added.
2355         (JSC):
2356         (LLInt):
2357         (Data):
2358         (JSC::LLInt::Data::exceptionInstructions):
2359         (JSC::LLInt::Data::opcodeMap):
2360         (JSC::LLInt::Data::performAssertions):
2361         * llint/LLIntEntrypoints.cpp: Added.
2362         (LLInt):
2363         (JSC::LLInt::getFunctionEntrypoint):
2364         (JSC::LLInt::getEvalEntrypoint):
2365         (JSC::LLInt::getProgramEntrypoint):
2366         * llint/LLIntEntrypoints.h: Added.
2367         (JSC):
2368         (LLInt):
2369         (JSC::LLInt::getEntrypoint):
2370         * llint/LLIntExceptions.cpp: Added.
2371         (LLInt):
2372         (JSC::LLInt::interpreterThrowInCaller):
2373         (JSC::LLInt::returnToThrowForThrownException):
2374         (JSC::LLInt::returnToThrow):
2375         (JSC::LLInt::callToThrow):
2376         * llint/LLIntExceptions.h: Added.
2377         (JSC):
2378         (LLInt):
2379         * llint/LLIntOfflineAsmConfig.h: Added.
2380         * llint/LLIntOffsetsExtractor.cpp: Added.
2381         (JSC):
2382         (LLIntOffsetsExtractor):
2383         (JSC::LLIntOffsetsExtractor::dummy):
2384         (main):
2385         * llint/LLIntSlowPaths.cpp: Added.
2386         (LLInt):
2387         (JSC::LLInt::llint_trace_operand):
2388         (JSC::LLInt::llint_trace_value):
2389         (JSC::LLInt::LLINT_SLOW_PATH_DECL):
2390         (JSC::LLInt::traceFunctionPrologue):
2391         (JSC::LLInt::shouldJIT):
2392         (JSC::LLInt::entryOSR):
2393         (JSC::LLInt::resolveGlobal):
2394         (JSC::LLInt::getByVal):
2395         (JSC::LLInt::handleHostCall):
2396         (JSC::LLInt::setUpCall):
2397         (JSC::LLInt::genericCall):
2398         * llint/LLIntSlowPaths.h: Added.
2399         (JSC):
2400         (LLInt):
2401         * llint/LLIntThunks.cpp: Added.
2402         (LLInt):
2403         (JSC::LLInt::generateThunkWithJumpTo):
2404         (JSC::LLInt::functionForCallEntryThunkGenerator):
2405         (JSC::LLInt::functionForConstructEntryThunkGenerator):
2406         (JSC::LLInt::functionForCallArityCheckThunkGenerator):
2407         (JSC::LLInt::functionForConstructArityCheckThunkGenerator):
2408         (JSC::LLInt::evalEntryThunkGenerator):
2409         (JSC::LLInt::programEntryThunkGenerator):
2410         * llint/LLIntThunks.h: Added.
2411         (JSC):
2412         (LLInt):
2413         * llint/LowLevelInterpreter.asm: Added.
2414         * llint/LowLevelInterpreter.cpp: Added.
2415         * llint/LowLevelInterpreter.h: Added.
2416         * offlineasm: Added.
2417         * offlineasm/armv7.rb: Added.
2418         * offlineasm/asm.rb: Added.
2419         * offlineasm/ast.rb: Added.
2420         * offlineasm/backends.rb: Added.
2421         * offlineasm/generate_offset_extractor.rb: Added.
2422         * offlineasm/instructions.rb: Added.
2423         * offlineasm/offset_extractor_constants.rb: Added.
2424         * offlineasm/offsets.rb: Added.
2425         * offlineasm/opt.rb: Added.
2426         * offlineasm/parser.rb: Added.
2427         * offlineasm/registers.rb: Added.
2428         * offlineasm/self_hash.rb: Added.
2429         * offlineasm/settings.rb: Added.
2430         * offlineasm/transform.rb: Added.
2431         * offlineasm/x86.rb: Added.
2432         * runtime/CodeSpecializationKind.h: Added.
2433         (JSC):
2434         * runtime/CommonSlowPaths.h:
2435         (JSC::CommonSlowPaths::arityCheckFor):
2436         (CommonSlowPaths):
2437         * runtime/Executable.cpp:
2438         (JSC::jettisonCodeBlock):
2439         (JSC):
2440         (JSC::EvalExecutable::jitCompile):
2441         (JSC::samplingDescription):
2442         (JSC::EvalExecutable::compileInternal):
2443         (JSC::ProgramExecutable::jitCompile):
2444         (JSC::ProgramExecutable::compileInternal):
2445         (JSC::FunctionExecutable::baselineCodeBlockFor):
2446         (JSC::FunctionExecutable::jitCompileForCall):
2447         (JSC::FunctionExecutable::jitCompileForConstruct):
2448         (JSC::FunctionExecutable::compileForCallInternal):
2449         (JSC::FunctionExecutable::compileForConstructInternal):
2450         * runtime/Executable.h:
2451         (JSC):
2452         (EvalExecutable):
2453         (ProgramExecutable):
2454         (FunctionExecutable):
2455         (JSC::FunctionExecutable::jitCompileFor):
2456         * runtime/ExecutionHarness.h: Added.
2457         (JSC):
2458         (JSC::prepareForExecution):
2459         (JSC::prepareFunctionForExecution):
2460         * runtime/JSArray.h:
2461         (JSC):
2462         (JSArray):
2463         * runtime/JSCell.h:
2464         (JSC):
2465         (JSCell):
2466         * runtime/JSFunction.h:
2467         (JSC):
2468         (JSFunction):
2469         * runtime/JSGlobalData.cpp:
2470         (JSC::JSGlobalData::JSGlobalData):
2471         * runtime/JSGlobalData.h:
2472         (JSC):
2473         (JSGlobalData):
2474         * runtime/JSGlobalObject.h:
2475         (JSC):
2476         (JSGlobalObject):
2477         * runtime/JSObject.h:
2478         (JSC):
2479         (JSObject):
2480         (JSFinalObject):
2481         * runtime/JSPropertyNameIterator.h:
2482         (JSC):
2483         (JSPropertyNameIterator):
2484         * runtime/JSString.h:
2485         (JSC):
2486         (JSString):
2487         * runtime/JSTypeInfo.h:
2488         (JSC):
2489         (TypeInfo):
2490         * runtime/JSValue.cpp:
2491         (JSC::JSValue::description):
2492         * runtime/JSValue.h:
2493         (LLInt):
2494         (JSValue):
2495         * runtime/JSVariableObject.h:
2496         (JSC):
2497         (JSVariableObject):
2498         * runtime/Options.cpp:
2499         (Options):
2500         (JSC::Options::initializeOptions):
2501         * runtime/Options.h:
2502         (Options):
2503         * runtime/ScopeChain.h:
2504         (JSC):
2505         (ScopeChainNode):
2506         * runtime/Structure.cpp:
2507         (JSC::Structure::addPropertyTransition):
2508         * runtime/Structure.h:
2509         (JSC):
2510         (Structure):
2511         * runtime/StructureChain.h:
2512         (JSC):
2513         (StructureChain):
2514         * wtf/InlineASM.h:
2515         * wtf/Platform.h:
2516         * wtf/SentinelLinkedList.h:
2517         (SentinelLinkedList):
2518         (WTF::SentinelLinkedList::isEmpty):
2519         * wtf/text/StringImpl.h:
2520         (JSC):
2521         (StringImpl):
2522
2523 2012-02-20  Filip Pizlo  <fpizlo@apple.com>
2524
2525         Unreviewed, rolling out http://trac.webkit.org/changeset/108291
2526         It completely broke the 32-bit JIT.
2527
2528         * heap/CopiedAllocator.h:
2529         * heap/CopiedSpace.h:
2530         (CopiedSpace):
2531         * heap/Heap.h:
2532         (JSC::Heap::allocatorForObjectWithDestructor):
2533         * jit/JIT.cpp:
2534         (JSC::JIT::privateCompileSlowCases):
2535         * jit/JIT.h:
2536         (JIT):
2537         * jit/JITInlineMethods.h:
2538         (JSC):
2539         * jit/JITOpcodes.cpp:
2540         (JSC::JIT::emit_op_new_array):
2541         * runtime/JSArray.cpp:
2542         (JSC::storageSize):
2543         (JSC):
2544         * runtime/JSArray.h:
2545         (ArrayStorage):
2546         (JSArray):
2547
2548 2012-02-20  Gavin Barraclough  <barraclough@apple.com>
2549
2550         [[Put]] should throw if prototype chain contains a readonly property.
2551         https://bugs.webkit.org/show_bug.cgi?id=79069
2552
2553         Reviewed by Oliver Hunt.
2554
2555         Currently we only check the base of the put, not the prototype chain.
2556         Fold this check in with the test for accessors.
2557
2558         * runtime/JSObject.cpp:
2559         (JSC::JSObject::put):
2560             - Updated to test all objects in the propotype chain for readonly properties.
2561         (JSC::JSObject::putDirectAccessor):
2562         (JSC::putDescriptor):
2563             - Record the presence of readonly properties on the structure.
2564         * runtime/Structure.cpp:
2565         (JSC::Structure::Structure):
2566             - hasGetterSetterPropertiesExcludingProto expanded to hasReadOnlyOrGetterSetterPropertiesExcludingProto.
2567         * runtime/Structure.h:
2568         (JSC::Structure::hasReadOnlyOrGetterSetterPropertiesExcludingProto):
2569         (JSC::Structure::setHasGetterSetterProperties):
2570             - hasGetterSetterPropertiesExcludingProto expanded to hasReadOnlyOrGetterSetterPropertiesExcludingProto.
2571         (JSC::Structure::setContainsReadOnlyProperties):
2572             - Added.
2573
2574 2012-02-20  Mark Hahnenberg  <mhahnenberg@apple.com>
2575
2576         Implement fast path for op_new_array in the baseline JIT
2577         https://bugs.webkit.org/show_bug.cgi?id=78612
2578
2579         Reviewed by Filip Pizlo.
2580
2581         * heap/CopiedAllocator.h:
2582         (CopiedAllocator): Friended the JIT to allow access to m_currentOffset.
2583         * heap/CopiedSpace.h:
2584         (CopiedSpace): Friended the JIT to allow access to 
2585         (JSC::CopiedSpace::allocator):
2586         * heap/Heap.h:
2587         (JSC::Heap::storageAllocator): Added a getter for the CopiedAllocator class so the JIT
2588         can use it for simple allocation i.e. when we can just bump the offset without having to 
2589         do anything else.
2590         * jit/JIT.cpp:
2591         (JSC::JIT::privateCompileSlowCases): Added new slow case for op_new_array for when
2592         we have to bail out because the fast allocation path fails for whatever reason.
2593         * jit/JIT.h:
2594         (JIT):
2595         * jit/JITInlineMethods.h:
2596         (JSC::JIT::emitAllocateBasicStorage): Added utility function that allows objects to 
2597         allocate generic backing stores. This function is used by emitAllocateJSArray.
2598         (JSC):
2599         (JSC::JIT::emitAllocateJSArray): Added utility function that allows the client to 
2600         more easily allocate JSArrays. This function is used by emit_op_new_array and I expect 
2601         it will also be used for emit_op_new_array_buffer.
2602         * jit/JITOpcodes.cpp:
2603         (JSC::JIT::emit_op_new_array): Changed to do inline allocation of JSArrays. Still does 
2604         a stub call for oversize arrays.
2605         (JSC):
2606         (JSC::JIT::emitSlow_op_new_array): Just bails out to a stub call if we fail in any way on 
2607         the fast path.
2608         * runtime/JSArray.cpp:
2609         (JSC):
2610         * runtime/JSArray.h: Added lots of offset functions for all the fields that we need to 
2611         initialize in the JIT.
2612         (ArrayStorage):
2613         (JSC::ArrayStorage::lengthOffset):
2614         (JSC::ArrayStorage::numValuesInVectorOffset):
2615         (JSC::ArrayStorage::allocBaseOffset):
2616         (JSC::ArrayStorage::vectorOffset):
2617         (JSArray):
2618         (JSC::JSArray::sparseValueMapOffset):
2619         (JSC::JSArray::subclassDataOffset):
2620         (JSC::JSArray::indexBiasOffset):
2621         (JSC):
2622         (JSC::JSArray::storageSize): Moved this function from being a static function in the cpp file
2623         to being a static function in the JSArray class. This move allows the JIT to call it to 
2624         see what size it should allocate.
2625
2626 2012-02-20  Gavin Barraclough  <barraclough@apple.com>
2627
2628         DefineOwnProperty fails with numeric properties & Object.prototype
2629         https://bugs.webkit.org/show_bug.cgi?id=79059
2630
2631         Reviewed by Oliver Hunt.
2632
2633         ObjectPrototype caches whether it contains any numeric properties (m_hasNoPropertiesWithUInt32Names),
2634         calls to defineOwnProperty need to update this cache.
2635
2636         * runtime/ObjectPrototype.cpp:
2637         (JSC::ObjectPrototype::put):
2638         (JSC::ObjectPrototype::defineOwnProperty):
2639         (JSC):
2640         (JSC::ObjectPrototype::getOwnPropertySlotByIndex):
2641         * runtime/ObjectPrototype.h:
2642         (ObjectPrototype):
2643
2644 2012-02-20  Pino Toscano  <pino@debian.org>
2645
2646         Does not build on GNU Hurd
2647         https://bugs.webkit.org/show_bug.cgi?id=79045
2648
2649         Reviewed by Gustavo Noronha Silva.
2650
2651         * wtf/Platform.h: define WTF_OS_HURD.
2652         * wtf/ThreadIdentifierDataPthreads.cpp: adds a band-aid fix
2653         for the lack of PTHREAD_KEYS_MAX definition, with a value which
2654         should not cause issues.
2655
2656 2012-02-20  Gavin Barraclough  <barraclough@apple.com>
2657
2658         Unreviewed windows build fix.
2659
2660         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2661
2662 2012-02-20  Mark Hahnenberg  <mhahnenberg@apple.com>
2663
2664         Undoing accidental changes
2665
2666         * heap/Heap.cpp:
2667         (JSC::Heap::collectAllGarbage):
2668
2669 2012-02-20  Mark Hahnenberg  <mhahnenberg@apple.com>
2670
2671         Factor out allocation in CopySpace into a separate CopyAllocator
2672         https://bugs.webkit.org/show_bug.cgi?id=78610
2673
2674         Reviewed by Oliver Hunt.
2675
2676         Added a new CopyAllocator class, which allows us to do allocations without 
2677         having to load the current offset and store the current offset in the current 
2678         block. This change will allow us to easily do inline assembly in the JIT for 
2679         array allocations.
2680
2681         * GNUmakefile.list.am:
2682         * JavaScriptCore.gypi:
2683         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
2684         * JavaScriptCore.xcodeproj/project.pbxproj:
2685         * heap/CopiedAllocator.h: Added.
2686         (JSC):
2687         (CopiedAllocator):
2688         (JSC::CopiedAllocator::currentBlock):
2689         (JSC::CopiedAllocator::CopiedAllocator):
2690         (JSC::CopiedAllocator::allocate):
2691         (JSC::CopiedAllocator::fitsInCurrentBlock):
2692         (JSC::CopiedAllocator::wasLastAllocation):
2693         (JSC::CopiedAllocator::startedCopying):
2694         (JSC::CopiedAllocator::resetCurrentBlock):
2695         (JSC::CopiedAllocator::currentUtilization):
2696         (JSC::CopiedAllocator::resetLastAllocation):
2697         * heap/CopiedBlock.h:
2698         (CopiedBlock):
2699         * heap/CopiedSpace.cpp: Moved some stuff from CopiedSpaceInlineMethods to here because we 
2700         weren't really getting any benefits from having such big functions in a header file.
2701         (JSC::CopiedSpace::CopiedSpace):
2702         (JSC):
2703         (JSC::CopiedSpace::init):
2704         (JSC::CopiedSpace::tryAllocateSlowCase):
2705         (JSC::CopiedSpace::tryAllocateOversize):
2706         (JSC::CopiedSpace::tryReallocate):
2707         (JSC::CopiedSpace::tryReallocateOversize):
2708         (JSC::CopiedSpace::doneFillingBlock):
2709         (JSC::CopiedSpace::doneCopying):
2710         (JSC::CopiedSpace::getFreshBlock):
2711         * heap/CopiedSpace.h:
2712         (CopiedSpace):
2713         * heap/CopiedSpaceInlineMethods.h:
2714         (JSC):
2715         (JSC::CopiedSpace::startedCopying):
2716         (JSC::CopiedSpace::addNewBlock):
2717         (JSC::CopiedSpace::allocateNewBlock):
2718         (JSC::CopiedSpace::fitsInBlock):
2719         (JSC::CopiedSpace::tryAllocate):
2720         (JSC::CopiedSpace::allocateFromBlock):
2721         * heap/Heap.cpp:
2722         (JSC::Heap::collectAllGarbage):
2723         * heap/HeapBlock.h:
2724         (HeapBlock):
2725
2726 2012-02-20  Patrick Gansterer  <paroga@webkit.org>
2727
2728         Fix Visual Studio 2010 build.
2729
2730         * bytecompiler/NodesCodegen.cpp:
2731         (JSC::PropertyListNode::emitBytecode):
2732
2733 2012-02-16  Gavin Barraclough  <barraclough@apple.com>
2734
2735         Move special __proto__ property to Object.prototype
2736         https://bugs.webkit.org/show_bug.cgi?id=78409
2737
2738         Reviewed by Oliver Hunt.
2739
2740         Re-implement this as a regular accessor property.  This has three key benefits:
2741         1) It makes it possible for objects to be given properties named __proto__.
2742         2) Object.prototype.__proto__ can be deleted, preventing object prototypes from being changed.
2743         3) This largely removes the magic used the implement __proto__, it can just be made a regular accessor property.
2744
2745         * parser/Parser.cpp:
2746         (JSC::::parseFunctionInfo):
2747             - No need to prohibit functions named __proto__.
2748         * runtime/JSGlobalObject.cpp:
2749         (JSC::JSGlobalObject::reset):
2750             - Add __proto__ accessor to Object.prototype.
2751         * runtime/JSGlobalObjectFunctions.cpp:
2752         (JSC::globalFuncProtoGetter):
2753         (JSC::globalFuncProtoSetter):
2754             - Definition of the __proto__ accessor functions.
2755         * runtime/JSGlobalObjectFunctions.h:
2756             - Declaration of the __proto__ accessor functions.
2757         * runtime/JSObject.cpp:
2758         (JSC::JSObject::put):
2759             - Remove the special handling for __proto__, there is still a check to allow for a fast guard for accessors excluding __proto__.
2760         (JSC::JSObject::putDirectAccessor):
2761             - Track on the structure whether an object contains accessors other than one for __proto__.
2762         (JSC::JSObject::defineOwnProperty):
2763             - No need to prohibit definition of own properties named __proto__.
2764         * runtime/JSObject.h:
2765         (JSC::JSObject::inlineGetOwnPropertySlot):
2766             - Remove the special handling for __proto__.
2767         (JSC::JSValue::get):
2768             - Remove the special handling for __proto__.
2769         * runtime/JSString.cpp:
2770         (JSC::JSString::getOwnPropertySlot):
2771             - Remove the special handling for __proto__.
2772         * runtime/JSValue.h:
2773         (JSValue):
2774             - Made synthesizePrototype public (this may be needed by the __proto__ getter).
2775         * runtime/ObjectConstructor.cpp:
2776         (JSC::objectConstructorGetPrototypeOf):
2777             - Perform the security check & call prototype() directly.
2778         * runtime/Structure.cpp:
2779         (JSC::Structure::Structure):
2780             - Added 'ExcludingProto' variant of the 'hasGetterSetterProperties' state.
2781         * runtime/Structure.h:
2782         (JSC::Structure::hasGetterSetterPropertiesExcludingProto):
2783         (JSC::Structure::setHasGetterSetterProperties):
2784         (Structure):
2785             - Added 'ExcludingProto' variant of the 'hasGetterSetterProperties' state.
2786
2787 2012-02-20  Michael Saboff  <msaboff@apple.com>
2788
2789         Update toLower and toUpper tests for Unicode 6.1 changes
2790         https://bugs.webkit.org/show_bug.cgi?id=78923
2791
2792         Reviewed by Oliver Hunt.
2793
2794         * tests/mozilla/ecma/String/15.5.4.11-2.js: Updated the test
2795         to handle a third set of results for updated Unicode 6.1
2796         changes.
2797         (getTestCases):
2798         (TestCaseMultiExpected):
2799         (writeTestCaseResultMultiExpected):
2800         (getTestCaseResultMultiExpected):
2801         (test):
2802         (GetUnicodeValues):
2803         (DecimalToHexString):
2804
2805 2012-02-20  Andy Wingo  <wingo@igalia.com>
2806
2807         Remove unused features from CodeFeatures
2808         https://bugs.webkit.org/show_bug.cgi?id=78804
2809
2810         Reviewed by Gavin Barraclough.
2811
2812         * parser/Nodes.h:
2813         * parser/ASTBuilder.h:
2814         (JSC::ClosureFeature):
2815         (JSC::ASTBuilder::createFunctionBody):
2816         (JSC::ASTBuilder::usesClosures):
2817         Remove "ClosureFeature".  Since we track captured variables more
2818         precisely, this bit doesn't do us any good.
2819
2820         (JSC::AssignFeature):
2821         (JSC::ASTBuilder::makeAssignNode):
2822         (JSC::ASTBuilder::makePrefixNode):
2823         (JSC::ASTBuilder::makePostfixNode):
2824         (JSC::ASTBuilder::usesAssignment):
2825         Similarly, remove AssignFeature.  It is unused.
2826
2827 2012-02-19  Carlos Garcia Campos  <cgarcia@igalia.com>
2828
2829         Unreviewed. Fix make distcheck issues.
2830
2831         * GNUmakefile.list.am: Add missing files.
2832
2833 2012-02-18  Sam Weinig  <sam@webkit.org>
2834
2835         Fix style issues in DFG Phase classes
2836         https://bugs.webkit.org/show_bug.cgi?id=78983
2837
2838         Reviewed by Ryosuke Niwa.
2839
2840         * dfg/DFGArithNodeFlagsInferencePhase.cpp:
2841         * dfg/DFGCFAPhase.cpp:
2842         * dfg/DFGCSEPhase.cpp:
2843         * dfg/DFGPredictionPropagationPhase.cpp:
2844         * dfg/DFGVirtualRegisterAllocationPhase.cpp:
2845         Add a space before the colon in class declarations.
2846
2847 2012-02-18  Filip Pizlo  <fpizlo@apple.com>
2848
2849         Attempt to fix Windows build.
2850
2851         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
2852
2853 2012-02-18  Sam Weinig  <sam@webkit.org>
2854
2855         Fix the libc++ build.
2856
2857         Reviewed by Anders Carlsson.
2858
2859         * heap/Weak.h:
2860         Libc++'s nullptr emulation does not allow default construction
2861         of the nullptr_t type. Work around this with the arguably clearer
2862         just returning nullptr.
2863
2864 2012-02-18  Filip Pizlo  <fpizlo@apple.com>
2865
2866         DFGPropagator.cpp has too many things
2867         https://bugs.webkit.org/show_bug.cgi?id=78956
2868
2869         Reviewed by Oliver Hunt.
2870         
2871         Added the notion of a DFG::Phase. Removed DFG::Propagator, and took its
2872         various things and put them into separate files. These new phases follow
2873         the naming convention "DFG<name>Phase" where <name> is a noun. They are
2874         called via functions of the form "perform<name>".
2875
2876         * CMakeLists.txt:
2877         * GNUmakefile.list.am:
2878         * JavaScriptCore.xcodeproj/project.pbxproj:
2879         * Target.pri:
2880         * dfg/DFGArithNodeFlagsInferencePhase.cpp: Added.
2881         (DFG):
2882         (JSC::DFG::performArithNodeFlagsInference):
2883         * dfg/DFGArithNodeFlagsInferencePhase.h: Added.
2884         (DFG):
2885         * dfg/DFGCFAPhase.cpp: Added.
2886         (DFG):
2887         (JSC::DFG::performCFA):
2888         * dfg/DFGCFAPhase.h: Added.
2889         (DFG):
2890         * dfg/DFGCSEPhase.cpp: Added.
2891         (DFG):
2892         (JSC::DFG::performCSE):
2893         * dfg/DFGCSEPhase.h: Added.
2894         (DFG):
2895         * dfg/DFGDriver.cpp:
2896         (JSC::DFG::compile):
2897         * dfg/DFGPhase.cpp: Added.
2898         (DFG):
2899         (JSC::DFG::Phase::beginPhase):
2900         (JSC::DFG::Phase::endPhase):
2901         * dfg/DFGPhase.h: Added.
2902         (DFG):
2903         (Phase):
2904         (JSC::DFG::Phase::Phase):
2905         (JSC::DFG::Phase::~Phase):
2906         (JSC::DFG::Phase::globalData):
2907         (JSC::DFG::Phase::codeBlock):
2908         (JSC::DFG::Phase::profiledBlock):
2909         (JSC::DFG::Phase::beginPhase):
2910         (JSC::DFG::Phase::endPhase):
2911         (JSC::DFG::runPhase):
2912         * dfg/DFGPredictionPropagationPhase.cpp: Added.
2913         (DFG):
2914         (JSC::DFG::performPredictionPropagation):
2915         * dfg/DFGPredictionPropagationPhase.h: Added.
2916         (DFG):
2917         * dfg/DFGPropagator.cpp: Removed.
2918         * dfg/DFGPropagator.h: Removed.
2919         * dfg/DFGVirtualRegisterAllocationPhase.cpp: Added.
2920         (DFG):
2921         (JSC::DFG::performVirtualRegisterAllocation):
2922         * dfg/DFGVirtualRegisterAllocationPhase.h: Added.
2923         (DFG):
2924
2925 2012-02-17  Filip Pizlo  <fpizlo@apple.com>
2926
2927         DFG::Graph should have references to JSGlobalData, the CodeBlock being compiled, and
2928         the CodeBlock that was used for profiling
2929         https://bugs.webkit.org/show_bug.cgi?id=78954
2930
2931         Reviewed by Gavin Barraclough.
2932
2933         * bytecode/CodeBlock.h:
2934         (JSC::baselineCodeBlockForOriginAndBaselineCodeBlock):
2935         (JSC):
2936         * dfg/DFGAbstractState.cpp:
2937         (JSC::DFG::AbstractState::AbstractState):
2938         (JSC::DFG::AbstractState::execute):
2939         * dfg/DFGAbstractState.h:
2940         * dfg/DFGAssemblyHelpers.h:
2941         (AssemblyHelpers):
2942         * dfg/DFGByteCodeParser.cpp:
2943         (JSC::DFG::ByteCodeParser::ByteCodeParser):
2944         (JSC::DFG::ByteCodeParser::handleCall):
2945         (JSC::DFG::parse):
2946         * dfg/DFGByteCodeParser.h:
2947         (DFG):
2948         * dfg/DFGDriver.cpp:
2949         (JSC::DFG::compile):
2950         * dfg/DFGGraph.cpp:
2951         (JSC::DFG::Graph::dump):
2952         (JSC::DFG::Graph::predictArgumentTypes):
2953         * dfg/DFGGraph.h:
2954         (JSC::DFG::Graph::Graph):
2955         (Graph):
2956         (JSC::DFG::Graph::getJSConstantPrediction):
2957         (JSC::DFG::Graph::addShouldSpeculateInteger):
2958         (JSC::DFG::Graph::isInt32Constant):
2959         (JSC::DFG::Graph::isDoubleConstant):
2960         (JSC::DFG::Graph::isNumberConstant):
2961         (JSC::DFG::Graph::isBooleanConstant):
2962         (JSC::DFG::Graph::isFunctionConstant):
2963         (JSC::DFG::Graph::valueOfJSConstant):
2964         (JSC::DFG::Graph::valueOfInt32Constant):
2965         (JSC::DFG::Graph::valueOfNumberConstant):
2966         (JSC::DFG::Graph::valueOfBooleanConstant):
2967         (JSC::DFG::Graph::valueOfFunctionConstant):
2968         (JSC::DFG::Graph::baselineCodeBlockFor):
2969         (JSC::DFG::Graph::valueProfileFor):
2970         (JSC::DFG::Graph::addImmediateShouldSpeculateInteger):
2971         * dfg/DFGJITCompiler.h:
2972         (JSC::DFG::JITCompiler::JITCompiler):
2973         (JITCompiler):
2974         * dfg/DFGOSRExit.cpp:
2975         (JSC::DFG::OSRExit::considerAddingAsFrequentExitSiteSlow):
2976         * dfg/DFGPropagator.cpp:
2977         (JSC::DFG::Propagator::Propagator):
2978         (JSC::DFG::Propagator::isNotNegZero):
2979         (JSC::DFG::Propagator::isNotZero):
2980         (JSC::DFG::Propagator::propagateNodePredictions):
2981         (JSC::DFG::Propagator::doRoundOfDoubleVoting):
2982         (JSC::DFG::Propagator::globalCFA):
2983         (JSC::DFG::propagate):
2984         * dfg/DFGPropagator.h:
2985         (DFG):
2986         * dfg/DFGSpeculativeJIT.cpp:
2987         (JSC::DFG::SpeculativeJIT::computeValueRecoveryFor):
2988         (JSC::DFG::SpeculativeJIT::compileAdd):
2989         (JSC::DFG::SpeculativeJIT::compileArithSub):
2990         * dfg/DFGSpeculativeJIT.h:
2991         (JSC::DFG::SpeculativeJIT::isConstant):
2992         (JSC::DFG::SpeculativeJIT::isJSConstant):
2993         (JSC::DFG::SpeculativeJIT::isInt32Constant):
2994         (JSC::DFG::SpeculativeJIT::isDoubleConstant):
2995         (JSC::DFG::SpeculativeJIT::isNumberConstant):
2996         (JSC::DFG::SpeculativeJIT::isBooleanConstant):
2997         (JSC::DFG::SpeculativeJIT::isFunctionConstant):
2998         (JSC::DFG::SpeculativeJIT::valueOfInt32Constant):
2999         (JSC::DFG::SpeculativeJIT::valueOfNumberConstant):
3000         (JSC::DFG::SpeculativeJIT::valueOfJSConstant):
3001         (JSC::DFG::SpeculativeJIT::valueOfBooleanConstant):
3002         (JSC::DFG::SpeculativeJIT::valueOfFunctionConstant):
3003         (JSC::DFG::SpeculativeJIT::speculationCheck):
3004         (JSC::DFG::SpeculativeJIT::SpeculativeJIT):
3005
3006 2012-02-17  Ahmad Sharif  <asharif.tools@gmail.com>
3007
3008         There is a warning in memset in glibc that gets triggered through a
3009         warndecl when the fill-value of memset is a non-zero constant and the
3010         size is zero. This warning is enabled when building with
3011         -D_FORTIFY_SOURCE=2. This patch fixes the warning.
3012
3013         https://bugs.webkit.org/show_bug.cgi?id=78513
3014
3015         Reviewed by Alexey Proskuryakov
3016
3017         * wtf/Vector.h:
3018
3019 2012-02-17  Kalev Lember  <kalevlember@gmail.com>
3020
3021         Remove unused parameters from WTF threading API
3022         https://bugs.webkit.org/show_bug.cgi?id=78389
3023
3024         Reviewed by Adam Roben.
3025
3026         waitForThreadCompletion() had an out param 'void **result' to get the
3027         'void *' returned by ThreadFunction. However, the implementation in
3028         ThreadingWin.cpp ignored the out param, not filling it in. This had
3029         led to a situation where none of the client code made use of the param
3030         and just ignored it.
3031
3032         To clean this up, the patch changes the signature of ThreadFunction to
3033         return void instead of void* and drops the the unused 'void **result'
3034         parameter from waitForThreadCompletion. Also, all client code is
3035         updated for the API change.
3036
3037         As mentioned in https://bugs.webkit.org/show_bug.cgi?id=78389 , even
3038         though the change only affects internal API, Safari is using it
3039         directly and we'll need to keep the old versions around for ABI
3040         compatibility. For this, the patch adds compatibility wrappers with
3041         the old ABI.
3042
3043         * JavaScriptCore.order:
3044         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3045         * bytecode/SamplingTool.cpp:
3046         (JSC::SamplingThread::threadStartFunc):
3047         (JSC::SamplingThread::stop):
3048         * bytecode/SamplingTool.h:
3049         (SamplingThread):
3050         * heap/Heap.cpp:
3051         (JSC::Heap::~Heap):
3052         (JSC::Heap::blockFreeingThreadStartFunc):
3053         * heap/Heap.h:
3054         * heap/MarkStack.cpp:
3055         (JSC::MarkStackThreadSharedData::markingThreadStartFunc):
3056         (JSC::MarkStackThreadSharedData::~MarkStackThreadSharedData):
3057         * heap/MarkStack.h:
3058         (MarkStackThreadSharedData):
3059         * wtf/ParallelJobsGeneric.cpp:
3060         (WTF::ParallelEnvironment::ThreadPrivate::workerThread):
3061         * wtf/ParallelJobsGeneric.h:
3062         (ThreadPrivate):
3063         * wtf/ThreadFunctionInvocation.h: Update the signature of
3064         ThreadFunction.
3065         (WTF):
3066         * wtf/Threading.cpp:
3067         (WTF::threadEntryPoint): Update for ThreadFunction signature change.
3068         (WTF):
3069         (WTF::ThreadFunctionWithReturnValueInvocation::ThreadFunctionWithReturnValueInvocation):
3070         ABI compatibility function for Safari.
3071         (ThreadFunctionWithReturnValueInvocation): Ditto.
3072         (WTF::compatEntryPoint): Ditto.
3073         (WTF::createThread): Ditto.
3074         (WTF::waitForThreadCompletion): Ditto.
3075         * wtf/Threading.h: Update the signature of ThreadFunction and
3076         waitForThreadCompletion.
3077         (WTF):
3078         * wtf/ThreadingPthreads.cpp: Implement the new API.
3079         (WTF::wtfThreadEntryPoint):
3080         (WTF):
3081         (WTF::createThreadInternal):
3082         (WTF::waitForThreadCompletion):
3083         * wtf/ThreadingWin.cpp: Implement the new API.
3084         (WTF::wtfThreadEntryPoint):
3085         (WTF::waitForThreadCompletion):
3086
3087 2012-02-16  Oliver Hunt  <oliver@apple.com>
3088
3089         Implement Error.stack
3090         https://bugs.webkit.org/show_bug.cgi?id=66994
3091
3092         Reviewed by Gavin Barraclough.
3093
3094         Implement support for stack traces on exception objects.  This is a rewrite
3095         of the core portion of the last stack walking logic, but the mechanical work
3096         of adding the information to an exception comes from the original work by
3097         Juan Carlos Montemayor Elosua.
3098
3099         * interpreter/Interpreter.cpp:
3100         (JSC::getCallerInfo):
3101         (JSC):
3102         (JSC::getSourceURLFromCallFrame):
3103         (JSC::getStackFrameCodeType):
3104         (JSC::Interpreter::getStackTrace):
3105         (JSC::Interpreter::throwException):
3106         (JSC::Interpreter::privateExecute):
3107         * interpreter/Interpreter.h:
3108         (JSC):
3109         (StackFrame):
3110         (JSC::StackFrame::toString):
3111         (Interpreter):
3112         * jsc.cpp:
3113         (GlobalObject::finishCreation):
3114         (functionJSCStack):
3115         * parser/Nodes.h:
3116         (JSC::FunctionBodyNode::setInferredName):
3117         * parser/Parser.h:
3118         (JSC::::parse):
3119         * runtime/CommonIdentifiers.h:
3120         * runtime/Error.cpp:
3121         (JSC::addErrorInfo):
3122         * runtime/Error.h:
3123         (JSC):
3124
3125 2012-02-17  Mark Hahnenberg  <mhahnenberg@apple.com>
3126
3127         Rename Bump* to Copy*
3128         https://bugs.webkit.org/show_bug.cgi?id=78573
3129
3130         Reviewed by Geoffrey Garen.
3131
3132         Renamed anything with "Bump" in the name to have "Copied" instead.
3133
3134         * CMakeLists.txt:
3135         * GNUmakefile.list.am:
3136         * JavaScriptCore.gypi:
3137         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.vcproj:
3138         * JavaScriptCore.xcodeproj/project.pbxproj:
3139         * Target.pri:
3140         * heap/BumpBlock.h: Removed.
3141         * heap/BumpSpace.cpp: Removed.
3142         * heap/BumpSpace.h: Removed.
3143         * heap/BumpSpaceInlineMethods.h: Removed.
3144         * heap/ConservativeRoots.cpp:
3145         (JSC::ConservativeRoots::ConservativeRoots):
3146         (JSC::ConservativeRoots::genericAddPointer):
3147         * heap/ConservativeRoots.h:
3148         (ConservativeRoots):
3149         * heap/CopiedBlock.h: Added.
3150         (JSC):
3151         (CopiedBlock):
3152         (JSC::CopiedBlock::CopiedBlock):
3153         * heap/CopiedSpace.cpp: Added.
3154         (JSC):
3155         (JSC::CopiedSpace::tryAllocateSlowCase):
3156         * heap/CopiedSpace.h: Added.
3157         (JSC):
3158         (CopiedSpace):
3159         (JSC::CopiedSpace::isInCopyPhase):
3160         (JSC::CopiedSpace::totalMemoryAllocated):
3161         (JSC::CopiedSpace::totalMemoryUtilized):
3162         * heap/CopiedSpaceInlineMethods.h: Added.
3163         (JSC):
3164         (JSC::CopiedSpace::CopiedSpace):
3165         (JSC::CopiedSpace::init):
3166         (JSC::CopiedSpace::contains):
3167         (JSC::CopiedSpace::pin):
3168         (JSC::CopiedSpace::startedCopying):
3169         (JSC::CopiedSpace::doneCopying):
3170         (JSC::CopiedSpace::doneFillingBlock):
3171         (JSC::CopiedSpace::recycleBlock):
3172         (JSC::CopiedSpace::getFreshBlock):
3173         (JSC::CopiedSpace::borrowBlock):
3174         (JSC::CopiedSpace::addNewBlock):
3175         (JSC::CopiedSpace::allocateNewBlock):
3176         (JSC::CopiedSpace::fitsInBlock):
3177         (JSC::CopiedSpace::fitsInCurrentBlock):
3178         (JSC::CopiedSpace::tryAllocate):
3179         (JSC::CopiedSpace::tryAllocateOversize):
3180         (JSC::CopiedSpace::allocateFromBlock):
3181         (JSC::CopiedSpace::tryReallocate):
3182         (JSC::CopiedSpace::tryReallocateOversize):
3183         (JSC::CopiedSpace::isOversize):
3184         (JSC::CopiedSpace::isPinned):
3185         (JSC::CopiedSpace::oversizeBlockFor):
3186         (JSC::CopiedSpace::blockFor):
3187         * heap/Heap.cpp:
3188         * heap/Heap.h:
3189         (JSC):
3190         (Heap):
3191         * heap/MarkStack.cpp:
3192         (JSC::MarkStackThreadSharedData::MarkStackThreadSharedData):
3193         (JSC::SlotVisitor::drainFromShared):
3194         (JSC::SlotVisitor::startCopying):
3195         (JSC::SlotVisitor::allocateNewSpace):
3196         (JSC::SlotVisitor::doneCopying):
3197         * heap/MarkStack.h:
3198         (MarkStackThreadSharedData):
3199         * heap/SlotVisitor.h:
3200         (SlotVisitor):
3201         * runtime/JSArray.cpp:
3202         * runtime/JSObject.cpp:
3203
3204 2012-02-16  Yuqiang Xian  <yuqiang.xian@intel.com>
3205
3206         Add JSC code profiling support on Linux x86
3207         https://bugs.webkit.org/show_bug.cgi?id=78871
3208
3209         Reviewed by Gavin Barraclough.
3210
3211         We don't unwind the stack for now as we cannot guarantee all the
3212         libraries are compiled without -fomit-frame-pointer.
3213
3214         * tools/CodeProfile.cpp:
3215         (JSC::CodeProfile::sample):
3216         * tools/CodeProfiling.cpp:
3217         (JSC):
3218         (JSC::profilingTimer):
3219         (JSC::CodeProfiling::begin):
3220         (JSC::CodeProfiling::end):
3221
3222 2012-02-16  Csaba Osztrogonác  <ossy@webkit.org>
3223
3224         Unreviewed. Rolling out r107980, because it broke 32 bit platforms.
3225
3226         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3227         * interpreter/Interpreter.cpp:
3228         (JSC::Interpreter::throwException):
3229         (JSC::Interpreter::privateExecute):
3230         * interpreter/Interpreter.h:
3231         (JSC):
3232         (Interpreter):
3233         * jsc.cpp:
3234         (GlobalObject::finishCreation):
3235         * parser/Nodes.h:
3236         (JSC::FunctionBodyNode::setInferredName):
3237         * parser/Parser.h:
3238         (JSC::::parse):
3239         * runtime/CommonIdentifiers.h:
3240         * runtime/Error.cpp:
3241         (JSC::addErrorInfo):
3242         * runtime/Error.h:
3243         (JSC):
3244
3245 2012-02-16  Filip Pizlo  <fpizlo@apple.com>
3246
3247         ENABLE_INTERPRETER should be ENABLE_CLASSIC_INTERPRETER
3248         https://bugs.webkit.org/show_bug.cgi?id=78791
3249
3250         Rubber stamped by Oliver Hunt.
3251         
3252         Just a renaming, nothing more. Also renamed COMPUTED_GOTO_INTERPRETER to
3253         COMPUTED_GOTO_CLASSIC_INTERPRETER.
3254
3255         * bytecode/CodeBlock.cpp:
3256         (JSC::CodeBlock::dump):
3257         (JSC::CodeBlock::stronglyVisitStrongReferences):
3258         (JSC):
3259         (JSC::CodeBlock::shrinkToFit):
3260         * bytecode/CodeBlock.h:
3261         (CodeBlock):
3262         * bytecode/Instruction.h:
3263         (JSC::Instruction::Instruction):
3264         * bytecode/Opcode.h:
3265         (JSC::padOpcodeName):
3266         * bytecompiler/BytecodeGenerator.cpp:
3267         (JSC::BytecodeGenerator::emitResolve):
3268         (JSC::BytecodeGenerator::emitResolveWithBase):
3269         (JSC::BytecodeGenerator::emitGetById):
3270         (JSC::BytecodeGenerator::emitPutById):
3271         (JSC::BytecodeGenerator::emitDirectPutById):
3272         * interpreter/AbstractPC.cpp:
3273         (JSC::AbstractPC::AbstractPC):
3274         * interpreter/AbstractPC.h:
3275         (AbstractPC):
3276         * interpreter/CallFrame.h:
3277         (ExecState):
3278         * interpreter/Interpreter.cpp:
3279         (JSC):
3280         (JSC::Interpreter::initialize):
3281         (JSC::Interpreter::isOpcode):
3282         (JSC::Interpreter::unwindCallFrame):
3283         (JSC::Interpreter::execute):
3284         (JSC::Interpreter::privateExecute):
3285         (JSC::Interpreter::retrieveLastCaller):
3286         * interpreter/Interpreter.h:
3287         (JSC::Interpreter::getOpcode):
3288         (JSC::Interpreter::getOpcodeID):
3289         (Interpreter):
3290         * jit/ExecutableAllocatorFixedVMPool.cpp:
3291         (JSC::FixedVMPoolExecutableAllocator::FixedVMPoolExecutableAllocator):
3292         * runtime/Executable.cpp:
3293         (JSC::EvalExecutable::compileInternal):
3294         (JSC::ProgramExecutable::compileInternal):
3295         (JSC::FunctionExecutable::compileForCallInternal):
3296         (JSC::FunctionExecutable::compileForConstructInternal):
3297         * runtime/Executable.h:
3298         (NativeExecutable):
3299         * runtime/JSGlobalData.cpp:
3300         (JSC::JSGlobalData::JSGlobalData):
3301         (JSC::JSGlobalData::getHostFunction):
3302         * runtime/JSGlobalData.h:
3303         (JSGlobalData):
3304         * wtf/OSAllocatorPosix.cpp:
3305         (WTF::OSAllocator::reserveAndCommit):
3306         * wtf/Platform.h:
3307
3308 2012-02-15  Geoffrey Garen  <ggaren@apple.com>
3309
3310         Made Weak<T> single-owner, adding PassWeak<T>
3311         https://bugs.webkit.org/show_bug.cgi?id=78740
3312
3313         Reviewed by Sam Weinig.
3314
3315         This works basically the same way as OwnPtr<T> and PassOwnPtr<T>.
3316
3317         This clarifies the semantics of finalizers: It's ambiguous and probably
3318         a bug to copy a finalizer (i.e., it's a bug to run a C++ destructor
3319         twice), so I've made Weak<T> non-copyable. Anywhere we used to copy a 
3320         Weak<T>, we now use PassWeak<T>.
3321
3322         This also makes Weak<T> HashMaps more efficient.
3323
3324         * API/JSClassRef.cpp:
3325         (OpaqueJSClass::prototype): Use PassWeak<T> instead of set(), since 
3326         set() is gone now.
3327
3328         * JavaScriptCore.xcodeproj/project.pbxproj: Export!
3329
3330         * heap/PassWeak.h: Added.
3331         (JSC):
3332         (PassWeak):
3333         (JSC::PassWeak::PassWeak):
3334         (JSC::PassWeak::~PassWeak):
3335         (JSC::PassWeak::get):
3336         (JSC::::leakHandle):
3337         (JSC::adoptWeak):
3338         (JSC::operator==):
3339         (JSC::operator!=): This is the Weak<T> version of PassOwnPtr<T>.
3340
3341         * heap/Weak.h:
3342         (Weak):
3343         (JSC::Weak::Weak):
3344         (JSC::Weak::release):
3345         (JSC::Weak::hashTableDeletedValue):
3346         (JSC::=):
3347         (JSC): Changed to be non-copyable, removing a lot of copying-related
3348         APIs. Added hash traits so hash maps still work.
3349
3350         * jit/JITStubs.cpp:
3351         (JSC::JITThunks::hostFunctionStub):
3352         * runtime/RegExpCache.cpp:
3353         (JSC::RegExpCache::lookupOrCreate): Use PassWeak<T>, as required by
3354         our new hash map API.
3355
3356 2012-02-16  Mark Hahnenberg  <mhahnenberg@apple.com>
3357
3358         Fix the broken viewport tests
3359         https://bugs.webkit.org/show_bug.cgi?id=78774
3360
3361         Reviewed by Kenneth Rohde Christiansen.
3362
3363         * JavaScriptCore.vcproj/JavaScriptCore/JavaScriptCore.def:
3364         * wtf/text/WTFString.cpp:
3365         (WTF):
3366         (WTF::toDoubleType): Template-ized to allow other functions to specify whether they
3367         want to allow trailing junk or not when calling strtod.
3368         (WTF::charactersToDouble):
3369         (WTF::charactersToFloat):
3370         (WTF::charactersToFloatIgnoringJunk): Created new version of charactersToFloat that allows 
3371         trailing junk.
3372         * wtf/text/WTFString.h:
3373         (WTF):
3374
3375 2012-02-16  Oliver Hunt  <oliver@apple.com>
3376
3377         Implement Error.stack
3378         https://bugs.webkit.org/show_bug.cgi?id=66994
3379
3380         Reviewed by Gavin Barraclough.
3381
3382         Implement support for stack traces on exception objects.  This is a rewrite
3383         of the core portion of the last stack walking logic, but the mechanical work
3384         of adding the information to an exception comes from the original work by
3385         Juan Carlos Montemayor Elosua.
3386
3387         * interpreter/Interpreter.cpp:
3388         (JSC::getCallerInfo):
3389         (JSC):
3390         (JSC::getSourceURLFromCallFrame):
3391         (JSC::getStackFrameCodeType):
3392         (JSC::Interpreter::getStackTrace):
3393         (JSC::Interpreter::throwException):
3394         (JSC::Interpreter::privateExecute):
3395         * interpreter/Interpreter.h:
3396         (JSC):
3397         (StackFrame):
3398         (JSC::StackFrame::toString):
3399         (Interpreter):
3400         * jsc.cpp:
3401         (GlobalObject::finishCreation):
3402         (functionJSCStack):
3403         * parser/Nodes.h:
3404         (JSC::FunctionBodyNode::setInferredName):
3405         * parser/Parser.h:
3406         (JSC::::parse):
3407         * runtime/CommonIdentifiers.h:
3408         * runtime/Error.cpp:
3409         (JSC::addErrorInfo):
3410         * runtime/Error.h:
3411         (JSC):
3412
3413 2012-02-15  Gavin Barraclough  <barraclough@apple.com>
3414
3415         Numerous trivial bugs in Object.defineProperty
3416         https://bugs.webkit.org/show_bug.cgi?id=78777
3417
3418         Reviewed by Sam Weinig.
3419
3420         There are a handful of really trivial bugs, related to Object.defineProperty:
3421             * Redefining an accessor with different attributes changes the attributes, but not the get/set functions!
3422             * Calling an undefined setter should only throw in strict mode.
3423             * When redefining an accessor to a data decriptor, if writable is not specified we should default to false.
3424             * Any attempt to redefine a non-configurable property of an array as configurable should be rejected.
3425             * Object.defineProperties should call toObject on 'Properties' argument, rather than throwing if it is not an object.
3426             * If preventExtensions has been called on an array, subsequent assignment beyond array bounds should fail.
3427             * 'isFrozen' shouldn't be checking the ReadOnly bit for accessor descriptors (we presently always keep this bit as 'false').
3428             * Should be able to redefine an non-writable, non-configurable property, with the same value and attributes.
3429             * Should be able to define an non-configurable accessor.
3430         These are mostly all one-line changes, e.g. inverted boolean checks, masking against wrong attribute.
3431
3432         * runtime/JSArray.cpp:
3433         (JSC::SparseArrayValueMap::put):
3434             - Added ASSERT.
3435             - Calling an undefined setter should only throw in strict mode.
3436         (JSC::JSArray::putDescriptor):